this is the archive page

Evaluate collaboration technology with 3 key questions

Several collaboration technology platforms have emerged in recent years incorporating robust and secure voice, video, and content sharing functionality alongside its messaging.

Evaluating these different vendors and platforms goes far beyond researching the features and benefits of existing collaboration apps used inside the organization. The process also involves establishing user policies and formulating a plan for implementation and training.

Questions to ask when conducting research

Here are three questions companies need to ask when conducting their search:

  1. How established is the collaboration company and its tools, and is security a top priority? The top companies in the space use a holistic approach to security and will employ experienced security personnel to identify and eliminate threats proactively.
  2. How does the collaboration company support rollout and training? An experienced collaboration partner can help establish policies to reinforce your company’s security posture and simplify implementation across all functional teams.
  3. Does the collaboration solution support end-to-end connectivity required by today’s agile workforce? Managing your hosted application environment requires a high-performance solution to support visibility across the organization, monitor security threats in real-time, and implement changes to address threats quickly.
Balancing security risks with business needs for online collaboration technology

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization.
 

Focus on security makes Cisco Webex a trusted collaboration technology

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted solution for corporations, institutions, and government agencies worldwide.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation and ongoing support and maintenance of your collaboration solution? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Learn more about the top goals of IT executives implementing collaboration technology and how CBTS can help.

Balancing security risks with business needs for online collaboration tools

While an increasing number of CIOs recognize the benefits of implementing standardized, corporate-wide collaboration tools, the top priority for most companies continues to be security.

Yet, the collaboration tools used extensively every day by employees contain some of your company’s most sensitive information, from customer data to logon credentials to details about a proprietary process or an innovation driving a new product offering.

In an environment where mobility is not only valued but mandatory, IT is still responsible for complying with mounting regulatory requirements, including safeguarding all information shared across collaboration platforms.

Collaboration suite vulnerability threats

Threats most often identified as arising from collaboration suite vulnerabilities include:

  • Users accessing collaboration tools from the public Internet versus a secure VPN, opening up threats from web-based opportunists.
  • Unauthorized individuals breaching logon credentials, allowing them to gather details for accessing proprietary company data, customer information, and even financial records.
  • When limited encryption gives hackers an opening, making the organization vulnerable to considerable compliance risks.
  • When code-related issues accidentally expose confidential data.
  • Third-party integrations into collaboration tools.

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization. CIOs can initiate the process by engaging stakeholders to determine functionality crucial to the lines of business, while carefully considering the diverse needs of corporate headquarters, branch, and remote users.

Give teams secure collaboration anytime, anywhere

Today, more than 63% of companies globally employ remote workers and over 48% regularly hire independent contractors.
 

Focus on security makes Cisco Webex a trusted collaboration tool

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted solution for corporations, institutions, and government agencies worldwide.

Get more done with Cisco Webex. Learn how.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation, ongoing support, and maintenance of your collaboration tools? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Schedule a collaboration security assessment today.

Give teams secure collaboration anytime, anywhere

Now, more than ever, enterprises recognize the positive impact of remote workers on the business and the value of secure collaboration technology to connect them, no matter their location, on any device.

Indeed, according to a recent, eye-opening study by Upwork, more than 63% of companies globally now employ remote workers, and over 48% regularly hire independent contractors, many of them on-demand. As a result of these more agile team structures, modern offices have become temporary anchor points for specialized, project-based services.

The challenge for CIOs

For CIOs, the challenge is how to deliver reliable, collaborative experiences consistently across these dispersed teams without sacrificing the organization’s security.
 
 

Secure collaboration balances risks and rewards

Modern corporations have discovered an agile workforce isn’t just a trend designed to keep today’s mobile, digitally connected employees engaged and happy, but a strategy that makes good business sense.

A distributed workforce can tackle project tasks around the clock, and the organization can benefit from talented people living in locations outside commuting distance to corporate headquarters or branch offices. Also, many of today’s flexible meeting rooms, offices, and co-working spaces provide an environment conducive to secure collaboration technology.

Still, many companies have not embraced the implementation of universal collaboration tools, risking security, and often struggling to keep their widely distributed teams aligned and on target with corporate initiatives. Without access to secure, virtual meeting spaces—integrating voice, messaging, video, and content sharing—suboptimal user experiences are common, with valuable meeting time wasted on technology setup or addressing issues with seemingly simple, collaborative functionality.

As a result, companies are collecting a variety of different collaboration and communications tools downloaded by their employees.

Although these apps give distributed workers the ability to share content and gather feedback needed to keep the momentum after a meeting, the sheer number of apps creates fragmentation. Content, contacts, and conversations get distributed across these various apps, and information either gets lost or becomes difficult to track down—hurdles CIOs and executive teams understand can slow operations and stall innovation.

Balancing security risks with business needs for online collaboration tools

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization.
 

Focus on security makes Cisco Webex a trusted collaboration platform

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted and secure collaboration solution for corporations, institutions, and government agencies worldwide.

Get more done with Cisco Webex. Learn how.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation and ongoing support and maintenance of your collaboration solution? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Schedule a collaboration security assessment today.

SD-WAN: The perfect prescription for CIOs’ pharmacy network challenges

There’s one thing causing pain for every IT specialist in the pharmacy industry today— enterprise WAN.

Symptoms include: traditional MPLS networks that cannot offer low-latency/high-performance access to cloud applications; security and management requirements associated with disparate traffic flows begin to add to the complexity of managing branch operations; and increasing operational (staffing) costs.

If you’re experiencing any of these issues, it may be time to ask your CIO about SD-WAN.

The evolving pharmacy environment

In today’s ever-changing pharmacy landscape, large-scale drugstore chains are strategically shifting away from significant retail presence to offering more and more healthcare services for their customers. Nurse practitioners and physician assistants are commonly available at drugstore locations to diagnose and treat minor health conditions, administer low-cost lab tests and immunizations, and provide wellness services like disease awareness and education. Additionally, some pharmacy chains now offer in-home healthcare services and have developed and maintained tools designed for specific healthcare purposes, like sourcing low-cost prescription medications, including generic and pharmacy branded drugs provided at a discount.

In this same environment, consolidation and acquisitions among pharmacy chains and other healthcare industry companies are prevalent. And like many retail environments, store closings are common, especially in drugstores with excessive floor space dedicated to retail products instead of growing healthcare services.

So, in this evolving pharmacy marketplace, IT departments must strategically bend and flex as their companies bring on new healthcare services while paring down or eliminating unprofitable products and service lines.

The challenge for CIOs—whether managing hundreds, thousands, or even 10,000+ locations with various functions, products, and services—is how do you bring all of these different moving parts together?

These challenges are especially difficult in an industry traditionally operating in technology silos across their corporate-wide branch networks.
 

Top three network challenges SD-WAN solves

Let’s take a look at the top three network challenges CIOs must overcome to operate smoothly in this shifting pharmacy environment and remain solidly profitable.

1. Volume of pharmacy locations with disparate, siloed networks

Connecting a multitude of drugstore locations with massive data footprints and ever-changing product and service lines can be a daunting challenge.

For CIOs, network engineers, and network administrators, consolidation of company location networks into an easily accessible and managed enterprise WAN is a top priority—not just from the standpoint of controlling network traffic and bandwidth usage but also understanding consumer behavior and feedback.

With SD-WAN implementation, corporate technology teams gain insight into the performance of every drugstore location network, and can then proactively and securely manage bandwidth and data flow to meet specific business objectives.

2. Obtaining single-pane-of-glass visibility without losing platform control to a managed services provider

With its real-time, centralized, web-based dashboard, SD-WAN gives pharmacy technology teams greater visibility and control than traditional enterprise-WAN infrastructure, like MPLS.

The advanced SD-WAN monitoring and orchestration software allows users to drill down into the minute details of network performance data to identify bottlenecks and reroute traffic to less stressed resources. Priority can be given to customer-focused applications such as patient monitoring and prescription refill apps to minimize emergencies or provide data to doctors to adjust treatment plans when necessary.

Single-pane SD-WAN management does not mean your IT staff must give up control over the centralized platform. By partnering with a managed service provider allowing for co-managed centralized monitoring, your pharmacy technology team gains unprecedented visibility and control over the applications driving growth for your organization, with access to managed services partner experts as needed.

3. The need to improve Quality of Service (QoS)

By eliminating the pain of managing disparate networking equipment across all pharmacy locations for centralized SD-WAN, Quality of Service improves immensely through categorization and policy changes that deliver predictable performance. In a majority of cases, potential network challenges can be addressed upfront, leading to smoother data flow and more reliable service. Many of the adjustments are applied automatically through increasingly intelligent algorithms, giving IT staff the ability to step away from day-to-day network management responsibilities to focus on the strategic initiatives designed to drive pharmacy chain growth.

With the real-time, web-based SD-WAN dashboard, technology teams can quickly analyze key metrics and performance indicators, and ensure they align with strategic business goals.

Choosing an SD-WAN provider

When making the critically important decision to choose an SD-WAN provider, just like any long-term relationship, it is important to know they have your organization’s best interests at heart and that they’re going to support future growth. That’s why a big part of our commitment to you is the roadmap we create and how it supports a long-term enterprise strategy.

CBTS is a committed SD-WAN provider. We take significant time, research, investment, expertise, and vetting to develop a roadmap that is long-term and offers a breadth and depth of functionality that aligns with your pharmacy and retail requirements.

Remember: Making the right decision about your SD-WAN provider leads to the long-term health of your IT operations and success of your business.


Learn more about the SD-WAN solution from CBTS.

Discover how advanced VMware SD-WAN by VeloCloud capabilities like Dynamic Multi-Path Optimization (DMPO) and cloud gateways can give you a competitive advantage.

Experience immediate relief when you take advantage of our 90-day SD-WAN proof-of-concept.

  1. Register for a FREE 90-day proof-of-concept (PoC) and receive Co-Managed Cloud SD-WAN at up to four sites.
  2. Receive a customer premises device provided by CBTS and cutting edge SD-WAN software technology from VMware SD-WAN by VeloCloud.
  3. Experience a simple, zero-touch deployment of the market leader in SD-WAN, helping organizations migrate to cloud applications and reduce overall network cost while increasing performance.
  4. Discover the freedom to manage company application policies through the Orchestrator or offload management to CBTS with confidence, giving you back your nights and weekends.

6 security trends to keep an eye on in 2020

Happy 2020! As a practitioner and consultant I’m excited to see what the year brings in terms of new technology, research, and clever Twitter and blog posts from the security community. To get the ball rolling, here are six security trends to keep your eye on as we start the new year.

Two security trends for home users and consumers:

1. Attacks against smart home products will increase

We will see more discovered vulnerabilities in, and attacks against, so-called “smart home” products, such as smart speakers, security systems, and cameras. Any time we see widespread deployment of technology that is, relatively speaking, in the early stages of maturity, we expect that attackers will pay attention and work to discover ways to circumvent security functions of these devices. In the last few months we’ve seen lasers used to surreptitiously command smart speakers, attackers remotely compromise smart home devices, and the inadvertent disclosure of PII from smart camera owners by the camera’s vendor. Expect attackers to look for, find, and exploit ways to control, obtain sensitive data from, and disrupt these devices.

What you can do today:

Make sure you’ve hardened your smart home devices. Change factory passwords after you install them, restrict the activities they can perform without identity validation, and regularly review the “connected apps” they use.

2. An influx of noise on social media

Because of the 2020 presidential election, we expect that social influence operations will substantially escalate from foreign states that have an interest in our country’s politics. This will include social media “news” posts, activity programmatically generated by computer-controlled (or “bot”) accounts, and an uptick in spam e-mail and robocalls to your phone. There’s also the possibility that attackers will target our voting machines. Stanford University’s Cyber Policy Center published an excellent paper on the risks and some countermeasures and controls to ensure our elections are conducted with integrity and security.

What you can do today:

Be cautious with blindly trusting any material you read from your browser or smartphone. Make sure you’re getting your news from vetted sources that are known to publish content of substance based on careful investigation and thorough research. Contact your state and local boards of elections and tell them you expect the voting process to be secure, transparent, and free from any interference, and ask what is being done to ensure this happens.

Four security trends for enterprises:

1. Ransomware incidents will continue to shift from opportunistic to targeted attacks.

Opportunistic attacks—those that aren’t focused on a specific individual or organization, but instead sent broadly to the public Internet—are certainly still going to happen, but we are seeing more and more ransomware incidents that are deliberate in nature, with a focused effort on a specific organization (say, the City of Baltimore or New Orleans). Attackers will build phishing and social engineering campaigns designed to exploit human weaknesses, as well as find exposed infrastructure with technical weaknesses and misconfiguration that will allow them a presence on the network. They will use this presence to install ransomware on key systems, attempting to impact the organization’s operations sufficiently to encourage payment.

2. Business e-mail compromise attacks will continue

We also expect to see “business e-mail compromise” attacks continue, as attackers conduct similar focused campaigns to obtain access to trusted e-mail accounts, and use that access to trick employees into providing cash, gift cards, funds transfers, or financial information. It is by far the most common successful “cyber” attack we see in our customer environments, one that’s trivial for an attacker to perform with commoditized tools and methodologies, and susceptible users at nearly every business.

What you can do today:

Begin a comprehensive security awareness training effort, intended to teach users to spot and report these attacks. Inform every employee that their managers and leadership aren’t going to ask them to take pictures of gift cards and text them back, so those requests can be safely ignored! Review your security controls posture to ensure you have sufficient defense against these threats.

3. Improvements in attacker capability

Attackers will focus research efforts on credential theft, bypass of so-called “next generation” endpoint protection solutions, and defeating multi-factor authentication. We can expect to see new standalone tools, shared code, and malware kits that leverage these advances.

What you can do today:

Ensure your risk management efforts include staying current with modern threats, including those that compromise the effectiveness of the controls you’ve deployed. Continue to monitor the threat landscape, the output from vendors that provide these solutions, and at least annually review your control set to ensure it aligns with the risks you’ve identified.

4. The California Consumer Privacy Act went into effect on January 1.

That means if you serve customers in California and (a) make $25M in revenue, (b) possess personal data for more than 50,000 individuals, or (c) sell personal data and make more than 50% of your revenue from that effort, you are subject to the law. You’re required to tell customers what data you’re collecting about them, provide this data to them when requested, and delete it when requested. The EU’s General Data Protection Regulation (GDPR) made this practice more common in 2018, but we anticipate a greater number of US businesses will be looking to add it in 2020.

What you can do today:

Read the CCPA to see if you’re subject to the law, and if so, get ready to field requests from customers or face penalties.

 

Related Articles:

Is SMS-based Multi Factor Authentication Secure?

Understanding “Data Breach Safe Harbor” law

Create your data breach response plan

How to efficiently search for executive technical talent

Finding the right executive talent to manage a rapidly evolving technology environment is proving to be one of the most significant challenges facing the enterprise in this age of digital transformation.

The fact of the matter is, those who are qualified for senior-level IT jobs have spent the bulk of their careers overseeing the static, silo-laden infrastructure of the on-premises data center and have only recently come to grips with the scalability and availability of the cloud. In short order, however, both of these environments will become steeped in artificial intelligence, system autonomy, and a host of other technologies that will not only remake data infrastructure itself but also business processes, services, and perhaps the entire business model.

This puts the enterprise in an unstable position when it suddenly finds itself without a key player since it can leave a major gap in day-to-day operations or even bring key processes to a standstill. With the business at risk, then, the faster you can fill that job with a qualified candidate and then transfer the necessary knowledge, the faster you reduce the severity and duration of the situation.

Attributes technically-inclined executive talent should have

The problem that most organizations encounter is that the pool of candidates possessing the right experience and leadership skills is limited. Ideally, you need to find not just a good manager but a technology visionary with the following skillsets:

  • Communications. When working with non-technical executive leadership or front-line employees, the candidate must be able to translate complex technology solutions in ways that are both relatable and compelling. Likewise, they must be able to understand the needs and concerns of others as they relate to the mission of the organization.
  • Foresight. The ability to seek out mission leaders and champion new initiatives, even in the face of internal blowback, is essential. This skill must apply not only to new deployments but in supporting ongoing programs as well.
  • Deep knowledge. Tech leaders should have a broad knowledge of technologies and technology initiatives and should be fully versed in the impact they will have on legacy operations and future goals. The ability to determine risk and evaluate risk ownership is also a key attribute.
  • Leadership. Mentoring, monitoring, and managing both individuals and teams is a crucial aspect of the job. Successful project management is also required, as is longer-term strategic thinking.

Laying out the requirements for top technical talent is one thing, actually finding qualified candidates is quite another. A typical mistake is to rely on internal HR and other sources to locate and vet candidates when there are specialized consultants and staffing services that can tap a far wider range of resources to acquire senior-level candidates.

CBTS provides access to top executive talent

At CBTS, we provide quick access to top executive talent with all of the skills needed to take control of demanding technical environments. Since we are at heart a technology company, we understand the technical needs of our clients and what it takes to achieve success in an increasingly competitive landscape.

Our subject matter professionals prescreen all potential candidates to ensure they are experts in their respective fields and maintain all the necessary training and certifications. We also provide a range of staffing solutions, from temporary placements to maintain operations while permanent hires are being vetted, to the transition of the temp executive to full-time status should they turn out to be the right person for the job. Either way, the enterprise saves time and money during the appointment process and lessens the risk of a bad hire or termination.

Conclusion

Despite all of the advanced technology that has come to bear on the modern business model, the most valuable enterprise asset remains its human talent, particularly those at the top of the organizational structure. Vacancies at this level must be filled quickly but not carelessly. By turning to outside help like CBTS, organizations will find that they can satisfy both demands with a temporary hire in conjunction with a thorough, professional candidate search.

For information on how CBTS can help with your staffing needs, please visit: https://www.cbts.com/consulting-services/it-staffing-and-consulting/.

Cybersecurity Awareness Month: the Essential Security Practice

I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”

To which I say, frankly, that view is nuts. Totally bonkers.

Effective prevention, detection and response is the goal of information security

Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.

Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.

The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.

Use October to re-commit your organization to cybersecurity awareness

I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.

Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations.

The Internet Crime Complaint Center noted recently that in the last three years we’ve seen over $26 billion dollars lost to these attacks.

Technical controls can help, but the most important step we can take is educating individuals about the types of attacks that they can expect to see and how to report them.

Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.

Happy October, and Happy Cybersecurity Awareness Month!

 

Related Articles:

Understanding the “attacker mindset” in security

Three steps to enhancing security solutions

Create your data breach response plan