Ipswitch Blog

Where IT Pros Go to Grow

Our Latest Posts

Old PcTechnology infrastructure has an expiration date. The problem? It’s not stamped on the side of the carton. Or available online. The life cycle of any server, networking device or associated hardware is determined by a combination of local and market factors: What’s the competition doing? How quickly is your business growing? Will C-suite executives approve any new spend?

Although there is no hard-and-fast rule for determining your due date, general guidelines exist. Here are some key strategies for your next infrastructure upgrade.

Decisions, Decisions

As noted by Forbes, companies have three basic choices when considering an improvement of their servers and networks: Upgrade specific components, spend for all-new hardware or consider moving a portion of their infrastructure to the cloud. But this is actually step two in the upgrade process. Step one is determining if your existing technology can hang on a little longer, or if a change needs to happen now.

How Did He Do That?

In some cases, your company can avoid spending money by deploying a few MacGyver-style tactics to keep infrastructure up and running — even when upgrades are warranted. Nevertheless, the IT team of Arthur Baxter, Network Operation Analyst of virtual private network service ExpressVPN, tends to avoid these kind of duct-tape-and-matchstick fixes because, according to Baxter, “they’re not very comprehensible to the next person that has to come along and totally replace what you’ve only barely taped together.” Better-than-average devs and admins all have their own set of tricks to keep infrastructure humming, but they’re typically called “best practices” and aren’t designed to push existing infrastructure past its limits. In other words, while sticking servers together with charisma and clever workarounds can extend hardware life, the results are unpredictable.

The Time Has Come

How do you know when it’s time for an upgrade? Company growth is a good indicator, and this could take the form of global expansion or an effort to make best use of big data. According to Baxter, however, advances in the industry may also force your hand: “If there’s something newer and better on the market, it’s [ideal] for an upgrade,” regardless of your infrastructure’s current performance. Budget limitations play a role, since it’s not always possible to commit the cash necessary for a better server or new network technology. He points out, though, that “top companies stay on the cutting edge of what’s available.” Delaying too long in an effort to extend the lifecycle of existing hardware could put you behind the curve.

Making the Case

Even when it’s time for an infrastructure upgrade, it’s a safe bet that supervisors and executives won’t hand out big-budget increases just because you ask nicely. It’s always a good idea to make your case using measurable improvements — such as increased network performance, storage capacity, agility and system resiliency — but it’s also worth exploring other ways to justify technology spending. “The best way,” argues Baxter, “is to find a consultant or join some vendor sessions.” If you have a large support budget, you can also request a vendor proposal. By getting these experts to advocate for their technology, and then backing up this marketing spin with your own analysis, it is possible to showcase the line-of-business benefits that come with your proposed strategy.

Cost and user experience are also excellent talking points, supported in a Huffington Post piece that discusses the need for upgrades to American election infrastructure. Not only can better technology save money — between $0.50 and $2.34 for every voter registered online — but the convenience of online and electronic voting platforms can increase voter turnout. So, for your upgrade proposal, consider showcasing how improved resiliency can reduce potential costs in the event of a data breach, or how greater agility can improve the end-user experience with better access to critical network functions.

Do you need an infrastructure upgrade? If you’re asking, your due date has arrived. And while MacGyver-ing your hardware into another business quarter is one way to prolong its life, you’re better off pitching supervisors and C-suite executives for the upgrade your competition may have already implemented.

Managing Remote Employees

Just 24 percent of workers do their best work in the office during business hours, according to “The Geek Gap” co-author Minda Zetlin, writing for Inc.. In fact, telework is so appealing that nearly half of them would give up certain perks for a remote-work option, and 30 percent would take a pay cut.

Additional data from FlexJobs suggests managing remote employees can save businesses $11,000 annually for each person (you read that right), and that’s for everyone who works at least half-time from home. As if that weren’t enough, many telecommuters claim they’re more productive than their cubicle-inhabiting counterparts, and they’re also happier with their jobs.

For the IT department, managing remote employees poses two major challenges: secure connection and personal device usage. And when you’re offsite, success requires consistent communication and the clear definition of roles and responsibilities. IT departments that not only support, but empower remote work to this end become big contributors to the company’s bottom line.

Security Concerns of Managing Remote Employees

The biggest challenges when managing remote employees, according to Microsoft technical solutions pro Robert Kiilsgaard, isn’t training or application troubleshooting; they’re actually login issues and secure connectivity. “As much as 30 percent of help-desk volume is related to just resetting passwords,” he says. “This is a huge time sink for the help desk, and a complete loss in productivity for the remote associate.”

Specializing in enterprise architecture and IT transformation, Kiilsgaard recommends an Identity-as-a-Service (IaaS) solution, which allows you to manage granular access policies, provide single sign-on (SSO) functionality and facilitate self-service password reset. “If you provide a self-service portal for the end user, you have successfully eliminated that call volume. That doesn’t mean you’ve lowered your cost, but you have lowered your Level 1 service desk ticket queue workload and improved the customer-satisfaction part of your business.”

Accessing Applications

When managing remote employees, many organizations offer a patchwork of tools for application access, including virtual private networks (VPN), virtual desktops and third-party Software-as-a-Service (SaaS) sites. Barring current security concerns, Kiilsgaard also recommends offering a single portal to access all business applications.

If a single access point is of concern to you, there are also reputable applications that allow for the management of passwords via a single sign on. The user only needs to know one password and the application handles the rest. This is inherently safer since the user doesn’t need to know the passwords to any of the business applications/services. This also avoids the cost of deploying, monitoring and managing VPNs and tunneling technologies.

Employees aren’t always savvy about not using public Wi-Fi to access applications, though, leaving them even more vulnerable to man-in-the-middle attacks. They also have to be trained on the risks of using mobile devices to access applications. These include:

  • Enabling remote wipe for lost and stolen devices
  • The responsible use of company data, including storage on personal devices and transmission in email
  • Using only authorized applications when collaborating, sharing and performing work on sensitive data, so third parties don’t gain access to this content

What If He/She’s IT?

Jeremy Cucco, deputy CIO for the University of Puget Sound in Tacoma, Washington, says some of the best IT teams he’s managed during his career have either been from a remote location or those whose members performed remotely. Unfortunately, not every IT position is conducive to telecommuting, and it’s important to make sure these roles are managed with this in mind.

“Functional or business analysts often require face-to-face interaction, and server and LAN administrators may need to work locally on machines rather than remotely,” Cucco says. “Allowing software developers and systems administrators to work remotely has often involved either frank discussions with onsite personnel or a documented policy indicating which positions will and will not be allowed to telework.”

Today’s most in-demand employees — those at the support desk among them — want employers that offer a remote-work option. For this reason, employers who accommodate telework gain a significant competitive advantage. “Telework does require a level of personal maturity,” Cucco says. “However, denying that privilege to all based on the limitations of a few is not an acceptable answer in today’s workplace.”

Making It Happen

With smart access policies, ongoing training and clear communication, the IT department can make itself a powerful partner in managing remote employees, whether its members work in-house or develop solutions from an offsite location. It’s a contribution that increases productivity, unleashes innovation through collaboration and builds the workforce of tomorrow.

Businessman Working At Desk With A Digital TabletKnowing which BYOD risks your fellow IT pros face is paramount in determining how to mitigate them. And the scope of BYOD’s influence on company data hasn’t stopped changing since your office first implemented a BYOD policy. What kinds of devices are users likely to bring to work with them? The range of devices encompasses more than just smartphones and tablets. Once these devices are identified, however, the risks they represent can help your team formulate a policy to keep resources safe when accessed from outside the network.

Workers Bring More than One Device to Work

Not long ago, information security only had to worry about employees bringing work home on company laptops and logging in remotely. Then smartphones hit the market, followed by tablets and phablets. On any given day you might see smartwatches, fitness trackers and even smart fobs try to access your network for control over a home automation or security system.

As an example of this proliferation, the U.S. Marine Corps recently partnered with three mobile carriers to provide a total of 21 iOS and Android smartphones to see if secure access to the Corps’ intranet can be delivered. Less than 1 percent of Marines use BlackBerry devices; the rest have moved to mostly Android or iOS. This is consistent with a recent Frost & Sullivan report, which suggests approximately 70 percent of U.S. organizations tolerate BYOD activity — a number that is expected to climb by almost 10 percent in a few years.

BYOD Risks Are Often More Subtle

Mobile devices aren’t usually designed with high security in mind, and concerns of cybercrime are often addressed quite slowly in OS or application updates. Smartphones, smartwatches and wearables may not have the ability to send and execute files remotely, but they may be able to gain access to company APIs and wreak havoc on your UX. This means their attacks may be harder to detect due to such a subtle interference.

One company recently flirted with bankruptcy because it lost a number of lucrative contracts due to overbidding. A malicious programmer, after planting malware in the company’s system, was able to manipulate internal APIs to change costing data, causing the sales team to produce inaccurate prices for their clients.

Watch for Lateral Movement

In a recent report titled “Defending Against the Digital Invasion,” Information Security magazine suggests mobile devices “can easily turn into a beachhead that an attacker can use to compromise your network. Proper onboarding, network segmentation and testing of these devices will be critical, but these processes have to be developed to scale.”

Chances are, malware will have already breached your perimeter security controls by the time it touches a personal device. In order to defend against this kind of intrusion, your controls need to be able to detect and monitor lateral movement. They should also be applied continuously to identify threats before they cause damage. In the first part of 2015, for instance, there were several thousand reports of malware targeting connected disk-storage devices — network surveillance camera storage devices among them — so that it may scan for these potential beachheads.

Mobile Devices Can Make DDoS Attacks Easier

Mobile device APIs don’t often include sufficient rate limits. They’re also quite easy to exploit for DDoS attacks. And because the requests generated in this type of attack originate from within the network, they are harder to detect and can quickly overwhelm and compromise a backend database. Future DDoS attackers may use mobile devices to enter specific application-layer resource bottlenecks. Already inside the network, they can then send fewer requests that are significantly more difficult to filter out than DDoS attacks that originate outside the network because they “fit in” with normal queries.

The Top 10 Hidden Network Costs of BYOD

As wireless becomes your primary user network, you need to deliver the availability and performance your users expect from the wired network. BYOD complicates this by increasing network density, bandwidth consumption and security risks. Download this Ipswitch white paper and and learn the top 10 hidden network costs of BYOD.

Related Articles:

Noble Truth #1: Networks Buckling Under BYOD and Bandwidth

College Networks Getting Schooled on BYOD

Security concept: Cctv Camera on digital backgroundThe battle over privacy vs. security is a constant reminder of not just how far the Web has taken us, but how far we have to go to agree on its public usage. On one side you have an army of users who trust you — or aren’t aware they are trusting you — with the sensitive information on their machines. On the other side is an ever-looming governmental presence, which seeks access to users’ data in an effort to protect a much larger set of interests.

How are we to hold these two sides in perfect balance? Is there a perfect balance? Well, yes and no. Bear with me.

Do You Feel Lucky?

Well, do ya? While you may never know the full extent to which the government has “collected” private-sector information, it’s a fair bet that the figure would be humbling. And whether or not you deem this practice justified, surely the rest of the workplace assumes their private information remains just that with support’s help. With this in mind, it’s a good idea to ask yourself, barring the hands you can’t slap away: “Am I actively protecting staff’s privacy?”

As you formulate a response, think about how your staff might react if they found out their privacy had been compromised. Would they — or more likely, their lawyer — see the security measures you do have in place and frown upon them? How about if your own privacy was on the line (and it is)?

Not Where, But How You Draw the Line

It’s important to remember that the fine line you draw between privacy and security isn’t universal. In fact it often isn’t even straight, according to Chris Ellis, former data security officer for a government security contractor and current consultant for all things cybersecurity.

“I think the concept of privacy is a very individual matter,” Ellis suggests. “I’ve met people who wouldn’t bat an eye at checking their bank account on a public computer. When I tell them how easy it can be for someone to steal that information, they’d just shrug it off. On the other extreme, one of my best friends insists on using the ‘Incognito’ tab [Chrome’s private window] for every browsing session, even on his own devices.”

These two archetypes obviously have different thresholds for privacy. It’s ultimately up to the sysadmin to determine which concerns are valid — and to what extent — within the business despite what the government says it needs.

Transparent Policy, Not Security

Ellis’ insight, here, applies to more aspects of your network than you may think. Rather than being a solitary decision based on a static environment, the solution to the privacy vs. security debate is aggregate. Unfortunately for the helpdesk, appeasing everyone’s individual privacy concerns isn’t a practical endeavor. Ellis insists, however, that a happy medium can be found when users are able to appreciate the fragility of online privacy.

“What I’ve come to find is that end users are most concerned with privacy when their information is in someone else’s hands, even legitimately,” he observes. “I’m always surprised to see how much more responsible users are with personal information when organizations are transparent about their security practices and inherent limitations.”

At the end of the day, you can only provide the tools and environments that enable secure data storage and file transfer. As users begin to understand the parameters that separate their own privacy from a greater security standard, they’re less likely to cry foul and more likely to embrace secure habits themselves. I don’t know about you, but in my book that’s a win-win.

Tell your users the risks, show them how they’re protected and provide the tools necessary for them to make up the difference.

>> To learn more about secure managed file transfer, check out our white paper: “Security Throughout the File Transfer Life-Cycle: A Managed File Transfer Imperative”.

What issues lie ahead for IT pros this year?
What issues lie ahead for IT pros this year?

IT pros continue to work diligently behind the scenes to ensure their digital businesses stay connected. Understanding the critical issues most likely to cause a disruption is half the battle. Just one week into 2016, here are 4 problematic issues that will affect the IT pro this year:

1.  Increasing Vulnerabilities and Zero Day Attacks

The harsh reality is that companies are still not doing enough when it comes to vulnerabilities within the corporate network. While accepting some level of risk is part of business, 2016 will continue the trend of more sophisticated and better-funded attackers. For many organizations, the ability to manage vulnerabilities will be the difference between becoming a victim of a cyber-attack or the outlier that takes the steps necessary to protect its network.

2.  Limited IT Security Resources

A recent Ipswitch report shows infrastructure threats are most common among mid-sized IT departments where budgeted resources are limited. The sheer volume of daily tasks for IT teams will be a primary challenge in 2016 and likely necessitate a change to current IT infrastructure in order to provide increased performance, agility and compliance across the business. Prioritization and automation will be essential elements to effective IT in 2016.

3.  IT Pros Get Introduced to the “New” Employee

2016 will mark the introduction of the “new” employee, or an employee that has expectations about personal device usage, remote access and more. As the workforce continues to diversify, IT will need to adapt to new employee demands and their steadfast expectations about how they should work and live, which include working on the devices they are comfortable with while using the applications they prefer. This is the new reality organizations are facing and need to adapt to in order to remain effective.

4.  Deployment of New Technologies

Implementing new technology and respective changes within the industry are top of mind for IT teams heading into 2016. As offerings are varied and far reaching, the ability to select and deploy new tools has become more complicated than ever before. Staying well-informed of the growing complexity and risks within an IT environment will allow IT teams to better manage the process of deploying new technology as well as increasing overall productivity and business continuity.

Since it’s the role of IT to keep the infrastructure protected and running at peak performance, a successful IT team is often the difference between success and failure for any organization. Therefore, identifying and preparing for what’s to come will allow IT to be aware of what to expect in the new year, ultimately bettering the overall business. Issues and challenges are certain to arise, but knowing this and being prepared will allow IT teams to address the problems more quickly and efficiently.

Related articles:

8 Issues Derailing IT Team Innovation in 2016

8 Common IT Communication Challenges and What to Do About Them

This post originally appeared in Virtual Strategy Magazine on December 28, 2015.

internet-of-thingsFor the past few years, the tech industry has become fixated on kicking off the new year with a festival of connected devices at the annual Consumer Electronics Show (CES) in Las Vegas. The fact that this show has become so significant to the tech industry is another indication of the potential importance of the ‘Internet of Things’ (IoT) and growing impact of the ‘consumerization of IT’ on the way IT is adopted and managed.

The idea of the IoT has gained widespread attention because of the increasingly attractive economics of connectivity because of advancements in nanotechnology and the maturation of the Cloud. Sensor technology has become a commodity and can be embedded into almost anything. And the Cloud provides ubiquitous connectivity, almost infinite storage capabilities and easy access to compute power at low costs.

As a consequence of these technological forces, combined with the growing conveniences offered by connected ‘things’, consumers and corporations alike are seeking to find new ways to capitalize on the rapidly expanding universe of IoT. For example, almost a third (31%) of the 378 IT professionals in the U.S. polled by Ipswitch recently identified ‘wearables’ as among the must-have gadgets in 2016.

The significance of these trends and importance of the CES conference is clearly illustrated by the number of CXOs speaking at the event from Intel, IBM and other global technology leaders, as well as major corporations like GM and VW.

Four Primary Levels of Value Driving Business to Adopt IoT Strategies

THINKstrategies believes there are four primary levels of value that are driving businesses to adopt IoT strategies:

  1. To more quickly respond to product/service problems when they arise.
  2. To anticipate issues before they emerge to mitigate the risk of customer problems.
  3. To improve current operations, products and services.
  4. To identify new market opportunities that can transform a business.

Stated even more succinctly, IoT can help organizations better serve their existing customers and pursue new business opportunities.

All of these benefits are particularly important in an era in which it is becoming increasingly difficult to win and retain customers, differentiate your products and services, and gain a sustainable competitive advantage.

However, the IT organization must re-think its role and responsibilities in order to help the broader enterprise successfully capitalize on IoT’s promise.

From Past to Present

In the past, the IT function was narrowly focused on installing and managing computing systems and software programs for primarily internal purposes. IT was originally focused on deploying and administering highly centralized mainframe systems and software utilized by a relatively small team of specialized staff. Distributed computing spread the IT function out to various departments, but still primarily for internal business process purposes. Personal computers forced IT to become more end-user oriented, and laptops demanded a new set of remote access methods so employees could tap internal hardware and software resources. The explosion of mobile devices created new IT challenges regarding security and control, but they still supported internal business processes.

Succeeding in the IoT not only means making the right technological decisions to connect to things, it also means doing so in such a way that the critical data being generated by those things can be captured, analyzed and utilized in a secure fashion to achieve the benefits outlined above.

This brings a whole new meaning to the idea of IT becoming aligned with the business. Therefore, the IT organization must play a more active role in the product/service development lifecycle process to ensure the right sensors, networks, storage, analytics and security are being employed to achieve their IoT business objectives.

As a consequence, IT must adopt new techniques and tools to monitor networks, servers and applications, and ensure data is being transferred securely between products, customers and partners.

Related Articles

The Internet of Things: A Real-World View

‘Twas the Night(mare) Before Christmas for IT Pros

 

Whether you’re new to Twitter or an active user, there are some quality and innovative IT pros to follow alongside your company account and parody Darth Vader streams. As innovative leaders who have consistently disrupted the tech landscape with their contributions, their insights have guided me through a range of security and networking issues on several occasions.

These five IT pros come from a host of backgrounds; they are data security, virtualization and web technology veterans committed to filling your feed with the latest IT news and information.

Chris Wysopal, Co-founder and CTO of Veracode

it pros chris wysopal
Wysopal currently heads up technology strategy and information security at Veracode, but made his name as an original vulnerability researcher at L0pht Heavy Industries, a high-profile underground hacker think tank that operated out of Boston from 1992 to 2000, when they merged with @stake in their evolution to a whitehat computer security company.

Wysopal was one of the first to publicize the risks of infosec software, and his recommendations helped me fight SQL injections and other types of common security threats in the past. This veteran security specialist also advises Congress on government security issues.

Follow him on Twitter @Welpon.

Brian Madden, Desktop Virtualization Expert

brian madden it pros
If you’re using virtualization software, Madden is the man you want to follow on Twitter. For past considerations of VMWare versus Citrix, or other virtualization players like Ericom and others, Madden will provide you with all the latest technology updates. I credit him with my decision to drop Citrix for a more scalable virtualization solution.

Madden’s also one of the IT world’s most fiercely independent and opinionated IT writers. You can check out his work on BrianMadden.com.

Follow him on Twitter @BrianMadden.


Dave Winer, ‘The Creator of Blogging’

2104426799_82e13542f5_z-300x300

 

Winer may not be the sole creator of blogging, but if you’ve ever blogged, subscribed to an RSS feed or listened to a podcast, he’s the guy to thank. Winer is noted for his contributions to outliners, scripting, content management and Web services, as well as blogging and podcasting. Follow him for industry news on how to better make Web-based apps work for your organization.

“When the history of the Web is written,” raves The Guardian, “his name will be up there in lights, because he was the guy who showed what blogging could do.”

Follow Winer on Twitter @davewiner, or subscribe to his RSS feed through his live blog, Scripting.

Chris Matthieu, Director of IoT, Citrix

chris matthieu it pros
Matthieu is an expert in network and web topics and every layer in between, with a particular specialization in developing architecture, SOA and SaaS technologies.

Right now he’s heading up engineering teams for Octoblu Internet of Things (IoT) at Citrix. With notable clients including BlueCross BlueShield of AZ, Accenture, and other big names on his resume, Matthieu’s experienced insights help me stay ahead of the curve at the crucial intersection of IoT technologies and business strategies.

Follow him on Twitter @chrismatthieu

Graham Cluley, Award-Winning Security Expert

Graham Cluley IT pros

Cluley is a veteran of Naked Security, a popular cybersecurity website. His background spans the entire cybersecurity spectrum, dishing out advice on configuring a VPN, creating the strongest possible password for your iPhone and other related infosec topics.

Due to the considerable depth and breadth of highly qualified and innovative IT pros worldwide who have each contributed in their own way to the evolving IT landscape, narrowing the selection down to five can be a daunting challenge. But if you’re an IT pro looking to stay ahead of the ever-evolving IT game, advance your career, or just get through some of the rough patches in your job, these are the tech leaders and disruptors you want to include in your Twitter stream.

A new year is cause for celebration. It’s also an excuse for a fresh start. With resolutions made, you enter January with all the potential of becoming a better version of yourself.

While we can’t promise you’ll keep your resolutions and improve your life, we can promise the improvements to WhatsUp Gold 16.4 are here to make your life a little easier. These additions and developments expand the reliability and usefulness of WUG. It’s the specific things that will help you accomplish your 2016 goals, and it’s these specialized things that have improved WUG 16.4.

SNMP Extended Monitor

This feature allows you to consolidate several SNMP monitors into one. Within the one monitor you can watch a number of SNMP counters, each with its own threshold. And you can alert accordingly. This helps organize your monitors in a way that makes sense to you. Better clarity and readability will save time by preventing repetitive monitoring configurations.

You can even save configuration files so you can reuse the configurations on multiple devices.

v16 4screenshot 2
Consolidate several SNMP monitors into one. (click to enlarge)

 

File Content Monitor

The file content monitor scans for the occurrence of specific text. If you have an in-house application that you haven’t been able to configure a monitor for simply scan its log file for a term like ‘error’ or ‘thread count exceeded’ .

WUG monitors make it easy to do this, say, every 10 minutes. You will be alerted accordingly and find any problems. The file content monitor is one more tool in your belt to make proactive management simple.

SSL Certificate Monitor

Ever had the nightmare of coming into work on Monday morning to find out your SSL certicate expire on Saturday? Yep, 3000 visitors received the scary message that your website shouldn’t be trusted.. This blight is not only embarrassing, but you likely just lost a large number of customers for your business.

The new SSL certificate monitor in WUG 16.4 checks remaining days to expiry and alerts you when you cross a user defined threshold. So depending on how you configure your monitor, you can get alerts even months before an expiration. This proactive feature keeps your certificates up-to-date and your business running smoothly.

Flow Monitor Improvements

The existing flow monitor plug-in provides a comprehensive view of your network, giving insight about the top applications, protocols and interfaces from a bandwidth consumption perspective. We’ve improved our flow monitor with a new endpoints report and improved report sorting and filtering. The Top Endpoints report shows the total incoming and outgoing traffic from and interface to give you a top talkers perspective. The improved sorting and filtering make it easier for customers to deal with large numbers of flow sources.

WhatsUp Gold aims to give complete visibility of a network, and every upgrade to the program further enhances that capability.

With a new 12 months ahead, a new year is brimming with possibility. You are the writer of your story, and WUG is the driver of unified . It’s your resolutions that complement your goals for the year, and it’s these new features that strengthen WUG to its fullest potential.

Do the improvements to WUG 16.4 align with your new year’s resolutions? Let us know!

 

Related article:

WUG Ninja: Enable and Configure SNMP for Network Monitoring

Data loss isn’t something sysadmins like to think about, but just a few undetected faults can quickly snowball into a dilemma that takes the department days, weeks or even months to come back from — depending on your disaster recovery protocol. And although there are plenty of places a loss can occur, nearly three quarters of it is attributable to hard-drive failure in laptops or desktop computers as of 2014. SSDs comprise only 15 percent of reported failures, whereas RAID/virtual services come in third with 13 percent.

Cloud storage is growing in popularity, but hard-drive storage is still standard when it comes to storing an SMB’s most critical data. This means support needs to be ready for the following factors that can contribute to a loss that didn’t come from a remote endpoint.

Bring Your Own Malware

Even though antivirus software can reduce the risk of data loss via a breach, the threat of a company machine losing information to malware still looms large. In fact, CNN reports more than 317 million new pieces of malware were created in 2014. And while you might deem the department well prepared for most viral threats to user machines, broader thinking is usually required. Smartphones, tablets and other employee-owned BYOD equipment all serve as gateways for malicious software to enter the company’s coffers from outside the network if they have access to the VPN. If an employee’s device carries, say, a malicious app or attachment, the moment this device connects it puts every shared piece of data at risk of corruption or loss.

It’s impossible to keep an eye on every device that connects to your network, but support can curb the spread of malware from a BYOD device by looking for bandwidth irregularities. Network monitoring software designed to identify the affected device(s) can stop the damage before it retrieves or corrupts more information.

OS Issues

Malware is easy to track, but what about threats from operating systems? Strange, maybe, but there are several scenarios wherein data is compromised as a direct result of a new OS. For instance, iOS users who upgraded to IOS 9 earlier this year without backing up their device lost all messaging, email, photo and contact data. Similarly, users who have devices that run unlicensed versions of Windows can have all their data deleted by Symantec when plugged into a workplace computer.

Though IT pros might know better than to upgrade phone operating systems without backing up or connecting computers with unlicensed content installed, the fact is many employees don’t. In this case, employee education can go a long way. So, when a new operating system is slated for release, reminding employees to back up their data before upgrading will go a long way toward preventing data loss due to lack of compatibility.

Power Failure

Though it’s unlikely with a proper UPS, power failure can cause data losses as well. Specifically, files being written at the time of outage might find some of their data missing or corrupted when your machines turn back on. Even more rare, but if a computer happens to be creating business-critical data when the power goes out, peripheral system information can become lost as well. Protecting all electronics with surge protectors and powering down during storms can help prevent this from happening.

Data loss is a consistently scary thing to think about, but there are some practical things you can do to protect the team along with the office at large from losing data that lives in the hard drive.

CTA-BANNERS-downgrade

Information security isn’t what it used to be — firewalls, although necessary, are not enough to prevent a data breach. The problem for IT is that the old methods of keeping data secure are not enough to stop intruders who, for instance, use sophisticated phishing attacks on unaware employees.

Ashok Sankar, director of cybersecurity at Raytheon-Websense, said in Computer Weekly that cybercriminals are determined to breach company security walls, no matter how long it may take them. But these concerns can’t pose a roadblock to innovations in, say, the cloud, and impede businesses in their efforts to access new markets and gain a competitive advantage.

RSA president Amit Yoran agrees, according to SC Magazine, citing infosecurity as fundamentally broken. Firewalls and policing network perimeters are just things that make you “feel safe” but don’t address real security problems.

The evolution of security is widely discussed in the technology community:

Traditional approaches to security are making us more vulnerable to attack, suggests Yoran. It’s time to rethink security to become less reactive and more resilient.

Measure Your Detection Deficit

Teach employees to use all of their mobile devices, cloud applications and business innovations securely. “This means understanding their needs, explaining to them the security implications and coming to a consensus on what can and what cannot be done,” says Sankar. “If employees want flexibility, they must understand the responsibilities that go with that.”

Stop measuring security strength by the number of attacks a system has endured and stopped. Instead, monitor the time elapsed between the data breach and when the intruder has been detected and contained — otherwise known as the detection deficit.

Firewalls Aren’t Impervious to Breaches

Firewalls do little to contain invasions at the business level too. In order to best protect the assets of your organization, prepare for an advanced persistent threat (APT), which is usually purposeful and done with malicious intent.

Assess Your Loopholes and Know What to Protect

The first step is to prioritize. Align your security goals with those of business executives to determine which assets are most sensitive. “It is now imperative to develop a layered security approach that will amp up the security arsenal with a 360-degree visibility into all corners of the network,” warned Chloe Green, security reporter for Information Age.

Ultimately, you need to improve how you monitor and detect for a data breach, which can come out of loopholes in your security system that lockdown protocol is ineffective against once malware has been installed. Once these endpoints are closed, you’ll be able to better protect your most important information.

What Absolutely Needs Securing?

According to a report by the privacy and data-protection team at Baker & Hostetler LLP, 36 percent of problems were borne out of employee negligence — only 22 percent came from external theft.

Informing your employees not only on what information they have to protect but also, how they should protect it, will lower the majority of your post-breach data loss risk.

Preparing for an APT Prepares You for the Worst

If you’re going to contain the scope of a potential APT, a firewall won’t be enough. End-to-end encryption for data in motion and comprehensive monitoring of all inbound and outbound traffic in your network have to be top priorities. End-to-end encryption protects data being transferred or shared between end-points, whether people or systems. Pair your traditional security solutions with advanced detection and real-time analytics, provided they’re configured to detect malicious activity before it causes actual damage. Differentiate this traffic by identifying patterns with an IP-based device that connects to the network, and you’ll be able to isolate the problem immediately if it occurs.

Security measures can help you minimize the looming threat of a data breach. It’s no longer practical — let alone sustainable — to approach problems with the idea that they can all be prevented once they touch your network.

Big File TransferPicture a rural health system sending large, high-res brain scans from a stroke patient to a city hospital for analysis. Now picture a field engineer sharing 3-D AutoCAD files of a new oil field with decision-makers at corporate. Imagine an enterprise migrating stored data from an old data center to a new one. Today’s collaborative workforce, in almost every industry, depends on big file transfer capabilities.

When it comes to many professional indulgences, you’ve enjoyed the advantages of “rolling your own.” But big file transfers, despite your good intentions to save money, are’t something to do by yourself. When you take an honest look at the simplicity (and security) of today’s managed file transfer solutions, it makes no sense to go solo. DIY file transfer systems puts a big strain on your already overextended IT department, and poses big challenges for regulatory compliance due to the security risks involved.

DIY File Transfer Systems for Larger Files Make No Sense

Without clear policies in place, employees usually send large files over email or use a consumer file transfer application. With Microsoft Exchange, for instance, you have a 10-gigabyte default attachment size limit; Gmail has a 25GB limit. MIME encoding bloats the file even more, which confuses your users (“How can my 20GB attachment be too big when the limit says 25?” They’ll ask). Even if it gets out of your network, the recipient rejects the attachment, resulting in delivery failure. Plus, when you’re backing up your email servers, these large attachments require a lot of storage space.

When delivery fails, your senders usually open up your worst enemy: the consumer file transfer app, such as Dropbox, which doesn’t actually transfer the file to a recipient. Instead it stores it in a cloud, and the recipient gets a link. The safety of your file, therefore, depends on third-party cloud security. If employees use several different apps, you’ve not only lost control of data security in transit; you have no idea where sensitive data lives.

Why Not Automate With FTP?

Many IT departments develop ad hoc file transfer scripts to meet the varying needs of their customers. Your IT department may even be using legacy scripts created by employees who’ve since left the company. It’s also likely they’re not updating these scripts to satisfy the demands associated with transferring a high volume of large files, both in and out of the enterprise. With usernames, IP addresses are libraries constantly in flux; it’s inconvenient for IT to tweak automation scripts all the time. When it comes to large file transfers, there’s no reason for your IT department to be coordinating a process they should have delegated a long time ago.

The inconvenience of updating automation scripts isn’t FTP’s biggest hindrance. Big file transfers via FTP can be incredibly slow depending on your network’s upload speeds. When the transfer hits a firewall, or when sessions time out, FTP doesn’t support automated transfer resume.

Also, opening additional ports means increasing your network security risk, and FTP transfer itself just isn’t secure. A Ponemon Institute study shared by Computer Weekly revealed that 44 percent of IT leaders felt they had no ability to control user access to sensitive documents. Additionally, six in 10 admitted sending sensitive files to the incorrect recipients. Imagine a large healthcare organization sharing a patient’s file from a picture-archiving and communication system (PACS) over FTP and delivering it to the wrong recipient or exposing it to a data breach. Or imagine a critical patient file arriving hours later over FTP while a patient anxiously awaits scan results. A managed file-transfer solution, automated from within the PACS workflow, would eliminate these problems.

Rolling Your Own Just Isn’t Worth It

Rolling your own is usually about two things: thriftiness and craftsmanship. In terms of the latter, though, few IT decision-makers can create a file transfer system that’s as fine-tuned as a managed solution. And when you face significant costs related to lost files, process management or regulatory fines, rolling your own becomes pretty expensive.

Going with an MFT solution will take a lot of work and worries off your plate.

Secure-And-Compliant-FTP

network-access-holidaysThe holiday season may not be relaxing for the most zealous shoppers, but it’s no picnic for IT pros either. Forty-six percent can expect to be on call during the holiday season — a necessary evil, as one in three IT pros have experienced a severe network outage during the break.

Amid these findings, some common problems persist this time of year: While 17 percent of support teams deal with lost passwords, 26 percent troubleshoot applications that perform poorly and 51 percent struggle with the inability to access the network remotely. As an IT pro, supporting network access through your holiday probably can’t be avoided altogether, but you can still lessen the amount of time you’ll spend on call. Here’s how:

Private Networks in Public Hotspots

Virtual private networks (VPNs) are a proven method for securing remote access, used (not surprisingly) among laptop users. And according to Lisa Phifer, President of Core Competence Inc., a consulting firm specializing in the safe use of emerging Internet technologies, it absolutely will keep their data secure.

“A VPN … ensures that only authorized users gain access to resources they should have access to,” Phifer says. “It prevents traffic sent over insecure home networks or public hotspots from being eavesdropped upon. And it gives users a way to detect and avoid falling for fake servers and messages — notably in public hotspots.”

That’s an emphasis on public. With respect to traveling employees, VPNs especially help prevent data leakage in hotel, airport or airplane hotspots — where Wi-Fi networks are the most congested.

In bring-your-own-device (BYOD) environments, a self-enrollment portal can install a VPN profile and automatically configure this network on the new device. When it comes to changing time zones, this around-the-clock security detail ensures data is secure no matter where employees are working over the holidays.

Accessing the Same Tools With a Sleigh Load of New Presents

The holidays often bring an influx of newly gifted devices that employees want to use for work. So, when providing them remote access to the tools they’re accustomed to using on-site, new BYOD devices can pose the greatest challenge.

“Perhaps the biggest impact [to company security] is caused by the new ‘I got it for Christmas’ devices that workers decide they want to activate,” Phifer explains. “That creates a flood of new consumer devices that may pose security risks, so organizations may need to keep an eye out for unauthorized devices and apps to make sure nothing slips in under the radar at holiday time.”

For onboarding new devices and retrieving lost passwords during the holidays, pay attention to the employees who plan on working remotely before the holiday season to ensure their software is up to date and they know all of their passwords before they split for vacation.

Help Employees Help Themselves, but Carefully

A self-help tool can improve your return on investment (ROI) all year long; the more employees can help themselves, the more your desk can focus on keeping the organization agile despite the expected changes in traffic over the next couple of months. They’re especially helpful over the holidays, when demand is high but staff is low: “Whatever employees can do for themselves,” according to Phifer, “whether it’s simple password resets or enrolling a new BYOD with a mobile-device manager, will keep [them] more productive and happy.”

But be sure they’re appropriate for the services to which you give them access, specifically if they’re handling sensitive data. Typical BI and analytics applications, according to Computerworld, aren’t exclusive to power users but can still be wasteful if not given to the department that needs them the most — sales, for instance.

Investing in these tools can ultimately help you look forward to the new year, the top resolution for which is spending less time dealing with network problems. As many as 33 percent of IT pros want increasing security measures, and 11 percent strive to address network problems related to BYOD.

Don’t just sit by the phone and troubleshoot network access problems. Plan to weather them through the upcoming new year by assigning VPNs, preparing for each new device and investing in self-help tools your users need the most.