Posted on: July 16, 2019 By: Carolyn Kuczynski
We talk a lot about our managed mobility services. There’s good reason for that: Effective use of mobility in business requires effective planning, proper mobile device selection, provisioning and deployment, wireless account expense management, a secure mobile device EOL strategy, and so much more. But aside from managing the mobility as a whole, there’s another facet that’s also important: The management of the devices themselves, commonly known as mobile device management, or simply by its acronym, MDM.
MDM software sits on the phone itself. Access management, identity management, device partitioning, and file synching are just a few of the device-centric features that come with typical MDM software. Because these typical feature sets enable both tighter security and increased efficiency, it’s easy to see why anyone tasked with overseeing mobility for their business would be wise to take a look at existing MDM options on the market.
Which MDM Software is Right for Your Business?
There are a variety of solid MDM choices on the market. MobileIron and VMware’s AirWatch are two leaders in the field, but Microsoft has made some inroads, too, by bundling its Intune MDM software as a part of Microsoft 365 Business packages. With multiple options, which MDM software should a business choose?
The answer, as with so many things, is that it depends on the particular needs of your business. All MDM software is not created equal, and MDM solutions that have richer feature sets are going to come with a higher price tag. Solutions like Intune, on the other hand, are relatively inexpensive, or even free for businesses that are already running Microsoft 365 Business — but the lower price tag of course comes with some limitations that are not present in the more expensive solution.
MDM in the Real World: A Quick Example
As a quick example, consider the case where an executive uses both a personal and a company-issued mobile device to access company resources. With Intune, device management is per-user, and not per device, which means that the executive’s personal device will have to have the same applications, policies, and everything else as their corporate device — a situation which may be far from ideal, from the executive’s perspective. Other solutions, like MobileIron and AirWatch, on the other hand, utilize device-based management — and thus do not suffer from this kind of limitation.
None of which is to say that Intune is a bad solution, because it’s not — it fits the needs of many businesses, and it’s our viewpoint that even a less-featured MDM solution is better than no solution at all. To that end, we work with all of our MDM customers to find and build out the solution that best meets their needs in terms of pricing and that has a feature set that’s in line with their plans, policies, and existing infrastructure.
How Wireless Watchdogs Approaches MDM
Because we work closely with our customer on finding the MDM solution that’s right, the first step is always consultative. After identifying their needs and which MDM software might be right, we’ll then typically build out a limited (in terms of number of users and devices) solution for them so that we can test, see it used in the field, and understand if it’s truly the right fit for them. Only once that limited deployment is proven correct do we move on to enrolling all devices and providing the ongoing management needed to ensure that the MDM software is always working properly.
So which MDM solution is right for your business? The one that fits your budget while simultaneously meeting your needs for mobile device management. If you’re considering MDM for your business’s mobility implementation, don’t hesitate to contact us if you need help sorting it all out.
And if you’d like a little more information on implementing MDM, please download our free eBook, A Guide to Implementing Mobile Device Management. It’s full of great information on establishing MDM goals and policies, securing your mobile devices, and the like, and you can grab it right here.
Posted on: July 10, 2019 By: Carolyn Kuczynski
In a market where SOC-as-a-Service can be purchased at “significant cost savings,” and where a la carte SOC services allow customers to order their security solutions piecemeal, one must wonder what is most important: the effectiveness of a SOC in protecting a company’s data and assets, or whatever cost savings and convenience it might offer? SOC services that cater to providing the latter do so at their clients’ peril, pretending that a two thousand-dollar SOC can somehow provide relevant detection and response capabilities to protect millions of dollars in data assets.
Unfortunately, the real cost of inadequate cybersecurity is not often realized until disaster strikes.
Truth or consequences
Learning the truth before a breach occurs will prevent the unpleasant consequences that will surely follow. Although a very low price is the first indication that a SOC doesn’t take security seriously, it is not the only one, finding a SOC that can deliver on its promises requires some insight into their operation.
A fair list of questions one should ask about their current, or prospective, SOC includes the following: Does my SOC provider have experienced analysts, who understand the data they’re looking at and turn it into actionable tasks? Are they tiered to escalate threats as needed (tier 1 – 4), or does one group do it all? Does anyone in the SOC have offensive experience?
Does my SOC provider optimize my monitoring or just does what I tell him? Is my SOC provider bringing in value or just an outsourced staff augmentation?
How many alerts did I receive from my SOC vendor in the past month? How many real cyber incidents has my SOC vendor taken part in for other clients? What were the outcomes? Does my SOC have true incident response capabilities (real experienced IR personnel with actual hacking background) or do they wait till damage is done before acting?
The biggest question – is my SOC provider giving me a fancy Help desk or a professional Security operations center??
These questions represent the bare minimum a SOC must do if they are going to safeguard their clients’ data, networks, and reputation. You’re guaranteed that any service provider who balks at any of these questions will be paralyzed in the face of even a minor incident, not to mention a serious attack.
Inadequate protection worse than none at all
Every SOC claims they can protect their clients from cyber threats. Some can, but most can’t, and the cost of those broken promises can be truly devastating. The damage of having a false sense of security should not be underestimated, nothing is more devastating and frustrating to a company than learning that the measures they took for security have turned out to be empty of content and redundant when push came to shove.
It’s a frustrating challenge, understanding who’s selling you buzz words and who actually has capabilities, but it is a challenge companies and management must take upon themselves as those responsible at the end of the day.
The regulators and legislators are 40 thousand feet up high, talking about general problems and generic solutions that in most cases don’t really guide companies as much as they force them to take misguided actions in IT and Cybersecurity.
It is up to organizations, large and small, to ask their vendors the hard questions, demand experienced services and field proven solutions, to no longer accept buzz words and fancy terms for a commodity price and paint over the Cyber risks.
If someone were to offer you full health insurance for the entire family for $5 a month, you wouldn’t consider it, knowing that there has to be a catch, understanding that there is no possible way you’re getting any value for that $5. You would ask to see what is covered? who is liable? who is behind the company and so on…
So why is it when someone offers you an expert team of cyber analysts to work 24/7/365 including Incident response teams and various expert services, all for a few hundred dollars a month – that makes sense? Ask the same questions you would any other vendor who is offering an unrealistic proposition, see how the answers blow you away.
The best security advice? You don’t have to decide to have visibility and response capabilities, but if you do, make sure you buy capabilities and not buzz words.
At some point in time, you’re going to need that service you’ve been paying for, don’t wait for that day to find out what it really is you’ve bought.
Real defense requires an understanding of offense
With cybercriminals gaining access to over 200,000 confidential records per hour, only SOCs that are geared up for real-life incidents can overcome the cyber challenges of today. Defending clients’ valuable resources against the technologically advanced hackers of today, demands that a SOC maintains an offensive posture on all fronts, strategically seeking out both vulnerabilities and exploits.
But at the very least it requires that those designing, operating and responding in the SOC, either have offensive experience or are being guided by those who do.
Tools of the trade
The majority of SOC providers offer little more than a patchwork of security products, accompanied by consumer-grade customer support (a low-level Help desk). Moreover, most have never seen a real hack, let alone participated in a real one (defensive or offensive). By contrast, a world-class SOC combines the following tools into a comprehensive security solution that becomes a core component in the client’s organization.
● Multilayer Monitoring: Monitoring means more than relaying alerts to the client. It involves a comprehensive, multi-layered monitoring center, with Tier 1 – Tier 4 alerts prioritization. It’s about knowing what to monitor (where to look) and what not to! Understanding how to separate the relevant from the noise is a challenge that requires experience and it is key to having an efficient monitoring center.
● Proactive Services: From basic hunting actions in the network to simply being updated on IOCs and taking day-to-day actions as required in a live and active SOC. Constantly questioning and investigating the traffic is the only possible way to stay in the game
● Expert Response Team: A diverse team of highly-trained cybersecurity professionals, tap decades of combined experience to keep clients protected, around the clock, from threats internal and external to the organization.
● Advanced Forensics: The SOC team brings cutting-edge forensics capabilities and technologies to bear against every threat, to include high-level digital forensics, server, and network forensics, and the latest investigative tools.
● Cyber Intelligence: To beat a hacker, you have to think like one. Effective protection of high-value client assets requires monitoring of Dark Web platforms to identify emerging threats that may involve the client – right down to cyber threats that may target a high-profile official.
● Secure Remote Connection: Secure remote interfacing with the client’s existing system reduces the impact on their operations, and ensures that all gateways, networks, servers, and data stores are constantly monitored by trained security experts.
The price of protection
In today’s ever-evolving world of cybercrime, threats come in a variety of guises. From threats as subtle as phishing emails and Trojan viruses to full-frontal infiltration and service denial attacks, many companies are just one click away from disaster. Whether the motive for an attack is ideological, for personal profit, or for revenge, the outcome is the same – loss of data, loss of capital, and possibly loss of the company’s position in the market.
Companies hiding behind the “we are not a real target – who would want to attack us” simply do not understand the way the attackers work. Over 90% of attacks are absolutely random, the attackers attack vulnerabilities, weaknesses in technology or processes, not caring at all who or what the organization behind it really is or does.
More often than not, they have no idea who it is they are attacking. They don’t see the company behind the platform until they have already engaged in the attack. You may think you are not a target but unfortunately – attackers do not share your opinion.
The question isn’t whether or not a company will become the target of an attack – because sooner or later, they will. No, the question that should be on every CIO and CEO’s mind is whether they want to pay the price for a setting up a professional SOC that can secure their digital assets, or do they want to pay the absolutely ludicrous price that comes with a data breach.
Posted on: September 6, 2018 By: admin
By: Eric Hester, Green Cloud Technologies
Complex IT scenarios used to be the stuff of NASA, militaries and Fortune 500 companies. Small businesses were immune to the complexities of highly available, multi-platform, multi-vendor, compliant, distributed, vulnerable IT systems. Those days are long gone, as we all well know. The complexity of IT was highlighted ironically by the coining of the term “cloud” itself. The “cloud” obscured the complexity of these systems into a generic term meant to say, “a network of systems and platforms maintained outside of one’s own environment” (my off the cuff definition; like many of you, I simply remember drawing clouds in the ‘90s to show complex network designs of which I didn’t want to draw all the components).
I am certainly not the first person to expound on the evolution of Information Technology over the last half century, nor do I believe I will be the last. That’s not why I am writing this post. I am writing to provide a case for the modern managed cloud service provider. Business can no longer operate without participating in these complex interconnected systems. However, small businesses have not changed – they do not have the ability to manage this complexity. They are good at what they set out to do with their enterprise, but not necessarily with the IT required to do so. Sure, MSPs of the 2.0 variety exist to fill this need, but they also are not evolved enough.
Outsourced IT is not a new concept, but it’s not enough. Outsourced cloud service mediation, outsourced service mobility and agility, outsourced compliance, outsourced security, ubiquitous service access must all be combined into a solution. MSP 1.0 was about turning break fix into opex. MSP 2.0 added consultancy and more services. MSP 3.0 (or what I call managed cloud service providers or MCSPs) must be about making IT disappear into the background.
Imagine selling (insert vertical here) as a service. A customer no longer worries about what system they are logging into, what software licenses they are paying for or whose cloud services they are using. They simply consume the services that you, as the MCSP, have selected for their needs. You may be saying, “What does that even mean? What platform(s) are you talking about? What products?” The point isn’t how yet, it is what. Now the time is right for holistic solutions made up of many vendors, products and providers. We need to put the simplification of the cloud drawing over that complexity as well. Modern MSPs or MCSPs must be focused on selling a solution that does not have the customer wondering why AWS is better than Azure or why o365 is better than gSuite, etc. Modern solutions must solve a problem and work in a way agnostic to the underlying components. Customers want to run their business and they WANT to pay you to make IT easier.
Services like SD-WAN, DDoS Protection, AI Based IDS/AMP, SaaS utilization management, Identity Management, snapshot recovery, long term archiving, abstractions like published apps or workspace platforms like AirWatch must ALL be managed to differentiate your services and create these solutions. Just as concepts like PSA, RMM, vCIO and QBRs became terms and concepts inherent in MSP 2.0 solutions, so too must these concepts now become second nature.