How to lock down your data with data loss prevention systems

Data Loss PreventionMost of the highly publicized data breaches involve credit card or bank account numbers, but other sensitive data is also at risk, including Social Security numbers, medical records, personal information like your mother’s maiden name, and more. Sensitive data can also be trade secrets or any other type of intellectual property that, if stolen, could damage a company’s ability to compete in the marketplace.

Enterprise companies are responding to this threat by choosing specialized data loss prevention (DLP) solutions that use policy rules to detect, classify, manage, and protect confidential and critical information. Complete DLP solutions integrate deeply into an organization’s network, file storage, SharePoint, databases, and endpoint PCs, and they offer incredibly detailed reporting and tight security controls, but only when implemented and configured correctly.

Interestingly enough, the biggest challenges to most DLP deployments involve integrating business processes, not technology. To understand the underlying problems organizations often face with DLP implementations, we must examine the three questions every DLP solution must answer. (more…)

3 perimeter security challenges, and how organizations can fix them

perimeter securityIT administrators have plenty of perimeter security tools at their disposal, from firewalls to spam filters to intrusion detection solutions. But despite all the preventative measures, most organizations still have gaps in their security controls or processes, which could lead to cracks in their system. A coordinated attack from an outside threat could penetrate these seemingly thick walls of perimeter security due to poor security management and overlooked system vulnerabilities.

Securing a network’s perimeter, defined as the demarcation point for exchanges among data, assets, employees, and partners, is a struggle for many organizations because of its complexity. IT departments can be easily overwhelmed by operating a complete perimeter security system because individual solutions are often stitched together, and therefore require multiple management controls, protocols, and licenses.

Companies with fewer than 2,000 users experience the most significant challenges, because the laundry list of best practices that includes firewalls, VPNs, web and mail proxies, and intrusion prevention systems (IPSs) is typically expensive and arduous. In response to individual threats, the piecemeal approach of perimeter security is often deployed over many years.

The threats don’t stop, and with infrastructure constantly under attack, the risk of a breach remains high. Here are three common challenges mid-size businesses are facing with regard to perimeter security, and how organizations are solving them. (more…)

Thinking in the now: How to connect with today’s knowledge shopper

digital retail trendsConsumers are evolving. Mobile devices, social media, and always-on Internet access have set new expectations for their shopping experience. And the speed of this shift has left some retailers struggling to find the best way to connect with this new generation of shoppers in store and online.

Traditionally, retailers have found ways to engage with their customers using historical data, but this is like looking at a photo: It reflects the past, but not necessarily the present. While retailers may be analyzing data and marketing to their consumers, if they are strictly using historical data, they may not be meeting their customers’ current needs. In order to compete, retailers must be able to answer “now” questions: What are customers doing now? Where are they now? What are their intentions now?

Retailers must look beyond historical data and bring in new data sources — social, mobile, and clickstream – to have a relevant and valued interaction with customers in real time.  (more…)

Tackling security vulnerabilities in health care

health care data securityNetwork security is critical for any organization, but in the health care space, with the personal and medical details of millions of individuals in the balance, the stakes are even higher. Out-of-date software, unimplemented patches, or even outdated passwords could be the vulnerability that exposes the sensitive information of an innocent and unsuspecting patient base. Two recent security breaches suffered by prominent U.S. health insurers highlight these vulnerabilities.

In February, Anthem Inc., the second-largest health insurer in the U.S, revealed that a previously-disclosed hacker attack compromised the health care records of as many as 80 million individuals. A few weeks later, Premera Blue Cross reported that the personal, bank, and health data of an estimated 11 million individuals was exposed when hackers penetrated its system in a similar assault.

These two high-profile security breaches have intensified the spotlight on data security, and raised several important questions for health care organizations (what HIPAA calls “connected entities”) and groups that provide supporting services to health care entities (called “business associates”). These groups should be asking the following questions: (more…)

4 insights on data backups from our beta test of the new Arcserve appliance

backup restore

Organizations sit on mountains of data, and losing that content because of faulty or inadequate backup solutions can be catastrophic. No matter the size of your business, data backup is often necessary to protecting your bottom line. But not all solutions or methods will achieve this objective – at least not easily.

Technology firms like Arcserve, CommVault, Symantec, and others are working to fix that. They manufacture purpose-built backup appliances (PBBAs) that solely conduct data backups and restorations. And as more organizations demand the retention and protection of data, PBBAs are adding processing power and storage capabilities, and continue to leverage the cloud for backup storage.

We recently participated in the beta testing of the Arcserve UDP 7000 Series appliance, one of the newest available. What we experienced reaffirmed our beliefs about the PBBA space – it has solutions for organizations of all sizes, no matter what field.

Here are four takeaways about PBBAs from our beta test, and why these solutions might be right for your organization. (more…)

One of the biggest security flaws in your network is one of the most unexpected

secure printingData breaches seem to make headlines every week. And as of late 2014, 43 percent of 567 U.S. executives surveyed said their companies experienced a data breach in the past year.

But what’s shocking is how unprepared U.S. companies are for these hacks: 80 percent of the executives said employee negligence was a root cause, and 27 percent of companies didn’t have a response plan in place.

Still, the threat of a hack has pushed network security to the top of the IT priorities list, and organizations are locking down servers and networks. But there are a number of less obvious targets that could still expose sensitive data. Printers are just one example of the ancillary devices that could leave your security strategy vulnerable. (more…)

Why you need to consolidate data integration now

data integrationImagine you had one cell phone to make phone calls and another to send text messages. And what if you had to tote around a third device solely to send email, and then yet another tool to access your daily calendar?

It’s easy to realize the absurdity of that scenario, but many IT environments are divided in a similar way. Modern technology is built to avoid fragmentation, and just as a single phone consolidates a wide range of functions, it should be similarly easy to realize a more commonsense approach to the critical IT integration infrastructure in your organization.

Efficient communication means the reliable exchange of documents, files, and messages among customers, employees, suppliers, and contract workers, but it’s not always present. The constant movement of inventory, payroll, and invoice documents, and various other internal and external exchanges, drive business so having a slew of separate, disconnected processes should sound a very loud alarm.

Ask your nearest system admin if the design of his organization’s IT integration infrastructure is ideal; chances are the network is composed of disparate systems “glued together” with years of custom code. This dysfunction entangles IT, which has to invest time and energy in the maintenance, monitoring, and management of each singular piece of the network.

A pointed and efficient data environment should be a goal for every IT department. That’s where the consolidation of data integration can work wonders for a business. (more…)

Is your retail store ready for new tech?

retail technologyThe National Retail Federation’s Big Show was the biggest one yet, as 35,000 retail professionals flooded the Javits Center in New York City to see the newest retail technology and to stay up on industry trends. From digital signage to same-day delivery to mobile payments, the many breeds of technologies for bricks-and-mortar stores dominated conversation at the Big Show. But one key question remained unanswered: How do retailers accomplish it all?

Over the next eight months or so, retailers large and small will be planning, buying, and installing new technologies in anticipation of the 2015 holiday rush. But some organizations are better prepared than others to take the reins and lead the charge. Is your organization ready to start a major tech push, from planning and buying to rollout and support?

The health of your IT environment stems from your IT infrastructure, professionals, and policies. Ask yourself the following questions to check up on whether your IT department is fit enough to start implementing the newest retail technology. (more…)

Clearer vision: How to keep an eye on IT security

IT securityAfter discussions with hundreds of IT and security professionals, one concern rises above the rest in the modern IT environment: visibility. How often have you heard or read the phrase “I don’t know what I don’t know?”

Even after years of deploying perimeter controls and endpoint protection, IT is still challenged with identifying and responding to unknown infrastructure threats in a timely manner. This can be attributed to a variety of issues, including changing threats, limited resources, and improperly deployed or configured security controls.

Having identified these challenges as top of mind for IT, how can organizations possibly start to regain security vision? Fear not: Every organization can take steps to repair its vision and gain insight into security and operational events. These steps can be as simple as updating supervisory controls and as complex as deploying next-generation firewalls (NGFWs).

As you look to fortify your IT security, consider these three critical steps: (more…)

Everything you need to know about converged infrastructure, hyperconverged infrastructure, and reference architecture

infrastructureGone are the days when IT professionals had to rack, stack, connect, and configure every piece of data center infrastructure. Now, you can plug in a single box, thanks to converged infrastructure.

Converged infrastructure, hyperconverged infrastructure, and reference architectures are in essence the same thing. They all combine compute, network, and storage resources into one cohesive unit, but the main differentiator is the way they are procured and installed. Before you try to decide whether these options are right for your organization, and which to choose, it’s critical to understand the subtle but significant differences among the three types of converged infrastructure.

Generally speaking, there are three approaches companies can take to settle on a new data center installation: (more…)