Menu
And they’re duty-bound to ensure the privacy and security of such sensitive material.
But it’s not always easy in digital environments with multiple end-users and multiple points of access.
That’s why we’ve created Legalty.
Legalty gives lawyers, attorneys, partners, paralegals, and their support staff the tools they need to work securely – and efficiently – everywhere, every day.
How?
By combining the law firm’s existing legal software and Microsoft 365 in a managed, cloud-based environment that supports data encryption and device control. With built-in security. With built-in redundancy protocols. With comprehensive technical support. With a transparent pricing plan. Without bulky hardware. And without costly local servers.
Legalty can be deployed for legal practitioners using LegalSuite, Lexis Convey, and most other third-party legal software applications.
Our all-in-one solution helps law firms to:
Legalty includes Office 365, with perennially popular Microsoft applications (like Excel, Word, and PowerPoint) that are up to date and accessible anywhere, at any time, using a computer, tablet, smartphone, or other device connected to the Internet.
Legalty comes with top-notch communication tools that enable group email, team chat, and collaborative online meetings, as well as calendaring and scheduling facilities to simplify diary planning and management.
Legalty also features Advanced Threat Protection, a comprehensive security solution designed to protect organisations from increasingly sophisticated phishing and ransomware attacks.
Want to know how Legalty can help your law firm to achieve more? Explore the Legalty website.
Keen to see Legalty in action? Request a demo with our team.
Ever heard of Cloudflare? It’s a web performance and security company on a mission to speed up and protect websites, ecommerce stores, SaaS products, mobile applications, APIs, and other properties connected to the Internet.
It’s also our newest ally.
Security and speed are critical for successful business operations in today’s digital economy, and our managing director, Ryan Roseveare, believes Cloudflare’s commitments in both areas mirror BUI’s own. “We investigated several vendors, as well as traditional technology providers, in this space. We chose to team up with Cloudflare because it’s a market leader with a cost-effective solution that complements our deep cloud security model.”
Cloudflare’s security services are designed to mitigate DDoS attacks, prevent data breaches, and block malicious web traffic. “We’re going to be able to offer our clients reliable and redundant solutions with security in mind for their cloud, hybrid, and on-premises requirements,” says Roseveare.
Cloudflare serves data from more than 150 international data centres, including three on South African soil. The company opened its Johannesburg data centre in 2014 and facilities in Cape Town and Durban followed in May 2017 and March 2018, respectively.
Roseveare is confident that Cloudflare’s SA footprint will translate into tangible performance benefits for BUI’s local clients. “We’ve completed several proof of concept demos and deployments already,” he says.
Cloudflare’s technology is easy to integrate and simple to scale. Watch the video below to learn about its real-world applications…
“We’re excited to collaborate with Cloudflare to provide our own clients with services that further secure their environments,” concludes Roseveare. “We’re looking forward to designing and deploying tailored Cloudflare solutions for our clients.”
As an Enterprise Partner, BUI is an authorised reseller of Cloudflare’s cutting-edge suite of services.
MORE ABOUT CLOUDFLARE
Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.
Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added.
Cloudflare has been recognised by the World Economic Forum as a Technology Pioneer, and named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal.
Visit the Cloudflare website for more information, or follow Cloudflare on Facebook, LinkedIn, or Twitter for news and updates.
In the September 2018 edition of the BUI Bulletin, we briefly discussed our latest Azure migration project. Here, we highlight key stages in that journey to help you understand how we solved a complicated business problem with cloud technology.
Our customer, a financial services company, was hosting its entire online environment with front-facing websites at a large local hosting provider in South Africa.
BUI was brought in to help the business migrate all its services to Azure. The move had to be done seamlessly, with zero downtime. It also had to happen in the background, without affecting normal operations.
Solving the customer’s problem involved end-to-end service delivery from BUI.
We harnessed the strength and expertise of our networking team and our Azure cloud architects to successfully migrate the customer’s digital environment into Azure – with zero downtime.
In technical terms, we moved the customer’s entire online environment by using Network Address Translation (NAT) to re-map the IPs across ExpressRoute. We secured the solution in Azure behind next-generation firewall virtual appliances and took care of the high availability concerns with Azure Load Balancers. The security happens when the previous provider NATs it over ExpressRoute into Azure, where it hits the Load Balancers. Now, we are passing through the traffic and keeping the source address throughout the whole transaction until it lands in the back-end database behind the firewall and two Load Balancers. The entire process runs without any downtime for our customer, or any of its own clients.
Azure services are now being used instead of Virtual Machines, all Load Balanced and Highly Available.
The following technologies were among those used or implemented to achieve a successful migration and an improved overall security infrastructure:
Our customer has been running services in Azure for more than 30 days, and already there is a substantial cost saving.
Improved performance has also been noted: batch processes that took 15 minutes to complete with the previous provider now take under 60 seconds.
Enhanced security has been a particular game-changer for our customer… There were audible gasps when the results were first viewed via Azure Security Center and Azure Network Watcher. “All of a sudden, we can see all the malicious attacks that are hitting our web front ends! A real eye-opener,” said a key staff member.
The next step is to replicate the same environment to another region in Azure as a Disaster Recovery Site.
This customer’s appetite for Azure services has grown enormously – because the business benefits are clear.
Looking for ways to make your business more efficient and more agile?
Book your assessment with BUI’s Azure experts.
We’ll make cloud migration simpler and more manageable for you.
Safeguarding business systems and software applications against cyberattacks and data breaches is essential in today’s connected world. We’ve already discussed why digital identity management and network security should be core components of your overall cybersecurity framework. We’ve also looked at the most common types of malware used by hackers, and seen that the threat landscape demands robust cyber protection throughout every organisation.
But what happens when cybercriminals actively bombard your defences? Or worse, when they find a way to override your security protocols and penetrate your systems? Sometimes, even the best precautions aren’t good enough to impede the rogue actors lurking in the darkest corners of the web. That’s why a detailed incident response plan is imperative. Here are five things to consider when you’re formulating your strategy…
Cyber attackers are targeting corporate digital assets – repeatedly, and with diverse tactics. No industry is immune. No business is immune. And the fallout is not purely financial: recent intelligence reports have highlighted the risk to brands, reputations, and relationships.
If you accept that a security incident is probable, if not inevitable, then you can make advance preparations to limit the damage to your business.
Your IT personnel will have critical roles to play in the midst of a cyberattack, but they won’t be the only staff members with key responsibilities. It’s important to assemble a multifaceted incident response team that includes:
The size and structure of your team should be determined by the scale and complexity of your organisation. National enterprises might need interdepartmental hierarchies of responders to co-ordinate efforts in different provinces; mid-market businesses in single locations might need only a handful of specialists to address the issues at hand. Define individual roles and responsibilities so that they’re clear to all team members.
Every second counts in a crisis scenario, so make sure that your documented incident response plan is easily accessible. Core team members should have hard copies (printed versions) stored securely in their respective offices. The digital master document should ideally be stored offline on a standalone machine: if the cyberattack in question is a network breach or disruption, there’s a chance you won’t be able to retrieve the digital file from a network location.
Your response team should be ready to communicate with a wide range of stakeholders, including employees, partners, suppliers, customers, board members, investors, shareholders, competitors, and the media. Interested parties will want to know how you’re responding to the cyberattack – and they’ll expect regular, in-depth updates that address their respective concerns.
Remember to consult your legal advisors regarding any communication obligations you may have as a result of local or international law. South Africa’s POPI Act and the European Union’s GDPR, for example, are pieces of legislation that deal with data privacy.
In triage mode, your team will be focused on problem-solving and damage control in line with the incident response plan – but a successful cyberattack should warrant a full investigation of your protocols and procedures. Plan for a review of your cybersecurity initiatives, or call in specialist consultants to put your playbook under a microscope.
Have you secured your digital assets? Ask us about cyber security consulting, penetration testing, and vulnerability scanning. We’ll help you strengthen your defences.
If you read our recent post on cybersecurity, then you’ll know that malware is a growing menace in the virtual world. It’s also a popular tool for hackers looking to penetrate sensitive business networks. Early detection is critical if you hope to minimise the damage, disruption, and potential financial losses caused by a serious network breach.
Here are five ways to prepare your business for the challenges related to network security…
Cyberspace is more like a battlefield than a business park – and you need to be familiar with the terrain. You also need to understand your enemies. What would they want? Where would they strike? How would they operate?
They could be financial hackers using fake accounts to target your money. They could be corporate spies intent on stealing your product plans. They could be rogue activists looking to publish your private data. Identify the prevailing risks so that you can plan accordingly.
Cybersecurity experts have a deep understanding of historic, current, and evolving cyber threats. Highly skilled, and armed with both technical knowledge and social awareness, they are the guardians you need on the front line.
The integrated, interdependent IT systems found in mid-market and enterprise-level businesses are particularly complex in nature. Enlist specialists who can create customised solutions for your company’s unique network vulnerability issues.
Security fundamentals like digital identity management and access control will help you to track the people authorised to utilise your network, but illicit users can be difficult to detect without the right resources.
Threat detection tools enable your cybersecurity pros to monitor network activity in real time. Consider investing in a comprehensive program that can provide detailed data, event logs, and incident reports for every action – and every anomaly – related to your network.
Make sure that your technical staff are carrying out updates, implementing patches and fixes, and performing the maintenance required to ensure the integrity of your network, systems and applications.
Subscribe to industry newsletters, study threat intelligence reports from leading stakeholders, read cybersecurity blogs, and keep an eye on local and international headlines. The broader your knowledge, the greater your advantage over the perpetrators of cybercrime.
It’s easy to think of cybersecurity as the exclusive responsibility of your technical experts, but business-wide vigilance is increasingly necessary to combat today’s cyber threats. Teach your personnel – from data-capturers and personal assistants to financial administrators and senior executives – to look for warning signs that could indicate a breach.
Encourage all your network users to report any activity that seems out of the ordinary. Have they been locked out of their accounts for no apparent reason? Have they experienced random system reboots? Seemingly insignificant events can sometimes be the very symptoms your IT teams need to diagnose a network security issue.
Online ecosystems are becoming more complex. Networks are expanding. And relentless cyber fiends are targeting even the most comprehensive ring fences. To protect your digital assets, you need to make network security a priority for your whole team.
When last did you evaluate your network security protocols? Ask us about embedding cybersecurity at the heart of your business. We’ll help you balance your organisation’s productivity with robust prevention and detection initiatives.
In last week’s blog post, we looked at digital identity management and why it’s essential to control access to your important assets and sensitive data. Compromised or stolen user credentials (including login names and passwords) are sometimes the only things required for hackers to penetrate business systems. But the most efficient villains in cyberspace are arguably the ones expanding their toolsets, refining their methods, and adapting their strategies. To combat their efforts, you must do the same – and more.
How many times have you seen the words “hacked” and “breached” in news headlines this year? Two industry studies – Microsoft’s latest Security Intelligence Report and Cisco’s Annual Cybersecurity Report – recently documented the most prevalent threats in the digital domain. Malware was highlighted as a growing problem.
Malware is the term for any kind of malicious software that’s designed to disrupt, harm or gain unauthorised access to a computer system. From the intrusive to the blatantly hostile, malware can take the form of a computer virus or worm, a Trojan horse, or even a piece of ransomware. The program code is created for a specific, nefarious purpose.
Computer viruses and worms were some of the earliest forms of malware. Viruses delete, corrupt, or steal data, and are capable of spreading from one infected computer to another. Worms spread copies of themselves from machine to machine, without any human involvement, and leverage networks to replicate rapidly.
Trojan horse malware masquerades as something else, much like its wooden namesake from Greek mythology. Computers become infected when people download insidious programs or applications disguised as legitimate resources. Trojan horses can be exploited to give hackers remote access to impaired computers, or to record sensitive data through keystroke logging.
Ransomware is an apt name for the type of malware that effectively limits or blocks access to files, folders, or systems until a ransom is paid. In some of the most prominent cases last year, cybercriminals encrypted, stole, or threatened to publish sensitive data belonging to banks, law enforcement agencies and corporate institutions unless they received hefty sums of money.
Malware is a formidable weapon in an attacker’s arsenal, but it’s certainly not the only one. Have you done enough to protect your network from sophisticated security threats?
You’ve heard that proverb about chains and weak links, right? We’d argue that the same applies for networks and people… The security of your network depends, in part, on the people connected to it. And if those people are ignorant about best practice, or complacent about passwords, or nonchalant about the perils of cyberspace, then your system could be vulnerable.
In modern enterprises, networks are often the foundations of all digital architecture. From enabling communication to supporting software and applications, networks are critical pathways for productivity. And that means they need to be protected – from internal and external threats. Creating a culture of awareness within your organisation is an important step. Get your employees involved by educating them about the latest cyber threats (especially those associated with the tools they use every day, like email) and the importance of people-centric enhanced security measures (like multi-factor authentication for account logins).
If your people are informed and aware, then they’ll be better equipped to identify and report any unusual or suspicious network activity. Early detection is critical in any threat scenario, and your IT staff would likely welcome business-wide vigilance.
Is your business challenged around cyber security and identity management? BUI’s experts have in-depth knowledge and experience across several next-generation solutions that are redefining the way the world looks at information security. Ask us about cyber security consulting, penetration testing, and vulnerability scanning. We’ll help you strengthen your security posture.
Lizette van Wyk is a senior member of the BUI team in Johannesburg. She’s an experienced developer, solutions architect, project manager and sales consultant who joined us in 2015. We asked her about her role models, her biggest lessons, and her career journey.
Yes! It was a Pentium I. My parents got it for me in my third year of university. I remember programming in Pascal and running MATLAB for my Honours project.
I’ve always loved a challenge! Riddles, problems… The idea of solving problems using technology was really intriguing to me.
I’d probably study Psychology. I’m interested in the human mind, but also in artificial intelligence. I think AI is going to have a dramatic impact on our social and intellectual status quo.
I started out as a junior developer at Vircom, developing websites in Notepad. It was a blast! And I met exceptional people there. I’m still friends with them. When Vircom was acquired by another company, I moved into management. Later on, I worked as a solutions architect and project manager at Oakwell. And after that, I joined Digital Matter as a mobile software solutions architect and product manager. I started my BUI journey as a program manager and moved into sales about two years ago.
Working with the BUI team! They’re all very intelligent, very motivated people. And also, for me personally, just being able to find the right solution at the right price for our customers.
Knowing enough to make sense!
We get it. The tech industry is always changing. How do you keep up with the latest trends?
I’ve come to realise that it’s impossible to know everything. I try to attend online sessions specific to BUI’s focus areas. And for industry news, I rely on social media.
I’d have to say Elon Musk. I think he’s shown the world that anything is possible, and that the status quo doesn’t have to be the norm.
My parents gave me my moral compass. They taught me the importance of honesty, loyalty, and patience.
I hope they think I’m a team player, and that I’m optimistic and fun to be around.
Honestly, I don’t always get it right. For me, it’s about prioritising and scheduling. And I try to make family time quality time.
I can only speak from personal experience, but I’ve been in IT for more than 20 years and I’ve seen substantial progress. We’ve had a lot of social and political change in South Africa… I have to believe that the country will address gender equality as well.
Don’t change who you are to try to fit in. Because in this industry, it’s more important to be assertive, honest, and knowledgeable. And remember that university is about more than just your studies… You gain life skills, you make friends, you learn, you teach, you experiment… Never stop learning – and never stop challenging yourself.
There are so many! And they’re all so exciting! But I’m ecstatic that Microsoft is launching two data centres in South Africa this year. I think cloud technology is revolutionary. And I’m very keen to see where it leads in the future… Automation, AI, data analytics… There are so many possibilities.
Relaxing with family and friends. No email. Absolutely no email!
Modern IT environments are becoming increasingly complicated. Cybercriminals are finding new and sophisticated ways to cause harm. It’s never been more important for businesses to manage user identity and user access. And many cybersecurity experts agree that usernames and passwords, however strong, are not guaranteed to keep out the crooks.
Alex Weinert (group programme manager for identity security and protection at Microsoft) spoke about the prevalence of breach replay attacks (trying stolen passwords from other sites), password spraying (trying common passwords against known account lists), and phishing (tricking users into revealing passwords) at the Microsoft Ignite event in 2017. He stressed that password information was the common denominator.
And there’s a reason why… As humans, we’re often predictable. And lazy. How many logins do you have for your various web tools at work? Five? Ten? Are you using a unique password for each one? Or your favourite, easy-to-remember term? Or whatever’s literally at your fingertips? Some of the most common passwords are collections of letters or numbers found on a typical keyboard. It’s not a safe practice, but it’s happening all over.
SplashData compiled a list of the world’s worst passwords after reviewing the five million that were leaked last year. The number string 123456 took the top spot, with four variations (12345678, 12345, 123456789 and 1234567) in the top 10 alone. Other popular choices included password (sometimes a default setting left unchanged) and qwerty (a letter string from the top row on a keyboard). Such evidence certainly makes it easier to understand how hackers are exploiting human nature for their own gain.
Cybercrime reportedly cost the world $600-billion last year, and the evolving threat landscape has prompted cybersecurity experts to re-examine digital identity management.
How many of your digital accounts require something over and above your username and password? Do you access secure files and folders with a one-time password delivered via text message? Do you unlock your office laptop with a fingerprint or iris scan?
From multi-factor authentication to biometric identification, your digital identity is being defined and regulated to give you the right access to the right assets at the right time.
The management of an individual’s digital identity is particularly necessary in the business environment, where it’s crucial to govern both users and their degree of access to networks, applications, and sensitive data. Your IT personnel must be able to maintain, modify, and monitor all users, their profiles, and their access permissions (or restrictions) from the moment they join your organisation until the day they depart permanently.
Existing digital identity and access management systems give IT administrators the tools and technologies they need to create user identities, assign user roles, grant (or revoke) user privileges, and track user activities – continuously, from a central dashboard. And if you think about the way we work today, you’ll start to appreciate the indispensability of these controls.
How many of your employees use in-house software to perform their daily duties? How many of them use cloud-based applications? Do they use corporate hardware (like desktop computers) or their own devices (like laptops and smartphones)? Do they use secure internet connections, or public Wi-Fi? Are you confident that the identity and access protocols you have in place will safeguard the integrity of your company’s most important information assets?
A simple, scalable identity management system should be a core component of your security architecture.
If you’re concerned about password breaches, network vulnerability, or the growing risk of cybercrime, talk to us about an audit or in-depth assessment today. We have offices in Cape Town, Durban and Johannesburg.
Cape Town – If you asked your IT experts to define cloud computing in simple terms, how many explanations do you think you’d get? Two? Three? A different definition from each member of the team? It’s possible. Because cloud computing can be applied in many ways, to achieve a variety of outcomes and objectives.
If you look up “cloud computing” in the dictionary, you’ll discover that it’s the practice of “using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer”. That’s true enough, but cloud computing has evolved so much over the past decade that a closer inspection is required to fully comprehend the current landscape.
At its core, cloud computing is about supplying computing services over the internet (also known as the “cloud”). Cloud computing allows you to utilise, process, manage and store data, files, programs and software in a remote, virtual environment that is secure and universally accessible from any device capable of connecting to the web. It might sound complicated, but you’re probably doing all of these things already. Let’s take a look at some everyday examples:
From email to internet banking, cloud computing is powering many of our personal activities. But the technology is being harnessed by more and more businesses looking to streamline processes, boost productivity, and reduce costs.
Businesses are turning to the cloud for processing power, database storage, application management, software provision, networking, or a combination thereof.
Traditionally, businesses have needed local hardware (hard drives, in-house servers, on-premises data centres) and software to enable people to do their jobs. The physical hardware requires space and ongoing care and maintenance; the software requires patches, updates, and licence-renewals. There are substantial cost implications in both cases, as well as the need for dedicated IT staff to monitor and manage the overall environment.
Cloud computing goes a long way towards reducing the need for expensive on-site computing assets, and cloud providers typically group their services by infrastructure, platform, and software. These services can be packaged according to your individual requirements, and are generally available on a pay-as-you-go basis.
Infrastructure as a service (or IaaS) is often the first building block, because it involves the servers, virtual machines, storage systems and networks you need as a foundation for your IT architecture.
Platform as a service (or PaaS) is the cloud-based environment that supports the development and deployment of web applications. Your developers will have the tools and database management systems they need to build, test, deploy and manage apps.
Software as a service (or SaaS) is designed to give people on-demand access to software applications via the cloud, without the hassle of regular upgrades or security patches. Email and calendar software are common examples.
The cloud computing market is growing at a steady pace, largely because businesses are becoming more aware of the three main advantages of moving to the cloud:
As cloud experts, we’ve helped clients from across the business spectrum with their cloud migrations. If you’re ready to begin your journey to the cloud, book an assessment with one of our consultants today. We’re happy to explain how cloud technology can transform your organisation.
On May 18, 2017, the tech titan announced its plan to launch two hyperscale cloud data centres in South Africa’s metropolitan hubs of Cape Town and Johannesburg.
“We’re excited by the growing demand for cloud services in Africa and their ability to be a catalyst for new economic opportunities,” explained Scott Guthrie (Executive Vice President, Cloud and Enterprise, Microsoft) at the time.
Guthrie’s sentiments were echoed at the 2018 Microsoft Tech Summit in Cape Town, where Nuri Cankaya (Senior Sub Product Marketing Manager, Microsoft Azure) and Victoria Grady (General Manager, Microsoft Azure Experience Marketing) highlighted some of the benefits of the Azure environment and urged customers to start preparing for cloud migration.
Microsoft has 54 Azure regions spanning the globe. The majority of these (42) are already available, while others have been announced, but not yet launched.
The data centres in Cape Town and Johannesburg are Microsoft’s first such facilities in Africa and represent a significant investment by the company, as well as a game-changing development for individuals and organisations concerned about data residency.
At present, customers based in Africa depend on cloud services delivered from data centres outside of the continent. It’s thus possible that data belonging to a business in Pretoria is actually being stored on a remote server in Amsterdam. It’s not an ideal situation, given that data is often subject to the laws of the country in which it resides.
Did you read last week’s blog post about data-privacy legislation? We covered South Africa’s Protection of Personal Information Act and the European Union’s General Data Protection Regulation, as well as the penalties for non-compliance in each case.
Microsoft’s SA-based data centres will provide secure cloud services across Africa, with the option of data residency in SA. The facilities are expected to be up and running later this year.
A clear plan and a capable team will be necessary for successful cloud migration.
Microsoft has two training initiatives to help prepare your IT staff for the Azure environment: Azure Essentials and the DC Cloud Insider Certification.
Over the next few weeks, we’ll be taking a detailed look at cloud computing and several Azure products and services as we map out the steps for your journey to the cloud.
