By Mike Sander, TierPoint Senior Solutions Engineer
Last week I had the privilege of attending TierPoint’s annual Security Summit in Omaha.
Former White House CIO Theresa Payton presented a well-received keynote address about security lessons she learned serving the president. Attendees said they enjoyed the talk because it provided a business context around an organization’s security needs, as well as ideas to address the added pressure they feel with high-profile cyberattacks continually on the rise.
(LtoR) Tom McMillin, TierPoint President and COO, Former White House CIO Theresa Payton and Mary Meduski, TierPoint President and CFO, kick off the 2016 TierPoint Security Summit
By Shea Long, TierPoint SVP of Products
It’s been a whirlwind four months since I joined TierPoint to lead the development and execution of our company’s product and service portfolios. Here are my observations and thoughts since taking on the task.
Making Cloud More Local
Although cloud adoption continues to rise, there remains a hesitation among many businesses to deploy their mission critical applications and infrastructure on a solution provider’s server that is located far, far away. If your organization is in Florida, do you want to your cloud to live in Seattle? That may be fine for some workloads, but for the most vital ones? So I see one of TierPoint’s big opportunities as making cloud computing more local. That means building out more locations in more markets where we can offer an array of managed services that emphasize human-to-human communication with clients. There is value in someone getting to see their cloud and getting a chance to interact with the architect who designed their solution. Continue reading
By Dustin Larmeir, TierPoint Systems Engineer
Securing the perimeter of a cloud is critical to help protect against network infiltration, but it’s key to remember that perimeter defense represents only a single layer of cloud security. What happens when someone gets past that layer of defense?
A lot of malware will communicate to external systems, passing traffic back and forth. As a result, once it infiltrates a cloud, the malicious script or controller can then ex-filtrate confidential data. That is, unless we architect network security to protect against that outcome.
In fact, with security protocols and technologies smartly designed and implemented, even when a threat actor gets inside and plants a piece of malware, it’s often possible to prevent it from getting data out. Continue reading
By Nick Molina, TierPoint IT Engineer
In the last few weeks, Kaspersky Lab generated a lot of attention from their study about the costs of a security breach, finding that it costs double to recover if virtual infrastructure is affected. You can read their report. Some of the resulting screaming headlines came across like an indictment of virtualization itself. It has moved me to chime in with a point that seems to be missing: It is largely not virtualization’s fault.
Yes, there are many factors that drive up breach recovery costs. One that has been overlooked in the Kaspersky report discussion is virtual machine (VM) sprawl. With VMs, it is easy to set them and forget them. They can live on even without patching or OS updates, whereas their physical counterparts more frequently tend to get decommissioned or upgraded over time. Malware loves these unpatched and neglected VMs because they provide an easier point of entry into your network and can lie in wait until they are ready to do the voodoo that they do.
Although a diligent IT team with some automation can limit sprawl, sprawl is a big problem that can substantially impact risks and recovery costs. When conducting an analysis like this, you cannot ignore people and processes as part of your evaluation. Continue reading
Guest Blog By Jeff Mehrmanesh, Director of IT at Ocean State Job Lot
Editor’s Note: We asked Jeff Mehrmanesh, director of IT at Ocean State Job Lot, a leading closeout retailer with 116 stores, to share his perspective on cloud versus colocation services. This is his response.
How do you determine where your data should live?
We look at the content that is up for discussion. Are we talking about data, services, communication or really anything at all that the business needs? We start with the content. Is the content, and what you are proposing to do with it, a differentiating component that is core to your business? Is it a commoditized service that really isn’t directly going to add value to the main line of your business? Continue reading
By John Stoker, CISSP, Sales Engineering Manager at TierPoint
Once upon a time, IT security was all about perimeter defense: just keep the bad actors out, and you’ll be fine.
But if that’s your approach to security today, you’re living in a fairy tale.
There’s no better example of this than the modern Denial-of-Service (DoS) attack. A DoS attack is that of a single source attacking a specific destination in an effort to disrupt resources of the target host. A Distributed Denial-of-Service (DDoS) attack, which is more damaging, refers to attacks from multiple sources against a specific destination.
These kinds of attacks are proliferating in frequency and sophistication. Continue reading
It is 3 am on a summer Monday in northern Ohio. Dennis Cassidy is just getting up to catch his weekly commuter flight to Manhattan where he is chairman and CEO of Quodd Financial, a provider of information services to Wall Street traders, hedge-fund managers and professional retail brokers. During winters, he commutes from his Florida home. In total, he has been making the aerial commutes for the past eight years. Continue reading