WHAT ARTIFICIAL INTELLIGENCE CANNOT DO , a grim note to the top 100 intellectuals of this planet , Part 19

THIS POST IS CONTINUED FROM PART 18, BELOW--

https://ajitvadakayil.blogspot.com/2020/03/what-artificial-intelligence-cannot-do_15.html

Capt. Ajit VadakayilMay 9, 2020 at 6:48 AM
I WAS THE FIRST TO INTRODUCE VIRTUAL TEAMING CONCEPT AT SEA

ALL LOOKED AT ME AS IF I WAS CRAZY..

THE TOP GUN TOLD ME ” AJIT YOU ARE TOO FAR AHEAD OF OUR TIMES.. SLOW DOWN”

http://ajitvadakayil.blogspot.com/2010/11/virtual-teaming-capt-ajit-vadakayil.html

THIS PANDEMIC HAS KICK STARTED VIRTUAL TEAMING. . SEE EVERY CLOUD HAS A SILVER LINING..

SAME WAY WHEN I INTRODUCED RISK ASSESSMENT AND PREDICTIVE MAINTENANCE AT SEA, ALL LOOKED AT ME AS IF I WAS CRAZY.

http://ajitvadakayil.blogspot.com/2010/04/dynamic-risk-assessment-on-chemical.html

MY SHORE BOSSES TOLD ME , "YOUR PREDICTIVE MAINTENANCE THINGY IS REJECTED"

I TOLD THEM TO FUCK OFF.. THIS IS MY SHIP AND I WILL RUN IT THE WAY I WANT..

http://ajitvadakayil.blogspot.com/2010/12/predictive-maintenance-on-chemical.html

Capt ajit vadakayil
..

CAPT AJIT VADAKAYIL SAYS AI MUST MEAN “INTELLIGENCE AUGUMENTATION “ IN FUTURE ..

Let this be IA

OBJECTIVE AI CANNOT HAVE A VISION,

IT CANNOT PRIORITIZE,

IT CANT GLEAN CONTEXT,

IT CANT TELL THE MORAL OF A STORY ,

IT CANT RECOGNIZE A JOKE, OR BE A JUDGE IN A JOKE CONTEST

IT CANT DRIVE CHANGE,

IT CANNOT INNOVATE,

IT CANNOT DO ROOT CAUSE ANALYSIS ,

IT CANNOT MULTI-TASK,

IT CANNOT DETECT SARCASM,
IT CANNOT DECIPHER TONE ( I KILLED THE CLERK !? --OF MY COUSIN VINNY )

IT CANNOT DO DYNAMIC RISK ASSESSMENT ,

IT IS UNABLE TO REFINE OWN KNOWLEDGE TO WISDOM,

IT IS BLIND TO SUBJECTIVITY,

IT CANNOT EVALUATE POTENTIAL,

IT CANNOT SELF IMPROVE WITH EXPERIENCE,

IT CANNOT UNLEARN

IT IS PRONE TO CATASTROPHIC FORGETTING

IT DOES NOT UNDERSTAND BASICS OF CAUSE AND EFFECT,

IT CANNOT JUDGE SUBJECTIVELY TO VETO/ ABORT,

IT CANNOT FOSTER TEAMWORK DUE TO RESTRICTED SCOPE,

IT CANNOT MENTOR,

IT CANNOT BE CREATIVE,

IT CANNOT THINK FOR ITSELF,

IT CANNOT TEACH OR ANSWER STUDENTs QUESTIONS,

IT CANNOT PATENT AN INVENTION,

IT CANNOT SEE THE BIG PICTURE ,

IT CANNOT FIGURE OUT WHAT IS MORALLY WRONG,

IT CANNOT PROVIDE NATURAL JUSTICE,

IT CANNOT FORMULATE LAWS

IT CANNOT FIGURE OUT WHAT GOES AGAINST HUMAN DIGNITY

IT CAN BE FOOLED EASILY USING DECOYS WHICH CANT FOOL A CHILD,

IT CANNOT BE A SELF STARTER,

IT CANNOT UNDERSTAND APT TIMING,

IT CANNOT FEEL

IT CANNOT GET INSPIRED

IT CANNOT USE PAIN AS FEEDBACK,

IT CANNOT GET EXCITED BY ANYTHING

IT HAS NO SPONTANEITY TO MAKE THE BEST OUT OF SITUATION

IT CAN BE CONFOUNDED BY NEW SITUATIONS

IT CANNOT FIGURE OUT GREY AREAS,

IT CANNOT GLEAN WORTH OR VALUE

IT CANNOT UNDERSTAND TEAMWORK DYNAMICS

IT HAS NO INTENTION

IT HAS NO INTUITION,

IT HAS NO FREE WILL

IT HAS NO DESIRE

IT CANNOT SET A GOAL

IT CANNOT BE SUBJECTED TO THE LAWS OF KARMA

ON THE CONTRARY IT CAN SPAWN FOUL AND RUTHLESS GLOBAL FRAUD ( CLIMATE CHANGE DUE TO CO2 ) WITH DELIBERATE BLACK BOX ALGORITHMS, JUST FEW AMONG MORE THAN 60 CRITICAL INHERENT DEFICIENCIES.

HUMANS HAVE THINGS A COMPUTER CAN NEVER HAVE.. A SUBCONSCIOUS BRAIN LOBE, REM SLEEP WHICH BACKS UP BETWEEN RIGHT/ LEFT BRAIN LOBES AND FROM AAKASHA BANK, A GUT WHICH INTUITS, 30 TRILLION BODY CELLS WHICH HOLD MEMORY, A VAGUS NERVE , AN AMYGDALA , 73% WATER IN BRAIN FOR MEMORY, 10 BILLION MILES ORGANIC DNA MOBIUS WIRING ETC.

SINGULARITY , MY ASS !

INDIA MUST NOW LEAD THE PLANET IN WORK AT HOME LOGISTICS --

WE ARE IN FOR A LONG PANDEMIC HAUL .

PROTECT THE CLOUD DATA !

Capt. Ajit VadakayilMay 10, 2020 at 4:37 AM
CAPT AJIT VADAKAYIL URGES PM MODI..

STOP WHAT EVER YOU ARE DOING
ORDER YOUR IT EXPERTS AND THINK TANKS, TO DO BRAIN STORMING AND THEN A DYNAMIC RISK ASSESSMENT.. BASED ON INPUT BELOW IN THIS BLOGPOST..
https://ajitvadakayil.blogspot.com/2020/05/what-artificial-intelligence-cannot-do.html
DO NOT LOCK THE STABLE DOORS AFTER THE HORSES HAVE BOLTED , AS IS ALWAYS THE CASE IN INDIA..

THIS IS THE SAD STORY OF BHARATMATA..

WE WATCH..

NARENDRA DAMODARDAS MODI, YOU CAN GIVE US HAJAAR JAANKARI ABOUT ROTHSCHILDs HEROES GANDHI/ BR AMBEDKAR/ BUDDHA/ BASAVA/ SHIRDI SAI BABA/ GHANSHTAM PANDE / PLANETs OLDEST LANGUAGE TAMIL ETC LATER..

DO YOUR JOB..

capt ajit vadakayil
..
1. Capt. Ajit VadakayilMay 10, 2020 at 4:39 AM
  PMO
  PM MODI
  IT MINISTER/ MINISTRY CENTRA AND STATES
  DEFENSE MINISTER / MINISTRY
  ALL THREE ARMED FORCE CHIEFS
  CDS
  AMIT SHAH
  HOME MINISTRY CENTRE/ STATES
  CJI BOBDE
  ATTORNEY GENERAL
  LAW MINISTER PRASAD / MINISTRY CENTRE AND STATES
  ALL CHIEF JUSTICES HIGH COURTS
  I&B MINISTER / MINISTRY
  LAW MINISTER / MINISTRY CENTRE AND STATES
  CYBER CELL CENTRE AND STATES
  NSA
  AJIT DOVAL
  RAW
  IB
  CBI
  NIA
  ED
  ALL DGPs OF INDIA
  ALL IGs OF INDIA
  ALL CMs OF INDIA
  ALL MLAs OF INDIA
  ALL MPs OF INDIA
  ALL COLLECTORS OF MAJOR CITIES
  ALL STATE GOVERNORS
  PRESIDENT OF INDIA
  VP OF INDIA
  SPEAKER LOK SABHA
  SPEAKER RAJYA SABHA
  ALL INDIAN THINK TANKS
  NITI AYOG
  AMITABH KANT

COMPANIES AND AGENCIES ARE STRUGGLING… AS THEY SEND WORKERS HOME AND FIND THAT THEY DON’T HAVE A HANDLE ON DEALING WITH UNKNOWN PERSONAL DEVICES THAT WILL NOW BE USED TO DO BUSINESS AND RETAIN SENSITIVE CORPORATE DATA

AS YOUR ORGANIZATION ADAPTS TO REMOTE WORK, AVOID HASTY PLANS TO MAKE ALL DATA ACCESSIBLE, INCLUDING MIGRATING ALL DATA TO THE CLOUD.

TO MITIGATE SECURITY RISKS, CONSIDER USING A SECURE CLOUD-BASED DATA SYSTEM. MANY ORGANIZATIONS HAVE RECENTLY MOVED TO THE CLOUD AND CHANGED THEIR CONTROLS TO ALLOW REMOTE ACCESS TO DATA SYSTEMS, AND CYBERCRIMINALS ARE TAKING ADVANTAGE OF THIS DURING THIS HOUR OF PANDEMIC

WHEN MOVING YOUR EMPLOYEES TO REMOTE WORK ENVIRONMENTS DURING THIS COVID-19 PANDEMIC , IT’S IMPORTANT TO CONSIDER THE TECHNOLOGY REQUIRED FOR A SECURE WORKFORCE AS DETAILED IN YOUR BUSINESS CONTINUITY PLAN, INCLUDING SECURE INTERNET AND VIRTUAL PRIVATE NETWORKS (VPN).

YOUR INSTITUTION SHOULD TEST YOUR SYSTEM REQUIREMENTS AND BANDWIDTH BEFORE FULL IMPLEMENTATION TO PREVENT THE RISK OF OVERLOADING THE SYSTEM. IN THE PAST, YOUR NETWORK WAS WITHIN YOUR COMPANY AND PROTECTED BY YOUR FIREWALL AND DATA CONNECTIONS, BUT THAT MAY NO LONGER BE THE CASE.

BEFORE MOVING TO REMOTE WORK, YOUR INSTITUTION SHOULD UNDERSTAND NETWORK SECURITY VULNERABILITIES AND WHICH TYPES OF CONTROLS ARE NEEDED TO SECURE THOSE CONNECTIONS.

ENABLING REMOTE ACCESS IS ACCOMPANIED WITH CERTAIN RISKS. SOME ORGANIZATIONS RUSHED AND DRAGGED BY THEIR NOSTRILS INTO THE UNEXPECTED HAVE MADE THE MISTAKE OF ENABLING DATA ACCESS IN A NON-SECURE WAY, THUS EXPOSING VULNERABILITIES THAT WOULD NOT HAVE EXISTED OTHERWISE.

IT IS IMPERATIVE THAT YOU UNDERSTAND YOUR INSTITUTION’S CONTROLS AND ENABLE PROTECTIONS LIKE MULTIFACTOR AUTHENTICATION, ESPECIALLY FOR CLOUD-BASED APPLICATIONS.

FOR APPLICATIONS THAT DO NOT WORK WELL IN A CLOUD-HOSTED SCENARIO, YOU CAN EMPLOY A HYBRID APPROACH WITH A COMBINATION OF CLOUD-BASED HOSTED CONNECTIONS AND VPN ACCESS.

AVOID BROWSER-BASED, REMOTE-CONTROLLED SOFTWARE UNLESS YOUR INSTITUTION FULLY UNDERSTANDS THE CONTROLS AND AUDIT CAPABILITIES AND HAS DONE VENDOR DUE DILIGENCE. WITH THIS TYPE OF SOFTWARE, USERS IN THE OFFICE CAN DOWNLOAD AN APPLICATION ON THEIR SYSTEM THAT ALLOWS THEM TO ACCESS THE APPLICATION AND CONTROL THEIR DESKTOP REMOTELY.

GENERALLY, EMPLOYEES SHOULD NOT ACCESS A CORPORATE NETWORK WITH A PERSONAL DEVICE. USING HOSTED EMAIL OR OTHER ONLINE HOSTED SYSTEMS ON PERSONAL DEVICES POSES LESS RISK; HOWEVER, RISK IS ALWAYS PRESENT.

IF AN EMPLOYEE UNKNOWINGLY HAS MALWARE ON THEIR PERSONAL DEVICE AND OPENS THEIR BROWSER TO DOWNLOAD A DOCUMENT, THAT MALWARE CAN BE TRANSFERRED TO THE NETWORK WHEN THE DOCUMENT IS SENT BACK VIA EMAIL ATTACHMENT.

IF YOU’RE USING HOSTED EMAIL OR SIMILAR SYSTEMS, YOUR INSTITUTION CAN USE SYSTEMS THAT WILL SCAN EMAIL ATTACHMENTS OR OPEN AND MONITOR ATTACHMENTS IN A CONTROLLED, AUTOMATED ENVIRONMENT TO DETERMINE THE RISK.

INSTITUTIONS COPE WITH OPERATIONAL CHANGES, IT IS CRITICAL TO COMMUNICATE WITH YOUR EMPLOYEES ABOUT YOUR WORK-FROM-HOME POLICIES AND BEST PRACTICES.

DEPLOY TECHNOLOGY SOLUTIONS TO PREVENT SECURITY BREACHES.

CLOUD ADOPTION WILL SKYROCKET, AS WILL MARKED INCREASES IN ADDITIONAL SECURITY TECHNOLOGIES RELATED TO BORDERLESS NETWORKS AND ZERO TRUST MODELS, AND YOUR INSTITUTION SHOULD BE PREPARED..

AS ORGANIZATIONS IN ALL SECTORS HAVE RAPIDLY EMPTIED THEIR OFFICES AND SENT THEIR EMPLOYEES HOME TO COMPLY WITH EVER MORE EXPANSIVE SHELTER-IN-PLACE AND QUARANTINE MANDATES, REPLICATING THE FULL BREADTH OF SERVICES REMOTELY HAS BEEN IT’S SINGULAR PRIORITY.

MISSION CRITICAL FACILITIES LIKE DATA CENTERS CAN’T BE RELOCATED INTO EMPLOYEES’ HOME OFFICES. WHILE TRANSFERRING END-USER PRODUCTIVITY OUT OF A TRADITIONAL OFFICE CONTEXT IS A FAIRLY STRAIGHTFORWARD PROCESS, THE SAME CAN’T BE SAID FOR THE HIGHLY SPECIALIZED WORKLOADS THAT CAN ONLY BE MANAGED WITHIN THE CONTEXT OF A DATA CENTER.

REGULATORY CONSTRAINTS AROUND HOW INCALCULABLY VITAL DATA MUST BE MANAGED AND PROTECTED THROUGHOUT ALL PHASES OF ITS LIFECYCLE ADD EVEN MORE COMPLEXITY TO DATA CENTER PROTOCOLS DURING A PANDEMIC.

THE OLD TRUTH TO AVOID PUTTING ALL YOUR EGGS IN ONE BASKET HAS NEVER BEEN MORE VALID THAN IT IS NOW. THIS ISSUE RELATES DIRECTLY TO CAPACITY MANAGEMENT, AND, AS THE CRISIS DEEPENS, THE STRAIN ON ALL ASPECTS OF INFRASTRUCTURE WILL ONLY INCREASE.

DIVERSIFY YOUR UPSTREAM PROVIDERS AS MUCH AS POSSIBLE TO MITIGATE THE RISKS ASSOCIATED WITH ANY ONE OF THEM BEING COMPROMISED BY PANDEMIC-RELATED RESOURCING CONSTRAINTS. THIS MINIMIZES THE POTENTIAL FOR BACK-END INTERRUPTIONS TO REACH YOUR CUSTOMERS.

TRADITIONALLY VIRTUAL PRIVATE NETWORK SOLUTIONS HAVE BEEN THE MOST COMMONLY USED TECHNOLOGY FOR REMOTE WORKERS.

A VIRTUAL PRIVATE NETWORK (VPN) EXTENDS A PRIVATE NETWORK ACROSS A PUBLIC NETWORK AND ENABLES USERS TO SEND AND RECEIVE DATA ACROSS SHARED OR PUBLIC NETWORKS AS IF THEIR COMPUTING DEVICES WERE DIRECTLY CONNECTED TO THE PRIVATE NETWORK.

APPLICATIONS RUNNING ON AN END SYSTEM (PC, SMARTPHONE ETC.) ACROSS A VPN MAY THEREFORE BENEFIT FROM THE FUNCTIONALITY, SECURITY, AND MANAGEMENT OF THE PRIVATE NETWORK. ENCRYPTION IS A COMMON, THOUGH NOT AN INHERENT, PART OF A VPN CONNECTION.

VPN TECHNOLOGY WAS DEVELOPED TO ALLOW REMOTE USERS AND BRANCH OFFICES TO ACCESS CORPORATE APPLICATIONS AND RESOURCES. TO ENSURE SECURITY, THE PRIVATE NETWORK CONNECTION IS ESTABLISHED USING AN ENCRYPTED LAYERED TUNNELING PROTOCOL, AND VPN USERS USE AUTHENTICATION METHODS, INCLUDING PASSWORDS OR CERTIFICATES, TO GAIN ACCESS TO THE VPN.

IN OTHER APPLICATIONS, INTERNET USERS MAY SECURE THEIR CONNECTIONS WITH A VPN TO CIRCUMVENT GEO-RESTRICTIONS AND CENSORSHIP OR TO CONNECT TO PROXY SERVERS TO PROTECT PERSONAL IDENTITY AND LOCATION TO STAY ANONYMOUS ON THE INTERNET.

SOME WEBSITES, HOWEVER, BLOCK ACCESS TO KNOWN VPN TECHNOLOGY TO PREVENT THE CIRCUMVENTION OF THEIR GEO-RESTRICTIONS, AND MANY VPN PROVIDERS HAVE BEEN DEVELOPING STRATEGIES TO GET AROUND THESE BLOCKADES

VPN HAS ITS INHERENT PITFALLS:

VPNS ARE A POPULAR VECTOR FOR CYBERATTACKS. VPNS ENCRYPT DATA (IN TRANSIT) FROM POINT A TO POINT B, BUT IT DOES NOT PROTECT EMPLOYEE DEVICES. IF SOMEONE HACKS THE DEVICE OR STEALS VPN CREDENTIALS, HACKERS CAN EASILY STEAL COMPANY DATA.

VPNS CAN EASILY GET OVERLOADED AS THEY ARE NOT TYPICALLY BUILT TO SCALE WELL. IN CASE OF A PANDEMIC OR IF SUDDENLY 500,000 EMPLOYEES USE A VPN, IT WILL LIKELY CRASH.

SINCE VPN REROUTES INTERNET TRAFFIC VIA VPN SERVERS, INTERNET SPEEDS ARE DRAMATICALLY REDUCED, AFFECTING BANDWIDTH-HUNGRY AUDIO AND VIDEO APPLICATIONS. THIS WILL MOST LIKELY BRING PRODUCTIVITY TO A SCREECHING HALT.

EMERGING TECHNOLOGIES LIKE CLOUD-BASED DESKTOP VIRTUALIZATION (VDI) HOLD PROMISE

DESKTOP VIRTUALIZATION ALLOWS THE USERS' OS TO BE REMOTELY STORED ON A SERVER IN THE DATA CENTER.IT ALLOWS THE USER TO ACCESS THEIR DESKTOP VIRTUALLY, FROM ANY LOCATION BY DIFFERENT MACHINE. USERS WHO WANTS SPECIFIC OPERATING SYSTEMS OTHER THAN WINDOWS SERVER WILL NEED TO HAVE A VIRTUAL DESKTOP.

DESKTOP VIRTUALIZATION CREATES A SOFTWARE-BASED (OR VIRTUAL) VERSION OF AN END USER’S DESKTOP ENVIRONMENT AND OPERATING SYSTEM (OS) THAT IS DECOUPLED FROM THE END USER’S COMPUTING DEVICE OR CLIENT. THIS ENABLES THE USER TO ACCESS HIS OR HER DESKTOP FROM ANY COMPUTING DEVICE.

DESKTOP VIRTUALIZATION IS CONSIDERED A TYPE OF CLIENT-SERVER COMPUTING MODEL BECAUSE THE "VIRTUALIZED" DESKTOP IS STORED ON A CENTRALIZED, OR REMOTE, SERVER AND NOT THE PHYSICAL MACHINE BEING VIRTUALIZED.

DESKTOP VIRTUALIZATION "VIRTUALIZES DESKTOP COMPUTERS" AND THESE VIRTUAL DESKTOP ENVIRONMENTS ARE "SERVED" TO USERS ON THE NETWORK. YOU INTERACT WITH A VIRTUAL DESKTOP IN THE SAME WAY YOU WOULD USE A PHYSICAL DESKTOP. ANOTHER BENEFIT OF DESKTOP VIRTUALIZATION IS THAT IS LETS YOU REMOTELY LOG IN TO ACCESS YOUR DESKTOP FROM ANY LOCATION.

VDI (VIRTUAL DESKTOP INFRASTRUCTURE -- OR INTERFACE) IS A POPULAR METHOD OF DESKTOP VIRTUALIZATION. THIS TYPE OF DESKTOP VIRTUALIZATION USES THE SERVER COMPUTING MODEL, AS THE DESKTOP VIRTUALIZATION IN THIS SCENARIO IS ENABLED THROUGH HARDWARE AND SOFTWARE. VDI HOSTS THE DESKTOP ENVIRONMENT IN A VIRTUAL MACHINE (VM) THAT RUNS ON A CENTRALIZED OR REMOTE SERVER.

IN VIRTUAL DESKTOP INFRASTRUCTURE (VDI), THE OPERATING SYSTEM RUNS ON A VIRTUAL MACHINE (VM) HOSTED ON A SERVER IN A DATA CENTER. THE DESKTOP IMAGE TRAVELS OVER THE NETWORK TO THE END USER’S DEVICE, WHERE THE END USER CAN INTERACT WITH THE DESKTOP (AND THE UNDERLYING APPLICATIONS AND OPERATING SYSTEM) AS IF THEY WERE LOCAL.

VDI GIVES EACH USER HIS OR HER OWN DEDICATED VM RUNNING ITS OWN OPERATING SYSTEM. THE OPERATING SYSTEM RESOURCES—DRIVERS, CPUS, MEMORY, ETC.—OPERATE FROM A SOFTWARE LAYER CALLED A HYPERVISOR THAT MIMICS THEIR OUTPUT, MANAGES THE RESOURCE ALLOCATION TO MULTIPLE VMS, AND ALLOWS THEM TO RUN SIDE BY SIDE ON THE SAME SERVER.

A KEY BENEFIT OF VDI IS THAT IT CAN DELIVER THE WINDOWS 10 DESKTOP AND OPERATING SYSTEM TO THE END USER’S DEVICES. HOWEVER, BECAUSE VDI SUPPORTS ONLY ONE USER PER WINDOWS 10 INSTANCE, IT REQUIRES A SEPARATE VM FOR EACH WINDOWS 10 USER.

DESKTOP VIRTUALIZATION IS A SOFTWARE TECHNOLOGY THAT SEPARATES THE DESKTOP ENVIRONMENT AND ASSOCIATED APPLICATION SOFTWARE FROM THE PHYSICAL CLIENT DEVICE THAT IS USED TO ACCESS IT.

DESKTOP VIRTUALIZATION CAN BE USED IN CONJUNCTION WITH APPLICATION VIRTUALIZATION AND USER PROFILE MANAGEMENT SYSTEMS, NOW TERMED "USER VIRTUALIZATION", TO PROVIDE A COMPREHENSIVE DESKTOP ENVIRONMENT MANAGEMENT SYSTEM.

IN THIS MODE, ALL THE COMPONENTS OF THE DESKTOP ARE VIRTUALIZED, WHICH ALLOWS FOR A HIGHLY FLEXIBLE AND MUCH MORE SECURE DESKTOP DELIVERY MODEL. IN ADDITION, THIS APPROACH SUPPORTS A MORE COMPLETE DESKTOP DISASTER RECOVERY STRATEGY AS ALL COMPONENTS ARE ESSENTIALLY SAVED IN THE DATA CENTER AND BACKED UP THROUGH TRADITIONAL REDUNDANT MAINTENANCE SYSTEMS.

IF A USER'S DEVICE OR HARDWARE IS LOST, THE RESTORE IS STRAIGHTFORWARD AND SIMPLE, BECAUSE THE COMPONENTS WILL BE PRESENT AT LOGIN FROM ANOTHER DEVICE.

IN ADDITION, BECAUSE NO DATA ARE SAVED TO THE USER'S DEVICE, IF THAT DEVICE IS LOST, THERE IS MUCH LESS CHANCE THAT ANY CRITICAL DATA CAN BE RETRIEVED AND COMPROMISED.

IN REMOTE DESKTOP SERVICES (RDS)—ALSO KNOWN AS REMOTE DESKTOP SESSION HOST (RDSH)—USERS REMOTELY ACCESS DESKTOPS AND WINDOWS APPLICATIONS THROUGH THE MICROSOFT WINDOWS SERVER OPERATING SYSTEM.

APPLICATIONS AND DESKTOP IMAGES ARE SERVED VIA MICROSOFT REMOTE DESKTOP PROTOCOL (RDP). FORMERLY KNOWN AS MICROSOFT TERMINAL SERVER, THIS PRODUCT HAS REMAINED LARGELY UNCHANGED SINCE ITS INITIAL RELEASE.

FROM THE END USER’S PERSPECTIVE, RDS AND VDI ARE IDENTICAL. BUT BECAUSE ONE INSTANCE OF WINDOWS SERVER CAN SUPPORT AS MANY SIMULTANEOUS USERS AS THE SERVER HARDWARE CAN HANDLE, RDS CAN BE A MORE COST-EFFECTIVE DESKTOP VIRTUALIZATION OPTION. IT’S ALSO WORTH NOTING APPLICATIONS TESTED OR CERTIFIED TO RUN ON WINDOWS 10 MAY NOT BE TESTED OR CERTIFIED TO RUN ON THE WINDOWS SERVER OS.

IN DESKTOP AS A SERVICE (DAAS), VMS ARE HOSTED ON A CLOUD-BASED BACKEND BY A THIRD-PARTY PROVIDER. DAAS IS READILY SCALABLE, CAN BE MORE FLEXIBLE THAN ON-PREMISE SOLUTIONS, AND GENERALLY DEPLOYS FASTER THAN MANY OTHER DESKTOP VIRTUALIZATION OPTIONS.

LIKE OTHER TYPES OF CLOUD DESKTOP VIRTUALIZATION, DAAS SHARES MANY OF THE GENERAL BENEFITS OF CLOUD COMPUTING, INCLUDING SUPPORT FOR FLUCTUATING WORKLOADS AND CHANGING STORAGE DEMANDS, USAGE-BASED PRICING, AND THE ABILITY TO MAKE APPLICATIONS AND DATA ACCESSIBLE FROM ALMOST ANY INTERNET-CONNECTED DEVICE. THE CHIEF DRAWBACK TO DAAS IS THAT FEATURES AND CONFIGURATIONS ARE NOT ALWAYS AS CUSTOMIZABLE AS REQUIRED.

VIRTUALIZING DESKTOPS PROVIDES MANY POTENTIAL BENEFITS THAT CAN VARY DEPENDING UPON THE DEPLOYMENT MODEL YOU CHOOSE. SOME OF POSSIBLE BENEFITS ARE AS FOLLOWS:

SIMPLER ADMINISTRATION: DESKTOP VIRTUALIZATION CAN MAKE IT EASIER FOR IT TEAMS TO MANAGE EMPLOYEE COMPUTING NEEDS. YOUR BUSINESS CAN MAINTAIN A SINGLE VM TEMPLATE FOR EMPLOYEES WITHIN SIMILAR ROLES OR FUNCTIONS INSTEAD OF MAINTAINING INDIVIDUAL COMPUTERS THAT MUST BE RECONFIGURED, UPDATED, OR PATCHED WHENEVER SOFTWARE CHANGES NEED TO BE MADE. THIS SAVES TIME AND IT RESOURCES.

COST SAVINGS: MANY VIRTUAL DESKTOP SOLUTIONS ALLOW YOU TO SHIFT MORE OF YOUR IT BUDGET FROM CAPITAL EXPENDITURES TO OPERATING EXPENDITURES. BECAUSE COMPUTE-INTENSIVE APPLICATIONS REQUIRE LESS PROCESSING POWER WHEN THEY’RE DELIVERED VIA VMS HOSTED ON A DATA CENTER SERVER, DESKTOP VIRTUALIZATION CAN EXTEND THE LIFE OF OLDER OR LESS POWERFUL END-USER DEVICES.

ON-PREMISE VIRTUAL DESKTOP SOLUTIONS MAY REQUIRE A SIGNIFICANT INITIAL INVESTMENT IN SERVER HARDWARE, HYPERVISOR SOFTWARE, AND OTHER INFRASTRUCTURE, MAKING CLOUD-BASED DAAS—WHEREIN YOU SIMPLY PAY A REGULAR USAGE-BASED CHARGE—A MORE ATTRACTIVE OPTION.

IMPROVED PRODUCTIVITY: DESKTOP VIRTUALIZATION MAKES IT EASIER FOR EMPLOYEES TO ACCESS ENTERPRISE COMPUTING RESOURCES. THEY CAN WORK ANYTIME, ANYWHERE, FROM ANY SUPPORTED DEVICE WITH AN INTERNET CONNECTION.

SUPPORT FOR A BROAD VARIETY OF DEVICE TYPES: VIRTUAL DESKTOPS CAN SUPPORT REMOTE DESKTOP ACCESS FROM A WIDE VARIETY OF DEVICES, INCLUDING LAPTOP AND DESKTOP COMPUTERS, THIN CLIENTS, ZERO CLIENTS, TABLETS, AND EVEN SOME MOBILE PHONES.

YOU CAN USE VIRTUAL DESKTOPS TO DELIVER WORKSTATION-LIKE EXPERIENCES AND ACCESS TO THE FULL DESKTOP ANYWHERE, ANYTIME, REGARDLESS OF THE OPERATING SYSTEM NATIVE TO THE END USER DEVICE.

STRONGER SECURITY: IN DESKTOP VIRTUALIZATION, THE DESKTOP IMAGE IS ABSTRACTED AND SEPARATED FROM THE PHYSICAL HARDWARE USED TO ACCESS IT, AND THE VM USED TO DELIVER THE DESKTOP IMAGE CAN BE A TIGHTLY CONTROLLED ENVIRONMENT MANAGED BY THE ENTERPRISE IT DEPARTMENT.

AGILITY AND SCALABILITY: IT’S QUICK AND EASY TO DEPLOY NEW VMS OR SERVE NEW APPLICATIONS WHENEVER NECESSARY, AND IT IS JUST AS EASY TO DELETE THEM WHEN THEY’RE NO LONGER NEEDED.

BETTER END-USER EXPERIENCES: WHEN YOU IMPLEMENT DESKTOP VIRTUALIZATION, YOUR END USERS WILL ENJOY A FEATURE-RICH EXPERIENCE WITHOUT SACRIFICING FUNCTIONALITY THEY’VE COME TO RELY ON, LIKE PRINTING OR ACCESS TO USB PORTS.

THE SOFTWARE REQUIRED FOR DELIVERING VIRTUAL DESKTOPS DEPENDS ON THE VIRTUALIZATION METHOD YOU CHOSE.

WITH VIRTUAL DESKTOP INFRASTRUCTURE (VDI), THE DESKTOP OPERATING SYSTEM (MOST COMMONLY MICROSOFT WINDOWS) RUNS AND IS MANAGED IN THE DATA CENTER.

HYPERVISOR SOFTWARE RUNS ON THE HOST SERVER, DELIVERING ACCESS TO A VM TO EACH END USER OVER THE NETWORK. CONNECTION BROKER SOFTWARE IS REQUIRED TO AUTHENTICATE USERS, CONNECT EACH TO A VIRTUAL MACHINE, MONITOR ACTIVITY LEVELS, AND REASSIGN THE VM WHEN THE CONNECTION IS TERMINATED. CONNECTION BROKERS MAY BE BUNDLED WITH, OR PURCHASED SEPARATELY FROM, THE HYPERVISOR.

REMOTE DESKTOP SERVICES (RDS/RDSH) CAN BE IMPLEMENTED USING UTILITIES THAT ARE BUNDLED WITH THE MICROSOFT WINDOWS SERVER OPERATING SYSTEM.

IF YOU CHOOSE A DESKTOP-AS-A-SERVICE (DAAS) SOLUTION, ALL SOFTWARE INSTALLATION, CONFIGURATION, AND MAINTENANCE WILL BE HANDLED BY THE DAAS CLOUD-HOSTED SERVICE PROVIDER. THIS INCLUDES APPLICATIONS, OPERATING SYSTEMS, FILES, AND USER PREFERENCES.

HOW TO CHOOSE: VDI VS. RDS VS. DAAS

VDI IS A POPULAR CHOICE BECAUSE IT OFFERS A VIRTUALIZED VERSION OF A FAMILIAR COMPUTING MODEL—PHYSICAL DESKTOP COMPUTING. BUT IMPLEMENTING VDI REQUIRES YOU TO MANAGE ALL ASPECTS OF THE INFRASTRUCTURE YOURSELF, INCLUDING THE HARDWARE, OPERATING SYSTEMS AND APPLICATIONS, AND HYPERVISOR AND ASSOCIATED SOFTWARE.

THIS CAN BE CHALLENGING IF YOUR VDI EXPERIENCE AND EXPERTISE IS LIMITED. PURCHASING ALL INFRASTRUCTURE COMPONENTS CAN REQUIRE A LARGER UPFRONT INVESTMENT.

RDS/RDSH CAN BE A SOLID CHOICE IF IT SUPPORTS THE SPECIFIC APPLICATIONS YOU NEED TO RUN AND YOUR END USERS ONLY NEED ACCESS TO THOSE APPLICATIONS, NOT FULL WINDOWS DESKTOPS. RDS OFFERS GREATER END-USER DENSITY PER SERVER THAN VDI, AND SYSTEMS ARE USUALLY CHEAPER AND MORE SCALABLE THAN FULL VDI ENVIRONMENTS. YOUR STAFF DOES NEED THE REQUISITE SKILL SET AND EXPERIENCE TO ADMINISTER AND MANAGE RDS/RDSH TECHNOLOGY, HOWEVER.

DAAS IS CURRENTLY GAINING IN POPULARITY AS IT TEAMS GROW MORE COMFORTABLE WITH SHARED DESKTOPS AND SHARED APPLICATIONS. OVERALL, IT TENDS TO BE THE MOST COST-EFFECTIVE OPTION.

IT’S ALSO THE EASIEST TO ADMINISTER, REQUIRING LITTLE IN-HOUSE EXPERTISE IN MANAGING INFRASTRUCTURE OR VDI. IT’S READILY SCALABLE AND INVOLVES OPERATING EXPENDITURES RATHER THAN CAPITAL EXPENDITURES, A MORE AFFORDABLE COST STRUCTURE FOR MANY BUSINESSES.

DESKTOP VIRTUALIZATION AND IBM CLOUD

THE ROOTS OF VIRTUALIZATION LIE IN MAINFRAME COMPUTING, AND IBM INVENTED THE HYPERVISOR TO TEST SOFTWARE ON ITS MAINFRAMES IN THE 1960S. TODAY, IBM SUPPORTS A FULL RANGE OF VIRTUALIZATION SOLUTIONS, INCLUDING VIRTUAL DESKTOPS.

IF YOU’RE LOOKING TO BUILD YOUR OWN VDI ENVIRONMENT, YOU CAN DO SO WITH IBM CLOUD IAAS SOLUTIONS. IBM OFFERS A FULL-STACK CLOUD PLATFORM THAT INCLUDES ALL THE COMPONENTS YOU’D NEED TO BUILD YOUR OWN VDI ENVIRONMENT, INCLUDING VIRTUALIZED COMPUTE, NETWORK, AND STORAGE. YOU’D NEED TO INSTALL AND MANAGE THE HYPERVISOR YOURSELF IN THIS SCENARIO.

IN PARTNERSHIP WITH VMWARE, IBM OFFERS CUSTOMER-MANAGED AND PARTIALLY VMWARE-MANAGED VDI SOLUTIONS AND A FULLY-MANAGED VIRTUAL DESKTOP AS A SERVICE (DAAS) SOLUTION, DELIVERING DESKTOPS AND APPLICATIONS HOSTED ON THE IBM CLOUD PLATFORM..

WITH CLOUD-BASED VDI, END USERS LOG INTO A VIRTUAL PC THAT IS CONNECTED TO THE ORGANIZATION’S CENTRAL INFRASTRUCTURE (ON THE CLOUD). THIS APPROACH IMPROVES EMPLOYEE EXPERIENCE WHILST DELIVERING MANY BENEFITS:

FLEXIBILITY AND PORTABILITY: THE ONLY REQUIREMENT OF VDI IS A DEVICE THAT IS CAPABLE OF CONNECTING AND LOGGING INTO THE INFRASTRUCTURE. WHETHER YOU’RE USING A DESKTOP, LAPTOP OR A MOBILE DEVICE, USERS HAVE A CONSISTENT EXPERIENCE ACROSS THE BOARD.

THE SERVICE IS DEVICE AND PLATFORM INDEPENDENT. IF YOU’RE WORKING ON A FILE OR EDITING AN IMAGE, YOU CAN PICK UP WHERE YOU LEFT OFF IMMEDIATELY AFTER YOU RECONNECT.

HIGH PERFORMANCE AND SCALABILITY: SINCE THE USER IS ACCESSING THE SERVER DIRECTLY AND ALL THE FILES AVAILABLE LOCALLY WITHIN THE LAN, EMPLOYEES CAN ENJOY GIGABIT SPEEDS AND NO LONGER HAVE TO TRANSMIT LARGE DOCUMENTS OVER VPNS WHICH OFTEN HAMPERS PRODUCTIVITY. THIS SERVICE IS ALSO SCALABLE TO THE ENTIRE ORGANIZATION IN CASE A CRISIS HAPPENS AND FOR BUSINESS CONTINUITY IF THE ENTIRE WORKFORCE GOES REMOTE.

BETTER SECURITY: NONE OF THE DATA IS ACTUALLY STORED ON THE EMPLOYEE’S DEVICE AND THE USER ONLY ACCESSES A VIRTUAL INSTANCE OF THEIR DESKTOP. IN CASE OF LOSS OF DEVICE OR THEFT, ALL YOUR DATA REMAINS SECURE SINCE NONE OF THE DATA ACTUALLY RESIDES ON THE DEVICE.

IT TEAMS CAN ALSO FINE-TUNE SECURITY CONTROLS USING MICRO SEGMENTATION AND ALSO LEVERAGE TWO FACTOR AUTHENTICATION IN CASE THEY WANT TO LIMIT CERTAIN APPLICATIONS TO SPECIFIC USERS.

VDI CAN ALSO BE INTEGRATED WITH MONITORING TOOLS SO THAT SECURITY TEAMS CAN IDENTIFY RISKY USERS AND RISKY APPLICATIONS AND VULNERABILITIES CAN BE QUICKLY CONTAINED.

IMPROVED PRODUCTIVITY: RESEARCH SHOWS THAT REMOTE WORKERS ARE HAPPIER, MORE PRODUCTIVE AND LOYAL THAN ON-SITE WORKERS.

DEPLOYING A CLOUD-BASED VDI SOLUTION WILL ENABLE SEAMLESS ACCESS TO APPLICATIONS AND RESOURCES TO REMOTE WORKERS AND PROVIDE THEM THE FLEXIBILITY THEY NEED IN AN INCREASINGLY MOBILE ENVIRONMENT.

FINALLY, EVERY BUSINESS IS UNIQUE AND HAS DIFFERENT GOALS AND NEEDS. IF YOUR GOAL IS TO TRULY ENABLE YOUR WORKFORCE FOR REMOTE WORK AND BUSINESS CONTINUITY THEN YOU NEED TO RETHINK WORK ITSELF AND DESIGN INFRASTRUCTURE USING EMERGING TECHNOLOGIES THAT ARE SCALABLE, SECURE AND A REMOTE-WORK FRIENDLY.

HERE ARE SOME RECOMMENDED ACTIVITIES DURING EXTRAORDINARY TIMES:

MONITOR AND ADJUST FIREWALL AND VPN CAPACITIES TO MATCH EACH REGIONS DEMAND

ENSURE THAT YOU HAVE ADEQUATE TOOLS SUCH AS LAPTOPS TO ENABLE NEW HIRES AND REMOTE WORKERS TO BE FULLY PRODUCTIVE

WORK WITH VENDORS TO ESTABLISH SUPPORT ALTERNATIVES TO PROVIDE ONSITE SUPPORT BOTH IN THE DATACENTER AND HOME LOCATIONS

WORKING AT HOME INCREASES PRODUCTIVITY, SAVES LESS COMMUTE TIME, GIVES BETTER WORK-LIFE BALANCE AND ENHANCED PREPAREDNESS FOR BUSINESS CONTINUITY, SHOULD A LOCALISED DISASTER STRIKE, SUCH AS A FLOOD OR A PANDEMIC.

OVERNIGHT, THE COVID-19 GLOBAL PANDEMIC MADE THE FINAL ARGUMENT FOR WORK-FROM-HOME A REALITY FOR MILLIONS OF WORKERS – READY OR NOT.

MANY GLOBAL ENTERPRISES MUST SUDDENLY SUPPORT MORE AND MORE PEOPLE WORKING REMOTELY, WHETHER THEY ARE EQUIPPED TO DELIVER AND SUPPORT WORKLOADS AT SCALE OR NOT.

THIS HAS SENT BUSINESSES SCRAMBLING TO QUICKLY EMBELLISH DIGITAL CHANNELS AND PLATFORMS, INCREASE BANDWIDTH, ADD VIRTUAL PRIVATE NETWORKS (VPNS), PROVISION MORE LAPTOPS, AND OFFER THIN-CLIENT APPLICATIONS TO THEIR EMPLOYEES AND CUSTOMERS TO IMPROVE OPERATIONAL COLLABORATION

EVEN WITH WORKPLACE VIRTUALISATION TECHNOLOGIES LIKE REMOTE CONSOLES AND “OUT-OF-BAND NETWORKS”, WHICH REDUCE THE NEED FOR ON-SITE DATA CENTRE OPERATIONS STAFF, THE FACT IS, PHYSICAL BOXES IN ON-PREMISES DATA CENTRES STILL NEED TO BE MANAGED, GUARDED AND SECURED BY PEOPLE.

TAKE THE FEBRUARY 2019 DATA CENTRE MELTDOWN OF A MAJOR U.S. BANK, WHICH CRIPPLED THE ORGANISATION’S ONLINE AND MOBILE BANKING CAPABILITIES. THE COMPANY NEEDED TO SHUT DOWN ONE OF ITS DATA CENTRE FACILITIES DUE TO A SMOKE CONDITION. IT TOOK TWO DAYS TO BRING THE FACILITY BACK UP, AND ONLY WITH SIGNIFICANT EFFORT, WHICH REQUIRED THE PHYSICAL PRESENCE OF DATA CENTRE STAFF.

IMAGINE IF THIS HAPPENED DURING THE COVID-19 CRISIS. THE TIME TAKEN TO FIX THE ISSUE WOULD INCREASE EXPONENTIALLY DUE TO A LACK OF PEOPLE RESOURCES AND HESITATION TO COLLABORATE IN-PERSON. EVEN PHYSICAL SECURITY COULD BECOME COMPROMISED, WHICH RAISES GRAVE CONCERNS.

AS OUR DEPENDENCE ON IT INTENSIFIES, DATA CENTRES HAVE BECOME THE SUBSTRATUM OF HOW WE LIVE, WORK AND PLAY. FROM BANKING TO INSURANCE TO 24×7 NEWS, EVERYTHING IS SUPPORTED BY CLOUD INFRASTRUCTURE HOUSED IN VIRTUAL DATA CENTRES.

IF THESE DATA CENTRES GO DOWN, CRITICAL BUSINESS FUNCTIONS, FINANCIAL NETWORKS AND IN SOME CASES OUR WHOLE WAY OF LIFE BECOME THREATENED. AS A RESULT, VIRTUAL DATA CENTRES NEED TO BE CONTINUOUSLY SUPERVISED AND CONSTANTLY CARED FOR.

:A VIRTUAL DATA CENTER IS A VIRTUALIZED POOL OF CLOUD INFRASTRUCTURE RESOURCES, INCLUDING COMPUTING, MEMORY, STORAGE, AND BANDWIDTH, THAT ARE DESIGNED SPECIFICALLY FOR ENTERPRISE BUSINESS NEEDS. THE MAIN DIFFERENCE BETWEEN THE CLOUD VS. DATA CENTER IS THAT A DATA CENTER REFERS TO ON-PREMISE HARDWARE WHILE THE CLOUD REFERS TO OFF-PREMISE COMPUTING

LARGE COMPANIES AND CORPORATIONS OFTEN USE THEIR OWN DATA CENTERS. IT GIVES THEM APPARENT SECURITY AND THE FEELING THAT THEY HAVE FULL CONTROL OVER IT ISSUES. HOWEVER, FOR THE PROPER OPERATION OF THE DATA CENTER, BOTH HARDWARE AND PEOPLE WHO WILL MANAGE IT ARE NEEDED.

THEIR ABSENCE (ASSOCIATED WITH, FOR EXAMPLE, A COVID-19 PANDEMIC ) MAY AFFECT DELAYED RESPONSE TO INCIDENTS, AND IN EXTREME CASES EVEN THE UNAVAILABILITY OF SERVERS. FURTHERMORE, IN SITUATIONS WHERE LEAVING THE HOME IS INADVISABLE, IT’S WORTH CONSIDERING A SOLUTION THAT WILL ALLOW TO PERFORM OUR DUTIES REMOTELY.

SERVERS ARE THE FOUNDATIONS ON WHICH WE BUILD OUR DIGITAL BUSINESS. THEY PROVIDE THE ENVIRONMENT TO RUN OUR APPLICATIONS. IF THE SERVERS HAVE PROBLEMS, EVEN THE MOST PERFECT APP WILL STOP WORKING, AND YOUR COMPANY WILL SUFFER LOSSES. TO PREVENT THIS FROM HAPPENING, YOU CAN MOVE THEM TO THE CLOUD.

LET’S APPLY THE CONCEPT OF INFRASTRUCTURE AS A SERVICE (IAAS). LET’S REPLACE PHYSICAL DEVICES WITH VIRTUAL MACHINES (INSTANCES). CLOUD VENDOR SERVER ROOMS (PUBLIC CLOUD PROVIDERS) ARE POWERFUL COMPLEXES SPREAD OVER A LARGE AREA. THEY HAVE THOUSANDS OF SERVERS, THEIR OWN INTERNAL NETWORK AND MANY POWER SOURCES.

OBVIOUSLY, YOU MIGHT THINK THAT THE INSTANCE IS RUNNING ON A SPECIFIC PHYSICAL SERVER AND IT MAY ALSO CRASH. YES, IT MAY HAPPEN. HOWEVER, THE SOLUTIONS OF KEY CLOUD PROVIDERS SUCH AS AWS, MICROSOFT AZURE OR GOOGLE CLOUD PLATFORM ARE DESIGNED IN SUCH A WAY THAT IN CASE OF FAILURE OF ONE OF THE HYPERVISORS (TOOLS FOR MANAGING VIRTUALIZATION PROCESSES) YOUR INSTANCE COULD BE LAUNCHED ON ANOTHER AND CONTINUE TO WORK.

DUE TO HIGH AVAILABILITY SOLUTIONS AND CLOUD COMPUTING FLEXIBILITY, THE ENTIRE SERVER ROOM OF A GIVEN PROVIDER MAY HYPOTHETICALLY BREAK DOWN AND YOUR SERVICES WILL CONTINUE TO WORK.

THIS IS DUE TO THE SPECIFICITY OF THESE COMPLEXES, WHICH CONSIST OF SEVERAL DISTRIBUTED DATA PROCESSING CENTERS. ASSUMING EVEN THE DARKEST SCENARIO AND A POWERFUL CATACLYSM THAT TURNS OFF ONE OF THESE COMPLEXES (REGIONS) IN WHICH YOU HAD YOUR RESOURCES LOCATED, YOU’LL STILL BE ABLE TO FUNCTION.

STICKING TO TRADITIONAL SOLUTIONS, IN THIS CASE YOU SHOULD RENT SERVERS IN A ANOTHER DATA CENTER, ORDER YOUR ADMINISTRATORS TO INSTALL SYSTEMS, PREPARE ENVIRONMENTS, AND THEN START THE TEDIOUS PROCESS OF RESTORING DATA FROM BACKUPS

WITH DAAS, DESKTOP OPERATING SYSTEMS RUN INSIDE VIRTUAL MACHINES ON SERVERS IN A CLOUD PROVIDER'S DATA CENTER.

DIFFERENCE BETWEEN SAAS, PAAS, IAAS AND DAAS IS THE SCOPE OF SERVICE THAT IS PROVIDED. SAAS PROVIDES SOFTWARE IN ADDITION TO PAAS. PAAS PROVIDES A PLATFORM IN ADDITION TO IAAS. IAAS PROVIDES INFRASTRUCTURE SUCH AS SERVERS. DAAS PROVIDES A VIRTUAL DESKTOP ENVIRONMENT

VDI IS A TECHNOLOGY THAT ALLOWS END USERS TO ACCESS A WINDOWS DESKTOP WITH ALL THEIR BUSINESS APPLICATIONS AT ANY TIME, FROM ANY TYPE OF DEVICE (WINDOWS, APPLE, ANDROID), FROM ANY LOCATION WITH AN INTERNET CONNECTION.

ESTABLISHING A VIRTUAL PRIVATE NETWORKS (VPN) IS TYPICALLY THE WAY REMOTE USERS ACCESS CORPORATE SYSTEMS AND DATA. THE VPN PROVIDES ENCRYPTED MANAGED ACCESS BY REMOTE USERS TO ORGANIZATIONAL RESOURCES (APPLICATIONS, DATA, ETC.). STAFF WORKING REMOTELY MUST BE ABLE TO ACCESS CRITICAL INTERNAL APPLICATIONS AND DATABASES.

WITH APPLICATIONS HOSTED IN THE CLOUD ACCESS IS MADE MORE SEAMLESS. TELE/VIDEO CONFERENCING – THIS IS ONE OF THE CRITICAL TOOLS IN THE VIRTUAL OFFICE WORLD TO KEEP COMMUNICATION LINES OPEN BETWEEN STAFF MEMBERS.

THE MOST POPULAR TELE/VIDEO CONFERENCING CLOUD-BASED APPLICATIONS ARE CISCO’S WEBEX, GO-TO-MEETING AND JITSI. ORGANIZATIONS WOULD NEED TO SUBSCRIBE TO SUCH A SERVICE AND TO ENSURE THAT IT HAS ENOUGH CONCURRENT LICENSES TO CONDUCT VIDEO/TELE CONFERENCES WITH THE REQUIRED NUMBER OF PEOPLE.

WITH THE CURRENT COVID-19 CRISIS MANY COMPANIES ARE OFFERING FREE TRIALS AND ADDITIONAL LICENSES FOR FREE OR AT DISCOUNTED RATES. FOR EXAMPLE, CISCO IS EXTENDING FREE LICENSES FOR ITS WEBEX SYSTEM AND OFFERING EXTRA USE AT NO ADDITIONAL COST FOR THREE OF ITS MAIN SECURITY SOLUTIONS.

CONSIDERATION SHOULD BE GIVEN AS TO HOW COMPUTER SECURITY PATCHES CAN BE UPDATED REMOTELY AND HOW OTHER SECURITY MEASURES WILL BE DEPLOYED WITH A VIRTUAL WORKFORCE. ORGANIZATIONS WILL NEED TO ADDRESS FIREWALL ISSUES TO PROTECT INTERNAL ASSETS FROM THE INCREASED RISK POSED BY THE IMPLEMENTATION OF A REMOTE VIRTUAL OFFICE ENVIRONMENT. MANY OF THE CORE TOOLS ABOVE CAN AND WILL BE PROVIDED AS A CLOUD COMPUTING SERVICE.

THIS WILL REDUCE LEAD TIMES FOR ESTABLISHING THE VIRTUAL OFFICE ENVIRONMENT AND REMOVE MANY OF THE TECHNICAL BURDENS, PARTICULARLY FOR SMALL AND MEDIUM SIZE ENTERPRISES WHO MAY NOT HAVE THE IT RESOURCES.

HOWEVER, CARE IN CHOOSING A CLOUD SERVICES VENDOR(S) SHOULD BE TAKEN. ON A STRATEGIC CORPORATE LEVEL CONSIDERATION SHOULD BE GIVEN AS TO WHERE INFORMATION IS STORED, AND EVENTUALLY WHICH JURISDICTION MAY HAVE CONTROL OR ACCESS TO THE INFORMATION. THERE MAY BE NATIONAL LEGISLATIVE REQUIREMENTS TO LOCALISE CERTAIN PERSONAL INFORMATION FOR DATA PRIVACY REASONS.

CLOUD GIANTS LIKE AMAZON HAVE ALREADY CONFIRMED THEIR CONFIDENCE IN THE ABILITY OF THEIR CLOUD SERVICE TO SATISFY THE SURGE IN DEMAND.

HOWEVER, THE SUDDEN AND UNPLANNED MIGRATION TO THE CLOUD HAS RESULTED IN MINOR OBSTACLES FOR A FEW CLOUD-BASED PLATFORMS. MICROSOFT, FOR INSTANCE, WAS EXPERIENCING TECHNICAL PROBLEMS BECAUSE OF AUGMENTED USAGE AND BANDWIDTH. HOWEVER, THESE COMPLICATIONS ARE USUALLY TEMPORARY, WITH SYSTEMS UP AND RUNNING SOON AFTER.

IT’S IMPORTANT FOR ORGANISATIONS TO BE READY TO SCALE CLOUD VOLUME IN STEP WITH THE DEMAND. HAVING A SEASONED CLOUD MANAGEMENT SERVICE PROVIDER, WHO CAN HELP YOU DO SO, WILL GUARANTEE A TROUBLE-FREE MIGRATION OF YOUR PROCESSES IN CONJUNCTION WITH TOP-NOTCH INFRASTRUCTURE MAINTENANCE SO THAT YOUR BUSINESS OPERATIONS STAY UNAFFECTED.

SIMPLY PUT, THE CLOUD SYSTEM IS SEGREGATED INTO FRONT-END AND BACK-END. THE FRONT-END OF CLOUD COMPUTING IS MANAGED BY THE CONSUMER OR ANY USER. THE BACK-END INCLUDES COMPUTERS, SERVERS, KNOWLEDGE STORAGE DEVICES, VIRTUAL SYSTEMS, AND MORE. THIS IS WHERE THE CLOUD ENVIRONMENT, THE DATA, AND THE NUMEROUS FUNCTIONALITIES ARE STORED. THE FRONT-END AND BACK-END ARE CONNECTED THROUGH THE WEB.

OTHER ELEMENTS LIKE MIDDLEWARE AND CLOUD RESOURCES ALSO ARE A PART OF CLOUD COMPUTING. THE CLOUD USES A NETWORK LAYER TO CONNECT ALL THE DEVICES AND PROVIDE ACCESS TO DATA AND FUNCTIONALITIES. THE WHOLE SYSTEM IS MANAGED THROUGH A CENTRAL SERVER THAT ADDITIONALLY MANAGES TRAFFIC.

BEING ON THE CLOUD CAN FACILITATE YOUR BUSINESSES CIRCUMVENT THE CHAOS FROM THE CORONAVIRUS LOCKDOWN IRRESPECTIVE OF YOUR LOCATION. FACTORS LIKE AFFORDABILITY, MEASURABILITY, AND EASE OF MAINTENANCE MAKE CLOUD SOLUTIONS AN ALLURING OPTION FOR BUSINESSES OF ALL SIZES.

CLOUD SOLUTIONS ARE EQUIPPED WITH FEATURES LIKE DATA BACKUP, DISASTER RECOVERY, AND BUSINESS CONTINUITY MANAGEMENT. THIS HAS ENSURED CONTINUED & HASSLE-FREE BUSINESS OPERATIONS AMIDST THIS SUDDEN AND UNFORESEEN PANDEMIC, WHERE IN-HOUSE IT SYSTEMS MAY HAVE BEEN UNUSABLE.

REMOTE OPERATING CAPABILITIES SUPPORTED BY THE CLOUD HAVE ENSURED THAT USER DATA AND SERVICES ARE ACCESSIBLE AT ALL TIMES. EMPLOYEES SITTING AT HOME ARE ABLE TO LOG IN FROM THEIR COMPUTERS AND WORK WITHOUT ANY HINDRANCES. THE CLOUD IS ADDITIONALLY ENSURING SMOOTH INTEGRATION OF DATA WHILE LEVERAGING THE NEWEST TECHNOLOGY TO SUPPORT YOUR BUSINESS GOALS.

IN OTHER WORDS, CLOUD SYSTEMS CAN PROVIDE MAJOR BENEFITS LIKE RELIABILITY AND CONTINUITY TO BUSINESSES EVEN DURING A GLOBAL CRISIS LIKE CORONAVIRUS PANDEMIC.

THERE IS ALWAYS THE NECESSITY TO SHOP FOR FOOD ITEMS AND HOUSEHOLD ESSENTIALS, REGARDLESS OF A LOCKDOWN. CLOUD ACTS AS A BACKBONE FOR ALL ONLINE RETAILERS TO MAKE SURE THEIR OPERATIONS ARE RUNNING SMOOTHLY, ESPECIALLY SINCE THERE IS AN OVERWHELMING RISE IN DEMAND.

STORES RUNNING ON TRADITIONAL WEB-HOSTED PLATFORMS CAN EXPERIENCE DOWNTIME BECAUSE OF THEIR INABILITY TO HANDLE THE ESCALATION IN TRAFFIC. ON THE OTHER HAND, CLOUD-HOSTED PLATFORMS ARE EXTREMELY SCALABLE AND VERSATILE, PROTECTING BUSINESSES FROM DISRUPTION DUE TO INFRASTRUCTURE ISSUES.

FURTHER, MODERN CLOUD SOLUTIONS ARE ARMED TO HANDLE ONLINE SECURITY PROBLEMS AND CYBERCRIMES LIKE DEBIT/CREDIT CARD FRAUD, DATA BREACHES, DDOS ATTACKS, HACKING, PHISHING, RANSOMWARE, DARK CLOUD ATTACKS, AND SO. EXPERT CLOUD OPERATORS WORK WITH SECURITY AGENCIES AND LAW ENFORCEMENT OFFICERS TO FIND, MITIGATE, AND KEEP CYBER THREATS CORNERED

WHILE REMOTE WORK EXISTED EVEN BEFORE THE RAPID RISE OF CLOUD COMPUTING AND THE CORONAVIRUS PANDEMIC, INEFFICIENCIES AND TECHNICAL DIFFICULTIES WERE PREVALENT AT THAT TIME. HOWEVER, REMOTE WORK IS CURRENTLY WIDESPREAD, AND CLOUD COMPUTING IS PROVIDING CONSIDERABLE PRODUCTIVITY ENHANCEMENTS FOR ALL TASKS.

THANKS TO CLOUD TECHNOLOGY, REMOTE WORK IS NOW BEING CARRIED OUT SEAMLESSLY. THERE ARE CLOUD-BASED SOLUTIONS FOR NEARLY EVERY JOB, WHETHER IT’S ACCOUNTING, BACK-OFFICE TASKS, WRITING AND EDITING, ENGINEERING, ONLINE MARKETING, WEB DESIGNING, CONSULTING OR ANY OTHER JOB.

COMMUNICATION TOOLS LIKE TEAMVIEWER, SKYPE, SLACK, WHATSAPP, AND ZOOM ARE POWERED BY CLOUD TECHNOLOGY TO PROVIDE CEASELESS AND STEADY SERVICES.

MOST HEALTHCARE ORGANISATIONS HAVE SHIFTED THEIR DATA TO THE CLOUD TO OPTIMISE PATIENT OUTCOMES.

TIMELY CLOUD ADOPTION HAS HELPED ENHANCE THE ABILITY TO ANALYSE DATA AND IMPROVE RESPONSE IN THE FACE OF THIS OUTBREAK.

FURTHER, THE CLOUD IS ADDITIONALLY SERVING HEALTHCARE INSTITUTIONS TO LIMIT UNNECESSARY IT COSTS ASSOCIATED WITH GETTING INSTRUMENTS AND PROVIDING PHYSICAL SPACE FOR A SEPARATE IT DEPARTMENT. CLOUD SOLUTIONS HAVE ALSO EXPEDITED INTEROPERABILITY THROUGH DATA AND SYSTEM INTEGRATIONS.

THAT’S NOT ALL. THE CLOUD IS PLAYING A HUGE ROLE IN SUPPORTING TELEMEDICINE AND TELEHEALTH, ENABLING HEALTHCARE PROVIDERS TO OFFER THEIR SERVICES FROM REMOTE PLACES.

THANKS TO THE CLOUD, THE WORLD IS FIGHTING CORONAVIRUS WITH TECHNOLOGY. BUSINESSES HAVE MANAGED TO REMAIN OPERATIONAL AND OTHER PEOPLE ARE CONNECTED EVEN AMID STRICT LOCKDOWNS.

GIVEN THIS SCENARIO SPURRED BY THE CORONAVIRUS CRISIS, ONE FACTOR IS CLEAR: BUSINESSES NEED TO HANDLE THIS PANDEMIC STRATEGICALLY. THE FIRST ADVANTAGEOUS STEP WOULD BE MIGRATING TO RELIABLE CLOUD PLATFORMS.

CLOUD INFRASTRUCTURE IS HIGHLY AUTOMATED AND ALLOWS FOR THE CREATION OF SCALING POLICIES THAT SET TARGETS AND ADD OR REMOVE CAPACITY IN REAL-TIME AS DEMAND CHANGES.

MOST CSPS NOW PROVIDE A MULTI-TENANT ARCHITECTURE THAT ALLOWS DIFFERENT BUSINESS UNITS WITHIN AN ORGANISATION OR MULTIPLE ORGANISATIONS TO SHARE COMPUTING RESOURCES. THIS ALLOWS ORGANISATIONS TO OPTIMISE THEIR RESOURCES AND STAFF VS. HAVING THEIR OWN DATA CENTRES.

LASTLY, THE PHYSICAL SECURITY IN AND AROUND CSP DATA CENTRES TENDS TO BE MORE ROBUST AND PROVEN THAN WHAT ENTERPRISES CAN INDIVIDUALLY AFFORD. MOST CSPS HAVE RIGOROUS AND ONGOING PROCESSES FOR ASSESSMENT AND MITIGATION OF POTENTIAL VULNERABILITIES, OFTEN PERFORMED BY THIRD-PARTY AUDITORS.

IN THE CONTEXT OF CORONAVIRUS, DIGITAL PLATFORMS RUNNING ON THE CLOUD CAN UNLEASH COST AND OPERATIONAL ADVANTAGES VIA CENTRALISED CONTROL WHILE MEETING BANDWIDTH CHALLENGES THAT FLARE UP DURING PEAK USAGE PERIODS.

CLOUD-SCALE DATA CENTERS ARE MORE AUTOMATED THAN THOSE IN THE TYPICAL ENTERPRISE. MOST CLOUD PROVIDERS ALSO HAVE MULTIPLE REGIONS, WHICH ENABLES THEM TO SHIFT WORKLOADS ON THE FLY TO EQUALIZE CAPACITY.

CLOUD IMPROVES OVERALL SECURITY POSTURE BECAUSE IT PROVIDES A NUMBER OF HIGHLY SCALABLE MECHANISMS AGAINST DENIAL-OF-SERVICE ATTACKS AND GREATER VISIBILITY INTO CYBERTHREATS,

WHILE CLOUD IS COMING ON AS EXTREMELY USEFUL FOR ENABLING REMOTE WORK, ONE CANNOT FORGET THAT JUST BEFORE THE PANDEMIC SET IN, THE INDUSTRY WAS DEBATING THE ADVANTAGES OF MOVING BACK TO ON-PREMISE.

CLOUD MODELS HAVE AN EDGE AS IT REMOVES THE HASSLE OF FREQUENTLY UPDATING SYSTEMS AND IS BETTER IN TERMS OF FLEXIBILITY, RELIABILITY, AND SECURITY,

THE ONGOING COVID-19 PANDEMIC HAS SUDDENLY TURNED THE SPOTLIGHT ON TO THE CIOS, CTOS, CISOS AND THE LIKES, AS THEY NOW OCCUPY THE CENTRE STAGE FACING PERHAPS WHAT WILL BE THE GREATEST TESTS IN THEIR CORPORATE CAREER.

THEY ARE NOW TASKED TO BECOMING ENABLERS OF BUSINESS OPERATIONS IN A TIME OF CRISIS AND THE CARETAKERS OF EMPLOYEE EXPERIENCE.

AS COMPANIES MOVE MORE APPLICATIONS OUT TO THE CLOUD, THEY ARE LESS TIED TO VPNS AND THEN CAN OPT TO DEPLOY PASSWORDLESS AUTHENTICATION.

PASSWORDLESS AUTHENTICATION IS A TYPE OF AUTHENTICATION WHERE USERS DO NOT NEED TO LOG IN WITH PASSWORDS. ... WITH THIS FORM OF AUTHENTICATION, USERS ARE PRESENTED WITH THE OPTIONS OF EITHER LOGGING IN SIMPLY VIA A MAGIC LINK, FINGERPRINT, OR USING A TOKEN THAT IS DELIVERED VIA EMAIL OR TEXT MESSAGE.

83% OF HACKING-RELATED BREACHES WERE AS A RESULT OF WEAK, STOLEN, OR REUSED PASSWORDS.

BECAUSE THERE ARE NO PASSWORDS TO TYPE, THE LIKELIHOOD OF BEING PHISHED IS REDUCED. THIS ALSO MEANS USERS ARE PROTECTED FROM MAN-IN-THE-MIDDLE, MAN-IN-THE-BROWSER, AND OTHER REPLAY ATTACKS THAT RELY ON PASSWORDS.

WITH PASSWORDLESS AUTHENTICATION, WORKERS ARE FREE TO USE THEIR OWN DEVICES BECAUSE THERE'S A SECURE CONNECTION BETWEEN THE APPLICATION AND THE DEVICE.

PASSWORDLESS AUTHENTICATION IS A MORE SECURE

INTERNET SERVICE PROVIDERS (ISPS) SNOOPING ON EVERYTHING YOU WERE DOING ONLINE, THEN A VPN IS ABSOLUTELY FOR YOU. DID YOU KNOW THAT IN MANY COUNTRIES, YOUR ISP CAN SELL YOUR BROWSING HISTORY TO MARKETING AND ADVERTISING AGENCIES? AND THAT IF REQUESTED BY MANY GOVERNMENTS, THEY ARE LEGALLY BOUND TO HAND OVER LOGS OF YOUR ONLINE ACTIVITY?

IN A NORMAL INTERNET CONNECTION, WHEN YOU TRY TO ACCESS A WEBSITE ON THE INTERNET, YOUR COMPUTER ROUTES THE REQUEST THROUGH YOUR ISP’S SERVER, WHICH THEN CONNECTS YOU TO THE WEBSITE. IN A VPN CONNECTION, YOU CONNECT DIRECTLY TO THE VPN’S SERVER, BYPASSING YOUR ISP’S SERVER.

IF YOU’VE HEARD OF A FIREWALL BEFORE, THE VPN ACTS IN A SIMILAR WAY, SHIELDING AND PROTECTING YOUR INTERNET CONNECTION BY MEANS OF PRIVATE SERVERS AND ENCRYPTED DATA STREAMS.

IN A VPN CONNECTION, ALL THE DATA YOU SEND AND RECEIVE IS ENCRYPTED. SO, IF ANYONE WERE TO TRY TO INTERCEPT THE DATA YOU’RE SENDING, THAT ENCRYPTION WOULD KEEP YOU SAFE (OR AT LEAST, SAFER THAN IF IT WERE TRANSMITTED WITHOUT ENCRYPTION).

YOUR IP ADDRESS ISN’T THE ONLY THING THAT IDENTIFIES YOU ONLINE. IN FACT, THERE HAVE ALSO BEEN INSTANCES WHERE VPNS HAVE BEEN KNOWN TO LEAK ACTUAL IP ADDRESSES.

OTHER METHODS OF TRACING YOU INCLUDE DOXING, USE OF MALWARE, PLAIN OLD CARELESSNESS AND MORE.

WHEN YOU’RE CONNECTED TO A VPN SERVICE, ALL YOUR INTERNET TRAFFIC AND COMMUNICATION PASSES THROUGH A SECURE TUNNEL. THAT IS WHAT KEEPS YOUR INFORMATION PRIVATE AND SAFE.

EACH VPN USES VARIOUS PROTOCOLS FOR THIS THAT HAVE DIFFERENT LEVELS OF SECURITY. HERE ARE SOME EXAMPLES;

INTERNET PROTOCOL SECURITY (IPSEC)

IPSEC AUTHENTICATES THE INTERNET SESSION AND ENCRYPTS DATA DURING THE CONNECTION. IT HAS TWO MODES, TRANSPORT AND TUNNELING, SO DATA IS SAFE DURING TRANSFER BETWEEN DIFFERENT NETWORKS. IPSEC CAN BE COMBINED WITH OTHER SECURITY PROTOCOLS TO MAKE SESSIONS EVEN SAFER.

LAYER 2 TUNNELING PROTOCOL (L2TP)

L2TP IS ONE OF THE OTHER PROTOCOLS WHICH CAN BE USED WITH IPSEC. IT CREATES A TUNNEL BETWEEN TWO POINTS WHICH IPSEC HANDLES THE ENCRYPTION OF THE DATA THAT IS PASSED BETWEEN THEM.

POINT-TO-POINT TUNNELLING PROTOCOL (PPTP)

PPTP IS AN ALL-IN-ONE PROTOCOL THAT BOTH CREATES THE TUNNEL AND ENCRYPTS DATA. IT IS VERY COMMONLY USED AND SUPPORTED, EVEN ON MAC AND LINUX SYSTEMS.

SINCE NOT ALL VPNS HAVE A NO LOGGING POLICY. LOGS ARE HISTORY FILES RECORD YOUR INTERNET TRAFFIC HISTORY. IF LOGS ARE NOT KEPT, OBVIOUSLY THE VPN SERVICE PROVIDER CAN’T SELL IT OR HAND IT OVER TO ANY GOVERNMENT OR LAW ENFORCEMENT AGENCY, RIGHT?

IF A VPN HAS A NO LOGGING POLICY, THIS IS OFTEN STATED VERY CLEARLY ON THEIR WEBSITE.

THERE IS NOW A SUDDEN 52% SPIKE IN REMOTE DESKTOP PROTOCOL (RDP) USAGE. RDP IS A POPULAR WAY FOR USERS TO ACCESS WINDOWS MACHINES AND SERVERS REMOTELY OVER THEIR VPN CONNECTIONS.

THE RUSH TO ENABLE EMPLOYEES TO WORK FROM HOME IN RESPONSE TO THE COVID-19 PANDEMIC RESULTED IN MORE THAN 1.7 MILLION NEW REMOTE DESKTOP PROTOCOL (RDP) SERVERS BEING EXPOSED TO THE INTERNET. THE NUMBER OF ATTACKS TARGETING OPEN RDP PORTS IN THE US MORE THAN TRIPLED IN MARCH AND APRIL 2020

ORGANIZATIONS HAVE RAMPED UP RDP USE TO ENABLE THEIR REMOTE WORKFORCE AND MAINTAIN BUSINESS OPERATIONS DURING THIS TIME OF PANDEMIC UNCERTAINTY. YET, WHILE RDP IS MORE SECURE THAN REMOTE CONNECTION TOOLS THAT DO NOT ENCRYPT ENTIRE SESSIONS, TWO CRITICAL RDP VULNERABILITIES DISCLOSED IN THE PAST YEAR – BLUEKEEP AND DEJABLUE – HIGHLIGHT POTENTIAL SECURITY RISKS.

CYBER ATTACKERS HAVE TAKEN ADVANTAGE OF SYSADMINS WORKING REMOTELY AND ARE DEDICATING MORE RESOURCES TO SCANNING FOR THE STANDARD RDP PORT 3389 TO SEE WHAT HAS BEEN EXPOSED. THEY’VE ALSO LAUNCHED A WAVE OF BRUTE-FORCE ATTACKS USING AUTOMATION TOOLS TO SYSTEMATICALLY TEST USERNAME AND CREDENTIAL COMBINATIONS UNTIL THEY CRACK THE CODE.

IN A STORY TOLD TIME AND TIME AGAIN, ONCE ATTACKERS GAIN AN ADMINISTRATOR’S PRIVILEGED CREDENTIALS, THEY CAN MOVE LATERALLY THROUGH THE ENVIRONMENT, ESCALATING PRIVILEGES UNTIL THEY REACH VALUABLE TARGETS LIKE THE DOMAIN CONTROLLER OR CLOUD CONSOLE.

THIS ACCESS ALLOWS THEM TO CONTROL ANY SERVER, CONTROLLER, ENDPOINT OR PIECE OF DATA ANYWHERE ON A NETWORK. THEY CAN RUN COMMANDS, DISABLE ANTIVIRUS SOFTWARE, INSTALL MALWARE, ENCRYPT DATA FOR RANSOM OR STEAL VALUABLE DATA, INCLUDING PII.

FORTUNATELY, THERE ARE A FEW STEPS ORGANIZATIONS CAN TAKE TO IMPROVE RDP SECURITY AND REDUCE THE RISK OF A DATA BREACH:

LIMIT PRIVILEGED ACCESS. BY DEFAULT, ALL ADMINISTRATORS CAN LOG INTO RDP. IMPLEMENT THE PRINCIPLE OF LEAST PRIVILEGE BY LIMITING ADMINISTRATIVE PRIVILEGES TO ONLY THOSE WHO ABSOLUTELY NEED IT. EVEN BETTER, LAYER IN AND ENABLE JUST-IN-TIME PROVISIONING FOR REMOTE VENDORS WHO ARE NOT PART OF THE DIRECTORY SERVICE SO THAT THEIR ACCESS IS TIME-LIMITED.

BE SURE TO MONITOR AND TRACK ALL USER ACCESS AND ACTIVITY DURING PRIVILEGED SESSIONS, ESPECIALLY FOR TIER0 ASSETS LIKE DOMAIN CONTROLLERS OR CLOUD CONSOLES.

KEEP SOFTWARE UP-TO-DATE ON ALL REMOTE WINDOWS MACHINES CONNECTING TO THE INTERNET – INCLUDING WINDOWS 7 WORKSTATIONS.

ENABLE NLA. NETWORK LEVEL AUTHENTICATION (NLA) PROVIDES AN EXTRA LEVEL OF AUTHENTICATION BEFORE A CONNECTION IS ESTABLISHED.

AVOID EXPOSURE. KEEP RDP SERVERS BEHIND YOUR FIREWALL. NEVER ALLOW DIRECT RDP CONNECTIONS THAT EXPOSE MACHINES AND SERVERS TO THE INTERNET, WHICH CAN PUT YOUR CRITICAL DATA AND INTERNAL SYSTEMS AT RISK.

USE STRONG PASSWORDS AND MULTIFACTOR AUTHENTICATION. BRUTE FORCE TOOLS ARE GETTING SOPHISTICATED. STRONG PASSWORD POLICIES MUST BE FOLLOWED – AND MULTI-FACTOR AUTHENTICATION IS A MUST. EVEN BETTER, CONSIDER TOOLS THAT ELIMINATE PASSWORDS AND OTHER NETWORK-BASED ACCESS CONTROLS ALTOGETHER.

PRIVILEGED ACCESS MANAGEMENT (PAM) TOOLS LIKE THE CYBERARK PRIVILEGED ACCESS SECURITY SOLUTION HELP ORGANIZATIONS ESTABLISH A SECURE RDP CONNECTION FROM THE START. PRIVILEGED CREDENTIALS ARE CENTRALLY STORED AND MANAGED IN A DIGITAL VAULT AND ACCESS IS GRANTED ACCORDING TO USER PERMISSIONS.

THE WEB BROWSER SESSION IS ISOLATED AND ENCRYPTED. PRIVILEGED USER ACTIVITY IS TIGHTLY MONITORED AND CONTROLLED, AND SUSPICIOUS ACTIVITY IS FLAGGED SO SOC TEAMS CAN RESPOND IMMEDIATELY.

MEANWHILE, REMOTE WORKERS CAN USE NATIVE WORKFLOWS THAT DON’T EXPOSE THEIR ENDPOINTS TO THE CREDENTIALS NEEDED TO ACCESS CRITICAL IT SYSTEMS FOR WORK, MAINTENANCE OR OTHERWISE. BEST OF ALL, THESE STRONG PAM CONTROLS EXTEND BEYOND RDP TO HELP ORGANIZATIONS SECURE REMOTE CONNECTIONS TO ANY WEB-FACING SYSTEM, LIKE SSH AUTHENTICATION TO UNIX/LINUX.

SECURE SHELL (SSH) IS A CRYPTOGRAPHIC NETWORK PROTOCOL FOR OPERATING NETWORK SERVICES SECURELY OVER AN UNSECURED NETWORK.. TYPICAL APPLICATIONS INCLUDE REMOTE COMMAND-LINE, LOGIN, AND REMOTE COMMAND EXECUTION, BUT ANY NETWORK SERVICE CAN BE SECURED WITH SSH.

SSH KEYS ARE AUTHENTICATION CREDENTIALS. SSH (SECURE SHELL) IS USED FOR MANAGING NETWORKS, OPERATING SYSTEMS, AND CONFIGURATIONS. IT IS ALSO INSIDE MANY FILE TRANSFER TOOLS AND CONFIGURATION MANAGEMENT TOOLS. ... TECHNICALLY THE KEYS ARE CRYPTOGRAPHIC KEYS USING A PUBLIC KEY CRYPTOSYSTEM

WHILE RDP IS CRITICAL FOR FACILITATING REMOTE WORK DURING THE PANDEMIC, IT CAN ALSO EXPOSE AN ENTIRE BUSINESS NETWORK TO RISK, WITH MANY COMPANIES HASTILY SETTING UP THE SOFTWARE AT THE START OF THE PANDEMIC.

ONCE MALICIOUS ACTORS COMPROMISE AN RDP PORT, THEY CAN EASILY USE IT TO SEND SPAM USING A COMPANY’S MAIL SERVER. WORSE, THEY CAN USE REMOTE ACCESS TO SPREAD MALWARE THROUGHOUT THE INTERNAL NETWORK.

REMOTE DESKTOP PROTOCOL (RDP) IS A PROPRIETARY PROTOCOL DEVELOPED BY MICROSOFT WHICH PROVIDES A USER WITH A GRAPHICAL INTERFACE TO CONNECT TO ANOTHER COMPUTER OVER A NETWORK CONNECTION. THE USER EMPLOYS RDP CLIENT SOFTWARE FOR THIS PURPOSE, WHILE THE OTHER COMPUTER MUST RUN RDP SERVER SOFTWARE.

THE RDP PROTOCOL IS A FREQUENT TARGET FOR CREDENTIAL STUFFING AND OTHER BRUTE-FORCE PASSWORD GUESSING ATTACKS THAT RELY ON LISTS OF COMMON USERNAMES AND PASSWORD COMBINATIONS OR ON CREDENTIALS STOLEN FROM OTHER SOURCES.

SOME CYBERCRIMINALS EVEN SPECIALIZE IN SELLING HACKED RDP CREDENTIALS AS A COMMODITY ON THE UNDERGROUND MARKET TO OTHER HACKERS WHO USE THEM TO DEPLOY RANSOMWARE AND CRYPTOMINERS OR TO ENGAGE IN MORE SOPHISTICATED ATTACKS THAT CAN LEAD TO THE THEFT OF SENSITIVE DATA AND MORE EXTENSIVE NETWORK COMPROMISES.

RDP IS A MICROSOFT PROTOCOL RUNNING ON PORT 3389 THAT CAN BE UTILIZED BY USERS REQUIRING REMOTE ACCESS TO INTERNAL SYSTEMS. MOST OF THE TIME, RDP RUNS ON WINDOWS SERVERS AND HOSTS SERVICES SUCH AS WEB SERVERS OR FILE SERVERS, FOR EXAMPLE. IN SOME CASES, IT IS ALSO CONNECTED TO INDUSTRIAL CONTROL SYSTEMS.

RDP PORTS ARE OFTEN EXPOSED TO THE INTERNET, WHICH MAKES THEM PARTICULARLY INTERESTING FOR ATTACKERS. IN FACT, ACCESSING AN RDP BOX CAN ALLOW AN ATTACKER ACCESS TO AN ENTIRE NETWORK, WHICH CAN GENERALLY BE USED AS AN ENTRY POINT FOR SPREADING MALWARE, OR OTHER CRIMINAL ACTIVITIES.

WORK AT HOME OPPORTUNITY DURING THIS PANDEMIC HAS SIGNIFICANTLY INCREASED INSIDER THREATS FROM EMPLOYEES TAKING RISKS WITH COMPANY ASSETS, SUCH AS STEALING SENSITIVE DATA FOR PERSONAL USE OR GAIN AS EMPLOYERS HAVE LESS VISIBILITY TO WHAT EMPLOYEES ARE DOING OR ACCESSING.

WITH REMOTE WORK COMES GREATER CLOUD USAGE. THAT COULD BE A PROBLEM FOR MANY COMPANIES THAT HAVE ISSUES WITH VISIBILITY INTO THE SECURITY OF THEIR CLOUD COMPONENTS, AND THAT OFTEN RELY ON PERIMETER AND ON-PREMISE SECURITY SOFTWARE AND APPLIANCES TO KEEP THEIR SYSTEMS AND DATA SAFE

IF YOUR ORGANIZATION HAS NOT CONDUCTED A THOROUGH RISK ASSESSMENT AND ADOPTED A FORMALIZED INFORMATION SECURITY PROGRAM CONTAINING REASONABLE SAFEGUARDS THAT HAS CONSIDERED THE THREATS TO ITS REMOTE WORKFORCE, DEPENDING ON YOUR INDUSTRY, YOU ARE NOT IN REGULATORY COMPLIANCE WITH THE APPLICABLE STANDARDS FOR SAFEGUARDING PROTECTED INFORMATION

AN EMPLOYEE MIGHT LOSE HIS/HER DEVICE, OR LET OTHER FAMILY MEMBERS USE IT, WHICH WILL RESULT IN UNAUTHORISED ACCESS. IN SOME CASES, EMPLOYEES COPY CONFIDENTIAL DATA TO THEIR PERSONAL DEVICES FROM CORPORATE CLOUD STORAGE WITH HARMFUL/ MALICIOUS INTENT, WHICH IS A SERIOUS SECURITY RISK AS WELL.

AN INSIDER THREAT IS A SECURITY RISK THAT ORIGINATES FROM WITHIN AN ORGANIZATION. I

NSIDER THREATS OFTEN RESULTS IN THEFT OR DESTRUCTION OF DATA OR THE COMPROMISE OF NETWORKS, COMMUNICATIONS OR OTHER INFORMATION TECHNOLOGY RESOURCE.

THIS PANDEMIC “WORK AT HOME” CULTURE HAS PROVIDED GREATER OPPORTUNITY FOR SECURITY INCIDENTS AND GREATER DATA SECURITY RESPONSIBILITY WITH LESS DIRECT OVERSIGHT.

A MALICIOUS INSIDER UTILIZES CREDENTIALS TO GAIN ACCESS TO A GIVEN ORGANIZATION’S CRITICAL CLOUD INFRASTRUCTURE ASSETS.

MANY ORGANIZATIONS ARE CHALLENGED TO DETECT INTERNAL, NEFARIOUS ACTS, REGULARLY DUE TO LIMITED ACCESS CONTROLS AND THE ABILITY TO DETECT UNUSUAL ACTIVITY ONCE SOMEONE IS ALREADY INSIDE THEIR NETWORK.

RISK MANAGEMENT AND SECURITY LEADERS NEED TO MANAGE THE DELICATE ISSUE OF THE INSIDER THREAT DURING A TIME WHEN MANY EMPLOYEES HAVE CONCERNS, NEED SUPPORT AND REQUIRE PROTECTION. EMPLOYEES SUBJECT TO NEW WORKING ARRANGEMENTS MAY WELL REACT MALICIOUSLY DUE TO LIMITED HOURS, LOWERED COMPENSATION, REDUCED PROMOTION OPPORTUNITIES, AND EVEN EXPECTATIONS OF REDUNDANCY.

THESE CONCERNS AT WORK CAN BE COMPOUNDED BY INCREASED LEVELS OF STRESS OUTSIDE OF THE WORK ENVIRONMENT DUE TO WORRIES ABOUT THE HEALTH OF THEIR FAMILIES, LIVELIHOOD AND UNCERTAINTY ABOUT THE FUTURE. SOME EMPLOYEE ARE UNHAPPY WITH THEIR LAST ANNUAL RAISE OR UNFAIR EVALUATIONS BY THEIR USELESS BOSSES,

UNDER THESE CONDITIONS, EMPLOYEES MIGHT BECOME RESENTFUL OR DISGRUNTLED TOWARDS THE ORGANIZATION, RESULTING IS OCCURRENCES OF INFORMATION LEAKAGE AND THEFT OF INTELLECTUAL PROPERTY.

SECURITY CONTROLS DESIGNED TO MONITOR AND CAPTURE ACTIVITY MAY NOT BE AS CAPABLE AS THEY WERE IN THE TRADITIONAL ON-PREMISES WORLD. EMPLOYEES MAY BE CONNECTING FROM NEW DEVICES AND NEW NETWORKS WHERE THE SECURITY CONTROLS AREN'T ON PAR.

ALL INDIAN ORGANIZATIONS SHOULD CONDUCT AN INSIDER THREAT RISK ASSESSMENT ON THEIR CRITICAL BUSINESS FUNCTIONS THAT COULD BE LEVERAGED BY AN INSIDER TO CONDUCT FRAUD. THERE ARE RIVAL COMPANIES READY TO PAY BIG MONEY FOR AN INSIDER BREACH .

AS MORE EMPLOYEES WORK REMOTELY, THEY HAVE TAKEN COMPANY DEVICES THAT MAY HAVE BEEN VERY DEPENDENT ON NETWORK SECURITY SUCH AS EMAIL GATEWAYS, WEB GATEWAYS, INTRUSION DETECTION SYSTEMS OR FIREWALLS TO PROTECT THOSE DEVICES.

NOW, MOST OF THOSE PROTECTIONS ARE PRETTY MUCH USELESS WHEN THE DEVICES HAVE BEEN MOVED TO THE PUBLIC INTERNET. SENSITIVE DATA, ALONG WITH PRIVILEGED ACCESS ON THOSE SYSTEMS, ARE MORE EXPOSED THAN EVER BEFORE MAKING NEW TARGETS FOR CYBERCRIMINALS TO TAKE ADVANTAGE OF UNSUSPECTING VICTIMS TRUST OR CURIOSITY.

ORGANIZATIONS CAN REDUCE THE RISKS BY REMOVING OVERPRIVILEGED USERS, SUCH AS LOCAL ADMINISTRATORS OR POWER USERS ON SYSTEMS, BEFORE THEY GET MOVED TO UNSECURE HOME NETWORKS, THUS REDUCING THE RISK OF THOSE PRIVILEGED ACCOUNTS GETTING COMPROMISED.

USING THE PRINCIPLE OF LEAST PRIVILEGED WILL ALLOW EMPLOYEES TO CONTINUE DOING THEIR JOB STAYING PRODUCTIVE WHILE REDUCING THE RISKS OF ABUSING PRIVILEGES. COMBINING BOTH THE PRINCIPLE OF LEAST PRIVILEGED WITH PRIVILEGED ACCESS MANAGEMENT (PAM) WILL ALLOW A COMPANY TO NOT ONLY REDUCE THE THREATS FROM INSIDER ABUSE, BUT ALSO HAVE BETTER AUDITING ON WHO IS USING WHICH PRIVILEGED AND FOR WHAT. MONITORING PRIVILEGES REDUCES THE RISKS OF EMPLOYEES ABUSING THEIR PERMISSIONS AND ACCESS.

AS EMPLOYEES HAVE MOVED OUTSIDE THE COMPANY PERIMETER AND FIREWALL, THE CRITICALITY OF IDENTITY AND ACCESS MANAGEMENT (IAM) COMBINED WITH PRIVILEGED ACCESS MANAGEMENT, WILL HELP ORGANIZATIONS MAINTAIN A FULL AUDIT TRAIL.

ONCE AN AUDIT TRAIL IS DIFFICULT TO HIDE AN EMPLOYEE’S TRACKS, THEY WILL HAVE LESS MOTIVE FOR ABUSING PRIVILEGES AS THEY ARE UNABLE TO GET AWAY WITH THE CRIME. SOMETIMES ACCOUNTABILITY AND AUDITABILITY IS ENOUGH TO FORCE AN EMPLOYEE INTO NOT COMMITTING ANY CRIMINAL ACTIVITY RATHER THAN DETECTING IT.

TO KEEP BUSINESS OPERATIONS RUNNING CONTINUOUSLY, ORGANIZATIONS MAY RELY ON TECHNOLOGY THAT IS THE EASIEST TO USE AND OFFERS THE LOWEST BARRIER TO ENTRY. THE NUMBER ONE REMOTE WORK TOOL FOR WINDOWS PLATFORMS IS, OF COURSE, REMOTE DESKTOP PROTOCOL (RDP).

WHILE RDP ALLOWS EMPLOYEES TO QUICKLY AND NATIVELY ACCESS THEIR ORGANIZATION’S RESOURCES, IT IS NOT WITHOUT RISK – NOT JUST FROM OUTSIDE THREAT ACTORS, BUT FROM INSIDER THREATS AS WELL.

ONE OF THE FEATURES OF RDP IS THAT IT ENABLES A REMOTE USER TO COPY AND PASTE TO AND FROM THE REMOTE AND LOCAL MACHINE. A USER COULD REMOTELY CONNECT TO A COMPUTER IN THEIR ORGANIZATION AND SIMPLY COPY FILES FROM THE REMOTE MACHINE TO THEIR HOME MACHINE.

THE PROBLEM IS THAT THERE IS NO LOGGING FOR THESE TYPES OF ACTIVITIES, AND THERE ARE VERY FEW RESULTING FORENSIC ARTIFACTS. THIS IS A SERIOUS PROBLEM, SINCE THE ACT OF COPYING AND PASTING IS SO NATURAL; IT ALLOWS FOR DATA EXFILTRATION WITHOUT ANY ADDITIONAL TOOLS.

THE POTENTIAL FOR INSIDER THREAT ATTACKS HAS GROWN SIGNIFICANTLY DURING THE PANDEMIC. THIS IS LARGELY BECAUSE MANY ORGANIZATIONS DO NOT HAVE A MATURE REMOTE WORK POLICY. THERE IS NO SILVER BULLET TO PREVENT INSIDER THREATS, BUT ORGANIZATIONS CAN EMPLOY DEFENSE IN DEPTH TO PROVIDE THE BEST SECURITY POSTURE POSSIBLE. ORGANIZATIONS SHOULD IMPLEMENT CONTROLS AT EACH STEP IN THE REMOTE WORK PROCESS, STARTING FROM THE CONNECTION.

VPN SOLUTIONS USING MULTI-FACTOR AUTHENTICATION (MFA) SHOULD BE USED TO PROTECT THE POINT OF ACCESS. IF A COMPANY OPENS RDP TO THE PUBLIC WITHOUT ANY CONTROLS IN FRONT OF IT, THEY ARE SETTING THEMSELVES UP FOR FAILURE. MFA USED IN COMBINATION WITH A VPN CAN HELP PROTECT THE ACCOUNT FROM A BRUTE-FORCE OR CREDENTIAL REUSE ATTACK.

MANY COMPANIES ENFORCE SECURITY POLICY CHECKS WHEN CONNECTING VIA VPN, AND THAT HELPS PROTECT THE NETWORK FROM THE REMOTE USER’S COMPUTER. THINK OF IT AS A MINI SECURITY AUDIT THAT TAKES PLACE EVERY TIME AN EMPLOYEE CONNECTS TO THE VPN. THE REMOTE USER’S COMPUTER IS SCANNED FOR SECURITY PATCHES, VULNERABILITIES, AND ANY RUNNING SOFTWARE THAT MIGHT BE MALICIOUS. IF THE COMPUTER DOES NOT MEET THE SECURITY REQUIREMENTS, THE CONNECTION IS REFUSED.

IN ADDITION TO IMPLEMENTING MFA, IT IS VERY IMPORTANT TO LIMIT REMOTE ACCESS TO ONLY USERS WHO NEED IT. MANY ORGANIZATIONS MAY BE IN A SITUATION WHERE ALL WORKERS ARE CURRENTLY REMOTE AND REQUIRE ACCESS, BUT IT SHOULD REGULARLY AUDIT THEIR USER ACCOUNTS TO LIMIT ACCESS WHERE POSSIBLE.

ANOTHER SAFEGUARD IS IMPLEMENTING GEOBLOCKING TO REFUSE LOGON ATTEMPTS FROM COUNTRIES WHERE EMPLOYEES DO NOT NORMALLY CONNECT FROM. THIS SHOULD NOT ONLY APPLY TO THE REMOTE CONNECTION, BUT TO FILES, SERVERS, AND OTHER ASSETS IN THE ORGANIZATION. IF AN EMPLOYEE DOES NOT NEED ACCESS TO CRITICAL DATA, THEIR ACCOUNT SHOULD PERMISSIONS SHOULD REFLECT THAT.

ACTIVITY LOGGING SHOULD BE A PRIORITY FOR ORGANIZATIONS GOING REMOTE, BUT IT IS CRITICAL THAT THE LOGS ARE MONITORED AND REVIEWED; OTHERWISE, YOU’LL ONLY KNOW ABOUT AN INSIDER THREAT AFTER THE FACT. THE LOG DATA SHOULD NOT ONLY BE ANALYZED FROM AN IT PERSPECTIVE, BUT FROM A BEHAVIORAL PERSPECTIVE AS WELL. INSPECTING NETWORK TRAFFIC FOR SIGNS OF LARGE VOLUMES OF DATA BEING COPIED OR SUSPICIOUS APPLICATIONS AND PROTOCOLS IN USE IS A GOOD INDICATOR THAT SOMETHING ATYPICAL IS OCCURRING.

THE NUMBER OF CONNECTIONS AN EMPLOYEE MAKES IN A DAY CAN ALSO BE TELLING. IS AN EMPLOYEE SUDDENLY CONNECTING TO THE NETWORK AT OFF-HOURS AND ACCESSING SENSITIVE DATA? THOSE ACTIVITIES CALL FOR A DEEPER REVIEW.

ORGANIZATIONS NEED TO BE PROACTIVE IN ASSESSING THE IMPACT OF REMOTE WORK ON THEIR IT INFRASTRUCTURE. EARLY IDENTIFICATION OF ACCOUNTS, PERMISSIONS, SENSITIVE DATA LOCATIONS, AND THE CONTROLS IN USE GOES A LONG WAY IN DETERMINING THE IMPACT GOING REMOTE WILL HAVE ON AN ORGANIZATION. CONTINUOUS MONITORING AND ADDING CONTROLS WHERE NECESSARY CAN PREVENT INSIDER THREATS BEFORE THEY BEGIN.

TODAY, THERE’S A GROWING PROBLEM: DATA EXFILTRATION (ANY UNAUTHORIZED MOVEMENT OF DATA) THAT HAPPENS MORE QUICKLY THAN EVER. AND WITH THE RECENT RAPID AND URGENT SHIFT TO SUPPORT REMOTE WORKERS AT SCALE WE CAN EXPECT THIS WILL DRIVE AN EXPONENTIAL INCREASE IN DATA EXFILTRATION OPPORTUNITIES FOR BAD ACTORS.

DATA IS THE LIFEBLOOD OF YOUR BUSINESS. AS ARE YOUR EMPLOYEES. AND, TO STAY IN BUSINESS IN THE YEARS AHEAD IT HAS NEVER BEEN MORE IMPERATIVE TO EMPLOY SECURITY SOLUTIONS THAT PROTECT THE DIGITAL CROWN JEWELS AND THOSE THAT INTERACT WITH THIS CRITICAL IP. AND AS PART OF ANY GOOD DATA LOSS PREVENTION (DLP) PLAN THERE HAS TO BE A THOUGHTFUL SECURITY STRATEGY AS WELL AROUND GUARDING AGAINST INSIDER THREATS.

THIS IS BOTH A BACK-OFFICE AND FRONT OF HOUSE STRATEGY THAT INVOLVES DEPLOYING SECURITY SOLUTIONS THAT KNOW WHERE YOUR CRITICAL DATA RESIDES WITH THE CAPABILITY TO AUTOMATE SECURITY RESPONSE AS THE RISK LEVEL RELEVANT TO THE DIGITAL IDENTITY ACCESSING THAT DATA GOES UP OR DOWN.

AND, EMPLOYEES CAN BE YOUR STRONGEST FRONT LINE SECURITY DEFENSE WITH EDUCATION AND ACTIVE SECURITY HYGIENE REINFORCEMENT, WHICH IS EVEN MORE CRITICAL AS THE MAJORITY OF WORKFORCES MOVE REMOTE.

CLOUD USAGE, IN PARTICULAR, INCREASES THE RISK OF INSIDER THREATS, AS MOST COMPANIES BELIEVE THAT DETECTING INSIDER ATTACKS IS HARDER IN THE CLOUD THAN ON-LOCATION

EMPLOYEES WORKING REMOTELY USE A HOST OF CLOUD APPLICATIONS TO EXCHANGE DATA, INCLUDING SENSITIVE DATA, AND THEY COULD MISPLACE THE DATA IN INSECURE LOCATIONS, LEADING TO COMPLIANCE VIOLATIONS. FOR EXAMPLE, SHARING SENSITIVE DATA VIA ZOOM – AN INCREASINGLY POPULAR APPLICATION FOR TELECOMMUNICATION – WILL RESULT IN DATA SHARING ACROSS WITH A HIGH RISK OF UNAUTHORISED ACCESS.

EMPLOYEES WORKING REMOTELY OFTEN WORK FROM THEIR PERSONAL DEVICES WHICH ARE NOT MONITORED BY THE CORPORATE IT TEAM, AND ARE MORE PRONE TO DATA SECURITY BREACHES THAN THEIR SECURED CORPORATE DEVICES.

PERSONAL DEVICES ARE OFTEN VULNERABLE TO CYBER THREATS BY ACTING AS ENTRY POINTS. ONCE AN ATTACKER HAS AN ENTRY IN THE EMPLOYEE’S DEVICE, THEY LITERALLY HAVE THE “REMOTE CONTROL” AND CAN MONITOR AND LEVERAGE ANY OUTBOUND CONNECTIONS FROM THIS. THEY CAN GAIN ACCESS TO ALL CLOUD SERVICES THE USER CONNECTS TO OR EVEN TO THE ON-PREMISE CORPORATE NETWORK, AS SOON AS THE EMPLOYEE ESTABLISHES A VPN CONNECTION OR A REMOTE SESSION TO ANY INTERNAL SERVERS.

AN ORGANISATION SHOULD IDEALLY DEVELOP A PROPER SECURITY POLICY WITH A FOCUS ON CLOUD SECURITY, BEFORE ASKING ITS EMPLOYEES TO WORK REMOTELY. THE POLICY SHOULD ENSURE THAT ALL PERMISSIONS TO STORAGES WITH SENSITIVE DATA ARE GRANTED ON A ‘NEED-TO-ACCESS’ BASIS TO EMPLOYEES TO ACCESS THE INFORMATION THEY DO NOT NEED TO DO THEIR JOB.

IN ADDITION, IT IS IMPORTANT TO ESTABLISH EFFECTIVE AND EFFICIENT ACCESS CONTROLS AND IDENTITY VERIFICATION METHODS SUCH AS MULTI-LAYERED AUTHENTICATION, THIS WILL PROTECT THE SENSITIVE DATA IN THE CLOUD FROM UNAUTHORISED ACCESS.

FINALLY, TRAINING OF EMPLOYEES ON THE ‘DOS’ AND ‘DON’TS’ OF THE CLOUD IS IMPORTANT, FROM THE PRINCIPLES OF DEALING WITH SENSITIVE CLOUD DATA TO INSTRUCTIONS FOR PATCHING AND SECURING THEIR PERSONAL DEVICES.

KNOWING WHERE THE SENSITIVE DATA RESIDES IN THE CLOUD IS CRITICAL FOR THE ORGANISATION. THIS IS EXTREMELY CHALLENGING AS MODERN ORGANISATIONS USE MULTIPLE CLOUD SERVICES.

ACCORDING TO A STUDY, MCAFEE HAS ESTIMATED THAT AN AVERAGE ENTERPRISE USES AROUND 1,427 DISTINCT CLOUD SERVICES AND AN AVERAGE EMPLOYEE USES 36 CLOUD SERVICES AT WORK ACTIVELY. THE HIGHER THE NUMBER OF CLOUD SERVICES EMPLOYEES USE, THE HIGHER THE CHALLENGE IT IS FOR AN ORGANISATION TO TRACK THE HANDLING OF DATA.

THERE IS AN INCREASED RISK OF MISPLACING SENSITIVE DATA AND THE BAD PR AND COMPLIANCE ISSUES THAT COME WITH IT. TO REDUCE DATA EXPOSURE, IT IS CRITICAL TO DEPLOY TECHNOLOGIES THAT AUTOMATICALLY DISCOVER SENSITIVE DATA ACROSS MULTIPLE CLOUD SERVICES AND CLASSIFY BASED ON SENSITIVITY ON AN ONGOING BASIS.

CLOUD DATA IS PRONE TO A BROAD RANGE OF THREATS FOR DATA EXFILTRATION BY EMPLOYEES, IT IS EXTREMELY IMPORTANT FOR AN ORGANISATION TO DETECT SUCH CASES IN AN EFFICIENT MANNER. DETECTING WHETHER IT IS THE MALWARE TRYING TO GET INTO THE CORPORATE NETWORK, OR AN EMPLOYEE TRYING TO STEAL THE CUSTOMER DATABASE?

ALL THESE CLOUD COMPUTING SECURITY RISKS ARE ACCOMPANIED BY VARIABILITY IN USER ACTIVITY. HENCE, IF AN ORGANISATION USES CLOUD COMPUTING AND CLOUD STORAGE, IT IS IMPORTANT TO HAVE TOOLS OR TECHNOLOGIES THAT CAN TRACK USER BEHAVIOUR (UBA) AND DETECT DEVIATIONS FROM NORMAL USER BEHAVIOUR AND ALERT THE IT SECURITY TEAM ABOUT POTENTIAL THREATS.

EXAMPLES OF ANOMALIES THAT INDICATE A THREAT INCLUDE ABNORMAL LOGIN ATTEMPTS – TO LOG ON FROM MULTIPLE DEVICES, MULTIPLE SUBSEQUENT LOGINS IN A SHORT DURATION, AND A VERY HIGH NUMBER OF LOGIN FAILURES; OR DIFFERENCE IN DATA ACCESS PATTERNS FROM ONE USER TO ITS PEERS.

IT IS IMPORTANT TO NOTE THE SHIFT FROM OFFICE TO REMOTE WORK WILL PROBABLY CAUSE CHANGES IN USERS’ ACCESS PATTERNS. BUSINESSES CAN EXPECT A HIGHER NUMBER OF FALSE POSITIVES FROM MACHINE LEARNING-BASED BEHAVIOUR AND ANOMALY DETECTION SOLUTIONS IN THE FIRST FEW WEEKS.

THIS IS IN NO WAY AN EXHAUSTIVE LIST OF MEASURES, BUT IT IS A GUIDE THAT CAN HELP ORGANISATIONS REDUCE INSIDER THREATS IN THE CLOUD DURING ‘THE WORLD’S LARGEST WORK-FROM-HOME EXPERIMENT WHICH IS OW HERE TO STAY

CLOUD AND SAAS ADOPTION IS NOW MORE IMPORTANT THAN EVER. THE SAAS PROVIDER IS RESPONSIBLE FOR SECURING THE PLATFORM, NETWORK, APPLICATIONS, OPERATING SYSTEM, AND PHYSICAL INFRASTRUCTURE. HOWEVER, PROVIDERS ARE NOT RESPONSIBLE FOR SECURING CUSTOMER DATA OR USER ACCESS TO IT. SOME PROVIDERS OFFER A BARE MINIMUM OF SECURITY, WHILE OTHERS OFFER A WIDE RANGE OF SAAS SECURITY OPTIONS.

DATA ENCRYPTION PROTECTS BOTH DATA AT REST (IN STORAGE) AND DATA IN TRANSIT BETWEEN THE END USER AND THE CLOUD OR BETWEEN CLOUD APPLICATIONS.

GOVERNMENT REGULATIONS USUALLY REQUIRE ENCRYPTION OF SENSITIVE DATA. SENSITIVE DATA INCLUDES FINANCIAL INFORMATION, HEALTHCARE DATA, AND PERSONALLY IDENTIFIABLE INFORMATION (PII). WHILE A SAAS VENDOR MAY PROVIDE SOME TYPE OF ENCRYPTION, AN ORGANIZATION CAN ENHANCE DATA SECURITY BY APPLYING ITS OWN ENCRYPTION, SUCH AS BY IMPLEMENTING A CLOUD ACCESS SECURITY BROKER (CASB).

TO BE MORE SECURE, EMPLOYERS SHOULD THINK IN TERMS OF HOW INFORMATION FLOWS OVER THE INTERNET FROM EMPLOYEE TO EMPLOYEE, EMPLOYEE TO CUSTOMER, MACHINE TO MACHINE, SYSTEM TO SYSTEM THROUGHOUT THE COMMUNICATIONS PROCESS. THE INFORMATION NEEDS TO BE SECURED FROM THE TIME OF THE EMPLOYEE’S KEYBOARD STROKES, UP THE INFORMATION STACK, TO THE APPLICATIONS AND BROWSER.

AN EMPLOYER MUST HAVE CONFIDENCE THAT THE INFORMATION WILL BE SECURELY EXCHANGED BETWEEN THE REMOTE WORKSTATIONS/MOBILE DEVICES AND SERVERS AND OTHER COMPUTERS, USING DIFFERENT PROTOCOLS AND SYSTEMS, OVER THE INTERNET.

UNLESS YOU HAVE COMPREHENSIVELY CONSIDERED THE PARTICULAR JOB RESPONSIBILITIES OF EACH REMOTE JOB TITLE, THE TYPES AND SENSITIVITY OF INFORMATION HANDLED, THE METHODS OF REMOTELY ACCOMPLISHING TASKS AND THE CONNECTED HARDWARE AND SYSTEMS, AND HOW THEY ALL INTERACT AND WILL BE PROTECTED ON A DAILY BASIS, YOU ARE MISSING SOMETHING.

AND IF YOU ARE MISSING SOMETHING, YOU ARE MISSING EVERYTHING BECAUSE ONE HOLE IN YOUR DEFENSES IS ALL THAT A HACKER NEEDS TO DEPLOY A DEVASTATING EXPLOIT.

MULTI-FACTOR AUTHENTICATION (MFA) SHOULD BE THE DEFAULT METHOD FOR AUTHENTICATION FOR REMOTE HOME-BASED ROLES WITH ACCESS TO SENSITIVE OR PROTECTED INFORMATION. THE SAME HOLDS TRUE FOR REMOTE SYSTEM OR SERVER MAINTENANCE.

IF YOUR SYSTEM ADMINISTRATORS WILL BE ROUTINELY PERFORMING REMOTE MAINTENANCE USING REMOTE DESKTOP PROTOCOL (RDP) OR HAVE REMOTE ACCESS TO OTHER PRIVILEGED ACCOUNTS, MULTI-FACTOR AUTHENTICATION SHOULD BE THE DEFAULT AUTHENTICATION METHOD.

SIMILARLY, IF MORE DEVICES IN YOUR ORGANIZATION ARE NOW OPENING RDP TO THE INTERNET BECAUSE OF THE INCREASE IN REMOTE WORK, SECURE YOUR RDP.

ORGANIZATIONS SHOULD LIMIT ACCESS TO ITS SYSTEMS TO ONLY AUTHORIZED DEVICES. FOR EXAMPLE, ARE REMOTE EMPLOYEES PERMITTED TO CONNECT TO ORGANIZATIONAL RESOURCES USING THEIR PERSONAL COMPUTERS OR BY COMPANY COMPUTERS OR BOTH?

THERE ARE VASTLY DIFFERENT CYBER RISKS WITH EACH MODE OF DEVICE ACCESS. HAVE YOU FULLY CONSIDERED THE RISKS OF AN EMPLOYEE WHO ROUTINELY HANDLES SENSITIVE INFORMATION CONNECTING TO YOUR NETWORK THOUGH A PERSONAL COMPUTER, IF YOU LACK THE ABILITY TO SCAN THE SECURITY POSTURE OF HIS OR HER COMPUTER?

IF AN EMPLOYEE CAN USE AN UNKNOWN PERSONAL DEVICE TO CONNECT TO THE ORGANIZATION’S NETWORK, YOU MAY LACK VISIBILITY INTO THE DEVICE’S SECURITY UNLESS YOU INSTITUTE TECHNICAL MEASURES TO AUTHENTICATE THE DEVICE AND ADDRESS THOSE RISKS BEFORE NETWORK ACCESS IS PERMITTED.

ORGANIZATIONS MAY WANT TO CONSIDER IMPLEMENTING A MOBILE DEVICE MANAGEMENT SOLUTION, NETWORK ACCESS CONTROL APPLIANCE OR OTHER TECHNICAL TOOLS TO MITIGATE THESE RISKS.

EMPLOYEES MAY ACCESS WEB-BASED RESOURCES THROUGH CREDENTIALS THAT DO NOT REQUIRE A CONNECTION THROUGH THE ORGANIZATION’S NETWORK, BUT RATHER BY DIRECTLY ACCESSING THE HOSTING WEBSITE.

HAVE YOU ADDRESSED THE RISKS OF PERMITTING EMPLOYEES TO CONNECT DIRECTLY TO CLOUD BASED RESOURCES OUTSIDE OF YOUR NETWORK FROM THEIR HOMES? IF SO, HAVE YOU CONSIDERED THE SENSITIVITY OF THE INFORMATION THEY HAVE ACCESS TO AND HOW TO EFFECTIVELY MONITOR THIS ACCESS?

WHAT LOGGING CONFIGURATION DOES THE HOSTED SERVICES PERMIT, AND HAVE YOU IMPLEMENTED A LOGGING AND MONITORING PLAN THAT IS SUPPORTED BY RIGOROUS PERSONNEL POLICIES THAT PROVIDE NOTICE TO EMPLOYEES OF THE MONITORING?

EFFECTIVE MONITORING IS CRITICALLY IMPORTANT TO BE ABLE TO DETECT AND RESPOND TO A BREACH OF SECURITY INVOLVING A REMOTE USER WITH DIRECT WEB BASED ACCESS. GIVEN THE RISKS, EMPLOYERS MAY WANT TO CONSIDER REGULATING, SCREENING AND PROTECTING THIS TRAFFIC, USING A SECURE INTERNET GATEWAY OR OTHER TECHNICAL TOOLS.

MAKE SURE YOUR VPN IS AND REMAINS PATCHED, UPDATED, AND CONFIGURED USING SECURE BASELINES.

AS WITH ANY PATCHING AND SECURE CONFIGURATION PROCESS, THERE SHOULD BE A WRITTEN POLICY AND PROCEDURE THAT IS ENFORCED AND AUDITED. ALSO, CONSIDER ELIMINATING “SPLIT TUNNELING” – WHERE EMPLOYEES CAN ACCESS THEIR HOME PRINTERS AND OTHER RESOURCES, WHICH MAY CREATE A GREATER RISK OF COMPROMISE.

TO ADDRESS THE INSIDER THREAT OF REMOTE WORKERS STEALING OR KEEPING SENSITIVE DATA AFTER THEY LEARN OF THEIR EMPLOYMENT TERMINATION, AN ORGANIZATION SHOULD HAVE WRITTEN PROCEDURES THAT ENSURE THAT SYSTEM ACCESS IS CUT OFF AT OR BEFORE THE TIME OF TERMINATION AS A DEFAULT.

REMOTE WORKERS SHOULD BE SIGNING STRONG CONFIDENTIALITY AND ACCEPTABLE USE AGREEMENTS THAT PROVIDE FOR THE PRESERVATION, SAFEGUARDING AND RETURN OF COMPANY MATERIAL, AND SANCTIONS FOR FAILURE TO DO SO.

A FORMALIZED INSIDER THREAT PROGRAM TO INCLUDE REMOTE WORKER SECURITY ISSUES SHOULD BE A PART OF ANY EFFECTIVE INFORMATION SECURITY MANAGEMENT PROGRAM.

BUSINESSES NEED TO ENSURE THAT SECURITY IS BUILT INTO CLOUD ENVIRONMENTS FROM THE START AND CONTINUALLY REEVALUATED TO MEET EVOLVING DEMANDS.

YOU NEED TOOLS TO DETECT AND ADDRESS IN-CLOUD THREATS QUICKLY. SOME SERVICES ALLOW YOU TO INTEGRATE YOUR EXISTING SECURITY TOOLS FOR DEEPER INSIGHTS INTO THREATS ACROSS HYBRID MULTICLOUD ENVIRONMENTS.

THIS ALLOWS SECURITY TEAMS TO SEARCH FOR THREATS AND ORCHESTRATE RESPONSE WITH AUTOMATED ACTIONS QUICKLY — AND WITHOUT MOVING THE UNDERLYING DATA.

Capt. Ajit VadakayilMay 9, 2020 at 10:45 PM

https://www.moneycontrol.com/news/trends/amuls-video-diary-on-pm-modis-milestones-goes-viral-4453571.html

ALL FOREIGN LEADERS LIKE TRUMP/ PUTIN/ BORIS JOHNSON PLEASE NOTE..

NEXT TIME WHEN MODI COMES RUNNING TO YOU TO HUG YOU REMEMBER THIS MESSAGE BELOW..

#####################################

AMUL KEEPS PRAISING MODI ..

AMUL IS THE BRAND NAME OF GUJARAT MILK MARKETING FEDERATION.. MODI IS A GUJARATI, WHO WORE ROTHSCHILD SPONSORED SIKH TURBAN IN 1976 FOR GETTING BACK ROTHSCHILDs BANKS WHICH INDIRA GANDHI NATIONALISED ..

55 YEARS AGO JEW ROTHSCHILD USED A JEW FROM MY HOMETOWN CALICUT, VERGHESE KURIAN TO CONDUCT THE "WHITE REVOLUTION"..

THIS CONSPIRACY WAS TO SWITCH OUR PRICELESS INDIAN HUMPED COWS ( WHOM HINDUS WORSHIP AS GODS ) TO "WORSE THAN PIGS" HUMPLESS JERSEY/ HOLSTEIN HUMPLESS COWS ..

OUR HUMPED BULLS WERE DECIMATED.. IN MY HOME STATE KERALA , IF YOU OWNED A HUMPED COW THE LAW WAS, YOU WILL BE JAILED..

IN EVERY INDIAN HINDU HOUSEHOLD, WOMEN GOT UP IN THE MORNING, TOUCHED THE HUMP OF A BULL ( NANDI ) AND PRAYED TO SHIVA.. IT WAS AKIN TO A TEMPLE IN YOUR OWN HOME..

http://ajitvadakayil.blogspot.com/2014/01/nandi-bull-vahana-and-gatekeeper-of.html

HUMPED COW GAVE PRICELESS A1 MILK.. AT LESSER QUANTITIES THAN THE WESTERN HUMPLESS COW WHICH GAVE HUGE QUANTITIES OF TOXIC A1 MILK, WHICH CAUSED 85% DISEASES ..

EVEN A BARREN HUMPED COW WAS PRICELESS, AS ITS URINE WAS MONOATOMIC GOLD COLLOID LADEN.. IT WAS/ IS THIS PLANETs ONLY ANTIBIOTIC WITHOUT SIDE EFFECTS ..

EVEN DURING THIS CORONAVIRUS AGE, A TEA SPOON OF HUMPED COW URINE ( DRUNK WITHIN 120 SECONDS OF EJECTION ) PROTECTS AND CURES YOU FROM CORONAVIRUS..

AS SOON AS I PENNED THE POST-- GOOGLE, A TOOL OF THE JEWISH DEEP STATE DELETED MY BLOG POST..

https://ajitvadakayil.blogspot.com/2020/04/google-deleted-my-valuable-post-on.html

HUMPED COW DUNG IS SWEET SMELLING, COVERED BY A SHINY VENEER OF ENZYMES WHICH PREVENTED FLIES .. THIS WAS OUR GREAT ORGANIC FERTILIZER FOR MILLENNIUMS ..

THE FATHER OF THE "GREEN REVOLUTION" CONVERTED OUR ORGANIC FARMING INTO INORGANIC FARMING.. WHERE WE WERE FORCED TO USE CHEMICAL FERTILIZERS DECIMATING OUR HUMUS LADEN TOP SOIL..

FOR MILLIONS OF YEARS WE HAD PRISTINE LAKES AND RIVERS.. IN A MERE 55 YEARS WE LOST 95% OF OUR LAKES ..

OUR TOP SOIL WHICH WAS SIX FEET DEEP IS NOW A MERE COUPLE OF INCHES.. KOSHER PHARMA LAUGHED ALL THE WAY TO THE BANK..

INDIA IS THE PLANETs NO 1 BEEF EXPORTER.. DESPITE CHAMPION OF HINDUS MODI ( SIC ) RULING FOR SIX YEARS..

WHY?

BECAUSE HUMPLESS WESTERN COW MEAT IS TOXIC..

http://ajitvadakayil.blogspot.com/2013/12/shocking-legacy-of-mad-cow-disease-capt.html

MODIs CREATION "AMUL" MILK , THE BRAND NAME OF GUJARAT MILK MARKETING FEDERATION ADULTERATES MILK, WHICH HAS CAUSED THE DEATHS OF HUNDREDS OF THOUSANDS OF INDIAN BABIES..

HERE MELAMINE IS ADDED TO MILK TO HOODWINK THE NITROGEN BASED LAB TEST..

MELAMINE INCREASES THE NITROGEN CONTENT OF MILK.. THIS SHOWS UP AS HIGHER PROTEIN IN USELESS WATERY SKIMMED MILK ..

WHEN CAPT AJIT VADAKAYIL COMPLAINED TO MODIs GOVT -- THE HAUGHTY RESPONSE WAS "REJECTED"..

READ THE POST BELOW--

https://ajitvadakayil.blogspot.com/2020/05/warnings-issued-to-amul-milk-marketing.html

SO TRUMP/ PUTIN ETC -- ALL WORLD LEADERS , LISTEN UP..

NEXT TIME SHAMELESS MODI RUSHES IN TO HUG YOU, I LEAVE IT TO YOUR GOOD CONSCIENCE WHETHER TO HUG HIM OR KICK HIM AWAY ..

AND EVEN IF YOU DONT KICK HIM AWAY, BE SURE CAPT AJIT VADAKAYIL WILL WRITE MODIs LEGACY..

I AM REDUCED TO THIS.. I NOW MUST TAKE A BATH..

capt ajit vadakayil
..

Capt. Ajit VadakayilMay 9, 2020 at 10:52 PM
PUT ABOVE COMMENT IN WEBSITES OF—
RS SODHI
GSG AIYYANGAR
AMUL – HQ AND ALL OUTLETS
ALL MILK MARKETING FEDERATIONS OF INDIA
FSSAI HQ AND ALL STATE OUTLETS
BILL GATES AND MELINDA GATES
DR JUDY MIKOVITS
DR SHIVA AYYADURAI
PRINCE CHARLES
QUEEN OF ENGLAND
WHO CHIEF TEDROS ADHANOM GHEBREYESUS
WHO
US CDC
US CDC CHIEF
GATES FOUNDATION
DR ANTONY FAUCI
DR SANJAY GUPTA
TRUMP
PUTIN
BORIS JOHNSON
MACRON
ANGELA MERKEL
XI
AMBASSADORS TO FROM USA/ RUSSIA/ UK/ FRANCE / GERMANY
EDITOR GLOBAL TIMES HU XIJIN
RULERS OF ALL MAJOR NATIONS AND THEIR AMBASSADORS
PMO
PM MODI
AMIT SHAH
HOME MINISTRY CENTRE/ STATES
CJI BOBDE
ATTORNEY GENERAL
LAW MINISTER PRASAD / MINISTRY CENTRE AND STATES
ALL CHIEF JUSTICES HIGH COURTS
I&B MINISTER / MINISTRY
NSA
AJIT DOVAL
RAW
IB
CBI
NIA
ED
ALL DGPs OF INDIA
ALL IGs OF INDIA
ALL CMs OF INDIA
ALL MLAs OF INDIA
ALL MPs OF INDIA
ALL COLLECTORS OF MAJOR CITIES
ALL STATE GOVERNORS
PRESIDENT OF INDIA
VP OF INDIA
SPEAKER LOK SABHA
SPEAKER RAJYA SABHA
ALL INDIAN THINK TANKS
NITI AYOG
AMITABH KANT
SAUMYA SWAMNATHAN
HEALTH MINISTER/ MINISTRY CENTRE AND STATES
FOOD PROCESSING MINISTER/ MINISTRY CENTRE AND STATES
MOHANDAS PAI
RAJEEV CHANDRASHEKHAR
E SREEDHARAN
WILLIAM DALRYMPLE
KONRAED ELST
FRANCOIS GAUTIER
STEPHEN KNAPP
DAVID FRAWLEY
GVL NARASIMHA RAO
SAMBIT PATRA
ASHOK PANDIT
ANUPAM KHER
KANGANA RANAUT
VIVEK AGNIHOTRI
MEENAKSHI LEKHI
SMRITI IRANI
PRASOON JOSHI
SWAPAN DASGUPTA
MADHU KISHWAR
SUDHIR CHAUDHARY
GEN GD BAKSHI
RSN SINGH
ARNAB GOSWAMI
NAVIKA KUMAR
ANAND NARASIMHAN
RAHUL SHIVSHANKAR
RAJDEEP SARDESAI
SRINIVASAN JAIN
SONAL MEHROTRA KAPOOR
VIKRAM CHANDRA
NIDHI RAZDAN
ZAKKA JACOB
RAHUL ANWAL
RAVISH KUMAR
PRANNOY JAMES ROY
AROON PURIE
VINEET JAIN
RAGHAV BAHL
SEEMA CHISTI
DILEEP PADGOANKAR
VIR SANGHVI
KARAN THAPAR
PRITISH NANDI
ASHISH NANDI
SHEKHAR GUPTA
SIDHARTH VARADARAJAN
PAVAN VARMA
RAMACHANDRA GUHA
THAMBI SUNDAR PICHAI
SATYA NADELLA
CEO OF WIKIPEDIA
QUORA CEO ANGELO D ADAMS
QUORA MODERATION TEAM
KURT OF QUORA
GAUTAM SHEWAKRAMANI
MUKESH AMBANI
RATAN TATA
ANAND MAHINDRA
KUMARAMANGALAMBIRLA
LAXMI MNARAYAN MITTAL
AZIM PREMJI
KAANIYA MURTHY
RAHUL BAJAJ
RAJAN RAHEJA
NAVEEN JINDAL
GOPICHAND HINDUJA
DILIP SHANGHVI
GAUTAM ADANI
SWAMY
RAJIV MALHOTRA
P GURUS
RSS
AVBP
VHP
MOHAN BHAGWAT
RAM MADHAV
MOHANLAL
SURESH GOPI
NALIN KOHLI.
UDDHAV THACKREY
RAJ THACKREY
CHANDAN MITRA
SADGURU JAGGI VASUDEV
BABA RAMDEV
SRI SRI RAVISHANKAR
CHETAN BHAGAT
AMISH TRIPATHI
DEVDUTT PATTANAIK
THE QUINT
THE SCROLL
THE WIRE
THE PRINT
MK VENU
MADHU TREHAN
SANJAY HEDGE
SHOBHAA DE
ARUNDHATI ROY
MADHU TREHAN
JAIRAM RAMESH
SHASHI THAROOR
KAPIL SIBAL
ABHI SEX MAANGTHA SINGVI
TEHSEEN POONAWAALA
SHEHZAD POONAWALA
SANJAY JHA
SURJEWALA
AK ANTONY
SONIA GANDHI
RAHUL GANDHI
PRIYANKA VADRA
AK ANTONY
PC CHACKO
JEAN DREZE
DIG VIJAY SINGH
JULIO RIBEIRO
ASADDUDIN OWAISI
SHEHLA RASHID
RANA AYYUB
SUHEL SETH
SHAZIA ILMI
MANI SHANGARAN AIYERAN
SALMAN KHURSHEED
GHULAM NABI AZAD
ENTIRE BBC GANG
SWARA BHASKAR
ALL HINDU STALWARTS AND ORGS
ROMILA THAPAR
IRFAN HABIB
NIVEDITA MENON
AYESHA KIDWAI
MAJOR WORLD MEDIA
HISTORY CHANNEL
DAVID HATCHER CHILDRESS
SONIA GANDHI
RAHUL GANDHI
PRIYANKA VADRA
SOLI BABY
FALI BABY
KATJU BABY
SALVE BABY
JOHN BRITTAS
PRAKASH KARAT
BRINDA KARAT
SITARAM YECHURY
D RAJA
ALEX JONES
RENSE
DAVID ICKE
ANGELO JOHN GAGE
DEEPAK CHOPRA
ROBIN SHARMA
TAREK FATEH
ALL INDIAN MEDIA
GITA GOPINATH
AMARTYA SEN
RAGHURAM RAJAN
SPREAD ON SOCIAL MEDIA--

Capt. Ajit VadakayilMay 5, 2020 at 8:42 PM

CLOSET COMMIE ARNAB GOSWAMI OF REPUBLIC TV HAS BEEN WARNED AGAIN AND AGAIN BY CAPT AJIT VADAKAYIL..

DO NOT SHOW FALSE STATISTICS TO SHOW INDIA IN POOR LIGHT.

EXAMPLE: JUST NOW HE SHOWED INDIA’ CORONAVIRUS DEATHS AS A PERCENTAGE OF THE TOTAL DEATHS..

ANY RETARDED SCHOOL CHILD WHO COMES AT THE BOTTOM OF HIS CLASS KNOWS THAT THIS IS A WRONG WAY TO SHOW THINGS..

INDIA HAS 1350 MILLION PEOPLE.

YOU HAVE TO HOW DEATHS AS A PERCENTAGE OF THE “POPULATION”..

FOR EXAMPLE IN THE LINK BELOW—

https://www.worldometers.info/coronavirus/

CHECK OUT THE COLUMN , THIRD FROM THE RIGHT.. THIS IS THE CORRECT WAY.

INDIA’ DEATHS PER MILLION OF “POPULATION” ( NOT TOTAL WORLDWIDE “DEATHS” ) IS VERY LOW, A MERE 1.0 , WITH TOTAL DEATHS 1571..

BELGIUM ON THE OTHER HAND IS A HIGH 692 WITH TOTAL DEATHS 8016. ( TOTAL DEATHS ON THE PLANET IS 253404)

NATIONS SHOWING LESS THAN INDIA ARE TOO SMALL OR ARE UNDERDEVELOPED NATIONS MISREPRESENTING THE COUNT, AS THEY DON’T HAVE A CENTRAL SYSTEM.

OUR INDIAN JOURNALISTS ( LIKE OUR JUDGES ) ARE THE WORST ON THIS PLANT.. I HAVE SEEN THIS PLANT FOR 40 YEARS.

INDIA IS SHOWN AS A RAPIST/ PEDOPHILE / HOMOSEXUAL NATION BY FALSE STATISTICS—UNFIT TO BE IN UNSC.

IN REALITY—
INDIA HAS THE LOWEST ( BY PERCENTAGE OF POPULATION ) RAPES / MOLESTATION/ MURDERS / CRIMES/ LOSS OF VIRGINITY BEFORE MARRIAGE/ DIVORCES/ HOMOSEXUALS / PEDOPHILES / PROSTITUTES/ CARBON EMISSIONS/ CONSUMPTION OF ELECTRICITY / FUEL CONSUMPTION / UNHAPPINESS/ DRUG-ALCOHOL ADDICTIONS / DYSFUNCTIONAL FAMILY/ PARENTS DISCARDED IN OLD AGE HOMES / MENTAL PROBLEMS/ CRIPPLES/ SERIOUS DISEASES / INFERTILITY / LACK OF RESPECT FOR WOMEN – PARENTS / HUNGER / DEBT PER CAPITA / WIFE BEATING / IMPOTENCY ETC ETC..

WE HAVE 1350 BILLION PEOPLE..

ARNAB GOSWAMI..CLOSET COMMIE… TRAITOR.. .HERE IS SOME FACE LOTION FOR YOU …
AAAARRRGGHHH PPPTTHHEEEOOOYYY ..

capt ajit vadakayil
..

Capt. Ajit VadakayilApril 2, 2020 at 12:59 AM

GOOGLE/ QUORA/ TWITTER/ FACEBOOK ALLOWS PAKISTANI ISI MUSLIM AGENTS WITH HINDU NAMES TO ABUSE INDIAN AND HINDU GODS..

BUT IF A DESH BHAKT HINDU / INDIAN TRIES TO REPUDIATE OR EXPOSTULATE JEWISH DEEP STATE TOOLS GOOGLE/ QUORA/ TWITTER/ FACEBOOK SINKS IT ON THE INTERNET OR DELETES IT..

THIS BLOGSITE HAS COMPLAINED TO PM MODI/ PMO/ I&B MINISTER JAVEDEKAR/ LAW MINISTER / RSS ETC MORE THAN 100 TIMES. NOBODY CARES..
#####################
EXAMPLE AAA--

IF YOU GOOGLE FOR " AGHORIS , THE CORPSE EATERS OF INDIA - CAPT AJIT VADAKAYIL "

NOTHING COMES UP ..

BUT IF YOU GOOGLE FOR THE LINK, MY POST COMES UP..

http://ajitvadakayil.blogspot.com/2014/09/aghoris-corpse-eaters-of-india-capt.html

#############

BBB- IF YOU GOOGLE FOR :---google for my post below--

" REPEATED BLASPHEMY AGAINST HINDU GODS BY QUORA CEO ADAM D ANGELO, FOR WHICH PUNISHMENT UNDER INDIAN LAW IS LONG TERM IMPRISONMENT "

NOTHING COMES UP....

BUT IF YOU GOOGLE FOR THE LINK, IT SHOW UP

https://ajitvadakayil.blogspot.com/2019/04/repeated-blasphemy-against-hindu-gods_9.html

#######################

WE WONDER WHO THE PEOPLE RULING INDIA ARE ? ARE THEY TRAITORS IN FOREGN PAYROLL?

WE KNOW THAT THE FIRST PMO BOSS MO MATHAI WAS A CIA AGENT...

WE KNOW PM MORARJI DESAI WAS A CIA AGENT , WHO WAS GIVEN PAKISTANI RATNA AWARD FOR GIVING AWAY THE NAMES AND ADDRESSES OF RAW AGENTS INSIDE PAKISTAN....

WE KNOW PM MODI WORE A MOSSAD SPONSORED SIKH TURBAN IN 1976..

WE WATCH..

Capt ajit vadakayil
..

http://ajitvadakayil.blogspot.com/2013/03/pyaasa-hindi-movie-review-of-1957-capt_20.html

Capt. Ajit VadakayilMay 9, 2020 at 4:32 PM

https://ajitvadakayil.blogspot.com/2020/05/thiyyas-of-kerala-are-not-ezhavas-capt.html

ALL IN KERALA LISTEN UP..

THIYYAS OF KERALA REFUSE TO BE PUT IN THE SAME BUCKET AS EZHAVAS..

THIS IS FINAL !

capt ajit vadakayil
..

Capt. Ajit VadakayilMay 11, 2020 at 4:40 AM

COMMENTS IN THIS POST IS NOW CLOSED..

MAKE FURTHER COMMENTS IN THE POST BELOW--

https://ajitvadakayil.blogspot.com/2020/05/warnings-issued-to-amul-milk-marketing.html

CAPT AJIT VADAKAYIL
..

WHAT ARTIFICIAL INTELLIGENCE CANNOT DO , a grim note to the top 100 intellectuals of this planet , Part 19 - Capt Ajit Vadakayil

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112