BYOD Doesn’t Have to Be the Biggest Headache for Companies

BYOD Doesn’t Have to Be the Biggest Headache for Companies

Written by Manish Bhardwaj, Sr. Marketing Manager, Middle East and Turkey at Aruba, a Hewlett Packard Enterprise company.

BYOD Doesn’t Have To Be the Biggest Headache for Companies in the Middle East

8 Best Practices to Protect Your Enterprise Network

Manish Bhardwaj, Sr. Marketing Manager, Middle East and Turkey at Aruba, a Hewlett Packard Enterprise company
Manish Bhardwaj, Sr. Marketing Manager, Middle East and Turkey at Aruba, a Hewlett Packard Enterprise company

Smartphones and other personal devices can now be found in most businesses as users are staying connected to the corporate network from anywhere, any time. It’s the stuff that keeps IT and security managers up at night — mobile users, multiple devices per user, and enterprise data on the move.

Security for Bring Your Own Device (BYOD) and mobile must now be part of a larger conversation when securing the network for the new digital workplace. Based on existing customers’ best practices, this paper outlines eight things you can do to boost network security amidst BYOD.

Assign Roles to Users and Devices

With users carrying multiple devices, it’s smart to standardize on user roles across the organization, and then assign device roles, too. A smartphone issued by IT for a specific purpose may require more access privileges than a personal device. IT-issued laptops would have different roles than smartphones and tablets. The value is your ability to create different rules for each device type or role.

User and device roles also let you differentiate privileges by device type for the same user. An IT administrator would be allowed to change switch and controller configurations with a laptop assigned a corporate role. But, that same person would not be able to access sensitive networking equipment using a tablet assigned a BYOD role.

Use Profiling to Create Device Categories

Accurately profiled devices should be a cornerstone of your plan when rolling out a secure BYOD initiative. As BYOD permeates throughout your environment, not all users will be diligent about downloading the latest versions of the operating system. You’ll want to capture context that allows you to see who is running what versions on iOS, Android, Chrome and other operating systems.

As new releases become available, this data will give you the visibility to help identify why authentications may be failing, the types of devices that are experiencing issues, and more.

An understanding of location can also help determine if a problem is specific to Wi-Fi equipment if the enterprise is operating a multivendor environment.

Use Context Within Policies

It’s important to leverage multiple sources of context to manage access. Data can consist of user role, device profiling, location, and once a certificate is issued to a specific user’s device, the assumption is that it’s a BYOD. Doing this greatly enhances productivity, usability and security. By enabling the use of known data you can stop users from coming up with ways to bypass policies.

The use of device categories should also be explored. The idea is to again leverage context to enforce privileges across a large category of devices. All BYOD endpoints connecting over a VPN can be treated differently than when connecting in the office. Printers can be managed differently than game consoles or Apple TVs.

Manage Mobile App Use

Enterprises need to define and enforce policies that dictate who can access specific types of data from which devices, with the ability to differentiate between smartphones, tablets, laptops or IoT devices. To be effective, enforcement must extend across MDM/EMM, a policy management platform, and firewalls.

Automate and Simplify

Automation is essential for both initial onboarding and to take action on non-compliant devices (for example, quarantining them until they are compliant). MDM/EMM solutions should share device posture with a NAC solution to ensure that devices meet compliance before being given access. Integrating with helpdesk applications and SIEM can provide an enhanced experience for the user and IT for improved problem resolution.

By automating the discovery and onboarding of non-compliant devices, you can reduce costs and improve your security posture. This also allows users to re-onboard their own devices when smartphones and tablets are replaced, which also reduces the time IT has to spend on device onboarding.

Go with Certificates – They’re More Secure Than Passwords

Users will connect to guest networks more frequently leaving passwords exposed to theft, which makes certificates a cornerstone of a secure mobile device deployment. As the use of active directory and an internal PKI for BYOD is not a best practice, an independent Certificate Authority (CA) built to support personal devices is preferred.

A policy management solution that includes the ability to distribute and update, as well as revoke certificates should be explored. Integration with an MDM/EMM solution should be an option in the event that device management was deployed prior to investing in a network access policy management solution.

Make Everyone Happy – Simplify SSIDs

Multiple SSIDs complicate life for IT and users alike. With effective policy management enforcement in place, BYOD and corporate-owned devices can connect to common SSIDs. Reducing the options for users to choose from simplifies the user experience, and makes it easier for IT to maintain SSIDs across multiple locations. Consolidation of SSIDs can also improve Wi-Fi performance.

The key to improving your security posture revolves around your ability to leverage roles, location and policy enforcement to ensure that devices receive the access that IT expects, even when using common SSIDs. When personal devices are connected to a common 802.1X network, IT can provide Internet access only if desired.

Consider Next-Generation Multi-Factor Authentication (MFA)

These days, enterprise data access is often initiated from smartphones and tablets. As these devices are easily shared, many IT professionals are turning to new forms of MFA to ensure that the user of a device is really the person requesting access. Instead of token generation devices that are easily lost, there’s a better way.

Now when a user connects to a network or opens an application, IT can require a secondary challenge that is as simple as picking up your smartphone and scanning your fingerprint, taking a selfie, or clicking on a pre-determined image from within the images library.

Conclusion

The continued rise of BYOD is inevitable, and few corporate leaders will pass up the productivity gains of a mobile workforce that pays for their own devices. But it is easy to lose track of long-term goals if you don’t have a solid plan. The eight ideas presented in this paper are just some of the things that IT should consider when preparing for BYOD.

In the end, a central component that brings everything together starts with an advanced policy management platform. One that includes AAA services, NAC, BYOD onboarding and third-party integration with event-driven remediation.


If you want to share this article the reference to Manish Bhardwaj and The HR Tech Weekly® is obligatory.

Advertisements
Is HR Responsible for Web Security? | Featured Image

Is HR Responsible for Web Security?

Is HR Responsible for Web Security? | Image 1

It is safe to say that cybersecurity should be among a business’s top priorities. While malware like WannaCry spreads around the globe, ruining company after company, small and large businesses alike should be focused on strengthening their digital defenses and building a workplace culture focused on security. Undoubtedly, most HR professionals will wholeheartedly agree with this sentiment – but many won’t lift a finger to address gaps in their employers’ cybersecurity.

There are often concerns over who should build and maintain cybersecurity within a business. On one hand, security software is installed on tech devices, which belong in IT’s wheelhouse. Then again, a security breach affects customer relations, so perhaps the customer service department should ensure every device is protected. However, the truth is that HR should take the bulk of the responsibility for keeping a business safe. Here’s why.

HR Protects the Business and Its People

Through incentivization efforts, behavior-monitoring, policy-setting, management of resources, and more, HR departments work to reinforce the integrity of the business’s foundation: its people. Furthermore, HR provides support for the business, its employees, and ultimately its customers, assisting in the achievement of personal and organizational goals that benefit everyone. Because security should be a primary goal for modern businesses, web security measures should be a top concern for HR departments, too.

When a cyberattack is successful, it isn’t just the faceless company that suffers. Often, employee private information, perhaps including payment data, is leaked as well as business-related financial information. Conversely, a business’s tech assets are hardly imperiled by hackers, who are rarely interested in destroying software or able to impact hardware, so the IT department has little to fear from cyberattack. Because HR serves the business and its employees, who are most threatened by cyber-dangers, HR should work to ensure such data is well-protected by comprehensive web security software.

Is HR Responsible for Web Security? | Image 2

HR Influences Corporate Culture

Yet, effective security software is just one piece of the cyber-protection puzzle. Security experts assert that more often than not, a business’s employees are responsible for data breaches and successful cyberattacks. After all, it is the employees who visit questionable websites, who open shady emails, who click suspicious links, and who fail to install timely updates. Because HR is responsible for employee behavior, HR professionals should actively work against these unhealthy and insecure practices by influencing the culture of the workplace.

HR already has a massive impact on corporate culture. Recruiting efforts can target certain personalities, which form the foundation of a workplace culture. Additionally, HR designs policies and guidelines which shape how employees behave. HR departments should use this sway to establish a culture focused on security. Hiring security-minded workers, hosting regular security trainings, and instilling the idea that security is everyone’s job are ways to ensure employees are aware and alert to security.

HR Understands Compliance Rules

There are all sorts of laws and regulations outlining how businesses should behave, and HR should be familiar with all of them to keep the business safe from fines, litigation, and worse. Often, these rules concern payment minimums and structures, mandatory vacation time, and termination means and methods – but increasingly, the government is turning its attention to online behavior. Already, seven major industries have compliance obligations for digital data. Because HR professionals are already well-versed in adhering to compliance rules, it is hardly a stretch for them to understand burgeoning security regulations. Instead of trying to manage compliance and action in different departments, businesses can streamline the process by giving HR total control over web security efforts.

HR Relies on Technology

These days, every aspect of a business relies on technology – including the HR department. HR professionals use all sorts of digital tools to manage their workforces, from payroll platforms to internal messaging services to online recruitment processes. Should a business’s network be compromised by cyberattack, HR will be as unable to complete their tasks as any other department. If for no other reason than this, HR should be concerned about internet security.

Security failures are bad for business, but they are particularly bad for HR. Because HR departments’ goals align with those of security efforts – and because HR professionals are already well-equipped to handle the intricacies of cybersecurity – HR should be responsible for a business’s web security.

About the Author:

Tiffany Rowe

Tiffany Rowe is a leader in marketing authority, she assists Seek Visibility and our clients in contributing resourceful content throughout the web. Tiffany prides herself in her ability to create and provide high quality content that audiences find valuable. She also enjoys connecting with other bloggers and collaborating for exclusive content in various niches. With many years of experience, Tiffany has found herself more passionate than ever to continue developing content and relationship across multiple platforms and audiences.


If you want to share this article the reference to Tiffany Rowe and The HR Tech Weekly® is obligatory.

4 BYOD Risks HR Managers Should Know About

4 BYOD Risks HR Managers Should Know About

4 BYOD Risks HR Managers Should Know About

In today’s employment atmosphere, a growing number of companies are shifting toward a more flexible workplace. By implementing bring your own device (BYOD) policies employees are now increasingly using their own devices for business purposes.

Even though such policies can bring numerous benefits to companies, they come with some inherent risks. The following four issues are worth examining before deciding on a BYOD policy.

Irregular Updates

Every mobile device is vulnerable to hacks from outside sources. Your smartphone, tablet and laptop all have similar software that can be hacked if firewalls and other security features aren’t in place or aren’t updated regularly.

Busy employees often put off their security updates. Unfortunately, their phones are then automatically open to potential attacks. In a regular IT environment, it’s up to the business’s IT department to secure every device used for company purposes. Since the devices are the employees’ private property, they are responsible of keeping them updated with the latest versions of security software.

Viruses and Malware

Viruses and malware have numerous pathways that they can take to infect an employee’s device. The worst thing is that an employee’s device could be hacked without them even being aware of the situation.

For example, your employees can receive phishing email with a malicious link that could install viruses or malware when clicked on. The infection could then spread onto the company’s server and compromise corporate information in a matter of seconds.

The phishing email could also look as if it’s from a familiar contact or even a legitimate website. It could ask your employees to click on a link and in order to log in into their account. The employees would then enter their user names and passwords on fake websites giving hackers access to their sensitive information. Identity theft is always a possibility in these hacking situations.

Unsecured Connections

Your employees might use their devices to connect to public Wi-Fi to access necessary data on your company’s server or to go online for personal needs. Unfortunately, using public networks is dangerous since they allow multiple people to connect to the same network, and that includes hackers.

Hackers could intercept the data your employees download or upload, they could install malware on your staff’s devices and even gain access to their email. This is another way malware could spread from the infected devices onto the company’s server and compromise the safety of corporate data.

Your employees need to be aware of these threats and take the appropriate preventive measures. Instruct your employees to turn off Wi-Fi when they don’t need it and disable it from automatically connecting to open networks.

You can also set up a virtual private network (VPN) which will allow your employees to connect to a hotspot without worrying about data breaches. Connecting to a VPN encrypts and secures any data being sent or received. This disables hackers from intercepting sensitive information and compromising the security of your employees’ devices.

Missing Devices

The best opportunity for stealing corporate data is when a device gets into the wrong hands. Lost or stolen devices are always a big security issue, which can lead to leaked proprietary data and vulnerable business positions.

IT professionals need a plan in cases this happens. A remote wipe policy is a very good solution which allows the IT team to completely remove all data on a device after it’s been reported missing.

Since BYOD devices include an employee’s personal data, you need to make sure that the employee agrees to a remote wipe of every piece of data even before they are hired.

Employees should see this step as both a protective corporate and identity-theft policy. To avoid any further information hacks, employees can also make it more difficult to access the data in the first place. A fingerprint or PIN passcode frustrates thieves, and they might toss the device before trying to access the information.

Final Thoughts

These security issues aren’t a reason to forgo a BYOD policy. However, appropriate security measures are necessary in order for it to be successful. Begin your BYOD strategy by educating your employees about the importance of regular updates and how to recognize security threats.

They need to understand that every piece of data is priceless to the business and their personal life. In reality, many people don’t realize how valuable their data is to hackers outside of the corporate atmosphere.

Employees also need to agree to corporate statements, liabilities and compliance measures in order to make this BYOD program a success. At the very least, add professional indemnity insurance coverage to the company so that any data leaks are quickly resolved.

Finally, by protecting the data with software and passwords, businesses can keep their proprietary information private. In the end, the employee’s device can be as safe as any company-issued electronic.

About the Author:

Josh McAllister

Josh McAllister is a freelance technology journalist with years of experience in the IT sector, and independent business consultant. He is passionate about helping small business owners understand how technology can save them time and money. 

Josh is a contributor of a number of digital outlets, and well published including DZoneIoT World News, and Rabid Office Monkey.


If you want to share this article the reference to Josh McAllister and The HR Tech Weekly® is obligatory.

How to Protect HR from Ransomware | Featured Image

How to Protect HR from Ransomware

How to Protect HR from Ransomware | Main Image

Companies have HR departments that are responsible for storing confidential information such as an individual’s social security number, payroll information, health information as well as employment history.

Because of enormous amount of sensitive data collected on individuals, HR departments opt to store data in a digital format, thus, making it susceptible to cyber-threats. Furthermore, since HR departments receive more email that any other department in a company, they are even more vulnerable to such threats. One of the most challenging form of cyber-attacks that HR departments face today is ransomware.

Ransomware is a type of malware that encrypts data and restricts access to a computer system. Often malware is sent through an email in the disguise of a resume or cover letter. When the email is opened, then the malware infects the computer and the entire network. The next time a user tries to gain access to the computer system, he or she is required to pay a monetary ransom in the form of Bitcoin to remove the restriction. WannaCry is one commonly known name for the recent ransomware attack that affected many companies.

Ransomware not only steals an individual’s personal information, but it damages a company’s reputation and financial status as well. The good news is that there are steps that HR departments can take to prevent ransomware attacks.

Basic Security Measures

It is imperative that HR departments work closely with the IT department to implement strong web filters and spam controls as a basic security measure. Next, the IT department should have Endpoint analytical tools to immediately detect, quarantine and shut down ransomware invasions.

Finally, always have a working data backup plan that is not connected to the company’s network so data cannot be infected.

Latest Operating and Software System

The IT department should make sure that the company’s operating system and software is up-to-date. It is extremely important that security updates are installed on all machines as they are released to protect all computers on the network.

If the company uses Microsoft Office software, it is recommended that macros are turned off. In addition, remove plugins if using Adobe Flash, Adobe Reader, Java or Silverlight since these plugins can run a risk of having embedded malware attached to them upon installation.

Employee Training

It is essential for companies to train employees on their information security policies. Employees must understand that technology alone is not enough to protect sensitive data and that there are cybersecurity threats that can bombard them.

Employees need regular training sessions in learning how to use technology as well have an understanding that technology is not always foolproof. There should be employees training in the do’s and don’ts of data protection. Since HR employees receive numerous emails daily, they need to know what types of files are safe to open.

Finally, employees need to know how to respond, and to whom they should report a cyber threat if the unthinkable happens.

Network Segmentation and Separate Work Stations

The IT department needs to ensure that the company’s most sensitive data is not stored all on one network. This is done through network and database segmentation. A restriction should be in place where only certain authorized individuals can access sensitive information. For example, make one person the administrator for the system.

The administrator should only log into the system as absolutely deemed necessary and use a regular account for everyday use. Furthermore, the IT department should assign dedicated workstations to employees responsible for reviewing resumes and monitor workstation usage.

Outside Testing

To ensure the validity of the company’s security, it is a good idea to hire an outside firm to test the vulnerability of its IT security. By hiring an outside firm, the company can understand where hackers can possibly penetrate the system, and take necessary steps to make data more secure.

To conclude, HR departments have access to massive amounts of sensitive data and the employees are typically not very well educated in knowing how to protect themselves from data breaches. Therefore, they are an easy and lucrative target for hackers.

It is easy to see why HR departments are prone to such cyber-attacks. However, when the HR staff works more closely with the IT department, preventive steps can be taken to reduce ransomware attacks. Precautionary steps such as implementing basic security measures, installing the latest operating system and software, setting up network segmentations and dedicated workstations, training employees and having outside testing to check for security breaches can save a company’s reputation and financial status.

About the Author:

Josh McAllister

Josh McAllister is a freelance technology journalist with years of experience in the IT sector, and independent business consultant. He is passionate about helping small business owners understand how technology can save them time and money. 

Josh is a contributor of a number of digital outlets, and well published including DZone, IoT World News, and Rabid Office Monkey.


If you want to share this article the reference to Josh McAllister and The HR Tech Weekly® is obligatory.

5 HR Tech Trends Shaping Your Business | Featured Image

5 HR Tech Trends Shaping Your Business

5 HR Tech Trends Shaping Your Business | Main Image

Technology continues to drive and disrupt today’s talent management strategies. As we move closer to the halfway point of 2017, we take a look at 5 key HR tech trends shaping your business.

Cybersecurity skills challenges

The widely publicised global data breach that affected the NHS last month highlights the very real risks to all businesses. After the talent shortage, PWC notes that cybersecurity is the second highest ranked concern for CEOs, with three quarters (76%) citing this it as a significant challenge in its annual CEO Survey. A UK government report also found that half of all businesses have experienced at least one data breach or cybersecurity attack in the past year, rising to two thirds of medium and large businesses. Your ability to secure your data is an increasing issue and the pressure is on HR to source talent with vital cybersecurity skills. A report from Experis found that demand for cybersecurity professionals is at an all time high, echoing an earlier survey from Robert Half, Technology and Recruitment : The Landscape For 2017 which found that sourcing tech talent with cybersecurity skills was a priority for over half of all hiring managers this year.

The ongoing debate over AI

Predictions of a jobless world have thrown the debate over AI sharply into focus but AI and automation offer a number of benefits for hiring teams. Writing in the Harvard Business Review, Satya Ramaswamy describes ‘machine to machine’ transactions as the ‘low hanging fruit’ of AI rather than ‘people displacement’.

Elsewhere, Gartner predicts that by 2022 smart machines and robots could replace highly trained professionals in sectors including tech, medicine, law and financial services, transforming them into ‘high margin’ industries resembling utilities. But it stresses the benefit that AI brings in replacing repetitive, mundane tasks and offering more meaningful work. The key is to create the right blend of AI and human skills, which HR is ideally positioned for. Gartner suggests that a further benefit of AI is the alleviation of skills shortages in talent starved sectors.

A beneficial and immediate use of AI for HR is the automation of mundane and repetitive tasks in the recruitment cycle through HR technology, allow hiring teams to focus on creating the effective candidate and employee experience that their business urgently needs.

Chatbots in hiring

Today chatbots are emerging as an essential tech tool for high volume recruitment, engaging with candidates via messaging apps with the aim of creating a more interactive and engaging hiring process. The AA was one of the first brands to feature this smart technology and this year it is predicted that chatbot Stanley will interview 2.5 million candidates. As the skills shortage continues, the chatbot offers a more direct and effective way of engaging with sought after millennials or graduate talent. Chatbots are also predicted to make HR’s life easier through simple interactions via mobile devices for both candidates and employees.

Dark data

While still in the exploration stage, dark data can offer vital insights into talent sourcing. Up to 80% of the data created is ‘unstructured’ or ‘dark’ data found in, for example, e-mails, text messages, spreadsheets and pds. At present it is not usable in analytics but AI can be leveraged to organise it into a more usable form. Last month it emerged that Apple have acquired a machine learning based company to strengthen its own capabilities in the area of dark data. Deloitte’s Global Talent Trends report for 2017 reports that only 9% of businesses have a good understanding of the talent dimensions that drive performance. Dark data may help to illuminate those dimensions.

Moving to predictive analytics

It’s not a new or emerging HR tech trend but the transition to predictive analytics is one that HR must eventually (reluctantly?) make as the skills gap in the UK widens and the availability of qualified and digitally able candidates continues to fall. Applying people analytics improves hiring outcomes, reduces the level of early departures from your business and enables HR to begin to predict and plan for future hiring needs. The first step towards predictive analytics is for tech-averse hiring teams to relinquish manual recruitment systems in favour of HR technology and begin to understand the key metrics affecting your hiring process.

Advorto’s recruitment software provides workflow and structure across the entire hiring process, offering a dynamic database of candidates and analytics. Used by some of the world’s leading organisations, it provides a straightforward first step into AI, HR analytics and big data. Start your 30 day free trial today.


If you want to share this article the reference to Kate Smedley and The HR Tech Weekly® is obligatory.

Cloud Is Growing, But Will It Be Your Organisation’s Downfall?

cloud-is-growing-but-will-it-be-your-organisations-downfall

Written by Hesham El Komy, Senior Director, International Channels at Epicor Software | Specially for The HR Tech Weekly®.

hesham-el-komy-sr-director-channel-epicor-press
Hesham El Komy, Senior Director, International Channels at Epicor Software

The reality today is that most enterprise applications are well on their way to being cloud based. We’ve seen it with simple workloads such as HR and payroll, travel and expense management, and in the last decade we’ve seen the cloud as the new normal for customer relationship management (CRM) deployments. In fact, a July 2016 Gartner report[1] predicts that the public cloud services market in the Middle East and North Africa (MENA) region will grow by 18.3% in 2016 to US$879.3 million. More specifically, the cloud application services (SaaS) market is forecasted to grow by a staggering 207% from US$166.1 million in 2015 to US$509.8 million in 2020.

So what are the benefits of cloud based ERP solutions? Below are eight reasons why moving your ERP system to the cloud will benefit your business and support business growth.

  1. Freedom of Choice

Put quite simply, not all cloud ERP systems are created equal. Specifically, very few ERP vendors respect your right to choose the deployment model that is most appropriate for you, and revise that decision down the road as your business grows or technical needs change. Your right to transition between on-premises, multi-tenant, and single tenant is an important one. It recognises that the “best” deployment model for you today might not be the best model in a few years, or even a few months. By providing the choice of Multi-Tenant (with its compelling economics and seamless upgrades) or Single Tenant (allowing more administrative control and administrative ownership), you can choose the model that works best for you.

  1. Compelling Cloud Economics

Despite the cloud having proven its value beyond just good financial sense, there is no doubt that for companies of all sizes the economics of cloud deployment are undeniably compelling, moving from capital to operational expenditure. Some of the more hidden economic benefits of the cloud include:

  • Not being as capital intensive as an on-premises deployment because of the subscription-based pricing model.
  • Better and more instant scalability, allowing clients to add (and sometimes remove) users to their system on demand and saving them from having to invest in hardware and software at the “high water mark”.
  • The direct and indirect costs of your infrastructure, from server to database systems to the actual hardware and replacement cycle cost.
  • The hidden costs of maintaining the servers yourself.
  • The benefit of the reduced deployment times (and corresponding improved ROI) that are typical for cloud deployments, as the necessary infrastructure is in place already.
  1. Better IT Resource Utilisation

At the end of the day, most IT departments are stretched pretty thin, and find themselves spending too much time on low-value (but admittedly critical) activities such as verifying backups, applying security updates, and upgrading the infrastructure upon which your critical systems run. There is tremendous business benefit to assigning those tasks back to your ERP vendor as part of a cloud deployment, freeing up your IT department’s time to work on more strategic business projects such as creating executive dashboards, deploying mobile devices, and crafting helpful management reports.

  1. The Cloud is More Secure

Today, it’s hard to imagine a client who could possibly create a more secure operating environment than leading cloud providers. Indeed, Gartner reports[2] that “Multi-tenant services are not only highly resistant to attack, but are also a more secure starting point than most traditional in-house implementations.”

Security today is a comprehensive, end-to-end mind set that has to be built across every layer of the ERP environment from the physical network interface cards to the user passwords. It means a holistic approach to anticipating and minimising possible natural, human, and technical disruptions to your system to ensure uptime and peace of mind.

  1. Upgrades

Cloud deployment redefines the experience by designing upgrades—big and small—to be deployed by the ERP cloud operations staff as part of standard support services, without imposing software installations on your staff. Minor updates are transparently deployed in a non-disruptive fashion, and major upgrades are announced well in advance, and include a sandbox training environment and end-user training.

These major upgrades are designed to require little to no project management on your part, short of double checking that everything is working the way you expect it to and ensuring that your internal users are prepared to take advantage of the new version.

  1. Mobile and Collaborative

Moving to a cloud-based system gives everyone the real-time system access they require as a routine part of their jobs while driving out the inefficiency of paper-based processes and the burden and security risk of figuring out how to deliver this yourself.

Opening up your ERP system by virtue of cloud deployment allows you to retire the poorly defined ad-hoc “integration by Excel file” workflows that might have cropped up across your organisation. In their place, you can deploy real-time integration processes that link your employees, suppliers, partners, and customers.

Cloud deployment brings the opportunity to redefine many of your legacy business processes and workflows in a way that leverages these more open, connected, instantaneous integration paths.

  1. Business Consistency and Process Alignment Globally

Increasingly, companies have staff working across multiple locations and they aspire to provide the efficiency of a single unified ERP system across the enterprise to support them. Deploying a single cloud ERP globally (where the only infrastructure requirement is Internet access) removes many operational obstacles, and gives you the confidence that your continued expansion efforts can be accommodated without a significant IT effort by simply enabling that new location in your existing cloud-based ERP system. With consistency comes improved transparency and increased efficiency.

  1. Reduced Risk, Greater Visibility, Better Value

Many clients choose a cloud-based system (ERP and other workflows) because it allows them to deploy a much more complete solution than they could otherwise manage or financially justify under legacy deployment models. Not having to make a massive upfront investment in the ERP system and its supporting infrastructure is critical in allowing smaller companies to perform beyond same-sized competitors from an enterprise application quality and completeness perspective.

ERP solutions aren’t just software. They are tools that can be used to help grow your business profitably, offering flexible solutions that provide more accurate information in real-time, driving smarter, faster decision-making, and enabling customers to quickly meet changing market demands to stay ahead of their competition. The cloud increases the business benefits that ERP offers and can accompany your business on the road to successful growth.

Sources:

[1] Gartner, Inc., “Gartner Says Public Cloud Services in the Middle East and North Africa Region Forecast to Reach $880 Million in 2016,” July 04, 2016

[2] New Report: Gartner MQ for Cloud-Enabled Managed Hosting, North America

If you want to share this article the reference to Hesham El Komy and The HR Tech Weekly® is obligatory.

Global Study Reveals Businesses and Countries Vulnerable Due to Shortage of Cybersecurity Talent

Intel Logo

Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054-1549

Global Study Reveals Businesses and Countries Vulnerable Due to Shortage of Cybersecurity Talent

82 Percent of IT Professionals Confirm Shortfall in Cybersecurity Workforce 

News Highlights:

  • New report by Intel Security and CSIS reveals current cybersecurity talent crisis
  • Cybersecurity skills shortage is worse than talent deficits in other IT professions.
  • Shortage in cybersecurity skills is responsible for significant damages.
  • Talent shortage is largest for individuals with highly technical skills.
  • Hands-on training and practical training are perceived as better ways to develop skills than through traditional education resources.

Dubai, United Arab Emirates – August 01, 2016 – Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), recently released Hacking the Skills Shortage, a global report outlining the talent shortage crisis impacting the cybersecurity industry across both companies and nations. A majority of respondents (82 percent) admit to a shortage of cybersecurity skills, with 71 percent of respondents citing this shortage as responsible for direct and measurable damage to organizations whose lack of talent makes them more desirable hacking targets.

“A shortage of people with cybersecurity skills results in direct damage to companies, including the loss of proprietary data and IP,” said James A Lewis, senior vice president and director of the Strategic Technologies Program at CSIS. “This is a global problem; a majority of respondents in all countries surveyed could link their workforce shortage to damage to their organization.”

Despite 1 in 4 respondents confirming their organizations have lost proprietary data as a result of their cybersecurity skills gap, there are no signs of this workforce shortage abating in the near-term. Respondents surveyed estimate an average of 15 percent of cybersecurity positions in their company will go unfilled by 2020. With the increase in cloud, mobile computing and the Internet of Things, as well as advanced targeted cyberattacks and cyberterrorism across the globe, the need for a stronger cybersecurity workforce is critical.

Raj Samani
Raj Samani, VP & CTO, EMEA, Intel Security

“The security industry has talked at length about how to address the storm of hacks and breaches, but government and the private sector haven’t brought enough urgency to solving the cybersecurity talent shortage,” said Raj Samani, VP & CTO, EMEA, Intel Security. “To address this workforce crisis, we need to foster new education models, accelerate the availability of training opportunities, and we need to deliver deeper automation so that talent is put to its best use on the frontline. Finally, we absolutely must diversify our ranks.”

The demand for cybersecurity professionals is outpacing the supply of qualified workers, with highly technical skills the most in need across all countries surveyed. In fact, skills such as intrusion detection, secure software development and attack mitigation were found to be far more valued than softer skills including collaboration, leadership and effective communication.

This report studies four dimensions that comprise the cybersecurity talent shortage, which include:

  1. Cybersecurity Spending: The size and growth of cybersecurity budgets reveals how countries and companies prioritize cybersecurity. Unsurprisingly, countries and industry sectors that spend more on cybersecurity are better placed to deal with the workforce shortage, which according to 71 percent of respondents, has resulted in direct and measurable damage to their organization’s security networks.
  2. Education and Training: Only 23 percent of respondents say education programs are preparing students to enter the industry. This report reveals non-traditional methods of practical learning, such as hands-on training, gaming and technology exercises and hackathons, may be a more effective way to acquire and grow cybersecurity skills. More than half of respondents believe that the cybersecurity skills shortage is worse than talent deficits in other IT professions, placing an emphasis on continuous education and training opportunities.
  3. Employer Dynamics: While salary is unsurprisingly the top motivating factor in recruitment, other incentives are important in recruiting and retaining top talent, such as training, growth opportunities and reputation of the employer’s IT department. Almost half of respondents cite lack of training or qualification sponsorship as common reasons for talent departure.

Recommendations for Moving Forward:

  • Redefine minimum credentials for entry-level cybersecurity jobs: accept non-traditional sources of education
  • Diversify the cybersecurity field
  • Provide more opportunities for external training
  • Identify technology that can provide intelligent security automation
  • Collect attack data and develop better metrics to quickly identify threats

For more information on these findings, along with Intel Security’s proposed recommendations, read the full report: Hacking the Skills Shortage: A study of the international shortage in cybersecurity skills.

About Intel Security:

Intel Security, with its McAfee product line, is dedicated to making the digital world safer and more secure for everyone. Intel Security is a division of Intel Corporation. Learn more at www.intelsecurity.com.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

*Other names and brands may be claimed as the property of others.

Contacts:

Vernon SaldanhaVernon Saldanha

Procre8 (on behalf of Intel Security)

vernon@procre8.biz