Connect with us


Cybersecurity: How a layered approach keeps this F1 team’s data secure



The internet needs to be fixed, but who’s responsible?
ZDNet’s Danny Palmer talks about the current state of the internet and cybersecurity, which is wobbly. He tells TechReppublic’s Karen Roby what needs to be done in order to fix the security issues for the next generation. Read more:

Gary Foote, CIO at Rich Energy Haas F1, says information is critical to the success of the Formula 1 racing team – and that’s why the establishment of a data security strategy is one his key business priorities.

“We’re in a competitive sport, so our asset is the data that helps make us more reliable and quicker on a circuit,” he says. “The data that we’re generating – from conception in design, to being used creatively by partners, and onto the race track – is crucial and we have a complex data model where information is flying all over the place but must be kept secure.”

Foote says his organisation is focused on two main types of data: business information, such as finance figures and HR records; and the product information relating to the car, which is best-described as Haas F1’s intellectual property.

SEE: Digital transformation: A CXO’s guide (ZDNet special report) | Download the report as a PDF (TechRepublic)

He says both of these data types are “hugely important” and must be managed across a dispersed geography: “We’ve got data movement all over the place and, as a result, data security becomes a bigger challenge than it might be for other organisations and even some of the other teams in F1.”

Haas F1 has an operations centre in the UK, where Foote is primarily based, and an office in the US, which houses the firm’s sister racing team, Stewart-Haas Racing. There are two additional centres relating to design partners in Italy, and the team also maintains a mobile operation that moves around the globe fulfilling race-day duties.

One of the main explanations for that geographical dispersal is the team’s business model. In an attempt to keep costs low, Foote says the model relies on outsourcing as much non-core expertise as possible.

“And when you outsource expertise, by definition you outsource data,” he says. “Our data movement strategy is complex – overly complex to a degree. As an example, our computational fluid dynamic specialists are based in the US office, but they use a high-performance computing cluster based in the UK, and we provided the results from that platform to aerodynamicists who are based in Italy.”

It’s Foote responsibility as the team’s CIO to ensure that there is adequate protection for the Haas F1 brand and its assets on a global scale. His approach has been to create a business strategy for data security that aims to neutralise the complex geographical structure of the business.

“We’re looking for strong layers of protection placed strategically, with good vendor and product selection. We want to create a sensibly layered strategy, where products complement each other,” says Foote.


Foote: “We want to create a sensibly layered strategy, where products complement each other.”

Image: Haas F1

Technology partnerships can play a key role in F1. The sport is heavily dependent on its corporate sponsors, yet Foote describes his team as “completely vendor agnostic” when it comes to technology suppliers. 

“We have the freedom and finances to deploy the products that we want to. Rather than having a confined tool box, we’re able to collect the products to use for the problem we’re trying to solve. But it’s really important that they complement each other,” says Foote, who says the products his team chooses must fit his security strategy.

“Layers are great but we also need to keep a check on compatibility and complexity. I talk to my guys quite a lot about the problems you introduce into IT when you create complexity. It’s not good having a hugely redundant disaster recovery network if it’s so over-complex that when it breaks it’s impossible to fix. By making things simpler, you can make things better.”

One of the key products Foote has chosen to implement recently is Nominet’s NTX cybersecurity platform to help keep the team’s data networks secure. The technology analyses domain name system (DNS) traffic to predict, detect and block threats to the network before they cause harm.

“We want to add layers to protect our data from threats coming in and threats going out, such as best-intended user actions that might accidentally lead to malware,” he says. “We’ve got to continually stay at the leading edge of security technology.”

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

Foote says the selection process was driven by going to market and seeing who was able to offer products and services that can bolster the team’s security strategy. The organisation’s policy for system implementation is to leave race-day systems until last, preferring the technology to be proven in a business environment first.

The Nominet DNS platform, which has now been in place for about six months, analyses and categorises potentially billions of queries in its attempts to eliminate malware, phishing and data theft from the network. Foote is already seeing business benefits. “Nominet are putting a sets of eyes on a huge amount of traffic that I physically don’t have the manpower internally to do,” he says. 

Foote refers to cybersecurity as “an ever-changing landscape” and says Haas F1 must keep up with the latest trends. When new security technologies emerge, Foote wants his team to analyse these tools and to investigate how these layers might help block actors who might want to do harm.

“The key thing for me is security – and it’s almost number one in terms of our technical remit here. F1 is incredibly fast-paced and the worry is less about data going to competitors and more about exposure to individuals who want to use it as a platform for their own gain. Being a global company in a global sport on a global stage means we’re quite a target. Any security technology that’s learning as we go is a big benefit to us,” he says.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Work from Home Security



Spin Master is a leading global children’s entertainment company that invents toys and games, produces dozens of television and studio series that are distributed in 160 countries, and creates a variety of digital games played by more than 30 million children. What was once a small private company founded by childhood friends is now a public global supply chain with over 1,500 employees and 28 offices around the world.

Like most organizations in 2020, Spin Master had to adapt quickly to the new normal of remote work, shifting most of its production from cubicles in regional and head offices to hundreds of employees working from home and other remote locations.

This dramatic shift created potential security risks, as most employees were no longer behind the firewall on the corporate network. Without the implementation of hardened endpoint security, the door would be open for bad actors to infiltrate the organization, acquire intellectual property, and ransom customer information. Additionally, the potential downtime caused by a security breach could harm the global supply chain. With that in mind, Spin Master created a self-imposed 30-day deadline to extend its network protection capabilities to the edge.

Key Findings:

  • Think Long Term: The initial goal of establishing a stop-gap work-from-home (WFH) and work-from-anywhere (WFA) strategy has since morphed into a permanent strategy, requiring long-term solutions.
  • Gather Skills: The real urgency posed by the global pandemic made forging partnerships with providers that could fill all the required skill sets a top priority.
  • Build Momentum: The compressed timeline left no room for delay or error. The Board of Directors threw its support behind the implementation team and gave it broad budget authority to ensure rapid action, while providing active guidance to align strategy with action.
  • Deliver Value: The team established two key requirements that the selected partner must deliver: implementation support and establishing an ongoing managed security operations center (SOC).
Continue Reading


Key Criteria for Evaluating Privileged Access Management



Privileged Access Management (PAM) enables administrative access to critical IT systems while minimizing the chances of security compromises through monitoring, policy enforcement, and credential management.

A key operating principle of all PAM systems is the separation of user credentials for individual staff members from the system administration credentials they are permitted to use. PAM solutions store and manage all of the privileged credentials, providing system access without requiring users to remember, or even know, the privileged password. Of course, all staff have their own unique user ID and password that they use to complete everyday tasks such as accessing email and writing documents. Users who are permitted to handle system administration tasks that require privileged credentials log into the PAM solution, which provides and controls such access according to predefined security policies. These policies control who is allowed to use which privileged credentials when, where, and for what tasks. An organization’s policy may also require logging and recording of the actions undertaken with the privileged credentials.

Once implemented, PAM will improve your security posture in several ways. The first is by segregating day-to-day duties from duties that require elevated access, reducing the risk of accidental privileged actions. Secondly, automated password management reduces the possibility that credentials will be shared while also lowering the risk if credentials are accidentally exposed. Finally, extensive logging and activity recording in PAM solutions aids audits of critical system access for both preventative and forensic security.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Vendor Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

Continue Reading


Adventist Risk Management Data Protection Infrastructure



Companies always want to enhance their ability to quickly address pressing business needs. Toward that end, they look for new ways to make their IT infrastructures more efficient—and more cost effective. Today, those pressing needs often center around data protection and regulatory compliance, which was certainly the case for Adventist Risk Management. What they wanted was an end-to-end, best-in-class solution to meet their needs. After trying several others, they found the perfect combination with HYCU and Nutanix, which provided:

  • Ease of deployment
  • Outstanding ROI
  • Overall TCO improvement

Nutanix Cloud Platform provides a software-defined hyperconverged infrastructure, while HYCU offers purpose-built backup and recovery for Nutanix. Compared to the previous traditional infrastructure and data protection solutions in use at Adventist Risk Management, Nutanix and HYCU simplified processes, speeding day-to-day operations up to 75%. Now, migration and update activities typically scheduled for weekends can be performed during working hours and help to increase IT staff and management quality of life. HYCU further increased savings by providing faster and more frequent points of recovery as well as better DR Recovery Point Objective (RPO) and Recovery Time Objective (RTO) by increasing the ability to do daily backups from one to four per day.

Furthermore, the recent adoption of Nutanix Objects, which provides secure and performant S3 storage capabilities, enhanced the infrastructure by:

    • Improving overall performance for backups
    • Adding security against potential ransomware attacks
    • Replacing components difficult to manage and support

In the end, Nutanix and HYCU enabled their customer to save money, improve the existing environment, and, above all, meet regulatory compliance requirements without any struggle.

Continue Reading