Firewalls

There are two main reasons why some companies are hesitant to plug into the Internet.

  1. They know they’ll be exposing their company data to outside attacks from malicious individuals and malware.
  2. They fear their employees might get too many distractions: games, porn, chats, videos, and even social networking sites.

One vital component for your overall security strategy against such concerns? A firewall.

A firewall can block unauthorised access to certain Internet services from inside your organisation as well as prevent unauthenticated access from the outside. It is also used to monitor users’ activities while they were online.

In an enterprise setting, one may expect a collection of firewalls either for providing layered protection or segmenting off different units in the organisation. Some areas only need a standard line of defence while others require more restrictions. As such, certain firewalls may have different configurations compared to others.

Naturally, the more intricate an organisation’s defence requirements get, the more complex the task of monitoring, testing and configuring the firewalls becomes. That’s why we’re here to help.

  • We’ll evaluate your network as well as the security requirements of each department under your organisation to determine which firewall architecture is most suitable.
  • To achieve maximum efficiency, we’ll point out where each firewall should be positioned.
  • We’ll work with your key personnel to make sure all firewall configurations are set and optimised with your business rules in mind.
  • If a large number of firewalls are required, we’ll help you set up a firewall configuration management system.
  • Firewalls should be regularly tested and assessed to ensure they are in line with the organisation’s security policies. We’ll perform these routine tasks as well.

Firewalls aren’t very good at defending against sophisticated viruses. There are much better solutions for malware-related vulnerabilities, and we can help you in that regard too.

Other defences we’re capable of putting up include:

Check our similar posts

9 Cloud Security Questions you need to ask Service Providers

Companies in Ireland and the UK who are considering cloud adoption might already have a general idea of the security risks inherent in cloud computing. However, since different providers may not offer the same levels of risk mitigation, it is important to know which providers can give sufficient assurance on cloud security.

Here are 10 cloud security questions to ask service providers vying for your attention.

1. Where will my data be located?

There are a variety of reasons why you will want to ask this question. One big reason is that there are certain countries that don’t have strict legislation (or any legislation at all) pertaining to cloud computing. In that case, the provider won’t be as motivated to apply high levels of risk mitigation.

So if your data is hosted off shore, then you might want to reconsider or at least conduct a deeper study regarding the security conditions there.

2. Do you have provisions for regulatory compliance?

Certain standards and regulations (e.g. PCI DSS and possibly the EU Data Protection Directive) have specific guidelines pertaining to data stored in the cloud. If your organisation is covered by any of these legislation, then you need to know whether your provider can help you meet requirements for compliance.

3. Who will have access to my data?

In a cloud environment, where your data is going to be managed by people who aren’t under your direct supervision, you’ll have to worry as much about internal threats as you would with external threats.

Therefore, you need to know how many individuals will have access to your data. You also need to know relevant information such as how admins and technicians with data access rights are screened prior to getting hired. You also need to determine what access controls are being implemented.

4. How is data segregated?

Since there will be other clients, you will want to know how your data is going to be segregated from theirs. Is there any possibility of an accidental or intentional data breach due to poor data segregation? Find out if your data is going to be encrypted and how strong the encryption algorithm is.

5. How will you support investigative activities?

Sometimes, even if strong cloud security measures are in place, a data breach can still happen. If it does happen, the provider should have ways to track each user/administrator’s activity that can sufficiently support a detailed data forensics investigation.

Find out whether logs are being kept and how detailed they are.

6. Are we protected by a Disaster Recovery/Business Continuity plan? How?

Don’t be fooled by sales talk of 100% up-time. Even the most robust cloud infrastructures can suffer outages too. But the important thing is that, when they do fail, they should be able to get up and running in the soonest time possible.

Don’t just ask about their guaranteed RPOs and RTOs. Find out whether your data and applications will be replicated across multiple sites. Unless the provider says they will be, you need to find a provider with a better infrastructure.

7. Can I get copies of my VMs?

In a cloud infrastructure, your servers are actually in the form of files known as virtual machines (VMs). Because VMs are just files, they should be easily copied. There may be issues though, like the VMs might be stored in a not-so-popular proprietary format. Another possible issue is that the provider may simply not allow copying.

Having copies of your VMs can be useful should you later on decide to transfer to another provider or even duplicate your cloud infrastructure on your own.

8. What will happen to my data when I scale down?

One outstanding benefit of cloud computing is that when your business demands drop, you can easily scale down computing resources and reduce your cloud spending. ?But what will happen to your data when you decommission virtual servers? Will they be discarded?

You might want your data to be retained up to a certain period. On the other hand, you might also want them to be deleted immediately. Ask about the provider’s data deletion/data retention policies and see if they are in line with yours.

9. What will happen to my data if I decide to close my account?

There might come a time when you’ll want to terminate your contract with your cloud provider. Just like in issue #8, you’ll want to find out more about data deletion/data retention policies.

Although some providers can give you detailed answers, many of these answers can include a lot of technical jargon that can leave you totally confused. If you want someone you can trust to:

  • simplify those answers;
  • help you pick the right cloud service provider, and
  • even make sure cloud security is really upheld once your cloud engagement is ?under way

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Will UK Retailers Skim the Cream with ESOS?

The British Retail Consortium (BRC) was quick out on the starting blocks with an ambitious plan to cut energy costs by 25% in 5 years. Their ?25-in-5? initiative is chasing a target of ?4.4 billion savings during the duration. Part of this program involves ?cutting a path through a complex and inaccessible policy landscape?. BRC believes this drawback is making its members think twice about making energy efficiency investments.

The UK?s sprawling network of grocers, department stores and malls is the nation?s second most hungry energy customer, having spent ?3.3 billion on it in 2013 when it accounted for almost 20% of carbon released. If you think that sounds bad, it purchased double that amount in 2005. However the consortium believes there is still more to come.

It bases this assumption on the push effect of UK energy rates increasing by a quarter during the duration of the project. ?So it makes sense to be investing in energy efficiency rather than paying bills,? Andrew Bolitho (property, energy, and transport policy adviser) told Business Green. The numbers mentioned exclude third party transport and distribution networks not under the British Retail Consortium umbrella.

The ?complex and inaccessible policy landscape? is the reflection of UK legislators not tidying up as they go along. BRC cites a ?vast number of policies ? spreading confusion, undermining investment and making it harder to raise capital?. The prime culprits are Britain?s CRC Energy Efficient Scheme (previously Carbon Reduction Commitment) which publishes league tables and ESOS. Andrew Bolitho believes this duality is driving confused investors away.

The British Retail Consortium is at pains to point out that this is not about watering things down, but making it simpler for participating companies to report on energy matters at a single point. It will soon go live with its own information hub providing information for retailers wishing to measure consumption at critical points, assemble the bigger picture and implement best practice.

Ecovaro agrees with Andrew Bolitho that lowering energy demand and cutting carbon is not just about technology. We can do much in terms of changing attitudes and providing refresher training and this does not have to cost that much. Studies have shown repeatedly that there is huge benefit in inviting employees to cross over to our side. In fact, they may already be on board to an extent that may surprise.

Saving Energy Step 5 – Bringing it together

We hope you have been enjoying our series of short posts regarding saving energy, so what we use we can sustain. We have tried to make a dry subject interesting. After you read this post please comment, and tell us how it went. We are in the environment together. As the man who wrote ?No Man is an Island? said, ?if a clod be washed away somewhere by the sea, Europe is the less? and Europe was his entire world.

The 4 Steps we wrote about previously have a multiplier effect when we harness them together

  1. Having a management system diffuses office politics and pins accountability in a way that not even a worm could wriggle
  2. This defines the boundaries for senior managers and empowers them to implement practical improvements with confidence
  3. The results feed back into lower energy bills: this convinces the organisation that more is possible
  4. This dream filters through all levels of the organisation, as a natural team forms to make work and home a better place.

None of this would be possible without measuring energy consumption throughout the process, converting this into meaningful analytics, and playing ?what-if? scenarios against each other to determine where to start.

The 5th Step to Energy Saving that brings the other four together can double the individual benefits as innovative power flows between them. The monetary savings are impressive and provide capital to go even further. Why not allow us to help you manage what we measure together.

ecoVaro turns your numbers into meaningful analytics, makes suggestions, and stays with you so we can quantify your savings as you make them. We should talk about this soon.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?