Your Cloud Solutions Deserve Zero-Trust Networking - CompTIA Certifications

Too often cloud users get burned by their own cloud service providers when it comes to security. The marketplace has created a large demand around cloud security by allowing cloud service providers to sidestep the responsibility for securing the data as it sits within the facility. 

Sure, cloud service providers are still responsible for defending the physical server racks like a small militia, but when it comes to the far more likely prospect of a hacker infiltrating your systems, cloud service providers push the burden of responsibility back to you, the end user. Cloud service providers are not held to a high security standard when it comes to releasing their products, and they tend to have massive holes that need to be plugged with another solution.

More Properties Equals Greater Risk

Moving to the cloud does not increase your security. That would be like buying a second home with an expensive alarm system and saying your overall real estate portfolio is safer. And while the salesperson of the alarm system may say (or even believe) that it’s true, it’s not. We are talking about simple math. You used to have one environment to secure. Now you have two. That does not increase your security. In fact, it spreads out your risk and increases your attack vectors.

Add to that the nuances of accessing and transporting information from your main site to your cloud environment, or vice versa, and you have a tricky security issue on your hands.

Zero-Trust Networking for Your Cloud Solutions

Your cloud solutions deserve zero-trust networking. Zero-trust networking is a self-explanatory approach, but the way it is implemented and monitored is where you will find a major difference. 

It’s no longer enough to defend your network with a perimeter (firewall). While firewalls are important, how do they help you protect the information that already resides within your network? What do firewalls do to detect bogus process threats that are active in your network but remain undetected? 

Even major routing players like Cisco are still in the process of closing off backdoors that they are only discovering from firewall hardware and firmware released years ago. This is why zero-trust networking is the only sane way to approach network security.

None of this is information is revelatory, but some of the solutions being deployed today are when it comes to extending this type of zero-trust networking approach to your cloud environment.

How to Apply Zero-Trust Networking to Your Cloud Solutions

Today there are context-based security solutions that will segment what assets can be accessed by end users. They depend on real-time factors, such as the following, and react to what’s taking place on the network and across the global cybersecurity landscape.

• Location: If your employees and assets are in a country that is flagged by your company, assets will be restricted or blocked.
• Network: Assets will be made available when accessed by an approved network. For example, the corporate network or virtual private network (VPN) may be approved, but public Wi-Fi or unknown networks may not.
• User: Who are you, and what are you trying to access? What’s your title, what department are you in and why do you need to pull the asset from the cloud? Risk can be mitigated ​based on access credentials and a combination of the above factors.
• Devices and Processes: Why are these two systems communicating? Does that communication make sense? Is it a logical and approved communication? If not, this can be blocked and logged.

Solutions like these take zero-trust networking out of the local area network (LAN) and into your dispersed mobile workforce accessing the cloud. It’s a nice maturation step for these security solutions as they look to become more intelligent and responsive reacting to policy.

Bringing Zero-Trust Networking on Premise

For all the focus on securing the cloud, be mindful that the bulk of cyberthreats happening across the globe are not nearly this sophisticated. 

Most cyberthreats and hacks are moving down the stack into firmware and inter-process communications. This is because most IT shops don’t watch inside the firewalls – they watch the firewall itself.

Threat actors are countering sophisticated cybersecurity solutions that attempt to look around all corners by dumbing down their breach efforts. The context-based solution discussed above can also help you monitor your inter-process communications. 

In a zero-trust cloud-based networking solution, access privileges can be managed on not only end users, but also on the devices communicating with one another. Having policies in place can stop threat actors from landing successful attacks on your cloud assets.

Our experts say about CompTIA Certification Exams

Tech News That Black Mirror Anticipated - CompTIA Certifications

When a newer television anthology gets compared to an institution as groundbreaking as The Twilight Zone, it’s natural to assume that the hype machine is overstating the case. But Black Mirror, which debuted in 2011 in the U.K. and on Netflix in 2014 in the U.S., is one of the rare instances in which the publicity matches up with the reality. With The Twilight Zone, Rod Serling and a stable of top science fiction writers deftly wove the pertinent fears and moral conflicts of the 1950s into timeless works of speculative fiction – giving viewers a weekly dose of fictional futures that oftentimes double as clear commentary on the present. In today’s world of rapid technological change, Charlie Brooker’s Black Mirror manages to fill the same role.  

What Cold War paranoia and nuclear annihilation were to The Twilight Zone, mass communication and the fast pace of technological change are to Black Mirror. Not to mention there’s a generous helping of farther-future fables – perennial cyberpunk speculation on what it means to be human in virtual worlds, updated with an iPhone aesthetic. It’s television that entertains as much as it tells us something about ourselves, and with each passing year it seems as though there are handful of real-life events that fans can’t help but point to as Black Mirror moments – where the world seems to be referencing Black Mirror rather than the opposite.

In the wake of Black Mirror’s interactive film Black Mirror: Bandersnatch, let’s examine three recent tech stories that came eerily close to events on the show.

“Nosedive” and China’s Social Credit Score

While some Black Mirror episodes are uncompromisingly dark, season three’s first episode “Nosedive” gave use a view of a kinder, gentler dystopia. The main character, Lacie, lives in a world in which every interaction between people gets its own star rating. In this pastel panopticon, dropping beneath a certain rating negatively impacts where you can live, work and travel. A few chance encounters as she sets out on a rating-boosting trip to a childhood friend’s wedding send her down a spiral to the bottom of the social milieu.  

Plenty of fans saw an eerie overlap between this world of ever-smiling, star-rating hungry Stepford folk and today’s real world, where cutting a poor figure on social media can doom businesses and even ruin relationships. But the 2018 media focus on China’s social credit system showed us that “Nosedive” may – by the year 2020 – be even more of a reality in some parts of the world. Indeed, reports indicate that based on some elements of social credit now being consolidated by the Chinese government, citizens have already been deprived rights such as traveling, renting hotels and using credit cards.

China’s plan has been decried as chilling, arbitrary and downright creepy, and has also raised eyebrows among critics who have wondered if Western governments aren’t at risk of meandering into the same territory – and if there needs to be something done to stop it from heading in that direction. If we imagine a world in which having a dissident opinion – or a bad day – can impact, for instance, our right to go grocery shopping, we find “Nosedive” to be a rare occasion in which Black Mirror is lighter than the world it reflects.  

“Metalhead” and 2018’s Laws about LAWs 

  

One of the most stylistically distinct Black Mirror episodes, “Metalhead” is a piece of science fiction shot like an old-school horror movie. A woman in a post-apocalyptic future is on the run from a killer AI. But the robot-run future of “Metalhead” isn’t the full-on, chaotic, bombs-away nightmare that Terminator fans associate with a self-aware Skynet. Rather it’s one where simple, dog-like androids chase down their prey in dogged pursuit – with every movement they make aimed at the singular goal of tracking and killing. The sparse look and feel of the episode seem to drive the point home – a robot that just won’t stop coming is classically horrific; as scary as a real-life Michael Meyers or Jason Voorhees.

Our experts say about CompTIA Certification Exams

COMPTIA EXPANDS PUBLIC SECTOR PRACTICE WITH ADDITION OF PUBLIC TECHNOLOGY INSTITUTE (PTI)

The Computing Technology Industry Association (CompTIA) today merged with the Public Technology Institute (PTI), enabling increased collaboration between local government executives and elected officials and private industry to solve society’s most critical challenges.

Today’s agreement brings together PTI, the industry’s leading resource for the wise deployment of technology at the county and city level, with the significant public sector, association and certification resources of CompTIA. Both PTI and CompTIA share common values with the ultimate goals of providing quality programming, networking opportunities, and timely research to city and county agencies and providers.

“We welcome PTI and its members to the CompTIA family,” said Todd Thibodeaux, president and CEO of CompTIA. “Private/public partnerships are critical to tackling our country’s most important opportunities – from IT modernization to broadband to smart cities. We look forward to advancing the work of PTI and augmenting its programs to make a difference in the everyday lives of citizens.”

PTI’s corporate vendor members will integrate into the CompTIA State & Local Government and Education Public Sector Council (SLED).  “PTI will put the “L” in CompTIA’s SLED activity as we work together to grow our resources and relevance at the local level, especially as it pertains to the growing and important market of smart cities,” said Nancy Hammervik, executive vice president, industry relations, CompTIA.  The addition of PTI will also help CompTIA round out its portfolio of public sector programs now covering street to space, offering government resources and benefits for the new PTI Council, SLED Council, Health Services IT Advisory Group (HSITAG) and Space Enterprise Council (SEC).

PTI’s jurisdiction and state agency members will form a new CompTIA Public Sector Council, PTI, with its own set of association governance and bylaws. These members will participate in CompTIA events when appropriate and will not engage in public policy committees nor will they help define the associations legislative priorities. The current PTI Board of Directors will become an executive council serving in an advisory capacity to CompTIA.

PTI and CompTIA will develop a roadmap for growth as well as program enhancements geared towards local governments, both domestically and world-wide.  PTI will continue its strategic partnerships with industry media and other national associations that represent the interests of local government technology executives and practitioners. PTI will continue to deliver programming to its membership in 2019 by focusing on several initiatives to include:

• The start of the 2019-2020 Certified Government CIO (now in its 8th year) program
• An expanded Certified Government Digital Services Professional certification program
• PTI’s popular Tech Matters weekly email highlighting technology news and government services
• The annual CIO and Leadership Summit and “hot topic” events and webinars
• Research (survey analysis, articles, identifying leading practices)

“This is an exciting time for PTI,” said PTI Executive Director Alan Shark, who will remain as head of PTI at CompTIA. “We are looking forward to continuing to provide our members with the world-class level of professional development, technology thought leadership, industry research and insight, consulting services, networking and other important resources they have come to expect and enjoy from PTI, while expanding our reach and our relevance with the support of CompTIA.”

The merger brings 14 new members to CompTIA’s PSA Program to include ESRI, Allied Telesis, Kronos, Nutanix, Motorola, Qualtrics, Ricoh, RSM, Symantec, Tyler Technologies, Information Builders and Plante Moran.

About PTI

Established in 1971 by the several major national associations representing state and local governments, PTI has been viewed as the focal point for thought leaders who have a passion for the furtherance and wise deployment of technology. PTI's initial funding was through a grant from the National Science Foundation. Today, PTI actively supports local government officials through research, education, professional development, executive-level consulting services, and national recognition programs.

About CompTIA

The Computing Technology Industry Association (CompTIA) is the leading voice and advocate for the $4.8 trillion global information technology ecosystem; and the more than 35 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world’s economy. Through education, training, certifications, advocacy, philanthropy, market research and membership programs, CompTIA is the hub for advancing the tech industry and its workforce.

Our experts say about CompTIA Certification Exams

COMPTIA TEAMS WITH SECURITY UNIVERSITY ON CYBERSECURITY - CompTIA Certifications

CompTIA, the world’s leading provider of vendor-neutral skills certifications for information technology (IT) professionals, said today is it teaming with Security University in Herndon, Va., on a cybersecurity apprenticeship program targeted at military veterans and their family members.

Security University’s Q/CyberSecurity RAP program was recently added to the Virginia GI Bill approved list. This allows military personnel, veterans and their family members to use their GI Bill education benefits to participate in the program.

The program relies on classroom instruction and stacked cybersecurity certifications and credentials focused on mastery and competency to prepare new professionals for the nation’s cyber workforce.

Four of CompTIA’s industry-leading certifications are part of the program: CompTIA Security+, CompTIA Advanced Security Practitioner, CompTIA Linux+, and CompTIA Cloud+.

“CompTIA is committed to raising awareness about the critical importance of cybersecurity and the need for a robust cybersecurity workforce,” said Joe Padin, CompTIA vice president for U.S. federal and education certification sales. “We’re pleased to team with Security University in this critical effort to bring more people into the cybersecurity workforce, and to equip them with the appropriate education, training and certifications.”

Newly published data from CyberSeek™, the leading source of actionable data on supply and demand in the nation’s cybersecurity job market, shows that U.S. employers in the private and public sectors posted an estimated 313,735 job openings for cybersecurity workers between September 2017 and August 2018.

The Washington, D.C., metropolitan area had the largest number of job openings for cybersecurity professionals (44,058). Across Virginia there were an estimated 33,530 cybersecurity job openings.

CompTIA offers a wide selection of free resources available to anyone interested in learning more about careers in the cybersecurity field.

About Security University 

Security University is the nation’s leading providers of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

Success Secrets: How you can Pass CompTIA Certification Exams in first attempt 

CompTIA Digital Badging: 5 Facts You May Not Know

You may have heard that your CompTIA certifications can now be shared as CompTIA digital badges – images and metadata offered by Credly that prove to employers that you’ve demonstrated the hands-on skills needed by today’s IT workforce. But do you know how they work, the benefits they offer and how you can get yours? Keep reading to learn more.

1. Digital Badges Are Verified Credentials.

Not just anyone can post a CompTIA digital badge to their LinkedIn profile. CompTIA digital badges are images combined with robust metadata that includes details like what the certification represents, who holds the certification (you), and how and when you earned it. CompTIA has partnered with Credly to translate the learning outcomes from your certification into the metadata that accompanies your badge. The digital badge is yours and yours alone.

The CompTIA digital badge’s metadata not only shows employers what you know, but you can use it to better explain your certifications in cover letters, interviews and more. The next time you encounter someone who hasn’t heard about your certification, you can succinctly explain it based on what you read in the metadata of your digital badge.

2. CompTIA Digital Badges Show a Deeper Mastery of Skills.

Earning multiple, related CompTIA certifications can earn you a CompTIA Stackable Certification, and with digital badging, you can efficiently show your range of expertise. CompTIA digital badges can be activated for both individual and stackable certifications. (Credly works with a number of education, training and certification bodies, so there may be other digital badges that you can activate to round out your profile.)

For example, if you have CompTIA A+, CompTIA Network+ and CompTIA Security+, you can activate those individual digital badges as well as the badge for CompTIA Secure Infrastructure Specialist. The metadata for the stackable certification will show employers the individual certifications you earned to achieve that credential and what IT skills are related to it.

3. You Decide Who Sees Your Digital Badges.

Some people like to shout their achievements from the rooftops while others prefer to keep them on a need-to-know basis. With Credly’s Acclaim platform, you decide who gets access to your CompTIA digital badges. You can easily configure your privacy settings to control what information is made public and what is kept private.

Some people might post their badges to every social media profile, their email signature and their online portfolio, while others may reserve their CompTIA digital badges for their resume only. You can use Credly’s Acclaim platform to display your digital badges, or you can download them to share on other open badge infrastructure (OBI)-compliant sites. CompTIA digital badges meet all these needs and more, so you do you. You’re in complete control.

4. CompTIA Digital Badges Help Set Your Career Path.

Identifying the next steps in your career can be challenging. When you activate your CompTIA digital badge, you’ll gain access to resources that can help you make informed decisions about your next move. Through Credly’s Acclaim platform, you can access labor market insights to search by title, location, employer or salary range for open positions related to your certification. If you find a job posting that interests you, you can apply with just a few clicks.

You’ll also receive personalized certification recommendations based on your earned credentials and special offers for additional training and certifications from CompTIA.

5. CompTIA Digital Badges Are Free! (Well, Sort Of…)

There are no additional fees associated with activating your CompTIA digital badge. Once you’ve earned your CompTIA certification, your CompTIA digital badge is an added benefit we’re providing to you, free of charge.

If you already hold a CompTIA certification or stackable certification that’s eligible for digital badging, you’ll receive an email inviting you to activate your badge. It’s a quick-and-easy process – within minutes, you can activate your badge and start sharing it.

Success Secrets: How you can Pass CompTIA Certification Exams in first attempt

Computer Networking, IT Infrastructure and Your IT Career

From PCs to Computer Networking

I remember him trying to teach me the concept of databases, networks and how computers worked. I was already pretty savvy about how a PC worked. In fact, I would fix Dr. Snyder’s computer now and again. He had a really, really temperamental old CD tower drive. It was a huge thing – about the size of the monolith in 2001: A Space Odyssey. I remember diagnosing its problems and discovering that it had a loose connection on the back that was too expensive to fix. So, what did I do? I put a sticky note on the top of the thing that said, “Never touch this drive.” It was a fix that worked for years.

But I was worthless when it came to understanding networking and its foundations. In fact, I was pretty dismissive about the whole internet thing. After all, what’s the point of having computers communicate with each other? Isn’t that what phones are for?

When I asked him why this internet thing was a big deal, I remember how Henry decided to get all “Foundations of the Internet” on me. He trotted out a bunch of old books from the 15th, 16th and 17th centuries to get started.

I still remember the sound of the cracking of the bindings, and the smell of the old leather covers. He used these antiquarian books to show how one computer communicates with another. I remember him saying, “You know, back in the day, these books were cutting-edge technology. Now look where we are!”

Learning Computer Networking Basics

He realized I didn’t quite understand how computers talked to each other. So, he and some of his co-workers explained how they have to translate their unique MAC addresses with logical IP addresses.

He did so by explaining how the British Library has a physical address as well as a well-known name. He said that as humans, we can resolve these two things together, and computers, he said, have to do the same thing. He was very clever at analogies. I remember thinking about his analogies as I viewed files uploading across the internet at the incredibly fast pace of 36.4 Kbps. Ah, how infrastructure and networking has progressed these days!

Throughout all these mini-lessons and mini-bootcamps, Dr. Snyder and his co-workers inspired me. First, he taught me protocols such as Gopher, and Kermit, and eventually Transmission Control Protocol/Internet Protocol (TCP/IP), and this “new thing called the web.” He also inspired me to want to teach this stuff.

Whenever I find time, I try to do the same thing to help other folks learn about technology. The problem is, my analogies are never as good as his. Thankfully I was able to take my foundational knowledge of networking and push it to the next level.

Networking as a Foundation for Cybersecurity

A few years after I worked for Dr. Snyder, I decided to pursue networking and the internet as a career. I took the CompTIA A+ exam and the then-relatively new CompTIA Network+ exam.

I remember when I passed them – it felt so good. As I studied about networking, I thought how I now fully understood how Henry’s databases really worked and how that little office in the basement of Rivera Library at UC Riverside was able to communicate with the British Library and other sites worldwide.

How Cloud Computing is Revolutionizing the Way We Manage Software

The cloud computing revolution is reaching a new stage in its evolution. CompTIA’s 2018 Trends In Cloud Computing report shares that in 2018, nearly half of companies state that between 31 percent to 60 percent of their IT operations are now cloud-based.

This means that the industry discussion about cloud computing is no longer entirely about if enterprises will adopt cloud-based solutions but, rather, what value they’re getting out of them and how. So, let’s take a more detailed look at how companies and their staff are benefitting from moving applications to the cloud, and how everyone in the channel is finding their footing in this new cloud-based computing environment.

Cloud-Based Software as the Foundation for Automation  

In the first wave of cloud adoption, the main value propositions of deploying software from the cloud was reduced infrastructure costs. An SMB using a cloud-based email solution, for instance, wouldn’t need to invest in an in-house server, nor the IT staff to maintain it.

But the quality and value of cloud-deployed enterprise software packages has increased beyond this. Vendors have begun to introduce features that streamline and automate tasks in ways that leverage, and require, the cloud’s accessibility and enhanced processing power to manage. These cloud-based tools don’t just save money, they increase effectiveness. In fact 81 percent of businesses report the cloud playing some role in enhancing automation efforts.

What Types of Cloud Apps Are Trending? 

Different rankings place different cloud-based tools at the top, but you’ve doubtlessly used a SaaS tool or two in the course of doing business. Microsoft has had great success with its cloud-based iteration of its mainstay office tools, Office 365. Then there are hugely popular CRM tools like Salesforce, smart document storage solutions like Box, cross-office collaboration tools like Slack – the list goes on. What all of these tools offer is convenience, advanced opportunities for collaboration and accessibility no matter where users are physically located or what devices they are using. 

Cloud’s New World of Value-Add Opportunities 

CompTIA’s latest research on business cloud adoption points out that cloud hasn’t replaced or rendered irrelevant the third-party selling relationships long crucial to enterprise IT. There is still plenty of room for the value-added middleman in cloud relationships. MSPs in the cloud game offer consulting, maintenance, management, education, app development and other add-ons that extend the value of the vendor relationship.

Winning with Cloud-Based Solutions 

Understanding the successes that companies are having utilizing cloud-based apps, and where third parties are coming in, can help alleviate anxiety and cut through the buzz. While it may feel like a different world, good cloud-deployed software does what good enterprise software has always done – it provides the right tool for the job.