Calculating the Real Cost of Downtime for Your Business

Be prepared for the worst-case scenario 

From startling headlines that have highlighted recent data breaches to the impending doom a single storm can spell for data centers, it becomes clearer every day that business continuity and disaster recovery are critical components to every IT strategy. While getting familiar with today’s modern IT threats, risks, and possible vulnerabilities within current systems is important, understanding downtime resulting from a disaster and its long-lasting repercussions—numbers unique to each individual business—is even more vital when designing an effective business continuity plan.

In order to determine the cost of downtime and its consequences due to an unexpected disaster, IT professionals first need to break down the overall elements that can contribute to it.

Where do the costs add up?

Time is money, so the saying goes, and the monetary impact of downtime impacts more areas than just the IT team including:

  • Idle workers across departments still on the clock but cannot perform their job duties
  • Physical damage to infrastructure, equipment or the building itself
  • Lost revenue due to inoperable POS or delivery of products to market
  • Hiring additional outside resources and specialists for data recovery
  • Repair or replacement of technology components
  • Reputation damage from vendors, clients and prospects

With the different elements to consider, it is little wonder that research by Gartner reports the average cost of IT downtime as $5,600 per minute. While that statistic may seem staggering—even unbelievable to some—finding the cost of downtime for an individual organization can be easily accomplished.

How to calculate the cost of downtime?

Calculating the unique cost of downtime can be done in terms of revenue loss and productivity cost. Both can be achieved (and reassessed over time) with clear formulas, using the information specific to the company.

To calculate revenue loss, gather the following information:

  • Gross yearly revenue (GR)
  • Total annual working hours (TH)
  • Percentage impact (I)
  • Number of downtime hours (H)

With the numbers identified, use this formula:

(GR/TH) x I x H = revenue loss


To calculate productivity cost, gather the following information:

  • Number of employees affected (E)
  • Percentage of employees affected (A)
  • Average cost of employees per hour (C)
  • Number of downtime hours (H)

With the numbers identified, use this formula:

E x A x C x H = productivity cost

Armed with real numbers, crafting the disaster recovery and business continuity plan to adequately prepare and protect an organization can become a priority supported throughout operations.

Control costs and continuity with a trusted IT partner

While the cost of downtime can be calculated with simple formulas, constructing worst-case scenario plans to minimize the impact of such costs is anything but simple. Engaging with experts to design recovery and business continuity plans not only ensures that every detail of an organizations IT systems has been accounted for, but also saves internal IT teams the time of being distracted by “what-ifs” instead of business goals. Ntirety Disaster Recovery (DR) Services help ensure mission-critical applications are safeguarded against malicious attacks, weather-related phenomenon, and other triggers for unexpected downtime. From platform management to continuous data protection and architecture design, Ntirety DR empowers enterprise companies to provide continuous service to customers and stakeholders with confidence.

Visit our Recovery Services to learn how Ntirety can prepare your organization for worst-case scenarios with a comprehensive and proactive business continuity plan.

CloudEXPO Silicon Valley Key Insights from CEO Emil Sayegh and CISO Chris Riley

The 23rd International CloudEXPO conference in Silicon Valley brought speakers and attendees from across the globe to engage over the latest topics and innovation surrounding up-and-coming technology for 2019, including cloud migration trends and the next iterations of machine learning for enterprise.

Hostway|HOSTING CEO Emil Sayegh and CISO Chris Riley were not only honored to have the opportunity to present on the CloudEXPO stage in Silicon Valley, but took full advantage of attending other sessions, as well as to meet with attendees on the exhibition floor. Upon reflection of the event, both leaders left with the following key takeaways to share:

CEO Emil Sayegh

Fresh off the main stage after his Silicon Valley keynote presentation, “The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?“, Sayegh came away with several major insights on this year’s conference:

  1. As Sayegh predicted for 2019, the message around the public cloud is shifting: the public Cloud has its strong benefits, but it doesn’t solve every challenge—that’s where the hybrid cloud comes in. Sayegh predictions that the future is hybrid and multi-cloud, rather than a single cloud flavor, is becoming more and more prevalent.
  2. Service is king, as infrastructure is getting more and more commoditized with the hyperscalers. The ability to offer differentiating services on top of the public cloud and other infrastructure will be the norm. As an example, greater focus is being given to DevOps within the cloud and its increasing practice to gain better alignment in enterprise businesses. Enterprises are looking for continuous insights on how to improve their cost structure, reduce their risk, and improve their agility from their partners, not just an old fashioned delivered service.
  3. Despite the trending shift, IT professionals still feel the pressure from their superiors to move to the public cloud. When protests about cost and security are not enough, use cases are becoming a common tool used to sway cloud decisions to hybrid or multi-cloud models⁠—a tactic noted in several sessions. Throughout the audience mix of enterprise, mid-market, and startups, attendees repeatedly said they look for use case examples as a confirmation that they are not alone in IT challenges and can find the solution.

CISO Chris Riley

This year was Riley’s first time both attending and presenting at CloudEXPO, and he was honored to present on the critical current demands of cloud security in his session “The Great Migration: Retreat from the Cloud Sacrificing Security?” Reflecting on his time perusing the conference, Riley shared the following takeaways:

  1. Familiar with other IT events, Riley felt that CloudEXPO was unique in the different topic tracks it offered, including A.I., machine learning, and the intricacies of compliance, including the wide range of industries affected by compliance regulations.
  2. In both the sessions and on the exhibition floor, attendees were mostly seeking practical advice to address their current challenges—an indicator to Riley that many IT professionals are seeking the right talent or partner to help navigate the growing complexity of the hybrid cloud.
  3. Since it has become clear that no one person can tackle these emerging hurdles alone, more emphasis is being put on collaboration and developing cross-sections of talent, such as the importance of aligning Development with Security and Operations teams or DevSecOps, as Riley covered in his session.
  4. Increased interest in code enablement and the human capital needed for visibility into those endeavors demonstrates an evolution from the previous “lift and shift” migration mentality. Instead, organizations are exploring long-term goals and capabilities to shape the cloud journey, effectively moving away from a one-size-fits-all approach.

Ready or Real Solutions and Staying Ahead

As CloudEXPO wrapped up, the team at Hostway|HOSTING left even more excited to bring these tools and techniques to our clients and partners across the globe. Infusing our strategies and services with the latest innovations and insights is crucial to Hostway|HOSTING’s ability to provide the cutting-edge solutions enterprise businesses deserve to stay ahead of the market. We look forward to sharing these solutions with you!

Ready to optimize and evolve your cloud environment? Get expert guidance with a consultation today!

CISO Chris Riley’s CloudEXPO Presentation: The Great Migration: Retreat from the Cloud Sacrificing Security?

On June 24th, Ntirety CISO Chris Riley was proud to present The Great Migration: Retreat from the Cloud Sacrificing Security? at the 23rd International CloudEXPO conference in Silicon Valley. With over 20 years of enterprise IT experience, Riley brought unparalleled perspectives to the CloudEXPO stage on the current state of IT security, including shared concerns, hidden risks, and the tested tactics to protect data.

Security Threats Remain Even in New Cloud Solutions

Migrating to the cloud provides numerous benefits to enterprise organizations, but do-it-yourself or one-size-fits-all approaches to cloud selection and management has created a number of concerns for internal IT teams across industries. This phenomenon has led to a shift away from the one-size-fits-all approach to more hybrid cloud options, as noted in Ntirety CEO Emil Sayegh’s keynote presentation. However, while hybrid solutions do eliminate issues relating to cost and performance, it can still leave gaps in security and compliance.

Despite the advances hybrid and multi-cloud options bring, threats can spring from a variety of both external and internal sources. Calling these threats the “Treacherous 12,” Riley shared the most critical issues that plague cloud security from a survey by Cloud Security Alliance:

  1. Data Breaches
  2. Weak Identity, Credential and Access Management
  3. Insecure Application Programming Interfaces (APIs)
  4. System and Application Vulnerabilities
  5. Account Hijacking
  6. Malicious Insiders
  7. Advanced Persistent Threats (APTs)
  8. Data Loss
  9. Insufficient Due Diligence
  10. Abuse and Nefarious Use of Cloud Services
  11. Denial of Service
  12. Shared Technology Issues

From massive data breaches, to the headaches of employees sharing passwords, these challenges exist—knowingly or unknowingly—for all organizations in the cloud. ⁠

Combatting Risks with Better Internal Tactics

Although the above list may seem daunting, Riley illustrated to CloudEXPO attendees that there is hope. Visibility, segmentation, automation—all these modern cloud security pillars are achievable through more detailed and dedicated processes, like enforcing access control, re-architecting systems, and monitoring behavioral activity.

All the elements for better security and data protection are obtainable, Riley explained, if cross-functional internal teams can work together and prove that investing in greater measures is not only worthwhile but vital for every cloud solution.

“The fact of the matter is we have to demonstrate the value, we have to enable the business, and we have do it in near real-time fashion,” said the Ntirety CISO to his audience. “Because the business isn’t going to wait for us.”

Bringing diverse members of a company’s team together for increased communication is a key component to implementing any new security strategy or process, specifically the imperative collaboration necessary between the departments of Development, Security, and Operations. Coining this as the “trifecta of success”, Riley emphasized how encouraging frequent and in-depth conversations between DevSecOps will “inherently have a strong mentality to code things right, to secure things appropriately, and to allow the business to be successful.”

Better Security from the Inside Out

The concerns are real and more relevant than ever, but so are the tactics to tackle them, Riley ensured his audience in Silicon Valley. He elucidated on the current state of IT security—the good, the bad, the ugly—and ways enterprise companies can stay ahead of the threats. For CloudEXPO attendees, understanding the practical ways Riley outlined to protect systems and data in today’s increasingly insecure world were just the kind of insights enterprise IT professionals look for: identifiable risks, actionable plans, and sustainable methods.

Ready to get your own IT security insights from trusted cloud experts? Schedule your consultation for better data protection today!

CEO Emil Sayegh’s CloudEXPO Keynote Presentation: The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?

On June 24th, Ntirety CEO Emil Sayegh was a keynote speaker at the 23rd International CloudEXPO conference in Silicon Valley. As a follow-up to his session at the New York CloudEXPO conference in Novemeber 2018, Sayegh shared expert insights in his presentation “The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?” to the large crowd of IT professionals at the Santa Clara Convention Center in the heart of Silicon Valley. Focusing on the issues enterprise organizations face in the public cloud that are driving them to explore new options, his presentation shed light on a new massive trend towards the “hybrid” cloud.

While the public cloud has many strengths such as scalability, speed, and relative ease to spin up, Sayegh explained how those benefits also come with major and often surprising challenges. The promise that migrating would solve issues with legacy systems is all too often unrealized when problems simply shift and manifest into new even bigger challenges.

To illustrate this darker side of public cloud for enterprises – such as escalating costs, security concerns, and compliance limitations — Sayegh shared these concerning stats:

  • 45% of public cloud spend is wasted, reported in Rightscale’s State of the Cloud
  • 66% of IT professionals say security is their greatest concern, when asked about adopting an enterprise cloud computing platform
  • Only 12% of global IT organizations understand how GDPR will affect their cloud services

With grave statistics such as these, it is understandable why the heightened expectations of the public cloud are, falling short on business outcomes. But exiting this solution opens the door to confusion: where to go next — private cloud, colocation, hybrid cloud, or even back to traditional infrastructures.

To help audiences understand all options, Sayegh presented a pertinent analogy to explain the pros and cons of primary cloud options. Using familiar structures like hotels, private homes, rental properties, and apartment complexes, he described how each represents an IT solution. Each building provides benefits and challenges depending on individual needs.

  • The Hotel – Perfect for those needing multiple rooms at a variety of times, without any cost of physical ownership. That’s the public cloud.
  • The Apartment/Condo Complex – You are a resident, but maintenance and upkeep are provided by the building’s super. This is managed cloud – private and public.
  • Rental Property – The entire property is yours to occupy, but you still don’t own it – That is colocation.
  • The Private Home – The owner has complete control and upkeep responsibilities. You guessed it, on premise and private, self-managed IT.

While the most appropriate option is unique for each organization, Sayegh emphasized the growing trend toward the hybrid cloud. Blending public cloud, private cloud, and dedicated or on-prem solutions, the custom hybrid cloud approach meets enterprise needs and concerns around cost issues, security risks, and compliance limitations. With mounting issues and risks surrounding the sole use of the public cloud, it is little wonder why the hybrid cloud is considered the “new normal”.

“Word to the wise here, this is where the trend is and this is where all of IT infrastructure is going to go,” Sayegh shares. “Hybrid and multi-cloud is the future because it combines the best of both worlds.”

With insights, analogies, and invaluable advice, Sayegh’s keynote drilled into the reasons for the exit from the public cloud and brought hope through the adoption of the hybrid cloud approach. A thought-leader in the industry, Ntirety’s CEO was honored to share the forward-thinking concepts and strategies that keep enterprise businesses ahead of the market.

CloudEXPO Silicon Valley Final Recap

Hosted in a national hotbed for innovation, CloudEXPO Silicon Valley brought the best and brightest from sectors of the IT world to share, learn, and connect. Exploring the rows of interactive booths and sitting in on thought-provoking sessions, the Ntirety team gathered and presented invaluable insights to conference attendees.

Diving into the deeper issues enterprise organizations face with technology, specific solutions to address these complex problems, and out-of-the-box uses for popular innovations, CloudEXPO brought a one-of-a-kind experience with unique takeaways each day.

Ntirety CEO and CISO Present Insights on Emerging Cloud Challenges

Kicking off CloudEXPO Silicon Valley, Ntirety was honored to have two of our own thought-leaders take the stage. An experienced CloudEXPO presenter, CEO Emil Sayegh broke down the surfacing flaws in the public cloud and where enterprises are looking next in his keynote presentation, “The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?” In CISO Chris Riley’s session, “The Great Migration: Retreat from the Cloud Sacrificing Security?” he shed light on the increasingly complex security challenges cloud migrations create and how companies can start reducing risk before it’s too late.

Learn more about all the key takeaways and watch CEO Emil Sayegh’s full presentation in our Day One Recap »

The Can’t-Skip Strategy Tactic for All Cloud Journeys

Living up to the name of the event, the second day of CloudEXPO featured sessions that covered specific stages of the cloud journey: consideration, migration, and continued evolution. Each session emphasized the importance of incorporating use cases and case studies into the decision-making process. All the speakers explained how fully understanding the capabilities of a product and/or learning from the experiences of other businesses in similar scenarios will set your organization up for better, smoother outcomes.

How does a use case help during each stage of the cloud journey? Find out in our Day Two Recap »

Optimization—Now and Into the Future

The final day of the 23rd CloudEXPO gave attendees plenty to think about in regards to the optimization process. From using the latest techniques to modernize your processes to exploring exciting advancements in artificial intelligence and machine learning, the day’s sessions made it clear that while challenges may be present during any stage of evolution, there are effective solutions within reach.

What entities are driving improvements across the tech industry? Get an inside look in our Day Three Recap »

Beyond CloudEXPO

It was an honor and a privilege to both attend and present at CloudEXPO, and we look forward to reconnecting with all the outstanding IT professionals we met in Silicon Valley. If you didn’t make it out to the expo, don’t worry—Ntirety will be participating and and presenting at several events, roundtables, and conferences over the upcoming weeks.

Need expert guidance to help build your cloud strategy? See how Ntirety’s newly expanded, end-to-end suite of managed cloud solutions help reduce risk, optimize IT spend, and increase business agility.

CloudEXPO Day Three – Wednesday 6/26

On the third and final day of CloudEXPO, IT thought-leaders and innovators looked ahead at optimizing existing processes during the implementation of technologies like artificial intelligence and machine learning. Listening to the perspectives and experiences of today’s presenters, audiences got to wrap up CloudEXPO Silicon Valley with fresh ideas on how to bolster their IT strategies.

Avoid False Positives in Testing by Prioritizing Risks

For all applications and IT functions, testing is crucial to ensuring that everything is working as expected. But with the advent of more agile timelines and increasing demand to deliver as quickly as possible, the quality and even accuracy of testing has suffered. CloudEXPO DevOpsSUMMIT Chair Anand Akela related this issue to the classic “I Love Lucy” chocolate scene that featured Lucy and Ethel struggling to keep up with an assembly line of chocolates. In the end, the two wind up sending out inferior products, but not without eating and hiding them when they became overwhelmed. Internal IT teams are feeling similar pressure each time they’re unable to catch up with frequent changes to code and applications. Sometimes, this chaos can even result in an increase in false positive results.

To adequately review and validate technologies, Akela explained that although frequently updating or reworking the testing process might be impossible, better accuracy and efficiency is possible when you start by identifying the acceptable amount of risk for each component or function of an application. Prioritizing which elements need the most scrutiny allows for the testing process to be divided into manual and automated testing. This segmentation helps prevent the manual testers from becoming overwhelmed by the agile approach—and avoid a repeat of a Lucy and Ethel fiasco—while also preventing automated testing from lagging behind and delivering false positives. This innovative, blended approach is known as continuous testing, and it aims to enable organizations to push new, dependable applications and technology at a competitive pace.

The Future of IT is Here, but What Needs to Improve?

Artificial intelligence, machine learning, deep learning, data science—CloudEXPO’s AI session track provided examples that brought these complex concepts to life, including technology evangelist Gordon Haff’s presentation on “the good, the bad, and the ugly” of these emerging technologies.

Haff explained that while Siri, Alexa, and Cortana might easily come to mind for AI on the consumer level and have literally been welcomed into their homes, there are still hurdles to overcome. Challenges regarding data privacy and ownership, sophistication of voice and visual recognition, and inherent bias still exist, but nothing can slow down the progress for data scientists and developers.

The drive for these IT professionals comes from many places, but enterprise organizations are clearly part of the push—Elliott Ning, Cloud Customer Advisor at Google, shared the staggering projection that the percentage of CIOs deploying AI will rise from 4% in 2018 to 85% in 2020. With the increased demand for innovation, many prestigious universities are also committing to technology evolution. Always on the forefront, M.I.T. announced in 2018 that they would build a college specifically for artificial intelligence to be opened by Fall 2019, which means the next generation of engineers, scientists, and problem-solvers are already looking for solutions to Haff’s laundry list of issues.

Reflecting on CloudEXPO Silicon Valley

Over the past three days, our team was fortunate to meet and interact with IT professionals from many different industries and with many different challenges. We were also glad to have the opportunity to share our own key insights during Ntirety CEO Emil Sayegh’s keynote presentation and CISO Chris Riley’s session on the first day of the event. Moving forward, we look forward to bringing the next great tech trends to life for organizations and partners across the globe!

Ready to optimize your cloud strategy and take your infrastructure to the next level? Contact our cloud experts today.

CloudEXPO Day Two Recap – Tuesday 6/25

On Day Two of CloudEXPO, attendees gathered at the Santa Clara Convention Center to listen and engage during breakout sessions and on the exhibition floor. Overall, Tuesday’s sessions appear to offer guidance on a basic—but crucial—IT question for enterprise organizations: How does a business know what the right decisions, methods, and processes are when it comes to technology? The answers came from each speaker’s own insights, real-world examples, and a trusted methods for any stage of an IT journey.

Start with Your Best Use Case Scenario

Many experts will tell you that the first step to evolution is assessing your options and deciding which path to take. But how do you make such a crucial decision? Today’s speakers echoed a common theme: Evolutionary leaps in IT infrastructure—especially from physical machines to serverless systems—are made to increase productivity. However, to find the best solution, simply weighing the pros and cons is not enough research to provide adequate direction for a decision.

During his session, “Should You Go ‘Serverless’? The Pros and Cons,” speaker Amitabh Srivastava emphasized the benefits of studying real-world use cases as an ideal way for companies to understand how certain solutions can work for their unique needs. To do this, you must first identify the IT requirements necessary for core business functions, then begin researching solutions that meet those needs. By adding use case evaluations to your research, you can begin to discover more out-of-box solutions for other components of your IT needs, giving you greater ROI and higher efficiency once the tools are implemented. Use cases can provide more efficient and specific ways to reach business goals from the beginning, rather than basing decisions off general pros and cons. Asked directly what his own criteria is to make technology decisions, Srivastava stressed that it still depends on finding an aligned use case for each situation.

Follow the Use Case Map for a Smoother Migration

Once you’ve decided on a path, you must continue making evaluations to ensure a successful migration. With so many options on how to move—and so many ways a move can go wrong—companies cannot afford to take a guess on what will work best. For example, in his presentation, “The Role of Fast Data in Continuous Hybrid Cloud,” Steve Wilkes pointed out that data sometimes poses a challenge during migration—a hurdle that is often overlooked by organizations. When migrating data from a critical source application that cannot be stopped, for instance, it would be difficult to move the data in batches since the data is continuously being created.

“Typically, enterprise [business] knows there’s no such thing as a weekend. Things run 24/7, so you can’t really stop these applications, especially not to move a few terabytes into the cloud,” Wilkes noted.

During his session, Wilkes shared several use cases for streaming integration, which is the process of continuously moving enterprise data with high throughput in a scalable fashion. By using streaming integration, you can process, correlate, and analyze data in a highly efficient manner that provides more value and visibility.

Migration was at the top of Wilkes’ use case list for streaming integration, but there are other practical uses for the process, as well. By studying all the use cases of a solution, you can find other ways to streamline your IT toolbox and get the most bang for your buck.

Look at the Past to Keep Pushing Ahead

Throughout the day, each presenter outlined use case examination as an effective way to select the right IT path and ensure a successful migration; however, to keep the momentum going, it’s just as important for businesses to stay ahead of the market, which is a difficult task when you consider how quickly the market evolves and expands. To stay afloat, Intel Senior Software Application Engineer Rami Radi suggests letting historical trends influence decisions and predictions. Even implementing the newer technologies still requires professionals to look at existing use cases, demos, and beta information to evaluate if it is the right fit for their business.

Up Next at CloudEXPO Silicon Valley

For the third day of CloudEXPO, the Ntirety team looks forward to attending and recapping the final day’s sessions. Check back tomorrow to hear more about machine learning, artificial intelligence, and cloud security! If you’re attending CloudEXPO, don’t forget to visit booth #510 to chat with our cloud experts and enter to win great prizes.

Not in Santa Clara this week? Be sure to catch up on highlights like Ntirety CEO Emil Sayegh’s session, “The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?

 Ready to optimize your cloud strategy and take your infrastructure to the next level? Contact our cloud experts today.

CloudEXPO Day One Recap – Monday 6/24

CloudEXPO Silicon Valley kicked off with a bang in sunny California with a roster of industry leaders, including Ntirety’s CEO Emil Sayegh and CISO Chris Riley, each sharing their insights on escalating cloud issues. Our team also heard several thought-provoking perspectives on trending topics like machine learning and artificial intelligence from other IT experts.

Better Security Begins with Better Internal Communication

Sixty-six percent of IT professionals cite security as their greatest concern when considering cloud technology, which is why Ntirety’s CISO Chris Riley empathized with attendees whose cloud migrations moved too quickly to properly address security risks. While the benefits of the cloud are immense, unaddressed risks can undo a business and are far more common than you might think, especially internal risks like access control. The numbers are startling—a recent MacAfee report found 92% of companies have had employee credentials stolen from the cloud and placed on the dark web. Even in a quick survey of the room, Riley identified that less than 12% of the session’s attendees currently implemented access control, leaving them open to risk.

To address these security concerns, you must start, unsurprisingly, within the organization. Before access is granted to each employee, it’s vital that teams communicate effectively to understand what privileges are needed for adequate collaboration—and which will open them up to a security issue. A startling evaluation presented by security expert Balaji Parimi found that with an average of more than 30,000 APIs in use—over 50% of which can affect operations—less than 1% are used on a daily basis by most team members, amplifying risks from the inside out. Roles with too much privilege are being assigned to team members far too often. By evaluating the need for access from the get-go, you can prevent internal leaks from hampering your protection.

Is Your Technology Actually Enabling Your Team?

While the public cloud has been a popular choice for companies looking to digitally transform, some organizations are now finding that their internal teams are often overwhelmed and underserved by a purely public approach, Ntirety CEO Emil Sayegh explained in his session, “The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud?” The public cloud may boast better scalability, but early adopters are beginning to shift to a hybrid approach due to unpredictable costs, security risks, and compliance restrictions—all of which put a greater strain on IT teams. Relief can come through the hybrid approach, however, which allows organizations to use the public cloud when needed, but also rely on the security and predictability of a private option. This is a cloud strategy that’s gaining in popularity with trusted and experienced experts predicting that by the year 2020, 75% of organizations and enterprises in the United States will have deployed a hybrid or multi-cloud model.

“This is right around the corner,” Sayegh explained. “This is moving very, very quickly and I advise everyone in this room to be ready for this.”

What’s the Biggest Risk to Machine Learning?

No technology conference kickoff would be complete without discussion around machine learning, and CloudEXPO was no exception. Data Science Architect Jiayi Hoffman led a great discussion around the pros and cons of this complex technology, including—above all—the question of data accuracy, which is a major issue for internal teams. Hoffman explained that as easy as it could be to accept initial results, better data requires testing, training of those internal teams, transparency to bring more context, and embracing necessary transformations.

“Nobody wants a Magic Eight Ball to make a business decision,” she emphasized. To empower internal teams, companies must invest the time and effort into double-checking results to reduce anxieties and ensure accuracy.

Looking Ahead at CloudEXPO Silicon Valley

Tomorrow, we’ll be attending and recapping more sessions to help you rethink the way you approach your cloud strategy, including the pros and cons of going “serverless,” fast data in a hybrid cloud, and multi-cloud migration—just to name a few! If you’re attending CloudEXPO, be sure to visit booth #510 to chat with our cloud experts and enter to win great prizes.

Ready to optimize your cloud strategy and take your infrastructure to the next level? Contact our cloud experts today.

Keep Your Company Out of the Shocking Data Breach Headlines

Rising Statistics Show Internal Security is Not Enough to Protect Data

On Monday June 3, Quest Diagnostics, the largest blood-testing company in the world, reported that nearly 12 million patients’ personal information, including financial data, social security numbers, and medical records, was exposed through a data breach at a third-party billing collection agency. While lab results were not affected, the sheer number of patients affected makes this event the second largest healthcare data breach ever reported, following only health insurer Anthem’s 78.8 million record data breach in 2015.

The Overlooked Third-Party Risk

How could a global company like Quest’s patient data be so vulnerable? The risk did not come from within the enterprise healthcare company, but through a data breach by American Medical Collection Agency (AMCA), a third-party billing collection service vendor providing services to Quest’s healthcare revenue manager, Optum360 LLC.

External entities like AMCA are widely used across industries. A recent Deloitte poll found 70% of enterprise businesses report a moderate to high reliance on third-party services, but all the rewards come with equal risks. The same poll found that 47% of the organizations surveyed had experienced a risk incident involving the use of third-party services in the last three years.

Quest is Not Alone and That’s Not a Good Thing

Healthcare is an appealing target for hackers, and third-party services have provided the perfect backdoor access to data for several major breaches in 2019.

Just one day after Quest made their announcement, diagnostics company LabCorp reported nearly 7.7 million patients’ personal data was exposed as a result of a massive breach at the same third-party billing collection agency as Quest: AMCA. Additionally, Rush System for Health reported in March 2019 that the personal information for approximately 45,000 patients was compromised due to their third-party claims processing services vendor, and Emerson Hospital reported around the same time that 6,314 patients had portions of their protected health information exposed due to a security breach at a third-party services vendor.

Beyond healthcare, big-name companies across industries have made headlines due to compromised data, including Target, Home Depot, Applebee’s, and Saks Fifth Avenue. A 2018 study by Opus & Ponemon Institute found that 59% of companies experienced a third-party data breach that year, but a mere 16% claimed they effectively mitigated third-party risks. While it may seem obvious that outside entities can create security gaps, it appears dedicated evaluation and management of these additions can often be substandard, with only 37% of the study’s respondents indicated having enough resources to manage third-party relationships.

Cautionary tales featuring global healthcare companies, retail giants, and national restaurant chains might be enough to change those eye-opening statistics, but lawmakers are now asking impacted companies about “vendor selection and due diligence process, sub-supplier monitoring, [and] continuous vendor evaluation policies,” and pointedly asking about the recent breach headlines “how many times has Quest Diagnostics conducted a security test which evaluates both Quest Diagnostics’ systems as well as the systems of any companies it outsourced to?”

Don’t be in the News for a Breach and Don’t be a Statistic – Here’s How

First, following best practices and compliance mandates can set enterprise organizations up to better protect their data from any vulnerabilities third-party entities present, including:

  1. Regularly scheduled vulnerability assessments
  2. HIPAA-required risk assessments for healthcare organizations
  3. Dedicated security management and monitoring
  4. Disaster Recovery planning

BAAs are Necessary but Not Sufficient

Enterprise companies must always ensure that they have a solid and trustworthy partner that can deliver secure infrastructure with a comprehensive Business Associate Agreements (BAA). A BAA acts as a binding contract to create liability between the company and vendor that upholds both parties to stringent HIPAA regulations, but more can be done to truly ensure security for critical data. Ntirety provides peace of mind with industry-leading BAAs and more so with our HITRUST CSF Certified status, demonstrating that all the certified applications appropriately managing risk by meeting key regulations and industry-defined requirements. “HITRUST CSF is the gold standard,” says CEO Emil Sayegh. “In the face of mounting data breaches, companies handling sensitive data must remove all doubt by working with trusted cloud providers with deep experience in security protocols and regulatory compliance.”

Trust is Possible with the Right Third-Party Vendors

Whether starting for square one or proactively planning for a worst-case scenario, organizations can avoid a data breach disaster at the hands of a third-party vendor with diligent vetting, managing, and planning – all of which can be time-consuming and drain resources, falling back to the 37% statistic above.

Meeting HIPAA compliance and setting strong BAAs are a good start, but with the help of experienced HITRUST-certified experts, businesses can better trust their third-party associates. Like an extension of their own teams, Ntirety guides and supports with our detailed and compliance-focused assessments, steadfast monitoring, and rigorously tested recovery plans. Ntirety is ready to meet any organization’s needs, such as our client BlueSky Creative, Inc. who had “a lot of questions and need[ed] to be 100% confident in the provider”, but Vice President Stephanie Butler explains that with Ntirety “from day one, all my questions were answered, and I was given all the guidance I needed and more.”

As a tenured IT services company with over 20 years of experience, Ntirety solutions meet compliance for PCI, HITRUST, HIPAA, FERPA, and GDPR guidelines, and our BAAs strengthen the mutual commitments to safeguard customer data. Our design for data security thoroughly evaluates all third-party vendors and how they interact with all systems and platforms and continue with safeguard evaluations, so no customer ever has to worry about becoming a statistic.

Schedule a consultation with Ntirety to protect your data and keep your third-parties secure.

Can’t Miss Sessions at CloudEXPO

Ntirety is excited to attend and present at CloudEXPO at the Santa Clara Convention Center from June 24-26, 2019, joining thought leaders from around the country to explore the latest trends in cloud technology. Our team of IT experts looks forward to interactive discussions and sessions covering the growing varieties of cloud options, including the increasingly popular hybrid and multi-cloud solutions, as well as related topics like cybersecurity, artificial intelligence, compliance, IoT, and more.

In addition to Ntirety CEO Emil Sayegh and CISO Chris Riley’s two sessions covering the shifting trends of public cloud usage on Monday 6/24 1:55pm – 2:30pm and 11:40am – 12:15pm respectively, there are a plethora of thought-provoking presentations over the 3-day conference.

Here are 6 can’t-miss sessions to attend:

Risk Management When Migrating into a Public Cloud Provider | Monday, June 24 • 4:00pm – 4:35pm

When it’s critical for data and applications to exist within a compliant environment, cost becomes a major concern during cloud migration. In this session, gain a better understanding of how to evaluate and mitigate risk rather than compromising on compliance standards or losing control of costs.

Why you should attend:

  • Take a step-by-step approach for better risk management during migration, including information on:
  • Building a business case
  • Classifying the requirements
  • Setting expectations
  • Managing security, usability and cost
  • Considerations on compliance and audits

Not Your Mother’s Cloud: Best Practices for Enterprise Hybrid Cloud | Tuesday, June 25 • 8:30am – 9:05am

A recent survey found that large companies (1,000 employees or more) were more likely to experience a migration failure than smaller organizations, due in part to the more complex systems with multiple servers, databases, and applications. Learn from real-life experiences architecting hybrid cloud solutions in this Tuesday morning session.

Why you should attend:

Focusing on the key patterns gathered from hybrid cloud successes and struggles, attendees will find valuable takeaways to support, future-proof, and automate a smoother hybrid cloud experience in today’s ever-changing IT landscape.

The Era of Digital Transformation | Tuesday, June 25 • 8:30am – 9:05am

Looking towards the future with AI, machine learning, and IoT, digital transformation becomes much broader than just individual organizations moving to the cloud. This session will take a deeper look at the big picture issues with Border Gateway Protocol (BGP), the equally big ambitions to augment its practically untouched 30-year old architecture, and how this has the potential to help your business perform better.

Why you should attend:

Gain an important understanding of foundational components in common IT challenges such as performance, scaling, convergence, and networking – and the innovations at the forefront to resolve these issues. Be in the know on the grand scale digital transformation for BGP.

Why the Cloud is Perfect for Data Protection | Tuesday, June 25 • 3:40pm – 4:15pm

Studies find that 66% of IT professionals say security is their greatest concern for adopting an enterprise cloud platform. In this presentation, W. Curtis Preston, also known as Mr. Backup, calms any concerns with detailed benefits of cloud-based data protection and management along with how to decide if a cloud solution is right for your organization.

Why you should attend:

  • Get answers to these 3 major cloud questions:
  • What is the key advantage for cloud data protection?
  • What advantages beyond protection can the cloud provide for data storage?
  • How can the cloud improve disaster recovery strategies?

The Great Migration: Retreat From the Cloud Sacrificing Security? | Monday, June 24 • 11:40am – 12:15pm

As more and more enterprise businesses are opting out of public cloud for more flexible options like hybrid and multi-cloud, data protection during migration doesn’t always get the amount of planning it deserves. Don’t let cybersecurity issues surprise your organization during cloud migration! Led by Ntirety CISO Chris Riley, find out what areas are often overlooked in this informative session.

Why you should attend:

  • Identify and unravel key areas of concern enterprise organizations need to remember for any digital transformation, including:
  • Compliance
  • Blending service and deployment models
  • Management and governance
  • Complications in re-entry to cloud environments
  • Protocols and enforcement

The Great Correction: Why Are Some Enterprises Fleeing the Public Cloud? | Monday, June 24 • 1:55pm – 2:30pm

Presented by Ntirety CEO Emil Sayegh, this session covers one of today’s pivotal trends: enterprise organizations shifting away from the public cloud and moving instead to hybrid and multi-cloud solutions. Sayegh aptly predicted hybrid cloud becoming the new normal—a recent Forrester report found 74% of enterprises describe their strategy as hybrid or multi-cloud—but what is driving this mass exodus from one cloud solution to the other? Learn how the cons started outweighing the pros of public cloud in this insightful session.

Why you should attend:

Get an insider’s perspective on the challenges enterprise businesses face when operating in the public cloud. Ntirety CEO shares his firsthand experience supporting and strategizing new solutions with enterprise customers throughout his 20 years in the industry. The list of complaints may be more familiar than you expect for your own organization.

Stop by and say hello!

As the premier conference in the cloud technology space, Ntirety is honored to present alongside our industry peers and share our collective knowledge with the hundreds of CloudEXPO attendees. All of the thought-provoking topics and engaging interactions happening in sessions and on the exhibition floor make this a one-of-kind event not to be missed. Be sure to visit booth 618 to learn more about how Ntirety can help guide your organization’s cloud journey.

Come connect with Ntirety at CloudEXPO! Find our full conference schedule, exhibition floor giveaways, networking opportunities and more »