Tech – Page 3 – Management Events

October 12, 2020

Silver Peak & Zscaler: Making SASE Work for You

As part of their digital transformation strategy, many enterprises are actively migrating applications to public cloud infrastructure and Software-as-a-Service offerings. Enterprise IT objectives and expected benefits of cloud migration include:

Increased agility
Higher application performance and availability
Improved application accessibility for users
Reduced data center footprint
Lower costs

Unfortunately, the transformational promise of the cloud often falls short of meeting these expectations.

Why? Because traffic patterns have changed.

They have changed not only due to the migration of apps to the cloud, but also in response to today’s “work-from-anywhere” world. Users now access applications from anywhere, from any device and across diverse WAN transports, including residential broadband.

IT has quickly come to realize that making incremental investments in their legacy routers and firewalls didn’t yield the desired outcomes. Traffic bound for the internet was still backhauled to the corporate data center, adding unnecessary latency and negatively impacting application performance.

What’s required is a complete transformation of the wide area network, and this transformation has fueled the biggest evolution of the WAN in two decades: the software-defined wide area network, or SD-WAN.

The combination of workers accessing business applications from home and remote locations (e.g. airports, coffee shops), along with the explosive growth of IoT devices is rendering the traditional enterprise security perimeter ineffective. Today’s cloud-first enterprise must arm workers with a security service solution that follows them wherever they go.

As we’ve already seen, continuing to use a hub-and-spoke architecture, backhauling internet-bound traffic to the data center for advanced security inspection, results in a sub-optimal user experience. What’s needed is a complete transformation of security infrastructure, and this has driven the rapid adoption of modern cloud-delivered security services.

WAN Transformation + Security Transformation = Digital Transformation

Only by transforming both the WAN edge and security architectures can the full promise of the cloud be fully realized.

In a report published by Gartner in November 2019, they proposed a new model called the secure access services edge – SASE for short. The model describes the integration of core WAN edge capabilities such as SD-WAN, routing and WAN optimization at the branch locations with a comprehensive array of cloud-delivered security services such as secure web gateway (SWG), firewall-as-a-service (FWaaS), cloud access security broker (CASB), zero trust network access (ZTNA) and more.

A key design principal of SASE is the transformation from complex hardware-laden branches to thin branches with cloud-native security services. The promises of the SASE model are many:

Improved user experience by delivering better application performance by breaking out cloud traffic locally over the internet from the branch
Operational efficiency by simplifying branch WAN infrastructure and through centralized orchestration of application, network and security policies
Reduced risk with consistent, always-up-to date, business-driven security policy enforcement
Increased business agility by significantly reducing the time to bring new sites and applications online or to update application and security policies

But simply adopting just any SD-WAN solution and cloud security offering is not enough to maximize the return on cloud investments described earlier.

While those individual solutions might deliver on the app performance/availability and accessibility promises and enable the shrinking of the data center, that approach falls short of delivering increased business agility and lower costs. And it won’t address consistent security policy enforcement across all users, locations and devices to mitigate risk to the enterprise.

What’s needed is fully automated orchestration of the WAN edge network functions and cloud-delivered security services. This is a 1 + 1 = 3 benefit for IT and the enterprise.

October 6, 2020

Internet of Things: Imperfectly Smart Devices

Smart technology or IoT continues to shape both consumer and industrial domains. Achievable through the convergence of multiple technologies, which include machine learning, real-time analytics, commodity sensors, and embedded systems. Companies who miss an opportunity and or fail to innovate alongside IoT face the genuine possibility of being overtaken and fail over time.

IoT’s most significant trend in recent years is the explosive increase in connected devices, controllable over the internet. According to Fortune Business Insights, the global IoT market size stood at $250.72 billion in 2019. Projections indicate this number will reach $1.46319 trillion by 2027, exhibiting a Compound Annual Growth Rate (CAGR) of 24.9% during this forecast period. 2020 saw a rise in the following components of the IoT model; Networks and Communication, Sensors, Data Analytics (Cloud), and Applications, with different degrees of impact.

IoT brings a lot of benefits and new opportunities to businesses all over the world. Environmental sensors, machine learning capabilities, and artificial intelligence platforms provide various operational services for organizations across different industries. Although there are fundamental characteristics shared by most devices, the wide range of applications for IoT technology also means that the particulars can be entirely dissimilar from one device to the next.

Due to the large amount and variety of connected devices, IoT continues to implant itself deeper in our lives and society, making it another prime target for cyber-attacks. According to the IBM X-Force Threat Intelligence Index 2020, Financial services remain the topmost attacked industry, closely followed by the Retail sector. Ransomware and Magecart attacks were the most prominent attacks observed against retail and impacted at least 80 reported e-commerce websites in the summer of 2019 alone. Operational Technology (OT) targeting also increased by 2000% from 2018, with more attacks on Industrial Control Systems (ICS) and OT infrastructure than in the past three years.

Cyber-attacks are not new to IoT; the most common breaches are spyware, malware, and human errors. The latter is critical due to the increase in phishing tactics through email. Attackers have been impersonating consumer tech brands with tempting links to trick users into clicking malicious links. Consumer Technology giants such as Google & YouTube (60%), Apple (15%), and Amazon (12%), made up the bulk of targeted spoofed domains, where attackers hit due to the monetizable data they hold.

An innocuous IoT device should not be run unsecured. Therefore, both users and manufacturers need to accentuate and take cyber defense seriously. Thus, resulting in the real need to systematically understand the threats and attacks on IoT infrastructure to secure IoT devices against attackers. This article attempts to identify threat types, analyze, and describe intruders and attacks facing IoT devices and services.

Brute-forcing and Poor Passwords

IoT devices often require passwords for users to access and or control the device. According to Cybernews, the most common passwords worldwide are “123456”, “123456789”, “qwerty”, and the word “password” itself. Weak passwords place your most sensitive information at risk and are similar to not using any password in the first place.

Manufacturers typically provide IoT devices with preset login credentials, making setup easier and consumer-friendly. These preset credentials are often openly available from a single web search and easily broken during brute-force attacks. Thus, IT administrators must replace the preset login credentials with significantly stronger credentials. The recommended way to go about this is to create quality passwords unique to the organization or the device and utilizing password managers.

An additional step would be to enable or implement two-factor authentication (2FA). Doing this instantly increases the security level by creating an additional lock that an attacker is less likely to access.

Improper Data Transfer and Management

IoT devices make automated decisions and carry out actions without requiring human-to-human or human-to-computer interaction. Thus, it is vital to the integrity of IoT applications that the source(s), data being fed, and produced are protected and verifiable at both ends. To achieve this, data must be encrypted from creation to consumption. However, this typically requires a higher level of encryption, cryptology, and intelligence than is easily achievable by the conventional one-way Transport Layer Security (TLS) encryption.

Furthermore, dynamic keys should be employed that ensure each data payload is encrypted with single-use keys that are not stored on the device itself or shared over the network, particularly over an insecure network.

Insecure Network

IoT devices require an active network connection to allow endpoints to communicate with each other over the internet. As a result, one of the initial and simplest attack methods a malicious attacker can deploy is to seek out weaknesses in running network services and the network communication model of connected devices.

Attackers attempt to manipulate several vulnerabilities to obtain login credentials, communication tokens, and other identifiers that the Service Ecosystem uses to identify various endpoints. It is crucial to secure endpoints with industry best practices to protect data integrity, privacy, and Man-In-The-Middle attacks (MITM). One method involves encrypting device authentication data at the data-level paired to the public key. Consequently, any captured data should remain unreadable without the equivalent private key.

Unsecure Update Process

Firmware and other software patches are often required to be pushed out to IoT devices to prevent them from being compromised or left in a vulnerable state. Organizations have to upload these updates securely to each endpoint as soon as they are made available. Failure to secure access to the update, verify the sources, and integrity can have physical consequences, resulting in data loss and corrode brand reputation, introducing legal liability.

Even if vulnerabilities and loopholes are identified, not all IoT devices can be updated securely, and this may be due to the following reasons.

Wrongful or no firmware validation.
Updates are delivered in plain text or without encryption.
No anti-rollback measures
Users are not notified of available updates. This is a fairly common occurrence.

Implementing anti-rollback update mechanisms can prevent attackers from downgrading a device to an older software version with a known security vulnerability that the attacker can exploit.

Inadequate Privacy Protection

IoT devices, by design, collect and store a significant amount of users’ personal information. Unfortunately, not all manufacturers implement strong privacy or data management and protection policies. Those that do tend to begin by encrypting and implementing various layers of distinct checks and balances, providing data security between endpoints. When these security and privacy protection models are absent, improperly installed, or set up, glaring issues crop up.

One such example of improperly set privacy controls by the manufacturer was the TRENDnet Webcam Hack. TRENDnet marketed their SecurView cameras for various uses ranging from home security to baby monitoring and claimed they were secure, the FTC said.
However, they had faulty software that let anyone who obtained a camera’s IP address look through it — and sometimes listen as well. Thus for at least two years (2010 – 2012), the SecurView webcams allowed the transmission of user login credentials in clear, readable text over the internet! It did not just end there. Even their proprietary mobile app for the cameras stored users’ login credentials in clear, readable text, right on their mobile devices allowing anyone who obtained a camera’s IP address to look and sometimes listen through it as well.

Insecure Ecosystem Interfaces

The IoT ecosystem comprises all the components that allow consumers, governments, and businesses to network between their IoT devices. Some of these include networks, data storage, remotes, security, dashboards, and data analytics. Interfaces like a backend API that devices use to connect to a larger network ecosystem can also be compromised. A significant security concern to network operators and manufacturers is 5G network technology, which is expected to shoulder the connectivity load of IoT devices.

IoT devices, when integrated with centralized management platforms and legacy systems, are at high risk of being compromised by users who unknowingly introduce security vulnerabilities at the application layer. When such interfaces are compromised, it is often due to the previously mentioned reasons and improper traffic filtering.

Conclusion

Should an IoT vendor build its device or devices with insecure software libraries or other elements that are from an insecure source, then the device(s) will logically be insecure. Other means include using third-party software and hardware from a compromised supply chain or the insecure customization of Operating System (OS) platforms.

Manufacturers must comprehend that as more IoT ecosystems are being built, it is equally imperative to build security in, right from the very start. From sourcing components to firmware writing, initial installs, and throughout a device’s lifecycle. Thus, as more and more IoT connected devices come online, these and other yet undiscovered vulnerabilities need to take center stage.

Alongside poor management practices, targeted malware, and weak IoT architecture, IoT devices and technology can also be exploited through hard to detect zero-day vulnerabilities. Attackers continue to modify their malicious code to obfuscate better and spread within networks faster. Some of the better practices that should be applied to IoT technology include not over connecting your systems, not trusting a compromised device, particularly if it was compromised locally, and for vendors, frequently subjecting your code and hardware to third-party penetration testing (Black & White Box variants).

In the future, a significant feature of IoT devices will be the ability to rapidly modify device configurations through remote tools and deliver innovative applications and capabilities. Additionally, all control updates, and packages, will include increased security and encryption to block attacks while driving more automated deployments.

The goal remains to enable a user at a local site with little to no background or understanding of IoT and IoT edge devices to connect a power cord, network cable(s), and walk away. Allowing the device to carry out self-provisioning and authentication automatically. Likewise, should a need to move the device occur, it can self-provision itself to its new location’s conditions and obligations.

July 14, 2020

Beyond RPA – It’s Time To Take A Holistic Approach To Finance Automation

RPA, or robotic process automation, in recent years has become somewhat of a synonym to the automation software category. Its application in finance, though, is restricted to the rules-based, consistent, and template-driven tasks, which are recurring and foreseeable.

But how do we go beyond automating isolated tasks to automating entire processes? How do we address the automation of highly manual ad-hoc and non-linear activities, which are at the core of financial close process and more broadly speaking record-to-report (R2R) area?

“Substantial effort related to the R2R process focuses on recording data, correcting errors, reconciling accounts, and performing month-end closing tasks to provide accurate and timely financial reporting.

Supporting business with faster and better insights based on accurate financial reporting is the modern-day challenge of the finance function. Overcoming it with automation while keeping function costs down is what we do for our customers,” says Clive Jefferies, product manager at Aico, The Financial Close Automation Platform.

A Holistic Vision Of Finance Automation

For an enterprise-level organisation, the core problem of improving finance function efficiency is beyond simply automating a set of specific tasks. The reality is far more complex and cannot be significantly improved without addressing the entire processes.

In a holistic vision of finance automation, one action should impact the entire process in one seamless workflow. For example, in R2R, it would mean the ability to:

Automatically link closing tasks and related journal entries.
Automatically create new journals directly from closing tasks.
Reconcile accounts by linking them back to the journals, which have related supporting evidence and approvals.
Follow and optimise R2R activities in real-time from a dashboard on an individual, team, legal entity or whole group level.
Validate journal data in real-time and make postings directly to General Ledger within seconds.

From an IT point of view, all of this efficiency comes down to the size of your company’s system architecture, in other words, how many different systems your company uses for R2R management. Fewer tools with live inter-connectivity is the ultimate goal here from an IT perspective.

Your Organization DNA At The Core Of Automation Solution

A lot of variables like your unique organizational processes, local tax regulations and currencies, your group company network and ERP systems, are directly going to affect how you choose to automate and optimize your finance function. It is therefore critical that the automation solution you choose supports your unique finance function DNA.

But perhaps the single most crucial ability is to have real-time access to your ERP system master data to support you at every step of the process. For example, a live connection to your ERP systems allows you to make adjustments or fix errors instantly from one financial close platform user interface.

About Aico

Aico is a Finnish software company. Our product is an intelligent financial close automation platform, which covers vital functions of R2R – close task management, journal entries, account reconciliation and financial requests like manual payments.

Our product’s unique real-time ERP system integration ability sets us apart from conventional R2R and financial close automation solutions.

Over the last ten years, we have been helping enterprise-level organisations across the Nordics to automate complex manual processes, implement smart workflows, enforce custom compliance guidelines and reduce ERP system integration complexities.

In 2020, we have successfully delivered our product to our first enterprise-level customers in the Netherlands and are continually introducing our product throughout Europe.

For more information about Aico, please visit aico.ai or view some of our resources below:

February 13, 2020

IIoT: Which comes first – Martini or Bikini?

When it comes to planning your industrial Internet of Things adoption strategy, all you need is a Martini and a bikini…

What do they have to do with IIoT? And which comes first?

You start with your Martini, of course.

Why? To use an analogy, the couple in the 1970s Martini & Rossi advertisement enjoy things “Anytime, Anyplace, Anywhere.” But today’s manufacturers are struggling to do the same, especially when it comes to connecting their assets and data across the enterprise.

So we will adapt the Martini analogy for IIoT Integration: You need the ability to connect “anything, anytime, anywhere.” I’ll get to the bikini later.

Although manufacturers place a high value on IIoT, they are encountering serious difficulties in unlocking the value of their innovation across their organizations. This is the conclusion of a recent Software AG IIoT survey of over 125 North American manufacturers*.

The vast majority of manufacturers said their IIoT investments are limited by being locked in one small department or sector of their company, preventing them from sharing the power of IIoT across the enterprise.

We call this a “fractured enterprise” and, in the Internet of Everything economy, the fractured enterprise cannot hope to compete. Half-answers from disconnected enterprise assets result in ill-founded decisions – or business reaction times that are too slow to be effective.

Manufacturers can lose millions of dollars in potential profits as they fall behind more forward-thinking competitors who have invested in predictive analytics and innovative integration strategies to scale IIoT across the enterprise.

Total integration is what makes a fractured enterprise whole, and total integration – on-premises, in the cloud and at the edge – is the only way to build successful IoT architectures, landscapes or applications.

To prepare for IoT, Industry 4.0 or a digital future, the enterprise must integrate, integrate, integrate. It makes the whole greater than the sum of the parts.

So, what about the bikini? If the Martini is integration, the bikini is analytics. Analytics are like bikinis; what they reveal is suggestive, but what they conceal is vital (to paraphrase academic Aaron Levenstein!). But don’t start with analytics before integration (a mistake which is often made in IIoT projects).

What does the IIoT bikini reveal about analytics? Usually, it means that the analytics must stay in the hands of domain experts. Data scientists can help by revealing what is suggestive. But it is the shop floor operator, the product designer, the finance director – those closest to the issue – that can uncover the real operational insights that would otherwise remain concealed.

Martinis and bikinis: A holistic approach to integration and analytics. So, in a nutshell, mix your Martinis before donning your bikinis (although you wouldn’t normally phrase it this way at a management meeting.)

This is Software AG’s approach, integrate anything (from assets to apps to back-end systems), anywhere (from the edge to the shop floor to the cloud). Then add a layer of “anytime” – streaming, historical, external, internal and time series data analysis and AI – to uncover and reveal the information that will transform your enterprise.

This is why Gartner has acknowledged Software AG as an IIoT “visionary.”

*The Software AG IIoT Implementation survey was completed in Q2 2019 by Software AG and an independent third-party research house. The survey queried nearly 200 respondents at large manufacturing companies across the automotive, heavy industry, high-technology, electronics, pharmaceutical, and medical device industries. The respondents were primarily senior executives leading manufacturing or information technology, with the breakdown being 50% Managers, 38% Directors and 13% Vice Presidents or higher.

January 30, 2020

Därför ska du digitalisera din verksamhet

Tekniken förändras precis som vi människor. Användandet av digitala tjänster har förändrat vårt sätt att driva affärer. Att automatisera och digitalisera din verksamhet är en förändring som kommer leda ditt företag i rätt riktning. Här är 5 anledningar till varför du ska digitalisera din verksamhet.

Sakernas internet (IoT)

Företag har aldrig varit så snabba på att anpassa sig till teknik relaterad till IoT som de är idag. I en undersökning utförd av Gartner Inc kan man se att hela 43 procent av alla bolag skulle använda sig av någon form av IoT relaterad teknik i slutet av 2016. Kanske är du en av de 43 procenten idag? Dock är vår spaning på att knappa 10 procent av bolagen har anpassat sig till sakernas internet. Oavsett om det handlar om 10 procent eller 43 procent är det här en trend att ha koll på. Det är en trend som verkar hålla i sig, i alla fall när man tittar på en rapport publicerad av McKinsey. Där lyfter man fram att IoT år 2025 kan ha ett värde på 10 biljoner dollar. Hur fort ett företag anpassar sig till tekniken är varierande beroende på bransch. Dock ser man en ökning för varje år när det kommer till företags anpassning av teknik.

Minskade driftskostnader

Vi slår ett extra slag för bankindustrin när det kommer till att ta vara på digitaliseringens fördelar. McKinseys rapport från 2016 berättar att driftkostnaderna för banker runt om i världen har minskat tack vare digitaliseringen. Bankerna kan förväntas reducera sina kostnader med 25% med hjälp av digitala metoder som automatisering av back-office, Big Data analyser och molninfrastrukturer. Självklart handlar inte detta enbart om banker utan även om andra branscher. Fler branscher kan snabbt och effektivt minska sina driftskostnader genom att leda vägen fram till att skapa möjligheten för låga kostnader.

Molninfrastruktur

Det handlar om att göra smarta val. Fysiska servrar är snart bara ett minne. Amazon Web Services, Google och Microsoft Azure ger företag möjligheten att välja smart och anpassa tekniken med tiden. Dropbox började på Amazons lagringstjänst S3, det hjälpte företaget att växa fort på kort tid. Företagets grundare menar att utan AWS hade företagets snabba tillväxt aldrig varit möjlig.

Customer relationship management

Idag har det första mötet mellan kund och företag flyttat till en ny arena. Hur kunden tar kontakt med företaget har förändrats. Det är inte längre vanligt att kunden tar kontakt via mail utan den första kundkontakten sker nu genom sociala kanaler som exempelvis Facebook eller Twitter. Det förändrade kundbeteendet har gjort att företag flyttat fokus och följt efter sin kunder till den nya arenan. Samtidigt som företaget får mer kolla på sina kunder minskar dessutom CRM kostnaden, framförallt eftersom allt fler väljer smarta Saas-lösningar som salesforce eller vårt svenska upsales. Ett exempel är American Express som använt salesforce sen år 2010. American Express har med hjälp av salesforce anpassat betalmetoder och utvecklat verksamheten för att kunna möta sina kunder på rätt sätt och på rätt ställen.

Ökad produktivitet

Digitaliseringen har öppnat dörrar för företag som gör det möjligt att nå resultat med färre anställda och mindre kostnader. I alla verksamheter, stora som små, gäller det att hitta de funktioner i verksamheten som går att göra digitala. Var gör du idag manuellt som går att digitalisera? Ett exempel är Siemens, de erbjuder tjänster över ett flertal områden, allt från maskintillverkning till livsmedel. De granskade sin verksamhet för att se vart man kunde hitta digitala lösningar på de tjänster som man då utförde manuellt. Efter att ha tittat närmare på området rörande förpackningar hittade man arbetsprocesser som var lämpliga att digitalisera. Idag har Siemens med hjälp av digitaliseringen och ny teknik ett automatiserat system inom sin verksamhet för förpackning. En bransch som många trodde skulle dö ut.