The sharper focus, pooled knowledge, and other benefits of managed NOC services lead to better results The rush of businesses to the public cloud has been dizzying over the last few years. Some view our outlook on the matter as contrarian, but the truth is that it’s simply a reflection of our overall philosophy. We want companies to do their homework. Here’s a great example: Sometimes it makes sense to keep your IT department fully on-premises, and sometimes it makes sense to export parts. Using managed NOC services just makes sense for the majority of businesses. In other words, if you’re Visa, Paypal, or another massive company that lives on the bleeding edge of network security, the advice in this article probably isn’t for you. But for everybody else, here’s why you should give managed NOC services a chance to prove their value. Before we establish why, let’s be clear in what we’re talking about. What Are Managed NOC Services?Managed NOC services are companies that handle the day-to-day administration, maintenance, and security of your network operations center (NOC) for you. Let’s break that down a little more. NOCs are the nerve centers of business’ IT operations. They’re responsible for making sure your network works and all the users and applications within it can communicate with each other when and where they’re supposed to. The security operations centers (SOCs) within them ensure that nobody else can crash the party. There are effectively two ways to approach the duties of a NOC:
Here at Roundstone, we think that most businesses who do their homework will find that the latter option is a better fit. 5 Reasons Why Managed NOC Services Are the Smarter ChoiceOur years of experience in advising clients across a range of sectors tell us that using a managed NOC service is probably the smarter choice for your business. Here’s why. (In a hurry? Here’s your TL;DR: Each of these five reasons feeds into the fact that managed NOC services can give you a better security posture, and that’s not part of your business you want to skimp on.) Sharper FocusNOC services only have one job. Their business model is built on making the network experience of their clients better and safer, and they invest all their resources into it. When you do it yourself, you only dedicate a piece of your overall operations to the cause. Your internal team must manage the numerous moving parts of keeping a NOC online as they attend to other tasks. “Keeping a NOC online” isn’t good enough when we’re talking about the nerve center of your business. It needs to be proactive in dealing with emerging threat vectors and vulnerabilities because the bad guys only need to outfox you once to shut your business down. Pooled KnowledgeManaged NOC services have a narrow focus applied broadly. Working with many customers across multiple industries gives them experience in dealing with many different types of attacks and in-depth knowledge of how systems interact. They then use that broad exposure to strengthen the security they offer to each individual customer. Even if you’ve been lucky (or pay generously) enough to assemble one of the best security teams in the field, their exposure will be more limited. They’ll struggle to keep up with the shared experience a managed NOC service naturally accumulates in the course of doing business. Better CustomizationYou may already be saying “wait a minute” on this one. Doesn’t rolling your own internal solution almost always mean better customization, even if it ends up being more expensive or time-consuming than working with a third party? In this case, the answer is no, not really. Managed NOC services have a robust set of tools to use and experiences to draw from. This gives them a much broader breadth of options to choose from. They will also have the practical wisdom to tell you which options are good ideas and which ones may not work out how you want them to. After all, information security is one thing you never want to take big, risky swings on. One of the vendors we partner with is Arctic Wolf. Security operations are their only business, and they don’t care what platforms, hardware, software, or tools you may use. They will manage them. Now, once they learn what you want to accomplish, they will likely be able to say, “Hey, here’s a better way to do that.” Their narrow focus applied broadly means they can make more intelligent suggestions, and you can decide on which ones to use together. Time and Resource SavingsWhen you manage your own NOC, it’s you against the world. Like we said before, you have to be on your A-game all the time, while attackers in every time zone only need to take a lucky stab once to potentially destroy your organization. And yes, you may still be able to do it competently all by yourself. But think about what you have to give up to make that happen: time, resources, training time, compensation (more on that in a bit). Even if they only did it as well as your team could, bringing in a third-party managed NOC service would still let you step back from the many nuts-and-bolts tasks of managing a NOC. That’s a lot of extra time and resources you could reinvest in your teams and products. And that’s a lot more likely to make an impact on your bottom line than the pride you feel in keeping it all in-house. Cost and TalentSpeaking of your bottom line, business leaders often point to inflated costs as an argument against using assets such as managed NOC services. That’s true for many areas of IT outsourcing and we very much encourage that kind of critical thinking (even if we wonder where it is in many other areas of buying business IT solutions). Here’s the problem: the market for high-level NOC talent is competitive as hell right now. Many of the most skilled and experienced workers in the space favor “hired gun” work at places like managed NOC services, where they can flex their specialization as they deal with a whole portfolio’s worth of networks, tools, and threats. The rest are getting scooped up by huge firms that can afford their skyrocketing salaries, like Visa and Paypal. If you want industry-standard network security, you need to go where the industry-standard network security engineers are. Since managed NOC services put them on your company’s case without needing to cover a whole team’s ultra-competitive compensation, they’re typically the better choice value-wise. Still Uncertain? We’ll Help You Make the Right ChoiceAll of this is wisdom from our experience working with a range of clients. We can say, generally speaking, that you’ll be better off working with managed NOC services for all the reasons outlined above.
But when you’re making a decision for your business in particular, you shouldn’t stick with generalities. It always pays to take a step back and assess your unique challenges and goals, and figure out your own path from one to the other. We’re happy to help you mark out that path for your business. If you’d like to learn more about potentially working with managed NOC services, or have any other questions about your organization’s IT infrastructure, contact us today. It will be worth your time.
Ransomware attacks are a question of when, not if, and your business needs to be prepared If you store business data digitally, odds are good that you’re eventually going to get hit by a ransomware attack. The sooner you accept that, the sooner you can move on to the critical question: What do I do to prepare? Here’s how to position yourself for the best possible ransomware incident response. Every Business Is a TargetMore than 8 in 10 ransomware attacks hit small and midsize businesses. Why? Because they’re big enough to be worth the risk but not quite big enough to have invested in cutting-edge security. That’s especially true if the company isn’t in the tech sector, which tends to be more security-minded. Think of these ransomware guys as neighborhood crooks. When they’re roaming the streets deciding where to break in, the posh gated community with security staff and more cameras than trees is too much work to crack. On the other hand, the cramped apartments with boarded-up windows can’t pay enough to be worth the risk. But the single-family homes with standard locks? That’s the sweet spot. Why Don’t We Hear About More Attacks?There were more than 600 million ransomware attacks in 2021, so why do so few make it to the news? Simple: Companies don’t want you to know when they’ve been hit. If news of the attack were to get out, their customers, clients, and partners would all lose faith in them. That could have a catastrophic effect on their market value, as it did when Clorox went public with news of its attack in September. Plus, it flags your business as potentially vulnerable to future attackers. If a company can handle an attack without the public ever finding out, it almost always will. (Even though sharing that info could help the entire industry stay safe.) How to Execute Ransomware Incident ResponseLet’s get one thing out of the way: There’s no magic to ransomware incident response. The best-case scenario requires thinking ahead (more on that later). If you get hit before you’ve taken the right precautions, all you can do is contain the damage. Step One: QuarantiningWhen you learn you’ve been hit, the first thing you should do is revoke system access from anybody outside your company. Then, you can quarantine your existing systems to prevent any further network communications. The bad guys are in now; don’t let them dig their claws in any deeper. Step Two: Find a Clean BackupMost breaches happen long in advance of when the attack is triggered or discovered. The bad guys will sneak something into your system, let it sit there, and then all of a sudden it will activate. That lag between the breach and the attack could mean your backups are compromised going back further than you expect. If you’re going to restore your business to working order, you need to bring a completely clean copy of your data into your systems after they’ve been re-secured. In chronological order, go back through your backups, scanning for vulnerabilities. The more recent your clean backup, the better, because all the business you’ve done since will be jeopardized or lost. You’ll have to rebuild everything from that backup on, which is almost impossible to do. That’s a huge part of why ransomware kills so many businesses. Step Three: Find New InfrastructureOnce you’ve found a clean backup, you’ll need to plug its data into new, clean infrastructure. Many public cloud vendors will provide that infrastructure. Other companies have secondary systems of their own for disaster recovery. If you’re in that group, it is absolutely essential that you make sure your backup site didn’t also get hit. Should You Pay the Ransom?It’s the $1 million (or more) question: Should you pay what the bad guys demand? If you do, you may be able to get your systems up and running pretty quickly. The problem is, you won’t know if they’re clean. The bad guys could easily have left other exploitables in the system that they can set off again six months down the road, and then you’re back at square one. The best approach is to look at the numbers. How much value are you losing to this outage? If you’re losing $2 million per day and they’re asking for a $3 million ransom, it may be worth paying because the business disruption would outstrip the payment. Either way, you’ll need to reset all your systems to zero and go through reinstalling everything. How to Prepare for Ransomware Incident ResponseUp until recently, companies thought if they spent enough on security products, they would be safe. But this only works for so long. Cyber security experts are constantly trying to stay a step ahead of bad actors, and most of the time, they do. But the bad guys only need to be right once to get in. And one day, they will. That’s why cybersecurity is never a static situation. You can never think, “I’ve done this one thing; now I’m set forever.” You are not. But you can come close. How? With a Software-as-a-Service third-party data isolation and recovery solution. Here’s how it works: Every day, your vendor makes a backup of all your data. It encrypts that data and stores it in data stores in the public cloud. No one on your team can access it without going through the vendor. That results in an isolated and immutable backup of your critical business data. This is key to ransomware incident response because attackers who break into your system and try to ransom your data no longer have power over you. You can just restart your apps on clean infrastructure, pull the data from your backups, and continue business as usual. The bad guys would need to hit both your system and the vendor’s simultaneously, which is all but impossible. That means your data stays hidden and protected. Stay Safe With RoundstoneThese SaaS security solutions are relatively new. They’ve only gained traction over the last two or three years, and not everyone has caught up yet. But here at Roundstone Solutions, we’re on the cutting edge of cybersecurity. We can connect you with vendors such as Cohesity, whose FortKnox software can help keep your data secure even in a ransomware attack. To find the right security solution for your business, contact us today.
How this strategic partnership accelerates hybrid cloud deployment Among the biggest challenges IT leaders face in the current technology landscape are figuring out their cloud strategy and modernizing their infrastructure. Two of the most prominent companies helping IT teams navigate these challenges, Cisco and Roundstone Solutions partner Nutanix, have long been competitors in the hybrid cloud infrastructure space. That all changed in July 2023 when Cisco announced it had forged a “global strategic partnership” with Nutanix. This partnership aims to “simplify hybrid multicloud and fuel business transformation.” While this collaboration is still in its early stages, its potential to “deliver the industry’s most complete hybrid cloud solution” is exciting for those in the technology space. But what does this really mean, particularly for existing Cisco users? Let’s take a closer look at this collaboration and how it helps IT organizations overcome operational hurdles. Understanding the Nutanix/Cisco PartnershipFounded in 1984, Cisco has been a pioneer in networking and telecommunications for nearly four decades. It specializes in “smarter, more secure routing” via “future-ready routers for every network.” In 2016, Cisco entered the hyperconverged infrastructure space with the release of the Cisco HyperFlex Data Platform, its proprietary hybrid cloud software solution. Meanwhile, Nutanix has focused primarily on cloud computing since its 2009 inception and was the first in the hyperconverged infrastructure space. This often put the two companies at odds, as HyperFlex was a direct competitor to Nutanix’s offerings. Cisco customers could technically use Nutanix software, but Cisco didn’t officially support it. This partnership changes all of that. Among its benefits is the ability to simplify infrastructure operations with a single hyperconverged solution that leverages both companies’ strengths. This gives IT managers more flexibility as they continue to adapt the latest technologies, SaaS innovations, and multi-cloud operations. Or, to put it in Cisco’s words, “You can deploy hybrid-cloud infrastructure faster and focus on business outcomes with a seamless end-to-end experience.” Here’s how it all works together: Under the banner of Cisco Compute Hyperconverged with Nutanix, Cisco’s servers, storage, networking, and SaaS operations will integrate with the Nutanix Cloud Platform. This gives businesses working in the cloud a solution that combines “Cisco’s award-winning SaaS-managed compute portfolio with Nutanix’s market-proven cloud platform software,” according to Cisco Senior VP and General Manager Jeremy Foster. Those who take advantage of this “technology alliance,” as Nutanix calls it, will also have access to Cisco’s top-of-the-line security features like Cisco Secure Firewall Threat Defense Virtual. It’s the best of both worlds: An industry-leading multicloud solution integrated with industry-leading security. Cisco began rolling out the integrated solution in late 2023. One side effect of this partnership is that, as of September 2023, the Cisco HyperFlex Data Platform has entered its end-of-life stage. Cisco will be retiring the platform over the course of the next year or so, allowing Nutanix’s cloud platform to take center stage. Next Steps for HyperFlex UsersWhile the phrase “end of life” might cause an IT manager’s hair to stand on end, there’s no need to panic. The transition away from HyperFlex will be gradual; you’re not going to lose access to your work in the immediate future. Cisco HyperFlex Data Platform sales will end in September 2024, and software maintenance will continue until September 2025. That said, existing HyperFlex customers should definitely start thinking about what’s next and try to avoid investing any more time and resources into the platform than they have to. For many HyperFlex users, the most natural move will be to move cloud operations over to the duo’s “turnkey hyperconverged solution,” which is “optimized for a wide range of workloads and capacities.” Generally speaking, Nutanix users report a number of benefits, among them simpler operations, scaling flexibility, and improved system performance — all at significantly lower costs than the public cloud. Of course, switching to a new IT infrastructure is never as simple as pushing a button or pulling a lever, but the right partner can help make the migration as painless as possible. Streamlining the TransitionWhen it comes time to migrate from HyperFlex to Nutanix HCI, Roundstone Solutions can help. As a specialist in hyperconverged infrastructure, Nutanix is our leading partner, and we’ve been helping businesses move to more modern IT solutions for over 10 years. We’ll work with you to find the best solution for your specific needs. Want to learn more? Get in touch.
The formula for how to calculate cloud costs has more variables than simple computing power, storage, and network concerns When a developer builds a new apartment building, they connect it to local utilities without a second thought. Whether it’s Pacific Gas & Electric on the West Coast or Con Edison on the East, these providers are so much more efficient than any alternative that there’s no question of cost, let alone of trying to generate power and gas independently. Many businesses think of the public cloud in the same way, never bothering to learn how to calculate cloud costs. Although the public cloud aims to work like other utilities, the truth is that it’s nowhere near that efficient. Infrastructure costs are only the beginning; the hidden costs can turn a relatively small commitment into a behemoth investment. So before your business spends past the point of no return, let’s take a more holistic view of what moving to the public cloud costs. How to Calculate Cloud Costs: Compute, Storage, and NetworkingAt first, understanding cloud costs seems as simple as any other IT infrastructure investment. After all, they share the same three basic components. Your costs will break down across compute, storage, and networking fees. How much processing power do you need from virtual machines? How much cloud storage space will you use? And what will it cost to keep your systems in contact with one another? Answering these questions starts with examining historical data. For example, what quantity of compute power has brought your business to where it is today? Next, you can consider your growth projections. After all, the bigger your company grows, the more it will require of all three components. Look at how your demand for each has developed and use that to extrapolate forward. When doing this work for on-premises cloud infrastructure, you can treat these costs as capital investments and amortize them over several years. That makes them a simple, predictable recurring cost for budgeting. With the public cloud, the thinking goes, you can just monitor your costs and scale up or down as needed. You’ll need to watch for ever-changing costs based on your usage and on potential rate changes set by your provider, which makes accounting a little trickier. But there are a lot of costs you’ll run into long before you even face that challenge. How Migrating Adds to Public Cloud CostsIf you’re considering a shift to the public cloud, you’re probably thinking something along the lines of “Well, we’re not data center experts. Someone else can probably run one for us better than we can ourselves.” That may be true. But here’s the first wrinkle: You have to actually move your apps and data to the cloud. That’s not an overnight process — in fact, it has an enormous cost in terms of working hours. Throughout the migration, you’ll have to run two separate environments. Those two environments may use different operating systems or hypervisors. That means you’ll have to pay for and keep track of two differently priced environments for the length of the migration. Your employees will be forced to split their time between the two, and any software you use to manage the two environments will raise the overall cost of the migration. Refactoring: How Much Time Invested Is Too Much?When you move to the public cloud, you must decide whether to refactor your apps to make them “cloud native.” Doing so is a little like cleaning out a computer you’ve used for many years. Over that time, it’s accumulated thousands of files, most of which you probably never use. Your computer might run more smoothly if you went in and deleted all those useless files. But doing so would take a lot of work, and the computer works well enough as is. Is that work worthwhile? That’s refactoring for the cloud in a nutshell. It lets you benefit from the additional efficiencies of the public cloud, but the upfront costs in terms of labor are immense. Most companies expect to get the efficiency bonuses of the cloud without doing this work, and they wind up blindsided by it in the middle of a migration. As business leaders, we have to ask ourselves whether these time investments are worth the efficiencies they unlock down the line. Furthermore, are they worth their immediate economic costs? All the time employees spend refactoring an app is time they aren’t using to innovate or produce new value. If you’re in business to make a profit, you need your employees working toward that goal rather than treading water. The Cost of Being WrongIf you commit to the public cloud only to find it doesn’t suit your business, you may find yourself in a serious scrape. If you haven’t refactored your apps, moving back to on-premises is going to be extremely expensive and time-consuming. If you have refactored, there’s no turning back. You’ve invested too much, and you’d have to spend even more to undo that work. This is why knowing how to calculate public cloud costs is so crucial; if you only start to worry about these issues mid-migration, it’s already too late. Tracking Cloud Usage to Maintain EfficiencyWhen you use on-premises cloud infrastructure, your costs are mostly capital, though some are operational. They don’t change based on usage, so it doesn’t matter if you max out your capacity or forget to touch it at all. In the public cloud, costs are based on usage. The more you use, the more you pay. And if you’re using the same amount of infrastructure in the public cloud as you were in your on-premises solution, you’re likely to see your costs roughly double. Of course, the whole point of moving to the public cloud is to use only as much as you need. That way, at least in theory, you can pay a higher rate but still come out ahead. But achieving that level of efficiency isn’t as easy as it sounds. Cloud vendors don’t provide tools for monitoring usage versus capacity. The way they see it, if you’re paying for capacity that you don’t need, that’s your problem. Using third-party software such as NCM Cost Governance (formerly known as Beam) by Nutanix can help avoid overpaying. This solution tracks workloads in the public cloud and empowers you to spot inefficiencies. It can also compare the rate you pay with your vendor against what other vendors would charge you — and against what an on-prem solution would cost. Of course, changing cloud vendors means migrating your apps and data a second time, but at least you’ll know what you’re missing. Let Roundstone Solutions HelpSome workloads make sense in the public cloud. Some make sense on-premises. Doing your due diligence, evaluating your options, projecting out costs for migrating and refactoring, and making only measured moves; there’s no better way to know for sure which cloud solution is the right one for your business than to do your homework. And there’s no one better to help than Roundstone Solutions. We’ve aided startups and enterprise businesses alike in getting the most out of their cloud use, and we’re ready to help you, too. Get in touch today to find out more.
AuthorTim Joyce, Founder, Roundstone Solutions Archives
November 2024