Connect with us

Expert Speak

Why an Open, Single-Vendor Security Solution is a Win for Businesses



Written by Rudie Opperman, Regional Manager, Engineering & Training, Middle East & Africa at Axis Communications

Building security solutions used to be a binary choice. In general, if an organisation had more complex needs and wanted a best-of-breed solution, it would opt for a multi-vendor set-up. If their needs were simpler, or they wanted an easier option to service, they chose a proprietary, single-vendor solution. But this often resulted in vendor lock-in that limits growth potential. If organisations wanted to upgrade to a more advanced video management system or cameras or add access control technology and other devices that weren’t in the vendor’s portfolio, their only option was to replace everything.

Today, however, there’s a third option – the open-platform, single-vendor solution. As a non-proprietary solution, it provides users with the best elements of both previous options. This approach gives customers the simplicity they need without being locked in with one vendor. And, as their needs become more complex, they keep the ability to scale the initial investment by integrating it with other vendors’ open-platform devices and software.

Before selecting an approach to security services, it’s important to explore the wide range of advantages afforded by an open, single-vendor security solution.

Quick and Easy Design and Purchase
In a traditional mix-and-match solution, one should consider whether those devices and software are compatible and allow access to all the features of those products. At the end of the day, systems integrators don’t just need a variety of components. They need a portfolio that’s designed to work together seamlessly and deliver full functionality, and a single-vendor solution can provide just that.

In a multi-vendor solution, you also often deal with different pricing structures and licensing agreements. But with a single vendor, all those details are coordinated with one source – how many licenses you’ll need, how frequently they’ll need to be updated, or whether the devices purchased come with one-time licensing fees that include upgrades.

Simple Installation, Management, and Security
Having a single point of contact can provide advantages to an integrator across a project’s lifecycle. If an installer must take more time on site than originally projected, an integrator starts to lose money. With a single-vendor solution, you have products you know have been designed and pre-tested to work well together, which reduces labour costs and shortens the initial setup time.

Once a security solution goes live, managing all the moving parts can be a challenge. With a single-vendor solution, it’s far easier to gain a holistic overview of the installation site and complete control over all devices. This greatly simplifies identifying devices on the network as well as managing system updates, outages, and other ongoing maintenance activities.

In terms of cybersecurity, there are significant differences between a multi-vendor solution and a single-vendor approach. A multi-vendor solution makes it difficult to ascertain whether all the vendors are maintaining the same high level of cybersecurity. Incomplete or untested cybersecurity measures in one vendor’s products could compromise the security of another vendor’s technology. But, with a single-vendor solution, it’s easy to apply relevant cybersecurity updates across the entire solution and respond more rapidly to threats.

One Point of Contact for All Support
In a multi-vendor solution, it’s often more difficult to determine where the problem lies and whose products are at fault, because there are so many potential points of failure. In a single-vendor solution, there’s only one company to hold accountable. It eliminates all the guesswork, all the running around in circles, and the endless phone calls.

Of course, there can be downsides to putting all your eggs in one basket – especially if it’s with the wrong vendor. It’s important for integrators to look for a trusted vendor with a broad portfolio of support services, a reliable product warranty, and a transparent replacement policy if something fails. Integrators should also make sure they offer an open platform that allows for integration with third-party devices if the need arises in the future. In the long term, having an open API, interoperability standards such as ONVIF, and custom integration services can prove invaluable.

A Partnership that Promotes Mutual Success
When a systems integrator decides to go with a single-vendor solution, the close connection that develops between the two companies is often more difficult to sustain in a multi-vendor environment. With a single-vendor solution, they can focus on developing expertise in a single portfolio. And, to support that effort, vendors offering value-adding partner programs can further enhance an integrator’s proficiency in their products and applications.

It is also crucial to partner with a vendor who has a clear roadmap for the future – one that includes ongoing product development and a long-term commitment to the security industry. Long-term vendor support is critical to maintaining a successful business operation. But it isn’t just about being able to call the company when something goes wrong. It’s about having a partner who supports you through the entire project lifecycle – from concept to installation and beyond.

The Importance of Weighing all Your Options
Security solutions come in all shapes and sizes. Some are extremely complex. Some are bare bones. Some are proprietary. Others are based on open standards. The direction you choose will depend on what best matches your specific needs.

An open, single-vendor security solution is a truly cost-effective option because it allows you to build on your initial investment. You can create a security and surveillance system that satisfies simple needs today – without limiting its potential to grow in the future.


Preparing a Secure Cloud Environment in the Digital New Norm



Written by Daniel Jiang, General Manager of the Middle East and Africa, Alibaba Cloud Intelligence

As hybrid or remote working is being adopted by many companies globally and becoming the ‘new norm’ for millions of workers, cyberattacks meanwhile continue unabated. Building a secure and reliable IT environment has therefore become an increasingly important priority for many businesses who are exploring opportunities in the global digital economy. While moving to the cloud and using cloud-based security features is a good way to challenge cyber risks, it’s important to delve deeper into how best to construct a secure and reliable cloud environment that can fend off even the most determined attacker.

In today’s digital environment, discussions about cyber security’s best practices have never been more important. The UAE in particular established the Cybersecurity Council to develop a cybersecurity strategy and build a secure cyber infrastructure by creating related regulations. Following this move, the nation ranked 5th place on the International Telecommunications Union’s Global Cybersecurity Index 2020, jumping 33 places and it continues to prioritize cyber security and awareness. Creating a secure cloud environment – from building the architecture to adopting cutting-edge security technologies and putting in place important security management practices – will inspire more thorough conversations on this subject.

A resilient and robust security architecture is essential for creating a cloud environment capable of assuring an organisation about the availability, confidentiality and integrity of its systems and data. From the bottom up, the architecture should include security modules of different layers, so that companies can build trustworthy data security solutions on the cloud layer by layer – from the infrastructure security, data security, and application security to business security layers.

In addition to the security modules of all of the layers, there are a variety of automated data protection tools that enable companies to perform data encryption, visualisation, leakage prevention, operation log management and access control in a secure computing environment. Enterprises can also leverage cloud-based IT governance solutions for custom designs of cloud security systems to meet compliance requirements from network security and data security to operation auditing and configuration auditing. This ensures full-lifecycle data security on the cloud, with controllable and compliant data security solutions in place.

Another consideration is to build a multi-tenant environment, abiding by the principle of least privilege and adopting consistent management and control standards to protect user data from unauthorised access. In addition, establishing strict rules for data ownership and operations on data, such as data access, retention and deletion, is also pivotal in creating a safe environment.

Moreover, enterprises can embrace the zero-trust security architecture and build a zero-trust practice by design to protect the most sensitive systems. The architecture requires everything (including users, devices and nodes) requesting access to internal systems to be authenticated and authorised using identity access protocols. As such, the zero-trust security architecture cuts down on automatic trust, or trust without continuous verification, addressing modern challenges in securing remote working environments, hybrid cloud settings and increasingly aggressive cyber threats.

Cutting-edge security technologies such as comprehensive data encryption, confidential computing and many more emerging tech solutions, can be leveraged to ensure we stay on top of the trends in cybersecurity. Comprehensive data encryption provides advanced data encryption capabilities on transmission links (such as data-in-motion), compute nodes (such as data-in-use), and storage nodes (such as data-at-rest). Key Management Service and Data Encryption Service help users securely manage their keys and use a variety of encryption algorithms to perform encryption operations.

Another emerging technology to safeguard the cloud environment is confidential computing. Confidential computing is dedicated to securing data in use while it is being processed, protecting users’ most sensitive workloads. Confidential computing based on trusted execution environments (TEEs), ensures data security, integrity and confidentiality while simplifying the development and delivery of trusted or confidential applications at lower costs.

It is equally important to adopt proper security management practices and mechanisms to maximise the security protection of one’s critical system and important data. One essential mechanism to protect the cloud environment is to develop a comprehensive disaster recovery system, which enables businesses to configure emergency plans for data centres based on factors such as power, temperature and disasters, and establish redundant systems for basic services such as cloud computing, network and storage. It helps companies to deploy their business across regions and zones and build disaster recovery systems that support multiple recovery models.

Setting the effective reviewing and response mechanism for your cloud security issues is imperative. First, having vulnerability scanning and testing in place is important to assess the security status of systems; second, it is vital to use cloud-native monitoring tools to detect any anomalous behaviour or insider threats; furthermore, establishing proper procedures and responsibility models to quickly and accurately assess where vulnerabilities exist and their severity, will help ensure that quick remedy actions can be taken when security problems emerge.

In the future, developing the security architecture, technologies, management and response mechanism will no longer be perceived as a cost-centre burden for companies, but rather, as critical capabilities to safeguard the performance and security of daily business operations. Crafting a comprehensive cloud security plan, adopting the best industrial practices, and choosing a professional cloud service provider with strong security credentials to work with, should be an imperative subjects in a CXO’s agenda.

Continue Reading

Expert Speak

Why You Should Use a VPN While Traveling



According to a survey conducted by NordVPN, 50% of travellers use public Wi-Fi while on the road. However, only 20% of them use a VPN (a virtual private network) to protect themselves while being connected to a public network. “Travelers connect to public Wi-Fi in airports, cafes, parks, and trains. Some even use public computers to print their visa information or flight tickets. A VPN in those cases is crucial if you want to make sure that your vacation will not be ruined by cyber criminals. Nobody wants to lose access to their device or their bank account during a trip to a foreign country,” says Daniel Markuson, a cybersecurity expert at NordVPN.

As International VPN day (August 19th) is just around the corner, Markuson lists all the benefits offered by the service.

Enhanced online security
The main purpose of a VPN is to keep its user’s online connection secure even when they are away from home. Hackers can set up fake hotspots or access unsecured public routers and this way monitor users’ online activity. Once a user is connected, criminals can intercept their internet traffic, infect the device with malware, and steal their victim’s personal information.

When authenticating themselves on public Wi-Fi, users often need to type in their email address or phone number. However, if a user has accidentally connected to a hacker’s hotspot, they could be exposing themselves to real danger.

A VPN hides users’ IP addresses and encrypts their online activity. That means that, even if a user is using a malicious hotspot, the hacker behind it won’t be able to monitor their activity. Therefore, getting a VPN for travelling abroad is essential if you want to stay secure and private online.

Grab the best deals
Depending on the country in which you’re located, the prices for airline tickets, car reservations, and hotels might vary. That’s because businesses know that people in different countries can and will pay higher amounts for certain products and services. If you use a VPN for travel, you can hop between servers in different countries and find the best deals available.

Make the best of additional VPN features
As the industry is evolving, many VPN providers add new features to make their users’ experience even more wholesome. NordVPN, for example, recently added the Meshnet feature that lets travellers connect to other devices directly no matter where in the world they are. This enables users to form a remote connection with their home or office PC from anywhere in the world to share files or for other uses.

However, having said that, please check local laws and regulations about using VPN services on your devices, before you do.

Continue Reading

Expert Speak

API Security Moves Mainstream



Written by Cameron Camp, Security Researcher at ESET

As swarms of IoT gear, seek richer data retrieval from their cloud mother ships, the more robust – and more potentially dangerously hackable – API interfaces get a fresh push toward center stage. With Google’s API security initiative Apigee, API security is growing up. And it’s not just IoT. Machine-to-machine data behind super-slick UX designs need seamless interfaces that help move masses of data with less friction, offering more responsive mashups of tech polled from locations far and wide.

But to make this all “just work”, those more robust interfaces bake in more robust attack possibilities to potentially slurp data wholesale to parts unknown and at record speed. Recently, we wrote about the spate of new startups at this year’s RSA Conference that tried to get attendees to wrap their heads around how to make sure an API doesn’t suddenly start misbehaving or does stuff no one knows about until it’s too late. It’s not just us: our friends at DarkReading purport to tally the mounting business losses associated with API hacks.

And now the heavyweights are moving into this space too, cementing API security as “A Thing”. Google’s Apigee Advanced API Security for Google Cloud aims to let organizations identify API misconfigurations and thwart malicious bots, the former being one of the main culprits of API security incidents. Luckily, there are tools from folks like the OWASP API Security Project where you can do a health check on your own APIs, or on those you interface with, which can serve as a baseline. They also have a drill-down about the most common misconfigurations and how to avoid them, so it’s a great place to start.

As we mentioned in our previous post, there was a bevvy of API security startups darkening the halls at RSA, so you may also have some commercial options, with more coming in the future. Expect to continue to see API hacks ramp up as companies wrestle with the prospect of securing yet another interface, this time an industrial one that sits at the heart of the cloud and big data, and – configured wrong – can allow vast troves of data to be siphoned off around the world to parts unknown. Just make sure it’s not your data.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.