Why Are So Many Organisations Turning to Managed Security Service Providers?

The technology industry is one that never stands still, but the cyber and security space specifically are even more fast paced than most other sectors of the industry. This in many cases can be attributed to the fact that the activities of cyber criminals are squarely focused on breaching enterprise security defences, because this is how they generate their income. Put simply your business is their primary target.

The pressures on IT operations, compliance and security posture are immense. Organisations constantly have to navigate the complexities of industry jargon and trends to keep abreast of the latest offerings and figure out the best fit for their business. This can be a full-time job in itself. But if IT is not your core business, then why should you burden yourself with managing it yourself?

The very nature of a Managed Security Service Provider (MSSP) is to alleviate the pressure by allowing you as a company to spend your time focusing on your core business, customers and innovation, in the knowledge that the necessary tasks that are required to keep your company safe and operational are in hand with the experts.

The Experts

An MSSP is a specialist, who’s core business is IT. As a result, you’re leveraging the expertise of a bigger team, who are up to date in all areas, that is, not just on general industry knowledge or the threat landscape, but also on the specific solutions and applications deployed within your business. It’s our responsibility to make sure the tools we use and the services we provide are always best of breed.

We spend the time and investment to train our teams, to get certified and fully compliant. We spend the time working closely with our vendor partners to understand the best ways of installing and using their products. We spend the time evaluating new and innovative solutions to the market.

We put in all the hard work, so you don’t have to.

Proactive Operational Efficiency

Managing the daily IT related tasks of most organisations can take most of the working day. Focusing on continuous improvements to revenue generating business critical tasks as well as customer service improvements, is what in many businesses determines their bottom line. It should not be surprising to learn therefore that most IT related operational improvements and security tasks can often be relegated to the back of the line. As long as things are working, then in many cases businesses are content and happy to focus their attentions elsewhere. Until of course something goes wrong.

By outsourcing the important IT operational management tasks to a trusted MSSP, you are ensuring that your IT environment remains operational at all times, because it is the responsibility of your provider to take care of security advisory notices, security patching, configuration management, access management, performance management, availability management, audit management and many other mundane but absolutely essential tasks to maintain a highly available and secure infrastructure. It’s our responsibility to be proactive on your behalf rather than reactive.

Speed of Implementation

It is no secret that there is a growing trend for many companies to outsource certain services, be that networking, telecommunications, cloud or security services. Besides the obvious cost savings and controls it affords, it certainly also helps free up internal resources and time. But there is one other major reason why MSSP services are being consumed at quite a staggering rate and that is speed.

Speed of implementation, widely known as how fast one can act on an idea, strategically or tactically, is often times what can set you apart from your competition. With the massive growth of cloud adoption and the improvements in its capabilities, we see a huge increase in the abilities of an MSSP to provision and deliver services to customers that would have previously taken weeks or months in only days and even hours in some cases. The reason for this is often that the provider has already provisioned its service capabilities ahead of time, so the service is simply ready to onboard new customers as and when they are ready. This of course takes a lot of planning and forethought on the part of the MSSP in order to be able to offer these ready to go services, so it can be said that the customers speed of implementing a new or replacement service is directly related to that provider taking earlier action.

Introducing NetUtils Managed & Professional Security Services

Our range of Managed Security Services supports your business, gives you industry leading visibility of your network and most importantly secure your infrastructure. Consider NetUtils as an extension of your IT team; providing levels of expertise only normally seen in large IT departments with equally large budgets.

Visit our site to discover the comprehensive range of Managed & Professional Security Services available to support your business: netutils.com/#Managed-Services

Stop Phishing Attacks – Harness The Power of Your Human Sensor Network

By Malcolm Orekoya, Senior Technical Consultant at Network Utilities

MalcolmViews expressed in this post are original thoughts posted by Malcolm Orekoya. These views are his own and in no way do they represent the views of the company.

In the security world the ability of any system to proactively or reactively deal with a security threat is highly reliant on the systems sensors, that is, the ability for the systems to detect threats. This detection process can be based on a myriad of characteristics, heuristics, behaviours etc. that make it possible for the system to differentiate between what is normal and what is abnormal in the context of the type of traffic that system processes on a daily basis. Once the threat is detected the system can then react to it by performing some sort of mitigating action.

The success of security initiatives relies on the implementation of layered security defences, and at a high level the major layers of infrastructure networks most widely considered are the endpoint (or host) layer, the application layer and the network layer. All the detection systems such as firewalls, intrusion preventions systems (IPS), distributed denial of services (DDoS) systems, anti-virus, web application firewalls (WAF) etc. deployed at these layers rely on early detection of abnormal activity in order to function optimally. But why is the human layer seldom considered when it comes to detecting abnormal behaviour on the network? Especially when it pertains to the type of threats that specifically target human vulnerabilities, such as malware, advanced persistent threats (APT) and phishing.

The one constant factor that exists at all currently considered layers of security is the human element. It is often said that humans can be the weakest part of any security system and this can be, for example, because people are capable of making configuration mistakes. So to counter this, training is provided to individuals who manage these systems in order to minimise the risk of such mistakes. However training is seldom considered to educate people on how to detect abnormal activities in their interactions with day to day systems such as emails, browsers and websites. How does an employee detect the difference between an email with a legitimate attachment and a malicious one? Or a legitimate website and a phishing website? Education is the answer; or rather Educate, Test, Review, Repeat might be a better sequence of activities to combat this.

The idea here is to educate people on these threats and its various guises, test their understanding and responses to the education, review the results of such tests and then repeat the entire cycle periodically over and over again. Do not simply assume that everyone within your organisation should know how to spot and react to phishing attacks. We assume most people that work within the IT team do but it is easy to fall victim to what are nowadays very sophisticated and deceptive phishing attacks.

From a defence in depth security perspective, the end goal here is to cover all bases by creating a human sensor network within your organisation, where the human element becomes an integrated part of your security systems sensors ability to detect threats. In many cases we already enable people to become part of the organisations security alert system, for example, in offices where an unrecognised person can be stopped by anyone, anywhere within the office premises if they are walking around without an identification badge visibly displaying who they are.

Over the last couple of years there have been numerous publications that have highlighted that the wide spread infection of endpoint devices by malware and growth in cyber espionage have increasingly featured phishing. This is due in part to the lack of effective awareness and training being provided to the humans that are essentially the first point of attack for phishing activity. By transforming this first point of attack into an effective detection sensor you are creating a network of human sensors, which can hugely reduce the number of people that fall victim and subsequently reduce the success percentage of phishing campaigns. Usually in a more cost effective and efficient manner than most other technologies out there.

Want to know more? Please get in touch via info@netutils.com and visit http://www.netutils.com/phish5.php to find out how proactive user security training can help you stay protected.

About Malcolm
As Senior Technical Presales Consultant at Network Utilities Malcolm consults and advises on specialist IT Networking, Security and Service Management requirements.

Want your network to run more smoothly? Here’s 4 ways to do it.

MalcolmBy Malcolm Orekoya, Senior Technical Consultant at Netutils

Views expressed in this post are original thoughts posted by Malcolm Orekoya. These views are his own and in no way do they represent the views of the company.

With user demand increasing at a rapid rate businesses are spending more and more time and money keeping their networks running and highly available. Investment is now consistently made in redundancy everywhere. Two or more of everything in the network is now normal practice; dual routers, dual firewalls, stacked switches, dual ISP’s, multiple application server, dual power inputs etcetera. All this redundancy will no doubt keep the network uptime high, but will it necessarily keep things running smoothly?
Here are 4 tips worth considering:

  1. Optimum Use of Resources

What is the point of having huge bandwidth, the fastest network with great big servers everywhere if you cannot make the best use of them? Allowing ALL types of traffic/users/applications (the good, the bad and the ugly) through your network without any visibility, policing or prioritisation of business critical services and applications, essentially amounts to a waste of all that investment that you’ve put into providing the robust network in the first place. There are good and bad users as well as good and bad applications both inside and outside of your network and they will always seek to utilise or take advantage of any open, free or unpoliced resources they can get hold of. As C-level executives, IT Managers, Network Managers or IT Administrators, it is your responsibility to make sure you can make the best use of your network resources to provide the best user experience, while preventing malicious usage and controlling the usage of unimportant (low priority) application/traffic.

  1. A Proactive Network

Historically network management has always been very reactive in its approach to dealing with network problems and network traffic utilisation. In general, until there’s a problem (usually reported by users) to investigate, everything is considered to be working and traffic is considered to be “normal”. Ever thought of a “learning network”? A network that can monitor the types of traffic coming in and going out, identify applications and users where applicable and even inform you about changes in the types of applications passing through your network when compared to what is normal (i.e. the baseline). A network that can monitor applications and server response times then proactively alert you based on a traffic light system “Red-Amber-Green” highlighting potential issues. A network that can provide you with recommendations on optimum policies to apply to your network based on your traffic and not just wait for you to figure it out (usually only after there is an issue to troubleshoot). It might sound a bit futuristic, but the good news is, it’s not. All of these elements that make up “a proactive network”, already exist in the Exinda Network Orchestrator solutions.

  1. Application Performance Monitoring

Almost everything within a network today comes down to two thing; applications and services. All the infrastructure that underpins everything boils down to providing some sort of application and or service to a user somewhere. Therefore it can be said that keeping the user experience good and ultimately the user happy comes down to making sure the application or service is performing optimally. To do this you first need to have complete visibility of all applications running through your network. Then you need to be able monitor the most critical applications to your business (usually productivity applications) and establish a baseline of what can be considered “normal”. You then need to be able to observe when these applications start not performing optimally and very quickly figure out why that is the case. Scrolling through pages of log data will not speed up this process, so most importantly you need something that can do all of this for you easily and provide that information back to you in simple (ideally) graphical format.

  1. Speedy Troubleshooting

By making sure your network resources are used optimally and your network proactively informs you of the performance and utilisation of your network applications; you will already have decreased the time it takes to troubleshoot network issues. Having done all this however, it is important to have a monitoring tool available to you that can instantly provide real time analysis of traffic passing through your network as well as being able to look instantly at historic utilisation data for comparison. This will inevitably speed up troubleshooting and reduce downtime.

Want to know more? Please get in touch. info@netutils.com

If you’re responsible for managing your company network bandwidth we would like to personally invite you to join our free half day technical workshop on Wednesday 3rd December 2014 at the National Space Centre, Leicester, UK. For more information and to sign up visit: http://www.netutils.com/exindaSpace.php

About Malcolm
As Senior Technical Presales Consultant at Netutils Malcolm consults and advises on specialist IT Networking, Security and Service Management requirements.