We spend hours developing plans and strategies – preparing for possible emergency events that we hope will never happen. Many of our colleagues, and let’s be honest, even some of our management team, believe this planning is of little value. They feel that we only need the documentation to “check the box” for an audit. The implied desire is to get it done as quickly and with as little use of resources as possible. We may fall into the trap of being influenced by those feelings, generating what seems like good documentation that, when looking deeper and more objectively, is really just a lot of words that may not be usable.
For this week’s blog, the functional item we are considering is communication. We all know that during an emergency event communication will be critical, and we understand the basic groups and type of information we must communicate. Though the items below may seem obvious, many do not take the time to ensure that the appropriate planning is in place – it is assumed that everything will work when needed.
Big Data implementations are invariably built around Hadoop, Apache Spark and other open source solutions. And since these constructs must integrate into the broader enterprise data ecosystem at some point, is it possible that open source will come to rule the data center as a matter of course?
The idea might not be as outlandish as it sounds. As business models across multiple industries come to rely on the insights gleaned from predictive analytics and broadly federated data infrastructure, proprietary systems may emerge as more a help than a hindrance. And while open systems tend to require quite a bit of in-house knowledge for both provisioning and management functions, many of these tasks are likely to be automated in the coming decade, providing for more user- and enterprise-friendly environments.
CyrusOne has acquired a big parcel of land in Northern Virginia, the biggest and most coveted data center market in the US, the company announced Tuesday. The parcel gives the data center provider room to expand in a key region where it is currently at capacity.
The Northern Virginia data center market is continuing to snowball. It is a high-demand data center location because of the big cluster of data centers and network infrastructure that are already there.
Companies that have data centers there want to continue expanding there, and ones that don’t want to access the rich ecosystem that’s grown in Northern Virginia over the years.
It’s 2016, yet IT experts are still challenged with how to effectively and efficiently cool their data center. The cooling process accounts for 40 percent of all power consumed by data centers, so this question is a top priority for operators. Ensuring optimal cooling in a data center not only lowers operational expenditure, but it reduces the strain on equipment cooling mechanisms, extending the lifespan of the hardware; and freeing up power for IT equipment, increasing equipment uptime. The decision to invest in cooling infrastructure is easy, however, choosing the method with which you regulate temperature within the data center can be more challenging.
Cooling and efficiency strategies are constantly evolving, with companies like Microsoft going so far as to drop a self-contained data center into the ocean. However, you do not need to plunge your equipment into the sea or move to the Arctic to keep yours cool. Hot-aisle containment (HAC) and cold-aisle containment (CAC) are the primary methods used by leading businesses to reduce energy and optimize equipment performance within the data center. This proven and highly effective methodology of cooling has emerged as a new best practice within the industry.
Being aware of your company’s new and changing risks is critical for sound risk management. As the year progresses, we have identified growing risks facing companies, and their directors and officers, that are likely to impact policyholders. These risks include cybersecurity, Telephone Consumer Protection Act (TCPA) lawsuits, drones, wage and hour lawsuits and food recalls. The risks and issues to watch out for are expanded below:
Cyberattacks against businesses doubled in 2015 and are expected to continue to increase as attackers become even more sophisticated. Watch out for:
Phishing scams and social engineering fraud. In social engineering scams, hackers utilize phishing, purporting to be legitimate employees or third parties try to trick businesses into wiring funds or allow access to their systems. Although many businesses have crime insurance that covers “computer systems fraud,” ambiguous provisions or liability limits may restrict coverage. Some courts have held that fraud coverage applies only when intrusions are unauthorized, but not when an unwitting employee falls prey to an online scam.
Data breaches. Companies should also be conscious about their coverage for data breaches, which increasingly present significant exposures. Insurers often contest whether data breaches constitute “publication” of private information, and, if so, whether an insurer’s duty to defend applies. This is particularly important as the storage of consumer data is a lynchpin of many businesses’ operations and marketing.
Businesses need to ensure that their commercial insurance policies adequately cover their business risks and consider purchasing dedicated cyber policies.
CSR is something that companies today are taking more and more seriously. It is no longer just a way to get better press from journalists, it is a fully fledged strategy to effectively run a company, creating a sustainable and pleasant environment for both employees and customers.
Traditionally we have seen that this has revolved around charity work, sustainable business practices, environmental efforts, and supply chain management. However, in recent years, it has become a question of transparency. Essentially, if we can't see what a company is doing, it cannot be trusted. Data has had a big impact on this, allowing people to see how a company is operating without bias.
However, it is not only in the use of data to show good CSR, but increasingly their use of data is part of good CSR.
Includes BCI's 2013 Good Practice Guidelines
US-based health service provider chooses Solgari’s communication software technology to help drive regional expansion
LONDON – Solgari, the provider of the world’s first complete business communications cloud software solution, has today announced the delivery of an integrated and compliant cloud telephony and web collaboration solution to Cascade Health Services across a number of US locations.
Over the last 12 months, US-based health service provider, Cascade Health Services, has been undergoing significant growth with the opening of a number of new healthcare services. As a result, it needed to readdress its communications technology. The company chose Solgari due to the fact that its communication software allows new service sites and users to go live immediately, while also covering HIPAA compliance requirements around the encryption of client data that may be stored in the cloud call archiving service. Solgari provides all services to Cascade Health Services through one integrated cloud software platform, reducing complexity and removing the need for maintenance on-site, resulting in significant cost savings.
“Cascade Health Services is expanding rapidly and the use of compliant and flexible cloud based technology is important in meeting our goals,” said Amanda de Castro, Director of Clinical Operations at Cascade. “With HIPAA regulations, all our providers must conform to the highest security and compliance standards. Solgari’s cloud software platform has a long and successful track record in delivering compliant solutions within the healthcare space, in addition to providing all the communication services we need over the internet.”
Solgari is the only global cloud business communications vendor that delivers business telephony, call and video conferencing, desktop sharing, contact centre, IVR, call archiving, call encryption, PCI DSS compliance and carrier requirements through an integrated software platform. Customers pick and choose the services they require, where and when they need them, saving time, resources and cost.
“Our cloud business communication software solution for the healthcare industry provides a great example of the power of our platform and we are delighted to deliver this capability to Cascade Health Services,” said Vance Harris, CTO at Solgari. “Our services are ideal for fast growing companies with heavy regulatory requirements, whilst providing them with a reliable, scalable and cost effective system.”
About Cascade Health Services
Cascade is a leading provider of supplemental and permanent medical, therapy and support staff in the US. Founded in 1988, Cascade is one of the largest and most established health services agencies in the Midwest.
Solgari has developed the technology, network and partnerships to deliver the world’s first complete enterprise cloud business communications software solution. No boxes, no licenses, no software upgrades, no capital expenditure, Solgari is unique. Solgari is a licensed telco, integrated with a scalable and modular cloud software platform, providing every service from Cloud Telephony, Call & Video Conferencing, Desktop Sharing up to the most intelligent Contact Centre, covering call encryption and meeting FCA, SEC, Central Bank and PCI DSS Compliance. Solgari’s customers can pick and choose the services required, where and when through a subscription based model. For more information, please visit the company website and learn more about Solgari’s solutions at www.solgari.com.
ARMONK, N.Y. - IBM Security (NYSE: IBM) today announced the results of a global study analyzing the financial impact of data breaches to a company’s bottom line. Sponsored by IBM and conducted by the Ponemon Institute, the study found that the average cost of a data breach for companies surveyed has grown to $4 million, representing a 29 percent increase since 2013.
Cybersecurity incidents continue to grow in both volume and sophistication, with 64 percent more security incidents reported in 2015 than in 2014.1 As these threats become more complex, the cost to companies continues to rise. In fact, the study2 found that companies lose $158 per compromised record. Breaches in highly regulated industries were even more costly, with healthcare reaching $355 per record – a full $100 more than in 2013.
Slow Response and Lack of Planning Cost Companies Millions
According to the study, leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach – saving companies nearly $400,000 on average (or $16 per record). In fact, response activities like incident forensics, communications, legal expenditures and regulatory mandates account for 59 percent of the cost of a data breach.2 Part of these high costs may be linked to the fact that 70 percent of U.S. security executives report they don’t have incident response plans in place.3
The process of responding to a breach is extremely complex and time consuming if not properly planned for. Amongst the required activities, a company must:
Work with IT or outside security experts to quickly identify the source of the breach and stop any more data leakage
Disclose the breach to the appropriate government/regulatory officials, meeting specific deadlines to avoid potential fines
Communicate the breach with customers, partners, and stakeholders
Set up any necessary hotline support and credit monitoring services for affected customers
Each one of these steps takes countless hours of commitment from staff members, taking time away from their normal responsibilities and wasting valuable human resources to the business.
Incident response teams can expedite and streamline the process of responding to a breach, as they’re experts on what companies need to do once they realize they’ve been compromised. These teams address all aspects of the security operations and response lifecycle, from helping resolve the incident, to satisfying key industry concerns and regulatory mandates. Additionally, incident response technologies can automate this process to further speed efficiency and response time.
The study also found the longer it takes to detect and contain a data breach, the more costly it becomes to resolve. While breaches that were identified in less than 100 days cost companies an average of $3.23 million, breaches that were found after the 100 day mark cost over $1 million more on average ($4.38 million).
The average time to identify a breach in the study was estimated at 201 days, and the average time to contain a breach was estimated at 70 days.
The study found that companies that had predefined Business Continuity Management (BCM) processes in place found and contained breaches more quickly, discovering breaches 52 days earlier and containing them 36 days faster than companies without BCM. 4
Analyzing the Cost of a Data Breach
The annual Cost of a Data Breach study examines both direct and indirect costs to companies in dealing with a single data breach incident. Through in depth interviews with nearly 400 companies across the globe, the study factors in costs associated with breach response activities, as well as reputational damage and the cost of lost business.
“Over the many years studying the data breach experience of more than 2,000 organizations in every industry, we see that data breaches are now a consistent 'cost of doing business' in the cybercrime era," said Dr. Larry Ponemon. "The evidence shows that this is a permanent cost organizations need to be prepared to deal with and incorporate in their data protection strategies.”
For more details on the study, the full report is available on the IBM X-Force Research Library. Country-specific reports are also available for the United States, United Kingdom, Germany, Australia, France, Brazil, Japan, Italy, India, the Arabian region (United Arab Emirates and Saudi Arabia), Canada and South Africa.
This year, IBM increased its investment in the Incident Response market with the acquisition of Resilient Systems. Resilient’s Incident Response Platform (IRP) empowers security teams to analyze, respond, and mitigate incidents faster and more efficiently. The newest version of the platform, announced today, includes Resilient Incident Visualization, which graphically displays the relationships between Indicators of Compromise (IOCs) and incidents in an organization’s environment.
“The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don’t have a plan in place to deal with this process efficiently,” said Ted Julian, Vice President, Resilient an IBM Company. “While the risk is inevitable, having a coordinated and automated incident response plan, as well as access to the right resources and skills, can make or break how much a company is impacted by a security event.”
IBM also recently launched IBM X-Force Incident Response Services, which include consulting and managed security services to help clients manage all aspects of responding to a cyber breach.
About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors 20 billion security events per day in more than 130 countries, and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.
About IBM Resiliency Services
IBM Resiliency Services offers an innovative portfolio of resiliency solutions and services, including Business Continuity Management, that assist virtually every aspect of business disruption Today, more than 6,000 IBM resiliency professionals build, deploy, and manage industry-leading cloud capabilities to help you maintain continuous business operations and improve overall resiliency for your organization. For more information, visit http://ibm.co/1cqLDOz and follow @IBMServices.
3 The Cyber Resilient Organization: Learning to Thrive Against Threats, Ponemon Institute, 2015
Intelligent HCI With Tiering Appliance Changes the Paradigm of Price/Performance
INDIANAPOLIS, Ind. – Scale Computing, the market leader in hyperconverged storage, server and virtualization solutions for midsized companies, today announced an SSD-enabled entry to its HC1000 line of hyperconverged infrastructure (HCI) solutions for less than $25,000, designed to meet the critical needs in the SMB market for simplicity, scalability and affordability.
The HC1150 combines virtualization with servers and high performance flash storage to provide a complete, highly available datacenter infrastructure solution at the lowest price possible. Offering the full line of features found in the HC2000 and HC4000 family clusters, the entry level HC1150 provides the most efficient use of system resources -- particularly RAM -- to manage storage and compute resources, allowing more resources for use in running additional virtual machines. The sub-$25,000 price point also includes a year of an industry-leading premium support at no additional cost.
"The SMB and midmarket communities are those that Scale Computing has long championed as worthy of enterprise-class features and functionality. The challenge is that those communities also require that the solution be affordable and be easy to use as well as manage," said George Crump, President and Founder of Storage Switzerland. "Scale Computing has raised the performance bar the its offerings with the addition of SSDs to its entry-level hyperconverged appliances but it did so without stripping out functionality. Scale Computing is ready to be a leader in this space by enhancing their product family while keeping costs within reach."
Scale Computing's HC3 platform brings storage, servers, virtualization, and high availability together in a single, comprehensive system. With no virtualization software to license and no external storage to buy, HC3 solutions lower out-of-pocket costs and radically simplify the infrastructure needed to keep applications optimized and running. The integration of flash-enabled automated storage tiering into Scale's converged HC3 system adds hybrid storage including SSD and spinning disk with HyperCore Enhanced Automated Tiering (HEAT). Scale's HEAT technology uses a combination of built-in intelligence, data access patterns, and workload priority to automatically optimize data across disparate storage tiers within the cluster.
The HC1150 was not the only new addition to the HC1000 family. The new HC1100 which replaces the previous HC1000 model, provides a big increase in compute and performance. Improvements include an increase in RAM per node from 32GB to 64GB; an increase in base CPU per node from 4 cores to 6 cores; and a change from SATA to 7200 RPM, higher capacity NL-SAS drives. With the introduction of the HC1100 comes the first use of Broadwell Intel CPUs into the HC1000 family. All of the improvements in the HC1100 over the HC1000 model come with no increase in cost over the HC1000. Additionally, the HC1150 scales with all other members of the HC3 family for the ultimate in flexibility and to accommodate future growth.
"While some vendors are beginning to look to the SMB marketplace as a way to supplement languishing enterprise sales, we have long been entrenched with the small businesses, school districts and municipalities to provide them with user-friendly technology and reasonable IT infrastructure costs to ensure that they can accomplish as much as larger organizations," said Jeff Ready, CEO and co-founder of Scale Computing. "We have helped more than 1,500 customers with fully featured hyperconverged solutions that are as easy as plugging in a piece of machinery and managing a single server. Our latest HC1150 further fulfills that promise by combining virtualization with high-performance flash to provide the most complete, highly available HCI solution at the industry-best price."
Scale Computing's HC1150, as with its entire line of hyperconverged solutions, is currently available through the company's channel with end user pricing starting at $24,500. For additional information or to purchase, interested parties can contact Scale Computing representatives at https://www.scalecomputing.com/scale-computing-pricing-and-quotes
About Scale Computing
Scale Computing is the industry leader in complete hyper-converged solutions with thousands of deployments spanning from the SMB to the distributed enterprise. Driven by patented technologies, HC3 systems install in minutes, can be expanded without downtime, self-heal from failures, and automatically optimize workloads to maximize price-performance.