We’ve seen the articles. The adoption of software-defined wide-area networks (SD-WAN) is on the rise1, and for good reason. 

The story of embracing SD-WAN is really a story about digital transformation (DX), amplified by the pandemic. Yes, organizations were already in the midst of figuring out what DX meant for their network, data and applications before 2020. But when COVID-19 sent a huge percentage of the workforce home, it was no longer a question of whether an organization should digitize, but rather how they should do it.

Almost immediately, businesses had to deal with higher network traffic from remote workers. And with them, an increased demand for cloud-first applications, APIs and voice, video and collaboration capabilities. 

Embracing SD-WAN is the logical choice for improved network performance and reliability. 

Even if remote workers return to the office full time – and many are not2 – SD-WAN was and still is the right call for the demands of DX3. Legacy wide-area networks (WANs) simply aren’t equipped to support cloud-first business strategies, and this will only become more problematic as time goes on.

One big but…

The way people talk about DX technologies is often rosy, because they solve a lot of problems.

Having said that, DX does come with certain challenges, not the least of which is giving bad actors a bigger target to hit (or hack). In many cases, organizations choose to deploy SD-WAN with broadband internet network connectivity, and when compared with private connectivity, it significantly expands your attack surface.

It might be tempting to minimize the threat of cyber attacks, but they’re a real, expensive and increasing threat. According to recent threat reports4, ransomware cyber attacks in 2021 were up 105% from the year before. There was also a 65% spike in never-before-seen malware.

New threats are the hardest to keep up with because security measures generally require constantly scanning for threats. As just one example: Chemical distributor Brenntag paid $4.4 million USD in 2021 to prevent the DarkSide ransomware group from publicly leaking stolen data5. This is an example of double extortion, and it’s becoming more common.

Out-of-the-box SD-WAN security is not enough

Some advanced SD-WAN providers have integrated security features, which is the future of secure networking, and goes a long way in preventing threats and mitigating risk. These features often include next-generation firewall (NGFW) protection, automatic security signature updates and specialist teams to manage the entire security stack. 

Here are some questions you can ask yourself about your SD-WAN security. Ideally, your solution would meet all these criteria.

1. Does the solution offer application awareness and automated path intelligence?

You want to be able to help your network teams see which applications are being used across the enterprise and make well-informed decisions about routing across network circuits.

2. Does the solution feature automatic failover capabilities?

It’s important that routing can automatically change to the best-available link, if and when the primary WAN path degrades.

3. Which security and protection measures are included in the solution?

Your team likely already knows the features you have, but this question is really about asking what isn’t included. 

4. Which managed services are covered with the solution?

If you are looking for a managed service, it is important to understand which elements are and are not managed by the service provider. It could include comprehensive services like network/security architecture design, installation, CPE and WAN links, monitoring, updates and reporting.

For those who want specifics, here’s a shopping list of features you can take with you on your search for secure SD-WAN:

Security is a battle worth fighting

More and more businesses are going cloud first every day. Their uptake of SD-WAN is also increasing to keep pace with network demands. But these changes exciting as they are should not move forward without proactive network security. 

Businesses can’t afford to forget the quiet-but-constant battle happening in the background. Threat actors are sophisticated and they’re always adjusting their strategies. By prioritizing robust SD-WAN security, you stay on top of protecting your network, your data and your reputation.


1 “Futuriom expects the SD-WAN market to reach $2.6 billion in 2021, $3.5 billion by 2022, $4.6 billion by 2023.” https://www.futuriom.com/articles/news/the-2021-sd-wan-growth-report-is-here/2021/06
2 Gallup, Remote Work Persisting and Trending Permanent, October 2021, https://news.gallup.com/poll/355907/remote-work-persisting-trending-permanent.aspx
3 “Indeed, by 2022, 70% of all organizations globally will have accelerated their use of digital technologies, transforming existing business processes to drive customer engagement, employee productivity, and business resiliency.” https://www.idc.com/getdoc.jsp?containerId=US48299421&pageType=PRINTFRIENDLY
4 SonicWall, Cyber Threat Report 2022, https://www.sonicwall.com/2022-cyber-threat-report/?elqCampaignId=13998&sfc=7013h000000MiQZAA0&gclid=CjwKCAiAgbiQBhAHEiwAuQ6BkmbfNdHZWbIdJBPGBn4ut4T3yR5wDxM6JrGQbSMPEUk4O5ClyAmcVxoC7MsQAvD_BwE
5 Chemical distributor pays $4.4 million USD to DarkSide ransomware, https://www.bleepingcomputer.com/news/security/chemical-distributor-pays-44-million-to-darkside-ransomware/


About Acronym

Acronym Solutions Inc. is a full-service information and communications technology (ICT) company that provides a range of scalable and secure Network, Voice & Collaboration, Security, Cloud and Managed IT Solutions. We support Canadian businesses, large enterprises, service providers, healthcare providers, public-sector organizations and utilities. We leverage our extensive network expertise to design and build customized, fully scalable solutions to help our customers grow their businesses and realize their full potential. With more than 20 years’ experience managing the communications system that enables Ontario’s electrical grid, Acronym is uniquely positioned to understand the mission-critical needs of any business to deliver the innovative and reliable services that respond to the changing demands of businesses, and support rapid growth and digital transformation initiatives.

To say cybercrime is increasing is an understatement. It fails to capture the relentless activities of bad actors trying to access sensitive information, interrupt normal business, extort money or gain control of an organization’s own data.

Here are just some of the year-over-year global numbers from a recent Cyber Threat Report1:

It’s not just the frequency of attacks that’s escalating; it’s also the complexity and impact. We’re seeing more double extortion and even triple extortion2 strategies to ensure the success of a ransomware attack. These attacks first steal a copy of your data, such that not only are your systems and data held ransom, but your entire backup set and those who would not want to see it published are targeted. One other consideration is that single-stage ransomware attacks have now become multi-layered, and may not necessarily end after the first stage of infection

Sophos reported that the average ransomware victim paid $812,360 USD in 2021 to get their encrypted data back – and that amount doesn’t include lost revenue3. Adding insult to injury, paying a ransom does not guarantee that files will be recovered or systems will be restored, or that you have any type of guarantee from the bad actors.

So, how do you protect your organization from serious cyber threats? 

Complex problems require sophisticated solutions, and there are two major areas to consider: network security and data security. The offence and defence of protecting your business.

1. Network security

Simply put, network security is all about prevention. It’s any activity that protects the usability and integrity of your network, endpoints and data. But the task is not actually simple, and the number of ways to penetrate one’s network is expanding. The job of protecting your IT infrastructure, then, should go to someone (or some people) who can stay ahead of increasingly elaborate threats. 

After the banner year ransomware has had, an organization’s best bet is to leave network and endpoint security to an expert team. If managed security services (MSS) haven’t been on your company’s radar in the past, now is the time to consider them.

There are certainly financial benefits4 and even operational benefits5 to outsourcing your IT management and security – like scalability, productivity, lower costs, etc. – but the biggest benefit is the access that you get to dedicated expertise and advanced technology. 

With MSS, your service provider’s entire job is to deploy and manage high-quality defences across your company’s digital landscape. 

Whether you choose to outsource your IT security or not, your business should be proactive on network security. Your cyber security team needs to thoroughly understand your network, digital assets and the evolving threat landscape, plus have the ability to adapt and react quickly. 

2. Data/Information security

Data security is all about preparing for the worst, which means ensuring you are backing up your data and protecting it from cybercriminals. If your business finds its systems and data unexpectedly encrypted and is unable to conduct business as usual, professional managed data backup will help you restore your operations.

The key is to identify mission-critical data, plan how to store it and then test the restoration of your data. There are variations of backup rules, but one of the most popular is evolving. The 3-2-1 backup rule has evolved into 3-2-1-1-0, where you have:

Each step is important and will make all the difference in the event of a ransomware attack, but the offline part is key.

Why? Because ransomware threats often target any and all backups on the network or through cloud services. An offline backup set is like a backup of your backups, and can be a lifeline. 

So why have onsite backups at all? For quick and easy file access, they’re still helpful. Local backups are fast, and they help you protect your business data, but they just don’t offer a complete, secure solution on their own.

Conclusion

Cyber threats will keep evolving. Increasing sophistication and technological advancement will make it harder for businesses to detect, and protect themselves against, network infiltration. The most secure organizations will be the most proactive. They will have expert teams managing and monitoring their networks, and actively searching for threats and vulnerabilities. In addition to hardening their network, endpoints and cloud services, best practices now call for placing a backup set “out of reach” to back up your backups.


1 SonicWall, Cyber Threat Report 2022, https://www.sonicwall.com/2022-cyber-threat-report/?elqCampaignId=13998&sfc=7013h000000MiQZAA0&gclid=CjwKCAiAgbiQBhAHEiwAuQ6BkmbfNdHZWbIdJBPGBn4ut4T3yR5wDxM6JrGQbSMPEUk4O5ClyAmcVxoC7MsQAvD_BwE#top

2 Security Intelligence, Ransomware Attackers’ New Tactic: Double Extortion, https://securityintelligence.com/articles/ransomware-double-extortion/

3 Sophos, The State of Ransomware 2022, https://assets.sophos.com/X24WTUEQ/at/4zpw59pnkpxxnhfhgj9bxgj9/sophos-state-of-ransomware-2022-wp.pdf

4 Marco, 8 Financial Benefits of Managed IT Services, https://www.marconet.com/blog/8-financial-benefits-of-managed-it-services

5 Hitachi Solutions, The Importance of Managed Services: 8 Reasons to Partner With an MSP, https://global.hitachi-solutions.com/blog/benefits-of-managed-services/


About Acronym

Acronym Solutions Inc. is a full-service information and communications technology (ICT) company that provides a range of scalable and secure Network, Voice & Collaboration, Security, Cloud and Managed IT Solutions. We support Canadian businesses, large enterprises, service providers, healthcare providers, public-sector organizations and utilities. We leverage our extensive network expertise to design and build customized, fully scalable solutions to help our customers grow their businesses and realize their full potential. With more than 20 years’ experience managing the communications system that enables Ontario’s electrical grid, Acronym is uniquely positioned to understand the mission-critical needs of any business to deliver the innovative and reliable services that respond to the changing demands of businesses, and support rapid growth and digital transformation initiatives.

Moving business data, assets and applications to the cloud is a full-time job. But when you add the pandemic and rapidly increasing cybersecurity exposure1, the demands on the IT environment have become too complex for a small team, let alone one person, to manage. 

For IT leaders to succeed, they need to be supported by a team of skilled experts. These specialists need to be trained to support new applications, maintain network performance and infrastructure, manage tickets from a remote workforce, protect against security threats and source qualified talent in a scarce labour market.   

With this list of demands, it’s no wonder one of the fastest-growing trends in IT is outsourcing services. The size of the managed IT services market has exploded. And it only stands to double2 in the next five years. The increased demand for managed IT isn’t simply about managing workloads or saving money; comprehensive IT solutions are a critical and strategic necessity for any growing business. 

For many businesses, the best solution is to enlist the support of a managed service provider (MSP). If you’re undecided about outsourcing at least some of your organization’s IT tasks to a trusted partner, here are a few advantages to consider. 

Get the IT experts you need when you need them

Once you have a trusted IT partner, you have 24/7 access to a team of professionals to fill any skills gap. There’s no need to hire different people with different skill sets. You’ll acquire a team to monitor, maintain, manage and report on your IT assets around the clock. It’s worth mentioning that this team can also scale up or down as required. If you open a new office or hire more people, your IT partner should be able to easily add support for those extra users and systems.  

Boost network performance

Unplanned downtime isn’t just annoying – it’s costly. Partnering with an MSP ensures you have qualified experts with access to the right tools to manage, monitor and secure your network and IT infrastructure, providing maximum network uptime and performance.

Reduce security risks

Most businesses are unaware of how vulnerable they are to cyber threats. A partner managing your IT infrastructure can often help protect your organization from advanced threats by monitoring your systems 24/7/365 and taking immediate steps to remedy and mitigate risks. They can continually monitor and protect email, applications, endpoints, servers, networking devices, wireless networks, mobile devices, access control and data storage.

Improve cost efficiency

Cost savings come from improved productivity and network performance, reduced downtime, insulation from a competitive and expensive IT labour market, reduced training requirements and reduced or avoided licensing or equipment investments. In addition to savings, managed IT services also provide predictable cost certainty through monthly cost stability, which gives your business the ability to confidently build budgets and forecasts. 

Focus on what you do best

Chances are that your technology team spends a lot of time dealing with support requests and managing the IT network. While they can handle those tasks themselves, it takes away from their ability to have a more significant impact in leading other projects. When your MSP can support those day-to-day tasks, your IT people will have more time to apply themselves strategically to meet the organization’s goals.

Your external managed IT team is a true partner in your business. They’re not just there to reduce stress and offer peace of mind (although they do that, too). Your MSP will help you focus on your purpose and grow your business.


1 Cybercrime Magazine, Cybercrime To Cost The World $10.5 Trillion Annually By 2025, November 2020, https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/

2 Research and Markets, Global Managed Services Market – Growth, Trends, COVID-19 Impact, and Forecasts (2022 – 2027), February 2022, https://www.researchandmarkets.com/reports/5175384/global-managed-services-market-growth-trends


About Acronym

Acronym Solutions Inc. is a full-service information and communications technology (ICT) company that provides a range of scalable and secure Network, Voice & Collaboration, Security, Cloud and Managed IT Solutions. We support Canadian businesses, large enterprises, service providers, healthcare providers, public-sector organizations and utilities. We leverage our extensive network expertise to design and build customized, fully scalable solutions to help our customers grow their businesses and realize their full potential. With more than 20 years’ experience managing the communications system that enables Ontario’s electrical grid, Acronym is uniquely positioned to understand the mission-critical needs of any business to deliver the innovative and reliable services that respond to the changing demands of businesses, and support rapid growth and digital transformation initiatives.