6 Things to Look Out for in a Security Audit

6 Things to Look Out for in a Security Audit

Technology is both a blessing and a curse. As hardware and software solutions are continuously tweaked and innovated upon, it’s only natural that the list of risk elements to consult during a security audit will grow. What’s more, today, with IoT integration, previously “dumb” systems such as doors and fixed camera systems, now smarter than ever, there’s an added new layer of complications – and potential threats.

With that said, here are just some of the risks to look out for in a security audit, whether you perform it yourself or have an outsourced team handle it.

Permissions-Associated Risks

Cloud integration and network upgrades are all well and good, but have you updated your permissions management system and processes in accordance with these innovations? Having control over who can access what, and from where, is critical in today’s increasingly digitized operations, regardless of your business application. Whether you want to hold secure videoconferencing calls amidst this pandemic or need to limit access to sensitive files for a new hire under probation, not managing permissions in a proactive, efficient manner is a huge gamble to take.

Info Leaks and Insufficient Training in Best Practices

Need to maintain compliance with strict regulations regarding the handling of files, internal communications or otherwise? A thorough security audit can help you determine whether you and your employees are meeting requirements. One of the most common threats to corporate security is information leakage, and the primary cause of this is inadequate training and failsafe systems. In a world where competitors are a dime a dozen, staying on top of training by keeping all employees on the same page can standardize the way internal data handling processes are carried out.

Access Abuse and Hints of Internal Espionage

A security audit can also help you uncover threats of espionage, internal saboteurs and other serious problems. By keeping tabs on what employees are accessing internally, how frequently, and who they’re sharing information with, it’s easier to identify when data is being transmitted to unknown IP addresses, which can be checked to determine the rough location of the recipient’s system. If you have established processes that employees follow for communicating with one another, requesting information or otherwise already in place, they can help the auditor identify red flags even more quickly and accurately.

Physical Security Threats

Is that smart key fob scanner acting up? Or, what if one of your security camera systems has a connection issue that impacts performance? Security auditing your environment should include focusing on physical access points, all smart systems and interactive components to ensure there are no weak zones prone to breaches. This is critical to keeping your employees, property and sensitive data safe and should never be overlooked.

Candidate Screening Efficiency

Speaking of your employees, how’s your vetting process?  Are you setting appropriate conditions for applicants to ensure they have sufficient certification? Police record checks are also important. Knowing just who you’re trusting with access to internal data and communications is critical to maintaining a secure, safe and uncompromised business operation, so make sure that any audits performed go over candidate screening processes with a fine-toothed comb.

Follow-Ups

Lastly, if something is flagged as a security threat, is it being addressed effectively? Waiting even a few days after the audit can pose a serious threat in some cases, especially when it comes to data handling and physical issues such as faulty smart locks. Another aspect of follow-ups is to ensure your security protocols at least meet established local regulations, helping your business stay proactive and vigilant.

There are many more risk elements to consider during a security audit, but these are some particular standouts that should never be overlooked. By focusing on the right areas and rectifying issues quickly and appropriately, your business will benefit from peace of mind and more fortified operations. For expert assistance, contact us at Zycom today to learn about our cyber vulnerability and IT assessments.

The Shift and Lasting Impact of COVID-19 on Workforce Transformation

The Shift and Lasting Impact of COVID-19 on Workforce Transformation

Like many of our clients, Zycom was forced into COVID-19 crisis planning to protect business operations (our processes and technology) via our workforce (our people), and how we interact (people, process and technology) with our client’s. We were somewhat more prepared than some companies for the pandemic ‘new normal’ of business operations due to workforce transformation we went through over eight years ago. Specifically, we already had virtual desktop infrastructure (VDI) for our sales, service delivery and operations in production. Layered with that was migrating email and collaboration to online cloud tools like Microsoft Office 365, including SharePoint, OneDrive and Teams.

There is always a curveball or wrinkle you need to manage effectively. Our technology-based challenge was not having load-tested our IP Telephony solution to run in parallel to VDI for remote access. Our service desk is tightly aligned with our phone system. Post load testing, we were able to successfully move our remaining workforce to work from home with VDI and soft/hard phones.  

The most common problem we observed from our clients who were enabled with VDI is that they hadn’t load tested their Wide Area Network (WAN) for what if all these VDI users started working remotely versus working outside our four walls. And then it happened. A false sense of security exposed companies with hundreds to thousands of VDI enabled workforce only using VDI at the office were crippled to learn that the mobile workforce solution would only allow a small percentage of workers (some as low as 20%) to work from home based on internet bandwidth coming into the data centre.

Our soft challenge was collaboration. Like most of our clients, a small percentage of our staff were not used to or had developed the discipline of working from home. And even seasoned mobile workers were not used to working from home while having their children home at the same time due to schools shutting down. None of the coffee shops or libraries you would usually scout for ‘WFH internet backup’ during your work from home days, should your internet provider suddenly go down, were available to you. Staff used to the social aspect of working with others around them had to adjust to people working virtually around them. In time, this new reality became more ‘normal’.

Early into the pandemic and with a government-enforced stay at home orders, Zycom experienced 35% increases in call volume from our managed clients to assist with VPN configurations, and a burst of web-based email access requests. Companies started to realize their new reality required more mobility for their workforce than they had provisioned for. Suddenly our vendor partners were running low on Chrome Books, PCs, notebooks, and then used PCs and used notebooks became scarce.  If you didn’t get your end-user computing requirements purchased early, you were not getting any in time to keep your workforce productive.

Where is this new normal leading business?  A business culture that was driven to require their workforce to be in an office to work, to be productive, to see it working, are in for a revolution. As businesses and their teams adjust to the new reality, they are seeing that business can run without being confined to ivory towers, and people are becoming accustomed to the benefits of working from home. Organizations realize they can maintain productivity and eliminate corporate real estate expenses. Their people are already starting to demand more remote access flexibility. For businesses that are now working remotely, we don’t expect them all to go back to the old way of working in an office. One of our partners that preferred the physical office is considering not reopening three of its physical offices and staying the course with a remote workforce. How quickly will cultures shift? Post COVID-19 businesses will be forced to relook at their workforce and transform for our newly established reality. People will now look for jobs with lasting work from home benefits as a reason to join that company and feel safe. Organizations will need to better embrace work from home solutions as a competitive advantage and to ensure continuity of their business operations.  

Reverse Migrations vs. Cloud Integration

Reverse Migrations vs. Cloud Integration

For some business owners, it makes more sense to retain traditional operations rather than migrate everything to the cloud. Not everyone takes advantage of the same benefits in the same way, if at all, especially when it comes to maintaining compliance with established internal security protocols and the handling of permissions. This is also why many IT professionals and business owners were wary about cloud migrations when the technology was in its infancy, but this has primarily shifted. Such systems are widely adopted since maturing.

However, what about reverse cloud migrations? Is such a move worth it in terms of cost and resource allocation? Let’s explore in further detail.

Cost vs. Control: Deciding What’s Worth it for Your Business

Most businesses are debating whether to “cloud or uncloud” due to the expenditure considerations tied to each. While cloud migrations enable the use of external data centres, which helps to drive down in-house, IT costs with less internal equipment required, not every company is making the switch. A study on the subject indicates only a fraction of enterprises are doing so, still preferring to keep data provisioning and other sensitive processes internal. With as much as 80 percent of workloads remaining onsite, there is still a clear demand for in-house data management and process handling without using an externally managed tool.

The primary reasons why reverse migrations are better suited to some operations are security concerns and maintaining total control. While no cloud-based alternative can match the lock-and-key style of keeping your data internal, these solutions are designed with simplicity and smoother user experiences in mind. Furthermore, developers don’t have state-of-the-art security features and firewalls baked into the platforms. If you’re struggling to keep employees in the loop, share data, manage permissions efficiently or otherwise, streamlined cloud integration might be an ideal solution for some of your tasks. In that sense, it’s up to you to weigh the pros and cons of cloud versus unclouding, as core dependencies and risk elements will vary depending on the application of your business, how sensitive your data is, among other factors. 

Being Realistic

There’s a common misconception that “everything” will migrate to the cloud in due course. Still, such a move would drastically violate corporate privacy policies put in place to protect intellectual properties, employee data, sensitive accounts information and otherwise. A recent cloud data security report by Netwrix backs this point in spades; 48% of organizations using the cloud to store sensitive data may still consider reverse migrating back to an on-premises alternative. 

Different workloads are suited to different solutions, so while it’s essential to bear in mind that cloud migrations are a superior choice for some operations, others are just as capably managed in-house. For instance, consider the following list of reasons why a company might be more comfortable with unclouding:

  • Security concerns, especially with personal information and finances
  • Integration issues with necessary local applications and other technical hiccups
  • Staff unfamiliar with how to efficiently and securely manage a multi-cloud or on-premise network

So, What are the Arguments for Cloud?

It might sound as if we’re bashing cloud integration, but that couldn’t be further from the truth. With the right platform, professionally managed and operated proactively in terms of what data is shared, it can be a highly resilient solution for many aspects of modern business operations. This is especially true when it comes to recovering from a disaster that, if everything were handled in-house, could otherwise result in tremendous data loss or compromised security. Then, there’s the consideration that internal data centres eat into the corporate budget and take up physical space. For these reasons, many companies seek a more simplified, elegant alternative with minimal hassle. 

The debate of “to cloud or uncloud, that is the question” boils down to three key components: integration, efficiency, and proactive application. Comparing premise impacts for both scenarios in terms of spend allocation and risk management is therefore critical. In other words, do your homework, plan, run those figures, and we’re sure you can paint a clearer picture of the ideal solution for your specific operations. 

If you’re struggling to determine whether clouding or unclouding is appropriate for your needs, we at Zycom are happy to help. Contact our experienced technical team today to learn more about our security-focused managed and cloud services. 

Five Times Disruptive: Zycom Repeats as Nutanix Canadian Partner of the Year

We’re celebrating at Zycom!! For a fifth consecutive year, we have been awarded top partner honours for leadership in delivering enterprise cloud platforms in Canada from one of the top enterprise cloud leaders, Nutanix.

“It’s a Five-Peat! Thank you Nutanix and thank you to our valued clients! We are humbled and honoured to receive this award recognizing our continued growth with you in multiple markets”, said Terry Buchanan, Vice President Technology & General Manager, Zycom.

“Zycom’s technical delivery capability and continued investment with Nutanix is evident in their ability to lead sales opportunities independently,” notes Rodney Foreman, Vice President, Global Channel Sales at Nutanix. “The team continues to acquire new clients by applying our platform to multiple use cases and is recognized as one of our top federal partners in Canada.”

 

Nutanix and Zycom are aggressively executing on a joint business plan to accelerate growth across multiple market sectors, which is driving great customer experiences. As hyper-converged infrastructure adoption continues to rise, Zycom has established its presence as a market leader in Enterprise Cloud.

Zycom is a Nutanix Elite partner, having met criteria that covers revenue and depth of engagement. “Zycom has consistently been a top partner and is recognized for its broader value proposition,” added Foreman. “They collaborate with us on strategic initiatives and innovate to bring new Nutanix services to market like Managed Services and HCIaaS built on the Nutanix platform.”

“Disrupting traditional IT Cloud consumption models is made possible with our great partnership with Nutanix and that disruption has led to rapid growth for Zycom”, added Buchanan. “This recognition expresses our freedom to build enterprise cloud platforms that innovate how our customers run their business-critical workloads.”

Zycom is pleased to be part of our client’s journeys in IT Transformation.  You can learn more about some of those journeys via case studies here.

About Zycom Technology Inc.

Zycom is a leading Nutanix Elite partner. Zycom’s focus is on helping companies ‘evolve’ from managing and maintaining existing IT infrastructure, to enabling business growth through innovation. Businesses engage with us to transform their existing IT infrastructure to cloud-ready platforms like Nutanix. This engagement is the result of our unique & deep HCI experience working with a diverse range of customers from both large organizations such as the federal government to small and mid-market companies. Learn more at www.zycomtec.com/nutanix or follow us on Twitter @ZYCOMTechnology

Related links

https://www.nutanix.com/2018/05/16/partner-power-display-next-new-orleans/

https://www.nutanix.com/next/

https://www.nutanix.com/2017/07/06/partners-shine-next-2017/

https://www.nutanix.com/2016/07/01/nutanix-now-2016-partner-awards/

https://www.nutanix.com/2015/06/16/nutanix-now-partner-awards/

https://www.nutanix.com/2014/04/11/nutanix-now-recap-of-our-first-partner-conference/

What Is 3rd Platform Computing?

Information technology (IT) has evolved at an increasing rate. This evolution as gone through numerous phases that include the introduction of mainframe computing and the personal computing revolution that soon followed.

Now, 3rd platform computing is ushering in the next stage of this evolution. It’s a result of the advent of mobile computing, cloud-based services, social networks, and Big Data.

Understanding 3rd platform computing, its impact on how businesses operate, and how to meet the changing needs of your business and its customers is critical to your success.

The Birth of 3rd Party Computing

This shift in computing began around 2007 when the term “3rd platform” was first used by the International Data Corporation (IDC) to describe new technologies that were shaping how businesses and the public access data and technology.

Cloud computing allowed businesses to move their data away from on-site servers while increasing its accessibility from anywhere in the world and on any device. This made it possible to solve problems that they were previously unable to address.

As a result, cloud technologies have become stable in strategies that businesses use to manage their ongoing operations.

Software and hardware have also changed in response to the growth of 3rd platform computing. The needs and expectations of businesses and consumers have forced them to realign their products and the ways in which they work.

Why the 3rd Platform Matters

The ways in which mobile computing, social networking, Big Data, and cloud computing are changing how businesses operate is critical to competing within your marketplace.

The growth of mobile devices that include smartphones, tablets, and wearable technology has increased the financial resources being allocated to IT systems.

Over time, more online users will access online data using mobile devices than with traditional laptops and desktops.

Social networks continue to grow all over the world. This is especially true in areas that include Africa, the Middle East, India, and China. Businesses operating in a global marketplace can’t afford to overlook the importance of 3rd platform computing.

This dramatic growth will continue as 3rd platform technologies evolve alongside the changing needs of businesses and online users.

New markets that are developing will impact how 3rd platform computing evolves. Investment in cloud services and mobile devices are growing at a higher rate in these markets when compared to developed marketplaces.

How to Prepare Your Business for the 3rd Platform Shift

There are ways that businesses can align their operations and objectives with the shift towards 3rd platform computing. Software as a Service (SaaS) tools help you access the tools you need at a reduced cost and with increased efficiency.

SaaS services can be used to optimize areas related to sales, accounting, and email communications.

Other services such as Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) improve the use of databases and business applications.

Overlooking these and other 3rd platform strategies can cause businesses to lose revenue and market shares.

3rd platform computing helps organizations recognize market patterns that improve their marketing strategies and achieve a leading edge over their competitors.

By understanding and leveraging 3rd platform computing, you take advantage of this new phase in the evolution of IT. This gives you the resources you need to streamline your daily operations and increase your revenue.

3 Common Network Issues For SMBs

The success of today’s businesses is rooted in the ongoing performance and management of their networks. The issues that can affect business networks can lead to costly and long-lasting issues.

This is especially true for small- and medium-sized businesses (SMB) that may lack the resources to resolve major disruptions to their operations.

That’s why it’s important to understand the following 3 common network issues that impact SMBs across all industries. You’ll protect your organization while responding quickly to any issues that could potentially arise in the future.

  1. Spyware and Virus IssuesThe ability of today’s businesses to prevent spyware and virus issues has improved in recent years. But the threat these viruses pose to the networks of SMBs still exists.

    Many operating systems have some form of anti-spyware protection included. But these may not be enough to keep SMBs safe from attacks. Older networks may not be equipped with adequate safeguards.

    Viruses can affect your business despite the use of firewalls, antivirus applications, and routine patching. As a result, SMBs need to make sure that these and other tools are configured correctly and maintained over time to prevent the corruption of their networks’ configurations.

  2. Security IssuesNetwork security is more critical than ever in an age where data breaches and hacks seem to occur at an increasing rate.

    Firewalls and other protective systems can reduce the risk of a security issue, but businesses must always work to keep their networks safe from internal and external intrusions.

    Proper configuration of permissions and credentials can improve your network’s security by monitoring and controlling access to data by users logging into the network.

    This protects the information related to your business as well as those of your customers, vendors, and business partners.

  3. Failing Routers and SwitchesProblems related to your network’s routers and switches can lead to a wide range of performance issues.

    Email, Internet access, and other activities may fail to work properly. This disrupts your business operations and causes you to spend limited resources trying to identify and then correct the root causes.

    Failing routers and switches may need to be replaced, so it’s important to recognize them early on. SMBs that have to reboot their routers and switches frequently may have issues related to power fluctuations while also facing a potential failure.

Insufficient Bandwidth, failing network interface cards (NIC), and IP conflicts are other common network issues that SMBs can face. These interfere with your network’s performance and disrupt your business, leading to time-consuming and costly repairs.

Recognizing these issues and implementing effective responses is essential to the ongoing success of your business. By preventing these 3 common network issues, you maximize the performance, productivity, and efficiency of your entire organization.

What Is An IT Assessment?

Assessing the information technology (IT) of your business reduces the costs associated with IT issues that impact your network, data security, and other factors.

A comprehensive IT assessment identifies potential risk factors while helping you and your team develop an effective strategy for managing and scaling your business.

The following will help you understand what an IT assessment is, the benefits it provides, and the issues you need to be aware of when managing your organizations over time.

Implementing the Right IT Assessment

The IT assessment process must consider a wide range of elements related to your business. IT goes beyond the hardware and software used to maintain your daily operations.

An assessment looks at the processes, individuals, and policies that ensure your IT department achieves optimal performance each day. These factors must be aligned with the needs of your business as well as its short- and long-term goals.

The following are the areas addressed by an effective IT assessment:

  • Potential risks
  • Existing IT policies and strategy
  • Internal capabilities
  • Current IT costs and returns
  • Data security
  • Management of technology (mobile devices, remote access, etc.)
  • Network design and infrastructure

Internal and external access risks are assessed as well as the security measures that you have in place to protect your network and its data.

Server access and policies related to passwords and administrative rights are other aspects that must be assessed to ensure that your network is safe from any potential threats.

The arrangement of your network (topology) must also be analyzed. The communication between internal devices and your server, as well as external communications between different locations, is critical to the ongoing security of your network.

Practices related to backing up your data and the tools used to store and manage it are reviewed during an IT assessment.

IT support, reporting, and capabilities are considered to ensure that any issues that may arise in the future are addressed quickly and with minimal disruption.

Prioritizing the Findings of Your IT Assessment

It may be difficult to implement all of the action steps required after an IT assessment. So it’s important to prioritize any issues according to the needs, budget, and goals of your business.

Any findings that must be immediately addressed should come first, as these issues can lead to the loss of data or other disruptions to your operations.

There are also factors that may not be as critical but are still contributing to problems within your IT department.

These may be affecting your network performance but don’t pose an immediate threat. Address these issues as soon as possible once you’ve corrected the more critical findings of your IT assessment.

The right IT assessment provides you with actionable steps that maximize the performance and security of your IT system.

Benefits of an IT Assessment

IT systems require ongoing management at multiple levels. This can result in complex processes that must be coordinated across different team members and departments.

It emphasizes the need for an IT assessment within your organization. More importantly, the assessor must understand the needs of your business while implementing the steps needed to create an effective IT strategy.

An IT assessment improves productivity and efficiency across your organization. It identifies weaknesses within your system that may be creating potential threats to your network.

Having the right IT strategy in place allows you to enhance the use of limited resources while improving security and increasing your revenue for the future.

Amazon Vs Microsoft: Who Will Come Out On Top For Cloud Computing?

Cloud computing has seen significant growth in its ability to meet the needs of businesses and private users. Businesses are moving applications and data to cloud-based services while improving efficiency and reducing overhead costs.

As a result, cloud computing has become a competitive arena – and businesses like Microsoft are finding ways to compete with leading infrastructure as a service (IaaS) providers like Amazon.

But who will come out on top for cloud computing between Microsoft and Amazon?

Is Microsoft Gaining a Lead on Amazon?

Amazon has led the cloud computing market by providing businesses with its Amazon Web Services. But industry leaders such as Pacific Crest Securities have speculated that Microsoft could increase its revenue enough to surpass Amazon in 2017.

Analysts are recognizing new opportunities for growth in the cloud computing marketplace. Predicted spending in this industry is expected to reach up to $239 billion within a five-year period.

Microsoft has developed an increasingly larger cloud network to rival that of Amazon. But the two companies’ cloud-computing services share similarities as well as differences that are important to consider.

Choosing the Cloud Service That’s Right for You

The needs and goals of your business will determine which cloud computing service will provide the greatest benefits over time.

There are some businesses that utilize both Amazon and Microsoft services within their operations. But for others, having one centralized provider can make their workflow more efficient while reducing the costs related to their businesses.

Microsoft and Amazon deliver networking, computing, and storage capabilities that share common characteristics. These include features related to security, compliance, and scaling.

The pricing of Microsoft and Amazon cloud computing services are also similar. Although the cost of these services has decreased over time, Microsoft has continued to remain competitive with the price drops seen in Amazon’s services.

The Future of Microsoft in Cloud Computing

Although the majority of Microsoft’s revenue comes from their sale of software products, the company is expected to achieve a new level of growth in the cloud computing arena.

These expectations for the future of Microsoft are a result of its recent performance. The company’s Intelligent Cloud segment has seen its revenue reach almost $7 billion, which represents an 11 percent increase from the previous year.

More users are beginning to have greater trust in Microsoft’s cloud services. Customers range from small and medium sized businesses (SMBs) to larger global companies.

Although Amazon’s revenue growth has decreased in recent quarters, the company is still expected to retain its position as a leading cloud computing service provider. But Microsoft can still nudge its way into the top spot and perhaps surpass Amazon over time.

Cloud computing has transformed the ways in which businesses manage, process, store, and distribute their data.

The growing cloud-computing market has been led by Amazon for quite some time. But Microsoft and other companies may soon be giving this powerhouse a run for its money while helping to shape the future of the cloud computing industry.

What Is A Cloud Ready Platform?

Cloud-based platforms are an invaluable investment in improving the efficiency, security, and productivity of your organization.

But in order to get the most out of your cloud computing strategy, you need to consider all of the factors related to cloud services before you decide which platform you’ll use.

What You Need In a Cloud Ready Platform

Today’s businesses need cloud computing services that integrate their onsite and offsite data centers while making them easy to manage from any location.

The following are just some of the features to consider when selecting your cloud computing platform:

  • Monitor, audit, and share user actions
  • Secure cloud data
  • Provide cloud storage access extensions through encryption and deduplication
  • Secure mobile data access through access control and automatic locking
  • Control the movement of data in accordance with regulations and data sovereignty laws

Benefits of Cloud Computing

These and other features help organizations consolidate their data while securely moving their applications to the cloud.

But the right platform should also let you move your data away from the cloud when necessary. This is useful in cases when changes in regulations require data to be stored onsite.

The right cloud ready platform lets you scale your organization and grow your data center. Applications can be deployed and tested quickly in response to marketplace or industry changes.

When Do You Need a Cloud Ready Platform?

Today’s businesses need cloud services that synergize with their backup and recovery, on-premises private cloud services, disaster recovery, and offsite compliance needs.

The following is a checklist that helps you determine when you need a cloud ready platform:

  1. You need an optimized backup system without the red tape. Data backups are critical to your business operations. But tapes can be inefficient and labor intensive while lacking the ability to scale according to the demands of your business.If you need a service that backs up your data along with onsite and offsite storage options, then it’s time to find the right cloud ready platform for your needs.
  2. You don’t have a disaster recovery plan in place. In the past, it was costly for businesses to protect their virtual workloads against the security threats they faced.But today’s disaster recovery solutions protect you from lasting and costly damages. They allow your business to recover from a disaster and restore your operations quickly.
  3. You need public, private, and hybrid cloud services. Public, private, and hybrid cloud solutions provide the security needed to prevent data threats through firewall management, intrusion prevention and detection, antivirus and antispyware solutions, and vulnerability scanning.

Knowing when you need to transfer your data to a cloud ready platform is the first step in improving the efficiency and security of your organization. But you need to choose the right platform in order to gain all of the benefits it provides.

Understanding the features and benefits that cloud ready platforms offer helps you determine the best choice for your needs.

More importantly, it creates a strategy that streamlines your workflow, reduces overhead costs, and achieves more revenue for your business.

  • 1
  • 2
zycom
Contact Us

© 2019 Managed IT Services - Zycomtec.com. All Rights Reserved.