All posts by Damien Garvey

How Unpatched Software Give Way To Data Breaches?

It is a fact that IT related business is growing by leaps and bounds, and has changed the usage of organizational devices significantly within the last decade. With the growth of business, it has become essential to have some security measures. IT professionals have warned about risks associated with hyper-connectivity. Enterprises face great risks because the shortcomings of unpatched software are exposing data to cyber crime attacks. Therefore, it is the need of the hour to use advanced systems for data security.

Windows XP has lost its value due to security issues and instabilities which are associated with the operating system. When an OS developer like Microsoft cannot provide patches and critical updates to cope with security issues, the need for a new and well-defined operating system emerges.

What are the consequences of data breaches when complying with HIPAA (Health Insurance Portability and Accountability Act)?

HIPAA Breach Rule

HIPAA is an act related to accountability and health insurance portability. In order to give maximum protection and privacy to health information, federal law has set some rules and regulations. OCR (Office for Civil Rights) is responsible for enforcing security law. For data security, OCR gives notification to organizations when certain information is breached. When businesses do not apply latest software patches, customers could get affected by data breaches and their social security numbers and/or credit card numbers could be stolen; and as a result, HIPAA penalty could be levied. Organizations have been fined by OCR because many have become the victim of malware caused by failure in selecting software patches.

It is notable that HIPAA or OCR does not inform organizations to keep their software updated. When companies do not pay attention to software flaws and keep on working with patching software, issues such as data breaches become unavoidable.

How to Run System Smoothly?

To check data security, it is significant to use vigilant approach and observe applications of third-party against protection vulnerabilities. Unsecure data can be the result of supportive software or operating system that is functioning in the environment. To cope with data issues, security updates and advanced patches should be applied. For a small business or an enterprise, assistance of IT administrator is the only solution to get peace of mind.

In a nutshell, the penalty of data breaches should not be only in form of levying fines, but there must be some rules to meet the demands of industry. Organizations know methods to find out security risks and satisfactory solutions. In other words, patch your software and use updates to keep your data safe and secure. Organizations can improve ways of data protection by using cloud computing. As compared to public cloud, private cloud using companies are much more satisfied with security of data.

Understanding Architecture, Management and Chargeback Issues

The what, where, when and how of the cloud are persistent questions that must be answered correctly if a cloud deployment is to be successful. But, misconceptions can be handicaps and organisations often labour under a number of misconceptions. A little understanding of cloud architectures, management and chargeback can be useful in selecting the best fit solution to their needs.

Managing and using different cloud architectures

The cloud has evolved from the convergence of a number of technologies and approaches to computing. The underlying architecture is similar to and different from existing computing models and impacts on the operational and technological approaches to network configurations and security practises. Like all computing systems operating over a network, the cloud consists of a back end [the remote server(s)] and a front end (the client computers). The connecting network is the Internet. The servers, the applications and the storage devices at the backend provide a cloud of services to the customers. Cloud computing systems that cater to multiple clients are known as “public” clouds. When an entire cloud service system is dedicated to a single client, it is known as a “private” cloud. Hybrid clouds combine features of the public and private clouds.

The client machines connect to the remote server(s) and the applications using software called an “agent”. The agent is a special kind of software, known as middleware. It enables IT Administrators monitor traffic, administer the system and set rules and regulations for access and use of the information stores available in the remote server.

“Utility computing” is the unique selling point (USP) of the cloud. Organisations signing up for cloud services agree that the cloud makes it easier for the organisation to track and measure IT expenses per business unit. Chargeback becomes simpler as it is metered like electricity on a “pay per use” basis.

Chargeback mechanisms in the cloud take into consideration two factors:

What are the resources and metrics for chargeback?
How to account for excess capacity that is supplied on the fly?
The chargeback system is built on the assumption that customers tend to use average capacity rather than large capacity and hence offering scalable services does not automatically result in extensive usage of resources. Further, cloud vendors understand that successful chargeback systems separate infrastructure costs from service costs and that shared infrastructure is a combination of fixed and variable costs in which the percentage of fixed costs will decrease as number of users increase. Pricing will consequently, be, unit tiered; bundled or pay per use.

The Benefits of Cloud Based Email

Cloud based email providers have been growing in leaps and bounds. Today, there are a variety of vendors that provide cloud based email based services. These cloud based email services offer the end user many benefits by accessing the cloud technology.

For example, some providers offer a cloud based storage and collaboration service as part of their email package. This allows the end user not only to store and access their documents in the cloud, but also allows them to collaborate with multiple users, all over the world. Documents can be created in the cloud as part of the company’s email package, and of course once they are created, they can be safeguarded. This is a major convenience which the cloud technology makes possible.

The widespread use of cloud based email service has led to the production of computers that rely primarily on access to a cloud based email service. This is not surprising because more and more people are relying primarily on the cloud to create and store their documents. This is just one example of how the cloud’s reach has been spreading and of the success of the cloud revolution. As time goes on, both companies and individuals, are realising how cloud technology can be a useful tool in regards to the email services they may have.

In fact, some companies are sensibly introducing cloud based email as a back up to their primary email service. That way, if there are any problems with their main email, the cloud based email will be available. Cloud based email also makes it possible for companies to offer email services to employees who may not have a business email account.

In addition, many cloud based email services offer consumers a variety of other benefits as well. Some of these benefits includes day and night customer support by phone or email, anti-spam and virus support, mobility features which include email synchronisation and service level agreements which guarantee almost 100% uptime.

There are many cloud based mailboxes to choose from. Some of these include the extremely popular Google Gmail and the Microsoft Exchange Server. Users are able to migrate mail to their cloud based mailbox from other mailboxes. Another advantage is that these mailboxes that can be tailored to meet their storage needs and permit large attachments.

Ultimately, it is up the end user to choose the cloud based mailbox that best suites their needs. However, whatever they decide to choose, the benefits of cloud based mailboxes and email services are undeniable. Going forward, more and more companies and individuals will make the switch to cloud based email.

Why Are Companies and IT Professionals Reluctant to Use the Cloud?

For a variety of reasons, today, many professionals are reluctant to use the cloud. In fact, a recent IDG survey revealed of that of 153 IT professionals, most of them are reluctant to use the cloud to store data and that only 13 percent of organisation store their files in the cloud. The good news is that as time goes on, more users will become less reluctant to use the cloud; and will realise why it is beneficial for them to access this cutting edge technology. But, what are the underlying reasons why more companies and professionals are not using the cloud?

Perhaps part of the reluctance stems from the fact that like any new technology, there is a fear of the unknown. This fear of the unknown and using a new technology breeds mistrust. There could be a fear of losing data, of not feeling secure that transferring their files to the cloud will ensure that their data is safe.

The reluctance cannot stem from the cost of switching over to the cloud. Switching over to the cloud is a cost effective way of doing business that does not require a major capital investment. It allows businesses to store their data and access it instantaneously.

It could also not be due to a lack of flexibility. The cloud allows IT users and businesses a great deal of flexibility, particularly frequent business travellers. For example, with just a handheld device like a smart phone and access to files in the cloud, employees can be anywhere in the world accessing the data that they need for a meeting, briefing, seminar or workshop. The cloud frees them up from carrying files with them or even taking a laptop or tablet. Accessing data on a smart phone allows business travellers to communicate and collaborate with their colleagues wherever they happen to be travelling.

So, whatever the reluctance may stem from, there is a need to tout the benefits of the cloud to those who don’t yet see the benefits of using it yet. Perhaps it is just a simple matter of a lack of awareness. Many end users might be using cloud technology without even being aware that they are using it (Google docs for example or the Kindle Cloud reader being prime examples). Perhaps, it is just a matter of informing them of what cloud technology is all about; and how it is already being used for a myriad of reasons. Once they are aware, the fear of the unknown may dissipate.

Whatever the case may be, the reluctance by some IT professionals, organisations, and end users will most likely dissipate over time as they overcome their resistance to this new technology. The benefits of using the cloud far outweigh the disadvantages; and as an awareness of this fact grows, so will the number of users of the cloud. Therefore, the cloud has a bright future.

The Role of Cloud Brokers in the Cloud

As cloud computing grows and people (and companies) start using multiple cloud based accounts, there is a growing need to streamline their accounts or port their data over from one cloud to another. Cloud brokers can help with this task, but do they provide a definitive answer to this dilemma?

These days, many people have more than one cloud based accounts and may want to link up their data from the various cloud based services that they have. Or, perhaps they might want to transfer their applications and virtual services over from one cloud service provider to another. In addition, they may wish to discontinue their service with one cloud vendor in favour of another. Essentially, they want an account that is portable that allows them to easily move between cloud vendors. However, this can present a variety of problems because different cloud vendors may have different standards, making it difficult to make the switch smoothly.

Cloud brokers have stepped into this breach to offer services to take resources from different clouds and making them available so that end users can access them as if they were one; and not numerous clouds. These cloud brokers act as a technological middlemen between cloud based services. The cloud broker facilitates a dialogue between several clouds that the end user interacts with. However, it is the cloud broker and not the end user who will act on their behalf as a go between; and the advantage to the end user is that they will not have to interact with multiple cloud vendors. This is certainly a beneficial service.

Even though cloud brokers offer a necessary service, it is not a foolproof solution to the question of portability because it does not address some fundamental or underlying problems in the cloud vendor industry. What is needed is a common standard between cloud based companies to make it easier for consumers to port their data and services over from one company to another. Currently, many organisations (like the Cloud Security Alliance and the European Telecommunications Standards Institute) are being formed (some already operating) to examine how this can be done and how common industry standards can be developed among all cloud based companies. But, will the industry embrace these standards?

In the meantime, cloud brokers are a reasonable solution providers, but ultimately, developing standards for all cloud vendors that make it easy for users to transfer their services, and data from one vendor to another is the best solution. Until that time, cloud brokers provide a reasonable interim solutions.

Top Ten Reasons to Leave your Cloud Backup Service Provider – Part II

In Part I, we discussed the five reasons that would make you leave your cloud backup vendor. They included:

1/ The lack of all operating systems support, mobile device support;
2/ Too much focus on appliances;
3/ Agreements not being executed as per SLAs;
4/ Confusing pricing structures; and
5/ Treating archived data and active data same way.

Continuing on this list, the remaining five reasons are:

6/ Bandwidth – Does your vendor throttle your bandwitdth connections? Remember that it takes days and weeks to recover data from an online depositories; and your Internet connection should be fast. Your backup vendor needs to optimise their bandwidth using the latest technologies for better data transfer in your network.

7/ Data Centre Location – At least one copy of your data should always be stored far away from your primary source data. It is recommended that your secondary storage to at least be 2,000 miles away from your primary location. Does this vendor have a geo-dispersed secondary data centre?

8/ Vendor Lock – Is there flexibility for your data? Do you have the ability to backup your data in private, public, or hybrid or a combination of two or more? Is it possible to deploy a third party solution as add on, for instance, salesforce.com, Google Apps, etc?

9/ DRaaS – Disaster Recovery as a Service is not offered by this vendor due to the limitations of the software. In case of a disaster, you need to make sure that your data becomes available quickly and that you are covered for disaster recovery and business continuity. Your vendor always talks about backup and avoids discussing recovery. If DRaaS is not provided, how are you going to recover after a disaster hits? You must be able to instantly access critical data within minutes of a disaster.

10/ Periodic Research of the Vendor – Relationship stays healthy if it is monitored. You need to research about your vendor periodically. If too many complaints are published on the web, or at the local better business bureau (BBB) or at the consumer protection agency, it is a clear indication what is happening at the company. Check to see if the vendor is engaged in the industry. Does the vendor issue frequent meaningful press releases? Does it participate in forums and webinars? Does the vendor post educational blogs and articles on a regular intervals? How about case studies and whitepapers? Any social media activities?

Conclusion
Business relationships are critical for both a vendor and a client to be happy and stay in the relationship. Vendors should be responsible to delivering quality services as agreed to in the SLAs. Service providers should be able to deliver the same quality service to all clients no matter how small or big an organisation is; especially, in the case of a disaster or a virus attack. The vendor should try their best to understand the clients business needs, goals and challenges (including the IT competency levels) and work with you efficiently.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal