The secrets of cloud migration: Podcast Takeaway

In our most recent Tech Takeaways podcast, we explored the key things businesses need to know about cloud migration. More and more businesses are planning to or have already started their moves to the cloud. However, a successful move to the cloud is not “a given” but there are some things businesses can do to stack the odds for a successful migration in their favour.  

Why are businesses thinking about cloud migration?

There are many reasons why businesses might want to migrate to the cloud.  

  • No longer want on-premises infrastructure: Businesses no longer want the “hassle” and risk that comes with running their own datacenters. 
  • Flexibility: Businesses today need to react more quickly than ever to changing demands. This is one of the clouds greatest strengths. 
  • CAPEX to OPEX: As the world has gotten used to buying things on subscription, from music to Software, many see the idea of buying their infrastructure as very attractive. Cloud allows them to do that. 

What to keep in mind when migrating to the cloud.

The cloud sounds great and has many benefits so let’s all jump in quickly. And that has been a problem for many when first making moves to the cloud. Their first move often was to lift and shift their existing data and approach into the cloud. But this often means that they end up unable to take advantage of the full capabilities of the cloud and more critically spending much more than they should.  

What are some simple steps you can take to make your cloud migration journey successful. 

  • Understand Why: A business should know why they want to move to the cloud and what their drivers are, is its flexibility, scale, cost optimisation, reducing their on-prem footprint. Knowing this is essential. 
  • What is success? Knowing why you are making the move to cloud is crucial, but understanding what a successful cloud migration looks like before you begin is equally so. 
  • Know your environment before you move? Before you move it is important to know what your environment is, but this is not just what virtual machines I have. While that is important, understanding services and how those services map together is essential. When doing this you can start to build an understanding of what your cloud infrastructure and costs will look like.
  • Resilience is still your job: Just moving to the cloud doesn’t mean you don’t have to consider resilience and availability. Building solutions that maintain availability in line with your business demands still has to be considered. Make sure you are aware of your cloud platforms resilience and how you need to architect your cloud infrastructure to meet your demands.
  • Plan to get out: Often forgotten is the consideration of what happens if you want to extract your information and systems from a cloud provider. Consider your exit plan, as odd as it sounds, should be a core part of your cloud migration plan. 

Key takeaways

In a nutshell, businesses should take three things away from this: 

  • Know the workload before starting cloud migration and think about how they can be adapted to maximise its features and capabilities. 
  • Fully understand the reasons why your business wants to migrate to the cloud.  
  • Build a cloud exit strategy into you plan. 

If you’re considering cloud migration and need advice and support, we can help. Our cloud migration services can smoothly guide you through the process and ensure the transition is as easy and efficient as possible for your business.   

Listen to the full Tech Takeaway podcast on cloud migration here or watch below!

Worth adding a contact link here too? 

Cyber Resilience: Why don’t you have a cyber resilience plan?

On episode 5 of our Tech Takeaways, Paul, Jason and Wayne discuss the importance of cyber resilience. While cyber security is a significant concern for all businesses, few have specific plans to deal with the impact of a cyber-attack. A cyber resilience strategy is a key part of knowing how to react if a cyber-attack happens. Let’s go back through what was talked about in the episode and find out how you can build a good framework to protect your assets. 

What is Cyber Resilience?

Cyber resilience planning concerns what a business will do when/if its systems are breached. Where software and endpoint solutions work to mitigate attacks before they get inside a business’s systems, cyber resilience plans help defend against threats that fully manifest. It includes a response procedure, i.e. what will the business do, which individuals are involved in the response, and what are their roles.  

Investing in cyber security measures is still important. However, businesses should accept that cyber security measures cannot reduce threat risk to zero. Cyber resilience planning accounts for the event where the business’s other security measures fail.  

Advice for Being Cyber Resilient

Risk Assessment

Make a list of key systems that could be impacted by potential cyber-attacks. Ask yourself, ‘how does my business operate if this system goes down?’. Criminals are likely to target the most important systems to maximise the effect on the business. 

Define Recovery Plan

It should be clear who in the organisation is leading the response, which systems need to be recovered first, and what methods can be used. This creates a solid framework to get your business back online as quickly as possible. 

Employee Awareness

A business’s employees can be both a threat and the first line of defense. However, the latter can only be achieved through appropriate cyber resilience training. Ensure that all users possess an understanding of how cyber-attacks can manifest, along with the knowledge needed to prevent security risks. It’s subsequently a good idea to simulate cyber threats to allow teams of employees to practice.  

Conclusions

If your business doesn’t have a cyber resilience plan in place, a successful cyber-attack will be much more damaging and take much longer to recover from. On the other hand, having a comprehensive cyber resilience plan allows you respond to and recover from threats quickly. This lets your business maintain day-to-day operations despite outside influence. 

Checkout the full episode on our page here

Checkout our YouTube here or see the full episode below

Gardner Systems cyber security event

On 26th April we hosted our hugely successful cyber security event on business preparedness at The Old Hall, Liverpool. Gardner CTO Paul Stringfellow was joined by Sophos cyber threat landscape expert Jonathan Hope. If you couldn’t make it down, don’t worry! We’ve summarised the event in this blog.

Jon has been at Sophos for over 11 years, during which time he’s enjoyed numerous roles in firewall, channel, and sales engineering. Like us, he’s committed to keep businesses and their users protected from online threats. His experiences and knowledge were a great boon to the event, offering attendees unique insights into how businesses can be better cyber-prepared.

Session 1 – Gardner Systems CTO Paul Stringfellow

To set the stage for deeper discussion, it’s first necessary to talk about the complexity of modern cyber-attacks. A major contributing factor is the growing professionalism of the hackers of today. It’s essentially a constant arms race between criminals and cyber security companies like Gardner and Sophos. As security software continues to be developed better and better, malware is created to counter the advances in business protection.

Security technology does continue to evolve to meet the speed and dynamism of the threat. Detection and response technologies are good examples whether that’s Endpoint (EDR) or eXtended (XDR) these tools are designed to simplify the process for overstretched businesses, by using analytics to more accurately identify threats and importantly automate their mitigation. However, these tools still require internal resources to manage them and that is a significant challenge for many. This has seen providers of these solutions increasingly offer managed versions of them (MDR). This allows businesses to add teams of dedicated security professionals to their cyber security efforts. Allowing them to react to security threats 24/7, because of course the reality is, it’s a 24×7 threat.

Session 2 – Sophos cyber threat landscape expert Jonathan Hope

In Jon’s session he shared how in the current cyber threat landscape, ransomware remains a top issue for businesses. The continued prevalence of the threat is driven by the changing threat landscape. Today, criminals have the option of purchasing as-a-service cyber-attacks. Buying readymade attack platforms or even contracting criminals to deliver the attack for them.

Because of the ever-lowering cost of carrying out attacks for the cyber-criminal this has seen an evolution in the types of organisations attacked. Unfortunately, this tends to be organisations that are unlikely to be able to pay the ransom, such as public sector organisations and SMEs. This in turn, means the landscape is broad and businesses from any sector can be affected.

Jon also shared some of the changing techniques used by cyber criminals. The social engineering vector is one that is constantly evolving. For instance, phishing emails might reference trending events to increase the likelihood a user clicks on content. He also outlined how Data exfiltration was increasingly parts of cyber-attacks, with attacked no longer satisfied with encrypting data, they are also stealing it.

Jon wrapped up by sharing some basic measures businesses should be taking to protect themselves, this included employee training and protection, server cover, and network firewalls.

Overview

With the cyber threat landscape constantly changing, organisations must come prepared to defend themselves. This includes threat detection software, endpoint protection, user training, and having a cyber-resilience response plan. The financial and reputational risks to businesses are simply too high to ignore cyber security. Gardner’s as IT service providers ourselves, we know this better than anyone.

Thank you again to Jonathan Hope and Sophos for coming out and talking with us. Be sure not to miss our next event!

Welcome to the new Gardner Systems

Gardner Systems have been helping its customers solve business problems with IT since 1985. As you can imagine we have been through some changes in that time. As our business evolves it’s important that shows in everything we do, including our website and branding.   

The last few years have had some big changes for us, as it has for many of our customers. With that in mind we felt that our brand and website needed to reflect those changes. Some of you will have already seen those changes, but we thought it would a nice idea to share with you the changes we have made and the thinking behind them. 

Our goal was to create a new brand and website that would more clearly convey our message and values. Our new logo is in the form of a cloud. This seemed to make sense as the cloud is such a core part of today’s IT thinking. This made it an ideal fit as our logo, giving those who are new to us an insight into what we’re about before they learn anything else. 

We wanted the new website to be laid out in a way that would be easy and appealing for visitors to use and understand. The information has been split into small manageable chunks that tell visitors exactly what they need to know about each service without any unnecessary waffle. Our focus is always on the customer and how our services can support and benefit them throughout their business growth. No matter what IT service you need help with, whether it’s the cloud, security, data, or infrastructure, Gardner Systems can help. 

The team at Gardner Systems are very excited about the new website, branding and the new opportunities it will bring. Explore the site for yourself today and let us know what you think. You can contact us by phone or email if you have any other questions. 

Free Security Audit

Get a 1 hour FREE security audit!

Get in touch