One of the biggest obstacles to good cybersecurity is the failure to recognize its need. MSPs often run into this problem with clients that, whether they realize it or not, operate under the false impression that “it won’t happen to me.”
But cyber attacks are increasingly common, and all businesses are vulnerable. In a recent Ponemon Institute survey, 55 percent of respondents said they had experienced a cyber attack, and 50 percent of companies had suffered a data breach in the previous 12 months.
Defending against cyber attacks gets tougher by the day; many companies lack the budget or skills to properly build up their defenses. This being the reality, it would stand to reason that more and more organizations would welcome a managed security services (MSS) approach. Yet, two-thirds of organizations in a study by Raytheon said they would use MSS only after experiencing “a significant data loss.”
While the worst-case scenario approach is a good one to use in order to reflect on organizational needs and the impacts of a disaster, it often brings an improper sense of safety.
So, should you plan for a catastrophic event or a localized disruption? When we work with organizations on business continuity, the scenario that almost always comes up is the “smoking hole” – whether it is a complete loss of the data center or the destruction of the headquarters building. This worst-case scenario is useful for planning, but there are two questions that should be considered as we put plans and strategies together for business and technology resiliency. What is the potential impact of an event, and what is the likelihood of it happening? Will it cause a catastrophic loss (the worst-case scenario), or will it cause a localized failure that will still have a significant impact on the business? Too many organizations fall into using only worst-case scenarios, thinking that with the “smoking hole” plan in place, their business is now adequately prepared to respond to and recover from a disaster.
But, based on statistics and our experience over the past 17 years, an organization is most likely to experience a localized outage rather than a catastrophic event. In the last several months, what issues have been in the news? Security breaches, human error, and single points of failure have caused significant business impacts. There may be some of you who were impacted by the two recent airline outages. Those were not “smoking hole” scenarios. Data breaches, both large and small, have had an impact on many of us. I have received notice of security breaches from more than one company where I am (or have been) a customer. I now have credit monitoring in place from multiple identity theft vendors, all provided by the impacted companies.
Insider threats get a lot of press, and deservedly so. Different studies have shown just how dangerous the insider threat is. Almost every organization is vulnerable to employee error or maliciousness.
However, employees aren’t your only “insider” problem. Third-party vendors can wreak havoc on any company’s security – just ask Target about that – and IT leaders are concerned about the security risks that third parties pose, according to a new Enterprise Strategy Group survey commissioned by Seclore.
In the executive summary, ESG discussed the reasons why IT departments have these concerns. Two that jumped out at me included:
When Was the Last Time You Practiced Your Plan?
Plenty of companies have some sort of emergency plan in place and even a few of those practice the plan on a regular basis with their employees. Yet, nearly 60 percent of American adults say they have never practiced what to do in a disaster at work, school, or home in the past year.
Even those companies who do have a plan in place often find their plan was completely insufficient in the event of an actual emergency. What is the problem? We all know it’s important but we mostly believe it won’t happen to us and if it did, we’d know what to do. That simply is not the case. As we’ve all been warned, “it’s not a matter of if; it’s a matter of when.”
Critical events come in all forms: fire, natural disasters, power outages, IT outages, hazardous chemical spills, terrorism, work and school shootings, hostage situations, bomb threats, and structural failures. Did I leave anything out? Likely so. I list these not to scare, but to illustrate how many things could go wrong and why it’s so critical to have an emergency notification system in place, practiced, and understood.
Inadequate infrastructure and weak logistic chains substantially increase the risk that an extreme natural event will become a disaster. This is a core finding of the World Risk Report 2016, produced by the Institute for Environment and Human Security at the United Nations University and the Bündnis Entwicklung Hilft – Gemeinsam für Menschen in Not, in cooperation with the University of Stuttgart.
Nature cannot be controlled and humans can only influence to a limited degree whether, and with what intensity, natural events are to occur. But they can take precautions to help prevent a natural event from becoming a disaster. It is this vulnerability of a society that forms the basis for the World Risk Index, which calculates the disaster risk by multiplying vulnerability with exposure to natural hazards (cyclones, droughts, earthquakes, foods, and sea-level rise). This risk is especially high wherever natural events hit vulnerable societies. While a low level of vulnerability is not a guaranteed protection against disasters, it can reduce the risk.
“Societal factors, such as nutrition, medical services and governance, decide to a large extent whether a natural hazard becomes a disaster,” said Dr. Torsten Welle, Senior Scientist at IREUS. “But through targeted interventions the impacts of disasters can be reduced and important lessons can be learned from recognized weaknesses.”
The index assesses the risk of disaster in 171 countries and the island state of Vanuatu once again displays the greatest risk. The United Kingdom comes in at 131st place, while the United States is 127th, Canada is 145th and Australia is 121st.
The top ten countries with the highest risk according to the report are:
- Solomon Islands
- Brunei Darussalam
- Costa Rica
- Papua New Guinea
The top ten countries with the lowest risk according to the report are:
- Saudi Arabia
- United Arab Emirates
The risk of disasters remains high in 2016. From 1980 onwards, a significant increase was recorded in the number of reported disaster events worldwide. Estimated damage levels continue to reach new peaks. And while this trend has been on a downward trajectory since 2012, this could change at any time. The 2015 statistics are a stark reminder that there is still an urgent need for action despite this decline: The United Nations recorded 346 reported disasters, more than 22,000 deaths, almost 100 million affected persons and economic damage totalling approximately US $66.5 billion.
Do you know what those three action verbs are referring to? No, that’s not a playground game.
Those three verbs are what may save your life when an Active Shooter is in your vicinity. They are what the FBI and DHS recommend as to how to respond in that type of situation. If you didn’t immediately know what they were, then someone in your organization has not trained your fellow employees for this type of incident.
But, wait. Whose responsibility is it to train your organization’s employees? Most companies recognize Active Shooter as one of their top threats but they have not prepared for this scenario. So as Business Continuity professionals, should you take a wait and see attitude – wait for Human Resources to add a mandatory brief video to their training programs and hope that this will be enough? Obviously not.
As a Business Continuity professional, you have plans in place to deal with managing risks. But did you consider an Active Shooter?
Partnership will extend LANDESK’s IT asset management to manage and optimise complex server- and data centre-based enterprise products
LONDON – LANDESK, a global leader in user-cantered IT solutions, today announced that it has entered into an OEM agreement with Concorde, a recognised leader in software license optimisation. This will complement LANDESK’s IT asset management (ITAM) suite. The agreement extends LANDESK’s endpoint software asset management to encompass complicated server license models that run in the data centre. The combined solution will empower asset managers to more effectively manage their entire asset estate.
“Concorde’s license optimisation technology will extend the capabilities of the LANDESK ITAM suite by providing additional entitlement management and decision modeling to help our customers better determine their effective license position,” said Steve Workman, vice president of corporate strategy at LANDESK. “This partnership joins Concorde’s software licensing expertise to LANDESK’s proven discovery and endpoint asset management capabilities, a collaboration that will deliver industry-leading IT and software asset management.”
The addition of Concorde technology to LANDESK’s ITAM suite will help customers better understand complex, server-based enterprise products like those offered by Oracle, Microsoft, VMware and IBM. These kinds of products can be difficult to track due to the transitory nature of virtual machines, the complexity of vendors’ license agreements and the frequency of changes to license terms and conditions. In combination with LANDESK ITAM suite, Concorde’s technology will provide transformational insights into server-side applications, which helps organisations optimise spend across client and data centre applications, minimise the impact of audits and make budget cycles more predictable.
“Concorde’s proven SaaS platform complements LANDESK’s comprehensive approach to IT asset management,” said Phil Merson, CEO of Concorde. “Our OEM agreement with LANDESK provides a new opportunity to bring a world-class approach to SAM, expanding the LANDESK product suite. We recognise that enterprise organisations are looking for solutions, not just point tools. Our agreement extends both offerings to give customers better visibility and control to manage their software investments.”
For more information, please visit www.landesk.com.
LANDESK is the global authority on user-centred IT. By integrating and automating IT tasks, LANDESK helps organisations balance rapidly-evolving user requirements with the need to secure critical assets and data. LANDESK is headquartered in Salt Lake City, UT, and has offices all over the world. To learn more, visit www.landesk.com.
Copyright © 2016, LANDESK. All rights reserved.
Continuum Marks 5-Year Milestone in Delivering Leading IT Management Services to MSPs and Their SMB Clients BOSTON – Continuum®, the only channel-exclusive IT management platform company, reached a milestone today, celebrating the five-year anniversary of the company. Continuum started in 2011 when Summit Partners, a global growth equity firm, acquired industry leading remote monitoring and management (RMM) and network operations center (NOC) technologies. Continuum has grown to a company that monitors more than 1 million endpoints for its 5,800 partners, including MSPs servicing more than 60,000 SMB customers and web hosting providers protecting more than 250,000 servers worldwide with Continuum’s R1Soft® Server Backup Manager. “Small, entrepreneurially driven businesses are the growth engine of our economy, and their IT needs are getting more critical to the business and more complex, putting immense pressure on the MSPs that serve them,” said Michael George, CEO at Continuum. “Our integrated services delivery platform and model is enabling MSPs to succeed and grow in ways never imagined. Five years later, with the strength that comes from over 1,300 talented people in five major offices around the globe, Continuum has become the fastest growing IT Management Platform provider in the world. We are experiencing extraordinary growth in the size and impact of our channel and in the economic success of our partners.” Company milestones include: • 2011 – Launched company when Summit Partners acquired industry leading RMM and NOC technologies • 2012 – Established Continuum Veterans Foundation, a nonprofit organization providing financial support to charities that focus on helping veterans find jobs in IT, donating more than $200,000 to Hire Heroes USA • 2013 – Doubled size of Network Operations Center (NOC) capacity with move to new facility in Mumbai • 2014 – Acquired R1Soft, investing in leading cloud-based backup and continuous data protection technology • 2014 – Inaugural industry event: Navigate 2014 with 400 attendees in Boston • 2014 – Opened European headquarters office in the Thames Valley region of England • 2015 – Launched Continuity247™, a fully managed backup platform built with the company’s proven R1Soft backup technology, specifically for MSPs • 2016 – Expanded international offering with new data center in London, making its BDR platform available to managed IT services providers across Europe Additionally, Continuum’s industry-leading NOC is now supported by more than 700 technicians and Help Desk operation comprises more than 200 technicians. Continuum University, the company’s self-paced, interactive online learning center, has issued more than 1,500 specialty certifications in various disciplines, and there are more than 1,400 Continuum Certified IT Experts to-date. This week, Continuum is hosting its third annual user conference, Navigate 2016, drawing nearly 700 attendees with nearly 40 sponsors and exhibitors and more than 70 speakers across 36 breakout sessions. The company is commemorating the occasion with celebrations in each of its five offices spanning three continents – corporate headquarters in Boston, European headquarters in London, and offices in Cranberry Township, Pennsylvania; Houston, Texas and Mumbai, India. About Continuum Continuum is the only channel-exclusive IT management platform company that allows its Managed Services Provider (MSP) partners to maintain both on premise and cloud-based servers, desktops, mobile devices and other endpoints for their small-and-medium-sized business clients. Continuum’s SaaS platform enables MSPs to efficiently backup, monitor, troubleshoot and maintain clients’ IT infrastructure from a single pane of glass, all backed by an industry–leading Network Operations Center (NOC) and Help Desk. The company employs more than 1,300 professionals worldwide, monitors more than 1 million endpoints for its 5,800 partners including MSPs servicing more than 60,000 SMB customers and web hosting providers protecting more than 250,000 servers worldwide with Continuum’s R1Soft product line. The company established the Continuum Veterans Foundation, a nonprofit organization providing financial support to charities focused on helping veterans find jobs in IT. For more information, visit https://www.continuum.net/ or https://www.r1soft.com/ and follow on LinkedIn and Twitter @FollowContinuum.
Enhancements Include Automated Provisioning, Life-Cycle Management and On-the-Fly Containerisation
LONDON, UK – HyperGrid, the pioneer in creating and delivering the world’s first and only container based, application aware HyperConverged Infrastructure-as-a-Service (HCIaaS) solution today announced that HyperForm, their platform that provides next-generation IT services built on Docker containers, can now support the automated deployment and life-cycle management of applications running on Microsoft Windows Server Containers.
With support for Microsoft Windows Server Containers, the HyperForm platform now provides the following features:
- Automated provisioning of Windows Server 2016 virtual machines (with pre- installed Docker & HyperForm Agent) on any cloud (including Microsoft Hyper-V and Microsoft Azure). Once the machines are provisioned, users can get access to a wide range of day-2 operations including:
- Stopping or restarting the VM
- Accessing an in-browser terminal through a secure message queue for command line access,
- Performing historical monitoring analysis based on metrics like CPU, Memory, and Disk Utilisation,
- Executing custom plug-ins using PowerShell scripts to make configuration updates or apply patches, and
- Receiving alerts whenever the performance exceeds a pre-defined threshold or is stopped.
- Automated building of Windows Container images for running Windows applications
- On-the-fly Containerisation that allow users to deploy existing .NET applications on official base images like Microsoft/Windows Server Core and Microsoft/Nano Server while taking care of the complex application dependencies, service discovery, application storage automation and the post-provision updates
- Life-Cycle Management of applications running on Windows Containers with access to monitoring, alerts and notifications, continuous delivery using Jenkins, application backups, scale in/out, in-browser terminal to access the containers, log viewing, and container updates using custom plug-ins written in PowerShell.
“Containers have been the driving force behind efforts to accelerate software development and enable DevOps. With the General Availability of Windows Containers, .NET developers can finally reap the benefits of agility and application portability to speed up application development and deployment,” said Amjad Afanah, Vice President of Products, HyperGrid. “We’re excited to be delivering on-the-fly containerisation and deployment automation for applications on Windows Containers to turbo charge DevOps and accelerate the journey of .NET applications to containers.”
HyperGrid delivers IT at the flip of a switch: A revolutionary new concept HyperConverged Infrastructure, HCI-as-a-Service (“HCIaaS”) is the industry’s first and only container-based application aware offering that brings the simplicity and ease-of-use of HCI together with a pay-as-you-consume pricing model that scales elastically. HCIaaS delivers “one-click” automated application deployment and management seamlessly across any cloud or container infrastructure. Enterprises can now enjoy all the benefits of the public cloud at better rates without fear of vendor lock-in. HCIaaS solves the key challenges of DevOps for Enterprises – allowing for both traditional and cloud-native applications to be containerised, managed and deployed with a single tool, dramatically simplifying IT and bridging the needs of both developers and IT operators. HyperGrid solutions unleash innovation for the Digital Enterprise. HyperGrid is headquartered in Mountain View, CA. and its products and services are available through a global network of value-added resellers and partners.
© 2016 HyperGrid. All rights reserved.
Follow HyperGrid on Twitter: @HyperGrid_EMEA
Leader in SharePoint and Office 365 Management SolutionsReleases New SaaS Offering Enabling IT Managers to Regain Control of Growing Number of Unapproved Cloud Collaboration Platforms
- Migration and synchronization
- Data protection, back-up and content restoration
- Sensitive content security with context-aware identification, filtering and classification
- Permission control, auditing and reporting
- Suspicious user activity detection
- Data Loss Prevention
- Archiving and retention