Data Perceptions Inc - News, articles and cooperation

Prepare Yourself for the Borderless Business

As businesses break out of offices, a borderless business model presents both challenges and opportunities for people, places, and productivity.

Data Perceptions Inc. is honoured to be included in Waterloo EDC's FinTech Ecosystem Map for our #cybersecurity practice. Humbled to be included with other amazing organizations like eSentire, BlackBerry, Arctic Wolf, Watsec Cyber Risk Management, Communitech,Accelerator Centre, Google, Vidyard, OpenText, and Kiite!  https://bit.ly/3gWtjPL

Prepare Yourself for the Borderless Business

As businesses break out of offices, a borderless business model presents both challenges and opportunities for people, places, and productivity.

Prepare Yourself for the Borderless Business (dataperceptions.com)

By Scott Murphy,  VP Strategic Business Development,
Data Perceptions Inc. 
Published November 2021

Business and Technology Trends: Making Work Better (dataperceptions.com)

Businesses need to embrace a digital transformation methodology that focuses on business adaptation through innovation.   

As consultants, we work with various organizations in various sectors, and we have seen interesting trends emerging from the pandemic. "Working from anywhere" has made many businesses revisit traditional views of how the company operates.  Businesses have been forced to understand their customers and their ecosystem better.  Businesses have also had to find a way to work more effectively to get things done.  None of this is particularly new or revolutionary, but some takeaways are worth mentioning.

Organizations have been focusing on outcomes for as long as I can remember.  The landscape is changing at an accelerating pace, and new daily objectives require companies to make decisions faster.  New risks also appear daily, especially with technology security—necessitating a company to adapt more quickly.  This adaptation requires new ways for businesses to collaborate more effectively across the enterprise.  

​Businesses must focus on outcomes required to keep up with the rate of change.  The results will drive innovation. 

Business Adaptation through Innovation 

With internal and external forces changing faster than ever, businesses must become agile and adaptable to the new reality. Although technology generally plays a significant part in this adaptation, it isn’t solely about the technology; it’s about the workflow and the business processes. Companies must streamline processes and tear down silos. Technology can facilitate this digital transformation, but it requires a culture of change and innovation.

This culture change will require embracing digitally-enabled processes, communications, and collaboration to be effective. Businesses must build processes with resilience to ensure that they can deliver consistently. A cloud-first strategy should facilitate digitally-enabled processes that allow the workforce to work from anywhere. The processes must also incorporate a security strategy to support a zero-trust model to manage the ever-increasing external risks.

Businesses need to embrace a digital transformation methodology that focuses on adaptation through innovation. Technology tools will be enablers, but not the entire solution.

Work from Anywhere

The work from anywhere requirement was thrust onto businesses in 2020. This new business model put stress on the business's technology and required some connectivity and security changes. Working from anywhere has pressured people involved in a company and has introduced a new way for them to function. The last 18 months have proven that many roles and individuals are more productive in this new business model. A hybrid model will be required for many businesses as some functions are better in person. The collaboration tools have gotten better and have eliminated many of the previous barriers to remote work.

Businesses must find the hybrid model that works best for their teams to enable greater productivity on a role-by-role basis. Finding the enabling security and technology tools will play an essential part in finding this balance.

Data Decisions

The complexity of customer and supplier ecosystems has accelerated over the last several decades but even faster lately. Major and minor changes and shifts in customer preferences and habits have challenged many businesses. Most businesses have a wealth of data but not necessarily a wealth of information. Data often gets siloed in different areas of the company. The business requires the data to be viewed as trends and information to make timely and accurate business decisions.

​Data analytics tools such as business intelligence, artificial intelligence, and machine learning have made tremendous strides, making them more affordable and accessible. The technology tools accelerate the processing of data into information, but they aren’t the whole solution. Knowledge workers are needed to determine the right metrics that are required to make critical business decisions.

In addition to tearing down data silos as mentioned, businesses must also and develop cross-organizational views of the information and trends that drive key business decisions.

Making Work Better

Businesses entered the pandemic facing some enormous challenges. Change accelerated, and they needed to adapt. Digital enablement and culture changes quickly became the norm to keep business moving. Working from anywhere became the new standard that required technology and cultural changes. Critical business decisions needed better information.

These challenges inspired innovation. Vendors and the business community accelerated enhancements in collaboration, workflow automation, security, and data analytics. The adage, "necessity is the mother of invention," may never be more accurate. The pandemic has been very challenging, but maybe the silver lining is that businesses will emerge stronger by embracing technology.

Contact Us About Your Digital Visualization Challenges 

Next-Gen Cybersecurity: a Brave New World

A modern approach to cybersecurity for the cloud and working from anywhere

Scott Murphy, Data Perceptions, July 07, 2021

With the changing work-from-anywhere business and technology landscape, traditional techniques for protecting your systems and data are no longer enough. Ransomware as a service is a reality — and any business is at risk.

Integrated Security Framework Image

The good news is that we’ve seen significant cybersecurity advancements that, when combined into a next-gen integrated security framework, provide a strong foundation for success. They are:

1. Modern user provisioning and authentication services
2. Zero-trust model for all systems and services
3. Secure access service edge (SASE) architecture
4. Advanced threat protection (ATP) services

When integrated, as shown above, these services can provide a unified view of an enterprise’s security framework.

Modern User Provisioning and Authentication Services

Modern user provisioning, single sign-on (SSO), or identity and access management (IAM) are different terms commonly used to describe a central source of authentication management and provisioning of access to application services, whether running on-premises or in the cloud. IAM services provide the foundational platform for integration.

Modern User Provisioning and Authentication Services Diagram

Modern user provisioning will simplify user registration and automate user provisioning, often via integration with the corporate HR information system or human capital management database, providing a single source of truth for your user community. Integration simplifies staff on-boarding and off-boarding processes and reduces some security risks.

Allowing SSO access to staff, contractors, and partners will reduce the number of logins to remember and strengthen security. SSO will simplify the deployment and acceptance of multi-factor authentication (MFA), further enhancing authentication security and reducing risks.

Zero-Trust Model

A zero-trust model assumes breach and verifies each request as though it originates from an open network. Zero trust dispels the concept of trusted zones in a network.

Zero-Trust Model Diagram

Regardless of where the request originates, a zero-trust approach treats each application session as untrusted and requires authentication, authorization, and encryption before granting access. Zero trust, sometimes referred to as micro-segmentation, can help minimize lateral movement within an environment, making a cybercriminal's job much more difficult. A zero-trust model requires AI, analytics, and machine learning (ML) to detect and respond to threats in near-real-time.

Having a zero-trust model does not eliminate the need for an incident response plan. Rather, having the people, processes, and policy responses in place is even more important given that you’ll have significantly more insight into intrusions before they become breaches.

SASE Architecture

SASE Architecture Diagram

SASE combines networking and security functionality into a unified global cloud-based service that replaces remote VPN access and WANs. It’s most notable differentiator from traditional networking is that it is a cloud-native solution that is scalable, adaptable, provides global QoS, and is accessible from anywhere in the world. An essential security feature of SASE solutions is support for a zero-trust implementation model. SASE ensures that all sessions, no matter where they originate, are decrypted, inspected, and verified in real-time. SASE architecture improves the user application experience and reduces security risks — especially for cloud applications.

ATP

ATP Diagram

Modern provisioning, zero trust, and SASE provide a robust security foundation, but integration with advanced intelligence and analytics takes security to the next level. AI/ML-based tools enable threat hunting and alerting across user identities, endpoints (workstations, smartphones, servers, IoT devices, etc.), applications (both in the cloud and on-premises), emails, and documents. These tools can look across activity logs to identify compromises and alert IT staff before a breach occurs. This proactive approach to security allows for faster response to incidents with fewer staff.

Integration

It should be emphasized that none of these modern cybersecurity tools should stand alone. Together they provide a framework to improve security operations. They require a shift in cybersecurity operations that focuses on rapid response and remediation of potential threats. People, processes, and next-gen technology can keep your business ahead of the cybercriminals and protect your business.

More information on the integrated approach to security can be found at https://www.dataperceptions.com/integrated-approach-to-security.

Does the Cloud Solve Your Cybersecurity Challenge?
By Scott Murphy,  VP Strategic Business Development, Data Perceptions Inc. Published April 21, 2021

It's possible if you adopt a cloud-first strategy and refocus on cybersecurity operations. 

Business operations have become intrinsically tied to technology. The connection between the two has created tremendous operational efficiencies, but the world is changing, and reliance on technology has become a significant business risk. This risk is a direct result of the growth of ransomware and other cybersecurity threats. All businesses, not just enterprises, must understand their risks and enhance operations to address threats to critical assets and systems, including for internal and customer-facing communications.

Managing these cybersecurity risks requires an organization to become more mature and holistic in its cybersecurity operations. What the organization doesn’t need to do is purchase more technology. That’s because technology alone creates a predominately static cybersecurity posture, but a mature cybersecurity operation is adaptive to new risks and changes in business operations. Understanding risk is an iterative and ongoing process.

Mature cybersecurity operations require staff to review, manage, and respond to the demands of the ecosystem. Most organizations don’t have the budget to hire someone for this role. One solution is to shift the organization's technical operations to the cloud and reallocate staff to cybersecurity operations.

Never Trust, Always Verify

Moving an internally hosted application to the cloud (i.e., software-as-a-service, (SaaS), platform-as-a-service (PaaS), infrastructure as a service (IaaS)) allows you to offload risk mitigation and much of the technical side of cybersecurity operations to the cloud operators, like Azure, Amazon Web Services (AWS), and Google. These operators have secure and scalable cybersecurity operations tools available, but their systems aren’t secure by default. Instead, they provide optional scalable systems that enable your business to configure a more mature cybersecurity system. Cloud operator systems provide the capabilities to handle 80% of the technical side of cybersecurity operations so that your staff can focus on the other 20% which consists of the systems' configuration and management, specific to your business operations.

Moving applications and systems to cloud providers simplify the shift to zero trust because cloud provider systems are typically built with this premise in mind. Zero trust means that devices, like laptops which are commonly compromised today, aren’t trusted by default. Many on-premise security systems assume internal device trust, but this approach is no longer practical. We must assume devices are compromised inside an organization's perimeter security defenses—never trust, always verify. An organization's cybersecurity approach needs to transition to modern access with zero trust by default to identify threats earlier.

The cloud operators allow non-enterprise scale businesses to take advantage of enterprise-grade, holistic cybersecurity tools on a per-user cost basis. These tools can dramatically increase uptime, scalability, and security. They can also enable smaller businesses to more easily be compliant with security standards like SOC2, NIST CSF, and ISO 27001/2. Organizations transfer responsibility for 80% of the cybersecurity function to the cloud operator.

What Your Cybersecurity Ecosystem Should Entail

There are a few key pieces that enable a new cybersecurity ecosystem. Details follow:

1. A robust identity system based on single sign-on (SSO) and a strong phishing-resistant multi-factor authentication (MFA). That allows access to decentralized applications across cloud providers with strong authentication and enables a shift in cybersecurity operations towards a zero-trust model that substantially reduces cybersecurity risks.
2. Managed patching of systems, particularly with SaaS and PaaS. The cloud operator accelerates testing and patching, reducing the time between the release of the security patch and the exploitation of the vulnerability. According to FireEye Mandiant Threat Intelligence (Think Fast: Time Between Disclosure, Patch Release and Vulnerability Exploitation — Intelligence for Vulnerability Management, Part Two), 58% of vulnerabilities in 2018 and 2019 were exploited as zero-days while 42% of vulnerabilities were exploited once a patch was issued. More efficient patching reduces many of the technical vulnerabilities and risks.
3. Real-time cybersecurity monitoring and response systems. Cloud operators use machine learning and artificial intelligence to identify vulnerabilities and intrusions more quickly across thousands of customers. Threat hunting systems provide advanced threat protection for devices, applications, and user identities. These tools allow the business to focus on incident response, as the detection component is simplified and more accurate with these advanced systems.

The overall shift to the cloud to improve security can also reduce capital costs and the total cost of ownership (TCO). Cost management is primarily achieved by only purchasing what’s required on a per-user or per-device basis – i.e., you only pay for what you need.

Communications, Too

As noted above, many organizations are challenged with security of communications, collaboration, and contact center systems. These systems are now operating on the same devices as other corporate applications and vulnerable to same security risks. Organizations are already considering moving to cloud-based systems such as UCaaS and CCaaS for improved features and reduced costs. Moving to cloud-based communications also provides the benefit of a strong foundation of security with zero trust, identity management (SSO), patching, and monitoring – transferring this workload to the cloud operators and allowing staff to focus on operations.

A cloud-first strategy to deliver applications and services isn’t a silver bullet for cybersecurity. However, it enables organizations to offload some operations to cloud providers while focusing on the dynamic side of cybersecurity by leveraging highly scaled cybersecurity systems.

Using Microsoft Teams to bring together many user functions can simplify the lives of users - enhancing productivity. 

As businesses look to provide integrated, seamless collaborative experiences for their users, many have chosen Microsoft Teams.

A Day in the Life

Here’s an example of the sort of seamless experience they can deliver via Teams.

A user wakes up in the morning and decides where they feel like working that day 

• at home,
• a customer site,
• the office,
• or a coffee shop (this is post-pandemic, of course).

Via Teams, they know they will have access to everything they need to be efficient and productive regardless of their location, so that takes the pain out of the decision (not to mention making the work more enjoyable).

They decide to work from home, so head to their desk, turn on their laptop, and log in using facial recognition — simple and secure. They have a second monitor, keyboard, and mouse connected to a laptop dock that makes their experience just that much better. Their system automatically uses their laptop authentication to log in to the corporate VPN and firewall. This will provide secure access to all of their applications and data — all with quality of service to ensure that performance is optimal. Their applications open, logging in using their laptops credentials; they are ready to start the day.

The first order of the day is a team video meeting in Teams, which launches with one click and shows all participants in a tile layout. Team members share screens and applications for the updates as they move through the agenda, and they have a great audio and visual experience using the 4K USB camera and a Bluetooth headset — all while enjoying that first coffee of the day.

The user then gets down to business, searching for documents needed to deal with the tasks of the day; collaborating on documents and text chat with co-workers; submitting requests for approval; and making voice and video calls with customers and suppliers. They do all this without ever leaving the Teams application — meaning they’re able to conduct their business quickly and efficiently.

Of course, the day wouldn’t be complete without some sort of crisis. The worker is alerted via a Teams message from a co-worker that a project has fallen behind schedule. They review the status of the project within Teams, and bring another colleague into the discussion. They escalate the discussion to a voice call without switching programs, and then to a video screen share to figure out how to get the project back on track. Never having to switch applications in the discussion significantly improves efficiency and their experience.

Wrapping things up with updates to the project plan and adding customer notes in the CRM, all within Teams, brings the day to a close — made easier by knowing they can continue to monitor the situation using the Teams app on their smartphone. This integrated process makes everyone’s experience more effective and enjoyable.

Security is a consideration, too, but often comes with a trade-off on user experience. To optimize user experience, it’s essential that the user only be required to provide sign-in credentials once (usually with complex passwords and multifactor authentication) for access to all required tools. With cloud applications, this single sign-on experience is slightly more challenging but can be accomplished using newer authentication mechanisms like Microsoft’s Azure Active Directory for centralized authentication and identity management.

The Necessities

This may sound a bit utopian, but it is achievable today with planning and design that accounts for the full suite of functions and related applications that users need to do their jobs efficiently. For many users this includes:

• Document access, creation, management, and version control
• Ability to share information via chat, email, voice, and video collaboration streams
• Forms, process, and workflow automation
• Task and project coordination and management
• Access to line-of-business (LoB) applications like CRM, ERP, and many others

Application integration is important, too — and Teams provides a great start, since its part of the Microsoft 365 (recently rebranded from Office 365) productivity suite. For document management, Teams uses SharePoint, enabling the ability to access, create, and manage most document types. This can be done from within Teams or natively in the application, where most users are already very comfortable.

Document collaboration takes many forms, including working simultaneously on a document, sharing a document with team members, or video/voice collaboration with shared screens. The advantage of Teams is that all of these modalities are possible. Users can start a document and post in Teams for review and editing. The collaboration can be escalated to working on that document simultaneously and seeing edits and comments in real-time. Further discussion can be added with a voice call and later video to get the document just right and meet critical timelines. This can all be done without changing applications within Teams.

Beyond the Microsoft productivity suite, Teams supports integrations to many LoB applications, including ServiceNow, GitHub, BitBucket, Jenkins, and Workday. Additionally, Microsoft allows businesses to embed applications into the Teams interface as a tab within a channel. This means Teams can be a single interface for all of the organization’s applications, further simplifying the user experience.

In addition, an integration from Teams to Microsoft Flow or Power Automate enables the automation and acceleration of standard workflows. This reduces errors and streamlines operations, creating efficiencies between teams.

Every organization has tasks and projects they need to track, share, and report on. Visibility of project and task status improves efficiency and success. Teams offers integrations with many project management tools, including Microsoft Planner. Planner is light project management tool that enables project owners to delegate and track status of tasks from within Teams. They can share outcomes via Teams, and this transparency can promote timely delivery of outcomes.

An integrated user experience provides significant business advantage. Although it is possible to create this experience by selecting best-of-breed applications, it is far simpler, with less risk, to have that integration already done.

For More Information about Microsoft Teams Integration please visit https://www.dataperceptions.com/microsoft-teams-user-experience

Team collaboration tools have proven invaluable in keeping distributed workers connected, but optimizing their use will make the experience even better.  

As I wrote in my previous WorkSpace Connect post, Microsoft Teams can be an operational game changer for a connected workplace. But, as with most applications, making this team collaboration tool really sing for the people using it takes the right backdrop.

Here are seven pointers gleaned in my organization’s use of Teams internally:

1) Optimize your choice of devices — Depending on the use case, Teams can eat up a lot of CPU, memory, and storage, so having the right device can make a difference in how the application performs and the worker’s experience. We’ve found that Teams runs well on a Microsoft Surface Pro with at least eight, but preferably 16, gigabytes of RAM. For smartphones, we’ve had great experiences with the Google Pixel 4XL running the Teams client.

2) Pay attention to sound quality — Teams is a communications tool that essentially replaces the phone on most desks, so it requires a good microphone and speakers. Consider giving workers a headset specifically designed for communications. For example, we’ve had great experiences with the Voyager 6200 UC Bluetooth headset from Poly. Most of our Teams users also prefer or require a high-quality desktop speaker/mic. For this, we’ve been using the Jabra Speak 410/510 desktop speakerphone. For each, I recommend giving workers the small plug-in USB dongle to simplify wireless Bluetooth connectivity. Both types of devices can be simultaneously paired with a user’s laptop and mobile, enabling lots of choice for hands-free or touch-free call answering by voice.

3) Expand screen real estate — Teams will change the way people work, including shifting away from printed to online materials. This means that workers will be looking at everything on their screens. We’ve found that some workers like to have two 24- or 32-in. monitors on their desktops, while others prefer a single larger (42- to 55-in.) high-resolution screen (Best Monitor TVs). Giving users a choice will allow them to multitask and get things done faster.

4) Get rid of all those laptop connections — Reducing the time a Teams user takes to move from a mobile to a desktop improves productivity. This is simplified by using a laptop dock. For our use, we’ve paired the Surface Pro, as mentioned above, with a Microsoft Surface Dock that itself connects to monitors, keyboards, and USB devices. The wired/wireless Microsoft Modern Keyboard with Fingerprint ID, has been working well for us.

5) Implement security essentials — As a recommended practice, you need to implement single sign-on (SSO) for as many applications, including Office 365/Teams, as possible; this reduces the number of passwords that workers need to remember and improves their experience. Consider integrating authentication into your corporate identify system, like Microsoft’s Azure Active Directory (Azure AD). Multifactor authentication (MFA) is another essential for improving authentication security for workers using Teams. Yubikey 5 series for MFA are working well for us.

6) Take the next step on security, while also boosting performance — Add an extra level of security and performance enhancements to Teams for WFH employees by implementing a Secure Access Service Edge, or SASE, solution from a company such as Cato Networks. This technology combines the benefits of remote access virtual private networks, software-defined traffic prioritization across the Internet, a global managed backbone, and a cloud-based next generation firewall. SASE essentially hands off the traffic to Microsoft right at the edge of its cloud, significantly improving the user experience, particularly for WFH users. A SASE solution with integrated SSO to Azure AD, for identity management, will improve the user experience.

7) Do a proof of concept (POC) — Maximizing Teams’ effectiveness does take some planning since its use will touch most operational processes in the business. You should consider a phased Teams deployment, starting small with either a subset of users or for only certain functions as a (PoC). Take the time to look at your business workflows and identify the ones that will be the most impactful to integrating communications and collaboration.

https://www.dataperceptions.com/7-practical-tips-for-optimizing-ms-

A look at how Microsoft Teams can be an operational game changer for a connected workplace;

For the last several years, businesses have been flocking to team collaboration tools like Microsoft Teams to deal with work-from-anywhere communications requirements — and this move has only accelerated during the current coronavirus crisis. Without the ability to connect in person, work teams have turned to virtual spaces for their collaboration needs. 

​Use of Teams, already the most quickly adopted application in Microsoft’s history, has skyrocketed during this period, to 75 million daily active users as of April 29. This is an increase of 70% in just over a month, Microsoft reported.

​Although this is impressive growth, from my perspective as someone who has been all in with Teams for over a year, I can say the operational efficiencies gained in using Teams long term will significantly eclipse this statistic. 

When our organization went all in on Teams over a year ago, we weren’t prepared for the impact it would have on us. Teams became the center of our operations and significantly changed the way we worked. (As an aside, when we moved to working at home on March 13, to protect our staff, the transition was seamless.) 

Integrated Collaboration 

Teams extended collaboration capabilities include: 

• ​Text chat — great for collaborating asynchronously 
• Voice calling internally, with extended dial plans available for making or receiving calls to/from any number 
• Video meetings with screen sharing (my personal favorite) 

​Teams also provides a simplified front end for SharePoint document management, an under-appreciated feature. Although SharePoint has been around for almost two decades, it has required a significant investment in setup and training. Teams eases this requirement, giving work teams a robust and easy-to-access document management system, with an often overlooked benefit — version control. 

Version control, historically a manual process, has long been a challenge for collaborative organizations. SharePoint provides version control automatically, behind the scenes. But the even bigger operational benefit is that team members can post rich, contextually relevant messages with links to SharePoint Teams files within a project or collaboration group. This makes it easier for colleagues to find the right file and enable the entire team to work collaboratively on the right version of a file with context-oriented messaging. This can save everybody countless hours. 

Holistic Change 

The holistic use of Teams for document management, collaboration, messaging, video, and voice has created a variety of new opportunities for and enhancements to our operations. 

Teams isn’t a perfect solution, and many argue that individual features of Teams aren’t best of breed. But that doesn’t matter, since the benefit isn’t in the individual features, but rather the integration of collaboration capabilities in one place. 

The integration creates a great user experience — one of my favorite things that Teams allows is the ability to begin collaborating on a document via asynchronous chat, then move from the chat to a voice call, and then to a video call with screen sharing — seamlessly, never changing applications or disrupting the discussion. The workflow changes may take some time to adjust to, but ultimately employees will appreciate the simplified experience.

A feature that has been particularly beneficial to our company is the ability to extend this functionality to guests — partners, suppliers, and customers. Guests can be easily set up to collaborate on files, join videoconferences, and participate in text chats. This has significantly improved the customer experience. 

​By bringing all of these features and functions together into one interface, our teams have been able to get the job done sooner with better results. On top of that, the ability to run Teams on a mobile device means employees can use their smartphones to collaborate from anywhere (airport, taxi, parking lot — or anyplace they might escape to establish physical distancing). This can help projects stay on pace, if not finish ahead of schedule. 

Additionally, availability of a mobile client reduces the number of devices employees need down to two — typically a laptop and a smartphone. Once they begin using Teams, the idea of picking up a desk phone handset will seem awkward and intrusive to many employees. 

Adopting Teams in a holistic way as described, can also be augmented with other tools. Some examples would be adding corporate applications such as CRM, workflow tools, and project management right within the Teams applications to further enhance user productivity.  

Next  Steps

Teams can be an operational game changer for many organizations. But recognize that maximizing its effectiveness does take some planning, as it will touch most operational processes in the business. Even during the rush to virtual collaboration brought on by the pandemic, be sure to take the time to look at your business workflows and identify the ones that will be the most impactful to integrating communications and collaboration. 

In part two, I’ll share practical tips for making Teams part of the connected work experience. 

Parents often tell their children that the world is their oyster, meaning they can achieve anything they wish in life if they take advantage of opportunities presented. The same is true for organizations undergoing digital transformation… cloud applications — software as a service (SaaS) — can be their oyster. 

Almost anything is possible, as long as they can make everything work together with the right level of performance, reliability, mobility, and security for the business.

Historically, having to make a bunch of disparate networking, security, and application technologies work together to support business operations has been a challenge. However, a new category of solutions, called secure access service edge (SASE) and pronounced “sassy,” aims to simplify the task of delivering applications to your workforce without compromise.

SASE Architecture

SASE, a term Gartner coined, simplifies and integrates a collection of technologies including: WAN, SD-WAN, remote access, cloud authentication and identity management, network traffic management, encryption, and security. SASE enables people to work with ease, agility, security, and mobility without traditional constraints.

The SASE architecture, shown below, shows how these different types of tools combine in a single platform, allowing connectivity easily and securely. This means users can work just about anywhere while having access to the tools they need, whether those are hosted in the cloud or in a corporate data center.

SASE allows an organization to more easily take advantage of cloud applications and technologies while maintaining secure operations and business agility.  In addition, SASE offers the unique advantage of allowing organizations to simplify network, security management, and operations as they transition to cloud applications.  Organizations can implement a hybrid of SASE and traditional firewall sites to allow for a smooth transition from on-premises to cloud-based firewalls, firewall as a service (FWaaS).  On-premises firewalls still offer the ability to provide network segmentation at a location.

Governance and Security

An organization can simplify security by applying one set of policies to all users, regardless of location. 

Integrating SASE with cloud services like identify management, mobile device management, endpoint security management, and security monitoring can significantly enhance an organization’s security detection and response operational capabilities.

These enhanced capabilities will also make secure operations easier to manage, and improve both the supplier and customer experience.  Since SASE allows for a single method of accessing applications securely, organizations can more easily manage a hybrid of on-premises and cloud solutions.

Digital Transformation

The SASE architecture and availability of cloud application delivery has opened up a world of options.  It provides the capability to cost effectively deploy applications to any number of people in a workforce – potentially in days instead of months.  SASE’s simplicity has reduced costs and deployment time, while increasing business agility and operational reliability.

​However, using SASE to support digital transformation doesn’t eliminate the challenge of mapping out requirements, objectives, workflow, and use cases.  It can expand the options available, reduce the cost and accelerate deployment, and enable organizations to reduce the risk of deploying applications in the cloud.  A good methodology (https://www.dataperceptions.com/digital-transformation-methodology) for identifying requirements for digital transformation is more important than ever.

The rates of productivity increases are accelerating with digital transformation that rely on cloud applications.   Businesses that are successful with the digital transformation journey are linking cloud, security, and customer experience.

Customer Experience

Business leaders are reinventing their organizations with the goals of creating an exceptional customer experience and staying ahead of the competition.  This digital transformation process requires enhancements to technologies, people, and processes that drive business value.

​Cloud-based applications allow businesses to focus on their customers and deliver value through deep understanding.  Data analytics and big data have further enabled businesses to understand their target customers better than their competitors.  Businesses can use this unique combination of tools and data to measure the value they’re delivering to their customers in ways never before possible.  Many cloud-based vendors offer standard integrations with other cloud applications to allow a better fit with business processes. 

Tying it all Together

Businesses that adopt a SASE architecture will be able to accelerate their adoption of cloud applications and tools.  The architecture will enable a successful digital transformation journey that links cloud applications, security capabilities, and enhanced customer experience.  The architecture’s potential can only be fully realized when a sound digital transformation process is applied. 

​Organizations that can successfully adopt digital transformation using a SASE architecture with a focus on customer experience will excel in their market sector.

Contact Us About Digital Transformation

contact-us@dataperceptions.com

CONTACT

Calgary   587 880 1912
Ottawa    613 216 6073
Toronto   416 840 7750
Waterloo 519 749 9319

Human firewalls: the key to preventing cyber attacks?
By Scott Murphy
First Published October 3, 2017 Sprint Business https://business.sprint.com/blog/human-firewalls-cyber-attacks/

The Equifax hack is a reminder that cybersecurity is an ongoing threat. Employees should play a role in every cyber defense program, according to security experts from Data Perceptions. Scott Murphy addresses how companies should create human firewalls to decrease their exposure of being hacked.

Following high-profile security compromises such as the Equifax breach or the global WannaCry attack, there is always a call for technology fixes to improve enterprise security. Advisors will tell you that you need better firewalls, enhanced governance, faster patching, and more security staff.

While most of that may be true, it is critical to remember that most security breaches involve a human failure. It may be one employee’s decision to click on a link in a well-crafted phishing email, or it may be an internal decision or patch process that delays patching a known vulnerability, but commonly involves one or more breaches of the “human firewall” in the organisation.

Attacks in traditional and new ways

The most common attacks are simple. A fake but very legitimate-looking phishing email comes to an employee. It may be spoofed to appear that it comes from that employee’s boss, with all the right words and terms used.

The employee is fooled into clicking on a link, at which point malware is downloaded and the hacker begins collecting information and expanding the breach. The malware provides a remote connection for command and control by the hacker, to get their foot in the door and find ways to access and essentially take charge of networked services.

The hacker may insert ransomware and let it sit for some time. Then at the appointed time, they encrypt some or all files, demanding payment in cryptocurrency to give control back to the organization.

There are other devious methods. One is a USB drop, where a hacker places a USB drive near someone’s vehicle in the parking garage, knowing someone may pick it up and check it. Or, they may pose as a helpful passerby who comes to the company’s front desk and says they found a USB drive and wanted to turn it in. Natural curiosity compels us to plug that drive in. When that happens, the hacker has just gained access to the company network.

Or a person might piggyback onto an employee’s physical access, sneaking in behind a legitimate employee who has used a badge to enter giving the hacker physical access.

People by nature want to be helpful and customer-focused. That is why even wary IT help desk people can be fooled by a phone caller pretending to be an employee needing help with a login. Sophisticated hackers can weave such a believable story that the help desk person – whose job is to help people with network access – can become a victim.

Train, then train some more

To mitigate the risks of these types of attacks, an organization needs to keep employees constantly aware of security and always acting in safe ways. Reducing the human vulnerabilities requires training, with targeted effort to increase both physical and digital security awareness.

Challenges with any training includes making sure it’s available across the organization, ensuring participation of staff and service providers, and making it appealing enough to resonate with them. Then ensuring that they apply it at the proper times by making the right choices in various situations.

Two good ways to improve people’s retention in security safety awareness training are:

• Gamification. Award points and other forms of recognition to people who do the right thing during the training modules.
• Social Engineering Indicators. This uses simulated social engineering attacks such as phishing emails to train people how to identify hacking attempts.

​Both of these techniques are most effective when they are ongoing. Employees can be periodically tested by sending simulated phishing emails, doing a USB drop, or having someone show up in the office who is unfamiliar and not properly identified or badged. When employees do the right thing – delete the email, turn in the USB device, or engage the unfamiliar person – they can be rewarded with recognition or points.

Proven success

Training does work. Statistics have shown that when you train for a phishing email attack, for instance, at first you may have 15 to 20 percent of employees clicking on the potentially malicious emails, depending on how well crafted they are. After six months of periodic and ongoing training, you can get that down to one or two percent. You may never get to zero, but you can certainly improve.

There are additional steps an enterprise can take to supplement the human firewall, such as:

• Email gateways with sophisticated malware, virus, phishing and spear-phishing detection
• Next-generation Layer 7 firewalls that can detect social engineering attacks and phishing threats
• Limiting permissions for network shares to only those roles that require access
• Processes that require two-person approval of payment requests with appropriate due diligence based on the payment size
• Systems and tools for device/asset management that can deal with lost or stolen devices
• Security monitoring tools or services that identify user errors such as clicking on a phishing email or a missed patch being applied
• Incident response processes that address smaller events as they are identified and before they become a security breach

​Neglecting the human firewall in an organisation can unlock the risk of a potential security breach that could impact intellectual property assets, revenue streams, or the corporate image or brand, possibly even leading to the catastrophic failure of the organisation.

https://www.dataperceptions.com/2017-10-03

About Scott Murphy
Scott Murphy is Vice President of Business Development for Data Perceptions Inc. and is a board member of the Society
email: scott.murphy@dataperceptions.com | twitter: @ScottMurphyDPlinkedin: https://ca.linkedin.com/in/scottmurphy | web: www.dataperceptions.com

The Human Firewall in a Hyper-Connected World

The human firewall is the first and last line of defense for an enterprise, and investments should be made in security awareness training across the enterprise.

In the security landscape, there are few easier opportunities for hackers to compromise an enterprise than by targeting the human beings that make up the workforce. People in an organization (employees, contractors, senior executives, and board members) are almost always the weakest link in the security ecosystem. They have been taught since they were toddlers to be helpful, curious, and, as adults, customer focused. Hackers take advantage of these ingrained traits using a wide variety of social engineering techniques to exploit access to an organizations' resources and assets.

In the aftermath of the WannaCry crypto-locker worm that infected hundreds of thousands of computers in more than 150 countries earlier this month, information security advisors worldwide are preaching that enterprises need better firewalls, enhanced governance, faster patching, and more security staff. Most of these security tactics are needed to compensate for the shortcomings of the human firewall in the organization. Most compromises cannot be completed without a human security failure. The "human firewall" is essentially security awareness spanning the organization, including physical and digital security, and is an enterprise's first and last line of defense.

How do we keep an entire workforce aware of their role in the security of the organization? Traditional security awareness includes signing off on a computer use policy, once a year videos, lunch and learns, and standard employee contracts. These cannot compete against the ingenuity of today's hacker using social engineering, phishing attacks, spear-phishing attacks, business email spoofing, malware, trojans, USB thumb drive drops, and their future inventions. All it takes is one employee to click on a hacker's link and enterprise security is compromised. In a global survey conducted by consulting firm PwC, only 73% of organizations have senior executives that are actively communicating security awareness to their employees. This means that there are still significant opportunities for social engineering hacks, even if existing security awareness communications are effective.

This highlights the need for workforce security awareness training that is effective in implementing the human firewall. It is impossible for a business to get this perfect, but you can improve employee effectiveness in combating social engineering hacking techniques. The security awareness training needs to educate the workforce so that they understand not only what they should and should not be doing but also why. They need to understand the significance of security risks.

The ongoing challenge with any training is how do you get the workforce to:

1. Complete the training, as it takes time away from doing their job
2. Utilize there training effectively and at appropriate times, by making the right choices when put into different situations
3. Make the training pervasive in the organization, being delivered in a method that appeals to everyone

Two recent trends in security awareness training that can be used either individually or in tandem are:

Gamification, which awards points and various forms of recognition to people who do the right thing during the training modulesSocial Engineering Indicators (SEI), which uses simulated social engineering breach attacks such as spear-phishing and phishing emails to train people how to identify hacking attempts

These training tools significantly improve retention and understanding of the material, particularly with respect to security awareness. Both training techniques are ongoing and not one-time events. The goal is to get the workforce thinking conscientiously in a hyper-connected world with mostly friendly, but some malevolent people.

To complement improved training techniques, technology and improved practices can make things easier for the human firewall:
• Email gateways with sophisticated malware, virus, phishing and spear-phishing detection
• Next-generation Layer-7 firewalls that can detect social engineering attacks
• Practicing good network security "hygiene" by limiting permissions for network shares to only those roles that require access
• Processes that require two-person approval of payment requests with appropriate due diligence based on the payment size
• Systems and tools for device/asset management that can deal with lost or stolen devices containing corporate data
• Human-friendly policies and incident management that allow for mistakes and reporting incidents
• Monitoring and measuring effectiveness of security awareness and rewarding people who do well

The human firewall is the first and last line of defense for an enterprise, and with that in mind, appropriate investments and sponsorship should be made for security awareness training across the enterprise. Neglecting the human firewall could result in a security breach that would negatively impact intellectual property assets, revenue streams, corporate image or brand, resulting in the catastrophic failure of the organization.

By Scott Murphy
email: scott.murphy@dataperceptions.com | twitter: @ScottMurphyDPlinkedin: https://ca.linkedin.com/in/scottmurphy | web: www.dataperceptions.com

First Published May 31st, 2017   no jitter - "SCTC Perspective" http://www.nojitter.com/post/240172684/the-human-firewall-in-a-hyperconnected-world

Scott Murphy has two decades of information technology experience and expertise in project leadership, risk management, strategic planning, directing technology deployments, managing complete project life cycles and enhancing operations through change management and process improvement.  He is the VP of Business Development at Data Perceptions Inc. and is an active member of the SCTC (Society of Communications Technology Consultants Association International) – www.sctcconsultants.org