Archive for the ‘Company Blog’ Category

Putting Ethics and Privacy at the Heart of Computer Vision

With the advent of AI and big data technologies, companies are now more than ever relying on computer vision to provide data for trustworthy insights to help them make smart business decisions that maintain compliance, create more personalized customer experiences, and improve staff efficiency. 

It’s no doubt that computer vision is transforming how companies function and engage. Yet, as computer vision firmly embeds itself into the IT mainstream, concerns are growing over its potential misuse.

Building ethical AI models for computer vision

Companies that use computer vision have a responsibility to consider how the AI models that drive it impact all stakeholders, such as customers, suppliers, employees, and society as a whole. 

When building AI models for computer vision, some questions to be considered…

  • What data can or may be included or processed?
  • Who can view the data?
  • How can we create algorithms that don’t make unethical or biased decisions?

Training with synthetic datasets

One way to mitigate ethical concerns is to use synthetic data creation processes to train computer vision machine learning (ML) models. 

Synthetic data is and can be anonymized and created manually or artificially apart from data generated by real-world events. Think: Sim-like 3D environments. This allows developers to produce millions of anonymized images needed for ML training at a relatively low cost, saving organizations from the costly and error-prone process of stripping personal information from collected data. 

Synthetic data creation also minimizes privacy risks and reduces the likelihood of data bias. 

Data anonymization

Even better, when capturing real-life data to generate insights, companies can take the extra step to de-identify individuals. This includes blurring faces on camera feeds, not recording or storing any footage, and removing any personally identifiable information (PII) from datasets.

At meldCX, we made a decision early on in our AI journey to not capture any PII by turning individuals into a tokenized anonymous persona—a random number in the system. More detail and depth is then added into the anonymized persona through objects, such as the clothes the person is wearing, and non-face behavior, such as movement and gait.

Segmenting user roles 

As a tool for communication and collaboration, computer vision analytics are at their best when all areas of a business can fully participate and glean value from them. 

To maintain the security of data, computer vision platforms should have flexible and customizable security permissions that allow for an appropriate balance of collaboration and control. 

For instance, permissions can be set to restrict everyone from viewing videos except the Security Lead, and granting access to the Marketing team to view only non-video data output from the platform dashboard.

Regulatory bodies promoting ethical AI

Globally, the industry is heading toward ethical AI regulation across the board, not just for computer vision. 

All 194 member states of the United Nations’ Educational, Scientific, and Cultural Organization (UNESCO) have unanimously adopted a series of recommendations on ethical AI. These recommendations aim to realize the advantages of the technology while reducing the human rights risks associated with its use. 

Additionally, companies such as TrustArc provide third party independent assessments and certifications to companies such as meldCX to ensure that technology providers adhere to privacy regulations such as GDPR and ISO/IEC 27001.

Businesses can leverage these tools and resources to ensure their computer vision systems meet the highest standards of ethics and to get ahead of compliance before regulations go into effect. 

A collective responsibility

In this information age, data is power, and with that comes great responsibility.

Computer vision is a powerful tool, and it’s up to everyone to address tough ethical questions to establish best practices that uphold human dignity. 

All teams—from research and data science to executive levels—are equally responsible for making sure that ethical and privacy standards are top-of-mind. This process begins from ideation and continues all throughout the entire product lifecycle.

Posted in Company Blog | Comments Off on Putting Ethics and Privacy at the Heart of Computer Vision

Achieve Canadian Data Residency Compliance

Many government agencies and other organizations in Canada have adopted a cloud-first IT strategy to take advantage of public cloud SaaS offerings that enable greater agility, operational efficiency, and cost savings. Yet some organizations have not been able to realize the benefits of Meraki cloud-managed networking due to strict data residency requirements. 

That’s why we are pleased to announce the launch of the Cisco Meraki Canada Region cloud option. Our customers in Canada will now have access to the same Meraki platform, enabling the same modern, collaborative, and secure networking experiences that other enterprises have been enjoying. 

This was made possible by hosting the Cisco Meraki Canada Region exclusively within AWS Canada—providing the same security, reliability, and redundancy offered by our distributed cloud architecture. 

How we think about security

This new option is designed to keep security top of mind at every layer, from our infrastructure to our dashboard and applications. Some of the factors that contribute to our security posture include:

  • Secure and effective data management in a multi-tenant environment using encryption and data segmentation
  • An out-of-band control plane that preserves network functionality, even if connectivity to Meraki cloud services is interrupted
  • Ensuring network and management data stays in country 

Supporting the needs of your organization

Meraki offers a complete portfolio of networking products, enabling customers to configure network access policies in an easy and highly customizable way. The cloud-based management platform simplifies deployment of secure configurations that are consistent across the entire IT infrastructure. 

Consequently, government agencies can apply the same security principles across all sites, from primary campuses to remote branches, ensuring ease of operations at remote locations without compromising network configuration or security controls. This flexible, adaptable platform will empower agencies to securely digitize their workforce at scale.
To learn more about how the Meraki platform can benefit your organization, please contact us or check out these FAQs.

Posted in Company Blog | Comments Off on Achieve Canadian Data Residency Compliance

Building a Cloud-Enabled Network Security Model

Over 60% of Meraki customers today are using remote access VPN solutions like Cisco AnyConnect to provide secure connectivity to a distributed workforce. Moreover, 50% of Meraki customers are already adopting Amazon Web Services (AWS), Azure, or Google Cloud Platform (GCP) solutions. We are also seeing rapid growth in customers managing more than 100 branch locations across their organization. This escalating complexity, driven by the distributed nature of the perimeter, presents new challenges for security administrators. 

User experience and compliance requirements weigh heavily on security teams, too. Employees expect low-latency, high-performing, secure connectivity to an increasingly distributed set of applications that live in data centers, across public cloud services, and as applications on the internet. Additionally, compliance standards such as Payment Card Industry Data Security (PCI), HIPAA, or GDPR require robust visibility, reporting, and accountability across all of these environments. 

It is increasingly clear that a cloud-enabled approach to security is the best way to address these challenges, both for ease of management and to ensure a resilient security posture that can dynamically adapt to the ever-increasing number of threats on the internet.

On-premises vs. cloud security

Cloud-enabled doesn’t mean cloud-only. The increasing convergence of networking, security, and cloud, along with the rise of new architectures like Security Service Edge (SSE) and Secure Access Service Edge (SASE), leave today’s security practitioners wondering if they should run security on premises or in the cloud. In practice, it will be a combination of both. 

Let’s start with some definitions:

  • When we talk about cloud security, we are referring to security enforced in the cloud through platforms like Cisco Umbrella 
  • On-premises security refers to security enforcement that happens on the local network through devices like the Cisco Meraki MX security and SD-WAN appliances  
  • Finally, when we talk about cloud-enabled solutions, we refer to security enforced across cloud and on premises but managed from the cloud; this approach increases simplicity, scalability, and automation through dynamically updated security signatures and enforcement engines 

Outside of security, both local on-premises and cloud processing have become quite popular for their own use cases, and neither is the answer to every problem all the time. Security is much the same. There are advantages to being able to run some of your security on premises while offloading other security needs to the cloud. But what security should be run where?

User location, location, location

The short answer: it depends on where your users are located. The goal in security is to block undesired traffic as close to the source as possible. After all, why send all of your traffic to the cloud just to get dropped if you can do it just as effectively at the edge? 

Most organizations have some core security requirements like firewall, web filtering, intrusion prevention, and malware protection. If your users are located in the branch then it’s optimal to run these protections in the branch as well, since they not only protect traffic going to the internet but also east-west traffic between networks, sites, and private applications.

For more processing-intensive inspections, such as traffic decryption or data loss prevention, these are best to offload to the cloud where there’s more compute capacity to do the heavy lifting at a lower performance (and user experience) impact.

Branch use caseIdeal security
East-west firewall (ex. guest to IoT)On-premises
Identity-based access controlOn-premises
Secure internet accessOn-premises
Intrusion preventionOn-premises
Malware protectionOn-premises
SSL decryptionCloud
Data loss preventionCloud

When your users are remote, where you run security depends on the needs of the remote worker and the scale of your remote worker population. If remote users are generally located near their branch sites and primarily need access to on-premises applications or resources, users can be connected to the secure SD-WAN fabric via a dedicated gateway, software VPN, or a zero-trust solution.  

On the other hand, if you have highly distributed remote users that only require secure internet connectivity for internet-based apps and workloads, connecting those users to cloud-hosted security services is the ideal solution. Again, this could be achieved using a dedicated gateway, software VPN, or a zero-trust solution.

A platform strategy for better protection

In today’s highly distributed environment, with workers dynamically moving between home, office, and mobile, IT teams need a more agile model for security. Very rarely will one solution or another meet all requirements. A single unified platform strategy provides better protection for organizations than a complex web of loosely connected point security solutions.

We believe the 2022 Gartner® Magic Quadrant™ for SD-WAN focused even more on security, breaking out on-premises and cloud security and taking into account whether it is natively integrated or reliant on third-party integration. Check out the report to see why Cisco was recognized as a Leader for the third year in a row.

Gartner does not endorse any vendor, product, or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER and Magic Quadrant are registered trademarks and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Posted in Company Blog | Comments Off on Building a Cloud-Enabled Network Security Model

Make Government Security Mission: Possible

TV and cinema are full of plot lines where nefarious characters exploit gaps in cybersecurity and physical security, or protagonists have to respond to disasters and civic emergencies. While this can result in entertaining tension-packed episodes and movies, the real-life instances of these threats cause no enjoyment for government leaders. 

As the world becomes more connected than ever, residents and government employees expect top-level digital services to make working from home—or anywhere—the norm. And as we begin to get back together in group settings, ensuring safety is also paramount. 

Mission situation—understanding the threat landscape

In the real world, we are faced with a backdrop of international war and an increased prevalence of ransomware and cyberattacks. A recent public safety study reported that “less than 50% of all respondents said their agencies are at least somewhat prepared in case of a cyberattack.”

In the real world, we don’t have Jack Bauer (24) or Harold Finch (Person of Interest) to save the day. Our government IT and physical security/operations leaders and their teams are the first line of defense. It’s their responsibility to ensure systems and technology are in place to minimize risk and protect residents, data, and infrastructure.

Mission brief—converge IT and IoT to protect communities

Modernization of our technology has not only created the systems that are vulnerable, it’s also given us the ways in which to protect them and us. Though cybercrime is often the leading concern and media-covered issue for governments, when it comes to security, these incidents are frequently linked to oversights in physical security practices as well. While our government leaders can’t call on S.H.I.E.L.D, Jack Ryan, or Angela Bennet (for all of us 90s Sandra Bullock fans), they can utilize technology such as multi-factor authentication (MFA), access control software, and cloud-based cameras and IoT sensors to mitigate risk. 

Furthermore, the utilization of hardware and services to rapidly spin up networks and coordinate disaster response, along with the use of FirstNet (AT&T and the U.S. federal government’s dedicated public safety network), allows governments to respond to emergencies quickly and effectively. By taking a holistic approach to physical security and cybersecurity, agencies have the opportunity to improve security across the board, reduce vulnerabilities, provide better situational awareness across all operations, and prevent costly breaches before they occur.  

Mission plan—three clear steps

1.      Ensure all security stakeholders are involved: In addition to bringing IT and physical security systems together, it’s equally important to converge the teams. CIOs and IT directors need to be in lock step with chief security officers (CSO) and chief information security officers (CISO), along with local emergency planning directors, police chiefs, operations directors, facilities directors, and additional physical security titles within their jurisdiction. Setting common goals and auditing all systems will lead to a better-protected community and government. 

2.      Be proactive not reactive: It can be hard to gain support for new systems before a breach or emergency, but the most prepared governments will be proactive in their security posture.  Proactive security professionals are investing in solutions that improve detection and facilitate fast recovery while developing comprehensive strategies in advance of an attack. The Economist Intelligence Unit reports that organizations with proactive security strategies experience 53% fewer cyberattacks and breaches.

3.      Invest in the cloud: When it comes to security technology, operating on an outdated system is like leaving your front door wide open for potential threats. Cloud-based solutions are flexible, scalable, and secure. Upgrading on-premises security hardware allows all systems to fully integrate. Key benefits to a cloud-managed security system include real-time monitoring to react quickly, over-the-air (OTA) software updates to always have the latest protection from emerging threats, and automated processes, diagnostics, and provisioning from a single dashboard.

This message won’t self destruct

We all love a good techno-thriller and happy ending. While governments will never be able to prevent 100% of attacks, today’s leaders can be the heroes of the story by setting up their localities to mitigate risk, secure their data, and protect their residents. 

Now is the time to think holistically and modernize your government’s security approach. And with the new state and local cybersecurity grant program announcing $185 million in funding, local governments can work with their cybersecurity planning committee to get started today.  From protecting the cloud edge to securing polling locations, governments can combine cloud-based network cybersecurity and IoT physical security to build comprehensive security postures and build trust in their ability to protect and handle the threats of today and tomorrow. 
Want to learn more about building a modern government security strategy? Download our Uniting Cybersecurity & Physical Security e-book.

Posted in Company Blog | Comments Off on Make Government Security Mission: Possible

Mobile Device Management: Big Scale for Smaller IT Teams

man working on laptop and mobile device

Hybrid work models, and the location flexibility they require, are rapidly becoming the norm. For small and medium businesses (SMBs), this new way of working makes it more important than ever to ensure that all mobile devices connected to your network are secure and proactively managed. 

But when your limited IT staff (if you are so fortunate to have one) already have its hands full, it’s a daunting task to keep track of the wide range of devices on the network, verify OS versions and apps, and validate who has what kind of access to which resources.

Simplifying availability and security for devices and apps

Any tool that can organize and automate work is a boon to resource-strapped companies, which is why Mobile Device Management (MDM) has become an essential part of IT management. In addition to saving time, it ensures consistency of the user experience and network performance, and decreases the security risks associated with unprotected, unmonitored devices.

Cisco Meraki has always been driven by a mission to simplify the lives of IT professionals with intuitive, easy-to-use tools and products. Meraki Systems Manager is a great example of how relentless focus can give SMBs powerful unified endpoint management. Already used by companies of all sizes around the world, it keeps company-owned and employee BYOD devices running smoothly and securely. 

In fact, Cisco was recently named as a Leader in the IDC MarketScape: Worldwide Unified Endpoint Management Software for SMB 2022 Vendor Assessment. The report states:

Simplification is the overriding strategy and approach for endpoint management, with a specific tie-in to the underlying Meraki network infrastructure. This tight coupling of endpoint management with network connectivity is Cisco’s differentiation with Meraki Systems Manager

– IDC MarketScape Worldwide Unified Endpoint Management Software for Small and Midsize Businesses 2022 Vendor Assessment (doc #US48325522, May 2022)

How customers use Meraki Systems Manager

Here are a few examples of how of mid-size Meraki customers are saving time and improving levels of service while ensuring the highest levels of security for their devices, applications, and end users:

The Swiss cable car company Zermatt Bergbahnen AG provides access to the highest destinations in Europe including the Matterhorn.

  • Integrated Mobile Device Management with Systems Manager allows simple control over company-owned devices, from enabling device restrictions to providing access to critical resources.
  • Fine-grained visibility in the dashboard provides information on users, devices, and apps accessing the network, giving insights into usage and visitor numbers.

Mike’s Bikes is a growing regional bike store chain with a simple mission—get more people on bikes!

  • One amazing IT manager supports the technology needs of 12 stores across Northern California.
  • Systems Manager is used to remotely monitor, update, and troubleshoot in-store kiosks, inventory iPads, and tech department laptops, which are indispensable for the success of the sales and marketing operations.      

Experience Meraki Systems Manager yourself and see how you can simplify the management of all the devices your employees use for hybrid work.

Request a free trial of Meraki Systems Manager.

Posted in Company Blog | Comments Off on Mobile Device Management: Big Scale for Smaller IT Teams

Cloud-Managed Cellular—A WAN-derful Idea

Illustration, MG41 concept

Wide area network (WAN) access has rapidly evolved over the years, with its capabilities reaching heights never before seen. From multiprotocol label switching (MPLS) circuits and local on-premises routing to software-defined wide area networks (SD-WAN) and the proliferation of the cloud, the way we connect has unlocked new innovations. Businesses can now achieve more—with applications hosted in the cloud, connectivity for large numbers of users, and rich services that organizations can use to serve their customers and stakeholders. However, these innovations have also come with increasing demands on bandwidth, uptime, and ease of connectivity. This rings particularly true as businesses enter a mature stage of hybrid work, where the key enablers to getting things done are speed and simplicity. To that end, IT leaders are asking:

  • How quickly can I stand up and connect a new location?
  • How am I supporting my teams in remote or geographically distant locations?
  • What is my time to value in realizing a network deployment sooner?
  • What is my strategy for rapid multi-region expansion?
  • How will I manage productivity loss from disruptions and disconnectedness?

Cloud-managed cellular WAN offers businesses the ability to address all of these. In particular, its rapid transformation has now made it a preferred option for both primary and failover connectivity.

Greater resilience than wired broadband

Although unpredictable, one of the greatest challenges to organizational productivity is WAN disruption. Whether due to construction or deteriorating infrastructure, wired broadband can potentially leave a network without connectivity for days or weeks. Cloud-managed cellular WAN offers a potent way to get back online—dual SIM failover. The Meraki MG cellular gateway offers backup connectivity to another cellular network should the first one go down. This means you can capitalize on the strength of cellular as a primary mode of connectivity. A resilient connection is core to critical, always-on networks. 

Learn more about why the MG41 and MG41E are certified for use by America’s first responders on AT&T Firstnet.

Faster recoverability from connectivity failures

Cloud-managed cellular WAN has greater recoverability from connection failures. For example, during a potential network disruption, the Meraki MG cellular gateway will automatically recover as soon as it connects to an operational tower. Cellular connectivity relies upon multiple towers to transmit data over large distances and is thus less reliant on repairing physical infrastructure, such as underground cabling, than wired-only broadband connections. Additionally, networks can install the MG anywhere, indoor or outdoors, to optimize for cellular performance.

Faster deployability for branch expansions

Opening a new branch with wired broadband requires laying down new cabling, which can take weeks. Adding in the complexity of opening or connecting hundreds (or thousands) of branches at once means lost opportunities from being able to open sooner. 

Fortunately, cellular WAN makes it possible to get connected instantly. With cloud-managed cellular WAN from the Meraki MG, organizations can quite literally open thousands of branches all at once. With true zero-touch provisioning, the Meraki MG cellular gateway will connect immediately upon securing a signal from the closest tower.

What this means for the future

A cloud first platform is tailor-made to enable organizations to deploy and scale cellular WAN faster. With advancements in technology across cellular radios, modems, towers, and more, cloud-managed cellular WAN is now a viable option for primary WAN connectivity. Organizations need not choose between wired or wireless connectivity, but for those that do, cloud-managed cellular WAN provides the greatest opportunity to respond to market changes faster, deploy new edge-device use cases, and craft new experiences untethered to wired connections. Try the MG today.

Posted in Company Blog | Comments Off on Cloud-Managed Cellular—A WAN-derful Idea

Manufacturing on the Edge: Securing IoT Devices

Woman on factory floor working on tablet PC

Securing data and devices has grown more challenging for manufacturers due to the explosion of Internet of Things (IoT) devices. The number of industrial IoT connections is expected to reach 36.8 billion by 2025, with smart manufacturing accounting for 60% of those connections.

Manufacturers utilize IoT throughout the plant floor—from cameras inspecting production lines to sensors monitoring environmental conditions to on-machine devices for predictive maintenance and productivity monitoring. A recent study found that almost half of manufacturing executives expect increases in operational efficiency from investments in IoT that connect machines and automate processes. 

Manufacturing gets SASE

But the benefits of IoT don’t come without drawbacks. With a variety of IoT devices and operational technologies, more computing workloads shift to the network edge where devices connect to the internet. This can create potential security risks.

An AT&T cybersecurity insights report shows that the primary cyberattack concern for manufacturers is attacks against user and endpoint devices—a worry cited by 71% of manufacturers. That worry is well-founded—according to Cisco Umbrella, manufacturing is the leading industry for cybersecurity ransomware attacks on endpoints.

In the past, manufacturers had to rely on home-grown solutions that were scattered throughout production environments to secure IoT devices. They weren’t connected and generally required time-consuming, tedious manual updates to maintain a strong security posture.  

Today, more and more manufacturers are looking at a platform approach, with cloud-based security and networking providing a more unified security strategy. Manufacturing respondents to a recent AT&T survey indicated that 50% are combining cybersecurity and network functions in the cloud, referred to as Secure Access Service Edge (SASE).

A SASE architecture benefits manufacturers by converging security and network connectivity. This centralizes policy and access control, simplifying the challenge of securing devices, protecting data, and continually enhancing threat detection and response.

Building more resilient manufacturing operations

A cloud-native platform with security at its core can help build more resilient manufacturing operations through stronger networks, automated threat intelligence, global scale, and simplicity of management. This platform approach to securing IoT in manufacturing environments should provide:

  • Resilience through visibility: IT and security teams gain a single view of their global networks and security policies, managed in a simple, unified experience, so they can identify anomalies, assess risk, and mitigate threats faster and more consistently.
  • Resilience through scale: With threat data amassed across millions of networks, security teams benefit from a global capacity to detect, adapt, and defend against new cybersecurity threats. These same cloud-management platforms are also battle-tested to handle the volume of data and devices required to effectively run sophisticated manufacturing infrastructure.   
  • Resilience through intelligence: World-class threat intelligence provides the expertise needed across networks, endpoints, cloud environments, virtual systems, and daily web and email traffic to protect against newly identified vulnerabilities.
  • Resilience through simplicity: Complexity is the enemy of security. Simplifying the relationship between data security, network security, and security intelligence can better protect the customer and encourage policy adherence by end users.

With so many devices continuing to join the IoT ranks, manufacturers need to prepare for what’s next with cloud-based network security. Learn how Meraki can help manufacturers future-proof their operations and become more resilient, and discover more about our SASE offering.

Posted in Company Blog | Comments Off on Manufacturing on the Edge: Securing IoT Devices

Why Cloud-first Networking is the Future

Woman using mobile device

By now you’re likely familiar with cloud networking and may have even migrated parts of your network infrastructure to the cloud. But it’s time to move beyond experimentation and come to grips with the reality that your enterprise will need to move to cloud-first networking in order to thrive in an increasingly complex world where competition sometimes happens along thin margins. 

You may feel confident that your product is better than your competition and your customers know it. But competing at the margins means it’s not enough to only have the best product. Even the most recognized national brand of coffee shop can lose customers at the local level because the café across the street has better Wi-Fi (and an app to order in advance to boot!).

We’re all familiar with hype cycles in the tech space. Markets go crazy for the latest gadget or solution, expectations become inflated, early adopters become disappointed, and then the pragmatists swoop in to realize tangible benefits.

To those level-headed business and IT leaders who hesitated to jump on the bandwagon—don’t worry—your secure ride up the slope of enlightenment is boarding. Here’s what you need to know.

What do we mean by cloud-first networking?

We defined cloud networking in a previous blog post as a network where management and provisioning of network devices—as well as the storage and handling of most data—is done over third-party servers.  

But what do we mean by cloud-first networking? Simply put, when your organization is cloud-first it means that the majority of your network is cloud-based. This difference matters because many organizations have been taking a piecemeal approach to cloud networking, only migrating certain parts of their network infrastructure rather than making cloud networking the backbone of the entire enterprise.

To be clear, becoming a cloud-first enterprise is a journey where the most sensible way forward for many organizations is to start where they feel comfortable. But leaders should not lose sight of the end goal—a cloud-first network that delivers efficiency, automation, security, and intelligence at scale. 

What are the benefits of a cloud-first network?

Your legacy network and on-site data centers may be giving you warm feelings that come with the perception of control. But the reality is that your dated network is doing less favors for the enterprise than you think. Here are some of the key benefits that you may be missing out on by delaying a cloud-first strategy.

Efficiency and automation

Your IT staff likely manages geographically dispersed network devices, requiring a large distributed team or extensive travel between locations locally, regionally, or even globally. That’s costing you a lot in worker hours that could be better utilized.

With a cloud-first network, your team can manage all network devices from a single location via a cloud-based dashboard. With access to APIs, your team can build in automation so routine updates and maintenance can be done literally while they sleep.

Provisioning and setup of new locations can be done remotely via the same tools, you just need one person at the other end to plug everything in. With all that time saved, your IT professionals can focus on innovating toward better experiences for your customers and employees. 

As an aside, cloud-first networks can leverage IoT devices and automation to better regulate energy usage in data centers—directly improving bottom-line costs and helping organizations meet sustainability goals. 

Security and reliability

Your on-site network isn’t safe just because there’s a 24/7 security detail. In fact, networks built on old infrastructure have vulnerabilities that can be exploited by hackers, and keeping all of your data at just one or two sites poses inherent risks from physical threats. An outage or breach is only a severe storm or hacker away.

Compare that to the baked-in security and reliability of a cloud network. The best cloud vendors provide redundancies and fail-over across many data centers so that an outage at one site doesn’t impact your operations. They also commit to uptime service level agreements, so if you lose access, they lose money.

When it comes to security, the best vendors protect your data through a variety of means—segregating data by user, providing granular access control, 24/7 automated intrusion protection, IP- and port-based firewalls, etc. They also meet the most stringent security and compliance standards in the world, such as PCI DSS, ISO 27001, SOC 2 Type II, and FIPS. Vendors should also never be able to see your data, only the telemetry data needed to run your network. 

The bottom line is that keeping your network secure in the cloud doesn’t have to be difficult. Similar to financial institutions, cloud vendors are held to higher standards and scrutiny due to service expectations and regulations. You leave your wealth to the experts, so why not your networks?

Intelligence

To take the money metaphor further, think about the way that financial institutions are able to leverage your money to grow your wealth. In the same way, cloud vendors provide the tools and resources that enable you to get the most out of your network. Essentially, they make your network intelligent.

There are two main ways that a cloud-first network provides intelligence. First, network administrators are able to use built-in health tools that leverage machine learning (ML) to provide meaningful insights and trusted recommendations. This enables administrators to make informed changes to better optimize a network.

Second, the best cloud-networking vendors include as part of their offering a broad ecosystem of custom applications that provide additional tools, integrations, automation, configuration, monitoring, and reporting capabilities. These applications take the troves of data traversing your network and make them actionable so you can make intelligent decisions that increase revenue, performance, and productivity.

All of the above, at scale

The best cloud networks are easily scalable. The previously mentioned ease of provisioning and automation means adding new locations is a breeze, giving you the flexibility to quickly respond to market demands. That same technology makes it easy to quickly scale globally, add new capabilities, or change directions to meet customer needs. You can even combine IT and IoT to unify experiences across your operations. 

Cloud networks provide the agility needed to thrive in any business environment while also automatically responding to occasional traffic spikes, so your customers and employees can always access the online tools they need no matter where they are in the world.

Whether you’re in the business of selling shoes, making cars, loaning money, or providing healthcare, a cloud-first network provides benefits that can reduce costs and increase efficiencies across the board—giving you a better chance at achieving success. 

Cloud networking without the hype

Part of the reason many enterprises have stalled in committing to a cloud-first strategy is because they or someone they know were burned by early vendors who over-promised and under-delivered. Packaged, one-size-fits-all solutions were doomed to fail from the get-go because each enterprise has different needs and is at a different point on their cloud journey. 

The right partner is one that will join you for the long haul. They will be a trusted partner that will meet you where you are and guide you through the incremental changes toward a successful implementation. 

Read our whitepaper to learn how the Meraki platform is the first step toward your cloud-first future—without the hype.

Posted in Company Blog | Comments Off on Why Cloud-first Networking is the Future

Keep Healthcare Workers Safe to Help Protect Patients

healthcare worker on tablet PC

By bringing physical security and cybersecurity together, your hospital or pharmacy can strengthen its ability to deter criminal activity. A robust security plan offers a foundation for connecting the physical and cyber worlds through intelligence sharing, visibility, control, and automation. From deterring workplace violence, theft, vandalism, fraud, and accidents to improving medical device security to setting up a new care facility—there are countless scenarios where an integrated approach can reduce your risk of exposure so you can better care for staff and patients.

Healthcare facilities are easy targets

Medical facilities are considered high-density “soft targets” that generally have many physical access points, as well as limited security personnel in place. 

This makes hospitals easy targets for theft of medical equipment or the personal belongings of patients and staff members. In addition, unwanted visitors or other disturbances can cause unneeded stress to vulnerable patients.

Healthcare organizations are also attractive targets for cybercriminals because they historically under-invest in technology in general—security and cybersecurity specifically. Internally, hospitals have lower data encoding levels and smaller investments in security technology, resulting in poor management and protection of patient data. Reselling stolen health records remains lucrative for criminals, further incentivizing them to continue malicious attempts to extract data.

Hospital workplace violence and theft are on the rise

Whether it be between patients or directed at healthcare workers, hospital workplace violence is a continually increasing threat. More than 5,200 nursing personnel were assaulted in the second quarter of 2022, according to newly released data, while another study revealed that 55.6% of nurses reported having been a victim of violence in the workplace.

Theft is another challenge impacting hospitals. According to the Department of Justice, healthcare workers are just as likely as patients to abuse drugs, and hospital employees often steal controlled substances while on shift. Without a proper physical security plan in place, medication theft can cost the industry millions in losses every year. 

To address violence and theft, your converged plan should include taking advantage of cloud-based infrastructure, remote management, automated system processes, and triggered alerts. This enables teams to mitigate theft and violence by proactively monitoring hospital facilities to quickly understand a threat’s origin and identify those responsible. 

A strong cybersecurity strategy is also essential to safeguard physical security components connected to the internet, such as RFID key card door locks, video surveillance cameras, and smartphones—all common targets for criminals.

Cybersecurity breaches reduce quality of care and increase costs

A recent report showed that healthcare saw the costliest data breaches among all industries, with the average reaching $10.1 million per breach. Between 2009 and 2021, 4,419 healthcare data breaches resulted in the loss, theft, exposure, or impermissible disclosure of over 300 million healthcare records. 

Beyond these impacts, cyberattacks at hospitals can cause post-breach delays and interrupt time-sensitive processes for patient care that can endanger lives, according to a recent study. Researchers found that breached hospitals took a few minutes longer to provide EKGs to patients who needed them, increasing risk of death or serious complications.

While proactive security is necessary to prevent the damages associated with a breach, reactive security is also important. Hospitals cannot anticipate every possible threat. If criminal activity does infiltrate your security measures, data insights from your network and connected devices can enable reactive strategies to prevent repeated incidents. These can include after-breach damage assessments, a thorough investigation of outside attacks, and crisis management.

Create a safe and secure environment for patients, staff, and visitors

Physical security and cybersecurity solutions contribute to a safer environment by ensuring that patients are protected, clinical and administrative staff are safe, and hospitals can get on with doing what they do best—providing medical care to their communities.

Cisco Meraki brings a breadth of healthcare experience, innovative thinking, and technology-driven solutions together on a single cloud-based platform to address these challenges.

The result? By implementing forward-thinking, smart solutions, you can effectively address the inherent security risks associated with healthcare facilities and gain the flexibility to adapt to new challenges and future crises. To learn more, visit our healthcare industry and physical security pages.

Posted in Company Blog | Comments Off on Keep Healthcare Workers Safe to Help Protect Patients

Balancing Privacy and Security

Balancing privacy and security illustration

Cameras serve a vital safety and security need, helping to deter crime, monitor remote spaces, and aid investigations. But they are also invasive by nature, so these benefits come with material privacy concerns. As camera deployments have increased due to new safety and security concerns, as well as new analytics applications, so has the need for privacy and trust.

In order to build trust with employees, customers, and the public, it’s vital for organizations to increase transparency and balance safety and operational needs with privacy concerns. To do this, organizations should consider a variety of factors, including:

  • Where cameras are placed
  • How video and analytics data are used
  • Who has access to the system and how it’s secured

Let’s explore these in more detail.

What do you need to see?

If you’re putting up cameras you’re probably trying to do something specific, like deter crime or figure out how busy an area gets. Understanding what you need to see helps you determine where to place your cameras. 

However, it’s just as important to consider what is adjacent to your area of focus and take steps to avoid capturing anything sensitive or private. When possible, angle the camera or adjust the field of view to capture only what you need to see. If that’s not possible, consider using privacy windows to mask those areas. Privacy windows with MV smart cameras allow admins to easily block sensitive areas in the camera’s field of view so that no video is recorded. 

Privacy window in action

Do you need to “see” it?

When using video analytics, the data is more important than the video itself. In some instances, the video may not matter at all, like when using cameras to understand desk and meeting room usage. Knowing how employees are using a space is valuable. It can enable hot-desking for hybrid work, increase employee productivity, and optimize the use of space, however, this use case relies on analytics, and retaining video raises privacy concerns.

An intelligently designed system can analyze video in real time, eliminating the need to store video and process it somewhere else. When placing cameras for analytics applications, like hot-desking, consider whether or not video needs to be retained. If not, configuring these cameras to not record video and restricting viewing access can protect privacy and minimize potential for abuse. 

Nothing (for you) to see here 

Once you have determined camera placement and video use, the final consideration is system security and video access. Organizations should make sure that video is secure to prevent unauthorized access by managing granular security and permissions policies for authorized users. 

When it comes to access, less is more. Grant users the minimum permissions required to perform their job duties. Which cameras does someone need to see and what do they need to do with the video? A security guard at a front desk may only need live viewing permission to access doorway and exterior cameras, whereas a loss prevention team may need to see all footage from a store’s cameras to conduct investigations. It’s also important to audit video use once the system is up and running. This helps protect against potential abuses by authorized users accessing cameras for unwarranted, casual observation. 

Securing video systems can be hard, but Meraki MV smart cameras make it easy by taking a security-by-default approach. Video is automatically encrypted, and cameras include a Cisco Trust Anchor module (TAm) for hardware security and firmware image signing (firmware is easily kept up-to-date via the Meraki dashboard). Additionally, there are no default usernames and passwords, SAML/SSO support streamlines the configuring of bespoke access at scale, and access logs provide an easy way to audit use. 

Let me tell you what I can see

Cameras are easily recognized by the casual observer. This is often by design, when the mere presence of a camera acts to deter theft because it means people know they are being watched. In some places, this is accepted, expected, or even welcomed, like at entrances, retail stores, or parking lots. But in other places, like workspaces, it may raise concerns, with people feeling rightfully wary about being on camera.  

In these situations it’s important to openly communicate the steps being taken to safeguard access and storage and protect privacy. Openly sharing the policies and security measures in place helps drive trust through transparency. Learn more about how Cisco Meraki is leading the way for security, privacy, and trust in physical security.

Posted in Company Blog | Comments Off on Balancing Privacy and Security