SECURITY TOP OF THE AGENDA

By |

Welcome to the summer issue of AVAIL in which our lead story highlights the growing threat of cyber attacks in various forms and the worrying trend for hackers to use Europe as a test bed for larger, global attacks. We look at what organisations can do to protect themselves against these threats and allow company bosses to sleep at night. In a related story we focus on Distributed Denial of Service (DDoS) mitigation, a vital service to help you fight back against this increasingly prevalent type of attack.

Elsewhere, we look at other country-specific risks companies need to consider when offshoring operations to India and examine London’s unique risks as a corporate location. Appropriately, given this issue’s security theme, we turn the spotlight on our new Chief Security Officer Andrew Barber in a Quick Fire Questions feature.

With security and resilience critical considerations in your choice of cloud provider, we were delighted our enterprise cloud services (ECS) have been awarded both PCI DSS and IL3 accreditation.

Speaking of awards, we extend our warmest congratulations to the many, many customers who enjoyed well-deserved success in the 2014 CIR Business Continuity Awards. We were delighted to be able to celebrate alongside you by winning the Best Contribution to Continuity & Resilience category!

In product news we share developments on the evolution of our Managed Recovery Programme into a full-blown Recovery as a Service.

As always, I hope you enjoy this issue and my team welcomes feedback on any aspect of the magazine. Just send your comments to the editor at infoavail@sungardas.com

Gary Watson
General Manager Ireland

STAY A STEP AHEAD OF CYBER ATTACKS

By |

Cybercrime is a rising threat worldwide but a new study(1) has identified a growing trend that suggests companies across Europe are particularly vulnerable, with hackers using the region as a test bed for malicious software (‘malware’) before deployment across the globe. The region suffered some 973,000 attacks during a six month monitoring period in 2013. This compared with 480,000 attacks for the same period across Asia and 224,000 in the US. Within Europe, the UK is targeted for a disproportionate number of attacks relative to its size.

While the UK suffers a greater volume of attacks, the methods used by cyber criminals are fairly consistent across the globe. One of the biggest threats comes from web application attacks where criminals attempt to access user names and other commercially valuable information stored in web applications by finding a weakness in the application itself.

‘Brute force’, a trial and error method used to decode encrypted data through exhaustive effort rather than brainpower is another leading method of attack. Identified in 44% of the study’s cloud hosting provider environments and 49% of enterprise data centres, this attack type joins web application attacks and vulnerability scans as the most common cyber threats in cloud hosting provider environments.

Another common technique is attempted reconnaissance (or ‘recon’), which involves scanning to gather information (such as what operating system is used and what ports are open) to uncover vulnerabilities and lay the groundwork for a future attack.

Next on the danger list are malware/botnet attacks. these are programs disguised as legitimate applications that will instead inflict harm or damage to the computer or server by performing unauthorised actions such as deleting, blocking, modifying or copying data or disrupting the performance of the computer network by other means. the increasing take-up of VDI (Virtual Desktop Infrastructure) technology by companies has led to an increase in this type of attack, which more than doubled from 5% in 2012 to 11% in 2013.

Distributed Denial of Service (DDoS) attacks remain a huge problem for European businesses in 2014. In this type of attack a multitude of compromised systems target a single system. The flood of incoming messages effectively forces it to shut down, thereby denying service to legitimate users. Already this year we have seen high profile attacks of this nature on government organisations, banks, retailers, travel firms and facilities management companies. When the web is a key revenuegenerating source the cost of downtime resulting from a DDoS attack can quickly escalate to six or seven figure sums

KNOW YOUR ENEMY

Cyber security specialists attempt to beat hackers at their own game by setting up ‘honeypot sites’ – dummy websites that look like the real thing and are designed to attract attacks and collect data on the perpetrator. In this way, security specialists can gather valuable intelligence on attack vectors (methods used), which allows them to reverse engineer malware and write specific ‘signature content’ (protective code)to counter attempted strikes. this tactic was successfully deployed by yorkshire Bank in March last year.

SO WHAT CAN ORGANISATIONS DO TO PROTECT THEMSELVES AGAINST ATTACK?

  1. The overriding recommendation from information security professionals is to pursue what’s known as a ‘security in-depth strategy’, implementing security measures at every layer of your IT infrastructure – applications, network, host and base infrastructure. There are numerous security tools on the market today including web application firewall (WAF) technology, DDoS mitigation, intrusion detection sensors, deep packet forensics, anti virus software and network monitoring services to help your organisation implement this strategy.However, a common mistake organisations make is relying on products alone to solve the problem. Even the best products need people who can intelligently use the solution to its fullest capability.These specialists must be able to analyse the findings from these solutions, from the firewall down to the desktop, to build a full picture of security events being generated. Staying abreast of the latest vulnerabilities is also key to creating content that is up-to-date with the current threats. this will enable your organisation to react more quickly to any incidents.
  2. Be aware that whatever lengths you go to, employees can inadvertently pierce your investment so improve staff awareness of the threat. The growth of social media means increasingly sophisticated hackers can profile an employee and craft a convincing email in minutes enticing them to click on a link, unwittingly exposing your entire network. Repeatedly drum in the message that if an individual does not know who has sent the email they should not click on a link. Tell them to point the cursor over the hyperlink without clicking and a pop-up dialogue box will display the destination web or email address. Put escalation procedures in place for suspect emails and ensure these are well-publicised in order to mitigate your risk.
    Then there are the insider threats posed by a disgruntled employee or individual who has a financial arrangement with a third party to compromise your organisation’s systems. This can be countered by enforcing strict internal controls. For example, deploying technology that restricts the movement of sensitive data to an external USB device can greatly reduce the chance of confidential data being compromised by a disgruntled employee.
  3. Invest in threat intelligence to get one step ahead. Some hacking groups become very vocal before launching an attack as they try to gather followers so monitoring known social media sites can give you a 24- hour head start.

Sungard Availability Services partners with cyber security specialist Alert Logic to offer a range of joint services to protect customers and help them comply with legislation such as PCI DSS.

To receive a copy of the full report or to discuss solutions to your security issues please talk to your account manager, call +353 (0)1 467 3650 or email infoavail@sungardas.com.

1 www.alertlogic.com

DDoS MITIGATION – THE NEW BUSINESS ESSENTIAL

By |

With Distributed Denial of Service (DDoS) attacks becoming increasingly common – a new report shows the number of attacks skyrocketed by 18% in the first quarter of 20141 – DDoS mitigation is no longer a ‘nice to have’ but a fundamental requirement. It can make the difference between your firm being available to do business or being suddenly taken ‘off air’ for minutes, hours or even days.

As our lead story demonstrates, the Internet leaves companies open to a variety of attacks from all quarters and DDoS attacks are becoming increasingly common occurrences across all industry sectors. This year, a relatively new variation of DDoS threat has become particularly prevalent – ‘reflection’ and ‘amplification’ attacks, which have risen by 35% compared with Q4 2013 and 68% year-on-year.

“As the volume of attacks skyrocket, DDoS mitigation is no longer a ‘nice to have’ but a fundamental requirement”.

‘Amplification attacks’ target what’s known as Layer 3 and Layer 4 in an organisation’s IT infrastructure – the networking protocols used to send messages between servers over the internet such as User Diagram Protocol (UDP), transmission Control Protocol (TCP) and Network time Protocol (NTP). These strikes essentially involve requesting small data ‘packets’ – chunks of information – that trigger the return of large responses and magnify the scale of the attack.

Sungard Availability Services partner Cisco estimates that a monitor list (‘monlist’) attack on NTP servers, which requests the last 600 addresses that have used the server, can generate up to 5,500 times the original traffic volumes. This causes the cyber equivalent of a traffic jam, affecting an organisation’s ability to respond to customers as its outbound network quickly becomes congested. Worse still, the affected servers can be commandeered to participate in DDoS attacks on others.

The same ‘information overload’ technique can be used with Domain Name Systems (DNS). The attacker again spoofs the source address with the address they wish to attack and issues many thousands of look-up requests to DNS servers. Through various commands the attacker turns a small DNS query into a much larger payload designed to flood the target network and bring it to a standstill.

In the last two months alone we found around 100 customers were vulnerable to NTP attacks and alerted them to install a security patch on their NTP servers. Already this year, Sungard AS internet customers have been the target of six attacks over 500MB in size – with the largest attack (launched with cynical timing on April Fool’s Day) measuring some 7.5GB. The threat is not limited to any one particular sector although, typically, medium and large organisations are most commonly targeted. This year alone, we have seen indiscriminate attacks against travel companies, broadcasters, government organisations, outsourcers and financial institutions. When the web is a key revenue generating source, as it is for many of our customers, then the cost of downtime resulting from a DDoS attack can quickly escalate to six or seven figure sums.

So what can organisations do to protect themselves against this potentially devastating threat?

Sungard AS partners with the respected UK-based specialist RedSpam to offer a proven DDoS mitigation service to protect our customers. We first profile your IT estate to build a picture of normal use so we can identify within minutes when an attack is underway. At the first sign of unusual activity patterns we automatically divert internet traffic to a clearing house where it is scrubbed clean before being re-routed back to you. This cleansing process causes virtually no delay, other than the initial five to seven minutes it takes to switch the service and apply the right mitigation technique, but it has proven extremely effective in thwarting attacks. Under this service we are able to employ over 30 different techniques to deliver custom mitigation templates tailored to each client and threat level.

DDoS mitigation can be provided to Sungard AS customers as a standalone service through monthly subscription. If you’re concerned your organisation could be vulnerable to this growing threat please contact your account manager or email michael.smith@sungardas.com for an exploratory discussion.

1 Global DDoS Attack Report 2014 – Akamai Technologies

RELAX YOU’RE IN SAFE HANDS

By |

A new award was added to the Sungard Availability Services trophy cabinet following the CIR Business Continuity Awards 2014 when we won the prestigious ‘Best Contribution to Continuity & Resilience’ title in acknowledgement of our continued commitment to developing world-class products and services to meet customer needs.

We were thrilled to see several Sungard AS customers also enjoyed success on the night!

OUR CONGRATULATIONS TO:

CIR WINNERS

Sungard AS India scooped two impressive titles in the 2014 BCI India Awards – Business Continuity Provider of the Year for both Service and Product – and was shortlisted in the Business Continuity Innovation category. Sungard AS India will now join other regional winners competing in the BCI Global Awards, which take place during BCM World Conference & Exhibition in London this November.

In addition, Sungard AS was a finalist in the Managed Services Company of the year category in Ireland’s Tech Excellence Awards 2014, which we entered for the first time.

As a Sungard AS customer, these accolades show that when selecting your availability partner you made the right choice.

CLOUD RATED PCI DSS COMPLIANT

By |

Sungard Availability Services’ cloud has reached an important milestone in being rated compliant with the Payment Card Industry Data Security Standards (PCI DSS). Few, if any, other cloud providers can make this claim. It is proof that our cloud is secure, which is critically important to customers who accept credit card payments within a virtualised environment.

As recent data breaches involving US retailers Target and Neiman Marcus as well as eBay and Adobe have shown, PCI DSS compliance is no guarantee of data security but the controls it prescribes should be regarded as the starting point, a very important starting point. Firms that suffer a data breach and are not PCI DSS compliant can be fined by the card issuers for the loss of this data and may also be liable for the fraud losses incurred against these cards as well as the operational costs associated with replacing the accounts. Then there is the reputational damage and loss of customer goodwill.

Complying with the Standard is challenging for all organisations doing business in the cloud. Although they’re responsible for meeting PCI DSS requirements they have no access to the shared software infrastructure underlying their hosted cloud. So our scope as a cloud services provider has had to expand beyond compliance at the hardware level. The project to achieve compliance for our Enterprise Cloud Services (ECS) involved many Sungard AS teams across multiple geographies.

If you’d like to discuss how PCI DSS affects you or to arrange a security audit of your IT environment, contact your account manager, email infoavail@sungardas.com or call +353 (0)1 467 3650.

IL3 ACCREDITATION SETS SUNGARD AS APART

By |

Sungard Availability Services is ‘Pan Government Accredited’ up to what is termed Official-Sensitive (previously known as IL3 Restricted) level to provide secure cloud services to UK central and local government departments. Services will be offered via the online marketplace known as the G-Cloud Store.

This official recognition differentiates us from competitor services as we can now offer highly secure, low cost cloud services capable of hosting restricted UK government data. In fact, there are currently only three other service providers who have achieved this authorisation level for IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) offerings.

Government departments will be able to benefit from Sungard AS’s agile cloud services in the knowledge that processes are underpinned by ItILv3, ISO 20000 and ISO 27001 certification. This eliminates the costly duplication of effort involved in gaining accreditation that, until now, has typically been carried out on a project-by-project basis.

Our secure cloud services will be accessible to UK government customers across the Public Services Network (PSN). This is the trusted shared infrastructure that connects increasing numbers
of organisations delivering public services to each other and to cloud-based and hosted services.

Sungard AS already has a track record of successful joint ventures with Independent Software Vendor (ISV) partners to deliver end-to-end solutions to public sector customers, hosting applications and data within our UK tier 3 data centres. We provide around-the-clock support and system monitoring, allowing public sector customers to retain control over their applications without the burden of monitoring the underlying IT infrastructure.

To discuss how our secure, low cost cloud services could benefit your organisation call us on +353 (0)1 467 3650 or email infoavail@sungardas.com

CUSTOMER SURVEY COMING SOON

By |

Sungard Availability Services’ annual customer experience survey will soon be underway and you may be among the 200 randomly selected customers asked to rate our performance by an external research firm. Please be reassured that your frank feedback is welcomed, valued and your comments treated in the utmost confidence. We view the survey findings as a vital barometer of our performance and, as you have seen, act on the findings as we strive to continually improve our service.

Thank you in advance for your help and look out for the top line results in a future issue of AVAIL!

If you are not amongst those contacted over the Summer months for the survey, rest assured that your opinion is still important to us. Please email AS.UK.SERVICEDESK@SUNGARD.COM at any time.

MRP EVOLVES TO BECOME RECOVERY AS A SERVICE

By |

“7 out of 10 customers recovering by themselves continue to run into difficulty and not achieve their targeted RTOs. It’s not surprising then that the more enlightened CIOs are demanding what we call a ‘Predictable Recovery Experience’,” explains Daren Howell, Sungard Availability Services’ Proposition Marketing Manager.

In response to customer feedback, our ground-breaking Managed Recovery Programme (MRP) is being transformed to provide customers with even greater value. At the same time, it is being renamed as Recovery as a Service (RaaS).

In the disaster recovery market there are many narrow, cloud based recovery service offerings called RaaS that are just a small subset of what Sungard AS can provide. They typically focus on the technology. Sungard AS’ RaaS spans all aspects of the business – the People, Process and Technology. The new RaaS service allows customers to remain in control and dictate the business outcomes to be achieved while we provide the skilled people with the time to carry out change management between production and recovery systems and then apply the processes to recover the business. This means, when we are called upon to do so, we can consistently perform tests and recover the business applications to agreed service levels.

NEW CAPABILITY

Behind the service element are automated tools used to understand application interdependencies and to speed up the recovery process. Some are brand new and some are from what customers would recognise as managed services such as our Recover2Cloud service. Recover2Cloud was introduced to the UK last year. We have since updated that capability to run on dedicated platforms to replicate Windows and Linux physical and virtual servers and machines.

The latest new technology Sungard AS will deploy is a discovery tool that when installed on customers’ networks will search for all applications, processes and IT equipment to give you a complete picture of your IT environment. For many CIOs this alone is of tremendous value, cutting hours from an otherwise tedious, expensive and manual process. Sungard AS’ automated discovery & dependency mapping process also scans and flags on-going changes to the IT estate, making it easier to ensure the recovery backup capability keeps pace with the production estate.

By tiering your applications and processes, in terms of their values / criticality to the business and their dependencies, Sungard AS creates and uses the recovery processes and the most appropriate mix of availability solutions to return a recovery performance that meets service levels agreed with the customer. Sungard AS isn’t tied to a single platform for recovery.

Matthew White, Sales Manager for RaaS added, “Recovery as a Service is not just for those customers who experience difficult tests and recoveries but also those who prefer to focus resources on the production projects their business depends. Many customers are already benefitting from reduced RTOs and increased disaster preparedness that the new RaaS Service Level brings.”

For more information on Recovery as a Service please talk to your account manager or call +353 (0)1 467 3650 for details.

WHY ‘OFFSHORE’ SHOULD NOT MEAN ‘OFF THE RADAR’

By |

A new Gartner report1 shows India remains a popular destination for European and US companies looking to offshore operations to a cost-competitive, relatively stable and scalable location. The analyst’s assessment of nine AsiaPac countries reveals India is the clear worldwide leader in revenue terms.

With an average of 19% of planned applications spending for 2014 being directed offshore globally, sourcing managers are taking a keen interest in which offshore locations their services are delivered from. Offshoring business process services to a destination like India can undoubtedly deliver huge returns but companies must consider cultural differences and country-specific threats to reap the promised benefits. Failure to do so means companies run the risk of ‘reshoring’ (or ‘onshoring’). In recent years firms like Apple, British Pot Noodle producer Symingtons and model aircraft manufacturer Hornby have returned to their home manufacturing base with their metaphorical tail between their legs.

A very different risk landscape

The threats facing companies and offshored operations in India are somewhat different to the domestic markets to which European and North American companies are accustomed. Businesses need to thoroughly consider and address India’s unique country-specific risks in addition to the universal threats faced by all organisations today. For example, that old fallback in the event of disaster – ‘working from home’, either using the cloud or a Virtual Private Network (VPN) – is not a viable solution in India due to unreliable connectivity in a domestic setting.

Sungard AS has a thriving operation in India helping the domestic and international business community mitigate these threats. Multinationals, in particular, increasingly expect the same high level of business continuity (BC) provision enjoyed by their operations in Europe or the US for commercial and regulatory reasons. The Business Continuity Institute (BCI), the world’s leading body for BC professionals, recognised Sungard AS India’s market leadership with two awards in 2014 – Business Continuity Provider of the Year for Service (Workplace Services and RaaS) and Product (Software) for the second year running.

“Multinationals increasingly expect the same high level of business continuity provision enjoyed by their operations in Europe or the US”.

Seven of the 15 top technology outsourcing companies are based in India but more than 70% of BPO companies operate from a single location.

Added to this, many Indian companies fail to meet the BC requirements of their parent2. To meet growing demand from India-based operations wanting to meet accepted international BC standards such as ISO 22301, Sungard AS India operates a flourishing BCM automation and consultancy business providing expert guidance and award-winning planning, notification and incident management software solutions.

It also offers over 2,000 seats (360 syndicated with equitable sharing and more than 1,600 dedicated) across three highly resilient work area recovery centres located in Noida, Thane and Chennai with several more planned. These fully equipped alternative workplaces enable offshore operations to enjoy the same protection as sites closer to home and ensure domestic outsourcing companies can deliver the reliable service their international customers expect.

Now, signifying the maturity of the country’s BC provision, Sungard AS has introduced Recovery-as-a- Service (RaaS) offering Indian enterprises SLA-driven recovery timeframes for mission-critical IT business functions on an affordable pay-as-you-go basis.

Under the fully managed service Sungard AS takes responsibility for the entire recovery process with skilled recovery specialists driving solution deployment, performing 24/7 monitoring, troubleshooting and recovery testing to ensure the failover environment is ready in the event of any prolonged outage. Uniquely, Sungard AS also performs a full recovery within contractually committed SLAs.

 

HERE’S OUR VIEW OF THE COUNTRY’S TOP EIGHT ISSUES – you might find the results suprising.

Offshoring to India risks

If you would like practical help and guidance from exploratory experts, or to arrange an exploratory meeting, call +353 (0)1 467 3650 or email infoavail@sungardas.com

1Leading Locations for Offshore Services in Asia Pacific 2014: Still Growing but Facing Increasing Competition
2NASSCOM (National Association of Software and Services Companies) 2010/11