Anatomy of a Design: How business needs shape IT infrastructure design

infrastructure designThis is the first post in a series about IT infrastructure design.

IT infrastructure design can be the difference between getting a job done and doing the job well. Infrastructure design is a relevant topic no matter your business or industry, though exactly what that infrastructure looks like will vary from company to company. Financial and business considerations will influence the “must haves” and “wish list” components of a business’s IT environment.

Imagine a law firm. What are its IT needs, and how does it fill those requirements? Does it have in-house IT professionals or does it rely on an outside expert to handle IT issues? What are the firm’s core IT requirements, and what are its special requests?

There are two main reasons to focus on law firms. The first is size: Because most law firms in America are small businesses (a law firm is a service business, and most firms employ less than 50 people), their needs are relatable to many organizations. Second, many firms fail to maximize their technology or network capabilities due to lack of IT expertise. (more…)

Is it a patch, or just another problem for your network?

security patchWhen is a patch not a patch? When it becomes another exploit on your network.

We sometimes lose sight of these obvious points when talking about patching and vulnerability management. At Tenable, we often discuss vulnerability management (it is what we do), which leads to conversations about patching and patch management (even though that is not what we do). Patch Tuesday has driven systems administrators and vulnerability management professionals into a myopic patch mentality; sometimes it works well, sometimes it works just well enough, and sometimes it leads to stupidity.

Patching isn’t always the answer. When vulnerabilities are found, there should be a logical process for dealing with them. While “slap a patch on that bad boy” is often a great answer, and frequently the easiest, it is not the only response to network vulnerabilities. (more…)

4 pieces of advice about business intelligence

business intelligenceReturn on investment, gross margin, and labor costs are business metrics that every small business owner and C-suite executive understands. But new technologies have opened access to an exponentially larger number of data points, and business leaders are using this new information to grow sales and attract new customers.

Though the phrase big data has officially entered the business lexicon, some small and medium-sized business leaders may believe using advanced business intelligence (BI) metrics that track shopper preferences and employee productivity is an unachievable task. However, new business intelligence programs can help businesses of all sizes sort through collected data, and identify customer trends and the ebbs and flows of their business.

If you’re interested in what these BI solutions have to offer, there’s plenty to learn about new BI gathering and methods. Here are four pieces of advice for every organization interested in adopting a BI solution. (more…)

What the Apple Watch and wearable tech mean for IT staff (Hint: BYOW)

smartwatchOne million devices. That’s the estimate for how many Apple Watches were pre-ordered on the first day of pre-sale. This may sound like a large number, but it’s likely only a fraction of the total number of Apple Watches that will sell this quarter.

There’s no question that wearable technology adoption appears strong. IDC estimates more than 45 million wearable devices will be sold in 2015, while Business Insider estimates that 148 million units will be shipped annually by 2019. Last October, PricewaterhouseCoopers reported that 20 percent of Americans owned a wearable device, and that portion was increasing at a rate comparable to tablet adoption just a few years earlier.

The Apple Watch and other new wearables are sure to increase adoption. But one consequence following on the coattails of this trend could spell trouble for your organization: the consumerization of wearable technology. But by addressing the major security concerns head on, companies will be free to embrace the many benefits of wearables.  (more…)

4 tips I’ve learned after 100 Enterprise Vault rollouts

data archivingPop quiz for IT: How long does your organization retain emails, even those in the Deleted folder? How long are business invoices archived, and how are they organized while in storage?

Many organizations are taking a proactive approach in answering these questions, and writing specific retention guidelines as data archiving becomes a business priority. These new policies are often established before new server rollouts or migrations, with IT now in charge of archiving emails, applications, and full data portfolios. The market is filled with solutions that feature fast response times, customized installations, and accurate search and retention capabilities.

But implementing data archiving tools and retention policies is a challenge for most organizations. I’ve partnered with many of them to accelerate the process, and one solution I’ve worked with more than 100 times, at companies large and small, is Enterprise Vault. This experience has taught me a lot about data archiving. Here’s what I’ve learned, boiled down to four nuggets of advice for any organization. (more…)

Why you don’t have to choose between productivity and security with DLP

Flash-driveYou sit down, ready to save a file to a USB drive so you can finish up a project over the weekend. You’ve experienced the dreaded security lock that prevented access to a web page, but now you get a similar message for your download – access denied. The immediate reaction morphs from “Who do I need to authorize this?” to “Get out of my way, I don’t have time for this.” Then comes either a heated phone call to IT, a nasty email, or a face-to-face expression of displeasure at the person who locked you out the file. It’s a waste of time — the indignity of it all.

This scenario plays out at many companies after they deploy Data Loss Prevention (DLP) solutions with file-blocking capabilities. Hard-working employees may attempt to bring work home over a weekend to plan for an upcoming meeting or catch up on important work, but DLP systems stop sensitive data from leaving the server. These roadblocks trade employee productivity for data security — something no company should have to choose.

Most well-meaning employees don’t think twice about copying or sending company files to external media or personal email accounts, but it presents a risk for the company, either as leaked data or noncompliance with certain laws and regulations. DLP solutions halt this movement no matter what employees attempt. (more…)

How to lock down your data with data loss prevention systems

Data Loss PreventionMost of the highly publicized data breaches involve credit card or bank account numbers, but other sensitive data is also at risk, including Social Security numbers, medical records, personal information like your mother’s maiden name, and more. Sensitive data can also be trade secrets or any other type of intellectual property that, if stolen, could damage a company’s ability to compete in the marketplace.

Enterprise companies are responding to this threat by choosing specialized data loss prevention (DLP) solutions that use policy rules to detect, classify, manage, and protect confidential and critical information. Complete DLP solutions integrate deeply into an organization’s network, file storage, SharePoint, databases, and endpoint PCs, and they offer incredibly detailed reporting and tight security controls, but only when implemented and configured correctly.

Interestingly enough, the biggest challenges to most DLP deployments involve integrating business processes, not technology. To understand the underlying problems organizations often face with DLP implementations, we must examine the three questions every DLP solution must answer. (more…)

3 perimeter security challenges, and how organizations can fix them

perimeter securityIT administrators have plenty of perimeter security tools at their disposal, from firewalls to spam filters to intrusion detection solutions. But despite all the preventative measures, most organizations still have gaps in their security controls or processes, which could lead to cracks in their system. A coordinated attack from an outside threat could penetrate these seemingly thick walls of perimeter security due to poor security management and overlooked system vulnerabilities.

Securing a network’s perimeter, defined as the demarcation point for exchanges among data, assets, employees, and partners, is a struggle for many organizations because of its complexity. IT departments can be easily overwhelmed by operating a complete perimeter security system because individual solutions are often stitched together, and therefore require multiple management controls, protocols, and licenses.

Companies with fewer than 2,000 users experience the most significant challenges, because the laundry list of best practices that includes firewalls, VPNs, web and mail proxies, and intrusion prevention systems (IPSs) is typically expensive and arduous. In response to individual threats, the piecemeal approach of perimeter security is often deployed over many years.

The threats don’t stop, and with infrastructure constantly under attack, the risk of a breach remains high. Here are three common challenges mid-size businesses are facing with regard to perimeter security, and how organizations are solving them. (more…)

Thinking in the now: How to connect with today’s knowledge shopper

digital retail trendsConsumers are evolving. Mobile devices, social media, and always-on Internet access have set new expectations for their shopping experience. And the speed of this shift has left some retailers struggling to find the best way to connect with this new generation of shoppers in store and online.

Traditionally, retailers have found ways to engage with their customers using historical data, but this is like looking at a photo: It reflects the past, but not necessarily the present. While retailers may be analyzing data and marketing to their consumers, if they are strictly using historical data, they may not be meeting their customers’ current needs. In order to compete, retailers must be able to answer “now” questions: What are customers doing now? Where are they now? What are their intentions now?

Retailers must look beyond historical data and bring in new data sources — social, mobile, and clickstream – to have a relevant and valued interaction with customers in real time.  (more…)

Tackling security vulnerabilities in health care

health care data securityNetwork security is critical for any organization, but in the health care space, with the personal and medical details of millions of individuals in the balance, the stakes are even higher. Out-of-date software, unimplemented patches, or even outdated passwords could be the vulnerability that exposes the sensitive information of an innocent and unsuspecting patient base. Two recent security breaches suffered by prominent U.S. health insurers highlight these vulnerabilities.

In February, Anthem Inc., the second-largest health insurer in the U.S, revealed that a previously-disclosed hacker attack compromised the health care records of as many as 80 million individuals. A few weeks later, Premera Blue Cross reported that the personal, bank, and health data of an estimated 11 million individuals was exposed when hackers penetrated its system in a similar assault.

These two high-profile security breaches have intensified the spotlight on data security, and raised several important questions for health care organizations (what HIPAA calls “connected entities”) and groups that provide supporting services to health care entities (called “business associates”). These groups should be asking the following questions: (more…)