If your business uses Microsoft Azure, you also need a well-designed and structured Landing Zone. A Landing Zone is a key component of the Microsoft Cloud Adoption Framework, helping organisations to better manage and scale their public cloud environments.
What makes up a Landing Zone?
In terms of Microsoft Azure, a landing zone is a combination of multiple subscriptions within an Azure Environment. These subscriptions are already set up for all areas of the platform that may be required to support the environment, whether that’s Infrastructure as a service or Platform as a service.
You could view a Landing Zone as foundations, built on solid practice and design considerations, which you can build on, expand and scale as required. The design of these foundations will differ, and the basics can be laid out differently from one Landing Zone to the other, as there is not one single design for all types of infrastructure.
While Landing Zones can vary due to their modular design and business requirements, they usually cover certain design areas, as below:
Landing Zone Design Areas
No matter what type of deployment you are designing, be it enterprise, hybrid-cloud, or a simple, small POC (proof of concept) environment, each design area listed should be considered within a Landing Zone.
Enterprise enrolment – have we set up a tenant that will support growth and scale? How will we license it?? CSP, EA etc?
Identity – How are we going to control identity and access? Serious consideration should be given to how this is managed.
Network topology and connectivity – What will our network look like now and how will this scale and grow? What design considerations, such as segregation, do we need to consider?
Resource organization – How will we organise our resources to allow for growth without red tape? What are our needs around business areas, different teams, subscriptions? And how we implement this within management groups?
Governance disciplines – How do we stay compliant? How do we enforce security requirements? How do we ensure our data sovereignty?
Operations baseline– How will we manage, monitor and optimise our environment? How will we maintain visibility within our environment and ensure it operates as required?
Business continuity and disaster recovery (BCDR) – How will we plan and design for continuity and protect our data? Have we considered the need to replicate data or provide a method of restoration? Do our proposed methods meet the RPO and RTO objectives of our organization?
Deployment options– How will we deploy our Landing Zone and resources moving forward? Will this be a manual process? Will we consider Infrastructure as Code? What methodologies for deployment could we use?
We’ve helped several customers get their landing zone to good by deploying QuoStar’s best practise landing zone framework, which implements current governance best practises, cost management protection and parameter security. This has helped them to get to a position where they have the correct foundations build upon, future proof expansion and allow adoption and implementation of a continuously evolving best practise frameworks.
It’s time to let go of the view that multi-factor authentication (MFA) provides enough security.
Hackers have the means to steal passwords, hijack users’ sign-in sessions and bypass the authentication process entirely, even when MFA is enabled. Adversary-in-the-middle (AiTM) attacks may be nothing new, but the ability of criminals to bypass MFA is.
What’s new?
Attackers can now intercept the legitimate session cookie issued by a real website, along with the authentication token.
The sophistication of these modern AiTM attacks has been highlighted by Microsoft, who explain how AiTM phishing attacks work.
In simple terms:
An attacker sends a cleverly crafted email (phishing attack) which looks legitimate
An unsuspecting user clicks on this link, which takes them to the attackers’ ‘spoof’ website
The attackers’ website silently and transparently forwards on the request to the real site (Office365, Google etc) for authentication
The user sees the real website and enters their credentials to authenticate
The attacker can now silently intercept this data while it passes through their website
Cookie theft
Ever wondered how you can launch Edge or Chrome and navigate to your Office 365 email without being prompted for authentication? Or launch Outlook or Teams without being prompted for authentication?
This is because you have already done that once and have a safely stored session cookie which is valid for a set number of days. This is what the attacker is after and once they have it, they have easy, instant access to your email or Teams account.
Build multiple layers of protection
A multi-layered approach to security is the key. Relying on a single security mechanism such as MFA is like putting all your eggs in one basket. You need to reduce the possibility of security compromise by adding more control layers.
Enable MFA if you haven’t done so already. Without this, it’s like having a toy padlock on your front door.
Raise awareness. This is the most effective and essential step of all. Educate users on how to spot phishing emails and when they should and shouldn’t enter their credentials.
Implement advanced email filtering. Reduce the chance of attacker emails reaching users’ mailboxes by deploying Content Filtering, Sender Filtering and Safe Links. These are must-haves.
Implement a Web Proxy. These may be usually considered a mechanism to stop people accessing Facebook or eBay during working hours, but when combined with Deep SSL Inspection, a Web Proxy can inspect all traffic leaving the organisation and track known suspicious or malicious content and sites.
Implement EDR. Next Generation anti-virus/anti-malware technologies with an Endpoint Detection and Response (EDR) service overlay can detect threats in your networking environment and respond to them appropriately, automatically, and ideally with a human interaction when required.
Implement Microsoft Conditional Access Security Defaults. Conditional Access policies allow IT admins to create conditions before events, such as authentication, can be accepted. This could include enforcing MFA when logging into any Azure integrated Cloud App, including Office 365, to block sign-ins from untrusted locations or from unknown devices.
Implement Least Privilege. If an attacker manages to penetrate all these layers you can still limit the damage done. If the end user does not have local admin rights, then there’s a good chance that the attacker will not have these when they compromise that machine. Another, possibly even more important, step is admin account separation
None of these controls are particularly new. They are in essence good practice and should be implemented as a base standard in all sizes of IT estate. The majority shouldn’t even cost significantly to implement if anything.
Find out how QuoStar can help to evaluate your IT security and safeguard your enterprise from attacks with a complimentary consultation with a member of our security team.
QuoStar’s Rob Rutherford shares a few helpful hints and tips.
Certain issues can arise around cloud adoption. However the risks can be mitigated when you know what to look out for.
The increasing popularity of cloud services and software.
There’s been a huge move onto the cloud recently, particularly around providers such as Microsoft’s Azure and the Modern Workplace stack. Microsoft Azure has, for example, reported growth of 51% in Q4 of 2021. This is a huge leap as businesses look to the cloud to improve their hybrid working environments and security.
Many organisations already on the cloud have been transitioning into a public-private hybrid model, or between two public providers to get the right workloads onto the platform to balance performance, security, and cost.
Inter-cloud high-availability and Disaster Recovery environments are areas where we’ve also seen a lot of interest, in order to protect cloud platforms from the failure of one provider or environment. In the longer term – considering state-sponsored attacks and skirmishes will likely become more prevalent in the future – we can expect to see businesses relying more and more on those types of inter-related environments to ensure a greater level of protection.
Cloud adoption: the challenges and barriers.
IT used to be solely seen as a supporting element of the business. One of the main challenges to cloud adoption now lies in the fact that many organisations have built up a technical debt over the last five years. They are trying to transform their businesses rapidly to catch up with the digitalisation of their sector.
Without a true grasp on how to deliver transformation strategies, many businesses have not been undertaking business focused requirements, analysis or mapping projects into a clear roadmap. Instead, they’ve tried working things out themselves. Often this can hold organisations back as they struggle with interoperability and performance issues.
A significant challenge in the actual process of migrating to the cloud is finding a reputable and experienced partner to assist in the cloud transition journey. Unfortunately, on the one side, a lot of cloud providers simply focus on getting the deal signed, and not necessarily on delivery. On the other side, many buyers are too focused on flat costs. Buyers may end up choosing those providers who appear to be the cheapest on paper. As a consultancy, we’re then often brought in to unpick a situation that has been created by rushing through deals.
Balance between cost efficiency and performance.
Preparation is key to any migration. It’s essential that an organisation doesn’t simply take the word of a salesperson on how long a migration is going to take, how much it’s going to cost in the first instance, and then on an ongoing basis.
All too often migration projects need to be pulled back on track. Performance issues might need to be addressed in an environment (ideally without a price increase from a customer’s point of view). Which can be hard – if not impossible. Quite frequently the ROI stated in a cloud provider’s proposal falls away as the realities of a complex workload bloom. This is where an organisation has signed an order and gone through significant (and often horrendous) migration, only to be left with a screaming user base and/or customers. The pain they’ve incurred often means they make drastic decisions. Such as wiping out ROIs, increasing the security risk profile or getting into further contractual obligations.
Most cloud providers will give an organisation some form of free trial on a workload. The larger the workload the more complex this gets; however commercial deals can be made.
It’s critical that organisations do their due diligence and build in contractual obligations. This will help to ensure the supplier delivers the desired outcome they expect. It may even be advisable to bring in external consultants, and/or lawyers to take some accountability for the project delivery. Especially when looking at large scale migrations.
Avoiding performance issues during cloud migration.
It’s always a good idea to over-resource when undertaking initial migrations. A large percentage of environments take up more resource, especially in the early stages of a heavy migration.
One of the biggest areas people typically under-resource is disk speed, in terms of IOPS (Input/Output operations Per Second). Too many organisations throw memory (RAM) and processor power at an underperforming environment. While it’s the disk speed that is the bottle neck. This isn’t a new cloud-related issue. However, too many IT teams spend time chasing their tales when the speed issues are in fact related to disk IO. Often many cloud provider support teams don’t seem to understand this in the lower support tiers, so be aware.
It’s worth being careful if you are paying for disk IO and/or network ingress or egress traffic. This is often where cloud costs start to spiral away from the original quotes first agreed upon. The public cloud often appears cheaper than private platforms when you go light on these costs. It’s worth checking these beforehand. It’s important testing your environment under load or having the cloud supplier make some guarantees around costs.
QuoStar’s Robert Rutherford sheds some light on which key Cloud considerations organisations should be looking at regarding their cloud platforms.
The pace of change is obviously fast right now, and organisations need to ensure that they have built in flexibility in their environments, allowing them scale up and out of the environment with ease. That sounds simple enough right?
Cloud considerations: #1. The ability to scale-out is critical
The ability to scale-out is particularly relevant now, as there is widespread focus on infrastructure, system rationalisation and simplification. This is going to be essential to facilitate and support various ‘digital transformation’ projects. You can only move quickly and take advantage of opportunities – and outpace threats – when the base platform/infrastructure is simple. And importantly, you aren’t locking up valuable capital or getting locked into restrictive contracts.
Cloud considerations: #2. As the saying goes – don’t put all your eggs in one basket!
Many cloud buyers believe that it’s necessary put all your ‘eggs into one basket’ in relation to cloud. They will also be sold that by many of the cloud providers, simply focused on what they are trying to sell – or simply what they know.
In the current landscape, some form of hybrid public-private cloud infrastructure will deliver the best value and balance between performance, flexibility, security, and cost. With this in focus, we are seeing a rapid rise in multi-cloud management and monitoring solutions.
Licensing is an ever-changing beast that needs to be watched, almost continually. Compliance is an issue, in terms of ensuring your licensing is correct, thus your billing too. Also, the software houses continually change their license model, and their product bundles – just take Microsoft as one example. If you don’t keep up with the changes then you can miss out on significant cost savings, functionality improvements and security enhancements.
Cloud considerations: #3. Reviewing business continuity is more important than ever.
It’s important to review business continuity now. Many organisations haven’t really given business continuity much focus since the pandemic started. The risks of significant system outage or a complete cloud outage is a reality, especially with the rampant rise of the cybercrime industry, and now the real risk of widespread state sponsored attacks. Even if an organisation itself feels secure and doesn’t have availability concerns, they should still be doing their due diligence across their supply chain.
Cloud considerations: #4. The threat landscape is getting larger
As we know ransomware is a huge threat to the corporate network. However, a big threat to cloud platform is the rise of DDoS ransom attacks – which are rising. Organisations should be evaluating their supply chain’s protection from DDoS attacks as well as their own. DDoS is easy to do and it’s a growing exponentially as it moves from a protest type attack into a revenue generating one.
The general ramp up of the cybercrime industry means that organisations of all sizes should be overlaying security governance onto their cloud partners. Many IT and business leaders believe that as they outsource their infrastructure or service, they are outsourcing accountability for risk, and its management. However, you can’t outsource ultimate accountability for risk to a third party, it won’t wash with clients or regulators if there is a breach. Businesses must be verifying the security governance within their supply chain and also testing it where appropriate.
Cloud considerations: #5. Continuous verification of all users is a must.
In terms of specific focus on technologies and trends, Zero Trust Network Access solutions should be assessed and generally deployed to protect the disparate work force and the cloud platforms and applications. There is a real need for continuous verification of all users, and their devices as they access corporate data and applications as required. Implementing zero-trust access includes requiring strong authentication capabilities, powerful network access control tools, and pervasive application access policies.
Of course, as well as implementing various security controls, it’s critical to also join up the monitoring and reporting, which is why SIEM (Security Information and Event Management) is becoming more and more critical.
“It’s all very well putting up security cameras (the controls) but you still have to monitor them (SIEM) and also respond (Security Operations Centre).” – Robert Rutherford, QuoStar CEO
Cyber-war era: as cyber security threats rise, what should you look out for?
Amid the tensions of early 2022 cyber-attacks were already on the rise, with threat actors targeting both Ukrainian organisations and their government. Although there are still questions around who may be responsible for some of these attacks, Ukraine firmly believes Russian state actors are responsible – and evidence would strongly suggest that is the case.
Since the Russian invasion began in Ukraine on 24th February 2022, businesses and government institutions globally are on high alert for state-sponsored cyber threats – with banks, energy companies and airlines undertaking additional work to strengthen their defences against such attacks. There is an underpinning fear that this could be the new era of global cyber-war.
DDoS attacks
Cyber-attacks on state-owned digital assets such as the Ukrainian Defense Ministry and Military websites increased in February, as they were hit with DDoS (Distributed Denial of Service) attacks, along with two large Ukrainian banks – PrivatBank and Oschadbank. In this case, the websites were flooded with traffic to the point that they crashed, making the websites unusable.
Microsoft has issued a Security Intelligence advisory about FoxBlade, a novel trojan. This trojan can use your PC for distributed denial-of-service (DDoS) attacks without your knowledge.
At the end of February, there was the discovery of the new wiper malware that had been unleashed – dubbed HermeticWiper by some and FoxBlade by others. As well the as DDoS attacks mentioned above, it was designed to wipe the hard drives/system storage of the systems infected, corrupting all the data in the drive – making the data unrecoverable – then initiating a system shutdown. It has been found on Ukranian computers, as well as on machines in Latvia and Lithuania.
Furthermore, a “worm component” dubbed HermeticWizard, has been discovered that could be used to spread the HermeticWiper in local networks.
FoxBlade (HermeticWiper) also downloads and installs other programs – including other malware – onto infected systems, Microsoft has advised.
Cybersecurity experts identified a second wiper cyber-attack, named IsaacWiper, targeted at Ukrainian governmental networks according to a report on Tuesday 1st March. The second wiper attack was detected on 24th February and is described to be a lot less sophisticated than HermeticWiper.
The UK’s NCSC (National Cyber Security Centre) and the US CISA (Cybersecurity and Infrastructure Security Agency) have released details about a new malware targeting network devices, which they attributed to Sandworm – a threat actor previously attributed to the Russian GRU’s Main Centre for Special Technologies (GTsST).
Cyclops Blink is a new piece of malware that targets network devices – supposedly being used by the Sandworm threat actor – a replacement for the VPNFilter malware 2018. The malware collects device information, sending it to a command-and-control server. It can download and execute files, as well as getting additional modules at a later date.
Cloned websites
Researchers have identified a web service hosting cloned copies of websites. A number of Ukrainian government websites were cloned, along with the main webpage of the Office of the President. These sites were filled with malware links, that once clicked, would download on to the user’s computer.
What does this cyber-war era mean for nations other than Russia and Ukraine?
Whenever one nation launches a cyber-attack against another, it doesn’t just increase cyber risk for the nations involved. It also impacts global cyber risks. The Cyber Attack Predictive Index (CAPI) tool, created by Johns Hopkins Information Security Institute, has hit its highest possible threat likelihood level, at a score of 25 (out of 25) under the current situation.
While the aforementioned attacks aren’t particularly sophisticated, and can be mitigated with the right cyber protection measures, these types of attacks have previously been used as a diversion tactic in order to lay groundwork for more damaging, sophisticated attacks.
Exposure or risk
As the EU, UK and the US impose sanctions on Russia and Belarus there is greater chance of being at risk of targeted cyber-attacks, as retaliations make take place from the Russian and respective forces. Companies across Britain have been warned to prepare for a heightened security risks as the UK placed sanctions on three of Russia’s wealthy allies.
UK organisations have been urged by GCHQ’s National Cyber Security Centre (NCSC) ‘bolster their online defences’ and warned that there has been an ‘historical pattern of cyber-attacks on Ukraine with international consequences’.
According to Laurance Dine, global partner, X-Force Incident Response, IBM, businesses need to start operating under the assumption of compromise, and put in place the proper controls and measures necessary to defend their environment and critical data.
The UK government may well be taking their own measures to defend the cyber security of the nation, as secretary of state for defence, Ben Wallace, told parliament in reference to the National Cyber Force: “I am a soldier, and I was always taught that the best part of defence is offence… What is good for the goose is good for the gander, and that if necessary we could use cyber warfare to give as good as we get back to Russia.”
High alert for the energy sector
This week (28th February 2022) the UK Business Secretary, Kwasi Kwarteng, is holding talks with the chair of National Grid amid anticipation of a surge in state-sponsored cyber-attacks from Russia. A wise move considering that, in a recent report published by IBM Security, the UK’s energy sector was the target of 24% of all cybersecurity incidents in the country last year. It is also thought that Russia was most likely responsible for the SolarWinds and Colonial Pipeline attacks of 2020 and 2021.
We recommend:
It may seem obvious but evaluate the controls you have in place against cyber-attacks, particularly ransomware.
Pay close attention to the news cycle in relation to this situation.
Pay attention to the types of attacks that are coming through via security feeds.
Keep everything patched.
Watch out for any suspicious traffic that may be coming from outside of the country.
At QuoStar we are committed to helping you and your business remain secure. Our experienced industry professionals are here to give you measured and realistic advice.
Cybersecurity attacks strike at the heart of an institution’s reputation.
If data is compromised, trust can be shattered. Like all service providers, financial firms depend on their painstakingly-built reputations to stay in business. Consumers must be confident that their financial information – and money – is safe. Guarding against cybersecurity threats is crucial.
These risks increased in 2021, with ransomware attacks rising by 288% last year. Given the global ransomware industry now generates annual revenues of over $1.5 trillion, this growth is unlikely to slow.
A new critical vulnerability was also recently exposed in Log4j, an open-source logging library that is used by a range of apps and services. This offers criminals with minimal knowledge the chance to infiltrate IT systems in order to steal passwords and data, and compromise networks with malicious software.
Cybersecurity is now being taken seriously at the highest level. In May 2021, President Biden’s Business Office released new advice about ransomware and how firms should guard themselves. This guidance offers financial firms eight main lessons to take into 2022:
1. Back up your data
Many firms back up their data only at weekly intervals, or longer. Should a cyberattack occur, they could therefore lose up to seven days’ worth of data. Further, the longer the interval between backups, the longer it takes to restore lost data in the event of an attack. The effect on productivity could be devastating. Firms must equip themselves with technology to backup and restore data quickly and reliably, potentially by working with specialist partners. It’s also important to note that traditional backup systems are often a primary target in a ransomware attack, so firms need to ensure they have specific solution in place to protect backups from being encrypted.
2. Implement an efficient patching system
It is not sufficient to patch IT systems on a weekly or monthly basis. Firms should be constantly monitoring their systems and resolving vulnerabilities. But as patching can cause outages, firms should invest to mitigate its impact on productivity. Technology is available that increases the speed of patching, reducing the time systems spend down. Bursting frees up resources for critical IT applications, allowing high-priority work to continue during outages. Hot standby systems also ensure that essential systems continue to function.
3. Vet your suppliers
Even if a firm’s systems are sound, there may be a way-in because of vulnerabilities in suppliers’ networks. Undertaking due diligence is therefore crucial. One way of vetting a supplier is to request their Software Bills of Material (SBOM), which lists all open-source components in their software for IT professionals to review. SBOMs also allow firms to see which software versions their suppliers are using. Firms should ensure that versions align throughout the supply chain, and that all suppliers operate within high-standard risk management frameworks. Ideally, all partners should be ISO27001 or SOC2-accredited bodies. Firms should not be shy in asking suppliers for certification or auditing their cybersecurity processes.
4. Maintain best practice
Firms should ensure best practice is in place, and that procedures are evaluated continuously. It is best to have evidence of these practices – such as by obtaining an ISO27001 certification, which recognises a high standard and continual management of information security. Systems must be regularly reviewed for any potential vulnerabilities and asset registers should be maintained, to ensure no risk is missed. Asset registers also mean a firm can prioritise by criticality – offering the most protection to its most important assets. Organisations should deploy well-established Governance, Risk and Compliance (GRC) practices. These embed risk management into everyday activity, making it easier to manage – and ensuring decisions are consistent and effective.
5. Obtain specialist detection systems
A Security Information and Event Management (SIEM) solution is now essential to continually monitor system logs within an organisation. This allows activity to be monitored comprehensively by professionals, who are also notified of anomalies, and can respond to block and remediate issues. This may require specialist security technologies and skills or working with external partners.
6. Segregate your networks
Both the UK and US governments state that network segments should be protected individually. Segmentation helps prevent attacks reaching other parts of the network, containing malicious activities to one part of the system and thus limiting damage. Micro-segmentation is even more effective, by establishing isolated zones within networks, protecting specific workloads individually. This stops lateral movement of malware through an entire system. Segregation is easy to install and manage, offering demonstrable benefits within a short period.
7. Consider hardware tokens
Hardware tokens are a physical device that are plugged into USB ports. They generate a random number, which expire after one use and are valid for a limited period. This number is needed to log into the computer along with a username and password. It is a form of two-factor authentication that is effective at preventing account takeovers and ransomware attacks.
8. Undertake resilience exercises
Financial firms should undertake resilience exercises to analyse their capacity to withstand cybersecurity attacks. By working through all the components of their technology infrastructure, organisations can analyse their resilience to cyber threats and review how strong the links within networks and systems are. Having identified the weaker links, firms can then ensure that appropriate mitigations are in place, or that the risks are understood. This helps business to respond to a cyberattack, while minimising the risk of any attacks being successful.
A growing threat which is often undertested is Denial of Service, where a bad actor swamps an organisation’s network connections, putting them offline. A financial firm needs to fully understand how they will respond, long before an attack ever happens.
The cybersecurity risks for financial firms are clearly increasing, but they are not unmanageable. By implementing this guidance, organisations can achieve more comprehensive and effective security operations, with systems resilient enough to withstand both emerging and existing threats. In turn, this will reduce the risk of reputation-damaging data breaches and regulatory scrutiny – whilst keeping clients assured they are in safe hands.
Pandemic “quick fix” BYOD strategies are simply not enough in 2022.
BYOD Policies have been a hot topic for a while now, even pre the pandemic. But now that the new working environment norm of hybrid and out of office working is here to stay, BYOD strategies need to be reconsidered.
Specific examples of BYOD/IT strategies and how these have worked practically, including benefits and drawbacks:
BYOD (Bring Your Own Device) strategies usually work best for organisations when they are limited to mobile phones. After all, the days when employees had a company mobile phone are coming to a close, and for good reason. Most people have their own personal mobile device that can be used for work tasks, so why have two phones?
Indeed, the rise of ‘soft phones’ means that giving out a mobile number over a business number is no longer necessary when dealing with corporate calls or texts. This allows businesses to keep better control of its telephone numbers which are, in effect, company assets.
Also, some employees might feel reluctant to use their phone data for business activities. Although, this issue has started to progressively fade, as most phone contracts now include unlimited calls and data bundles. Whilst businesses don’t need to cover the whole cost of data and calls, providing a nominal allowance can be a good way to deal with any reluctance.
Is there a flexibility versus security consideration to be had, or is this a false dichotomy?
With a large percentage of workloads, security that can be implemented on company devices is often significantly greater than a personal device. However, if businesses want to find a balance between flexibility and security, one option is to choose a CYOD (Choose Your Own Device) strategy, which gives employees a feeling of choice but one that is balanced by the secure controls required by an employer.
That said, we would expect BYOD strategies to be more widespread across businesses in the coming years. This is because more and more applications and systems are becoming either web or cloud-only solutions, particularly as interoperability and usability improves to support a hybrid workforce. Until then, the application stack in organisations isn’t quite where it needs to be.
Why are pandemic “quick fix” BYOD strategies not fit for purpose in 2022?
When the pandemic first hit, many organisations rushed into a quick fix by making BYOD arrangements in a bid to keep their staff and their business operating. However, a substantial number of companies simply haven’t re-evaluated their risk profiles since implementing these systems, nor have they evaluated the technical and policy-based controls that are required.
This is a significant concern that organisations should look to address urgently, alongside other measuresthey should consider taking, such as a review of methodology and ideally bringing in a formal IT security governance framework, such as ISO 27001 or IASME.
How can attackers take advantage of vulnerabilities and misconfiguration in devices and networks?
Any significant holes in an organisation’s security will be found and exploited by attackers in the current cyber threat landscape. These vulnerabilities may be as small as a simple missing security patch. Or an insecure home or public WiFi, misconfigured local firewall, or even an employee who is unaware of current threats. Whichever gap in security it is, a hacker or one of their automated systems will find it. Especially as they are incentivised by financial gain. Indeed, theglobal cybercrime industry is now worth over £6 trillion – three times the size of the crypto market, so companies have everything to gain from investing in their IT security to protect them from cyber threats.
If you’d like to talk IT Security or Consultancy with us, get in touch here.
QuoStar continues rapid expansion in 2022 with a series of key hires
QuoStar has announced a series of new hires to support its 2022 growth trajectory
New additions to the team include Alan Drake joining as Service Delivery Manager, Rob Goult as Senior Technical Consultant and Cliff Woodward as Relationships Manager
New members of the team and further product launches are set to be announced in the first half of 2022
QuoStarhas bolstered its team with a raft of key appointments as part of its growth forecast in 2022.
10 new team members are in place and all bring extensive knowledge of working in the IT industry to QuoStar’s already highly experienced team, with a few more senior tech high hitters in the pipeline to come onboard by May 2022.
Alan Drake joins QuoStar as Technical Service Delivery Manager with over 25 years’ experience in the IT industry. Alan rose through the ranks of service through to Technical Service Delivery Manager at GCI. Alan will step in to lead QuoStar’s new 24/7/365 UK-based manned service desk, which launched at the beginning of 2022 and provides customers with all-hours IT support from highly skilled professionals, 365 days a year.
To assist him in his role, Drake is joined by Liam Baxter, Greg Foster and Carl Bennett from Nasstar, who each bring upwards of six years’ experience working in IT services.
QuoStar being joined by such seasoned professionals in the industry has meant the business has bypassed ‘first line support’ – which in turn means clients will automatically be communicating with someone far more experienced in their field.
Further appointments at QuoStar include Michael Swart, who joins as a Technical Consultant with more than 30 years’ experience, Joanna Roper as Service Desk Team Manager with close to 30 years’ experience in tech and telecoms, and Rob Goult, who steps in as Senior Technical Consultant. Goult brings with him over 20 years’ prior experience supporting decision-makers in the IT industry to develop and implement cost-effective technology solutions.
The QuoStar team has also expanded their team of Relationship Managers. The team has been joined by Cliff Woodward and Jody O’Reilly, who both bring over a decade’s experience each in business development within the tech space, and Andy Green with over two decades experience in the field also. Reece Scarley, a previous QuoStar employee, returned to the company at the end of 2021 too, taking the position of Professional Services Consultant, to architect technical solutions and to help with project delivery.
This latest announcement is part of QuoStar’s 2022 rapid growth trajectory, which has also included the unveiling of a brand refresh led by its new Marketing Manager, Teila Hurlock-Phillips, who joined the company mid-2021 – with two previous marketing roles in the tech industry under her belt among others.
Already this year QuoStar has been busy sealing deals with some high-end, high-brand customers, and is due to announce further key product launches over the coming months. The company has some more high-ranking players joining the QuoStar family soon, and some very exciting changes afoot, that are set to shake up the industry this year!
Robert Rutherford, CEO at QuoStar comments:
“These new additions to our QuoStar team have been driven by our commitment to deliver the best service possible for our clients. All our new joiners have many years of experience working within IT services and we’re extremely pleased that they’ve chosen to bring that experience to QuoStar.
We spent a lot of time during COVID positioning the business to come out stronger and with all the services mid-markets need in a forever changed world. We’ve released a raft of new technical, security, cloud, and strategic services, with our 24x7x365 manned UK service desk being a critical piece of our services wrap.
“These are very exciting times for QuoStar and we look forward to seeing the positive results that the growth of our proposition and team will bring for our clients.”
If you’re looking for IT Support, look no further. Contact us here.
QuoStar CEO Robert Rutherford looks to the future, sharing his view of what’s going to be big for businesses this year.
Tech trends in 2022.
A shortage of tech talent will widen and rapidly develop the global IT skills market
There is a significant skill shortage in the UK from an IT perspective, which has been coming for some time due to numerous factors. The COVID crisis has certainly added fuel to the fire, as businesses have got used to working effectively with staff and 3rd party suppliers in a digital-only manner. This will certainly push more and more businesses to outsource parts of IT service, development, and other IT projects to outside partners.
You’ll see many businesses reach overseas to where the talent lies at the perceived right price. However, they are going to have to be extremely careful, especially where service is involved. The management overhead is also often underestimated, both during start up and day to day operations. You really need experienced and proven managers and frameworks to get the overseas play correct. The lure of ‘cheap’ labour always has hidden costs.
Digital First a core strategy
Anything that can be done digitally will be getting real focus in 2022. In any new business and departmental strategy, or project that involves a process or a procedure (most, if not all), a digital solution will gain extra weight by default. This is going to be driven by a need to improve efficiency, margin, and security, whilst also improving the user or customer experience. Of course, a digital first strategy doesn’t mean that every operation and interaction must be digitised, but it must be considered.
It is important that digitisation isn’t viewed as simply purchasing technology to solve problems. It’s about understanding the operations and processes (systems) within a business operation and choosing the right technological change or transformation to achieve a business result that is both measurable and positive. This is certainly going to lead to a board having to really get to grips with the strategic use of IT, whilst also bringing in senior IT professionals, such as aCIO, into the core of the business decision making process.
CRM technologies and their uptake will develop quickly
CRM growth has been ramping over the last few years due to customers’ service demands and expectations. Again, due to COVID, the expectation for rapid and effective service in a personalised manner has increased. The fact that most markets have in effect got smaller due to globalisation, businesses are going to need to do more to mine and utilise their data to compete and hold market-share.
It should be noted that CRM is not simply an IT project. It’s really an organisational transformation piece that involves most of the business, and it can take a year or more to even begin to realise the true value it can deliver. Too many businesses have been flying out to ‘buy’ a CRM post-COVID, which will typically lead to a failed ‘business’ project.
Automation will become essential
Due to skills shortages and growing competition, businesses are going to need to get leaner and smarter in how their operations and services are delivered. AI and other technologies are certainly going to help, however businesses do need to take responsibility for truly understanding, mapping and measuring their processes. This is where organisations can protect, as well as increase their margins, plus improve employee and client satisfaction.
You are certainly going to see process improvement and automation come down into the small and mid-market, as margins get squeezed, as the world effect becomes smaller, and as the pace of change ramps – fuelled again by COVID. The demand for systems and business analysts is certainly going to rise, but again the UK is significantly disadvantaged due to a lack ofstrategy from successive governments. Businesses are often going to need to train and develop their own talent to deliver initial and ongoing value.
Improvement in the User Experience
Many industries have been really let down by their main Line of Business vendors, in terms of the Customer Experience (CX), support and product development. This is going to create real friction points due to the more fractured way of working. Software vendors and those providing services to customers online are really going to have to work hard to ensure their products and service offerings better fit the new working model, in terms of the user’s experience.
Businesses are also going to have to consider how easy it is for their staff to complete their duties, especially when working in a remote manner. Are they really as effective as they should be? Is their working experience acceptable? Can they get support when they need it, i.e. 24x7x365? There is a growing trend of staff leaving businesseswhere they feel the technology and support overlays are holding them back.
Cloud workloads move around
There’s been a rush to the cloud prior, and during the pandemic, particularly the public cloud, and predominately Microsoft Azure for day-to-day operations infrastructure and systems. However, the cloud markets move extremely quickly, and a single infrastructure doesn’t fit all workloads, in terms of functionality, security, performance, interoperability and price. The market is pushing private and public vendors to compete within these areas and thus splitting workloads between public and private cloud. A true hyper-connected hybrid model will typically deliver organisations the best value going forward, right now and ongoing.
The rise of cloud multi-platform management, automation tools and the competitive landscape continues to drive innovation and creates specialist vendors and cloud providers. It’s continually becoming simpler to run, manage and migrate between different cloud vendors and platforms with ease. The shift is certainly empowering and aiding the customer. You’ll certainly see more workloads (not entire infrastructures) reverse out of the large public cloud providers into niche players who can deliver greater support, performance, and operational value to specific sectors.
ZTNA becomes the focus
The rapid escalation of remote working has dramatically increased the risk profile of a large percentage of operations. This will rapidly move the focus and ramp adoption of Zero Trust Network Access (ZTNA) – theGartner coinedterm to enable greater control and security of network access.
Traditional VPN type connections are clunky and can be slow, they also consume significant resources, in terms of equipment and management overheads. Organisations will look to ZTNA to improve the granularity of control of their remote workforces’ access to corporate systems, whilst also simplifying it through ABAC (Attribute Based Access Control) and RBAC (Role Based Access Control). There’s too much to go into here but the rise of cybercrime led by organised gangs focused on monetary rewards means that every door must be locked shut, whilst also not hampering the user experience.
Cyber security becomes board’s problem
Many leadership teams have had some experience of cyber security, due to experiencing a painful incident or perhaps implementing Cyber Essentials (the very basics). However, due to the risk landscape being so huge, and the impact of a security incident being so great, boards are going to have to take the reins on risk management from a cyber security perspective. They are going to have to fully understand risks and controls, thus expect to see a ramp in the demand for Information Security Management Systems (ISMS’s) and the experience of aCISO.
If a board doesn’t insist on an ISMS to ensure that Information Security is managed appropriately then in reality, they are being negligent; regulators know that, as do customers and insurers. No longer can the board leave Information Security to the IT team, they are going to have to take direct responsibility for some of the largest risks their businesses face.
QuoStar is one of few UK businesses that is onshoring – while others offshore support facilities.
As a leading IT consulting and service provider we are now delivering 24/7/365 service desk support to provide clients with specialist assistance exactly when they need it. This additional UK based service provision has been bolstered by the raft of new, experienced hires that have been employed since November 2021.
Designed as part of our ongoing response to the impact of Covid-19, QuoStar understands that in today’s working world businesses are operating differently, so we have adapted our business model to suit the needs of our clients.
Today’s flexible and hybrid working means individuals are now working outside of the usual office hours, and they require support at any time to continue to work effectively and securely.
For Quostar, it’s not just about support – it’s the why.
A true UK based 24/7/365 operation means we can respond promptly, ensuring the security needs of clients can be managed around the clock and we can take a proactive approach to management and maintenance – which is far easier to carry out outside of a client’s working/open hours.
Having done away with the tradition method of having ‘First Line Support’ means the QuoStar Support team can be more efficient and clients get a better service. All staff are experienced from the first point of contact rather than just logging a ticket for issues to be dealt with in the morning.
“IT services require more support and management than ever before as businesses try to settle between hybrid and in-person working models. Continuing to provide flexible and cost-effective solutions for our clients therefore remains a key priority for us this year. With our UK-based 24/7/365 service desk, we’re adding another tool for our customers to benefit from the support of our growing team of highly skilled professionals.”
“The last two years, whilst challenging, have brought the opportunity for us to assess our ability to remain agile and efficient as a business whilst making us more resilient to dealing with redefined ways of working. QuoStar aims to provide services that respond to our customer’s changing needs in the long term, and we’re ready to bring disruption to the market to achieve that.”
