GDPR

Blog, Citrix, Cloud, IT Solutions, Our Upcoming Events, Technology, Uncategorized

The Importance of Analytics


No Comments

For a lot of people, analytics can be boring. When you have something like a hybrid cloud solution, you just want it to work and let you get on with what you need to do. Monitoring and responding to security and performance issues are important, but can be tedious. And let’s face it, if something is tedious, chances are you’re just going to put it on the long finger and hope that the last half an hour of the work day will be enough to get it sorted. To help with all this, let me introduce you to Citrix Application Delivery Management.

NetScaler is a highly intuitive piece of software, providing centralised network management, automation, analytics, orchestration (not quite sure about hybrid cloud orchestration? I’ve already written a great blog on the subject)…. All of these tools can help you to support the various applications deployed across your hybrid cloud and containerised infrastructures. You might find yourself asking these questions; is whatever Alan is doing on the network any different from what he would normally be doing? Does a particular workload normally speak to this other workload? Has user experience changed over time? What applications and data are being used the most? These are all questions that, for one reason or another, can be important to ask. With Citrix Cloud Analytics, our clients can ask these important questions (and plenty more). By deploying Application Delivery Management, it is possible to gain a deeper insight into what is happening in your hybrid cloud environment.

The world of business is ever-changing and always innovative. There are new and cool apps appearing every day, promising to not only make your tasks easier, but also keep you customers happy. That’s why it’s so important to embrace digital transformation. This digital transformation is changing the way that applications, much like the ones you use every day, are being developed and deployed. The last thing you want is application downtime, since it will cost you money, and lots of it. One of the biggest innovations in the world of tech? You guessed it; cloud. This wonderful, futuristic phenomenon allows the much more simplistic deployment of applications and data centres. And Citrix Application Delivery Management will help you to embrace all of the possibilities of cloud to make that big job of analytics as easy as possible. Who knows, you might be able to actually go on holiday for once and leave the crucial job of monitoring to your assistant. I swear, it’s possible.

There have been so many changes in recent years in application architectures, which have been prompting the need for changes in application delivery services technology. With increasing demands, applications have become much more complex, which results in more complicated availability and troubleshooting. Add in the cloud, and all of this becomes more difficult. Thankfully, Citrix Application Delivery Management is here to meet the needs of your IT team. We’re all trying to move to transform our IT infrastructures by moving to cloud. And with that, Application Delivery Management  provides much more control and visibility.

Citrix Application Delivery Management allows you to proactively manage user and application security threats, improve application performance and support continuous operations through actionable insights collected across Citrix offerings. It has been enhanced to provide valuable insight into the performance and security of your application delivery infrastructure from an application perspective, defining how they map onto the ADC configuration. This makes it easier for you to determine the state of an application, and therefore use an application-centric approach to easily collaborate with application owners. With its new application health score, Application Delivery Management summarises how well an application is performing based on an industry-standard APDEX scoring. This allows you to investigate instances of user satisfaction as well as other performance metrics and assessments of security threats.

If you’re looking for seamless integration with many leading orchestration platforms that you deploy to automate your data centre infrastructure, NetScaler has it all. More and more data centres are moving towards the cloud, working towards a fully SaaS-based infrastructure model (and I bet yours is too). With that, automating all of those supporting services will become more important. Citrix Application Delivery Management is API-driven, enabling orchestration and analytics across a lot of third-party platforms. It also allows easy management and orchestration of containerised services as well as automating NetScaler lifecycle management and provisioning. That’s a lot of automation that should make your life that much easier. You’re welcome.

If you want to keep up-to-date with what’s going on with Citrix, make sure to keep an eye on our events page where we regularly share workshops and webinars to keep you in the know!

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Continuum, IT Solutions, Security, Technology, Uncategorized

How to Develop an Effective Cyber Security Strategy


2 Comments

We thought 2017 was particularly bad for cyber security threats. WannaCry (on which I’ve only just gone and written a one-year update), Peyta/NotPeyta…. The monthly rate of ransomware attacks against UK organisations increased up to 10 times the rate of 2016. But 2018 is set to beat every record made in 2017. In January alone, there were 7,073,069 attacks on UK organisations, and that number is set to soar throughout the rest of the year. The threat that a cyber attack poses is only getting worse. There were constant instances of security breaches being plastered over the news in the first half of this year alone; Ticketmaster, University of Greenwich and Timehop are only a handful of high-profile examples. So it’s not really a surprise that security and risk management were rated the most important priority in 2018 for CIOs in NASCIO’s November 2017 survey.

Panicked? Sorry, you weren’t supposed to be. In reality, all organisations- big or small- should expect a security breach at some time or another. There’s no way of avoiding it, but there is a way of being prepared. I’ll stop waffling on and get to the good stuff; how you can develop a cyber security policy and improve your best practices so that when disaster strikes, you’ll already be sorted. Mostly. (And if you do happen to face/be facing a security breach I’ve got you covered)

If you’ve got software and systems, update!
It’s really a no-brainer; IT needs to be updated regularly. Maybe in the 90s or early 00s you could get away with only updating whenever you happened to fancy the latest version of Windows to replace your current Windows 95, but it’s not the case now. With the internet, automatic updates are here to stay- whether we find them an annoyance or life-saving. Windows 10 only has two major updates a year and countless little ones that improve so much about the platform- including its security. After all, it was a dodgy unpatched Windows system that started the whole WannaCry debacle. So guys, make sure you update!

Understand the cyber security risk in relation to your organisation
Your organisation depends on a lot of things. Digital processes, data, systems, and your employees mastering the trick of gossiping and doing their work. All of these (minus the employee issue) are vulnerable to being manipulated. The whole point of a robust cyber security strategy is to protect them against fraud, theft of sensitive data and business disruption- along with the risk to your reputation along with it all. Your entire organisation has to work together to protect these vital processes from the threat. Thankfully, here at Cetus, we understand just how important it is to keep everything ticking along smoothly. In fact, we offer a complimentary security posture review to ensure that your business has the necessary security that it needs. We analyse where your organisation is exposed to security risks and provide you with recommendations on how to address them. Our finished report will analyse your network traffic to detect security threats; malware infections, usage of high-risk web applications, intrusion attempts, loss of sensitive data…. The list goes on. It will also evaluate your organisation’s end-point security, focusing on mobile management, user rights management, advanced end-point protection, patch and user rights management, and enterprise file sync and share. Importantly, the report will assess any threats posed from within your infrastructure – east-west traffic, privileged user access and user access rights. Basically, your entire infrastructure will be analysed to make sure that as little of the bad stuff as possible can breach your systems.

Taking a look at your social engineering
This is an interesting one. If you’ve never heard of this before, it’s basically GDPR handling in the office. We’ve all been panicking as we worked towards the deadline on May 25th, but privacy protection doesn’t just end there. Social engineering can be the simple calling out of a password to another co-worker behind them, or the more serious incident of pulling up a website at work and volunteering passwords and other vital information that can end up in the wrong hands. Hell, someone on the end of a phone saying the right things with the right amount of confidence could potentially sweet-talk the more trusting to give out a piece of information- and sometimes that’s all they’ll need.

Perform regular data backups
I’ll try and keep this one quick because here at Cetus we rabbit on about them all the time. Backups are great. Should you have the misfortune of having a ransomware attack, having a copy of the data that’s held hostage can be a life saver. Firstly, you’ll know exactly what data the hackers have- or if they gained access to personal information that could cause problems-, and you won’t have to worry about data loss regardless of whether you pay the ransom or not. Backups; if you haven’t got them sorted what are you waiting for?! With so many types of backups to choose from, from tape to replication (we suggest keeping up with the times and trying out Continuum), there’s no excuse not to have that sweet disaster recovery/business continuity plan in place.

Lock everything up tight
There’s no point in having the best firewalls money can buy, along with the most secure cyber security solution, and cyber attack just-in-case plan of action if a criminal can just waltz through the front door and calmly collect all of your information on a USB. If your sever room (or server part of the floor as the case may be) isn’t locked up tighter than Alcatraz then eventually there’ll be a problem. Remember, not everyone in the office needs access to the servers!

These are the most basic points to note for a cyber security strategy. Cyber threats are real and preventing attacks will always be a better alternative to reacting to one after it has breached your infrastructure. One of the most important in the list is understanding the cyber security risk in relation to your business. Make sure to book a complimentary security posture review today, and take the biggest step towards securing your infrastructure or speak to one of our cyber security experts today.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

Blog, Cetus Solutions, Cloud, IT Solutions, Our Upcoming Events, Technology, Uncategorized

Minimising That Pesky Cloud Sprawl


2 Comments

It’s one of the biggest challenges facing organisations when it comes to virtualisation; cloud sprawl. Unfriendly work portals and slow loading of documents would easily lead a whole department to seek an easier, faster way of sharing files and getting work done. And it’s a nightmare.

Picture this; you’ve just installed a new IT solution to connect the whole company. Now your employees can work from home, from a café, and sort out an urgent matter while on holiday. It’s simple to share large documents between each other. Everything is safe and secure, stored on company servers where you have full control over what data you have, who can access it, and where it goes. Except the whole system is a shambles. It’s not user friendly, employees have to spend minutes waiting to load simple documents, and everyone is just sick of it.

It’s easy for your employees to get caught up in the hype of cloud; once you start thinking about it, why wouldn’t the future be cloud-first? The result; they start storing sensitive files in free ‘cloud systems’; Google Drive, Dropbox and anything else that takes their fancy. It’s a GDPR nightmare.

We are talking about unregulated and unapproved cloud solutions that are used; from CRM to email to marketing automation to document storage. The consequence of these poorly managed, end-user cloud solutions and deployments results in redundant, fractured and inefficient cloud systems – and your IT department has no control over them. It’s an issue, and one that needs attention as soon as possible. So how do you go about minimising that pesky cloud sprawl?

Survey your applications
First of all, it’s crucial that you survey all of the applications and resources that your employees use to do their jobs. There are a lot, from Office 365 to Sharefile to SalesForce, and every other application under the sun. It’s important that these systems are accounted for. Administration access is another factor that needs to be refined. Often, too many employees have administrative access to your applications, making changes without the knowledge or consent of those who manage the whole lot – your IT department. Only a handful of employees should have access, and work closely with IT to approve changes following formal requests for new cloud resources.

Define your administrative role to virtual and cloud resources
Too many administrators are a big issue when it comes to virtual machines and cloud sprawl. Passwords, administration access, big ideas; when there are too many people trying to have their say and work semi-independently on a project, it’s easy to start getting confused. Assign a cloud sprawl manager to keep everything in check by managing the cloud that you have created. We’re talking no more of that crazy clutter that was taking up space in your physical data centre and the costs associated with it will be monitored, too. It’s just that easy.

Just as important is your actual cloud solution. Regardless of whether you’re considering public, private or hybrid, the trick is to avoid pre-packaged, one-size-fits-all cloud solutions. Your business is unique. It’s definitely worth your while to get an IT solution designed on the number of employees in your company and what you actually need out of your cloud solution. At Cetus Solutions, designing, building and supporting secure application and delivery platforms to fit your needs is our speciality.

Speak to one of our experts today to see how we can help you make the most of cloud.

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

Blog, GDPR, News, Our Upcoming Events

GDPR – That ‘light at the end of the tunnel’ might just be a train coming!


1 Comment

Having been asked to blog about GDPR; I decided to avoid the standard, attention-grabbing approach of stating the size of the fine for a breach of the upcoming GDPR regulation. If you’re not already aware – check your junk mail for GDPR workshop invites; it’ll be somewhere in the header or first paragraph.

I’ll start, instead, with a question: Are you struggling to get a handle on GDPR? Welcome to the club! As organisations of all sizes stand trapped in the headlights that are ‘the May 25th GDPR deadline’; who better to turn to than the Information Commissioner’s Office (ICO) for some clarity. The ICO provide a helpful ‘What’s New’ section; so, I thought I’d take a look at February’s ‘news’. It included such helpful guidance as:
The term “right” in the provision does not mean that Article 22(1) applies only when actively invoked by the data subject. Article 22(1) establishes a general prohibition for decision-making based solely on automated processing.

And:
Article 35(3)(a) refers to evaluations including profiling and decisions that are ‘based’ on automated processing, rather than ‘solely’ automated processing. We take this to mean that Article 35(3) (a) will apply in the case of decision-making including profiling with legal or similarly significant effects that is not wholly automated, as well as solely automated decision-making defined in Article 22(1).

So that was helpful.

Seeking even greater clarity, I turned to Elizabeth Denham, the Information Commissioner; who has been doing the rounds ahead of the May ‘deadline’. Ms Denham is clearly passionate about her mission, and speaks very clearly on the importance of GDPR; however, there is a degree of ambiguity in her messaging. In various blogs and speeches this year; she has provided the following guidance (which I’ve taken the liberty of categorising based on her perceived stance):

Very Hard: “Last year we issued more than one million pounds in fines for breaches of the Data Protection Act, so it’s not a power we’re afraid to use.”

Hard: “There will be no ‘grace’ period as organisations will have already have had two years to prepare.”

Vague: “Compliance should involve an ongoing effort in which organisations have to show they are putting the key building blocks in place”.

Soft: “While there will be no grace period – you’ve had two years to prepare – I know that when 25 May dawns, there will be many organisations that are less than 100% compliant.”

Very Soft: Ms Denham has said her organisation “is not planning to take a hard line on the 25 May implementation date for compliance with the EU General Data Protection Regulation”

I hope that makes things clearer for you? No? Don’t worry – you’re not alone. Cetus has run a series of GDPR workshops over the last year and they’ve been attended by a wide range of people, with an equally wide range of opinions on GDPR. These range from “it’s a disaster about to happen” to “thought I’d pop along to see what all the fuss is about”. The funny thing is that they were all correct – it’s just a matter of how well your preparations are under way that defines the potential impact to your organisation come the 25th May.

Common amongst many of our workshop attendees was the fact that ours wasn’t the first (or even second) GDPR workshop they’d attended. However, the post-workshop feedback pretty much unanimously agreed that our approach to explaining GDPR was the most helpful they’d had; but why?

Unlike others; we described how a multi-partner approach needs to be taken. We combined deep subject knowledge from a GDPR practitioner; with a holistic security approach that looks to redefine an organisations digital boundary. At the end of the workshop we’d provided clear, practical next steps to allow the attendees to prepare for the deadline.

So, is GDPR just a legislative thing? Once again, I would like to quote Elizabeth Denham – “Only one in five people in the UK trust organisations to look after their data”. That’s a pretty miserable statistic. You might ask yourself – are you one-in-five, or are you one of the untrusted 80%? It could be more important to the future of your organisation than ‘mere’ legislation.

Speak to an expert