Category: Cybersecurity Insights

Identifying Training Opportunities and Boosting Productivity with a User Activity Monitoring (UAM) tool

User Activity Monitoring tools (UAMs) have a bad rep, with many employees believing that they are used by employers for the sole purpose of spying on them. While this may actually be true in some cases, there are so many ways that a UAM can be of real value to an organization – for both the management and the employees. 

Helping you to identify training opportunities for your employees is among the most important benefits that using a UAM can provide. Gallup found that “hope for career growth opportunities is the number one reason people change jobs today”. By offering training to your top talent, you can upskill them and prepare them for new roles and responsibilities.

Do your employees have the skills they need?

Gartner found that “58% of the workforce will need new skill sets to do their jobs successfully”. However, do you know which employees are up-to-date in their skills, and which ones need upskilling or reskilling?

Similarly, you recruit candidates with the skills and expertise that you require for the organization, but you may request your employee to take on slightly different tasks from time to time.

As a manager, you would ask the employee if they have the skills to take on the task. However, new employees or those being considered for promotion may not be comfortable with replying honestly in the negative.

In such a situation, what does the employee do?

What usually happens in such a situation is that the employee accepts the new responsibility and agrees to deliver within the defined turnaround time. They then log on to Google to find out how to perform the task!

The worst part is that as management, all you know is that your team member is not meeting their commitments. You may think they’re lazy or inefficient. There’s a tendency to put more pressure on them, resulting in unnecessary stress and employee burnout.

Even if you have product management tools where the team logs time spent on different sub-tasks, they’re not likely to log research time. After all, they are trying to hide from management the fact that they lack the required knowledge or skills!

How can you solve this problem?

Use a User Activity Monitoring (UAM) tool to understand how the employees are performing. For instance, Akku’s UAM proxy reads users’ app activity, including which websites they are visiting and how long they’re spending time on sites like Google, Stack Overflow or Stack Exchange.

Akku then shares reports on the relevant data. By studying these reports, you can see which employees are spending an unusual amount of time on Google and other work-oriented research. You then understand that they need more training on specific subjects, and can plan reskilling accordingly.

Using a UAM right 

UAMs are often used by managers to snoop on their employees and penalize them for slacking or for time away from their device. As a result, employees try to work around the system to maintain their privacy.

A UAM is not about policing employees’ time – it’s about productivity. User activity monitoring, when it’s done right, is of great benefit to both employee and employer. Prioritize productivity by identifying skilling opportunities and delivering appropriate training content to your employees who need it, when they need it.

Work with Akku to implement UAM and improve organization productivity. Schedule a consultation with us for more information.

Transitioning from a legacy IAM to an interwoven Identity Fabric

With the emergence of cloud apps, identities need to be managed outside the traditional network. This has introduced new security concerns, on account of the many user identities and passwords that administrators have to manage.

IT security systems, which used to be bifurcated between securing what is “inside” the network and what’s “outside”, have been transformed into a consolidated portfolio of services that enable users to connect to anything and anyone, anywhere and at any time, while being secure, scalable and controlled.

It is therefore imperative for Identity and Access Management (IAM) solutions to evolve continuously and seamlessly, to expedite the process of adapting to business in the digital era.

This is where the concept of the Identity Fabric comes in. It sews together a gradual, non-disruptive integration and migration of identity and access management.

As secure digital identities are at the core of any digital transformation, identity fabric is the way forward for a future-proof metamorphosis.

What is identity fabric?

Identity Fabric is a deployment approach that helps to continually and quickly update enterprise architectures for IAM. It is the infrastructure that enterprise IAMs use to enable access for all across multiple elements and domains, without redundant user administration.

Identity fabric is the interwoven linking of identity online, providing seamless and controlled access for everyone to every service as long as they are authorized. They are not a single technology, tool, or cloud service, but the digital identity backend that delivers all the identity services in a standardized manner and integrates with legacy IAM. It is a secure and adaptive system that manages identities and access rights.

Identity fabrics use APIs to integrate with different systems and deliver a comprehensive set of services from Directory Services to Identity Lifecycle Management, Access Management Services, to Access Governance.

The identity fabric architecture

Identity fabric architectures are designed to provide identity services that can be consumed by digital services in hybrid environments (spread across a mix of on-premises, cloud, serverless, and Internet of Things) through homogenized protocols.

Identity fabrics help to avoid siloed approaches, facilitating compliance to legal and regulatory requirements to manage personally identifiable information and corporate access to resources.

Several different but overlapping APIs make up the building blocks of the identity fabric, as it puts API capabilities at the center.

While it is recommended to design the identity fabric to use the least possible number of APIs and other components, there is likely to be a large number of components one needs to migrate as a large number of solutions fall under the IAM umbrella.

As they offer a multi-pronged approach to IAM, businesses need to gradually migrate and integrate legacy IAM services and existing apps into the identity fabric, while simultaneously building new digital services.

As companies continue to modernize identity and access management, multiple products must be integrated to deliver a holistic access management solution that works for cloud and on-premise needs. CloudNow offers tailored enterprise identity and access management solutions that work for you. Reach out to us for more information and to get started.

What is CASB? How has data security changed with the cloud?

A Cloud Access Security Broker (CASB) is an on-premises or cloud-based security policy point-of-enforcement. Originally, asset security was simpler since all assets were located on-premises and on the same network, but with time and with an increasingly mobile workforce, security requirements evolved and CASB rose to meet them.

A CASB offers an integrated security management solution to security enforcement such as multi-factor authentication, single sign-on, credential mapping, encryption, tokenization, malware detection, and so on.

What is CASB and how it works?

CASB, a policy enforcement center, consolidates security regardless of device, including unmanaged smartphones or personal laptops. It works through a three-step process that involves Discovery (to compile a list of all third-cloud services and users), Classification (of risk levels of each application), and Remediation (to set security requirements and take action in case of a violation).

A CASB comprises three pillars.

1. Identity and Access Management (IAM)

Gartner defines IAM simply as ‘the discipline that enables the right individuals to access the right resources at the right times for the right reasons.’ IAM solutions help maintain a database of all organization identities and restrict access to org assets based on user identity.

2. Identity Governance and Administration (IGA)

This is a policy-based approach to IAM. IGA serves to support overall IT security and regulatory compliance as well as automate workflows for provisioning and deprovisioning users.

And yes, there is a difference between IAM and IGA. IGA allows organizations to not only define and enforce IAM policy but also connect IAM functions to meet audit and compliance requirements.

3. Privileged access management (PAM)

This is a critical security control that enables organizations to simplify how they define, monitor, and manage privileged access across their IT systems, applications, and infrastructure. It helps control who has access to sensitive systems and protected information. Most employees, for instance, shouldn’t be given access to all critical systems such as production, backup, and financial at the same time.

Privileged accounts can access valuable data and perform special actions, often with low tracking or control. PAM solutions centralize the management of administrator profiles and enforce a least privilege access policy.

To better understand what the CASB concept really means, and how you can adopt it as you secure your SaaS, PaaS, or IaaS environments, contact Akku today.

Identity and Access Management in the age of Bimodal IT

An important new practice that has emerged over the past few years in IT management is Bimodal IT, defined by Gartner as the practice of managing two separate but coherent styles of work: one focused on predictability; the other on exploration.

While the application of the Bimodal concept within an enterprise has been the subject of much discussion, employing these two modes of management in the context of Identity and Access Management has not.

Here’s our take on how the Bimodal concept fits into our scheme of things as an Identity and Access Management solution provider.

Mode 1

By the standard definition of Bimodal IT, the focus of Mode 1 is on ensuring that existing applications and business functions are kept running smoothly. Therefore, Mode 1 clearly prioritizes stability over innovation.

In the context of IAM, businesses are becoming increasingly complex in the digital age, with touchpoints and interactions with increasingly large numbers of people or users, both within and outside the organization. 

Managing this change requires IAMs to undertake a gradual evolution towards becoming simpler and more scalable. A good example of this would be the need to build in the ability to automate decision-making for setting access rules and permissions based on dynamically collected information on users, from multiple sources.

This evolutionary approach is important to ensure continued forward movement, embracing new practices and technologies, while continuing to place primary emphasis on seamless operations.

Mode 2

Mode 2 in Bimodal IT, on the other hand, places its focus squarely on innovation. In Mode 2, the priority is to undertake larger, but less certain, leaps forward, to enable the existence of entirely new business processes and approaches. 

To look at the Identity and Access Management universe, in Mode 2, the mandate would be to build the next, future-ready new IAM platform. This could involve the development of an all-new, simpler and more scalable architecture from scratch, or incorporating increased agility to adapt to a fast evolving environment, for example.

Mode 2 involves planning and building for scenarios and use-cases that go beyond what conventional thinking can conceive of, to drive the next big change. But with this focus on innovation comes a need to accept some risk as well.

Akku is an enterprise IAM solution, and our journey to get here has involved adopting different facets of Bimodal IT. This process has helped us build a platform that delivers solutions to a range of use-cases that few others can match, and to do it reliably and seamlessly. Talk to us today to see how Akku could enable identity and access management, and more, at your organization.

The Road Ahead: Emerging Trends in the Technology Sector

With each passing year, newer technologies emerge and companies of all sizes adopt them to keep up the competitive, ever-changing business landscape. According to a study by Gartner, the technology roadmap for 2020-2022 is said to be largely based on three major themes – remote work, productivity, and operations.

Here are five major trends expected to shape the future of technology in mid-sized enterprises in light of the ongoing COVID-19 pandemic.

Modernizing network infrastructure 

With the drastic rise in the remote work culture, thanks to the pandemic, mid-sized enterprises are busy equipping themselves better to embrace it in the long term. Some of the major investments in this area include container networking and virtual extensible local area network (VXLAN).

Small and mid-sized enterprises may leverage this opportunity to make work-from-home more mainstream in order to bring down long-term logistical and maintenance costs.

Facilitating secure remote access

In a bid to evolve traditional remote access and VPNs and plug in any related risks of using them while working from home, companies are also seriously considering investments in secured access service edge (SASE) and other cloud-based secure edge technologies.

What’s more, they are also gearing up to incorporate more edge technologies in the Internet of Things (IoT), Augmented Reality (AR), and Virtual Reality (VR), and so on.

Democratizing of tasks

With the aim to improve speed and agility across business teams, enterprises are deploying citizen integrator tools. to bring data and applications together.

The emphasis will be on deploying no-code or low-code applications that are user-friendly and will promote “citizen development”.

Investing in automation tools and AI

In order to enhance employee productivity and streamline product/project delivery, more and more enterprises are also adopting automation tools for workload automation, event correlation, and so on.

A number of AI technologies that facilitate natural language processing and chatbots are also in the pipeline, although not until a year or so later. 

Adopting monitoring technologies

With the expansion of the virtual workplace, manual monitoring of employees and tasks is becoming obsolete. And with that, a slew of different monitoring tools for Digital experience monitoring (DEM) and application performance monitoring (APM) have hit the market.

Enterprise-wide workplace analytics solutions are also in the offing for a majority (80%) of mid-sized enterprises.

Redesigning security practices

With virtualized firewalls, software-defined security, and firewall-as-a-service solutions, mid-sized enterprises are simplifying the provisioning of security services at par with their larger counterparts.

They are also centralizing the governance of policies to support mixed workloads, keeping in mind the future of work.

Revamping front-end and back-end operations

With more focus on newer front-end operation technologies, enterprises are strengthening their cloud infrastructure and application development processes by deploying serverless computing, microservices, and OS containers.

At the same time, legacy back-end infrastructure, if any, is also being modernized. In this way, they are making the move towards low-risk, high-value investments that also minimize the time and effort needed for infrastructure management.

Finding it difficult to keep up with evolving trends? CloudNow Technologies has a solution that includes all that your business needs for secure remote working, seamless operations, and enhanced productivity in the new normal. It also comes equipped to evolve with your business as it grows. Get in touch with us to know more!

4+1 WAYS THE MANUFACTURING INDUSTRY IS NAVIGATING THE NEW NORMAL

The manufacturing industry took a big hit at the start of the pandemic-imposed lockdown, mainly due to two reasons. Firstly, most manufacturing units require workers to be on-site and remote working was not an option, unlike certain other sectors. This meant that manufacturing came to a complete stop, at least until they were allowed to reopen with several regulations in late April. Secondly, in many manufacturing sectors, the demand went down due to the slowing down of overall economic activity.

While times have continued to be challenging over the past months, here’s how manufacturing companies are changing their approach to cope with the new normal:

Adopting automation

Before the pandemic, most manufacturing companies relied heavily on manual activities and intervention at every step of the manufacturing and distribution process. Today, wherever possible, companies are minimizing manual intervention to enable social distancing and create safer workspaces for employees and workers.

Automation and other digital solutions that help workers collaborate better also improve the speed of manufacturing, making up for months of lost time, work, and revenue. What’s more, automation can also improve production efficiency by 3-5% and increase the global manufacturing output by 1.3 trillion USD.

Rethinking the supply chain

A smooth and seamless supply chain is crucial to the success of a manufacturing company as it prevents bottlenecks, prevents the accumulation of manufactured goods, and reaches customers/end-users without delay. All of this, unfortunately, were affected during the pandemic.

To tackle this issue, manufacturing companies are building more avenues through which their goods can reach their end-users. For example, companies like Frito-Lay, PepsiCo, and Kraft Heinz have introduced direct-to-consumer sites, to shorten or even eliminate the long supply chain.

Undertaking contract manufacturing

With import and export being severely affected and international transport still limited post the COVID-19 outbreak, how are manufacturing companies delivering their products across borders? Through increased collaborative efforts within the industry!

Many international/overseas manufacturers have taken to local contract manufacturing to make sure their customers continue to receive products from the brands they prefer. Contract manufacturing is also helping some manufacturers diversify their company’s product offerings during this time, without having to make expensive investments. Here is an example from the pharma manufacturing sector.

Addressing immediate needs

The manufacturing industry thrives on a fine balance between demand and supply. During the COVID-19 pandemic, while supply was temporarily affected by movement restrictions, demand underwent a paradigm shift.

People were no longer buying cars – they had nowhere to go. Instead, as healthcare facilities struggled to accommodate the growing number of COVID-19 cases, the demand for ventilators and PPE shot up! Automotive companies were quick to identify the need and shift gears to supply exactly what was in demand. That’s not all – even beauty brands began making hand sanitizers! In this way, several companies have stayed profitable by repurposing existing manufacturing facilities to produce products that are in high demand or experiencing shortages during this time.

Staying innovative

Necessity is the mother of invention, but innovation is what will keep manufacturing companies thrive in the new normal!

If you are in the manufacturing industry, we have just the right tools to help you streamline your operations, so you can keep innovating without worries! Talk to us about our Business Continuity & Operational Resilience (BCOR) solution today.

Digital Transformation: Considerations for a Post-Pandemic World

[wonderplugin_gallery id=1]
“Digital transformation” has been a buzzword well before the COVID-19 pandemic hit. In those pre-COVID times, digital transformation was only seen as a fancy way of saying that a business was being modernized. Many assumed that digital transformation is a one-time effort; a new tool/technology is introduced and it is considered done. Often an initiative spearheaded and undertaken by a handful of stalwarts within the company, it didn’t often have the support or involvement of other stakeholders.

Shifting Perspectives

Today, we hear the term “digital transformation” once again. But this time, it sounds different, important, and even necessary! Did the COVID-19 pandemic contribute to this paradigm shift in perspective? Indeed, it appears so!

In the post-COVID world, the importance of digital transformation is coming to the forefront, as the pandemic forced people to stay indoors and search for ways to work efficiently from home. There has been a pressing need for the rapid rise in the use of technology across industries and around the world. Workers and employers are connecting digitally and learning new skills and ways to manage their responsibilities through the use of technology. And this is pushing businesses, institutions, and governments out of their comfort zones and into the threshold of digital transformation.

Several experts are also stating that digital transformation is the way to building a resilient business in the new normal, causing many businesses of all sizes to consider it seriously.

If you are one of them, here are three important facts you must first know:

Digital transformation is not easy

Over 70% of digital transformations fail. Although different organizations fail due to different reasons, mismatched goals among management teams, the lack of expert support, a top-down approach that doesn’t involve employees and end users, and “exhaustion” from attempting to scale/transform too quickly are among the top reasons reported by companies.

Commitment is one of the most crucial elements to kick-start a digital transformation. There will be challenges, but if you keep the end goal in sight, you can keep at it till you succeed.

Digital transformation is a journey

You can choose to call it a journey, a process, or a metamorphosis – but what digital transformation is not is something that can be achieved overnight. From strategizing to setting clear goals and finding the right technology that will work well with your employees and customers – there’s a lot that leads the way to a solid digital transformation.

Moreover, for a digital transformation to stay relevant, it is important for it to also adapt and evolve with the progress of your company.

Digitize, digitalize, then digitally transform

The road to digital transformation begins with digitization. In other words, the conversion of analog data and documents to digital format. Digitization is the important first step because the digitized data becomes the source for leveraging digital technologies; or digitalization.

Digital transformation goes beyond digitization and digitalization (but includes the two) to an organization-wide adoption of digital technology, accompanied by cultural change. Digital transformation, therefore, cannot be complete without the stakeholders.

There are Challenges, Threats and a World of Opportunities

While digital technology has paved the way for many employees to work from home during the pandemic, it has also underlined multiple challenges and barriers that people and communities may have. Uneducated people, for example, cannot enjoy the luxury of working from home. The case is similar to those who cannot afford a computer or stable internet connection and those in regions that lack proper infrastructure.

Another reason why technology is sometimes seen as an enemy in developing countries is the fear that robots and technological innovations will reduce the need for manpower. It is true that technology can replace low-skilled manual labor in a manufacturing unit to mass-produce products faster and, now, to reduce the risk of disease spread. It is also true that the rise of popular online stores that offer contactless shopping experiences can put physical shops at risk.

However, technology is also an enabler of jobs and opportunities, as it has led to the creation of many new occupations and jobs. It can create safer, more comfortable, and efficient alternatives. It can help companies grow and do business in countries around the world, without the need for physical presence. The digital world is also becoming a platform for people of all backgrounds to showcase their talents and get recognized.

Digital transformation can mean different things to different organizations and different people. What you need is the right vision, commitment, expert support, and the right tools that match your needs and are ready to journey from one stage to the next with you.

CloudNow’s Akku BCOR is a holistic solution that is designed to power your digital transformation, regardless of whether your business is struggling to survive, trying to revive operations, ready to drive productivity, or preparing to thrive in the new normal! Get in touch with us to know more.

5 Facts You Need To Know About Data & Data-Driven Decision Making

[wonderplugin_gallery id=1]
Data-driven decision-making (DDDM) is the process of using insights drawn from data to aid the process of decision making in an organization.

In as early as 2016, a survey by PwC revealed that data-driven organizations are three times more likely to experience significant improvements in the decision-making process when compared to those that don’t. According to the same survey, data-driven decision making brings together the right combination of “mind and machine”.

If you haven’t yet embraced data in the way you should for decision making, here are some reasons why you should:

Every organization collects data in some way or the other

Believe it or not, your ops staff are spending 2-3 hours a day collecting data of some kind. In most cases, the data simply goes into a folder, for reporting or record-keeping. In fact, almost 54% of the data collected by a company goes “dark” or unused. Why not leverage it instead? By putting your data to work, you will be amazed at how much it can help you improve your operational efficiency and fuel your business growth!

Start with the data you are already collecting to use in decision making and you can gradually expand your databases depending on the need.

Data can help you make informed, unbiased decisions

Usually, the process of decision making is highly influenced by preconceived notions, suggestions of superiors, our own intuitions, and your team’s past experiences. While MIT and Harvard experts agree that intuition cannot be neglected altogether (for in some ways, even intuition is data-driven), relying on data means that your decision eliminates bias and is backed up by hard facts. Reducing the effect of bias in decision making can help you achieve up to 7% higher returns (McKinsey). Your only challenge here is to ensure that the data you collect is accurate and without errors – a problem that can be solved by using automation instead of manual methods.

As long as your data is authentic, you can be assured that it will make a difference to your bottom line.

Data helps you learn from the past and make predictions for the future

The power of data is that it can not only be used to study historical trends for decision making, but also to build futuristic predictions with the right tools. While it is true that we cannot foresee the future, it is possible to make near-perfect estimations using predictive and prescriptive analytics.

Leverage the right technology to auto-generate data-driven insights through easy-to-understand graphical representations in intuitive dashboards.

DDDM contributes to increased productivity and profitability

The Wall Street Journal records an MIT study that proved primarily data-driven benefited from 4% higher productivity as well as 6% higher profits. If you do not collect enough within your organization to use for decision making, opt for big data resources. According to studies by BARC, big data can help increase profit by 8–10% and ensure an overall cost reduction of up to 10%.

In short, the effectiveness of using data in decision making is time-tested and proven.

DDDM can be used to enhance multiple areas of your business

From zeroing in on cost-effective measures for different processes to identifying the right channels for marketing your new product with maximum ROI, and enhancing turnaround time for customer service – data-driven decision making can be utilized to improve all areas of your business.

We recommend that you begin with internal processes, such as reviewing employee productivity based on the number of working hours and then branch out to other areas gradually.

Getting Started with Data-driven Decision Making

  1. Find out what data you already collect, identify ways to incorporate it into your decision-making process
  2. Assess your data collection methods, improve it using automation technology to reduce time taken for collection, improve accuracy of data, and effectiveness of the overall process
  3. Use a data integration tool to bring all your collected data to one common platform in a readily usable format and maintain a master repository for easy access
  4. Incorporate business intelligence and use intuitive dashboards to make data analysis and visualization a hassle-free step in the process.

At CloudNow, we offer automation, data integration, data analysis. intuitive dashboards and much more for data-driven decision making through a holistic Business Continuity and Operational Resilience (BCOR) solution. To make the most of your data today, get in touch with us now!

Password Spray Attacks: What Are They & How To Avoid Them?

Ever wondered why organizations emphasize the importance of setting a complicated password as opposed to something convenient like ‘password123’? In today’s world, hackers are getting creative with their cybersecurity attacks. One type of attack that has gained a lot of traction in the past year is ‘password spraying’ – a type of brute force attack in the cybersecurity realm that goes beyond the traditional forms of hacking into an account. 

Picture this – in the past, hackers would attempt to gain unauthorized access to a single account by constantly guessing the password in a short period of time. But with organizations bringing measures such as locking an account when three or more attempts have been made, the user gets notified about any attempted security breach.  Continue reading Password Spray Attacks: What Are They & How To Avoid Them?

Cybersecurity Trends 2020: What’s in Store

The year 2019 has been a significant one in the technology world, with several high profile cases grabbing headlines. In fact, according to a recent article by DataQuest India, there were at least four areas of interest which were highlighted this year – Remote Desktop Protocol (RDP) threats, showstopper vulnerabilities like in the case of URGENT/11, speculative execution vulnerabilities such as Meltdown and Spectre, and finally the many ransomware attacks. 

As we move on to a whole new decade, it’s important to take stock of what the past decade has taught us and what the future has in store. In the cybersecurity world, experts bear past experiences in mind and routinely predict a number of innovative techniques that could be used to infiltrate security systems. Each year, different methods and new approaches are introduced or discussed, touching upon all those concerns about data protection and the challenges ahead.  Continue reading Cybersecurity Trends 2020: What’s in Store