Another year goes by and, no surprise, the tech space is still evolving. During our annual roadshow this year, we looked at some of the technologies and concepts that we think are becoming increasingly important. First, we spoke about the evolution of enterprise networking and management and how it fits into a cloud-first operating model. Then we took a deeper dive into security, including the anatomy of attacks and remediation and the importance of proactive monitoring and everyday security measures. Lastly, we had an update from Microsoft on the Azure NZ North Datacentre. Below is a recap of each area we touched on.
Modern Enterprise Networking and Management
For many years, organisations have relied on domain-joined, WAN-connected systems. This legacy model survives as it's the path of least resistance and “is just how we’ve always done things”. Over time this has fostered more complex networks and layers upon layers of security to combat evolving threats in this highly interconnected, highly trusted environment. What if we turn this challenge around and ask ourselves, if we separated our devices from our domain, and disconnected our locations from our WAN, can we significantly reduce our threat vectors and lateral movement within our networks? The result is reduced security requirements and consistent management of devices between offices and homes.
This mindset shift can fundamentally move your organisation to a cloud-first operating model where your connectivity requirements, security visibility and remediation, remote support and provisioning, and access control is all delivered over the internet. With this you can expect:
- Reduced hardware and communications costs.
- Consolidated management model to deliver like-for-like experiences for remote and office workers.
- Less time spent managing your infrastructure.
- More time working with APIs and applications to improve efficiencies.
These changes may sound difficult, but it starts with making key decisions during refreshes, renewals, and updates to ensure you make incremental changes so that over time you can adopt this operating model. If you’re looking for help developing your roadmap to modern enterprise networking and management, get in touch with us here.
Intrusion, EDR and Continual Improvement
The methodologies we are seeing used by adversaries are continually evolving and becoming increasingly more capable of evading detection. There are many steps you can take to counter this, but true Endpoint Detection and Response will equip you with an effective and dependable platform upon which to build out your security program. This not only allows you to detect intrusion techniques that traditional antivirus is blind to, but also gives you the ability to isolate and triage potential compromise, assemble extensive environmental telemetry into a clear timeline, and understand the actual reach and impact of an incident. Our security team relies upon Azure Sentinel and Microsoft Defender for Endpoint to delivery this protection to our customers. One of the core reasons why we utilise this platform is its ability to deliver strong detection and response capability alongside best-practice recommendations, hardening advice and vulnerability management. This means rather relying on multiple vulnerability assessment tools in addition to your endpoint security product, you maintain a single pane of glass that also tracks the exposure and vulnerability status of workstations, servers, mobiles and network appliances - including recommendations on Group Policy and Intune configurations to harden and further protect your endpoints. This presents you with a list of proactive actions that help you to stay ahead of evolving threats and adopt a truly proactive and preventative approach to securing your environment.
While we focus on tools and features to provide security, it cannot stop there. Information security is equally, if not more important. We store so much data in many places, with little care or governance over this. What data is stored where, confidentiality, who has access, risks associated, processes to safeguard – these are some of the areas that are often overlooked. People are your biggest weakness – being too helpful, fatigued and even insider threats with disgruntled employees or bribery. However, these same people are your biggest asset – alerting on suspicious behaviours, changes in patterns, and asking questions. Exploring your data landscape, your processes and training can help safeguard your biggest IT asset.
Reach out to our team if you’d like to hear how we can assist in areas around information governance, classification, and encryption – so you are better prepared and aware.
Here are some additional resources that are highly regarded by our Security team:
- ACSC: System Hardening Guides
- SpecterOps: Implementing Security Boundaries
- Scottish Government: Cyber Resiliency Toolkit
- Palantir: ASR Recommendations
Azure NZ North Datacentre
The hyper-scale cloud is coming to New Zealand. Bringing all the goodness of the public cloud to our shores with 100% renewable energy, environmental sustainability, and more opportunity to harness the cloud for your organisation. Azure will launch with an initial set of services deployed to the three highly available datacentres. These will be quickly followed with the wider solution set, including Microsoft 365 and Dynamics allowing you to move your tenant to New Zealand to reduce latency. Another important learning is that Azure NZ North is following the new MS model of breaking apart the ‘peered regions’. This means NZ North will require a different level of architecture approach that you may have previously taken. Setting up your landing zones and governance now is key to ensuring you’re in a good position to adopt this region when it becomes available. Already in Azure? Refreshing and updating your governance ahead of this will also make the transition easier and shore up your cost and security controls.
Here are some resources around the datacentre:
- Follow Microsoft's progress on the NZ North Region here
- Learn more about the scale of Microsoft’s global infrastructure and how it is evolving here
- Find tools to help you calculate your carbon footprint here
If you have any questions on the latest technology and trends we’re seeing or if you are interested in working with our teams on any of these specialities, reach out to our team and we’ll get started.