From Lab to Launch – Sungard AS CTO shares what’s happening in the research lab

By |

LEADERSHIP UPDATE WITH JOSH CROWE

 

To Sungard AS Chief Technology Officer (CTO) Josh Crowe, these are exciting times both in the lab and in the market. In this Q&A session with AVAIL, he pulls back the curtain to give readers a peek into what they can expect from the technologists in the Sungard AS research lab.

Q: Josh, what trends or disruptive technologies do you see shaping the market today?
Josh: There’s no question the largest innovation right now is the emergence of public cloud and dominant public cloud providers, like Amazon Web Services, Microsoft Azure and Google. It’s a fast-moving, fast-growing space that we need to keep our eyes on because these are not commodity IT platforms. These are differentiated infrastructure platforms with tremendous capabilities that we can leverage to build managed services that add value for our customers. It’s a very disruptive time in our space, but a very exciting time, too.

There are also changes in the technologies that connect infrastructures. There are new solutions coming out that provide more dynamic interconnection services between those different platforms. And, there are new methodologies emerging for how customers develop and deploy their applications in the public cloud, on our hosted private cloud or elsewhere.

Q: How are customers changing the way they build applications?
Josh: Some of our customers are taking a more modern, hybrid IT-based approach to architecting their applications. They are using micro services as a way of breaking large software projects into loosely coupled modules that communicate with each other through simple APIs. So, the way applications are being built and deployed today is significantly different than how we did it 10 years ago.

How employees access those applications changed, too. The days of everybody clocking in 9:00-5:00 and sitting behind a desk are gone. Now, employees are much more virtual and mobile and customers want to take advantage of emerging technologies to make applications more available and accessible from anywhere.

Q: What technologies are you currently evaluating or developing in the lab to respond to these trends?
Josh: Recent advances in technology, tools and security within the public cloud have us focusing on offering Sungard AS’ services on top of third-party infrastructures. Because of our experience managing all types of infrastructures, we’re also focused on advancing our existing hybrid capabilities.

As customers move applications to public or private clouds from legacy data centres, they deal with a lot of technical complexity. To address this, we’re helping our product and operations people leverage emerging interconnection tools for managing and monitoring the multiple pockets of IT our customers have.

We spent a large part of last year incubating several technologies and innovations to take the solutions we offer and evolve them to work on public cloud platforms. This came to fruition towards the end of 2015, when we released our very first third-party public cloud offering, Recovery to Cloud on Amazon Web Services. We recently released version 2.0, with the best SLA available across any of our cloud recovery solutions.

So, today, we can recover a customer’s applications in the cloud or inside our datacentre. And, we can do that in a heavily automated fashion. I’m really excited about the concept of one-click recovery, which allows customers to execute a disaster recovery test of an actual invocation during a disaster to ensure they are highly recoverable.

Q: What are you doing in the area of micro services?
Josh: From a micro services perspective, we’re working to help customers understand how sharding up their applications into piece parts and making them more service-based allows them to best leverage the capabilities of the public cloud. There are lots of opportunities for us to evolve how we offer and support this new methodology in both production and recovery environments.

Q: How do you move developments from the lab to our customers?
Josh: We work with our product teams on a daily basis. That includes evaluating a technology that might make it onto their roadmap or providing them with a prototype to take into production.
A perfect example of this is our cloud-based recovery solution for AWS. We built a working prototype that was heavily automated. We documented it, created an architecture guide and transitioned it to the product teams to take it from prototype to product. It was a very graceful transition and shows how we take advantage of the new technologies in ways that best help our customers.

Q: As CTO, how do you challenge your team to stay ahead of the curve?
As we build our CTO team, we focus on hiring people who, first and foremost, are curious. They don’t look at a problem and say, “That looks unsolvable.” They say, “I think there’s a way to solve that.”

We also hire people with an innate passion for technology and encourage independent research and experimentation to feed that passion. To go build a proof of concept, test it out and come back to the team to explain how it might work with our offerings. That’s been really critical to inspiring innovation.

It’s also important to foster and expect industry awareness when it comes to technology. To have a good perspective on who the competitors are, whether what they offer is valid or not, and how we can leverage it.

In my role, I visit a lot of our offices around the world. It’s interesting to meet folks who aren’t necessarily on the CTO team coming up with a new idea. Because innovation doesn’t just happen in a confined space on one team. It’s got to happen organically across the company.

Q: So, what keeps CTOs up at night now? And how can Sungard AS help them?
Like me, they face a challenge that presents itself on a daily basis: Balancing the need to innovate with the practical realities of running the everyday business. When new technology is introduced, it not only brings new capabilities to the business, it also brings new risks. It’s our mission to help CTOs by delivering services with the availability, security and recoverability they need, so they can worry less and focus more on innovation that will differentiate their businesses.

Q: What’s next on your technology radar?
To find out what we’re up to, I recommend visiting our blog, where we cover things like tips and tricks on using AWS, how hybrid IT is reshaping technology roadmaps, or our thoughts on new technologies and how they might impact customers. Customers can also check out our open source projects on our GitHub page. I encourage people to keep an eye on what we’re doing and to continue to ask questions, because these are very exciting times and things are always changing.

To learn more, visit our CTO Labs blog.

If you have a question for Josh, please email avail@sungardas.com

Part I: Research likens IT to a bear with a sore head

By |

In-depth research commissioned by Sungard Availability Services explores attitudes towards digital transformation by employees and the IT department itself. Likening IT to a bear, it concludes that at its best, IT is a powerful weapon for growth but at its worst, can be slow and unpredictable and, if put under pressure, is liable to lash out or go into hibernation.

 

tame-the-bear-black_400Taming the IT bear – staying in control of the organisation’s IT – is one of the CIO’s biggest challenges, a task made more difficult by increasing demand for digital-first tools from the wider business. It’s about ensuring the right conditions to keep the bear predictable and productive, while exploiting its power to make the changes necessary to keep the organisation competitive.

 

The Vanson Bourne study, involving 1,400 respondents across a variety of industries in the UK, Ireland, France, Sweden and the US, showed the wider business fully appreciates the importance of IT as a powerful tool with 81% considering access to the latest technology vital. Looking into the reasons why, 69% say it makes it easier to do their job, almost half (48%) claim it makes them more productive, while 55% say it makes their job more exciting and 63% that it has enabled them to develop new skills.

Consequently, digital transformation is now regarded as a priority for 86% of business. However, IT complexity can hinder digital transformation and delivering IT to the business is far from being a walk in the park.

 

Yawning skills gaps appear

Almost half of employees believe their current employer is behind competitors when it comes to adopting the latest digital tools and technologies. Indeed, over half (52%) of IT decision-makers (ITDMs) fear that they are not transforming digitally at the speed their management team expects. This is largely due to an inability to integrate new applications into existing technologies. Overall, 40% of respondents cite this as a missing skill, a figure that rises to 50% for the UK.

Questioned about the biggest technical skills gap hindering digital transformation, this was identified as the main problem by 39% of US respondents and 39% in France. However, in Ireland, maintaining effective security across the different IT systems was the biggest issue for 41%. The problems appear to run deeper in Sweden where 39% cited the lack of an existing solid IT infrastructure on which to build a digital transformation.

As for the biggest soft skills gaps, while communicating the benefits of digital transformation to senior leadership was highlighted in the US (39%), Ireland (57%) and Sweden (46%), understanding the business benefits of digital communication appears to be a more fundamental issue in the UK (46%) and France (40%).

 

Lack of investment continues to be a bugbear

Almost a quarter of respondents (24%) believe they are not getting the financial investment required from the wider team to effect digital transformation. This is wreaking havoc on the business with potential impacts including:

  • Staff retention suffers – Nearly a quarter of employees (23%) questioned have actually left a place of employment as it did not enable digital working practices – a figure that rises to 32% in the US
  • Productivity plummets – 84% feel digital transformation helps improve productivity
  • Loss of competitive advantage – The same proportion cite digital transformation as being critical to remain competitive in their industry

To varying degrees, the wider business looks to the IT department to step up, ‘Tame the Bear’ and help drive this change. IT are regarded as being the strongest driver by 55% overall with significant regional variations. In the US this rises to 82% while in Ireland and Sweden, it drops to just 38% and 25% respectively. Unsurprisingly, 81% of IT decision-makers said they were looking to recruit new employees with the right digital skills to achieve transformation goals.

Although 26% of ITDMs see the CTO as key in supporting the IT department’s drive for digital transformation, the CDO (19%) and CEO (13%) are also seen as important figures. Many (68%) also recognised the value of bringing in additional external support to give the digital transformation process teeth.

We will be focusing on various aspects of this study over the coming months. View the full research findings and developments here.

IT transformation helps Menzies’ global expansion plans take flight

By |

Dynamic logistics and aviation business John Menzies plc needed a flexible, scalable IT infrastructure to support its ambitious growth plans. And it needed it quickly!

As a company that services 300 airlines, has customers at 140 airports worldwide, handles 1.2 million aircraft movements and 1.7 million tons of cargo a year, bulk delivers 5 million newspapers daily and supplies almost half the UK’s retailers, Menzies understands the importance of meeting deadlines. Failure at any point would mean stores have empty shelves, newspapers don’t get delivered and planes don’t take off on time.

As part of its change management strategy, John Menzies plc is undergoing a 12-month IT transformation programme under which its IT and networks infrastructure has been outsourced to Sungard AS and many services transformed into cloud-based solutions. This will allow Menzies to focus on its core business – not only freeing up time, capital and resources, but also giving Menzies the worldwide capabilities, reliability and agility the business demands.

Following a thorough procurement process to find a supplier they could rely on, Menzies selected Sungard Availability Services. “One of Sungard AS’ strengths is their pragmatic approach. They’re willing to be flexible and compromise. We found there’s the sense of a joint effort – “How are we going to do this?” explains Mark Reid, CIO, John Menzies plc. “The relationship gives us the best of both worlds – the infrastructure, scale and experience of a big company but not the inflexibility and rigidity that often comes with it.”

menzies loading_400“Menzies is a genuinely 24/7 business. For us, it’s not just a few computers data processing overnight but operations all around the world going at full tilt.

When everyone is sleeping here in the UK, our teams in Australia and the West Coast of America are still working and the UK distribution business is at its peak. There’s no such thing as a maintenance window.”

 

Menzies’ strategy was to consolidate its four existing data centres into two resilient Sungard AS data centres from which Sungard AS would provide a Platform as a Service (PaaS) solution. However, before the IT transformation process could even start, Menzies and Sungard AS faced a more immediate concern. Menzies’ contract for its Cumbernauld data centre was scheduled to expire in a matter of weeks. This forced the two companies to perform the migration from the existing site to Sungard AS – a ‘lift and shift’ operation due to the time constraints – in just eight weeks!

In fact, the timeframe was so tight that contracts had not been signed before the move date. “This was a real example of mutual trust before either company had signed on the dotted line,” recalls Mark Reid, CIO for John Menzies. “We had to take a leap of faith that Sungard AS would be able to deliver what they promised while Sungard AS allowed us to use their facilities with no guarantee of a contract coming out of it.”

Ultimately, the migration was executed flawlessly and on time. But there was to be no breathing space!

No sooner had the first data centre been migrated than a business opportunity presented itself that required the space currently used by Menzies’ Heathrow data centre. Paul Stow, Chief Architect for John Menzies, was asked to perform a second successful migration to another Sungard AS data centre within three months, a challenge he likens to “changing the engine on a 747 mid-Atlantic without anyone noticing.”

 

Transformation of Menzies’ IT infrastructure – at speed!

menzies distribution van_400There were many factors in Menzies’ decision to outsource its IT infrastructure to Sungard Availability Services in the ten-year, multi-million pound deal. Steve Rick, Senior Vice President of John Menzies, who is leading the wider transformation, explains.

“We selected the Sungard AS solution because it provides us with the flexibility to scale our IT to meet business demand, without requiring capital investment or a commitment to server or storage volumes.

“Leveraging their investment in data centres, IT infrastructure and service management provides economies of scale and operation which translates into lower running costs for Menzies’ IT infrastructure. Sungard AS was also able to meet specific challenges around the global operation of the Menzies business and existing technology and supplier arrangements.”

The next stage is to migrate Menzies’ two remaining data centres, in Bracknell and Edinburgh, to the Sungard AS managed cloud by 31 October 2016. This will mean the two companies, working together, will have migrated four data centres and transformed Menzies’ IT infrastructure in just 12 months – a feat that would normally take several years!

 

A flexible, scalable IT environment that meets business needs cost-effectively

It is early days in the IT transformation process but Mark Reid expects to reap many benefits. These include increased flexibility from a technology perspective to respond to change by “turning capacity up and down as the business evolves” but also from a financial viewpoint. “At the moment if I initiate a new project and invest in additional servers and terabytes of storage I am committed to it for years. With our cloud model I can just turn it up with business demand and turn it off again when not needed.”

Moving to a consumption-based model will allow Menzies to enjoy all the benefits – scalability, agility and flexibility – a cloud environment brings. Paul Stow notes, “Sungard AS has enabled us to move from four expensive data centres with all the associated hardware to a model where we simply pay for the services we need. And they’re saving us money too!”

From a test and development point of view, he is looking forward to “being able to create test environments, use them for a day, a week or as long as they’re needed, then turn them off and bring them back when needed.”


Menzies video testimonial

Watch a video interview with Paul Stow, Chief Architect at John Menzies plc

With IT being mission-critical to every aspect of its operations, Menzies is enjoying the peace of mind that comes from having SLA-backed uptime of 99.95%.

Commenting on the relationship that is developing between Menzies and Sungard AS, Steve Rick remarks, “I hesitate to use the word ‘partnership’ as it has become so overused but both the length and depth of our agreement mean that there is a level of commitment there to making the relationship work on both sides. After all, ten years is longer than some marriages!”

 

You can read the full case study and watch a video interview with Paul Stow, Chief Architect at John Menzies plc, here

Hybrid IT – it’s the new normal

By |

In an ideal world, most IT managers would undoubtedly like to start with a blank slate when designing their IT infrastructure. But this is not an ideal world and few have that luxury.

Instead, you bear with the complexities of ageing architectures, siloed hard-to-integrate systems, legacy applications, multiple providers, and uncertainties about security and where to run applications and workloads for the best cost control and business outcomes.

While hybrid IT makes the path to change more complicated, the journey is nonetheless critical: In a world where change is a constant, business agility is not a ‘nice to have’ but an essential. You need to be able to respond to market shifts and emerging opportunities in front of you, not in the rear view mirror.

In a global and digital economy, your infrastructure must adapt to business that never stops. And, since customer loyalty can change with the click of a button, you need the flexibility to swiftly launch products and services to differentiate your business. This takes incredibly responsive, instantly available and infinitely scalable IT resources to make it all happen.

This is your new normal – a highly complex IT ecosystem that makes traditional IT infrastructure look like a dusty museum relic, transforming how you need to provide, manage, grow and pay for IT services. But making that transition when your IT team is already too busy making the everyday of business happen — whether that means filling orders, flying planes or comforting patients — just adds to the pressure.

Whether you’re challenged with controlling costs, balancing a mix of applications and legacy environments, managing performance or scaling and expanding into new markets, Sungard AS can help you nimbly navigate the twists and turns of IT transformation to meet the business’ expectations.

Hybrid is the new normal brochure cover_200Download our ‘Hybrid is the new normal’ brochure to find out about the five-step plan we follow to bring about change.

For further information speak to your account manager or email avail@sungardas.com.

 

Related article: You can see how we’re helping John Menzies through a 12 month IT transformation programme as part of their change management strategy, here.

Gartner again positions Sungard Availability Services as a Leader in its DRaaS Magic Quadrant

By |

We’re delighted to report that Gartner has placed Sungard Availability Services in the ‘Leaders’ position of its Magic Quadrant for Disaster Recovery as a Service[1] (DRaaS) for the second year in a row.

DRaaS_MQ_2016_400

“We understand that our business really is our customers’ business, and we take the availability and recoverability of customers’ business applications and infrastructure as seriously as they do. Time and again, customers choose us for our risk-based framework and ability to help map technical efforts to business priorities,” said Jack Dziak, executive vice president, global products, for Sungard AS.

He continued, “Today’s enterprise needs a partner that can provide more than simple DRaaS capabilities. The demands of the always-on business require a full IT availability solution that integrates into development, test, and production environments and orchestrates customer-owned and third-party infrastructures. Decades of disaster recovery experience and proven capabilities allow us to deliver on our promise of providing fully-recoverable production services. It is an honor to again be recognised by Gartner as a leader in Disaster Recovery as a Service.”

Gartner evaluated 20 Disaster Recovery as a Service (DRaaS) providers for this year’s Magic Quadrant. Service providers were evaluated against their ability to execute – to provide a DRaaS offering that meets customer requirements with a high level of service and customer support – and a completeness of vision – not just on the provider’s assessment of the current market but also on its anticipation of expected market and technology changes.

According to the analyst, firms in the Leaders quadrant have “significant industry experience in supporting data center and managed operations services, a strong provider-managed (as opposed to self-service) approach to DRaaS management, and a professional services organisation that provides a complete solution to customers for recovery planning, exercising and management.”

With more than 35 years delivering recovery solutions that apply to all facets of customers’ production environments, Sungard AS understands that IT must deliver business results and take a holistic approach to achieve business resilience. Our comprehensive DRaaS solutions are designed to be flexible enough to work with complex, hybrid production and recovery environments, and to scale up and down driven by specific business requirements, addressing a full range of recovery time and recovery point objectives (RTOs/RPOs).

To view a copy of the 2016 Gartner Inc Magic Quadrant for Disaster Recovery as a Service, visit our website.

[1]   Gartner “Magic Quadrant for Disaster Recovery as a Service” by John P Morency, Christine Tenneson, and Ron Blair, June 16, 2016.

New managed cloud recovery service for AWS brings peace of mind

By |

If you run some or all of your applications in the Amazon Web Services (AWS) cloud, you might worry about the impact of an unexpected outage on your business. We know that while AWS has all the necessary infrastructure, orchestration and scalability to support a recovery solution, without help navigating the complexities of a recovery environment in the AWS cloud it can be a daunting prospect. Equally, many customers who recover external environments into the AWS cloud would also find this a challenge.

Recognising this, Sungard Availability Services has developed a managed cloud recovery service specifically for AWS. This lives on AWS infrastructure so there is no hardware to buy or lease, no lower limit on the amount of data under protection and you pay only for recovery computing resources used at time of test or disaster.

Managed Cloud Recovery for AWS supports data replication of virtual machines along with support for replication of your Oracle and MSSQL databases. The flexibility of the AWS platform allows additional servers to be spun up in minutes as required, getting you back to ‘business as usual’ more quickly.

In fact, with our AWS-certified architecture and skilled AWS specialists we offer an SLA-backed guarantee to get your business back online in the AWS cloud in as little as two hours of an interruption.

We offer customers a choice of two ways to connect – either over public networks or via a dedicated communications link depending on security and bandwidth requirements. For those customers who require it, we can support their private connections in AWS to give greater security and more consistent performance.

In our experience, many customers also need expert help with their disaster recovery planning so making our AWS offering even better value, we offer business continuity consultancy too.
We believe the combination of AWS – one of the leading cloud computing platforms in the world – coupled with Sungard Availability Services’ recovery expertise will prove an attractive proposition.

Cloud Based Recovery for AWS is just one of our many cloud-based recovery services that enable us to make good our promise that whatever your infrastructure – physical, virtual or hybrid – we can work with it.

If you’d like more information on this or any of our other recovery services, contact your account manager or email avail@sungardas.com.

Pay up or kiss your files goodbye

By |

We’ve talked a lot in the past about DDoS attacks as a common form of cyberattack but there’s also a growing threat of ransomware attacks, which now account for around a quarter of UK cyber threats1. At peak spamming times there are about 200,000 messages an hour carrying ransomware attachments2.

 

Ransomware either blocks access to the computer or device (‘locker ransomware’) or encrypts files and data on the system (‘crypto ransomware’). But both types of malware are designed to extort money from their victims in return for a decryption key.

Companies that fail to pay up find access to their files remain blocked with a devastating effect on their ability to operate. And even those that decide they have no alternative but to pay must ask themselves whether they can trust the integrity of their data once files have been compromised in this way.

Ransomware is not a new phenomenon, first appearing in a fairly crude form as early as 1986 as the AIDS Trojan. Tactics steadily evolved over the years to become a serious threat about ten years ago.

Today, ransomware is a global threat touching all corners of the world, although certain countries tend to be affected more than others. According to the latest report3 from security firm Symantec, the three countries most affected are the US, Japan and, in third place, the UK. The study reports the number of crypto ransomware families increased by 250% between 2013 and 2014. The authors note, “Never before in the history of human kind have people across the world been subjected to extortion on a massive scale as they are today.”

 

“Never before in the history of human kind have people across the world been subjected to extortion on a massive scale as they are today.”

 

You may be familiar with some of the more common malware – BitLocker and Locky, which deny access to the computer or device, and CryptoLocker, CryptoWall or Reveton, crypto ransomware that prevents access to data. While typically the sum requested is $300 per computer, the going rate for Locky was three bitcoins (around £885) per infected machine in March of this year4 and with the huge volumes involved, this particular form of malware is big business.

In March 2014, Symantec found that Trojan. Cryptowall earned at least US$34,000 in its first month of operations. A further study by other information security researchers found that by August 2014, Cryptowall had earned more than US$1.1 million. In June 2015, data from the FBI’s Internet Crime Complaint Center (IC3) showed that between April 2014 and June 2015, it had received 992 Cryptowall-related complaints. The victims were a mix of end users and businesses, and the resulting losses from these cases amounted to more than $18m.

 

How it works

There are many routes for the malware to reach a computer. Spam email is a primary tactic. As users became more savvy about opening unsolicited email attachments or clicking on unknown links, hackers adapted their tactics to deliver ransomware through ‘spear phishing’ emails targeting specific individuals. And as email systems got better at filtering spam they evolved still further bypassing the need for individuals to click on a link altogether by seeding legitimate websites with malicious code on poorly protected end user computers.

Other routes include malvertisements, social engineering, SMS messages, data breaches, exploit kits, downloaders and bot infection. Mimicking the marketing strategy of legitimate companies, some cybercriminals even offer affiliate schemes – effectively ‘Ransomware as a Service’ where the buyer is responsible for distributing the malware and the developer takes a cut.

Once the infection is present in the system the malware begins encrypting files and folders on local drives, any attached drives, backup drives and, potentially, other computers on the same network. Users and organisations will usually be unaware they have been infected until they can no longer access their data, or see computer messages informing them of the attack and requesting payment.

Bitcoins were originally the favoured method of payment due to the anonymity the virtual currency affords but Sungard Availability Services has seen requests for wire transfers, online payment vouchers (such as a UKash or Paysafecard) and, recently, even Amazon and iTunes gift cards.

 

To pay or not to pay?

The FBI has reversed its advice issued in October last year5 and no longer recommends paying a ransom in response to a ransomware attack. “Paying a ransom doesn’t guarantee an organisation that it will get its data back—we’ve seen cases where organisations never got a decryption key after having paid the ransom,” says FBI cyber division assistant director James Trainor. “Paying a ransom not only emboldens current cyber criminals to target more organisations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organisation might inadvertently be funding other illicit activity associated with criminals.”

Perhaps surprisingly, in the majority of cases victims do recover their data or use of their computer. This is less down to altruism on the part of the cybercriminal and more because it makes good business sense. They recognise that without the reputation that they can be trusted to decrypt files once the ransom has been paid no new victims would pay a ransom demand. To build ‘trust’, some ransomware – CTBLocker is one example – actually includes the option to ‘try before you buy’, allowing the user to have five randomly chosen files decrypted as proof of the attacker’s ability and willingness to do so once a ransom is paid.

Although ransomware is currently hitting the news headlines, it is only one of many ways hackers can cripple a company’s IT systems.

As April’s leak of 11.5 million files from the Panama-based offshore law firm Mossack Fonseca demonstrated, sometimes a simple hack on an email server can wreak untold damage. In what is the biggest data leak in recent history – bigger even than WikiLeaks in 2010 or the NSA files in 2013 – 2.6TB of confidential data was released relating to some of the most powerful people in the world.

The ‘Panama Papers’ data leak (as it is commonly known) revealed how the rich and famous hide their money offshore, resulting in lurid news headlines. Twelve national leaders are among 143 politicians around the world known to have exploited offshore tax havens. While there is no suggestion that those named have done anything illegal, the revelations have proved intensely embarrassing for many.

 

What you can do about the ransomware threat

Ransomware is the kind of threat where effective business continuity management comes into its own as organisations that regularly back up their data can avoid paying a ransom at all, by simply restoring the infected system to a state prior to the infection.

With any kind of cyberattack, cybercriminals will typically go for the easiest targets first so efforts should focus on prevention. Analysing the attacks directed at Sungard AS customers and picked up by our Intrusion Detection System, we have seen OpenSSL, Heartbleed, Magento SQL Injection and Apache Struts exploit attempts along with the Bandook Trojan infection and Webshell Backdoor code.

 

Here are some proactive measures all organisations should follow to guard against any form of cyberattack:

 

  • Implement a Defence in Depth model. This is one in which you don’t place your faith in any single technique or technology but combine a number of security best practices to eliminate information security vulnerabilities. Use SIEM software to collate information from numerous sources to provide real-time analysis of security alerts generated by network hardware and applications.
  • Network edge security to eliminate threats at the perimeter, the best location to eliminate the vast majority of attacks.
  • Safeguard VPN access with regular patch and anti-virus management.
  • Adopt a virtual desktop environment for remote devices.
  • Block users from installing unauthorised applications and ensure applications are managed centrally.
  • Insist on strong password controls for users but, importantly, for System Admin too. No users should be assigned administrative access unless absolutely necessary and, for this reason, do not use the same Admin passwords on servers as for users, a common mistake. Escalation of privileges is one of the first steps to compromise a network so strictly limit access.
  • Adhere to basic security doctrines such as allowing users to see only the information necessary to do their jobs.
  • Disable macro scripts from office files transmitted over email.
  • Implement proxy internet access, mail relays and mail scrubbing to form a barrier between an internal network and the open internet. Proxy servers intercept requests for internet pages from users within the network and perform various chores to protect the network, improving performance and enforcing company web use policies.
  • Segregate networks through the use of a Demilitarised Zone (DMZ) that separates your internal local area network (LAN) from other untrusted networks, usually the internet. External-facing servers, resources and services are located in the DMZ so they are accessible from the internet but the rest of the internal LAN remains unreachable. This provides an additional layer of security to the LAN as it restricts the ability of hackers to directly access internal servers and data via the Internet.
  • Invest in Intrusion Detection and Prevention software, both host and network-based, to monitor the network for malicious activities or policy violations and act on the findings.
  • Install robust firewalls including Web Application Firewalls and monitor these to ensure they stay current and able to withstand the latest threats.
  • Conduct regular vulnerability scans.
  • Backup regularly and verify the integrity of those backups. Ensure they are not connected to the computers and networks they are backing up. Ideally, data should be held securely in a resilient, geographically separate location.
  • Penetration testing to assess the effectiveness of your defences.
  • Draw up an Information Security Policy and ensure it is rigorously adhered to.
  • Create an education programme for users explaining the risks posed by inadequate defences, the threats faced by organisations and their responsibility to prevent breaches.
  • Develop a practical incident response plan and business continuity management plan to guide the organisation’s response in the event of a cyberattack and minimise the effects of disruption. Crisis-driven decisions worsen the impact so prepare for a potential incident in advance and put plans to the test. Remember to think beyond technology and address the people and process aspects of your plan. For example:
    – Specify who is responsible for each step of the response, whether it’s someone in-house or a third party.
    – If your business involves e-commerce, have a ‘Plan B’ in place to keep orders flowing.
    – Plan your communication strategy – who needs to be notified and when.

 

If you are interested in finding out more about Information Security Consulting from one of Sungard Availability Services’ security experts, speak to your account manager, call us on 0800 143 413 or email avail@sungardas.com

 

1Eset: LiveGrid telemetry – April 2016

2Trustwave blogpost – Rodel Mendrez

3Symantec: ‘The evolution of ransomware’ – 6 August 2015

4www.bbc.co.uk/news/technology-35773058 – 10 March 2016

5https://securityledger.com/2015/10/fbis-advice-on-cryptolocker-just-pay-the-ransom/

Popular channel partner programme extended to Europe

By |

You may have read in the trade press that Sungard Availability Services is extending its successful Channel Partner Programme, running in the US and Canada since 2009, to the UK, Ireland, France, Belgium, Luxemburg and Sweden. Demonstrating its popularity, the existing programme has enjoyed consecutive year-on-year double digit growth and been repeatedly recognised with partner and industry awards.

The flexible programme offers a collaborative “sell with” field organisation with focused sales enablement, go-to-market support, exclusive lead registration and competitive compensation for partners who range from boutique consultancies to cloud hosting multinationals. As part of our joint selling model, we work with partners to provide complete solutions to their joint customers, meeting their evolving needs for as-a-service delivery models and Opex financing.

Jean-Philippe Sohier, senior vice president, European sales, Sungard AS commented: “Our leading position in the industry attracts channel partners seeking to differentiate themselves from their competition by combining value-added fully recoverable production services to their existing service capabilities.”

Partners benefit from a full portfolio of recovery, business continuity, managed IT and cloud services to satisfy any customer IT requirement. Other programme benefits include access to the established Sungard AS ecosystem of strategic technology partners – including Cisco, EMC, NetApp – and application partners such as SAP and Oracle. As an example, Cisco Partners can satisfy new Cisco Hybrid IT requirements by selling one or more of three Cisco-Powered Cloud Services from Sungard AS. SAP and Oracle integrators can leverage the in-market support plan from Sungard AS to help customers run and manage these ERP systems in the cloud.

Commenting on the new Sungard AS Channel Partner programme, Gary Coburn, CEO of channel partner Island Networks said: “Island Networks and Sungard AS have together built a very strong partnership over the last couple of years, both in Ireland and in the US. We have been very impressed with the commitment Sungard AS has shown to our partnership and also with their win/win approach right from the start. Island Networks offers world-class cloud infrastructure solutions to our customers and our partnership with Sungard AS gives us an important differentiator in the market.”

In addition to Island Networks (Ireland), we have signed an agreement with Ireland’s largest distributor, Exertis, to reach and serve the Irish channel.

“The expanded programme will replicate what we’ve successfully built in North America,” Sohier continued. “Channel partners throughout Europe may enrol into our Partner Program and leverage our proven, cost-effective sales enablement and go-to-market resources. Highly successful partners, those that have invested to represent Sungard AS and that are active in the market, can leverage the tools we’ve built and gain added benefit from additional engineering support or executive engagement.”

Find out more
Join SVP Global Channel Sales and Programs, Carmen Sorice as he discusses the Sungard AS global channel strategy. Learn about new training, enablement and marketing initiatives that will help you grow your business. Watch the video here

Prospective partners can find more information on the Partner Programme in Europe and register online at www.sungardas.co.uk/partners

Help for ISVs on their journey to SaaS

By |

We understand that getting new services to market fast is critical for Independent Software Vendors (ISVs), so we’ve joined forces with Cisco to give ISVs a shortcut to market by offering infrastructure already certified for many of their markets so they can start earning revenue from their innovations sooner.

We’ve produced an on-demand webinar, presented by Chris Ducker, Senior Director: Global Propositions Strategy, that explains how our technology platforms, partner programmes and support help ISVs move to a Software as a Service model. Over 45 minutes it answers the following questions:

  • How we can help drive growth faster with the support and resources of Cisco partner programmes
  • How our partner ecosystems can open the door to industry experts and support in your field
  • How we ensure business continuity for your application with Sungard AS’s production and recovery expertise coupled with Cisco-powered infrastructure
  • How we use pre-approved Cisco-accredited designs and infrastructure to build the right fast-start platform for your environment

The webinar will share real-life customer examples of how software vendors are successfully deploying Software as a Service today. Click here to watch the webinar at your convenience!

Why it’s good to be social

By |

If you like to be first with all the Sungard Availability Services news, there’s no quicker way to get in the know than by following us on social media. You’ll be in good company. Find us on LinkedIn, Twitter, Facebook and YouTube where we currently have over 45,000 followers.

James Ward, Digital Marketing Manager for Sungard AS, explains why if you’re not following us online you could be missing out.

“Social media is a two-way street – it’s a platform for conversation, so gives you the opportunity to see the latest and greatest from Sungard AS, pass comment and get first dibs on all of our hot off the press, news, event announcements, and thought leadership content. In the future you’ll even get access to exclusives only available on social.”

Following us couldn’t be easier. Simply visit the profiles below and follow/subscribe, or search for Sungard Availability Services on your chosen platform.
TwitterLogo_50 Twitter UK
TwitterLogo_50 Twitter US

LinkedIn logo_50 LinkedIn

FB-f-Logo__blue_50 Facebook

YouTube-logo-50 YouTube