Cloud Source

BYOD: Improving Security by Educating End Users

by

With the explosion in affordable mobile devices like smartphones, tablets, personal laptops, and even smartwatches, many businesses have or are in the process of implementing a bring your own device (BYOD) policy. Software company Code 42 reveals in their 2016 Datastrophe Study that 67% of IT decision makers and 87% of CIOs and CISOs believe that they have a clear and comprehensive policy.

However, end users do not share that belief: 67% of employees find their BYOD policy is unclear. This divide between IT professionals and end users can have consequences within the organization, especially when it comes to security.

The Increase in Employee Endpoint Devices

In the past, employees used a single device, usually one that is stationary and connected to their organization’s IT-maintained firewall. Now, however, many employees use multiple mobile devices: 26% have a minimum of two devices from their employer, and 5% have five or more.

This means that businesses need a clear, concise BYOD policy that all employees must adhere to in order to maintain a level of security. According to the Institute for Critical Infrastructure Technology, unsecure mobile devices are especially susceptible to ransomware. Backup and recovery solutions will help with this, but a clear BYOD policy will help stop problems at the endpoint — before they happen.

Working with Employees

The convenience of BYOD is one of its biggest selling points, but it also means that the devices are not under the full control of IT professionals. IT professionals need to work with employees, which means not only training them to consider security alongside flexibility, but also taking into account the habits and needs of their end users. Monitoring and tracking employee behavior will help IT understand what apps are being accessed, how safe they are, and whether or not they should be allowed within the company environment. A clear policy will also help employees understand what personal data they can mix with their business data.

Education and Communication

Uneducated employees often have bad habits that can harm a business’s security, but because they haven’t had the proper training, they don’t know that these habits can compromise their devices. Education and open communication is key to changing bad habits and improving security at all levels. At the same time, IT professionals need to be flexible so that they can adapt to ever-changing technology and the working environment.

Although it may seem like a lot of work, especially for an already established business with multiple employees, a clear BYOD policy will ensure better security and less confusion. Educating and communicating with employees will reduce the risk of ransomware at the end point and help eradicate bad habits, without sacrificing flexibility.

VoIP Telephony: Choosing Between SIP Trunking and Hosted PBX

by

Businesses need to communicate with clients, employees, and related vendors. Many businesses are looking towards Voice over Internet Protocol (VoIP) to communicate more effectively, but are unsure of the differences between Session Initiation Protocol (SIP) trunking and hosted private branch exchange (PBX). For most businesses, it isn’t so much one or the other (as hosted PBX also uses SIP) as it is whether or not the business wants a hosted solution or an on-premise solution.

Hosted vs. On-Premise

As the name implies, a hosted PBX is one that is hosted by an outside provider that takes care of the technical details. SIP licenses are provided by the vendor and the business doesn’t need to buy and maintain expensive equipment. When using SIP trunking, an on-premise PBX is required, as well as a gateway to connect to the Internet provider. SIP trunking doesn’t replace Hosted PBX; what it really replaces are older analog lines and other public switched telephone network (PSTN) technologies.

Pros and Cons of Hosted PBX

Hosted PBX provides a business with all the standard features—which can include an automated attendant, call records, conference calling, and voicemail—while the vendor maintains the equipment and software at another location. Other pros include:

  • Add-on services such as mobility features
  • Cost efficiency with bundling
  • Power backup
  • Scalability and flexibility

The cons of hosted PBX come primarily in the area of control. Because the vendor houses the equipment on their own premises (often in a different city, state, or even country), the business can experience a lack of quality if they don’t have a consistent connection. Businesses may also experience frustration when trying to determine what vendor best suits their needs, as vendors can vary greatly in what they offer as features and add-ons.

Pros and Cons of SIP Trunking

SIP trunking isn’t a PBX in and of itself; rather, it replaces more traditional telephone trunking. Its primary functions include:

  • Checking the end-user system’s capability
  • Checking user availability
  • Choosing an end system for the call
  • Establishing calls
  • Finding the user
  • Managing calls

The pros of using this solution include:

  • Cost efficiency and savings
  • Quick routing of calls to other sites
  • No waiting for additional call circuits to be installed
  • Uses the business’s existing IP network

SIP trunking isn’t for every business, however. Smaller businesses may struggle to maintain the bandwidth needed or to employ a dedicated IT team to maintain the on-premise PBX. Having the right IT professionals is especially important as this service is still relatively new and requires people who are up-to-date on the latest technology and troubleshooting methods. Equipment will also need to be purchased outright as well as upgraded in the future in order for the business to remain competitive.

Costs

Investment costs are usually higher with SIP trunking than with hosted PBX, but for larger businesses that need more control, the costs may even out in the long run. Hosted PBX has a recurring cost, usually monthly, that is affected by number of users as well as number and type of features.

When choosing a VoIP setup, businesses should be aware of what will best meet their needs and goals, even if this means a little more research in the beginning. Knowing the pros and cons of both solutions will help to ensure the right decision, whether a business is large or small.

CIOs and Security: Balancing Customer Needs with Time and Capabilities

by

Security is and will always be a top priority for IT departments and their CIOs. The struggle for IT is that there are simply too many apps being deployed for CIOs to keep up. According to a prediction from technology research firm Gartner, by the end of 2017 the demand for mobile app development services will have increased at a rate of five times the speed at which an internal IT department can deliver.

Customer Pressure

When a client contacts a mobile app developer, they usually want the most bang for their buck. Unfortunately, this can mean that the developer is pushed for time and can’t test properly or has to skip some critical features — like properly implemented security.

65% of businesses indicate that the security of their apps can be weakened by customer pressure, and 77% state that rushing to release an app is the main reason for vulnerable code. Customers also may not understand how complicated it is to properly guard against issues such as

  • application tampering,
  • cryptography,
  • data leakage,
  • client side injections, and
  • secure server side controls.

CIO Solutions

Keeping the above in mind, CIOs need to balance the needs of the customer with what has to be done in order to provide the best security possible. This means having a plan in place before work even starts, and remembering that a well-built app that isn’t particularly exciting is better than something brand-new, flashy, and unsecured. Ensuring that all levels of the business understand the complications of building a mobile app can also help to reduce pressure. Following are three considerations when building these apps.

Replicable Framework. Using an established mobile framework as a base helps to protect against breaches like session hijacks, SQL injections, and cross site scripting or request forgeries. Most applications don’t need to be custom built from the ground up, and using a framework ensures that the basic security details are already there.

MAM Solutions. A Mobile Application Management (MAM) solution helps with the increasing numbers of BYOD policies being implemented. With an MAM platform, the IT department can quickly deploy new apps, access and remove cached data if the customer loses the device, and control who can access sensitive data.

Base Level Encryption

Combining an existing framework with an MAM means that there is existing encryption being used at the base level. The features are already there and don’t need to be built into it again, meaning that the CIO can focus on the unique features that the customer needs.

Security is the most important aspect of a mobile application, but the increase in demand will become overwhelming if CIOs and their IT departments don’t take advantage of what’s already in place. Thinking ahead and learning to balance customer pressure with what is feasible will improve productivity and save money lost to data breaches.

For more information on technology security, contact Cloud Source today.

Why the Cloud Is the Best Fit for Small Businesses

by

shutterstock_149219591A small business, especially when it is just starting out, almost always has a built-in disadvantage when compared to larger companies in the same market. Bigger, more established companies simply have more resources at their disposal. It is vital that new companies work not just harder, but also smarter than the others, taking advantage of every opportunity and making the most of what resources they do have. That certainly includes capitalizing on the opportunities afforded by cloud computing technology.

The cloud is a relatively old idea, but it is only recently that it has been feasible to put it into practice. At its most fundamental level, it’s about making computing services and data accessible via the public Internet from anywhere with a connection.

Traditional Web Hosting vs. the Cloud

Because of its decentralized access to data and the way that the hardware and resources are owned and maintained by an outside company, the cloud can seem a lot like traditional web hosting. It’s true that there are similarities, but there are a few key differences.

  • All the services, not just the hardware, are managed by the provider.
  • Services are available as they are needed, and don’t have to be arranged for well in advance.
  • The space provisioned is expandable or retractable as needed.

Best for Small Businesses

There are several reasons cloud computing provides a safety net for small businesses.

  • OpEx, Not CapEx. The cloud turns telecom and computing resources into an operating expense rather than a capital investment. Instead of sinking large sums of money into hardware that will rapidly devalue then hiring and training the staff to run it, all of that becomes someone else’s problem.
  • ​Mobility. Because the data is accessible from anywhere with an Internet connection, a small company’s workforce becomes empowered to do their jobs from pretty much anywhere. This can lead to astonishing increases in productivity, especially from staff whose duties already require lots of travel.
  • Security. Cloud service providers use state of the art encryption and multi-factor authentication to ensure that only authorized people can access sensitive data.
  • ​Scalability. ​It is the goal of every small business to become a big business, and cloud computing services can grow along with any company as it does exactly that. Storage and bandwidth can easily be increased to accommodate increased data flow, and provisioning new services to add newly necessary functionality is trivial.

It used to be that new, smaller companies couldn’t compete with bigger, more established businesses, but thanks to cloud computing that is no longer the case. With the flexibility, scalability, and affordability of the cloud, even the smallest and newest of businesses can have the benefit of a cutting edge infrastructure and IT department from the start.

Enterprise Storage Trends for 2016

by

shutterstock_174578783Enterprise IT today is changing dramatically. Shifts in device management, networking, and storage are just a few areas of transformation, with many others in the infancy of their evolution. A few trends have begun to rise to the top and are predicted to be significant movers in the field of enterprise storage in 2016.

IoT Stands up to Be Counted

Big data has been a common topic over the past year, and will continue making headlines. The next trend will be the inclusion of analytics from Internet of Things (IoT) devices. Considering the variety of “things” that now produce data, this presents interesting new knowledge of user routines and patterns.

Since so much data will be coming from so many sources, data management will quickly experience elevated importance. Storage of these huge data sets must be highly accurate and speedily accessible. Data may also need to be retained nearly indefinitely. Storage methods that can manage such a complex network of data collection and analytics will be in high demand.

Greater Flash Potential

Flash memory has been around for a while, but costs to allow an enterprise to use it for everything have historically been prohibitive. The next year will bring about a variety of technologies that can use flash more effectively through use of intelligent compression, virtualization, and hybrid caching techniques. In addition, flash prices should see a steady decline. The result will be increased use of flash across the enterprise.

Cloud Optimization

Data is everywhere now, coming from both traditional and unexpected sources. Enterprises are struggling to manage such massive data sets using on-premise hardware. This strategy is being largely abandoned in favor of cloud storage and processing, with this trend growing even stronger in 2016.

Public, private, and hybrid cloud arrangements will allow enterprises to store, move, and analyze data efficiently, whether active or cold. Security is imperative in all cloud, on-premise, and hybrid models. It’s expected that data management will be a key topic over the coming year, with more data centers beginning to specialize in enterprise-grade storage and cloud solutions.

Software Defined Networking

Software-defined networking (SDN) has made controlling multiple devices a much more manageable process than it was in the past. Considering how rapidly device count expands as each minute passes, it would be nearly impossible to reroute traffic, add capacity on the fly, or optimize software delivery without SDN.

In 2016, data centers will need to be almost completely virtualized and managed via centralized SDN. Every step from provisioning to management will need to be governed via software. Eventually, everything from applications to network and data retention will be provided using as-a-service models that can be implemented nearly instantly.

Expansion of DevOps

DevOps has experienced a major shift in the past few years to become a service and strategy entity rather than simply delivering chunks of code. This will continue to be the case in 2016, allowing enterprises to rapidly deploy new technologies and see a prompt reward in doing so. Innovation efficiency will be the name of the game, and DevOps will play a key role.

If there’s one fact that can be stated of the IT industry, it’s that it changes daily. This time, increased data storage and processing needs have begun to highlight old weaknesses and demand their mitigation. Technology professionals are responding loudly with innovative solutions and tools. The coming year will show major advances in storage methods, helping to finally address the data boom in effective ways.

Contact

328 S. Jefferson St. Suite 603
Chicago, IL 60661
Ph: 312.753.7880
E: info@CloudSourceServices.com

Newsletter Signup

Stay up-to-date on Cloud Source's news.

↑ Top of Page