Ingram Micro New Zealand

Ingram Micro helps businesses fully realize the promise of technology™—helping them maximize the value of the technology that they make, sell or use. With its vast global infrastructure and focus on cloud, mobility, supply chain and technology solutions, Ingram Micro enables business partners to operate more efficiently and successfully in the markets they serve.

No other company delivers as broad and deep a spectrum of technology and supply chain services to businesses around the world. Founded in 1979, Ingram Micro’s role as a leader and innovator in technology and supply chain services has fueled its rise to the 69th ranked corporation in the FORTUNE 500®
Learn more

Menu
Compliance with new rules needs a comprehensive risk assessment

Compliance with new rules needs a comprehensive risk assessment

The key to detecting malicious activity on your network is to understand what assets you have, how different systems communicate with each other and the outside world, and what normal system activity looks like on your network. Once you understand normal, you can create a baseline so that anything outside the expected conditions can be identified, investigated and acted upon.

Individuals today expect the companies holding their personal identifiable information (PII) to be diligent and cautious in protecting those resources. But trust has been seriously eroded following a number of major data breaches across the world. As a result, governments around the world have introduced new laws and regulations that prescribe what organisations must do to protect data.

Laws such as the General Data Protection Regulation (GDPR) in the European Union, National Data Breach (NBD) notification rules in Australia and New Zealand's updated Privacy Bill all differ in their detail. However, they all focus on one primary principle: the protection of PII.

These new laws and regulations rely on a common assumption - that organisations holding PII data know what they have and where it is stored. 

The risks associated with a data breach are not insignificant. At an investor briefing in 2016, Australian electricity retailer AGL said if a data breach occurred and 0.5% of their 3.5 million customers moved to other retailers as a result, resulting in a loss of about $1.75M of revenue. They would then to need spend around $15 per customer in order to get back the number of customers they projected to lose. That adds up to a total cost of about $2M for a relatively small breach

Add to that the potential fines for non-compliance with data protection rules and the long term hit on company reputation and the $2M could be just the tip of a very large iceberg.

But there's more. Malicious software can prove to be costly. One of the newly emerging forms of malware steals CPU cycles in order to mine cryptocurrencies. While this may seem relatively harmless, it can have a significant cost. The CPU cycles that are stolen use electricity, driving up the costs of operating your servers. Based on current energy prices and the amount of processing required, a single Bitcoin requires about $9,000 of energy to produce. If cryptojacking software sits in the background, quietly stealing CPU cycles and electricity, it can result in a trickle of dollars disappearing from the company's coffers.

The key to detecting malicious activity on your network is to understand what assets you have, how different systems communicate with each other and the outside world, and what normal system activity looks like on your network. Once you understand normal, you can create a baseline so that anything outside the expected conditions can be identified, investigated and acted upon.

That understanding needs to go beyond network switches and server. It also has to cover the actions of your users so that intentional or accidental actions don't result in data loss. That level of monitoring will also identify if any malware has made it past your other protections to end-point devices, even if it is dormant and waiting for some trigger before executing. 

“All businesses have specific assets that are more valuable than others.” James Meuli, Solutions Architect, Fortinet at Ingram Micro said. “That value might be determined by the profit it delivers, the need for regulatory compliance or some other driver. It is important that businesses understand what their most valuable assets are so that they can target protections appropriately.” It's easy to be distracted by the latest "threat of the week". But those issues may not be the biggest problems you face. For example, in the wake of the Spectre and Meltdown issues that were publicised this year, ransomware remained a far more damaging problem. 

As businesses prepare for the GDPR and other regulatory changes, what steps should they take to prepare for the new regulatory regimes and, more importantly, protect the PII they are entrusted with?

The first step is to know what data you have. That will require the use of a tool that can intelligently query your network and provide a baseline understanding of all the resources it holds and activity that take place. That includes understanding user behaviour.

You then need a tool that can understand how your network is being used and alert you to anything unexpected or anomalous. That includes finding malware that is dormant but waiting to do something. 

Fortinet’s Cyber Threat Assessment Program (CTAP) can interrogate your environment and deliver actionable advice that will help you make decisions so that you target your efforts and resources where they are most needed. 

For example, one company used CTAP and discovered three pieces of previously undetected pieces of malware, over 100 unknown applications, about 20 audio/video streaming applications consumed over a third of their organisational bandwidth as well as other attempts to install malware. Armed with that data, Fortinet channel partner was able to assist that business to put security measures in place that addressed their specific risks. 

Fortinet partners can brand the CTAP report as their own and use it to leverage Fortinet's expertise and turn that into new and expanded business opportunities.

As companies ensure their systems are compliant with the GDPR and other regulatory regimes, carrying out a targeted assessment that delvers actionable advice is important. CTAP allows Fortinet's partners to support their customers and deliver products and services that will make a difference. 

Contact Ingram Micro Solution Architects James and Rod to learn how easy it is to run a CTAP for your client. 




Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags technologyinternetIDGtechnology trendsNew ZealandIngram MicroFortinetReseller News New ZealandGDPRGDPR (General Data Protection Regulation)GDPR obligationsCTAP

Featured

Slideshows

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established partners, emerging players and innovative start-ups, in front of over 460 technology leaders in Auckland.

Reseller News Innovation Awards 2018: meet the top performing partners
Champagne Reception kicks off Reseller News Innovation Awards 2018

Champagne Reception kicks off Reseller News Innovation Awards 2018

More than 460 channel leaders came together to toast the top performers of the New Zealand industry, during the opening Champagne Reception at the Reseller News Innovation Awards 2018 - in association with Techbuyer.

Champagne Reception kicks off Reseller News Innovation Awards 2018
Chasing innovation: how Kiwi partners can create a new customer agenda

Chasing innovation: how Kiwi partners can create a new customer agenda

This exclusive Reseller News Roundtable - in association with Rhipe and Microsoft - detailed a blueprint for customer success, outlining the new role of the modern-day partner and wider network in New Zealand.

Chasing innovation: how Kiwi partners can create a new customer agenda
Show Comments