“From a cybersecurity perspective, the base is a firewall.”
Anthony DeGraw is the Director of Partnerships here at Integris and works hand in hand with our Marketing Department. In this 3 part Discussions by Integris series, Anthony is interviewed by Kevin Vitale, Senior Manage Services Account Executive. They discuss 3 important topics that are applicable to any company that wants to overcome industry roadblocks and change for the better. In part two, Anthony breaks down cybersecurity roadblocks that businesses face and the best next steps.
Anthony: “We’re usually educating people on the foundation of cybersecurity, and what we call backup and disaster recovery. The base is a firewall and what would happen three, to five, to 10 years ago, is a business owner would go out and they’d purchase a firewall. In today’s day and age with how quickly cyber criminals evolve and the risks evolve, that’s no longer good. You can’t just plug it in and hope for the best.”
Anthony: “So what has happened now is cyber criminals are getting through what we call ‘Swiss Cheese’ firewalls, meaning that it’s like a piece of Swiss cheese with all the holes in it. These firewalls are just wide open. “
Anthony: “So what we’ve now done, and most firewall companies have done, is you’re leasing the firewall on a subscription basis almost. An IT provider like us are providing cybersecurity services behind that firewall, meaning that we’re actually managing the firewall, looking at the alerts, what type of activity is going on, both from an external standpoint and an internal standpoint, from your office out to the internet.”
Anthony: “You actually have cyber engineers, cybersecurity engineers, looking at your firewall and acting on threats.”
Backup and Disaster Recovery
Anthony: “What we find is that most companies don’t have backups. They’ve never had a true conversation about disaster recovery at an executive level because it is an executive level conversation. And then number two is, they don’t fully understand the solution they do have in place. They put a lot of trust in some of the lower cost providers or their internal IT team.”
Anthony: “What we find out, usually in a bad circumstance, is that an issue does happen like ransomware or a power outage. They go to restore from backups that they’ve been told have been getting done, and they happen to find out that’s not the actual case. For Integris, it’s pretty simple. We talk about RTO, which is Recovery Time Objective. And the other main one is RPO, which is Recovery Point Objective.
Anthony: “Recovery Point Objective is: where is the last point that we can restore the data from? So on Integris’s basic solution, it’s 59 minutes, meaning that there are hourly snapshots of your data being backed up locally. Our solution, obviously at the end of the day is to take 24 hourly snapshots and back them up to the cloud. So you not only have an onsite backup, but you also have a remote backup that’s separate and distinct from your network.”
Anthony: “Recovery Time Objective is: how quickly can you get back up and running somewhere else? With Integris’s solution in place, it’s approximately four to six hours of us being able to get you back up and going somewhere else. Usually, we’re taking the cloud backup, we’re getting you a loaner server in our data center, and getting you back up and running on there.”
Client and Provider Responsibilities
Anthony: “If we’re going to have a true partnership and relationship in business, we want to be held fully accountable for everything in your IT environment. For us to be able to do that, you need to take our recommendations. When we’re saying something is a business impact high, medium, or low, you need to take it seriously. We’re working with thousands of endpoints and hundreds of businesses, and we’re seeing this across a grand scheme. Where you’re only seeing this in your potential business here.”
Anthony: “In a true partnership, it definitely works both ways. From the customer side of things, you should be coming to them with open and clear communications about your goals as an organization, what you’re looking to try and do, and how can that provider help you get there.”
Credentials Held Hostage
Anthony: “Integris comes to our potential customers and says, ‘thanks for signing up for this technology audit. By the way, as part of the audit, you’re going to need to know your credentials’. You need the credentials to log into servers, switches, firewalls, to do a true audit. We compare your current technology to your future technology state or best in class, and we show you those gaps, and then we give you those solutions.”
Anthony: “Then you run into this roadblock of, ‘I don’t actually have my credentials.’ Inevitably, they go to their current provider or IT team, and they say, ‘This is what we’re looking to do. We need these credentials.’ We go out and we get this response back from a provider: ‘I’m not doing that. They shouldn’t be in here.’ It’s frustrating because we look at it as that business is being held hostage by their current provider.
Anthony: “We’re actually looking at ways of how we can help customers with this part of the process. The last thing we want is for an organization to be held hostage because they don’t have their credentials to their own network, which they own.”