Configuration Management: A Lifeline for IT Security?

by Leave a Comment

shutterstock_199360082It’s amazing how cloud computing has come to take over a growing number of critical tasks normally handled by IT departments. Unfortunately, it’s not so amazing to IT security workers, who are in great danger of being left in the dust. For computer security professionals, cloud computing could be the one thing that puts them out of a job.

There’s still hope however. IT security professionals may have to live with some of the ongoing changes presented by the cloud, but they can remain in control by reevaluating how their organization uses its technology.

 

A Savior in Configuration Management

Configuration management could be the very thing that saves IT security personnel. The need to keep employer data safe is something that is understood by cloud providers, but the overall practice still leaves plenty to be desired in a variety of areas.

Whereas cloud providers take a somewhat distanced approach to security, configuration management means taking a more hands-on approach, namely by keeping tabs on the software and hardware used throughout the organization. IT security professionals are also tasked with monitoring application use on each employee’s computer.

At first glance, configuration management seems like a hard pill to swallow due to the deep level of understanding required of the enterprise’s operations, choices in technology procurement, and personnel.

On the outset, it seems much easier to let cloud providers take the reins when it comes to security issues. However, this leaves the door open to data breaches and other security setbacks that could prove time-consuming and expensive to resolve.

Proving Worth

As with any sort of change, the hardest part is stating an effective and compelling business case for configuration management. That means demonstrating to business executives how effective it can be when compared to putting cloud providers in the driver’s seat.

For starters, a move towards configuration management can help enterprises better manage their vulnerabilities and prevent catastrophic oversights and mistakes from happening. One such example involves understanding software choices and usage habits among employees. This can help IT security professionals pin-point and flag activities that are out of the ordinary.

Showcasing the potential cost savings offered by configuration management can also help drive the point home and garner interest from top management. For instance, mentioning the potential costs of cleaning up malware on computers left exposed by a lack of a configuration management plan can help bring the benefits into focus.

In the end, configuration management means that IT security personnel can maintain a non-trivial level of control over their infrastructure and perhaps even reduce overhead costs in the process.

Implement a Successful Unified Communications System in 4 Simple Steps

by Leave a Comment

shutterstock_108055643The benefit of Unified Communications (UC) is that it combines a number of different communication methods into one portal, which is increasingly attractive to businesses.

UC is still a relatively new technology and businesses may be worried about the cost, but UC can actually save a business money once they’re past the initial investment. One of the biggest benefits to UC is that employees can use their own devices and can connect from any location, which also reduces travel expenses.

There are four simple ways that a business can make their transition to UC a success:

  • Security requirements
  • Testing the technology
  • Training employees
  • Bring Your Own Device (BYOD)

Security Requirements

Knowing the security requirements first will allow a business to make an informed choice about what services they need. An organization that deals with sensitive data, for example, will have to make the choice between the three types of cloud services: public, private, and hybrid. Security needs will also continue after the UC system is implemented. For example, it’s important to always use strong passwords and pay close attention to call logs.

Testing the Technology

Before making a purchase, businesses should be sure to test out the technology. If a provider won’t allow this, businesses should look for a more reputable vendor.

Employee Training

Once a vendor is chosen and the unified communications system is purchased, employees will need to be trained on the technology. Employees that know what they’re doing are essential to keeping the system running without any hitches, and to ease the transition businesses should inform their employees about the change before it happens.

Businesses should also follow three basic steps when training employees on the unified communications system. The first step is to introduce the technology and show the employees exactly what they’ll be working with. The second step is to thoroughly explain the technology, so that employees know how to use it and what it can do. As a refresher, the technology should then be reviewed again once some time has passed. That way, anyone who missed anything during the first explanation can ensure their questions are answered.

BYOD

Once training is complete, allowing employees to bring their own devices can help simplify the UC process. This will allow businesses to support devices not issued by them and cut down on costs because they are personal devices. BYOD programs are becoming more and more common in the workplace and benefit both employees and the business.

Although a UC system may seem complicated to learn and expensive for the initial investment, it can become a benefit to most businesses. Knowing the security requirements, testing the technology, embracing BYOD, and providing proper training are a few ways to successfully implement a UC system with minimum hassle.

Five Common Wi-Fi Attacks and How to Prevent or Fix Them

by Leave a Comment

shutterstock_130687829Any business with an online presence, or that uses Wi-Fi within their organization, needs to be aware of attacks. Fortunately, while there are some sophisticated attacks that any business can fall victim to, there are also a number that can be easily fixed or defended against. The five most common attacks, and methods of intrusions, are:

  • Denial of Service (DoS) attacks
  • Guests on your network
  • Lost devices
  • Rogue access points
  • Session hijacking

DoS Attacks

Most people who use the internet have heard of DoS, or Denial of Service, attacks. Because access points use vulnerable radio waves, a successful DoS attack can easily cause a business’ Wi-Fi network to become slow and inconsistent, or even go down completely. The best defense for an attack such as this is to use an Intrusion Prevention System (IPS) tool, which will monitor the network to detect and defend against incoming attacks.

There is also a more innocent version of a DoS attack that usually isn’t initiated by a hacker: wireless signal overlap with a nearby network. This can easily be fixed by checking, then adjusting Wi-Fi-enabled equipment to reduce or eliminate signal conflicts.

Network Guests

Authorized users can sometimes be the source of network insecurity. Businesses may not always know which users are accessing information. There is a solution however a security protocol known as WPA2, or Wi-Fi Protected Access II. Using the Pre-shared Key (PSK) mode to encrypt wireless traffic will prevent all but the most technologically knowledgeable from accessing company data.

Lost Devices

Changing passwords regularly is always important to security, but never more so than when a device is lost or stolen. As soon as the loss is noticed or reported, passwords to all general equipment, access points, and routers should be changed. WPA2 can be useful here as well, using the enterprise mode and a RADIUS server to authenticate users.

Rogue Access Points

A business’ IT professionals can usually help when finding rogue access points – if only because IT professionals were often the first to create them for their own access. Using software, such as apps that detect and prevent intrusion, will cut down on the number of rogue access points. There’s also another very easy solution, labelling wall jacks and Ethernet ports. This will enable IT to see which ports are in use. If a port found being used should not be, IT knows they have a possible rogue access point.

Session Hijacking

While common, session hijacking is somewhat more sophisticated than the rest of the list. Session hijacking comes from the end-user, who may be visiting many different websites and unfortunately may pick up a problem that they aren’t aware of. Fortunately, like other solutions, this kind of attack can be prevented by the use of protocols such as WPA2, WPA PSK mode, or Wired Equivalent Privacy (WEP).

An IT department that does its due diligence may be all that a business needs to protect itself against Wi-Fi attacks. However, it doesn’t hurt to know a few easy solutions to common attacks, or to make sure the business network is as secure as possible. With security measures in place, such as the use of WEP, WPA, WPA2, and specific software, as well as monitoring the network and changing passwords, a business can keep their sensitive data safe.

Telcos, Mobility, and Big Data: Using the IoT as a Value-Added Service

by Leave a Comment

shutterstock_234153883Many businesses are learning the value of big data and mobility for improving business efficiency and customer experience. However, not much has been said about how to monetize data itself, not simply to enhance sales, but as a value-added service offering.

With the increase in smartphone users, who often use a number of apps to browse the internet, mobile network providers now have access to a large amount of data. The data reveals much about the mobile network provider’s customers, including:

  • Customer preferences
  • Smartphone application usage
  • Customer locations
  • Items and services customers may be looking for

As mobile and Internet of Things (IoT) devices increasingly allow customers to look up information no matter where they are, more and more data is generated. Telecom companies, many of whom maintain a mentality of network services exclusively, may not realize that the data already being collected and stored for use in improving a Telco’s services, can be useful to third-party partners.

Search engines and social media platforms are currently using collected data to personalize advertisements to their users. Using the same techniques, telcos can easily do this as well, a strategy that would benefit both telcos and their partners. This can then lead to the ability to provide the full management of their partners’ IoT or Mobile to Mobile (M2M) requirements.

Every machine that connects to the internet will need a method of collection, processing, and storage of data. This is a list that can include not only smartphones, but also:

  • Home appliances
  • Wearable devices, such as smart watches
  • Smart meters
  • Apps
  • Home management systems

Telcos can even sell this service to new businesses who are just entering the IoT field, or sell the systems that will allow the new business to monetize their traffic on their own. While the initial investment in business and data systems may seem high, telcos may find that it pays off in the future, especially as the IoT continues to grow and expand.

While low-cost connectivity may be important to customers, it also isn’t likely to generate high revenues. By also offering value-added services that harness the mobility and power of the IoT, telcos will continue to maintain their competitive edge. Some telcos are already beginning to do this by teaming up with:

  • Fleet management, which uses location data
  • Medical monitoring
  • Connected car services
  • Energy utilities

In the future telcos may also need to partner up with competitors, to expand the telco’s regional coverage. This will help to bring in the international market, which is currently struggling with having to work with multiple companies in multiple different markets.

By harnessing the mobility of the IoT, and data already being generated by smart device users, telcos can continue to grow and expand their business.

Customer Service Trends to Watch

by Leave a Comment

shutterstock_61749778

Customer service is one of the most important aspects of an organization, but businesses are only just beginning to use it as a competitive advantage. While self-service is popular, it’s only one part of the bigger customer service experience. Other trends include:

  • Chief Customer Officers (CCOs)
  • Mobile devices
  • In-store beacons
  • Real-time analytics
  • A focus on the customer experience

Self-Service

More and more customers are becoming digital natives. This competence can be beneficial to businesses that offer self-service support. However, it is important for companies to have an accessible advanced search, which will enable customers to solve the majority of issues on their own. Not only does it foster customer satisfaction, but it can reduce costs for the business.

CCOs

Strengthening the relationship with the customer is becoming the purview of the CCO. As a high-level executive, the CCO is responsible for keeping all members of the C-suite focused on maintaining and improving customer service.

Mobile Devices

Mobile devices will continue to overtake more classic devices like home desktops. This not only aids in accessibility, but also means that there will be more data input from smart machines and the Internet of Things (IoT). The traditional creation of applications will need to be overhauled in order to more closely align to mobile use.

Businesses can use this to their customer service advantage by considering mobile first when creating or buying applications. A customer’s previous interactions, information, current location, and interests will enable businesses to make real-time decisions.

In-Store Beacons

There’s a fine line to walk when deploying in-store beacons; too many can cause customers to simply delete the app. However, reaching the right customer with relevant information at the right time can improve the customer experience.

Real-Time Analytics

Understanding customer patterns can be key to providing them with efficient and excellent customer service. CRM companies are beginning to offer applications with real-time analytics and the ability to process big data. Businesses can use this information to analyze customer patterns and find ways to improve, which will lead to happier customers and increased sales.

According to the 2014 CRM/Unified Commerce Benchmark Survey from Boston Retail Partners, real-time analytics are currently used by 22 percent of retailers. This number is expected to grow to 61 percent by 2017. These businesses are showing a focus on the customer experience, which will enable them to continue to be competitive in their industry.

Focus on the Customer Experience

By 2019, the market for customer experience management is expected to reach $8.9 billion. This is a result of businesses turning their focus toward customer service, but there is still a need to improve the experience for the customer.

To maintain customer loyalty, businesses should focus on how customers interact with their products and services, and determine how customer touchpoints can be improved. Loyal customers expect businesses to know their preferences, and by focusing on the customer, businesses are able to make the experience more personalized and trustworthy.

By leveraging these trends to their benefit, businesses also benefit their customers by providing improved service and support. With the use of real-time analytics, mobile devices, in-store beacons, and CCOs, businesses will increase their competitive edge without sacrificing the trust of their customers.

The New Era of Real-Time Communications: WebRTC, IoT, and IT

by Leave a Comment

shutterstock_247450882In today’s technology-driven world, communicating with people on a global level is becoming as simple as pushing a button. Real-time communications via applications and new technologies mean that users can communicate through video or voice no matter their location.

This is creating a new era in business. It’s expanding the role of the IT department, which is itself becoming more consumerized, and leaning toward business models based on outcome and software. There are a few trends that are exemplifying this new era, including:

  • WebRTC (and other browser-based communication software)
  • Internet of Things (IoT)
  • Expansion of IT

 

WebRTC

Browser-based WebRTC is the next step in real-time communications. Supported by Google, Mozilla, and Opera, WebRTC offers users access to video and voice chat through websites, application software, e-readers, and even home appliances, as long as they have an Internet connection.

Amazon’s Mayday button is an example of WebRTC. This allows Kindle users to easily access real-time communications with customer service representatives. Expanded to regular use in the business world, this kind of technology would allow all levels of a company to access troubleshooting or training on their WebRTC-enabled device – no matter where they are.

WebRTC can also help improve websites by allowing users to quickly and easily speak to a sales representative without having to download extra software. For businesses, this means that customers are able to contact the business in a straightforward and intuitive way, which leads to better customer-business relationships.

IoT

Businesses are also beginning to consider IoT devices – such as smartwatches, fitness bands, and drones – as more than something just for consumers. These devices can also have real-time communications capabilities, with a range of applications within the business world.

A smartwatch may not seem like a beneficial device for a business, but it can be used for many of the same applications as smartphones and other communication devices, including:

  • Connecting with clients and coworkers
  • Contacting field operatives
  • Process management with the business’s CRM system

Further exploration of the capabilities of the IoT will only expand the real-time communications field, leading to more advances in speech recognition, real-time alerts, real-time decision-making, and deep cognitive systems.

IT Expansion

The advancement of technology means that IT departments are no longer confined to internal services. The success of many businesses now depends on their IT department, which should be encouraged to actively work toward helping the business succeed.

The continuing advancement of the IoT means that products and services are fundamentally changed; now design, management, engineering, and operations all need to consider how they are affected by daily technology. Every part of an organization is touched by technology, from the collection and analysis of business intelligence to internal communications to customer service. By working together with the IT department, management can keep up with changing technology and better support business needs.

Real-time communications are a benefit to all levels of an organization, including their customers. Communicating through WebRTC or IoT devices is becoming increasingly accessible and intuitive, leading to more positive interactions. With these continuing improvements and with the expansion of the IT department’s role in the organization, businesses will continue to expand in the new technological era.

SMBs: Creating a Simple Cyber-Security Plan

by Leave a Comment

Cyber securitySome SMBs make the mistake of thinking that security breaches only happen to the big names. Despite all the attention that the Home Depot, Anthem, and Target data breaches are getting, cyber-attacks are an equal opportunity threat for every size of business. In 2013, approximately 44 percent of SMBs were the victims of a cyber-attack, according to the National Small Business Association.

Large enterprises are just as vulnerable to cyber threats as smaller companies, but some SMBs can’t afford the incredible cyber security measures that enterprises use to protect their data and customers. Instead, SMBs must stay sharp and focused when it comes to protecting themselves on a small scale against a broad range of cyber-threats– from phishing attempts to full-blown brute force.

The Basic Steps of a Cyber Security Plan

Although there are a wide variety of different tools and software available, the most important cyber-security tool is a good plan. The following outlines these three crucial steps toward strengthening a company’s cyber security without a detrimental effect on the bottom line or employee productivity:

  • Create a thorough inventory of both physical and digital assets. These physical assets include devices used on a daily basis to interact with and manipulate important data, especially that which is stored in the cloud. Companies also should inventory any valuable data that can be accessed by employees.
  • Develop a comprehensive computer privacy and security policy. Such policies can help strengthen company-wide efforts to promote cyber security on an employee-level basis. By carefully and comprehensively defining how, when, and where employees can be exposed to certain types of data, cyber-security experts can prevent thieves from making off with digital gold.
  • Always be on the lookout for unusual cyber activity. Eternal vigilance through monitoring IT systems on a 24-hour basis is a necessity for foiling most, if not all, cyber-attacks. However, hackers are just as vigilant, which is where the latest lines of anti-virus software and other countermeasures come in. These assets must be kept up-to-date in order to deal with ever-evolving threats.

What Else Can Be Done?

Training employees to be more vigilant when it comes to cyber security is an excellent idea. Unfortunately, many SMBs simply cannot afford the time and effort that in-house training entails; in addition, these companies often lack the experience that is necessary for comprehensive training.

As a result, SMBs meet their cyber security needs by contracting with third-party experts and managed network security services. These outside service providers represent an added expense, but the costs are minimal compared to the tremendous costs that a security breach can have on a business.

Creating a concrete cyber-security plan can mean the difference between a successful company and one that is hobbled by a lack of basic cyber-security protections. The former is, of course, the more appealing option.

How Resellers Can Effectively Utilize SIP Trunking in Network Migration

by Leave a Comment

Cloud telephonyMoving away from private branch exchange (PBX) telephony systems is a big deal for most businesses, especially given the huge time commitment and expense that go into such a move. Nevertheless, organizations are being encouraged to shun PBX in favor of cloud-based telephony–all in the name of cost reduction and improvements in efficiency.

This isn’t necessarily a bad thing, but it can be a bit frustrating. Fortunately, there’s always the hybrid approach, which leaves most of the legacy system in place while taking advantage of the latest and greatest in networking hardware. At the heart of it all is the session initiation protocol (SIP) trunking solution, which is designed to allow the implementation of cloud-based telephony over existing PBX infrastructure.

What’s the ROI?

The first thing that any reseller should do over the course of overseeing such a migration is to review how much of a return on investment (ROI) an extension of PBX to a future hybrid system offers. Companies can make quick and useful cost comparisons by comparing the costs of maintaining the current system versus implementing a hybrid system with SIP trunking.

Moving to SIP Trunks

Resellers also can do their part to make the transition to cloud-based telephony services by converting existing long-distance carrier circuits to SIP trunks. This way, resellers can place much of their focus on reducing the overall costs of the conversion process. Further reductions may occur through natural downsizing of vendors and the reduced necessity of several redundant SIP trunks.

Deploying E-SBCs

Enterprise session border controllers (E-SBCs) also play a role in the migration process. These devices are instrumental for managing voice over Internet protocol (VoIP) communications as well as mitigating hostile attacks. It’s important to have a sufficient number of E-SBCs deployed to cover a wide variety of potential cloud services.

Transition from UC to SIP

Another aspect of SIP trunking deployment involves transitioning existing unified communications (UC) services to SIP trunks. Resellers can play an instrumental role in guiding and overseeing the transition from existing UC services to those based on the SIP trunk infrastructure.

How It All Stacks Up

It’s important to take a snapshot of the company’s dedicated access costs (along with long-distance calls) prior to SIP trunking and after the migration process is complete. This gives the company a clear picture of its savings and a chance to inspect areas of the SIP trunking migration where improvements in cost-effectiveness and efficiency can be made.

Migrating to the cloud can be an adventure in its own right, fraught with a variety of challenges for businesses to overcome. However, the hybrid method of SIP trunking migration can help ease and simplify that process to a significant degree.

Why Businesses Should Utilize MDM

by Leave a Comment

Mobile devicesTouchscreen smartphones and tablets are making waves in the world of corporate IT. Many companies are eager to utilize the technology despite the fact that many of these devices don’t meet all security needs. However, cloud technology has made security and device management relatively easy.

The innovation of Bring Your Own Device (BYOD) policies has made security a primary concern for companies. InformationWeek’s 2013 State of Mobile Security discovered that 20 percent of responding companies were developing BYOD policies while 68 percent already had them in place. This means that 88 percent of those respondents are or will soon be implementing BYOD.

As a result of the growing popularity of business mobilization, mobile device management (MDM) solutions were recently developed so companies can use this beneficial technology without compromised security. Another name for mobile device management that has been used is “enterprise mobility management” (EMM). This name refers to MDM’s focus beyond simply mobile device management in an enterprise.

There are many advantages to using cloud technology to manage mobile devices.

Why Choose Cloud MDM/EMM?

Many businesses aren’t sure whether to use on-premises MDM/EMM or make it cloud-based. If it is offered, cloud-based MDM/EMM is ideal for a variety of reasons. One of the main reasons to use MDM/EMM in the cloud is because of the eliminated costs associated with using a new server. Another benefit is that the service provider will normally be responsible for any updates that are released, keeping your systems up to date at all times.

In addition, there is no functionality lost when using cloud-based MDM/EMM. Cloud technology offers the same capabilities as on-site applications.

A Reliable Mobility Policy Is Everything

A solid mobility policy should be a primary concern in cloud-based MDM/EMM. It should cover all pertinent devices and address proper use and security responsibilities. This policy should be thorough in a number of ways, covering:

  • All mobile devices, including the specific models and operating systems that will be offered
  • The types of employees who will receive devices from the company vs. those involved in BYOD
  • Implementation procedures and steps for retiring devices once employees leave
  • Specific security steps to avoid stealing of information and data

There are many other factors that a policy should cover as well, leaving no room for outdated information or exploitable loopholes.

How MDM/EMM Is Being Used

Businesses that are particularly trusting can rely on employees to follow the strict policy associated with mobile devices, or they can choose to let a mobile device management (MDM) system ensure that there is no violation.

MDM used to be exclusively for BlackBerry devices, but has since been developed to cover iPhones and many other types of devices used in the workplace. Some of the aspects of MDM/EMM that have carried over to newer devices include:

  • Security – MDM ensures that all data is encrypted and password protected, and prevents both rooting and jailbreaking.
  • Application Management – Certain mobile apps can be either blacklisted or whitelisted, depending on a company’s preferences.
  • Containerization – A secure container is created to store all company data and personal data as well.

Choosing MDM/EMM Providers

Using cloud-based MDM/EMM for company mobile devices and BYOD will help improve a company’s efficiency as well as reduce the costs of on-premises solutions. In addition, security measures are expanded, with a wide range of devices employing the same level of security. Overall, using an MDM/EMM provider helps ensure that IT personnel can effectively keep systems secure.

State of the Cloud – 2015

by Leave a Comment

State of the CloudAt some point in the year 2015, there will be more than 2.5 billion people accessing the Internet with over 10 billion devices. Being able to stream and transmit all that data will require a billion virtual servers connected to a cloud infrastructure.

It is apparent that cloud computing is not just here to stay, but is expanding every day. Below is an analysis of the state of the cloud and its future projections.

The Reviews Are In

A recent survey, the 2014-2015 Cloud-Based Contact Center Infrastructure Market Report published by DMG Consulting, analyzed eight industry leaders in the field of cloud vending. They discovered that a 61.5 percent majority received marks of “highly satisfied” in the following dozen major categories:

  • Overall satisfaction level
  • Professional services
  • Product
  • Up-time/System availability
  • Training
  • Implementation
  • Product innovation
  • Communication
  • Ongoing support and service
  • Product pricing
  • System upgrades
  • Responsiveness to request for product enhancement

Those numbers indicate a reassuring confidence and comfort level among end users who now leverage their cloud computing solutions in contact centers as opposed to former on-site locations.

Growing Steadily
The momentum just keeps going. DMG Consulting reports gains of 12.8 percent in 2013 in the market of cloud-based contact center infrastructure. Even though this rate has sloughed off from the previous year’s jump to 32.5 percent, it indicates a stabilization in the market that allows vendors to track their sales more precisely. It’s obvious that consumer awareness of the many benefits of the cloud has increased and shows no signs of slowing.

If growth continues at the projected rate, DMG is predicting that cloud-based contact center infrastructure solutions will grow an additional 20 percent this year, followed by a growth rate of 18 percent in the following two years, and by a still steady 16 percent in 2018. This paradigm shift from on-site to cloud-based data storage is extremely significant for the industry, as evidenced by DMG’s recent observation, “Never before have we witnessed an all-out rebirth of an entire industry due solely to a new delivery model.”

Beyond 2015

The market has not yet reached its zenith regarding the growth of cloud computing. As customers clamor for more business solutions to overcome any challenges, the industry will continue to respond.

Federated systems have emerged, allowing data, services and communications to shift across infrastructures with ease. At some future point, technological advances may evolve to allow data to safely scale into both private and public clouds; to clients, vendors and partners; and between service providers, without involving data centers.

One challenge the industry will face is how to increase efficiency yet still keep the cloud use straightforward enough to satisfy end users. As the complexity of systems will only increase in the future, a workable solution will have to be discovered.

When moving data outside of the physical parameters of on-premise locations, maintaining security is paramount. Any vulnerabilities must be protected to avoid privacy breaches while apps migrate to cloud platforms. As the industry evolves, best practices for software and hardware, solutions, integration, and processes will likely emerge.

Thanks to cloud computing advances, the interaction between contact centers and customers has changed profoundly. Now, even small centers are able to provide clients with state-of-the-art technologies they could never before afford. All have access to the same host of benefits — scalability, flexibility, savings, and usage ease — to meet their customers’ individualized needs.

As the industry continues its evolution, its full potential will be realized through customer feedback as IT providers focus on meeting their demands.