Home Posts tagged three

Tag: three

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , ,

Remote and hybrid work is here to stay. In an increasingly complex security environment, no challenge looms larger than how to protect remote devices that tie back into the corporate network.

In fact, modernizing networking technologies ranks among the top IT goals for 2022 according to an IDG survey conducted on behalf of Insight Enterprises. 

With more users working remotely, tools and processes designed for corporate networks are less effective for endpoint protection, leaving IT teams scrambling to keep their users protected. By some estimates, cybercrime could cost companies an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015.

When polled, CIO Experts Network of IT professionals and industry analysts stressed the need for employee buy-in, as well as a commitment to device management and endpoint security.

Most importantly, however, is building a strong security culture that encourages best practices across the organizations. The IDG survey found that 36% of respondents say that mitigating risk with stronger cybersecurity programs is a top objective for 2022. 

According to several influencers, that requires acceptance and buy-in from leadership:

“Corporations should look at homes as an extension of their organization’s boundaries. Which means that the same/similar tools, technologies, processes, and safeguards should be taken into consideration for people working from home.”

— Arsalan.A.Khan (@ArsalanAKhan), a tech advisor

“All devices, regardless of home use or business use, should incorporate cyber security and accessibility. It is critical to understand any potential security issues that might crop up on their home networks. Creating processes that incorporate these best practices will help you keep your employees’ technology and devices safe.”

— Debra Ruh (@debraruh), Ruh Global IMPACT and Executive Chair of Billion Strong

“When someone says, ‘do as I say, not as I do,’ it means they are a hypocrite. Security hypocrisy is when firms don’t enforce the same level of security controls for remote workers as they do on-premises. Firms serious about security must ensure that remote users follow the same robust security controls their onsite brethren do.”

— Ben Rothke (@benrothke), Senior Information Security Manager at Tapad

When leadership takes protecting remote devices connecting to the corporate network seriously, there are three simple steps to take to build a robust security framework for their network. 

“There are three device attack protection vectors to consider: the user, their applications, and the network,” says Adam Stein(@apstein2), Principal at APS Marketing. “For the user, keep up to date with ongoing security threats that could possibly impact their work at home. The user’s applications also need regular updating for ideal end-point protection.” 

Building Employee Trust and Buy-In

Security is only as strong as its weakest link. For Gene Delibero (@GeneDeLibero), CSO at GeekHive.com, ensuring strong security requires a strong security culture that educates and empowers workers.

“First, and perhaps most important, is creating a culture of accountability around security; it’s not just the company’s problem, it’s everyone’s problem,” says Delibero (@GeneDeLibero). “Organizations can’t expect remote employees to execute security measures effectively when they haven’t been trained on the company’s security policies.”

Steve Prentice (@cloudtweaksteve), a technology integration specialist, argues that truly dedicated organizations should build an entirely new architecture to make sure remote workers, and their devices, are up to the task. “This should become a new branch of internal IT security — specifically investigating, securing, and even penetrating the home offices of employees the same way as is done in an office. Employers should treat their employees’ home workspace and mobile technologies as branch offices — still a less expensive option than paying for building floor space, cubicles, etc.”

Isaac Sacolik (@nyike), President of StarCIO and author of “Digital Trailblazer,” adds that building a security culture should go hand in hand with building a positive work environment. “It all starts with the mindset and practices aimed at improving productivity and supporting work-life balance through flexible remote and hybrid work technology options. As employees gain trust with IT, they’re more open to learning and improving security, including locking down home networks, protecting data, and following IT’s recommendation on protecting devices.”

Securing Individual Devices 

After earning buy-in from employees, organizations still need to secure their devices. 

“Organizations should invest in a combination of asset management, endpoint detection, data loss prevention, cloud-based managed detection and response, and patch or vulnerability management,” says Kayne Mcgladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. “Of those, asset management is the starting point, as an organization should have visibility into the devices accessing corporate data and be able to select and apply appropriate controls to those devices. Those controls then may include endpoint protection or data loss protection, for example, if exfiltration of sensitive corporate data may result in compliance violations.” 

Employing this strategy empowers an organization’s IT team to protect the corporate network from a wide range of threats, according to Will Kelly (@willkelly), a writer and analyst. “My best advice for protecting at home devices starts with a solid and robust mobile device management (MDM) solution and supporting processes. An MDM automates operating system updates, security patches, virus scanning, application updates, and device security configuration, such as setting a lock screen.”

Jack Gold (@jckgld), President and Principal Analyst at J.Gold Associates, LLC., takes that one step farther. “It’s important to segregate work at home devices from other users in the family. You probably don’t want your kids playing games or web surfing on the PC you use for doing work. That could be enforced by giving workers a corporate furnished — and managed — PC exclusively for their use.”

Ensuring Endpoint Security

Kieran Gilmurray (@KieranGilmurray), CEO at Digital Automation and Robotics Limited, feels that securing the corporate network relies on implementing quality endpoint security practices. 

“Threat actors have taken advantage of the pandemic by targeting unsuspecting remote workers. Every ‘at home’ network connected device is a potential entry point for criminal activity,” says Gilmurray. “So now, employees are provided with a secure VPN between their home network and their corporate offices. The only way to protect remote devices is to apply best practice corporate ‘endpoint’ security practices to every device attached to a home network.”

To compensate, organizations can take a strategic approach that prioritizes high risk accounts and devices. Peter Nichol (@PeterBNichol), Chief Technology Officer at OROCA Innovations instructs to “Start with what the employer can control. Be sure to prioritize energy around high-risk endpoints. Specifically, privileged accounts or accounts with elevated access should be managed within privileged access management (PAM). Companies who act on endpoint security today will save themselves big headaches tomorrow.”

Robust endpoint security helps reinforce human weaknesses in the corporate network, says Frank Cutitta (@fcutitta), CEO & Founder HealthTech Decisions Lab. “The human vulnerability overpowers any technological protection one can install. We’re always just one errant click away from ransom or breach. While it sounds incredibly obvious, setting your computer to lock after a short period of time can also minimize external access along with changing passwords frequently. Face or fingerprint recognition software adds added security.”

While endpoint security is an important part of a robust security apparatus, it won’t protect an organization’s corporate network on its own. “Some advanced precautions might seem like overkill for a home office, but not if we view the home office as a mere extension of the corporate network,” says Scott Schober (@ScottBVS), President/CEO at Berkeley Varitronics Systems, Inc. “Endpoint visibility and detection at each home office allows IT to view the actual number of endpoints that need protection.” 

The ultimate answer may come via strong partnerships: The same IDG/Insight survey found that 87% of respondents will rely on third-party providers for support with challenges around infrastructure, operations, and culture. 

“‘Endpoint anything,’ including protection that is based with on-premises technology, is limited in what it can do and what it can reach in today’s world. On-premises requires a lot of extra configuration and cost to support devices that are mostly remote when compared to a cloud-based solution in which touching or accessing a device from any location is just native with minimal infrastructure,” says Joseph Flynn, Director of Modern Workplace at Insight. “Endpoint security is harder to drive XDR types of services in an on-premises solution, as AI is usually in play. This tends to drive much of the automation and protection to streamline and increase capabilities. Having those capabilities on-premises in most tools is not possible unless they connect to some cloud platform”

Insight Enterprises, Inc. is a Fortune 500 solutions integrator helping organizations accelerate their digital journey to modernize their business and maximize the value of technology. Insight’s technical expertise spans cloud- and edge-based transformation solutions, with global scale and optimization built on 34 years of deep partnerships with the world’s leading and emerging technology providers.

Chrome Enterprise Upgrade (CEU) from Insight provides a simple and secure way to manage your devices. Try for free today

Data and Information Security

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , , ,

Digitalization is a double-edged sword for banks, especially when it comes to security. A massive shift to cloud and API-based ways of working has made the sector become more agile and innovative, but it has also opened the floodgates for identity theft. As interactions and transactions become more interconnected, even the simplest processes like opening a new account or making a balance transfer become riddled with security concerns.

As financial services become more digital in nature, it’s important that banks think differently when using data analytics, security tools, and education to improve identity authentication and customer data privacy. Avaya’s research report reveals three critical ways to do so.

1. Make the Most of the Powerful Tool in Your Customers’ Hands

Almost every customer owns a smartphone, and they use that device to call into the contact center when they need to resolve an issue or complicated matter. Have you thought about what can be done with this device to enhance identity authentication? Older security methods like Knowledge-based Authentication (KBA) only prove what a person knows. By leveraging the sensors in a customer’s connected device, banks can go one step further to prove who someone is — and that makes all the difference.

These sensors, which include location services, cameras, and QR code scanning, make a customer’s smart device a valuable source of a vast amount of information and inputs that help banks create a trusted identity template for customers. Once this identity template is established, all transactions are tied directly to a customer’s verified identity. This allows simple but risky transactions like requesting a new debit card, ordering checks, or updating an address to be done simply, quickly, and with far lower risk to the bank and its customers.

2. Shield Sensitive Data from Agents Using Zero Knowledge Proof

When a customer calls into the contact center, all of that person’s information is made visible to the agent who needs to verify them: their address, their driver’s license number, their social security number, etc. What’s stopping an agent from using their cellphone to take a picture of a customer’s personally identifiable information? It’s a scary thought, especially with so many customer service jobs now offsite out of supervisors’ views. Customer service workers don’t need so much visibility into this data.

Zero Knowledge Proof is an advanced cryptographic technique that makes it possible for organizations to verify sensitive or personally identifiable information without revealing that data to workers. The agent doesn’t need to see the data to verify its accuracy or authenticity and will therefore have no knowledge of it — hence, “zero knowledge proof.” All employees will see are the results that matter to them (whether a payment went through, whether a document was signed, that a customer’s SSN checks out) with a green checkmark verifying its approval from whichever third-party company verified it.

3. Outbound Notifications for Fraud Protection

In a sea of scam callers, most customers immediately send unknown numbers to voicemail. This is a major challenge for banks trying to reach customers to perform a number of legitimate tasks and build relationships. By securely sending notifications across the channel of a customer’s choice (SMS, in-app message if the company offers a mobile app), banks can reach customers faster and with high veracity authentication. In this way, customers will receive a notification via text or in-app message before an incoming call asking them to “tap” and log in. They will be instantly authenticated and, if desired, can schedule the call for a convenient time.

These notifications can also be used to simplify routine interactions like checking an account balance or bill pay. For example, a customer can click on the link in a text message their bank sends them reminding them that a payment is due for their credit card. Notifications can be sent for non-payment interactions as well, such as post contact surveys and new customer eForms.  All of this can be done with full PCI compliance. In fact, banks can take their contact center out of the scope of compliance altogether.

Learn more from Avaya’s research about what banks should consider to digitally evolve. View the full report, Five Recent Trends Shaping the Banking Industry.

IT Leadership

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , ,

Government organizations have the longest average buying cycle for technology when compared to other sectors, with procurement laws injecting complexity into the procurement process, according to a Gartner report.

The report, which is based on a survey of 1,120 executives with the inclusion of 79 public sector employees across the US, Canada, France, Germany, the UK, Australia and Singapore, showed that the average buying cycle for government entities is 22 months.

This is in contrast to at least 48% of all respondents saying that their buying cycle for technology averaged around six to seven months.

“Technology acquisition brings challenges to the public sector that do not commonly exist in other industries,” said Dean Lacheca, vice president and analyst at Gartner.   

“Each jurisdiction has its own procurement laws and policies, and within that, each agency or department can have its own interpretation of them. A failure to conform to the rules can have serious consequences, from unwanted publicity to personal risk of prosecution,” Lacheca added.

Some of the other reasons behind the delay include changes in scope, research and evaluation along with reaching an agreement around budgeting.

Many respondents also said that these delays occur before the beginning of the procurement process, with at least 74% of public sector respondents claiming that developing a business case for purchases takes a long time.

More than 76% said that scope changes requiring additional research and evaluation was also another major factor resulting in delays, Gartner said, adding that 75% of respondents listed reaching agreement around budgeting as a major concern for delays in the buying decision.

“While government buying cycles can be long, it is important to note that these time frames are not set,” said Lacheca.

“Initial planned timelines can be delayed as a result of a combination of both controllable and uncontrollable factors, especially when no external deadlines exist.”

Government procurement teams are large

A typical public sector buying team has 12 participants, with varying levels of participation in the process, Gartner said, adding that government C-level executives tend to be less involved in the technology buying process when compared to the private sector in order to avoid association with the process and creating the perception of political influence in the outcome.

This also makes government C-level executives less willing to defend the process if challenged by unsuccessful vendors or the media, the research firm said.

Further, the survey shows that public sector buying teams are more likely to be composed of lower-level operational staff, who act as subject matter experts providing recommendations to their C-suite.

At least 68% of public sector respondents claim that another reason for delay is their inability to obtain specific product or implementation requirements details from the provider, Gartner said.

The research firm adds that public sector organizations are significantly more likely to value references from existing clients than non-public sector buyers, partly because public sector organizations are rarely in direct competition and often share common challenges.

Government IT

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , ,

As the broader economy and business environment continues to recover and rebound, there is an opportunity for IT leaders to leverage increased budgets to strategically invest in and prepare for new approaches to enterprise technology.

As noted by Spiceworks, the majority of businesses are increasing IT spending, with a particular focus on modernisation. “The hybrid work era, which coincided with the standardisation of the cloud as the backbone for enterprise operations, has put in motion renewed demand for software and services to modernise organisations’ technology infrastructure,” the report notes.

In other words, leaders are taking the opportunity of increased spending in IT to prepare their environments for new ways of working, that better integrate cloud and on-premises computing. With hardware, this means a renewed focus on three areas: efficiency, performance, and security. To help businesses capitalise on that opportunity, Intel has designed its vPro platform to deliver meaningful gains to enterprises across all three priorities.

Performance

Hybrid work environments require higher levels of performance, as remote employees rely more on video collaboration, and the organisation looks to more intensive applications like AI, and edge deployments.

Because the vPro platform is powered by the 12th generation of Intel Core processors, it delivers the significantly improved performance needed to make these environments seamless. Intel’s stats show that the mobile processors deliver up to 27 per cent faster application performance, the desktop processes achieve 21 per cent faster application performance, and, for example, this translates to a 23 per cent faster application performance while using Microsoft Excel during a Zoom video conference call.

Efficiency and Sustainability

Last year, Deloitte research found that more than half of consumers now expect companies to take meaningful steps towards reducing carbon emissions and improving sustainability. With IT contributing a considerable amount to the power draw of the typical company, finding efficiencies through the IT refreshes becomes an effective way that the organisation to show proactive steps towards sustainability.

One of the key features in the vPro platform is the Intel Active Management Technology (Intel AMT) that allows organisation to remotely manage the energy consumption of devices by shutting inactive devices down, and reduce the need for remote callouts or deskside visits. Intel estimates that this saves around one million kilowatt hours of energy consumption for every 20,000 devices managed this way, and additionally, by eliminating the need for separate energy management software, saves organisations by $25 – $75 per device.

Security

Adapting a hybrid and flexible approach to work changes the security dynamic. No longer is the traditional “perimeter” defence going to be sufficient, as organisations house data in clouds off-site, and employees work remotely and outside of the boundaries of the organisation. Addressing this security challenge requires a renewed focus on endpoint security.

Intel provides new security features thought vPro which are designed to renew that endpoint security layer. Intel Threat Detection Technology (Intel TDT) provides ransomware detection at the hardware level, allowing for the immediate response before the infection can spread.

The vPro platform also has features to detect living-off-the-land and supply chain-style attacks with a “zero trust” approach, in which AI automatically detects anomalies when applications are behaving unusually.

The vPro Suite Explained

There are four key branches to the Intel vPro solution, designed to bring the functionality of the suite across all platforms, and for all verticals:

Intel vPro Enterprise for Windows has been designed for enterprises and managed service providers that are looking after large fleets of devices.Intel vPro Essentials is the solution that Intel uses to provide SMEs with the core security and device management capabilities available to enterprises. Intel vPro Enterprise for Chrome OS has been designed to bring the efficiency of Chromebooks to enterprise environments by boosting their performance, stability, and security features.Intel vPro, An Evo Design combines two of Intel’s flagship products to deliver the company’s vision around security, performance, and management to mobile business environments.

Combined, Intel is pushing the vPro solution to be the ideal opportunity for a refresh of the IT environment, delivering the performance required of the modern mobile, edge and hybrid-driven organisations, while also being mindful of the changing dynamics around efficiency and security.

For more information on vPro, click here.

Business Process Management, CPUs and Processors

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , ,

As the broader economy and business environment continues to recover and rebound, there is an opportunity for IT leaders to leverage increased budgets to strategically invest in and prepare for new approaches to enterprise technology.

As noted by Spiceworks, the majority of businesses are increasing IT spending, with a particular focus on modernisation. “The hybrid work era, which coincided with the standardisation of the cloud as the backbone for enterprise operations, has put in motion renewed demand for software and services to modernise organisations’ technology infrastructure,” the report notes.

In other words, leaders are taking the opportunity of increased spending in IT to prepare their environments for new ways of working, that better integrate cloud and on-premises computing. With hardware, this means a renewed focus on three areas: efficiency, performance, and security. To help businesses capitalise on that opportunity, Intel has designed its vPro platform to deliver meaningful gains to enterprises across all three priorities.

Performance

Hybrid work environments require higher levels of performance, as remote employees rely more on video collaboration, and the organisation looks to more intensive applications like AI, and edge deployments.

Because the vPro platform is powered by the 12th generation of Intel Core processors, it delivers the significantly improved performance needed to make these environments seamless. Intel’s stats show that the mobile processors deliver up to 27 per cent faster application performance, the desktop processes achieve 21 per cent faster application performance, and, for example, this translates to a 23 per cent faster application performance while using Microsoft Excel during a Zoom video conference call.

Efficiency and Sustainability

Last year, Deloitte research found that more than half of consumers now expect companies to take meaningful steps towards reducing carbon emissions and improving sustainability. With IT contributing a considerable amount to the power draw of the typical company, finding efficiencies through the IT refreshes becomes an effective way that the organisation to show proactive steps towards sustainability.

One of the key features in the vPro platform is the Intel Active Management Technology (Intel AMT) that allows organisation to remotely manage the energy consumption of devices by shutting inactive devices down, and reduce the need for remote callouts or deskside visits. Intel estimates that this saves around one million kilowatt hours of energy consumption for every 20,000 devices managed this way, and additionally, by eliminating the need for separate energy management software, saves organisations by $25 – $75 per device.

Security

Adapting a hybrid and flexible approach to work changes the security dynamic. No longer is the traditional “perimeter” defence going to be sufficient, as organisations house data in clouds off-site, and employees work remotely and outside of the boundaries of the organisation. Addressing this security challenge requires a renewed focus on endpoint security.

Intel provides new security features thought vPro which are designed to renew that endpoint security layer. Intel Threat Detection Technology (Intel TDT) provides ransomware detection at the hardware level, allowing for the immediate response before the infection can spread.

The vPro platform also has features to detect living-off-the-land and supply chain-style attacks with a “zero trust” approach, in which AI automatically detects anomalies when applications are behaving unusually.

The vPro Suite Explained

There are four key branches to the Intel vPro solution, designed to bring the functionality of the suite across all platforms, and for all verticals:

Intel vPro Enterprise for Windows has been designed for enterprises and managed service providers that are looking after large fleets of devices.Intel vPro Essentials is the solution that Intel uses to provide SMEs with the core security and device management capabilities available to enterprises. Intel vPro Enterprise for Chrome OS has been designed to bring the efficiency of Chromebooks to enterprise environments by boosting their performance, stability, and security features.Intel vPro, An Evo Design combines two of Intel’s flagship products to deliver the company’s vision around security, performance, and management to mobile business environments.

Combined, Intel is pushing the vPro solution to be the ideal opportunity for a refresh of the IT environment, delivering the performance required of the modern mobile, edge and hybrid-driven organisations, while also being mindful of the changing dynamics around efficiency and security.

For more information on vPro, click here.

Business Process Management, CPUs and Processors