Weekly draw of AED 50,000/- for “Mall Millionaire” announced

Emirati is third winner of the weekly draw of AED 50,000/- at Al Foah Mall

 

image 1b

Weekly Mall Millionaire draw with officials from DED and Line Investments & Property revealing the third winner of AED50,000/-

 

The third winner of the weekly draw of the ‘Mall Millionaire’ campaign offering shoppers AED 50,000/- is announced by Line Investments and Property LLC.As key participants of the RAD Rewards – Summer Edition, shoppers can get amazing deals at selected retailers until 3 August 2019 and maximize savings with special promotions and bundle offers.

The Third winner of AED 50,000/- is Khalid Alkhouri, an Emirati from Abu Dhabi who shopped at Mushrif Mall and the draw took place at Al Foah Mall in the presence of DED and Line Investments & Property officials.

Mr. Wajeb Al Khoury, Director of Line Investments and Property LLCsaid, “Shoppers who are looking for a bargain can enjoy more than six weeks of sales, fun filled entertainment and exclusive surprises. The Summer edition of RAD across our eight malls in Abu Dhabi and Al Ain have incredible offers, rewards and bundle discounts for shoppers.”

‘Mall Millionaire’ campaign is held across eight malls in Abu Dhabi and Al Ain with a mega prize of 1 million at the end of the summer sales. To become a ‘Mall Millionaire’, shoppers who spend AED200/- in the mall can present their receipts to the customer service and their entries will be sent to them digitally via email and SMS.

The participating malls in the festival that ends 3rdof August includes the Al Wahda Mall, Mushrif Mall, Khalidiya Mall, Al Raha Mall, Mazyad Mall and Souk Madinat Al Zayed in Abu Dhabi plus the Barari Outlet Mall and Al Foah Mall in Al Ain.

Riverbed Announces New Aternity Division to Capitalize on Tremendous Growth and Opportunity in Digital Experience Management

Riverbed®, The Digital Performance Company™, today announced the formation of a new Aternity division to capitalize on the tremendous growth opportunities in Digital Experience Management (DEM), which includes Riverbed’s End User Experience Monitoring (EUEM) and Application Performance Management (APM) solutions. Aternity, known for its breakthrough innovation and leadership in DEM, delivers a unique set of capabilities that provide rich, transaction level visibility into all drivers of end-user experience —from the end-user device to the application code — in order to enhance the experience of traditional, SaaS, mobile and cloud-native applications.

At the same time, Riverbed will continue to drive even greater focus and innovation for its franchise Digital Networking business, which has recently experienced market momentum as a result of significant advancements in the product portfolio, including:

  • The industry’s most complete and powerful SD-WAN portfolio, which addresses the needs of mid-market organizations and scaling to the requirements of the world’s largest enterprises.
  • Application acceleration for new consumption models that include SaaS, cloud and mobile workloads. This includes the recent launch of Riverbed SaaS accelerator, which delivers up to 10x performance for leading SaaS apps such as Microsoft Office 365, Salesforce, ServiceNow, Box; and new cloud solutions thatcan help save organizations millions of dollars on their cloud egress costs.
  • Industry-leading Network Performance Management (NPM) that delivers end-to-end network performance monitoring and powerful analytic insights into network infrastructure at scale that’s unmatched in the industry.

Organizations are rapidly investing in digitally transforming themselves, with approximately      $6 Trillion dollars being spent on digital initiatives within the next several years according to industry analyst firm IDC. However, organizations are unable to fully measure the digital experience and the impact of their investments, and most don’t have the strategic IT infrastructure to support and drive these digital investments. EUEM and APM solutions are in high demand by CIOs, Chief Digital Officers (CDOs), line of business leaders and DevOps teams for monitoring and managing the digital experience of large-scale transformation initiatives, along with networking infrastructure to maximize digital performance.

“Riverbed has two very strong and unique market opportunities around our Digital Networking and Digital Experience Management (DEM) platforms. Today, we’re creating the right structure to drive greater focus and deeper expertise for each of these businesses, which will greatly benefit our customers and partners, while enabling Riverbed to fully capitalize and grow in both of these markets,” said Paul Mountford, CEO, Riverbed.

Mountford continued, “First, Riverbed has a massive opportunity in our core Digital Networking business, and with a leading product team centered around delivering next-generation solutions, we are aggressively addressing the critical infrastructure and app acceleration challenges customers are facing in today’s digital, cloud and mobile world. For our DEM business, only Riverbed’s solutions can close the gap of the potential of digital transformation and the significant investment being made by measuring and analyzing the user’s digital experience — and we’ve seen tremendous customer adoption along with significant growth rates for these offerings. With a rapidly growing market, it’s clear the formation of an Aternity focused division with the full backing of Riverbed can now be laser focused on innovating and driving success for customers worldwide.”

Collectively, Riverbed has a more than $20 Billion total addressable market (TAM) for Digital Networking and DEM, with the new Aternity division representing approximately $10 Billion of the TAM. Aternity achieved nearly 100% growth in subscription and SaaS bookings in 2018.

“CIOs and their teams recognize that a great digital experience increases customer loyalty, brand equity, and revenues,” said Stephen Elliot, Program Vice President, IDC. “Organizing a business unit solely focused on Digital Experience Management is a smart, customer-centric business strategy; user experience and application performance monitoring remain top executive investments that are enabling a tighter customer relationship.”

How Partners Can Lessen Cyber Risk for SMB Customers Offering Digital Experiences

By Jon Bove, Vice President, Channel Sales at Fortinet.

Small and medium-sized businesses (SMBs) are experiencing increased pressure to provide digital experiences for their customers and end users due to changes in today’s evolving, competitive landscape. By providing digital experiences and services for their clients, your SMB customers are able to compete with similarly-sized businesses, and can even take on larger organizations in the digital marketplace. The tools and technologies that enable digital engagements allow SMBs to improve communication efforts and build loyalty to meet the growing demands of online consumerization.

This is not just a nice addition to their current business models. SMBs who do not adapt to these changes will fall behind. Therefore, partners must be able to advise their customers on how to modernize their business while still avoiding risk.

SMBs Need New Technology to Compete

In order to provide the best service for clients and win market share, your customers must modernize in accordance with current consumer demands. In fact, 82% of SMBs are already undergoing digital transformation.

Concerning digital investment, key focus areas for your customers should include cloud, mobility, and customer relationship management (CRM).

  • Cloud: According to a recent survey, 48% of small to mid-sized businesses cite cloud computing as a priority investment for the year 2019. Cloud computing has become crucial as it offers significant processing power at a lower initial cost, enables greater productivity and accessibility for employees with productivity suites, and allows businesses to quickly scale to keep pace with the demands of their customers.
  • Mobility: SMBs are investing in mobile business to improve accessibility across a range of devices for customers, employees, and partners. Many SMBs are developing mobile apps and websites that allow their audience to engage from IoT devices. In fact, about half of all SMBs currently have a mobile application as part of their digital strategy. For some SMBs, increasing mobility may also include providing access to data on their network. 88% of consumers do research online before purchasing in-store, so this growing online presence is becoming imperative for survival.
  • Customer Relationship Management (CRM): SMBs are also incorporating third-party tools such as CRMs to enhance customer engagement. These tools collect and organize customer and prospect information, making it easier to provide personalized digital experiences. Close to 40% of SMBs note CRMs as a priority investment. As your customers continue to leverage and store sensitive customer data, however, they must also ensure it is secure.

Successful Modernization Requires a Plan to Reduce Risk

Modernization introduces a number of benefits to SMBs, but also opens the door to many security risks. Taking shortcuts with strategy can be detrimental to the success of digital transformation. It’s essential to develop a well thought out approach to ensure that you are protecting against potential security and customer data risks. Start by considering how you are planning for regulatory requirements, security, and data privacy.

When compared to larger organizations, though many do not realize it, SMBs are at equal risk of cyberattack. Cybercriminals are looking for high-value customer data, which is stored by both SMBs and larger enterprises. However, adversaries are also aware that SMBs are typically less equipped to defend against attacks – making these organizations an easy target.

At the same time, as your customers enable digital engagements with new tools and technologies, they also continue to add complexity to their networks. These efforts can easily result in a disorganized infrastructure that can not only harm productivity across locations and hinder visibility into data storage and usage, but also complicate establishing the visibility and control necessary to secure their infrastructure. Take for example distributed cloud and multi-cloud environments. Without due care taken beforehand, these new networking trends can ultimately complicate your customers’ ability to identify abnormal behavior and detect breaches.

When adopting new tools, your customers must also account for regulatory standards that accompany their use, such as GDPR. In the instances of cloud computing or CRMs that store consumer data, security must meet even more stringent standards in order to remain compliant. Non-compliant tools leave your clients at risk for penalties and fines.

Partners need to ensure that customers have the resources in place to protect consumer data and secure the technologies they use for digital engagements. Additionally, your customers must have the ability to support operations and performance should digital efforts be disturbed, while continuing to meet regulatory requirements.

How Partners Can Reduce the Risk of Customers’ Digital Efforts

By offering the tools needed to secure new technology deployments, as well as services and expertise, partners can assist in areas where SMB customers lack resources. For the year 2019, 47% of SMBs have noted information security as a priority investment. Partners stand to earn a share of this investment if they can successfully reduce risk along their customers’ path to digital transformation.

Secure Digitization by Providing Necessary Tools

SMBs need to keep their networks secure as they deploy cloud technologies, integrate third-party CRM tools, and allow for accessibility from IoT and mobile devices. Fortinet partners can offer unique coverage in each of these areas by providing customers with integrated tools that offer security-spanning endpoints, LAN, cloud, and other environments with single-pane-of-glass visibility.

Fortinet’s FortiGate Unified Threat Management, for example, can be installed on customer networks within 20 minutes. This solution works to stop attacks before they get the chance to enter the network. Digitalization can further be enabled for SMB customers through FortiAP and FortiSwitch, which extend security to the network edge, prioritize applications for optimal traffic flow, and add extra switch ports for offices with more devices.

The fact is, many SMBs have turned to the cloud because it offers speed of growth and digitization at low upfront costs. Partners can aid in their deployment of cloud environments by assisting customers with their understanding of their cloud exposure and by demonstrating the right tools and processes necessary for security. This effort should begin with a strong identity and access management process, and incorporate the use of web application firewalls (WAFs) and CASBs where necessary.

Additionally, FortiClient endpoint security enables mobility by securing the expansion of IoT devices and maintaining visibility into various endpoints, protecting these devices with high-impact threat prevention.

Extend Services and Expertise

In addition to providing tools, partners can help SMBs by offering enterprise-grade services and protections from FortiGuard Labs as their customers shift to a service-oriented business model. These services include customizable offerings such as cloud sandboxing, mobile security, application control, antispam, intrusion prevention, and more.

Offering valuable insight, partners can support SMB customers to minimize downtime in the event of a security incident by ensuring that they can maintain productivity. Partners can also help by providing guidance and actionable insights to assist in regulatory compliance.

Fortinet helps our partners meet the needs of SMB customers by crafting specialized contracts and offering support and expertise. Additionally, partners can provide a wide range of resources including product training, technical support, and more.

Final Thoughts

SMB organizations are using new tools to support the digital transformation efforts of their customers to expand their networks. While these efforts present real value to small to midsized businesses, taking shortcuts in relation to deployment and security can create unnecessary risks for these organizations. By leveraging the right tools and services, partners can play a key role in enabling SMB customers to modernize their networks while simultaneously reducing complexity and mitigating security and compliance risks.

Sammy Zoghlami Appointed as Senior Vice President of Sales in EMEA Region

Experienced IT leader promoted to oversee 31 territories In Europe, Middle East and Africa

Nutanix(NASDAQ:NTNX), a leader in enterprise cloud computing, today announced that it has appointed Sammy Zoghlami as Senior Vice President of Sales for the region of Europe, Middle East & Africa.

Having previously held the role of sales lead for the company’s operations in Southern Europe, Mr. Zoghlami will take responsibility for all aspects of Nutanix sales in a region stretching from Scandinavia to South Africa, and from Ireland to Russia. In this capacity, Mr. Zoghlami will be responsible for leading sales and customer support, strategic business development and strategy, management of Nutanix’s offices and operational teams in each EMEA country, as well as the company’s partnerships, alliances and channel activities in region.

Mr. Zoghlami joined Nutanix in April 2013 as country manager in France, taking on responsibility for southern Europe in 2015. Prior to joining the company, he held sales and business development roles at Cisco and Computacenter in the U.K. and France. He holds a B.A. in Business Administration from the University of Hull in the United Kingdom.

“Over the last six years I’ve been at Nutanix, I’ve seen the company evolve dramatically, and nowhere more so than in the European, Middle East and African theaters,” said Mr. Zoghlami, commenting on his appointment. “I am absolutely thrilled to be given the opportunity to build on my experience overseeing markets as diverse as France, Iberia, Italy, Switzerland and North and West Africa and add territories of both proven viability and exciting new potential for Nutanix. We have such a unique value proposition at this company, accelerating digital transformation and business initiatives at customers. I can’t wait to get started in supporting our customers, partners and employees in their development, as we consolidate our clear leadership in providing for the emerging multi-cloud world.”

“In his most recent role as head of our southern European operations, Sammy has proven himself to be a supremely effective and popular leader with our customers, partners and employees alike,” said Dheeraj Pandey, Chairman, Founder and CEO of Nutanix. “As Nutanix has grown over the last ten years, Sammy has played an integral part of that journey in Europe, building effective, high-performance teams with a recognizably peerless energy and passion for Nutanix. With his notable speed for both adaptation and execution, I am delighted to appoint Sammy to this role, and am certain all of his stakeholders will agree, too.”

Mr. Zoghlami succeeds Chris Kaddaras, who has been appointed Senior Vice President of Sales for the Americas. Mr. Zoghlami is supported in the role by Andrew Brinded as Chief of Staff, EMEA, overseeing operational matters within the region.

 

FVC Partners with Avaya to Help Businesses Across Africa Deliver Next-Generation Digital Experiences

FVC, a leading Value-Added-Distributor in the Middle East and Africa, has partnered with Avaya Holdings Corp. (NYSE: AVYA) to help businesses across North, West, East, Centra Africa and Egypt (NWECA) deliver unmatched customer experiences with Unified Communications, Collaboration and Cloud Communications solutions.

The partnership will see FVC become a distributor for Avaya’s products and services including the industry-leading range of Unified Communications and Collaboration solutions, Contact Center, Communications Cloud, Phones, Devices Hosting SAS and hosted Services solutions.

“Avaya is a recognized global communication & collaboration leader and we are excited to complete our UCC portfolio with the inclusion of Avaya’s UC innovations,” said K.S. Parag, Managing Director, FVC. “Our strong regional presence in the NWECA region will boost Avaya’s reach in the mid-market segment by enabling the local channel with UCC and cloud communications solutions to drive customers’ DX initiatives.”

“FVC is a well-recognized name as a VAD in the African sub-continent and will bring immense value in terms of Avaya’s reach with mid-market, cloud, and contact center solutions. FVC’s consultative relationships across key accounts is crucial to its support for its growing channel base, and we look forward to being a part of those relationships,” said Fadi Hani, Vice President – Middle East, Turkey and Africa, Avaya.

According to Gartner, companies in Africa are expected to increase their IT budgets by 4.3% in 2019 as CIOs continue to rank digitization as a leading business priority. And investment in conversational platforms is the second most pressing issue faced by African IT leaders, 13% of whom consider it a priority. FVC and  Avaya plan to meet that demand with its growing network of skilled channel partners across the continent and advanced engagement with large enterprise customers. Going forward, the two companies’ joint channel partners and customers can expect better access to and support for the world-class communications technologies favoured by 93% of the companies on the Forbes 100 list, 19 of the world’s top 20 major banks, and over 4,700 channel partners globally.

Governments and Vendor Community need to Collaborate to Bring Smart Cities to Life

Author: Gamal Emara, Country Manager – UAE at Aruba, a Hewlett Packard Enterprise company

There is a lot of discussions and demos of smart city technologies today that are enhancing the connectivity of everyday services. At the same time there are so many barriers to creating a truly smart city.

What we are currently witnessing is disparate connected services; a patch of Wi-Fi coverage here, some contactless pay pads there. Until we can provide some more consistency in the connectivity we are providing across the city, two things will continue to happen:

  • The ‘connected experience’ for people living in cities will fall short
  • There will be a huge and ongoing security risk surrounding connected city equipment

To build the smart city that people really want, with the ability to access services anytime, anywhere, it requires a huge connectivity effort with in-built security. And this job is beyond the capability of a single vendor.

Balancing experience with risk

Just consider what it means to provide wireless access to a city of a million residents, for example. It’s thousands of wireless access points, across indoor and outdoor environments. If you then want to offer a bike hire service, then you have thousands more IoT sensors, different types of hardware, that need to be connected too.

All of this has to be managed carefully, because the more connected devices there are, the more entry points there are for an attacker. In fact, after surveying local governments in the US last year, Aruba found86% of those who have adopted IoT in their city have already experienced an associated security breach.

Increasingly, cities require a network environment that can segment each individual person and device that is trying to connect. In doing so, the IT team can prioritise connectivity to specific services as they are needed, and isolate incoming threats as soon as they are detected.

The need for open architectures 

To overcome existing barriers to the ‘smart city,’ we need to be able to take a broader view of what´s being connected across a huge city network. This act of integration can only be achieved with a multi-vendor approach.

Imagine wanting to add traffic information services in your city, but your existing hardware isn’t compatible with the software that you need. Does the IT team have to rip and replace their equipment, or scrap the new service? Inthe same survey we carried out last year, we found that 49% of cities are struggling with just that – integrating older technology with new.

To create lasting smart city experiences we need an open infrastructure that is built on open industry standards, open APIs, open source coding and is available to an open network of partners. Moreover, it should interoperate with other applications now and in the future.

An example of how this collaborative approach works in action can be seen at Cambridge University. Its use of Aruba infrastructure helped it to create a public access network, used by local councils, service providers, students, researchers and members of the public for everything from library reservations to travel updates.

Thousands of citizens use the network across the entire city, and many different IT systems are in use. But users of the network are not affected, because wherever they are in the city, indoors and outdoors, their ability to connect is uninterrupted, and their login credentials do not change. The people of Cambridge are able to get from A to B more quickly, and ultimately that´s what the smart city is all about.

We can’t create the smart city with the flick of a switch. To truly improve the welfare of your citizens, the smart city needs to be built on open foundations, with security and the user experience front of mind. And there is no company in the world that can accomplish that alone.

 

Cloud, AI, IoT and Advanced Automation – 4 Imperatives for Digital Transformation of the Manufacturing Industry

By: Aaron White, Regional Director, Middle East at Nutanix

 

In the digital era, manufacturing companies face business challenges that could scarcely have been imagined even a few years ago. Addressing these challenges depends on the company’s ability to take full advantage of the latest advances in information technology (IT).

Manufacturing and the Cloud

Cloud computing is poised to transform every aspect of modern manufacturing. Industry leaders—as they embrace digital transformation—are turning to cloud technologies to increase operational efficiency, improve supply chain management, and change how products are designed, produced, and distributed. No matter what type of manufacturing your company is engaged in—Consumer Goods, Automotive & Transportation, Chemicals & Metals, Industrial & High Tech, Medical & Pharma—advanced IT and cloud technologies can help you increase competitiveness, enhance innovation, and reduce costs. A recent study from Cloud Technology Partnersfound that the cloud can reduce total cost of ownership for manufacturers by as much as 42 percent.

Embracing cloud technology will be essential in enabling manufacturers to deliver customized products with shorter delivery times. Success will be underpinned by three technology imperatives that every manufacturer must contend with:

  • The Internet of Things can improve operational efficiency, decrease maintenance costs, and generate new service revenues.
  • Artificial Intelligence. Manufacturing organizations are turning to big data analytics and AI in the form of machine learning and deep learning to enhance all aspects of their operations.
  • Advanced automation is transforming everything from the supply chain to the manufacturing floor, to distribution, to ordering.

Cloud Success

Manufacturing IT teams have to carefully navigate the evolving cloud landscape to be successful. This will require mature processes for deciding which applications and services to run in which cloud—whether that’s an on-premises private cloud, a CSP, or a big public cloud. And, because much of the operations will remain on-premises, the company needs to transform its datacenter infrastructure to deliver cloud-like agility. To build next-generation infrastructure, the company must look beyond legacy architecture to create datacenters that rival the cloud. But what does this new enterprise IT stack look like, and how can the company leverage the latest innovations as it puts datacenter and cloud strategies into practice? A growing number of manufacturing organizations have discovered that an enterprise cloud that offers the agility of public cloud without sacrificing control over critical resources is the answer.

 Manufacturing and IoT

Manufacturer companies are turning to IoT to connect and gather data from a wide variety of equipment and sensors across production facilities, distribution centers, transportation equipment, offices and other locations to deliver a competitive advantage in an increasingly wired and data-intensive world. By gathering and analyzing data in a more comprehensive way, companies can improve productivity and efficiency in production processes and supply chains. Many manufacturers are also extending these benefits to products that have been deployed by customers. For example, a maker of agricultural equipment might use IoT data received from customer machinery to enable predictive maintenance, improving customer satisfaction and customer engagement, while also increasing service revenue.

Blending Operations and IT

One of the most important changes resulting from IoT is an increasing need for operational staff and IT staff to work together. Depending on how your company is organized, both logically and geographically, these functions may be completely separate. In addition to collaboration, some reorganization may be necessary to ensure that all parties involved understand the business problem being addressed as well as all requirements and constraints

Jump-Starting IoT Efforts

Many companies have difficulty identifying their best opportunities for IoT. Your goal should be to identify the places where IoT can make the biggest difference:

  • Where would having better data help your organization with decision-making or operations planning?
  • Do you have the data analysis tools in place to analyze the IoT data once you gather it?
  • Which manufacturing processes are the most troublesome? Could IoT data help fix those processes?
  • Which front office processes are the most troublesome?
  • Could better or more complete data address those issues?

Once you have identified a list of processes that could be improved by IoT, the next step is to identify the ones that pertain to equipment that either already has or can accommodate the necessary sensors and instrumentation. Most importantly, in order to accommodate IoT needs, infrastructure flexibility is essential. If the current IT is built on infrastructure that’s complex, expensive, and rigid, it will not be easy to accommodate new IoT demands. A flexible, agile cloud-based approach will make it easier to adapt to IoT and other new resource demands—both on-premises and in the cloud.

Manufacturing and Artificial Intelligence (AI)

Industry leaders are taking notice of the potential of AI to transform manufacturing. According to a recent report from Infosys, companies want to use AI to further automate manufacturing in order to increase productivity, minimize manual errors, reduce costs  and eliminate the need for humans to perform repetitive tasks. These benefits apply across a wide variety of AI use cases from the front office to production facilities.

AI Use Cases in Manufacturing

There are a number of AI use cases that manufacturers are already targeting. AI has the potential to help across your entire company, facilitating fraud prevention, predictive ordering, and opportunity assessment. Below are some:

  • Adaptive manufacturing– Today’s customers want products customized to their needs or taste. AI technologies are the key to making today’s rigid manufacturing and assembly line processes more flexible and able to adapt to changing demands quickly and with far less human intervention.
  • Human/robot collaboration– For some tasks, humans can’t be replaced. Artificial intelligence and improved sensing capabilities will enable new or updated robots to work more closely with humans, quickly learning new tasks as needs change and making the whole process more adaptive.
  • Quality control– Performing anomaly detection on hundreds of units in seconds, rather than hours, enables manufacturers to identify and resolve production failures before expensive delays pile up. Applying AI to quality control not only accelerates production, it can improve quality and reduce reliance on manual human inspections.
  • Streamlined supply chains – AI can help make sense of supply-chain data, identifying hidden patterns and improving performance across diverse areas including warehousing, transportation, production, and packaging while also allowing operations to adapt more quickly to market changes.
  • Predictive maintenance –Most manufacturers do equipment maintenance on a set schedule that doesn’t account for actual operating conditions. By analyzing equipment log data for anomalies, AI can enable companies to adapt maintenance schedules to actual needs and identify potential problems before failures occur.

Operationalizing AI for Manufacturing

A good rule of thumb for AI projects is: don’t reinvent the wheel. There is no reason to spend your time developing AI models to solve problems that someone else has already solved. On the other hand, you won’t achieve a competitive advantage using the same tools as everyone else, so focus on innovating in the areas where you can differentiate your company. There are two important parts of AI where IT infrastructure decisions are critical:

  • Managing data– The first step is to collect data efficiently from the source: IoT sensors, customer equipment, supply chain partners, etc., and stream that data for processing— usually to a datacenter or in the cloud.
  • Building and operating AI training clusters –If you are creating and training deep learning algorithms, that requires a training cluster equipped with GPUs that can process data in parallel.

Manufacturing and Advanced Automation

The opportunities for automation across various types of manufacturing are almost endless. Some companies are even evaluating the potential for factories that are 100% automated, with environmental conditions optimized for machines not humans.

IT Infrastructure to Support Automation

The entire operational environment—including IT—is going to become a lot more dynamic than it has been in the past, which has a number of important implications for IT:

  • Modernize infrastructure. If you are currently running a lot of legacy infrastructure, you will need to modernize to the greatest extent possible to reduce technical debt, increase agility, and free up resources to focus on new value-added projects.
  • Get ready for the edge. As your company rolls out IoT, AI, and automation projects, you will need a lot more IT infrastructure in edge locations such as production facilities, distribution centers, and remote offices. Many of those locations may lack onsite IT staff, making centralized management capabilities and ease of use essential.
  • Start by automating IT. To keep up with the increased dynamism and scale of your automation efforts, you will need the ability to automate IT tasks. Consider a private cloud to allow stakeholders to access IT resources and services on demand via self-service.
  • Leverage the cloud. Look for opportunities to take advantage of resources in the cloud where it makes sense, including public cloud services, specialized cloud service providers, and SaaS partners.

 

Multi-Factor Authentication and Single Sign-On Explained

By Jeff Carpenter, Product Marketing Manager of Cloud Authentication in IAM solutions at HID Global

 

The simple combination of a user ID and password is no longer good enough to protect our most vulnerable information. Identity theft, data breaches, malware, and malicious actors mean that digital security must evolve to stay one step ahead of security threats. Strong, reliable security in a modern government, non-profit, SMB, or enterprise environment isn’t just important today; it’s mandatory. The best security must take into account the needs of the organization and the employee, balancing protection, encryption, and ease-of-use.

With most security officers having a choice between two primary security solutions—single sign-on (SSO) or multi-factor authentication (MFA)—deciding what’s best for your organization requires careful consideration of the pros and cons of each approach. Of course, the two are not mutually exclusive; you can have both. However, given the economy that envelops most IT organizations, knowledge of how to allocate time and budget to one project over another can make all the difference.

What is multi-factor authentication?

MFA uses several different factors to verify a person’s identity and grant access to various software, systems, and data. Typically, MFA systems use two or more of the following tools to authenticate individuals:

  • What you know: a password, personal identification number, or recovery questions
  • What you have: a smartcard, FIDO token, one-time password (OTP), Bluetooth device, Apple Watch, or some other authenticator
  • Who you are: a biometric authenticator, such as a fingerprint or face recognition
  • What you do and where you’re at: location-based authentication using GPS, IP address, or Integrated Windows Authentication (IWA) and how you type (keystroke biometrics)

The advantage of multi-factor authentication is that, in most cases, it’s very secure. The combination of a password, physical token, and biometric can significantly reduce the risk of data and software breaches.

However, if MFA has some advantages in securing user logons, it also has the reputation – sometimes well-earned – of being a bit difficult to manage. Users need to be provisioned with the second factor (the first they memorize). For some end users, even setting up a mobile phone to receive a one-time password via text message can be an imposition. Still, MFA is safe for most organizations to lock down their networks and applications against unauthorized access.

What is single sign-on?

The concept behind single sign-on is very straightforward—users carry out a master sign-on to authenticate themselves at the beginning of their work period. Then, whenever they need to log into another piece of software, the SSO solution logs in on their behalf. The SSO solution internally stores the various credentials for every piece of software users need to access and then validates the users with those systems when they need to be accessed.

The advantages of single sign-on include:

  • Users only have to remember one password at all times. Although they may be required to enter credentials for other systems occasionally, there’s significantly less effort needed.
  • Extra security, such as biometric authentication, can be added to the initial single sign-on or accessed via a USB token, soft token or similar encryption device. MFA comes into play here.
  • SSO is quick and convenient for the end user. It saves time by not requiring them to spend time logging into many different applications.
  • Risks for access are reduced in some instances. For example, credentials for third-party applications could be stored internally rather than on external systems.
  • There are fewer calls to the service desk for password resets, reducing IT support resource needs.

Disadvantages of single sign-on:

  • If a hacker, malicious actor, or malware gets SSO access, that compromises any systems used by SSO.
  • SSO must be deployed with strong encryption and authentication methods to prevent this from happening.
  • Loss of availability of SSO systems means a user will not be able to access any other systems, becoming a single point of failure.

The best of both worlds—combining SSO and MFA

MFA and SSO are both coming at the issue of security and authentication from different areas.

SSO is more convenient for users but has higher inherent security risks. MFA is more secure but less convenient. What are the two areas that can be combined to provide a solution that is both convenient and secure?

That’s the way the security and encryption industry is moving. Again, it’s about the evolution of security. Some of the new approaches being tested and used include:

  • Requiring secure MFA sign-on at the start of the day, similar to an SSO solution.
  • Granting continued access to authenticated users throughout their workday.
  • Requiring additional verification using MFA based on specific criteria, including:
    • Access to the most sensitive systems.
    • Changes in user behavior as detected by software.
    • Using criteria such as location, role, seniority, and the like to determine when new authentication is needed.
    • Using algorithms to request additional credentials in certain use cases smartly.

The convenience of SSO combined with the security of MFA gives businesses security posture and confidence. In addition, providing users with the efficiency and ease that MFA and SSO offer means less password resets and help desk calls. Calculate your estimated savings.

Minimizing the Threat Landscape Through Augmenting Human Security Teams

Author: Rabih Itani, Regional Business Development Manager – Security, Middle East and Turkey at Aruba, a Hewlett Packard Enterprise company

Today’s security threats are evolving each day, with security teams having to monitor everything from the data centre to the edge, as well as the millions of connected devices which log in to their systems each year. The workplace is currently in flux – we can work from mobile devices in any location we choose as well as working with many different applications. When things change, security teams have to readjust policies and controls. Is it fair to expect them to chase after us, all day, every day to keep us safe?

CIOs can no longer ignore the high-profile attacks that continue to threaten organisational reputations around the world. It’s no wonder that security is the top of the agenda in many boardrooms or that a new C, the CISO (Chief Information Security Officer), has joined the management team. Protecting the organisation is obviously a huge priority.

But how is this actually achievable, unless we are able to anticipate the small, but significant, changes that are happening on the network day to day?

If we are asking human security teams to constantly monitor the data being shared by incoming and existing devices, which can easily reach into the thousands for a large enterprise, then we are creating security systems that lack the ability to scale in line with the threats.

Because human teams can get tired and make mistakes (they are human), the most common approach is to make blanket rules and restrictions across the network to serve as a catch-all against new inbound threats. The problem here, is that very quickly the user experience suffers. Which in turn, can affect productivity, and even morale.

This is where machine learning come to the aid of human security teams.

Augmenting, not replacing

With any luck, that last sentence will not have made your eyes roll. We should be moving past concerns about AI replacing human roles, or being relied upon as a cost-saving measure. The point about machine learning, in the context of security, is that it gives us an always-on, 24/7 tool that allows us to spot the type of threats and exploits that it would be difficult, or even impossible, to detect with human eyes.

The way many companies run IT security today leaves definite room for improvement. Either you are running with such sensitive filters that it generates a mountain of false positives, meaning you can’t see the wood for the trees. Or filters are turned down to a manageable level, leaving big gaps in your defences. Both scenarios, of course, risk genuine threats sneaking through.

With machine learning, there is an ability to detect minute changes in data that would likely slip through traditional defences. Using machine learning for NTA (Network Traffic Analysis) and UEBA (User and Entity Behavioural Analytics), we are able to set historical and peer baselines for every single device connecting to the network, from the latest user mobile device to the air conditioning unit, connected as part of a new IoT initiative. Everything is quickly recognised, profiled and connected, giving each connected entity, its own unique risk profile and its current risk score.

As soon as a device behaves in a way that strays outside of its recognised profile or baseline, the network sees it, and takes action. This action could be to raise the risk, re-route the data for deeper analysis to confirm if the anomaly is malicious or immediately raise an alert, which compels human security teams into action. Assuming there is no wrongdoing, the user experience is not impacted, beyond perhaps being asked to confirm the activity was indeed them and all is OK.

In the case of anomaly itself is confirmed to be malicious based on discrete attack analytics or in case the case a full Kill Chain is confirmed, the NAC (Network Admission Control) systems can be triggered with manual or even automated response to quarantine the device from the rest of the network in order limit any potential damage that might have occurred. All because the machine is analysing millions of individual packets of data and thousands of systems logs, all the time. It’s a job that no human team can realistically do, or would want to do.

With machine-led security continually learning, adjusting baselines and detecting new threat patterns, humans teams are not usurped. They are enormously aided, by being alerted only to the issues that they really need to inspect. This automatic monitoring offers security staff exceptional time savings, which actually means an improvement to their job role. Instead of fighting fires, security teams will be able to focus on building better IT experiences across their organisation, and saying yesto new innovations. Security teams may actually become a revenue driver for the business.

How security impacts the workplace

The tasks of human security workers may well change as the world of machine learning, building to full AI, begins to accelerate. But we should never fear change. Especially when the likely new roles carry even wider business relevance. The promise of machine learning is there, but it still needs highly skilled teams to build it into the core of the network, re-apply it to other business areas, and proactively monitor it for new insights.

We’re faced by intelligent threats, targeting valuable user data, across a network that has more end points (and entry points) than can be counted. Isn’t it about time we acknowledge that human security staff need the help they can get?

Infoblox Unveils Simplified Security Platform to Detect and Stop Threats in Today’s Borderless Networks

BloxOne Threat Defense is the industry’s first hybrid DNS security solution enabling enterprises to strengthen and optimize their cybersecurity posture from the foundation up

Infoblox Inc., the leader in Secure Cloud-Managed Network Services, today announced BloxOne™ Threat Defense, the industry’s first hybrid security offering that leverages DNS as the first line of defense to detect and block today’s sophisticated cyberthreats. With a scalable hybrid architecture, BloxOne Threat Defense secures enterprises’ existing networks as well as digital transformations like cloud, IoT and SD-WAN deployments. It makes an organization’s threat analysts more productive and reduces the total cost of enterprise threat defense. The BloxOne Threat Defense solution combines the best of Infoblox’s on-prem (ActiveTrust) and cloud-based (ActiveTrust Cloud) security solutions into a unique integrated hybrid offering that provides enterprises scale, flexibility, and reliability. This enhanced solution reduces incident response time by providing actionable intelligence to the organization’s security stack, including SOAR (Security Orchestration Automation and Response), and by automating action using extensive ecosystem integrations.

Despite organizations utilizing multiple security tools in their stack, only a minimal number of alerts (about 4%) are investigated because they are short staffed. According to the Ponemon Institute, data breaches can take enterprises an average of 196 days to identify, resulting in a loss of $3.6 million per year and impacting brand reputation. Everyday CISOs are challenged to do more with less, simplify their security architecture, improve compliance and ensure protection for their data.

Enterprises require a scalable, simple, and foundational security solution that can catch threats in today’s dynamic networks. DNS, critical to the fabric of the Internet and any IP based communication, is also the least common denominator that can serve as the perfect foundation for security because it is ubiquitous in networks, is needed for connectivity and can scale to the size of the Internet. BloxOne Threat Defense presents a hybrid deployment that ensures enterprise networks will be protected at anytime, anywhere, leveraging the infrastructure organizations already own – DNS.

Organizations such as Bank Audi s.a.e. need to able to monitor mobile and roaming users connecting to their networks. “Our hybrid DNS security solution from Infoblox allows our team to easily monitor recursive DNS traffic for on-prem or remote users through a single pane of glass,” said Moustafa Marzouk, head of IT infrastructure and support at Bank Audi s.a.e.  “This allows us to automatically detect and respond to threats in real-time. Now our team can easily integrate with our existing security tools, manage the network from one platform, and scale for future growth and innovation.”

BloxOne Threat Defense uses highly accurate threat intelligence and machine learning based analytics to detect modern malware, ransomware, phishing, exploit kits, DNS-based data exfiltration, Domain Generation Algorithms, DNS Messenger, fast-flux attacks and more. In addition, the hybrid approach allows organizations to use the cloud to detect more threats, while providing deep visibility and full integration with the on-premises ecosystem. It also provides resiliency and redundancy.

“The traditional security model is inadequate for today’s borderless networks, especially as enterprises continue to adopt digital transformation technologies like SD WAN, IoT, and cloud,” said Kanaiya Vasani, executive vice president of products and corporate development at Infoblox. “With BloxOne Threat Defense, Infoblox is providing customers with a solution that protects everywhere, offers flexible deployment, and integrates with the security stack already in place, providing a more optimized and streamlined cybersecurity posture. Organizations can worry less about silos created by managing multiple security solutions and instead make their security stack work as one fabric.”

With BloxOne Threat Defense, Infoblox has further optimized its enterprise security offering, helping customers reduce the total cost of threat defense by:

  • Offloading strained perimeter defenses:Reducing the amount of malicious traffic sent to Next Gen Firewalls, IPS and Web Proxy solutions by utilizing already-available DNS servers as the first line of defense
  • Reducing incident response time by up to two-thirds*:Automate responses when malicious behavior is detected, block cyberthreats and provide data for the rest of the ecosystem to investigate and remediate.
  • Power SOAR/SIEM platforms and Prioritize response: Leverage DNS, DHCP and IPAM data in SOAR/SIEM platforms to understand criticality of threats and to prioritize responses accordingly
  • Make threat analysts three times[1]more productive:Empower security analysts to make quick and accurate decisions while reducing human error with automated threat investigation, insights into related threats, and bad actor and geographical information

[1]Based on real world customer deployments