Security

Blog, Cetus Solutions, Check Point, IT Solutions, Security, Technology, Uncategorized

Here Phishy, Phishy, Phishy….


No Comments

A couple of weeks ago, there was a mandatory ‘here’s how to help keep the company from falling prey to cyber attacks’ lecture at Cetus. We all trooped downstairs, cramming into one of our board rooms, mugs clinking and teas sloshing. One of the lovely ladies from Barclays came in to give us a word of warning- or forty- on how to spot nefarious activity and not fall prey to a scam. By the end of it we were all ready to delete our Facebook, Twitter and Instagram accounts, never use an ATM, and I seriously started questioning my role within social media. It was quite the terrifying afternoon. Between social engineering, ransomware and phishing, it’s a miracle we all aren’t in debt from scammers. But the most terrifying aspect was learning just how prevalent phishing attacks are.

Big ransomware scams make the news constantly- splashed across the news, Sharon from HR standing at the water cooler to share the details in whispers to anyone who passes by- but phishing is the bigger threat here. In reality, a ransomware attack usually only demands several hundreds of pounds from the organisation it invades, while a phishing scam generally scams thousands of pounds from the victim. Not only that, but it’s easier for the cyber criminal to carry out a phishing attack. Now that I’ve given you something short of a heart attack (sorry), let’s turn this around shall we? Here are a few key ways of keeping you off the phisherman’s hook.

Beware of the sender
It doesn’t really matter whether it’s personal or corporate, receiving an email either makes you want to go on an extended holiday or celebrate. At work you’re usually too busy opening and replying in record time to get on with the mountain of tasks that grows with every email. It’s fair to say that you don’t always check who the sender is. I mean, we’re all weary of any Arabian Prince trying to get into contact, but aside from that we’re pretty chill for the most part. If they’ve gone to the trouble of finding your email address (I still can’t figure out how people manage to find me) then chances are they really need to chat, right?

Depending on how much of a nightmare you are in life, you probably won’t know the hacker. So before you jump into your emerging pile of unopened emails, take a quick look. If you suddenly get an email from someone you don’t speak to regularly on the topic of something that you don’t normally think about, be slightly weary. Check the sender’s address- does it look a bit weird? Is there a random ‘0’ instead of an ‘O’? Could that ‘i’ actually be Vietnamese character ‘ỉ’? Is there an extra letter or number in the address that shouldn’t be there? If you see one of these little tricks, bonus points for your great eyesight, and definitely get the email checked out.

‘I get scammed with a little help from my friends’
Did the email check out, but you’re still not 100% sure if you need to detonate your computer immediately to avoid any viruses escaping through the network? Take a quick look at the list of people that received the email. Do you know them? Is it a strange group, ie the sales group being added one name at a time instead of the group link? The cyber criminal might be targeting a large number of people in your organisation, so if you see people on the list that you wouldn’t normally be in contact with, or from a department that has nothing to do with yours, be extra careful.

Bit of a dodgy subject line
Aside from Sharon’s bi-monthly suggestion for drinks in the pub across the way after work on a Monday night, you should really only be getting emails that directly relate to your job function. That is, unless you’re in marketing- we seem to get our noses into plenty of unrelated jobs. If you’re getting emails about things that you know you’re not privy to or they make absolutely no sense to you, don’t open it. If it’s not spam, it’ll be malware. If you do happen to open it (oopsie), check if the email is a reply to one that you didn’t send. Does the message match the subject line? A misalignment of the two should send up an army of red flags. Also, while we all have the office oddball that likes to reply to emails at 3am, is it normal to be receiving this email from this sender at this particular hour?

Attachments and hyperlinks of doom
We’ve all opened random attachments or clicked on hyperlinks that we weren’t quite sure about and sighed with relief when it was just a video of cats acting strangely. We know we shouldn’t, but that curiosity can’t be helped. Besides, it could be important, or cats, after all. A few things to check before you right click; did you expect the attachment? Is it a common file type that you would normally receive? Does it have a weird name, or strange symbols in the file name? If you answer yes to these, maybe don’t open it. It’s quite likely to be malicious.

Not quite what you were expecting?
If you receive an email that contains unsettling, startling or urgent content that requires immediate action on your part, it’s most likely a phishing attack. There have been so many of these popping up recently, panicking the nation. At the moment, a common scam is an email from your bank claiming that your account has been hacked and you need to login straightaway, or even move the rest of your funds to another account. For the Netflix lovers among you, there have also been emails being received saying that billing information needs to be updated. Don’t fall for it. If the email includes a link to login or change account details, be extra weary. Don’t use links, web addresses or phone numbers.

Keeping yourself protected from any cyber crime can be a scary business, but even more so when it’s something you could very well unwillingly stumble into. It takes more than trusting your spam filter to keep yourself safe, having a strong cyber security solution is crucial. We work very closely with Check Point to craft solutions that stand tall against phishing, ransomware bots and all kind of nasties, using their SandBlast advanced endpoint threat prevention. Have a chat with our experts to see how we can whisk some cyber security into your perfect infrastructure solution so that it’s one less thing you need to worry about.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Citrix, Cloud, Cloud Hosting, IT Solutions, News, Our Upcoming Events, Technology, Uncategorized

Citrix Summit 2019 from a Citrix Platinum Partner Point of View


No Comments

There are very few events throughout the year that get us super thrilled here at Cetus/instrato. Even fewer that we prepare for months before the actual event (aside from IPEXPO, which is a whole other story). But when it comes to Citrix Summit, held every January, we get very excited.

As a Citrix Platinum Partner, we stay on top of what’s going on in the Land of Citrix to make sure that we keep things fresh and up-to-date for our customers. And we’re absolutely blessed with two huge events a year to sink our teeth into; Summit and Synergy. We loved Citrix Synergy last May (and my god, we got some exciting updates on Citrix Workspace) and we’re still going on about it in our office. Of course, leaving the wet and windy UK for three days to fly to the US is a major bonus too!

As always, this year’s Summit is being held in Orlando, Florida, from the 7th to 9th of January- what a way to start the new year! Unlike Synergy, which is for customers as well as partners, Summit is only an event for partners, like Cetus, who promote and sell the Citrix Vision. And as always, we’re sending a little group of top Cetusites to go, explore and bring back the very best of Citrix.

The event is three days of inspiration, information and networking to bring the Citrix game to 100. Crazily, we’re expecting over 300 hours of training and hands-on learning, which we’ll be incorporating into all things Citrix when we get home. The event is a great way to build relationships with the biggest and brightest minds of Citrix experts and business leaders. From the opening keynote, which is always one of our favourite moments, to the breakout sessions, having those nagging questions answered at a Round Table, or just getting immersed in the hottest topics in the world of IT solutions in the Citrix Talks panel discussions, it’s going to be a crazy week. It’s events like Summit that inspire us to look to the future and adopt the latest and greatest ways of working.

One of the best things about being a Citrix Platinum Partner is the ability to really consolidate what we learn at Citrix Summit and Synergy into the huge projects that we work on. Having that foundation on which we can build our expertise is priceless, but a fair portrayal of how much we value Citrix itself as our partner. We know that having the title of Citrix Platinum Partner assures us that we’re in the best of hands, which means that our customers are, too.

When it comes to instrato, we work exclusively with Citrix and Microsoft Azure to get the optimal combination for a cloud deployment, so the fact that Microsoft will be attending makes our little cloud-enthused hearts flutter. In fact, cloud and cloud-based applications features heavily in the session previews, further strengthening its position as the future of IT. No doubt those sessions will be popular, including Citrix Talks to discuss cloud transformation projects.

You can be sure that, once we shake the jet lag, we’ll be incorporating all the latest updates and features into the solutions we design. If you want to hear a bit more about what you can expect from Citrix (and Cetus!) in 2019, have a chat with one of our Citrix Platinum Partner experts, and register for the Summit update events we’ll be hosting when we get back. We’ll see you then!

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Check Point, IT Solutions, Security, Technology, Uncategorized

Skyscraper: When Cyber Security Goes Wrong


No Comments

It was one of the biggest blockbusters of the summer. Dwayne Johnson’s Skyscraper thriller grossed $304.1 million during the hottest summer in living memory. Honestly, it probably would have made more, but for the fact that half of the UK population was sitting in any available patch of sun with a beer in their hands. I was one of those people, although with fruity cocktails instead. That was when I wasn’t in the office writing witty blog posts on Citrix Workspace, of course. Alas, while I had every intention on going to see the film, I never got around to it. So it was my pleasure, two Saturdays before Christmas, to snuggle in my pjs and pop it on (I lead the most exciting life when I’m not in the office). Well. While it’s action-packed with an interesting futuristic spin, I couldn’t help but spend the whole movie pointing out, sadly to no one in particular (I’m going to have to get a cat), all the various cyber security blunders that Johnson’s character made. Not one to waste my breath, or a good writing idea, I’m going to lay it all out in this blog post so that you can giggle along with me. Before we go any further though, there may be a spoiler or two, you have been warned.

In a nutshell, Johnson plays ex-FBI hostage-negotiator-turned-private-security-expert Will Sawyer, who gets called to Hong Kong in order to assess the security of the world’s tallest skyscraper. The Pearl, 225 stories and a whopping 1,100 metres tall, needs an inspection of the upper residential half before it can be opened to tenants. Since we are, after all, living through the ‘IOT for all of the things!’ revolution, no matter how mundane the appliance, it’s no surprise that the Pearl was built with tech in mind. It’s basically a giant computer, full of safety features and automations that make living and working there slightly more exciting than your average building. We saw absolutely zero evidence of it, but I’m still sure the lights turn on and off by clapping your hands. Anywho, we see Sawyer being given a tablet that controls the entirety of the 225 floors and shooed out of the door to go inspect the offsite security centre that controls the skyscraper. The tablet, obviously, isn’t in his possession for long, as it gets robbed by a group of terrorists who succeed in burning down the $200 billion structure with it. The sad part is, if the IT department had deployed a better cyber security solution, it could all have been avoided. Typical.

Who needs an effective authentication method, am I right?! This was mistake number one. For some incomprehensible reason, the only way of unlocking the tablet that controls the entirety of the building is via facial recognition. That’s it. Sure, in cinematographical terms this looks the best. It’s impressive and futuristic, suave and savvy. It’s every nerd’s dream. And facial recognition as part of multi-factor authentication is really effective. In the blink of an eye, it can analyse billions of tiny little markers on your face to unlock your device. But who on earth would think that it would be enough? For god’s sake, just signing into my Facebook requires my password, mother’s maiden name, list of my three favourite chocolate bars (in order) and the promise of my firstborn. Truth be told, facial recognition alone was irresponsible, and about as effective of protecting all that important data as using ‘1234567’ as a password. Hell, put a photo of Sawyer in front of the camera and that would probably fool it. There are so many effective ways to authenticate identity (I wrote an entire post on it). Why not have a secondary form of authentication, like having a password activate on Sawyer’s smartphone? That would have been clever.

Mistake number two; not informing the IT department of the breach. Err, this should have been the first point of call when Sawyer’s tablet got robbed. Instead, being the idiot that he is, he threw caution to the wind and went running off to save his family. Just one minute on the phone to IT and they could have stopped the disaster that was about to unfold. A good cyber security solution would have removed access to the tablet in a couple of clicks, rendering the terrorists’ efforts moot. In fact, it would have taken no time at all to wipe the data clean from the device, essentially turning it into an expensive, albeit sleek-looking, paperweight. It does echo a current issue facing organisations in terms of cyber security; the majority of security breaches come from employees who, inadvertently or not, allow the threat to infiltrate the network. This can happen from clicking on a dodgy link in an email (it’s sadly not a video of cats acting strangely)- in fact, phishing attacks are more prevalent and more likely to scam large sums of money from an organisation. Realistically, in this situation, Sawyer seriously neglected his responsibility to inform the IT department. While he undoubtedly performed some incredible gymnastics and it was thoroughly enjoyable to watch, I would have loved to hear his rationale when all was said and done. I doubt he’d be hired to assess the security of a paper bag after that!

The moral of this story is, and I’m sure it’s what director Rawson Marshall Thurber wanted to portray; don’t let your organisation become the Pearl and burn down to the ground- make sure your cyber security solution ticks all the boxes. We work closely with Check Point to incorporate secure technology into our solutions, effectively avoiding the risks that we saw Sawyer facing in the film, and many more besides. Have a chat with our cyber security solution experts here at Cetus, and in the meantime book yourself in for one of our complimentary security posture reviews!

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Citrix, Cloud, IT Solutions, Technology, Uncategorized

The Citrix ‘Virtual Workspace’ Vision: What Have We Achieved?


No Comments

I don’t remember ever not having a computer at home. When my brother and I were little, somewhere in the rolling Irish countryside, that was technology; messing around in Paint for hours, until we were old enough to graduate to Tomb Raider (on keyboard) and whatever game demos my Dad got with his monthly PC Live subscription. If we were allowed to use the printer (that was a rare treat), we’d spend hours in Word making posters for our room, trying out every single option in WordArt and agonising over what colours we’d use- which would have absolutely no significance whatsoever since it printed in black and white exclusively. Then, as early teens, we got second-hand laptops to mess around in PowerPoint (I once did an amazing presentation on the benefits of having an allowance for my rabbit Poppy, graphics and all), and flex our creative writing muscles in Word. Back then, floppy disks were king (I still have some knocking about, storing god only knows what). Hell, I remember being 16 when my Mum bought my Dad a brand-new printer for his birthday; a super cool one that printed in colour and scanned documents and photocopied and printed wirelessly. It was amazing to have all of those features in one small device that was affordable for a modest family. And that was only in 2010!

For most of us, that was the reality until quite recently. Technology was just a cool little add-on, the ability to type out a document instead of writing it by hand, playing two-player videogames using only a single keyboard and mouse, being able to email Granny across the country- regardless of whether she’d remember how to access it or not. It was fun, but it wasn’t particularly useful. The workplace was the exact same (so I’m told); visiting the dusty clock-in machine at 9am, tapping away at an even dustier computer half the size of the desk, emailing people sitting just across from you, and finally kissing the clock-in machine goodbye at 5pm.

Last month was our Cetus Summit, a day of celebrating the achievements of the year just gone and anticipating how we can be even bigger and better in the year ahead. As part of the morning presentations, we had several vendors come and talk to us. One of those vendors was Citrix. For half an hour, they analysed a Citrix video from way back in 2001 that predicted the power and capabilities of a future workspace (if you want, you can find it here). It’s crazy to think that in 2001 we were still so behind on lots of techie features and gadgets that we couldn’t possibly imagine working without now. Anyway, since I’m betting you weren’t at that presentation, I’ve decided to do a bit of an analysis myself of Citrix Workspaces 2001 vs 2018 this week.

In the current future that Citrix had imagined (does that even make sense?), things are very 90s. Someone clearly didn’t get the memo about the segways, ripped jeans and I’d say fannypacks are the only thing from the 90s that we’d still see today (and they’re still a crime against fashion). Honestly, of all the changes since 2001, not wearing those god-awful suits is probably the best advancement. That and the awful Mercedes he drives- I swear, it’s the kind of car a drug kingpin would drive in the mid-90s. The scene is set; our protagonist, Jim, is evidently a high-flying business man, with a fancy office and no doubt an assistant. It’s the end of a workday and he’s particularly chirpy, but it’s not a Friday, so it must be a relaxed week at the office. Apparently it’s his anniversary as well, so that could be a contributing factor.

Telling no one in particular that he’s leaving work early (probably that assistant), he grabs his fancy PalmPilot-looking device and walks away, while his workspace gets transferred from his PC. Accessing your desktop via whatever device you choose is something that almost comes automatically in a virtual workspace in 2018. Indeed, Citrix Workspace makes it incredibly easy to access all of your apps, data and desktop, regardless of what kind of device. Move between your PC, home laptop, mobile or tablet, all thanks to your workspace. Getting into that God-awful Mercedes, our chirpy Jim is safety-first and pops his PalmPilot-mobile hybrid into its hands-free holder. Ever security-conscious, he accesses his device by using a fingerprint scanner. I’ve already covered multi-factor authentication (and how I feel about fingerprint scanners), and it’s no surprise that the Citrix vision of the future included biometric sign-on.

In any organisation, the ability for secure content collaboration is crucial. Jim clearly works for a huge multi-national company. On his way home, he gets a call from a colleague on the other side of the country. Some hiccup in a big deal means that he needs to try and make things happen before he can go for dinner. To fix the issue and speed the deal along, he needs to organise a conference call with colleagues in Seattle and Tokyo. Using his Citrix Workspace, he can securely call these different locations, while presenting and collaborating on documents in real time. It’s easy enough to transfer the conference call from Jim’s phone to his huge monitor- just the case of pointing his PalmPilot-thing at the screen and hey presto. I’m sure in 2001, this would have been a bizarre concept. Who would be too lazy to just turn the thing on? Nowadays, we don’t have the time to faff around with logins and transferring conference calls. With Citrix Workspace, this is a nifty little feature that’s sure to wow any newbies starting out, or even the CIO of a high-stakes partner. Honestly, try it out, you’d look terribly high-tech. Eventually Sharon, in Denver, fizzles in to add her expertise. Apparently she doesn’t have the same security clearances as the other three (is it the accent?), so Jim sets her a more limited visibility she has of the documents being collaborated on. This is also a pretty common feature of Citrix Workspace, but it covers far more than just a conference call. From a single network point, your IT department has access to, and can manage, every one of your users. That gives them the flexibility to automatically grant every user with unique levels of clearance depending on their job necessities. Sharon in HR doesn’t really need to know what’s going on in boardroom meetings, now does she?

During the conference call, they get interrupted by a failure. Now, here’s where Citrix were a tad bit off in their predictions for today’s technology. In the video, Jim can hear his colleagues as they question the foreboding ‘Switching to backup data centre’ flickering on the screen for a moment or two, before the rather more cheerful ‘Backup now active’ signals the return of the call. It’s not the case now that a failure would cut the call instantly until the WAN came back to life- thanks to SD-WAN, a failure of any kind would not even be noticed, simply switching to the secondary system component. In today’s workspace, Jim and his colleagues wouldn’t be the wiser, with zero stalling, pausing or loss of quality to signal the switch.

A lot was covered in that short seven-minute video. But it’s clear that in 2001 Citrix had a vision. It was a vision of revolutionising the workspace to make it bigger and better than ever before (and keep ill-fitting suits in fashion). And it’s a vision that continues to look to the future in order to start making advances towards it now. Here at Cetus, we’re big believers in the Citrix vision. So much so that we’re one of the few Citrix Platinum Partners in the UK. We believe that Citrix is the future of the workplace, and we want to work with you to unlock those possibilities. Our experts are Citrix-centric, so click over here to have a chat and see what Citrix Workspace can do for you.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cloud Hosting, IT Solutions, News, Our Upcoming Events, Technology, Uncategorized, VMware

VMworld 2018 Keynote


No Comments

So here we are at VMworld 2018 in Barcelona for VMware’s 20th anniversary and the 10th annual VMworld in Europe. With just under 12,000 attendees, the relevance and importance of the VMware strategy in helping businesses of all sizes grow and transform is clear to see everywhere you go. Pat Gelsinger took to the stage to layout his views and VMware’s strategy highlights for the coming years. For those that have not made it to VMworld before, the main keynote is quite high level and is followed by a number of ‘showcase’ keynotes that focus on the core areas of the VMware portfolio such as Security, Hybrid Cloud and EUC etc.

Pat showed how VMware has constantly driven to help businesses bridge gaps between innovation silos and highlighted three key ‘acts’ in the VMware history:
1. Server virtualisation
2. BYO/EUC
3. Networking
The message that organisations need to deliver both profit, as well as look after its people was clear; a fully engaged workforce will lead to innovation and transformation, which will lead to a more profitable business.

Technology should be a force for good in the world and that is what VMware is driving for in everything it does (The Mercy Ships case study was very powerful). Pat spoke about four tech superpowers in the world today (Cloud, Mobile, AI/ML, and Edge/IoT) and how each of them reinforces and drives the others. VMware sees the application as a network that requires an end-to-end platform to enable it. The VMware vision image below has been consistent across four core strategies for a number of years now;
• Modernise Datacenter
• Integrate Public Cloud
• Empower Digital Workspaces
• Transform Networking and Security
The ability for an organisation to deploy hybrid cloud and digital workspace solutions that are integrated from a single vendor drives simplification and reduces costs.

vmworld 1.jpg

At Cetus our mission is to help our customers deliver on their strategic mission by delivering hybrid cloud and secure digital workspace solutions, we believe that every organisation must embrace technology as a force for change and transformation. The VMware portfolio from vSphere to NSX onto Workspace One and out to Vmware on AWS means we can deliver on our mission from a single integrated technology stack.

There were a wealth of announcements in the keynotes, and while I’m not going to try and cover them all here, I just wanted to pick a few highlights.

Security
Pat talked about how the security solutions we deploy today are broken, as bolt-on options that are chasing a bad situation without a fundamental shift in protection levels. This is shown by record spending on security solutions, and also a record number of breaches.

VMware started to address this with NSX, moving the security enforcement from the North/South boundaries to cover the bulk of East/West traffic, and as such the micro-segmentation market emerged. While this takes security to a new level, it is still based on set policies and known interactions between services within the datacenter. VMware is taking this to the next level with the introduction of vSphere Platinum Edition that integrates the app defence solution into the vSphere licence. The combination of AppDefense and NSX allows VMware to deliver what it has now coined ‘Adaptive Segmentation’, allowing admins to deliver a step change in the security paradigm. The Adaptive Segmentation concept follows three key steps:
• Learn
• Lock
• Adapt

Rather than chasing after threats, AppDefense learns an application’s intended state and behaviour, then monitors for changes to this state that indicates a threat. When a threat is detected, AppDefense can automatically respond. Leveraging this known ‘good state’ allows policy to lock down the datacenter (NSX offering network-level automation) and then adapt as needed to changes in state. This deep integration allows for a shift in the overall security paradigm.

The focus on security across the VMware portfolio is really beginning to shine and deliver real value for customers.

Any Cloud
All businesses are on a journey to a hybrid/multi-cloud world and the need to automate and secure this transformation is key. VMware is innovating in both the datacentre and EUC spaces to ensure this journey is seamless, secure and cost-effective for all.

In the datacenter space, the need for a seamless path to and from cloud/on-premises is the key to allowing an organisation to unlock the power of its investment in infrastructure services. The ability to deploy to either on-premises or cloud and move between them seamlessly as costs and needs evolve ensures IT can meet businesses’ needs at all times. This needs to be enabled via a ruthless drive for automation, which the announcements of VMware Cloud Foundation 3.5 addresses by ensuring that enterprise IT teams can deploy private cloud with the same management and automation as cloud. Cloud Foundation underpins the hybrid cloud, both on-premises and as part of VMware on AWS- truly enabling this seamless hybrid cloud. With new VMware on AWS regions opening over the next 6-9 months, the reach will be truly global. Checkout my follow up blog from the datacenter showcase keynote for more details.

The message was clear that the future of cloud infrastructure will be hybrid and that VMware has delivered a true end-to-end solution. The acquisition and integration of Cloud Health extends this capability by providing a cloud operations platform that allows customers to understand costs and compliance across multiple clouds.

Any App
The Workspace One solution has been the stable leader in the MDM space for many years and over the last couple has evolved into a complete UEM (unified endpoint management) solution that supports mobile, Mac, Windows and Chrome end points. Providing users a simple, consistent and secure access method for all applications and data on any device, while ensuring that IT retain control of the full lifecycle of the devices. One big announcement was a joint partnership with OKTA to extend the Workspace One Identity Management solution and provide full user/device lifecycle management and automation. IT can now truly step away from the job of deploying endpoints, allowing technology to provide a simple user-driven workflow.

Enhancements to the Workspace One solution continues to demonstrate this market-leading position. Look out for my follow up blog from the EUC showcase keynote covering items Like Workspace One Intelligence and what COPE stands for.

So this ran on a bit longer that I expected; lots to talk about in what was actually a rather uneventful keynote by VMware’s standards. Most of this due to them splitting out 6 ‘showcase’ keynotes over the two days that focus deeper into the entire proposition. Stay tuned for follow up posts from more sessions. In the meantime, we’re delighted to announce a free webinar on the key takeaways from VMworld that I’ll be hosting. Register here to get all the highlights from VMware and what to expect in 2019.

Register for the webinar

Blog, Cetus Solutions, Cloud, IT Solutions, Security, Technology, Uncategorized

Application Testing in the Cloud


No Comments

If you’ve been keeping up with the hype, you’ve probably been looking into deploying a cloud of some form in your organisation. Be it public, private or hybrid cloud, the possibilities that they come with are endless and revolutionary. I’m sure you’ve heard all of those buzzwords before, building the idea of ‘the cloud’ into an amazing, it’ll-fix-any-problem-you’ve-ever-had-and-more! miracle that’s more of a unicorn than anything else. But you might have discovered that it’s not all sunshine and rainbows when it comes to cloud. Application testing has become one of the little bugbears that people forget- or choose to ignore- when putting together a cloud strategy. When you roll out anything new, it’s important that it’s a success- your bottom line could very well depend on it. And without regular testing you don’t even know what you’re throwing out into the world.

Several years ago, virtualisation became a new focus for IT departments. This new ideology of sharing computing resources across multiple operating systems increased productivity through reduced costs and increased scalability and easy administration. This fabulous new way of running IT infrastructure observed the evolution of virtualisation of cloud in the form of cloud computing. It paved the way for the dream of ‘Everything as a Service’, essentially creating a foundation for many of the technological advances we have today (but for some reason I still can’t get a delivery from the McDonalds a mile away, so there are clearly more worldly advances yet to be achieved).

Cloud testing is the actual testing of the resources on demand; think hardware, software etc. Testing is crucial for the health of your IT environment, especially when it comes to your cloud offerings, ensuring that it not only meets functional requirements, but also non-functional. Securing and managing performance of your applications is essential regardless of where they are; in the cloud or on-premises. It’s not the case of testing an application when it first gets deployed and never needing to bother with it again; the status of applications can change over time.

There are so many benefits for cloud testing that are easily obvious when you experience them. The normal testing approach is to invest in the adequate hardware and software infrastructure needed to carry out the testing. Since the environment supplied to the testing team very rarely matches that of the user, testing applications in the cloud can alleviate the issue of rapidly-changing requirements, allowing the tester to easily replicate the user environment and find defects early in the cycle. Migrating apps to the cloud can also reduce the cost of infrastructure licence renewal, as the organisation doesn’t have to purchase the infrastructure that won’t all be in use at the same time. With the end user environment in the cloud, it’s a simple enough task for an IT department to customise the testing environment match. This customisation reduces the cost and time of regular testing. The testing team can easily perform load and performance testing scenarios in various permutations and combinations.

But, as with everything, there are downfalls. I hate to have to list them, but here we are. By relying on and using the cloud as infrastructure, we do face a few hiccups. But nothing too scary, I promise. Security is one; user privacy needs to be protected, while also allowing the necessary protections that hold up to standards. The security of applications that run in the cloud and security testing techniques also need to be addressed by organisations when it comes to cloud infrastructure. The performance of an application in the cloud is another significant issue that regularly gets overlooked. How are we to know if an application works the same way, especially when hosted in a private cloud? The application itself will be shared amongst plenty of users, so that could cause a delay, especially if bandwidth isn’t good enough for testing. It’s surprising that in certain instances, the particular configurations of a user can be that complex that they just simply aren’t supported by that cloud provider. I don’t get it either. Bottom line, that can make it that much more difficult to emulate a user environment. The last little issue is that of integration testing. It’s easy enough to test the network, database, servers, and whatever else needs to be done. The tester already won’t have control over the underlying environment, but on top of that they’ll have to essentially guess how it would behave. If there are interactions between two components, the tester can only anticipate risks, such as crashes, network breakdown, or your server going on a sudden holiday.

Ensuring the maintenance and performance of your applications in your chosen cloud is crucial for your organisation. Where a lot of people would just love to ignore the finicky bits of testing, here at Cetus we like to dot the Is and cross the Ts, and that includes your testing. Our experts are specialists in application testing and making sure that everything works just right. If testing of your applications is something you’d like to master, make sure to have a chat with one of our experts who will show you first-hand the benefits, while eliminating as many downfalls as possible.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, IT Solutions, News, Security, Technology, Uncategorized

When 2019 Comes


No Comments

It was the mid-nineties, ‘IT’ was the new ‘data processing’, and we’d started using a new gadget called a ‘modem’ to connect our business to the outside world. They were exciting times; technology was changing how we communicated; and we could access technical information at any time. So … I decided that it was time to enlighten my team with a broad-thinking; almost visionary statement: “this Internet thing is really cool … but it’s just for techies”.

In hindsight; it ‘might’ be argued that my statement was, perhaps, a little bit short of ‘visionary’. In fairness; my comment was based on the, then, limited capabilities of CompuServe; which was nothing more than a chat group and download site for technical documents.

And so, with my ability to predict the future firmly and clearly established; it’s time for me to get to the topic of this blog: Top Predictions for 2019. As we, Cetus, look forward to the year ahead; we’re keenly aware that a number of technological drivers will affect the nature of our business. Here’s a few of the key drivers that we are gearing up for 2019:

1. The Internet. I’d better address this one – the Internet will continue to be quite popular in 2019. There, that’s that one put to bed.

2. Windows Desktops. Once the direct target of our VDI marketing efforts (due to its total cost of ownership and unpredictable user experience); the ability of Windows 10, in particular, to deliver a well-managed user environment has put Windows 10 back on the ascendancy.

3. Hybrid-Cloud. It’s been around for quite some time now, and many solutions providers are saying that it’s the future apparently. We beg to differ. Hybrid-Cloud is the ‘now’. You need look no further than Office 365 and SalesForce to see that we have been hybridising our clouds for quite some time now. 2019, however, will see the adoption of IaaS and PaaS, from the likes of Microsoft Azure and AWS, increasingly be the first choice of organisations across all sectors, public and private. 2019 will continue to favour solution providers who recognise that the resulting complexity is a feature not a failure of hybrid cloud; and who provide solutions that embrace and mitigate the complexity, rather than amplify it.

4. SD-WAN. Strongly related to the increasing adoption of the hybrid-cloud model; Software Defined WANs will see significant growth due to their ability to provide: increased resilience, lower price point and better performance over traditional WAN deployment methodologies.

5. Gen-V Security. Also referred to as Next Generation Security – the ability to deploy advanced threat protection that integrates boundary protection, endpoint protection and community threat intelligence is becoming a business necessity, rather than a nicety. Throw in Analytics and Micro-segmentation and you’ll soon realise that technology is providing a robust response to today’s multi-threat cyber security environment.

6. Virtual Workspaces. You might think that this is just the latest marketing term for VDI. We see it rather differently. Virtual Workspaces encompass more than just the desktop; we deliver a workspace that sees the desktop as merely a means to an end; namely a way of accessing applications and data. A Virtual Workspace now, more than ever, must be mindful of the desire of organisations and users to access their workspace using any device; from any location and at any time.

7. Automation. Our principle partners; Citrix, Microsoft and VMware all recognise that the increasing complexity of today’s IT environments require a more open approach to integration. This manifests itself as an increasing focus on cross IT element automation; relieving the IT function of large swathes of BAU activities, allowing them to focus on business innovation.

The above are all encapsulated by our 2019 Solutions Portfolio. By working closely with our primary vendor partners; we are able to draw down their strategic visions, and to combine these with over 17 years of delivering Secure Application and Data Delivery Platform solutions. The result is that we now have hundreds of customers who count on us to help guide them through turbulent times; who see us an extension of their IT teams; and with whom we have the genuine pleasure of travelling into 2019 as partners.

To hear more about how we can help your organisation get ready for the challenges of 2019; why not join us at one of our upcoming Cloud Workshops? Of course; I’ll be presenting, and I’ve prepared a fascinating session on “Why Smartphones are Cool – but just for techies”. I can’t wait!

Speak to an expert

 

Directors-9619Paul Kiveal – Business Development Director
Paul works with business leaders, helping combine strategic objectives with innovative technical solutions, developing inspirational new IT platforms that transform the way technology powers organisations.

Blog, Cetus Solutions, IT Solutions, Technology, Uncategorized

Who Would Prefer Digital Workspaces, Cats or Dogs?


No Comments

When it comes to blog post topics, I usually ask our Business Development Director, Paul Kiveal for topics to squirrel away and write about. Sorry to burst your bubble, but the fabulous ‘Hybrid Cloud Orchestration’ and ‘Is The Password Dead?’ posts weren’t my ideas. This week though, I caught him at the worst time, while he was in a strange mood (or sick of my constant craving for topics), and he gave me the worst title; ‘Who Would Prefer Digital Workspaces, Cats or Dogs?’. I’m not going to lie, it’s going to be a challenge. I’ve already asked a handful of people with zero IT knowledge for advice and they all gave me different answers, so I’m on my own with this one.

Originally, I thought cats would prefer digital workspaces. And it’s not because I’m a cat person (sorry). I just have no problem imagining a hipster Maine Coon- we’ll call him Salem- with his fur tied up, sitting in a café sipping huge bowls of the blackest coffee (or milk?), working away on his laptop. Why would he want to spend the day in the office, getting swiped by all the other cats for no reason whatsoever? God only knows, he wouldn’t be able to concentrate with all that purring. And every two minutes there’d be a flurry and a yelp as one of them forgot where they were and attacked their mouse. So, because Salem’s a very busy hipster cat, off he’d pop, with his laptop and catnip in his satchel to the closest Costa. A bit of quiet to get one step ahead. And let’s not forget the toasted tuna baguette for lunch.

Dogs however, they’re the ones who would love digital workspaces. Can you imagine telling a golden lab about how their work life would change? Let’s set the scene; some fancy, all white laboratory, not unlike the setting for James Bond’s Q. You stand in a white, unbuttoned lab coat, clipboard in hand, while Scooby sits at your feet, tail wagging.
“Access your applications and data no matter where you are in the world.” “Oh yeah, yeah, I like it, that sounds good!”
You lower your head to look at him over the rim of your glasses. “Seamless user experience; easily transition between your laptop, iPad, and mobile.” “Yeah, yeah?!”
“Optimise your productivity by meeting your business objectives while you work from home, in the office or on the go.” “Oh boy, that’s just amazing, isn’t that amazing?”
At this point he’d lose control and wipe the desk behind him of electronics with his over-enthusiastic tail. That’s another reason why dogs would prefer digital workspaces; can you imagine how many devices they’d break? A moment of excitement and their iPad would be history. And if you tossed them their mobile from across the room it would be crushed between their teeth. But with a seamless user experience, all of their data and applications would be in the cloud, so it would be a simple sign-on to whatever other device you’d have on-hand and they’d be on their merry way.

But, going a bit deeper into all this theoretical stuff, if you had an IT department full of cats, they’d love digital workspaces too. You’d have to move them from their cosy spot on top of the warm servers first though. All you need to create your own kitty IT department is a closet of Mac laptops, those small ones that fit in handbags. Cats don’t take up much space, they have tiny paws perfect for tiny laptops, and they get distracted by Windows. With increased agility, even the laziest tabby could easily deliver and manage a connected workspace to any canine user, regardless of what device they’ve just been given to replace their broken one, over any network. And they’d make the higher ups very happy with the reduced costs in managing complexity of the infrastructure. And since we can all imagine Salem being the Data Protection Officer in an organisation, complete with shirt and teeny, tiny tie, he’d love the secure corporate data feature. With so many files and applications flying around the ‘net, the risk of a security breach is high. But with that security feature, those kitties would be able to deliver their services without compromising security.

So, I can only conclude that, regardless of whether your furry friend is a cat or a dog, they’ll love digital workspaces for their own reasons. Pop Salem in the IT closet on your way up to the office, or link Scooby with the latest gadgets that will keep him connected with customers and the rest of the office while he’s out and about. If you fancy hearing more about what digital workspaces can do to improve your users or IT department (regardless if they happen to be human or otherwise), have a chat with one of our animal-friendly experts. Or just show them photos of your pets, they’d love that as well!

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Check Point, Cloud, IT Solutions, Security, Technology, Uncategorized

The Cyber Security Threats You Need to Plan for in 2019


No Comments

It’s that time of year again; time to be weary of scary things jumping out on your screen when you’re least expecting it, of monsters following you into your dreams and escaping from your [data] closet. I’m referring, of course, to National Cyber Security Month, the month to take extra care when it comes to protecting your organisation from cyber-gremlins. And I’m sure you’ve been hearing about it non-stop for the last three weeks; participating in the office games, including ‘bobbing for malware’, ‘pin the data on the phishing attempt’ and ‘pass the ransomware’. All party classics. Regardless, it’s an important issue that gets pushed to the side all too often throughout the year. So now is the time to make that extra bit of effort to make sure that you’re protected should the Big Bad Cyber-attack knock on your door (or make you realise just how badly your straw house was lacking).

To switch things up a bit, I thought it would be clever to start thinking about what lies ahead, when the dark, cold nights and endless Christmas parties make way for snow in April. Now is a good time to start planning for 2019, and what the cyber landscape might look like next year. I’ve dusted off my crystal ball and called upon the spirit of Google to tell me exactly what cyber security threats we’re most likely to hear about next year. So buckle up, take notes, and be prepared to impress your boss with your savvy goal-setting ambitions. You’re welcome in advance.

It seems like the world spent the entirety of 2018 running around trying to put out phishing fires. Unless you live under a rock, or are lucky enough to spend your days on a wifi-less beach, you can’t have missed the crazy number of phishing attacks that were publicised. Every second cyber security article had details of attacks and startling statistics (76% of businesses reported being a victim of an attack in 2018 so far). Alas, while phishing has been around since 1980, it has just been ramping up in popularity and severity over the last year or so. When it comes to internal threats, it’s by far the easiest way to get access to sensitive information. According to a Verizon report, 30% of phishing attacks get opened by American users, with 12% of those targeted by the emails clicking on the infected links or attachments. The element of human error makes it that much more appealing. Unfortunately, the only solution to phishing (for the time being anyway) is to train your users to be extra vigilant when opening emails from external sources, and make sure your spam filters are extra strong.

Here’s an interesting (albeit worrying) one; your new smartphone being compromised before it even gets in your hands. Malware is another one of those evil little buggers that can really cause trouble if you’re not very careful. Like phishing, it’s becoming a prevalent part of the internet landscape that users have to be wary about, kind of like not playing in traffic and eating your vegetables. In a society where being always-on is a necessity, mobile phones have become replacements for desktop computers. Think about it, what do you store or have access to on your laptop that you don’t on your phone? The data your phone collects on a daily basis is a very attractive target for cybercriminals. But the modern cybercriminal doesn’t have to stand on a street corner and ‘accidentally’ bump against you to steal your mobile, and ergo your data. Apps are an easy hands-free way to bypass security measures and cause trouble without even clicking on a malicious link. There have even been reports of smartphones leaving the factory floor with malware built in! This malware, called Cosiloon, can send users to download dodgy apps that they didn’t intend on accessing. The app is passive, only visible to the user in the settings section, but then connects with a website to grab the payloads that hackers want to install on the phone.

Speaking of phones, surprise, surprise; cryptocurrency is going to continue to be a massive deal in 2019. And since it is, the dollar signs in the eyes of hackers are getting even bigger. Cryptomining was a new trend for 2018, but without a doubt will gain traction during the next year. Uber-clever cybercriminals infect machines to commandeer their CPU power and steal Bitcoin. What we will most likely see in 2019 is the rise of cryptomining through mobile devices. Since cybercriminals need the infected device to be running to access the processing power, it only makes sense for them to move onto always-on mobile devices. Clever, huh? Many hackers simply create useful and legitimate apps, such as calculators, music videos or voice recording technology, and then embed a script that allows the cryptomining plugin to work silently in the background (don’t start getting any ideas). Since the nature of mobile is to simply make everything so damn complicated and finicky, you probably wouldn’t even notice the extra tab on your browser. The only thing that would indicate that you were a potential victim would be the quick-draining battery. But let’s face it, how often would you attribute awful battery life to a hacker, rather than just having an older phone? “You’d need terrible mobile security!” you might guffaw, pitying the idiot commoner that wouldn’t think of protecting their mobile devices (oops, that would be me). Alas, cryptomining doesn’t technically compromise the security of the device, as it doesn’t bypass security systems or install any rogue software. If you think you’re being clever by installing app-only or endpoint-based security solutions, you won’t be the one laughing (I don’t feel so bad then).

CheckPoint’s SandBlast Mobile is one fabulous piece of software that can and will protect your mobile devices. It protects users from threats to the OS, apps and network, and boasts the industry’s highest threat catch rate. Zero-day malware, using a software vulnerability for which there isn’t any available fix or defence at the moment, is being created and released onto unsuspecting victims every day. SandBlast Mobile blocks zero-day malware (I think it’s magic, actually), and prevents phishing on your apps. If you’re worried about infected devices accessing corporate data, it will intuitively block the device, while also blocking infected devices from sending on sensitive data to botnets. Possibly the most innovative feature of SandBlast Mobile is how it mitigates threats without having to rely on a management platform, which means that you’re protected even when you might not be on the ball (mobile attacks can also happen after late nights- you can’t have Spidey senses all the time!). Regardless of what you do or access on your mobile, if you work from your phone- even if it’s just to reply to emails- SandBlast Mobile is the all-encompassing solution for you. Well then, we can pretty much strike off two of those potential 2019 issues with just one technology!

We’re all for embracing the future here at Cetus. There is so much to look forward to, and so many awesome new technologies- both malicious and not- that will come about, regardless of how well you try to prepare. Working with CheckPoint, we feel reassured that our cyber security is covered, regardless of time, place or device. If you’re interested in what our experts have to say about all the cool things that CheckPoint offer, you can have a chat with them with here. And don’t forget to tell us what you think; what will 2019 have to offer by way of cyber security threats?

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, IT Solutions, Security, Technology, Uncategorized

Improving your Network Security; it Doesn’t Have to be a Scary Business


No Comments

It’s finally October! Time for the quintessential Pumpkin Spice Latté from Starbucks, complaining about the sudden early evenings and frantic last-minute costume shopping for the office Halloween party. It also happens to be International Cyber Security Month; a friendly reminder to take extra care when it comes to your cyber security, lest a cyber-Dracula should invade and exsanguinate you of all of your rich, iron-filled data. Here at Cetus, we’re always up for a bit of spooky fun, but when it comes to security we’re serious. This week, in honour of Anti-Malware,-Ransomware,-Phishing,-And-All-Things-Evil Month (it’s original title wasn’t quite catchy enough), I’m going to try and make improving your network security a little bit more fun. I’m only 125 words in, so there can be no promises.

Along with an effective cyber security policy, creating a plan in the case of a cyber-attack, using micro-segmentation to minimise the damage of said cyber-attack, making sure that you have ample backups in place to maintain your business after a cyber-attack, and many, many more stress-inducing topics for you to worry about, making sure your network security is up to scratch is also crucial for your business. (If you’re looking at that list and wondering what on earth you’ve been missing, they all link to delightfully hilarious posts that will alleviate all of your fears.) Your network is the glue that holds the entirety of your organisation together. Or, in this instance, it’s the stitching that holds the body parts of your Frankenstein Monster of an organisation in place. Ever try sharing a digital document with Stacy from HR in the next building without a network? It would be faster to train a carrier pigeon to knock on her window- but that wouldn’t be without the risk of interception. Or practise morse code- unless Stacy is on the other side of the building. If you’re lucky enough to be by a window directly across from her, there’s always the option of folding up a paper airplane or, my favourite, using a tin can telephone. And those are all well and good, but what about if Stacy’s office is in another country- or continent? An ultra-sophisticated, time-locked carrier pigeon is the only way to go. Unless you have a secure network, that is.

But ‘pub tonight?’ emails aren’t the only things your network adds to your business (though it might be one of the most important ones). Think of all of the many files that are stored on your organisation’s shared network drive, and all of the instances you need to access one. Last-minute edits to the document that your sleepy, unsupervised intern prepared for your board meeting? Holiday request form? I guarantee you, you pop in there at least once a day to spend half an hour looking for a document someone else created. Without your network, you’d be a building of USBs wandering around the office. Your extremely helpful Outlook calendar that allows you to own the time of your colleagues (but also allows them to rule over yours) is thanks to your secure network, too. Want to work in a café/building site/park bench (near a Wi-Fi source; it’s not that magical)/car park? Feel free to use whatever open Wi-Fi network you want without the worry of a cyber-creep stealing all of your organisation’s secrets. And a lack of network security cost UK small businesses a collective, but nevertheless horrific, £11bn in 2016. So, how do you take care of your Frankenstein Monster?

If your network is Frankenstein Monster’s stitching, then a healthy network security policy is the age-defying, pollution-barrier moisturiser that keeps everything supple. A clear, simple and comprehensive network policy makes everything work smoothly. All it takes is a written document that outlines user policies; who is allowed to access the network, what privileges and limitations do they have, etc. There’s no point letting just anyone who happens to be working for the organisation into every file; unless you’re sending her paper airplanes, Stacy from HR shouldn’t be included in the notes of the main board meeting. A good risk assessment test, identifying important data sets and creating a disaster recovery plan is all that is needed to make sure your network security policy is ready to go! It’s also a good idea to organise drills within your IT department to make sure that the new implementations have been well received by your users, and to identify if they need further training.

A lot of organisations do well to make sure that their network is safe, by investing in the most expensive, most sophisticated and most snazzy infrastructure to keep the outside out. However, where they fail is usually keeping the ‘snazzy’ up to date. We already know that loopholes from unpatched networks can cause some serious security breaches (WannaCry, anyone?), so it’s crucial that your IT department acts on whatever updates may come about. If, for example, Frankenstein’s Monster were to lose a finger or nose, you wouldn’t leave it be, right? So, patch, patch, patch. Speaking of, bad passwords are like skin erosion. Let that fester and it won’t take long until the bad outside germs (cyber threats, in this example) pierce through and infect the entire body. In the age of Gen-V cyber-attacks, it’s important that your password policy is up to the security demands of your organisation. Maybe think about multi-factor authentication? I’ve already written loads on that, but to make it brief, think about making passwords expire every 60 to 90 days, just to be safe.

It’s time to don your favourite lab coat and get into your Dr Frankenstein head space, because now we’re talking about auditing and mapping. Place your monster on the slab and open him up! Know everything about your entire network’s infrastructure; what servers, printers, computers, devices and users are connected? How to they connect, and how do they maintain their connectivity throughout the network? Look for vulnerabilities that could end up causing you trouble in the long run. Keep an eye out for ways you could improve security, performance and reliability. Basically, see if you can replace a few weakened patches of skin with some robust tin and give it a zap to bring it to life.

Last but not least, Dr Frankenstein would hardly have created his monster without making sure he had plenty of backup arms and legs, just in case. And neither should you. Chances are, a hacker will find their way into your system. Which sounds a whole lot less scary if you’ve already read all about micro-segmentation and you’re compartmentalising your network. Regardless, it would be best to make sure you’ll never be caught out if it were to happen. As always, we’ve got you sorted, since we always take backup seriously.

IT’S ALIVE! Now that we have all of that sorted (that wasn’t as torturous as you’d thought, was it?), we’d love to hear what you think. Is Frankenstein’s Monster the best monster comparison of your network? Have you suddenly realised that maybe you need to take another quick look into your security? Have a Halloweeny chat with our experts to see what we can do for you, and decide what you’re going to dress up as this year.

Speak to an expert

Speaking of, I’ve finally decided on my costume for the office party; Cyber-Dracula. Sorted.

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.