By: Aaron White, Regional Director, Middle East at Nutanix

 

In the digital era, manufacturing companies face business challenges that could scarcely have been imagined even a few years ago. Addressing these challenges depends on the company’s ability to take full advantage of the latest advances in information technology (IT).

Manufacturing and the Cloud

Cloud computing is poised to transform every aspect of modern manufacturing. Industry leaders—as they embrace digital transformation—are turning to cloud technologies to increase operational efficiency, improve supply chain management, and change how products are designed, produced, and distributed. No matter what type of manufacturing your company is engaged in—Consumer Goods, Automotive & Transportation, Chemicals & Metals, Industrial & High Tech, Medical & Pharma—advanced IT and cloud technologies can help you increase competitiveness, enhance innovation, and reduce costs. A recent study from Cloud Technology Partnersfound that the cloud can reduce total cost of ownership for manufacturers by as much as 42 percent.

Embracing cloud technology will be essential in enabling manufacturers to deliver customized products with shorter delivery times. Success will be underpinned by three technology imperatives that every manufacturer must contend with:

• The Internet of Things can improve operational efficiency, decrease maintenance costs, and generate new service revenues.
• Artificial Intelligence. Manufacturing organizations are turning to big data analytics and AI in the form of machine learning and deep learning to enhance all aspects of their operations.
• Advanced automation is transforming everything from the supply chain to the manufacturing floor, to distribution, to ordering.

Cloud Success

Manufacturing IT teams have to carefully navigate the evolving cloud landscape to be successful. This will require mature processes for deciding which applications and services to run in which cloud—whether that’s an on-premises private cloud, a CSP, or a big public cloud. And, because much of the operations will remain on-premises, the company needs to transform its datacenter infrastructure to deliver cloud-like agility. To build next-generation infrastructure, the company must look beyond legacy architecture to create datacenters that rival the cloud. But what does this new enterprise IT stack look like, and how can the company leverage the latest innovations as it puts datacenter and cloud strategies into practice? A growing number of manufacturing organizations have discovered that an enterprise cloud that offers the agility of public cloud without sacrificing control over critical resources is the answer.

 Manufacturing and IoT

Manufacturer companies are turning to IoT to connect and gather data from a wide variety of equipment and sensors across production facilities, distribution centers, transportation equipment, offices and other locations to deliver a competitive advantage in an increasingly wired and data-intensive world. By gathering and analyzing data in a more comprehensive way, companies can improve productivity and efficiency in production processes and supply chains. Many manufacturers are also extending these benefits to products that have been deployed by customers. For example, a maker of agricultural equipment might use IoT data received from customer machinery to enable predictive maintenance, improving customer satisfaction and customer engagement, while also increasing service revenue.

Blending Operations and IT

One of the most important changes resulting from IoT is an increasing need for operational staff and IT staff to work together. Depending on how your company is organized, both logically and geographically, these functions may be completely separate. In addition to collaboration, some reorganization may be necessary to ensure that all parties involved understand the business problem being addressed as well as all requirements and constraints

Jump-Starting IoT Efforts

Many companies have difficulty identifying their best opportunities for IoT. Your goal should be to identify the places where IoT can make the biggest difference:

• Where would having better data help your organization with decision-making or operations planning?
• Do you have the data analysis tools in place to analyze the IoT data once you gather it?
• Which manufacturing processes are the most troublesome? Could IoT data help fix those processes?
• Which front office processes are the most troublesome?
• Could better or more complete data address those issues?

Once you have identified a list of processes that could be improved by IoT, the next step is to identify the ones that pertain to equipment that either already has or can accommodate the necessary sensors and instrumentation. Most importantly, in order to accommodate IoT needs, infrastructure flexibility is essential. If the current IT is built on infrastructure that’s complex, expensive, and rigid, it will not be easy to accommodate new IoT demands. A flexible, agile cloud-based approach will make it easier to adapt to IoT and other new resource demands—both on-premises and in the cloud.

Manufacturing and Artificial Intelligence (AI)

Industry leaders are taking notice of the potential of AI to transform manufacturing. According to a recent report from Infosys, companies want to use AI to further automate manufacturing in order to increase productivity, minimize manual errors, reduce costs  and eliminate the need for humans to perform repetitive tasks. These benefits apply across a wide variety of AI use cases from the front office to production facilities.

AI Use Cases in Manufacturing

There are a number of AI use cases that manufacturers are already targeting. AI has the potential to help across your entire company, facilitating fraud prevention, predictive ordering, and opportunity assessment. Below are some:

• Adaptive manufacturing– Today’s customers want products customized to their needs or taste. AI technologies are the key to making today’s rigid manufacturing and assembly line processes more flexible and able to adapt to changing demands quickly and with far less human intervention.
• Human/robot collaboration– For some tasks, humans can’t be replaced. Artificial intelligence and improved sensing capabilities will enable new or updated robots to work more closely with humans, quickly learning new tasks as needs change and making the whole process more adaptive.
• Quality control– Performing anomaly detection on hundreds of units in seconds, rather than hours, enables manufacturers to identify and resolve production failures before expensive delays pile up. Applying AI to quality control not only accelerates production, it can improve quality and reduce reliance on manual human inspections.
• Streamlined supply chains – AI can help make sense of supply-chain data, identifying hidden patterns and improving performance across diverse areas including warehousing, transportation, production, and packaging while also allowing operations to adapt more quickly to market changes.
• Predictive maintenance –Most manufacturers do equipment maintenance on a set schedule that doesn’t account for actual operating conditions. By analyzing equipment log data for anomalies, AI can enable companies to adapt maintenance schedules to actual needs and identify potential problems before failures occur.

Operationalizing AI for Manufacturing

A good rule of thumb for AI projects is: don’t reinvent the wheel. There is no reason to spend your time developing AI models to solve problems that someone else has already solved. On the other hand, you won’t achieve a competitive advantage using the same tools as everyone else, so focus on innovating in the areas where you can differentiate your company. There are two important parts of AI where IT infrastructure decisions are critical:

• Managing data– The first step is to collect data efficiently from the source: IoT sensors, customer equipment, supply chain partners, etc., and stream that data for processing— usually to a datacenter or in the cloud.
• Building and operating AI training clusters –If you are creating and training deep learning algorithms, that requires a training cluster equipped with GPUs that can process data in parallel.

Manufacturing and Advanced Automation

The opportunities for automation across various types of manufacturing are almost endless. Some companies are even evaluating the potential for factories that are 100% automated, with environmental conditions optimized for machines not humans.

IT Infrastructure to Support Automation

The entire operational environment—including IT—is going to become a lot more dynamic than it has been in the past, which has a number of important implications for IT:

• Modernize infrastructure. If you are currently running a lot of legacy infrastructure, you will need to modernize to the greatest extent possible to reduce technical debt, increase agility, and free up resources to focus on new value-added projects.
• Get ready for the edge. As your company rolls out IoT, AI, and automation projects, you will need a lot more IT infrastructure in edge locations such as production facilities, distribution centers, and remote offices. Many of those locations may lack onsite IT staff, making centralized management capabilities and ease of use essential.
• Start by automating IT. To keep up with the increased dynamism and scale of your automation efforts, you will need the ability to automate IT tasks. Consider a private cloud to allow stakeholders to access IT resources and services on demand via self-service.
• Leverage the cloud. Look for opportunities to take advantage of resources in the cloud where it makes sense, including public cloud services, specialized cloud service providers, and SaaS partners.

 

By Jeff Carpenter, Product Marketing Manager of Cloud Authentication in IAM solutions at HID Global

 

The simple combination of a user ID and password is no longer good enough to protect our most vulnerable information. Identity theft, data breaches, malware, and malicious actors mean that digital security must evolve to stay one step ahead of security threats. Strong, reliable security in a modern government, non-profit, SMB, or enterprise environment isn’t just important today; it’s mandatory. The best security must take into account the needs of the organization and the employee, balancing protection, encryption, and ease-of-use.

With most security officers having a choice between two primary security solutions—single sign-on (SSO) or multi-factor authentication (MFA)—deciding what’s best for your organization requires careful consideration of the pros and cons of each approach. Of course, the two are not mutually exclusive; you can have both. However, given the economy that envelops most IT organizations, knowledge of how to allocate time and budget to one project over another can make all the difference.

What is multi-factor authentication?

MFA uses several different factors to verify a person’s identity and grant access to various software, systems, and data. Typically, MFA systems use two or more of the following tools to authenticate individuals:

• What you know: a password, personal identification number, or recovery questions
• What you have: a smartcard, FIDO token, one-time password (OTP), Bluetooth device, Apple Watch, or some other authenticator
• Who you are: a biometric authenticator, such as a fingerprint or face recognition
• What you do and where you’re at: location-based authentication using GPS, IP address, or Integrated Windows Authentication (IWA) and how you type (keystroke biometrics)

The advantage of multi-factor authentication is that, in most cases, it’s very secure. The combination of a password, physical token, and biometric can significantly reduce the risk of data and software breaches.

However, if MFA has some advantages in securing user logons, it also has the reputation – sometimes well-earned – of being a bit difficult to manage. Users need to be provisioned with the second factor (the first they memorize). For some end users, even setting up a mobile phone to receive a one-time password via text message can be an imposition. Still, MFA is safe for most organizations to lock down their networks and applications against unauthorized access.

What is single sign-on?

The concept behind single sign-on is very straightforward—users carry out a master sign-on to authenticate themselves at the beginning of their work period. Then, whenever they need to log into another piece of software, the SSO solution logs in on their behalf. The SSO solution internally stores the various credentials for every piece of software users need to access and then validates the users with those systems when they need to be accessed.

The advantages of single sign-on include:

• Users only have to remember one password at all times. Although they may be required to enter credentials for other systems occasionally, there’s significantly less effort needed.
• Extra security, such as biometric authentication, can be added to the initial single sign-on or accessed via a USB token, soft token or similar encryption device. MFA comes into play here.
• SSO is quick and convenient for the end user. It saves time by not requiring them to spend time logging into many different applications.
• Risks for access are reduced in some instances. For example, credentials for third-party applications could be stored internally rather than on external systems.
• There are fewer calls to the service desk for password resets, reducing IT support resource needs.

Disadvantages of single sign-on:

• If a hacker, malicious actor, or malware gets SSO access, that compromises any systems used by SSO.
• SSO must be deployed with strong encryption and authentication methods to prevent this from happening.
• Loss of availability of SSO systems means a user will not be able to access any other systems, becoming a single point of failure.

The best of both worlds—combining SSO and MFA

MFA and SSO are both coming at the issue of security and authentication from different areas.

SSO is more convenient for users but has higher inherent security risks. MFA is more secure but less convenient. What are the two areas that can be combined to provide a solution that is both convenient and secure?

That’s the way the security and encryption industry is moving. Again, it’s about the evolution of security. Some of the new approaches being tested and used include:

• Requiring secure MFA sign-on at the start of the day, similar to an SSO solution.
• Granting continued access to authenticated users throughout their workday.
• Requiring additional verification using MFA based on specific criteria, including:
  • Access to the most sensitive systems.
  • Changes in user behavior as detected by software.
  • Using criteria such as location, role, seniority, and the like to determine when new authentication is needed.
  • Using algorithms to request additional credentials in certain use cases smartly.

The convenience of SSO combined with the security of MFA gives businesses security posture and confidence. In addition, providing users with the efficiency and ease that MFA and SSO offer means less password resets and help desk calls. Calculate your estimated savings.

Author: Rabih Itani, Regional Business Development Manager – Security, Middle East and Turkey at Aruba, a Hewlett Packard Enterprise company

Today’s security threats are evolving each day, with security teams having to monitor everything from the data centre to the edge, as well as the millions of connected devices which log in to their systems each year. The workplace is currently in flux – we can work from mobile devices in any location we choose as well as working with many different applications. When things change, security teams have to readjust policies and controls. Is it fair to expect them to chase after us, all day, every day to keep us safe?

CIOs can no longer ignore the high-profile attacks that continue to threaten organisational reputations around the world. It’s no wonder that security is the top of the agenda in many boardrooms or that a new C, the CISO (Chief Information Security Officer), has joined the management team. Protecting the organisation is obviously a huge priority.

But how is this actually achievable, unless we are able to anticipate the small, but significant, changes that are happening on the network day to day?

If we are asking human security teams to constantly monitor the data being shared by incoming and existing devices, which can easily reach into the thousands for a large enterprise, then we are creating security systems that lack the ability to scale in line with the threats.

Because human teams can get tired and make mistakes (they are human), the most common approach is to make blanket rules and restrictions across the network to serve as a catch-all against new inbound threats. The problem here, is that very quickly the user experience suffers. Which in turn, can affect productivity, and even morale.

This is where machine learning come to the aid of human security teams.

Augmenting, not replacing

With any luck, that last sentence will not have made your eyes roll. We should be moving past concerns about AI replacing human roles, or being relied upon as a cost-saving measure. The point about machine learning, in the context of security, is that it gives us an always-on, 24/7 tool that allows us to spot the type of threats and exploits that it would be difficult, or even impossible, to detect with human eyes.

The way many companies run IT security today leaves definite room for improvement. Either you are running with such sensitive filters that it generates a mountain of false positives, meaning you can’t see the wood for the trees. Or filters are turned down to a manageable level, leaving big gaps in your defences. Both scenarios, of course, risk genuine threats sneaking through.

With machine learning, there is an ability to detect minute changes in data that would likely slip through traditional defences. Using machine learning for NTA (Network Traffic Analysis) and UEBA (User and Entity Behavioural Analytics), we are able to set historical and peer baselines for every single device connecting to the network, from the latest user mobile device to the air conditioning unit, connected as part of a new IoT initiative. Everything is quickly recognised, profiled and connected, giving each connected entity, its own unique risk profile and its current risk score.

As soon as a device behaves in a way that strays outside of its recognised profile or baseline, the network sees it, and takes action. This action could be to raise the risk, re-route the data for deeper analysis to confirm if the anomaly is malicious or immediately raise an alert, which compels human security teams into action. Assuming there is no wrongdoing, the user experience is not impacted, beyond perhaps being asked to confirm the activity was indeed them and all is OK.

In the case of anomaly itself is confirmed to be malicious based on discrete attack analytics or in case the case a full Kill Chain is confirmed, the NAC (Network Admission Control) systems can be triggered with manual or even automated response to quarantine the device from the rest of the network in order limit any potential damage that might have occurred. All because the machine is analysing millions of individual packets of data and thousands of systems logs, all the time. It’s a job that no human team can realistically do, or would want to do.

With machine-led security continually learning, adjusting baselines and detecting new threat patterns, humans teams are not usurped. They are enormously aided, by being alerted only to the issues that they really need to inspect. This automatic monitoring offers security staff exceptional time savings, which actually means an improvement to their job role. Instead of fighting fires, security teams will be able to focus on building better IT experiences across their organisation, and saying yesto new innovations. Security teams may actually become a revenue driver for the business.

How security impacts the workplace

The tasks of human security workers may well change as the world of machine learning, building to full AI, begins to accelerate. But we should never fear change. Especially when the likely new roles carry even wider business relevance. The promise of machine learning is there, but it still needs highly skilled teams to build it into the core of the network, re-apply it to other business areas, and proactively monitor it for new insights.

We’re faced by intelligent threats, targeting valuable user data, across a network that has more end points (and entry points) than can be counted. Isn’t it about time we acknowledge that human security staff need the help they can get?

BloxOne Threat Defense is the industry’s first hybrid DNS security solution enabling enterprises to strengthen and optimize their cybersecurity posture from the foundation up

Infoblox Inc., the leader in Secure Cloud-Managed Network Services, today announced BloxOne™ Threat Defense, the industry’s first hybrid security offering that leverages DNS as the first line of defense to detect and block today’s sophisticated cyberthreats. With a scalable hybrid architecture, BloxOne Threat Defense secures enterprises’ existing networks as well as digital transformations like cloud, IoT and SD-WAN deployments. It makes an organization’s threat analysts more productive and reduces the total cost of enterprise threat defense. The BloxOne Threat Defense solution combines the best of Infoblox’s on-prem (ActiveTrust) and cloud-based (ActiveTrust Cloud) security solutions into a unique integrated hybrid offering that provides enterprises scale, flexibility, and reliability. This enhanced solution reduces incident response time by providing actionable intelligence to the organization’s security stack, including SOAR (Security Orchestration Automation and Response), and by automating action using extensive ecosystem integrations.

Despite organizations utilizing multiple security tools in their stack, only a minimal number of alerts (about 4%) are investigated because they are short staffed. According to the Ponemon Institute, data breaches can take enterprises an average of 196 days to identify, resulting in a loss of $3.6 million per year and impacting brand reputation. Everyday CISOs are challenged to do more with less, simplify their security architecture, improve compliance and ensure protection for their data.

Enterprises require a scalable, simple, and foundational security solution that can catch threats in today’s dynamic networks. DNS, critical to the fabric of the Internet and any IP based communication, is also the least common denominator that can serve as the perfect foundation for security because it is ubiquitous in networks, is needed for connectivity and can scale to the size of the Internet. BloxOne Threat Defense presents a hybrid deployment that ensures enterprise networks will be protected at anytime, anywhere, leveraging the infrastructure organizations already own – DNS.

Organizations such as Bank Audi s.a.e. need to able to monitor mobile and roaming users connecting to their networks. “Our hybrid DNS security solution from Infoblox allows our team to easily monitor recursive DNS traffic for on-prem or remote users through a single pane of glass,” said Moustafa Marzouk, head of IT infrastructure and support at Bank Audi s.a.e.  “This allows us to automatically detect and respond to threats in real-time. Now our team can easily integrate with our existing security tools, manage the network from one platform, and scale for future growth and innovation.”

BloxOne Threat Defense uses highly accurate threat intelligence and machine learning based analytics to detect modern malware, ransomware, phishing, exploit kits, DNS-based data exfiltration, Domain Generation Algorithms, DNS Messenger, fast-flux attacks and more. In addition, the hybrid approach allows organizations to use the cloud to detect more threats, while providing deep visibility and full integration with the on-premises ecosystem. It also provides resiliency and redundancy.

“The traditional security model is inadequate for today’s borderless networks, especially as enterprises continue to adopt digital transformation technologies like SD WAN, IoT, and cloud,” said Kanaiya Vasani, executive vice president of products and corporate development at Infoblox. “With BloxOne Threat Defense, Infoblox is providing customers with a solution that protects everywhere, offers flexible deployment, and integrates with the security stack already in place, providing a more optimized and streamlined cybersecurity posture. Organizations can worry less about silos created by managing multiple security solutions and instead make their security stack work as one fabric.”

With BloxOne Threat Defense, Infoblox has further optimized its enterprise security offering, helping customers reduce the total cost of threat defense by:

• Offloading strained perimeter defenses:Reducing the amount of malicious traffic sent to Next Gen Firewalls, IPS and Web Proxy solutions by utilizing already-available DNS servers as the first line of defense
• Reducing incident response time by up to two-thirds*:Automate responses when malicious behavior is detected, block cyberthreats and provide data for the rest of the ecosystem to investigate and remediate.
• Power SOAR/SIEM platforms and Prioritize response: Leverage DNS, DHCP and IPAM data in SOAR/SIEM platforms to understand criticality of threats and to prioritize responses accordingly
• Make threat analysts three times[1]more productive:Empower security analysts to make quick and accurate decisions while reducing human error with automated threat investigation, insights into related threats, and bad actor and geographical information

[1]Based on real world customer deployments

Thunder® Containers Solutions Enhance Application Performance and Security for Multi-cloud Environments

A10 Networks(NYSE: ATEN) has announced a cloud-ready, light-weight set of container-based solutions to provide secure application services. They offer the industry’s highest performing container solutions with up to 200 Gbps of throughput for A10 Networks’ Thunder Application Delivery Controller (ADC), Carrier-Grade Networking (CGN), and Convergent Firewall (CFW) solutions. The addition of Thunder Containers extends the company’s multi-cloud portfolio and increases the performance, security and availability of applications, enabling customers to confidently run their critical workloads in multi-cloud environments at hyperscale. Customers can meet the increased traffic demands, while maintaining predictable service levels when deploying applications in multiple geographic locations and across public and private clouds.

Enterprises today are leveraging almost five clouds[1]for their application infrastructure. Multiple disparate environments to manage, on top of inherent application complexity, make deploying applications more complex. Organizations need efficient, agile and high-performance solutions that also provide centralized management and analytics across the entire application infrastructure.

Agile, Cloud-Native Application Infrastructures

A10 Networks Thunder Containers-based solutions can help solve many issues faced by organizations today. The addition of a container-based solution to the A10 Networks’ portfolio helps support a mix of application architectures, from traditional monolithic to distributed microservices, with the same code, the same management all-inclusive API and the same feature-set to help organizations combine new and legacy services for more agile infrastructures. In addition, it can eliminate the struggle between NetOps/SecOps and DevOps with unified and consistent application, feature-set and policy control across traditional data center and multi-cloud environments.

“With the new Thunder Containers, we are delivering to the market the highest performance load balancing, firewall and carrier-grade NAT (CGNAT) solutions for a very complex multi-cloud world. We are extending our portfolio across traditional, virtual and microservices form factors, giving customers a unified solution to ensure agile and scalable infrastructures. And seamless integration with A10 Harmony® Controller gives customers visibility and centralized management for consistent operations and security across multi-cloud environments,” said Raj Jalan, CTO of A10 Networks.

Thunder Containers is also supported with Kubernetes. The highly portable solution is supported on standard Intel x86 servers and can be deployed across the largest cloud providers, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), as well as private data centers, allowing businesses to benefit from agility, flexibility and security. Combined with the unique FlexPool® licensing model, customers can aggregate capacity for flexible allocation and redistribution of resources for applications running in the cloud.

Thunder for Containers will be available in Q3, 2019.

 

[1]RightScale 2019 State of the Cloud Report by Flexera

By: Claude Schuck, regional manager, Middle East at Veeam

 

Last year, cloud computing entered the Slope of Enlightenmenton Gartner’s infamous Hype Cycle for the first time in its history. This marked the inflection point at which cloud stopped being something CIOs and IT managers talked about, but didn’t necessarily implement, and became a must-have for any digital business.

 

At the same time, if you look at the Gartner Hype Cycle for data management, there are a raft of technologies all with different levels of understanding, relevance and importance. From DataOps and Machine Learning-Enabled Data Management at the entry stage of Innovation Trigger to Data Integration and Information Archiving approaching the Plateau of Productivity. While cloud is fast-becoming recognised as an industry-standard for modern IT infrastructure, data management is growing rapidly in its importance to businesses.

 

Moreover, businesses are beginning to understand their data much better. Being able to access the right data at the right time, and recover it when it’s lost or damaged, can determine the success of a business.

 

Enter Cloud Data Management

With Cloud Data Management: an inherent part of Intelligent Data Management, data is available across the business, centrally managed, controlled and located where it will deliver the most value for the organization. In today’s digital and data-driven economy, organizations of all types and sizes require the ability to manage data across multi-cloud environments and ensure it is protected no matter where it resides. Maintaining data availability at all times is key to enabling teams to respond instantly and appropriately to what matters anywhere across the enterprise’s infrastructure.

 

Veeam’s 2019 Cloud Data Management report, which surveyed over 1,500 business leaders globally, found that almost half (44%) see data management as critical to their businesses’ success in the next two years. Amongst the businesses making the most intelligent use of data management, there were four common components: cloud, confidence, capabilities and culture.

 

Scaling with the cloud

European Commission statisticsshow that over half of EU enterprises are now using advanced cloud services relating to financial and accounting software applications, customer relationship management (CRM) or enterprise applications. This percentage is only rising as hyperscalers continue to layer value-add services onto their stacks – enabling customers to leverage AI and machine learning, big data analytics, and voice and image searching to deliver greater business value from their data.

 

This notion is backed up by the fact that nearly three-quarters (72%) of companies are looking to Cloud Data Management to enable more intelligent use of data across the business. Business leaders are looking to data management to deliver benefits through increasing productivity, maintaining corporate stability and improving their ability to forecast and make better informed decisions. The majority stated that they are using Software as a Service (77%), citing reliability, flexibility and data security as their top three reasons for doing so.

 

Investing with confidence

Given the emphasis the needs of the digital business place on its IT infrastructure, CIOs need to have confidence in its ability to help their organization stay responsive, available and on the front foot. Incidents such as outages can sap this confidence, stunt future innovation, and damage customer confidence. Almost three-quarters (73%) of organizations are unable to meet users’ demands for uninterrupted access to applications and data. This may partly explain why only 25% of business leaders reported total confidence in their capability to meet their digital challenges.

 

As well as investing in robust, scalable and flexible solutions to mission-critical issues such as backup, disaster recovery and data protection, organizations need the right skills and capabilities to manage their data estates. That’s why business leaders said that they will spend an average of $41 million on deploying technologies to build a more intelligent business within the next 12 months.

 

Combining technological and human capabilities

Clearly, the expectations of what data management can deliver for the business are high and the appetite for return on technology investment is insatiable. Once new technologies are deployed, business leaders expect to see financial benefits in nine months, with operational benefits in seven months.

 

For effective results to be realised within a short space of time, businesses must ensure that they have the necessary skills to on-board employees with new systems. In fact, the vast majority (91%) of organizations view upskilling employees’ digital skills as vital to their success. This sometimes requires an element of cultural transformation, particularly when an organization is looking to establish more data-driven decision-making processes.

 

Establishing a data-driven culture

The cloud is a great equaliser for businesses – levelling the playing field in terms of the technological haves and have nots. Most businesses are now producing data at a rate of knots, so it’s more about how that data is managed, analysed and used to inform faster and more effective decision making. A business can produce huge amounts of data but if it doesn’t adopt a data-driven culture at the C-level, it can be a burden rather than an advantage.

 

More than two-thirds (69%) of business leaders agree that company culture needs to become more open and accepting as they digitally transform, while 93% agree that leadership styles will also need to change. Cloud Data Management is an opportunity for every business and something which must be implemented at the most senior level of the business and executed right across the pyramid.

 

In summary, building strong digital foundations that centre on data availability will be vital to the future of every organization. Within this context, technology has never been so important to a business’ success. Organizations around the world rely on a whole host of digital platforms for everything from keeping the lights on to creating ground-breaking, new offerings for customers. This, combined with implementing a data-driven culture which maximizes the value of the data available to the business, will enable the next-generation of industry disruptors and innovators to scale securely.

Fortinet to secure applications on AWS with FortiWeb Cloud WAF-as-a-Service

 “As organizations increasingly build out their business in the cloud and use web applications, they increase their exposure to known and unknown targeted attacks,” said John Maddison, EVP of Products and Solutions at Fortinet. “Delivered through the Fortinet Security Fabric, FortiWeb Cloud Web Application Firewall (WAF)-as-a-Service allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications.”

The Evolving Attack Surface in the Cloud

To keep up with digital transformation, IT teams are increasingly deploying applications to the cloud and building cloud-native applications. However, this rapid deployment can introduce vulnerabilities and requires robust security to defend the evolving attack surface and protect applications from threats. Organizations’ disaggregation of security tools compounds the challenge of protecting the attack surface. IT teams need security solutions that accurately protect web assets, are intuitive and are simple to deploy and easy to manage in order to truly take advantage of the benefits of migrating applications to the cloud or building cloud-native applications. Pairing this with the shortage of general cybersecurity expertise and web application security in particular, DevOps teams managing web applications are especially in need of security solutions that are easy to use as the resources to monitor threats across hybrid cloud environments are limited.  

Reaping the Benefits of the Cloud with Fortinet’s Security-Driven Approach

Fortinet is addressing the issues that IT teams, including DevOps, face with the addition of FortiWeb Cloud WAF-as-a-Serviceto its cloud security portfolio. FortiWeb Cloud WAF-as-a-Serviceis available for purchase on AWS Marketplaceor through your preferred Fortinet reseller and leverages the flexibility of AWS by automatically provisioning security protection for customers across multiple AWS Regions. As part of the Fortinet Security Fabric, FortiWeb Cloud WAF-as-a-Serviceprovides the following benefits:

 

• Accurate and easy to manage Cloud WAF offering: As one of the first machine learning-enabled WAF technology in the industry, customers deploying FortiWeb Cloud WAF-as-a-Servicebenefit from high accuracy of detection and threat prevention, eliminating false positives and ensuring applications keep running. The solution also gives users the ability to perform a comprehensive self-tuning of policies to eliminate the operational overhead of managing a WAF service. FortiWeb Cloud WAF-as-a-Servicealso provides web application security that is easy to deploy and maintain with minimal configuration and management. The solution allows access to advanced configuration options when needed, removing the usual complexity required when setting up a WAF.
• Advanced threat protection for web applications: FortiWeb Cloud WAF-as-a-Servicesafeguards applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), both unknown and zero-day attacks, among others. It also includes services from Fortinet’s award-winning FortiGuard Labs, providing signatures, sandboxing and IP reputation to ensure organizations have the latest protection and updates on threats.

 

• Low total cost of ownership (TCO): As a cloud-native SaaS solution deployed in the same AWS Region as an organizations’ applications, FortiWeb Cloud WAF-as-a-Servicedoesn’t require maintenance of hardware or software and can reduce outbound data transfer costs significantly. Organizations pay Intra-Region Data Transfer rates for traffic to the service and FortiWeb Cloud WAF-as-a-Service handles the data transfer out costs as part of its subscription. IT teams can leverage the benefits of low latency and intra-region bandwidth rates for traffic between applications and the WAF.

 

• Simplifies compliance requirements: Fortinet delivers FortiWeb Cloud WAF-as-a-Serviceusing a colony of WAF gateways in the same AWS Region as an organizations’ application. This avoids potentially subjecting the application to additional regional regulatory requirements.

 

• Flexible purchasing options: Whether customers prefer pre-provisioned capacity or paying by the volume of processed data, FortiWeb Cloud WAF-as-a-Servicesupports the most suitable option for customers’ business priorities and budgetary considerations.

 

 

By: Mrugesh Chandarana, Senior Product Manager, Identity and Access Management Solutions at HID Global

Business Email Compromise (BEC) is a type of phishing attack in which an attacker impersonates a high-level executive and attempts to trick an employee or customer into transferring money or sensitive data. According to the Federal Bureau of Investigation (FBI), as of

2018

this scheme has already caused $12.5 Billion in losses to companies. The FBI warned that there was a 60% increase in 2018 in fake email schemes that aim at stealing money or tax data. These figures support the fact that BEC attacks are technically simple but extremely effective in nature.

How to Prevent BEC Attacks

The simplicity of spoofing an email address, the advanced technology cybercriminals can easily access, along with the social engineering techniques to stage attacks—can leave an organization wondering if they are helpless to prevent this threat. However, digital certificates can easily and cost-effectively be used to protect email communications from compromises. Depending upon the type of certificate used to secure your email, organizations can realize a variety of benefits including:

• Ensuring the integrity of communications at rest and in transit
• Confirming to a recipient that the email is from a known sender or email address
• Locking the contents of a message to prevent tampering during transit

Selecting the Right Digital Certificate to Secure Your Email

Selecting a digital certificate to secure email communication depends on the usage and level of security necessary. There are three main considerations when choosing a digital certificate to secure your email.

1. Digital Signing – Emails can be digitally signed so that the recipient can confirm the identity of the sender. Email signing requires a certificate that contains a signing attribute. There are two types of certificates:
   • IDENTITY BASEDCERTIFICATES: Identity-based certificates validate the person who is named in the certificate. The identity of the individual sending the email will be confirmed to the individual receiving the email.
   • S/MIME CERTIFICATES: S/MIME certificates validate the email address that is named in the certificate. The recipient of the email will know that the email came from a validated email account.
2. Non-Repudiation – Email signing, when non-repudiation is needed, requires an identity-based certificate that contains a non-repudiation attribute. Non-repudiation means that when something is signed using an identity-based credential, that signature is legally-binding and cannot be repudiated or refuted.
3. Encryption – Email encryption requires a certificate that contains an encryption attribute. If you have the public key for a recipient, you can also encrypt the contents of the email sent to that individual. Likewise, if you would like others to send you encrypted emails, you will need to share your public key with them before they can send you an encrypted email.

How to Digitally Sign and Encrypt Email

There are two primary components of a digital certificate:

• A public key, used by others, to send encrypted email communications to you
• A private key, used by you, to sign emails and unlock encrypted email communications sent to you

A public key is published and/or exchanged to facilitate email encryption and can be:

• Exchanged via a signed email communication
• Attached to your contact card in your associate’s address book
• Published to a Global Address List (GAL)

Digital signatures are compatible with most enterprise email clients, and most clients can be configured to sign all outgoing mail automatically. It’s relatively easy to standardize company-wide.

When recipients open a digitally signed email, a red ribbon indicates that it’s been signed with the name of the signer. Since the signature was applied using the sender’s certificate and only issued after an identity verification process, the recipient can be confident that the email came from the sender and is not part of a phishing attack.

 

 

HID Global®, a worldwide leader in trusted identity solutions, today announced that it has signed an agreement to acquire the international identity solutions business of De La Rue (LSE:DLAR). The acquisition will broaden HID Global’s leadership position in the government-to-citizen identification market and extend its capabilities.

Through its identity solutions business, De La Rue delivers identity documents and software solutions for governments around the world. It issues secure identity documents for more than 25 countries, with significant market presence in Africa, Asia, Europe, Latin America and the Middle East.

“With complementary products, solutions and services that are highly synergistic with HID Global’s current offerings, De La Rue’s identity solutions business is an excellent strategic fit with our mission to power the trusted identities of the world’s people, places and things,” said Stefan Widing, President and CEO of HID Global. “Customers of both organizations will benefit from the expanded range of e-government solutions that will be offered as a result of the acquisition.”

De La Rue’s identity solutions business excels as a prime solution provider to government departments, working directly with ministries of the interior, immigration departments, police departments, and numerous other government entities and agencies.

The acquisition is subject to regulatory approval and customary closing conditions. The transaction is expected to close by Q3 2019. Financial terms of the agreement are not being publicly disclosed. Following the close, De La Rue’s identity solutions business will become a part of HID’s Citizen Identity Solutions business area, which is led by Jessica Westerouen van Meeteren, Vice President and Managing Director.