Welcome!

Blog Feed Post

Evolve IP’s Scott Kinka Responds to the Latest USA Today Article


USA Today recently published research showing that 43% of companies have had a data breach.

My response?

It’s an interesting article. Unfortunately, the only actual “reason” mentioned in here is human capital. Front door attacks are designed to fool end users into giving away the keys to the kingdom. And even more unfortunate, is that there is little that we can do on the network security side to ensure that people aren’t fooled.

Many people try to migrate to the cloud rather than start fresh there, which perpetuates many of the hidden dangers of their previous architecture. That’s certainly one thing to leverage. But if you look at this article, it accounts for at most 20% of the breaches. The remainder are employee negligence… Could they have put IT department negligence in here? Possibly, but it doesn’t gel with the point of the rest of the article.

I think the second thing to think about is that resources used in the cloud are easily provisioned, easily torn down and don’t reside on local equipment, so, at the very least, it eliminates or reduces the human element of leaving a laptop behind, physical security of a data center, not locking a local desktop, etc. This is all also happening in an era where BYOD is becoming the norm. If someone doesn’t have a password on their iPad, they receive an email with customer information, and someone picks it up at Starbucks, is the company to blame? Or the employee? Or both? Which leads to Mobile Device Management…

MDM is going to start to drive the discussion in the next few years. Again, you can’t stop people from being purposefully negligent, but you can prevent them from being careless. No password on your iPad, no access to corporate data. Remove your password, wipe all corporate content or the whole device. You also have to consider what applications the business allows for use on these devices for IM, social media, etc., which are now increasingly becoming targets for phishing attacks.

Another topic that has been around forever is DLP (Data Leak Protection). People really haven’t understood what it is and how to use it, but with these numbers swinging so dramatically towards people as the cause of breaches, companies with compliance concerns will be forced to consider a stance on DLP. There are simple solutions that can be added to email servers and other data “exit” points that are not difficult, and can live in the cloud.

Most importantly, it’s education. Companies are just not taking the people element seriously enough. Companies with compliance risk will need to have cyber education programs for employees to identify and understand how hackers are trying to leverage them as a security breach. I fully expect that governance around corporate education may find its way into HIPAA and PCI regulations in the next few years.

How can we leverage all of this? We have to deal with these kinds of issues every day. And while we all may not have easy to buy services yet for all of these items (although several will be released this quarter), we’re watching and are ahead of where our customers can be.

Read the original blog entry...

More Stories By Scott Kinka

Scott Kinka is Chief Technology Officer for Evolve IP. He has spent almost his entire career devising new and simpler ways for companies to acquire and integrate technology. While all of the tech talk these days is about the cloud, he was doing this when it was called ASP (application service provider) or on-demand. Before Scott joined Evolve IP as Chief Technology Officer, he served as Vice President of Network Services for Broadview Networks and ATX Communications. He has been involved in application development, hosting, messaging, networking, unified communications, contact centers, and security. His mission (and specialty) is acting as a translator between technology and business needs.

Latest Stories
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments t...
Hackers took three days to identify and exploit a known vulnerability in Equifax’s web applications. I will share new data that reveals why three days (at most) is the new normal for DevSecOps teams to move new business /security requirements from design into production. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 4th annual State of the Software Supply Chain Report -- a blend of public and proprietary data with expert researc...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
DXWorldEXPO LLC announced today that Nutanix has been named "Platinum Sponsor" of CloudEXPO | DevOpsSUMMIT | DXWorldEXPO New York, which will take place November 12-13, 2018 in New York City. Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix Enterprise Cloud Platform blends web-scale engineering and consumer-grade design to natively converge server, storage, virtualization and networking into a resilient, softwar...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience while working on a wide range of projects. This experience has enabled the company to develop our amazing new product, which they are now excited to present! Among dHosting's greatest achievements, they can include the development of their own hosting panel, the building of their fully redundant server system, and the creation of dhHosting's unique product, Dynamic Edge.
This session will provide an introduction to Cloud driven quality and transformation and highlight the key features that comprise it. A perspective on the cloud transformation lifecycle, transformation levers, and transformation framework will be shared. At Cognizant, we have developed a transformation strategy to enable the migration of business critical workloads to cloud environments. The strategy encompasses a set of transformation levers across the cloud transformation lifecycle to enhance ...
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are repetitive and dull. Utilizing automation can improve your work life, automating away the drudgery and embracing the passion for technology that got you started in the first place. In this presentation, I'll talk about what automation is, and how to approach implementing it in the context of IT Operations. Ned will discuss keys to success in the long term and include practical real-world examples. Ge...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
So the dumpster is on fire. Again. The site's down. Your boss's face is an ever-deepening purple. And you begin debating whether you should join the #incident channel or call an ambulance to deal with his impending stroke. Yes, we know this is a developer's fault. There's plenty of time for blame later. Postmortems have a macabre name because they were once intended to be Viking-like funerals for someone's job. But we're civilized now. Sort of. So we call them post-incident reviews. Fires are ne...
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
The digital transformation is real! To adapt, IT professionals need to transform their own skillset to become more multi-dimensional by gaining both depth and breadth of a wide variety of knowledge and competencies. Historically, while IT has been built on a foundation of specialty (or "I" shaped) silos, the DevOps principle of "shifting left" is opening up opportunities for developers, operational staff, security and others to grow their skills portfolio, advance their careers and become "T"-sh...
ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of computational needs for many industries. Their solutions provide benefits across many environments, such as datacenter deployment, HPC, workstations, storage networks and standalone server installations. ICC has been in business for over 23 years and their phenomenal range of clients include multinational corporations, universities, and small busines...