As high-profile companies continue to experience data breaches in 2017, common attack vectors are emerging. A closer look at some of the worst breaches shows that employee negligence and weaknesses in point of sale (POS) systems are common problems. The success of cyberattacks on other companies should serve as a powerful lesson for your business. Examining these attacks may prevent your business from making some of the same mistakes.Read More
Cloud adoption rates continue to rise as barriers to its acceptance fall. For instance, as we detailed in a previous blog, companies no longer consider security to be a top concern for cloud adoption. Gartner predicts the global public cloud market will grow 16.5% this year to reach $204 billion. Compare the Cloud cites studies that show 90% of enterprises plan to increase yearly spending on the cloud.
The growing popularity of the cloud is no reason to put caution to the wind. Before migrating data and services to the cloud, companies need to develop a sound strategy. As Donna Scott of Gartner points out, “A cloud strategy clearly defines the business outcomes you seek, and how you are going to get there.”
In developing a cloud strategy, companies should consider a list of traits that will help them meet their business goals.Read More
In the past, concerns about security used to be a barrier to cloud adoption for many companies. They worried about surrendering control of their sensitive and mission-critical data once it moved outside of their firewall. Putting sensitive information in a multi-tenanted cloud environment raised concerns that an attack on another company might threaten their company’s data.
But that attitude has been changing. According to the Cloud Security Alliance, 64.9% of IT leaders find the cloud either equally or even more secure than in-house solutions. The RightScale 2016 State of the Cloud Survey found that less than 30% of companies list security as a major cloud challenge. As the cloud market matures, organizations find that the right cloud provider offers strong, multi-faceted security measures.Read More
If your business is anything like most SMBs, then you have to accomplish several important objectives with a tight technology budget for 2017. Maybe you cannot have everything you want next year, but with careful planning, you might just get what you need. This article will show you how to plan a cost-effective and goal-oriented budget for next year.
Prioritize Your Goals and Technology Needs
There are 3 main buckets that your IT budget falls into: security, cloud, and storage. How much of your IT budget belongs in each bucket depends on your business goals, your technology requirements, and your security needs.Read More
SMBs to Face Serious Security Risks in 2017
Since 2011, cyber criminals have started to focus more attention on SMBs. According to cyber-security company, Symantec, attacks on small businesses rose from 18% of all cyber-attacks in 2011, to a whopping 43% in 2015. If the difference between those 4 years are any indication, SMBs will be facing increasing numbers of cyber-threats in 2017 and beyond.Read More
If you have your own data center, your firewall is one of the best security tools in your arsenal. However, your firewall will only protect you if you keep it up-to-date with the latest patches and updates. Failure to do so will compromise your firewall and leave you virtually defenseless.
Firewall Maintenance Is Critical for Your Business
Cyber criminals are targeting SMBs more than ever. Most SMBs lack the resources to protect themselves, which makes them an attractive target. The stakes are getting higher too, because hackers may seek to gain access to larger companies through smaller businesses. Big companies are aware of the trend and are starting to hold smaller businesses accountable for data breaches.
For example, Target suffered a high-profile data breach in 2013. The hackers were able to penetrate Target’s corporate network by way of some smaller businesses, a third-party refrigeration contractor, and an HVAC vendor. Experts speculate that hackers were then able to access Target’s data through their contractor portal. It is not known whether Target will sue the vendors, but it is clear that the vendors’ security deficiencies contributed to the breach.Read More
For companies that think they are too small to be the victim of a cyber crime, think again. There is a new cyber attack that searches and preys upon SMBs and personal users. Ransomware, otherwise known as a cryptolocker attack, is a sneaky phishing attack that tricks users into downloading malicious code.
This malicious code comes in many disguises and in many shapes and sizes. It can look like an email from a friend or a familiar company, or it could take the appearance of a free download of trial software. What all ransomware attacks have in common, though, is that the malicious code worms a sophisticated encryption into every file within its range.
Sometimes, the victim can be a personal computer. Other times, when a user is connected to a network, that infected encryption code can spread to an entire data center, locking down access to every stored file. This type of attack can be devastating for small and medium business owners.
Know what makes up a secure and complete DR plan? Check out our eBook,
5 Things You Need to Know to Plan Your IT Disaster Recovery.
On-premises vs. Cloud: A Rational Analysis
Cloud security continues to generate hype.
In fact, SC Magazine got two SMEs together to talk about whether hosting data in the cloud is more secure than hosting data on-premises.
Even though we have come a long way from the early days of cloud security fear, and even though users and providers have gained more confidence in cloud security practices, misconceptions still persist.
Some assumptions include:
- Hackers have easier access to cloud security settings.
- Once your data is hosted in a cloud environment, it’s exposed to the whole world, and you lose control.
- Data in the cloud is easier for anyone to access.
The Case For and Against On-premises
As a proponent for managing data in-house, Dan Timpson (VP of technology for DigiCert) gave his take on why on-premises is the safer route compared to cloud.
“On-premises solutions give users 100-percent control over their own SSL certificate keys and critical system security, and then it’s their responsibility to ensure privacy and data security. With on-premises, one has better visibility into the lifecycle of one’s own data and where attacks are coming from.”
Timpson makes some fair points. Ideally, it might be easier to manage and control your data when you know where it resides, while having full access and control.
But his point about it being “your responsibility” is important.
Unless you have a dedicated, integrated physical and digital security approach to host your most critical information and that security approach incorporates consistent testing and monitoring, you can’t cover as much ground as a cloud service provider.
Mid-market organizations don’t always account for these consistent privacy and data security practices. Just given the lack of manpower and internal resources, they can be hard-pressed to honor their security responsibilities. If these organizations aren’t able to keep up with the demands, they are always going to be more vulnerable.
The Case for Cloud Data Security
Pete Nicoletti (CISO for Virtustream), who argued for cloud-based security management, had a solid counterpoint to Timpson’s statement.
His take: While security isn’t the core competency for most enterprise and mid-market organizations, it is the core competency for cloud vendors.
Vendors have the in-house resources and expertise to deliver repeatable and sustainable security practices that have been tested and verified.
The reality is that the cloud is likely no more of a danger zone than your very own in-house IT infrastructure.
Furthermore, Wieland Alge, VP and GM of EMEAR at Barracuda Networks, explained, “Almost all of the massive data breaches we’ve seen as of late were within traditional on-premises IT. Sometimes we are too quick in stating that the cloud is an inherently insecure element.”
With the right cloud provider, data security doesn’t have to be such a stress point.
How safe can a cloud provider get?
Physical security is an area often overlooked by customers who maintain on-premises systems. A former NATO command center located in Maine with staff onsite 24/7 is as safe a spot as any for critical systems and sensitive data. As a cloud practice, Oxford Networks secures its computing environment with industry best-practices and an approach to security that includes annual audits and regular testing. These enhancements complement sound internal practices that will always be part of the process of managing IT, whether in the cloud or on-prem.
Learn about the cloud questions you need to answer in our free product sheet, Choose the Best Cloud Technology Path for Your Business.
There are so many articles out there on what’s going to happen in the coming year. We, at Oxford Networks, thought that we would offer a few helpful insights into what companies should NOT expect in 2016.
Here are the top 10 things that aren't going to happen in 2016:Read More
With the end of 2015 fast approaching, predictions for next year’s key trends and developments in the IT industry are already making headlines.
The biggest area of concern remains cybersecurity. And if the predictions hold true, 2016 is going to be an even more trying year for security professionals to handle.Read More
About this blog
FirstLight is talking about the latest trends and shifts in technology, from Big Data to the data center and cloud computing. Our discussions originate from our customers’ point of view—what they’re seeing, the challenges they’re facing, and how it affects the IT market.