The 5 best ways to strengthen a security architecture

Tribune by Keith Bromley, Senior Solutions Marketing Manager at Ixia - In terms of regulatory compliance for PCI-DSS and HIPAA, the deployment of inline security tools is not essential but is imperative for a security architecture by which tries to maximize its defenses.

Here are the top five actions IT professionals can take to improve their organization's online security architecture: Website architect job description

Insert external bypass switches between the network and security tools to improve network availability and reliability.

Bypass switches are generally a good starting point for improving the security and reliability of a network. While direct deployment of online security tools can create an improved defense, they can lead to point failures. Internal bypass in the tool can minimize this risk. However, it could create another interruption in service, if the device were to be removed later.

An external bypass switch has the advantage of its internal counterpart, with the difference that it eliminates the problems of direct deployments of inline tools by offering automatic and on-demand switching capabilities with barely perceptible impact (milliseconds) on the network. Because the switch always remains in the network, it can be placed in bypass mode on demand, to allow adding, removing or upgrading security and monitoring devices as needed

Deploy threat intelligence gateways to network entry / exit to reduce false positive security alerts

Threat intelligence gateways are a good second strategy because they eliminate traffic from and to the wrong IP addressesknown. Even with firewalls, IPS, and a wide range of security tools in place, businesses still lack clues and suffer from major vulnerabilities every day. Why ? Because the volume of alerts generated represents a huge processing burden for the security team, as well as for the infrastructure itself. A threat intelligence gateway helps to automatically filter traffic entering a network that needs to be analyzed. Some companies have seen a 30% or more reduction in false IPS alerts by removing known bad traffic, allowing network security teams to focus on the remaining potential threats.

Download SSL decryption from existing security devices (firewall, WAF, etc.) to network packet brokers (NPB) or devices specially designed to reduce latency and increase the efficiency of security tools.

Although many security tools (firewalls, WAF, IPS, etc.) include the ability to decrypt traffic so that incoming data can be analyzed for security purposes, they also have an impact on CPU performance and can considerably slow down (up to 80%) the processing capacity of a security application. This is because the processors of these devices perform other tasks such as analyzing data packets to detect security threats, such as inter-site scripting (XSS), SQL injection, programs hidden malware and security threats. SSL decryption can be a huge job, reducing the effectiveness of security tools and increasing costs if network data is to be inspected.

One solution is to use a network packet broker to perform the data decryption itself or to unload the function on a separate decryption device. Once the data has been decrypted, the NPB can transmit it to one or more security tools for analysis.

Perform a tool chain for suspicious data, in order to improve the inspection process.

Another tactic to consider is chain of tools in series. This method improves the inspection of data by using predefined sequences for their analysis. They are routed to multiple security tools for additional inspections and resolution. This ensures that actions take place in the correct order and are not overlooked. Security and surveillance tools can be linked together through software provisioning within an NPB to control the flow of data across selected services. This effectively automates the inspection process to make it more efficient and better follow up on alerts.

Insert NPBs to improve the availability of security devices using n + 1 or high availability technology.

Bitdefender
The fifth way to strengthen a security architecture is to improve the availability of devices by inserting an NPB that promotes long-term survival. A good NPB will have two options:

The first, which is called n + 1, is deployed in a load sharing configuration. This is the situation where we have an additional safety device in the event of a failure of one of the main ones (IPS, WAF, etc.). However, instead of being on standby and ready to go off if necessary, the device operates at the same time as the others and shares the load normally. If one device fails, then the total load can be handled by the other devices. Once the faulty tool is back online, the remaining tools return to a load sharing configuration.

While this can be done without the NBP, it is often a complicated process with load balancers and other efforts. An NPB is programmed to manage the load balancing as well as the messages on the correct functioning of a tool (when it has failed and when it is available), so as to ensure a “self-healing” architecture Profitable.

A more robust, but also more expensive, option is to implement high availability. It is an n + n option in which there is a set of completely redundant equipment. Despite the cost, it might be the best option, depending on the needs of the business.

Using these five use cases can significantly improve an online security architecture, including the reliability of the solution, as well as the ability to detect and prevent / limit security threats.

INDUSTRIAL AUTOMATION AND QUALITY CONTROL

Training aims
This option allows you to offer a double skill in automatic control and quality control. It aims to train high-level executives with transversal skills ranging from automation and organization of a production unit, supervision of an industrial production chain, implementation of a quality process, drafting of quality procedures, quality control.

Opportunities
There are many and varied outlets given the program, for example: Network security architect

Automation designer
Technical Director of an industry
Production manager in an industry
Quality department manager
Head of industrial IT department
Quality project manager
Training managers
For more information please contact:

Center I S GA Rabat: M. HARCHI Said
Center I S GA Casablanca: M. Nabil CHERKAOUI
Center I S GA Marrakech: M. Yassine SAFSOUF
Center I S GA Fès: M. Rachid NAOUAL
Center I S GA ElJadida: Mr. Sabri Yassine
Programs
1st YEAR2nd YEAR3rd YEAR4th YEAR5th YEAR
1st YEAR
Semester 1:
Culture and communication
English
Algebra
Analysis
Boole algebra
Combinatorial logic
Algorithmic
Matlab programming
Mini projects
Semester 2:
Culture and communication
English
Analysis
Algebra
Electrical circuits
Sequential logic
Algorithmic
Programming C
Mini projects
Optional internship

Architect - Pre-Sales Engineer Cybersecurity

The mission
About SPIE ICS SPIE ICS, a digital services subsidiary of SPIE France, supports the digital transformation of its ETI and large account customers through a global offer of ICT solutions. SPIE ICS puts its digital expertise and know-how at the service of the performance of its customers and the well-being of users.

With 3,200 employees and 60 sites in France, SPIE ICS has a close relationship unique on the market, which allows it to build tailor-made solutions with its customers. Building on its historical skills in integration and outsourcing for infrastructures and the digital work environment, SPIE ICS integrates new expertise and innovates in the fields of Datacenter, Cloud, Cybersecurity and SmartData & Iot. architect description.

More information on: www.spie-ics.com

Uniting our differences: SPIE is committed to promoting diversity. The recruitment of employees with disabilities is an important axis of our HR policy.

In collaboration with the Business Engineer, the Architect contributes to the success of the project by analyzing and qualifying the challenges and needs of the client and by designing a global solution, for which he is the guarantor. He is responsible for the feasibility of the implementation (engineering, production, operation). He controls the risks and costs associated with the proposed solution, while coordinating the internal and external expertise required for the design. He ensures the transition of the solution to the production teams.

Interlocutor privileged of the General Directorates and the Directorates of the Computer systems, your main missions will be the following:

- To bear the responsibility of engineering (elaboration of the material solution and service, planning, adapted methodology, services memory technical, participation in the defenses ... .).
- Control the risks and costs associated with the proposed solution.
- Coordinate the internal and external expertise necessary for the design.
- Listening to the market and ensuring technological watch.
- Ensure the transmission and / or transition of the solution to the production teams.

The expected profile
Engineer or equivalent training, oriented towards telecoms / networks / IT techniques, you have significant experience as an Architect in complex environments.

You also demonstrate good interpersonal skills, an analytical mind, and real writing skills.

COVID-19: a turning point for brand customer service

The same is true everywhere in the world: the crisis caused by COVID-19 has changed consumer habits. Whatever the sector of activity, companies have been impacted and had to adapt to cope with significant demand from customers. As a result, in just two months everything changed internally, but also on the consumer side, namely the customer experience, customer relationship management and the way customers communicate with brands. An evolution which is not only ephemeral! Two-point explanation with Zendesk senior security engineer job description.

1. How did the COVID-19 crisis impact the customer experience?
With the context of COVID-19, companies had to answer a complex equation: how to do more with less? More customer requests, but fewer employees, less time, less income.

Zendesk, a worldwide CRM software publisher with more than 160,000 customers in 160 countries, analyzed the impact of the COVID-19 crisis on more than 23,000 corporate customers between the last week of February and may's beginning. According to this study, the Zendesk Benchmark , companies of all types are seeing the number of tickets increase due to the global impact of the virus on operations. Customer service demands are at their highest level. Since the start of the crisis, there has been a 24% increase in the average weekly volume of tickets processed by assistance teams in the first week of May, compared to the same period last year.

Companies in essential sectors are those which feel the impact of the crisis more heavily. On-demand supermarkets recorded the largest increase in requests for assistance, with a 133% increase in weekly tickets from late February to early May. Other sectors that have become essential for confined consumers also recorded a significant increase, 85% for teleconferencing platforms and 66% for game companies over the same period. On the other hand, containment measures particularly hit car-sharing companies, airlines and hotels. Carpoolers, for example, had experienced a 60% drop in weekly tickets in early May.

2. Invest in omnichannel to get through the crisis smoothly: self-service, messaging and chat are the new preferred communication channels
“ Self-service has been fundamental in responding to this problem," explains Gabriel Frasconi, Senior Director Enterprise Sales Continental Europe at Zendesk. For good reason, online help centers have enabled any customer to find the answer to many questions easily and by itself. Results: " Between 10 and 20 questions accounted for 80% of customer calls or messages. Managing incoming call volumes quickly became complex. To reduce the workload and relieve the telecommuting teams, the companies have naturally enriched their help center with a maximum of content adapted to recurring questions.”Content which has increased by almost 65% since the end of February and which has even exploded barometers in certain sectors: + 376% for teleworking and distance learning companies, + 101% for fitness companies ...

“A CRM platform with a help center worthy of the name has enabled brands to satisfy customers by rapidly absorbing all new requests. It also helped reduce the pressure on support teams. A real competitive advantage during this period of crisis! ” Gabriel Frasconi, Senior Director Enterprise Sales Continental Europe, at Zendesk.

ISO / IEC 27001

The ISO / IEC 27001 certification demonstrates that the information security management system complies with the international reference standard. It also proves that all necessary steps have been taken to minimize the risks to which the managed information is subjected.
 
ISO / IEC 27001 is an international standard, promoted by the ISO (International organization for standardization) and by the IEC (International electrotechnical commission), for the management of information security. ISO / IEC 27001 is applicable to any organization and defines the requirements to plan, implement, operate, monitor, review, maintain and improve. The management system for the information security of companies security job description duties.

Protect your capital
The standard allows an overall approach to information security in all the areas concerned: from documents in digital format to those in paper format, to hardware instruments (computers and networks) to personnel skills.
The information security management system demonstrates that you have systematically and comprehensively analyzed and assessed all the risks related to information security, deriving from attacks from outside or from inside, IT and non-IT, from errors or from failure compliance with current applicable legislation.
ISO / IEC 27001 helps your company to ensure, for your information (including those relating to your customers and trade secrets), the appropriate levels of confidentiality, integrity and availability, balancing the needs for protection and investments.

In line with other management system standards
ISO / IEC 27001 integrates consistently and effectively with other management systems, such as those relating to quality ( ISO 9001 ), the environment ( ISO 14001 ) and the management of IT services ( ISO / IEC 20000 ). This allows not only continuous improvement of management systems but also effectiveness and efficiency of improvement processes. 

In the right place at the right time?

When a contact tracking application contacts another device that is running the same application, a handshake and key exchange occurs. These keys generally change continuously and are generated based on and exclusively for the device. When device A is in front of device B, they share keys based on a predetermined distance and time requirement; for example, within 2 meters for 15 minutes. The device retains the keys or passes them to a central server. When users confirm that they can be positive for the infection, all the keys they have generated are added to a cloud system. All other devices will collect this information at a certain frequency to see if there is a match to the keys that have been collected or if alternatively this match will be processed in the cloud. If there is a match, then those users are warned that they have been in contact with another device that is now reporting being positive; They have no idea which device though.

If the user is identifiable and all data is centrally stored and processed, then clearly there is a privacy problem; however, if the user is not identifiable and the central cloud system is only processing matches, this could be more efficient than asking the local device to perform this processing, especially if the end device has limited resources… which could be the case in some areas of the world. This approach also gives the centralized system the ability to identify potential false positives, where some malicious users say they are infected, but in reality they are not, and are only trying to cause chaos for users, businesses, and society in general architect tasks.

One benefit of partial centralization is that the portion of centralized data being processed could be used to inform scientists how the population as a whole is moving and to quickly identify critical points to allow for the allocation of medical resources. If, for example, a postal code is requested at the time of installation, data scientists can predict the spread of the disease. This is unlikely to identify the user, as hundreds or thousands of people use the same postal code.

Each country has adopted either its own framework or one of the nine that have been developed; each of which provides a different balance between efficiency and privacy. Using different frameworks can cause problems: for example, most European countries have adopted the Exposure Notification API from Google and Apple, while France has not centrally processed the data. When the borders between countries are opened, there is unlikely to be a synchronization between an application from Germany and an application from France.

Even the solutions that claim to be the most sensitive to privacy are open to abuse - consider the extreme scenario where video surveillance is used in conjunction with capturing Bluetooth signals emitted by devices and capturing the keys that are exchanged. Combining it with facial recognition technology and the location of the device at any given time could mean that the user is identifiable. While this may seem extreme, it shows that no system offers a guarantee of privacy.

Can work?
Many problems for such a short time. There is no perfect solution considering the deadlines that exist in the face of the need to bring a solution to the market. The uncertainty of what data may be useful in the future, what data users may be willing to share, the emerging technological frameworks, the challenges of the approximate distance and the immense pressure that exists for applications to be delivered do nothing more than demonstrate the challenges facing developers and governments alike to bring a solution that works efficiently and is acceptable from a privacy perspective. As this has never been done before, it is to be expected that mistakes will be made and that some projects will change direction; It is through trial and error that the best solutions will be found.

There are key factors that should be considered by both an application developer and a government requesting the development of an application. The protocols that have been developed with privacy in mind are as good as the developers' willingness to adhere to just collecting and transmitting the minimum amount of data. Therefore, do not hide behind a framework and a state that claim to be concerned about the privacy of users if they are actually collecting other identifying data and storing it centrally. If there are elements of centralization, clearly state the reasons for the collection and how it will be used, and post the limits on how long the data will be kept and who has access. The concept that unidentifiable data,

For the benefit of public confidence: all governments, in my opinion, regardless of their approach to this issue, should legislate on the basis of the acceptable use of data and establish criteria on when an application will reach the end of its useful life and will be removed from devices. No more infections, no more apps or data.

Would you run a contact tracking app? Yes, under the conditions of anonymous use and that the data is not used for anything other than stopping the spread of this specific disease and continuing to wreak havoc. In the event that widespread location information such as zip codes can help science beat this disease and put medical resources in the right place at the right time, my desire for absolute privacy is outweighed by my will. to do my part.

Bilingual Cloud Solutions Architect / Architect

Onica is the world's largest dedicated AWS consultant partner. As an AWS integrator with a full range of services, we are helping hundreds of businesses leverage the capabilities of the cloud. We support our clients in their digital transformation process, helping them to use cloud technologies as a lever for innovation - from migration strategy to operational excellence.

If you like challenges, you will love working with us! We develop innovative solutions to complex problems every day to help our customers change the world. In addition, we are committed to you and your growth, both professionally and personally.


Overview architect profile

We are expanding our team of motivated technologists who have a proven track record in delivering or selling software / infrastructure solutions. Onica is looking for a bilingual cloud architect (solutions architect bilingual French and English) who is passionate about creating large-scale customer solutions. As an experienced technologist with deep technical knowledge and interpersonal skills, you will work directly with clients. As part of a service delivery team dedicated to innovation through continuous delivery, you will create robust solutions aligned with our clients' objectives. Your knowledge and experience will help Onica and our service delivery teams to build architectures and set standards for excellence covering networking, storage, operating systems, virtualization, RDBMS and NoSQL databases, security and automation. In addition, you will work with middle layer technologies such as application integration, memory caches, security and much more!

The qualified solutions architect will have demonstrated his ability to think strategically about companies, to produce technical definitions according to the client's objectives in complex situations, to develop solution strategies, to motivate and mobilize resources and to produce results. The ability to connect technology to measurable business value is essential to succeed in this role. We are looking for motivated, collaborative team members who are passionate about AWS and who want to have a direct positive impact on the activities of our customers. Strong communication skills (in French and English) and a good emotional intelligence are also necessary to develop the full capabilities of your team.

To succeed in this role, you must have:
Extensive experience as an AWS cloud architect
Good communication and presentation
skills Leadership experience in technical projects
Experience and / or willingness to work with pre-sales teams if necessary
Bilingual in French and in English

Responsibilities

As a solutions architect, your concentration will be mainly technical, but you will also have to participate in activity planning ceremonies.
Be the main technical link between customers and technical resources
Provide tactical scope and work directly with sales representatives and customers to understand the functional requirements of a solution
Communicate effectively with colleagues throughout projects
Ensure that all appropriate questions are asked and verify that nothing crucial to project success is not forgotten
Become an AWS evangelist by educating a variety of customers about the value of AWS
Help your customers migrate to the cloud with a high value-added migration approach that leverages the best designs and best practices offered in an agile model
Working with clients to create a DevOps culture and modernize operations and delivery strategies
Establish credibility and build relationships with our customers to enable them to become cloud champions in turn
Lead and participate in in-depth architectural discussions to build trust and ensure customer success during migration or new creation applications, software and services on the AWS platform.
Organize hands-on training sessions to transfer knowledge to customers interested in AWS
Capture and share industry best practices within the Onica community
Create and contribute to publications for Onica and AWS customers, such as white papers, tutorials, blog posts, etc.
Attend and present at industry events
Travel up to 50% of the time

Qualifications & Experience

Mandatory fields:
More than 7 years of experience in the design and implementation of distributed applications
At least 5 years of experience in network, infrastructure or of databases
Demonstrated knowledge of software development tools and methodologies
Presentation
skills with a high degree of comfort for speaking with managers, IT managers and developers Excellent communication skills
Demonstrated ability to adapt to new technologies and learn quickly
Leadership skills to effectively communicate and manage a technical team

Strengths:
More than 5 years of experience in software / technological development or customer-oriented consulting
Minimum of 3 years of experience in migrations to the cloud or in IT transformations
Minimum of 3 years of experience in architecture and operating solutions based on AWS (ideally) or on other cloud platforms
Technical diploma. IT or related
AWS Certifications: eg AWS Certified Solutions Architect

If you like working with advanced technologies and like solving your customers' problems, we want to hear from you! It is time to redefine the possible. Are you ready?

-

Onica is an APN Premier Consulting Partner. As a full spectrum AWS integrator, we assist hundreds of companies to realize the value, efficiency, and productivity of the cloud. We take customers on their journey to enable, operate, and innovate using cloud technologies - from migration strategy to operational excellence and immersive transformation.

If you like a challenge, you'll love it here, because we're solving complex business problems every day, building and promoting great technology solutions that impact our customers' success. The best part is, we're committed to you and your growth, both professionally and personally.

Overview

We are expanding our team of motivated technologists with a proven track record of delivering results in software / technology sales or consulting. Onica is looking for an AWS Cloud Architect (Bilingual, English & French) who's passionate about helping customers build applications at scale. Being an experienced technologist with technical depth and breadth, aided with strong interpersonal skills, you will work directly with customers as part of a delivery team helping to enable innovation through continuous delivery across technology stacks and creating robust solution designs that align to business goals. Your insight and experience will help Onica and our delivery teams build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, security, and automation.

The qualified Cloud Architect will have demonstrated the ability to think strategically about businesses, create technical definitions around customer objectives in complex situations, develop solution strategies, motivate & mobilize resources, and deliver results. The ability to connect technology with measurable business value is a critical component to be successful in this role. We seek team members who are self-motivated, driven, collaborative, passionate about AWS and want to have a direct positive impact on our customer's business. Strong communication skills and emotional intelligence are also needed to help develop a team reporting to you.

In order to be successful in this role, you must have:
Solid AWS cloud architect experience
Strong communication and presentation skills
Leadership in technical projects
Experience and / or willingness to work with pre-sales teams when necessary
Bilingual English and French is a requirement

What you'll be doing

As the solutions architect, you will be technically focused but also will understand business planning
Be the technical liaison between customers and engineering resources
Provide tactical scope and work directly with the business representatives / customers to understand the requirements driving the need for a solution to be developed
Communicate effectively with both business and technical colleagues throughout the course of the project
Ensure that all the appropriate questions are asked and verify that nothing crucial to the success of the project is overlooked
Be an AWS evangelist by educating a variety of customers on the value of AWS
Help customers transition to the cloud in a high-value migration approach that best of breed designs and practices leverages delivered in an agile model.
Work with customers to enable a DevOps culture and modernize operations and release strategies
Establish credibility and build impactful relationships with our customers to enable them to be cloud advocates
Lead and participate in deep architectural discussions to build confidence and ensure customer success when building new, or migrating existing, applications, software and services on the AWS platform.
Conduct deep-dive "hands-on" education / training sessions to transfer knowledge to customers interested in AWS and to ensure our SAs are up to date
Capture and share industry best practices amongst the Onica community
Author and contribute to Onica and AWS's customer-facing publications such as whitepapers, tutorials, blog posts, etc.
Attend and present valuable information at Industry Events
Traveling up to 50% of the time