Jan-Feb-Mar 2021
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
NETWORKcomputing<br />
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk<br />
A BREACH TOO FAR?<br />
Counting the cost of a financial data breach<br />
5G MIGRATION<br />
Preparing your IP network<br />
infrastructure for the 5G era<br />
THE IT FACTOR<br />
What traits should you<br />
look for in an IT vendor?<br />
DATA LOCKDOWN<br />
Leveraging data insights for<br />
digital transformation<br />
JANUARY/FEBRUARY <strong>2021</strong> VOL 30 NO 01
The Global Leader in Technical Education<br />
for the Digital Infrastructure Industry<br />
Mountain<br />
Daylight /<br />
Standard<br />
Time<br />
Eastern<br />
Daylight /<br />
Standard<br />
Time<br />
Pacific<br />
Daylight /<br />
Standard<br />
Time<br />
Professional Network Infrastructure and Data<br />
Centre Technical Education Across the World<br />
Keeping Education Accessible<br />
Reaching the world with live and fully<br />
interactive classroom learning remotely.<br />
Providing complete flexibility with<br />
distance learning programs.<br />
Supporting the Industry<br />
every way we can.<br />
Central<br />
Daylight /<br />
Standard<br />
Time<br />
British<br />
Summer<br />
Time<br />
Gulf<br />
Standard<br />
Time<br />
Indian<br />
Standard<br />
Time<br />
Greenwich<br />
Mean Time<br />
Singapore<br />
Standard<br />
Time<br />
Australian<br />
Eastern<br />
Daylight /<br />
Standard<br />
Time<br />
South<br />
African<br />
Standard<br />
Time<br />
CNet Training has been designing and delivering technical education since 1996 and is the originator of the<br />
highly acclaimed Global Digital Infrastructure Education Framework, comprising technical education<br />
programs throughout the data center and network infrastructure sectors. Today CNet delivers programs in many<br />
ways to support learners across the world. CNet’s live and fully interactive remote classroom learning is popular<br />
and distance learning programs provide completely flexible learning. CNet remains the only industry dedicated<br />
technical education provider in the world to award both industry recognised qualifications and official<br />
certifications.<br />
Advancing Data<br />
Center Professionals<br />
CORPORATE<br />
PARTNER<br />
info@cnet-training.com +44 (0)1284 767100 cnet-training.com
COMMENT<br />
COMMENT<br />
A DATA DAY TO REMEMBER<br />
At the time of writing it's the 15th Data Privacy Day, and with so many of us now<br />
working from home during the pandemic it's never been more timely. As Simon<br />
<strong>Mar</strong>chand, Chief Fraud Prevention Officer at Nuance obseves, "The sad truth is that<br />
fraudsters don't stop their crimes because of a pandemic. In fact, they often seize the<br />
immense change that comes with an event like this (Covid-19) to ramp up their activity -<br />
targeting individuals and businesses whilst they are at their most vulnerable and least protected<br />
in order to manipulate their data and steal their personal information."<br />
For Simon the answer is to layer biometrics into your data protection strategy: "With voice<br />
biometrics able to leverage more than 1000 unique speech characteristics - from pronunciation<br />
to the size and shape of your nasal passage - and behavioural biometrics measuring<br />
minute details, such as how a person holds their phone or even how they pause once they<br />
finish a task, systems that incorporate them are considerably less susceptible to hacking."<br />
Peter Lefkowitz, chief privacy and digital risk officer at Citrix, believes that the shift to<br />
working from home requires a major re-evaluation of our data policies: "Most enterprise<br />
policies are designed to protect data and apply physical and technical safeguards within<br />
the enterprise, not the minimum-security environment of workers' homes. To address this,<br />
organisations must evolve their capabilities beyond the current model of controlling sensitive<br />
data distribution, which is heavily dependent on access rights, workers' actions (or inactions),<br />
and flagging compliance-impacting events after they've happened. And with IoT and<br />
analytics expanding our concept of sensitive data - by type, volume, depth and meaning -<br />
the need for a more encompassing approach is more urgent than ever."<br />
To this end we have several articles this issue that take a closer look at how we can make<br />
the most of our data, while protecting it from a costly security breach. First, Peter Ruffley,<br />
CEO at Zizo, explains the importance of data to a successful digital transformation strategy,<br />
and why it will require change on a personnel, cultural and technological level. Then<br />
we have Andrea Babbs, UK General Manager at VIPRE, detailing how organisations in the<br />
financial sector can safeguard both their data and reputation by adopting a layered cybersecurity<br />
strategy.<br />
As we continue to 'WFH' during lockdown this year's Data Privacy Day is a reminder that<br />
our data obligations now reach well beyond the confines of the office. NC<br />
REVIEWS:<br />
Dave Mitchell<br />
DEPUTY EDITOR: <strong>Mar</strong>k Lyward<br />
(netcomputing@btc.co.uk)<br />
PRODUCTION: Abby Penn<br />
(abby.penn@btc.co.uk)<br />
DESIGN: Ian Collis<br />
(ian.collis@btc.co.uk<br />
SALES:<br />
David Bonner<br />
(david.bonner@btc.co.uk)<br />
Julie Cornish<br />
(julie.cornish@btc.co.uk)<br />
SUBSCRIPTIONS: Christina Willis<br />
(christina.willis@btc.co.uk)<br />
PUBLISHER: John Jageurs<br />
(john.jageurs@btc.co.uk)<br />
Published by Barrow & Thompkins<br />
Connexion Ltd (BTC)<br />
35 Station Square,<br />
Petts Wood, Kent, BR5 1LZ<br />
Tel: +44 (0)1689 616 000<br />
Fax: +44 (0)1689 82 66 22<br />
SUBSCRIPTIONS:<br />
UK £35/year, £60/two years,<br />
£80/three years;<br />
Europe:<br />
£48/year, £85/two years £127/three years;<br />
ROW:<br />
£62/year, £115/two years, £168/three years;<br />
Subscribers get SPECIAL OFFERS — see subscriptions<br />
advertisement; Single copies of<br />
Network Computing can be bought for £8;<br />
(including postage & packing).<br />
© <strong>2021</strong> Barrow & Thompkins<br />
Connexion Ltd.<br />
All rights reserved.<br />
No part of the magazine may be<br />
reproduced without prior consent, in<br />
writing, from the publisher.<br />
GET FUTURE COPIES FREE<br />
BY REGISTERING ONLINE AT<br />
WWW.NETWORKCOMPUTING.CO.UK/REGISTER<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 03
CONTENTS<br />
CONTENTS<br />
J A N U A R Y / F E B R U A R Y 2 0 2 1<br />
OBJECT STORAGE TO TAPE...8<br />
How does Fujifilm's Software-defined Tape<br />
meet archiving requirements whilst adapting<br />
to the specific features of object storage?<br />
COMMENT.....................................3<br />
A data day to remember<br />
INDUSTRY NEWS.............................6<br />
The latest networking news<br />
ARTICLES<br />
A BREACH TOO FAR?......................10<br />
By Andrea Babbs at VIPRE<br />
A CONSUMER-GRADE SECURITY<br />
EXPERIENCE.........................................12<br />
By Fiona Boyd at Fujitsu<br />
ZERO TRUST....................................14<br />
By Ved Zen at TCS<br />
A BREACH TOO FAR?..........10<br />
How can financial services organisations keep<br />
their confidential information secure to<br />
safeguard their data and reputation? Andrea<br />
Babbs, UK General Manager, VIPRE, explains<br />
THE IT FACTOR....................20<br />
Vikki Durden, Head of Operations at UK IT<br />
Service, discusses the traits businesses should<br />
search for in a potential I.T. vendor - and the<br />
ones they should seek to avoid<br />
FROM DATA LOCKDOWN TO<br />
DIGITAL TRANSFORMATION...16<br />
Businesses need insight, not just data, when<br />
it comes to digital transformation, according<br />
to Peter Ruffley at Zizo<br />
THE WINNERS HAVE<br />
(VIRTUALLY) ARRIVED!............27<br />
Find out more about the winners of the<br />
2020 Network Computing Awards, which<br />
were held online due to the ongoing<br />
Covid-19 pandemic<br />
FROM DATA LOCKDOWN TO<br />
DIGITAL TRANSFORMATION...........16<br />
By Peter Ruffley at Zizo<br />
PREPARING NETWORK INFRASTRUCTURE<br />
FOR THE 5G ERA.................................18<br />
By Vincentas Grinius at IPXO<br />
HOW APIS ARE SHAPING THE NEW<br />
WORKPLACE...................................19<br />
By James Hirst at Tyk<br />
THE IT FACTOR...............................20<br />
By Vikki Durden at UK IT Service<br />
A FORWARD-LOOKING GUIDE TO<br />
BUYING IT EQUIPMENT FOR SMES...22<br />
By Simon Michie at Pulsant<br />
RANSOMWARE: NEW YEAR,<br />
NEW THREATS................................24<br />
By Veniamin Simonov at NAKIVO<br />
CASE STUDY<br />
A BRIGHTER OUTLOOK...................26<br />
The Brightstar Group turned to Babble to<br />
futureproof its telephony platform and<br />
ensure ongoing business resilience<br />
PRODUCT REVIEW<br />
SOLARWINDS DATABASE<br />
PERFORMANCE ANALYZER.................13<br />
04 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
INDUSTRYNEWS<br />
NEWSNEWS<br />
NEWS NEWS<br />
NEWS NEWS NEWS NEWS<br />
NEWS NEWS<br />
BT and University of Warwick enter 5G collaboration<br />
University of Warwick and Warwickshire County Council are<br />
collaborating to bring 5G innovation and co-development<br />
to the University campus and the wider region, stimulating<br />
regional economic growth and post Covid-19 recovery. This<br />
innovation alliance has enabled BT to switch on the UK's first<br />
dedicated public 5G network for a connected campus,<br />
bringing ultrafast 5G mobile coverage to University students,<br />
staff and visitors across the 720-acre site and to people in<br />
surrounding areas through its EE mobile network.<br />
The installation of a public 5G cell site on University of<br />
Warwick's main campus will mark the university as an early<br />
adopter of 5G technology and a testbed for research, industry<br />
and consumer 5G use case development. As a leading<br />
research University with over 30,000 students and staff, EE's<br />
public 5G network will further enhance Warwick's research and<br />
student learning and experience whilst also bringing 5G's<br />
faster speeds, reliability and response times to people in<br />
neighbouring areas.<br />
Working From Home IT support launched<br />
London IT support provider Totality Services has launched<br />
WFH IT Support to service the millions of workers affected by<br />
the latest lockdown regulations. The new offering has been<br />
launched with the aim of offering teams of all sizes the level of<br />
IT security and support previously reserved for large officebased<br />
operations, servicing the needs of the nation's work from<br />
home employees.<br />
WFH IT Support offers a full IT support package to businesses<br />
with displaced workers working remotely or from home on a<br />
rolling monthly contract starting at £14.99 per machine, per<br />
month. The new offering works in partnership with Mimecast,<br />
and businesses signed up to WFH IT Support will also have<br />
access to 100% secure hard disk encryption, which works<br />
alongside DNS protection to fend off 'man in the middle' attacks.<br />
Boosting productivity during the pandemic<br />
UK firms are investing in digital infrastructure to boost their<br />
productivity during the Covid-19 pandemic, according to<br />
research from Brother UK. The findings, taken from interviews<br />
with 500 IT decision makers, show that more than eight in ten<br />
(84%) companies have ramped-up efforts to boost productivity<br />
since <strong>Mar</strong>ch, with more than half saying it is now vital to deliver<br />
cost savings (59%) and higher profits (54%) for their businesses.<br />
Respondents said that legacy working practices (35%), such as<br />
excessive meetings, and poor IT infrastructure (33%) are the<br />
biggest barriers businesses face. Modern hardware, such as<br />
printers and tablets, (98%), collaboration software, such as<br />
project management platforms and video conferencing, (98%),<br />
and remote working tools, such as cloud-based technologies,<br />
(96%), top IT decision makers' lists for technology that will<br />
deliver the greatest productivity gains. Brother says that an<br />
average business of 250 employees could stand to save nearly<br />
52,000 hours of workers' time a year - worth an estimated<br />
£776,000 - just by implementing simple, cost effective updates<br />
across their IT operations.<br />
Five UK tech and network providers head to North<br />
Five pioneering UK technology, networking and safety & security<br />
providers have come together to form a new company with<br />
ambitious growth plans, having secured a £30m plus forward<br />
order book since the Covid-19 emergency began. Glasgowbased<br />
Boston Networks, Wales-based Pinacl and Pinacl GDA,<br />
North Shields and Birmingham-based 2020 Vision Systems and<br />
London-based PEL Services have united to rebrand as North. The<br />
five companies had been brought together via a series of<br />
acquisitions and mergers, as part of the specialist investment fund<br />
Aliter Capital's strategy to build a modern and progressive network<br />
infrastructure, smart buildings, IoT and safety and security<br />
business, delivering innovative and specialist services to its clients.<br />
1 in 4 pen tests reveal critical IT weaknesses<br />
Penetration test data from 2020 has revealed that critical flaws<br />
found in business infrastructure and applications have<br />
increased since the previous year (where it was 1 in 5), with underinvestment<br />
in cyber defences and lack of security culture cited as<br />
the main causes. This is according to the <strong>2021</strong> Cyber Security<br />
Industry Report <strong>2021</strong> from Bulletproof. The report reveals that<br />
attackers continue to take advantage of the current global crisis by<br />
targeting organisations with poor security, using tried and tested<br />
techniques well understood by the security industry.<br />
06 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
INDUSTRYNEWS<br />
By analysing data from penetration tests and proactive monitoring,<br />
as well as compliance insights and research, Bulletproof identified<br />
that intelligence is often not good enough and provides a false<br />
sense of security. Remote workers are at a higher risk of falling<br />
victim to phishing campaigns as attackers have increased their use<br />
of this tactic and been successful. Key findings include:<br />
• Out of 9,000 IP addresses identified as belonging to bad actors<br />
hitting the honeypot, only 158 (1.7%) were in the top commercial<br />
and open-source threat intelligence feeds<br />
• Critical flaws found during penetration tests has increased since<br />
last year, suggesting security is still uninvested and/or misunderstood<br />
• Bulletproof's penetration testing activities uncovered an<br />
increasing trend of homogenisation in underlying web<br />
technologies, presenting often overlooked risks to businesses<br />
• 33% of companies have out of date systems, validated by the<br />
penetration test statistics which show 32% of companies are<br />
vulnerable due to out of date components<br />
• 23% of companies are failing audits due to endpoint malware<br />
protection tests, raising concerns for businesses with remote workers<br />
Connexin to launch UK's first IoT network nationwide<br />
Connexin has announced that it will expand its IoT network<br />
nationwide, providing carrier-grade roaming long range<br />
wide area networks (LoRaWAN) connectivity and infrastructure to<br />
customers all over the UK for the first time. The new national low<br />
cost wide-area network rollout lead by Connexin is a strategic<br />
investment aimed at supporting the increasing demand for smart<br />
networks throughout the UK. The universal connectivity will lower<br />
the barriers to entry and better enable every type of organisation<br />
across the UK to adopt IoT solutions to provide further insights<br />
that will address future challenges, promote a better quality of<br />
life and create environmental improvements for all.<br />
"With a low cost wide-area networking solution becoming<br />
available to all organisations across the UK, it opens up<br />
opportunities for those looking to deploy IoT solutions for a<br />
fraction of the cost of existing cellular infrastructure solutions,"<br />
said Furqan Alamgir, Founder & CEO of Connexin. "Not only<br />
does this promote the development of new IoT-based technology<br />
but it allows existing solutions to be rolled-out nationwide to<br />
encourage further adoption and will allow more people to utilise<br />
and benefit from affordable, carrier-grade IoT connectivity."<br />
KnowBe4 launches new PhishER Security Roles<br />
KnowBe4 has launched a new email security feature,<br />
PhishER Security Roles, making the company PhishER email<br />
quarantine security measures more efficient. It allows<br />
cybersecurity professionals to assign custom permissions for<br />
the exact incident response roles and responsibilities that they<br />
need in their organisations. Therefore, each member of the<br />
security team handles an email analysis component that best<br />
suits their skillset.<br />
"With phishing attacks continuing to escalate, sophisticated<br />
features for defence tools like PhishER are needed to combat<br />
these ever-present threats," said Stu Sjouwerman, CEO,<br />
KnowBe4. "Having a way to determine specific roles across<br />
security teams will strengthen defences and help each person<br />
better manage their workload as it continues to grow."<br />
New Netgear multi-gig switches are ready for WiFi 6<br />
Netgear has announced the availability of the MS510TXM<br />
and MS510TXUP multi-gig switches. These innovative<br />
switches support speeds up to 10G and have optional cloud<br />
management. The MS510TXUP Ultra60 PoE++ model<br />
additionally supports up to 60 Watts of PoE power on each port.<br />
The new multi-gig offerings can connect devices at a multitude<br />
of speeds for sustained end-to-end performance. Each port on<br />
the MS510TXM or MS510TXUP can auto-negotiate to speeds<br />
of 100Mb, 1G, 2.5G, 5G or 10G, thus enabling WiFi access<br />
points, network attached storage systems, servers, and IoT<br />
devices to be connected at the most optimal speed.<br />
The MS510TXM and MS510TXUP are suited for businesses<br />
wanting to improve their WiFi performance with a network of<br />
WiFi 6 Access Points (such as NETGEAR’s newly announced<br />
WAX610 or WAX218, both of which support communication<br />
speeds of 2.5G). With these new switches, speeds of up to<br />
5G can be achieved with CAT 5E, thus protecting a<br />
business’s investment in cable infrastructure. The MS510TXM<br />
is available now priced at £429.99, with the MS510TXUP<br />
priced at £579.99<br />
NEWS NEWSNEWS<br />
NEWS<br />
NEWS NEWS NEWS NEWS NEWS<br />
NEWS<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 07
FEATURE<br />
OBJECT STORAGE TO TAPE<br />
THE DIGITAL DATA EXPLOSION, INCREASING REGULATIONS FOR THE LONG-TERM RETENTION OF DATA<br />
AND THE RISK OF CYBER-ATTACKS: HOW DOES FUJIFILM'S SOFTWARE-DEFINED TAPE MEET ARCHIVING<br />
REQUIREMENTS WHILST ADAPTING TO THE SPECIFIC FEATURES OF OBJECT STORAGE?<br />
be grouped within archival folders or in tartype<br />
containers, for example.<br />
Tape drives have special tools designed to<br />
mitigate this phenomenon such as the<br />
buffer, which is effective for files over<br />
500MB and IBM's Skip Sync system for files<br />
between 200MB and 500MB. Nevertheless,<br />
writing a large number of very small files will<br />
slow down backup operations. This can<br />
result in a drop in operating speed below<br />
10-15MB/s on an LTO drive and even<br />
below 5MB/s on disk.<br />
Fujifilm has launched an archiving<br />
software specially designed for writing<br />
objects on tape: Software-defined<br />
Tape. It operates as an S3 gateway between<br />
an object storage solution and a tape<br />
system. With its record writing speed and<br />
high flexibility, the software is compatible<br />
with a wide range of capacities. It can carry<br />
up to several hundred PBs and achieves an<br />
operational transfer rate of 205MB/s for<br />
10MB files, which is 10 times faster than<br />
regular tape systems and 20 times faster<br />
than hard drives.<br />
This software allows the user to install their<br />
own private Glacier-type cloud on-premise,<br />
while strengthening the level of data security<br />
and optimising storage costs.<br />
THE HOLY GRAIL OF DATA STORAGE<br />
Fujifilm continuously explores new fields to<br />
make tape more efficient and user friendly.<br />
Whilst addressing the question of object<br />
storage, they solved the fundamental<br />
question facing all storage technologies:<br />
write speed. When backing up a large<br />
number of small files, the write speed can<br />
be affected and system downtime can also<br />
occur. This is exacerbated as the file sizes<br />
decrease.<br />
The linear structure of object storage<br />
makes this even more significant because<br />
each object is saved individually. As a result,<br />
the deterioration of speed can be more<br />
severe. This is contrary to a traditional file<br />
system, which by its structure allows files to<br />
In order to solve the problem of write<br />
speed, the principle of Software-defined<br />
Tape is to prevent the accumulation of write<br />
stops between small files. The software<br />
groups the objects into packs before storing<br />
them on tape. It generates a "single 1GB to<br />
10GB file" which is written to tape in one<br />
stroke. The OTFormat, the new tape writing<br />
technology developed by Fujifilm, makes it<br />
possible to write these packed objects to<br />
tape and significantly reduces the number of<br />
write stops. Software-defined Tape succeeds<br />
in maintaining a spectacular 205MB/s<br />
transfer rate for the back-up of 10MB files.<br />
FUJIFILM CHOSE THE POPULAR AND<br />
EASY-TO-USE S3 INTERFACE<br />
In order to facilitate the communication<br />
between tape systems and the largest<br />
number of object storage solutions,<br />
Software-defined Tape uses the native S3<br />
and S3 Glacier protocols. The S3<br />
protocol, already widely adopted by object<br />
storage solutions, has become the<br />
standard for the transmission of objects. It<br />
is a free and open data transfer protocol.<br />
Furthermore, the publication of its APIs<br />
makes it easy to program. In this way, the<br />
popularity of Amazon's cloud services and<br />
08 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
FEATURE<br />
TS1160 3592 drives and with LTO9 later in<br />
the same year.<br />
When it comes to hardware brands,<br />
Fujifilm software is agnostic and works with<br />
most of the libraries available on the<br />
market, from the 280 slot IBM TS4300<br />
library to several IBM TS4500 libraries each<br />
operating up to 23,700 LTO slots. This also<br />
gives users the freedom to choose their<br />
servers provided they match the necessary<br />
performance requirements.<br />
the availability of the S3 APIs motivate the<br />
software manufacturers and the users to<br />
implement them within their solutions and<br />
infrastructures. The S3 Glacier protocol<br />
allows the users to seamlessly restore their<br />
objects from tape to their object based<br />
disk storage.<br />
INCREASED SECURITY FOR DATA<br />
AND METADATA<br />
Losing metadata can seriously affect<br />
access to data. As a result, Fujifilm has<br />
chosen to focus on metadata protection<br />
alongside all the specific features of object<br />
storage. Metadata is used as search<br />
criteria to find the objects that need to be<br />
restored. Without metadata, it is difficult<br />
and sometimes even impossible to know<br />
which object corresponds to which data. In<br />
such cases, accessing data can be very<br />
problematic.<br />
In addition to the copy of metadata kept<br />
on the server, Software-defined Tape<br />
systematically and automatically commands<br />
the writing of four copies of metadata on the<br />
same tape as the data. The metadata<br />
benefits, as does the data, from all the<br />
advantages of tape in aspects of security:<br />
protection against viruses and hackers, a<br />
data integrity 10,000 times higher than that<br />
of hard disk, an archive life of over 30 years<br />
and seven times longer than on hard disk,<br />
which is weakened by its many mechanical<br />
parts. These are just a few of the advantages<br />
of tape over other storage technologies.<br />
For the users' peace of mind, Softwaredefined<br />
Tape adapts to all capacities up to<br />
several hundred Petabytes The Softwaredefined<br />
Tape system scalability and the<br />
software subscription scheme flexibility<br />
contribute to Fujifilm's quest for simplicity. It<br />
supports up to 128 billion objects, 64<br />
servers and 256 tape drives. Softwaredefined<br />
Tape is compatible with LTO7 and<br />
LTO8 drives. In early <strong>2021</strong> it will be<br />
compatible with the IBM TS1155 and<br />
The software subscription scheme is based<br />
on both the archiving capacity and the<br />
length of the contract. Its flexibility enables<br />
the user to cover any unexpected data<br />
growth. The software license includes the<br />
number of tapes required to write from one<br />
to three copies according to the user’s own<br />
choice. Software-defined tape automatically<br />
and simultaneously, performs these copies.<br />
For a 10PB subscription over a 5-year<br />
period, two sets of data are included (one<br />
copy), as standard and 1,700 LTO8 tapes,<br />
that is to say 20PB of tapes, will be provided<br />
with the software.<br />
Furthermore, for the user’s convenience,<br />
Fujifilm has added features which enable<br />
them to manage their archives directly from<br />
the object storage application GUI. This<br />
ensures the operational continuity through a<br />
path-failover system.<br />
The philosophy of this archiving software<br />
can be summarised by Fujifilm's strong<br />
desire to make life easier for the users.<br />
Software-defined Tape meets both the<br />
specific challenges raised by object storage<br />
and the companies’ high requirements in<br />
the field of long-term data retention,<br />
especially in matters of data security and<br />
cost optimisation. Indeed, the total cost of<br />
using tape is, on average, 5 times lower<br />
than hard disk, in particular due to its low<br />
ecological footprint. To go a step further we<br />
can say that Fujifilm leveraged its first leap<br />
into archiving software in order to<br />
revolutionise the issue of write speed. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 09
OPINION<br />
ADDING UP THE COSTS OF A FINANCIAL DATA BREACH<br />
HOW CAN FINANCIAL<br />
SERVICES ORGANISATIONS<br />
KEEP THEIR CONFIDENTIAL<br />
INFORMATION SECURE TO<br />
SAFEGUARD THEIR DATA AND<br />
REPUTATION? ANDREA BABBS,<br />
UK GENERAL MANAGER,<br />
VIPRE, EXPLAINS.<br />
Reliance on email as a fundamental<br />
function of business communication<br />
has been in place for some time.<br />
But as remote working has become a key<br />
factor for the majority of business during<br />
2020, it's arguably more important than<br />
ever as a communication tool. The fact<br />
that roughly 206.4 billion emails are sent<br />
and received each day means we're all<br />
very familiar with that dreaded feeling of<br />
sending an email with typos, with the<br />
wrong attachment, or to the wrong<br />
contact. But this can be more than just an<br />
embarrassing mistake - the ramifications<br />
could, in fact, be catastrophic.<br />
In particular, for the financial services<br />
industry that deals with highly sensitive<br />
information including monetary<br />
transactions and financial data, the<br />
consequences of this information falling<br />
into the wrong hands could mean the loss<br />
of significant sums of money. Emails of<br />
this nature are the Holy Grail for cyber<br />
criminals.<br />
HOW MUCH?<br />
According to research from Ponemon<br />
Institute in its Cost of a Data Breach<br />
Report 2020, organisations spend an<br />
average of $3.85 million recovering from<br />
security incidents, with the usual time to<br />
identify and contain a breach being 280<br />
days. Accenture's 2019 Ninth Annual<br />
Cost of Cybercrime report found that<br />
financial services incurred the highest<br />
cybercrime costs of all industries. And<br />
while examples of external threats seem to<br />
make the headlines, such the Capital<br />
One cyber incident, unintentional or<br />
10 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
insider breaches don't always garner as<br />
much attention. Yet they are both as<br />
dangerous as each other. In fact, human<br />
errors (including misdeliveries via email)<br />
are almost twice as likely to result in a<br />
confirmed data disclosure.<br />
Costs will be wide ranging depending on<br />
the scale of each breach, but at a<br />
minimum there will be financial penalties,<br />
costs for audits to understand why the<br />
incident happened and what additional<br />
protocols and solutions need to be<br />
implemented to prevent it from happening<br />
in the future. There could also be huge<br />
costs involved for reimbursing customers<br />
who may have been affected by the<br />
breach in turn.<br />
PRICELESS DAMAGE<br />
The fallout from data breaches goes far<br />
beyond that of financial penalties and<br />
costs. Financial services businesses have<br />
reputations to uphold in order to maintain<br />
a loyal customer base. Those that fail to<br />
protect their customers' sensitive<br />
information will have to manage the<br />
negative press and mistrust from existing<br />
and potential customers that could<br />
seriously impede the organisation as a<br />
whole. Within such a highly competitive<br />
market, it doesn't take much for customers<br />
to take their money elsewhere - customer<br />
service and reputation is everything.<br />
CHECK, PLEASE!<br />
Within the financial services sector, the<br />
stakes are high, so an effective, layered<br />
cybersecurity strategy is essential to<br />
mitigate risk and keep sensitive<br />
information secure. With this, there are<br />
three critical components that must be<br />
considered:<br />
1. Authentication and encryption:<br />
Hackers may try to attack systems<br />
directly or intercept emails via an<br />
insecure transport link. Security<br />
protocols are designed to prevent<br />
most instances of unauthorised<br />
interception, content modification and<br />
email spoofing. Adding a dedicated<br />
email to email encryption service to<br />
your email security arsenal increases<br />
your protection in this area. Encryption<br />
and authentication, however, do not<br />
safeguard you against human errors<br />
and misdeliveries.<br />
2. Policies and training: Security<br />
guidelines and rules regarding the<br />
circulation and storage of sensitive<br />
financial information are essential, as<br />
well as clear steps to follow when a<br />
security incident happens. Employees<br />
must undergo cyber security<br />
awareness training when they join the<br />
organisation and then be enrolled in<br />
an ongoing programme with quarterly<br />
or monthly short, informative sessions.<br />
This training should also incorporate<br />
ongoing phishing simulations, as well<br />
as simulated phishing attacks to<br />
demonstrate to users how these<br />
incidents can appear, and educate<br />
them on how to spot and flag them<br />
accordingly. Moreover, automated<br />
phishing simulations can also provide<br />
key metrics and reports on how users<br />
are improving in their training. This<br />
reinforcement of the security<br />
messaging, working in tandem with<br />
simulated phishing attacks ensures<br />
that everyone is capable of spotting a<br />
phishing scam or knows how to<br />
handle sensitive information as they<br />
are aware and reminded regularly of<br />
the risks involved.<br />
3. Data loss prevention (DLP): DLP<br />
solutions enable the firm to implement<br />
security measures for the detection,<br />
control and prevention of risky email<br />
sending behaviours. Fully technical<br />
solutions such as machine learning<br />
can go so far to prevent breaches, but<br />
it is only the human element that can<br />
truly decipher between what is safe to<br />
send, and what is not. In practice,<br />
machine learning will either stop<br />
everything from being sent - becoming<br />
more of a nuisance than support to<br />
users - or it will stop nothing. Rather<br />
than disabling time saving features<br />
such as autocomplete to prevent<br />
employees from becoming complacent<br />
when it comes to selecting the right<br />
email recipient, DLP solutions do not<br />
impede the working practices of users<br />
but instead give them a critical second<br />
chance to double check.<br />
It is this double check that can be the<br />
critical factor in an organisation's<br />
cybersecurity efforts. Users can be<br />
prompted based on several parameters<br />
that can be specified. For example,<br />
colleagues in different departments<br />
exchanging confidential documents with<br />
each other and external suppliers means<br />
that the TO and CC fields are likely to<br />
have multiple recipients in them. A simple<br />
incorrect email address, or a cleverly<br />
disguised spoofed email cropping up with<br />
emails going back and forth is likely to be<br />
missed without a tool in place to highlight<br />
this to the user, to give them a chance to<br />
double check the accuracy of email<br />
recipients and the contents of attachments.<br />
CONCLUSION<br />
Email remains a risky, yet essential tool for<br />
every business. But with a layered security<br />
strategy in place consisting of training,<br />
authentication tools and DLP solutions,<br />
organisations can minimise the risks<br />
involved and take a proactive approach<br />
to their cyber defences.<br />
Given the nature of the industry,<br />
financial services organisations are a<br />
prime target for cyber criminals. The<br />
temptation of personal information and<br />
financial transactions for hackers is never<br />
going to dwindle, so financial institutions<br />
must prioritise cyber security, regularly<br />
assessing risks, deploying innovative,<br />
human-led solutions and educating<br />
workforces to provide the best defence<br />
possible. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 11
SECURITYUPDATE<br />
A CONSUMER-GRADE SECURITY EXPERIENCE<br />
FIONA BOYD, HEAD OF ENTERPRISE AND CYBER SECURITY AT<br />
FUJITSU, EXPLAINS WHY IT’S TIME TO REIMAGINE SECURITY AND<br />
STOP HOLDING BACK EMPLOYEE PRODUCTIVITY<br />
Cyber threats are continually changing,<br />
and new threats are emerging. One<br />
striking example is the impact brought<br />
on by the COVID-19 pandemic. Many<br />
employees have had to leave the safe confines<br />
of corporate networks and use potentially<br />
insecure home devices and networks to access<br />
corporate systems and data. Cyber hackers<br />
have been able to exploit this trend in many<br />
ways: by sending phishing emails which<br />
promise exclusive information about COVID-<br />
19, using bogus websites to trick users into<br />
typing in usernames, passwords and banking<br />
details for donations and fake relief efforts or<br />
temporary government loans and grants.<br />
Organisations develop policies that prevent<br />
staff from being phished, but the side effect can<br />
sometimes hamper employee productivity.<br />
Moreover, people have to work and that almost<br />
inevitably leads to 'exceptions' in the policy in<br />
the way of shadow IT, including personal<br />
devices without updated anti-virus software, or<br />
unchecked USB sticks with the potential to infect<br />
entire corporate infrastructures. But when it<br />
comes to things like data protection and<br />
privacy and tasks like data replication and<br />
backup, not applying the corporate rules can<br />
lead to a host of complications - some of them<br />
very severe indeed.<br />
A BETTER WAY?<br />
There has to be a better way. We need to create<br />
a consumer-grade experience with a corporate<br />
security wrapper around it. These are almost<br />
diametrically opposite needs, with a tension<br />
that's complicated to resolve. It is a challenge to<br />
create a better user experience while deploying<br />
security measures for organisations working<br />
across various countries and partner<br />
organisations. And simple economics dictates<br />
that any new system will be in place for quite<br />
some time - meaning that it will become<br />
outdated against the latest consumer tech<br />
quicker than it can be kept up-to-date.<br />
Where we are today is no longer fit for<br />
purpose. IT departments create long policy<br />
documents and force employees to review<br />
them annually, but the dos and don'ts must<br />
translate into something more dynamic. What<br />
this points to is that the people aspect of<br />
security is often more complicated than the<br />
technical. And ironically, new technologies<br />
could make things even more frustrating for<br />
users. What's needed is a change in security<br />
culture that treats users more like consumers, so<br />
we move away from the once-a-year security<br />
training event to something more interesting,<br />
enticing and lasting.<br />
Getting there will require business and security<br />
teams working together, understanding and<br />
agreeing what risks are unavoidable (and<br />
planning appropriate security measures) and<br />
those where the risk outweighs any likely<br />
potential reward. Security has to speak the<br />
language of business.<br />
THE SECURITY CONTEXT<br />
As a starting point, cyber security needs to have<br />
a better handle on users. Today, access rights<br />
are generated service by service or system by<br />
system. This approach is too crude and too<br />
complicated. There are fewer face-to-face<br />
meetings now, but the need for executives to<br />
access corporate systems remotely remains.<br />
Blanket bans are unworkable and unnecessary.<br />
Security is now moving towards personabased<br />
rules, mapping reasonable behaviour for<br />
that person, and applying it dynamically. This is<br />
already in place in many organisations - at<br />
least in a rudimentary way. What's likely to be<br />
missing is context-sensitive role profiles,<br />
dynamically created for different types of users<br />
accessing data outside core working hours.<br />
New 'digital experience' roles assist the shift in<br />
enterprise IT, modelled on the consumer<br />
environment, where services and products have<br />
experience 'champions' to ensure what is<br />
delivered is actually what the user wants and<br />
needs. For the enterprise user, this isn't just<br />
about making it look good: the task is to<br />
protect value streams delivered by how people<br />
work and to add value by mapping end-to-end<br />
workflows. The way forward is for cyber security<br />
and the enterprise experience owners to build<br />
in the right security as part of the design.<br />
TOWARDS A NEW SECURITY CULTURE<br />
The new way: emulate the launch of a<br />
consumer product. Look at the total experience<br />
for the 'customer' and design-in security as part<br />
of the overall value workflow. If we have the<br />
digital experience owner, we have a starting<br />
point to add value to the people who generate<br />
value. But users have a role too. Security teams<br />
can work as hard as possible to make<br />
everything 'secure by design'. Still, unless users<br />
take responsibility for doing their part, no<br />
amount of smart technology will keep an<br />
organisation entirely safe. When reimaging<br />
how every employee can contribute to an<br />
organisations' security posture and building a<br />
culture that fully integrates intuitive security,<br />
everyone plays a crucial role. NC<br />
12 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCTREVIEW<br />
SolarWinds Database<br />
Performance<br />
Analyzer<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
Databases are so critical to business<br />
operations that it's essential their health,<br />
availability and performance are<br />
assured. Problems with databases and their host<br />
systems are notoriously difficult to identify and<br />
diagnose and can easily manifest themselves<br />
when it's too late to stop them impacting on<br />
customer services.<br />
To ensure smooth database operations,<br />
businesses need a proactive monitoring solution<br />
and the SolarWinds Database Performance<br />
Analyzer (DPA) provides a wealth of features.<br />
Supporting all main cloud, on-premises and<br />
virtualised database platforms, DPA offers deep<br />
insights into performance and resource usage,<br />
identifies anomalies and their root causes and<br />
provides sage advice on remedial actions.<br />
We found DPA easy to deploy and had it<br />
running on a Windows Server 2019 host in<br />
under 30 minutes. It provides a handy web<br />
browser wizard that helps create a performance<br />
data repository, and offers facilities to register<br />
individual database instances or multiple ones<br />
at the same time.<br />
A key feature of DPA is its agentless<br />
monitoring while larger organisations will<br />
approve of its support for SQL Server<br />
availability groups (AGs) plus Oracle's<br />
multitenant container databases (CDBs). At its<br />
foundation, DPA uses the proven Response<br />
Time Analysis method to measure the wait time<br />
between query requests and responses.<br />
DPA gets right down to business as its home<br />
page presents an informative top-level<br />
dashboard with a graph identifying instances<br />
with the highest wait times and another that can<br />
show wait times trending upwards or<br />
downwards. A summary below uses colourcoded<br />
blocks to denote partially healthy or<br />
unhealthy AGs, instances with excessive wait<br />
times and host system hardware metrics that are<br />
in warning or critical states.<br />
Selecting a database instance from the list<br />
below transports you to a dedicated web page<br />
with coloured bar graphs showing wait time<br />
trends for individual SQL statements over<br />
custom time periods. You can drill down deeper<br />
into the day's activities to see detected<br />
anomalies and DPA provides full search<br />
facilities for quickly locating any SQL statement.<br />
DPA's advisors use proprietary algorithms to<br />
analyse database performance and identify<br />
issues and anomalies. All queries that have<br />
raised an alert are listed where you can view<br />
details such as the execution time, recent<br />
variations in performance and historical<br />
patterns of activity.<br />
SQL blocking prevents resource conflicts but<br />
can cause major performance problems when<br />
lock durations are too long. DPA remedies these<br />
issues as its graphs reveal the root blocking<br />
transactions, their impact on other transactions<br />
waiting for the resource to be released and even<br />
poorly written SQL statements that may be<br />
causing these issues.<br />
Query performance analysis assists in<br />
identifying the root cause of performance issues<br />
where you simply click on a hash value at the<br />
side of the wait graph and it'll load a detailed<br />
view of the query's activity. DPA's machine<br />
learning and intelligent analysis correlates all<br />
relevant information in one page with the top<br />
waits and statistics plus query and table tuning<br />
advisors that provide valuable assistance in<br />
narrowing down the culprit.<br />
DPA snaps in seamlessly with the SolarWinds<br />
Orion platform, allowing multiple products to<br />
be used to monitor overall app health and<br />
capture database performance metrics. The<br />
optional SAM module can keep an eye on<br />
database apps and host health while Orion's<br />
smart PerfStack feature uses correlation projects<br />
to compare metrics from multiple systems and<br />
apps to identify the root cause of complex<br />
network problems.<br />
SolarWinds DPA is the perfect partner for<br />
businesses that can't afford to have poorly<br />
performing databases impacting their customer<br />
services. It presents a wealth of information<br />
about database issues, helps find their root<br />
cause in as few as four clicks and provides<br />
invaluable database tuning assistance. NC<br />
Product: Database Performance Analyzer<br />
Supplier: SolarWinds<br />
Web site: www.solarwinds.com<br />
Price: Perpetual from £1,597 per instance<br />
excluding VAT<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 13
SECURITYUPDATE<br />
ZERO TRUST<br />
VED SEN, DIGITAL EVANGELIST, TCS, EXPLAINS HOW<br />
MODERNISING OUR APPROACH TO CYBERSECURITY CAN<br />
ALSO EMPOWER BUSINESS GROWTH<br />
The risk of cyberattacks has increased<br />
steadily in recent years but the<br />
COVID-19 pandemic has made<br />
these threats even more of a reality. With<br />
65% of employees around the world<br />
working from home, according to a new<br />
study from Tata Consultancy Services, and<br />
40% expected to continue to do so in<br />
2025, it is unsurprising that cybersecurity<br />
is top of mind for companies of all sizes.<br />
This change in how businesses are<br />
operating has opened the door to<br />
opportunistic cybercriminals, who are<br />
seizing the opportunity created by the<br />
global crisis. From COVID-related<br />
phishing schemes to Remote Desktop<br />
Protocol attacks, which have soared by<br />
140% in Q3, cybercriminals now have far<br />
easier access to company networks. This<br />
means having a strong VPN is no longer<br />
enough to keep your organisation safe.<br />
The traditional approach to cybersecurity<br />
tends to focus solely on external threats,<br />
with IT teams using firewalls to secure the<br />
network perimeter. However, if this<br />
perimeter is breached, the entire network<br />
is put at risk, which can lead to<br />
unimaginable losses.<br />
Companies are now facing newer, more<br />
sophisticated and pervasive threats, which<br />
if left unaddressed could result in<br />
shutdowns across entire industries. It is<br />
therefore essential that businesses turn<br />
their focus away from simply ensuring<br />
compliance and following the outdated<br />
philosophy of "trust but verify", as this only<br />
goes as far as securing the network<br />
perimeter. For a truly robust stance on<br />
cybersecurity, organisations must close as<br />
many loopholes as possible - whether<br />
external or internal - so no opportunistic<br />
criminal can exploit the network.<br />
At the same time, the challenge for<br />
cybersecurity is that while nobody<br />
disagrees with the need for the best<br />
possible security model, it is often seen<br />
across business as an onerous and often<br />
over-engineered impediment to getting<br />
work done on a day to day basis. It is<br />
absolutely critical for cybersecurity teams<br />
to work closely with businesses to<br />
understand their needs and to build<br />
context aware models that actually enable<br />
work. Cybersecurity can and should<br />
improve the employee experience.<br />
A more resilient model equal to today's<br />
challenges begins with the premise of<br />
"never trust, always verify". A Zero Trust<br />
Security Model enables cybersecurity to<br />
become more adaptable to emerging<br />
threats and changing access needs. It also<br />
takes into consideration the context of<br />
requests for any protected resource. It can<br />
detect threats in real time and take<br />
immediate action to protect an<br />
enterprise's data, devices and operations<br />
in ways reused passwords and VPNs no<br />
longer can.<br />
Zero trust relies on eight core principles<br />
and associated technologies:<br />
1. Never trust. Always verify<br />
Today, nearly all work takes place in a<br />
networked environment. Where systems and<br />
resources are spread across the cloud and<br />
can be accessed in any way via any smart<br />
device, no single security check can suffice<br />
for overall security. Instead, the secure<br />
approach requires validation for any<br />
identity before access can be permitted.<br />
2. Purpose-driven access<br />
Earlier methods, such as a "one-time<br />
password" sent to an email address via<br />
internet protocols, no longer suffice; they<br />
are too prone to compromise. Instead,<br />
access must be contextual and timebound<br />
to deliver required business<br />
outcomes. Password-less multifactor<br />
authentication (MFA) is both more secure<br />
and faster for users.<br />
3. Continuous risk-discovery, real-time<br />
treatment<br />
A "find to fix" approach should replace the<br />
long cycles of audit, testing and<br />
14 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
SECURITYUPDATE<br />
remediation under which most IT<br />
organisations have operated. While<br />
compliance is always necessary for<br />
regulatory adherence, reporting, and<br />
security hygiene, real technology risk is<br />
contextual. By having a zero trust model<br />
in place, organisations can monitor and<br />
verify a user's risk score before granting<br />
them access to the network and other<br />
enterprise resources.<br />
4. Security by design<br />
As cybersecurity must be central to the<br />
customer experience and business<br />
continuity, it should be considered as<br />
early in the development cycle as<br />
possible. The earlier security is<br />
prioritised, the easier it is for companies<br />
to deliver flawless projects repeatedly and<br />
without risk.<br />
5. Information-centric security<br />
From a business perspective, it makes<br />
sense for many organisations to choose to<br />
focus on their business rather than the<br />
data they hold or the IT functions they<br />
have in place. However, from a security<br />
perspective, by putting proprietary<br />
information and expertise - their data and<br />
its uses - at the core of the business,<br />
companies can secure a perimeter.<br />
Thanks to the proliferation of cloud-based<br />
models for many computing needs, this is<br />
much more achievable.<br />
6. Security as culture<br />
As the saying goes, a chain is only as<br />
strong as its weakest link, and a<br />
company's data is only as secure as its<br />
most vulnerable vector. Beyond making<br />
cybersecurity an enforcement issue, a<br />
culture of security makes it everyone's<br />
responsibility. This means putting training<br />
in place for every employee to empower<br />
each user to sense and act on<br />
cybersecurity matters.<br />
7. User experience focus<br />
In all of this, security organisations need<br />
to work with user experience specialists to<br />
ensure that work can still get done and the<br />
demands of corporate security do not<br />
become an impediment to getting work<br />
done, or delivering consistently bad user<br />
experiences, as that will in many cases<br />
lead to behaviours that will compromise<br />
the security. This is both in terms of how<br />
processes are designed (not just<br />
engineered) but also in how they are<br />
communicated, and the user community<br />
engaged. Just as users need to understand<br />
corporate security principles, the security<br />
teams need to understand how work is<br />
done, to truly get the best outcomes.<br />
8. Intelligence<br />
Patterns are everywhere, and with the use<br />
of AI Ops and related toolkits, it is likely<br />
that any breaches, or attempts, are<br />
leaving their own fingerprints and patterns<br />
which are traceable. It's imperative that<br />
security teams also add AI and<br />
intelligence to their toolkit to pre-empt<br />
attacks or breaches and for early<br />
recognition of the patterns which can lead<br />
to these breaches.<br />
A SECURE FUTURE<br />
Leading-edge, risk-focused and contextaware<br />
security is increasingly available as<br />
a service and should be invested in, rather<br />
than adopting a one-size-fits-all software<br />
solution. Forward-looking companies<br />
must take a "never trust, always verify"<br />
approach when granting access to their<br />
data and processes. Thereby<br />
acknowledging that threats evolve and<br />
require the capabilities available in<br />
advanced technology - such as AI,<br />
automation, cloud computing, and agile<br />
development - to address them.<br />
Through leveraging this technology, a<br />
business can embrace a more resilient<br />
and adaptable cybersecurity model. Not<br />
only does this increase an organisation's<br />
chance to overcome challenges, but it<br />
also allows them to take advantage of the<br />
opportunities that come from emerging<br />
digital ecosystems. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 15
OPINION<br />
FROM DATA LOCKDOWN TO DIGITAL TRANSFORMATION<br />
BUSINESSES NEED INSIGHT, NOT JUST DATA, WHEN IT COMES TO DIGITAL TRANSFORMATION,<br />
ACCORDING TO PETER RUFFLEY AT ZIZO<br />
Digital transformation of any<br />
business has always been<br />
hampered by making sense of<br />
underlying data. And that data has been<br />
growing in volume at an unprecedented<br />
rate driven by the growth of IoT. It's the<br />
perfect storm - the need for real-time<br />
information being increasingly distanced<br />
by the rate at which the data volume is<br />
growing. Businesses need insight, not<br />
just data, which means getting the right<br />
information, to the right person, at the<br />
right time.<br />
But the age-old problem remains today<br />
- how do you understand and see what<br />
data you have readily available, in a<br />
format that's usable and that you can<br />
access at the right time? Peter Ruffley,<br />
CEO, Zizo, explores three aspects<br />
businesses must consider to get out of<br />
'data lockdown.'<br />
DATA ACCESS<br />
There are a multitude of ways to store<br />
and access data, but a majority of<br />
businesses haven't considered access to<br />
external data sources yet. When we<br />
begin to question how to enrich and<br />
improve data, one of the fundamental<br />
capabilities of this process is by<br />
integrating external third-party data<br />
sources, such as weather, crime or other<br />
open data sources.<br />
Businesses must have an understanding<br />
of what they need to do to make the<br />
process worthwhile, and ensure they<br />
have the correct capabilities before they<br />
start. A common first approach for many<br />
organisations is to build from scratch<br />
and make it their own, rather than<br />
considering the buyer approaches where<br />
you look at what's out there, explore the<br />
marketplace and transform existing data<br />
to use within the business, rather than<br />
starting from the ground up.<br />
If they can't combine different sources<br />
of data quickly and cost-effectively<br />
together, they won't move forward. It<br />
makes sense to digitally transform an<br />
organisation if it is going to make use of<br />
what's already out there, as being able to<br />
16 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
tap in and share other work and insights<br />
will make the exercise worthwhile and<br />
cost-effective. With combinations of<br />
solutions available in the marketplace<br />
that can accelerate the process by<br />
providing the necessary building blocks,<br />
it's time to transform the digital<br />
transformation process.<br />
DATA RESPONSIBILITY<br />
There remains a disconnect between IT<br />
teams and businesses' impressions about<br />
what it means to provide the data. If<br />
both parties are not aligned with the<br />
same aims of the business, the project<br />
could stall at the first hurdle. Instead,<br />
organisations need to bridge the divide<br />
and encourage stronger collaboration<br />
between all stakeholders. When<br />
businesses realise where those holes are<br />
in their structure, it's key to get people<br />
involved to solve those challenges.<br />
This involves change on three levels;<br />
personnel, cultural and technological.<br />
Who's responsible for this chain? Whose<br />
action is it? How do we bring these<br />
teams together? The business might be<br />
storing a lot of data, but how can it be<br />
accessed, interrogated and made<br />
useful? How will the business' data goals<br />
be defined?<br />
Typically, the digital transformation<br />
initiative comes from the top in the<br />
organisation. In order to get your<br />
business on board, you have to make a<br />
very clear case of what the benefits are.<br />
Employees need to trust that<br />
improvements will be made for them by<br />
doing this, rather than just dictating the<br />
plan. Digital transformation is a change<br />
programme, which impacts all aspects of<br />
the business. You therefore have to<br />
approach it in the same way that you<br />
would approach any change project -<br />
with clear objectives and an agreed<br />
process of identifying how you're going<br />
to get value from data. With a<br />
compelling case, you have a much better<br />
chance of carrying it through with buy in<br />
from all stakeholders.<br />
DATA AND OBJECTIVE<br />
IDENTIFICATION<br />
You can't embark on a digital transformation<br />
initiative without a concept - you're<br />
condemning the project to failure if the<br />
business is not engaged properly with the<br />
process before you start. In order to yield<br />
business benefit from data, organisations<br />
must identify the areas that will realise the<br />
most benefits. Even if they're hypothetical,<br />
there must be measurable ambitions in place<br />
or milestones for this journey, so that there is<br />
an understanding of what you're going to do,<br />
and what you want to get out of it. Or if<br />
those ambitions weren't achieved, why not?<br />
What steps need to be taken next time?<br />
Organisations have to be able to collect<br />
the data and assess whether they can<br />
achieve their business objectives from that<br />
data. But a goal of just 'digital<br />
transformation', 'digitising data' or 'making<br />
more money' will never translate into a<br />
concrete business case. Goals need to be<br />
specific and measurable in order to<br />
determine the project roadmap and for<br />
success to be evaluated.<br />
More importantly, you have to<br />
understand where the data is in your<br />
organisation and what it's being used for,<br />
before you start the process of<br />
transformation. The whole supply chain<br />
needs to be aware of the transformation<br />
and the demands that are going to be in<br />
place. You've got to be very open about<br />
this process, because there will be people<br />
who you haven't thought of that might be<br />
impacted by the changes you're making.<br />
With easy access, a connected team and<br />
clear objectives, companies can have a clear<br />
outline of what it is they set out to achieve in<br />
their digital transformation, how they expect<br />
to make this transition with the data<br />
available, and who can take on what role in<br />
this process. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 17
OPINION<br />
HOW TO PREPARE IP NETWORK INFRASTRUCTURE FOR THE 5G ERA<br />
VINCENTAS GRINIUS, CEO AT IPXO AND ZILVINAS VAICKUS, HEAD OF INFRASTRUCTURE AT<br />
IPXO, SHARE A FEW POINTERS TO KEEP IN MIND WHILE PLANNING A 5G MIGRATION STRATEGY<br />
The fifth-gen network brings with it<br />
immensely fast data speeds, however,<br />
it has a short-distance reach: the<br />
mmWaves 5G runs on span across only a<br />
few hundred metres. To cast a widespread<br />
net, a denser network of small cell towers<br />
that emit the necessary wavelength have to<br />
be set in place.<br />
For this reason, edge computing is also<br />
stepping into the limelight, in order to<br />
accommodate the need for faster data processing.<br />
With properly set up edge computing<br />
architecture, event processing happens<br />
in the edge node closest to the device.<br />
Consequently, resource-heavy devices can<br />
retrieve data at high speeds as it does not<br />
have to travel long distances to a cloud or<br />
a data centre.<br />
"Fifth-gen requires a tightly-knit network<br />
infrastructure. As speed and scale are<br />
imperative to the new wireless, the proximity<br />
of network components correlates with their<br />
capacity to process information at incredibly<br />
high levels," said Zilvinas Vaickus, Head of<br />
Infrastructure at IPXO.<br />
"Data centres as we know them will<br />
become an old story," Vaickus continued.<br />
"They will clear the way for densely-situated<br />
nodes, which will need to be implemented<br />
to provide the necessary agility in accordance<br />
with the next-gen network."<br />
ASSURING BACKLINK COMPATIBILITY<br />
IPv6 will have a major role to play in 5G,<br />
as IPv4 addresses, which are already in<br />
short supply, could never satisfy the evergrowing<br />
connection demand further down<br />
the road. That said, the majority of systems<br />
in place are IPv4-compatible only. To leverage<br />
in-house equipment alongside new<br />
standards for speed and data processing,<br />
implementing a dual-stack network with the<br />
capacity to process IPv4 and IPv6 traffic<br />
simultaneously becomes a crucial step<br />
when upgrading network architecture.<br />
"To think that with the coming of 5G and<br />
Internet Protocol 6 IPv4s would suddenly<br />
become irrelevant would be unrealistic,"<br />
explained Vincentas Grinius, CEO at IPXO.<br />
"Building an entirely new network of IPv6-<br />
only equipment would be too much of a<br />
grandiose aim that, for most, is not worth<br />
neither the time nor the investment. The<br />
simple truth is that there will always be systems<br />
compatible only with the previous<br />
protocol. Thus dual-stacking is a nonnegotiable<br />
integration when preparing for<br />
5G migration."<br />
Since IPv4 addresses will remain an integral<br />
part of the network, IP leasing platforms<br />
like IPXO will only grow in importance,<br />
as they will be able to lease out<br />
IPv4s necessary to ensure overall backlink<br />
compatibility among systems.<br />
WFH INFRASTRUCTURE CHALLENGE<br />
Although 5G technology is more robust and<br />
advanced compared to its predecessors,<br />
managing its security will not be an easy<br />
task to tackle. Addressing network vulnerabilities<br />
becomes an even more sensitive<br />
issue when you consider the increasing trend<br />
of remote working. As security executives try<br />
to wrap their heads around overseeing all<br />
the possible weak spots concerning the<br />
internal network, now they are obligated to<br />
look even further and define safeguards for<br />
remote workforce.<br />
"Fifth-gen supports a huge amount of connected<br />
devices. Consequently, this means<br />
there is a significantly larger number of possible<br />
access points to attempt to highjack,"<br />
commented Grinius. "While managing core<br />
network security remains the top priority, setting<br />
up a well-structured WFH infrastructure is<br />
definitely coming in as a close second in<br />
terms of preventing possible data breaches.<br />
Personal computers and networks often have<br />
fewer safeguards in place, and thus become<br />
an easy target for scammers."<br />
All in all, with the new generation rapidly<br />
approaching, the focus for most should<br />
remain not necessarily on the benefits 5G will<br />
bring to the table, but rather how to be better<br />
prepared to facilitate smooth integration with<br />
existing networks, ensure device compatibility<br />
and mitigate associated threats. NC<br />
18 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
HOW APIs ARE SHAPING THE NEW WORKPLACE<br />
JAMES HIRST, COO & CO-FOUNDER, TYK, EXPLAINS HOW<br />
APPLICATION PROGRAMME INTERFACES ARE EMPOWERING<br />
CUTTING EDGE COLLABORATION TOOLS<br />
Over the course of the past year the<br />
workplace has changed. Employees<br />
have moved from sitting primarily in<br />
an office surrounded by work colleagues, to<br />
now working from their own homes. While<br />
remote working has become more normalised<br />
and phrases such as, 'you're on mute'<br />
embedded in our lexicon, many organisations<br />
are looking at how they can better enable<br />
more seamless communication and<br />
collaboration across their teams - with the<br />
overall goal of keeping productivity high.<br />
Since the beginning of the COVID-19<br />
pandemic, organisations across the globe<br />
have quickly moved to invest in technology<br />
solutions that provide employees with the tools<br />
to do their job remotely. Companies such as<br />
Slack and Zoom have seen their value<br />
skyrocket over the past few months, with<br />
organisations prioritising software solutions to<br />
support basic business operations.<br />
Key to the success of implementing software<br />
into an organisation, is ensuring it brings<br />
together and integrates legacy platforms as<br />
well as provides the ability to scale as required.<br />
With many employees demanding and<br />
expecting their workplace tools to deliver the<br />
same levels of integration and connectivity that<br />
they've come to experience across their<br />
personal lives, workplace technology solutions<br />
need to be intuitive and have easy-to-use<br />
interfaces which can work across a range of<br />
platforms - often simultaneously and in realtime.<br />
And at the centre of enabling this are<br />
Application Programme Interfaces (APIs).<br />
CONNECTING THE WORKPLACE<br />
Simply put, APIs are the connectors between<br />
two applications, enabling them to talk to each<br />
other. It works as the messenger or intermediary<br />
between two applications. For example, a<br />
salesperson may want to search a potential<br />
prospect or customer to see the last interaction<br />
with them. They enter the customers name into<br />
their company database, which sends a request<br />
to their sales platform to provide the<br />
information. This means your company<br />
database is interacting with the separate sales<br />
platform to pull the information you require.<br />
Collaboration tools are now ubiquitous, but<br />
generalised. For many enterprises, they have<br />
specific lines of business applications and data<br />
siloed away. The value of that data is best<br />
realised when it's accessible remotely by teams.<br />
I expect demand for more seamless integration<br />
between these and the common collaboration<br />
tools to grow rapidly.<br />
THE ACCESSIBILITY OF AI<br />
The pandemic has meant that many<br />
organisations are having to address how they<br />
run their operations efficiently. This has meant<br />
evaluating current staff roles and adopting<br />
technology solutions that help people to work<br />
smarter, not harder. For many employees the<br />
burden of delivering everyday, time intensive<br />
admin-based tasks, such as data entry, has<br />
meant that the more strategic parts of their role<br />
get put on the backburner. Artificial Intelligence<br />
can play a key role in providing a workplace<br />
solution that can free employees time up to<br />
refocus on more high-value strategic tasks that<br />
have a bigger impact on the bottom line.<br />
The use of AI, more than pretty much any<br />
emerging tech today, is also contentious.<br />
Ownership of the AI capability and the security<br />
and integrity of the data that flows through it<br />
will be heavily scrutinised. Putting an<br />
architecture in place that recognises this and<br />
that enables enterprises to pick, choose and<br />
change from AI APIs at will is therefore critical<br />
to ensure business value isn't locked up in<br />
proprietary vendors.<br />
SUPPORTING DIGITAL<br />
TRANSFORMATION IN <strong>2021</strong><br />
Organisations are relying on APIs more than<br />
ever to help them reach their digital<br />
transformation goals, and gain the most value<br />
out of their investment into software solutions.<br />
In 2017, Forbes contributor, Louis Columbus<br />
stated that 2017 was the year of the API<br />
economy. Now arguably APIs will come under<br />
the spotlight again this coming year, with many<br />
organisations' realising that becoming a 'digital<br />
first' company is not a preferred option but<br />
critical for survival during these uncertain<br />
times. As a result, it's likely many will move<br />
away from developing bespoke solutions from<br />
scratch and towards more efficient solutions<br />
that deliver ROI fast.<br />
Businesses have had to rapidly adapt in order<br />
to survive this year - accelerating and<br />
reprioritising technology adoption that they<br />
had previously planned to implement in future<br />
years. Central to this technology acceleration<br />
has been developer teams, who have adapted<br />
and innovated quickly to ensure business<br />
operations continue to function. This has<br />
increased awareness of the importance of the<br />
role that developers play in the business - and<br />
over the next twelve months, the developer<br />
community will start to play an even more<br />
strategic role within the business, through<br />
implementing new processes and procedures.<br />
With the growing need for better digital<br />
ecosystems, IT leaders will be looking towards<br />
purchasing ready-to-go applications and APIs<br />
that they can implement quickly and easily and<br />
allowing them to scale as required. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 19
OPINION<br />
FINDING THE IT FACTOR IN A VENDOR<br />
VIKKI DURDEN, HEAD OF OPERATIONS AT UK IT SERVICE, DISCUSSES THE TRAITS BUSINESSES SHOULD SEARCH FOR IN A<br />
POTENTIAL I.T. VENDOR - AND THE ONES THEY SHOULD SEEK TO AVOID<br />
During a challenging economic<br />
period for UK business, it seems<br />
the attraction of external, low-cost<br />
IT providers, and new pay-as-you-use<br />
models may be too much for companies<br />
to resist. So much so that investment has<br />
skyrocketed in this sector, with nearly £4<br />
billion in investments made annually by<br />
UK firms. However, to reap the rewards of<br />
cost-effective and efficient IT, businesses<br />
must understand how to get the most out<br />
of their partnership with a vendor.<br />
PUTTING YOU FIRST<br />
Typically, IT vendors are brought in to<br />
supplement an existing IT infrastructure. To<br />
identify the right supplier to complement<br />
the work you're doing, you need to put<br />
your own needs first.<br />
While cost-of-service will no doubt play<br />
a role in any decision during these<br />
financially taxing times, it shouldn't be the<br />
be-all and end-all. For example, paying<br />
slightly more up-front to partner with a<br />
vendor which offers unmatched<br />
responsiveness and flexible hours, often<br />
saves businesses money long-term in<br />
minimised downtime and disruption.<br />
Depending on the company's priorities,<br />
you may require a vendor who has a<br />
proven track record in delivering a<br />
specific specialism, or one which is agile<br />
enough to help your business close in on<br />
an opportunity.<br />
To ensure that a potential vendor is a<br />
right fit for you, you should first establish a<br />
detailed list of goals and key performance<br />
indicators for your chosen vendor. This<br />
may include improving cybersecurity or<br />
navigating a complex cloud migration<br />
project. Agreeing to SLAs and KPIs in<br />
advance allows you to cross-reference the<br />
needs of your business with the<br />
capabilities of the vendors. It also lays the<br />
foundations for clarity in the relationship.<br />
These metrics also serve as a framework<br />
to help businesses track the value of their<br />
investments, keep both parties focused on<br />
a set of core objectives, and acts as a<br />
tangible target when reviewing<br />
performance at the end of each quarter<br />
or year.<br />
UNCOMPLICATING<br />
COMMUNICATION<br />
Clear dialogue from the outset is crucial<br />
in building a long-lasting business<br />
relationship with a vendor, in setting<br />
mutual expectations and addressing any<br />
issues. Poor communication is the<br />
underlying cause of most relationship<br />
breakdowns between business and vendor.<br />
It's important then to look for vendors with<br />
a diverse range of tools to facilitate clear<br />
communication. Do they have sociable<br />
working hours? Are they available via<br />
both telephone and email?<br />
However, if their response time is substandard<br />
it won't matter how many<br />
channels are open, as you won't be able<br />
to act with the agility needed to succeed.<br />
Responsiveness is a must-have<br />
characteristic for most businesses, so you<br />
should be looking at vendors with a<br />
proven track record of high-end customer<br />
service. If a vendor has these traits, it can<br />
be well worth any additional investment as<br />
it shows a commitment to quality you may<br />
not find elsewhere.<br />
20 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
Search for the business on reputable<br />
review sites, like Trustpilot and, where<br />
possible, request case studies. These will<br />
help you gauge whether the provider is<br />
willing to go above and beyond to deliver<br />
the project or will simply produce the<br />
minimum level of work expected.<br />
COMPLIANCE IS KEY<br />
Data security is a huge problem for UK<br />
businesses, who amass over £3 million<br />
per year in losses, as a result of data<br />
breaches. With the UK government<br />
clamping down on non-compliance with<br />
fines of up to £18 million, businesses<br />
can't afford to chance their luck running<br />
insecure operations.<br />
Many businesses are simply unequipped<br />
to handle extra security tasks, especially in<br />
understaffed SMEs. This is where IT<br />
vendors prove their worth - not only do<br />
they make light work of cybersecurity<br />
threats and compliance tasks but they can<br />
also help educate employees as they build<br />
the necessary infrastructure to stay secure.<br />
Review each vendor's credentials,<br />
including requesting relevant<br />
cybersecurity and certifications and<br />
viewing online testimonials, keeping note<br />
of any complaints or problems from<br />
people using the service. You're also<br />
entitled to ask a vendor for evidence of<br />
an emergency contingency plan - in case<br />
of a crisis - so, don't shy away from<br />
requesting one.<br />
This gives businesses the peace of mind<br />
that the vendor is equipped to meet their<br />
needs in terms of data storage and online<br />
threats. It also opens a dialogue and<br />
demonstrates transparency and trust,<br />
which are vital to any mutual relationship.<br />
A LOOK TO THE FUTURE<br />
There's a common perception around IT<br />
vendors - that they're only to be used for<br />
one-off projects, troubleshooting small<br />
errors and fixing bugs - which is proving<br />
increasingly untrue.<br />
With the rapid growth in the capabilities<br />
of vendors, they can form a reliable<br />
foundation upon which SMEs can enjoy<br />
long-term success and build their entire<br />
IT infrastructure. Access to a whole team<br />
of IT directors allows small businesses to<br />
compete with corporate giants while<br />
avoiding the overhead costs of<br />
employing an in-house team.<br />
To make sure you have a relationship<br />
built for longevity, it's important to<br />
partner with a proactive and forwardthinking<br />
vendor, rather than one which<br />
simply carries out instructions when<br />
asked. Quiz potential providers on what<br />
they see as the business' IT weak points<br />
and how they would address and<br />
innovate them.<br />
The answer to these should reveal<br />
whether the vendor has the potential to<br />
implement transformative projects like IT<br />
audits, cloud migration and designing<br />
comprehensive IT roadmaps, or whether<br />
they are likely to take a more passive<br />
approach to the relationship. NC<br />
PROFICIO<br />
WINNERS OF OUR CLOUD-DELIVERED SECURITY SOLUTION OF THE YEAR AWARD<br />
Proficio is a leading managed security services provider (MSSP) of managed detection and response (MDR)<br />
services. Our clients receive around-the-clock event monitoring and incident management from our SOCs in<br />
California, Barcelona and Singapore. Our security experts are highly responsive and understand your<br />
environment, policies, and processes, acting as an extension of your IT security team. We use AI and cloud<br />
technologies to hunt for targeted attacks, rapidly alert clients to critical threats, and automate containment of attacks<br />
before they cause damage. Proficio's MDR services have been recognised in Gartner's Guide to Managed Detection<br />
and Response Services annually since 2017. Proficio was also the first MSSP to build an automated response solution<br />
to instantly contain high-fidelity threats without human intervention.<br />
Proficio's next-generation MDR platform uses a universal bus architecture to provide our clients access to cloudbased<br />
services and fast search. Our platform provides all the benefits of a dedicated SIEM without the cost and<br />
complexity of owning and operating SIEM software. Client's security logs are collected and analysed using advanced<br />
use cases, threat analytics, and AI-based threat models, which provides them with more accurate detection of<br />
indicators of attack or compromise. Proficio also provides MDR services for clients who have invested in a dedicated<br />
SIEM, such as Splunk.<br />
Proficio provides visibility into each client's security posture including a relative risk score calculated on their use of<br />
security tools to detect and prevent threats. We also provide services to manage endpoint detection and response<br />
software, next-generation firewalls, and Risk-Based Vulnerabilities.<br />
COMPANY PROFILE<br />
COMPANY PROFILE COMPANY PROFILE
OPINION<br />
A FORWARD-LOOKING GUIDE TO BUYING IT<br />
EQUIPMENT FOR SMES<br />
WORKING OUT WHEN TO UPGRADE BUSINESS TECHNOLOGY IS<br />
NOT JUST ABOUT ITS PHYSICAL CAPABILITY. SIMON MICHIE AT<br />
PULSANT EXPLAINS WHY<br />
Working out when to upgrade<br />
business technology is not just<br />
about physical capability but also<br />
about supportability for new applications.<br />
As many SMEs understand, components<br />
inevitably degrade over time, leading to<br />
unexpected interruptions and in the worstcase<br />
scenarios, significant data loss and<br />
the serious consequences that come with<br />
that.<br />
A hard drive (HDD) lasts about six years<br />
as its spinning disks wear out after<br />
continuous usage, while the integrity of the<br />
data stored on an aging disk deteriorates<br />
due to excessive wear, the presence of<br />
contaminants, radiation and heat.<br />
Comparing the lifetime of a solid-state<br />
drive (SSD) is complex because its length is<br />
greatly determined by the total terabytes of<br />
data written onto it. As a result, in order to<br />
minimise the risk from aging components it<br />
is essential that the performance of<br />
applications is monitored regularly and<br />
SME's are up to date on the options<br />
available to them.<br />
If the technology had a reasonable<br />
specification when purchased, then unless<br />
it has become incompatible with a<br />
company's chosen new application (more<br />
likely due to an aging operating system<br />
than the hardware), IT staff should be<br />
monitoring the performance of systems<br />
and applications and assessing whether<br />
any perceived slow-down is affecting<br />
employees' efficiency. User satisfaction is<br />
crucial for the success of IT initiatives, so<br />
performance monitoring shouldn't be<br />
limited to tracking IT resources such as<br />
CPU, memory, disk, etc, but all aspects of<br />
the experience. To do this, IT operators<br />
and administrators can assess end-user<br />
availability and performance with the aid<br />
of user experience monitoring software.<br />
If the performance does remain<br />
acceptable, then the only real driver is<br />
reliability which is affected by ageing<br />
components such as fragile motherboards<br />
and on-board circuitry, power supplies or<br />
disk drives. Keeping a close check on<br />
reliability across all the hardware and<br />
determining the failure rate may well make<br />
the decision an obvious one, even if the<br />
equipment itself is still capable of<br />
operating the software that the business<br />
depends upon.<br />
ON-PREMISE VERSUS CLOUD:<br />
THE COSTS<br />
Housing a server on-premise is an<br />
expensive undertaking which involves<br />
everything from air conditioning systems to<br />
power distribution, networking and power<br />
backup. All of this requires significant<br />
levels of capital investment and on-going<br />
operating expense.<br />
Alternatively, cloud has an array of<br />
advantages such as greater agility, cost<br />
savings and faster time to market. There's<br />
no need for hardware in the virtualised<br />
environment and businesses can pay for<br />
storage which is cheap and easy to do.<br />
Apart from paying for bandwidth and<br />
connectivity, there is no cost associated<br />
with getting data into the cloud; however,<br />
there can be unbudgeted costs associated<br />
with getting data out of the cloud. The<br />
processing of information and returning<br />
results is where costs can often start to rise.<br />
A full move to the cloud may not always<br />
be desirable because of concerns over<br />
security and control and in this case, the<br />
answer is often colocation. By moving their<br />
servers to a trusted vendor's facility, SME's<br />
can uphold absolute control over their<br />
data without maintaining a costly,<br />
dedicated, potentially insecure, in house<br />
data centre.<br />
The key cost advantage of colocation is<br />
that providers host multiple customers<br />
within each data centre, allowing them to<br />
22 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
spread the cost of maintaining systems and<br />
offer high service levels at a reduced<br />
overall operational cost. Also, unlike onpremise,<br />
SME's can scale their data centre<br />
footprint as their business grows, without<br />
the up-front capital expense that would be<br />
needed to expand an on-premise server<br />
room.<br />
A NEW MODEL FOR TECHNOLOGY<br />
SERVICES<br />
With many SMEs considering making<br />
infrastructure changes following a<br />
prolonged period of remote working, it is<br />
likely that a lot of them may want to<br />
consume services differently in the future.<br />
For example, the scale of outsourcers and<br />
their investment in data centres,<br />
technology and staffing means that<br />
organisations can consume the resources<br />
they need, only when required, using an<br />
OPEX model.<br />
This avoids the need for up front capital<br />
costs, depreciating assets, and investment<br />
ahead of peak periods. Flexibility in cloud<br />
services also enables businesses to scale<br />
up and down as needed, using a pay-perconsumption<br />
model to match the<br />
organisation's income stream. The Covid-<br />
19 crisis has highlighted the importance of<br />
having the right IT infrastructure in place<br />
and after gaining a lot of useful experience<br />
in remote working during 2020, as we<br />
close in on the new year many businesses<br />
will now need to consider wider<br />
infrastructure changes for the longer term.<br />
SUPPORTING LONG-TERM REMOTE<br />
WORKING<br />
Because some SMEs are relatively lean in<br />
terms of their own technology expertise, they<br />
may consider outsourcing for the advantages<br />
this option provides. It is possible for SMEs to<br />
achieve significant savings on IT resources<br />
and they can benefit from quicker<br />
troubleshooting, more robust support<br />
channels and as a result less time and money<br />
spent ensuring infrastructure reliability.<br />
Additionally, by using a trusted managed<br />
service provider SMEs can significantly reduce<br />
the time, resources and costs of supporting<br />
and managing their own infrastructure and<br />
focus exclusively on the services and<br />
solution they offer to customers. NC<br />
ALTARO<br />
WINNERS OF OUR DATA PROTECTION PRODUCT OF THE YEAR AWARD<br />
Altaro develops award-winning backup solutions for managed service providers (MSPs), IT resellers and<br />
companies. With 50,000+ customers in 121+ countries, 10,000 partners and 2,000+ MSPs, Altaro provides<br />
affordable, easy-to-use, enterprise-class functionality coupled with outstanding 24/7 tech support. Altaro is a<br />
one-stop-shop for all your backup and recovery needs, providing solutions for all key areas of your network, including<br />
Hyper-V and VMware virtual environments; Microsoft Office 365 mailboxes, OneDrive and SharePoint; roaming<br />
andon-premise endpoints such as network desktops and laptops; and physical Windows servers.<br />
Altaro also offers monthly subscription programs for MSPs, and is the only vendor on the market that enables MSPs<br />
to manage all their different types of backups from one central multi-tenant console, across all their customers. The<br />
company has offices in the US, the UK, Germany, France, North Macedonia and Malta.<br />
KNOWBE4<br />
WINNERS OF OUR EDUCATION AND TRAINING PROVIDER OF THE YEAR AWARD<br />
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is<br />
used by more than 35,000 organisations around the globe. Founded by IT and data security specialist Stu<br />
Sjouwerman, KnowBe4 helps organisations address the human element of security by raising awareness<br />
about ransomware, CEO fraud and other social engineering tactics through a new-school approach to<br />
awareness training on security.<br />
Kevin Mitnick, an internationally recognised cybersecurity specialist and KnowBe4's Chief Hacking Officer,<br />
helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of<br />
thousands of organisations rely on KnowBe4 to mobilise their end users as the last line of defence.<br />
COMPANY PROFILE<br />
COMPANY PROFILE<br />
COMPANY PROFILE<br />
COMPANY PROFILE
SECURITYUPDATE<br />
RANSOMWARE: NEW YEAR, NEW THREATS<br />
VENIAMIN SIMONOV, DIRECTOR OF PRODUCT MANAGEMENT AT<br />
NAKIVO, SETS OUT SOME OF THE RANSOMWARE TRENDS TO BE<br />
AWARE OF IN THE YEAR AHEAD<br />
News of ransomware incidents are<br />
now making the headlines more<br />
than ever before. Not only do<br />
companies suffer significant financial<br />
losses to remediate ransomware attacks,<br />
but they also cause reputational brand<br />
damage that could impact their stock<br />
value and ability to both retain and<br />
attract customers.<br />
COVID-19 has caused an increase in<br />
the number of attacks taking place in the<br />
past year with many more of us now<br />
working from home. With some<br />
organisations 'cornered', the impact of<br />
these attacks is also growing in scale. For<br />
example, in July 2020 U.S. travel<br />
management firm CWT paid $4.5 million<br />
to hackers who stole reams of sensitive<br />
corporate files and claimed to have<br />
knocked some 30,000 computers offline.<br />
With ransomware attacks becoming<br />
increasingly frequent, how has ransomware<br />
changed in light of the COVID-19<br />
pandemic, and what trends can we expect<br />
to see in <strong>2021</strong> and beyond?<br />
PANDEMIC IMPACT<br />
The Coronavirus pandemic has sent a<br />
ripple effect across industries - with another<br />
national lockdown workforces have been<br />
confined to home offices once again.<br />
Many remote users are not well protected<br />
and can easily become a target for<br />
ransomware attackers. More commonly,<br />
attackers will target larger organisations for<br />
the potential financial gain, however, since<br />
the beginning of the pandemic there has<br />
been a rise of home users being attacked<br />
by cybercriminals. This is due to a lack of<br />
awareness or security measures in place<br />
for remote users.<br />
With the increasing uncertainty<br />
surrounding the possible health<br />
consequences of the pandemic,<br />
ransomware attackers have taken<br />
advantage of impressionable individuals -<br />
using the COVID-19 topic in their phishing<br />
emails. For example, users have reported<br />
reviewing suspicious messages containing<br />
information about coronavirus and<br />
requesting the user to open an<br />
(unknowingly dangerous) attachment. Latest<br />
ransomware and malware trends reveal that<br />
the number of coronavirus related phishing<br />
is becoming a recurrent issue.<br />
REDUCING THE RISK<br />
The rate of ransomware attacks rose<br />
exponentially in 2020. Microsoft has<br />
reported that incidents related to<br />
ransomware are the most common<br />
cybersecurity breach since October 2019.<br />
According to the 2020 Microsoft Digital<br />
Defense Report, 13 billion malicious and<br />
suspicious mails were blocked by Microsoft<br />
between <strong>Jan</strong>uary and October 2019.<br />
Blocked emails, in particular, contained<br />
more than one million malicious links that<br />
had the potential to trigger an attack.<br />
To reduce the risk, every home or<br />
enterprise user should follow online safety<br />
rules and security policies even when<br />
working remotely. Only by receiving<br />
appropriate training and being aware of<br />
the latest ransomware threats are users less<br />
likely to be infected. Some of the most<br />
obvious rules include avoiding links from<br />
unknown sources, installing anti-virus<br />
software on all computers, making sure<br />
that the anti-virus is updated regularly and<br />
configuring a firewall.<br />
On the rare occasion that your computer<br />
does get compromised, it's recommended<br />
that you don't pay the ransom as this will<br />
24 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
SECURITYUPDATE<br />
"Research shows that new ransomware can easily steal users' data to extort a victim.<br />
Since data loss is a growing concern for companies and individual users, these attacks<br />
are becoming increasingly prevalent and sophisticated. While large organisations are<br />
targeted the most, COVID-19, and a shift to remote working has triggered an influx of<br />
individuals being victimised, which can only be mitigated by implementing the correct,<br />
responsible security measures."<br />
only encourage cybercriminals.<br />
Furthermore, this can come at a huge<br />
financial cost - according to Safety<br />
Detectives, the average requested ransom<br />
amount has risen from $4,300 in 2018 to<br />
$8,100 just two years later. Cybersecurity<br />
Ventures have also predicted that the<br />
damage caused by ransomware would be<br />
more than 20 billion USD in <strong>2021</strong>. That<br />
said, there is also no guarantee that you'll<br />
be able to decrypt files after paying a<br />
ransom or that your stolen data will not<br />
be sold to competitors or other criminals.<br />
DATA LEAKS, ENCRYPTION<br />
AND INFECTION<br />
A particularly vicious ransomware<br />
technique involves stealing data from a<br />
victim and then encrypting files on<br />
infected computers. Attackers threaten the<br />
victim by publishing a portion of stolen<br />
data on the dark web and demanding a<br />
ransom fee in return - regardless of<br />
whether the victim has backups to recover<br />
their data. This is a particular concern for<br />
a company which operates with customer<br />
data - if the data is leaked publicly, they<br />
could incur hefty fines. This approach is<br />
known as double extortion.<br />
The methods of infecting ransomware<br />
have remained almost the same in 2020.<br />
According to figures from Ransomware<br />
Detectives, 67% of attacks stem from<br />
spam and phishing emails, 36% are due<br />
to inherent human factors such as when<br />
users are not trained well enough and<br />
30% are due to weak passwords and<br />
insufficient access management. More<br />
specifically, the most popular methods to<br />
infect computers and infiltrate networks<br />
remain almost the same as in the past<br />
year: Remote Desktop Protocol<br />
Misconfigured public cloud instances,<br />
USB flash drive and other removable<br />
mediums.<br />
WHO IS BEING HIT HARDEST?<br />
In 2020, ransomware targeted North<br />
America with 33% of total attacks, Asia<br />
with 30% and Europe with 27%. Research<br />
from BlackFog demonstrates that<br />
developed countries across the globe are<br />
targeted more heavily, with the USA, UK<br />
and Australia hit most commonly,<br />
followed by Canada, Germany, Denmark,<br />
Japan and France. In extreme cases,<br />
some countries have been known to hire<br />
state-sponsored hackers to launch attacks<br />
against organisations (including those<br />
related to critical infrastructure) and<br />
competitors in rival countries.<br />
It is rather unsurprising that Windows is<br />
the most infected operating system, with<br />
85% of ransomware occurring on this<br />
interface. A considerably lower amount<br />
(7%) occurs in both macOS and iOS, and<br />
merely 5% attack Android platforms.<br />
However, trends seem to be shifting as<br />
macOS is increasingly being targeted by<br />
ransomware creators - since 2018,<br />
detection of malware on Mac devices<br />
has doubled.<br />
For organisations, BlackFog reports that<br />
companies with a low tolerance for<br />
downtime are the most vulnerable to be<br />
targeted by ransomware criminality - such<br />
as manufacturing companies, the<br />
professional services sector and<br />
government organisations. This is because<br />
hackers choose organisations that cannot<br />
afford significant downtime, or because<br />
an attack will mean they face regulatory<br />
fines if they handle public data. For these<br />
reasons, they are more likely to pay the<br />
ransom. With pressure on the public<br />
sector particularly intense this year as a<br />
result of Coronavirus, attacks on<br />
healthcare and educational organisations<br />
have grown.<br />
2020 saw ransomware attacks grow in<br />
virulence, with attackers taking advantage<br />
of remote work vulnerabilities. Research<br />
shows that new ransomware can easily<br />
steal users' data to extort a victim. Since<br />
data loss is a growing concern for<br />
companies and individual users, these<br />
attacks are becoming increasingly<br />
prevalent and sophisticated. While large<br />
organisations are targeted the most,<br />
COVID-19, and a shift to remote working<br />
has triggered an influx of individuals<br />
being victimised, which can only be<br />
mitigated by implementing the correct,<br />
responsible security measures.<br />
No matter how careful one can be,<br />
ransomware on a global level is unlikely<br />
to be conquered any time soon. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 25
CASESTUDY<br />
Matt Parker<br />
A BRIGHTER OUTLOOK<br />
THE BRIGHTSTAR GROUP TURNED TO BABBLE TO<br />
FUTUREPROOF ITS TELEPHONY PLATFORM AND ENSURE<br />
ONGOING BUSINESS RESILIENCE<br />
Continuing a long-term relationship<br />
with Babble that has helped The<br />
Brightstar Group to thrive over the<br />
last 4 years, the Cloud Comms, Contact<br />
Centre and Cyber technology firm was<br />
asked to advise on the best solutions<br />
available.<br />
Babble recommended that a hosted<br />
solution was implemented at the new<br />
premises in the City of London, before<br />
being rolled out across the entire three<br />
office estate. This would, over time, enable<br />
calls to be transferred between locations<br />
free of charge, saving the specialist<br />
finance company approximately 27% every<br />
year on overall call and operating costs.<br />
Babble provisioned dedicated internet<br />
connections at each office location,<br />
provided call data and recording facilities<br />
and introduced mobile twinning<br />
applications to allow each of the 70<br />
users at The Brightstar Group to either<br />
work from home or remote locations,<br />
whilst staying connected to the telephone<br />
system - features that could not have<br />
been added onto the existing<br />
infrastructure without incurring CAPEX<br />
costs. Additionally, the new solution<br />
provides the firm with added disaster<br />
recovery procedures, allowing calls to be<br />
re-routed to different offices or individual<br />
mobile users, protecting the business<br />
from experiencing levels of downtime in<br />
case of an emergency.<br />
At a time when business continuity has<br />
never been more important, Babble's<br />
pioneering solution was implemented in<br />
just 2 weeks, with The Brightstar Group<br />
able to continue providing business as<br />
usual for all of its clients throughout.<br />
As well as supporting its offices in<br />
London, Manchester and Billericay, the<br />
new telephony platform allowed The<br />
Brightstar Group's 70 members of staff to<br />
shift to remote working overnight in<br />
response to the Coronavirus pandemic.<br />
With the rollout and testing completed<br />
with ease, Babble's flexible solution<br />
enabled the company to continue carrying<br />
out mortgage and loan applications with<br />
lenders without a dip in performance.<br />
Productivity at The Brightstar Group has<br />
also dramatically increased when<br />
compared to pre-lockdown, as a direct<br />
result of Babble's solutions. 100% of calls<br />
are covered by the new remote, call<br />
recorded and audited systems, allowing the<br />
field-based team to continue handling call<br />
centre calls without disruption to clients.<br />
Matt Parker, CEO at Babble, said: "It is<br />
not only incredible to have streamlined<br />
The Brightstar Group's services, but<br />
Babble also ensured that the business<br />
could implement flexible working at a<br />
time when it has never been so crucial.<br />
The pandemic has forced a reset to the<br />
way in which we work, providing an<br />
opportunity for businesses to emerge in a<br />
much stronger position. Overnight The<br />
Brightstar Group shifted over 70 staff<br />
members to home working in response to<br />
the pandemic, with users from three<br />
separate offices able to continue carrying<br />
out their day-to-day tasks to the utmost<br />
standard - a real achievement and an<br />
example to others."<br />
William Lloyd, Director of Operations at<br />
The Brightstar Group, commented:<br />
"Babble's work has been vital in ensuring<br />
that The Brightstar Group could thrive<br />
during this time of great uncertainty, as<br />
well as over the last four years. Remote<br />
working has never been so important and<br />
the fact that we have been able to<br />
support our employees so seamlessly<br />
during this period is fantastic. We are<br />
extremely thankful for the employees at<br />
Babble, whose hard work and dedication<br />
has enabled us to restructure and vastly<br />
improve our operations." NC<br />
26 NETWORKcomputing NOVEMBER/DECEMBER 2020 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
AWARDS<br />
SPONSORED BY<br />
WINNING FROM HOME<br />
THE 2020 NETWORK COMPUTING AWARDS WINNERS ARE HERE!<br />
The 2020 Network Computing Awards winners were announced online in October. In a typical<br />
year the results would have been announced at an evening awards ceremony in London - but then<br />
2020 was anything but typical. Our 2020 winners include Silver Peak, who won our newly<br />
introduced Networks on the Edge category as well as the SD-WAN Vendor of the Year award. Dell<br />
were the winners of the Product of the Year category for their PowerEdge MX server platform, while<br />
Zyxel won the Network Project of the Year award for their work for The Stephen Lawrence<br />
Charitable Trust. Congratulations once again to all of our winners and runners-up, and a big<br />
‘thank you’ to everyone who helped make this unconventional awards year possible.<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 27
AWARDS<br />
NETWORK INFRASTRUCTURE PRODUCT OF THE YEAR<br />
WINNER: Allied Telesis - X950<br />
RUNNER UP: Dell EMC - PowerEdge MX<br />
Allied Telesis x950 Series switches are ideal for the modern enterprise network core, providing resilient, reliable and scalable solutions up to 100<br />
Gigabit connectivity to provide the capacity that today's Smart City and IoT networks need.<br />
Featuring a high-performing 1.92 Terabit fabric, to eliminate bottlenecks and effortlessly forward all traffic, the x950 Series offers:<br />
24 or 48 x 1/10 Gigabit SFP+ ports, or 24 or 48 x 1/2.5/5/10 Gigabit copper ports for flexible deployment<br />
4 x built-in 40G/100G ports delivering high-speed backbone connectivity<br />
Expansion bay to easily add more capacity<br />
Multi-unit stacking for a future-proof network<br />
DATA CENTRE PRODUCT OF THE YEAR<br />
WINNER: Prism DCS - Hot Cold aisle Containment<br />
RUNNER UP: ProLabs - 100G Green transceiver range<br />
Prism DCS is a data centre solutions provider specialising in the provision of hot & cold aisle containment, server cabinets, and<br />
security cages. Prism partner with leading data centre operators & global hyperscale providers to improve the efficiency, sustainability<br />
and security of their operations.<br />
Leveraging an in-house manufacture and installation service, Prism provide bespoke engineered solutions that empower clients &<br />
end-users with strategic agility & flexibility in the development of critical digital infrastructure. www.prismdcs.co.uk<br />
IT OPTIMISATION PRODUCT OF THE YEAR<br />
WINNER: Kemp Technologies - LoadMaster LM-X15<br />
RUNNER UP: Schneider Electric - EcoStruxure IT Next-Generation DCIM<br />
The LoadMaster X15 delivers unparalleled performance for organisations of all sizes with integrated hardware acceleration and support for up<br />
to 35 million concurrent connections. The dual power supplies and RAID disk drives offer a resilient platform for critical workloads while the 16<br />
Gigabit Ethernet ports and four 10 Gigabit SFP+ ports provide for maximum connectivity.<br />
TESTING / MONITORING PRODUCT OF THE YEAR<br />
WINNER: NetAlly - EtherScope nXG<br />
RUNNER UP: Netreo - Netreo (formerly OmniCenter)<br />
Deploying and maintaining Wi-Fi and wired network infrastructure without the right tools can be daunting… and costly. The EtherScope nXG<br />
enables engineers and technicians to get more done faster, from deployment to maintenance and documentation of their Wi-Fi and Ethernet access<br />
networks. The winner of Network Computing Magazines Award for Best Testing/Monitoring Solution, the EtherScope nXG is the first Android-based<br />
wired and wireless network analyzer. It has a dedicated set of Ethernet and Wi-Fi management interfaces which support remote control and<br />
additional testing. Android apps, downloaded from the complimentary "Link-Live" Cloud Service, can use these interfaces for testing and<br />
communication purposes. A lightweight, handheld, multi-function tester, EtherScope is perfect for remote site validation and troubleshooting,<br />
eliminating the need to purchase multiple testers, and the need to carry a fragile laptop PC or tablet. Android apps make the user's workflow more<br />
efficient, by expanding instrument use beyond testing, allowing the user to check trouble tickets, run speed tests, configure networked devices, and<br />
more with its smartphone-like features. EtherScope nXG has been recently enhanced by the addition of the AirMapper Site Survey app which can<br />
quickly and easily gather location-based Wi-Fi measurements to create visual heat maps in the Link-Live Cloud Service.<br />
28 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
AWARDS<br />
CLOUD TELEPHONY PRODUCT OF THE YEAR<br />
WINNER: Natterbox - Natterbox<br />
RUNNER UP: 8x8 - 8x8 Contact Centre<br />
Natterbox is an expert voice solution for Salesforce-centric businesses that embeds voice into the world's #1 CRM. Enabling businesses to<br />
provide personalised phone journeys, removing barriers of call queuing, misinformed agents and too many voice menus to navigate.<br />
Natterbox is the telephony solution for Sales Cloud and Service Cloud with features like CTI, IVR, ACD, click-to-dial, call recording, call<br />
routing, mobile, auto-logging and dialer.<br />
STORAGE PRODUCT OF THE YEAR<br />
WINNER: StorageCraft - OneXafe<br />
RUNNER UP: Buffalo Technology - TeraStation TS6000<br />
For nearly two decades, StorageCraft has been innovating advanced data management, protection and recovery solutions. Together with our<br />
channel partners, we ensure medium and small organisations can keep their business-critical information always safe, accessible, and optimised.<br />
Our customers benefit from category-leading intelligent data protection and management solutions, converged primary and secondary scale-out<br />
storage platform and world-class cloud backup and DRaaS services. Regardless of whether an organisation relies on on-premises, cloud-based or a<br />
hybrid IT environment, StorageCraft solves the challenges of exploding data growth while ensuring business continuity through best-in-class<br />
rotection and recovery solutions.<br />
For more information, visit www.storagecraft.com.<br />
NETWORK MANAGEMENT PRODUCT OF THE YEAR<br />
WINNER: Nectar Services Corp - Nectar 10<br />
RUNNER UP: SolarWinds - NPM<br />
As UC services are specified by business units they will assume that services will be consistently delivered to a high standard. This requires<br />
the coalesced view that Nectar 10 provides, making this specialised solution invaluable for any organisation using or delivering UC-based<br />
services. Where there can be no compromise, Nectar 10 provides impressive monitoring, diagnostics, forensics and reporting, with an<br />
equally impressive product roadmap.<br />
DATA PROTECTION PRODUCT OF THE YEAR<br />
WINNER: Altaro - Altaro Office 365 Backup<br />
RUNNER UP: Rohde & Schwarz Cybersecurity - R&S Trusted Gate<br />
Altaro Office 365 Backup enables you to back up and restore all your Microsoft 365 / Office 365 mailboxes - emails, attachments,<br />
contacts and calendars - and files stored within OneDrive and SharePoint through a centralised online console, on an annual subscription,<br />
allowing you to easily manage your backups. Altaro Office 365 Backup automatically backs them up and saves them to a secure cloud<br />
backup location on Altaro's Microsoft Azure infrastructure. This means you avoid the hassle and expense of setting up any local storage<br />
infrastructure or software to save backups to. Storage is unlimited.<br />
Altaro Office 365 Backup also provides various restore options and includes 24/7 lightning-fast support.<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 29
AWARDS<br />
SD-WAN VENDOR OF THE YEAR<br />
WINNER: Silver Peak<br />
RUNNER UP: Citrix<br />
Silver Peak, recently acquired by Aruba, a Hewlett Packard Enterprise company, helps businesses to realise the true transformational promise<br />
of the cloud, enabling them to shift to a business-first networking model. Powered by a self-driving wide area network (SD-WAN Edge<br />
Platform), companies are liberated from the compromises of router-centric and basic SD-WAN approaches to transform their networks into<br />
a business accelerant.<br />
With Unity EdgeConnect physical, virtual and cloud-based appliances, Silver Peak powers a new business-first networking model where top-down<br />
business intent is the driver, not bottoms-up technology constraints.<br />
CLOUD-DELIVERED SECURITY SOLUTION OF THE YEAR<br />
WINNER: Proficio - Managed SOC<br />
RUNNER UP: iBoss - iBoss Cloud Internet Security<br />
Proficio provides managed detection and response (MDR) services to enable our clients to reduce risk, meet their security and compliance goals,<br />
and maximise their investments in security technology. Since its inception in 2010, Proficio has grown rapidly and today provides 24/7 security<br />
monitoring, investigation and alerting capabilities from our global network of SOCs.<br />
Proficio's team of experienced cyber professionals use AI and cloud technologies to hunt for targeted attacks, rapidly alert clients to critical<br />
threats, and automate containment of attacks before they cause damage. Proficio is recognised in Gartner's <strong>Mar</strong>ket Guide for MDR Services<br />
four years in a row.<br />
THE RETURN ON INVESTMENT AWARD<br />
WINNER: Pulse Secure - Pulse Access Suite Plus<br />
RUNNER UP: e-bate - e-bate<br />
Pulse Access Suite Plus provides organisations a simplified, modular and integrated approach to secure access. It delivers adaptive identity and<br />
device authentication, protected connectivity, extensive visibility and analytics, threat response and high availability. The integrated platform allows<br />
enterprises to gain easy secure access for users and a single-pane-of-glass to streamline provisioning, management and scalability.<br />
Organisations can centrally orchestrate Zero Trust policy to ensure compliant access to applications, resources and services across their network,<br />
private cloud and public cloud. As a result, enterprises realize lower total cost of ownership while attaining procurement, deployment, expansion and<br />
support advantages.<br />
NEW HARDWARE PRODUCT OF THE YEAR<br />
WINNER: Datacore Software - HCI Flex<br />
RUNNER UP: Allied Telesis - TQ5403 Hybrid AccessPoint<br />
DataCore has a fine reputation in the software-defined storage (SDS) market and has made a bold move into hardware solutions with its HCI-Flex<br />
hyperconverged infrastructure appliances.<br />
Offered in small, medium and large configurations, the HCI-Flex appliances are turnkey solutions combining virtualisation, storage and compute<br />
services, all within a single platform. HCI-Flex aims to reduce support costs and complexity and DataCore offers a single point of contact for all<br />
hardware and software components.<br />
HCI-Flex delivers a versatile and scalable HCI solution and integrates tightly with DataCore's Insight Services (DIS) cloud platform. This presents a<br />
single pane of glass for monitoring the entire storage infrastructure.<br />
30 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
AWARDS<br />
NEW SOFTWARE PRODUCT OF THE YEAR<br />
WINNER: Rohde & Schwarz Cybersecurity - R&S Trusted Endpoint Suite<br />
RUNNER UP: Veritas Technologies - Information Studio<br />
R&S Trusted Endpoint Suite by IT security expert Rohde & Schwarz Cybersecurity is a new software-based solution for endpoint devices, which<br />
has been developed to process critical data at the classification level VS-NfD (RESTRICTED).<br />
The security suite for remote end devices running on the Windows 10 platform does not require any special hardware and specifically<br />
addresses public authorities, organisations and companies that work with classified content. R&S Trusted Endpoint Suite is comprised of a<br />
high-security VPN Client, a high-security full disk encryption and a high-security browser.<br />
NEW CLOUD SOLUTION OF THE YEAR<br />
WINNER: ThousandEyes - Internet Insights<br />
RUNNER UP: Allied Telesis - AMF Cloud<br />
ThousandEyes Internet Insights is the first and only collectively powered view of global Internet performance. Powered by an unmatched number of<br />
global vantage points across Internet-related networks, Internet Insights analyses billions of service delivery paths in real-time to identify where<br />
business-impacting outages are occurring. These insights enable enterprises and service providers to immediately see issues that directly or indirectly<br />
impact users, accurately measure scope, accelerate the remediation process and confidently communicate what's causing service issues to<br />
customers and employees.<br />
By visualising and correlating outages to user experience, enterprises can dramatically reduce Mean Time To Identify (MTTI) from hours to minutes.<br />
NETWORKS ON THE EDGE AWARD<br />
WINNER: Silver Peak<br />
RUNNER UP: IBM<br />
Silver Peak Unity EdgeConnect is the industry's only business-driven software-defined WAN (SD-WAN) edge platform that enables enterprises to<br />
build a modern WAN that drives maximum value from ongoing cloud and digital transformation investments, delivering a multiplier effect.<br />
EdgeConnect is the industry's only SD-WAN edge platform to unify SD-WAN, firewall, segmentation, routing, WAN optimisation and application<br />
visibility and control in a single centrally managed system. Delivered as physical, virtual or cloud-based appliances, EdgeConnect enables<br />
distributed organisations to securely and directly connect users in branch and remote sites to applications wherever they reside.<br />
SALES ENABLEMENT SOLUTION OF THE YEAR<br />
WINNER: 8x8 - 8x8 Contact Center<br />
RUNNER UP: webCRM - webCRM<br />
RESELLER OF THE YEAR<br />
WINNER: Axial<br />
RUNNER UP: Holker IT<br />
PRODUCT OF THE YEAR<br />
WINNER: Dell EMC - PowerEdge MX<br />
RUNNER UP: Natterbox - Natterbox<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 31
AWARDS<br />
EDUCATION AND TRAINING PROVIDER OR THE YEAR<br />
WINNER: Knowbe4<br />
RUNNER UP: CNet Training<br />
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 35,000<br />
organisations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organisations address the human<br />
element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to<br />
awareness training on security.<br />
Kevin Mitnick, an internationally recognised cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training<br />
based on his well-documented social engineering tactics.<br />
Tens of thousands of organisations rely on KnowBe4 to mobilise their end users as the last line of defence.<br />
DISTRIBUTOR OF THE YEAR<br />
WINNER: Datasolutions Distribution<br />
RUNNER UP: Brigantia<br />
DataSolutions has developed into a specialist distributor of innovative IT solutions. We've worked across many different types of technology, such<br />
as mobility, virtualisation, security, networking, hyperconvergence and enterprise cloud. We invest heavily in training, which is why we can offer<br />
first-class technical support and an innovative approach to marketing for all our vendors. Since 1991, we've built strong relationships with all of<br />
our vendor partners and they know that they can rely on us to help them achieve serious growth.<br />
We believe in creating and maintaining close relationships with all our partners so that, by working together, we can all achieve the goals that<br />
we set. We've got a strong track record in delivering real, tangible results for all kinds of resellers, both established and emerging.<br />
THE CUSTOMER SERVICE AWARD<br />
WINNER: webCRM<br />
RUNNER UP: Prism DCS<br />
webCRM is the future of customer relationship management. Our award-winning service provides you with an integrated business solution that<br />
will be adapted to the bespoke requirements of your business.<br />
Increase revenue through targeted marketing campaigns and pipeline management. Improve how you operate by creating an easy-to-use<br />
system that integrates seamlessly with a plethora of products such as Office 365 and Sage. Increase retention by improving how you connect<br />
with your customers. Monitor employee performance through in-depth reporting. Easily analyse and report on sales by creating automated<br />
charts. And that's just the beginning.<br />
HARDWARE PRODUCT OF THE YEAR<br />
WINNER: ExaGrid - EX63000E<br />
RUNNER UP: SonicWall - TZ Series<br />
ExaGrid provides tiered backup storage with a unique disk-cache Landing Zone, long-term retention repository, and scale-out architecture. The<br />
EX63000E is ExaGrid's largest-capacity model, which is sized for up to 63TB capacity for weekly full backups as well as long-term retention.<br />
ExaGrid offers various-sized appliance models that can be mixed and matched with up to 32 appliances in a single scale-out system.<br />
The largest system can take in up to a 2PB full backup with an ingest rate of 432TB/hr. This is 3X faster than any other backup storage on<br />
the market.<br />
32 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
AWARDS<br />
SOFTWARE PRODUCT OF THE YEAR<br />
WINNER: Allied Telesis - Vista Manager EX<br />
RUNNER UP: Silver Peak - Unity EdgeConnect<br />
Vista Manager EX from Allied Telesis delivers state-of-the-art monitoring and management for wired and wireless networks. It automatically creates a<br />
complete topology map of switches, firewalls and wireless APs, to enable effortless management. The Software Defined WAN (SD-WAN)<br />
orchestrator enables centralised optimisation of WAN traffic.<br />
Improve visibility and control of your network with Single pane-of-glass management, delivering:<br />
Reduced network operating costs with added intelligence and automation<br />
Ability to analyse and optimise the performance of complex wireless networks<br />
Monitoring and management of a broad range of devices<br />
Central management and automatically optimised inter-branch traffic<br />
CLOUD BASED SOLUTION OF THE YEAR<br />
WINNER: Natterbox - Natterbox<br />
RUNNER UP: Zscaler - Zscaler Cloud Security Platform<br />
Natterbox was founded with the aim of facilitating better, more aligned business conversations. We're passionate about the value of talking to<br />
another person, but recognise that, too often, unintuitive technology or insufficient information gets in the way of genuine human connection. Our<br />
vision is to bring together the enduring power of the human voice with the efficiency of digital technology to transform the world one conversation<br />
at a time.<br />
Over 600 organisations around the world rely on Natterbox to set new standards in customer experience to drive measurable increases in sales<br />
and service efficiency, competitive advantage and organisational success.<br />
BENCH TESTED PRODUCT OF THE YEAR- SOFTWARE AND SERVICES CATEGORY<br />
WINNER: Rohde & Schwarz - R&S Cloud Protector<br />
R&S Cloud Protector offers a simple and fully scalable WAF SaaS security solution. Cloud computing is rapidly gaining in importance and places<br />
new demands on IT security. R&S Cloud Protector, the cloud-based Web Application Firewall from Rohde & Schwarz Cybersecurity, was specially<br />
developed to protect the application layer in the cloud. It effectively protects web applications from the most common cyberattacks while conserving<br />
key internal resources.<br />
R&S Cloud Protector uses security mechanisms, including heuristics, grammar analysis and IP address checking. This prevents cyberattacks (such as<br />
the OWASP Top 10) on websites, web applications, backends and cloud environments.<br />
BENCH TESTED PRODUCT OF THE YEAR -HARDWARE CATEGORY<br />
WINNER: ZPE Systems - Nodegrid Services Router<br />
The Nodegrid Services RouterTM (NSR) is the only 1U appliance that can replace up to six devices. With a multi-core Intel CPU and add-on<br />
expansion modules, the NSR serves as a serial console, Ethernet switch, firewall, router, cellular gateway, and more.<br />
This all-in-one device uses guest OS and docker applications to optimize your stack and scale alongside your needs, whether you're looking to<br />
improve out-of-band management, deliver converged infrastructure, or boost efficiency with automation. The NSR offers total networking<br />
flexibility - inside & out.<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
JANUARY/FEBRUARY <strong>2021</strong> NETWORKcomputing 33
AWARDS<br />
NETWORK PROJECT OF THE YEAR<br />
WINNER: The Stephen Lawrence Charitable Trust / Zyxel<br />
Non-profit organisation, the Stephen Lawrence Charitable Trust, helps disadvantaged young people make informed choices about their education<br />
and careers. The trust recognised the need to transform its London centre into a coworking space with a faster, more stable network and<br />
approached IT support provider, Vibrant Networks, for help. After assessing the centre's needs, Vibrant advised the deployment of the<br />
Zyxel Nebula system, along with access points and a switch to provision a fast and secure network.<br />
Since installing the Zyxel Nebula system the Wi-Fi is stronger, faster and more reliable. The network has been able to support more users.<br />
Thanks to extra revenue generated through coworking,the trust has been able to spend more on the important work it does for young people.<br />
THE ONE TO WATCH COMPANY - CATEGORY SPONSORED BY EXAGRID<br />
WINNER: e-bate<br />
RUNNER UP: EfficiencyIT<br />
As a team of technologists and pricing specialists in award-winning Evolve-IT Consulting Limited, we had built bespoke rebate solutions<br />
for seven years, across multiple sectors. We recognised that there was a gap in the market for an affordable solution that helped decision<br />
makers digitise their rebate process within weeks and regain control.<br />
In 2018, the calculation engine IP was transferred to e-bate Limited and a full end-to-end SaaS solution that offers a great user experience<br />
was created. e-bate is highly configurable and can be implemented in as little as 16 weeks. Our team is passionate about customer service<br />
and achieving results for our clients.<br />
THE INSPIRATION AWARD<br />
WINNER: Andrew Stevens - CNet Training<br />
RUNNER UP: Ian Moyse - Natterbox<br />
Andrew has been involved in the international telecommunications and data centre industries for the past 26 years, starting his career within the<br />
manufacturing and distribution arenas. He joined CNet Training in 1997 as Sales Director and has been CEO since 2004. Andrew has always<br />
been an active member of numerous industry trade bodies including the AFCOM, TIA, Uptime Institute, Green Grid, BCS and DCA. He created<br />
the global data centre education framework and has been instrumental in the development of the only truly mapped qualifications and<br />
certifications for the data centre industry.<br />
Andrew has also been awarded a number of industry accolades for his work including the legacy associated with working with the ODA<br />
Employment & Skills Team for the 2012 Olympic Delivery Authority, educating unemployed individuals with the Certified Network Cable Installer<br />
(CNCI®) certification and, as a result, providing certified network cable installers to the Olympic project. Today the CNCI® certification has<br />
been adopted by the industry as the standard certification for network cable installers.<br />
Andrew has also accepted an invitation to become a Trustee of the Edge Foundation, an independent education charity dedicated to raising<br />
the status of technical, practical and vocational learning via UTC's and Career Colleges.<br />
COMPANY OF THE YEAR<br />
WINNER: ExaGrid<br />
RUNNER UP: Allied Telesis<br />
ExaGrid provides the industry's only Tiered Backup Storage solution. Its disk-cache Landing Zone for backup and restore performance is<br />
tiered to a long-term retention repository for cost efficiencies as well as a scale-out storage architecture that scales as data grows.<br />
ExaGrid supports more than 25 backup applications and utilities heterogeneously in an environment, so that customers can retain their<br />
investment in existing backup processes. ExaGrid's 330+ published customer success stories demonstrate how satisfied customers are with<br />
ExaGrid's unique architectural approach, differentiated product, and unrivalled customer support. Customers consistently state that not only<br />
is the product best-in-class, but 'it just works.'<br />
34 NETWORKcomputing JANUARY/FEBRUARY <strong>2021</strong> @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
We’re all vulnerable,<br />
we’re all<br />
human<br />
No matter how savvy we think we are, we’re<br />
all vulnerable to being duped or making a mistake<br />
– and that’s the thing that criminals rely on in<br />
every cyber-attack or data breach.<br />
At Capita, we understand that people –<br />
whether it’s the employee who accidentally<br />
falls for a phishing scam or the IT team<br />
tasked with protecting them – are the one<br />
constant in a complex world of constantly<br />
evolving cyber threats.<br />
Because recognising that we’re all human<br />
is the strongest protection there is, we look<br />
closer at your people, pay closer attention to<br />
the gaps in your security and go the extra mile<br />
to uncover what you’ve missed – to deliver<br />
deeper security.<br />
Discover how to manage the human<br />
impact on your cyber defences at<br />
content.capita.com/cyber