Availability issues are striking again and the business can’t operate--it looks like maybe this time a server is down? Determining the root cause can be a challenge, if not impossible, without the right traffic analysis. After all, instead of a server or application issue causing the outage, your worst nightmare could be happening--a distributed denial of service (DDoS) attack.

DDoS attacks aren’t what they used to be. While still viewed as powerful business disruptors, with thousands underway at any given time somewhere in the world, there has actually been a decline in frequency between 2017 and 2018. Great news, right? Unfortunately not. It turns out there is a new alarming trend: DDoS attacks may be less frequent, but they are multiplying in size. According to a recent report, the maximum size of DDoS attacks increased a whopping 174% in the first half of 2018 over the same period in the prior year.

Learn From the Largest Attack

The industry-leading platform Github was hit by 1.35 terabits per second (yes, tera not giga) of traffic in one fell swoop. The company was experiencing the largest DDoS attack on record, completed with an amplification vector using memcached over UDP. For the tech geeks amongst our readers: this type of attack works by abusing memcached instances (a distributed memory system known for high-performance and demand) that are inadvertently accessible on the public internet with UDP support enabled.

While 50x amplified data volumes sounds abhorrent, in total, Github was only offline for five minutes and intermittently unavailable for four minutes after that. In total, that’s fewer than ten minutes, proving that with the right layers of protection any business can weather the biggest DDoS attack in history.

Don’t Overlook the Smaller Attacks

Colossal DDoS attacks may produce headlines, but that shouldn’t be your only concern. There’s another notable method that attackers are using to threaten your business. We’re referring to the popular and affordable, smaller application attacks that go unnoticed for lengths of time until it’s too late. Referred to as “slow-rate” or “low and slow” attacks, cyber criminals masquerade as legitimate requests from users until it overburdens applications, rendering them unresponsive.

As part of multi-vector DDoS attacks, application layer attacks or “layer 7 attacks,” target the application as well as the network and bandwidth. Standing in a category of its own, these attacks become shorter in duration, but growing in frequency, complexity, and persistence. Because of this, application layer attacks can be harder for security solutions to detect than network layer attacks.

Detect and Mitigate No Matter the Size

From mega to tera in size--including volumetric, application, protocol, resource and IoT-based attacks, businesses need a way to detect and mitigate all DDoS attacks. Today’s complex enterprise IT architecture is favoring a distributed application environment, which can include service components and dependencies spread across data centers, the cloud, internet, and applications. This increased east-west traffic flow is making end-to-end performance even more reliant on predictable network behavior, which can incur a ripple effect of damage from a DDoS attack on one digital dependency.

To protect, organizations need:

Greater unification of telemetry dataDetection policiesMitigation triggeringHybrid defense systems that combine detection and on-site mitigation appliance, and on-demand bursting to cloud mitigation

At Edgeworx we partner with vendors to deliver all of these layers of defense as well as integrate a comprehensive end-to-end view of traffic to detect and stop DDoS attacks. Before your business falls victim, consider modernizing your cyber security approach for the terabit era. Call us today at +1.647.793.4731.

A rogue employee tore a 2.9 million-record-sized hole into his employer’s IT infrastructure according to an advisory posted by Canada’s Desjardins Group, the largest federation of credit unions in North America. The breach, carried out by the since-fired employee, involved the exfiltration of 2.7 million individual's records and 173,000 business’s records – about 41% of Desjardins clientele. The leaked information included names, birth dates, social insurance numbers, addresses, telephone numbers and email addresses, as well as information on banking habits – all of which was illegally transferred to a third party.

Desjardins reported that there was no breach, that it did not come under a cyber attack, and that their systems are fine. They described the incident as “an ill-intentioned employee who acted illegally and betrayed the trust of their employer”. Desjardins' framing of this incident conflicts with the Canadian Office of the Privacy Commissioner, who defines a cyber breach as "the loss of, unauthorized access to, or disclosure of, personal information, including when personal information is stolen, lost or mistakenly shared”.

With DataStealth, you are able to transparently apply Attribute Based Access Control (ABAC) to existing applications and data flows, with no development or software/plugin/agent installation required, providing the ability to dynamically execute access decisions in real time. Where traditional access control systems result in a ‘permit' or ‘deny’ decision outcome, DataStealth gives the flexibility to choose additional outcomes such as de-identification, masking, or tokenization of data elements.

DataStealth also captures metadata at the time data is collected (IP, Geo-location, user, application, source, destination, time of day, day of week and more), and can apply heuristics to determine the normal rate of consumption, and then apply rate limiting against user behaviour to ensure no unusual consumption is occurring.

In the case of Desjardins, had DataStealth been deployed, with ABAC turned on (including heuristics and rate limiting), the "ill-intentioned employee who acted illegally and betrayed the trust of their employer” would not have been able to breach Desjardins layers of security and steal 2.9 million Desjardins client records.

Read more about this great solution by our partner Datex using this link.

Virtualization--it’s actually not so new. Since the 1960s, the computing concept has been in use and has been defined as:

“The art and science of making the function of an object or resource simulated or emulated in software identical to that of the corresponding physically realized object. In other words, we use an abstraction to make software look and behave like hardware, with corresponding benefits in flexibility, cost, scalability, reliability, and often overall capability and performance, and in a broad range of applications. Virtualization, then, makes “real” that which is not, applying the flexibility and convenience of software-based capabilities and services as a transparent substitute for the same realized in hardware.”

Virtualization is Buzzing Around the Cloud Edge

At the last VMworld, one of the main topics revolved around platform and application virtualization at the edge of the cloud. To contextualize the subject, it was noted that as virtualization occurs at the edge, it will find its first use cases within industrial Internet of Things (IoT).

The vantage point was unsurprising as most IoT and computing power conversations begin with industrial applications. In this instance, virtualization allows smart edge devices like a robot used for manufacturing to run virtual machines and containers to manage artificial intelligence (AI) applications, data collection and ingestion, signal processing, and more. By moving the computing power closer to the edge by implanting it within the industrial robot, it is used more efficiently and streamlines IT processes. This includes: monitoring, diagnostics, troubleshooting, and other management needed for the intelligent systems so that the devices can handle dynamic workloads.

Edge Devices with Limited Computational Capabilities

Despite the consistent message of industrial IoT, the devices often have limited computational and storage capabilities. Expecting complex edge processing tasks on hardware that has less processing, memory, and storage than typical server machines means that it’s not always possible to deploy processing at the edge. Instead, we see the entrance of virtualization technologies so that the hardware resources can be decoupled from the software for better performance.

Good for IT, Bad for Business?

As business leaders when we hear of these technological improvements, we think, “great, but now what...and, what’s the catch?”

Virtualizing the public cloud, up the application stack, and out of the multicloud’s growing edge will undoubtedly have an impact and work as a catalyst for IoT deployments. But, there isn’t a clear path on the implementation and costs of these new technologies.

Companies that are interested in the technologies, but don’t have the internal expertise on how to plan and deploy these uncharted environments will find themselves asking: What should we do with the edge? How can we use IoT? How will this differ from our centralized data center? How secure and predictable will the onboarding, monitoring, and service provisioning be?

The bigger problem is that some companies will begin cloud, edge, and virtualization projects only to find themselves in the middle and realize that their licensing costs are quadrupaling because they did not forecast properly on a per-user or usage basis. So what “technically” sounds good, actually ends up being bad for budgets--and business.

Even Still, Don’t Dismiss Virtualization

It can be easy to dismiss virtualization of the edge when you don’t have a clear use case, but don’t be too hasty. Virtualization technology will play a key role as we move towards the edge by ensuring that multiple devices can be elastically and adaptively combined to seamlessly handle (in real time) workloads and cloud-to-edge infrastructure efficiency.

At Edgeworx, we understand that each company and its technical landscape can vary widely. That’s why we partner with leading technology vendors and blend together their unique set of capabilities to actualize real benefits of today’s buzzwords. If you’re interested in adopting a full cloud-to-edge strategy, learn how we can help by visiting our services page!

Timely security patching isn’t enough to defy application vulnerabilities that put companies at risk. In fact, at first blush when we hear the term “vulnerabilities,” and immediately assume its basis in security, we’re ignoring the iceberg hidden below the surface.

A few years ago, the court case U.S. v. Microsoft began and has recently come to a quiet end. The potentially major data privacy case hinged on a warrant for emails as part of a U.S. drug trafficking investigation and the reach of a decades-old Stored Communications Act. While Microsoft complied by handing over address book data stored on American servers, the location of the actual emails was in a data center in Dublin, Ireland, outside of the regulation borders.

When the Stored Communications Act was passed in 1986, no one had heard of cloud storage -- it didn’t exist. The current landscape and the Clarifying Lawful Overseas Use of Data Act (or CLOUD Act) has modernized how the U.S. government handles data sovereignty by requiring U.S.-based companies to turn over stored electronic data, regardless of where the data is stored, if served with a warrant. However, the act also provides ways for companies like Microsoft to challenge orders under certain circumstances.

The point being, this piece of recent American history is a lesson in application vulnerabilities to all of us. For example, when a Canadian bank uses the Microsoft Office 365 suite, they must ensure that private, customer data stays within the country borders, end-to-end, away from a government that can produce a warrant for the data in the name of national security.

Vulnerabilities Have to Start With the Basics

Security breaches are the flashy, headline-grabbing compromises that come and go daily. But to truly address the vulnerabilities of applications, IT must start with the basics of what could impact the confidentiality, integrity, and availability of resources.

Common vulnerability themes revolve around the following:

Unprepared when migrating to the cloud - In the digital transformation it is becoming a knee-jerk reaction to move resources to the cloud. Yet, organizations are doing so without the insight of what it takes for an application to be migrated to a cloud provider.

Staying in compliance with regulations - For organizations in regulated industries, application peering contracts could breach compliance. Data could flow from Canada to a node in Chicago, Illinois and then back to Canada. If there was a requirement for data to stay in the country, end-to-end, this might go unnoticed until a problem occurs. By moving to the cloud, companies have less control of data routing and overall visibility without third-party monitoring solutions.

Downtime and latency - Cloud applications are only as strong as the weakest link in the chain. With downtime and latency more important than ever, many are moving in parallel to cloud-ready platforms such as software-defined wide area networking (SD-WAN) for its intelligent use of application-aware routing, path optimization, and Quality of Service (QoS) monitoring. When adopting cloud applications, companies must revisit the path between business (user) and application instance/data. The days of entrusting service providers telling you again that the customer premises equipment caused the downtime are over. Applications remain vulnerable unless there is a robust WAN infrastructure (or SD-WAN), customer premises equipment to steer traffic and apply policies, solid cloud service level agreements (SLAs), and explicit guarantees and reports by service providers and monitoring solutions to validate service provider claims.

How to Fortify Applications for Better Business and End-User Experience

Without proactive steps, data sovereignty and performance are always at risk. Luckily, IT teams don’t have to accept that applications are susceptible to harm or attack. Instead, there are several ways to fill the vulnerability gaps:

Application vulnerabilities don’t have to be the downfall of your business, instead try complementary solutions for security and performance monitoring. As a vendor agnostic solutions integrator, Edgeworx Solutions delivers the best mix of technologies to support the performance and security of today’s cloud applications. To learn more, visit our partner ecosystem page.

The value proposition of software-defined wide area networking (SD-WAN) is compelling. Who wouldn’t want decreased WAN costs and increased overall capacity? Who wouldn’t want the quality of a Skype™ call to be adjusted automatically? And, who’s not in favour of lowering the overall TCO of WAN?

That’s why we’re hearing from many customers that they want to make the switch. The catch though is when organizations begin a rapid adoption of an SD-WAN solution in remote offices without anticipating the complexity it creates in visibility of end-to-end performance.

These scenarios can quickly dissolve into a blame game when end users begin having dreadful experiences. Without enterprises being able to contextualize application performance across all of their locations before, during, and after an SD-WAN rollout, it’s often easier to criticise the new solution as the culprit. However, it could be the ISP’s fault, but without the right metrics there is no way to say for sure.

SD-WAN and MPLS “Need to Knows”

All SD-WAN solutions in the market have on-board performance and capacity monitoring features. It is Important to note though that these vendors offer basic metric-based visibility into Layer 3 and some compound quality metrics on MoS and QoS. In many cases these are insufficient for gaining a comprehensive understanding of the end-to-end experience.

Most organizations appreciate the benefits of MPLS for its stable and predictable uptime quality. The downside is the lack of rapid adoption of business service requirements to dynamically change policies, integrate social media into applications, meet low latency requirements, and temporarily stream more bandwidth.

As we evolve our technology, our mindset needs to adjust as well. Modern infrastructures should be designed to facilitate business, not force its IT rules on the business. SD-WAN in its very nature allows organizations to be flexible in achieving this by bundling virtual network functions such as circuit bundling, firewall, application Quality of Service (QoS), and traffic steering into a single (virtual) appliance. By building a smart overlay using SD-WAN, it allows for continuous connection monitoring, dynamic application steering, and on-demand remediation.

Level-Set Expectations

Level-setting expectations when deploying SD-WAN solutions is the first step to a successful adoption. To achieve this, companies must refrain from using the same metrics before and after deployment. Remember, we’re no longer in MPLS-only-land--SD-WAN welcomes direct internet access where it may not have existed before and it complicates routing rules.

To begin the metric refresh, consider tracking capacity. As mentioned above, with MPLS, it was generally reliable and directly correlated with the purchased bandwidth, but it is far more variable with direct internet access paid for by an ISP. When introducing SD-WAN, the configuration often relies on what capacity is available to set QoS, TCP segment size, and other regulating settings.

Add in Context

After baselining performance, there is still more work to do by adding in additional context to extract the most comprehensive, actionable application and network intelligence. This can include:

Not All Monitoring is Equal

As SD-WAN works its way in as a critical piece of infrastructure, you’ll soon realize there is a right way and a wrong way to operate the new network. If your goal is to ultimately save money and scale faster with SD-WAN, it’s a necessity to adopt a monitoring solution that provides end-to-end insight and visibility into your distributed environment.

Edgeworx partners with the best vendors in the business to provide deeper, more granular metrics like latency, data loss, jitter, TCP retransmits, QoS markings, and more for a true “state of the network” view.

Learn more about how we approach network monitoring for better business outcomes and end-user experiences.

The 1990’s--that glorious time when the release of the World Wide Web brought the internet into the homes and businesses of millions of people. It was a period of significant advancement in networking research and development in regards to high-speed routers and routing, and LANs--but it wasn’t without strife. The tech community was challenged to overcome stumbling blocks associated with securing and managing internet infrastructure. Then we hit about a 15-year lull, only to return back to a case of the network management blues.

Age Old Problems of the Network

Software-Defined Networking (SDN), Network Functions Virtualization (NFV), and 5G didn’t exist when you actually had to spell out acronyms like LAN and WAN, but some of the same age old problems have hung around to plague the modern network. Mainly, the truth that how well you manage your network, will define the success of your business and revenue.

While decades ago network advancements presented new and exciting opportunities, as infrastructures have matured we’ve reached a boiling point in which every aspect of business operations relies firmly on efficient, secure, and integrated network management. In 2019, organizations have a chance to soar instead of stumble with goal setting as networks change faster than they have in decades.

Goal #1: Network Automation Through DevOps

According to a recent Kentik surveyon the state of the network, automation was the most important network trend to organizations.

Although it reigned supreme, with the complexity of infrastructure growing so quickly, most businessescontinue to be unprepared for full automation to manage network performance and security. The problem lies in the legacy networking hardware that doesn’t lend itself to automation.

Full automation takes substantial lift that organizations don’t necessarily have the resources allocated to achieve. In 2019, it behooves IT organizations to look outside their teams to experts in automation to ensure their technology stack is ready for networking advancements ahead.

Goal #2: Close Monitoring Gaps

A whopping 85.8% of respondents reported that they weren’t where they wanted to be for monitoring the performance and security of their cloud and internet dependencies (e.g. IaaS, PaaS, SaaS, web APIs, DNS, web services). As businesses “cloudify,” new visibility gaps are created because most legacy systems don’t have the capabilities to monitor across distributed environments.

While there is a proliferation of tools and techniques to monitor and manage networks, the lack of integration means that businesses are still struggling to have a single source of truth that can show an end-to-end view of the network. Because of this, it is of utmost important to focus on implementing functional monitoring tools that promote a high-quality end-user experience, andfaster issue identification and remediation before adopting new networking advancements.

Goal #3: Make the Importance of End-User Experience Equal to Security

Building off of the previous goal of closing monitoring gaps, organizations need to shift to the mindset that a poor end-user experience is just as bad as a data breach. While cybersecurity attacks may be core-rattling experiences, network incidents that reach the end user before IT is aware of them should elicit the same visceral response. With critical processes depending on the network, inefficient incident alerting and lengthy mean time to remediation can be just as devastating to business operations as an attack would be.

Another objective to address here and now: businesses need to place a greater emphasis on ensuring that availability, user experience, and ease of use for customers is considered when implementing network security and integrating monitoring that provides analytics that offer network insights within seconds.

Conquer Your Network Blues

If you are feeling the network management blues, don’t despair! The market offers plenty of exciting digital transformation opportunities, and vendors are more inspired than ever to solve the unique problems created by networking progress. So don’t shy away from improving your network. Instead, team up with Edgeworx and our network of partners to ensure you meet the goals that will take your business and infrastructure from static to metamorphic. Contact us today at +1.647.793.4731 to learn more!

It happened again...Large amounts of money transferred to a scammer that will likely never be recovered in full. This time the phishing victim was City of Ottawa Treasurer, Marian Simulik.

On July 6, 2018 she received an email that appeared to come from city Manager, Steve Kanellakos, asking her to pay a city supplier nearly $98K US.

After searching the internet for the IT supplier, she assumed the request for payment was related to the current overhaul of the ottawa.ca website. After an email communication exchange with the imposter city manager, Simulik transferred the requested amount to a U.S. bank account.

In just about four hours, Simulik was tricked into something that she later stated affected her “deeply, both professionally and personally.”

It Could Have Been Worse

The phishing scam could have been worse. In fact, in cases like these where large amounts of money are available, phishing attacks are dubbed “whaling.” Luckily when the next attempt for $150,000 came in, Simulik was sitting next to Kanellakos in person--tipping off the city to the fraudulent activity.

Lesson Learned...Right?

Simulik has surely learned her lesson about phishing attacks, but ask yourself, how many of your employees could be the next ones to take the bait? Being unprepared and vulnerable to these attacks will cost your company money, time, and reputation. It’s just a matter of when you draw the short straw.

Take Action--Now.

Edgeworx recognizes the severity of danger that phishing imposes. That’s why our security team develops individualized strategies for companies that educate and test end users through automated vulnerability simulations and company tailored phishing campaigns.

Ready to stand up to fraudsters, but don’t know where to start? Read our blog, How to Get Your Company Invested in Phishing Simulations and Training Programs.

Eight years ago when John McKerracher, Colin Hales, and I came together to form Edgeworx Solutions, we didn’t know that “edge computing” would be such a major buzzword in 2019. Back then, the term didn’t exist. Even without a label, our combined years of industry experience meant we understood one overarching truth that would lead to the naming of our company -- the value of the infrastructure edge and its impact on the end-user experience.

Since day one, our mission was to assist customers in creating future-ready networks, while eliminating potential IT security risks and unnecessary costs that would limit technical and business potential. We’ve proudly partner with leading (edge) technology vendors to achieve these results and continue to grow with them as we navigate the cloud computing era, the unprecedented growth of data, and imminent impacts of network technologies like IoT and 5G.

Opportunity At the Edge

You may have read a quote from Gartner’s Tom Bittman that suggested edge computing would kill the cloud. In his exact words, “the edge will eat the cloud.” For nearly two years, this has been widely debated in the IT community.

The cloud isn’t perfect, but it does help achieve agility through economies of scale, automation of data processing, mass centralization, self-service, and more. The problem is, many enterprises still have not mastered cloud computing. Just as some are gaining their foothold, edge computing is nudging its way in to fix end-user experience challenges.

Between security concerns and latency, universal centralization isn’t always best. Although real-time data access has made great improvements, there has also been a proliferation of remote locations, creating more distance, IoT increasing data collected, and subsequent latency to transfer the data to overcome. The digital transformation is only increasing the complexity and forcing infrastructure to evolve at software speed.

Despite the lack of a formal edge computing definition, there is an opportunity to build on the premise of adding IoT and/or moving computing to the edge to foster collection, processing, collaboration, and openness that will accelerate today’s businesses.

From Concept to Reality

With edge computing becoming the next technology wave to be reckoned with, moving computing and data closer to the edge and end-users, the experience results in significantly improved throughput, performance, and real-time experience.

In real-world terms, this means:

Almost a Decade in the Making

From relatively obscure concept, to one of the most significant technology disruptions of our time, Edgeworx Solutions has been rooted in the belief that the success of the end-user experience and the associated monitoring and reporting, relies on edge computing. In 2019 and beyond, we will continue to witness and take part in digital transformation efforts that will beg for the benefits of computing power not only in the cloud, but as close to the end-user as possible.

Given that there is no single edge or one type of edge computing, knowing exactly where you can inject agility benefits can seem like an insurmountable task. That’s why John, Colin, and I have built a team of seasoned consultants and engineers that are experts in tying together the latest technologies to deliver superior network performance. To learn more, contact us today at +1.647.793.4731.

CyberEdge Group, the leading research and marketing firm serving the security industry’s top vendors, today announced the availability of its sixth annual Cyberthreat Defense Report (CDR), sponsored by Edgeworx Solutions Inc. New this year, the report found that IT security’s greatest inhibitor to success is contending with too much security data. To address this challenge, 47 percent of respondents acknowledged their organization’s intent to acquire advanced security analytics solutions that incorporate machine learning (ML) technology within the next 12 months. Such investments help to mitigate the risks of advanced cyberthreats missed by traditional security defenses, aiding enterprise cyberthreat hunting endeavors.

Edgeworx Solutions is proud to sponsor CyberEdge’s 2019 Cyberthreat Defense Report.

Now in its sixth year, this report provides a comprehensive review of the perceptions of 1,200 IT security professionals representing 17 countries and 19 industries. Key insights from this year’s report include:

78% of networks were breached last year56% of organizations were compromised by ransomware last year84% of IT security budgets are rising13% of a typical enterprise IT budget is spent on security81% agree that ML/AI technology helps defeat advanced threatsMalware, ransomware, and spear-phishing cause the most headachesNearly half of ransomware victims succumb to paying ransoms‘Application containers’ and ‘mobile devices’ are this year’s weakest links‘Too much data to analyze’ is the greatest inhibitor to IT security’s success‘Security analytics’ is the most-wanted security technology for 2019

The Cyberthreat Defense Report provides the most geographically comprehensive view of IT security perceptions in our industry. Download your complimentary copy now!

I’ve been catching up on the riveting television series drama The Americans, and there’s one character I can’t help but feel sorry for. Stan Beeman is a FBI counterintelligence agent that devotes his life to keeping the United States safe against the Soviets.

With a modus operandi of “trust no one,” he loses his wife and practically everything in his life. But his devotion to his country and his mission isn’t futile, because when it comes to espionage and treason, even the people on the inside could be double agents.

While we’re free from the Cold War era, we’ve entered the Cloud era, which has its own gripping tale. Traditional constructs of on-site employees and on-premises solutions are morphing into remote workers with cloud access. So now our security and protections must evolve by questioning the trust we’ve placed on credentials, IDs, and IP addresses to prove identity.

Are You Who You Say You Are?

Companies are too often lackadaisical with security by only employing a reactive approach of perimeter security. Next-generation firewalls and secure web gateways are there to capture the bad guys (or bots) and at the very least deter them from infiltrating organizations, data, and applications.

As we shift to the cloud, access and security can’t be habitual. We must begin to question the intent and identity even if an address originates from a “trusted” virtual private cloud or network segment. And, are the policies in place able to keep pace with dynamic, scalable, and distributed multi-cloud environments?

These queries land us on “Zero Trust,” a central topic at Black Hat USA 2018 conference, one of the largest cybersecurity events in the world. As a philosophy Stan Beeman practiced back in the 1980s, today, Zero Trust is working its way into an industry standard.

Get to Know Zero Trust

Where traditional security constructs relied on trusted IDs, and IP addresses, the Zero Trust model assumes that by default the network is a hostile place of not only external threats, but internal. Now, corporate networks can’t rely on using perimeter- and endpoint-based controls, approved IP addresses, ports, and protocols to validate applications, data, and end-users. By assuming that malicious intent can stem from an internal source, passing through a perimeter “security checkpoint” isn’t sufficient to identify a threat.

The emergence of this philosophy is well timed as ubiquitous use of the cloud, proliferation of software and applications, third-party system interconnectivity, and other factors change what it means to effectively secure the network. With flashy data breaches and regulations like GDPR placing pressure on today’s security teams, we have to find a way to move protection closer to workloads inside of the network.

Stopping Lateral Attacks

With a single successful phishing attack of an authorized insider, hackers can gain a foothold to move laterally within the network. From there, the malicious actor could move ‘east-west’ into internal system or ‘north bound’ into the cloud for unfettered access to business critical data and applications. Even if the internal networks were broken into “trust zones,” the perimeter constructs would be ineffective since attackers could gain enough information to piggyback on authorized network access policies, or operating as the compromised user with the keys to the kingdom.

Although Zero Trust isn’t a specific approach yet, it comes with a recommendation for all organizations to begin using multi-factor authentication (MFA) to harden administrative access. It works as a significant roadblock at various granular levels of the perimeter by using the principle of least privilege that decides trust based on variables of each request. Even if an attacker were able to get past the MFA, it would at the very least delay lateral movement and increase the likelihood of detection.

As cloud-fronts scale dynamically and the traditional perimeter evaporates, all organizations must work towards defense-in-depth that can stop compromise and attack progression of network-borne threats. Our consultants at Edgeworx use the latest security technologies to keep customer networks safe and free from both internal and external malicious attacks. To learn more, read our blog: Two-Factor Authentication: Proving Identity with Modern Security.

Hackers breached a Virginia banktwice in eight months. Total cost: $2.4M.

The heists invoke the idiom, fool me once, shame on you; fool me twice, shame on me.

In 2018, phishing went mainstream because companies didn’t widen defenses beyond perimeter controls that block and tackle -- even after an attack. Businesses of all sizes need to take heed that it’s never been easier for scam artist to launch convincing, targeted campaigns, automated on a global scale to exploit people’s social instincts.

Excuses, Excuses

When it comes to anything bad happening, there’s often a sense of “that will never happen to me”...until it does.

Phishing is ubiquitous, so there is no denying that it will happen to someone within your organization -- it’s not a matter of “if,” it’s a matter of “when.” Despite accepting this fate, there can still be pushback within organizations when it comes to phishing awareness and defense.

The problem is, to run a phishing campaign you have to impersonate malicious actors, which may leave employees feeling “tricked” by their own organization. This can lead to common excuses and pushback, including:

It doesn’t comply with HR policiesIt will impact productivity because employees will feel uncertain about emails and whether it’s part of the simulation/campaignThe simulation email looks too similar to an internal email already in use

4 Steps to Convert Non-Believers

Excuses are bumps in the road and shouldn’t derail you as security officer, CISO, or director or IT from achieving a wider security culture in your organization. Seek support from your senior management, share the use cases online and try using the following four steps to convert anti-phishing program non-believers:

Don’t Shy Away From Getting Approval

Seeking approval for anti-phishing programs can seem unnatural. After all, you didn’t need non-technical leadership to grant permission for your multi-factor authenticationor next-generation firewall other than as a budget item. But, this security method is in a league of its own since it reaches every part of the organization -- and actually bypasses some existing security prevention.

Depending on the culture of your company it may be an easy sell after a little legwork in explaining the importance of phishing protections. For everyone else, we recommend you are always prepared to answer questions around cost, value, risk, and implementation. If you don’t have the answers, Edgeworx can help. Our security team works to develop individualized strategies that educate and test end users through automated vulnerability simulations and company tailored phishing campaigns.

Contact us today at +1.647.793.4731 to discuss how we can help your employees protect themselves and deliver actionable reporting metrics to produce to company leadership.

Consider when you’re driving on a road that has both a minimum speed as well as a maximum limit -- no single, rigid speed limit ensures safety because of changing traffic volumes. Now think, if those roads had only a maximum speed posted, it could reduce accidents, but it would unequivocally impair efficiency of traffic flow.

This conundrum of risk can be directly applied to cloud computing -- either businesses take the calculated risk and improve the journey to an application or network service provider location or they may suffer from inefficient “transportation to the destination.”

Defining Cloud Risk

In a recent Gartner survey of senior executives about risk, audit, finance, and compliance, cloud computing was identified as the top concern. Afterall, moving to the cloud means ingrained business processes have to change, which introduces new risks and associated costs that weren’t present with on-prem.

But there can’t just be a sweeping notion that cloud computing is risky -- so stay away! Instead, executives clearly defined what makes them cloud-shy, including information security threats like social engineering and GDPR compliance breaches.

Cloud Security: The Enduring Barrier That Shouldn’t Be

Value of cloud computing almost always outweighs the risks. If you want better operational efficiency, the agility to respond to market changes, or lower operational costs -- you probably need cloud. Despite this knowledge, enterprises continue to feel wary of cloud architectures even though their on-premises solutions are accompanied by an exposure to risk and other vulnerabilities. And between us, in some cases far less secure than many cloud providers today.

Let’s review three areas of vulnerabilities:

Technical - Data leakage, DDoS, insider threats, etc.Policy and Organizational - Vendor lock-in, compliance, reputation, etc.Legal - Data protection risks, licensing risks, e-discovery, etc.

Now, are we talking about risks for cloud or on-prem? If you’re not sure, it’s probably because vulnerabilities aren’t always unique to one environment or another, rather, the need for process change and security planning.

Fear Default Configuration and Patch Management Issues Instead

It’s time to rethink the concept that cloud is riskier than on-prem and begin to embrace the defense in depth strategies that facilitate safe cloud usage and its business benefits. While high-profile attacks like Meltdown and Spectre may be gasoline to the fear fire, it’s more likely that default configurations or patch management issues will be the downfall of cloud security.

After you shift your mindset, continue on to:

At the end of the day, no one is going to say that cloud doesn’t have risks. What’s dangerous is ignoring it instead of acknowledging vulnerabilities and enforcing security.

Here at Edgeworx, we complete Cloud Risk Assessments and we always tell our customers “what we find ain’t always pretty.” And it’s true -- some cloud-connected customers have data leaks they never knew about, others have rogue endpoints that have never been accounted for and use insecure hosting services to save corporate data (without knowing). The good news at the end of the day is that with the right partner, the cloud and its risks are always manageable.

If your company is blinded by fear of cloud risks or you don’t have the internal resources to handle a shift to cloud, our team of professionals is here to help you rethink and achieve cloud success. Read more in our blog: 5 Steps to Cloud Confidence.

Markham, Ontario Canada -- February 15, 2019 - Edgeworx Solutions Inc., Canada’s leading solutions integrator, announced today that it is an Executive sponsor of the Bell National Leadership Conference 2019.

For the second year in a row, the company has been asked to the invitation only event, featuring Bell’s most influential vendor partners. Edgeworx will be represented in booth 20 by company founders -- John McKerracher, Wilfried van Haeren, and Colin Hales, as well as Peter Fortune and partner specialists from Kentik and Fortinet.

“We are pleased to again have the opportunity to meet other vendor partners working with Bell who may make more complex solutions available to our client base. Being that we are a smaller company, it is significant to be included to meet with Bell Canada executives and team members. While we regularly work with Bell, the conference creates a space where we can engage face-to-face on pivotal topics including network visibility and security,” said President of Edgeworx, John McKerracher.

About Bell Leadership Conference

The Bell Network Leadership Conference brings together over 500 Network team members from across Canada, key players from other Bell business units, and vendor partners to share experiences & best practices. During the event, the brightest networking minds prepare together for the future transformation of Canadian and global communications. The event will be hosted by Bell’s Executive Vice President and Chief Technology Officer, Stephen Howe, who will be joined by his entire team of Network Vice Presidents.

When: February 19-21, 2019

Where: The Westin Harbour Castle, 1 Harbour Square, Toronto, ON M5J 1A6

About Edgeworx Solutions Inc.

Edgeworx Solutions Inc. is a leading solutions integrator, focused on network and

application performance based in Markham, Ontario Canada. With 20+ years of experience in the IT industry, Edgeworx assists customers in maximizing return on network infrastructure investments, identifying and eliminating potential IT security risks, avoiding the need for costly bandwidth upgrades, optimizing end-user performance, and improving the access and response time of enterprise and cloud-based business applications.

To learn more about how Edgeworx works to improve network management and the end-user experience, please visit edge-worx.com or edge-worx.com/blog, and follow @Edge_worx on Twitter.

Media Contact

Lea Rabinowitz

lea@edge-worx.com

The other day, I came across the perfect visual representation of the ubiquity of cloud computing in today’s businesses.

The caption reads: My report comes to the conclusion that cloud technology is no use to this company. I’ll upload it to Dropbox so you can take a look at it

Regardless of an organization’s ability to grasp the benefits of cloud computing, it is omnipresent and unavoidable. So if companies want their employees to be productive through collaboration applications ranging from CRM, marketing, Unified Communications, anything-as-a-Service and beyond, it will involve network improvements.

Cloud Service Provider Networks vs. The Office Network

If you have ever moved old furniture into a new home, you may have noticed that it looks much shabbier than it did before. In offices across the world, a technological equivalent is occurring when introducing cloud computing. There’s nothing like an upgrade to make you question everything else that compliments it.

Big cloud providers like Microsoft Azure and Amazon Web Services operate on state-of-the-art infrastructures, but on the other end of the cloud there’s a much different reality. Peel back the curtain of company data centers and you’ll see overextended IT teams struggling to keep up-to-date with OS releases, security updates, and scaling server and network needs. Caught between over-provisioning technology or buy-as-you-go to facilitate growth, the archaic methods keep the embedded cloud benefits (everything-as-a-Service to speed change, easy east-west scaling, etc.) out of reach.

Making Networks a Strategic Asset that Emulates Cloud

Agile, dynamic, speed/time to scale, programmable -- these are the virtues that traditional WANs lack. Instead, network designs often include multiple means of connectivity with disjointed technologies, and hardware from a variety of vendors.

Network complexity has been expanding even before the widespread reliance on cloud applications. But now when organizations need their network to be a strategic asset that supports the business and morphs to cloud-ready, they are instead dealing with:

Connecting branch locations securely to public internet servicesAligning deployment and management of cloud-connected networks with traditional methods that are unproductive, slow, and error-proneBalancing performance and securityEnd-user experience and application degradation from unpredictable connectionsLack of visibility into performance issues, which also hampers troubleshooting

3 Ways SD-WAN Improves Cloud Application Performance

To evolve networks, organizations are turning to software-defined wide area networking (SD-WAN). Where traditional WAN wasn’t architected for cloud, SD-WAN has simplified cloud migration, configuration and connectivity. SD-WAN allows IT organizations to manage business policies reflected by configuration rules, instead of per-device-management with all the risks of fat fingering, losing features, gaps in security and degrading throughput. To be exact, SD-WAN improves cloud network and application performance through the following:

1. Identifying and Prioritizing Traffic by Application, Time of Day, and Business User

Some applications need high-throughput while others depend on low-latency. SD-WAN’s policy engine can manage the needs of each application no matter the requirements. By creating a set of rules, SD-WAN devices will choose the appropriate network path for each application. This can also provide cost savings by sending lower priority traffic, or traffic less dependant on latency or speed across more cost-efficient connections that tend to have less reliable connections.

2. Steering Traffic Around Last-Mile Congestion

Since SD-WAN monitors the health (i.e., latency, packet jitter, and dropped packets) of each network link, it has enough intelligence paired with a policy engine to recognize issues and steer traffic around a congested link to a healthier connection to the cloud. For the end-user experience, this means that no matter the cloud application that they are working in, they can count on reliable performance.

3. Pairing WAN Optimization and SD-WAN

Although traffic steering can make an observable difference in the end-user experience, if all available paths are bad, that won’t be enough to save performance. By layering in WAN optimization, it can improve performance across congested links and high-latency connections. This can be particularly effective for applications that move large volumes of files across the network, like email, collaboration software, and cloud storage. WAN optimization can reduce the number of packets sent by these applications, which in turn decreases bandwidth requirements.

Say Goodbye to Wasted Bandwidth, Additional Costs, and Poor Performance

With the new consumption model of applications, it’s time to take a more efficient approach to networking. At Edgeworx Solutions, we work with leading SD-WAN vendors to deliver the most compelling advantages for organizations, including software defined networking, bandwidth optimization, reduced operational costs, and improved end-to-end performance. Ready to explore if SD-WAN is a right fit for your business and cloud environment? Read our blog: Is Your Infrastructure Ready for SD-WAN.

Mean Time To Repair (MTTR) is one of those acronyms used in excess, but what about MTTI ( Mean Time to Innocence)?

Sounds like a joke, but there’s truth in this fairly unknown acronym. It’s equally important as we move applications to the cloud, but often gets a bad reputation as a cover your “you know what” exercise when something goes awry. So what is it exactly?

The main purpose of MTTI for most organizations is to prove that either the application team or network team isn’t to blame. Or internal versus external service provider for that matter. By using the right method of assessing, the pinpointing of the issue can be on a provider such as your WAN telco, internet carrier, or cloud/hosting provider.

While IT departments are spending an excessive amount of time locked in war rooms pointing fingers, we’re all losing sight of the common goal of providing a high-quality end-user experience and reducing the cost of having teams “pointing fingers.” At the end of the day, no matter who is to blame for the slowdown, failure, or user complaint, it benefits everyone to have the tools to create context and dependencies through the IT infrastructure for easier root cause isolation.

3 Common Network Problems Damaging the Cloud App End-User Experience

Behind the doors of the war room, IT is ticking through the usual suspects behind performance issues. Is it network packet loss, a firmware upgrade, an application error, or maybe a resource consumption issue? When you’re using the cloud, you count on the provider to ensure adequate resources for performance, but the rest of the application delivery path and any poor network performance remains your responsibility.

One way to keep everyone honest and focused is to track the following three network problems:

1. High Network Latency

As cloud applications proliferate, IT may begin building an overlay network, relaying a blend of application services across the plain old data network and continue to rely on backhauling. The result -- application data packets traveling unnecessary distances that cause latency.

It’s not just distance that causes the common problem, there’s also busy networks with applications competing for resources. For example, if employees are watching videos on Facebook and there is only a firewall regulating traffic instead of other prioritization business services through software-defined wide area networking (SD-WAN), the non-work-related sites become devastating to performance.

Last but not least, consider bandwidth. Organizations typically over-provision bandwidth with little insight into actual usage requirements, including bursts. This is unnecessary, and a hidden cost in most IT budgets. WAN providers rarely give you money back or capacity you didn’t use last month, Insight into usage, bandwidth, business vs. recreational becomes all part of how to handle the requirements of today’s cloud applications.

2. Network Misconfigurations

If you’ve ever fat-fingered commands in a CLI, you know where we’re headed. Behavior of applications and the network depend on error-free configurations. Even the tiniest mistake in setting network configurations can lead to noticeable performance degradation of business-critical applications for end-users. Pre- and post-configuration change management is an essential part of Change Management. Utilizing synthetic transaction testing, an active network monitoring capability allows you to detect the results of change immediately.

3. Network Device Dependency

Routers, switches, wireless access points, firewalls -- intermediary devices come in different forms to interconnect end devices and ensure that data flows across the network. And more importantly, are typically racked or stacked on top of each other. Each play a vital function in regulating network traffic. Any misconfigurations can lead to delays, outages, and perceived application performance issues.

Reduce MTTI Drills, Increase End-User Experience

Instead of spending hours locked in a room isolating or resolving issues, or wasting hours on the phone with vendors to diagnose a problem, consider using visibility tools that deliver active monitoring using performance analytics end-to-end.

Before choosing your visibility approach, be sure that it provides an end-to-end view designed for the cloud -- because if your applications aren’t there yet, they will be soon.

End-to-end monitoring should include:

Visibility into traffic on the public internet and when it reaches the cloud providerRound-trip analytics on application behavior from the device level, to the cloud application, and backSynthetic transaction monitoring to simulate exact application (VoIP, UC) and user behavior (web-based app access) and depict how the overall application is performing

As traffic moves beyond the firewall and into the cloud, IT will need the right modern network monitoring software and tools to end the useless finger pointing and deliver on technology that actually works for the end-user. After all, they don’t care who is at fault, they just need to remain productive (and leadership wants that too).

At Edgeworx we help customers ready their networks for the changes that cloud applications bring with network performance assessments that offer baselining, capacity planning, and network simulation modelling. With our independent, objective analysis we make recommendations on improvements and monitoring tools for end-to-end visibility of the entire IT infrastructure. If you’re ready to reduce MTTI and MTTR while improving the end-user experience, contact us today at +1.647.793.4731.

Users want cloud applications and they will do anything to achieve the agility and productivity benefits that they aren’t gaining from their current (corporate) offering. What most users (and IT teams for that matter) do not realize is that many cloud services are insecure and can leave corporations vulnerable to major data exposure and risk. This phenomenon of “Shadow IT,” or the use of information technology systems and services that haven’t received explicit approval happens when IT can’t get “it” done in time. And these days, you’d be hard-pressed to find an organization that is unaffected by shadow IT.

The level of pervasive shadow IT creates new security threats and considerable waste into the enterprise with duplication of common cloud applications for storage and collaboration. CIOs don’t even have a real hold on what this means. In 2018, a typical firm had 15 to 22 times more cloud applicationsrunning in the workplace than were authorized by the IT department. In absolute numbers: on average more than 700 application in a typical enterprise.

How Mature Are Your Cloud Application Security Strategies?

As IT feels their grip slipping on security, they take their stance on the cloud maturity scale by either adopting a draconian or pragmatic security approach.

A recent research conducted by Netskopeoutlined three stages of maturity:

Stage 1 Organizations - The Discoverers

Organizations that fall within this stage of security are most concerned with discovering the shadow IT in their ecosystem. With that knowledge, they also want to assess associated risk with the applications to eventually block and redirect end-users’ engagement with non-sanctioned cloud applications to corporate (and authorized) services.

Stage 2 Organizations - The Controllers

Organizations in the second stage, like their name, are focused on control. While they are more cloud-forward than Stage 1, efforts are placed on securing rollouts of IT-driven (and authorized) cloud applications. They do this by applying cybersecurity policies, processing, and Cloud Access Security Broker (CASB) technology to prevent data loss and mitigate threats.

Stage 3 Organizations - The Enablers

In the most mature stage, organizations are aware of user-led applications. But instead of outlawing it, they embrace the apps by securely enabling the business value it delivers.

The research accounted that almost half of respondents were in the Stage 1 - Discoverers category and only 21 percent identified in the Enablers stage. This identification isn’t just about preferences, it directly correlates with positive business outcomes.

Cloud Applications + Mature Security Strategies = Positive Business Outcomes

It may seem obvious, but results show that it’s better to know thy enemy and embrace it, rather than fighting shadow IT and having end-users continue to use cloud apps tothe detriment of the business.

To have enact more mature security strategies, organizations should:

Allow user-led cloud apps, while applying controls and policies that don’t inhibit productivity and agilityEngage with the end-user community to foster awareness and openness about apps instead of secretive use that could lead to security gapsConvert user-led cloud usage into IT-sanctioned software-as-a-service (SaaS) apps to extend the benefits to a broader set of the companyEmploy cloud security experts that can help navigate and employ the full range of CASB use cases

Doing so is proven to provide the following positive business outcomes:

Embrace User-Led Cloud Apps and the Increased Attack Surface

Shadow IT exists because IT doesn’t always have the capacity to serve every need of the business. But, instead of just listening to the advice of eliminating it all together, embrace user-led cloud apps and the accompanying increased attack surface. With discernible differences in business outcomes, it is worthwhile to mitigate cybersecurity threats, rather than shackle end-users’ productivity and agility.

Edgeworx works with customers to enable them to be mature, cloud-forward organizations by implementing security and visibility tools that not only uncover shadow IT, but develop a plan on how to secure the network and gain control over attacks.

Not sure where your business falls on the cloud security maturity scale? Let us assist you in a self-assessment and give us a call at +1.647.793.4731 to discuss how we can help you achieve “Enabler” status.

Safety is the ultimate responsibility of railways, and often the biggest commitment to the general public and rail workers. Even with routine test simulations and preparedness measures, a steady increase in rail traffic has lead to a growing amount of accidents.

Whether carrying hazardous materials or passengers, in today’s digital environment, railway companies are expanding their efforts in safety intelligence by reviewing the possibilities of the Internet of Things (IoT).

Here are 5 ways, IoT can make rail transportation safer:

1. Video Surveillance of Trains, Platforms, and Stations

Although video surveillance isn’t a groundbreaking form of security, when tied into an IoT-enabled infrastructure, the intelligence becomes actionable. Using WiFi-enabled cameras connected to a network video recorder, data center or cloud, recorded streams can integrate with other sensors to paint a complete picture of people and events.

Using IoT-enabled video increases safety by overseeing workers, trespassers, passengers in trains and in stations, preventing vandalism, monitoring individual cars, and tracking conditions and component wear. Cameras can even measure real-time driver performance by recording the train’s gear, speed threshold compliance, or if the train is idling too long.

2. Sensors to Monitor Wear and Failures

Maintenance is generally approached in two ways -- as scheduled maintenance, which can mean replacing parts like brakes when they still have a lot of life left, or completing maintenance when a failure occurs. IoT adds in a third option by monitoring a fleet in real-time so that maintenance is always predictive.

Instead of being reactive, proactive monitoring could improve safety by sending an alert that the battery backup systems on monitoring systems or road crossing signalling systems have dropped to a low threshold and need to be replaced. This proactive data optimizes the overall safety efforts of a railway, keeps trains on the rails longer, reduces cost by avoiding unnecessary truck rolls, and can reduce the amount of maintenance work and stock levels of spare parts and materials.

3. Historical Data and Measuring for Inconsistencies

If a wheel’s brakes fails to release as the train starts to move, there is an excess of friction that occurs, which will begin melting the wheel. Using historical data and real-time monitoring of force detectors and thermal detectors, the anomaly wouldn’t get lost. Instead, using IoT, a sensor could send an alert to the central office to have the train removed and repaired before it could lead to a possible derailment or other hazardous situations. And moreover, collecting these data types cheaper, faster and more reliably from many data points at the same time enables cross-reference and correlation. Identifying anomalies, structural quality issues, and environmental influences will further improve safety and reduces operational cost.

4. Machine Data Everywhere Humans Can’t Be

Many of the IoT benefits stem from providing visibility into places where humans are not. Take for example, a power outage at a railroad crossing. When this happens, the area goes into “safety mode,” causing the barriers to close and engaging the battery backup systems.

With network connected IoT applications and sensors, if the power were to go out, it would trigger an outage alert that would kick off a series of events to ensure the safety of drivers, operators, and railway passengers.

5. Remote Adjustment Based on System Awareness

Networked IoT applications and solutions enable trains and railway operators to have awareness of factors including:

Positions of other trains to reduce the risk of collisions while allowing trains to operate safely in close proximity to one anotherMonitoring and reporting of speed and velocity so that trains can be remotely slowed or even stopped based on track conditions, presence of other trains, or other factors.

Instead of relying on one data stream, IoT systems can combine multiple streams to provide actionable intelligence, allow for correlation across geographies, vendor equipment, personnel shifts, and environmental influences (weather) to counteract the shortfalls of human error.

Sensors Don’t Mean Safety

Don’t let sensors fool you -- alone, they don’t equal safety. Today’s locomotives are far from low tech and often already have hundreds or even thousands of sensors built in. Without a way for sensors to exchange data between one another and with central management portals, the data points aren’t actionable to improve operations, prevent derailments, track fires, crossing fatalities, or any other safety hazard.

Linking sensors using an IoT-enabled network that relays the right data at the right moment of time provides insight into the system’s overall operations and health.

Additionally, there must be planning devoted to deploying technology designed to withstand the toughest environmental conditions, connecting all sensors through a varied network ecosystem, and embedding control, enterprise-grade security, and easy manageability.

While most rail companies are comfortable with placing sensors, completing the level of effort to remove computing silos and enable data-sharing that IoT requires is not a trivial task.

IoT devices “live” at the edge of most data networks today. The choice of which data to send and which data to store locally is a serious point of contention inside many organizations. Is the underlying network capable of sending KBs, MBs of data? Can the data be prioritized? Can we mine the data at rest at the IoT site rather than uploading it into a corporate data lake? All are relevant points to take into consideration when deploying IoT at scale, but can be challenging to tackle alone.

That’s why Edgeworx works with rail and transportation related companies to help unleash the power of data and ensure safer rail or transit operations for all.

Wilfried van Haeren (the man behind the Edgeworx blog) isn’t just a stupendous CTO with rich technical prowess -- he’s someone you can’t help but be fond of. The beekeeping outdoorsman seems to have boundless energy for everything he does. In fact, I remember talking to him about battling jet lag after he attended Mobile World Congress in Barcelona and he jovially replied that he goes on a long walk right away to combat the sleepiness.

In our discussions about wrapping up our 2018 content, his spirit prevailed by standing firm that we look forward to the rich possibilities that lay ahead in 2019. This “take the bull by the horn” mentality shouldn’t have surprised me.

What gave me pause was that this past year wasn’t a blip on the radar. We witnessed strong vendor commitment to software-defined wide area networking (SD-WAN), Internet of Things (IoT) and 5G garnering attention, and artificial intelligence (AI) finding its place in the advancements. Maybe it was that he’s been in the IT sector since 1982, so what I perceived as big change didn’t phase him? Not the case. When we finally conducted this interview, Wilfried mentioned that this year his job became so much more fun!

After hearing the excitement in his voice, I knew his insights wouldn’t just fuel this interview, but it could supercharge our readers’ technology choices for the year ahead…

Question #1: Before we dive into 2019 -- what surprised you in 2018? What do you think will fundamentally impact the trajectory of 2019?

Answer: In 2017, we saw vendors catching on to SD-WAN, but it was surprising how much the technology along with network functions virtualization (NFV) took off in 2018. In all the years that I have been in the IT infrastructure solution space, vendors have been narrowly focused and protective of customers from competitors. This year has been different by force. The once leading incumbents have become masters of multiple spaces or have risked new generation vendors disrupting their business, which is why we have seen so many acquisitions.

What will change the trajectory of 2019 is that customers aren’t feeding into the fear, uncertainty, and doubt that vendors are seeding. By turning to consultants to sit on the same side of the table with them and weed through the noise, they can deploy solutions that support their business goals.

Question #2: If you had to make predictions on what will make or break enterprise technology in 2019, what would they be?

Answer: There has been a lot of buzz around AI -- probably too much from everybody. I’ve seen it all over the place from conferences and congresses to publications. It’s true that the awesomeness of IBM’s Watson has come much closer and is now obtainable for the masses. But while AI is valuable in delivering solutions, we must level-set that it isn’t a solution in itself.

2019 will be about how we utilize AI technology. I’d predict what will “make” enterprise technology is a stronger embedding of AI in data management platforms and monitoring solutions. This will allow us to do things with data that as a human alone, wouldn’t be possible. A few years ago, one of the biggest challenges customers faced was having smart data analysis. We’ve had all of this big data, but Tier 1 and 2 support desk analysts haven’t been able to use it to correlate alerts, identify root causes, and improve the user experience. With better utilization of AI technology, we can change data steering and at a minimum dumb down the data so that it is actionable for analysts. Even better, AI could make decisions and recommendations based on historical data.

What will break enterprise IT? If companies don’t begin to virtualize with cloud or hybrid cloud investments and would continue to build more data centers. A CIO at a global operating company said to me earlier: “Every dollar you invest in a data center today is not invested in the future.” I agree, that money can only be spent once, so it better be for the right technology.

And while we’re on the topic of data centers, companies have very limited views of their DC virtual workloads at the moment. Virtualization has made life easier to spin-up and tear-down, but leads to virtual chaos when not done properly. Companies are struggling with disentangling workloads on virtual machines in fear that it will “break the chain.” They need to find a way to create a “Google Maps” of their workloads to visualize all connections so that they can spend their money wisely.

Question #3: We’ve heard a lot about the digital transformation this year. What do you think companies need to do in 2019 to be successful in their transformation efforts?

Answer: If you want to be successful in the digital transformation, commit to two things: know your data and where it is, and put security first. Executives can’t operate in a “business first” mentality anymore. It has to be security first, with an underpinning that the same security can’t impact performance and usability. With all of the technology advancements and the General Data Protection Regulation (GDPR), it’s imperative to take measures like UeBA, identity management, and multi-factor authentication to validate user identification.

Question #4: For IT leaders looking to change how they budget in the year ahead -- where do you think they should put their money?

Answer: When budgeting, IT leaders need to look before they leap. That means taking the time to know what you didn’t know in 2018. Start by baselining and completing assessments that uncover data leaks, improper use of bandwidth, and other hidden costs.

Question #5: What do you think is next for GDPR enforcement and how should that dictate the way we secure and manage data?

Answer: Content security is going to be very important in 2019. Given the amount of data that is available, we need to look at smart ways to secure without compromising performance.

We’re seeing a rise in mobile applications built with DevOps, but are they well written? Can applications be measured and tested under specific conditions and from specific scenarios to ensure not only performance for the user but also security of the data? Companies need to admit that they are completing these initiatives without understanding the implications of unstructured data, privacy exposure, user experience, the new security vectors through mobile computing, and the security that is required to comply with GDPR.

The new regulation is going to force businesses to admit they don’t know what they don’t know -- and do something about it. They will have to classify data, know what’s important to analyze, and distinguish the differences between data in rest and in flight.

Thanks to our readers!

2018 was a monumental year, and here at Edgeworx we couldn’t be more excited to continue the fun in 2019. Be sure to subscribe to the blog and follow us on our social channels as we check back on Wilfried’s predictions and continue to bring you our best, unbiased views of today’s technology.

From all of us here at Edgeworx Solutions, we wish you a healthy, happy, and prosperous new year!

2018 was hailed as the year of software-defined wide area networking (SD-WAN). Blogs were abuzz proclaiming the life-changing benefits of the networking technology, stating that no one solution had made such an impact in years.

Sniff, sniff -- do you smell that? It’s the fertilizer for the roses.

Just to be clear -- we believe SD-WAN is great, too. But, much of the information being fed to businesses is laced with marketing hyperbole and promises that may be challenging depending on the individual environment. It takes reading serious, unbiased and vendor-agnostic material to be able to navigate the saturated market of SD-WAN.

To help you get started, we’ve compiled a list of 2018’s (often brutally honest) blogs:

1. Best blog if you’re frustrated with your current WAN provider: Why SD-WAN Won’t Kill MPLS

Industry expert, Mike Fratto, delivers an unabashed blog that calls out vendors for preying on the frustrations of enterprise dissatisfaction with MPLS. Fratto lists out four reasons why switching out current services for SD-WAN to solve connectivity problems is a misguided message.

2. Best blog if you’re interested in the SD-WAN journey: Industry Voices—Raynovich: How SD-WAN could reconfigure enterprise services

Curious about how we arrived at SD-WAN and what the current market looks like? The FierceTelecom blog delivers an easily digestible recap and brings the reader to present day to detail what the major players in the market are excelling at.

3. Best blog for delivering the truth about SD-WAN security: The 5 Biggest Mistakes in SD-WAN Security

“SD-WAN security is essential; there's no denying that fact. The problem is that many organizations, through ignorance, carelessness, or misguided advice, are leaving their SD-WANs vulnerable to misuse and attacks.” Technology journalist, John Edwards, doesn’t bury the main message with this compelling opening on SD-WAN security.

4. Best blog about balancing SD-WAN adoption and complete context: SD-WAN Monitoring: The Context Conundrum

Considering moving to a software-defined network? That comes with its own set of benefits and challenges. The blog from DZone packs a punch by justifying SD-WAN’s strength and follows up with a quick list of SD-WAN technology challenges that readers need to stay aware of.

5. Best blog if you want to know how Quality of Service (QoS) of MPLS and SD-WAN differ: SD-WAN vs. MPLS: The quality-of-service comparison

QoS is often top of mind for IT leaders when debating SD-WAN vs. MPLS -- especially when it comes to using internet links for SD-WAN connectivity. The blog from TechTarget reviews the differences and ends on a note that suggest it might be best to use a hybrid WAN afterall.

6. Best blog to warn you about the mistakes made by early adopters: It’s time for SD-WAN to grow up

While the promises of SD-WAN are undoubtedly appealing to most enterprises, it’s not all bells and whistles. In this blog, Network World contributor Jason Viera uncovers the often-missed considerations drawn from hard lessons learned by SD-WAN early adopters.

Here at Edgeworx, it’s not about selling you just an SD-WAN box -- it’s our goal to build a network that supports your business initiatives. In the end, infrastructure isn’t the technology you use, it’s the way you exact the obstacles in your path. To learn more about how our consultants can help, call +1.647.793.4731.

And For All of Us at Edgeworx, Wishing You

Happy Holidays and a Healthy and Prosperous 2019 !

When the end-user experience (EUX) is muddied and sluggish, what is your IT department’s reaction? First, there may be some finger pointing. The network team blames the application team, and vice-versa. Following that unproductive exercise, we’re seeing companies making patterns of costly mistakes over, and over, and you might be guilty of it too.

The root cause of network and application issues can be mysterious, and if you’re trying to revive performance, sometimes you’re willing to take drastic measures like upgrading your core switching backbone, adding more bandwidth, or upgrading servers and storage. While it’s not inherently bad to modernize any component of an infrastructure, if you lack the budget, and the issues of end-user response time aren’t because of infrastructure, the changes are futile.

Taking Steps Towards Analytics-Based Decision Making and Spending

When you think you “need” to invest in infrastructure, but don’t have the proof to back it up, it’s time for a wake-up call that you have a problem. But don’t worry, we’re here to help you structure a new approach to obtaining insights before making decision. It’s always best to look before you leap!

Let’s take it one step at a time:

Empowering Network and Application Performance Management and Improvement with Visibility-as-a-Service

Most IT operations teams monitor their infrastructure independently, in organizational silos without end-to-end visibility. When issues arise, and they will, chaos ensues from chasing suspected problems in every direction. It’s time the make a change and empower network improvement decisions and management with Visibility-as-a-Service (VaaS).

Instead of just guessing at problems and throwing away money, IT can use the intelligence provided by VaaS to know if replacing Core switches or adding more bandwidth to improve the EUX is even necessary and if so, justify the spend to senior management.

VaaS is also instrumental in root cause analysis to suggest necessary improvements that will save CapEx and OpEx, reduce tedious network configurations, and man hours. And, you can actually look forward to reducing the time that teams spend in war rooms fighting fires.

To achieve these conclusions, VaaS provides IT with information regarding WAN performance, QoS, traces pack loss, reports on real user application client-server sessions, and more. Since every infrastructure ecosystem is different, there are endless use cases for VaaS. The most appreciated benefit of VaaS is the “as-a-Service” part. In general you can expect:

A right-sizing of the visibility toolsetNo CapEx investment -- you’ll only pay for the services consumedRapid deployment of visibility infrastructure with minimum complexity or riskSingle view of performance to break down silosIncreased speed to act and troubleshoot so you can focus on more important initiativesMetrics reports for senior management and IT collaboration effortsScalability of visibility services to ensure agility required by business demands

Edgeworx provides VaaS and network assessments to ensure that customers are making changes to their networks that actually instills improvements, rather than creating a ripple of misconfiguration problems through applications, cloud, and end-user devices, and causing unnecessary investments.

If you’re about to make a costly network investment that you’re unsure about -- stop -- and give our team of experts a call at +1.647.793.4731. We’re ready to help you reduce costs, avoid unnecessary expenditures, increase ROI and performance with instant deployment of VaaS and our one-of-a-kind network assessments.

Take banking as an example — IT must design an architecture that can support the varying needs of thousands of branch locations and multiple divisions. IT may start to build an overlay network, relaying a blend of application services across the plain old data network and continuing to rely on backhauling. In these situations, when a customer wants to complete a large money transfer or open an account, the data packets of this application may cross an entire continent before going back to a cloud provisioning center that is next-door. Unnecessary travel isn’t just inefficient in cost, bandwidth, and response time — it’s where chaos is born, and impacts application performance and end-user response time through increased latency during transfer.

Start with The One Thing Destroying Office 365 Deployments - and How to Fix It - Part 1

Taming Office 365 Pandemonium with SD-WAN

Returning to the banking example, if the trading division wanted to use OneDrive for collaboration in a chaotic environment, it could travel over a separate connection at a snail’s pace as to not interfere with other traffic — rendering it frustrating and useless to employees. Without the ability to prioritize or flawlessly integrate applications into the infrastructure, it guarantees to handicap performance of any collaboration.

For competitive businesses, that solution isn’t good enough — instead, they may choose to modernize with SD-WAN and its autonomous properties.

Instead of relying on the dynamic nature of the internet, SD-WAN uses underlying intelligence to seek out the most suitable circuit to relay application data, or it determines the closest possible cloud service instance. By maximizing the knowledge of end-to-end quality of service (QoS) using virtualized network functions (VNFs), the SD-WAN (edge) gateway establishes a suitable connection with minimal latency and maximum performance so that entire organizations can make the most of the Office 365 application suite.

SD-WAN also manages chaos by:

Dynamically adjusting the provisioning of services.Offering Dynamic Multipath Optimization for automatic link monitoring, routing and QoS settings, and auto configuration to ensure fast access to the nearest cloud services provider.Reducing the Mean Time to Remediation (MTTR) by providing visibility across the infrastructure so that businesses never overprovision bandwidth to fix a slowdown that could be related to layer 3 problems.Providing Mean Time to Innocence (MTTI) insights that can determine if issues are inside the data infrastructure or a deviation on a baseline at the ISP, MSP, or cloud provider.Regulating the network to improve the end-user experience and productivity by using intelligence that supersedes current categorization of existing firewalls.Speeding the change management process from weeks or months to on-the-fly by communicating the impending change, providing system attributes, and automatically readying/releasing resources.Choosing the most appropriate connection based on application prioritization to lower overall connection costs and provide higher availability.

No matter if businesses are deploying Office 365 or another cloud-based SaaS application, to achieve success, there must be a fundamental change in infrastructure design thinking. Rather than the network dictating the rules, the network now must accommodate business rules and policies.

IT organizations that follow this “outside-of-the-box” thinking led by virtualization will be on the path to taming chaos. And now, with SD-WAN enabled technology, it’s never been easier to map business policies using VNF as the cornerstone for design — so what are you waiting for?

[previously posted on APM Digest]

Market exuberance for Office 365 has inspired business mandates to adopt the cloud-hosted collaboration and productivity suite without regards to the underlying chaos. While multi-location organizations are virtualizing, operating models haven’t necessarily changed. This partial transformation that excludes automation and simplification of the network puts Office 365 deployments (and other software-as-a-service offerings) in danger of failing.

Take banking as an example — IT must design an architecture that can support the varying needs of thousands of branch locations and multiple divisions. Where the consumers at the branches might require online banking and informational video streaming, the trading division (a much smaller subset of the organization that typically makes the bulk of the revenue) will need their applications prioritized.

To achieve this, IT may start to build an overlay network, relaying this blend of application services across the plain old data network and continuing to rely on backhauling. In these situations, when a customer wants to complete a large money transfer or open an account, the data packets of this application may cross an entire continent before going back to a cloud provisioning center that is next-door. Unnecessary travel isn’t just inefficient in cost, bandwidth, and response time — it’s where chaos is born, and impacts application performance and end-user response time through increased latency during transfer.

Chaos Takes Many Forms, But Always Creates the Same Challenges

Chaos isn’t limited to backhauling or using generic devices to route traffic. Instead, it can include:

Stacking physical hardware appliances with different network functions in an attempt to enforce business policies at the branch edge of the networkRunning a separate infrastructure for important business functionsUsing connectivity that was chosen based on price, rather than performance and agilityA network platform lacking orchestration or automation capabilities

Regardless of the exact network configuration, chaos consistently creates the following challenges when attempting to deploy Office 365:

[previously posted on APM Digest, https://bit.ly/2QqZ5Yf]

Email snoozing, nudging, and confidential mode, along with a substantial visual redesign have enhanced the world’s most popular email service, Gmail, in a massive overhaul. What’s behind the changes? An effort to make working with email safer and more productive -- both top priorities for businesses encountering phishing schemes.

With cyber criminals constantly on the prowl to gather as much damaging information as possible, it’s encouraging that Google has completed a security redesign that narrows in on today’s threat landscape. Improvements aside, while it seems like the tech giant runs our world, Google hasn’t monopolized the corporate email market yet. Even if they had, we still wouldn’t be safe from nefarious actors.

Our greatest weakness is that we are all human and make mistakes. And when we’re referring to email, the conversation always revolves around phishing exploiting employees’ willingness to click on tainted links. A recent publication on the US utility network being controlled by Russian hackers, mentions “and some companies may not even know they've been compromised as the attacks relied on the credentials of actual employees, making intrusions harder to identify.” Phishing may have been the way in.

Google understands the “humanness” flaw and has chosen to pad our shortcomings with machine-learning algorithms that run safety checks on every new message received. Now, instead of basic banners, users will see huge color-coded alerts if Gmail detects potentially malicious or fraudulent messages.

Machine Learning Isn’t Going to Save You from Smishing

When you read about security vulnerabilities, it’s practically never good news, and this blog is no exception. While enterprises are struggling to manage phishing schemes, it’s not the only way into the corporate network. Bad actors are adding in a layer of deception by targeting short message service (SMS, better known as text messaging) to gain access to passwords and credentials. Dubbed as “SMiShing” short for SMS phishing, the emerging threat of smishing has risen 85 percent year-over-year since 2011, putting mobile workforces in the line of fire.

What Makes Smishing So Dangerous?

Firewalls and endpoint security solutions are among the layers of defense offered to thwart traditional email-based phishing attacks. For mobile attacks, where devices are connected outside of the security perimeter, those cybersecurity measures aren’t available to strengthen an organization’s security posture.

Not only are there less protections, but users are also more vulnerable because:

Exchanges of shortened URLs are more common, making it difficult to detect a phony urlThey are often distracted as they are working on the goOn a mobile device they cannot hover over a URL to verify the destination before clickingThere are many modes of entry, including, malicious URLs in a browser window, applications connected to malicious ad networks, and dangerous links within SMS messages.

Two-Factor [In]Authentication

Following our humanness, credentials are typically the next weakest link and contribute to the dangers of phishing. To protect, two-factor authentication (2FA) is often employed to verify a user’s identity before allowing access. In fact most enterprises, including Google and Apple, already use 2FA. But when using SMS as an authentication step, it can become yet another vulnerability and should involve other forms multi-factor authentication (MFA) to ensure that only the real user has access. Cyber criminals that can gain either physical or virtual access have the ability to forward on a SMS security code to masquerade as the employee.

Real-world scenarios of smishing can come in all forms. One popular tactic begins with a nefarious actor sending messages to a mobile device designed to look like real SMS’s from the email provider. Within one of the messages the so called “email provider” would say they need to verify the account and include a link to a page where the user is prompted to enter their username and password. From there, the credentials pass on to the real login page and an SMS is sent with a verification code. Since the hacker already has access, the process repeats with the fake login page to capture the code, and then onto the legitimate site.

source: Wandera

Don’t Let Your Workforce’s Digital Identities Be Compromised

It’s likely that SMS 2FA will start fizzling out over the next couple of years given its inability to verify identity, but that won’t slow down attacks. Cyber criminals are continually advancing their tactics to sustain phishing and smishing as perilous threats to the enterprise network and its sensitive data.

For now apply the following basic rules

Do not submit any personal details when requested to do so via text messageDelete any suspicious messages without opening linksDo not give out any personal information to anyone claiming to be texting or calling from an unknown number.Contact your IT department if you think you may have received a smishing message - share the attack to raise awareness

To prepare for the fight, organizations cannot focus on just the humanness factor or weak credentials that ease entry for the perpetrators of phishing schemes -- there must be a more comprehensive approach.

At Edgeworx, we work with our customers to safeguard their businesses for the onslaught of fraudulent messages. Our defense-in-depth strategy educates, tests end users through automated attack simulations and company tailored phishing campaigns, offers additional security awareness training where needed, and delivers actionable reporting metrics. If you are ready to foster a culture of positive security awareness and protect your sensitive data, contact an Edgeworx security specialist today at +1.647.793.4731.

From being unapologetically polite, to maple syrup, hockey, and Tim Horton’s, there’s no denying that Canada does some things better than the rest of North America. But, there is one major

flaw putting a damper on the Canadian experience. That is -- if you’re flying through Toronto Pearson International or Montréal-Pierre Elliott Trudeau International, don’t expect to get much work done or watch the latest Netflix show you’re bingeing, because the WiFi speeds are paltry.

Claiming the bottom two spots on North America’s busiest airports WiFi performance list has been a historical trend for Toronto and Montréal based onresults from Speedtest.

While offering free WiFi is good for customers and your mobile workforce, these days what counts is being fast, reliable, and secure . The connectivity challenge isn’t limited to travel days -- it has implications in any workplace, and any location.

Oh by the way and for the record, two other Canadian airports are in the top-10: Calgary (#3) and Vancouver (#7).

4 Common Problems with Corporate WiFi Performance

In the Bring Your Own Device (BYOD) era, WiFi is an absolute necessity. Unfortunately, it’s burdensome to design, maintain, and secure, reliable connections for thousands or millions of connected endpoints. While configurations can vary, there are three common problems with WiFi that IT teams should keep on their radars:

Poorly Configured or Misconfigured Hardware - Access Points (AP) can be the goldilocks of WiFi. It needs to be spot on, because too few can mean coverage gaps, where as too many can lead to devices struggling to maintain steady connections. The rule of thumb is that you need one AP for every 3,000 square feet, but that number can fluctuate depending on other network components like routers and controllers, and the type and configuration of the APs.

That’s not all -- simply positioning an AP antenna incorrectly can adversely affect performance.

Interference - Enjoying your Bluetooth-enabled devices? Well, any device that emits a radio signal, particularly on the 2.4GHz or 5GHz frequency, can cause interference. If the radio-frequency interface environment isn’t considered during the network design process, the amount of devices, the location or the positioning of your antenna won’t matter.

Low Data Rate Standards - At the airport you don’t want Netflix constantly buffering, and in the office employees also want seamless access to their business applications, even though the network could be a good excuse for not getting work done on time…

Since data rate standards control WiFi client connections, keeping the data rate threshold too low can lead to slow connections. Much like in the airport, available WiFi is good, unless it doesn’t perform well. So if you want to maximize the end user experience, increasing the data rate standard is definitely a step in the right direction, as well as managing the data workload, applying fair and equal access, and avoid allowing Peer to Peer (P2P).

Trading Off High Performance OR Security - Achieving quality performance or security is doable, but how about balancing both? Rogue APs placed close to a WLAN to deceive employee devices into sharing data, eavesdropping, and more are some of the security barriers that require robust cybersecurity protocols that can slow the user experience.

Old WEP and WPA security protocols cap data rates at 54 Mbps despite the 802.11ac WiFi protocol supporting up to 1,000 Mbps. Since both use legacy TKIP encryption, performance is degraded, leading to end user dissatisfaction and decreased productivity.

If WiFi is the Default for Business, Make Sure It’s Great

Loading, loading...still loading. Employees don’t have the patience for the spinning circle or hourglass anymore -- and they shouldn’t have to. Instead, there needs to be a greater emphasis on addressing the potential causes of slow WiFi as it becomes the default connection for today’s businesses.

While speed tests can provide us with the entertaining rankings of the busiest airports, in the corporate environment it’s necessary to look at performance on a more granular level. Edgeworx Solutions provides customers with the visibility and continuous monitoringrequired to achieve a great network. Using synthetic WiFi client sessions inside an existing WiFi network, results reveal how the wireless network (controller) responds to a change demand for bandwidth and services. After completing WiFi performance assessments, customers can finally understand traffic patterns, interference, and misconfigurations that cause performance issues.

If you’re ready for a smooth takeoff for your WiFi performance, read more about the Edgeworx WiFi assessmentand contact our consultants today at 1.647.793.4731.

How many blogs have you read that have touted cloud benefits ad nauseam? We get it -- companies are adopting cloud to reshape their competitive landscape by increasing business speed and agility, lowering costs, and enabling new means of innovation, collaboration, and eventually growth.

But of course, that doesn’t just happen. You can’t review a list of cloud providers -- be it private, public, or hybrid -- choose one, sign the paperwork, and be on your way. It’s not that easy.

Those looking to quickly adopt the technology might attempt to do this for quick-hitting savings, but in the long term they will face considerable challenges from risks that were not considered. While cloud has the potential to offer more competitive compute power, no fine print is guaranteeing that.

So what can cloud do for you? For one, it can be the source of headaches from a variety of gotchas that might surprise you…so be aware of what you are getting into.

Gotcha 1: Don’t Assume There is Already Security

Homeowners know how critical insurance policies are to protect themselves in cases of disasters or other damages. In comparison, for renters there can be a gray area of responsibility, and assumption that the onus lies on the dwelling owner. When moving from on-prem to cloud, IT teams face the same conundrum and too often expect that the cloud provider has built-in security, without considering that there is a shared risk model.

Given that not all clouds are considered equal, security must always be evaluated holistically for end-to-end data protection, in motion and at rest, strong and auditable access control rules, and levels of protection among all vendor data centers, protocols, and more. Additionally, regular re-evaluation is key as many cloud vendors are modifying service terms and/or being acquired. Companies should always be informed about not only data and services, but also how information is utilized and protected going forward.

Gotcha 2: Critical Features Don’t Always Translate to the Cloud

For application-rich departments like human resources, using apps that manage payroll and expenses are second nature when they are on-prem. Once moved to the cloud, the former “experts” can find themselves scrambling for features like single sign-on, or reporting that they were accustomed to. Unfortunately, there are often stark differences in functions and experiences, which is why critical features should always be outlined and verified in a cloud environment before any application is moved to avoid user experience degradation.

Gotcha 3: Vendors Are Always Changing, and You’re At Their Mercy

In the world of cloud, competition is fierce, and vendors want to be first to market with their latest offerings. Oftentimes, they will develop their solution using an agile application development model, introducing features and fixing problems “as they go.”

While the initial costs of deployment and subscription fees can be an easy evaluation, it’s imperative to fully understand the pricing model. At any time, a vendor may change their marketing model -- what was once a feature of the basic plan, may now be an add-on feature, slapping you with additional costs at renewal time.

Another danger of shifting pricing tiers is that data can be held hostage when a subscription auto-renews. For example, if the basic level was purchased, but now a premium package is required to achieve the same access when the subscription renews, the data will be inaccessible until an upgrade and its associated costs are completed and paid. In that case, the once straightforward ROI will need to be recalculated to factor in the significant increase in costs.

Gotcha 4: Data Can Go Missing

As noted above, in some cases, data that you have stored in the cloud may become inaccessible when the cloud provider changes their policy around service offerings where free access becomes fee access requiring an enhanced (and costly) service plan to access your original information. Oftentimes, cloud vendors change packaging and pricing models as they enhance and deliver new functions or update their “go to market strategies”… to increase profits.

Cheap service level agreements (SLAs) with few day turnarounds can be appealing when there is mounting pressure to cloudify. But without considering the full ramifications of entrusting business critical data to cloud providers, pesky downtime can be much more than an inconvenience. Unlike on-prem, in the cloud, companies no longer have full visibility of where their data is located. Cloud vendors can choose to move data at any time without notifying customers, and if that data goes “missing,” customers just have to sit, wait, and probably check Twitter furiously for recovery notifications.

It’s imperative to ask questions like -- do we really understand the cloud provider’s backup and disaster recovery policies and service levels? Have we tested them? How long does it take to recover a backup, and how far back can we go, or is this something we need to configure, or perhaps handle on your own with a different service? What about compliance?

The bottom line is -- make sure you know what you are (and not) getting with any cloud solution.

Don’t Assume -- Assess and Reassess!

The danger in all of these “gotchas” stem from assumptions that moving to cloud will be just like on-prem. But instead of assuming and suffering from cloud headaches, organizations should consider assessments covering requirements and business policies.

Not sure where to begin? Try starting with the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure that all companies have a secure cloud computing environment. Using their Cloud Controls Matrix (CCM), organizations have access to a framework that serves up a detailed understanding of security concepts and principles that aligns with the CSA’s guidance on application security, identity and access management, mobile security, encryption and key management, and data center operations.

Since security isn’t the only “gotcha,” companies should consider cloud risk assessments that can determine:

What cloud apps are running in the enterprise, and the associated risksVisibility into app and data usage, and whether they are IT sanctioned, or notAnalytics that provide comprehensive insight and forensics, including other cloud integrated toolsData leaks and preventative measures for future occurrencesMeasurements to prove SLAs for vendors that don’t provide full visibility

Cloud risk assessments can dramatically change the answer to “what can cloud do for you?” If you’re ready to change your cloud outcome, contact Edgeworx Solutions today to learn about how to begin. Contact us today at +1.647.793.4731.

Beginning in 2010, consumerization was the “it” thing, inspiring new ways for customers to interact with their banks and financial institutions. Back then, CIOs were just considering branchless banking and began dabbling in mobile banking. According to a Nielsen study, the digital transformation at that time proved to be worthwhile as mobile banking customers tended to carry higher balances than the average banking consumer. As confidence and comfort levels with mobile transactions rose, it was a win-win situation with greater efficiencies, cost savings, customer loyalty, and engagement of new segments.

Now eight years later, more than ever, the customer experience is considered a top priority and often used as a benchmark of success. The difference? Today’s customers are savvier, have higher expectations, and thrive on digital experiences to effortlessly manage all of their daily tasks. To achieve the same impact that was felt in the digitization of 2010, financial institutions are challenged with adopting enhanced mobile and cloud-based solutions that redefine services and are often the competitive differentiator needed to survive.

Since mobile devices having become the widely accepted way to bank, conduct trades, and pay bills, financial institutions must move swiftly to ensure their mobile application hits the market early (before competitors), and without bugs or security vulnerabilities.

Security Problems in Fast and Slow Development

For all those in the financial sector, there is always the challenge of balancing the risk-adverse industry with the cutting-edge digital transformations that consumers expect. With traditional barriers and boundaries disappearing, sluggish development of new applications places a greater risk of shadow IT. From a security perspective this can feel daunting because if IT moves too slowly, shadow applications can threaten security, or if development moves too fast, application misconfigurations can result in security breaches.

To maintain the balance, IT should consider adopting next-generation architectures, using cloud-native platforms, and develop more agile processes across both IT and the business.

Stay Safe from the Cloud and the Mobile Application

Mobile applications collect, store, and transmit data that previous methods like web applications, never did -- for example, when a picture is taken of a check for mobile deposit that includes the bank account number. Although cloud is often the logical approach for building more modern applications that move faster to accommodate these changes and storing data, the risks often aren’t fully considered.

In development, whether porting existing code, integrating new code, and/or using third party and/or open source, security must always be the first thought. How will data be stored and encrypted, at rest and in motion? Especially in the case of sensitive financial data -- how will data be fully protected and meet the requirements of regulations like PCI?

To achieve cloud security, mobile application developers should consider a layered approach to security, that includes both device-level security as well as cloud security:

Multi-Factor Authentication (MFA) - With mobile devices that are often used without a passcode, MFA can make more dynamic risk assessments, detect high-risk logins, and trigger additional authentication factors as necessary. MFA can also protect against man-in-the-middle attacks that are used to circumvent one-time passcode tokens.

Encryption and/or Tokenization - Given that financial data is always considered highly-sensitive, it’s essential to consider how to obfuscate the information, especially in the cases where application security controls may fail.

Penetration/Vulnerability Testing - 60% of developers lack confidence in their application security, but don’t take steps to fix it. While it’s a redeeming quality that they admit their shortcomings in writing flawless code, it also highlights the importance of continuous testing for QA and identification of problems within third-party dependencies.

Also, with organizations adopting agile development models, there are greater security risks that require integrated and exception testing to minimize and mitigate potential weaknesses and breaches. In these cases, DevOps should implement test automation and focused manual testing (and re-testing) as part of the process.

Minimize Data Input - Freeform input fields within an application are considered a threat vector. Instead of allowing a customer to enter information, “standard” selections should be provided to reduce validation. This simplification not only reduces security exposure, but also improves the user experience.

Minimize Permissions - While the camera is needed to capture a photo of the check being deposited, it doesn’t need constant connection. Applications should be designed with the zero-trust security model that assumes no one and nothing is secure, so only the barest permissions should be granted.

End-to-End Visibility - Consider Visibility-as-a-Service (VaaS) to provide an end-to-end view from the device to the application. With many legacy financial applications dependent on archaic technologies and databases that lack modern security and controls, it’s important to conduct architecture reviews and simplification, but also enforce better visualization. Doing so can measurably reduce risk by gaining real-time visibility so that data from the device, traveling to the cloud, can be tracked for proper handling. In cases of user behavior anomalies or security concerns like data exfiltration, visibility along with baselining and analytics can provide unprecedented intelligence with the included benefit of market and customer trends.

Additionally, financial institutions should consider how operations and support teams will access application insights, if they will be able to drill-down on a per-user basis, and if the overall monitoring should be architected into the application for ongoing support.

Given the complexity of mobile applications and cloud, it can be challenging to add additional layers of protection, while still remaining user friendly. At Edgeworx, we work in step with our customers to ensure their technology is safe and a means of creating an agile business. To learn more, read about our security services or contact us at +1.647.793.4731.

In team sports, you’ll always find a captain that acts as the glue amongst players and a model of enduring greatness. But the glory of being hailed as an indomitable leader doesn’t come without disadvantages of unglamorous work to carry the team to victory. Captains must have unwavering skill and offer boundless motivation despite losing seasons, unfair referee calls, and immoral competitors.

Much like team sports, in the digital transformation era, communication service providers have been appointed the role of team captain. They cannot operate solo by only focusing on their performance of becoming digital telcos. Instead, they are responsible for propelling change for their customers and the essential DNA of enduringly great digital businesses.

According to IDC, the digital transformation opportunity is massive, and expected to grow from $1.1 trillion in 2017 to $1.3 trillion in 2018, with compounded annual growth rate (CAGR) of 17.9% to nearly double to more than $2.1 trillion in 2021. More than half of digital transformation spending is expected to be allocated to operational efficiencies, an additional 25 percent dedicated to omni-channel communications, and another 18 percent for business intelligence and analytics solutions. At the epicenter of this change, service providers must take a dual-pronged approach to transformation as they are responsible for networks that scale to meet customer needs, new digital services, and a highly engaging experience, but also evolve internally --- technically, organizationally, and operationally.

Primary Areas of Transformation for Service Providers

Virtualization of services, internet of things (IoT), cloud, big data analytics, 5G -- the list of factors contributing to providers becoming “digital telcos” is indefinite. Despite the individual driving factors, there are a few key areas of transformation that dominate the global telecommunications industry.

Layering In Bigger, Faster Pipes

The industry is headed into the zettabyte era for bandwidth consumption. To satisfy the relentless demand for more bandwidth and deliver high-quality services, providers are layering in bigger, faster pipes to increase the reliability and redundancy of the network.

With everything connected, from IoT to fancier technologies like the autonomous car, the telecom network of the future will have to look different. Changes will need to be made across the board from mobile, to the fiber network, and into the cloud. Simply downloading information will no longer be the network’s main priority, instead symmetric, intent driven networks will be required to interact with information out in the real world, in near real-time.

More, and More Security

To enable dynamic transformation on the path to becoming digital telcos, providers are increasingly turning to third party vendors for services and as a way to evolve, while reducing upfront costs and time-to-market. However, removing and expanding network boundaries can lead to vulnerabilities of the telecom ecosystem, leaving it exposed to attacks, internal or contractor breaches, and malware. Additionally, with businesses of all sizes relying on telecom providers to act as their path to the cloud, the risk of data loss poses significant threats to the entire industry.

To combat the dangers, providers are placing greater emphasis on security, including use of next generation firewalls, Quality of Service (QoS) management, device management, identity management, compliance management, and visibility service with notifications. With a combination of systems and tools to secure assets, providers are able to analyze subscriber traffic flow and check respective endpoints for anomalies.

Subscriber Visibility

As the backbone of transformation, service providers must be able to track subscriber interactions from the network to the endpoint, and fully digitize customer engagements. Choosing the right technology to support this initiative will be the differentiator. If a subscriber were to call in with a quality issue, a lower-tier support agent should be able to triage quickly and without escalation for most issues. By embracing this level of visibility and customer care, telcos will be able to strengthen loyalty and reduce churn.

Integration and Automation

Pressures from over-the-top (OTT) and other non-traditional providers are forcing telcos to find ways to reduce the service delivery cycle to a matter of days or minutes. To adapt, integrating and automating with virtual, software-defined, and cloud networking technologies are necessary to achieve operational efficiencies that are needed for next generation services and profitability.

Moving Workloads from the Data Center to the Cloud

While it’s generally accepted that most have crossed the “cloud-chasm,” some service providers aren’t taking full advantage of the cloud. By moving workloads from the data center to the cloud, providers can extend the benefits of Infrastructure-as-a-Service (IaaS) for uses such as contact center, telephony applications, or as a disaster recovery node. At the same time, providers need to support their enterprise customers in their multi-cloud and hybrid-cloud worlds. Through the cloud, providers and enterprises alike can grow at a pace they desire, have more choices for flexibility, and control costs.

Unleash Your Potential With Edgeworx

Even the best players in the telecom industry will face challenges when transforming their networks. At Edgeworx, we have built a team of seasoned professionals that are specifically dedicated to designing telecom infrastructure of the future. If you’re ready to take the leap to provide transformative services, but need some help getting started, give us a call at 1.647.793.4731.

The growing need for big data analysis and rising demand for mobility are supercharging connected cloud applications. Just take a look at the top 20 cloud services in use by today’s enterprises in the table below.

Now think, how many of them are connected to your business? Go ahead, really come up with a number.

Outside of the list, how many other cloud apps are in use? If you aren’t 100 percent confident in your answer, you’re in good company.

To give you a sense, today’s enterprises have an average of with 92.7 percent not enterprise-ready according to the latest Cloud Report by Netskope. Since this is just an average, larger organizations can have over 3,000 cloud services, which include apps that aren’t necessarily sanctioned, IT-led services.

Netskope’s Cloud Report, Top 20 Cloud Services List

Even though the apps on the list above are common in the enterprise, and vetted, these “sanctioned apps” can still be connected to other dangerous cloud apps.A recent example of this is the Facebook and Cambridge Analytica scandal. While Facebook is generally accepted as a safe app, it turns out what it is connected makes it not such a safe place after all.

This is the stuff of nightmares for IT security managers and CISOs alike -- the dreaded “shadow IT.” With well-known risks, including data leakage and weak security, not having a hold on cloud usage has the potential to impart damage to a business’s ability to function effectively.

Boost Your Cloud Confidence

The cloud doesn’t have to be a foggy place where sensitive data is transmitted and possibly leaked. While technology developments like Bring Your Own Device (BYOD) have become the rabbits of cloud, breeding connected third party vendors in volume and without IT approval, there is a way to regain control and confidence.

Instead of feeling shy, aspire to have cloud confidence by following our five steps:

Discover the cloud apps running in your enterprise and understand their risks.Use analytics to monitor usage, detect anomalies, and conduct forensics.Identify and prevent the loss of sensitive data.Enforce your security and compliance policies across any cloud app or app category in real-time.

Putting the Five Cloud Confidence Steps Into Action

Maybe the five steps seem obvious, or perhaps it was an “aha” moment -- regardless, you’re probably thinking, “great, but how?” Luckily, there is now a way to gain unfettered visibility and fill security voids by offering a combination of APIs and traffic inspection technologies to flag employee misure of cloud resources using Cloud Access Security Brokers.

What is a Cloud Access Security Broker (CASB)?

The term was originally coined by Gartner in 2012, and since then, a number of vendors have emerged to fill voids of other security solutions such as smart firewalls, UTM, and proxy services that haven’t been easy or often even possible to deploy in front of cloud services.

Gartner officially defines CASBs as “on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.”

CASBs, at a high level, are designed to deliver four pillars of functionality that differentiate them from existing security technologies in relation to securing cloud services, including:

Start From the Very Beginning: Visibility Through Cloud Risk Assessment

Cloud confidence stems from knowing what you have and using the visibility to control and secure all cloud data.

At Edgeworx Solutions, we begin this process by completing Cloud Risk Assessments that can:

That’s just some of what assessments can do for your organization. But we have to warn you, what we discover ain’t always pretty! Reality almost never is, but knowing is half the battle. Ready to gain cloud confidence? Contact our cloud team today at +1.647.793.4731.

Not ready to talk? Get more insight on cloud applications in our blog, 4 Essentials to Ensure Your Applications are Cloud-Ready.

In France, the national railway has bucked the conservative, risk-averse industry mold in favor of digitization through the Internet of Things (IoT). The transit provider has installed sensors across the entire railway system, providing a blanket of IoT tech across thousands of miles of track for data collection that allows the operators to better predict when cars will need maintenance. Preemptive maintenance isn’t the only benefit. Harnessing data intelligence allows the railway to prevent mechanical error that would take a train out of service unexpectedly, which has a ripple effect of costly repairs, safety issues, and delayed service and passenger dissatisfaction.

Reportedly, train cars, tracks, and stations will all eventually be equipped with sensors that will send thousands of data points directly to a cloud and IoT platform for the real-time data analysis necessary to deliver such efficiencies and improvements. According to the operating company, the Parisian lines will have 2,000 sensors on 200 trains that will send upwards of 70,000 data points per month to engineers for remote monitoring.

However, the race towards digitization isn’t just a matter of placing sensors and connecting to a monitoring platform. In France they have chosen an operational focus that covers three pillars: cybersecurity by design, platform-as-a-service deployment model, and big data for decision support.

How IoT Can Make Transit Thrive

IoT, often associated with smart homes, encompasses transformative technology for our future business world. According to Gartner, a leading analyst firm, “IoT will have a great impacton the economy by transforming many enterprises into digital businesses and facilitating new business models, improving efficiency, and increasing employee and customer engagement.” It was also noted, that the biggest barriers to adoption and deployment are that most companies do not know what to do with the technology and without specific plans, there could be a lack of leadership for IoT initiatives.

For transit, the path to business value seems more obvious than other industries, with use cases such as:

Be Careful: IoT Can be a Solution Looking for a Problem

“Initially, leaders viewed the IoT as a silver bullet, a technology that can solve the myriad IT and business problems that their organizations faced. Very quickly, though, they recognized that without the proper framing of the problems, the IoT was essentially a solution looking for a problem.” - Mark Hung, Gartner Research Vice President

Implementers of connected transportation technologies are coming to the same conclusion that it is impossible to pursue IoT projects alone. Agencies and departments will require consultants, systems integrators, third-party vendors, and more to deploy technologies that are truly a silver bullet.

Given that IoT is a new concept and technology, it will be helpful to map out the implementation journey to deliver on business objectives as seen below:

Leading the IoT, Gartner eBook 2017

To move from exploring IoT, to reality, transit leaders will have to consider all technologies required for the initiative, including but not limited to the following factors:

What is already connected to my network and how will those technologies interact with IoT devices and platforms?Which IoT platform is best suited for my environment?How can I design a customized solution set that works to achieve my business goals?What is the cost of all the technology needed to support an IoT initiative?Does the initiative require a help desk to support the incoming data?

At Edgeworx we work with clients to answer all of these questions and chart a path to IoT business value. From technology vendor identification to network assessments, we provide a variety of services and solutions to bundle technologies and achieve combinatorial innovation. To learn more, contact our IoT architects at +1.647.793.4731.

Back in January of 2012, the first proposals of the European Union General Data Protection Regulation (GDPR) were released, and after years of negotiating it finally becomes enforceable this Friday, May 25, 2018. Despite the long road to the enforcement, many organizations that fall within the regulation are still dangerously unprepared for the ne

cessary technical changes within customer-business interactions in order to comply.

A Quick Look at GDPR

Given the substantial buzz around GDPR, and massive fines, there’s a good chance you know the basics of the regulation. In the event that you have been putting GDPR education on the backburner, here are some fast facts you need to know:

GDPR was developed to protect all EU citizens from privacy and data breaches in our data-driven worldIt applies to all companies processing personal data of citizens or individuals residing in the EU, regardless of company locationOrganizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater)Request for consent must be presented in an easily accessible form, outlining the purpose for data processing and with an easy way to withdraw consentCompanies are now mandated to send breach notifications within 72 hours of becoming aware of a security incident

And, possibly the most difficult data right to enforce is the right to be forgotten. That means if a customer asks for their data to be erased, organizations must be able to find and completely wipe out the entire record. Which brings us to the focus of today’s blog -- unstructured data.

The Risks of Unstructured Data in the GDPR Era

Unstructured data, or data that aren’t stored in a fixed record length format, are estimated to make up over 80% of enterprise data. Decades ago this might not have been a problem, but in our current data-driven environment we’ve become data hoarders, and it may be time to condemn our storage before it threatens our safety.

Under the rule of GDPR, it will be a costly mistake to have data that has been forgotten, ignored, and kept in an unstructured state. If a customer decides they would like to enact their right to be forgotten, that won’t even be technically possible if all data isn’t categorized and analyzed so it is searchable and retrievable.

Danger Lurking in the 80%

From a business perspective, many may think that GDPR doesn’t apply to them. However, you must consider the ramifications of that assumption. Are you prepared to pay crippling fines because you would prefer to just buy more storage than to address the unstructured data problem? Given that 80% of your company’s data is unmanaged and unknown, there could be personally identifiable information of EU citizens resting in your storage, waiting to be compromised in the next data breach.

Gain Visibility Into Data with Baseline Assessments

While GDPR might be the catalyst for organizations taking responsibility for their data hoarding problems, there are a significant benefits when bringing dark data into the light. With visibility and data baseline assessments, data can be scanned through to identify risks and filters can be added to find GDPR applicable data.

Assessments help you:

Know what data you haveCategorize your data into the right bucketsDetermine what security mechanisms you need to protect the data and know when you’ve been breachedDetermine realistic storage requirements, avoiding over provisioning and overspendingEmpower business decisions and improve business agility

Face the Security Breach Reality

GDPR is multifaceted, which means you cannot just buy a technology or manage your data and be compliant. As the occurrences of data breaches steadily rise, it’s not just about knowing your data, but also extending perimeter protections and empowering security with insights in order to protect both unstructured and structured data from being breached.

We don’t know when the first round of GDPR fines will happen, but we’re confident that between now and then, there will be a multitude of records compromised. All organizations, regardless of compliance standards, that want to ensure financial strength and operational efficiency should consider using technologies to safeguard data including multi-factor authentication (MFA) so you know who is accessing your data, user and entity behavior analytics (UEBA) to help spot any anomalies with data handling, and next generation firewalls to block and mitigate inevitable threats.

Start Taming the Data

At Edgeworx Solutions, we provide a variety of assessments so that our clients can finally identify issues, visualize ecosystems end-to-end, and translate the intelligence into technology deployments that support overall business goals. Whether you need to work towards GDPR compliance or you’re just tired of being shackled by unstructured data, our experts can help. Give us a call at +1.647.793.4731!

At the end of last year, IDC released its 2018 top ten predictions with one sweeping and bold takeaway -- if you’re not in the cloud, you’re isolated from innovation. Frank Gens, IDC senior vice president and chief analyst, stated, “Cloud everywhere for everything is what we’re likely to see over the next several years. Companies need to assess their cloud supplier’s ability to support an expanding range of use cases.”

While we are indeed witnessing a steady cadence of companies moving towards the cloud, it’s often an arduous process with lofty goals that aren’t supported by in-house expertise. To fulfill the expected potential touted by cloud vendors, companies are diversifying through multicloud to achieve a range of features and cost flexibility, while also mitigating license restrictions. Unlike hybrid cloud, which mixes on-premises private cloud and third-party cloud with orchestration, multicloud cherrypicks cloud services from different providers, but does not connect or orchestrate the services.

Although multicloud offers greater accessibility, scalability, and lower upfront costs to adapt to the breakneck pace of modern business, it is a significant undertaking that can easily falter if not planned properly. Oftentimes, companies get caught up in the glamour of being innovative, while ignoring the repercussions of choosing the wrong cloud vendors. Not all clouds or cloud vendors are created equal -- platforms, processes, and security can vary. But what remains a constant is that the data living in each of those clouds are the most precious assets any company has. No matter the mix, existing on-premises security measures will not be adequate for monitoring and defending siloed, multicloud environments.

Top 3 Security Concerns in the Cloud

Whether you have begun migrating to the cloud or you’re in the preparation phase, there are several aspects of cloud security to focus on to ensure sensitive information is not exposed. We’ll ease you into it by starting with the top three:

Protecting Data - What seems like an obvious point, is a massive hurdle for more than one in four companiestoday trying to protect sensitive assets. Despite the growing “cloud first” culture, organizations still struggle with identifying the delineation of responsibility between themselves and their cloud service provider. With compliance regulations like the European Union General Data Protection Regulation (GDPR)buckling down on data privacy, the gray area of protecting data, isn’t just an oversight, but a costly mistake.

Access Privileges - Among the top considerations for data protection are “who has access?” and “from what devices do they have access?” Policies like Bring Your Own Device (BYOD) allow devices that have not been provisioned with enterprise-grade security controls to be connected to corporate cloud services. While such BYOD policies facilitate employees to connect to data in the cloud from just about anywhere with an internet connection, it also opens pathways to cybercriminals. With identity as the new perimeter, two factor authentication (2FA) or multi-factor authentication (MFA)are becoming a vital consideration for organizations to ensure appropriate user access roles are established and enforced no matter the location of the user, the device being used and cloud environment accessed.

Transition of Current Security Practices - The deployment of a multicloud environment exponentially increases the attack surface as organizations open access to network resources and stored data across distributed environments. By continuing to use existing on-premise security technologies, organizations will not have the deep contextual security that is required to thwart the influx of sophisticated attacks.

Reduced Visibility Increases Risks in the Cloud

The flexibility, agility, and rapid scaling of cloud services from varying providers and implementations present significant challenges for gaining visibility and monitoring the performance and security of the cloud.

Multicloud environments in particular severely diminish visibility into resource utilization, microservice performance, data storage and movement, and application workloads since there are multiple, not always well-integrated platforms and provider systems. While cloud providers may offer a limited view, it certainly does not include packet data or any rich contextual insight critical to problem diagnosis or timely threat mitigation.

While the full power of the cloud can be transformative for companies, it will never see its full potential without first unburdening IT teams from manual monitoring and correlation of threat intelligence. To do this, companies should look to cloud partners that can provide a Visibility-as-a-Service (VaaS)architecture so managing the cloud is never just a guessing game.

Know Your Cloud

Unsure of what is happening in your cloud environment? It’s probably safe to assume you have a cloud problem (let’s be more accurate -- problems). To protect applications and data in a distributed network environment, it’s wise to look beyond the basic built-in security features offered by cloud providers. Instead, consider working with a partner to get to know your cloud by starting with a Cloud Risk Assessment and VaaS to understand cloud applications currently in use and the risks of data leakage, unwanted access, and data exposure.

In our pursuit to protect the data, we’ll be creating future blogs to tackle where we go from here, including topics around User Behavior Analytics (UBA) and Cloud Access Security Brokers (CASBs), which fill security voids by offering a combination of APIs and traffic inspection technologies to flag employee misuse of cloud resources.

In the meantime, our team of experts are on hand to ensure that customers not only have airtight security, but also sweeping visibility with our VaaS and cloud migration services. Contact us +1.647.793.4731 to discuss your multicloud environment and be sure to subscribe to our blog so you don’t miss a post!

Your developer that is now retired, built a handful of your legacy applications 20 years ago and now you want to move them to the cloud -- is that even possible? This is a scenario that companies are facing without their long-trusted experts at their side, as they try and navigate our new cloud-enabled world. Questions of “can I migrate existing applications directly without drastic changes?”, or “do I have to completely rebuild everything?” are setting IT departments in a frenzy as they try to conform to the business agility goals set by C-level executives.

Unfortunately, applications are often not considered “cloud-ready”,meaning they weren’t designed in a way where they can just move over to the cloud. Instead, the applications have architectural design principles (soon to be limitations) from being built on top of the standard two or three tier architectural design. So now, the biggest concern is, how do we verify and ensure that the necessary steps are taken to make legacy applications ready for the cloud?

1. Identify Which Category Your Applications Fall Under

In preparation to migrate applications, it’s first important to identify which category each application is in to determine the next steps.

Lift and Shift - These applications are for the most part ready to migrate. The applications are either already virtualized, or are ready or compatible with hypervisor platforms. In these cases there should be little work to do, including adjusting and testing the virtual machines.While there are often few changes like changing location of storage volumes or network settings, it rarely makes the most efficient use of cloud services.

Refactor - To make some legacy applications wholly cloud-friendly, it can require modularizing the monolithic application architecture. Instead of simply lifting and shifting applications, redesigning some internal applications will realize full performance abilities, maximize the scale-out feature of a cloud offering, and lower costs.

2. Create a Service-Based or Service-Oriented Architecture

Cloud applications function best when deployed as a collection of services, or APIs. While some developers still create tightly coupled applications, it is better to expose the underlying functions as services to be leveraged independently.

3. Model and Design for Agility

The cloud is a flexible place, so the applications should be too. When designing apps, try to avoid using specific topologies for application code and deployment. Instead, the application should be as generic and stateless as possible so that if factors like IP addresses change, the application will not falter.

To further enhance agility, also consider building and storing data remotely using SQL or NoSQL type of database to prevent duplication and inconsistency in data.

4. Ensure the Proper Security Measures Are in Place

According to recent research by Netskope, 93% of cloud applications aren’t enterprise ready. “Researchers are seeing a broad transition from traditionally on-premises HR services to cloud-based apps like Workday, SuccessFactors, and Ultimate Software. Most of these new apps contain sensitive data but aren't always sanctioned by IT, putting the data at risk.” To avoid following in these dangerous footsteps, businesses should consider having IT thoroughly vet all applications to ensure the safety of sensitive data. While trusted and common applications like SuccessFactors may be IT approved, it is critical to also clear the connected applications like virtual signature tools.

Moving to the Cloud Comes in Many Flavours

While we have laid out some of the essentials when getting applications cloud-ready, no two cloud migrations are alike. With goals of obtaining better agility and economy, taking the wrong steps and having applications fail isn’t a exercise you’ll want to complete. Instead, co

nsider using a cloud enablement partner like Edgeworx to ensure that your applications aren’t just compatible, but also reaching the fullest performance potential.

One of the early statements we voiced to our customers still stands: “not all applications are network friendly, nor are all networks application friendly.” There’s only one way to find out: speak with one of our experts about our cloud migration vision, call +1.647.793.4731 today!

Nearly everything that people do online these days requires a username and password. Despite the fact that these credentials safeguard credit card details, personally identifiable information, and other sensitive data, in 2017 people continued to use easy to guess passwords like “123456,” “Password,” and “iloveyou.” What’s worse is that these insecure passwords are rarely changed and used across multiple sites. Now what happens if those same people practicing poor credential management are your employees?

Credentials are the oxygen of malicious activity. For bad actors, the success of phishing, keylogging, or other attempts to capture legitimate credentials is the most crucial factor for completing nefarious activities. When developing a plan of attack, credentials are often either the target, or used as a mechanism to gain access to the intended network targets.

And stealing usernames and passwords isn’t an insurmountable task. In fact, quite the opposite. Attackers simply need tools like keyloggers and Trojans to capture data for every type of account imaginable. Now to cripple a company financially, it doesn’t take a zero-day attack, just some legitimate credentials.

One in five security professionals still uses paper to manage privileged passwords

It’s not just low-level employees that have poor security hygiene. Even IT security professionals still use paper to log their privileged passwords. With those habits, all it takes is one disgruntled employee to walk by, obtain the credentials necessary for administrative access and free rein in the environment. In this case especially, no one would question the validity and identity of a high-privileged employee making changes within the network.

Effective prevention of credential theft should include four strategies

To lower the risk of stolen credentials, infosec professionals are singing the praises of two-factor (2FA) and multi-factor authentication (MFA) to better secure IT systems. In particular, strategies that prevent credential theft should include four points:

Having more than one factor of authenticationOne-time passwords that are only valid for one login or transaction, and only for a limited amount of timePassword managersEmployee training, since they are always the weakest link in the security chain

With a 2FA/MFA strategy, there is an additional layer of protection so that if an attacker steals credentials, they have no more access than an attacker with no authentication factors at all.

Finding a modern 2FA to fit your business

According to our partners over at Duo, the most secure technology is one that users actually want to use. So finding a modern MFA and 2FA (M/2FA) solution that is easy to use with minimal impact to end users is the key to success.

Other criteria to consider when choosing a M/2FA solution include:

Is your company at risk for credential theft?

Without modern 2FA, we have no way of proving the identity of the person or machine providing the credentials for

access to a company’s most precious assets. Any organization that isn’t taking the steps to validate identity should be prepared to be breached. At Edgeworx, we work with our clients and our ecosystem of security partners to ensure that network architectures are secure and are adaptable to today’s growing threat landscape.

To learn more about improving your organization’s security posture, contact one of our security experts today at +1.647.793.4731.

What’s the top complaint we hear from CFOs and CIOs when it comes to software-defined wide area networking (SD-WAN)?

“We thought SD-WAN would be cheaper and easier, but I don’t see it”

When network administrators are caught up in hours of writing hundreds of command line interface commands, and making several typos that cause network disruptions, organizations can feel desperate to find a solution that will unburden them from manual tasks, and increase business agility.

Software-defined networking (SDN) inside the data center and cloud services has already proven its benefits in reliability and ease of deployment of application policy rules, matching business drivers.

Traditional WANs tend to be expensive and a challenge to manage, SDN’s WAN equivalent, SD-WAN, aims to reduce recurring network costs, deliver network-wide control and visibility, and simplification of the service activation to branch locations with zero-touch deployment and centralized management.

SD-WAN vendors understand the common pain points and often market the following equation as the ultimate panacea to network ailments:

Agility (from simplifying network policy configuration and management) + Control (intelligently leveraging multiple paths, including broadband connections) = Faster Service Activation and Time to Market.

With over 40, and growing, SD-WAN vendors, not all are created equal despite many proclaiming the same message. Businesses have the choice of over-the-top (OTT) providers, carriers, managed service providers, hardware vendors and more.

Today, SD-WAN remains largely a do-it-yourself operation with IT departments responsible for planning, design, implementation, and maintenance. So how do IT leaders achieve an SD-WAN deployment that will actually simplify management and produce a positive ROI?

Determining Your SD-WAN Compatibility

Whether or not to implement SD-WAN isn’t a clear-cut decision, especially since the technology is rapidly changing. However, there are some use cases that are more favorable than others.

When Agility Is Important

Companies that can get past the initial setup of SD-WAN are far more likely to be satisfied with the agility benefits of separating the control and data planes. For dynamic organizations that need to be able to add services quickly, or experience rapidly changing traffic patterns, SD-WAN can offer advantages with a SDN controller.

Speed to Market/Zero-Touch Deployment

Branch offices are growing in number and importance in favor of generating market awareness and bringing the business and customer closer together. A common problem in this scenario is that branch offices need to get up and running quickly, and ISP circuits have long lead times compared to SD-WAN.

As branches multiply, so do the number of routers, firewalls, security features, and optimization appliances, making management a nightmare. These physical network functions are now converged into Virtual Network Functions (VNF). Companies already going through the process of trying to simplify are embracing VNF/NFV as part of SDN/SD-WAN to make the switch.

Doing More to Ensure SD-WAN Deployments Fulfill Expectations

SD-WAN is a superb technology that will see rapid adoption rates, but we felt the storyline required a dose of much-needed reality.

Even with its many advantages, companies should understand that SD-WAN is not completely immune to disappointments. Although easier to connect to the multiple ISP services (cloud, MPLS, Internet, LTE), without the proper controls, there is still the possibility of poor Quality of Experience and service disruptions. And that is where SD-WAN customers begin to feel frustration, because poor performance can lead to higher Total Cost of Ownership.

Our advice is, look before you leap into the world of SD-WAN. First, consider completing network and application assessments to gain end-to-end visibility of network resource utilization. Armed with a quantitative analysis, CIOs and IT leaders will be able to make data-driven decisions around choosing an SD-WAN solution that will actually deliver on the promises of agility, performance, and reduced costs.

Our experts at Edgeworx are invariably focused on ensuring that clients’ networking investments are being used effectively to meet business needs. Don’t jump into the unchartered waters of SD-WAN alone. With Edgeworx you can feel confident in achieving reduced costs, avoiding unnecessary expenditures, and improving business performance as we guide you through your SD-WAN adoption process with our objective, real-world experience. To learn more, speak with our team today at +1.647.793.4731.

If you could define a “great” network, what factors would be involved?

The answer is often subjective, but there are a few key elements that are typically included like predictability, visibility, and seamlessness. These days, the role of the network isn’t just to provide a connection, it enables new business initiatives, opens revenue streams, and empowers organizations to be more competitive. But as the network moves from a cost center to a growth driver, we must also consider that improving the network doesn’t just make the end-user experience better, it equates to stronger security.

According to Verizon’s 2017 Data Breach Investigations Report, 62% of breaches featured hacking, but there has been ongoing debate on which poses a greater risk -- insider or outsider threats. Historically, data breaches perpetrated by outsiders are the ones to grab headlines. Either way, the numbers and new stories don’t lie. Our cybersecurity reality is that insiders should no longer be trusted and nefarious actors are getting more sophisticated, and the velocity of attacks are increasing. For companies with siloed and unmanaged networks, even defense in depth won’t be enough without a properly architected and managed network.

What’s Your Network Baseline? The Case for a Predictable Network.

A question that may have you scratching your head -- what’s your baseline? Companies that can’t answer this query and show quantitative proof are certainly more vulnerable to security anomalies. Predictability -- whether of performance or capacity -- is an essential component of IT operations, especially as cloud migrations increase. However, without a network baseline there is no comparison point as events change network traffic patterns, link utilization, packet delivery times, and protocol distributions.

As applications are lifted to the cloud, companies often lose practically all visibility, especially in cases where third-parties manage the environment. If a security event were to occur, it could takes months or years to detect because there would be no defined state of normalcy to use as a basis for accurate threshold triggers.

Don’t Let the Bad Guys Squat in Your Network

The endpoint security market is predicted to reach USD 17.92 billion by 2023 with North America holding the largest share. But as CISOs are sold more endpoint solutions, they still remain in the dark on how security at the edge ties in with the rest of the network. Simply adopting a technology, or even a few security mechanisms, isn’t effective if it’s not integrated and visible on the network.

End-to-end visibility of the network isn’t just a passive function. Visibility allows for greater control to make decisions regarding data flow and protection, and allows companies to monitor network traffic for threats. On average, it takes 214 day to identify data breach incidents, but if every company adopted a monitoring solution, the number would be greatly reduced as it accelerates the time to identify and contain the threat.

Control Who and What is Accessing the Network

The perimeter of the corporate network isn’t what it used to be. With growing amounts of connected devices and applications, the true identity of the user accessing data is often obscured. When it comes to security, there is a fine balance between making the network secure, while still having it convenient to use. Through in-depth threat analytics, data leakage assessments, and cloud risk assessments, the knowledge gained can instruct the proper controls that won’t slow the rate of data exchange on the network or the end-user experience. Whether that involves two-factor authentication or User and Entity Behaviour Analytics to offer more visibility into comprised IDs than just logs, there are a variety of mechanisms that work seamlessly with the modern network.

Is Your Network Great?

The way your infrastructure is designed and maintained directly impacts your security posture -- and when it comes to defending your most precious assets you don’t just want to be good at it, you want to be great. At Edgeworx, our design and engineering practice is dedicated to creating secure, reliable, and high-performing networks. For existing networks we conduct end-to-end threat analysis and performance assessments to provide a snapshot of the current environment to be used as a baseline for improvements. Beyond just statistics, we also develop simulation models for a more detailed view of any major changes.

Don’t let the weaknesses in your network be the downfall in your security. Contact our experts to discuss our assessments at +1.647.793.4731, today!

At the core of every successful digital workplace is an engaging and positive end-user experience (EUX). Despite IT professionals’ efforts to achieve this accomplishment, new technologies and cloud architectures are working against them, compounding the issues of an already convoluted digital ecosystem.

So what’s really holding back network professionals? Typically five reasons:

Overabundance of data to analyze and correlate across the board.Unruly and disparate management and monitoring tools.Increasing amount of mobile workers with devices operating outside of IT’s sphere of control.No single source of network truth that can be shared amongst teams.Lack of holistic, end-to-end view of the user experience.

As on-premise applications are being replaced by cloud-based Software-as-a-Service (SaaS) deployments, traditional tools are often leaving IT departments with blind spots as they can’t truly visualize users’ end-to-end digital experience. Formally fast applications now are slow and sluggish in the cloud and everyone is starting to wonder -- what happened and who’s to blame? Then the blame game begins as the network team points to the application team, and vice versa.

SaaS needs a different approach to NPM and APM, it starts with Visibility-as-a-Service (VaaS)

Fundamentals of Visibility-as-a-Service

Infrastructure isn’t simply technology. It’s the set of tools that overcome obstacles and empowers business. But how do you measure the impact, the performance of critical applications, speed, uptime, and security? That’s when you require VaaS.

The fundamentals of VaaS are based around rapid deployment of right-sized tool sets aiming to cross IT silos, ability to scale up or down, whilst reducing time and cost to resolve service violations. Using VaaS, granular visibility of the network and applications is available on-demand to ensure consistent performance and security of the application and network infrastructure at all times.

Since it’s a service, it doesn’t come “on its own.” VaaS is a managed service offering, bundled with people, processes, and technology. It applies runbooks describing workflow, plus integration and execution of business-focused analysis of application performance and/or one-time performance, or readiness assessment and deployment as part of a service desk solution.

With VaaS, IT organizations are now able to answer questions like:

What is my current performance baseline?What impact did the move to the cloud have on my EUX?Which KPIs inside my service component are (now) influencing my SLA?How is my technology working, and does it align with my business goals?How is the EUX performance? If there are disruptions, what are the sources?Does my existing technology portfolio make financial sense?

Hitting the EUX Mark with Visibility Benefits

With industry-leading technologies and agile, agentless based Network Performance Management (NPM) and Application Performance Monitoring (APM), organizations can increase insights and reduce troubleshooting without expending a tremendous amount of work and headcount.

For organizations using VaaS, there are extensive benefits:

Proactive Monitoring and Management for Performance Quality - For CIOs and other IT leaders that are expected to deliver optimum performance for end users, monitoring is a vital element in shaping the overall IT strategy. With infrastructure monitoring, data benchmarks can be created to compare against, so that issues are easier to spot and mitigate.End-User Experience Improvement - As the network becomes more complex, one small change can throw off the entire ecosystem, and end-users will definitely let you know when they are feeling the ramifications. With VaaS, constant monitoring means detecting problems early and managing Quality of Service (QoS) before any major disruptions can occur.Data Driven Insights and Decisions - While data may have been available before, now more specific insights are not only available, but digestible. Having functional data means real-time troubleshooting with more time to do valuable tasks, identifying if network-based business systems are meeting service level agreements, and ensuring investments are being used effectively to meet business needs.Scalable Visibility, End-to-End - From across the cloud, to SaaS apps, and end-user experience, VaaS has rapidly deployed visibility without complexity or risk. Driving initiatives like the digital transformation (DX), VaaS scales with assets so that intelligence is available from every view.Single Source of Truth - Transparency and centralization are at the core of VaaS. For the end-user experience this is key since IT must be certain the data received is the same for all users.

Create Measurable Results for Your Company

Problems can happen anywhere -- end users devices, network, service, storage, or anywhere across the application tiers. It’s a matter of how organizations handle those issues in a cost-efficient and agile manner. That is why companies turn to Edgeworx for infrastructure performance monitoring and VaaS.

Using a quantitative approach, Edgeworx completes Network and Application Performance Assessments to provide objective analysis of key WAN/LAN network infrastructure, end-to-end mapping and visibility, and reports and analysis of flaws and performance issues with proactive recommendations. To learn more about how we can improve the health of your network, plus the technologies we recommend, contact us at +1.647.793.4731.

Until now, the Digital Transformation (DX) has been viewed as a buzzword rather than the biggest revolution of our time. But in 2018, industry experts and customers alike agree that will turn on its head. DX is now front and center of this year’s biggest events as a critical requirement for business success.

In fact, IDC predicts that by “2020, 60% of all enterprises will have fully articulated an organization-wide DX platform strategy and will be in the process of implementing that strategy as the new IT core for competing in the digital economy.”

With tremendous momentum and influence, DX is set to change IT investment priorities and implementation strategies for the following trends:

1. Cybersecurity for the New Digital Era

In 2018, businesses will face a hard reality -- either protect valuable data in step with the speed of transformation, or stop innovating to remain safe, and risk stunting business growth and profitability. With new IT operating models favoring collaborative ecosystems, we’re also witnessing the traditional network perimeter disappear, and in turn increasing the attack surface.

CISOs will be charged with creating next-generation security plans that adapt dynamically to on-demand infrastructure, IoT devices, software-defined perimeters, and more. Plus, as cyber attacks increase in velocity and sophistication, advanced technologies including artificial intelligence and machine learning will be a necessity to maintain a positive security posture.

2. Scalable Security for Public Cloud

Much like the general theme of securing for the transformation, public cloud security will be a key driver in the upcoming year. As a critical business enabler, public cloud offers unparalleled opportunity in regard to elasticity. Yet, its greatest benefit is also public cloud’s biggest weakness as it draws attention to the lack of visibility and the inability for traditional protections to scale with the solution.

At Edgeworx Solutions, we firmly believe that you can’t secure what you can’t see. For businesses, this conundrum will accelerate the implementation of tools and technologies in order to reduce vulnerabilities in the cloud environment.

3. IoT Pushing Networking’s Physical Limits

According to IDC’s Worldwide Semiannual Internet of Things Spending Guide, spending on IoT will reach $772.5 billion in 2018. With such rapid growth, IoT is already pushing the physical limits of today’s networking. Sensors are reporting masses of data to be analyzed in real time, demanding bandwidth and latency requirements that traditional network infrastructure cannot handle, especially over the long-term. While 5G is touted as the cure-all to this surge in data with dramatically faster speeds, there is significant work that must be accomplished by operators in 2018 to make the network a reality.

Edgeworx’ partnership with industry leading vendors in the space of User and Entity Behaviour Analytics (UEBA) and Cloud Access Security Brokers (CASB), enables us to assist organizations during the planning, design, implementation and operational support of the latest 5G and IoT technologies.

Unlock 2018 Trends on the Road with Edgeworx Solutions

At Edgeworx Solutions, we always have our finger firmly on the pulse of today’s transformation initiatives. This month our experts will be hitting the road to meet with partners and customers to educate, learn, and discuss at the following events:

Fortinet Accelerate 18

At the Cosmopolitan of Las Vegas, February 26 - March 1, 2018, Fortinet will host its premier, global user and partner conference. Edgeworx Solutions, a Platinum partner, will join over 2,000 thought leaders at Accelerate 18 in uncovering hot topics related to the DX, and what that means for businesses world wide. The annual event will provide hands-on technical expertise, interactive sessions, and cover the latest threat trends and how to protect against them.

Mobile World Congress 2018

The annual Mobile World Congress will once again take place in Barcelona from February 26 - March 1, 2018. The GSMA produced event will showcase the latest in mobile technology, from 5G to artificial intelligence, IoT and analytics, connected cars to virtual reality, drones to robots, and everything in between.

We look forward to seeing customers registered for the events in person! For those unable to attend, be sure to check back to our blog as we will be reporting the latest innovations and techniques to prepare your business for the ever-changing demands of networking and cybersecurity.

Can’t wait? Contact our solutions experts today at +1.647.793.4731 to get on the disruption path for better operational efficiency and long-term success.

Our Chapter wishes to thank you all for suggesting that a corporate donation is directed to Autism Ontario – Simcoe County Chapter.

As an agency that receives no government funding, we rely on businesses such as Edgeworx to support our programs and recreational opportunities.

As we gear up for the winter season, we are offering a downhill & snowboarding program which will see over 30 kids diagnosed with an autism spectrum disorder take to the slopes for a 6-week program. We could not offer these types of programs without donations from our community.

Best wishes this holiday season and in 2018!

The recent outage at Comcast due to a Level3 configuration mistake, is a great example of 'the chain only being as strong as its weakest link'.

Last week's misconfiguration at Level 3 triggered a wave of outages across North America's larger SPs.

Due to an attempt to optimize routing policies, Level3 actually created a route leak. A route leak means that traffic on route to a destination was inefficiently routed, causing delays and poor response time. Or traffic fails to reach the destination all the together, causing much more agony. The latter comment is an understatement, since it caused serious issues. Not just issues at the backbone and provider level, also at peering providers across the nation's borders. This misconfiguration truly caused a wave that ripples across the network, across borders, unobstructed.

This outage demonstrates that human errors still happen. They can have a major impact. Some says that they only happened 'occasionally' over the last decade. Fair enough, except that 10 years ago we didn't rely on the Internet as much as we do today. So, there is, in my opinion, no excuse possible, more focus on change management, more control over who can access what and assess the impact in a 'what-if'. Reliable and predictable Internet connectivity is key.

My reference to the Chain and the Link expression stands... the Web can apparently only be as strong as weakest Route. That's not a comfortable feeling.

[Picture shown by downdetector.com]

Edgeworx Solutions Inc. is now a Fortinet Platinum Partner.

"We are excited to be recognized as a Fortinet Platinum Partner”, says John McKerracher, President at Edgeworx Solutions Inc. “It highlights the professional services capabilities of our company, and enables our customers to work with us in building a strong and reliable security infrastructure.”.

“Edgeworx plays an important role in assisting its customer base, utilizing the breadth of security framework products from Fortinet. Ranging from the well-known and industry leading FortiGate firewall and UTM solutions to the latest FortiSIEM and UEBA platforms”.

About Edgeworx

Edgeworx was founded by industry savvy professionals with 20+ years experience in telecommunication service providers, networks, monitoring and control. Edgeworx sources and developes unique and industry leading solutions that change the way businesses manage their networks, and improve end user experience.

On my drive into Toronto this week, I tuned into CBC's Digital Archive program Rewind with Michael Enright.

His program amazes me over and over again, with topics ranging far and wide. This week's episode was of special interest to me,. He selected a recording from October 4, 1993 talking about 'building a faster information highway'.

The program was called Morningside, the host at the time was Peter Gzowski, the guest, Pat Sampson, acting head of the CANARIE consortium.

Mr. Sampson's explanation of the super highway in 1993 and most interestingly his predictions for example that the current (1993) fibre optic highway used by Canarie may very well become a Fibre To The Home service in the future, is fascinating.

This and other extraordinary outlooks are in the broadcast link here. Please unwind while enjoying Rewind.

Kentik, the leader in network traffic intelligence, today announced the launch of a formal global channel program to meet increasing demand for network analytics that inform real-time business and technical operations decisions.

Kentik is the network traffic intelligence company. Kentik turns network traffic – billions of digital footprints – into real-time intelligence for both business and technical operations. Network operators, engineers, and security teams use Kentik to manage and optimize the performance, security, and potential of their networks and their business. The company was founded by network and big data technologists and executives from companies such as Akamai, CloudFlare, YouTube, and Netflix, with decades of experience in operations, architecture, and distributed systems.

Edgeworx is Kentik's key delivery partner. “At Edgeworx, we’ve always said ‘you can’t manage what you can’t see.’ We built our business to help organizations gain visibility within their infrastructure and applications through performance, scalability, and security posture. Kentik’s platform aligns exactly to our mission, and we look forward to working together,” said John McKerracher, president of Edgeworx, which provides network monitoring, application performance monitoring and security solutions to Canadian businesses.

More on Kentik can be found here

We can look back on a very successful event at the OCCCIO (Ontario College Counsel of CIOs). Together with our technology partners A10, Exinda and Fortinet, we presented our solutions and technology to the 300+ attendees.

We had great conversations across the board, including a well attended presentation on the Next Generation Security Firewalls, SSL offloading and WAN Optimization. Slide deck will become available through the OCCCIO website.

Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate networks. Tracking analysis shows that there has been an average of more than 4,000 ransomware attacks every day since January 1, 2016.

On May 12, FortiGuard Labs began tracking a new ransomware variant that spread rapidly throughout the day. It is a highly virulent strain of a self-replicating ransomware that has impacted such far-flung organizations as the Russian Interior Ministry, Chinese universities, Hungarian and Spanish telcos, and hospitals and clinics run by the British National Health Services. It is especially notable for its multi-language ransom demands that support more than two-dozen languages.

For advise and steps on how to protect yourself, please follow Fortinet's guidelines here

For the third year in row, Edgeworx sponsors the annual

Ontario College Council of Chief Information Officers (OCCCIO) conference.

This year's theme: “Technology Awakens – Emerging Technologies in Higher Education”

The event isbeing held from May 16-18, 2017, hosted by Sheridan College, Oakville, ON

The OCCCIO annual conference is an opportunity for Ontario college CIO’s and I.T. leaders to share insights and best practices and to explore emerging trends. This year’s conference explores the intersection of students and our technology-rich world. “Technology Awakens” features inspiring keynote speakers, information-packed sessions, and excellent opportunities to network with colleagues and industry-leading vendors during several entertaining events.

Click here to read more

In today's world, your applications and infrastructure performance have a direct impact on productivity, revenue, and costs.

But what happens if it does not perform?

When users are complaining about “slowness”, your business loses money when systems stagnate.

Whether you’re using on-prem application hosting or cloud-based solutions, Edgeworx, together with its

partners Aryaka and ThousandEyes

will share their views on what it takes to ensure a stable, predictable and performing network infrastructure.

Please join us for

A Networking Breakfast - Global Network Performance & Achieving Optimal End User Experience.

more information can be found here

So, what did we all take away from this week’s AWS outage? Depends who you ask. Plenty of us in IT think it was a good reminder to consider multicloud and hybrid cloud environments—basically, do not put all your cloud workload eggs in one AWS basket. The

S3 storage outage affected about 150,000 websites hosted in Amazon’s US-EAST-1 region data center, which is in northern Virginia.

The Amazon outage reminded everyone in IT for a day that cloud workloads are off-premises, and that they can go down at any time. Cloud still needs a recovery, backup and continuity plan. There’s also the time-tested caveat that people still run the cloud machines. The S3 outage this week happened when an engineer made a command mistake during a routine task shutting down a storage subsystem.

Read more

Interesting publication. This event is all about unlawfully obtained credentials. Wall Street Journal started to publish this latter part of December

The charges accuse the men of using "unlawfully obtained credentials" of law firm employees to hack into at least seven law firms engaged in a number of prominent merger and acquisition deals. Once they penetrated the firms' email systems, the men allegedly targeted accounts of leading partners at the law firms engaged in high-profile M&A transactions, such as deals involving the drug maker Intermune, Intel and business services company Pitney Bowes.

After hacking their way into the networks of seven law firms and siphoning out data that was used in making $4 million profit in trades, three Chinese men were hit with charges and one was arrested.

Our partner and solution provider Exabeam addresses exactly this increasing security risk by analyzing USER BEHAVIOR using User Behavior Analytics (UBA). More can be read on our website here.

The publication can be found here.

Nokia has announced plans to acquire Deepfield to improve the firm's IP network and data analytics solutions portfolio.

Announced on December 15, Nokia said the deal to acquire the small US-based company "will extend Nokia's leadership in real-time, analytics-driven network and service automation" and will advance solutions including network and application insight and analytics and the chance to better protect networks from distributed denial-of-service (DDoS) attacks.

Founded in 2011, Deepfield provides cloud, application, and IP network analytics in real-time to clients for the purposes of network efficiency improvement and security.

By snapping up the 65-member Deepfield team, Nokia plans to integrate the firm's technology into solutions including the open SDN platform Nokia Network Services Platform (NSP) and the Nuage Networks Virtualized Services Platform (VSP).

Craig Labovitz, founder and CEO of Deepfield commented:

"We are very pleased to join Nokia, a like-minded global leader in IP networking with shared values in network innovation. I look forward to leveraging the strength of Nokia's world-class customer, sales and support footprint to take our Deepfield technology worldwide.

This will also give us a solid foundation from which to accelerate the creation of new value -- both in the Deepfield portfolio, and in joint areas such as telemetry and automation."

The deal is expected to close in the first quarter of 2017. More at http://www.zdnet.com/article/nokia-to-acquire-ip-network-analytics-firm-deepfield/

Imagine any corporation with a public Internet connectivity or connections to offices across Canada connected by a private data communication (network) infrastructure, using WAN links, MPLS or Internet with or without VPN tunnels. This could be the application performance as perceived by your end-user: “Slow, unpredictable, no one knows what’s going on.” Whereas the IT department believes that the quality of service delivered is spot-on: “all lights are on green, we don’t have any problems, all systems are up”.

Not too difficult to spot the differences between the two pictures. Please allow me to depict some scenarios that could have led to this situation.

The IT department responsible for the “highway” connections between the two corporate locations assumed that a connection with 4 traffic lanes was sufficient.The old infrastructure was, according to the usage reports of the service provider, only used for 50%. When the contract renewal was due, the service contract manager ordered half of the bandwidth. The application support team was full of confidence that the server system, serving the local users, could also service the remote office users on “the other side” of the network connection, without having tested the network-friendliness of the application. The business unit Marketing launched a new customer contact campaign requiring the Marketing team in the remote office to interact on-line with web-based customers through the corporate Internet gateway. The EDP auditor, as part of the annual risk auditing, advised to have all data residing on every corporate server, to be backed-up on a central, secure, storage system. The corporate ERP application had to be implemented before year-end, end-user testing was limited to a functional test.

The end result of one or more of these decisions: chaos on the highway between the decentralized offices and the corporate office annex data center.

Monitoring and management of these individual technology silo’s such as databases, web servers, networks, storage, applications, etc. does not guarantee that the end-user gets deliver what is agreed upon. Nor what the perception or expectation of the end-user is. Each “silo manager” may conclude that he (or she) delivers in accordance to the agree terms, however the end-user gets confronted with all the individual events and hick-ups in the application chain.

Each discipline oversees in its own technology or functional silo. It is at the end-user where the performance pain is felt. Not surprisingly is that studies show that more than 70% of all performance problems are reported by the end-user.

Time to analyze this phenomenon. The key lies in actionable performance information. Only with actionable performance information organizations are able to tackle application and end-user performance problems and challenges.

Creating this performance information starts with gathering performance data. This sounds a trivial conclusion, but it is far from that. The challenge starts with choosing a technology (or two) to obtain the required data. So, where to start?