Posted on

Lightstream helps wholesale bakery save money and rebound from pandemic

Next-level communication solutions identified opportunities for savings and growth

Business Challenges

A wholesale bakery consisting of a group of family bakeries faced a significant challenge: How to rebound from the COVID-19 pandemic, implement an improved communications solution and create a better business for its employees and customers.

The company has seen explosive growth in the past several decades, now with more than 130 locations and 4,000 employees across the United States. It needed a brand new, fully optimized communication infrastructure to save money and take the business into the future.

Nationwide Growth
The bakery company expanded across the country, now distributing its products in Alaska, Idaho, California, Utah, Montana, Oregon and Washington. To keep up with the growth, it knew it needed to improve communication services to better serve its locations, employees and customers.

COVID-19 Pandemic Inpact
The bakery company felt the impact of the COVID-19 pandemic, like most other businesses. It lost half its IT department. The problem was so severe, it only had one person managing the connectivity and troubleshooting issues for all its locations.

Overspending on Dysfunctional System
The communication infrastructure was chaotic, including its phone system. The company was overspending on local phone lines, paying for extra lines and features it was not using. It also did not have a centralized ordering function or billing function, so it was juggling multiple billing statements.

Problematic Existing Contract
The bakery company was in year two of a three-year contract with its current carrier. It wasn’t fully implemented and the company experienced regular outages and failures. What’s worse, the bakery company wasn’t made aware of the issues for days at a time. It couldn’t get real-time support.

The Lightstream Solution

Lightstream secured significant savings and opportunity for growth by managing communication solutions using its best-in-class service and technology expertise.

Comprehensive Plan
Lightstream studied the bakery company’s business operations and used its understanding and expertise to create a comprehensive plan for improving its communication infrastructure.

Simplified Service
Lightstream took inventory of all the carriers, providers and locations the company was using. It consolidated the services so the company only needed to manage one provider for billing, inventory and help desk support. Lightstream also identified and eliminated any extra lines or unnecessary features over the full breadth of the company’s operations, resulting in significant cost savings.

Improved Connectivity
Lightstream made a complete platform shift and change in managed services providers to help this company improve its connectivity, which it struggled with prior, and enabled multi-cloud applications.

Alleviating Burden
Lightstream’s platform shift provided a solution to alleviate a huge burden on the company’s limited IT resources. This allowed for third-party providers to help and support the bakery company’s IT department.

Plan for the Future
Lightstream calculated the bandwidth needed to support the company’s current needs and plan for the future.

Business Outcomes

Significant Cost Savings
By consolidating and getting rid of old lines and services, Lightstream estimates the company will save around $150,000 over a five-year period. Lightstream also estimates the company will save an additional $80,000-$100,000 over five years by transitioning to a new managed services provider.

High Quality Service
With Lightstream’s expertise, the company has a brand-new supported infrastructure in a fully managed environment with high quality service.

Opportunity for Growth
Lightstream secured significant savings and opportunity for growth by managing communication solutions using its best-in-class service and technology expertise.

Better Business With Lightstream

Let Lightstream come in and analyze your business’ operations to identify areas of significant savings potential and improved connectivity. We can create a simplified system so you can focus on what you do best, serving your customers and community. Contact a Lightstream partner today.

Posted on

Should Your Cybersecurity Strategy Incorporate the Zero Trust Model?

Should Your Cybersecurity Strategy Incorporate the Zero-Trust Model?

Zero-trust has taken over the security world and become a popular buzzword, but what is it? Why is it so important? This popular security framework centers on the philosophy that organizations shouldn’t automatically trust users or devices—not even those inside the network perimeter.

Instead, zero-trust demands organizations verify the identity and trustworthiness of every user and every device before granting access to sensitive resources. As the say goes, “Never trust, always verify.”

Traditional Firewall Security Limitations

When companies based their security on the firewall approach to protecting the network perimeter, only trusted users and devices could access the network. While it worked well for a time, it had plenty of limitations. Zero-trust minimizes those limitations to create an even more secure network and cloud environment.

Let’s explore a few firewall security limitations.

1. Making assumptions of trustworthiness

The firewall approach assumed that all users and devices within the network perimeter were trustworthy. It was (and still is) a dangerous assumption because it leaves organizations vulnerable to attacks from malicious insiders who gained access to the network.

2. Assuming the perimeter’s secure

Firewalls relied on the network perimeter being secure—always. The problem with this assumption is that it doesn’t account for attackers who could still gain access through other means, like using stolen credentials or exploiting software and network infrastructure vulnerabilities.

Why Organizations Have Shifted to Zero-Trust

Making the above assumptions puts companies at risk, making the firewall approach to security an inadequate solution in today’s complex and interconnected world. The result? A new security strategy: zero-trust.

Zero-trust emphasizes the verification of both the identity and trustworthiness of every user and device. Then, and only then, can they access sensitive assets or resources.

The Zero-Trust Approach

Zero-trust’s security framework is built on the “never trust, always verify” philosophy, which means:

  • Continual monitoring of all users, devices, and applications
  • Activity, identity, and device verification before granting network access

This approach eliminates reliance on perimeter-based security measures, instead focusing on securing access to data and resources within the network.

Zero-trust also emphasizes the importance of authentication and access controls, including using multiple factors of authentication:

  • Passwords
  • Biometrics
  • Token-based authentication

These measures ensure that only authorized users gain access to resources.

Another tenet of zero-trust is constant monitoring (through tools like network and endpoint security) of both user and device activity, which can alert security teams the second these tools detect suspicious activity.

But you’ll also want to regularly test and update security controls, constantly checking for unknown vulnerabilities. Security assessments that use both internal and external expertise and resources can help protect your organization against unknown or future threats.

Zero-trust is crucial for protecting your enterprise organization. By implementing this security strategy, you can arm yourself against the increasingly sophisticated and persistent threats your face in today’s digital world.

Are You Ready to Implement Zero-Trust?

If you’re ready to up-level your security, Lightstream can help. We strongly believe zero-trust is essential to any security strategy that aims to protect your data, network, and organization—which is why we offer a full suite of zero-trust solutions:

  • Readiness assessments
  • Consulting
  • Managed services

We often act as extensions of our clients’ security teams, helping protect you 24/7. And we use a zero-trust framework to do so.

Adopting the zero-trust approach can drastically reduce the risk of data breaches and other security threats. It can also help protect your reputation and ensure your data and resources remain secure.

So, if you want to learn more or are ready to implement it, contact us today.

Posted on

Why IT is rethinking Best of Breed Management tools

Most of today’s IT leaders take a Best of Breed approach to procuring solutions and toolsets for their enterprises. They seek out the top-tier providers for each service, whether it may be for bandwidth, managed network, managed security services, managed firewall, or endpoint protection. The commonly held belief is that by partnering with the leading vendor for each service, they can build an end-to-end IT environment that’s bullet-proof. Makes sense, right? Not exactly.

While it’s very common for silos to develop within infrastructure and support, it can create major obstacles for already strained IT departments. Co-managing multiple systems and vendors with little cross connectivity and integration between each is a complex and resource-draining process.

Inevitably, each provider has its own shared responsibility model that they strictly adhere to. Each model is unique, and they do not communicate or compromise with other service providers to make up for their inherent differences. This leaves considerable disparities and gaps in service that internal IT departments are required to fill in. Furthermore, deploying and maintaining an app that works within each of these environments can be extremely complicated and time consuming.

Real-world scenario #1

A major retail website experiences a breach in its data security. This breach causes millions of buyers to have their financial records exposed to the public Internet. Individuals scramble to disable accounts, dispute unauthorized charges, change passwords, and expedite getting new credit cards. Meanwhile, fingers are pointed at the retailer and the reputation of their brand is at stake. The company’s cloud service provider promptly releases a statement that due to the nature of its shared service model, the breach was due to no fault of its own, but rather the result of negligence or an error made by the managers of the retail site. In addition to helping its victimized customers, the retail company is faced with significant legal consequences followed by months or even years working to restore its reputation. The painful reality for this company is that all of this could have been avoided by having a single provider manage its network and cloud security and eliminate the gaps in service that put customer data at risk.

Real-world scenario #2

A tier 1 manufacturing company has a global network they are being forced to operate in a remote work environment due to restrictions caused by the Covid19 pandemic. From the CTO’s perspective, they are having problems with supporting business units with network outages and moves, adds, and changes. They believe they are in need of a network services provider, however that provider must be able to seamlessly work with their other IT vendors. They soon discover that while it is possible for different service providers to work with one another, it comes at an exorbitant, unnecessary cost to their internal IT department. In short, the enterprise’s disparate vendors – all working in silos – are causing network connectivity problems, security issues, and an overly complicated move/add/change process.

A practical solution

By taking an integrated, “big picture” approach in each of these scenarios, the right service provider can customize an end-to-end solution that consists of any combination of bundled services. For instance, the manufacturer originally seeking network services is offered a comprehensive solution consisting of network and managed services, managed firewall, and managed endpoint security. Going forward, they will have one NOC handling any potential issues and ensuring their environment’s uptime. A single SOC to examine security and mitigate any potential threats. One provider managing all aspects of their IT environment with one single interface for them to work with. When presented with an integrated solution that is single-handedly responsible for Managed Security Services, SOC as a Service, SD-WAN solutions, and NOC as a Service, this customer has an “Aha!” moment. As the solution is being rolled out, the organization is looking forward to working within a safer, more streamlined environment designed to eliminate service gaps and help them realize greater efficiencies while cutting costs.

Expert advice

More than ever, IT departments within organizations are being burdened by securing and retaining talent, procuring and maintaining toolsets, and overcoming budgetary constraints. To assist with this arduous process, the experts at Lightstream recommend taking a 3-step approach to their solution procurement strategy.

First, recognize the challenges your organization is having difficulty overcoming. Next, have a general idea of what the solution to your problems might be. And finally, understand the roadmap for your technology. Will a mobile workforce be a factor in the future? Where is your enterprise currently, and where would you like it to go? Don’t be afraid to use a whiteboard mentality, and don’t be constrained by what you think technology can offer. Clearly articulate your goals and allow the provider to come up a customized solution that supports all of your business units globally.

The current pandemic has forced us all to think differently about the future. It has exposed challenges across industries and within telecom and IT, it has exposed gaps in the network community. In this new world, customers are struggling to promote connectivity and security in networks that weren’t designed to support mobile workforces. Security has been forced to take a back seat, and network capacity is being stretched very thin.

It is critical to partner with a provider who understands all of this and who can customize a solution to not only help you overcome your current challenges, but who can also help you reach your future goals.  Contact us to learn more about Lightstream’s integrated offerings and how we can help you simplify the procurement process and decomplicate your IT environment.

Posted on

The Red Herrings of Cybersecurity – Blog 2 of 4

Hello again.

In the previous blog in this series, I set things up for you. I explained the three things that I believe are “red herrings” in our industry – and now we’re going to dive into the first. Let’s go for a short, pointed, and honest ride.

There has been a consistency about managed services providers in the years I’ve worked for them. While not particularly comforting, the consistency of failings at least meant that we were all doing it wrong together. There is cold comfort in that.

One of those things that killed me for years is the speed of implementation. Or should I say, the complete lack thereof? In my years with HP, one of the managed services accounts that I worked with directly was grumpy because it had taken over 9 months to get an IDS successfully implemented. Yes, you read that right. Nine months. It’s not like security is a real-time battle of good and evil, and losing seconds is cause for concern, right?

I swore that I’d work to improve this, but ultimately I was unsuccessful. Then I left the company. But this stayed in my mind for a while. In my next role, I was too far removed from this situation to be able to affect it. That said, it never left my mind as my team and I advised CISOs on strategy and program development. The goal was always to decrease the time that elapsed between signing a contract and getting “security value.”

Fast-forward a bit to when I joined my previous role at Armor. The company was touting “2 minutes to deploy” and given my previous experience I thought I hit the jackpot. I’d learn over the next two years why I had been chasing a false dream. I’d recognize that faster is not necessarily better, although rapid time to value is desirable.

So what changed that swayed my thinking? Experience.

You see, I had the opportunity to witness a few “2-minute” deployments. They were categorically a disaster. Why? The answer lies in another question.

“How much protection can you expect from a security tool that does near-zero customization?”

If you answered the above with “about that, near-zero” you are now in my headspace. One of the reasons; and this is personal opinion now, there were so many install failures and missed issues downstream was that we were going for speed versus security. Sure we had it installed in two minutes. But did it serve any value? That was debatable, at best.

The lesson is this – to provide a valuable outcome to your customers, you need to do the work. There is a multi-step process that needs to be followed that I’ll readily share with you, here.

1. Understand your customer, their environment, and their challenges. Without this, you’re applying peanut butter. There are no two customers that share the same strategy, architecture, network topology, and security response needs. This I can guarantee. So why would you pretend that a single stock configuration would do anything but provide for the most basic of controls? I would argue that without this step you’ll be doing more harm than good.

2. Prototype and test your configurations. Once you think you know your customer, develop the defensive model, policies, and response actions. Work hard to identify not just the 80% case but those 20% outliers that are going to cause trouble once you deploy. Here’s a hint – one of the most difficult things to get right is the disruptive cases. The situations where something happens to upset the customer’s ecosystem due to a configuration you’ve made are irreversible – especially during initial deployment. If you can’t get it right from the start, you’ll lose your customer’s trust before you ever get to protect them. Minimize your unknowns; that’s the best advice I can give.

3. Expertly guided deployment is essential. Far too many times I heard customers say, “We got this” and then proceed to bungle everything because of either ego or something else. But I promise if your provider is offering you assistance to deploy – take it. If they’re not, ask why they’re not helping you be successful.

Expect this effort to take you north of forty hours for a mid-size implementation. That’s my estimation. You, the provider, should spend a week of solid work to get to a deployment stage. That’s a far cry from 2 minutes but provides infinitely more security value.

While I still believe that deploying as quickly as possible to get security value is critical, I no longer believe that doing so at the expense of customization and testing is viable. Everything comes at a price, and in cybersecurity, the price for protection is time. And effort. It takes effort, planning, patience, and expertise on your part and your customers. I don’t care how you present it – those are things you can’t rush.

Next up, removing complexity. I welcome your comments in the meantime.

Posted on

The Red Herrings of Cybersecurity Blog Series – Blog 1 of 4

The longer you’re in the cybersecurity business, the more you realize that some of the things you learned early on as ground truths were red herrings. Allow me to elaborate.

As the head of security strategy here at Lightstream, my job is to innovate and think ahead of the demand curve. I take this job very seriously, which is why I’ve been re-evaluating some of the things I held true in previous roles. There are three things I want to address over the next four posts, and I hope this reveals a little about how I’m thinking and perhaps provides some groundwork for good dialogue.

First, the three red herrings I want to discuss. These apply specifically to the delivery of security services in the form of an MSSP – and while these three things may be applicable elsewhere, that’s not what I’m addressing in this series.

  1. Faster deployments are somehow better;
  2. Complex services are more effective;
  3. Vendors taking over your tools is a good idea.

Let me break these three things down so you can get a sense of the high level here, and then over the next few posts, I’ll share my thoughts and how I have arrived there.

At my last company, there was a very odd metric we put on all of our marketing literature – the time to deploy our product. It made sense at the time. We told customers we could get the product installed in about 2 minutes and that as soon as they signed up for our service, they’d be off and going in that short timeframe. That all sounded good until I observed a few of these deployments. Have you ever tried to install a security product in 2 minutes? If you have, then you will probably agree with me that the only thing you get in those 2 minutes is a stock vanilla deployment with virtually no contextual understanding or customization. To translate that into an outcome – low value, and a potential disaster by breaking something.

Complexity has always been the archenemy of everything in technology. The more complex a deployment becomes, the more difficult it is to understand it. Hence it will be difficult to fix and secure. I don’t believe this is disputable. So why is it that so many security services vendors build slide after slide in their presentation to explain their overly complex systems and processes? The answer is simple – the buyer has come to believe that if they don’t understand it, then it must be advanced. It’s like the Arthur C. Clarke quote: “Any sufficiently advanced technology is indistinguishable from magic.” My friends, don’t buy magic; it’s rarely real in the end.

Finally, let’s talk about those RFPs you’re sending out. If you’ve purchased a set of tools and failed to implement them properly – whether you figure this out on day three or three hundred is immaterial – asking someone else to take your operation over is a terrible idea. The likely outcome is what we in the industry refer to as: “your mess, for less.” I promise you there is no value here. You get what you pay for, and “cheap” is not the same thing as “less expensive.” There’s a lot to unpack here. I’ll save my thoughts for the full post; however, I wanted to seed this in your mind for now.

So now you have it – my thoughts on the three most important red herrings cybersecurity services vendors put forth that I believe you should avoid. In the next three blog posts, I’ll unpack each and perhaps leave you with something to think over. A better way forward, perhaps.