Getting to know Paul Orange

Our meet the team blog series highlights the amazing people behind Xalient. This week we met with one of our Solutions Architects, Paul Orange, to learn a little more about him and his role at Xalient.

To kick things off, could you tell us about your career background and current role at Xalient? 

I left university and started working at the Co-Op in Manchester analysing utility bills for the Co-Op estates. This led me to a different job as a telecoms analyst at another company before I started to work for ‘Thus’ in Scotland as part of the telecoms and networking pricing team. Thus was purchased by Cable and Wireless (now part of Vodafone), and I took a job there as a Trainee Sales Engineer. From there, I went to Orange Business Services via a few years at Global Crossing (which became Level 3, now part of Lumen). I was at OBS for ten years.

I’m a Solutions Architect here at Xalient, it’s a home-based role, but I enjoy coming into the Leeds office.

What is it that attracted you to Xalient? 

Having come from a huge Tier 1 global network and telecoms provider, I like that Xalient is a young, agile company. I see being ‘born in the cloud’ as a significant benefit when competing against some legacy providers in the market. We don’t have old infrastructure, such as an MPLS network, to keep supporting and paying for.

What’s the first thing you do when you start your working day?

Coffee and porridge. Check my diary to see what the day has in store. Stop the kids fighting. I might try and go for a run or cycle if it’s dry and I’m in the right mood.

And what does a day in life look like for you? Can you take us through a recent work day?

If I’m working on a live bid, my day will include:

  • Scoping and creating a Bill of Materials (BOM) for the prospective customer.
  • Completing RFP response questions.
  • Joining bid team calls.
  • Preparing internal sign-off documentation.

Once a bid is ‘won,’ I’ll work on Statement of Work (SoW) docs. Plus, there’s constantly training to do. I’m currently working towards the CISSP qualification.

How would your colleagues describe you?

I don’t know – you’ll have to ask them 😊

What do you like most about your job?

The best thing about this job is how varied the role is – I get to work on different opportunities, each unique. It’s essential to keep on top of technical developments, and training is key.

What would you do for a career if you weren’t doing this? 

Honestly, not got a clue! 

What do you like to do when you’re not working?

I’m a season card holder at Manchester City, so every other weekend, I’m at the Etihad Stadium plus, I try and get to as many away games as I can. I also enjoy mountain biking and try to get out on my bike a few times 

a week.

In the past 12 months, have you started or stopped any routines or habits that have changed your life?

I’ve been trying to reduce my carbon footprint by travelling less by car – with my old role, I was away a lot flying and driving, so I’m glad that has reduced. 

Are there any products, gadgets, or apps you can’t live without?

I use a great app – ‘Komoot’ – for finding and following cycle trails and routes – I’d be (literally) lost without it.

Who/what inspires you (work, personal or historical)?

I always looked up to my Grandad – he fought for his country in the 2nd most dangerous role in the second world war – he was a pilot in bomber command (most dangerous: submariner on a U-boat). He worked hard so his family could have a good life, was great fun to be around, was always positive, and was a great human.

What’s a fun fact about you many people might not know?

My dad has a racehorse named after him (Mr Orange).

Our meet the team blog series highlights the amazing people behind Xalient. This week we met with our Talent and Development Manager, Zoe Donnelly. Zoe is responsible for implementing the complete talent acquisition strategy for all roles; attraction and selection, internal mobility and talent management, innovation, and continuous improvement of process and recruitment tools. Zoe also looks after employee development and is currently scoping out a self-service L&D model for all employees. We caught up with Zoe to learn a little more about her and what makes her tick.

Could you tell us about your career background to kick things off? 

I’m a bit of a mixed bag in that I left Uni with a History/English degree, fell into the finance world, studied and passed my CIMA and worked in finance for a bit, and then decided to try the IT recruitment world. 

What is it that attracted you to Xalient?

The people! I wasn’t looking when I was first approached, but after meeting Annie Davies (my boss), I knew I wanted to work for her. This was further cemented when I met the rest of the team – I knew I wanted to be part of this company. The energy, speed, innovation, and tech blew me away!

What’s the first thing you do when you start your working day?

The day starts at 7 am with either a  PT session  (I like the boxing ones) or a dog walk. Then coffee (strong), check emails and reply to anything urgent while shooing my girls out the door for school (husband does the drop-offs). Then more coffee and plan my day.

And what does a day in the life of Zoe look like? Can you take us through a recent work day?

There is never a typical day in recruitment. I’m usually headhunting and sourcing candidates for roles, which can be anywhere (the UK, US or India), writing adverts, replying and arranging calls with candidates, and catching up with the HR team on changing priorities and arranging interviews and liaising with outside L&D providers to understand if their offer would fit Xalient for our employees. I am currently scoping out the L&D offering, what we have in the house, what to buy in, etc.

How would your colleagues describe you?

Good question. Hopefully, a team player and someone they can come to for support.

What do you like most about your job?

I really get a buzz out of finding the right candidate for our roles and making that offer. For some, it can be life-changing, and I often get people crying with happiness.  Can’t beat that! I also like my role’s speed, pace, and autonomy to look for solutions and make changes for the better.

What would you do for a career if you weren’t doing this?

Probably own a bar, somewhere hot!

What do you like to do when you’re not working?

Being with my girls (6 & 11), watching them play cricket, football, and squash. My oldest beats me at squash now. And drinking very nice wine with friends and family.

In the past 12 months, have you started or stopped any routines or habits to change your life?

I started more frequent PT sessions. It sets me up for the day if I can fit it in early.

Are there any products, gadgets, or apps that you can’t live without?

I like Insta, Tik Tok (sorry), Uber, and Deliveroo! (I don’t cook).

Who/what inspires you (work, personal or historical)?

My girls inspire me to be better every day and try to change the workforce for women. So when hopefully they enter the workforce, they won’t have to deal with archaic attitudes!

What’s a fun fact about you that many people might not know?

I used to do competitive swimming for Wales 😊

How does Identity and Access fit into the Zero Trust Framework?

Identity and Access is a vital component of Zero Trust. It is crucial to securing business data, keeping customers confident and employees protected. Any high-level security model really breaks down into a trust issue: Who and what can I trust? – the employee, the devices, and the applications the employee is trying to connect to. In the middle is the network but today, the corporate backbone is the internet. Identity is the fundamental feature in controlling who has access to your company data, from where and using what device.

With Zero Trust, we assume everything on the internet holds risk, and that no user or application should be trusted regardless of whether the person or entity is “inside” or “outside” an organisation’s perimeter. Instead, we must continuously and rigorously verify anything and everything before granting access.

Most organisations have some sort of Identity solution – especially with cybercrime escalating, and a record-breaking number of data breaches of increasing sophistication and severity taking place year-on-year.

Organisations with less sophisticated tools, or who are not making full use of their solution i.e., only implementing a Multi-Factor Authentication (MFA) or just utilising basic credentials to access a VPN (Virtual Private Network), represent a significant percentage of victims targeted, especially during the pandemic. As a consequence, the Zero Trust model has quickly become a fundamental security requirement rather than a ‘nice-to-have’.

One would expect this to be high on the list of priorities for an organisation that has a vastly distributed workforce. The company may have accumulated many tools that do the same thing – VPN clients, Endpoint Detection and Response (EDR), Antivirus and Remote Access etc. -and, as a result, has identified a gap in their security posture and policy.  Xalient’s Identity and Access module consolidates and manages these tools so that the user at the start of the journey has the correct experience from the get-go. Furthermore, the framework utilises identity verification, authentication factors, authorisation controls, as well as other IDAM and cybersecurity capabilities to verify a user before any level of trust is awarded.

Organisations are looking for a secure solution for their applications, devices, and their users, which is why the Zero Trust model becomes a fundamental component, regardless of where they are located.

The shift to remote working

With remote and hybrid working now commonplace, there has been a mass migration away from the secure perimeter, which has put more emphasis on consumption of cloud services. The concept of trying to extend the secure perimeter to the location of the user and the application means businesses must be ready to implement Zero Trust for all types of users, not only employees but partners, contractors, and customers too.

At the same time, organisations need to harness the power of applications. They need to be highly productive with fast and easy access to the applications they need to do their job. This is not only essential but is fundamental to becoming a modern digitised business. To enable this environment, businesses need reliable network access from the edge to the core and security that is based on a Zero Trust framework to ensure robust, efficient, and secure access to essential business applications from wherever the employees and/or users are located.

What does Xalient’s Identity and Access Module Encompass?

As part of Xalient’s Zero Trust Framework, the Identity and Access module supports both remote and branch / on-prem cloud and cross-domain technology. The module is focused on providing solutions to the questions of trust, specifically user, device and location. We offer a consultative approach drawing on significant technology expertise and experience, with a world-class Managed Services offering. Our dedicated team are experienced with industry leading IDAM, EDR and NAC (Network Access Control) solution vendors, and have the skills required to design, build, and manage your global Identity and Access Management solution for you. Our certified consultants and administrators can advise on how you can ensure only the right people access your network, but also do so efficiently and securely, wherever they are in the world.

Our meet the team blog series highlights the amazing people behind Xalient. This week we caught up with one of our Security Support Analyst’s, Cristian Corbu to find out a bit more about him and his role here at Xalient…

To kick things off, could you tell us a bit about your career background and current role here at Xalient?   

I started as a customer service representative in an outsourcing company here in Romania. Within this role, I was able to learn all about Okta.

From there, I saw the opportunity to work at Xalient as a Service Desk Analyst Engineer, where I am now responsible for handling Okta service desk requests such as, application assignments, MFA resets and everything that might arise.

What is it that attracted you to Xalient?

I was looking for a job where I could work and further advance my knowledge with Okta and when I heard about Xalient it was a perfect match. I immediately went to the Xalient website and read all about Xalient and their portfolio and I knew I had to apply.

What’s the first thing you do when you start your working day?

My routine really depends on the shift that I am working on, but typically it starts with coffee and browsing the internet to catch up on the latest news and events.

And what does a day in the life look like for you? Can  you take us through a recent work day?

A recent work day will be a night shift. I usually wake up at around 19:00 PM so I have time to go to the store. When my shift starts at 22:00 PM I check with my colleagues if anything major happened on the previous shift, then I check my e-mails. If the night shift is not that busy, I tend to focus on catching up on different training.

How would your colleagues describe you?

I think my colleagues would describe me as a hardworking, trustworthy person who works well under pressure and with the team.

What do you like most about your job?

I enjoy everything about my role. I especially like the team; we work really well together and it makes my working day enjoyable.

What would you do for a career if you weren’t doing this?

I always wanted a career within the tech industry so you could say, I am living the dream, but if I wasn’t in the tech I would love to open a bakery.

What do you like to do when you’re not working?

When I am not working I like to relax by watching movies, listening to audio books and playing video games with friends. One of my all-time favourite movies is the Lord of the Rings trilogy.

Are there any products, gadgets, or apps that you can’t live without?

Like many others, I wouldn’t be able to live without my phone.

Who/what inspires you (work, personal and/or historical)?

The person who inspires me is my mum. She always works hard and finishes every task that she starts and truly enjoys the work that she does. I want to work just as hard as she does and progress in my career. I think my role at Xalient is a place where I can work hard and gain the experience I need to achieve my goal.

What’s a fun fact about you many people might not know?

Not many people know this about me, but I really enjoy doing karaoke.

Written by Mark Cooke, Chief Operating Officer, Xalient 

Today’s enterprises conduct business and use digital technologies in ways that are evolving constantly.  This digital transformation is making traditional perimeter-based cybersecurity IT infrastructure redundant. The days when every user and every device that are sat inside the organisation’s premises or firewall can be automatically trusted, are over for good. 

For decades, the enduring principle in corporate IT policy was the ‘castle and moat’ approach to securing user access to applications. Everything that needed to be accessed securely sat inside the castle and once the drawbridge was up and the castle was protected by its moat (or firewall), nothing unknown could get in or out, and everyone could trust each other.  However, over the last 10 years applications and workloads have moved to the cloud, and users are increasingly accessing them remotely via the internet. This means that traffic is going from a user that was sitting inside the castle to an application that now sits outside. The network is no longer a secured enterprise network. Instead, it is the unsecured internet and the solutions employed to keep attackers out are no longer effective. 

Megatrends  

In addition to the technological changes in the way enterprises operate today, there have also been massive global macro-economic shifts that have fundamentally changed the way companies hire staff and engage with customers around the world. This globalisation of business and trade is an unstoppable trend and has been accelerated by the pandemic, with employees potentially working anywhere. The result is that organisations have been looking carefully at how they solve the problem of allowing employees – wherever they are located physically – to access mission-critical applications securely. 

In the pre-Covid era, remote work was not uncommon, but now that working from home has become widespread, security technologies and processes based purely on established geographic location are becoming irrelevant.  Overnight in some countries, tens of thousands of workers have gone from the office to being at home where they are sharing broadband connections with family, friends, and gamers.  With a remote workforce, the use of potentially unsecured Wi-Fi networks and devices increases security risks exponentially. 

Not only are employees’ work from home setups and environments not as secure as the office, but the broadband connections are weaker too. This means their experience of trying to access office applications is suboptimal. Their Wi-Fi router may not have been configured for WPA-2; their IoT devices on the home network, like baby monitors or smart thermostats, are running a hodge-podge of security protocols, if any; and all this is being managed through a corporate VPN that is slowing traffic down even more. It’s not difficult for a threat actor to work out that an organisation is using a centralised firewall and then launch a DDoS attack that threatens to take down the business. 

Zero Trust verification 

In this environment more and more enterprises are now adopting a Zero Trust approach. Zero Trust is a security concept centred on the belief that organisations should not automatically trust anything inside or outside its perimeter and instead must verify anything and everything trying to connect to its systems before granting access. Without an overarching system like a Zero Trust framework, employees working in a secure environment can no longer be verified — or controlled. Zero Trust employs least-privilege and “always-verify” principles, offering complete visibility within the network, whether in data centres or the cloud. 

CIOs, CISOs and other corporate executives are increasingly implementing Zero Trust as the technologies that support it move into the mainstream; as the pressure to protect enterprise systems and data grows significantly; and as attacks become more sophisticated. By removing the centralised approach to policy enforcement and moving towards more of a distributed SaaS model where security is delivered via the cloud – coupled with encryption and SD-WAN technology – identifying the user and providing access to the applications they want becomes far more effective and cost-efficient compared to MPLS.  This approach enables distributed teams to collaborate and talk to each other without requiring centralised locations and security postures that mandate VPNs, with associated costs and poor performance issues. 

Challenge and benefits 

It is undoubtedly a challenge for most large enterprises with established IT teams that have worked on a ‘trust but verify’ basis using corporate firewalls and VPNs, to change direction and move towards a Zero Trust basis, but in our view adopting this approach does bring other benefits. In a Zero Trust environment, security controls are deployed with the assumption that the network is already compromised. No unauthorised processes or applications are allowed to execute, and authentication is required for access to data. 

With no network perimeter for the enterprise to manage, users can be anywhere and on any device. The devices that workers use are less likely to be ones assigned by the employer. Employer-owned laptops and phones are traditionally managed, patched, and kept up to date with security tools and policies. However, with everyone working remotely, employees may forget basic cyber hygiene skills and start to use their own devices to access work networks or apps. They could be using their work laptops to shop online between Zoom calls. Even if zero trust security can’t force employees working at home to use work devices only for work, it can control the potential for a security breach because of the fundamental “trust nobody; verify everything” rule that enforces access controls at every point within the network. 

If the enterprise moves to a managed cloud or even hybrid cloud platform and all policy is managed from a single point across the whole organisation, CISOs can customise and improve the user experience by only giving employees access to the applications they need to work with, thus reducing latency on remote connections.  From a user perspective they get the quickest access to the apps they need the most. 

More cost effective than MPLS 

Another benefit for CISOs is a reduction in Capex when compared to MPLS networking. Historically, businesses have made huge investments in centralising firewalls and maintaining all the software and hardware required to support their security policies. This expense all moves away as cloud security becomes driven through the SaaS platform and on-demand pricing. 

SD-WAN is a core component of Zero Trust and also makes management of it easy, allowing IT to avoid complex network-security architectures, and removing the convoluted connections between appliances and users, while providing the highest security through a cloud-delivered model. Instead of appliances, all traffic is securely connected through a cloud-delivered service, whatever the connection type – mobile, satellite or home broadband. And because the intelligence of the network is software-driven and orchestrated centrally, it can manage the user’s journey through an insecure internet to the location of the application and compresses other applications to make it a vastly more efficient and less costly experience. Moreover, crucially for the enterprise, not only is this all done in a secure way using encryption which enables integrity between the user and the application, but SD-WAN delivers more agility and choice than legacy MPLS. 

Without a doubt in 2022 security will be high on the C-Suite agenda.  With intensifying trade disputes, an escalating threat landscape, a highly distributed workforce, supply chains stretched to breaking point by the pandemic, and extra pressure exerted by the ongoing effects of Brexit and other escalating geo-political issues, having a secure, productive, agile and cost -effective security framework in place will be paramount. 

 

You did it. You bought Zscaler and now the cloud transformation journey is before you. Now what?  More specifically, when you look back a year from now, how successful will you measure the progress and, more importantly, how well positioned are you for the years to come? Kevin Peterson, Xalient’s Senior Cyber Security Strategist and former Director of Security & Network Transformation at Zscaler guides you through Xalient’s Best Practice Guide to your successful Zscaler deployment… 

If you have a rather large deployment, then chances are you also paid up for Zscaler’s Deployment Advisory Services (DAS). While that’s the obvious next step, it’s really only the very beginning. Where you go beyond the DAS threshold will define just how great your success story will be. To help shed some light on what that can look like and how you might be one of the showcase installations, here’s how Xalient, a top Zscaler partner, covers the entire Zscaler deployment journey.  

Top Tip: Even if you don’t use Xalient for your implementation, there’s no harm in mapping this as best you can to your own capabilities.

The 3 Phases

Phase 1: Zscaler’s Deployment Advisory 

Whether you call it baselining, onboarding, or orientation (all are fitting), this first phase is all about helping you reach, at the very least, the Minimally Viable Product (MVP) in the shortest time possible. Most will estimate this to be about 25% of their core needs, which is actually a good estimate. The goal is to get you comfortably nudged into that sweet MVP spot of where you want to be in the early stages of your deployment, as dictated by which level of DAS you purchased. It’s as simple as that.  

“To DAS or not to DAS?” is not even a question here. If Zscaler and/or one of their elite deployment partners recommends that you add this to your installation, find the budget for it and do it. You won’t regret it. I personally haven’t seen a project fail when DAS has been at the forefront, in fact, the best major implementations I can recall, have been in tight partnership and alignment with the relevant playbooks.  

To be extra clear, it’s safe to say you will NEVER hear anyone at Xalient say you should forego a well-positioned DAS recommendation and replace it with a similar advisory service. But what you will hear and see from our leadership position is that having an overlay professional services consultant (aka Zscaler coach – managed by Xalient) can provide exponential value in the form of much faster, and thorough implementations.

 

“‘Advisors’ sit in the stands and actively push down advice/recommendations onto the field of play. Good advice, no doubt. But is that the same as being the accountable coach that must be there until the game is won?”

 

Xalient Best Practice: Ask your Zscaler sales rep and the deployment partner to agree that DAS is a fit for this new installation (or major upgrade) and then supplement it with a more comprehensive professional services coaching engagement. The next phase will show why it matters.

 

Phase 2: Growth 25%-75% 

As the baseline orientation and onboarding comes to an end, the big rollout is upon us. It’s time to ramp up to 75% of the deployment in partnership with your Xalient Professional Services Coach. Right now, you probably have 2 questions on your mind: 

1) How is 75% calculated and measured?  

Honestly, even for the best of us it’s somewhat arbitrary. It could be based solely on the percentage of licenses or blended with a checklist of features to be implemented. But before things even start, everyone knows what the target looks like. The next question explains why it doesn’t really matter that much.   

2) Why just 75%?  

Our goal is to get your organization rolled out as fast as possible so that we can move on to the next great customer. As projects near the end of completion, things tend to slow down as people start to get reassigned to other projects. This ends up hurting for a number of reasons, such as not taking full advantage of the knowledgeable resources in the first 3/4 of the deployment. By forcing our core involvement into the first 3/4, we are pushing you to be ready earlier. That’s what the business wants. 

Xalient Best Practice: Avoid ‘staff augmentation’ approaches. You can go and ask an army of recruiters to help you find a Zscaler engineer to join your team and it likely won’t deliver the results you are after. Many organizations think they want the default “contractor”, when what they really need is a program built for speed, depth-of-knowledge, and accuracy. When done right, everyone succeeds faster. And the scalability and resilience offered by a service offering is exponentially more capable than any single person.

 

Phase 3: 75% – Infinity 

This is where it really gets fun! You have been highly successful up to this point and Xalient has you ready to take it across the goal line…yourself. And you absolutely should want that personal and professional satisfaction.  

But you are also, quite understandably, nervous at the prospect of losing your daily coaching. Have no fear, there are 3 key choices you can make at this point to assure your future success.  

Decision Time 

  1. Take over and Xalient exits (we are totally fine with this, of course)
  2. Execute a more detailed SOW for the 75-100% completion window (special use cases – you/we will know it when we see it — like deciding that you really do want to go with Tunnel 2.0 after all, or need some additional help with just reaching SSL inspection goals)
  3. Migrate to Managed Services

Xalient Best Practice: All customers are destined for a managed service. It could be your own in-house model, outsourced, or a combination of the two. Just don’t think you have to take it all on yourself, as there’s a lot of value in having SLA-driven and backed services to keep things on track. Just find and adopt your best managed services model as soon as possible.  

 

Takeaways 

DON’T look to for “staff augmentation”, but rather a team of solution experts that can be both hands-on and outstanding coaches.  

DON’T “lose the plot” to your transformation success story (you worked too hard to throw it away a year or two down the road — for any reason) 

DO look to managed services for peak over-the-horizon success, continuity, and growth. 

 

 

About the Author:

Kevin Peterson is Xalient’s Senior Cyber Security Strategist. With over three decades of global information security and analyst experience, ranging from leading roles in the Fortune 10 (McKesson) to some of the most game-changing tech companies (Microsoft, Juniper Networks, Zscaler). At Zscaler he served as their Director of Security & Network Transformation, where he was also a founding member of their top global Solution Architects team. Since 2013, his focus has been 100% targeted at coaching the largest and most transformational global cloud security programs in order to deliver the success stories for others to follow, thereby shaping the exponentially more capable next generation. 

After six months of training and working within the Xalient HR team as part of the government’s Kickstart Scheme, we’re thrilled to welcome Megan Underwood, in to a permanent role in the Xalient team.

Before starting at Xalient, Megan had some extended time off after her maternity leave and was considering returning to work but looking to start a new career journey. Liking the idea of working and supporting people, HR seemed like a natural fit, and she was keen to start work within an office environment to gain a good understanding of “office life”. We caught up with Megan to find out about her Kickstart experience.

What made you apply for the Kickstarter Scheme that led to your role here at Xalient?

I was at home with my little one during the pandemic, and in truth, it was difficult. I think I lost part of my identity and it made me realise that I wanted to opt for a career change when the time was right to return to work. I’ve always had a passion for working with people, so a role in HR seemed like a good path to follow. When I heard about the Kickstarter Scheme, I felt it would enable me to get the work experience I needed, and, as it turns out, it has been the gateway to a new and exciting future for me here at Xalient!

Can you talk us through what your experience has been like working for Xalient so far?

I’ve been here for over six months now and it’s flown by! I’m really enjoying the role and I feel like I’ve learnt so much in such a short space of time. I cannot stress how many invaluable skills I’ve learnt that I not only implement my career, but in my daily life too.

Lucy Brewer, Xalient’s HR Manager, along with the wider HR team, offered me guidance and support throughout my placement and I had regular 1:1s to discuss any concerns or queries and reflect on what’s worked well and areas to improve. I can honestly say through my experience working at Xalient, I have become ‘Megan’ again. My confidence has grown so much, and I feel excited to see where my future career will go.

What have you enjoyed the most out of your experience?

The people! Everyone at Xalient made me feel so welcome and made the whole experience around me even better.

What has been the biggest skill you’ve learned in this role?

That’s a tough one as I’ve learnt so much! But I’d probably say conflict management – the importance of listening to others and helping to resolve issues in a respectfully, and appropriate way.

What has been your biggest learning curve starting in the HR?

Getting to grips with the structure of the organisation, how all the departments work together and the specifics of every person’s different role.

What advice would you give for anyone considering a Kickstarter role?

To anyone considering applying, I’d certainly encourage them to do so as it’s probably one of the best opportunities you’re going to get to start out your career. For those just starting a Kickstart apprenticeship –  make sure you use every opportunity to learn as much as you can, take advantage of all the support on offer and enjoy the experience – you never know where it might lead!

The Kickstart Scheme, which was rolled out in September last year, is a government-led program that aims “to kickstart the careers of thousands of young people who could otherwise be left behind as a result of the pandemic”. The focus of the scheme is providing 6-month placements to out-of-work young people.

This week marks this year’s Mental Health Awareness Week, and here at Xalient, we know how important it is to look after our employees. The importance of not only enjoying work, but how having a balance is key.

Our employee engagement strategy is underpinned by a holistic approach to staff wellbeing. Every employee is encouraged and supported to thrive at Xalient and to fulfil their full potential. When we talk about thriving, we refer to within and outside the workplace and have a duty to support the mental health and wellbeing of our employees.

So what do we offer?

As part of our Employee Assistant Programme, all our employees have access to the ‘My Healthy Advantage’ app. The service works on two levels: first, to aid anyone seeking general information or advice on areas such as sleep, stress, nutrition, exercise, mood, etc. and second, to access 24/7, 365 days a year access to Counselling, CBT, legal, financial and medical support – on the same day as referral. It’s a free resource for employees to use, as and when they choose, and is completely confidential.

We also have employees who have been trained and accredited in Mental Health First Aid. They are on hand to better support our team offering knowledgeable help and advice, and can be contacted during work hours to talk about anything that might be causing staff a concern. They can also help to point them in the right direction for further support as appropriate.

Our Culture and Inclusion Programme has been designed to sustain the Xalient culture, across every professional discipline and all geographies, to be truly immersive and benefit all team members. It’s a programme for our people, to recognise and appreciate their great value, provide a work environment they enjoy and where they will thrive and open a continual channel to communicate easily with others. It  ensures the delivery of our commitment to diversity, inclusion and equality, give sharp focus to our Team Members’ wellbeing and enable participation for all to influence and evolve our business, as it grows.

We also continue to roll our frequent mindful workshops, self help videos and support, access to NLP coaching as well as regular social events in the offices. We find these social events give our team a break away from the working environment and the opportunity to reconnect (finally!) with face-to-face interactions in a social environment.

Xalient are proud to offer a number of mental health and wellbeing tools to everyone in our team, irrespective of location, to ensure they have access to the right support if and when they need it.

By Kevin Peterson, Senior Cybersecurity Strategist, Xalient

Remote and hybrid working patterns have extended the corporate world into every home and user device, and as the global pandemic recedes, this is a trend that is here for the long term. In fact, it is hard to overstate the pace and extent of digital transformation undergone by the enterprise environment in the past two years. As 2022 unfolds, the daily working experience for employees looks very different to the way it looked before the pandemic.

Why “the network” has become irrelevant

Now that the hybrid environment has evolved employees can be anywhere; in the office, at home, on a train or in a coffee shop. From a security point of view, locking down the enterprise perimeter and securing network access is no longer what matters; to some extent the network has become almost irrelevant, instead the focus is now around securing applications.  At the same time, organisations need to harness the power of applications, they need to be highly productive with fast and easy access to the applications they need to do their job. This is not only essential, it is foundational to becoming a modern digitised business.  To enable this environment, businesses need reliable network access from the edge to the core and security based on a Zero Trust model to ensure robust, efficient and secure access to essential business applications from wherever employees are located.

As enterprises have accelerated their digital transformation initiatives the number of possible attack vectors has grown, as digital systems need to have multiple access points for customers, partners, and employees, and this has created a vastly expanded attack surface.  As a result, cybercrime has escalated, and a record-breaking number of data breaches of increasing sophistication and severity are taking place year-on-year.

Operating on a Zero Trust basis

The stark reality is that this new hybrid workforce brings an increasing level of risk.  With work happening at home, the office, and almost anywhere, and cyberattacks surging, security must be the same no matter who, what, when, where and how business applications are being accessed. Now that the security control organisations once had has quite literally left the building, this makes it critical that each and every connection operates on a Zero Trust basis.  Cybersecurity leaders have historically called this “default deny”, which it still is. Only now, thanks to cloud platforms that tie user and device identity into the equation, the controls to make it a reality are both scalable and elegant.

What we mean by Zero Trust is that organisations effectively eliminate implicit trust from their IT systems, and this is replaced or embodied by the maxim ‘never trust, always verify’. In practice this means only trust those who have appropriate authority to access.  Zero Trust recognises that internal and external threats are pervasive, and the de facto elimination of the traditional network perimeter requires a different security approach. Every device, user, network, and application flow should be checked to remove excessive access privileges and any other potential threat vectors.

Nevertheless, working with a remote workforce isn’t a new concept.  There are plenty of visionary enterprise organisations that have been thinking about this issue for a long time, but sophisticated solutions haven’t always been available. In the past, enterprises relied on Virtual Private Networks (VPNs) to help, albeit minimally, solve user trust issues, but now the time is right to re-think enterprise security models in light of the modern security solutions that are available which can be implemented easily and cost-effectively.

Rewind to the security backstory

Ultimately, any high-level security model really breaks down into a trust issue: Who and what can I trust? – the employee, the devices, and the applications the employee is trying to connect to. In the middle is the network but today, more often than not, the network is the internet.  Think about it.  Employees sit in coffee shops and log onto public browsers to access their email.

So now what organisations are looking for is a secure solution for their applications, devices, and users.

Every trusted or ‘would-be trusted’ end-user computing device has security software installed on it by the enterprise IT department. That software makes sure the device and the user who is on the device is validated, so the device becomes the proxy to talk to the applications on the corporate network. So now the challenge lies in securing the application itself.

Today’s cloud infrastructure connects the user directly to the application, so there is no need to have the user connect via an enterprise server or network. The client is always treated as an outsider, even while sitting in a corporate office. The servers never even see the client’s real IP address (because they don’t need to) and even data centre firewalls are of far less value as the Zero Trust model, and expertly applied policies and controls, are now exponentially better.

Death to the VPN!

In this new construct the VPN dies, thanks to Zero Trust Network Access (ZTNA), and networks become simplified with lower operational running costs, thanks to SD-WAN.

So, does the old client VPN truly die? Yes, it does! The reason is that we are now only concerned with what we trust: the user, their device, and the destination. Notice that “the network” isn’t part of that. Why? Because we don’t trust users or their devices any more on the corporate network than we do on public networks. So even when connected to a LAN port on the desk, they have the same seamless security posture and always-on application (not network, but application) access that they would if there were on public WiFi.

Just as film is no longer used for taking pictures, VPNs are no longer the future for application access. Everyone now sees that the real need is not for users to access networks, but rather just to access the applications as though they are all cloud accessible. That’s the Zero Trust-based future for us all.

New thinking

Most enterprises realise that it is time to enhance remote access strategies and eliminate sole reliance on perimeter-based protection, with employees instead connecting from a Zero Trust standpoint. However, most organisations will find that their Zero Trust journey is not an overnight accomplishment – particularly if they have legacy systems or mindsets that don’t transition well to this model.  That said, many companies are moving all or part of their workloads to cloud and, thus, greenfield environments. Those are the perfect places to start that journey and larger organisations, with complex IT environments and legacy systems, might see the road to Zero Trust as a multiphase, multiyear initiative.

This is where organisations can work with partners, like Xalient, to assist with implementing security controls and Zero Trust models in the cloud utilising our Xalient Zero Trust Framework. This framework provides a firm security foundation to underpin digital transformation initiatives, helping organisations take their first steps towards becoming a Zero Trust connected enterprise. It does this by addressing common areas of compromise between a user or device and the application or data source being accessed or consumed. And it does it wherever the users, devices, data and applications are located.

In today’s hybrid environment, implementing a Zero Trust approach enables organisations to start to really drive down the risk factors while ensuring the enterprise is future-proofed for 21st century business. With cyber threats only set to escalate, this peace of mind is essential.

 

 

Written by Jeff Gray, Vice-President, Americas, Xalient

If businesses want to win in the 21st century, then harnessing the power of the network across the entire organisation is essential because digital is the new front door for every enterprise. Customer and workforce demands on the network are evolving faster than the pace of traditional businesses and the Covid-19 pandemic has only accelerated this change. The digital winners of tomorrow don’t think in terms of building solutions that merely solve today’s challenges. Their eyes are set on being ready for challenges that are yet to materialise. They build for change.

To thrive, companies need a different level of adaptability and creativity to handle competition, manage new threats and embrace new technologies. Yet the network is often overlooked. Like the forgotten but essential plumbing in a vast mansion which is being renovated for the future, the renovation will include modern new features and facilities to enhance the experience of living there for years to come. However, unless the owners also upgrade the plumbing to create more capacity and resilience, most of these new features won’t function effectively.

Digital innovation drives business growth

Today’s successful businesses need to have a strong innovation culture running through the organisation. The phrase ‘digital transformation’ is not just an aspirational goal, it is critical to business success. That’s because essential business processes and interactions with customers, partners, and employees, increasingly depend on tailored innovative digital solutions.

The path to achieving digitisation and business growth begins with the cloud, helping organisations connect teams, people, data, and processes, in new ways to embrace the possibilities enabled by modern technologies. The cloud has changed more than the way IT is implemented and managed; it is changing the very fabric of business.

To enable this, businesses need robust network access from the edge to the core, using software-defined networking, security, and communications technologies to ensure reliable and secure access to core business applications from wherever employees or customers are located.

2020/2021 were turbulent years, resulting in a shift to remote and flexible working to accommodate challenges posed by the pandemic. Changing working environments shone a spotlight on enterprise-grade networks, and the importance of embedding intuitive, AI-driven network infrastructure into their operations.

Connecting the secure, cloud-orientated enterprise

The impact of COVID-19, along with a change in thinking over the last few years about how the internet can perform as the new corporate backbone, is influencing how businesses deploy and manage their enterprise-grade networks, as well as the tools required to do so.

In the past, traditional Multi-Protocol Label Switching (MPLS) networks were a popular way to ensure reliable connections for real-time applications. MPLS was designed for organisations that had multiple remote branch offices, geographically dispersed across the country or across the world, where most of the traffic was on-network to enterprise data centres. Security was managed from a traditional “castle and moat” perspective, where assets were all protected inside the enterprise perimeter, but the way enterprise applications and ecosystems are being built now is making this approach increasingly obsolete. Today’s businesses have shifted much of their traffic to and from cloud providers instead, rendering MPLS suboptimal.

It is more efficient to send traffic directly to the cloud. Also, the use of cloud services, video and mobile apps has driven up bandwidth requirements, and MPLS services can be difficult to scale on demand. They are also expensive, so enterprises are now looking at Software Defined-Wide Area Networking (SD-WAN) as a way to accommodate 21st century demand for network performance and cost-efficiency.

Building the network of the future

Enabling high performance, secure network access from anywhere really requires thinking about SD-WAN in more detail. While this technology has been around for about a decade now, there are still a lot of enterprises that have yet to adopt it. However, as companies increasingly connect to private or public cloud infrastructure and harness SaaS applications like Microsoft 365 and Salesforce, they need to be thinking about how they adopt SD-WAN into the network. Having a network which is capable of learning and adapting to the type of application traffic that is flowing across the enterprise helps to avoid problems such as bottlenecks and latency and single points of failure.

There are other benefits with SD-WAN, in terms of decreasing costs and being able to access applications which can perform much better than they were previously able to when using the internet as a corporate backbone. Everything is managed through the cloud using innovative, self-learning AI tools which are able to adapt to degraded performance issues and can move traffic around the issue without intervention. Additional internal IT gains include added visibility and insights into their network that was unattainable before through self-service portals.

That said SD-WAN and MPLS are not mutually exclusive and here at Xalient we understand that some customers are not ready to commit to an Internet only traffic medium and we can work with them to develop a hybrid solution.  This is about really understanding what an organisation needs from their network and helping them to build for their current and future needs.

Harnessing agility and innovation

When the computer age took hold in companies some 20-25 years ago, it was obvious that a lot of tasks could be done in a much smarter way with the tools of this new universe. Fax moved to email; documents could be saved, and shared, in digital files rather than steel cabinets; and, eventually, clunky hardware servers could be replaced by the cloud. Some big-name System Integration companies were born in this digitisation — delivering new, useful, one-size-fits-all solutions to the B2B market. And some of these vendors grew enormously during this outsourcing era, but over time, particularly with the advent of cloud technology, this model has started to wane as customers look for more agile partners who can help them truly innovate.

Now CIOs and CTOs are starting to question the role and validity of the traditional systems integrators who are often tied to a particular vendor. Likewise, as these Tier 1 SIs have mushroomed, so they are now burdened by legacy, age, and customs.  Here at Xalient we work with customers to really understand their business drivers and their technology roadmaps so we can put together a tailored solution to future-proof their networks. Customers whom we have done this for include Kellogg’s, Hamley’s, WPP and Keurig Dr Pepper to name but a few.

The world is changing before our eyes and while digital transformation plans continue to accelerate it is hard for senior IT leaders to keep pace with the shift to cloud. This has created high demand for flexible, cost-effective global connectivity and protection against increasingly complex cyber threats. IT leaders are challenged with looking at how they achieve scale, security, access, and performance all whilst trying to protect the business against the ever-increasing threat of cybercrime,  so that they can build the network of the future.  But build it they must in this highly competitive landscape, otherwise they may find that their business starts to become irrelevant.