Recognizing the renowned enterprise security solution providers, Insights Success has enlisted “The 10 Most Promising Enterprise Security Solution Providers, 2019”
4. E
n the world in which information is flooded all over the internet, protecting the business data and critical data has
Ibecome more critical than ever. Today, the business processes and many kinds of data exchange of more and more
enterprises are mostly online. As the enterprise data is proliferating and business processes are becoming completely
online, organizations need to have a proper enterprise security solution provider program to ensure the safety of their vital
information. Every organization faces security challenges. In the ultra-connected world the threat to the digital data as well as
the purposeful disruption of the online business processes are the most critical challenges that organizations face today.
Federal defense contractors as well as Government agencies also hold the crucial national information and protecting that
information is essential from the national security point of view.
To address all the security challenges organization or government institutions should have an appropriate enterprise security
solution provider. These solution providers should have a competent software program in order to be compliant with the
requirements of the clients. These software programs should have the latest technological enhancements integrated in it so
that it can be intuitive for the clients to use. The security program should also be efficient and effective. The software
program offered by the security solution providers should also reduce labor costs through built-in workflow modules that
facilitate and speed up employee interaction with Facility Security Officers. In order to successfully fight cyber-criminality,
security providers must display a very high level of innovation integrated into their security program.
To provide quality security services to the clients some enterprises invest a lot in enhancing the quality of the security system
against the threat from malicious attacks. Failure to protect sensitive information costs a lot and no organization wants to
afford a petty theft of their vital information. Therefore having a secure enterprise platform is critical to protect organizational
data from IT security issues. To defy any kind of cyber-attacks, security system software should be integral part of any kind
of institution.
The efficient, effective, and compliant enterprise security solution providers hold the capacity to help the businesses and
institutions take advantage of their expertly enhanced security software program to protect all vital information. These
Delivering Efficient, Effective and
Compliant Security Solutions
5. security programs ensure security solution to all kind of security threats to the information of the organizations. These
programs safeguard sensitive information against all types of possible dangers. The services provided by them give almost
unlimited scalability. These solution providers continuously compete against hackers and criminals in a struggle to outdo
them by harnessing the latest state-of-the-art technology. Some of the competent security solution providers provide strategic
consulting, data recovery and investigation, and managed data services to commercial, non-profit, and government
organizations. Efficient security solution providers improve the profitability of the organizations by safeguarding their most
valuable information from all possible threats.
Recognizing the renowned enterprise security solution providers, Insights Success has enlisted “The 10 Most Promising
Enterprise Security Solution Providers, 2019”
Featuring as our Cover Story is a notable Enterprise security solution provider Security Control. Security Control, LLC is a
United States based leading, privately owned security software Company. It believes in risk, vulnerability, and threat
management by utilizing the latest technologies for Industrial Security solutions. It offers a wide range of integrated service
solutions to meet and satisfy specific security requirements of Clients while increasing efficiency and productivity.
Also, make sure to flip through articles, written by our in-house editorial team as well as CXO standpoints of notable industry
personalities to have a brief taste of the sector.
Let’s start reading!
Efficient security solution providers improve the
profitability of the organizations by safeguarding their
most valuable information from all possible threats.
“ “
Sharad Chitalkar
6. SECURITY CONTROL:
Ensuring Security Solutions for All Requirements
Cover StoryCover Story
16 26 36
08
AI: From Artificial
to Authentic
Maestros Insights
Challenges in
Cloud Computing
Leadership Viewpoint
Leverage Existing SAP
Solutions with
Cloud Procurement
CXO Standpoint
7. METACOMPLIANCE:
Resolving Data Breaches
through a One-stop-shop
Management Solution
PDFI:
A Reliable Provider of
Defensible and Accurate
Digital Forensics Solutions
SECUCLOUD GMBH:
The Cyber-Security
Expert
18
24
30
38
KIANA.IO:
Augmenting Safety,
Security, Awareness
and Engagement
CONTENTS
ARTICLES
Data Center Security:
Controlling Possible Threats
Digital Revolution
Migrating the Data
Warehouses into the Cloud
Editor’s Pick
22
32
10. 1 SECURITYCover Story
Our vision is for Industry and
Government to have a single
platform to maintain security
clearances and requirements
across all Agencies.
“
“
Ensuring Security Solutions for All Requirements
Security
Control
12. In an interview with Insight Success, the President
of Security Control, Jeanne A. Travis and CEO,
Paul J. Cella share their logic that showcases the
composition of the organization ensuring compliance to
various programs for their Clients. Security Control,
LLC is a United States based leading, privately owned
security software Company. It believes in risk,
vulnerability, and threat management by utilizing the
latest technologies for Industrial Security solutions. It
offers a wide range of integrated service solutions to
meet and satisfy specific security requirements of Clients
while increasing efficiency and productivity.
Below are highlights from the interview conducted
between Jeanne A. Travis, Paul J. Cella and
Insights Success:
Give a brief overview of the Company and its vision.
Our vision at Security Control is to ensure that our
Client’s security program has the tools necessary to be
effective, efficient and compliant. We support companies
with a service plan on the Cloud, via Amazon GovCloud
(AWS GovCloud) or, as an alternative option, an on
premises (On-Prem) environment that is fully deployed
on our Client’s internal network. We accomplish this
through a powerful software package called Security
Control. This software package is developed by Facility
Security Officers (FSOs) for FSOs.
We are a wholly owned subsidiary of IsI Enterprises that
provides a wide array of services to Federal Defense
Contractors and Government Agencies. In addition, we
are working with two Government customers to create
13. workflow modules that facilitate and
speed up employee interaction with
their FSOs.
What are the cutting-edge
products/services offered by
Security Control (Sec-Con)?
Our eight workflow modules provide
automated notifications, management
and tracking of employee security
clearance needs, requests and
requirements. These eight modules
include the following features:
Ÿ Personnel – this module is for
tracking all information regarding
cleared personnel including
multiple clearances, special
accesses, and investigations,
assignments such as badges,
contracts, outgoing visits, safes
/closed areas, and classified
material. Also included, are
extensive workflows and business
rules so nothing is overlooked.
Ÿ Contracts – this module is for
tracking the details of each
classified contract including the
DD254’s, personnel assigned to
the contract (past and present),
classified materials held for each
contract along with built in
workflows for items, such as,
reporting new contract awards or
changes to existing contracts.
Ÿ Facilities – this module is used to
track details of the host facilities
and other facilities including
clearance verifications, Cognizant
Security Authority (CSA), and the
ability to initiate automated self-
inspections and Facility Clearance
(FCL) requirements.
Ÿ Reports & Incidents – this
module gives employees the
ability to submit outgoing visit
requests, report incoming visits,
report foreign travel, as well as,
report incidents, such as,
suspicious contacts, security
violations, insider threats,
network and cyber breaches, as
well as, self-reportable items, for
example, arrests, drug use, DUI’s,
bankruptcies, and wage
garnishments.
Ÿ Incoming Visits – this module is
for managing incoming classified
visits at your facility giving you
the ability to track dates,
attendees, clearance levels and
point of contact information.
Ÿ Outgoing Visits – this module is
for tracking details of your
companies classified visits to
Clients sites and other facilities.
This information includes dates of
the visit, “to” facility details,
clearance level, special accesses
required, contract the visit is
associated with, and ability to
print VAR’s.
Ÿ Safes & Closed Areas – this
module allows you to maintain
detail information on your safes
& closed areas but also track who
has access, classified materials
stored in each safe, or closed area
and combination change
information
Ÿ Classified Materials – this
module is for managing and
tracking classified material stored
at your facility but also track
custodians, safe assignments, and
contracts the materials are
associated with.
rentable Sensitive Compartmented
Information Facility (SCIF) space for
short term use. This allows our
Client’s that do not have SCIF space,
the ability to respond to classified
Government Request for Proposals
(RFPs) and other sensitive requests.
What inspired Security Control
(Sec-Con) to enter into its
respective segment?
Our Company started out using a
competing software product which
initially worked well for our Clients.
As Government processes changed
and our Company grew over time,
the software we were using became
ineffective with our Client’s needs
and Government customer
regulations. Therefore, this
determined the development of our
own unique software in order to be
current and compliant with
Government requirements.
Furthermore, we included
enhancements in our software so that
it would be intuitive for our Clients
to use. The software also assists in
reducing labor costs through built in
Our strategic
planning
process is the
key to successful
business outcomes.
“
“
14. the most stringent U.S. Government
security and
compliance requirements.
With the growing competition, how
does your Company ensure
optimal efficiency for its Client’s?
Our software is the only product on
the market that is hosted on the
Amazon GovCloud and contains
built in workflows to reduce labor
costs and inefficiencies. Currently
there are more than 420 Client’s
actively using the software on a
daily basis.
Where does Security Control (Sec-
Con) sees itself in the long run and
what are its future goals?
We see ourselves as the market
leader. We believe it is in the best
interest to support our Client’s by
providing the best software and
services that deliver the necessary
documentation on cleared personnel
for the Government to supplement
their staff with Contractors.
Testimonials by Clients
“Envistacom has contracted with
Industrial Security Integrators (IsI)
to help support our DSS personnel
and facilitate our security needs. IsI
has developed Security Control (Sec-
Con) software/system where our
employees have access to submit
Visit Requests, Foreign Travel, and
check details regarding status of
their Security Clearance. As well as,
our employees are able to view their
records for training and special
briefings that may be missing.
As an FSO, I utilize Sec-Con to
manage multiple facilities to keep
track of the required DSS facility
documentation (i.e., KMP Listing,
DD Form 441 & 441-1, SF-328,
appointment letters, self-assessments
and DSS SVA), this eliminates the
need to have paper copies. Sec-Con
allows me to monitor personnel
clearances, contracts, incoming and
outgoing visit, incident report, and
training. In addition, Sec-Con can
be used to keep track of all classified
documents, transmitted and
destroyed.” - Robin Taylor,
Envistacom
“ACES Group evaluated several
companies when looking for someone
to support our Security requirements
and IsI stuck out due to their
responsiveness, knowledgeable staff
and vision for automation that
revolved around a modern web
portal. After several years we can
testify everything we saw when we
first crossed paths with IsI has only
gotten better. We have grown to view
their team as are own. They are
What strategies has Security
Control (Sec-Con) undertaken to
stay ahead of the competition?
We have not just created a powerful
software solution, but where we have
advantage over our competition is in
our workflow modules, which are
built into our software. As you can
see in our testimonials, our Clients
really find our software easy to use
and extremely helpful in managing
their security program.
Describe the experiences,
achievements, or lessons learned
that has shaped the journey of the
company.
As mentioned earlier, we initially
started the business to assist FSOs
and then further developed the
software to enhance and improve
managing this process for other
Clients. The workflow modules
make a large difference in keeping
our processes current. We are always
improving the needs our Client’s and
their Customers, making them more
productive.
What are the current trends in
Industrial Security and how is the
Company accustomed to those
trends?
The current Industrial Security trend
is moving from On-Prem to the
Cloud. Amazon GovCloud was
selected as it is the most reliable,
secure, and economical route to go
with any enterprise hosting option.
We do offer an On-Prem option, but
it isn’t necessarily better, as
companies move to AWS to address
We strongly believe
in “Success lies in
team work”. We
dene path to follow
the project needs
and guide lines with
our experience and
project
management.
“
“
15. among our most trusted inner circle advisors and we
wouldn’t be where we are today without them. Their
portal has gotten so good we are using it as the single
authoritative source for our company’s most sensitive
data – this is worth noting as our company’s core
competency is developing web portals and automating
business processes for the Department of Defense.
Bottom Line: IsI delivers results in a complex, no-fail
area for small businesses.” - Jason Marshall,
ACES Group.
About the Leaders
It was during his days at SAIC, a company that provides
integration of technology, systems, and operational
solutions across a number of intelligence disciplines, that
Paul J. Cella observed the sheer number of calls made by
small and medium businesses seeking support in
managing their security programs. Having spent almost
two decades in the field of security operations and
beginning his career in intelligence with the U.S. Marine
Corps, Cella was well aware of the indispensable need
for a sustainable company that can provide Facility
Security Officer (FSO) and Personnel Security Services
for small to medium Cleared Defense and Intelligence
Community Contractors. While still being employed
with other companies, Cella, along with Jeanne A.
Travis, started supporting a handful of Clients. These
Client’s service needs varied from applying for Facility
Security Clearances (FCL) to day-to-day security
operations. The initiative started in Cella’s basement in
2010, which soon witnessed both its pioneers,
completely dedicate themselves to growing IsI, and, in
turn, Security Control, into the Companies they are
today. With headquarters in Herndon, VA, IsI and
Security Control are now the largest security service
providers in the U.S. Numerous companies today rely on
IsI for FCL and PCL service which is critical to establish
a footprint in the Department of Defense (DoD) and
Intelligence Community (IC) spaces while remaining
compliant with Federal regulations. From its humble
beginnings, IsI and Security Control have grown to
manage all the security needs of its Clients while
providing confidence that they will be in full compliance
and at a reasonable cost basis. It is also one of the few
companies in existence to be approved by the Federal
Government to support all cleared defense contractors
across the globe.
16. Address :
Country :City : State : Zip :
Global Subscription
Date :Name :
Telephone :
Email :
READ
IT
FIRST
Never Miss an Issue
Yes I would like to subscribe to Insights uccess Magazine., S
SUBSCRIBE
T O D A Y
Che should be drawn in favor of:ck INSIGHTS SUCCESS MEDIA TECH LLC
Insights Success Media Tech LLC
555 Metro Place North, Suite 100,
Dublin, OH 43017, United States
Phone (614)-602-1754,(302)-319-9947:
Email: info@insightssuccess.com
For Subscription: www.insightssuccess.com
CORPORATE OFFICE
17.
18. With so much attention focused on Artificial
Intelligence (AI), it’s worth remembering that
one size does not fit all. There are specific
business-related pain points in mind when a company
decides to deploy AI technology, so making the right
choices can be a tricky task.
For example, several months ago, an AI related
breakthrough was announced – a robot learned and
demonstrated the ability to perform a perfect backflip.
While it is well acknowledged that the invested research
and development for this mission was huge and the
commercial potential for some applications is enormous, it
is somewhat unclear how this specific innovation or the
core models and algorithms of it, can serve other industries
and verticals. Herein lies the problem.
Gauging AI success in one field in many cases can be
meaningless for another. To make things worse, even when
trying to go deeper into the technology and attempting to
evaluate, for example, which Machine Learning algorithms
are utilized by the product, or what are the number of
layers in the Deep Neural Network models mentioned by
specific vendors, in the end it will be possibly pointless as
it does not directly reflect the solution deployment
‘success’ implications.
Nevertheless, it seems that the market ignores this reality
and continues to evaluate AI-based products by buzzword
checklists using familiar and related AI terminology (e.g.,
AI:From
Artificial
to Authentic
About the Author
Mr. Jay Klein drives Voyager Lab’s technology
strategy and core intellectual property. He brings
more than 25 years of experience in data analytics,
networking and telecommunications to the Company.
Before joining Voyager Labs, he served as CTO at
Allot Communications where he steered Allot’s data
inspection and analytics core technology offerings,
and as VP Strategic Business Development at DSPG,
where he was responsible for strategic technology
acquisitions. He also co-founded and held the CTO
position at Ensemble Communications while founding
and creating WiMAX and IEEE 802.16. He also
served as the CTO and VP of R&D at CTP Systems,
acquired rst by DSP Communications and later by
Intel. Jay Klein holds a BSc in Electronics & Electrical
Engineering from Tel Aviv University as well as
numerous patents in various technology elds.
Maestros Insights
16 |April 2019
19. Supervised, Unsupervised, Deep Learning etc.). While
checklists are an effective tool for comparative analysis it
still requires the ‘right’ items to be included.
Unfortunately, what typically is absent are the items which
are important to the customer, from a problem-solution
perspective.
Introducing Authentic AI
Given all of this, there is a need to change the narrative
around AI technology and solutions to something
meaningful and authentic that reflects the real-life
challenges and opportunities that businesses are facing.
This is the time to introduce Authentic AI.
The Merriam-Webster dictionary defines ‘Authentic’ as
both ‘worthy of acceptance or belief as conforming to or
based on fact’and ‘conforming to an original so as to
reproduce essential features’. This is not about ‘Fake’ to be
contrasted with ‘Real’. It’s about the essential features of
AI which need to be acknowledged, and hence, redefine
the ‘checklist’. Often, these essential ‘authentic’ features
are hidden and only surface when a CIO/CDO is faced
with a new problem to be solved. This is seen especially
when the AI aspects of a proposed product or solution are
fully explored by asking questions such as:
- Is the AI technology utilized by the product aimed
specifically for my problem, optimally (e.g.,
performance, cost, etc.)?
- Is it capable of addressing the complete problem or
only a part of it?
- Can it be assimilated into the existing ecosystem
without imposing new demands?
- Can it address the compelling environmental
conditions of the problem space?
These issues can be grouped into three different ‘classes’ -
‘Original’, ‘Holistic’ and ‘Pragmatic’:
Original – How innovative is the solution? This can be
quantified by assessing the following:
- the invention of new algorithms or even new models
and
- the use of complex orchestration techniques or
- through the capability to handle complex data formats
and structures.
While there is no need to re-invent the wheel repetitively
for any problem, there are distinctive characteristics which
require optimizing.
Holistic – How complete is the proposed AI technology? It
takes into account the capability of handling the end-to-end
aspects of the solution, the competence of harmonizing the
operation of the various AI components of the solution and
the ability to adapt to ever changing conditions of the AI
application.
Pragmatic – Can the technology solve real world
problems in their actual and natural space in a
commercially viable way? This means that for example the
data sources can be processed in their most native format
(both unstructured or structured) as well as provide
insights or results matching the pragmatic needs of the
specific market expectations. In addition, the ability to be
quickly deployed and rapid to act are assessed.
All of these elements should be used to systematically
assess and evaluate AI-based products and solutions to
assess their authenticity and therefore effectiveness in
specific use cases.
For example, many home-loan mortgage evaluation and
recommendation systems utilize a somewhat isolated
machine learning based applicant classification method,
one of many other processes included within the solution.
The AI in this solution cannot be considered Authentic AI
to a high degree as it ‘scores’ low on the ‘Original’ and
‘Holistic’ classes as it isn’t innovative ‘enough’ (from an
AI sense). In addition, the AI component itself does not
cover on its own the end-to-end aspects of the solution
(hence affecting the overall performance and precision). It
could be considered to be ‘Pragmatic’ to some level if it
can handle the required data sources of financial
institutions or the customer applications natively, and if the
solution ‘output’ are the explicit results required as a
specific recommendation (e.g., loan conditions). However,
the deployment timeline (time-to-market) and commercial
aspects need to be evaluated as well. This is just one
example of many others, covering all kinds of variations.
Perfect backflips may grant you a gold medal if you are a
gymnast but if you are a master chess player don’t expect a
winning move.
17|April 2019
20. Kiana.io:Augmenting Safety, Security, Awareness and Engagement
In an interview with Insights Success, Nader Fathi,
CEO of Kiana, shares insights on how the company
empowers businesses worldwide with accurate location
and real-time footfall analysis to improve physical safety
and security as well as proximity services. Also, he broadly
discusses on the company’s core competencies and the
services it offers.
Below are the highlights of the interview conducted
between Nader and Insights Success.
Give a brief overview of the company and its vision.
Kiana enables enterprises to be more effective by providing
the required process and effective tools to create a safe and
secure environment. To date, Kiana has processed more
than 490 million unique wireless device IDs across 50
countries worldwide, driven by adoption of the company’s
IoP (Internet of Persons) technologies, used for greater
security and visitor engagement across an array of industry
use cases. The platform’s universal device detection
recognizes all mobile devices and wearables – connected,
detected, Android, and iOS – enabling companies to
determine recognizable, as well as potentially undesirable,
visitors. In 2018, Kiana was awarded two important patents
by the United States Patent and Trademark office. The
patents cover technologies powering KianaSecure and
KianaEngage, which detect and analyze tens-of-thousands
of visitors per day, making the cloud-based software ideal
for corporate campuses, convention centers, airports, malls,
and other large venues. Next in Kiana’s roadmap is
leveraging the power of 5G, the next-generation of mobile
networks beyond the 4G LTE mobile networks of today.
What inspired Kiana Analytics to enter into its
respective segment?
What we saw on the rise was; internal or external physical
threats in corporate campuses, hospitals, schools, arenas
and other public areas; corporate compliance regulations
and insurance premiums for workplace safety; data
Integrations from disparate building management systems;
stricter & rapidly changing security regulations; and
mergers/acquisitions to enable full-stack security solutions
for business process/building management.
In the other hand there were various aspects that were
declining including; cost of video surveillance equipment;
desire for stand-alone building management use-cases; and
non-IP cameras. These were the trends that inspired us to
enter the physical security and safety segment.
What are the cutting-edge products/services offered by
Kiana Analytics?
Kiana offers two cloud-based solutions, Kiana Engage and
Kiana Secure. These solutions use patented technology to
assist clients with the management of threats. Kiana Engage
collects and evaluates data on the people in a specified
location by leveraging real-time location services. This can
help organizations direct individuals to their nearest exit
based on their position, resulting in the efficient evacuation
of the building in case of emergencies. Kiana Secure makes
the current infrastructure of a building smarter without
replacing any of the existing hardware. By leveraging
forensic analytics, the solution combines video streams with
location analytics to provide vital information for crime
scene investigations.
What strategies has Kiana Analytics undertaken to stay
ahead of the competition?
Kiana is the only commercial solution that detects both
logged and unlogged mobile devices and has fused camera
images with WIFI signals. Plus, it makes our customers
successful with our solution and continues to develop
breakthrough technology and protect those innovations by
filling US Patents. Moreover, it expands Kiana’s customer
base in North America and worldwide. Kiana also forges a
worldwide partnership with leaders with the sensor, WiFi,
Bluetooth and camera manufacturers, system integrators
and telcos.
Describe the experiences, achievements or lessons learnt
that has shaped the journey of the company.
According to Gartner Report, Kiana was included as a
1
18 |April 2019
21. Kiana is the Security
& Safety Fabric for the
Internet of People (IoP).
“
“
representative vendor in Gartner’s Market Guide for Indoor
Location Application Platforms in Oct 11, 2018.
As per the DHS Award, as part of the Silicon Valley
Innovation Program (SVIP), the US Department of
Homeland Security (DHS) Science and Technology
Directorate (S&T) awarded Kiana two projects to develop
technology to enhance the U.S. Customs and Border
Protection counting and measuring capabilities at ports of
entry.
The information provided by the Telco Innovation Award
states that Kiana has received the “Rocket to Success”
Award at the Telecom Council’s 2018 Innovation Showcase
between other 150 companies who applied.
The company was recently selected by Verizon’s 5G First
Responder Lab to develop next-generation technology for
the first responders.
Where does Kiana Analytics see itself in the long run
and what are its future goals?
We see new companies driving the multi-billion dollar
service economies. For example, Airbnb is the world’s
largest accommodation provider, and owns no real estate.
Uber is the world’s largest taxi company and owns no
vehicles. Facebook is the world’s most popular media
owner, and creates no content. Kiana will be the world’s
first IoPsec (Internet of People Security) framework, owns
no security infrastructure.
About the Leader
Nader Fathi is a serial entrepreneur and veteran of the Big
Data and IoT industry. He was CEO of SigmaQuest, a Big
Data for Supply Chain solution, which he co-founded in
2002. Nader mentors and advises startups as the Executive-
in-Residence (EIR) at the University of Southern California
Stevens Institute for Innovations and the Plug and Play
Tech Center in Silicon Valley. He is currently on the
advisory board of Glassbeam, Machine-to-Machine
analytics.
Nader has coached Big Data companies in various vertical
markets including sports, retail, finance, health/fitness, and
environmental analytics. Previously, Nader held executive
positions at IntraStage, IKOS, Cadence, and Daisy systems.
He started his career as a software and chip designer at
Xerox Microelectronics. Nader holds a bachelor and
masters in electrical engineering from the University of
Southern California and completed his coursework toward a
Ph.D.
Clientele Assessments
“What we like is Kiana’s software-only solution that uses
existing infrastructure to capture data from disparate
systems, and brings it to a central location to identify
desirables and undesirables. In the case of an Active
shooter in workplace, it can send a mass notification to the
device to tell staff what to do or what is going on. This can
save lives” – Head of worldwide security for a global
corporation
“We have only scratched the surface of what we can do
with our visitor analytics the Kiana system allows us to
capture. We are achieving a very fast ROI from it.” – CIO
of Large Amusement Park
— Nader Fathi
CEO
19|April 2019
22.
23.
24. Data Center Security:
The rise in cyber-crimes is one of the main causes of
Data center outages. As per the recent survey
conducted by industry insiders, cyber-crime caused
22 percent data center outages in 2015 opposed to 2 percent
outages in 2010. Adding to all these, now most of the data
centers are re-evaluating their security policies after the
recent WannaCry ransomware attack.
Data center outages cause companies to loss revenue in
many ways. However, the costliest loss is service
interruption and loss of IT productivity. So, the
organizations are now realizing that traditional security is
no longer secure enough to secure any data center. A recent
study has found that 83 percent of traffic travels east/west
within the data center, which stays undetected by the
perimeter security. In this environment, when an attacker
infiltrates the perimeter firewall, then can jump across the
system with ease, extract information and compromise
valuable data. Additionally, data centers can fail due to
trespassers or a terrorist attack or by natural calamities.
So, how can one secure a data center in the best way
possible from any kind of cyber threat? Don’t worry we’ve
got you covered, with the points below.
As the first step, one should Map the Data Center and flag
the hackers within the virtual and physical infrastructure.
The CSOs and CIOs with a system map of their systems
can react to any suspicious activity and take steps to stop
data breaches. Being able to visualize different traffic
patterns within a network helps to understand threats, that
eventually elevates the level of security.
Understanding and measurement of traffic flow within
the data center boundary are very important. In the case of
any interruption in traffic across east/west vs north/south,
protected vs unprotected one can get to know about a threat.
Additionally, vulnerable zones and unprotected traffic need
to be monitored for a better result.
Firewall rules need to be defined and implemented as per
requirements. Additionally, one should allow traffic only
after thorough verification and selectively allow
communication to ensure maximum protection. The key is
to identify, what;s legal and secured and what can be
blocked to enhance security.
One needs to Build a Team with executives who
understand how traffic flows within the premises and can
access & secure information, take necessary measures to
secure important assets along with the implementation of
roadblocks for the attackers.
Security must move as fast as a data center’s technology
adoption
and integration. Security Strategy Should Change
Alongside the Technology and it should not be treated as
an add-on option. Additionally, businesses also should
ensure that their virus protection, signatures other
protection features are up to date for better protection.
Businesses should Identify and Place Controls over high-
value assets, which will help to reduce risk. However, older
security solutions are completely blind to new threats, new
security companies have produced latest solutions that
protect data in the virtual world.
Access Restriction also needs to be imposed. Every
business should thoroughly check a person’s background
before giving the access to a prized possession. Access to
the main site and the loading bay must be limited,
Controlling Possible Threats
Digital Revolution
22 |April 2019
25. additionally, two-factor authentications and fortified interiors with security guards and roving patrols would help to
safeguard the employees and the data center.
Installing Surveillance Cameras around the data center, alongside removing signs which may provide clues to its function
helps to locate an intruder. A buffer zone between the data center and all the entry points will limit unlawful trespassing to a
great extent. Additionally, the data center needs to be far away from the main road and it should not have any windows other
than administrative purposes for better security.
A data center should Check Test Back-Up Systems regularly as prescribed by the manufacturer. It should also ensure to
make a list and of Do’s and Don’ts in the event of an attack. Recovery plans and security plans also need to be checked
thoroughly.
Data centers are always a Soft Target for The Terrorists, as an attack on them can disrupt and damage major business and
communication infrastructure. So, security needs to be taken seriously and to do that proactive steps should be taken to limit
the impact of a terrorist attack.
Trained Security Guards needs to be posted inside a data center and they should be well trained. Security officers must
undergo strict site-specific training to monitor surveillance footage. Depending on the size of data center and the number of
security cameras multiple security officers may be required on duty. Security officers dedicated to inspecting surveillance
footage helps when it comes to securing a data center.
Disaster Recovery is very much important, that must be in place. If the data center stops functioning after an attack or
natural calamity, it must have a way to restore operations as soon as possible. To be ready for a disaster and to evaluate the
disaster recovery plan, it’s necessary to train staffs well and experience simulated disasters.
To avoid these obstacles, one needs a fair bit of knowledge of new security systems, solid plans, and comprehensive
visibility. The more work a data center can do up front in the above-mentioned areas the better the chances of success with
lesser outages.
23|April 2019
26. MetaCompliance:
Resolving Data Breaches through a One-stop-shop Management Solution
We live in a world where a digital presence is
considered a necessity. Be it an individual,
entity, solution or company, the digital identity
has become a standard to analyze social existence.
Although this digital identity and presence is significantly
beneficial, it is vulnerable to outside attack.
Despite having the most secure structure in place, cyber-
criminals will often gravitate towards the weakest point in a
company’s defenses, which is often its employees. This has
demonstrated that staff are the key element that need to be
strengthened and helped.
Founded with the vision to help organizations keep their
staff safe online, secure their digital assets and protect their
reputation and brand, London based cyber security
specialist MetaCompliance has created a product range
that addresses the specific challenges that arise from cyber
threats and corporate governance. Its one-stop shop
platform for staff awareness and privacy provides the
highest quality cyber security and compliance content
available on the market.
The cloud-based platform provides customers with a fully
integrated and multi lingual suite of compliance capabilities
that includes policy management, e-learning, simulated
phishing, incident management and privacy management,
all of which can be purchased on a modular basis or as a
complete system. Its ease of use, engaging user experience
and regularly updated content ensures staff satisfaction; and
enables cyber and compliance professionals to easily track
implementation progress and demonstrate ongoing
accountability.
Evolving Transition
Having started out as a company dealing in physical off the
shelf products, MetaCompliance made the transition from
physical to digital and its products are now hosted on its
innovative cloud platform. The cloud platform combines
the key pieces of software functionality needed for
companies to stay cyber secure and regulatory compliant.
MetaCompliance’s cloud-based software is recognized for
its flexibility. Not only has it enabled the organization to
solidify its position in Ireland and the UK, but it has
enabled it to seal new business in other regions across the
globe including North America, Latin America, Asia-
Pacific, and the Middle East.
A Comprehensive Suite of Products and Services
MetaCompliance’s visually engaging and user-friendly
product range combines eLearning, simulated phishing
solutions, policy management, incident management and
GDPR to create compliance and security awareness within
organizations around the globe. The company’s product list
includes:
MetaLearning
MetaLearning Fusion is the next generation of eLearning.
It’s been specifically designed to provide the best possible
Cyber Security and Privacy training for staff. It enables
organizations to build tailored courses for their employees
from an extensive library of short eLearning courses. The
courses are easy to create and can be personalized and
branded to make the content more relevant to staff.
MetaPhish
The company’s MetaPhish solution provides customers
with a powerful defense against phishing attacks by training
employees how to identify and respond appropriately to
these threats. MetaPhish enables organizations to find out
just how susceptible their company is to fraudulent phishing
emails and helps identify users that require additional
training.
MetaPrivacy
MetaPrivacy is an automated best practice approach to data
privacy compliance and helps organizations streamline their
GDPR requirements. The platform provides management
dashboards and a detailed reporting structure that allows
Data Protection Officers to easily track implementation and
demonstrate ongoing accountability.
1
24 |April 2019
27. Our innovative cloud platform provides a
one-stop-shop management solution that
helps organizations keep their sta safe online,
secure their digital assets and protect
their reputation and brand.
“
“
Policy Management
The MetaCompliance Policy Management software
contains all the key elements required to automate, deliver
and manage the policy management life cycle. It enables
organizations to enforce and sustain compliance and
information governance communications that develop an
educated and vigilant workforce.
MetaIncident
MetaIncident provides a platform for staff to report any
cyber security issues enabling organizations to respond to
the reported incidents in a timely manner.
Instrumental Leadership
Robert O’ Brien is the Founder and CEO of
MetaCompliance. He has been instrumental in driving the
business forward and ensuring the company remains at the
forefront of innovation. With more than 30 years’
experience in the IT industry, Robert is a serial technology
entrepreneur with a wealth of experience in executing and
developing strategies for high growth businesses.
Committed to Innovation
MetaCompliance’s commitment to innovation, and the
development of a product range that meets and exceeds the
needs of organizations around the world has enabled it to
stay ahead of the competition. The company designs its
entire Cyber Security eLearning catalogue using its in-
house design team and releases new titles every 3 months to
ensure that customers are receiving the most up to date and
relevant content available.
Reinforcing the Local and Global Offerings
As challengers in the industry, the company consistently
strives to create the best offering in cyber security and
compliance, and by having a clear focus on its customers,
MetaCompliance will continue to develop innovative and
cost-effective products that will reinforce its local and
global offerings.
Client Admirations
“We have been using the MetaCompliance bundle package
for the last couple of months and we are very happy with
the package and the support from the company in accessing
and using their portal. I can honestly say that since we
started using MetaCompliance, we have raised security
awareness within our company on a major scale. The
content is relevant, informative and interesting for the end
user. I would happily recommend MetaCompliance to other
organizations.” - Maxol Group – Oil Group
“Since we started using the MetaCompliance software, we
have noticed a number of benefits including; increased staff
awareness, greater reporting, better employee engagement
and a more interactive delivery of security awareness
training. I would have no hesitation in recommending
MetaCompliance and feel the benefits we have felt from
acquiring this service would also benefit other
organizations.” - Viridian – Energy Company
— Robert O’ Brien
Founder & CEO
25|April 2019
28. Challenges in
Cloud Computing
The Clouds keep rolling in for enterprises. In the
2018 State of the Cloud Survey performed by
RightScale, they found that 96% of respondents
now use the public, private, hybrid, or a mix of cloud
computing models. To add some additional complexity to
the mix, from the same survey, organizations are already
running applications in 3.1 clouds and experimenting with
1.7 more for a total of 4.8 clouds.
Businesses report the key advantages of moving workloads
to the Cloud are flexibility, agility, easy access to
information, and cost savings. All of these great advantages
though come with a price. Just like any migration project,
there are a lot of moving pieces and a lot of places a
company can run into issues.
There are really three silos of challenges that both cloud
migrations and operating in the Cloud fall into.
1 Planning – Without a well thought out plan, your
migration is destined to have a rocky road to operational
readiness.
2 Risk Mitigation – It is key to understand all the risks,
technology and business, that moving and operating in
the Cloud creates. Adding risk mitigation to your initial
plan will help ease the transition and make a surprise
free environment when services go into production in
the Cloud.
3 Governance (Cost and Security) – The ease of use,
agility, and elasticity of the Cloud are great benefits,
but, they can also lead to runaway costs and a lack of
adherence to security best practices.
At CCSI we break the migration and operation in the Cloud
into 5 key areas.
1 Discovery
It is a critical start with a full understanding of what
exists in the environment today. All applications,
services, and supporting infrastructure should be
inventoried and documented. This will ensure nothing
gets left behind and that there is a clear understanding
of the current steady state infrastructure.
Challenges in
Cloud Computing
2 Assessment
Once a complete inventory is created, each application
and service can be evaluated to determine if it should be
moved to the Cloud. If it is to move, is it best suited for
public, private, or hybrid deployment or would it be
better to move to a SaaS (Software as a Service)
solution. Perhaps it can be decommissioned because
there are duplicate services, or it is not being used
anymore. It may also be determined that the application
or service is not a good target to move. Perhaps it is a
legacy application that can’t support more modern
infrastructures.
This is also a good time to start reviewing Cloud service
providers that may fit the requirements of your
applications, your infrastructure, and your budget.
3 Migration Planning
Now that we know what we are moving and where it is
moving, we can start to put together a plan. During the
migration planning phase workloads are prioritized for
the order they are going to be moved, a budget is put
together, a business case is made for each workload that
is to be moved, and pilot migrations are performed
where further design, performance, or reliability testing
is needed. Once this stage is complete, a full migration
roadmap along with buy in from all the interested
parties within the organization should be secured.
4 Migration and Testing
Once a workload is migrated, full testing should take
place. Testing for performance, load, security, resiliency
and reliability should be performed. This is one of the
most critical steps. It is much easier to mitigate issues
BEFORE going into production.
5 Go Live
This is probably the shortest but scariest part of the
process. After all the hard work, the plug is pulled on
the original system and the new system in the Cloud
goes live. All support processes should be transitioned
to support the new cloud infrastructure and all
documentation should be updated. After any issues are
Leadership Viewpoint
26 |April 2019
29. Joe Goldberg is the Senior
Cloud Program Manager at
CCSI. Over the past 15+ years,
Joe has helped companies to
design, build out, and optimize
their network and data center
infrastructure. Joe is also ITIL
certified. Joe can be contacted
via Twitter handle
@DevOps_Dad or by email
jgoldberg@ccsinet.com.
About the Author
ironed out, a post migration review is
always valuable to see if there are any ways to
improve the migration process for the next workload.
Now that your organization is officially “in the Cloud”, the
challenge of governance begins. For effective cost control
in cloud computing services, it is important to understand
the different factors that impact an organization’s cost.
Cloud cost management tools should be used to help
discover the source of these inefficiencies. Unplanned costs
are often due to a lack of visibility of current consumption
and past trends. When organizations used on premise
infrastructure, they financed it with fixed upfront CAPEX
investments. Cloud consumption is an OPEX subscription
model based on utilization. A shift in the approach to
operational management is now needed. Optimizing for
cost is as important as optimizing for performance.
Cloud-based governance tools can track usage and costs
then alert administrators when costs are greater than
budgeted. These same tools can be used to ensure corporate
security policies are being applied to all workloads and that
best practice security frameworks like Center for Internet
Security (CIS) are being applied.
As cloud services move deeper into the organization, it’s as
important as ever that technology leaders make informed
decisions about which products, services, and payment
models deliver the
best results and have
adequate planning in
place - but it’s not easy.
About CCSI
For more than 40 years, Contemporary
Computer Services Inc. (CCSI) mission has been to
help solve modern business challenges with technology
solutions that optimize cost, reduce risk, simplify
operations, and increase performance. CCSI provides the
highest quality of service in the industry for the full
spectrum of technologies–from containers to PCs, network
infrastructures, managed services, IP telephony,
cybersecurity, cloud services, SD-WAN, to storage
solutions. At CCSI, we believe that technology exists to
make our lives - and our businesses - simpler, more
productive, secure, and ultimately more profitable. Let’s
Grow Together. Learn more at www.ccsinet.com.
Joe Goldberg
Cloud Program Manager
CCSI
27|April 2019
30.
31.
32. PDFI:A Reliable Provider of Defensible and Accurate
Digital Forensics Solutions
Founded in December 2016, Precision Digital
Forensics, Inc. (PDFI) provides strategic
consulting, data recovery and investigation, and
managed data services to commercial, non-profit, and
government organizations. The strength of PDFI lies in
developing and delivering innovative solutions and services
and an out-of-the-box approach that addresses today’s
digital evidence and electronic data challenges. Its solutions
mobilize the right people, skills and technologies adding
value to customer operations, increasing their capabilities,
and enhancing their ability to complete their missions.
PDFI are proven performers in solving mission critical and
complex technological and data management challenges.
As a CVE certified Service Disabled Veteran Owned Small
Business (SDVOSB), PDFI is committed to good
professional practice and to providing the highest quality
and best valued innovative solutions and services on the
market today. The company accomplishes this through
reliably delivering timely, accurate, and thorough results,
remaining compliant with industry accepted best practices
and standards, and continually improving its business
processes through communication, education, innovation,
and technology.
Inspiration behind the Inception
After working in the digital forensics industry for almost
two decades, the Founder of PDFI Clayton D. Schilling
witnessed firsthand the out of the control growths in data
and the accelerated technological evolutions that are now
plaguing the digital forensics industry. The reality is now,
there is just simply too many devices and too much data to
collect, process and analyze everything. Practitioner,
investigators, and legal teams need to change the way they
think, start leveraging technology to their advantage, and
focus their examination efforts on relevant digital evidence
and electronic data only.
Realizing the absence of suitable solutions and services, he
decided to build an agile company that could flex with
industry changes, grow as needed to meet demand, and
provide innovative solutions and services to help its
customers manage today’s ever-growing challenges
associated with the rapid advancement and proliferation of
digital devices. “The key is being able to take off the
blinders and think outside the box. Leveraging
technological advances and improved examination
methodologies, such as automation, AI, and triage will be
needed to keep pace with the fast-evolving digital
landscape.” says Schilling.
According to research, the digital forensics market is
expected to grow at a compound annual growth rate
(CAGR) of 15.9% through 2022; and PDFI is strategically
poised to address this growth and help its customers
navigate its challenges.
All-inclusive Digital Forensics Solutions
PDFI technology experts and forensic professionals
analyze, research, design and implement solutions in the
areas of:
Strategic Consulting Services
PDFI powered strategic consulting services focus on
integrated solutions designed to enhance supported client’s
operational and technical performance. By incorporating
industry best practices into organizational business
processes and management strategies, PDFI helps
supported clients stay ahead of the competition and better
serve their customers. PDFI consulting services include:
Ÿ Business Strategy & Planning Support;
Ÿ Strategic Change Management & Facilitation Support;
Ÿ Process Development and Assessment Services;
Ÿ Training
Data Recovery and Investigation Solutions and Services
PDFI solutions leverage innovative technologies,
automation, Artificial Intelligence (AI), and digital forensic
industry best practices to provide efficient end-to-end data
collection, preservation, processing, and analysis solutions
for criminal and civil investigations, eDiscovery, post
intrusion incident response, and intelligence collection
missions. By incorporating PDFI’s creative solutions,
industry accepted digital forensic best practices, and
1
30 |April 2019
33. At PDFI, we are committed to good
professional practice and to providing
the most innovative, highest quality,
and best valued solutions
and services on the market.
“
“
international quality standards, PDFI ensures the timely
production of defensible, accurate, and reliable high-quality
deliverables. PDFI services include;
Ÿ Computer Forensics / Media Exploitation
Ÿ eDiscovery
Ÿ Mobile Device, Tablet and UAS Forensics
Ÿ Incident Response / Network Forensics
Ÿ Audio / Video Forensics
Managed Services
PDFI managed services focuses on providing resources and
innovative solutions that help supported clients improve
and streamline their operations and cut expenses. By
incorporating PDFI’s managed services into business
processes and management strategies, PDFI helps
organizations stay up-to-date on technology, gain access to
current skills, and address issues related to cost, quality of
service, and risk. PDFI services include;
Ÿ Data Storage / Digital Evidence Management
Ÿ Business Process Outsourcing
Ÿ Resource Management
Ÿ Technical Support
Future Aspirations
PDFI’s goal is to be the company that best understands and
satisfies the digital forensics and digital evidence
management needs of supported clients world-wide. This
means being the best in terms of customer value, customer
service, employee expertise and competence, innovation,
and providing impartial, accurate, and defensible solutions
and services consistently. With that in mind, PDFI has
developed innovative solutions that not only enhance digital
evidence management capabilities, but also improves
examination methodologies using automation and AI to
reduce collection overages, improve processing turnaround
times, and significantly reduce digital evidence backlogs.
“At PDFI, we strongly believe technological advances and
improved examination methodologies are needed to keep
pace with today’s ever-increasing digital volume,” says
Schilling.
In the near future, PDFI envisions building a 5000 sq.ft full
service digital forensics laboratory in Northern Virginia and
getting it accredited under ISO/IEC 17025; a move that will
place it among only a handful of private accredited
providers in the world .
Excellence Personified
Clayton D. Schilling is President and Chief Executive
Officer of Precision Digital Forensics, Inc. He is
responsible for leading the development and execution of
the Company’s short- and long-term strategies with a view
to creating innovative defensible solutions and exceptional
customer value. A proven industry leader, with extensive
experience in digital forensics operations and organizational
management, Mr. Schilling has worked in, managed, and
assessed accredited laboratory environments and has built
local and regional federal and private digital forensics
laboratories and programs from the ground up.
Mr. Schilling has spent more than 27 years supporting
federal law enforcement beginning his career as a U.S.
Army Criminal Investigation Division (CID) Special Agent,
joining the Drug Enforcement Administration’s (DEA)
Digital Evidence Laboratory as a Group Supervisor after
retiring from the military, and in April 2012, joining CACI,
Inc. as Forensics Senior Manager and Laboratory Director
of the CACI Digital Forensics Laboratory (CDFL); a full
service ISO accredited facility he built from the ground-up.
He is a certified ANAB Digital Forensics Technical
Assessor and has assessed federal, state/local, international,
and commercial digital forensics operations and was the
first and only digital forensics practitioner to sit on the
ASCLD/LAB Board of Directors, prior to its merger with
ANAB in 2016.
— Clayton D. Schilling
President & CEO
31|April 2019
34. The cloud has now become a well-established
deployment option for business applications. It
provides an exceptional ground for grounding the
business intelligence systems, as it provides business
agility, scalability, and lowers the total cost of ownership.
So, it is a little uncharacteristic that although most
applications have migrated to the cloud, data warehouses -
the fundamental of any business intelligence structures - are
still mostly on proposition.
Of course, that's not entirely surprising given that
businesses have invested heavily in an on-premise data
warehouse technology, with strong concerns about
protecting sensitive data. Being seamless, migration of the
data warehouse to the cloud must ensure that additional
cloud security measures are addressed.
Steps required to be supervised while migration of the
Data Warehouses
Characterize the current data warehouse along multiple
dimensions
Detailed analysis should be carried out to cover the
sensitive data aspects very carefully. It should be taken
under consideration on what options are provided by the
cloud vendor, and what are the organizational needs for the
confidentiality. Thorough analysis of the regulatory
standards must be carried out.
There could be multiple business users and business units
who are using the data. We can also ease out the migration
process by prioritizing and breaking down the whole data
warehouse into significant business process subject areas.
Select the right cloud vendor for your warehouse
There are numerous cloud providers out there in the market.
Amazon, Google Cloud, Microsoft Azureare some of the
market leaders in among cloud solution provider’s industry.
Based on the outcome of the classification of the existing
warehouse, we must create a matrix of the functionalities
required vs. existing features in respective cloud provider’s
environment and then make the final choice. Of course, the
monetary expenses also play a vital role in making this
decision.
Identify technology choices depending on there siliency
of concept projects
Choosing the appropriate database technology for hosting
the warehouse is the most important technology decision to
be made. You are required to identify the queries
symbolizing the typical workload based on performance
tests. The factors needed to be considered while making this
decision are:
Data types needed by the application
Ÿ Database technologies available from the cloud provider
Ÿ Database features required
Migrating the
DataWarehouses
into the
CloudCloud
Editor’s Pick
32 |April 2019
35. Ÿ Real-time data processing needs
Ÿ Number of concurrent users
Ÿ Performance needs etc.
The compute and the storage necessities will decide the
infrastructure needed for hosting the data warehouse.
Preparing a surefire migration plan
Preparing a well thought out project plan is certainly crucial
for a successful migration. You must primarily involve
business users in the entire decision making and project
plan. They should be fully aware of the migration strategy
and in fact they must contribute in testing the new system.
Infrastructure readiness
Most data warehouse projects on the cloud are required to
set up a VPC. A VPC houses the entire production
warehouse setup. It is very important to create
corresponding environments for development, UAT and QA
to ensure smooth operations of the systems. Set up access
control and security on each of the environments. Also lay
out the complete architecture beforehand.
Complete the migration
Migration embroils initial movement of the old data
followed by the incremental tug of the data from the various
sources. A thorough description needs to be in place that
plots the source data elements to the target data elements. It
is desirable to run the modeled data migration project in
parallel with the legacy system so that it is easier to test and
determine the success of the migration. The migration and
extraction needs to be setup in a repeated manner so that in
case there are some concerns with the migration, it can be
re-processed.
Test the success of migration
In the primary stage of the data migration, we typically test
and compare one or several sample queries and data sets. In
addition, we would like to commend comparison of row
counts of objects, min and max values as well as sample
data row assessments. Outlining the success criteria for the
migration and testing is of greatest importance to ensure
long term success of the cloud data warehouse. You also
need to reassure that incremental data loads work correctly
throughout.
Conclusion
Nowadays, there has been a lot of support for data
warehouses in the cloud. Moving data warehouses to the
cloud is yielding real business benefits, since many vendors
are expanding the breadth and depth of services for
warehousing and analysis of the data. However, migration
is not exempted of challenges. Make sure you think through
all the different aspects of data warehouse migration and
then come up with an infallible plan to address those
challenges.
33|April 2019
36.
37.
38. C
ompanies that have already invested in SAP find
that they can achieve even better results from their
existing investment with cloud technology and
eProcurement. After the initial investment, companies find
certain roadblocks preventing mass user adoption and
diminishing cost savings. Issues such as inability to stay
connected, lack of insight into data, and complex and
fragmented business rules stop businesses from using the
full power of SAP. As cloud application technologies
advance, companies gain the benefits of rapid deployment
cycles, increased self-service tools, and faster performance.
Vroozi delivers on the promise and power of eProcurement
in the Cloud with seamless integration into SAP.
SAP users looking to the cloud generally face a few
questions, including:
· How can I benefit from using cloud procurement?
· Will my transition to the cloud be cost-effective?
· How will my business processes be affected by cloud
technology?
To understand the benefits of cloud technology to existing
SAP users, let’s evaluate three procurement strategies that
highlight the power of cloud procurement.
Value Realization
Return on Investment (ROI) is a central factor in any
procurement strategy. Buyers and trading partners of cloud
procurement solutions need to feel confident that solutions
will lead to cost savings and higher productivity and
efficiency. Users quickly see returns by focusing on user
adoption, compliance, and spend management. Spend
Management allows companies to visualize purchasing
spending patterns and usage and drives employees to
leverage preferred pricing with contract suppliers. To
increase user adoption and compliance, the cloud empowers
a mobile workforce with the right resources and experience
so everyone stays connected and available so that business
is not disrupted. As user adoption and compliance
frameworks increase with cloud-based systems,
organizations gain immediate cost savings in procurement
by decreasing transaction costs and preventing spend
leakage with your supply chain.
Efficiencies
Process efficiency is key for a successful, healthy business.
Cloud technology enables better processes by keeping
everyone connected through a mobile experience and
automating transaction tasks through the use of machine
learning and pattern matching. With a centralized, unified
system, cloud automation can yield immediate benefits in
requisition to invoice and payment business processes and
reduced errors and issues leading to higher productivity and
decreased processing costs. Further, by allowing employees
Leverage Existing
SAP Solutions
with Cloud Procurement
CXO Standpoint
36 |April 2019
39. Brad Hill, Director of Global Sales & Marketing
of Vroozi is a passionate leader and is
responsible for expanding the Vroozi Product
Suite, Brand Adoption, Partnership Network &
ensuring our customers receive an unparalleled
experience with Vroozi. Brad spent the last 20
years building Enterprise Sales and Product
strategies with leading IT Services
organizations. His entrepreneurial strategies
have served a vast number of Fortune 500
industries and verticals. He is also an aspiring
mechanic and frustrated golfer, two good
reminders to keep his day job.
to interact with cloud procurement via smart
Phones and tablets, business can continue to
move with efficiency and speed.
IT Cost Savings
Perhaps no determinant is more important in
realizing the benefits of cloud technologies
versus traditional on premise software is in IT
Cost Savings. Systems and applications which
required large physical infrastructure and
monetary investments can now provide
inexpensive and scalable solutions through the
Cloud and cloud infrastructure providers. A
procurement solution that integrates with SAP is
easier to access, less expensive, and takes a
fraction of the implementation time companies
once faced with traditional software solutions.
Cloud technology relieves the user of hidden
costs such as hardware, consultants,
infrastructure, maintenance, and costly upgrade
cycles, providing lower risk and lower total cost
of ownership.
Conclusion
The cloud offers little upfront expense, automatic
upgrades, and pre-integrated best practices which
allow organizations to focus on business growth
and improved operating margins. Vroozi’s
eProcurement solution that takes SAP solutions
to the cloud empower users with better returns,
better processes and higher savings, so their
overall SAP investment’s ROI is accelerated.
According to IDC, spending on Cloud
computing is growing at 4.5 times the rate of IT
spending since 2009 and is expected to continue
growing at more than 6 times the rate of IT
spending from 2015 through 2020. (via Forbes)
This massive growth is easily understood when
businesses understand the power and value of
cloud solutions. With the Vroozi Platform,
companies can take advantage of robust
eProcurement technology delivered in the Cloud
and integrated seamlessly with SAP.
Brad Hill
Director of Global Sales & Marketing
Vroozi
37|April 2019
40. Headquartered in Hamburg, and represented in
USA, India, Latin America, Southeast Asia, Africa
and Middle East, Secucloud GmbH is active
worldwide as a provider of high-availability cyber-security
solutions, offering a cloud-based security-as-a-service
platform for clients.
Founded in 2013, the company is led by a team of managers
and experts on network security with international
experience. Right from the start, Secucloud solutions were
conceived as purely cloud-based, enabling customers to
take direct advantage of the elasticity of the cloud and
flexible consumer offerings for the benefit of their own
business models.
Secucloud’s Elastic Cloud Security System (ECS2) enables
a wide range of markets and target groups (mobile
communications & landline consumers, small businesses &
home offices, SMEs) to enjoy the benefits of enterprise-
level security solutions. This innovative platform does not
require any special hardware or proprietary appliances,
scales automatically, and is capable of supporting more than
100 million users and their connected devices.
Solutions that Keep Cyber Crime at Bay
The technological core of Secucloud’s solution is the
Elastic Cloud Security System (ECS2). Here, the platform
combines a variety of powerful enterprise-grade security
mechanisms like sandbox technologies, deep packet
inspection as well as IDS and IPS systems to analyze
incoming data streams and test their harmfulness – in the
cloud and therefore separated from the customer’s systems.
Thus, there is no longer any need to deploy a local security
solution. The advantage of this is obvious: No performance
losses on the edge device, no need for constant updating
and maintenance of an onsite installed security solution.
On the one hand, the company’s offering is directed at
telcos, which can implement its solution directly in their
infrastructure and then provide their customers with its
highperformance security in the form of a subscription-
based service. Since Secucloud’s solution provides almost
unlimited scalability, even large customer bases of 100
million users and more can be protected at the same time.
On the other hand, the organization also offers a managed
service in the B2B segment, in the form of “Secuscaler”.
Secuscaler enables vendors and resellers in the firewall-as-
a-service business to act as Managed Security Service
Providers (MSSPs) and provide small and medium-sized
businesses with a suite of powerful security technologies
that scale as needed and stay up-to-date without any
maintenance.
Tech Expertise Ensuring Success
Dennis Monner is the Founder of Secucloud and serves as
its Chief Executive Officer. He is a true technology
entrepreneur: He was also the founder and chairman of the
executive board of the IT security manufacturer gateprotect,
which was aquired by Rohde & Schwarz Cybersecurity in
2014. Under his direction, the company was able to
outperform 500 international competitors and is considered
today to be among the top 10 in the industry, ranking in the
Magic Quadrant by the Gartner consulting firm.
Fostering New Innovations
Secucloud believes that, in order to successfully fight
cybercriminality, security providers must display a very
high level of innovation. In that regard, the company is
certain that the cybercrime industry is its true competition.
Secucloud is continuously competing against hackers and
criminals in a struggle to outdo one another by harnessing
the latest state-of-the-art technology.
In order to stay ahead in this everlasting race, evolving
technologies and fostering innovation has to be at the center
of the organization’s work. For example, it is currently
working on ways of utilizing artificial intelligence in the
form of neural networks to classify network traffic. A neural
network would be ideal to recognize and identify the
continuously changing and evolving harmful data streams
on the Internet – not based on known attack patterns, but
rather thanks to a true understanding of the difference
between good and bad network traffic.
Secucloud GmbH:
The Cyber-Security Expert
1
38 |April 2019
41. Evolving with Changing IT Landscape
According to Secucloud, the IT landscape has been
changing rapidly for many years now, as has the security
threat landscape. Thanks to digitization, internationalization
and the increasingly widespread use of IoT and mobile
devices, today’s corporate networks are more complex than
ever. And with that, the task of ensuring protection against
hackers and industrial espionage are also becoming more
and more complex. By accompanying its clients through
these ever-changing times, Secucloud has always been able
to stay at the forefront of the latest technological
developments and contunualy adapts its portfolio
accordingly.
For example, one of the most important current technology
trends that will revolutionize the market in the near future is
the Firewall as a Service (FWaaS). As early as 2017,
Gartner included the technology in its hype cycle, calling it
one of the emerging technologies (“on the rise”), and gave
it a ‘high’ benefit rating. Even then, Gartner named
Secucloud as one of the few vendors for this emerging
technology trend. With Secuscaler, the company has been
able to tap into a further field of application for its
innovative cloud offering and to provide the customers with
a turnkey solution for this major future technology today.
Backed by the experience gathered on its journey so far,
Secucloud’s goal is to always stay ahead of upcoming
trends and further affirm its market position as the ideal
solution provider and consulting partner for any
organization that wants to provide their users with a
powerful protection technology adequate for today’s
requirements.
Client Feedback
“Given the sheer number of connected devices in
companies and households, it’s simply not possible to
provide an appropriate level of protection on the individual
device level,” explained Saud Bin Nasser Al Thani, CEO of
the Ooredoo Group. “Instead, efficient protection today
needs to be integrated natively into the network. And that’s
exactly what we’ve found with the German security
specialist Secucloud.”
“What VinaPhone customers needed was a security solution
that provided reliable protection simply and effectively
while they were using the net”, said Tuan Nguyen, CEO at
VKAS, a business partner of the Vietnamese telco
VinaPhone. “And that’s exactly what we’ve been able to
find with the Secucloud solution. Another benefit is that the
solution enables VinaPhone to handle peak user traffic,
even several million customers simultaneously, with no
negative impact on performance. We’ve chosen a solution
that’s capable of supporting the future evolution of the telco
and that is flexible enough to grow along with the
company.”
Dennis Monner
founder & CEO
With many years of
experience in the global
cloud security business,
Secucloud is an
international provider of
innovative cyber-security
solutions, offering global
clients a powerful, cloud-
based security-as-a-
service platform.
“
“
39|April 2019