Get Your Head out of the Cloud Zero Trust Access for Hybrid IT
The Challenges
Pulse Secure's Zero Trust methodologies
• Visibility:
• Verify User:
• Compliance:
• Verify Device:
• User Experience:
• Protect Data:
• Scale and Reliability:
• Control Access:
A myriad of devices presents visibility challenges as it’s important to know both what is on the network and what is not. With the influx of devices connecting to an enterprise’s network, compliance issues get raised.
When security is hard to use, people will find a way around it. This leads to potential data leakage or loss, and stolen credentials. Enterprises must be able to scale security solutions without infrastructure issues — issues around things like load balancing can hinder the delivery of applications to users.
Single Sign-On (SSO) and multi-factor authentication (MFA). Profiling is key to secure the network access Host checking and location awareness to validate the device before it connects. Always-On and On-Demand VPN along with Per-App VPN tunneling ensures every transaction is encrypted. We control access to the data center, Cloud, Saas with centralized policy management
Your business depends on the cloud, but you worry about data leakage and other risks ? Extend Zero Trust Access for the data center to the cloud and worry no more.
For more information contact your local Pulse Secure expert via infoemea@pulsesecure.net or visit pulsesecure.net Copyright 2019 Pulse Secure, LLC. All rights reserved. Pulse Secure and the Pulse Secure logo are registered trademarks or Pulse Secure, LLC.
Investments on the rise for Cyber Security Solutions
T
he Middle East region is taking rapid strides towards a digital-first economy. Organizations are at advanced levels of digitization and cloud adoption. UAE is also a frontrunner when it comes to smart cities projects, with Dubai leading the way. Amidst all this cheer, there is an underlying worry of heightened cyber threats. Threats, that are not just increasing in numbers but are also becoming more strategic and complex. To enhance their cyber security posture, organizations in the Middle East, Turkey, and Africa are increasing investments on cyber security solutions, which is estimated to cross $2.7 billion this year. Despite these investments, organizations in the region are vulnerable to cyber attacks. To make matters worse 80% of data breaches are believed to occur due to weak/default passwords. Today's cyber criminals are technically advanced and can easily exploit these weak links to break into the networks. Once in, they can move around laterally with little or no resistance. Cyber threats are real and a constant source of stress for the CIOs. There are numerous technologies and techniques that CIOs continuously evaluate and deploy in accordance with their unique business needs. In this edition of your magazine, we discuss the novel concept of Zero Trust Access, which advocates the 'never trust, always verify' principle. Hardly a decade old, the concept has piqued immense interest in the security industry. Interestingly, zero trust access is not a technology, but an approach towards holistic cyber security. I urge you to read more about it in our cover story with the hope that you find it useful. As always, we have also included news about the latest announcements, partnerships, product launches and views from industry-leaders. We will also keep you informed about our upcoming events.
ontents
Dear Readers
Cover Story – 6
Zero Trust Access: Never Trust Always Verify
News Bytes – 4, 5
Spire Solutions partners with Mimecast Help AG Partners with Arista Networks
Interview
Data Diodes can protect from all External Threats – 10 Don’t Just Sell, Add Value – 11
Predict, Prevent, Detect, and Respond to Cyber Attacks – 12
News in Detail
McAfee MVISION Cloud Integrates With Google Cloud Platform – 13 ESET Secure - Authentication for MSPs – 15
Insight
Mcaffee Research - By Candace Worley, Vice President and Chief Technical Strategist at McAfee – 24
Tech Know
Taking a More Human Approach to AI – 25
EyeTech - 26 Vivek Sharma Managing Editor
Managing Editor: Vivek Sharma
Aruba 530 Series Access points
AXIS Q6215-LE PTZ Network Camera
Published by: JNS Media International MFZE
Content Lead & Business Development-
P.O Box 121075, Dubai UAE, Tel: +971-4-3705022 Fax: +971-4-3706639, website: www.VARonline.com Sales Inquiries: sales@var-mea.com All other Inquiries: info@var-mea.com | Editorial: editor@var-mea.com
Christopher David
Disclaimer: While the publishers have made every attempt possible to get accurate information on published content in this handbook they cannot be held liable for any errors herein.
Art Director: Faiz Ahmed Commercial Director - Mallika Rego
News Bytes
Pure Storage Acquisition Extends File Capabilities Pure Storage has announced that it has entered into an agreement to acquire Compuverde, a Sweden-based developer of file software solutions for enterprises and cloud providers. Compuverde will expand Pure Storage’s file capabilities, enabling enterprises to take advantage of advanced file offerings. The additional functionality reinforces Pure’s strategy to empower customers to implement true hybrid architectures -- whether they choose to leverage data on-prem, in the cloud, or a mix of both. Compuverde brings a robust ecosystem of technology partnerships and the company’s highly scalable software solution is deployed across global organizations in telecom, financial services, and media industries. “We’re excited about the opportunities that the Compuverde team and technology bring to Pure’s existing portfolio,” said Charles Giancarlo, Chairman and CEO. “As IT strategies evolve, enterprises look to leverage the innovations of the public cloud in conjunction with their onprem solutions. Through our expanding suite of hybrid data solutions such as Cloud Data Services, we continue to help our customers make the most of their data assets.” The acquisition is expected to close in April 2019.
Help AG Partners with Arista Networks for Zero-Trust and Cloud Security capabilities In line with its objectives of being a leader in the cloudbased delivery of security solutions and services and addressing Middle East enterprises’ security challenges through the implementation of the Zero-Trust model, Help AG has signed a partnership agreement with Arista Networks. As an elite partner, Help AG will offer design, implementation and support services for all solutions in the vendor's portfolio. Arista Networks pioneers software-driven, cognitive cloud networking for large-scale data centre and campus environments. Their platforms deliver availability, agility, automation, analytics and security. Highlighting the synergy between the companies which promoted the partnership, Stephan Berner, CEO at Help AG said, “We saw the potential for Arista’s cloud networking and data centre solutions to be leveraged from a security standpoint as these softwaredefined solutions offer unmatched control over data flows. Furthermore, with their open standards-based approach, Arista have established a very strong ecosystem with many of Help AG’s focus partners including Palo Alto Networks, Fortinet and F5 Networks. This enables us to create powerful integrations that deliver the strongest protection and greatest value to our customers."
Spire Solutions Partners with Mimecast to Make Email Safer for Businesses
To address regional customer challenges related to security of critical business information stored in digital form, ‘Disruptive Distributor’ Spire Solutions has partnered with email and data security company, Mimecast. “We at Spire, are very excited about this distribution partnership. Mimecast’s product offering will help us to enhance our local customers’ cyber resilience and provide next generation protection against advanced email-borne and internally generated threats”, commented Sapan Agarwal, Deputy VP - Product Management at Spire Solutions. “Our reselling partnership with Spire Solutions will help accelerate our rapid growth in the Middle East. Together we can help our joint customers better protect themselves from growing cyber threats with advanced protection, while at the same time improving their cyber resilience in the event of an attack with email continuity and archiving," said Jeff Ogden, General Manager Mimecast Middle East.
4 | April 2019
Huco wins VMware’s EMEA 2018 Regional Partner Innovation Award
Huco, recently won the EMEA 2018 VMware Partner Innovation award for Services at the VMware Partner Leadership Summit 2019, held in Carlsbad, CA. Huco’s winning streak continues after it was recognized as the services partner of the year 2018 METNA at VMworld conference last year. Huco is the only coveted VMware partner in Southern Europe and MENA while being among the first 6 exclusive partners globally to achieve all four of VMware’s Master Service Competencies for delivery excellence in Data Center Virtualization, Desktop & Mobility, Cloud Management & Automation and Network Virtualization. “Digital services help organizations prepare for the Fourth Industrial Revolution by building new channels to consumers while anticipating their modernization demands. At Huco we are constantly pushing the envelope of innovation boundaries by enabling these prototypes through agile designs and scalable & secure IT environments,” said Dilip Kalliyat, President, Huco. “We congratulate Huco on winning the Partner Innovation Award for Services in the EMEA, and look forward to our continued collaboration and innovation” said Jean Philippe Barleaza, EMEA Vice President, Channel, Alliances and General Business at VMware.
Kaspersky Lab Opens New Transparency Center in Madrid
Ring at Intersec Saudi Arabia Ring participated in the recenty held Intersec Saudi Arabia 2019 to promote its home security products and services, so customers and neighbours can experience Ring products firsthand and learn about their features and benefits. “Following Ring’s launch into the Middle East last year, we are excited to showcase our security products and solutions at Intersec,” said Mohammad Meraj Hoda, Vice President of Business Development-Middle East at Ring. “Ring’s mission to reduce crime in neighbourhoods drives every decision we make, and we hope to provide convenience and peace of mind to homeowners, the traveling parents or online shoppers by keeping an eye on their most important possession, their home, even when they can't physically be there. The goal is to bring the same convenience and security to Saudi Arabia neighbourhoods.” Ring showcased its latest suite of smart home security products, including the Ring Stick Up Cams, Ring’s first cameras meant for both indoor and outdoor use. In addition, Ring also showcased the Ring Video, Doorbell 2, Ring Video Doorbell Pro, Ring Video Doorbell Elite, Ring Floodlight Cam, and Ring Spotlight Cams.
Kaspersky Lab is opening a Transparency Center in Madrid will serve as a trusted facility for the company’s partners and government stakeholders to check source code of the company’s products. In addition to being a code review facility, the new center will function as a briefing center where guests will be able to learn more about Kaspersky Lab’s engineering and data processing practices. The center will open for its first visitors in June. The new center is being opened as part of the company’s Global Transparency Initiative – a set of measures being brought to life in order to fulfill growing demand from partners and government stakeholders for more information on how the Kaspersky Lab’s products and technologies work. “We see that businesses are most concerned about sensitive questions relating to data management processes. To meet those needs, we decided to open an additional Transparency Center where European clients, governments and regulators can receive answers to all their questions,” says Anton Shingarev, Vice-president for Public Affairs at Kaspersky Lab.
April 2019 | 5
Cover Story | Zero Trust Access
Zero Trust Access: NEVER TRUST, ALWAYS VERIFY Zero trust access is currently drawing a lot of attention as a possible approach that can help organizations strengthen their network security posture
I
n the digital-first economy, businesses
Mounting clean up costs and
are migrating workloads and
heightened threat of cyber attacks has
applications to cloud environments at
prompted organizations in the Middle
a rapid pace. To allow access to data and applications, the business networks are being accessed by an increasingly mobile work force. Then there are the IoT-enabled (Internet of Things) smart devices that connect to the network. The sum of all these activities is a massive increase in the entry points or surface available to cyber criminals for attacks. On their part, cyber criminals have become more sophisticated in technique and strategic in approach. They are leveraging technology to launch targeted attacks to inflict maximum losses with minimum effort. It is estimated by
East and Africa to significantly increase
IDC says IT security spending in the Middle East, Turkey and Africa will likely cross $2.7 billion in 2019
their spends on cyber security solutions. According to IDC, IT security spending in the Middle East, Turkey and Africa will likely cross $2.7 billion in 2019. However, investments in security products alone will prove insufficient in protecting businesses. “Just one set of compromised credentials can completely undermine the effectiveness of endpoint security, firewalls and other security technologies,” warns Stephan Berner, Chief Executive Officer at Help AG. It, therefore, becomes crucial for
IBM that the average cost of a data breach
organizations to deploy enough checks
is $4 million.
and measures to ensure only authorized
6 | April 2019
personnel can access the designated
Never Trust, Always Verify
of the location, further compound the
resources. Organizations must plug in as
In the traditional approach towards
security challenge as the protective
many entry points as possible and gain
security, organizations believe that their
wall defending the network no longer
in-depth visibility into the traffic—both
networks are at risk from external threats
exists. Therefore, it is not just about
internal and external—traversing the
and, therefore, tend to protect their
protecting the network. It is increasingly
network. Zero trust access is currently
networks from external threats, limiting
about verifying the users—people and
drawing a lot of attention as a possible
external access using various verification
machines—trying to gain access, and
approach that can help organizations
methods. However, internally, everyone
restricting unauthorized actors.
strengthen their security posture and
is trusted and can access the network
protect the crown-jewel assets. It
resources freely. In the traditional security
Monitor, Restrict
enables businesses to focus on identity-
approach, the IT teams create defense
The zero trust approach to security
centric measures that can reduce the
mechanisms to protect the perimeter
presumes that cyber criminals do not
attack surface and restrict threats from
using firewalls extensively. This is the
just attack the network from outside,
spreading. “By treating every user and device as an untrusted actor, zero-trust security prioritizes strong authentication and limits access and privileges, thereby dramatically enhancing protection against both external as well as internal threats,” says Berner.
What is Zero Trust Access Zero trust access is not a technology.
Organizations must deploy enough checks and measures to ensure only authorized personnel can access the designated resources
Rather it is a holistic approach towards strengthening network security not just at the perimeter but throughout the network. Zero trust access, also referred
classic moat-and-castle approach to
but there are potential attackers existing
to as zero trust security or zero trust
network security, which can place all
within. Therefore, no user or machine
architecture, is a security model that
control in a cyber criminal's hands should
is automatically trusted, enabling
mandates organizations to verify every
she be able to gain entry into the network,
organizations to address this vulnerability
entity—whether person or device—trying
as has been proved by various incidences
by not only monitoring and verifying the
to access network resources, internally
of data breaches. Once a cyber criminal is
traffic from outside the perimeter of the
or from outside the perimeter of the
able to enter the network, she can move
network but also internally.
network. This concept has been made
around laterally and look for resources that
popular by Forrester Research and
can maximize the exploits. And, in case
micro-segmentation, which requires
advocates the policy of 'never trust,
the attacker is from within, it is not difficult
organizations to categorize network
always verify'. The term came into being
to gauge the kind of destruction and losses
resources into smaller zones. To access the
in 2010, but gained wider attention
that an organization can suffer.
resources (applications, data, etc) on these
after a few years in 2014 when Google
To make it more complex, today's
At the core of zero trust access is
specific zones, users must have adequate
announced that it had implemented
network resources are spread across cloud
privileges and authenticate themselves.
the zero trust security approach for its
vendors, which means single security
Users or machines that have not been
network. Still later, in 2017, Gartner
check cannot be applied to resources
provided access privileges are, therefore,
proposed the Continuous Adaptive Risk
spread across clouds. Access through
denied access. For instance, the personnel
and Trust Assessment (CARTA).
smartphones and other devices, regardless
in the marketing department can access
April 2019 | 7
Cover Story | Zero Trust Access
data and resources related only to their
how to implement the suite of principles
function and not, say, data related to the
that are core to the zero trust access
technology-agnostic, it may not be that
finance or human resources departments.
philosophy. To this end, organizations must
simple to implement. Many organizations
Further, least privilege ensures users are
look to establish threshold levels of trust
implement the zero trust access approach
allowed only as much access as required.
for users, devices (including IoT devices),
with a mix of on-premise and on-cloud
They cannot access restricted resources
applications, and perimeters for app
applications with workloads that do
that they don't need. And since, resources
and network access. Organizations must
not tie in with on-premise directories.
are rendered dark, cyber criminals cannot
automate centralized policy enforcement
IT teams are, therefore, left to grapple
see them, which reduces the attack
to ensure access to correct resources
with managing numerous identities
surface.
along with an integrated threat response.
across disparate systems, workloads and
This will serve as the first step in closing
applications.
To verify legitimate users, multi-factor authentication (MFA) is fast becoming a
the doors on bad actors while allowing
popular method. Only passwords can no
genuine users to cruise through.
longer allow users access to the resources
While zero trust approach is
There are other challenges as well that organizations face while implementing zero trust access. For one, when an
they intend to reach. Users must provide
The Challenges
organization has applications that are a
multiple types of information, which
In the Middle East region, while there
few years old, they constitute technical
only they now. For instance, two factor
has been a lot of buzz around this new
debt—they are obsolete and cannot be
authentication (2FA) is now being widely
concept, uptake so far has been paltry.
used to develop new solutions. They may
used where in addition to entering their
It still remains a theoretical concept that
not even support the zero trust security
passwords, users must also key in the one-
promises benefits, but the on-ground
architecture. Replacing these existing
time-password (OTP) sent to an alternate
scenario is different.
solutions is, therefore, an expensive
device. Similarly, devices trying to access
proposition. An organization's need and
the network are monitored for adequate
inclination to incur such costs will dictate
authorization. Zero trust access ensures streamlined user experience for increased productivity and security.
Implementing Zero Trust Security
DID YOU KNOW? •
redefined the meaning of a trusted network, which was until now used to describe a network behind a defined corporate ubiquitous, and is accessed by people and
•
machines alike. As mentioned before, this has been due to upcoming technologies and processes like the cloud, IoT, and DevOps that have led to dissolution of the traditional network perimeter. To successfully implement zero trust access, Cisco advises organizations to adopt a practical approach. To begin with, organizations must decide when and
8 | April 2019
“Legacy infrastructure and network devices are most certainly not zero trustaware. They have no concept of least privilege or lateral movement, and they
The concept of zero trust security has
perimeter. However, the 'network' is now
implementation decisions.
•
Forrester Research introduced the concept of zero trust access in 2010
do not possess authentication models that
Google announced implementing zero trust access in its network in 2014
or wrapper, approach to enable these
Gartner proposed its concept of Continuous Adaptive Risk and Trust Assessment (CARTA) in 2017
dynamically allow for modifications based on contextual usage,” informs Morey J. Haber, CTO, BeyondTrust. “Any zero trust implementation requires a layered, systems. However, a layered approach entails wrapping the external access to the resource and rarely can interact with the system itself. This defeats the premise of zero trust. You cannot monitor the behaviour within a non-compatible application,” he adds. Even the digitally advanced organizations that can rebuild data centres and implement zero trust security model
face challenges from digital transformation.
cornerstone of modern business,” says
authentication of users and limiting
Cloud, DevOps, IoT, and IIoT driving the
Ray Komar, Vice President of Technical
privileged access such that only legitimate
digital transformation do not support the
Alliances, Tenable. The solution also allows
users are granted access. Therefore,
zero trust access model and the organization
the security teams to mitigate threats to
organizations cannot simply trust any
will need additional technology to deploy
cloud resources by effectively identifying
entity accessing their network resources,
the zero trust access approach. “The only
ephemeral assets with the connector and
irrespective of whether they are coming
successful zero trust implementations that
feeding that information into the platform
from within or outside the network.
have gone from marketing to reality are
to assess for vulnerabilities.
Organizations must check and verify each
ones that have baked zero trust in from day
Abdul Rehman Tariq, Regional Sales
and every access attempt made on their
Manager, Pulse Secure, MEA, says,
networks and ensure only designated
“businesses need to understand that
users can access the resources they are
Solutions on the Market
secure access is not just about users any
entitled to. Zero trust access approach
Despite the challenges, there are a number
more. Devices, applications, industrial and
reduces the attack surface not only by
of companies including Help AG, Tenable,
enterprise smart "things" are all looking to
rendering applications and workloads dark
one,” informs Haber.
Pulse Secure, Beyond Trust, and so forth that are introducing innovative solutions in the market and making efforts to educate customers about zero trust access. To address the vulnerability management in the Cloud—one of the biggest concerns for organizations—Tenable has integrated Tenable.io with Google Cloud Security Command Center (Cloud SCC) which provides organizations with
Zero trust is a holistic approach towards strengthening network security not just at the perimeter but throughout the network
enhanced visibility into their cloud assets, both public and private, via a single dashboard. Cloud-focused organizations get the ability to manage cyber exposure
access the network. Secure access not only
but also by limiting the lateral movement
across the entire modern attack surface and
needs to give robust compliance but also a
of cyber criminals who may succeed in
reduce cyber risk in their environments.
friendly user experience to both customers
gaining entry into the network.
Cloud SCC is a security management
and admins.” Pulse Secure's Pulse SDP
Going forward, with a proliferation
and data risk platform for Google Cloud
features always-on connection security for
in the number of IoT devices, there will
Platform (GCP), that helps security
automatic compliance, micro-segmentation
be a greater need for organizations to
professionals gain visibility and control
to separate services and apps for better
authenticate devices as well. Identity-
over their cloud resources and detect
security, ability to secure and manage
based privileged access for humans and
and respond to threats. Data collected
privileged/contractor/temp user access,
machines, layered with multi-factor
by Tenable.io is fed into Cloud SCC via
centralized policies to eliminate cloud and
authentication will provide organizations
Tenable’s GCP asset connector, giving
data centre security gaps.
with a mechanism to take control and protect their networks both from
security teams a unified view of all cloud-based assets in their environments.
Conclusion
internal and external threats. Despite
“This provides security teams with holistic
A study conducted by Verizon that reveals
the challenges that zero trust access
visibility that reflects live changes in
80% of breaches are linked to weak,
approach faces today, there is a concerted
digital workloads. This is a critical first
default, or stolen passwords
effort from industry and vendors that will
step in practising cyber exposure and a
emphasizes the need for more robust
increase its adoption in future. April 2019 | 9
Interview | Owl Cyber Defense
Data Diodes can Protect from All External Threats Well-secured backups and a layered defense-in-depth architecture are the basics of any comprehensive cyber security strategy, advises Kris Voorspoels, Regional Technical Manager, Owl Cyber Defense, United Arab Emirates
Cyber threats are steadily rising. How are you helping businesses safeguard critical infrastructures? Owl develops and offers the leading data diode cybersecurity technology on the market. Data diodes are hardware-enforced one-way data transfer devices that segment and secure networks and devices from all external threats. Unlike softwarebased tools such as firewalls, which rely on configuration and code to secure networks, data diodes are enforced by the laws of physics and are thus far more secure. Owl features a range of products to suit a variety of needs, including data filtering and two-way solutions. Owl solutions are used in critical infrastructure around the world to protect operational technology (OT) networks and devices, including the energy industry (oil & gas, petrochemical, upstream, midstream, and downstream), power generation (hydro, nuclear, fossil), transmission and distribution, water and wastewater (including desalination), telecom, transportation (rail and air), and even in financial services and healthcare. In case of a cyber-attack, what measures can help businesses ensure business continuity? Well-secured backups and a layered defense-in-depth architecture are the basics of any comprehensive cyber security strategy. As a part of this layered defense, data diodes provide
10  |  April 2019
a fantastic means to ensure business continuity through hardware-enforced network segmentation and air-gap level security. Threats cannot jump from one segment to another, and cannot access any network or device protected behind the data diode. The protected network cannot be pinged or probed, and all network routing information is hidden from potential threats. The trend of video content sharing is rising. How do you help businesses ensure transmission and/or retrieval of HD content without loss in quality? Owl prides itself on being the industry-leading innovator of data diode technology, which has led to the most powerful solutions available on the market today. No competing solutions can match the throughput, reliability, or range of supported protocols. Owl solutions are trusted by numerous customers, including the US Department of Defense, to stream high quality HD content over vast distances at near real time. Please talk about your Gisec participation and the road ahead for 2019. Owl has regularly exhibited at Gisec along with our regional partners Oregon Systems. We are excited to continue to serve the UAE and Middle East markets and look forward to future events.
Interview | Promise Technology
Don't Just Sell, Add Value For the last three decades while efforts were focused on storage, Promise did invest R&D resources into surveillance, rich media, and IT & data centers, informs Alan Cheng, Director-Asia Pacific, MEA Channel Sales, Promise
Please explain the benefits of becoming a Promise partner. As a solution vendor, we, at Promise, train our partners to add value to the customers instead of just selling at a given price point. We only select very few partners that are adequately qualified and have the required experience. We provide them with the training and certifications with surveillance planner. Partners can, therefore, design the overall solution very easily. If our partners decide to sell generic PC server into the surveillance market, they find that the margin is very low which makes it difficult for them to provide adequate services to their customers. That’s the reason, majority of our partners in the Middle East have been working with us for a decade. Please discuss how enterprises can benefit using Promise technology solutions? Promise focuses on three segments. In surveillance, we invest the R&D resources to fine-tune the performance, which shows in the performance of the Promise solutions when compared with the competitors. In the Rich Media segment, Promise works very closely with Apple and provides state-of-the-art end-to-end solutions. From insert, video editing, asset management and archive system, Promise collaborates with application partners to provide total solution with Apple certification level quality to the customers. Finally, in the IT and Data Center segment, CERN tested Promise products for two years, and then adopted more than 7,000 machines with Promise VTrak J series. The enterprise customers not only get cost-effective but also high quality solutions and products with superior service and support from Promise. How has Promise kept up-to-date with AI and ML norms in its offerings? Promise has been completely focused on storage business for the last 30 years. But, we did invest our R&D resources into the above three segments and collaborated with application vendors to provide outstanding value-add. Artificial Intelligence, Machine Learning, and Deep Learning are IT trends, but they still need more time and more use cases to mature. In fact, Promise already provides related solutions in the Surveillance segment. Police department has been using application partner solution from Promise for the last two years to easily identify a suspect’s car. In the product line, Promise had launched surveillance solutions to support GUI card last year and we can support an increasing demand created due to widespread use of AI, ML and DL.
Alan Cheng Director-Asia Pacific, MEA Channel Sales Promise Technology Inc.
Please discuss your strategy in the region keeping in mind expo 2020. Promise has always positioned itself as a storage solution expert. To support the expo 2020 requests, Promise Dubai office will move to better location with larger space as the new office is quite near the expo 2020 location. In our new Dubai office, we plan to have a demo center and our application partners can easily test and bundle their solution with Promise storage. In keeping with the theme of Expo 2020 "Connecting Minds, Creating the Future", we may leverage big data, AI, ML and DL technology, but storage and information are always our key success factors. We plan to invest locally, unite partners and customers and make a remarkable impact. This is what Promise is committed to and this is exactly what we are doing right now. April 2019 | 11
Interview | CrowdStrike
Predict, Prevent, Detect, and Respond to Cyber Attacks Rawad Sarieddine, Senior Director of Sales, META at CrowdStrike agent which provides best security, better performance and deals with all the three threat vectors. We call this platform, the Falcon platform.
What can the businesses do to prepare themselves to fight Malware? It is true that malware is a major problem for all organizations. However, as we witness every day at CrowdStrike, nonmalware based attacks are prevailing in today's threat landscape. More than 50% of attacks are non-malware based attacks. So the advice to businesses is that they need to balance their security program between prevention and detection. We still need to close the doors to prevent those malware from coming in, but at the same time, we need to have the right measures to be able to look at non-malware based attacks as well. CrowdStrike has designed a lightweight agent, which can help organizations protect themselves from both malware- and non-malware-based attacks, that leverage existing admin tools and vulnerabilities in applications and operating systems. The fascinating factor about CrowdStrike is that we not only offer security, but we do that with simplicity and speed. So we provide better performance, and add value by taking into consideration the time factor. CrowdStrike solves the problem of agent bloat in legacy solutions, by giving a lightweight
12 | April 2019
Cyber criminals are increasingly using evasive techniques to avoid detection. How big a challenge is this? This is a major problem. These advanced guys are so stealthy that they aren’t just looking at a hit and run. At CrowdStrike, we call this a weak signal or the silent failure. Today, attackers can bypass traditional prevention measures. But with tools like Falcon, organizations can collect data once the damage has happened, and use this data to understand what went wrong, and come back to their normal state as soon as possible. We believe CrowdStrike has a legacy in this area. We introduced to the market what we call live response. We have one of the best detection tools in the market to detect malware- and non-malware-based attacks. We also introduced the EDR (end point detection & response) concept to the market and we do this in a unique way which would involve live response. This means, we try to differentiate between an incident and a breach. Incidents will always happen, but you need a tool that can detect this incident very early in the attack chain and break that before it becomes a breach. Customers who test our EDR products get visibility which is second to none. At CrowdStrike, our agent does the best collection in the market and while collecting from memory, we measure the live indicators of attacks. Crowdstrike is a threat intel driven company, and intelligence powers all the great technology capabilities we offer.
How can businesses keep ahead of the evolving cyber security challenges? Cyber security is always a race between defenses and the hackers. So, you must predict, prevent, detect, and respond. Before the hackers come in, they are well prepared. They gather intelligence with social engineering to understand who's who, and then find a way to come in right. And again, not necessary to push malware. Similarly, they gather intelligence about you. For 2019 cyber security program, you must have a threat intelligence program in your organization that can predict. For instance, when hackers come in, even if you block them, they will never stop as they have a target to achieve. You must also gather intel about them the same way they gather intel about you. You must therefore, get a threat intel led security program in your organization and threat intel is baked into everything we do, our products our services. Also, look at threat intel. If it's not actionable, it’s meaningless. At, CrowdStrike we help our customers make intel actionable. We just launched a new product called Falcon AP. It's a unique product in the market which combines threat intelligence with prevention. Also, an indicator of a compromise is just as important. It's like a fingerprint of the malware. When organizations find hackers are after them, they try to gather the fingerprint of the malware. Even if you sweep by IOC, and you don’t find anything, it doesn't mean you're clean. CrowdStrike has elevated the game to sweep not by malware fingerprint but by adversary fingerprint. We know the hackers, their indicator of attacks, and their techniques to prevent them from dropping the malware.
News In Detail
McAfee MVISION Cloud Integrates With Google Cloud Platform
M
cAfee has announced its support for Google Cloud Platform (GCP) Cloud Security Command Center (Cloud SCC). McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources and detect and respond to threats. Cloud SCC users can gain information from an extensive configuration audit capabilities of McAfee MVISION Cloud to locate hidden risks and enforce configuration best practices. Cloud SCC is a comprehensive security management and data risk platform for GCP, designed to help security teams prevent, detect and respond to threats from a single-pane-ofglass. It provides visibility in what assets are running in Google Cloud as well as risky misconfigurations, so enterprises can reduce their exposure to threats. With incident data from McAfee MVISION Cloud, Cloud SCC becomes an even more powerful tool to improve an organization’s security and risk posture within GCP. Key benefits include: o Incident Investigation: With an added layer of visibility from McAfee MVISION Cloud, security professionals can prioritize violations and investigate activities, anomalies and threats with improved insight. o Configuration Auditing: Users can leverage industrybenchmarked configuration audit policies designed to comprehensively evaluate GCP resources and give an end-toend assessment of risk. o Security and Compliance Controls: Users can be notified to take action deep within the family of GCP services to correct policy violations and stop security threats. “With McAfee MVISION Cloud for CSCC, security operations professionals can tap into an extensive cloud security incident data from McAfee MVISION Cloud for an added layer of insight to improve their security and compliance outcomes,” said Rajiv Gupta, senior vice president, Cloud Security Business Unit, McAfee. “Users will have the ability to make quicker and more informed actions in Cloud SCC, ultimately resulting in enhanced security and improved business impact.” In close partnership with Google Cloud, McAfee allows
Rajiv Gupta Senior Vice President, Cloud Security Business McAfee
customers to build their security and event management ecosystems in an easy, intuitive way. The ability to choose the most relevant metrics from any vendor and collect that data in one place allows organizations to get the best usage out of GCP with the minimal amount of risk. McAfee worked closely with Google to ensure the seamless sharing of this critical security incident data so that customers can spend more time being productive in the cloud, and less time worried about locating hidden risk. April 2019 | 13
News In Detail
Gemalto Expands Cloud HSM On Demand Solutions
G
emalto has announced the availability of three new cloudbased Hardware Security Module (HSM) services, HSM On Demand for CyberArk, Hyperledger, and Oracle TDE. Each service is available through the SafeNet Data Protection on Demand platform, a marketplace of cloud-based HSM, encryption and key management services that integrate with widely used cloud services and IT products to protect data wherever it is created, accessed, or stored. The rapid adoption of cloud and digital services has made it difficult for organizations to secure data and identities that are created, stored and managed outside the perimeter. While organizations recognize that data encryption is the optimal solution to secure sensitive information, they can be challenged by the cost and complexity of deploying encryption, including Hardware Security Modules to secure their cryptographic operations. Gemalto’s SafeNet Data Protection On Demand solves these challenges by providing cloud-based HSM services that and can be deployed in minutes without the need for highly skilled staff. Gemalto, a leader in the HSM market, is proven to help customers secure their encryption keys and data across cloud, hybrid, and on-premises environments. “A worsening threat landscape, combined with aggressive cloud adoption and evolving privacy regulations, have presented complex new challenges,” said Todd Moore, Senior Vice President of Encryption Products at Gemalto. “Our newest Cloud HSM On Demand services help organizations stay in front of new threats and regulations, by easily deploying an HSM solution for the strongest possible key management and security practices, all while providing fast, easy set-up, with remarkable savings over traditional approaches involving specialized hardware and skills.” “Many organizations would like to deploy data security more broadly, but are often wary due to concerns about complexity, cost and staffing requirements, particularly with respect to encryption and key management,” said Garrett Bekker, Principal Analyst at 451 Research. “The release of SafeNet Data Protection On Demand was a positive step towards addressing those concerns, and extending its cloud HSM capability to newer use cases like blockchain, database security and privileged credentials is a logical and timely move.”
14 | April 2019
Todd Moore Senior Vice President, Encrption Products Gemalto
Our newest Cloud HSM On Demand services help organizations stay in front of new threats and regulations, by easily deploying an HSM solution for the strongest possible key management and security practices.
ESET Extends Reach of 2FA Product, ESET Secure Authentication, to MSPs
E
SET has announced that it has made its smartphone-based
has been shown to be ineffective, unless we are counting
2FA solution, ESET Secure Authentication (ESA), available
increases in users’ frustration. With functionality like push
via its 4000+ strong MSP Partner’s Program.
notifications, ESA strives to make both identity verification and
ESET Secure Authentication can be leveraged within ESET's daily
the broader increase in network and application security easy
billing - monthly invoicing model to increase profit and offer
for both local admins or, as is increasingly the case, by MSPs
clients near-immediate improvements to security via 2FA, by
providing 2FA as part of their service model.”
addressing the clear weaknesses surrounding passwords and
With most organizations accepting the risk associated with
access. These benefits are offered within the existing user-
remote access by default, authentication is needed to access
friendly licensing model for ESET Endpoint Protection, and
tools, and data becomes a business-critical issue. This is a key
accessible via the ESET MSP Administrator dashboard. The now-
point, as tens of millions of employees daily log into multiple
expanded portfolio adds another step to improved security for
platforms and face the persistent risk of their credentials
client networks.
being compromised. Verifying identities via strengthened
Identified as a critical area for improvement among GDPR’s best practices for compliance, stolen or weak passwords account for around 80% of hacking-related breaches. Despite this,
authentication protocols is of utmost importance for companies of all sizes. Now MSPs can help their clients address that risk
passwords remain the most common, and yet most insecure,
holistically with ESET Secure Authentication, simultaneously
method of user authentication. And, while the wisdom that
increasing the value of their services and taking the relationships
“passwords regardless of length or complexity are not sufficient
with their customers to new levels. As a smartphone-based
on their own" has spread, many businesses haven’t addressed
solution for the end-user, ESA slashes the cost of acquisition by
the low-hanging (security) fruit that is 2FA.
working with existing iOS, Android and Windows Mobile devices,
ESET Senior Product Manager for Business Security, Vladimír Maovík says, “forcing users to create more complex passwords
and by making it possible to implement it in under 10 minutes, including the ESA server install. April 2019 | 15
News In Detail
Infoblox Now Supports Google Cloud and Single Sign-On in Latest Version of NIOS
Kanaiya Vasani Executive Vice President, Product & Corporate Developement Infoblox
I
nfoblox has announced updates to its Network Identity Operating System (NIOS) platform that enhances multicloud capabilities and improves security. NIOS 8.4 adds support for Google Cloud Platform (GCP) and single sign-on to provide customers with an improved network security experience. This latest update is a testament to Infoblox’s commitment to addressing customer needs and providing a solution that is purpose-built for their unique environments. Automation and management simplicity are crucial in today’s rapidly changing business environment. Enterprises
16 | April 2019
are adopting the hybrid cloud model to increase efficiency and agility. Efficient use of the hybrid cloud requires rapid deployment of DDI services across platforms, unconstrained by the cloud vendor. NIOS 8.4 adds support for Google Cloud Platform, complementing Infoblox’s current integrations with Amazon Web Services (AWS) and Microsoft Azure, to give customers efficiency and choice when defining their hybrid cloud strategies. Cross-platform discovery, enables Infoblox Authoritative IPAM to provide up-to-date visibility and to automate the provisioning and reclamation of IP addresses, regardless of whether one is using GCP, AWS, and/or Azure. This latest version of NIOS breaks down the complexity of network management by implementing Single Sign-On (SSO) capabilities. Customers can simply log into NIOS 8.4 via one platform improving ease-of-use without compromising network security. New VLAN management capabilities in NIOS 8.4 further improve network efficiency and resource administration. New VLAN management capabilities in NIOS 8.4 help improve network efficiency and resource administration. Network administrators can group, view, and assign VLANs to networks as well as validate assigned VLANs with those VLANs that have been discovered by Infoblox Network Insight or NetMRI. This VLAN inventory data and conflict report information can then be used to generate additional reporting. This expands the Infoblox Authoritative IPAM support to include authoritative for VLANs. “Organizations rely on high-performance networks that run at top efficiency,” said Kanaiya Vasani, executive vice president of products and corporate development at Infoblox. “These networks are also under constant pressure to accommodate emerging demands on DNS, DHCP and IP Address Management (DDI) services. With NIOS 8.4, Infoblox enables organizations to deploy robust, manageable and costeffective DDI services to networks of any size.” Improved functionality in NIOS 8.4 enables customers to take advantage of Infoblox’s next level networking solution without compromising on security or simplicity.
STC Partners with NETSCOUT for DDoS Protection in Saudi Arabia and the Region
S
Yasser Alswailem General Manager, Cyber Security STC
audi Telecom Company (STC) has partnered with
NETSCOUT DDoS solution, Arbor TMS, supports a mitigation
NETSCOUT to strengthen cyber defense capabilities to
architecture called diversion/reinjection. Arbor TMS removes
protect the infrastructure against service-disrupting
only the malicious traffic and forwards the legitimate traffic
Distributed Denial of Service (DdoS) as a proactive measure
to its intended destination. This is advantageous for service
to enhance the detection and mitigation capabilities to ensure
providers, large enterprises and large hosting/cloud providers
the availability of the network resources. STC can provide a
because it enables a single, central Arbor TMS to protect
high level of DDoS protection to its clients and partners in the
multiple links and data centers. The result is a more efficient
Middle East & North Africa.
use of mitigation capacity and fully non-intrusive security.
“Cyber resilience is critical in the age of IoT, Cloud, Digital
“Through proactive monitoring, customers who subscribe
Economies and increasing Digital Transformation”, says Yasser
to DDoS Protection service are protected from such attacks
Alswailem, General Manager Cyber Security for STC. “DDoS’
and provided with clean Internet in a manner where only
frequency, scale, and accuracy are reason why many hackers
malicious traffic is intercepted and handled, so as to maintain
choose it for their attacks against a target. As a result of our
business continuity and resiliency”, commented Mr. Fahad
expanded NETSCOUT deployment, we can perform mitigation in a
Aljutaily, VP Cyber Security for STC Solutions, the delivery arm
larger and more automated way that is simpler and faster.”
of STC Business.
NETSCOUT’s Arbor Sightline solution provides
“Our solutions are designed to provide our enterprise
comprehensive network visibility and reporting capabilities
customers with the best DDoS protection they may require
to help STC detect and understand availability threats,
in light of the modern cyber security threats they are facing.
and improve traffic engineering, peering relationships and
Partnering with STC Group and supporting their clients in the
service performance. STC works closely with STC Solutions
Kingdom of Saudi Arabia by strengthening their infrastructures
to train cyber security professionals who will manage the
will allow us to add value to the regional network security,”
NETSCOUT solution, deployed within STC network as well
said Mohammad Alyousef NETSCOUT’s Regional Sales Manager
as client/partner infrastructures. A vital component of the
in the Middle East & North Africa.
April 2019 | 17
News In Detail
SANS Institute Provides Hands-on Cyber Security Skills Training at SANS Riyadh 2019
Ned Baltagi Managing Director, MEA SANS Institute
S
ANS Institute helped cyber security professionals in Saudi Arabia develop deep, hands-on skills through immersionstyle training during SANS Riyadh 2019. Expert instructors including some of the world's top cyber security practitioners helped participants develop skills in network penetration testing, ethical hacking, advanced incidence response, threat hunting and defending web applications security essentials, to protect and defend their organisations against ever-increasing cyber threats. “Cyber-crime is in a state of constant growth, both in
18 | April 2019
terms of volume and impact. This holds true globally as well as in the Middle East. Saudi Arabia has seen a significant increase in connectivity due to the rapid development of smart cities and other ambitious infrastructure projects, as a part of the Kingdom’s Vision 2030 initiative, making it a tempting target for other state actors and cyber criminals ,” said Ned Baltagi, Managing Director, Middle East & Africa at SANS Institute. “It is therefore critical for government and enterprises to strengthen their security posture, hire more cyber security practitioners and upskill their existing cyber security team to keep up with the fast-changing technology landscape. Developing the skills of cyber security experts in Saudi Arabia has to be the top priority to help prevent future attacks.” “Recruiting the right talent is an undeniable challenge. Companies need to effectively manage their human capital development and plan for security resources to take 1-2 personal development courses a year to maintain their ability to secure the organisation. At SANS Riyadh 2019, our top global cyber security experts provided the kind of hands-on immersion style training that will give delegates the skills they need to distinguish them as information security leaders,” Mr. Baltagi added. SANS Institute’s mission is to deliver cutting-edge information security knowledge and skills to all students in order to protect people and assets. The SANS promise that students will be able to use the new skills they have learned as soon as they return to work is at the heart of everything the company does. Top cyber security experts Hidayath Khan, Matt Bromiley, David Szili, Ian Reynolds, Nik Alleyne, Chris Dale and Tim Garcia will conduct sessions with comprehensive coverage of tools, techniques and methodologies, and train participants to find vulnerabilities and mitigate their effects. SANS Institute has planned a number of regional events in 2019 across the UAE, Saudi Arabia, Qatar, Oman, Bahrain, Egypt, and Kuwait.
HPE and Nutanix Sign Agreement to Deliver Hybrid Cloud as a Service
Dheeraj Pandey Founder, CEO, Chairman Nutanix
H
ewlett Packard Enterprise (HPE) and Nutanix have announced a global partnership to deliver an integrated hybrid cloud as a Service solution to the market. This offering will leverage Nutanix’s Enterprise Cloud OS software including its built-in, free AHV hypervisor, delivered through HPE GreenLake to provide customers with a fully HPEmanaged hybrid cloud that lowers the total cost of ownership and accelerates time to value. Additionally, as part of the agreement, Nutanix will enable its channel partners to directly sell HPE servers combined with Nutanix’s Enterprise Cloud OS software so that customers can purchase an integrated appliance. Businesses today are under constant pressure to innovate and accelerate digital transformation. However, current legacy approaches to hybrid IT present many challenges, including complex
systems that require large IT operations staff, increasing software licensing and operating costs, and concerns over vendor lock-in. As a result, businesses are losing flexibility in a world that demands choice and agility. The HPE-Nutanix partnership addresses these challenges by delivering an attractive alternative that reduces cost and complexity. The combined offering will provide fully managed hybrid cloud infrastructure delivered as a Service and deployed in customers’ data centers or co-location facility. The combination of HPE GreenLake and Nutanix Enterprise Cloud OS software is ideal for customers who want to use Nutanix, including its AHV hypervisor technology, to support a range of use cases. These include mission-critical workloads and big data applications; virtualized tier-1 workloads such as SAP, Oracle, and Microsoft; as well as support
for virtualized big data applications, such as Splunk and Hadoop. “HPE created the modern on-premises, as a service consumption market with HPE GreenLake. Hundreds of global customers leverage HPE GreenLake to get the benefits of a cloud experience combined with the security, governance, and application performance of an on-premises environment, while paying for the service based on actual consumption,” said Antonio Neri, president and CEO, HPE. “Our partnership with HPE will provide Nutanix customers with another choice to make their infrastructure invisible so they can focus on business-critical apps, not the underlying technology,” said Dheeraj Pandey, founder, CEO and chairman of Nutanix. The Nutanix Enterprise Cloud OS software on HPE GreenLake and the integrated appliance utilizingNutanix software on HPE servers are expected to be available in Calendar Q3 2019. April 2019 | 19
News In Detail
NetApp Accelerates Access to Critical Business Data with Ultrafast Performance
Joel Reich Executive Vice President, Storage System & Software NetApp
N
etApp has announced NetApp Memory Accelerated Data (MAX Data) 1.3 supporting the Intel Optane DC persistent memory to enable organizations stay competitive by doing more with their data. Companies are challenged with using unprecedented volumes of data to achieve real business impact. Taking advantage of data is often easier said than done. New applications such as artificial intelligence, machine learning,
20 | April 2019
deep learning, real-time analytics, and Internet of Things, all of which are memory-hungry and fueled by massive datasets, compound this challenge. By using a promising new memory tier, NetApp helps customers put their data to work without having to rearchitect their critical applications. MAX Data gives customers the tools to unlock the value of enormous datasets and extend a Data Fabric strategy into their servers with applications and data, critical to their business. "As the leading developer of digital humans technology and creative content, we chose NetApp MAX Data to support our SUNFLOWER Framework that enables acquisition of huge 3D and 4D data sets, for which intense development work is then fueled with more application workloads per server," said Milan Kljajic, system engineer, 3Lateral. “With NetApp MAX Data now supporting Intel Optane DC persistent memory, organizations can accelerate data pipelines across an entire enterprise to power applications such as Oracle and MongoDB with the simplicity, choice, and scale necessary for real business impact,” said Joel Reich, executive vice president, Storage Systems and Software, NetApp. “With the volume of data generated and managed across on-premises data centers, IoT devices and sensors, as well as in hybrid cloud environments, having a Data Fabric strategy that spans edge, core, and cloud is essential to business success.” “Customers can unlock the value of their data stockpiles with the powerful combination of second generation Intel Xeon Scalable processors and Intel Optane DC persistent memory,” said Jennifer Huffstetler, vice president and general manager, Datacenter Product Management and Storage at Intel. “Working with innovators like NetApp will help us move, store and process more data than ever before.” MAX Data is the industry’s first enterprise storage solution using Intel Optane DC persistent memory in servers to store persistent data delivering affordable, memory-like low latency and flash-like capacity, without any rewrites required to application code, allowing companies to take full advantage of the benefits of real-time apps.
News In Detail
New Veeam Backup for Microsoft Office 365 Version 3 Now Available
V
eeam has announced the new Veeam Backup for Microsoft Office 365 v3, offering organizations faster backup, improved security, enhanced visibility and analytics. As enterprises are responsible for protecting their Office 365 data, Veeam’s solution delivers secure backup for Office 365 Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams, enabling quick recovery of individual items and efficient eDiscovery of backup data for Office 365 or hybrid environments. “A majority of organizations are adopting the Microsoft Office 365 platform and while Microsoft provides management and uptime for the cloud-based services, it is the individual company’s responsibility to protect their data. Veeam’s solutions give organizations the control to intelligently manage and retain access to their businesscritical information for regulatory governance, compliance and recovery purposes,” said Danny Allan, Vice President of Product Strategy at Veeam. “Veeam Backup for Microsoft Office 365 has been downloaded by more than 55,000 organizations, representing seven million Office 365 users. This solution represents 549 percent year-over-year growth and now takes the place as our fastest-growing product. With the market acceptance and demand of this solution, we expect version 3 to further accelerate our dominance in this space.” The rapid market adoption and growth of Microsoft Office 365 has created an opportunity for service providers to offer backup solutions to more than 140 million Office 365 users in a $2.5 billion market. With Veeam Backup for Microsoft Office 365 v3, Veeam Cloud & Service Providers (VCSPs) assist with secure backup of Office 365 Exchange Online, SharePoint Online and OneDrive for Business data; quickly restoring individual items through a number of flexible receiver options and providing the capability to automate and scale an Office 365 backup revenue stream. Veeam Backup for Microsoft Office 365 v3 eliminates the risk of losing access to business-critical data and ensures the organization remains in control. Version 3 makes it easier to efficiently back up and reliably restore Office 365 Exchange, SharePoint and OneDrive data with:
22 | April 2019
Danny Allan Vice President, Product Strategy Veeam
• Up to 30x faster backup for SharePoint Online and OneDrive for Business • Improved security for Office 365 backup data with support for multi-factor authentication • Enhanced visibility and analytics with Office 365 data protection reports to help identify unprotected mailboxes while managing license and storage use. Veeam Backup for Microsoft Office 365 v3 is available immediately in one- to five-year annual subscriptions.
Insight | Xerox Corporation
Here’s Something Cloud Can’t Take Away from You By Jim Morrissey, VP US Channels Document Technology Partners, Xerox Corporation
C
loud computing has been great news for customers,
workflows and producing a more complete product with less
offering higher service levels at lower cost. Initially, many
human intervention. Today’s printing solution delivers a robust
IT channel partners saw it as bad news for themselves,
finished product in full color, often bound and ready for delivery.
eliminating many hardware purchases and the service
It is no longer bound so much by the proximity of the user to
engagements attached to them, including installation, integration,
the printer.
maintenance, repair, support, training, and more. Over time, partners have adjusted their businesses, adapting
Even supplies have been redefined by the services used to track their consumption and provide timely replenishment. Users
to the new realities created by cloud computing. Customers still
don’t think about supplies until they run out. An enterprising
require many of the services they have always engaged partners
channel partner literally saves them from themselves in many
to provide, including data migration, user support, server and
instances.
storage management, integration between various cloud services
Print automation has also progressed bringing a host of new
from multiple providers, security, regulatory compliance, data
possibilities through programming. Many channel partners now
analytics, and more. If anything, cloud computing has encouraged
develop software solutions specifically for print environments.
some partners to vary their skills and provide new services.
As with so many other segments of the IT environment, channel partners can choose to partner with these new providers to sell
Input and Output Require Endpoints
these solutions to their customers. They can also leverage this
One issue which cannot be overlooked is the continuing need for
partnering while they themselves develop new capabilities.
hardware in the age of the cloud. Users still require endpoints through which to enter and retrieve information. While processing
Think and Sell Value
of that information may take place on servers resident in a
As print management has evolved, so has the channel. Where
cloud data center, the user still needs a computer, a tablet, a
we once sold speeds and feeds, how fast the printer could
smartphone or some other device to interact with and process
produce results and how many different media and data sources
the information, and output devices to produce results from that
could be integrated, we soon evolved to selling solutions to
processed information.
specific business challenges.
Print is the most robust category of output devices. If your
Today we recognize the underlying issue that customers
customers need to print something, they have to have a printer.
have always been most concerned about. When they invest
Along with those printers they’ll need supplies, and they will no
in any technology solution to any information management
longer have staff designated to keeping track of and replenishing
challenge, what they seek most is value. How much more
those supplies. Being mechanical devices, printers require
value can they bring to the outcomes they obtain from each
maintenance and repair.
IT investment? How much can they reduce initial and ongoing operating costs?
Why cloud computing is as good for channel partners as it is for their customers
Cloud has taught them that they can obtain higher service levels at lower cost. That’s what they expect now from everything they consume. Your challenge is to cloud-proof your
The Evolution of Print Solutions
endpoint business by adding the products, supplies, and services
Printing is now evolving, using automation to streamline
customers require to satisfy their ongoing need to print.
April 2019 | 23
Insight | McAfee
New McAfee research reveals 61 percent of it professionals have experience a serious data breach Integration of Security Solutions and Employee Training Recognized as Top Steps to Reduce Growing Severity of Breaches
M
cAfee, the device-to-cloud cybersecurity company, released Grand Theft Data II – The Drivers and Shifting State of Data Breaches, which revealed that despite improvements in combating cybercrime and threats, IT security professionals are still struggling to fully secure their organization and protect against breaches with 61 percent claiming to have experienced a data breach at their current employer. Adding to this challenge, data breaches are becoming more serious as cybercriminals continue to target intellectual property putting the reputation of the company brand at risk and increasing financial liability. McAfee’s study demonstrates the need for a cybersecurity strategy that includes implementing integrated security solutions combined with employee training and an overall culture of security throughout the organization to reduce future breaches. The McAfee report highlights the following: • Savvier thieves: Data is now being stolen by a wide range of methods, with no single technique dominating the industry. The top vectors used to exfiltrate data are database leaks, cloud applications and removable USB drives. • IP tied for 1st: Personally identifiable information (PII) and intellectual property (IP) are now tied as the data categories with the highest potential impact to 43% of respondents. Notably, PII is of greater concern in Europe (49%), most likely due to the recent enforcement date of the General Data Protection Regulation (GDPR). In Asia-Pacific countries, intellectual property theft is of greater concern (51%) than PII. • Blame game: IT is looked at as the culprit with 52 percent of respondents claiming IT is at fault for creating the most data leakage events. Business operations (29 percent) follows as the next most likely to be involved. Highly regulated internal groups including finance (12 percent) and legal (6 percent) were the most secure. • The great divide: Security technology continues to operate in isolation, with 81 percent reporting separate policies or management consoles for cloud access security broker (CASB) and data loss prevention (DLP), resulting in delayed detection and remediation actions. • Taking responsibility: There is a rift in regard to accountability – 55 percent of IT professionals believe that c-level executives should lose their job if a breach is serious enough, yet 61 percent also state that the c-level executives they work with
24 | April 2019
By Candace Worley, vice president and chief technical strategist at McAfee
expect more lenient security policies for themselves. • Future proofing: IT professionals are taking action, with almost two-thirds stating they have purchased additional DLP, CASB and endpoint detection solutions over the last 12 months. Respondents believe that between 65 and 80 percent of breaches experienced would have likely been prevented if one or more of these systems had been installed. The stakes are higher as multiple attack methods are now used in a breach as cybercriminals continue to target personal data and intellectual property. Furthermore, IT security teams are increasingly concerned about external threat actors compromising their network, which has forced more organizations to publicly disclose when breaches occur. The severity of publicly disclosing breaches results not only in financial repercussions but damage to brand and reputation as well.
TechKnow | ServiceNow
Taking a More Human Approach to AI
A
rtificial Intelligence (AI) is all about machines, obviously. Except it’s not. AI is all about us-the humans-and how it can make our lives better.
Application of AI Many enterprises are struggling to find appropriate use cases for new and emerging AI technologies. Companies need to find the workflows inside their business models that can benefit from AI. Individual business units will need to identify their work problems and challenges when looking for the workflows that can be digitised. These are the parts of business that represent liquid gold, i.e. once we tap the seam, we can channel these functions into AIdriven services that subsequently run as digital workflows.
Practical examples In a typical office, when people leave, we must manage who has a key fob for access to the car park. This job typically performed manually through the use of a spreadsheet, is time consuming, error-prone and obviously creates security issues. It’s a perfect example of the type of tasks that can be driven by artificial intelligence. Our analytics engine should know that an employee is leaving, hence reports, alerts, emails and even mobile device management, to cancel the key fob, can all happen automatically.
Automating a bad process doesn’t make it good There’s no point applying AI to automate a bad process as it doesn’t make it a good process. This re-engineering is an opportunity to stop doing the things that are redundant. An example from our recent hackathon, is a tool that helps file patents. Using AI and ML, our team trawled the web for all registered patents using word recognition to identify connected words and see if a new invention already existed in some form already. This would have been a costly manual work but now it can be digitised.
The human factor Moving down the humanised road to AI, we will find that AI itself gets smarter as it learns our behavioural patterns, penchants and preferences. We must still be able to apply an element of human judgement where and when we want to. The future of AI is smarter and more human. Currently, we’re at a crucial point of fusion between people and machines and it’s going to be a great experience.
Chris Pope VP Innovation ServiceNow
Moving down the humanised road to AI, we will find that AI itself gets smarter as it learns our behavioural patterns, penchants and preferences. We must still be able to apply an element of human judgement where and when we want to.
April 2019 | 25
EyeTech
Aruba 530 Series Access Points
AXIS Q6215-LE PTZ Network Camera
High performance 802.11ax wireless for high density mobile and IoT deployments
Overview: The Aruba 530 Series with 802.11ax (Wi-Fi 6), combined with Aruba intelligent software features are designed to deliver high performance connectivity in extreme density deployments of mobile and IoT devices. The 530 Series is designed to simultaneously serve multiple clients and types of traffic, boosting overall network performance by up to 4X versus 802.11ac APs. In addition to 802.11ax benefits, the 530 Series also provide Aruba differentiated capabilities that include AI-powered RF optimization, always-on connectivity and WPA3 certified security. Additionally, Green AP mode for 802.11ax APs also leverages AI/ML capabilities for energy savings of up to 70%.
Overview: Axis Communications has launched AXIS Q6215-LE PTZ Network Camera to meet the increasing demand for more heavy-duty PTZ cameras with built-in IR (Infrared) illumination. This new model comes with a 1/2-inch sensor and combines great image quality with fast pan, tilt, and zoom functionality. The camera features long-range OptimizedIR with IR-LEDs that adjust to the camera’s zoom and can deliver
Key Features:
superior videos in low light or complete darkness up
• • • • • •
to 400m (1300ft). This camera is ideal for open-area
AI-powered features for wireless RF and client connectivity optimization Eliminates the need for IoT gateways and the resulting complicated network management requirements, allowing IT teams to easily connect a diverse set of IoT devices and sensors that utilize different protocols The support of Wi-Fi, Bluetooth 5 and Zigbee protocols on the new APs allow organizations to connect with 74% of today’s IoT devices. Wi-Fi 6 offers improved battery life for battery powered IoT devices. The protocol allows IoT devices to remain inactive until data needs to be transmitted. As a result, battery powered IoT devices realize a significant power savings, reducing the maintenance windows for IT staff. The efficiency improvements in Wi-Fi 6 amount to a faster performing and more efficient infrastructure as well as an enhanced experience for all the clients on the network. Ideal for high density environments such as higher education, retail branches, hotels and digital workplaces State of the art security with WPA3 and Enhanced open
26 | April 2019
surveillance such as airports, harbors and highways, and its robust design can withstand the toughest weather conditions including wind speeds up to 245 km/h (152 mph). Key Features: • OptimizedIR 400m (1300ft) • 1/2” sensor for high light sensitivity and dynamic • Compliant with MIL-STD-810G and NEMA TS-2 • HDTV 1080p resolution, WDR, Lightfinder and 30x optical zoom • AXIS Guard Suite analytics included
UPTO
10TB CAPACITY
SUPPORTS UPTO
64
CAMERAS
247
OPERATION
READY FOR
NVR, DVR HYBRID DVR & RAID STORAGE
180 TB/YEAR WORKLOAD
UPTO
256MB BUFFER SIZE
ROTATION VIBRATION
RV SENSOR
Hardware data diodes stand up when firewalls fall down. HARDWARE-ENFORCED CYBERSECURITY FOR THE DIGITAL OIL FIELD
• Secure upstream oil and gas digital assets • Defend digital systems from external penetration and malware • Enable the transfer of valuable OT data for remote monitoring, management and system support
@owlcyberdefense
owlcyberdefense.com