Helpdesk : 24x7x365
Minerva House, Ballafletcher, Douglas, Isle of Man, IM44QJ
+44 1624 640400

Outsourcing : Catalyst for change

There is a growing trend to outsource the IT infrastructure requirements of a business to the Cloud or to a datacentre environment. In our experience, this transition is normally prompted by one of the following events:

  1. Business growth or acquisition. This prompts the business to review their IT infrastructure requirements. Outsourcing, typically with a level of opex is a consideration rather than a capex investment in a new solution. Both cloud and datacentre providers will have some form of managed service offering culminating in an opex service model.
  2. Outdated infrastructure. An organisation may have historically invested in their IT setup but since then there has been little in the way of incremental upgrades or investment. This has meant the business is facing a significant capital expenditure; making the prospect of an opex scheme more attractive. The datacentre or cloud provider will typically have modern, scalable and redundant infrastructure components.
  3. Staff resource. With so many applications, business systems, day-to-day end user support; the IT team may be swamped in their own jobs to worry about the IT infrastructure. In these scenarios a business may choose to outsource the infrastructure (IaaS) and platform components (PaaS) to a datacentre or cloud provider, enabling their IT team to focus on application or user support.
  4. An IT Event. Essentially something has gone pear shaped. A core system failure, a storage outage or a network issue – they can all prompt management to review their IT systems. Despite IT lobbying the business for some time, it often takes an event like this to prompt people into action. Often the cloud or datacentre will cover off or resolve many of the issues that triggered this event.
  5. Regulatory Pressures. This could be new industry regulations or a scenario where there is greater scrutiny being applied; forcing businesses to take stock and ensure compliance. This could be DR (Disaster Recovery) or BCP (Business Continuity), information security or documentation. Datacentres and cloud platforms are often a fast-track to compliance in many areas, particularly DR, PCI-DSS and others where security and availability are considered paramount. Outsourcing is however not without its pitfalls and in the quest of compliance, you may inadvertently fall foul.
  6. New Outlook. A new CTO/IT-Director will often take a fresh perspective when it comes to an organisations IT setup. Often with the support of the board, this can lead to a raft of changes within a business.

These are just some examples of catalysts for change.

Things to consider

There are some key items to consider before transitioning to the cloud, datacentre or if you are considering certain elements of your IT environment:

  1. Connectivity. High speed, secure and reliable network connectivity to your IT environment is vital. So often do we see businesses adopt VDI, off-site DR or remote-working but they have simply overlooked the need for connectivity. The initial forecasted savings can be wiped out immediately when it becomes apparent a fibre or leased-line is required. If your business is shifting its core IT operations to a datacentre or cloud, then good, solid connectivity is a given.
  2. Regulation. Many industries are subject to regulatory oversight. Depending on the industry and the regulatory body, often they will set down requirements or guidelines that govern how your IT and outsourcing operations. Financial services, banking and healthcare are particular industries where outsourcing can be a challenge. The UK’s FCA, Isle of Man FSC, PCI-DSS and HIPAA all have specific requirements or guidelines around outsourcing (Cloud) and security (shared infrastructure).  This is perhaps one of the reasons Private Cloud is a core offering of many datacentres as it circumnavigates many of the grey areas. In many cases public or shared IaaS is an option, but you have to demonstrate you have considered (and documented) the risks, be able to prove your outsourcer is compliant and be comfortable you comply. For this reason, many businesses err on the side of caution.
  3. Paper office. If your business is a paper handling organisation, for example printing and scanning documents – you need to evaluate whether moving your back office into the datacentre will cause other issues within your organisation.  Document management, imaging, faxes and retrieval can often be an after-thought once a business has moved to the cloud. Unfortunately, this afterthought is often a vital part of the business, leading to a loss in operational effectiveness and similar technical issues.
  4. SLA. The SLA is often not worth the paper it is written on. If 99.999% is promised, ask how those metrics are calculated and how the provider plans to meet them. Ask for historic measurements. Ensure the service credits and liabilities align themselves to the losses your business would face. If your business demands 99.999% (five nines) then be prepared to pay the price for that level of uptime, it is simply not fair (or even possible) to provider five-nines on a shoe string.

Summary

These are just some of the issues to consider when your organisation is considering a move to a hosted, cloud or outsourced environment. The team at MTG have over a decade of experience transitioning businesses to (and from!) hosted or cloud environments. MTG’s range of network, IT and security solutions are used by organisations with their IT infrastructure on-premise or hosted in an outsourced environment.  The MTG board have held previous positions at datacentre, cloud and telecoms providers – so we have a thorough understanding of the business models, pitfalls and constraints of the hosted model.

If your business is considering a change in strategy or an infrastructure upgrade, speak to the experts.

 

Primer : Introduction to Data Loss Prevention (DLP)

What is DLP (Data Loss Prevention)?

DLP (Data Loss Prevention) is a group of technologies whose purpose is to ensure data is not lost, misused, disclosed or accessed by unauthorised users. DLP solutions generally classify data, protect confidential information, implement controls, identify data in transit and help prevent users (or customers) from accidentally or maliciously sharing data. Read more

Internal Network Firewalls (INFW)

Traditional firewalls that had UTM-type functionality (e.g. Web filtering, Intrusion Prevention, Antivirus) often suffered from poor performance; low throughput, latency and inconsistent accuracy. As firewall technology evolved, as did the performance and scanning capabilities.  The Next Generation Firewall (NGFW) term was coined to define a firewall that met the following criteria: Read more

IPS - part of firewall security solution

Intrusion Prevention Systems (IPS) in the Enterprise

The IPS (Intrusion Prevention System) is a solution MTG regularly deploy for our clients at their network edge. The IPS has its place for any organisation that does business online and our deployments include solutions in financial services, service provider, banking and healthcare environments. What we frequently find is how many businesses do not understand the role of an IPS, and for those that do – they believe an IPS is only used in highly secure environments or by businesses who are constantly under the threat of attack (which, with opportunists – is every business on the internet).

Is antivirus software still relevant?

In a 2014 study by LastLine Labs, much of the newly released Malware went undetected by nearly half of the leading antivirus vendors. This is a worrying fact, especially given how many businesses rely solely on antivirus as their only form of defense!  The general recommendation is a defense-in-depth approach, and an IPS is a key component of that strategy.

What is an IPS?

In brief, an IPS is a system that tries to identify threats and attacks through a combination of pattern recognition, anomalous behavior and traffic signatures. MTG predominantly implement IPS solutions at the network edge, so in the context of IPS – the systems scan all inbound and outbound network traffic, trying to spot potential attacks or behavior that typically proceeds any attack (e.g. network enumeration).

Fortinet describe an IPS as:

a technology protects networks from both known and unknown threats, blocking attacks that might otherwise take advantage of network vulnerabilities and unpatched systems.

..

FortiGate® IPS technology leverages a database of thousands of unique attack signatures to stop attacks that might evade conventional firewall defenses, plus anomaly-based detection that enables the system to recognize threats for which no signature has yet

How does an IPS defend the enterprise?

You may ask if your business has antivirus, then what sort of malware/attacks can an IPS prevent? The key thing to emphasise here is not every attack or exploit can be classified as a virus. Often antivirus can kick in after the horse has bolted – which is often too late.

Some examples of an IPS:

  • Someone on the internet has opened 1000s of connections to your mail server. If this was to continue, the mail server would be starved of resources and be unable to function. An IPS would detect this anomalous behavior and block the attacker.
  • A user has browser to a website that is trying to instantiate the Adobe PDF viewer in a malicious fashion, the IPS blocks this.
  • An attack is scanning your IP range, the IPS identifies this behavior as an enumeration attempt, assumes ill intent – and blocks the attacker.
  • A malicious web request is sent to your website, this specially crafted request is designed to exploit your web server, this is identified and blocked.

Furthermore leading IPS systems are linked to the Cloud, this link provides shared intelligence and a centralised threat resource. If an attack is experienced in the UK and the signature is well known, then this same signature can be distributed to other IPS systems.

Custom IPS

The Fortinet IPS systems has several thousand pre-build signatures that are constantly updated. If your business has its own web application or portal, then a Custom signature can be written to help safeguard your system.

For example:

  • When someone logs into your financial services portal, if they get their password wrong, the browser responds with “Error 2301 – Password incorrect”
  • An IPS can log the number of this occurrences per IP address, if that exceeds a threshold, it will block the IP on the firewall!

Key points

  • MTG typically deploy an IPS system as part of a firewall security solution.
  • An IPS will scan traffic in real-time.
  • This provides comprehensive security controls that compliment the security provided by antivirus and firewall solutions.
  • An IPS protects against a whole range of attacks, not just viruses.
  • The IPS can be installed on LAN or DMZ segments, alongside existing firewall environments.

Your business must plan to protect against all threats; not just current threats, but all threats, known and unknown. Speak to MTG about how an IPS can enhance the security within your enterprise.

 

 

The future as predicted by Five Top Venture Capitalists.

Forbes covered the 17th annual Top 10 Tech Trends dinner in San Jose. The event seen the coming together of leading technologists and venture capitalists, all there to predict the future!

Some of the technological visions include:

  1. On-demand ambient computing. Shervin Pishevar of Sherpa Ventures. “What you’ll see is services that will be able to predict what you want before you even express it”
  2. Traditional banks will keep losing share to startups while bitcoin fades. Rebecca Lynn of Canvas Investment Fund. “banks are inefficient and not so great at serving customers, and it’s better done by fast, nimble startups.”
  3. The Virtual Me. Jenny Lee of GGV Capital. Wearables, hardware and sensors – the connected human.
  4. The Skynet economy. Steve Jurvetson of DFJ. Low altitude satellites, 16GB/s broadband and ubiquitous connectivity.
  5. The end of the auto nation. Bill Gurley of Benchmark. “We may have hit what’s called peak car. Kids aren’t showing up on their 16th birthday to get a driver’s license. The smartphone is more of a social status than a car is.”
  6. The Fifth mode of transportation. “Technologies such as the hyperloop and massive drones that can land and take off on water will transform the transportation of people and things, said Pishevar, who has invested in Hyperloop Technologies Inc.”
  7. The reemergence of women in tech.  “In the next 5 years, half of computer science students will become women, which will lead to more female founders and CEOs.”
  8. The economy of me. By 2020, commerce and services will fundamentally shift to being online and global. In the next five years, the number of people on the mobile internet will double, forming the “personal economy.” Brick and motor will be obsolete.
  9. The rise of robocars. “For those of us who have a chance to be in one, you’ll never go back. I believe they are already safer than my parents.” Initially they will run at speeds of 25 mph or less in urban settings”
  10. The native mobile application platform will continue to dominate the mobile Web. “Gurley said smartphones will be the remote control of our life. “The browser and search are kind of like a platform, and that platform is finally maturing”

 

 

IP enabled drug pump vulnerable to hacking

The US Department of Homeland security have issued a warning after an internet-connected drug infusion pump was found to be vulnerable to exploitation. The security researcher described the pump as “literally the least secure IP enabled device I’ve ever touched in my life.”

lifecareThe warning received a rating of 10/10 for both severity and impact according to the vulnerability report.

The device in question (Hospira Lifecare PCA3) running software 412 allowed people to telnet to the device without authenticating, allowing any would-be attacker to gain root privileges.  Furthermore, wireless encryption keys were stored in plain-text.

What this means is anyone with access to the device, and close proximity to the wireless network could subsequently access a “Life Critical Network”, where other medical devices could be connected! You can imagine the severity of such network access, and the impact this could have on the network infrastructure.

The vulnerability is well covered in the security press with websites such as scmagazine covering it in great detail.

One thing is apparent, it is fast becoming a challenge to keep up with biotech and advances in medical technology. Fortunately, there are various standards and industry best practices that advise on the best way to secure medical software, devices and networks.


 

ISO 80001  (“Application of risk management for IT-networks incorporating medical devices”) applies to medical device manufacturers and providers, governing the risk management of an IT network incorporating medical devices.

ISO 27799:2008 (“Health informatics, information security management in health using ISO 27002) applies to health information, and encompasses computer networks and electronic devices.

ISO 14971:2007  (“Application of risk management to medical devices”) covers the devices themselves.

Outside of ISO standards, you have working groups such as the EU Data Protection working party issuing guidance notes. Opinion 08/2014 covers the IoT (Internet of Things).

You also have HIPAA (“Health Insurance Portability and Accountability Act”). NIST 800-66 outlines the “Implementing the HIPAA Security Rule”.


 

It is plain to see that with shear growth of internet-connected medical devices, wearables and implantables – the likelihood of vulnerabilities and attack vectors can increase proportionally. For device manufacturers, operators and health authorities, it is critical a thorough risk assessment is undertaken and wherever possible, a security policy and architecture put in place to ensure risks are managed.

Patient data is one of the most crucial types of data, and one that cannot easily be replaced. Reputationally, a medical data breach can be fatal for an operator and embarassing for a health authority.

 

Request a quote
+44 1624 640400