It’s estimated that 90% of UK crimes have a digital footprint, and the team’s task is to sort that data into actionable intelligence. Today, the digital forensics team’s services are a vital crimefighting tool across the West Midlands and Warwickshire, covering all areas of criminal activity but with a strong focus on investigating and prosecuting child exploitation and abuse.  

The Challenge

The digital forensics team relied on on-premises IT infrastructure. But with per-case data volumes routinely passing the four terabytes mark and multiple cases on the go at any one time, they struggled to manage the necessary IT infrastructure, such as physical storage, processing power and SQL databases. Plus, the team was acutely aware of their responsibility to ensure their data was secure and managed to policing standards. However, their biggest concern was that data analysis had become very time-consuming, with a growing number of devices requiring analysis and investigation on each case.     

“If you go back 10 or 20 years, the vast majority of people would have had one phone in the house and probably one PC,” explains West Midlands Police’s Digital Forensics/Incident Response Supervisor, Detective Sergeant John Price KPM, who has been recognised for his leadership and innovation on the 2024 New Years Honours list with the King’s Police Medal for Digital Forensics. “Today, when we enter a suspect’s house, most have a work phone, a personal phone, tablets, and laptops. Plus, there are doorbells, dashcams, body cams, car cams, security cameras, smart TVs, game consoles and a whole load of other internet-enabled devices that record data and could be potential evidence or exhibits.” 

The Solution

Knowing the digital forensics team couldn’t continue with its on-premises IT infrastructure, West Midlands Police turned to Node4 for assistance. With regular input from the detective and other key stakeholders within the West Midlands Police Force, Node4 — in partnership with Microsoft and Exterro — built and delivered FTK Central, the UK’s first cloud-based digital forensics analysis solution.  

FTK Central processes data on seized devices, building links between different exhibits and enabling concurrent investigations that lead to faster convictions. Node4 hosts the digital forensics analysis application in one of its state-of-the-art data centres. It also manages the IT infrastructure and ensures all gathered data is stored in compliance with policing and wider data protection standards. FTK Central went live in May 2022 with 50 users and, so far, has been instrumental in processing data for 70 cases.  

The Results

Officers can now log into the analysis platform from their station and review all exhibit data in situ instead of travelling to the digital forensic team’s offices — saving critical time and resources and dramatically speeding up investigations.   

“When you understand that around 75% of the cases we handle deal with indecent images of children, you can see why speed and accuracy are so important,” explains DS Price KPM. “We are often the ones who identify abuse of children and vulnerable persons and then work with the appropriate team to help safeguard victims — even before we move to detain perpetrators. Using this tool, cases that once took months now take weeks. Those that took days can be solved in hours. As such, I can categorically say that the solution has safeguarded children and other vulnerable victims and kept them from further harm.”   

Node4’s solution helps West Midlands Police Force comply with the regulations governing how it stores and manages digital data. This includes ISO17025 2017, which sets out standards for holding and dealing with exhibits. It’s also compliant with the Forensic Science Regulators Act and adheres to Management of Police Information (MOPI) standards. Node4 also monitors all existing regulations and, when necessary, adjusts storage policies within its managed cloud environment — removing worries about compliance management from the team’s daily to-do list.    

“You can imagine, with the data we’re dealing with, trust between us and our managed services provider is imperative — and we have established a high degree of trust with Node4,” notes DS Price KPM. “We explained our data management and security requirements to Node4 upfront, which were then built into the framework.” 

From an administrative and budgetary standpoint, moving to the cloud has given the digital forensics team the elasticity to scale when data requirements increase. It also allows the team to pull back on capacity when the demand is not so great. This helps keep departmental IT-related costs down and enables the team to work at the same fast pace, regardless of the number of cases or data volume.  

DS Price KPM concludes: “There’s an honest passion from the Node4 team to get this right for us. Their support has been superb throughout the design and roll-out process, with team members going consistently above and beyond. They understand the importance of our work and the intensity and urgency that drives our department. And they’ve delivered the tools and framework that allow us to work quickly, accurately and professionally to protect some of society’s most vulnerable people.”  

Introduction:

In the ever-evolving landscape of modern business, efficient document management has become the cornerstone of success. The digital era demands organisations to streamline their operations, boost productivity, and foster seamless collaboration among team members. In the pursuit of an ideal cloud-based document management solution, businesses encounter a myriad of options, each promising to be the best. Amidst this sea of choices, Docusoft’s CloudFiler solution shines as the unequivocal best-in-breed cloud document management platform. With its comprehensive array of features and unmatched advantages, CloudFiler empowers businesses to revolutionise their document management practices. In this blog, we will delve into the key facets that propel CloudFiler to the pinnacle of cloud document management.

Efficiency and Accessibility:

At the heart of CloudFiler’s brilliance lies its user-friendly interface and unparalleled accessibility. Designed with simplicity in mind, even the most technologically challenged individuals can effortlessly navigate and utilise the platform. The cloud-based architecture ensures seamless access to documents from any device with an internet connection, providing unparalleled convenience for a workforce increasingly on the move. Gone are the days of being tethered to physical office spaces; CloudFiler unleashes the potential for remote collaboration and empowers users to stay connected, anytime and anywhere.

Security and Compliance:

In today’s world, where data breaches and cyber threats are a constant menace, document security is a paramount concern for businesses of all sizes. CloudFiler rises to this challenge with robust security measures and stringent compliance protocols. The platform employs cutting-edge encryption to safeguard sensitive data from unauthorised access, mitigating risks and ensuring utmost confidentiality. Additionally, CloudFiler adheres to industry standards and regulations, offering businesses the assurance that their documents are protected within a secure and compliant environment.

Organisation and Efficiency:

Managing vast volumes of data can quickly become overwhelming, bogging down productivity and hindering growth. CloudFiler’s ingenious organisation features provide a remedy to this challenge. With intuitive tagging, categorisation, and folder structuring, CloudFiler enables users to efficiently organise and locate documents with remarkable ease. Moreover, its advanced search capabilities deliver rapid results, sparing valuable time and effort, and allowing users to focus on high-value tasks.

Seamless Integration and Collaboration:

In the intricate web of modern business operations, seamless integration with other applications is indispensable. CloudFiler recognises this necessity and stands out by flawlessly integrating with various business software, from CRMs to email clients and productivity tools. This harmonious integration fosters cross-application collaboration, empowering teams to collaborate, share information, and communicate effectively. By breaking down barriers between different tools, CloudFiler enables organisations to harness the collective strength of their chosen software suite.

Scalability and Cost-Effectiveness:

As businesses grow, their document management needs evolve in parallel. CloudFiler exhibits remarkable scalability, accommodating the changing requirements of businesses at any stage of their growth journey. Whether handling a modest ten documents or managing an extensive repository of ten thousand, CloudFiler scales effortlessly to meet the demand. Additionally, the cloud-based model eliminates the need for on-premises infrastructure, reducing overall costs and enabling businesses to pay only for the resources they utilise, making it a cost-effective solution for businesses of all sizes.

Version Control and Audit Trail:

Collaboration is the cornerstone of progress in the modern workplace. However, with multiple team members contributing to documents, version control can quickly become a challenge. CloudFiler deftly tackles this issue with its robust version control system, maintaining a detailed history of document revisions. This feature empowers users to revisit previous versions, ensuring the integrity of documents while encouraging a collaborative work environment. Furthermore, the platform keeps a comprehensive audit trail, documenting document access, edits, and actions, which serves as a vital tool for security and compliance purposes.

Advanced Document Capture and OCR:

In the digital era, seamless document capture is essential to ensure efficient management and accessibility. CloudFiler’s advanced document capture capabilities cater to diverse ingestion methods, such as scanning, drag-and-drop, and email integration, making the upload process a breeze. Adding to its prowess, CloudFiler incorporates Optical Character Recognition (OCR) technology, converting scanned documents into searchable and editable text. This transformative feature empowers users to unlock the true potential of their documents, bolstering efficiency and enabling data-driven decision-making.

Automated Workflow and Notifications:

Streamlining business processes and minimising manual intervention are at the core of CloudFiler’s design philosophy. The platform offers an automated workflow feature, empowering users to create customised workflows that route documents to specific individuals or teams for review and approval. Moreover, CloudFiler sends automatic notifications and reminders, ensuring stakeholders stay informed about pending tasks, deadlines, and document updates. This seamless automation enhances efficiency, reduces bottlenecks, and optimises overall productivity.

Mobile App for On-the-Go Access:

In a world where professionals are continuously on the move, mobile accessibility is no longer a luxury but a necessity. CloudFiler’s dedicated mobile app extends the platform’s functionality to smartphones and tablets, enabling users to access, view, edit, and share documents securely, regardless of their location. With this enhanced mobility, CloudFiler empowers organisations to stay connected and productive, even when team members are not physically present in the office.

Customisable User Permissions:

Not all users within an organisation require the same level of access to documents, making user permissions a crucial aspect of document management. CloudFiler addresses this by offering customisable user permissions, empowering administrators to define roles and restrict document access based on each user’s responsibilities. This feature ensures that sensitive data is safeguarded while enabling seamless information sharing within the organisation, striking a perfect balance between security and collaboration.

Conclusion:

In conclusion, Docusoft’s CloudFiler solution emerges as the undisputed champion in the realm of cloud document management. Its comprehensive array of features, ranging from its user-friendly interface, advanced security measures, efficient organisation capabilities, seamless integration, scalability, and cost-effectiveness, to its version control, OCR capabilities, automated workflows, mobile accessibility, collaborative tools, and customisable user permissions, positions CloudFiler as the epitome of a powerful and versatile document management solution. By adopting CloudFiler, businesses of all sizes can unlock their true potential, optimise their document management processes, and empower their workforce to thrive in the digital age. As the business landscape evolves further, CloudFiler stands firm as the unwavering ally of organisational growth, efficiency, and success. Choose CloudFiler and experience the pinnacle of cloud document management for yourself.

ERP deployment in 2023 bears no resemblance to your last implementation experience. With SAP’s commitment to standardisation and ‘adopt not adapt’ strategy, the model is clearer and easier to achieve. Furthermore, with an array of tools to support businesses and their SAP partners through the process, from product choice through implementation, the path to S/4HANA is much more straightforward than many businesses realise. Don Valentine, Commercial Director at Absoft, explains.

Brown or Green

Migration to S/4HANA can be confusing. Given the 2027 deadline, would a brownfield technical migration of ECC to S/4HANA that retains existing customisation and data be the safest bet to minimise disruption? Or do the benefits of a standardised best practice approach present a compelling business case, making the greenfield approach the best option? And, if so, should it be public cloud Software as a Service or private cloud? 

SAP’s Readiness Checker tool can simplify the brownfield versus greenfield decision for existing ECC users. Using a set of programmes already in most versions of ECC, the assessment is based on a business’s ECC usage, from configuration to data volumes. 

It includes key information which helps evaluate suitable interfaces, integrations and innovation for specific business scenarios and needs. The output is a very clear and detailed view of the work required to achieve the technical migration to S/4HANA, including identifying any custom code that would not work in the new system.

This is a great insight that can support a discussion about the difference between the highly customised ECC systems and the benefits of a standard S/4HANA deployment. 

The process often helps businesses to understand how and where a standard process would be beneficial, with additional tools such as Process Discovery – unveiling gaps and areas for improvement to maximise individual process efficiency and an App recommendation report also highlighting the alternative app solutions available to cover certain aspects of functionality not included in the standard S/4HANA deployment. 

Fresh start – Public or Private

Growing numbers of businesses are moving away from brownfield deployments, embracing instead the clean core, standardised approach with its simpler implementation and easier upgrades associated with limited customisation. 

For businesses that decide on the greenfield route – as well as companies considering SAP S/4HANA for the first time – the next decision is public or private? The multi-tenanted public cloud SaaS version that offers limited configuration options or the private cloud single-tenanted approach that offers more flexibility.

That is when SAP’s assessment tool comes into play, to help you with the decision-making process. SAP’s Digital Discovery Assessment (DDA), is a guided procedure that brings clarity to the optimal approach for each business. The Assessment walks SAP partners through a business at a high level, including its operational processes and implementation goals, and then makes a recommendation based on the business’ fit to the standard product. 

Fast Track Discovery

With a percentage match in each domain, a business can have a fact-based discussion with its SAP partner about the options. If the DDA confirms the company is an 80% fit for the standard model in every domain except inventory, for example, is there a cloud-based solution or extension that can be used alongside S/4HANA to support that specific business need? If so, then the public cloud SaaS option would be a straightforward fit.

If not, and the business just doesn’t fit the public model, then a private cloud edition gives that more flexibility. While it is still hosted by SAP, it is a single-tenanted approach and the business has control over the choice of hyperscaler. While the recommended ‘adopt not adapt’ approach to the system design and build does deliberately attempt to limit customisation options, taking a private cloud approach does allow for small configuration tweaks that could avoid the need for separate solutions to support specific business objectives.

If the business doesn’t fit any of these standard approaches, then the final option is an on-premise approach, where a business retains the full flexibility of old-school SAP configurability and the ability to add as many developments as they feel they need whilst designing and building their own specific solution. The business also retains control over hosting and infrastructure provider. However, the business must be prepared to carry the responsibilities and costs of upgrading and running the system.

Result? Complete Clarity

Armed with the DDA, an SAP partner and business have an immediate vision of the optimal route. In addition, this process provides the SAP licence bill of materials and a clear statement of the scope that will be delivered in the delivered solution. This gives a business complete visibility of the implementation and total cost of ownership and potential areas of process change required to meet the standard, best practice processes defined by SAP in each area, such as order to cash, purchase to pay and record to report.

And with an expert partner by your side, who can oversee technical aspects of your implementation and prepare your business for the right transition, you can expect a seamless road to S/4HANA.

Conclusion

ERP adoption used to be daunting – with a potentially unlimited choice of customisation and long-drawn-out implementations. With S/4HANA, that model has changed completely – and those businesses still ignoring the 2027 deadline for the end of ECC support need to recognise and embrace the new approach.

Standardisation plus the range of tools in place to help businesses make the transition are accelerating the process. The entire experience is very clear and very clean. And, when combined with an SAP partner that takes the time to get to know a customer or prospect, the process should give certainty. It should give confidence that the journey to the cloud is both achievable and desirable. Whichever route is best for the business, the key is to find out now.

Now, the era of the hardware businesses is gone, as modern data storage and protection capabilities, powered by the cloud, have rendered much of the once-crucial storage legacy technology obsolete. With advanced data services available through the cloud, organisations can forego investing in hardware and abandon infrastructure management in favour of data management. This change is widely recognised, with Gartner Research VP Julia Palmer, an expert on emerging infrastructure technologies and strategies, highlighting the shift in an October 2022 report.

Once your data is no longer tied to a specific facility, location, or hardware, new opportunities arise for leveraging it within your organisation. However, to do so, you must first shift your strategic perspectives on data management and delivery, focusing on these three key rules or requirements: Utilising the cloud for more flexibility and scalability, making data delivery a priority and focusing on securing data. Let’s explore these in more detail:

1. The time is now to transfer data to the cloud

The advantages of shifting your data to the cloud have been apparent for quite some time, as the economical benefits and infinite scalability of object storage have solidified cloud services as the infrastructure of the future. The majority of data storage is now done in the cloud, with over 50% of company data on the cloud, and the pandemic has only increased the urgency to adopt cloud services. 

Utilising cloud services is no longer simply about cutting long-term expenses, minimising physical infrastructure, and enhancing demand scalability; it also enables more agility for your business and transforms the possibilities of data usage.

2. Prioritising data delivery is key to productivity and efficiency

The shift towards modern infrastructure has been ongoing for a while, but the emergence of remote and hybrid work has accelerated this change. Previously, users were stationed at desks near the hardware that stored and protected their data, but now they are spread out everywhere, working from home offices, cafes, client offices, co-working spaces, and more. Users don’t stay put, either, shifting from location to location, and they expect to be able quickly and easily access their data regardless of where they happen to be working.

This transformation in how we work means that applications must be running close to workers’ data, as regardless of industry, where a worker is located, or if they’re using a general or homegrown application, to ensure efficiency and productivity, apps must be close to data to deliver the expected level of performance. Traditional storage hardware and wide area networks are insufficient for this task because the software needs to reach across the wire to access that data. This is where the cloud has become a crucial delivery vehicle for data. Cloud computing allows for increased flexibility and the ability to deliver data to users and applications anywhere in the world.

3. Never compromise on data protection

Last but not least, data protection is crucial and data delivery should not be at the expense of it. Even before the shift to hybrid and remote working, which accelerated during the pandemic, ransomware was a growing threat. The UK government released new estimates in April 2023 that suggested there were around 2.39 million instances of cyber crime across all businesses, with 11% of organisations experiencing cyber crime in the last 12 months. And now there are even more chances for malicious hackers due to the expanded attack surface. This is as more people are retrieving data and systems from various locations, so it is imperative to focus on protecting data while contemplating how to support the flexibility of hybrid and remote work models.

Ignoring one and focusing on the other is not an option. For example, keeping employees in a few major locations for data protection will restrict productivity and harm your talent pool. Conversely, distributing data everywhere without a reliable ransomware recovery plan will put your business at risk of extended downtime or financial exposure. It’s become clear that a comprehensive approach to data protection is critical for businesses to ensure both business efficiency and security globally.

Reaping the benefits from a shift to data management

Even with the underlying risk of ransomware, this transition from managing infrastructure to managing data aligns perfectly with the new flexible way of working. Users can be in the office one day, then at home the next, and collaborating with colleagues, partners and others potentially all over the world. Data centres no longer need to be the centre of data, as data itself is now the centre.

A new approach to enterprise data is now a requirement for businesses, with shifting to the cloud, prioritising data delivery, and honing in on data protection key to successfully transitioning from managing infrastructure to managing data. Embracing this new methodology could also spark larger changes with exciting implications for enterprises as they choose what to do with this newly accessible data. For example, feeding it into new machine learning and artificial intelligence workloads to further drive innovation, workplace productivity and efficiency. 

Now, the era of the hardware businesses is gone, as modern data storage and protection capabilities, powered by the cloud, have rendered much of the once-crucial storage legacy technology obsolete. With advanced data services available through the cloud, organisations can forego investing in hardware and abandon infrastructure management in favour of data management. This change is widely recognised, with Gartner Research VP Julia Palmer, an expert on emerging infrastructure technologies and strategies, highlighting the shift in an October 2022 report.

Once your data is no longer tied to a specific facility, location, or hardware, new opportunities arise for leveraging it within your organisation. However, to do so, you must first shift your strategic perspectives on data management and delivery, focusing on these three key rules or requirements: Utilising the cloud for more flexibility and scalability, making data delivery a priority and focusing on securing data. Let’s explore these in more detail:

1. The time is now to transfer data to the cloud

The advantages of shifting your data to the cloud have been apparent for quite some time, as the economical benefits and infinite scalability of object storage have solidified cloud services as the infrastructure of the future. The majority of data storage is now done in the cloud, with over 50% of company data on the cloud, and the pandemic has only increased the urgency to adopt cloud services. 

Utilising cloud services is no longer simply about cutting long-term expenses, minimising physical infrastructure, and enhancing demand scalability; it also enables more agility for your business and transforms the possibilities of data usage.

2. Prioritising data delivery is key to productivity and efficiency

The shift towards modern infrastructure has been ongoing for a while, but the emergence of remote and hybrid work has accelerated this change. Previously, users were stationed at desks near the hardware that stored and protected their data, but now they are spread out everywhere, working from home offices, cafes, client offices, co-working spaces, and more. Users don’t stay put, either, shifting from location to location, and they expect to be able quickly and easily access their data regardless of where they happen to be working.

This transformation in how we work means that applications must be running close to workers’ data, as regardless of industry, where a worker is located, or if they’re using a general or homegrown application, to ensure efficiency and productivity, apps must be close to data to deliver the expected level of performance. Traditional storage hardware and wide area networks are insufficient for this task because the software needs to reach across the wire to access that data. This is where the cloud has become a crucial delivery vehicle for data. Cloud computing allows for increased flexibility and the ability to deliver data to users and applications anywhere in the world.

3. Never compromise on data protection

Last but not least, data protection is crucial and data delivery should not be at the expense of it. Even before the shift to hybrid and remote working, which accelerated during the pandemic, ransomware was a growing threat. The UK government released new estimates in April 2023 that suggested there were around 2.39 million instances of cyber crime across all businesses, with 11% of organisations experiencing cyber crime in the last 12 months. And now there are even more chances for malicious hackers due to the expanded attack surface. This is as more people are retrieving data and systems from various locations, so it is imperative to focus on protecting data while contemplating how to support the flexibility of hybrid and remote work models.

Ignoring one and focusing on the other is not an option. For example, keeping employees in a few major locations for data protection will restrict productivity and harm your talent pool. Conversely, distributing data everywhere without a reliable ransomware recovery plan will put your business at risk of extended downtime or financial exposure. It’s become clear that a comprehensive approach to data protection is critical for businesses to ensure both business efficiency and security globally.

Reaping the benefits from a shift to data management

Even with the underlying risk of ransomware, this transition from managing infrastructure to managing data aligns perfectly with the new flexible way of working. Users can be in the office one day, then at home the next, and collaborating with colleagues, partners and others potentially all over the world. Data centres no longer need to be the centre of data, as data itself is now the centre.

A new approach to enterprise data is now a requirement for businesses, with shifting to the cloud, prioritising data delivery, and honing in on data protection key to successfully transitioning from managing infrastructure to managing data. Embracing this new methodology could also spark larger changes with exciting implications for enterprises as they choose what to do with this newly accessible data. For example, feeding it into new machine learning and artificial intelligence workloads to further drive innovation, workplace productivity and efficiency. 

In a nutshell, SIEM allows IT teams to see the bigger picture by collecting security event data from enterprise applications, the cloud and core infrastructure to learn exactly what goes on within the enterprise – creating value from the sum of data which is worth much more than the individual pieces. A single alert from an antivirus filter may not be a cause of panic on its own, but if it correlates with other anomalies, e.g. from the firewall at the same time, this could signify that a severe breach is in progress. 

Legacy vs modern SIEMs

Legacy SIEM solutions do not compare to those offered today. Since the amount of data both produced and collected by organizations has skyrocketed over the past few years, organizations need big data architectures that are flexible and scalable, so they can adapt and grow as the business changes over time. With the ability to handle large and complex implementations, today’s modern SIEM solutions can be deployed in either physical or virtual environments and on premise or in the cloud. Some SIEMs provide a very short implementation time and low maintenance resource requirements, resulting in the SIEM providing value within a matter of days.

SIEM tools must be able to ingest data from all sources – including cloud and on-premise log data – in real time to effectively monitor, detect and respond to potential threats. Modern SIEM solutions do not just have the ability to ingest and analyze more data, they thrive on it. The more data an organization can provide its SIEM, the more visibility analysts will have into the activities and the more effective they will be in detecting and responding to threats.

The modern SIEM provides a host of benefits, such as better threat detection and response. As cyber threats continue to expand and increase, businesses that can complete analysis of security events quickly and more accurately, will have a competitive advantage. A modern SIEM solution provides real-time data analysis, early detection of data breaches, data collection, secure data storage and accurate data reporting to improve threat detection and response times. 

Modern SIEM solutions go beyond basic security monitoring and reporting, they provide analysts with the clarity they need to improve decision-making and response times. With new ways of visualizing data to help analysts better interpret and respond to what that data is telling them, incident response and management becomes more sophisticated. Better analytics means teams can more accurately manage incidents and improve their forensic investigations – all within a single interface.

Automation and machine learning

Today’s IT teams are increasingly resource and time constrained. Enhanced automation frees security analysts from time consuming manual tasks and enables them to better orchestrate responses to threats. The best modern SIEM solutions utilize machine learning and user and entity behavior analytics (UEBA) to help ease the burden of overworked security analysts by automating threat detection, providing enhanced context and situational awareness, and utilizing user behavior to gain better insights. 

Moreover, UEBA enables better detection and response. Attackers often rely on compromised credentials or coercing users into performing actions that damage their own organization’s activity. To identify these types of attacks more quickly and accurately, UEBA can be used to monitor both suspicious user behavior and activities stemming from the cloud, mobile, on-premises applications, endpoints and networks, as well as external threats.

With UEBA, organizations will see a dramatic increase in their SIEM’s ability to track and identify threats. In addition, UEBA eliminates false positives so analysts have greater situational awareness before, during and after a threat occurs – meaning they are more effective and can spend their limited time on threats that will actually have an impact on operations.

Cost control

A modern SIEM solution that has a simple and predictable licensing model also enables businesses to spend less to keep their data secure, regardless of the amount of data they have and the number of sources from which data is logged. SIEM pricing models that are based on data usage are outdated. Data volumes are constantly increasing, and organizations should not be punished for that. 

Modern SIEM pricing models should instead be based on the number of devices sending logs or entities, meaning organizations will not have to worry that their data usage is affecting the cost, but can instead focus on scaling for future business needs. Make sure you analyze the total cost of ownership, also for when the SIEM needs to scale – some vendors have added cost when increasing hardware capabilities or the number of employees that needs access to the SIEM.

Another cost consideration is meeting compliance requirements, although fines, legal fees and damaged reputations can be even more costly. SIEM solutions can automate data collection, store event logs, improve threat identification and reporting, restrict data access, and flag policy and compliance violations to ensure businesses meet their compliance requirements. 

These are undisputed gains but according to Gartner, there are three main areas where a modern SIEM solution should excel: 

1. Advanced threat detection

With a modern SIEM tool, advanced threat detection can be executed in real time, allowing organizations to analyze and report on trends as well as user and entity behavior. With advanced analytics, organizations are empowered to monitor data access, application activity and can proactively detect and control advanced persistent threats (APT).

Threat detection capabilities include enrichment with internal or external contextual information, such as threat intelligence, user names or temporal knowledge. This enables security analysts to operate faster and more efficiently. Organizations should invest in SIEM solutions that provide access to effective ad-hoc queries, machine learning and UEBA capabilities, which will result in more effective and efficient threat hunting.

2. Security Monitoring

SIEM is an effective log management tool, allowing for basic security monitoring and is often used for compliance reporting and real-time monitoring of security controls. SIEM solutions should meet basic threat detection, compliance auditing and reporting requirements. With flexible and convenient collection and storage of logs, auditors’ needs can be accommodated, making compliance much easier.

Popular use cases among customers for basic security monitoring cover a broad range of security sources, including: Perimeter and network devices; endpoint agents; critical applications; and other infrastructure components.

3. Investigation and incident response

Visualization is very important for making sense of your data. A modern SIEM can give you the clarity you need, providing new ways to visualize data that make it easy to interpret and respond to what the data is telling you.

Incident response and management should be easy, fast and actionable, making it convenient to manage incidents within your team and enabling effective forensic investigations. If not within the tool itself, it is important to have world-class integration options to dedicated tools both within and outside of SOAR. With business context, security intelligence, user monitoring, data monitoring and application monitoring – all within a single interface – analysts will be more effective and informed.

Implementing a modern SIEM solution or upgrading an existing SIEM to one that offers analytics and machine learning capabilities will allow organizations to keep up with today’s expanding threat landscape – without the growing costs associated with highly-skilled security analysts and having to deal with outdated log volume and pricing models. Remember also that replacing a SIEM does not necessarily mean that your current investment is lost – some SIEM vendors will help you with a seamless transition to make sure full value is captured and transferred.

• How can you build and lead a team, competing against the best and still win?

• What are C-Suite executives prioritising when it comes to digital transformation?

• Which technology trends are shaping the business landscape today?

At OVHcloud’s annual conference, Engage / Backstage on June 20th at the London Stadium, all of these questions will be answered. IT decision-makers and channel partners can join a host of their peers, network and learn from the next generation of technology leaders. Attendees at the Infosecurity Europe event at Excel can increase the bang for their buck and join both events, with the London Stadium just a few stops down the line from Custom House on the Docklands Light Railway.

The opening keynote from David Terrar at the Cloud Industry Forum will explore the latest research on cloud, AI and sustainability, discussing how IT leaders can navigate today’s volatile technology landscape. CIF’s report, ‘Breaking New Ground with Cloud’ polled 250 IT decision makers from across the UK, and according to the report, 42% of organisations today are currently using a ‘cloud first’ approach, with 55% operating a hybrid approach to cloud.

According to the study, the average amount of infrastructure that organisations currently store in the cloud is 50%, with only 1% keeping all of their data in the cloud – but only 8% keeping 20% or less. The average amount has increased by 2% year-on-year. Only 2% of organisations today have an ‘on-premises by default’ approach, clearly showing that the cost and agility benefits of cloud are now firmly established.

The event will feature tracks for both channel organisations and end-users, with channel sessions focused on topics including how to manage the customer lifecycle from beginning to end and sales enablement, while the user track will look at trends and themes including digital transformation.

Hosted by VP Northern Europe, Emma Dennard, and featuring former England footballer and sports journalist Karen Carney, MBE, the event also includes talks, networking drinks, a private tour of the stadium, OVHcloud’s annual partner awards and more. Attendees at the event will hear:

• Opening Keynote: David Terrar from the Cloud Industry Forum will be exploring the latest research from UK CTOs, examining their technology priorities, how they are responding to business needs, and the latest strategies for driving innovation

• In-depth: Horacio Gonzalez, Head of Developer Relations at OVHcloud will be providing details on OVHcloud’s future product roadmap innovations and how organisations can leverage them for success

• Partner focus: Hear how channel partners are focusing their cloud services for growth, from OVHcloud’s Northern Europe Partner Programme Manager, David Devine and Global Partner Programe Director Tori Frazier

• Exclusive Venue Tour, Awards and Networking Drinks: See the London Stadium, home of the 2012 Olympic Games and Premier League football club West Ham United. Meet the channel organisations currently leading the pack, with awards presented by David Devine, and network with peers, prospects and industry professionals in your sector

• Roundtable sessions: Meet other technology leaders and learn how they are innovating, the technologies that they are betting on, including projects around data handling and AI, and understand how they are growing margins in difficult economic times

• Guest speaker keynote: Hear former England footballer Karen Carney talk about overcoming adversity, managing change, and competing at the highest level

The conference provides an opportunity for channel, business and technology ecosystems to come together to discuss strategies for surviving – and thriving – in today’s adverse economic climate. Indeed, financial pressure and the volatile economy has made many organisations more risk-averse; according to the recent Superpowers Index, organisations are continuing to expand the number of suppliers considered for any one deal. Furthermore, more stakeholders are being included in the process, with decision-making times expanding in parallel.

However, this is also having a knock-on effect on gaining executive support; despite being looped into the process, the complexity of technology today means that executive buy-in is harder to get. The CIF study highlighted that approximately a third (30%) of IT decision makers are held back from adopting cloud by this barrier. Although more fundamental factors such as IT security, lack of budget and lack of skills rate as more pressing issues, executive support was a common theme throughout.

One final consideration also emerged from the research: environmental, social, governance and sustainability concerns have begun to rise up the agenda, with 85% of organisations highlighting ESG as important to their decision-making and buying process.

Although sustainability may have been written off as a ‘nice to have’ in previous years, the rising power costs in the UK have pushed it back onto the agenda. The importance of ‘sustainability as frugality’ is beginning to gain traction, with recycling and re-use initiatives crucial in purchase avoidance strategies. Furthermore, many organisations and industry groups are engaged in careful negotiation with government and regulatory groups, working to set reasonable targets that make a material difference to the climate crisis – whilst also allowing firms to continue making a profit.

Most end-user organisations rely heavily on their network of suppliers and trusted advisors, and OVHcloud’s conference aims to bring the ecosystem together to help companies to make the most of today’s technology, learn from the pioneers and celebrate mutual successes.

For further information and registration pages, search for OVHcloud Backstage Engage. Registration closes at noon on the 19th June, and places are limited.

Until now, the shift to the cloud has had little impact on the way consultants scoped a deployment or day to day customer support. But the introduction of RISE with SAP S/4HANA Cloud, public edition or private edition, is a very different way of working to HANA Enterprise Cloud (HEC). With SAP now in control of software infrastructure delivery, the role of the partner has changed fundamentally. From scoping to implementation, support to maintenance, as Robert MacDonald, Innovation & Technology Manager at Absoft explains, partners will struggle to successfully deliver RISE with SAP to customers unless they invest in their staff to create a new cloud skillset and mindset.

What’s Changed?

SAP partners have made the transition to cloud-based service delivery over the past decade, transitioning customers from running familiar ERP solutions on premise to a cloud-based platform such as Azure. And, while this seemed a big deal in terms of changing licences and adapting to different cost/ flexibility models for customers, the business impact for partners was pretty minimal. The product implementation was still scoped the same way; partners were still in control of key aspects of the process from implementation timelines to updates and staff did not require any new skills.

With the arrival of RISE with SAP, the model has changed completely. Irrespective of whether a customer opts for RISE with SAP S/4HANA Cloud, public edition or RISE with SAP S/4HANA Cloud, private edition, the entire approach is different – and partners need to adapt fast.

In theory the process is far simpler. SAP has created a standard infrastructure and offers customers small/medium/ large architecture options to streamline pricing. An ‘adopt not adapt’ mindset means customers are encouraged to avoid any customisation – indeed customisation or extensibility, if required, can only occur outside the core S/4HANA product, using Application Programming Interfaces (APIs) to link to complementary cloud solutions. So where do partners fit into this new model?

New Skills

One of the biggest changes is affecting consultants whose traditional expertise in scoping the implementation and outlining business specific customisations is no longer required. There is no longer any need for a Gap Analysis to identify areas where the SAP ERP solution did not support a customer’s specific business needs. No need for a custom development specification. Instead, consultants now undertake Fit to Standard workshops with customers. 

The onus is on explaining the benefits of a standard, best practice approach to customers and reinforcing the fact that customisation should only be used for competitive differentiation in a standard, cloud-based deployment. As such, consultants need new skills: to assess a customer’s processes, identify those areas of differentiation that would justify the development of extensible solutions and work with department heads to achieve the change management required to match the SAP standard process.

Partners must take their ecosystem of consultants with an extensive skill set based on identifying problems, writing development specifications and managing project delivery and help them make the transition to this new approach. They need to invest in developing change management skills and provide the resources required to manage this new cloud mindset with customers.

New Delivery and Support Processes

The new skills set requirements extend far beyond initial consultation. RISE with SAP is delivered using SAP’s Activate Methodology, which has been updated to support the implementation of this standard cloud project. This again, requires an entire new skill set for Project Managers. From provisioning systems to testing, connectivity to networks and configuring interfaces, every request has to go via SAP. For Project Managers used to being in control and working with their own internal teams on these processes, it will take time to become familiar with SAP timelines, processes and people.  

For example SAP, may require a week’s notice prior to turning on connectivity, something that could have been achieved within hours in house. If the Project Manager is not up to speed with these processes, the entire project could become rapidly derailed. Essentially, this shift to a cloud model is an odd mixture of a simplified, standardised way of doing things and a reversion to old fashioned service requests over which partners have no control. It is also important to understand where SAP’s remit starts and finishes: there are some areas of the deployment that will incur an extra cost and others that SAP will not handle. 

The new skill set is not limited to implementation – the same issues arise during ongoing support. From system patches to updates, it is vital to ensure changes fit in with business timelines – avoiding month ends, for example. While partners are no longer in control of these system changes they have a key role to play in coordinating these processes for customers when informed by SAP that an update is set to occur. The provision of a service that can coordinate downtime, inform any affected business areas, manage change control and oversee testing is key to avoiding those spikes in cloud costs that have affected businesses in the past. 

Conclusion

SAP recognises the very significant changes in skill set and process required to support this new generation of cloud solutions and is investing in supporting its partners. But partners will need to meet them more than halfway if RISE with SAP is to be deployed successfully. Partners can no longer buy the on-premise product they have known for 20 years and set it up unilaterally. Every partner must now collaborate closely with SAP, use the company’s methodology, embrace the lessons learned and work with the customer success teams. 

This is fundamentally changing every aspect of the SAP partner role – something that has taken a significant number of organisations – especially those who did not expect RISE with SAP to take off – by surprise. How many partners have recognised and documented the new support and maintenance model to ensure customers understand the changing roles of supplier and partner in this new cloud mindset? How many have been through their first SAP Activate project and now understand SAP’s processes and timelines? Critically, how many have truly invested in creating that new cloud mindset and skills to support staff in making the evolution to this new model?

The success of each customer’s implementation will depend on the speed with which partners embrace the new cloud mindset.

As enterprise organisations shift from traditional on-premises IT to cloud-based models, or hybrid mixes of on-prem and cloud resources, they are challenged by the fact that effective backup and restore capabilities become exponentially more complex in these models. Many companies are forced to make short-sighted decisions based on limits on budget, timeframe, or capability, and they often end up with a series of solutions that each handle part of the problem. This creates technical debt, which results in a portion of future IT budgets being squandered to remedy decisions of the past and limitations on the potential business impact of technology. With 70% of surveyed companies saying that they expect to create new data-centric products and services in the next 12 months, and data density growing at rates unseen in the past, the struggle of data protection often surpasses the abilities of many organisations.

ESG research found that 53% of surveyed respondents said their IT environment was more complex than it was two years ago. Digging deeper into the reasons for this increased complexity shows that 9 of the 13 top concerns were directly related to changes in data protection strategies.

A next-generation cloud-based data protection solution can help organisations with these struggles. The benefits of such a solution falls into three categories—cost efficiency, increased agility, and reduced risk. The survey uncovered that, over a 3-year period, a 9,000 person company with 24 locations can realise $807K in hardware and management cost savings, $4.3M in recovered IT FTE (full time equivalent) time, and 31% reduction in storage costs, all while reducing complexity, increasing protection, increasing restorability, and reducing risk.

Commvault Metallic’s enterprise-grade data protection, developed specifically to harness the full capabilities of Microsoft Azure, takes data protection to the next level, the research found. A 9,000 person company could experience 1,800 minor restore events per year. Each of these events would take an average of 30 minutes to address in the as-is environment but, with Commvault Metallic, it would only take 18 minutes. 5% of these events would be non-recoverable in the as-is environment, with less than 1% being non-recoverable with Metallic. The 3-year result of the benefit with Metallic is a savings of 1,629 hours of IT time and almost 1,400 hours recovered of general employee productivity.

As a SaaS-based solution, Metallic eliminates the need for hardware, software, and management tools. The survey revealed that this delivers a 3-year benefit of $726.3K with the elimination of physical appliances, as well as an additional benefit of $80.8K in reduced procurement, power, floor space, and cooling in the sample company scenario and found the benefits to be linear in other-sized organisations tested in our financial model.

“The financial and business impacts that our customers have reported in this study are nothing short of compelling – in fact, these benefits are why customers have entrusted Commvault to protect over one exabyte of data, and growing, on Microsoft Azure,” said Ranga Rajagopalan, Senior Vice President, Products, Commvault. “Together with Microsoft, we offer data protection that is cost efficient, agile, and secure – serving as the true catalyst for enterprises looking to streamline data operations and improve their data security posture while accelerating their digital transformation.”

Joint Commvault and Microsoft customers like Nevada Department of Transportation (NDOT), have experienced the effects of shifting to a cloud-first strategy using Commvault’s Metallic SaaS technology built on the Azure cloud platform. Since implementation, NDOT has eliminated all of its physical backup infrastructure, removing management headaches and resulting in an ongoing savings of 25% in infrastructure costs, while also strengthening its ransomware protection with insights that help spot risks and reduce threats. 

“Commvault lets us consolidate our backups to a single solution…this gives us flexibility and scalability – and we aren’t locked into one specific restore location,” said Sherri McGee, Chief of the Information Technology Division, NDOT. “As we continue migrating our systems and applications to Microsoft Azure, we know our backups are secure. And if we
ever find a vulnerability on-premises or in our virtual machines on Azure, we know that if we restore from Metallic, we will be clean
of those vulnerabilities.”

“At a time when businesses face unprecedented challenges to secure their data from ransomware, reduce costs and optimise their data environments, Commvault’s collaboration with Microsoft is delivering strong results for our joint customers,” said Katy Brown, Microsoft Corporate Vice President of Enterprise Sales, Software and Digital Platforms. “Through our long-term collaboration, we have consistently enabled an accelerated, secure path to cloud transformation on Microsoft Azure for customers across segments and industries.”

According to Nathan McAfee, Senior Analyst at ESG and lead analyst on this study, “It’s clear that the results achieved with Commvault’s software on Microsoft Azure show strong consistency across most industries, customer profiles, and organisation size. The variety of workloads that the combined solution protects is impressive and a significant factor that helps organisations reduce vendors, and thereby reduce technical debt, complexity, and risk.” 

More than 100,000 organisations have chosen Commvault to protect their business critical data. To learn more about why and read the full ESG study, “Analysing the Economic Benefits of Data Protection with Commvault on Microsoft Azure,” please visit: https://commvault.com/the-economic-benefits-of-data-protection-with-commvault-on-microsoft-azure.

EMiR supports the UK’s vital infrastructure. In fact 45% of the UK membership of the Association Electrical & Mechanical Trades have purchased EMiR Software. These include hospitals, power stations, chemical plants, food manufacturing and utility companies. Integral to operations, EMiR shapes how electrical and mechanical engineering businesses service their client bases. At its core, EMiR empowers electrical and mechanical engineers to manage and resource all aspects of their complex and challenging business needs. It covers system build, installation and commissioning, repairs and servicing, sales and marketing, distribution and financial systems. 

The Challenge

Initially, EMiR was installed directly onto servers at client locations. However, around five years ago, the company developed a cloud-based version of its software for customers that would prefer a managed service offering.  

Gary Downes, Managing Director at EMiR Software, explains, “We developed a solution that allowed customers to access their own dedicated virtual server, or fleet of virtual servers, via a private cloud platform. We installed our EMiR software and Microsoft Office in each customer environment and offered the option to include any other software that clients might require. Customers would then pay a monthly per-user fee. In return, we’d free them from day-to-day system admin responsibilities and manage the entire environment — delivering first-line hardware support and 24/7 x 365 availability.” 

This arrangement worked very well for some time. But as EMiR Software’s business and solution continued to develop, the company started to outgrow its original IT services provider. 

“The amount of unscheduled downtime and service interruptions increased to an unacceptable level,” recalls Gary. “It impacted our infrastructure and caused problems for our clients — problems that we had no control over and could not fix directly. It was extremely challenging for us, and it was apparent that our clients were also frustrated. We needed to act decisively and find a new IT provider.” 

The Solution

An IT partner that listens

Gary and his team chose Node4 after assessing several cloud service providers, noting that Node4 stood out straight away in terms of pricing, support, speed, performance and flexibility. “Node4 had the right mix of technical and commercial experience, and this instilled confidence from the first meeting,” he remembers. “They also listened to us and learned about the intricacies of our operations. They didn’t try to push us into an ill-fitting box like many vendors. Instead, they devised a bespoke solution and pricing structure that matched how we serviced and billed our customers.” 

Improved resiliency, proactive monitoring and enhanced security

Following a seamless migration, all EMiR Software’s managed service customers have been relocated to virtual servers in one of Node4’s data centres. Customers still have a managed private cloud environment containing EMiR, Microsoft Office and any other software they’d like to run on their networks. But with Node4 on board, customers now benefit from improved performance and resiliency that come from superior backup, recovery, antivirus protection and security functionality. 

“Node4’s network monitoring capabilities are on a totally different level, too,” notes Gary. “We get automated hardware, software and key service alerts — plus daily performance reports for each server. And we’re immediately notified about potential IT security breaches or cyber threats. Node4 deals with these before customers are even aware of an issue. It’s all extremely impressive, proactive and responsive — and it makes our lives a hundred times easier.”

The Results

Round-the-clock support 

Node4’s private cloud platform delivers the 24/7 x 365 support EMiR Software and its clients had always needed. “Although our previous provider had out-of-hours alerting, they didn’t start working on any fixes until 8 am the following morning,” Gary recounts. 

“By contrast, with Node4, the alerts are monitored and dealt with round the clock, so issues never escalate or cause outages.” 

Speed and performance gains

In addition, Gary continues to be impressed by the superior speed and performance of Node4’s infrastructure: “Our clients have noticed too, which we’re delighted about. These days, when I demo the cloud-based version of EMiR to clients still using their own hardware, they are always blown away. This makes it much more certain that they’ll migrate to the cloud-based version when their current infrastructure reaches end-of-life.”

Delivering flexibility and agility

Node4’s public cloud infrastructure also gives Gary and his team much more direct control over their servers. “This allows us to add users, licences, RAM, or disk capacity ourselves,” comments Gary. “Administrative changes that used to take our provider around 48 hours to deal with are now handled by us within an hour. We don’t need to raise a ticket and wait for our provider to respond. This makes for more efficient operations and enables us to deliver a very smooth customer experience.” 

Summing up, Gary offers a snapshot of how life has changed since he engaged Node4: “The relationship with our previous provider was very stressful — we felt like we were moaning all the time, which isn’t a good place for anyone to be. That’s all changed now, and we have a very settled, positive relationship with Node4.”

He concludes: “Having Node4 as our trusted IT provider and partner means we’re more confident when promoting the benefits of our cloud-based solution. We’ve also been able to take on more of a leadership and educational role — which helps our sales and marketing efforts and elevates our standing within our sector. For all these reasons, I believe we have built a strong foundation that will enable our business to continue growing and evolving.”