NETWORKcomputing
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk
COMING OUT FROM
UNDER THE RADAR
How Supermicro has
perfected its 'one-stop'
total solutions approach
STILL WFH?
The cybersecurity impact
of COVID-19
BRANCHING OUT
The benefits of running
an SD-Branch platform
KEEPING COMPLIANT
Smart policies for remote
compliance and security
MAY/JUNE 2020 VOL 29 NO 02
SUPERMICRO
Better
Cloud Infrastructure
Up to 36% Better Performance with over 100 Systems Refreshed
with the New 2 nd Gen Intel® Xeon® Scalable Processors
Better. Faster. Greener.
Learn More at www.supermicro.com
© Supermicro and Supermicro logo are trademarks of Super Micro Computer, Inc. in the U.S. and/or other countries.
COMMENT
COMMENT
NETWORKING IN THE NEW NORMAL
REVIEWS:
Dave Mitchell
Ray Smyth
SUB EDITOR: Mark Lyward
(netcomputing@btc.co.uk)
PRODUCTION: Abby Penn
(abby.penn@btc.co.uk)
DESIGN: Ian Collis
(ian.collis@btc.co.uk
SALES:
David Bonner
(david.bonner@btc.co.uk)
Julie Cornish
(julie.cornish@btc.co.uk)
Network Computing has a somewhat different look this issue. With the entire
team still remote working to bring the issue together it seemed appropriate to
dedicate a significant part of it to all things WFH, with a particular emphasis
on the role of cybersecurity in our 'new normal'.
According to a new report from Bitdefender, 'The indelible Impact of COVID-19 on
Cybersecurity', "Half of infosec professionals (50%) revealed that their organisations
didn't have a contingency plan in place, or didn't know if they did, for a situation like
COVID-19 or a similar scenario. This lack of forward planning has come at great
risk, as 86% of infosec professionals admitted that attacks in the most common attack
vectors were on the rise during this period."
The survey sought the opinions of 6,700 infosec professionals of which 23% were
CISOs, CSOs and CIOs across the UK, US, Australia/New Zealand, Germany,
France, Italy, Spain, Denmark and Sweden, and found that 81% of the respondents
believe that COVID-19 will change the way their businesses operate in the long-term.
Commenting on the survey findings Liviu Arsene, Global Cybersecurity Researcher at
Bitdefender said "At least half of organisations admitted they were not prepared for a
scenario such as this, whereas the attackers are seizing the opportunity. But within the
current situation there is a great opportunity for positive change in cybersecurity."
SUBSCRIPTIONS: Christina Willis
(christina.willis@btc.co.uk)
PUBLISHER: John Jageurs
(john.jageurs@btc.co.uk)
Published by Barrow & Thompkins
Connexion Ltd (BTC)
35 Station Square,
Petts Wood, Kent, BR5 1LZ
Tel: +44 (0)1689 616 000
Fax: +44 (0)1689 82 66 22
SUBSCRIPTIONS:
UK £35/year, £60/two years,
£80/three years;
Europe:
£48/year, £85/two years £127/three years;
ROW:
£62/year, £115/two years, £168/three years;
Subscribers get SPECIAL OFFERS — see subscriptions
advertisement; Single copies of
Network Computing can be bought for £8;
(including postage & packing).
© 2020 Barrow & Thompkins
Connexion Ltd.
All rights reserved.
No part of the magazine may be
reproduced without prior consent, in
writing, from the publisher.
We will need to seize that opportunity with the same zeal as the cybercriminals if
we're to continue to work remotely and safely for the foreseeable future, and in the
following pages you'll find a wealth of guidance on how to ensure your business is
doing just that.
GET FUTURE COPIES FREE
BY REGISTERING ONLINE AT
WWW.NETWORKCOMPUTING.CO.UK/REGISTER
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 3
CONTENTS
CONTENTS
M A Y / J U N E 2 0 2 0
REMOTE WORKING...............10
Our remote working feature this issue looks
at the security and compliance challenges
of working from home both during and
beyond the COVID-19 pandemic
SUPERMICRO........................8
Network Computing speaks to Supermicro
CEO Charles Liang about how the
company has perfected its 'one-stop' total
solutions approach
COMMENT.....................................3
Networking in the new normal
INDUSTRY NEWS.............................6
The latest networking news
ARTICLES
SECURING THE REMOTE
WORKFORCE................................10
By Steve Law at Giacom and Sébastien
Gest at VadeSecure
BRANCHING OUT...........................12
By Jordan Baker at ZPE Systems
IS YOUR REMOTE WORKING MODEL
COMPLIANT?...................................14
By Mike Puglia at Kaseya
THE DATA CENTRE DILEMMA...........16
By Michael McNearney at Supermicro
REMOTE WORKING IN A TIME
OF CRISIS.......................................18
By Tom Caldwell at Statseeker
UNDER FIRE AT HOME..........24
Bad actors have been taking advantage of
the current crisis to create chaos, locking
out employees and paralysing business
operations, according to a new report from
Neustar's International Security Council
THE CYBERSECURITY IMPACT
OF COVID-19......................22
Addressing the need for cybersecurity
training and preparedness during the
ongoing lockdown is critical, as Deshini
Newman at (ISC) 2 explains
RANSOMWARE SOARS..........32
Working from home can make IT systems
far more susceptible to attack, without the
right security measures firmly in place
YOU'VE GOT MAIL..........................26
By Chris Blood at Swiss Post Solutions Limited
REMOTE WORKING: DO IT RIGHT...28
By Phil Underwood and Chris Cassell at
SecurEnvoy
A CYBERSECURITY EDUCATION.......31
By Aman Johal at Your Lawyers
MASTERCLASS
BUSINESS CONTINUITY AND CRISIS
MANAGEMENT DURING COVID-19...30
by Kev Brear, Director of Consulting;
Technology Risk Management, at Xcina
Consulting
PRODUCT REVIEWS
ZPE NODEGRID SERVICES
ROUTER........................................13
NETALLY ETHERSCOPE NXG................15
SOLARWINDS APPOPTICS...................20
4 NETWORKcomputing MAY/JUNE 2019 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
Pragmatic and experienced
risk management professionals
Xcina Consulting provides high quality business and technology risk assurance and
advisory services, which only comes from years of experience in our clients’ shoes.
We help to ensure an organisation’s key risks are appropriately managed; its processes
and controls are robust and fit for purpose; it remains compliant with legislation
and regulation and wherever feasible it leverages industry standards as part of
good practice.
Accredited by the Payment Card Industry’s Security Standards Council as a Qualified
Security Assessor (QSA) company and a British Standards Institution (BSI) platinum
member for the provision of services related to ISO27001 (Information Security) and
ISO22301 (Business Continuity).
All our consultants have 10+ years minimum experience and have held senior level
positions.
Our services can be customised to your needs.
• Business Continuity and Crisis Management
• Data Protection
• Financial Processes & Procedures
• Information Security / Cyber Security
• IT & OT Security
• Payment Card Industry
• Project & Change
• Risk Management
• Control Assurance (ISAE3402 / SSAE18)
• Due Diligence
• Governance
• Internal Audit
• Operational Processes & Procedures
• Process Management
• Regulatory Compliance (finance services)
• Third Party Management
020 3985 8467
www.xcinaconsulting.com
info@xcinaconsulting.com
INDUSTRYNEWS
NEWSNEWS
NEWS NEWS
NEWS NEWS NEWS NEWS
NEWS NEWS
Securing the new normal with Zyxel firewalls for SMBs
Zyxel Networks has announced the USG FLEX, a new series of
mid-range firewalls designed for SMBs to keep up with the
workplace mobility, connectivity and security requirements postpandemic.
The USG FLEX 100/200/500 firewalls feature
upgraded hardware and software power that level up SMB security
with up to 125 percent of firewall performance and up to an
additional 500 percent Unified Threat Management (UTM)
performance. In addition to providing robust, scalable network
security for SMBs, the new firewalls also provide VPN remote
access, WiFi access point management, and comprehensive
hotspot functions to fulfill business needs within one-box.
The USG FLEX series supports Zyxel's Cloud Query service, which
is based on a multi-source, continuously growing cloud database
that covers billions of malware samples from industry-leading thirdparty
sources and from threats identified by every other Zyxel
firewalls worldwide to increase the malware detection rate.
"As the spread of COVID-19 continues to impact companies
around the world, the need to protect the network while providing
secure access to the network from remote locations to continue
operations becomes even more critical," explained Nathan Yen,
AVP of Zyxel's Gateway Business Unit. "The USG FLEX series is
designed to provide the security, flexibility, and ease-of-use that
makes this an ideal solution for SMBs in this new business reality."
WatchGuard acquires Panda Security
WatchGuard Technologies has closed the acquisition of the
advanced endpoint protection provider, Panda Security.
Panda is now a wholly-owned subsidiary of WatchGuard, and
the combined company will enable its current and future
customers and partners to consolidate their fundamental
security services for protection from network to endpoint under
a single company.
WatchGuard resellers will gain immediate access to Panda Adaptive
Defense 360, which includes both endpoint protection platform and
endpoint detection and response capabilities, and Advanced
Reporting Tool products via the Panda Security Early Access Program,
launching on 1 June 2020.
"The completed acquisition of Panda Security, and the subsequent
integration of its portfolio into WatchGuard Cloud, represents a
significant milestone for the company and will result in both
immediate and long-term benefits for our customers and partners
that will address common challenges with security complexity, rapidly
changing network topologies, purchasing models, and more," said
Prakash Panjwani, CEO of WatchGuard Technologies.
Insight cloud-based management offer from NETGEAR
NETGEAR are offering the inclusion of a free 1-year Insight
subscription with the registration of selected Insight Managed
switches, Insight Wireless Access Points and routers. With a mix of
home and limited office working and social distancing still likely to
be a major factor affecting businesses nationwide for many months
to come, the importance of secure, effective remote network
management has never been greater.
"Insight simplifies network management at a time when the
power and importance of remote network visibility and control
cannot be overstated," said Shaheen Kazi, Director of Product Line
Management for Insight. "In addition to allowing network
managers to work effectively without needing to visit premises onsite,
we are confident that our customers will find the Insight
remote management solution to be a valuable asset to their
business in general." The 1-year free NETGEAR Insight offer
applies to selected devices added on or after April 27, 2020, for
both new and existing Insight accounts.
Thermographic fever-screening camera solution
D-Link has launched the DCS-9500T Group Temperature
Screening Camera to help businesses mitigate against the
spread of Coronavirus. The solution has been designed to
support a wide range of industries including busy entrances at
schools, hospitals, transportation hubs and office buildings. It is
a complete kit that includes thermographic camera with
intelligent temperature detection, blackbody calibrator and
management software and can screen up to 30 people at the
same time with a rapid response time of less than 30 ms and
accuracy within 0.3°C.
06 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
INDUSTRYNEWS
Securing against identity theft with ID PROTECTION
F-Secure has launched ID PROTECTION, a new solution that
provides a comprehensive approach to securing personal
information and accounts. The solution continuously monitors
and detects exposed personal information online, responds
quickly to threats to users' identity, and doubles as a password
manager to prevent account takeovers. It offers offers a powerful
combination of human intelligence and real-time monitoring that
helps track down breached data. Key features of F-Secure ID
PROTECTION include:
Identity management provides instant alerts and guidance on
how to respond when personal information has been found as
part of a breach or data leak
Comprehensive breach database consisting of billions of
recovered assets and plain text passwords
Combination of human intelligence and Dark Web monitoring
to recover breach data up to 6 months faster
Protection for the entire family with a single subscription
Password management that makes it easy to create unique,
strong passwords that are automatically synchronised and
auto-filled on all devices.
F-Secure ID PROTECTION is available both with monthly and
yearly subscriptions and is now included as part of the F-Secure
TOTAL premium cybersecurity package.
Highest performance DDoS protection from A10
A10 is launching its highest-performance DDoS protection
appliance, the A10 Thunder Threat Protection System (TPS)
7655, helping service providers and MSSPs mitigate the largest
DDoS attacks, providing up to 1.2Tbps blocking capacity and
380 Gbps scrubbing capacity. Combining Zero-day Automated
Protection (ZAP) powered b ymachine learning (ML) and advanced
software mitigations, Thunder TPS delivers unprecedented
protection in a compact 1.5U form factor, enabling customers to
efficiently scale-out their DDoS defenses as the threat landscape
expands. The Thunder 7655 TPS will be available in Q3 2020.
HornetSecurity set to create buzz in the UK
Hornetsecurity, the German email cloud security provider, is
expanding its presence in the UK through a strategic
partnership with cybersecurity distributor Brigantia. The new
partnership - which follows Hornetsecurity's acquisition of the
Poole-based email security provider Everycloud in January - will
give the company access to Brigantia's network of resellers
throughout the UK and Ireland and support its plans to become
the UK market leader within 12 months. Brigantia, which has
offices in London and Yorkshire, will now work with Hornetsecurity
to establish its channel distribution strategy in the UK, following its
success in other markets including Spain and Germany.
Hornetsecurity's product is unique in covering all the key areas of
email security, including spam and virus filters, legally compliant
archiving and encryption and including best in class technologies.
It offers advanced threat protection for users of Microsoft 365 as
well as other email systems. Daniel Blank, COO of Hornetsecurity,
said "We see great potential for our innovative cloud security
services in the UK and are really excited about our new partnership
with Brigantia, whose large reseller network will allow us to extend
our footprint and partner base."
Daniel Blank, Hornetsecurity
Nuvias Appointed European Distributor for ColorTokens
Cybersecurity solutions provider ColorTokens has appointed the
Nuvias Group as their EMEA high-value distributor.
ColorTokens delivers a comprehensive cybersecurity platform that
manages security posture from data centre to edge, including
public clouds. The platform delivers business agility and flexibility
by enabling rapid delivery of IT services such as remote access,
without compromising security and compliance, while maintaining
desired control and governance.
The ColorTokens platform is architected to the NIST-ZTA (Zero
Trust Architecture) specifications, securing workloads and
endpoints through proactive, policy-based enablement. The ZTA
approach is designed to help protect business data and assets by
preventing a whole range of data breaches – from phishing
attacks, ransomware and zero-day attacks. In addition to
protecting enterprise 'crown jewels' and offering end point client
protection, ColorTokens enables customers to quantify risk.
NEWS NEWSNEWS
NEWS
NEWS NEWS NEWS NEWS NEWS
NEWS
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 07
PROFILE:SUPERMICRO
SUPERMICRO: COMING OUT FROM UNDER THE RADAR
NETWORK COMPUTING SPEAKS TO SUPERMICRO CEO CHARLES LIANG ABOUT HOW THE COMPANY
HAS PERFECTED ITS 'ONE-STOP' TOTAL SOLUTIONS APPROACH
For a company that has been around
for over 25 years, Supermicro is
something of a best-kept secret outside
of the IT industry where it has been
quietly - and very successfully - expanding
its portfolio and its customer base
throughout that time. When Network
Computing spoke with CEO and founder
Charles Liang (via online video chat, of
course), his enthusiasm for the company
he has built was evident from our opening
conversation.
What, he asked us, did Supermicro
have in common with Tesla? The management
at Tesla did something unique,
and he explained: as most automobile
manufacturers shifted everything offshore,
Tesla stayed in Silicon Valley, where
they've continued to grow and thrive.
Liang went on: "The Supermicro story is
more similar than you might think: most
companies selling servers, storage, IoT
and even 5G hardware have moved to
offshore operations over the last 30
years or so - but we've been in Silicon
Valley for 27 years. The US today has
hardly any server, cloud, or 5G design
and manufacturing, and more importantly,
no one here is seeing any real growth
in those markets - except, that is, for
Supermicro."
Charles Liang, CEO, Supermicro
GLOBAL GROWTH
Around ten years ago, Supermicro saw
increasing manufacturing and engineering
costs but also saw expanding market
opportunities overseas, especially in Asia.
Supermicro decided then to extend its
operations to Taiwan, and it has aggressively
grown market share, and now has
a large and solid foundation in Taipei.
08 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
PROFILE:SUPERMICRO
Liang explains: "This expansion allowed
us to really scale our offerings. That's
how we are now able to provide the
industry with not only world-beating
design and solutions but also high-volume
products. We have extended and
increased our capacity to serve the
broader IT industry regionally, and we
want to share our message more widely,
not just in the US but increasingly across
Europe. Historically, our successful
growth has been on that foundation: the
technology and the products, and now
we feel we have solutions that are ready
to serve the industry globally."
BUILDING A ONE-STOP-SHOP
We asked Charles Liang if there had
been a particular go-to-market strategy
that has allowed Supermicro to thrive in
such a competitive - and often cost-driven
- market, and his answer was surprisingly
straightforward: "I have always
wanted Supermicro to offer a one-stopshop
opportunity for our customers. It
shouldn't matter if we're talking about
cloud, storage, IoT, or smart edge
devices - Supermicro can provide a total
solution suited to our customers' requirements
combining US-based engineering,
superior global manufacturing, and fast
time-to-market operations."
The Supermicro story today is certainly
not just about hardware - with management
software offerings and global onsite
service, the company in 2020 is a
true one-stop-shop for IT, telco, and AI
clients around the world. Liang summarised
it neatly: "Supermicro has a
uniquely broad product line, based on a
building-block solution approach. It
means we can offer a comprehensive
portfolio of optimised solutions to customers
such as cloud service providers,
for instance. Also, we work with all sorts
of major players globally, in scale, in
total solutions, including 5G telcos."
ENGINEERED TO BE GREEN
Charles Liang came from a background
as an engineer, and engineering judgment
has, therefore, always been a critical
focus - as well as a key long-term
advantage - for Supermicro. That engineering
vision has also coloured Liang's
passion for reducing e-waste and
improving the environmental credentials
of the industry. "We operate in a very
sophisticated and complicated market,
of course," he explains, "And again this
is part of why we have taken our time in
developing our market offerings not just
in terms of product quality but also
service, and the capacity for production
and support. As a business, we have
always focused on energy and resource
savings as part of our efforts to ensure
we are offering the most optimised
hardware possible for our customers.
Obviously, we are first and foremost an
engineering company, a design, and
manufacturing business - but we have
always aimed to provide the 'greenest'
solutions in the world in terms of energy
savings and resource savings. We are
absolutely dedicated to that vision."
Supermicro was one of the earliest
companies to focus on 'green computing',
long before it became a buzzword
a few years ago: high-efficiency power
supplies, high-efficiency designs able to
work at high temperatures, cooling systems
and far more. Many of their customers
are achieving a PUE (Power
Usage Effectiveness: the most popular
method of calculating energy efficiency
for data centres) rating of 1.1 or 1.05
in their data centres - the accepted
industry 'ideal' PUE is 1.0 - reflecting
how seriously the company takes the
need for environmental efficiencies in
the tech sector.
Emphasising the resource-saving
aspects of their offerings helps
Supermicro customers to reduce their IT
waste over the lifetime of their investments,
and Liang is keen to explain the
company's approach: "Our subsystems
are built from components that have
longevity designed in. It is not unusual
for many items to have a lifetime of ten
or even twelve years, whether that is the
chassis, the power supply, the cooling
fan, the cooling system, or the I/O subsystem.
Customers buying from us can
upgrade the parts they need: - CPU,
memory, storage - as frequently as they
want while keeping most of the critical
subsystems in place for up to twelve
years. This can save them a lot of
money over those twelve years in hardware,
depreciation, and upgrade costs."
MARKET-READY
We ended our conversation with a discussion
of the way that the Supermicro
brand has been something of a bestkept
secret in the past - even though the
company has been selling to most of the
major players in the global market for a
very long time.
We wondered if Charles Liang had
made a conscious decision to take a
more proactive stance in getting his
message out to the market: "It is true
that we intentionally chose to 'stay
under the radar' somewhat in the past
as we quietly grew the business over
time, and developed and perfected our
total solutions approach," he admitted.
"We didn't want to make a big splash
too early - but I am confident that
Supermicro is ready now to promote our
unique one-stop shopping approach to
the whole IT market. Every aspect of the
business is set up to succeed - hardware,
software, and service, and
Supermicro is supremely well-prepared
after 27 years to take the next steps and
broaden our appeal even further." NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 09
FEATUREREMOTE WORKING
SECURING THE REMOTE WORKFORCE
ORGANISATIONS OF ALL SIZES HAVE BEEN THROWN INTO THE
DEEP END DUE TO THE COVID-19 OUTBREAK, LEADING TO
SIGNIFICANTLY INCREASED SECURITY RISKS AND CONCERNS,
AS STEVE LAW, CTO, GIACOM AND SÉBASTIEN GEST,
VADESECURE, EXPLAIN
Workforces may not have access to the
necessary devices from their homes
such as work laptops, the correct
video conference solutions or collaboration
tools in place to perform their role. As a result,
employees who are working from home will
have to do so from their own devices. This
'Bring Your Own Device' (BYOD) phenomenon
creates a security concern as not all personal
electronic devices will have the correct level of
security installed on them – the software may
not be up to date, they may have an older
version of Windows installed or no antivirus
software available.
This creates an issue for both the consumer
and the professional, as the same credentials
are often used across multiple accounts at the
same time. Hackers' creativity is limitless and is
becoming more sophisticated over time. Vade
Secure has seen a shift in cyber criminals'
strategies, changing from attacking individuals
with ransomware to instead using these
individuals as a backdoor to gain access to
corporate networks, and there is no better
opportunity to do this than via individuals using
their personal devices from home. However, by
implementing the correct software and security
solutions across all employees' devices, these
risks can be mitigated.
EVOLVING THREATS
The number of cyber attacks has continued to
increase over time, withup to 88% of UK
companies being targets of breaches in the last
12 months. However, hackers are taking
advantage of the current coronavirus situation
by sending phishing emails purporting to be
PPE suppliers or medication. Recent statistics
have found that since January 2020, there
have been over 4,000 coronavirus-related
domains registered globally, with 3% found to
be malicious and 5% suspicious. These results
heighten the importance of ensuring your
workforce are securely remote working.
Over the last three months, as the coronavirus
outbreak has unfolded, Vade Secure has seen
a surge in spear-phishing and malware
activities. Examples of this which have been
found include capitalising on psychological
aspects of the victims, including Covid-19
charity campaigns, fake mask and sanitiser
suppliers, as well as stock and medications for
purchases which don’t exist.
With 91% of cyber attacks using emails as
their first vector, it's more important than ever to
ensure that your employees have a secure
email network in place. No organisation is
immune to the threat and companies which
don’t have the right security software in place
need to act now before it's too late. By adding
these security elements, companies can benefit
from detecting and blocking features and using
Artificial Intelligence to secure their networks
and become notified when a non-legitimate
email appears.
SECURING THE WEAKEST LINK
Often, the weakest link of an organisation is
the employee, as 88% of UK data breaches
are caused by human error. Employees are
not security experts and can fall foul to
phishing scams if they don’t have the right
level of education or awareness. When
working from home, your workforce is under
more pressure to work both faster and harder,
which can lead to mistakes being made. Staff
members don't have the time to check every
Steve Law
email before they open them, but this one click
can make all the difference.
Instead, by educating employees and making
them more vigilant, they will be able to spot
scams and cyber attacks before the damage is
done. Combined with the right security
software that uses techniques such as alert
'pop-ups' to prompt users to check emails
before clicking on links, for example, the
workforce will become more aware of the signs
to look out for. By enabling users to make an
informed decision about the nature and
legitimacy of their email before acting on it,
organisations can now mitigate against this
high-risk area.
CONCLUSION
In order for organisations to limit the number
of insider data and security breaches,
particularly when working remotely, it's crucial
for employees to understand the role they
play in keeping the company's information
secure. By preparing in advance and having a
secure contingency plan in place which
provides employees with the necessary
devices and security, companies will be in a
stronger position to defend their systems
against hackers. In addition to this,
supporting employees with training will allow
workforces to understand the evolving risks
they face, and how to keep their information
and systems secure. NC
10 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
One Platform for
Digital Business
• Process
• Content
• Governance
Modern Architecture
• Developer-friendly
• Open
• Cloud-ready
Faster Time to Value
• Deploy
• Adopt
• Build
Learn more at alfresco.com | Contact us at info@alfresco.com
Alfresco EMEA: +44 (0) 1628 876 500 | Alfresco Americas: +1 888 317 3395
Alfresco Asia Pacific: +61 2 8607 8539
OPINION
WHY IT'S CRITICAL TO USE A COMPREHENSIVE SD-BRANCH PLATFORM
IMAGINE ENTERPRISE NETWORKING WITHOUT CUMBERSOME STACKS, EXHAUSTING ON-SITE
SUPPORT, OR COSTLY BACKUP CONNECTIVITY. JORDAN BAKER, SR. TECHNOLOGY WRITER + IT NERD
AT ZPE SYSTEMS EXPLAINS ALL
Even during the most stable global conditions,
IT staff face a monumental
hurdle when deploying and maintaining
branch networks. However, having the
right SD-Branch platform can breathe new
life into what's possible at remote sites. This
is achievable when you choose an SD-
Branch solution that offers:
Fast, consistent deployments using
automation
Remote OOB for convenient, off-site
management
Reliable cellular failover for more
uptime
DEPLOYMENT
Deploying any branch location is a chore.
But when you introduce consolidated
devices and zero touch provisioning
(ZTP), the deployment process becomes
virtually effortless.
At the very least, all-in-one appliances
save you money on shipping expenses. You
no longer need to haul large inventories to
each location, and can instead send a single
box capable of performing the work of
three, four, five, or more devices. Choose
an SD-Branch platform that supports
Docker containers, network function virtualization,
and modular add-ons, and you've
got a compact solution for your whole
branch network.
Take even more work and expenses off
your hands with support for ZTP. Common
tools such as Ansible, Chef, and Python
allow you to script your entire deployment
for plug-n-play simplicity. It doesn't get
easier than connecting devices and watching
the network build itself, while ongoing
configuration management is done automatically
via the cloud.
REMOTE MANAGEMENT
After deploying a new location, maintenance
can bog down a lot of your
resources. You typically need on-site support
to troubleshoot issues, resolve outages,
or perform something as simple as
rebooting a router.
SD-Branch with remote out-of-band
(OOB) management eliminates the need
for all this, and instead gives you an indepth
virtual presence throughout your
network. The level of visibility and control
can be astounding, putting granular control
at your fingertips. The right platform
can give you complete command of routing,
switching, security, and even power
cycling - even if you're halfway across the
globe.
Faraway issues no longer require plane
tickets, lodging expenses, and time-consuming,
on-site support. SD-Branch lets
you manage your network from anywhere.
UPTIME
Branch locations can be subjected to disasters
and outside forces that cause downtime.
Nearby construction crews (even your own)
might accidentally send a backhoe bucket
through your main connection, or local
storms might easily knock out connectivity for
your entire zip code. But comprehensive SD-
Branch safeguards you with cellular failover.
When your main connection goes down,
your failover device (equipped with one or
more SIM cards) automatically switches to
your provider's 3G, 4G, or 5G wireless network.
With the right platform, you can
choose plans from any major carrier, cover
an entire location using a single failover
appliance, and even use your wireless connection
as a reliable OOB path. This kind of
seamless backup and remote branch management
means downtime isn't much of a
threat any longer.
When you consider enterprise networking,
remember that a comprehensive SD-Branch
solution addresses your biggest problem
areas. Be on the lookout for a platform that
helps you streamline and simplify your
branch management efforts. From consolidated
devices that let you deploy at the press
of a button, to remote OOB and cellular
failover that keep your business running, the
right SD-Branch platform can turn your network
into a powerful asset. NC
12 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
PRODUCTREVIEW
ZPE Systems
Nodegrid Services
Router
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
In these challenging times support staff
demand secure remote access to critical
infrastructure devices, as it accelerates
troubleshooting and negates the need for onsite
visits. There are plenty of appliances that
offer these services but we've yet to see any that
can match the sheer versatility of those from
ZPE Systems.
Not content with offering high-level OOB
(out-of-band) access to core devices, the
modular Nodegrid Services Router (NSR) on
review can be customised to provide a wealth
of on-site network services. This 1U rack
appliance presents five multi-service card slots
that accept an impressive range of plug-in
expansion modules.
Along with 16-port serial USB and RJ-45
OOB access modules, you have 8-port
10GbE SFP+ and 16-port SFP Gigabit
switches, 16-port copper Gigabit and 8-port
PoE+ switches, storage and compute modules
plus a combined M.2/cellular/WiFi/SATA
version. With this much choice, the NSR can be
easily equipped to run a host of network
services including switching and routing, SD-
WANs, SDNs, firewalls, 4G/LTE failover and
even application virtualisation.
A major issue with fixed-port OOB appliances
is they have to be replaced as the number of
managed devices exceeds their capabilities.
The NSR overcomes these issues as you
increase its port count with extra modules as
demand dictates and group multiple
appliances in clusters. Even better, the NSR is
vendor agnostic so you can use it to access
legacy OOB solutions allowing businesses to
phase them out gradually.
The NSR has plenty of power on tap as it's
equipped with a 2.2GHz 8-core Intel Atom
C3758 CPU partnered by 8GB of DDR4
memory. Its 32GB mSATA SSD can be easily
upgraded or you can add the storage module
that supports standard SFF hard disks and SSDs.
Deployment is a breeze as we connected one
of the NSR's Gigabit management ports to the
lab network, powered it up and pointed a
browser at it. Zero-touch deployment for
distributed sites is also available as you declare
the NSR to the ZPE Cloud portal and send it to
the site, where it connects to the portal for
enrolment and remote management.
The local web console is very intuitive, and we
started by running a discovery of the lab
network and creating managed device entries
for our various infrastructure systems. Each port
on the OOB modules can be configured with
the desired serial settings and we also added
network devices such as our Dell server iDRAC9
IP addresses, which were then directly accessible
from the console's access page.
Switch module ports are enabled as required
and used to connect devices such as IPMI
controllers, UPS management ports and PDUs
and as they function as standard switches, any
other device you want. Add a Docker license
and you can create lightweight containers on
the NSR and run just about any app that's
available on the Docker Hub.
Access security is tight as the NSR supports
authentication servers such as Active Directory
and RADIUS along with 2FA and SSO. User
access can be fine-tuned by placing them in
groups that are assigned specific devices with
read/write and power control permissions plus
authorised PDU power outlets.
The NSR offers integral intrusion prevention
which blocks hosts with multiple authentication
failures and enforces system BIOS password
protection to stop unauthorised changes
being made. Businesses worried about
compliance can rest easy as the extensive
auditing services include keystroke logging for
all remote sessions.
The Nodegrid Services Router seamlessly
delivers joined up infrastructure management
and network services. It's easy to use with
extremely tight remote access security, and its
smart modular design allows businesses to cut
costs and complexity by using it to replace
multiple point solutions. NC
Product: Nodegrid Services Router
Supplier: ZPE Systems
Web site: www.zpesystems.com
Telephone: +353 (01) 631 9164
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 13
FEATUREREMOTE WORKING
IS YOUR REMOTE
WORKING MODEL
COMPLIANT?
BY MIKE PUGLIA, CHIEF
STRATEGY OFFICER, KASEYA
With data collected by the Office for
National Statistics (ONS) indicating
that almost 50 per cent of Great
Britain's workforce was working from home in
mid-April, and with many organisations looking
to consider permanent remote working
models as the lockdown eases, the need to
effectively manage a secure and compliant
remote workforce is increasingly vital.
Yet, that mass migration to working from
home has inevitably made achieving these
goals more challenging. Of the 2,000 homeworking
British people surveyed in recent
research by IT support company, ILUX, for
example, one in ten believed that their expected
working practices are not GDPR compliant.
But the issue is not just about GDPR, it is
about compliance and security more generally
and it is also about support. As James Tilbury,
managing director at ILUX, puts it: "Asking
employees to work from home and then not
providing the right computer systems and
security measures is a recipe for disaster. The
last thing any business needs at this time is to
lose valuable data, leave themselves open to
cyber-attacks or phishing and leave themselves
vulnerable to the unknown."
In ensuring compliance, it is critically important
that businesses provide their employees
with the right computer systems and security
measures. If possible, they should not be
using their own personal devices for work purposes.
However if they do, IT needs to be
able to verify the readiness of these devices to
be connected to the corporate network. If they
are working on the organisation's network
through a secure VPN, their business will be
able to secure all the endpoints on their network
to ensure they're patched and secured
properly to mitigate the risk of a data breach.
They can integrate the right security including
anti-virus, anti-malware and backup. They
can ensure routine, reliable (and encrypted)
backup and recovery as part of a complete
layered security approach.
Remote solutions can also be key in ensuring
security remains tight and in enforcing compliance.
Dark web monitoring is one example.
Keeping an eye on the Dark Web is prudent
because it's the most likely place for bad actors
to get the illicit password lists, stolen logins,
ransomware, and hacking software that are
the tools of their trade. Reams of sensitive personal
and business data are also available on
the Dark Web to bolster phishing attacks.
That's why dedicated Dark Web monitoring is
a smart choice. A quality Dark Web monitoring
service can quickly get experts to hunt
through the Dark Web and discover if a company's
data or passwords are in circulation,
enabling businesses to prevent a problem from
becoming a catastrophe.
Compliance reporting remains key in this
context also. Under GDPR, organisations are
responsible for how they manage and protect
the privacy of EU citizens' user data (Article 5).
Organisations need to ensure they choose
backup, recovery and cloud software solutions
that provide robust compliance reporting
built into the user interface, including outage
impact predictions and comprehensive
data recoverability reports that are available
in formats that can be shared with leadership
or auditors.
Businesses should remember too that compliance
should not just be imposed from the top.
Working from home can be too comfortable
sometimes. Relaxing the dress code can
encourage workers to relax their standards,
creating potentially expensive compliance disasters.
Many industries have adopted strict
compliance standards for the secure storage
and transmission of sensitive data, with equally
burdensome penalties for failure. Enforcing
compliance can be a challenge when a company's
workforce isn't centralised.
It is important that organisations don't give
staffers the opportunity to fail at compliance -
and don't give regulators a reason to come
calling. Instead, they need to automate compliance
as much as possible to make it easy
for compliance specialists to ensure everyone
is meeting the necessary standards. An automated
compliance assistant can also have a
key role to play in keeping up with the minutiae
of changes to regulations so that no detail
gets overlooked; making sure that everything is
ship-shape and alerts staffers to potential
issues quickly.
Becoming fully remote ready is not easy for
any business of course. But in terms of becoming
compliant and secure, there are several
steps they can take to help streamline the
process. Creating smart policies and backing
them up with the right solutions will help businesses
to rapidly mitigate risks to their systems
and data and remain secure in this new
remote working world. NC
14 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
PRODUCTREVIEW
NetAlly
EtherScope TM nXG
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
NetAlly's EtherScope nXG sets new
standards for network analysis as it
delivers a remarkably powerful set of
diagnostics and troubleshooting features in a
ruggedised handheld device. Ease of use is
another key feature as it runs an Androidbased
OS, so if you can use a smartphone
you'll have no problems with the EtherScope
nXG, making it ideal for network technicians
and engineers alike.
Wired network features abound as it
supports 10GbE copper and fibre, multi-
Gigabit NBase-T and Gigabit connections
plus it can analyze PoE++ switch ports. For
wireless networks, you have integral 4x4 MU-
MIMO 11ac capabilities with Wi-Fi 6 11ax
device visibility, and a unique feature is its
ability to simultaneously display data gathered
from wired and wireless networks.
Using the device couldn't be easier as its big
5'' colour touchscreen presents a range of
icons for instant access to all tasks. We
connected its 10GbE copper port to the lab
network and a tap on the AutoTest icon took
us to a set of customisable profiles.
Three profiles are provided by default so we
could quickly test our wired network for
connectivity and device discovery, review Wi-Fi
air quality to pinpoint oversubscribed channels
or interference and test selected wireless APs.
You can easily customise AutoTest profiles,
place them in groups and add new ones using
the screen's FAB (floating access button).
For Wi-Fi profiles, you simply view the results
from the main network discovery app and
connect to an SSID where a new profile is
automatically created. We also connected the
EtherScope to a fibre 10GbE switch port, used
the Performance app to test the line rate and
ran another app for packet capture.
The AirMapper app can be used for indoor
and outdoor Wi-Fi site surveys and creating
signal heatmaps. We copied a site map JPEG
to the EtherScope using its USB 3 port,
created a new survey and took a walk around
our site, tapping on the screen to add position
datapoints as we went along.
On completion, one tap uploads the site
survey directly to the NetAlly Link-Live cloud
portal. The view can be filtered to show
features such as specific APs or SSIDs and
shared with other users that have been invited
to join your organisation.
The Live-Link portal is a stand-out service
as once you've claimed the EtherScope for
your account, you can upload test results
and packet capture data. Many test results
are uploaded automatically to the portal and
all can be used for further analysis and
report creation.
It gets better, as the EtherScope can be
remotely controlled from Link-Live or via VNC,
where you are presented with an exact
representation of its screen. This makes it
perfect for secure remote site troubleshooting
as you don't even need anyone present to run
your tests.
The network discovery app provides a
complete rundown of every wired and wireless
device it finds. You can drill down into each
entry for more detail and if errors have been
detected, it provides a problem analysis and
sage advice on remediation.
The EtherScope can do much more as it
can run many other Android apps. Installed
from the NetAlly App Store, you have a
multitude of choices ranging from remote
support and SNMP monitoring to email
clients and Office apps.
The powerful NetAlly EtherScope nXG takes
network analysis to new levels as it combines
a stunning range of diagnostics features with
extreme ease of use. It delivers joined up
wired and wireless network testing in a single
device and teaming it up with NetAlly's Link-
Live web portal adds extra versatility, making it
a must-have tool for swift network
troubleshooting and fault remediation. NC
Product: EtherScope nXG
Supplier: NetAlly
Web site: www.netally.com
Telephone: +44 (0)141 816 9600
Price: From $8,250
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 15
OPINION
THE DATA CENTRE DILEMMA
MICHAEL MCNERNEY, VP OF MARKETING AND NETWORK
SECURITY AT SUPERMICRO ASKS: "IS OUR DATA DESTROYING
THE ENVIRONMENT?"
Adoption of new technologies like
smartphones and wearables may
have slowed significantly in the last
few years, but data usage is only continuing
to grow - massively. In 2012, there were
500,000 data centres worldwide, but today
there are more than 8 million according to
IDC. The rapid rise in smartphone usage,
IoT adoption, and big data analytics have
led to massive growth in data centres, and
they come with a cost. So - is our data
destroying the environment?
SHORT ANSWER: YES
Every year, millions of data centres
worldwide are purging metric tons of
hardware, draining country-sized amounts
of electricity, and generating as much
carbon emissions as the global airline
industry. Technological advancements are
challenging to forecast, but several models
predict that data centres could be using over
10% of the worldwide electricity supply by
2030. Such growth would indicate similar
increases for both gas emissions and e-
waste produced.
Britain's foremost data centre expert Ian
Bitterlin notes that despite hardware
innovations, the amount of energy used by
data centres continues to double every
four years.
Together, this paints a challenging picture
for the future of our environment. Luckily,
some forward-thinking industry leaders
have been innovating their way around
this conflict.
LONG ANSWER: NOT ANY MORE
The U.S. Department of Energy found that
rapidly increasing Internet traffic and data
loads were being countered by new
technologies. The Lawrence Berkeley
National Laboratory estimated that if 80% of
servers in the U.S. were moved over to
optimised hyperscale facilities, this would
result in a 25% drop in their energy usage.
For the enterprises that don't need or can't
afford to establish a hyperspace data centre,
a new category of resource-optimised
systems for data centres have arisen on the
market. These solutions look to further
design improvements, rethinking how
standard data centres are built to achieve
breakthrough performance and efficiencies.
One big area of improvement is to develop
superior cooling techniques. A popular
answer is simply to locate data centres in
cold or windy climates. Another is leaving
fewer servers on so as not to waste time
idling: Facebook invented a system called
Autoscale in 2014 that reduces the number
of servers that need to be on during lowtraffic
hours, leading to power savings of
about 10-15%. Some companies, like
Google, have turned to AI to optimise their
internal cooling systems by matching weather
and operational conditions, reducing cooling
energy usage by almost 40%.
Another recent innovation is disaggregated
system designs that break the 3-5 year
"forklift upgrade" model by building a
modular, sustainable infrastructure that
allows the upgrade of only the improved
elements of the system (e.g. memory and
CPU); this delivers sustained optimal
performance over multiple generations and
reduces e-waste issue created by full data
centre upgrades. For example, Intel has
been heavily deploying disaggregated
system designs with its latest generation of
CPUs, contributing significantly to e-waste
reduction.
THE STORY ISN'T OVER YET
NASA's centre for Environmental Research
has been implementing data centre solutions
that are in line with green computing efforts.
Lesley Ort from NASA's Global Modeling
and Assimilation Office noted that "[NASA]
doesn't want to be creating the problem of
greenhouse gas pollution at the same time
that we are studying it". While organisations
like NASA are making strides in researching
and tackling the environmental dilemma of
data centres, many technology companies
have yet come to grips with this
environmental impact.
These technologies are available and ready
to use. They deliver the double benefit of
optimising performance, and TCO while also
reducing environmental impact. Engineers
and data centre architects in Silicon Valley
and around the world should be asking how
they can optimise the data centre while also
reducing environmental impact. NC
16 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
FREE CISSP
WEBCAST SERIES
Get a Look Inside the CISSP Domains.
Watch Now!
isc2.org/Certifications/CISSP/Webcast-Series
Inspiring a Safe and Secure
Cyber World
FEATUREREMOTE WORKING
REMOTE WORKING IN A TIME OF CRISIS
ORGANISATIONS HAVE BEEN RAPIDLY GROWING THEIR REMOTE-
ACCESS NETWORKS AND MOVING MUCH OF THEIR OPERATIONS
INTO A VIRTUAL WORLD. TOM CALDWELL, STATSEEKER CTO,
DISCUSSES HOW MANY ARE RESPONDING TO THESE NEW
CHALLENGES IN UNPRECEDENTED TIMES
Almost overnight network traffic has
completely changed due to the Covid-
19 outbreak. With a significant
increase in video conferencing, users taking
different routes to their SaaS apps from home
and traffic going over firewalls and interfaces
that it didn't before, many organisations are
scrambling to understand and manage dramatic
changes in network traffic. The bottom
line is that performance is being impacted and
staff start to complain when the network runs
slow or video quality is poor.
While different organisations might be more
prepared than others, network engineering
teams are under pressure to deliver a clear
view on the availability and performance of
their remote network connections, which are
now deemed critical to ongoing business success.
Senior management is demanding
reports which give almost real-time insight into
the quality and user experience of their remote
workers. Network managers need to rapidly
discover if corporate firewalls and VPN concentrators
can handle the additional network
load, especially from video-based services.
WHAT'S THE CHALLENGE?
NetOps teams need immediate answers to
these questions, and what we're seeing in the
market is that VPNs are obviously front of
mind. But for the Covid-19 urgency, not all
organisations have a clear view of their
IPSEC VPNs, SSL client VPNs, or other types
of VPN connections.
The problem is more than just logging into
firewalls and VPN concentrators and trying to
view the siloed network statistics. Network
managers are trying to view the end-to-end
network connectivity from remote clients,
through VPN devices, across the switch links,
then through the core to a business-critical
destination, which could be private datacentres,
SaaS clouds, ERP systems, collaboration
systems, etc. Furthermore, they need the ability
to monitor and predict key availability and
performance indicators as more and more
staff work remotely.
WHY IS THERE A PROBLEM TODAY?
Many organisations are feeling the impact as
they're simply not used to having so many
staff or students working remotely. Major corporations
may have larger teams and budgets
compared to smaller businesses or an
educational institution and therefore be more
prepared to add VPN to their network monitoring
capabilities. But others are finding it
more of a challenge.
Many NetOps teams don't usually have to
monitor everything, everywhere, rather focusing
on the key areas such as the datacentre.
But the new 'normal' means that VPNs have to
be closely monitored, almost in real-time, for
capacity planning purposes and answering
the key questions of "do I have enough
capacity?" and "do I have enough network
infrastructure to keep our remote workers productive
and collaborating?"
Existing VPN firewalls and concentrators may
not be up to the task due to throughput limitations
and license restrictions. NetOps teams in
the past have not been mandated to monitor
jitter and delay for latency-sensitive applications
like video and voice, on top of the more
usual congestion and usage levels. Some
companies and institutions are having to
install new methods of monitoring these types
of applications to obtain the required visibility,
then extract the data via SNMP polling and
visualise it in operational dashboards.
SO WHAT DOES BEST PRACTICE
LOOK LIKE?
Visibility of VPN metrics is rapidly becoming
the new standard and delivering the end-toend
network visibility that network managers
require today is critical. Displaying vital information
such as latency and utilisation across
all key VPN interfaces, including throughput
graphs showing when a pipe is full, we're
finding that customers need these intelligent
dashboards. They're helping them keep up
with their evolving networks, without having
to manually check VPN appliances or bandwidth
usage.
Offering access to new performance metrics
in this way helps them look into the future for
VPN capacity planning, plan for growth in the
new 'normal' and provide the deeper visibility
that many have been missing. NC
18 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
PRODUCTREVIEW
SolarWinds
AppOptics
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Infrastructure and application performance
monitoring (APM) are essential tools for
enterprises and yet many solutions are overly
complex and require high levels of expertise to
understand. SolarWinds simplifies these
processes immensely as its AppOptics SaaS
solution is designed to provide deeper insights
and intelligent analysis for swifter problem
resolution.
This latest version introduces service and
trace-level root cause analysis to highlight
applications that are not behaving normally
and show precisely what the underlying cause
is. SolarWinds also scores over the
competition by offering a simplified pricing
structure with no hidden costs, making it
easier to control expenditure.
AppOptics infrastructure monitoring supports
an impressive range of platforms with Windows,
Kubernetes, Amazon Linux and all other key
Linux distributions on its guest list. Installing the
host agent on our Windows Server systems was
simple as we downloaded it from the portal,
added the API token provided during agent
installation and waited for it to send host metrics
to the portal.
We could view all hosts in the portal's
Infrastructure page and drill down for more
detail. The level of information is extensive with
graphs showing CPU, memory, disk and
network utilisation along with a complete readout
of host process and resource usage.
Log monitoring is also provided and
AppOptics can pass system and service logs
directly to the SolarWinds Loggly and PapertTrail
log analysis and management platforms.
AppOptics makes log analysis even easier as
the agents can automatically insert unique trace
IDs making it much easier to search for and
follow specific transactions.
For service monitoring, AppOptics offers
agents for nine programming languages
including .NET, Java, PHP, Ruby and Python.
Again, installation is simple as you choose your
language from the portal, pick a platform,
name the service and follow the instructions for
installing and configuring it.
SolarWinds provides plenty of host agent plugins
ranging from Apache, Docker and IIS to
SQL Server, Oracle and ZooKeeper plus the
portal gives access to a huge catalogue of
open-source community plug-ins on GitHub.
Hosted services are present too, as you can
monitor AWS and Azure environments with the
former providing CloudWatch integrations for
importing metrics from 35 different web services
The level of information presented is
staggering as AppOptics provides full stack
views and all service traces. If, for example,
you're running IIS web services with SQL
backend databases, it displays everything that is
going on in relation to each other and presents
heatmaps to highlight unusual activity.
AppOptics makes light work of troubleshooting
complex web applications by presenting
individual traces so you see how different
components tie in together and easily spot
which one is causing problems. Errors for
specific transactions are provided and a slick
map view shows service dependencies making it
even easier to identify issues.
AppOptics full application visibility allows you
to view activity at the host level, drill right down
to individual transactions and see exception
categories where similar errors are grouped
together. Code profiling goes even further as it
shows you the classes and attributes of
application code to provide a deeper
understanding of performance and further
opportunities for optimisation.
AppOptics stands out for its integrated
machine learning (ML) capabilities as it uses
insights based on historical data to make
informed decisions about detected issues and
their likely cause. It's also great for monitoring
the impact of application modifications as you
can view traces and logs from different time
periods.
SolarWinds AppOptics offers an innovative
approach to infrastructure and application
performance monitoring making it accessible to
a much wider audience. It cuts through the
APM data fog and presents clear insights and
analysis for swift, accurate application
troubleshooting. NC
Product: AppOptics
Supplier: SolarWinds
Web site: www.appoptics.com
Price: From $20 per host per month
20 MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
NETWORKcomputing
SECURITYUPDATE
VOICE OF HOPE
WHAT IS HAILED AS A
SIGNIFICANT STEP FORWARD
IN THE UK'S FIGHT AGAINST
ONLINE HARMS HAS BEEN
TAKEN, WITH THE LAUNCH OF
THE ONLINE SAFETY TECH
INDUSTRY ASSOCIATION
(OSTIA)
First OSTIA meeting in early 2020, with Caroline Dinenage,
Minister of State for Digital and Culture, centre front
The industry body OSTIA has been
launched with the aim of bringing
together companies operating in the
field of online safety, who believe the UK
is at the forefront of safety tech, and the
development of products and solutions
that will make a significant contribution
to online safety.
The concept of OSTIA emerged at a
roundtable event in 2019 organised by
Cyan Forensics and PUBLIC, chaired by
Baroness Shields OBE. The event brought
tech companies, government and charity
organisations together to share ideas and
to discuss collective issues and solutions
to many of the online harms-related
problems faced today. To date, 14 tech
companies have joined the association.
The association has three key aims:
Provide a voice of hope by informing
policy makers, technology providers
and the general public about online
safety technologies
Create collective influence on policy,
regulation and broader support for
the sector
Provide a forum for companies
contributing towards the goal of
online safety.
The association has received backing
and support from across government,
campaign bodies and charities, as well
as organisations including the Internet
Watch Foundation (IWF) and NSPCC.
Organisation representatives will meet
regularly with government representatives
to explore ways to support innovation
and growth in UK safety tech.
Ian Stevenson, OSTIA chair and Cyan
Forensics CEO and co-founder, says:
"The topic of online safety is wideranging
and hugely complex.
Unfortunately for regulators and
providers, it is made up of many
individual problems; there is no silver
bullet that will solve the whole issue.
That's why we wanted to establish this
industry association - to create a
powerful collective voice to enact
change. By focusing on specific,
actionable areas, we can work together
to demonstrate how the thriving safetyrelated
products and services market will
play a significant role in helping
companies protect the most vulnerable
from accessing harmful content, while
driving digital growth. Together, we can
ensure that the public, technology
companies and policy makers are aware
of these lifelines."
Caroline Dinenage, Minister of State for
Digital and Culture, comments: "We are
determined to make the UK the safest
place in the world to be online and have
set out world-leading proposals to put a
duty of care on online companies,
enforced by an independent regulator."
Traditionally, debate in online safety has
been between those who seek change,
and those who fear it will be costly and
difficult to implement. OSTIA will
represent new voices, it states: the
companies that have built the technology
that can deliver the much-needed
transformation. NC
Ian Stevenson, OSTIA chair and Cyan
Forensics CEO and co-founder
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 21
TRAINING& EDUCATION
SHEDDING NEW LIGHT
ON VIRUS IMPACT
ADDRESSING THE NEED FOR
CYBERSECURITY TRAINING
AND PREPAREDNESS DURING
THE ONGOING
LOCKDOWN IS CRITICAL, AS
DESHINI NEWMAN,
MANAGING DIRECTOR EMEA,
(ISC) 2 , EXPLAINS
The COVID-19 outbreak has caused
unprecedented disruption for individuals
and organisations alike. The acceleration
to a global pandemic reaching the
UK arguably caught many off guard, leaving
little time to prepare for the wholesale shift of
the economy to working-from-home, and the
temporary suspension of many businesses
and services we take for granted.
To keep the economy working as much as
possible, organisations and governments put
business continuity plans into action at short
notice, developed new approaches to deal
with an unprepared scenario and pushed
remote working capabilities to previously
untested levels. The result has been a distinct
shift in the responsibilities of cybersecurity
professionals and the challenges of workload
that is being experienced.
Keen to understand the extent of the
impact, we recently surveyed cybersecurity
professionals globally to understand exactly
how things have changed and how they are
being affected on the cybersecurity front line.
The (ISC)² COVID-19 Cybersecurity Pulse
Survey's findings shed light on the adjustments
that organisations and their cybersecurity
professionals have made in the last
two months, in order to maintain their business
operations and mitigate the impact on
cybersecurity.
UNDERSTANDING THE CYBERSECURI-
TY IMPACT OF COVID-19
The survey revealed that 81% of respondents,
all responsible for securing their
organisations' digital assets, indicated that
their job function has changed during the
pandemic. On top of that, 90% indicated
they themselves are now working remotely
full-time, while trying to address the cybersecurity
needs of their organisations. Added to
this, a third stated they had confirmation of
someone in their organisation having contracted
COVID-19, further illustrating the
impact the virus has had on society.
As expected, almost all of the organisations
surveyed (96%) have closed their physical
workplaces, moving to remote working to
maintain as much operational capability as
possible. That 96% is comprised of 47% that
said all staff from closed facilities were now
remote working, while 49% said that some -
but not all - employees are working remotely.
The sudden change in circumstances has
resulted in a marked effect on cybersecurity
threats, with a quarter reporting that incidents
have increased since the change in
working practices. Some organisations are
tracking as many as double the number of
incidents, compared with pre-lockdown
times. It is not a surprise that four out of
every five respondents view security as an
essential function at this time.
The need to adapt to the sudden change in
operations and workplaces has seen almost
half of cybersecurity professionals being
taken off some or all of their typical security
duties to assist with other IT-related tasks,
such as equipping a mobile workforce, and
implementing new applications and platforms
to enable mass remote working and
communication. The sudden and sometimes
improvised solutions that have enabled businesses
to transition so quickly to remote
working have caught 15% of respondent
organisations off guard, as they suggested
their teams do not have the resources they
need to support the sudden appearance of a
22 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
TRAINING& EDUCATION
remote workforce. A third said they are managing
- for now at least!
Some 40% are making use of security best
practices, even while compromised by the
lockdown conditions. Meanwhile, 50% said
they could be doing more than they are to
maintain security standards.
MAKING CYBERSECURITY TRAINING
AVAILABLE DURING THE LOCKDOWN
The industry has responded by realising that
more needs to be done to ensure a safe
and secure cyber world. The sector needs to
remain on top of new and changing threats
and challenges. This is motivating the industry
to provide more options and support to
the professional community.
As the world's largest non-profit association
of certified cybersecurity professionals, (ISC)²
has put a variety of measures in place to
support cybersecurity professionals through
the current situation. Being acutely aware of
the workload pressures facing some, and the
financial impact of furloughing and shutdowns
on others, we've made available a
variety of resources to help with education
and training to support people as they reenter
the workforce after lockdowns ease
and to support professional development
during the COVID-19 disruption period.
We have made available our award-winning
webinar series for free. It features
expert-led discussions on a wide range of
security topics and we are continuing to add
new content even during the current period.
It means there is both a wide range of
knowledge to tap into to help learn and deal
with the cybersecurity issues facing organisations
today, as well as boosting the opportunities
for members to meet their CPE needs
without having to travel or attend in-person
meetings or conferences.
(ISC)² has also taken the decision to offer
many of our certification training options for
online consumption at reduced cost. We
realise that some people will be looking for
a new role now and after the lockdown period
is relaxed. That is why we are making
recognised certification, such as the Certified
Information Systems Security Professional
(CISSP) and Certified Cloud Security
Professional (CCSP), available using online
self-paced training at a 33% discounted
price. This is intended to help IT and non-IT
staff alike develop and verify their skills and
knowledge, supporting them as they seek
new opportunities in the cybersecurity sector.
Online instructor-led courses are also available
for those who prefer a more structured
online learning experience. Alongside this,
we are making our Professional
Development Institute (PDI) courses available
to non-members at a discounted rate,
including free access for all to the recently
released 'Utilising Big Data' course. The PDI
library currently comprises 35 courses.
Expanding access to PDI courses is another
way we are working to help the community
expand its collective knowledge and understanding
of complex and topical issues and
technologies. This is a challenging time for
many, inside and outside the cybersecurity
profession. The need for professional development
is more important than ever as a
result of COVID-19, and the unique business
and community conditions we currently face.
We hope these resources will prove valuable
to the larger cybersecurity community and
encourage them to continue to develop their
skills during this time.
Our heartfelt thanks goes to (ISC)² members
and the wider cybersecurity community
for the efforts being made to keep us all safe
in the digital world during the pandemic and
when we get to the other side.
For more details about how COVID-19 is
impacting (ISC)² members and exam candidates,
and how the association is responding
to support members and the wider community,
please visit:
https://www.isc2.org/notice/COVID-19-
Response
Deshini Newman, managing director
EMEA, (ISC) 2
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 23
SECURITYUPDATE
UNDER FIRE AT HOME
BAD ACTORS HAVE BEEN TAKING ADVANTAGE OF THE CURRENT
CRISIS TO CREATE CHAOS, LOCKING OUT EMPLOYEES AND
PARALYSING BUSINESS OPERATIONS
Due to the sudden shift to a workfrom-home
model as a result of
the COVID-19 pandemic, nearly
two-thirds (64%) of companies have
experienced at least moderate
disruptions to their network security
business practices - and nearly a quarter
(23%) have suffered major disruptions.
The report from Neustar's International
Security Council, based on a recent
survey of cybersecurity professionals,
also reveals that 29% of companies did
not have a fully executable business
plan in place to keep their network
secure, in the event of a major crisis
such as the current pandemic.
In addition, survey responses indicate
that only 22% of corporate virtual
private networks (VPNs) have handled
the work-from-home shift with no
connectivity issues, while 61%
experienced minor connectivity issues.
"Social distancing measures that call
for employees to work from home when
possible have dramatically changed
patterns of connection to enterprise
networks," says Rodney Joffe, chairman
of NISC, SVP and fellow at Neustar.
"More than 90% of an organisation's
employees typically connect to the
network locally, with a slim minority
relying on remote connectivity via a
VPN, but that dynamic has flipped. The
dramatic increase in VPN use has led to
frequent connectivity issues, and -
especially considering the disruption to
usual security practices - it also creates
significant risk, as it multiplies the
potential impact of a distributed denialof-service
(DDoS) attack. VPNs are an
easy vector for a DDoS attack."
With IT teams stretched particularly
thin at the moment, bad actors can take
advantage of the chaos to exploit any
vulnerabilities and launch volumetric
attacks, network protocol attacks or
application-layer attacks - locking out
employees and paralysing business
operations. In addition to this,
volumetric attacks are increasing in size.
Recently, Neustar mitigated a 1.17
terabyte attack, which required a unique
and diverse set of tactics in order to
successfully fend off the attack. "In times
like these," continues Joffe, "an alwayson
managed DDoS protection service is
critical. A purpose-built mitigation
solution like Neustar's cloud-based
UltraVPN Protect can keep remote
workforces connected and productive,
and ensure that business continues
without interruption."
SHARP RISE IN THREATS
The latest NISC report reveals a sharper
than usual uptick in threats over the two
months covered by the most recent
Rodney Joffe, Neustar: the dramatic
increase in VPN use has multiplied the
potential impact of a distributed denial-ofservice
(DDoS) attack
survey. In fact, the International Cyber
Benchmarks Index, which reflects the
overall state of the cybersecurity
landscape, reached a new high of 331
back in March this year. When asked
which cyber threats had caused the
highest level of concern over the
previous two months, the security
professionals who were surveyed ranked
DDoS attacks as their greatest concern
(23%), followed by system compromise
(22%) and ransomware (18%). NC
24 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
FEATUREREMOTE WORKING
THE DOUBLE-EDGED
THREAT
IT'S NOT JUST CYBER SECURITY
THAT IS AT STAKE WHEN
WORKING FROM HOME. YOUR
PHYSICAL SAFETY NEEDS TO BE
TAKEN CARE OF AS WELL
In order to support businesses in
managing their security during the
pandemic, Secured by Design, the
Police Digital Security Centre and the
National Counter Terrorism Security
Office have put together a leaflet
containing the 'Top 10 Cyber Security
Tips for Working at Home' and the latest
counter terrorism advice.
The leaflet is aimed at businesses that
have either been instructed by the
government to close, in line with the
Covid-19 guidance, or have chosen to
close, and provides advice and guidance
to assist them review both their physical
and cyber security to reduce the chances
of falling victim to criminals.
The top 10 tips for working at home
offer this advice:
Strong password policy for all devices
and social media accounts. Change
default passwords on all your devices
when initially installed (especially
your Wi-Fi router at home or any
Internet of Things devices you may
have) and consider using password
managers to store and protect your
passwords
2FA: turn on the two-factor
authentication setting on all your
accounts and devices
VPN: use a Virtual Private Network
(VPN) to protect and encrypt the data
you send or receive. It will also scan
devices for malicious software
Software update: set all your devices
and apps to download and install
updates automatically to ensure that
any crucial fixes are not missed and
the risk of your devices being infected
with malware is reduced
Backup: to safeguard your important
personal data and information, back
them up to an external hard drive or
cloud-based storage system
Phishing emails: cyber criminals are
targeting people and businesses with
fake emails about the coronavirus.
Phishing emails are embedded with a
virus that could compromise your
device, as well as manipulate you
into sharing personal or financial
information
Install anti-virus: install and activate
anti-virus software on all your device
and preferably set it to update
automatically. This will help you to
run a complete scan of your system
and check for any malware infections
Safe online browsing: only visit
trusted websites. Keep an eye out for
a padlock sign in the address bar,
showing that the connection and your
personal information (eg, credit card
information) is encrypted and secure
Social media: it is important to review
the privacy, password and security
settings for all your social media
accounts to ensure they are as secure
as possible
Communication: maintain contact
with your team, as it is easy to feel
isolated or lose focus when working
at home.
Despite the current threat emanating
from Covid-19, it is still important to
remain alert and vigilant to terrorist
activity. Live-time information from
counter terrorism policing, plus all the
very latest protective security advice, is
now available at your fingertips 24/7 -
wherever you are.
Via your 'phone, you can keep updated
where and when it matters most - all
through the new easy-to-navigate Action
Counters Terrorism (ACT) app, which is
free for businesses and available from
Google Play or the App Store. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 25
FEATUREREMOTE WORKING
YOU'VE GOT MAIL: A
DIGITISED MAILROOM
THAT'S FIT FOR THE
RETURN TO WORK
WORKING FROM HOME IS HERE
TO STAY. STAY CONNECTED IN
THE NEW NORMAL
The life-changing disruption of
COVID-19 has impacted all
businesses, employees and
customers, and, whilst so much of the
future remains unknown, it's clear that a
more long-term plan is needed to
facilitate remote working as we start to
define the 'new normal'.
Swiss Post Solutions initially developed a
Crisis Management Solution, in response
to its clients' facing up to the challenge of
maintaining communications using the
traditional model of on-site mail.
Suddenly, complex, hybrid environments
made up of both the physical and digital,
and that require social distancing to be
adhered to at every stage, are here to
stay, as the country awaits the call to
return to work.
"Meeting this challenge head on with a
simple, yet crucial, Return to Work Digital
Documents Solution means teams need
never miss an item of post or a piece of
printed communication whilst working
remotely," states SPS. The solution is a
web-based application that is securely
hosted within the cloud and can be swiftly
deployed within seven days, delivering
digital mail to a homeworker or officebased
worker's desktop or mobile and
offering guaranteed access during
extended working hours.
The centralised Digital Documents
Portal allows teams to create numerous
digital desks, with a user permissions
hierarchy, to ensure swift and accurate
distribution of mail and documents.
Users can:
Download and view mail
Take/relinquish ownership of mail
Add comments
Forward to colleagues or teams
Close or complete a mail item
Delete a mail item.
The system maintains a full audit log of
every mail item interaction by any user,
and is built on a tried and tested, highly
secure, fully compliant and pre-existing
technology platform. Very little software
installation is needed in a set-up process
that simply involves connecting a
scanner(s) to a workstation on customer
premises and connecting to an online
application to scan and deliver the
documents.
Mail is scanned either by on-site staff or
Swiss Post Solutions mailroom staff,
ensuring a business can be serviced
whatever their social restrictions.
Alternatively, post can be collected from
customer premises and scanned at one of
SPS' secure and certified Document
Processing Centres (DPCs).
Clients are reportedly already seeing
reductions in mail handling costs of 15%,
mail processing times coming down by
75% and document management costs
reduced by 30%.
"These unprecedented times leave a lot
unknown, but, with Swiss Post Solutions,
you could not be in a safer pair of hands
for the return to work," states the
company. With over 90 years' experience
of managing mailrooms for some of the
world's most demanding organisations,
and currently operating over 500
mailrooms worldwide, it handles around
120 million items of mail for clients each
year. "And with a 96% contract renewal
rate and a 'World Class' customer
satisfaction Net Promoter Score of 78, it's
fair to say that these are happy clients,"
adds the company. NC
Do you need urgent digital access to
mail items, but have no current process in
place? Then it's time to talk to Swiss Post
Solutions. As soon as this time next week,
you could have peace of mind. Contact
us for more information
info.sps.uk@swisspost.com.
26 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
SUCCESSSTORIES
LEADING THE CHARGE
HOW SAVVY BUSINESSES HAVE FLIPPED THE DIGITAL SWITCH
Efficient communications were an issue
for the insurance industry, even before the
COVID-19 crisis, where paper has
always been the dominant communication
channel. "For ERS Insurance, our mailroom
solution was off-site, replacing two traditional
mailrooms. It focused on converting mail
to digital at the earliest opportunity, before
processing it either to an individual or to a
'digital desk', which all team members can
access." The benefits were immediate: 87%
faster processing of incoming mail, along with
improved access and tracking, to create vastly
more efficient processes.
The Co-operative Bank was looking for a
new, digital solution for storing and accessing
correspondence, as access could take up
to five days to achieve. "The solution
implemented by us included a day forward
scanning operation and web portal,
based around our Document Management
software to provide instant access to all
correspondence." The result? The time to
access to correspondence was reduced to
an average of just five seconds, dramatically
improving efficiency, business continuity and
the customer experience.
A final example would have to be Zurich
Insurance Group. Zurich receives high volumes
of diverse forms of mail that previously were
handled as part of a labour-intensive, manual
process. "We proposed a scanning solution
Chris Blood,
Head of Business
Services UK,
Swiss Post
Solutions
Limited.
that would centralise and automate the
scanning and processing of FinOps mail. This
technology allows users to receive, view,
process and archive digital mail documents,
essentially replacing the physical delivery
process." This new quick-to-implement solution
achieved a 6x faster processing time and 5x
faster access to business-critical documents.
STAY CONNECTED TO YOUR
CUSTOMERS AND EMPLOYEES
Our document management solution supports your business
continuity as you return to work.
SPS’ proven digital mail solution enables your business to quickly
Fast roll out
24/7 Access
Employees are able to access
incoming mail and generate printed
Secure and Compliant
Service delivered in an SPS secure
cleared to BPSS and SC Government
Reporting
SPS TECHNOLOGY SOLUTION
CLIENT REMOTE WORKING
SPS PRINTING FACILITY
Contact us for more information
A0562A0320_HybridMail-DigitalMail Advert v5b.indd 1 05/05/2020 11:07:46
FEATUREREMOTE WORKING
REMOTE WORKING: DO IT RIGHT
HOW DO YOU ENSURE YOUR BUSINESS REMAINS SECURE DURING REMOTE WORKING?
PHIL UNDERWOOD, CHIEF INFORMATION OFFICER, SECURENVOY, AND CHRIS CASSELL,
TECHNICAL SPECIALIST, SECURENVOY, OFFER THEIR INSIGHTS
Over the years, there has been an
increase in remote working, as
organisations look to promote
flexible working. With technology
constantly improving, employees are no
longer restricted to working in a traditional
office space.
However, the current global pandemic
has forced businesses worldwide to rapidly
implement remote working across their
workforce while travel restrictions are in
place. In its current form of remote
working, few businesses were ready for
supporting the complete workforce
remotely, in case of an emergency such as
the pandemic.
Even fewer conducted a readiness event
to understand, prepare and provide
remediation to cover the shortfalls and
problem areas that would impact their
day-to-day operations. In such situations,
hackers are fully ready to take advantage,
whether this is for financial gain, to
damage a company's reputation or steal
sensitive assets. Thus, the various security
challenges that remote working brings need
to be addressed to ensure business data is
not put at risk. The following are some of
the topics that need to be considered to
ensure your business remains secure during
remote working.
USE OF BYOD
With a surge in requirements to support
non-typical mobile workers, it is all too easy
to allow use of a home machine to fulfil
a need. Yet, this approach brings its own
issues, namely the integrity of the machine,
whether the OS type and patching are up
to date and supported, browser type and
support are allowed and secure, the
firewall is active or not, and if there is antivirus
and malware capability. Home
computers are also more likely to have
been used by non-security trained people
at some point. Therefore, use of BYOD can
increase vulnerability to cyber threats.
PROTECTING YOUR ENDPOINTS
Now that you are discouraged from
allowing BYOD devices, securing your
endpoints is key. As users are using their
current corporate machines, most of this
can be managed remotely for firewall, antivirus,
malware and OS patching, in
addition to password management policies.
When we discuss endpoint protection,
ideally having a solution that provides data
28 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
FEATUREREMOTE WORKING
loss protection is key, as now the corporate
machine is most likely to be exposed to
threats upon the home network. Finally,
protecting the endpoint is not just about
cybersecurity, but also physical security.
Ideally, the same policies should be
executed at home, such as screen locking,
invoking MFA for laptop access and
securely storing the laptop when not used.
USER ACCESS
To enable remote working, users require
access to applications. Typically, access
is granted with a username-password
combination. However, multiple
applications require users to remember
multiple passwords which, if they forget,
can lead to locked accounts or end up with
users writing them down. A single sign-on
solution (SSO- identity provider) can
resolve most of these issues, but ideally
multi-factor authentication (MFA) should
augment the login process, as an SSO
solution allows a single password to access
a plethora of applications.
EMAIL SECURITY
All too often email security solutions allow
a phishing or similar bad email to be
delivered to a recipient. These may have
a bad payload or embedded link to a
compromised site. Hackers are getting
more imaginative on setting up new email
domain and locations, in order to send
their spam messages. The best piece of
advice is, if in doubt, delete the email. If it
is someone you do not know or conduct
business with, delete the email. If the sender
persists, pass it to your IT security team who
can check the message for validity.
Aside from the technical working
environment, the physical working
environment also needs to be considered.
The level of focus that employees have in
an office takes time to develop in a home
environment: patience, dedication and
routine are not achieved overnight. The
home environment can provide
distractions you might not otherwise have
in the office, which can lead to human
error. You attach the wrong version of a
file, or send it to the wrong person, and
there is the breach. That's how data leaks.
It is a situation that is less likely to happen
in an office, as there is less distraction.
Hence, alongside antivirus and endpoint
protection, businesses also need data
governance and data loss prevention
solutions. Generally, employees are not
focused on security when doing their job
and that is understandable. Lack of focus
on security is even more prevalent in
environments when they are juggling
several other priorities at once.
This is why tools that can enforce and
educate the security policy interactively are
so much more important. By controlling
what users can access and then, in turn,
what they can do with that data once they
receive access, you can ensure that it is
not going to be subject to those minor
human errors. This can stop the accidental
attachment of the wrong version of a file,
provide a reminder to check the recipients
of an email and stop data transfer to
external media to work on it on home
devices, all of which can help prevent
breaches.
Finally, having clear, defined policies and
guidelines for staff ensures a smooth and
trouble-free remote working deployment.
Provide education sessions to reinforce safe
working practices from time to time and
support staff who are completely new to
this concept. Teach them about physical
security, as well as cybersecurity, as they
both go hand in hand with a successful
remote access strategy. Lastly, detail a
simple escalation path for when things may
and do go wrong. In this way, mitigation
steps can be applied quickly and any
potential damage is limited.
Remote working during the current time
is essential and highly beneficial, so the
need to ensure your business is secured
during this time is crucial. NC
Phil Underwood, Chief Information Officer,
SecurEnvoy
Chris Cassell, Technical Specialist,
SecurEnvoy
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 29
MASTERCLASS
Business continuity and crisis management in the time of Covid-19
BY KEV BREAR, DIRECTOR OF CONSULTING; TECHNOLOGY RISK MANAGEMENT, AT XCINA
CONSULTING
The Covid-19 pandemic crisis has
generated unprecedented
challenges and, whilst it is entirely
correct that the current focus is upon
saving lives, life carries on and that
sentiment applies most pressingly to
global business operations and
economic activities.
The traditional approach used by
many organisations to manage the
effects of business disruptions has been
to employ business continuity solutions
to ensure that their critical business
activities, or services, continue to
operate at acceptable levels.
However, it has been suggested in
many forums that business continuity
solutions are best designed to deal with
operational level disruptions, such as
technology failures, physical damage
and supply chain disruptions. These
types of disruptive events are often
described as high frequency, with low
or medium levels of impact incidents.
The response to these types of incidents
can often be effectively managed,
following predefined plans and
procedures, with little or no input from
the strategic management team of the
organisation dealing with the situation.
The potential limitations of business
continuity solutions become quite
apparent when responding to the
challenges that arise from lifethreatening,
existential or reputational
crises. By contrast, these types
of crises are low frequency and have
high or catastrophic levels of impacts.
These crises always require flexible and
adaptive responses that can only be
provided through appropriate
leadership from the strategic
management level of an organisation.
It also seems quite apparent that it is
possible to deploy a hybrid response,
using both business continuity and
crisis management solutions to tackle
those rare situations that require an
extraordinary response. The current
Covid-19 crisis is exactly the sort of
unprecedented event that requires such
a response.
The most obvious challenges that
arise in using a hybrid response
strategy lie in the areas of leadership,
coordination and communication, but
these areas always represent
challenges in any adverse situation and
the organisation merely has to leverage
its proven arrangements, whilst bearing
in mind the additional complexities and
conflicting priorities of the highly
dynamic situation. Once the crisis
management team (CMT) has defined
its objectives and strategies, the CMT
then has to convey the correct
information and requests for action to
the relevant members of the
organisation, whilst also conveying the
appropriate messaging to its wider
group of stakeholders.
The CMT must then work with the
business continuity function and put in
place the appropriate supporting
business continuity activities. All these
coordinated activities must then
continue until the business is ready to
transition back to a stable operating
environment.
It is difficult to anticipate the outcome
or duration of the current crisis;
however, it seems reasonable to
assume that the recovery period may be
protracted, before a stable state of
operations may be achieved. It may
also be reasonable to say that the next
few months could be quite
transformational for many organisations
and lessons will have been learned,
and will continue to be learned, as this
global crisis unfolds. NC
Kev Brear: appropriate leadership at
strategic management level is the key to
steering a path through the current crisis
Rob Treacey, MD; Co-Head of Xcina
Consulting and Shearwater Group DPO
30 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
OPINION
A CYBERSECURITY EDUCATION
ALMOST TWO YEARS HAVE PASSED SINCE THE INTRODUCTION OF THE GDPR AND IT SEEMS
BUSINESSES ARE STILL NOT TAKING CYBERSECURITY SERIOUSLY, CAUTIONS AMAN JOHAL, LAWYER
AND DIRECTOR OF YOUR LAWYERS
While the Coronavirus continues to
dominate headlines everywhere,
the fact that the General Data
Protection Regulation is now two years old
warrants close attention as well. Several
businesses have felt the impact of failing to
comply with its strictures, such as British
Airways, which has been issued with a
notice of intention to fine a record £183m
for its 2018 data breaches, while several
high-profile data breaches affected
thousands of Travelex and Microsoft
customers. History will continue to repeat
itself, unless something is done, and a
good place to start is with educating staff.
The increased requirements for businesses
to store, manage and protect customers'
digital information leaves them vulnerable
to attacks from highly skilled data hackers.
This threat is not being met with training,
however. Too often, employers are failing
to educate their staff on how to avoid
simple data leaks and the catastrophic
consequences they could have. The 2019
State of IT Security Survey, for example,
revealed that the top issues faced by IT
security professionals included email
security and employee training. Despite
this, a third of employees reportedly don't
know what phishing or malware is - two
basic forms of cyberattacks.
Educating staff about cybersecurity is
crucial. If they aren't adequately trained the
business doesn't have a viable defence.
Even worse, your staff could be the cause
of a data leak themselves. A recent
example includes the Virgin Media data
breach which stemmed from a member of
staff not following the correct procedures
and "incorrectly configuring" a database.
This led to the personal details of
900,000 people being left unsecured
and accessible online for ten months.
With each customer potentially eligible
for up to an estimated £5,000 in
compensation, this entirely avoidable
incident could cost Virgin Media a total
pay-out of £4.5bn.
It's the responsibility of the employer to
ensure employees are educated about
data leaks and how to avoid them. Such
events are typically considered 'human
error' breaches. However, the reality is
that they arise from systemic failures by
organisations to protect themselves and
staff from data breaches. Educating
employees about data leaks and security
threats, including how they might look
and the necessary procedures to follow to
mitigate risks, will strengthen your
business against breaches and attacks.
It is now a legal requirement for all
organisations to have reasonable
defences in place, in order to prevent
cybersecurity breaches. There should be a
thorough defence strategy that starts with
the basics, such as encrypted storage and
processing, as well as the implementation
of professional tools like firewall
protection. Businesses that fail to take
reasonable steps and experience a data
breach can be issued with significant
regulatory fines. Since the introduction of
the GDPR, maximum penalties can be up
to 20 million euros, or up to 4% of an
organisation's global annual turnover. As
well as the financial losses, businesses
would also be wise to consider the
damage to their reputation and loss of
consumer trust that follows. NC
Aman Johal, Your Lawyers
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 31
SECURITYUPDATE
RANSOMWARE SOARS
WORKING FROM HOME CAN
MAKE I.T. SYSTEMS FAR MORE
SUSCEPTIBLE TO ATTACK,
WITHOUT THE RIGHT
SECURITY MEASURES FIRMLY
IN PLACE
Ransomware attacks skyrocketed in
2019, according to a newly released
breach report, an annual update on
cyber trends that is produced by cyber insurer
Beazley - and the shift to home working
has only heightened the risk of cyber breach
via remote desktop protocol and phishing
attacks, it states.
Beazley's in-house team of breach experts,
Beazley Breach Response (BBR) Services,
reported the number of ransomware attack
notifications against clients increased by
131%, compared to 2018. Along with this
growth in frequency, the sums of money
demanded by cybercriminals also increased
exponentially, sometimes reaching seven or
even eight figures.
Cybercriminals' methods of attack continue
to evolve, too. The two most common forms
of attack to deploy ransomware are phishing
emails and breaching poorly secured remote
desktop protocol (RDP). RDP enables
employees to access their work computer
desktops or company's primary server from
home with the press of a button, but the
convenience also comes with added risks.
MORE SUSCEPTIBLE
"With the convenience of enabling employees
to work from home, using RDP can
make IT systems more susceptible to attack
without the right security measures in place,"
states Katherine Keefe, Beazley's global head
of BBR Services. "The coronavirus has forced
many more employees to work from home
and, in this pressured environment, it is very
important that companies take the right steps
to reduce the vulnerability of their IT infrastructure.
Always ensure employees can
access their computer using a virtual private
network with multifactor authentication. It is
important to whitelist IP addresses that are
allowed to connect via RDP, and make sure
that unique credentials for remote access are
in place - particularly for third parties."
In 2019 and into 2020, BBR Services
recorded an increase in reported attacks
by policyholders whose systems were
breached via cyber-attacks against their IT
managed service providers. In some cases,
these attacks stopped the operations of
hundreds of customers downstream from
the IT provider.
Keefe adds: "BBR Services handles thousands
of breaches every year and our data
demonstrates how ransomware has developed
into a more serious and complex
threat over the past four years. Early on,
ransomware was typically used to encrypt
data as leverage for a ransom demand.
However, more recently, attackers have been
using ransomware variants in tandem with
banking Trojans such as Trickbot and
Emotet. This two-pronged attack leaves
organisations not only with the debilitating
impact of its critical systems and data being
encrypted, but with the added risk of data
being accessed or stolen.
"Although these attacks can be damaging
and complex, some of the most effective
preventative measures are relatively simple.
More than ever, organisations need to
ensure their IT security measures are a top
priority and up to date, that they have
access to authoritative, experienced risk
management advice and, importantly, that
employees are trained and alert to the
potential threats."
32 NETWORKcomputing MAY/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
SECURITYUPDATE
ATTACK, ATTACK
The latest Breach Briefing provides detailed
information on the most common forms of
attack, including the two most common
forms of attack used to deploy ransomware:
phishing emails and poorly secured remote
desktop protocol (RDP).
Turning first to phishing, Beazley cites
how direct email of malware and links to
credential-stealing sites lead to a large
number of incidents. "There are a lot of protections
available, in the forms of email filters
and added layers of authentication,"
it says. "However, few of these solutions are
broadly implemented. People have access
to the information and technology that the
attackers want, and attackers will continue
to find new ways to reach people and
exploit them. It would be incorrect to view
phishing as the vulnerability; phishing just
happens to be the most effective way of getting
to the real vulnerability - people."
Exactly how do you mitigate phishing risk,
though? Beazley suggests the following:
Enable multi-factor authentication (MFA)
Force regularly scheduled password
resets, preventing recycled passwords
Train employees to recognise and report
suspicious email traffic.
Turning next to remote desktop protocol
(RDP), Beazley describes this as "a very powerful
tool that provides a lot of convenience
to its users. It is also extremely easy to
enable. If the computer you want to access
is on the public internet, you gain immediate
access to your work computer from
home or your company's primary file server
while you are on vacation with the press of
a button."
However, problems arise from these basic
facts: RDP runs on a standard port
(tcp/3389) and is easily identified while
scanning; companies have very poor password
policies, giving a brute force attack a
high probability of success; more than 20
vulnerabilities have been identified within
RDP, many of which allow unauthenticated
access to the target computer; companies
tend to have very poor patching policies.
"So, not only is it easy to turn on, it is also
very easy to discover and break into." Ways
of mitigating RDP risk it recommends
include requiring access via a virtual private
network (VPN) with MFA; whitelist IP
addresses that are allowed to connect via
RDP; and unique credentials for remote
access, especially for vendors.
RANSOMWARE
Ransomware can be devastating to an individual
or an organisation. Traditionally,
these attacks were designed to deny access
and interrupt business operations. However,
the recent shift towards ransomware paired
with banking trojans, and towards threats
to expose data, changes the landscape.
"Anyone with important data stored on their
computer or network is a target - from
municipalities or hospitals through to law
firms," warns Beazley. "Important data at risk
was traditionally thought to be personally
identifiable information (PII) and protected
health information (PHI), but it could also
include intellectual property, litigation strategies,
unpublished financials, and project
bids. It is a myth that attackers are not interested
in small companies. As our data
shows, small and medium-sized business
are often easier to exploit and therefore
very attractive targets."
VENDORS SINGLED OUT
Many organisations rely on vendors to perform
multiple services, which can help
reduce overall costs and administrative burdens.
But when you no longer control
all of your data or when you provide third
parties direct access to your systems, it
inevitably increases your exposure to data
privacy and security risks. "Third-party vendors
were aggressively targeted by cybercriminals
deploying ransomware in 2019,
and at least 17% of all ransomware incidents
reported to Beazley originated from
attacks on vendors," says the cyber insurer.
Katherine Keefe, Beazley: using a virtual
private network with multifactor authentication
is crucial.
"These attacks caused business interruption
to many downstream customers, ranging
from the inability to access data housed in a
software application, to a full-blown attack
on the customer systems as well."
Why are vendors targeted? Cybercriminals
have come to realise that interrupting the
dependent and deeply interconnected relationship
between vendor and customer creates
the most pressure. Hitting a single vendor
can cause catastrophic interruptions for
hundreds of companies, making it more
likely for the vendor to pay. NC
To read the Beazley Breach Briefing in full,
follow the link below :
https://www.beazley.com/news/2020/beazley_breach_briefing_2020.html
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2020 NETWORKcomputing 33
SECURITYUPDATE
MALWARE MENACE
A PRIVACY-FIRST BROWSER
COMBINING A BUILT-IN VPN
WITH COMPLETE ENCRYPTION
AIMS TO GIVE USERS
A FAST, SECURE AND PRIVATE
EXPERIENCE ON MOBILE
In early March, Avast Threat Lab researchers
found that the increasing use of mobile
devices around the globe is fuelling the
growth of mobile-related malware. To date,
131 COVID-19 related apps have been
detected as malicious through Avast's
apklab.io platform, as cybercriminals look to
exploit the pandemic using social engineering
tactics.
According to statistics gathered by the Avast
researchers between October and December
2019, adware (software that hijacks user
devices to spam them with malicious ads) is
responsible for 72% of mobile malware, with
the remaining 28% of threats linked to banking
trojans, fake apps, lockers and downloaders.
Now Avast has released an Android version
of Avast Secure Browser, extending its platform
support beyond Windows and Mac on desktop
to mobile. The introduction of a multi-platform
browser is part of Avast's ongoing focus to
converge security and privacy services to
"enable a safer, more private and faster
browsing experience across devices and
operating systems", says the company.
Avast Secure Browser for Android was
developed following Avast's 2019 acquisition
of Tenta, a private browser backed by
Blockchain pioneer ConsenSys and has been
built from the ground up by privacy and
cybersecurity engineers focused on total
encryption. At its core is strong encryption,
including AES-256, ChaCha 256-bit and the
latest TLS/SSL cryptographic protocols for the
data transport layer. To ensure that user DNS
requests are kept private and secure, the
browser supports multiple DNS options straight
out of the box, such as DNS over TLS,
DNSSEC and decentralised DNS support.
"Avast's core mission is to make the world a
safer place by protecting the security and
privacy of every customer, says Scott Curtiss,
vice president and general manager of Avast
Secure Browser. "Our commitment to being a
privacy-by-design technology provider was
behind our acquisition of leading private
mobile browser Tenta, whose technology has
contributed to the development of our new
Avast Secure Browser for Android. We know
that our customers care deeply about security
and privacy, and want to be in control of their
own personal data without compromising the
quality of their online interactions. Our goal is
to be the first all-in-one browser to secure our
users' privacy, along with a frictionless secure
browsing experience. Adding support for
mobile is another milestone in our journey
towards this long-term goal."
Additional built-in security and privacy
features available with Avast Secure Browser
for Android include:
A VPN that encrypts all inbound and
outbound connections to the VPN location
An ephemeral user PIN code for device
access that is never stored on any server
nor on the device itself
Anti-tracking technologies used to prevent
websites, advertisers and other web
services from tracking online activity
Adblock integration to improve website
load time
An encrypted media vault.
Adds Curtiss: "There is still a perception
among many consumers that on mobile,
internet and browser-based threats do not
exist. This is not the case. Mobile is a lucrative
platform for cybercriminals because of its
majority market share versus desktop and
higher levels of internet traffic. In the past 12
months, we've seen adware rise by 38% on
Android."
Scott Curtiss: still a perception that on
mobile, internet and browser-based
threats do not exist.
34 NETWORKcomputing APRIL/JUNE 2020 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK
Change language