Category Archives for "Managed Services News"

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

The Roots and Future of Ransomware

By | Managed Services News

Historically, ransomware targeted individual personal computer users; today, the big money is in attacking businesses—and MSPs are a huge target.

Imagine a thief walks into your home and rummages through your personal belongings. But instead of stealing them, he locks all your valuables into a safe and forces you to pay a ransom for the key to unlock the safe. What choice do you have?

Substitute your digital space for your home and encryption for the safe, and you have what’s known as ransomware. Ransomware is a type of virus or malware. After the initial infection, your files are encrypted and a note appears demanding payment–usually in the form of cryptocurrency such as bitcoin because transactions can’t be stopped or reversed. Once your files are encrypted, you can’t access them until you pay the ransom.

The roots of ransomware can be traced back to 1989. The virus, known as PS Cyborg, was spread through diskettes given to attendees of a World Health Organization International AIDS conference. Victims of PS Cyborg were to mail $189 to a P.O. box in Panama to restore access to their data.

Historically, ransomware targeted individual personal computer users. Today, the big money is in attacking businesses. Most of these infections go unreported because companies don’t want to expose themselves to further attacks or reputational damage.

Criminals know the value of business data and the cost of downtime. Managed services providers (MSPs) are now an especially attractive target because they service multiple SMB customers simultaneously. Therefore, a successful attack on an MSP magnifies the impact of attacks and the value of the ransom.

Primary ransomware attack vectors–with more detailed descriptions below–include:

  • Phishing
  • Cryptoworms
  • Polymorphic malware
  • Ransomware as a Service (RaaS)
  • Targeted attacks

Phishing: Still the No. 1 Ransomware Threat

Ninety percent of all Ransomware infections are delivered through email. The most common way to receive ransomware from phishing is from a Microsoft Office attachment. Once such an attachment is opened, the victim is asked to enable macros. This is the trick. If the user clicks to enable the macro, then ransomware will be deployed to the user’s machine. Phishing remains a significant and persistent threat to businesses and individuals. The Webroot 2020 Threat Report showed a 640% increase in the number of active phishing sites since 2019.

Cryptoworms

Cryptoworms are a form of ransomware that gain a foothold in an environment by moving laterally throughout the network to infect all other computers for maximum reach and impact. The most spectacular incarnation of a cryptoworm was WannaCry in 2017, where more than 200,000 computers were affected in 150 countries causing hundreds of millions in damages.

Polymorphic code

One of the more notorious forms of ransomware circulating today is polymorphic malware, which makes small changes to its signature for each payload dropped on machine–effectively making it a brand-new, never-before-seen file. Its ability to morph into a new signature enables it to evade many virus detection methodologies. Studies show that 95% of malware is now unique to a single PC. This is largely due to the shape-shifting abilities of polymorphic malware code. Today, nearly all ransomware is polymorphic, making it more difficult to detect with signature-based, antivirus technologies.

Ransomware as a Service (RaaS)

Ransomware has become so lucrative and popular that it’s now available as a “starter kit” on the dark web. This allows novice cybercriminals to

Sep 24

Why Identity Access Management Is Better than Password Vaulting, MFA

By | Managed Services News

Identity access management standardizes and even automates critical aspects of managing identities, authentication and authorization into business applications.

The question you want to ask yourself as a managed service provider is: Why are we using multiple applications for security and password protection when we could use only one?

In this article we will discuss why Identity access management (IAM) systems are a more complete solution than password vaulting management and MFA tools.

As a managed service provider (MSP), you are responsible for securing your customers’ access to the systems they need to get their work done. That means you are responsible for securing their identities and how they access their resources.

Unfortunately, simple password vault solutions do not provide the level of security that is needed to protect your users today. You cannot control how often users have to reset their passwords in all of those different applications. And you have no control over whether they are the same set of credentials that might have been hacked in another system. All of these areas in which you are lacking control can make your users and their data vulnerable to hackers.

You might think that you are protecting them by enabling multifactor authentication (MFA) for these various applications, but now you are just making their day-to-day interactions much more complex. In addition, having those users use multiple MFA vendors to access a multitude of applications is not user friendly.

Identity and access management standardizes and even automates critical aspects of managing identities, authentication and authorization into business applications. By integrating security assertion markup language (SAML) or some other form of modern authentication standard such as OpenID Connect (OIDC), companies can redirect users to sign in through an IAM vendor that gives your MSP visibility and control. You are then able to leverage security policies within the IAM to control password complexity, to control how often users have to reset passwords, and even to control whether they can reuse those compromised credentials. You can also implement multifactor authentication through the IAM without causing an overload to general users and, more importantly, without risking password breaches.

If vendors are not offering a solution that eliminates passwords, they are leaving companies vulnerable and without any protection against their biggest threat. We have found that most approaches to security are failing because they don’t take into consideration and eliminate the risk of password use.

Secure access by placing all applications behind an IAM portal using SAML or OIDC protected by a policy-compliant password, which is infinitely more secure than your typical password vault solution. An IAM solution could also integrate with other systems—for example, your RADIUS clients, providing RADIUS authentication. Thus, your users can use that same set of credentials to log into your VPN or WIFI systems.

MFA vendors also lack offerings that identity access management vendors provide, like single sign on, cloud directory, self-service password reset, and automated user provisioning. Standalone MFA solutions can be more taxing for users if they have to use MFA to sign into multiple applications every day. With an IAM, users sign into only one portal to access all applications, meaning they will only be promoted one time for MFA.

MFAs, password vaults and self-service password reset tools are already integrated into IAM platforms. Utilizing this type of technology streamlines the user process and also improves your chances of customer retention as you automate and reduce password frustrations. By modernizing your MSP business with IAM, you will strengthen security structure, improve productivity, lower help desk costs, consolidate application access, create happier customers and find a whole new revenue stream.

This guest blog is part of a Channel Futures sponsorship.

Sep 24

WANdisco LiveData Migrator Launch Spurs Infosys Agreement

By | Managed Services News

This will expand market reach for WANdisco and help accelerate customer journeys to the cloud.

WANdisco LiveData Migrator, launched a week ago, spurred an agreement between WANdisco and Infosys. Together, the two companies will help businesses migrate data to the cloud, the vendor announced Thursday.

Infosys, a global digital services and consulting company, will combine its Data Wizard solution to augment WANdisco’s LiveData Migrator. Combined, the companies will help organizations migrate their data lakes to major public clouds including AWS, Microsoft Azure and Google.

WANdisco's David Richards

WANdisco’s David Richards

“Data lake migration is a complex problem to solve, particularly when business downtime is not an option,” said David Richards, CEO at WANdisco. “Only our patented technology has a proven capability to ensure zero downtime and zero risk. We are excited to be partnering with Infosys to expand our market reach and leverage its vast experience and cloud capabilities, and help customers accelerate their journey to the cloud.”

LiveData Migrator is an automated and self-service cloud migration solution that migrates Hadoop HDFS data to the cloud. It can be used even while source data sets are being used.  Infosys Data Wizard can augment the WANdisco LiveData migrator by providing rich graphical user interface-driven migration life cycle management.

Digital Transformation

The Data Wizard helps with inventory collection, analysis, migration planning, migration validation and data certification. This automates the end-to-end data migration life cycle, according to the company. It also facilitates the movement of petabytes of data to the cloud.  Moreover, artificial intelligence and machine learning analyze data to generate deeper business insights at a lower cost compared to on-premises.

“Enterprises are recognizing that to truly achieve digital transformation, they need to leverage the economics and capabilities of the cloud,” said Satish H.C., executive vice president, data and analytics at Infosys. “However, enterprises that have historically invested in on-premises data lakes have run into challenges with manual or batch migration of business critical data to the cloud. With Infosys Cobalt, our clients are embracing hybrid cloud solutions to accelerate their digital transformation journeys and our partnership with WANdisco will help them automate migration of data volumes at scale while ensuring continued business performance.”

Infosys Cobalt is a set of services, solutions and platforms for enterprises to accelerate their cloud journies. It offers 14,000 cloud assets and more than 200 industry cloud solutions.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

Sep 24

VMware & SD-WAN: Taking a SASE Approach

By | Managed Services News

SASE is the way to go when it comes to SD-WAN, says VMware, in this Channel Partners Virtual video.

No doubt by now you’ve at least heard of the secure access service edge (SASE). It’s a spin on SD-WAN that puts extra emphasis on security. In this video from Channel Partners Virtual 2020, we hear from Rohan Naggi, senior technical product manager at VMware. He explains why security is such a vital component on your SD-WAN journey. He’ll also delve into why VMWare SD-WAN by VeloCloud is…

This content is restricted. Please log in to continue reading.

>