Sounds
like a prison sentence? Not quite; Pyalla is celebrating the start of its tenth
year, but talking of prisons, has security become the sole focus of IT these
days?
With last minute packing about to begin for our
extended stay in Sydney and Auckland, I just noticed I was receiving more
messages than usual on LinkedIn. When I checked the site, turns out folks are
congratulating Margo and me for the nine years Pyalla Technologies, LLC has
been in business. Just like that, nine years have passed by and we are into our
tenth year. Who would have guessed?
While down under, Margo and I will be taking a quick side trip down to Hobart, Tasmania, and not just for the food. It’s one of those places where the food is outstanding and few people know much about Tasmania, other than the Warner Brothers’ cartoon character, Taz – the Tasmanian Devil and yet, just outside Hobart lies Port Arthur.
For anyone who has managed to read Marcus Clarke tome, For the term of his natural life, it occupies a particularly nasty position in Australia’s history. A prison of “last resort” for the early settlers who broke the law, yet again, even as almost all of those living in old Sydney town were convicts! Escaping Port Arthur meant facing Tasmania’s unforgiving interior and there were few reported success stories about such attempts. As much as it plays an important role in Australia’s early history, its remaining ruins are a reminder of the extremes to which planners will go to protect the rest of society.
While down under, Margo and I will be taking a quick side trip down to Hobart, Tasmania, and not just for the food. It’s one of those places where the food is outstanding and few people know much about Tasmania, other than the Warner Brothers’ cartoon character, Taz – the Tasmanian Devil and yet, just outside Hobart lies Port Arthur.
For anyone who has managed to read Marcus Clarke tome, For the term of his natural life, it occupies a particularly nasty position in Australia’s history. A prison of “last resort” for the early settlers who broke the law, yet again, even as almost all of those living in old Sydney town were convicts! Escaping Port Arthur meant facing Tasmania’s unforgiving interior and there were few reported success stories about such attempts. As much as it plays an important role in Australia’s early history, its remaining ruins are a reminder of the extremes to which planners will go to protect the rest of society.
The main reason for this latest trip down under is to
attend SIBOS Sydney 2018. At this big event for financial institutions security
is one of the major themes. Just check out how many times cyber security is
referenced in a presentation or panel session! As an industry, there is
probably no other topic that raises the hackles of C-level executives more than
the subject of their institution being hacked and where, against the odds, critical
customer information has been accessed!
For the NonStop community, security is an ever present concern. Just as the early settlers camped around Farm Cove on Port Jackson sought security as more and more convicts arrived, electing to simply push those “rotten apples” – prisoners too dangerous to house anywhere in Farm Cove - to places like Port Arthur, building a secure transaction processing environment is of paramount importance to the enterprise. Whether intrusions prove disruptive to the end-users or to the enterprise itself it’s all the same. Build the walls and mount the battlements! Flood the moat and pull up the drawbridge! Maintain a watch around the clock and most important of all, arm the troops!
This imagery from the past is something we all identify with readily and when seated around terminals in any enterprise Security Operations Center (SOC) conjures up similar images as there really is a war raging just beyond the battlements – those layers of defense we have erected to protect the enterprise. Based on everything that is being published of late you could be forgiven thinking that security has become the sole focus of IT these days but it’s not too far from the truth!
In a promotional article I just received from IDG / Computerworld for an upcoming series on The security operations platform: automation, orchestration and more there was commentary provided on what steps need to be taken before any enterprise can feel adequately protected. “Security Automation and Orchestration (SAO) platforms also enable users to orchestrate the vast array of security technologies in place at most companies (e.g. firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), sandboxes, endpoint security assets, ticketing systems, deception technologies, vulnerability scanners, behavioral detection tools, etc.) into a ‘connective tissue’ that works in unison to reduce risk and drive efficiency in the SOC.”
OK, wow and time to take a deep breath. All I could think about was well, it has come to this as now we need a huge array of weapons operating on a coordinated basis throughout our IT deployment. How many people it must take? According to this IDG / Computerworld promotion, “Many in this industry call security a ‘team sport’ and there is no denying that collaboration is critical to winning the game. But are the applications we run on our NonStop systems today better protected than in the past or is there a lot of work to be done to better protect them? This was a question I recently posed to comforte AG Manager, Marketing and Partner Development, Jonathan Deveaux.
For the NonStop community, security is an ever present concern. Just as the early settlers camped around Farm Cove on Port Jackson sought security as more and more convicts arrived, electing to simply push those “rotten apples” – prisoners too dangerous to house anywhere in Farm Cove - to places like Port Arthur, building a secure transaction processing environment is of paramount importance to the enterprise. Whether intrusions prove disruptive to the end-users or to the enterprise itself it’s all the same. Build the walls and mount the battlements! Flood the moat and pull up the drawbridge! Maintain a watch around the clock and most important of all, arm the troops!
This imagery from the past is something we all identify with readily and when seated around terminals in any enterprise Security Operations Center (SOC) conjures up similar images as there really is a war raging just beyond the battlements – those layers of defense we have erected to protect the enterprise. Based on everything that is being published of late you could be forgiven thinking that security has become the sole focus of IT these days but it’s not too far from the truth!
In a promotional article I just received from IDG / Computerworld for an upcoming series on The security operations platform: automation, orchestration and more there was commentary provided on what steps need to be taken before any enterprise can feel adequately protected. “Security Automation and Orchestration (SAO) platforms also enable users to orchestrate the vast array of security technologies in place at most companies (e.g. firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), sandboxes, endpoint security assets, ticketing systems, deception technologies, vulnerability scanners, behavioral detection tools, etc.) into a ‘connective tissue’ that works in unison to reduce risk and drive efficiency in the SOC.”
OK, wow and time to take a deep breath. All I could think about was well, it has come to this as now we need a huge array of weapons operating on a coordinated basis throughout our IT deployment. How many people it must take? According to this IDG / Computerworld promotion, “Many in this industry call security a ‘team sport’ and there is no denying that collaboration is critical to winning the game. But are the applications we run on our NonStop systems today better protected than in the past or is there a lot of work to be done to better protect them? This was a question I recently posed to comforte AG Manager, Marketing and Partner Development, Jonathan Deveaux.
“Yes, Security of applications on NonStop systems are
much better today than in the past. Awareness has changed,” said Deveaux.
“The big fear was older programming languages and who could acquire resources
to keep on updating and maintaining code in COBOL?” These skillsets were
definitely proving scarce and yet, modernizing applications running on NonStop
needed to be done. Better and more comprehensive event and alert generation with
better integration to industry standard monitoring and response systems was
needed. On the other hand, there was a reluctance to rip and replace where the
risks to the application might occur.
“Options to ‘modernize’ applications have emerged,” suggested Deveaux. “Companies realized they could modernize utilizing SOAP, RSC and REST APIs, depending on their situations. And today, we provide three product suites that many NonStop users rely on to better secure their applications and data – comforte SafePoint™, comforte SecurLIB™ and comforte SecurDPS™.”
Just like the explanation published by IDG / Computerworld, there is an abundance of features, products and solutions available for enterprises including those where NonStop plays a prominent role, and they need to be able to work together, connected and orchestrated, in order to keep safe out enterprise castle. Most definitely, a team sport!
IDG / Computerworld considered what were the important ingredients for a good security solution:
“Options to ‘modernize’ applications have emerged,” suggested Deveaux. “Companies realized they could modernize utilizing SOAP, RSC and REST APIs, depending on their situations. And today, we provide three product suites that many NonStop users rely on to better secure their applications and data – comforte SafePoint™, comforte SecurLIB™ and comforte SecurDPS™.”
Just like the explanation published by IDG / Computerworld, there is an abundance of features, products and solutions available for enterprises including those where NonStop plays a prominent role, and they need to be able to work together, connected and orchestrated, in order to keep safe out enterprise castle. Most definitely, a team sport!
IDG / Computerworld considered what were the important ingredients for a good security solution:
“Bridging the gap between
SOC and IT operations is critical; scalability is key and yes there is a
blurring of the lines between security operations automation and orchestration
and advanced analytics.”
It’s worth noting that vendors well known to the
NonStop community, such as Striim, are seeing increased interest in turning the
power of their data streaming analytics platform at security. To Striim,
streaming data integration is all about the continuous collection, in-stream
processing, pipeline monitoring, and real-time delivery of data, with verification.
To this end, Striim delivers a fast and customized data security solution that transcends single-point solutions to analyze multiple sources and domains in real time. “With Striim, you can detect and prevent intrusions that may otherwise fall through the cracks among security information and event management (SIEM) solutions,” notes Striim on their web site.
To this end, Striim delivers a fast and customized data security solution that transcends single-point solutions to analyze multiple sources and domains in real time. “With Striim, you can detect and prevent intrusions that may otherwise fall through the cracks among security information and event management (SIEM) solutions,” notes Striim on their web site.
Furthermore, “Striim quickly provides you with the
contextual data you need to make the right decisions so you can take a
proactive approach against future security incidents.” As comforte’s Deveaux
readily acknowledged, “comforte provides the overall access management and
reporting, security auditing, SIEM integration, and forensics such as
key-stroke logging and file integrity monitoring with the comforte SafePoint™
suite” but even here the intersection, as IDG / Computerworld noted, is
apparent – the lines are blurring.
For the NonStop user community, perhaps a mix of both solutions is one option to consider if for no other reason than you cannot have too many layers of defense when it comes to security. But why stop at two? Isn’t the key to any successful defense against intrusion having many layers of defense? In a post to the October issue of NonStop Insider, Are your NonStop security measures up to standard? TCM acknowledges that securing NonStop may indeed involve having multiple products as well as access to knowledgeable consultants capable of sorting it all out.
“In an age of increasing pressure on IT security, combined with a global audience for the times things don’t go to plan, it pays to be on top of your NonStop’s security measures. But with a plethora of IT security standards and 3rd party security applications, it can be a challenge keeping all aspects of your security in check.” On the other hand, this is exactly the value proposition TCM provides members of the NonStop community who may feel a little outside their comfort zone when it comes to securing their NonStop applications.
The time we’ll spend at SIBOS Sydney 2018 where security will be a topic well-addressed by experts, will be a litmus test on just how far we have come in securing our data centers. Blockchain, anyone? Yes, another topic central to a number of sessions at SIBOS. TCM, Striim and comforte AG are vendors that are well-known to financial institutions deploying HPE NonStop systems and there will be many of these same financial institutions present at SIBOS Sydney 2018.
I have to believe too that this year’s upcoming NonStop Technical Boot Camp (TBC) to be held next month will be subject to many presentations on security as well – but let me know how TBC goes as we will be by the shores of Port Jackson or Sydney Harbor if you prefer, talking just a little longer with the local IT community. You did know that Pyalla was Port Jackson aboriginal for “to talk,” right?
For the NonStop user community, perhaps a mix of both solutions is one option to consider if for no other reason than you cannot have too many layers of defense when it comes to security. But why stop at two? Isn’t the key to any successful defense against intrusion having many layers of defense? In a post to the October issue of NonStop Insider, Are your NonStop security measures up to standard? TCM acknowledges that securing NonStop may indeed involve having multiple products as well as access to knowledgeable consultants capable of sorting it all out.
“In an age of increasing pressure on IT security, combined with a global audience for the times things don’t go to plan, it pays to be on top of your NonStop’s security measures. But with a plethora of IT security standards and 3rd party security applications, it can be a challenge keeping all aspects of your security in check.” On the other hand, this is exactly the value proposition TCM provides members of the NonStop community who may feel a little outside their comfort zone when it comes to securing their NonStop applications.
The time we’ll spend at SIBOS Sydney 2018 where security will be a topic well-addressed by experts, will be a litmus test on just how far we have come in securing our data centers. Blockchain, anyone? Yes, another topic central to a number of sessions at SIBOS. TCM, Striim and comforte AG are vendors that are well-known to financial institutions deploying HPE NonStop systems and there will be many of these same financial institutions present at SIBOS Sydney 2018.
I have to believe too that this year’s upcoming NonStop Technical Boot Camp (TBC) to be held next month will be subject to many presentations on security as well – but let me know how TBC goes as we will be by the shores of Port Jackson or Sydney Harbor if you prefer, talking just a little longer with the local IT community. You did know that Pyalla was Port Jackson aboriginal for “to talk,” right?
For the NonStop community it has been known for years how we have taken it easy, somewhat, assured in the knowledge that the internals of NonStop offered the best security protection of all. But no longer, as we modernize and more tightly integrate with the rest of IT. The drive to open APIs has merit certainly but it’s clearly an issue that needs to be watched very carefully. As we talk about security we also need to act and fortunately, the NonStop community is now well supported by products, solutions and consulting services that tackle every aspect of security. Yes, we have the layers and yes, the NonStop vendor community has stepped up to deliver what we need.
Comments