How One Challenging Gig with My Band Prepared Me for a Career in Cybersecurity

Sometimes, connections between work and play appear when they’re least expected. You wouldn’t expect, for example, a guitar-shredding metal-head to carry over much from his time on stage to his career in cybersecurity, but that’s exactly what happened to Julian Weinberger, CISSP and Director of Systems Engineering for NCP engineering. Julian isn’t performing in the U.S. anymore, but during his time in Germany, one gig in particular brought so many challenges that he still thinks about it today. We sat down with Julian to discuss what happened that night. What specific event involving your band has taught you the most about working in security and business continuity? A few years ago, after hustling to line up free gigs, I landed my first paid performance. Unfortunately, I ran into myriad unanticipated issues: a string on my first guitar broke, my backup guitar didn’t work, my cable made weird noises, and, as if that wasn’t enough, my in-ear system stopped working. Although none of these issues were my fault, they wreaked havoc on the gig – and when you’re hired to entertain, you risk not being paid if you’re unable to deliver, regardless of the circumstances. It’s similar with enterprise network security. If things break — and they will — you need to be prepared with a plan to fix it. So how did you respond on stage? And what did that teach you about security? When performing on stage, technical difficulties must be fixed within seconds, and it’s the same case with security. For instance, if your microphone cuts out – or worse, your organization is faced with security issues...

Expert Q&A: Establishing a Secure Data Center and Cloud with Remote Access

*Editor’s Note: This is Part One of an article that originally appeared in The Data Center Journal’s  Industry Perspective Column By: Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering: Industry Perspective: What are some of the main security concerns for data center managers today? Rainer Enders: The evolution of modern data centers, while beneficial for many reasons, is exposing serious security pain points along the way. For one, as data centers grow in size to keep up with enterprise computing needs, it becomes increasingly difficult for IT managers to adequately protect all corporate assets, which include everything from data and documentation to software and supplies. As capacity expands, data center managers are finding it harder to maintain critical IT compliance and security measures, such as managing and de-provisioning privileged user access, and running compliance reports that are growing in both depth and volume. Additionally, with the rising popularity of virtualized and cloud environments, data center managers are tasked with baking security into all compute, network, storage and hypervisor layers. This is a considerably difficult task, in light of the numerous emerging attack vectors that constantly increase in sophistication, such as ever-morphing advanced persistent threats (APTs) that are compromising critical corporate information. IP: What specific security challenges arise as companies outsource to the cloud and rely on remote services with increasing frequency? RE: The most critical security challenges that arise in cloud deployments are compromises to remote access connections—in the form of session-hijacking attacks, for example—and compromises of cloud-hosted resources, such as virtual machines, from within the hosted provider network. Insufficient security architectures and controls in operator networks can cause...

Expert Q&A: Preventing Mobile Hacking: Must You Take Precautions?

*Editor’s Note: This column originally appeared in TechTarget’s SearchNetworking.com  Question: How do I protect my mobile devices from intrusions via the network? How much can I rely on my service provider to defend me from mobile hacking? Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering:  In general, service providers of mobile networks do a good job of keeping the networks secure. The public wireless broadband carrier networks incorporate secure storage, mutual authentication and strong encryption, as well as air link ciphering, to keep data secure. However, it is still a good idea to use a device firewall and VPN technology to protect all mobile device communication. Also, keep in mind that, at times, devices roam into far less secure mobile networks, such as Wi-Fi networks and hotspots. An integrated device firewall and IPsec VPN clients are excellent protection mechanisms....

Expert Q&A: How do I deal with personal data on business mobile devices?

*Editor’s Note: This column originally appeared in TechTarget’s SearchNetworking.com  Question: How do I deal with personal data on business mobile devices? Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering:  A good data separation strategy is critical for any bring-your-own-device (BYOD) environment. There are special data separation tools available  that are designed to help companies implement data security policy and specific data handling procedures for business versus personal content. For example, document stores and document catalogs allow an organization to enforce security on company documents, preventing them from being copied, transmitted or shared. Selective wipe will also remove all company-related content from a device. These security operations are focused on company-owned content. It’s important to take care that personal information is not touched, as this can lead to privacy issues that are in violation of applicable laws and regulations....

Q&A: What to consider when choosing an MDM system

*Editor’s Note: This column originally appeared in TechTarget’s SearchNetworking.com  Question: What are my options for mobile device management? What factors should play a role in my decision? Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering:  There are many Mobile Device Management (MDM) systems on the market today. The best choice would be to go with a single-vendor platform for both the management system and the devices. Here are a few critical points to watch out for: Carefully plan the deployment options of the MDM system — in your own network or in the cloud, for example. Ensure your operating platforms are fully supported (mobile OS or firmware). You don’t want to end up with systems that are out of the control. Make sure the tool is compatible with your application environment, particularly your critical business applications such as email and any database applications. Ensure the MDM system supports the most critical features, such as deployment of your most critical applications, remote wipe, blocking of applications or application stores, and data...

Executive Q&A On Data Security

Today, Rainer Enders, VPN expert and CTO of Americas at NCP engineering, addresses how IT and data management executives can properly protect their corporate data. Q: What are the most effective steps IT and data management executives need to take in ensuring the best security for corporate information? Rainer Enders: There is no substitute for best-of-breed security solutions. IT managers must realize that only betting on one vendor for all security needs will leave security holes in the architecture. A key starting point is the assessment of risk and exposure. For example, if you do not have employees working outside the office, you’ll have far different security implications than if you have a large mobile workforce. Obviously, the cost of the solution must match the assets at risk that will be insured and protected against damage or loss. A clear and concise security policy must be established that involves all the key stakeholders, and the policy must then be implemented and enforced at all levels. This is probably the most important and, sadly, the least followed advice. Another trap many IT managers fall into is changing security infrastructure too quickly. Rather then taking a blended migration approach, a rip-out-and-replace approach is usually implemented, neglecting benefits and merits of existing incumbent security technologies. This has happened when SSL VPN was introduced to replace IPsec VPN. Customers followed early promises, only to see many companies now returning to the “old” IPsec VPN or adopting a hybrid approach, which would have served them better from the start. So any security architecture framework should follow the technology, not a vendor product roadmap. If...