Trending Now

US Intermodal Gains Momentum Amid Trucking Challenges

New Articles

Why the Keys to Maintaining Data Security in a Remote Environment are Control and Visibility

data security
Archives, Commentary, Global Trade Daily

Why the Keys to Maintaining Data Security in a Remote Environment are Control and Visibility

Leave a comment

Remote workforces are nothing new to most organizations. According to Buffer’s 2019 State of Remote Work report, 44% of respondents noted that at least part of their team was “full-time remote,” and 31% said that everyone on the team works remotely. Further, at the time of the report, 30% of respondents said that their entire company worked remotely. However, the COVID-19 pandemic accelerated the work-from-home model. By March 31, 2020, the percent of users working remotely had increased 15 percentage points since the start of the COVID-19 outbreak. With that in mind, organizations are assessing how they can maintain granular levels of control and visibility when business data is being accessed remotely.

Adopting Contextual Controls to Protect Data

Most organizations already leverage role-based access controls. These controls, which align data access privileges and job function resources, provide a baseline for data governance. However, they often lead to excessive levels of data access and, in turn, produce additional risks. Contextual controls enable an organization to dynamically control access to data during varying contexts of access, often aligning to least privilege best practices. Migrations to cloud applications are largely due to contextual controls being a business requirement, simply because the interconnected applications required a more dynamic approach.

With the move to a remote workforce, organizations need to create more detailed and more dynamic access controls. With attribute-based access controls (ABAC), a company can incorporate additional context such as geolocation, time of day, and IP address to both ensure the appropriate user is accessing the resources and prevent users from having more access than they need. For example, if the organization knows that an employee should be working from Connecticut, ABAC can prevent access to resources if the user’s location is suddenly California – or a foreign country.

Contextual controls provide both the prevention of access policy violations, along with alignment between business requirements and security protocols. Because the organization can limit access according to the principle of least privilege, it reduces the risk of data leakage and financial fraud. Meanwhile, by creating more granular, data-centric access privileges, an organization can ensure that users do not get too much or not enough access – limiting the potential negative effects of restricting access excessively.

User Activity Monitoring for Security and Managing Productivity

Monitoring user access to resources and tracking how users interact with data provides an additional benefit for many organizations as their workforces move towards a remote model. Most organizations recognize the benefit of monitoring user access – but not just instances of logging in and logging out of applications. Understanding data access and usage is now a key requirement when maintaining visibility over business data. Organizations are turning to analytics platforms that both include granular access details, along with a visualization element (for example, SIEM). Data is only as useful as the insights it provides, and rapid aggregation and visualization of user access data is a crucial requirement for data security.

Using “Virtual” Work Hours

Looking at a common security use case, many organizations leverage “virtual” work hours to detect anomalies. For example, an employee usually works between the hours of 8 AM and 6 PM but monitoring and alerting to activity around sensitive data at 3 AM, for instance, can be indicative of unauthorized behavior. This uncharacteristic behavior may be an anomaly, but the organization needs to monitor the user activity more closely. If the user denies accessing the information at 3 AM, then the organization needs to focus its monitoring and have the employee change their password. If the organization detects additional unusual activity, then it may need to review the employee’s activities or investigate a potential data breach.

Monitoring User Productivity

From a workforce management perspective, organizations can leverage these insights to review employee productivity. Two use cases present themselves. First, many organizations have contracts that stipulate late payments incur a late fee. If the organization knows that employees should be processing payments ten days prior to the payment date, then they can leverage these reports to ensure that employees meet their timelines, even from a remote location. Additionally, by tracking resource usage data, organizations can monitor whether workforce members are appropriately prioritizing their workdays. If the employees are only accessing a business application at the end of the month, then they are likely waiting until the last minute to input payment information. Preventing these potential revenue losses or rush projects in other areas by speaking with the employee enables the organization to stay on top of its financials.

Enabling Visibility for Business Applications Has Never Been More Critical

Creating trust within and across distributed workforces ensures productivity. However, continued status update meetings across multiple time zones decrease workforce member efficiency. Organizations already monitor user access to their systems, networks, and applications. As part of a robust security posture, organizations should apply protections at the new perimeter – user identity. Rather than micromanaging employees via emails or chats, managers can gain valuable insight into how users are accessing resources and prioritizing work schedules by reviewing data and resource usage.

In an unprecedented time, companies need to find ways to enable their levels of control and visibility over business data. Whether a business application is on-premise or in the cloud, enhancing these solutions should be a mission-critical objective.

Risks against an organization are prevalent in a remote environment, whether those risks are security-related or employee-related by fraud, theft, and error. The keys to maintaining data security ultimately lie in your ability to provide oversight for your data, and the time to act is now.

_______________________________________________________________

Piyush Pandey, CEO at Appsian (www.appsian.com ) is a technology executive with 18 years of global experience in strategy, sales, mergers & acquisitions, and operations within software companies. Over the last 10 years, he has worked with enterprise software companies including Oracle, Epicor, Concur, Citrix and Microsoft on various transactions. He has held various leadership positions at Procera, Deutsche Bank, Stifel, Wipro Technologies and a wireless startup.

digital
Archives, Commentary, Global Trade Daily

Digital Collaboration: Get ahead, fast.

Leave a comment

Recently at a conference for freight forwarders everyone jointly agreed: if you’re the fastest to quote, you win the customer. What astonished me was what I heard in a conversation afterwards! “We are working in shifts now, 16 hours per day, to make sure we can quote fast and win new deals,” said one of the present forwarders. I was surprised that putting in more hours to send emails back and forth is a better solution for shipping companies than digitizing collaboration and automating tasks. The banking system solved this issue years ago with the introduction of the SWIFT system: a standardized banking system that enables companies which had never worked with each other before to transfer money on a global scale at no risk. 

In shipping, we’re still way behind the curve. The newly formed Digital Container Shipping Association has taken the first timid steps to promote data standards in shipping because they believe in close collaboration between the different stakeholders. The underlying rationale for this collaboration is typically 2-fold: (a) Margins are still depressed due to overcapacity and (b) customers demand more and more streamlined services. Although costs for technology are consistently decreasing, our industry is generally considered to have been slow to adopt digital approaches. Of course, companies collaborate across company borders, mostly through emails and networks; but isn’t it extremely inefficient and unscalable, especially in times where this could be automated to be done within seconds instead of days? 

What holds SMEs back from digital collaboration? 

We have noticed that especially small and medium-sized companies are either stuck in their traditional mindset or simply don’t know how to start with digital collaboration. Why is that so and how do companies overcome this conundrum? 

Companies are afraid to share their data 

People have to overcome their traditional industry mindset first, as a highly competitive attitude makes collaboration with competitors exceedingly difficult. Most companies don’t want to share their data because they think it’s their secret and crucial for their business – but most “data” is non-sensitive. Consider container movements, position updates forecasts and contact information of local agents. Of course, crucial information about e.g., my commercial terms with my vendors should not be openly shared! However, sharing operational data means exchanging information that you can leverage to increase service offerings, internal processes and ultimately create quotations in less time. 

Even if companies are willing to collaborate, they don’t know how to get started 

Lack of existing data standards, limited capacity or scary data security questions – the list of potential challenges of data sharing is long (as for every new project!) and only a limited number of people in logistics have “been there, done that”. 

However, in the end, it comes down to what you want to achieve/solve in the first place: How do you get your customers love working with you? How do you create quotations in less time to win more business? We suggest defining your most important targets and metrics first, and reverse engineer a good solution from there. 

Now: How can you get started? 

To get started with data sharing, finding out what you want in the first place is only the beginning of a long journey. To make it a little bit easier for you, try to answer the questions below for your own business (take a screenshot or copy into a word doc): 

-What are my main pain points?

-What is particularly crucial for my customers?  

-What data describes the problem the best? 

-How well is my data organized? 

-What data is non-sensitive? 

-What additional data do I need? 

-Who has it? How can I get that data? 

-Who (of my partners) would need my data to become better? 

-Does it make sense to work with them? 

-What integrations and/or technology would that require? 

There is no one-size-fits all solution as you can see! It’s about you and your specific business model. Only after you’re able to answer these questions you can think about the next steps: design use-cases/MVPs (Minimum Viable Products), and test setups and data integrations. 

With missing IT capabilities or resources, building integrations can oftentimes be hard because you need to manage numerous data standards and interfaces. In most cases, a 3rd party technology provider can help you as a connector in the industry. Such technology companies can not only translate different data formats into one language, but they also anonymize data to increase trust and reduce perceived risks for you: You still own your data and it is 100% up to you what part of your data you want to share to reach a certain goal. Moreover, working with 3rd party technology providers has another advantage for you: they help you develop a proof of concept at low costs! 

Of course, it requires a certain level of commitment, but working with a connector lets you test with a well-defined problem and a limited group of stakeholders to develop a workable solution. For freight forwarders, it could be the integration with a selected list of carriers to enable instant online quotes/ bookings for their customers. For equipment managers it could be integrating their equipment management system with a tracking provider to automatically receive container status updates such as pickups, drop-offs, delay warnings and ETAs. 

Once the proof of concept has been demonstrated, the collaboration could then be expanded by bringing in additional stakeholders or addressing related problems with similar approaches. Being able to create quotations faster is only one challenge – several other topics including internal organization, equipment management or communication with external stakeholders can also be targeted with an open mindset and the courage to test new things. We encourage you to start right now! 

________________________________________________________

Christian Roeloffs is the founder and CEO of Container xChange – an online platform that creates transparency on supply and demand in container logistics. More than 300 container users and owners such as Seaco and Kuehne+Nagel use the neutral online platform to find SOC containers in 2500 locations and identify partners to avoid empty container repositioning. 

cloud market
Archives, Global Trade Daily, Software

10 Things to Look for in an IaaS Tool

Leave a comment

Nearly 30 years after the emergence of its widespread use, the internet has evolved from a novel in-office communication tool to a sprawling information network that businesses can’t live without. We are practically swimming in data. Luckily, cloud computing – a technology service that offloads files to external servers located around the country – has stepped in to help ease the burden of terabytes of sensitive company data.

A new form of data management tech has also recently emerged onto the scene: Cloud Infrastructure as a Service, or IaaS. Compared to traditional cloud computing services, IaaS takes care of the nitty-gritty details normally located in your own office infrastructure, such as servers, software, data centers and security. To put things into perspective, traditional cloud computing is like having a big storage drive somewhere else in the country, while IaaS is the storage drive and your workplace’s nervous system safely stored miles away – but directly networked with your office nonetheless. This frees up your business to devote its resources to the tasks that matter while another company takes care of the heavy lifting.

Several major players have quickly taken up the IaaS mantle – namely, Microsoft Azure, Amazon Web Services and Google Cloud Platform. Choosing the right cloud IaaS for your business isn’t a clear-cut task. Once you’ve wrapped your head around how IaaS works, your brain will likely be swirling with a maelstrom of other questions: How can I guarantee that I’m getting the most storage out of what I’m paying? Should I invest in an IaaS provider that controls most of my data’s storage? How much do I want to customize my network?

These 10 tips will cover the key points to consider when choosing the cloud IaaS for you:

Public and Private Platforms

IaaS companies typically offer two different platforms for your business: public and private. Each offers its own distinct advantages for different types of businesses.

Public platforms give you and your team the opportunity to quickly access IT resources. This ease-of-use allows you to make changes to your work environment on the fly. Public platforms also come pre-configured, meaning that businesses with less IT experience or with teams that are already stretched thin might do better with this option.

Private platforms grant your business maximum security within your data center. These servers are also typically faster since they operate on a closed circuit. Moreover, private platforms allow you to customize your network and security features to a greater degree than public platforms. IT-savvy businesses can use a private IaaS platform for greater control over their data management.

Customization

Depending on how comfortable you are with IT, you’ll want your IaaS platform to have at least some degree of customizability. Your business might require multiple channels through which to exchange data, for example, or it might require the IaaS to act as a test server for a new website.

Other examples of customization features include website layout templates, user interface storage and the ability to upload your own HTML and CSS files, like those included with Microsoft Azure. The apps and operating systems that different IaaS platforms offer should play a role in determining how well they will serve your business.

User Friendliness

Above all, the IaaS you choose should be easy to understand for you, the end user, especially since third-party apps will take care of the hardest IT work for you. Responsive customer support is another factor to consider, as are transparent documentation and neatly organized client-side interfaces.

Relativity

Cloud computing may be a marvel of information management, but, for the time being, our networks are still bound to the physical limits of cable. Ensure that the IaaS you choose operates with an extensive infrastructure or at least manages servers located close to your business. This will ensure that you can easily and quickly transfer data to and from your IaaS servers.

Usage Charges

Ensuring that an IaaS will lower costs for your business is key. Though the prospect of placing your workplace’s vitals in the care of a trusted IaaS is attractive, keep in mind that each company offers different pricing models. An IaaS platform might require you to pay by the hour, week or month based on the number of gigabytes you use. Some charge only by data upload (hot storage), while others charge for data you aren’t currently using (cold storage). Still, others will charge you for each service you use. Be prepared to see many different entries for different services on your first IaaS bill.

Also consider scalability, or the IaaS’ ability to adapt to your changing data requirements, when deliberating on a company’s pricing model. Microsoft Azure, for example, forgoes an upfront charge for a pay-as-you-go model. Businesses that project rapid growth may wish to consider this pricing model.

Support

Even the best IaaS will pose problems at one point or another. Glitches, misaligned services or any number of issues may prevent you from fully managing your data. When researching IaaS providers, be sure that the services you choose offer friendly and responsive chat or call centers so that you can resolve issues quickly. Ask about what support is available as you get started with an IaaS and how you can resolve issues once you’ve started upscaling your use of the service.

Server Infrastructure

Similar to the relativity issue, an IaaS provider with many servers will also increase its computing power for quick data access. Make sure that the IaaS you choose can handle your data requirements. Also, keep in mind that you aren’t the only company using your IaaS’ servers – an even larger company than yours could require massive amounts of data use at any time, causing bottlenecks and slowdown for the entire service.

Data Security

At the end of the day, your IaaS of choice should be able to securely store your data. Remember that an IaaS server is your data center and your workplace’s nervous system; you wouldn’t hang either out in the open. Not only should it ensure that prying eyes can’t peek into your cloud-stored documents, but your IaaS should also have the capability to reliably back up your data in case of an outage. Microsoft Azure, for example, will migrate your virtual machine’s data to another physical machine if it detects a Microsoft software update or a malfunction in its original hardware through a service called Live Migration.

Service Levels 

Get to know your IaaS provider. Consider arranging to meet with a representative in person and aim to establish a strong rapport between your business and theirs. Doing so will allow you to familiarize yourself with the provider, determine their trustworthiness and receive more thorough support due to your established relationship.

Manageability

Every organization operates in its own unique way, but some require more niche infrastructures than others. Make sure that the IaaS you choose will be able to easily integrate with your workplace and that it addresses all of your unique needs. If you would like to tailor the IaaS to your specifications, ensure that the provider offers a great degree of flexibility. If not, ensure that the provider is willing to help you with every step of the integration process.

Choosing the Right IaaS For You

Once you’ve decided on an IaaS that you’d like to explore, the next step is finalizing your choice and integrating it with your workplace. With nearly 40 years of expertise in the computing industry, Ingram Micro is prepared to answer your questions and help you transition your business to cloud IaaS. For inquiries, please contact a representative at 800-705-7057 or uscloud@ingrammicro.com. To place an order or learn more, please visit our cloud marketplace here.

About the author

Jason has held sales, pre-sales engineering, business development, and sales leadership positions for resellers, professional services organizations, and distributors over the last 20+ years. Jason earned an undergraduate degree in International Finance and a MBA in pursuit of his educational goals. He has also earned many technical certifications including a Cisco Certified Network Associate (CCNA), Cisco Certified Network Design Professional (CCDP), Cisco Certified Network Professional (CCNP), and Citrix Certified Administrator (CCA) in additional to numerous sales and licensing focused certifications. In his current role, Jason is focused on developing sales enablement strategies designed to help channel sales professionals promote the adoption of Azure by focusing on the positive business outcomes unlocked by cloud computing.