H2 Newsletter - SAAS Based Tools in a Managed Environment, for SMEs

An interesting paper this week from Logic Monitor talking about legacy tools and how they no longer fit what companies are trying to do.?In itself, not particularly mind blowing but I thought it worth talking about because it not just affects on-premise monitoring tools that are looking after your networks, end points etc, but it also has very clear knock on effect on security tools as well.?As organizations shift IT assets to the cloud and their tech stack becomes more complex, SaaS-based monitoring helps teams transition from reactive monitoring to real-time observability, because of its flexibility and ease of conversion from legacy, as well as ease of use.

Logic Monitor is suggesting that what is called Tool Sprawl is high on the list.?What this means is that in a legacy environment there can be three of four tools being used to cover one area, whereas a more modern SAAS based tool can do it in one.?Again, nothing new in that.?I can remember us talking about this way back when working at Symantec and we were attempting to consolidate tools together, or at least make them work together seamlessly.?We didn’t have the SAAS option then of course, but the principle is sound.

Automation is next on the list and is something that is no longer a nice to have, especially in the SME market.?SMEs, even at the higher end of the mid-market, simply don’t have the in house expertise that the increasingly complex threat landscape requires.?The more automation you have, the better chance of protecting yourself.?Of course, it’s not a silver bullet, but it helps, especially when combined with a managed service.

Other issues include a lack of visibility into cloud infrastructure, particularly as more and more assets are being moved into a cloud environment.?2 biggies are a need to prove ROI to your board, and a need to future proof.?Security is a problem with ROI because you are generally trying to prove a negative, i.e., my protections are working because we haven’t been hacked.?Countered by, well if we haven’t been hacked why do we need to spend all this money??How much better if you have reports generated that show attempts at intrusion, blocked by the protections.?This is becoming affordable for SMEs, using SAAS tools which are affordable even in a managed service.

Future proofing is a challenge if only because you don’t know what direction your company may be taking in 3,4 or 5 years and in security, you don’t know what the coming threats and vulnerabilities will be.?But if you have sound stats from a bunch of security reporting tools, you stand a much better chance.

Here at H2 we are working with some innovative companies who are producing SAAS tools to monitor and protect the network and end points, in a fully risk managed way, and we have just started work with a company providing SAAS based privileged access management, single sign on and remote access tools, which are particularly useful for managing access for 3rd parties such as contractors, suppliers as well as distributed staff and for controlling access to your most sensitive data.?We are continuing to research and come up with new ideas to service the SME space, at an affordable price.?More about this as we firm things up.

On a lighter note, well for anyone not affected that is, both myself and my wife have received notices from 2 different places, that they have had a data breach and our personal details may have been compromised.?At least they are obeying the DPA2018, and notified us, the Information Commissioners Office, and even the NCSC, and haven’t tried to cover it up like so many do.?Covering it up is dangerous, not just because of the poor individuals whose personal data is now for sale on the dark web, but because if you get found out, you’ll quite simply get a real financial spanking from the ICO.?It’s just not worth it.?Having a good set of data protection policies, framed around the act, are not expensive to produce and could save a lot of time, trouble and expense.

H2 provides affordable and flexible one-off and ongoing data protection and cyber risk protection services.

To learn more about the services we provide please click here?https://www.hah2.co.uk/

Please feel free to give us a call or email

Alternatively, you can book a slot using our Calendly ink,?https://calendly.com/kevin_hah2

T: 0845 5443742

M: 07702 019060

E:?[email protected]

Trust H2 – Making sure your information is secure