Arraya Insights

August 16, 2018 by Arraya Insights

Heads up: Does your organization accept credit card payments by phone? If so, you may fall under the purview of a new set of data privacy regulations. On June 30, the Payment Card Industry (PCI) Standards Council officially rolled out its Data Security Standard (DSS). As part of PCI DSS compliance, organizations must phase out SSL and TLS 1.0 and replace them with more secure protocol. However, complying with that requirement could kick off a string of upgrades to your communication environment.

Before we get into what that upgrade chain could look like, first let’s take a closer view of PCI DSS. It consists of 12 baseline directives and mandates data security and privacy best practices for merchants, card issuers, and any other “payment service providers.” PCI DSS applies to businesses that store, process, or transmit cardholder data and/or payments. Failure to comply with PCI DSS could lead to penalties of anywhere from $5,000 to $100,000 per month.

In order to avoid those stiff noncompliance penalties, organizations will need to take swift action throughout their communication environment. Let’s run through a few Cisco communication and collaboration solutions affected by PCI DSS compliance – and some possible upgrade paths.

Cisco Voice Endpoints – Businesses still leaning on legacy Cisco phones, including the 3900, 6900, and 9900, have two ways to ensure PCI DSS compliance . The most straightforward method is upgrading to modern endpoints (ex. 7800, 8800). If upgrading isn’t an option, you could also choose to disable the HTTPS interfaces on legacy devices. This is complex and it will result in a loss of features for reconfigured devices, but it is an option. Note: Select phones from the 7900 series (7902, 7912, 7935, etc.) cannot be reconfigured and must be upgraded.
Cisco Jabber – Jabber versions prior to 11.7 don’t support the advanced TLS protocol necessitated by PCI DSS. As such, you will need to initiate an organizational upgrade to 11.7 or a newer version. Those still leveraging Cisco IP Communicator will also need to upgrade to Jabber 11.7 or later as that solution lacks the ability to run advanced TLS protocol.
Cisco Video Endpoints –If your communication strategy includes legacy Cisco TelePresence solutions (such as CTS 500, CTS 1000, TX 9000, etc.), you should upgrade immediately. Suggested upgrade paths include the Cisco WebEx (formerly Spark) Room Series or Cisco’s TelePresence IX5000. Meanwhile, businesses using video endpoints such as Cisco MX, Cisco C-Series, etc. can upgrade to either TC 7.3(11), CE 9.1(3) or deploy a newer hardware model.

Next Steps: Don’t take on PCI DSS compliance alone

Want to learn more about the potential impact of PCI DSS on your communication and collaboration environment? Arraya’s team is ready to help. Our collaboration experts can assess the state of your current solutions. They will work closely with you to design and execute an appropriate strategy to implement any necessary upgrades. Get the conversation started today by visiting us at: https://www.arrayasolutions.com//contact-us/.

As always, feel free to leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us to stay updated on our industry insights and special events.

August 13, 2018 by Arraya Insights

If your organization’s disaster recovery strategy received a grade, what score would it get? As we referenced in a recent blog (5 Signs a Data Center Modernization Project is in Your Future), a sizable number of businesses might not be happy with their marks. According to the research featured in that post, only 27% of businesses earned a passing disaster readiness grade. What’s causing so many low scores? One theory is that businesses may be readying themselves and their technological environments for the wrong disasters.

Traditional disaster recovery strategies tend to focus on those of the “natural” variety. This includes everything from earthquakes and hurricanes to fires and floods. Even though all businesses should pay attention to “Act of God” risks – with consideration given to the geographic location, of course – those catastrophes are not where the most common, modern threats reside.

Typically, the biggest threat facing an organization’s IT environment is its own people. Human error consistently ranks as the number one cause of technology disasters. Some studies say people are responsible for 60% of issues, while others put it at just under half (47%). Other researchers say it’s a much lower figure (22%). Even in that last study, human error came in as the biggest threat, sharing the top spot with cybercrime. Of course, with things like phishing attacks, those two vectors are really one and the same.

Businesses have entered a new threat landscape, one which necessitates a different approach to IT disaster preparedness and recovery. Fail to make that adjustment and the consequences could be devastating. As the National Cyber Security Alliance found, roughly 60% of SMBs that suffer a cyberattack can expect to go out of business within six months of the incident.

3 keys to building a modern disaster recovery strategy

Recommended disaster preparedness and recovery techniques used to include backing up to tape or having a secondary site stocked with older and slower technology. Instead of sticking to outdated methods, here are three ways to modernize your disaster recovery strategy.

Consider a move to the cloud. Switching to a cloud-based approach to disaster recovery allows businesses to shed the high cost of maintaining a failback data center. Additionally, the cloud is inherently stretchable, growing easily alongside your organization’s data demands without requiring the support – and expense – of new infrastructure. By retaining the benefits of a physical second data center and stripping away the expense and the management responsibilities, the cloud can transform DR into a true subscription-based operating model.
Set sights on achieving a 3-2-1 balance. What is a 3-2-1 balance? Essentially, this rule states the best way to prepare for a disaster is to keep three copies of data. Those copies should then be spread across two different platforms. Lastly, one of those copies should exist offsite. Following this approach makes sure your organization’s data will be ready and accessible in the event of a disaster scenario.
Implement a point-in-time recovery solution. Any modern disaster recovery strategy worth its salt should acknowledge that incidents are going to happen. In the event that they do, consideration must be given to minimizing data loss. Point-in-time recovery solutions have a tremendous edge over tape in their ability to reduce recovery point objectives (RPO). For example, in the event of a ransomware attack, tape can only take you back to the last time you dropped off a backup. Meanwhile, a point-in-time solution can allow your organization to digitally failback to a time just before the corruption occurred, turning a full-blown disaster into a mere hardship.

Next steps: Prepare your IT environment for modern risks

Want to learn more tips and techniques for modernizing your disaster preparedness and recovery capabilities? Arraya Solutions has worked with customers of all sizes and specialties to design and implement disaster recovery strategies custom-built to meet their needs. If you’d like to discuss how our Data Management team can help, visit: https://www.arrayasolutions.com//contact-us/.

As always, you can leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us to stay updated on our industry insights and learning opportunities.

August 6, 2018 by Arraya Insights

Those in the financial services sector expect big changes in the coming years necessitated by emerging technology and digital disruption. Yet many businesses aren’t ready for these changes. That’s the opinion of those surveyed as part of The Boston Consulting Group’s Corporate Banking Executive Survey. Nearly nine-in-ten respondents (86%) agreed that emerging technologies will alter what it takes to succeed in financial services. However, just 19% of respondents believe their organization has the expertise of an industry-leader. Even more troubling? Less than half of survey participants (43%) have a clear-cut strategy in place to harness emerging technologies.

Digital disruption can be a huge opportunity for organizations, even those in regulation-happy industries such as financial services. It can streamline operations, cut costs and boost staff productivity. However, disruption is a powerful force. Organizations who are unprepared for it run the risk of being steamrolled while competitors potentially reap the benefits.

If your business is just getting acquainted with digital disruption, here are four areas to build your strategy around. If you’re already on your transformative journey, then now’s a good time to step back and make sure your efforts are generating the highest ROI. That means, focusing on these four areas:

Customers – The way in which customers engage with financial service providers has evolved substantially over the years. Most recently, customers have come to firmly embrace the digitization of these interactions. For an example of this evolution, you need only to look to consumer banking. A study by PriceWaterhouseCooper found 46% of customers steer clear of physical banks as much as possible, preferring to engage via their smart devices, online apps, etc. instead. Technology investments must support these changing habits or else modernization efforts may fall flat.
Analytics – Given the wealth of data today’s financial services organizations generate, analytics should be part of any digital disruption conversation. Strategies must be adopted regarding tools that allow organizations to capture and analyze data regarding process efficiency, customer habits (see above), and almost anything in between. In this way, IT can harness that abundance of data and use it to drive improvements throughout the organization.
Users – In much the same way customers’ methods of interacting with financial services entities has evolved, so too have those preferred by a business’ end users. Organizations must learn how their users work and how that aligns (or doesn’t align) with the preferences. This will ensure the technologies adopted address actual needs and wants in addition to less flexible obligations, e.g., regulations. Otherwise, instead of boosting productivity through digital disruption, an organization may simply frustrate users, leading to costly Shadow IT.
Management – Emerging technologies can impact an organization’s entire structure. As such, any strategy addressing them must have the support to match. C-suite leadership must be involved in planning and must act as advocates for disruption. Seeing these efforts coming from the top should win over skeptical minds across the org chart.

Financial Services: Making digital disruption work for you

Need help getting your digital disruption plans off the ground? Or, are they already in the air and you’re simply looking to reach new heights? Arraya Solutions can help. Our team has designed, validated and executed strategies focused on embracing and managing emerging technologies for organizations from all industries, including financial services. By partnering with our experts, businesses will learn how to avoid common pitfalls, reaching their desired end state securely and efficiently.

Visit https://www.arrayasolutions.com//contact-us/ today to start a conversation around digital disruption. As always, feel free to leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter and Facebook. Once you’ve let us know what you think, follow us so you can stay updated on our industry insights and learning opportunities.

July 31, 2018 by Arraya Insights

Has your business embraced data center disruption? Normally, putting “data center” and “disruption” that close together in a sentence would be enough to set pulses racing at the thought of unplanned downtime, panicked recovery attempts and furious C-Level leaders. However, the phrase doesn’t have to be a negative. Instead, it can open the door to new opportunities and new levels of productivity. It’s also something that could be closer than you think.

It might be helpful to think of data center disruption by its less stress-inducing end result: the modern data center. The core technologies defining the modern data center are flash, cloud, automation, and software-defined. Each one of these solutions is quickly becoming table stakes. Whereas it was once possible to make a case for avoiding them based on industry demands or organizational size; that argument is getting harder to make. Now, businesses who’ve steered clear of them are at risk of falling behind their competitors.

If data center disruption, or the modern data center, hasn’t yet become a reality for your organization, here are five signs it’s just around the corner:

You’re generating more data than you ever have. Cisco estimates global IP traffic is going to roughly triple over the next five years. That means, between 2005 and 2021, traffic will have increased 127-fold. If you’ve similarly seen a spike in volume at your facility, the increased storage and data management capabilities powered by flash, cloud, automation and software-defined solutions can be a tremendous asset.
Your IT costs are getting out of hand. The traditional technology refresh cycle can put a regular strain on already-thin IT budgets. Add in the competitive nature of finding and retaining top talent and the cost of IT has never been higher. Modern data center solutions such as automation can help IT teams restructure workloads while the cloud can remove businesses from the refresh loop, allowing IT to rein in costs and use its existing budget where it’s needed most.
Your team is short on time … but not on projects. IT’s to-do list seems to have followed a similar growth pattern to global IP traffic over the last several years. With plenty to do and not enough time to do it, IT has been forced to put off critical tasks such as patching. Simplified management is a huge takeaway of modern data center investments. Infrastructure solutions allowing for easy policy roll outs and single pane of glass views, while cloud-based technology can minimize time-consuming maintenance.
You’re in need of consistently high performance. Availability and performance go hand-in-hand, yet one study found that just 27% of companies earned a passing grade for disaster readiness. The cost of downtime – both in monetary terms and negative PR – can add up quickly. Organizations can leverage cloud-based recovery to bolster their failover and failback capabilities without the expense of adding new hardware or renting space at a co-lo site.
You can’t stop thinking or talking about security. In truth, this should be nearly all businesses these days. As the scope and cost of data breaches continues to increase, organizations can no longer afford to do anything less. Whether it’s through enabling regular patching or ensuring disaster readiness, modern data center solutions, and the positive disruption they bring, are essential to building an IT environment that is up to the challenge presented by today’s business landscape.

Tap into the expertise of a team that knows data center disruption

Is your business ready to embrace data center disruption? Don’t go it alone! Research firm Forrester found that companies who do end up spending on average $4 million (and two years) more than those who work with a partner. Arraya’s Data Management team is ready to help prevent those outcomes. Our experts are available for assessments and health checks of existing environments or to help design and implement a full modernization plan. Reach out to us today by visiting: https://www.arrayasolutions.com//contact-us/.

Leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us to stay updated on our industry insights and special learning opportunities.

July 26, 2018 by Arraya Insights

Encryption’s popularity has gone through the roof over the past few years, however, it may not be the cyber security silver bullet some hope. The volume of encrypted traffic traversing the web has increased roughly 90% each year since 2015. If those year-over-year growth patterns hold true, Gartner forecasts that, come 2019, 80% of all web traffic will be encrypted. While the proliferation of encryption can be reassuring, particularly for organizations and consumers already torched by data loss, it is also opening up new threat vectors for cyber criminals.

Employee web browsing habits are always a concern to organizations, yet encryption does little to allay those fears. HTTPS traffic can serve as a perfect backdoor for malware or data extraction. Employees don’t even necessarily need to wander the wilds of the Internet to unknowingly come into contact with malicious files. They can do so simply by connecting to unsecured servers on the corporate network’s edge. This connection could be the opening malware needs to spread rapidly throughout the weak points of a network.

The above attack vectors (and others) seem set to grow alongside legitimate encryption use. According to a Cisco white paper, 41% of attackers have used encryption to avoid security’s watchful eyes. Projecting that out just one year, it’s estimated that as much as 70% of cyber attacks will take place using encrypted traffic. Considering the estimated average cost of a data breach ($3.8 million as per Cisco), businesses can’t afford to be in the dark in terms of what’s coming and going on their network.

Defending against cyber attacks hiding in encryption

Previously, the best defense against attackers’ nefarious use of encryption was mass decryption. Businesses would need to decrypt traffic in bulk and then analyze the contents. Files deemed to be harmless would then be re-encrypted and routed on to their final destination.

Even though that legacy approach was effective at identifying threats hiding in encrypted traffic, it carried several drawbacks. Mass decryption may not be conducive to the performance and budgeting benchmarks many businesses have set for themselves. Stopping and parsing through traffic takes time and can be resource intensive. This issue would only worsen as individuals and businesses lean on encryption to shroud even more of their traffic.

Another concern with bulk decryption is privacy – or, more accurately, the lack of it. Until proven otherwise, bulk decryption strategies treat every file as a possible threat. As such, It must decrypt and review all traffic. This makes sense from a security perspective, but ethically, it raises some questions as bulk decryption could potentially expose sensitive employee or customer data.

What’s the alternative to bulk decryption? Cisco’s Encrypted Traffic Analytics (ETA) is one option. This solution is able to spot threats within encrypted traffic without the need for bulk decryption. Rather than decrypt, scan, and re-encrypt traffic, ETA uses a combination of passive monitoring, relevant data point analysis, and cloud-enabled machine learning to evaluate risk. ETA’s unique, advanced architecture allows it to perform these operations quickly and efficiently so as to avoid network gridlock and budgetary bloat.

An additional benefit of ETA is that it can help organizations assess the strength of their encryption. ETA is able to instantly assess the quality of the encryption protocol used to defend any traffic it comes into contact with. Security personnel can then review that information to ensure compliance with any applicable regulatory standards.

Next Steps: Don’t face today’s cyber threats alone

Ready to continue the conversation around cyber security best practices as well as Encrypted Traffic Analytics? Visit https://www.arrayasolutions.com//contact-us/ to connect with our team of security and networking experts. They can help you assess your current environment and provide field-tested insights into how to improve your organizations cyber security readiness.

Feel free to leave us a comment on this or any of our blogs using social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us so you can stay updated on our other technology insights and upcoming special events.

July 20, 2018 by Arraya Insights

A gap seems to be forming between what businesses believe about their cyber resiliency and the reality of the situation. Actually, calling it a gap may be underselling it. In its report titled Cyber Security: Can Overconfidence Lead to an Extinction Event?, Solar Winds found 87% of businesses rate their cyber security defenses as “average or better.” At the same time, just shy of three-quarters (71%) of those same businesses admitted to suffering at least one breach in the last year, far higher than the 29% who said the same in the previous year’s study. Those points certainly appear to be at odds with each other. However, overconfidence isn’t the only character trait that could lead businesses down a dangerous path.

Organizations of all sizes must not allow bad habits to creep into their approach to cyber security. This becomes even more critical in the SMB space. Attackers look for the path of least resistance. Most will happily take a handful of small, easier wins over fighting tooth and nail to get a big one. Enterprise-sized businesses, with their large Security Operation Centers and innovative security solutions, don’t make for “easy wins.” SMBs, on the other hand, just might.

Overconfidence is just one cyber security “deadly sin” that could make an SMB an attractive target. Let’s look at seven other shortcomings highlighted by Solar Winds’ and see what SMBs can do to avoid them.

Inconsistency – Cyber security policies can be time-consuming to enforce, they’re often unpopular and they are tempting to put off. In fact, the Solar Winds report found 43% of respondents admitted to enforcing policies only occasionally. To remedy this, SMBs should enlist a partner who can assess their needs and limitations and then help craft a suitable security architecture.
Negligence – The easiest path into an organization often runs through end users, but few organizations are reinforcing that weakness. Just 16% of businesses have placed an emphasis on increasing user security awareness through regular anti-phishing campaigns, etc. SMB teams struggling to perform end user training should look to an outside organization capable of lending a hand. Particularly, SMBs should look for pre-built, yet customizable, training routines that simulate the types of threats their users are likely to encounter in the wild.
Shortsightedness – The argument for security investments boils down to “spend more now, save big later.” This lack of immediate ROI can make it tough to wrangle support for security expenditures. In the report, there’s plenty of diversity among the most common security solutions. SMBs can overcome this by projecting the costs of a breach using similar cases for context.
Complacency – This post has already addressed the notion that “good enough is enough.” Remember those nearly nine-in-ten SMBs that rated their cyber defenses as average? If we drill deeper into the idea of cyber defenses, information is one of the best weapons against attackers. However, 51% of those surveyed described their reporting as merely “adequate.” For some SMBs, the idea of building anything greater, such as a truly “robust” reporting capability, in-house can seem daunting – or out of their price range. On the other hand, this could be another example of functionality best offloaded onto a capable outside organization.
Inflexibility – A data breach doesn’t have to trigger a total tear down of an organization’s security infrastructure. Instead, it should show organizations where they could stand to improve. Yet, only 44% of organizations took advantage of the learning experience and rolled out a new technology. Meanwhile, just 41% changed their processes. Post-incident is a great time to push for upgrades. SMBs must seize this unfortunate opportunity to understand what went wrong and make a case for improvements.
Stagnation – Adoption of widely accepted best practice security techniques also left something to be desired according to the report. Of the top nine most common prevention techniques, not even one was being used by more than half of respondents. Strategies like full disk encryption (43%), restriction of admin rights (42%), and user event logging (41%) had the broadest deployments recorded. If it’s a question of resources, some of the techniques included in the top nine are deployable at no cost, leaving little reason to omit them.
Lethargy – Every second counts during a cyber security incident. Obviously, the sooner security personnel can catch, quarantine, and resolve an issue, the better. Yet, across the board, businesses have seen security reaction times slow. Per the report, detection times rose for 40% of those surveyed, response times increased for 44%, and resolution times went up for 46%. This shows far too many organizations are heading in the wrong direction. In cases where there aren’t enough onsite eyes, an SMB may want to work with a Managed Security partner capable of guaranteeing better times as part of a service level agreement.

Next steps: Raising your game regardless of organizational size

Want more of Arraya’s security insights for SMBs? Check out our new whitepaper Simplifying Cyber Security for Small and Midsize Businesses. This document collects Arraya’s experiences plus those of industry thought leaders. The result is a comprehensive look at the strategies and solutions SMBs can count on to stay safe.

If you’d like to discuss how Arraya’s Cyber Security team can address any of the above “deadly sins,” we can be reached by visiting: https://www.arrayasolutions.com//contact-us/. You can also leave us a comment on this or any of our blogs on social media. We can be found on LinkedIn, Twitter, and Facebook. While you’re there, follow us so you can keep up with our industry insights and learning opportunities.

July 16, 2018 by Arraya Insights

Heads up: The clock is ticking on a trio of Cisco call center solutions. With end-of-support dates looming, organizations that still leverage these legacy technologies will need to create a modernization plan ASAP or accept the risks of continuing to run out-of-date tools. Below is a look at the products going end of support, when, and recommendations from our experts regarding where to turn next.

Cisco Unified Contact Center Express 9.0

Mid-summer will mark the end of the line for Cisco’s Unified Contact Center Express 9.0 (UCCX 9.0). For more than half a decade, organizations have been able to lean on UCCX 9.0 to provide structure to exchanges between agents and customers over voice, email, and more. However, as of July 31, organizations will need to upgrade to a more modern customer interaction solution. Should they stand pat, all services for UCCX 9.0 will cease, leaving organizations with an obsolete solution at the heart of their contact center.

Organizations interested in upgrading their call center capabilities should look to Cisco Unified Contact Center Express 11.6. Among its improvements, UCCX 11.6 introduced Context Service, a cloud-based resource that stores and tags data generated during agent/client interactions. The idea was to give support teams greater understanding of a customer’s history. It also includes advanced supervisor functions to help leadership guide their teams toward continuous service improvement.

Cisco Agent Desktop

Included within Cisco’s UCCX 9.0 milestones is a small blurb that could have a big impact on call centers. This write-up details how 9.0’s end of software maintenance and end of support milestones both also apply to multiple versions of Cisco Agent Desktop (CAD) suite. Come July 31, CAD – as well as Cisco Supervisor Desktop and Cisco Desktop Administrator tools – will also be no more. This countdown will affect all CAD solutions from the 10.0, 10.5, and 10.6 lines.

What will life look like for businesses post-CAD? One word: Finesse. Cisco Finesse uses a web-based interface to address the needs of supervisors and agents alike. The most up-to-date version of Finesse is 11.6. In addition to a laundry list of new features and capabilities, Finesse 11.6 makes modernizing off CAD painless via a consistent approach to routing scripts.

Cisco Unified Communications Manager

December is busy time for a number of reasons, however, here’s one more to add to the list. On December 31, Cisco Unified Communications Manager and Session Management Edition Software Version 9.x will go end of support.

Organizations looking to jump to a still-supported offering should consider Cisco Unified Communications Manager and Session Management Edition Software Version 10.x. Building on the abilities pioneered in earlier versions, 10.x puts the user experience in the spotlight. It seeks to provide an easier to use – and manage – solution. This version supports across-device (including those powered by Cisco Jabber) network-based call recording, allowing organizations to better audit agents. Furthermore, 10.x also enhances the presence and instant messaging capabilities available in past incarnations of the solution.

Next Steps: Prepare for upcoming Cisco call center end of support dates

Want to make sure your organization has a plan in place to address these end of support dates and more? Arraya Solutions has extensive expertise managing product lifecycles across the technology stack. We understand what it takes to keep technology environments up to date and secure within organizational budget restrictions.

If you’d like to start a conversation around these end of support dates or any others that are circled on your calendar, visit: https://www.arrayasolutions.com//contact-us/. As always, feel free to leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us so you can stay updated on our industry insights and learning opportunities.

July 12, 2018 by Arraya Insights

GDPR only went into effect in late May, but it’s already inspired like-minded data privacy legislation on this side of the Atlantic. California, America’s technological heartland, recently signed off on a law that will give consumers greater control over their personal data. Much like GDPR before it, the new law’s impact could be widespread.

While not as vast as the European Union’s GDPR, California’s Consumer Privacy Act of 2018 – which goes live on January 1, 2020 – ranks as the strictest on the books in the United States. The legislation will force companies to disclose what information they’re collecting, how they’re using it, and who can access it. Moreover, it puts control back in the hands of citizens. People can decide if they want to share their information or if they want companies to delete stored personal data outright.

The California Consumer Privacy Act of 2018 applies to for-profit companies doing business in the state that collect consumer information, provided they meet any of the following criteria:

Exceed $25 million in gross revenue
Handle personal data of 50,000 or more people, devices, or households
Earn 50% of their annual revenue from selling consumer information

Businesses beholden to the California Consumer Privacy Act of 2018 who suffer a data breach could pay a hefty price. The law sets the minimum damages at $100 and the maximum at $750 per incident (or actual damages, whichever is greater). It’s not hard to imagine, even at that minimum level, some astronomical payments resulting from this new law – especially considering the size and scope of recent breaches.

It may make for some newfound compliance headaches; however, the California Consumer Privacy Act of 2018 is actually something of a best-case scenario for businesses. The law cut a speedy route through California’s legislature to head off a ballot initiative promising serious compliance migraines. Even though it’s not ideal from the business perspective, the Consumer Privacy Act apparently allows for far more flexibility than California’s voters would have come November.

Next steps: Get out in front of compliance challenges

January 1, 2020 will be here before you know it. Although, even if this particular piece of legislation doesn’t apply to your business, the clock is still ticking. Regulations such as GDPR and the California Consumer Privacy Act of 2018 are likely only the beginning. People want more power over their data and governments are always eager to find new sources of revenue. In that regard, it’s a match made in heaven. It’s up to businesses to figure out how to continue operating effectively to avoid a place in the crosshairs.

Looking for help navigating the increasingly complex web of cyber security regulations? Arraya Solutions has real world compliance and security experience at the C-Level. Our team will work closely with onsite IT and organizational leadership to diagnose compliance risks, devise a strategy on how to alleviate those hazards, and then execute on that plan. Start a conversation with our team of experts today by visiting: https://www.arrayasolutions.com//contact-us/.

July 9, 2018 by Arraya Insights

Let me tell you something about salespeople: When it comes to customer relationships, we love to be on the frontlines. Maybe that’s not a huge secret, but it’s true. It’s not that we always want to do the talking – after all, listening is one of the most valuable things we can do. However, we want to be in the room, engaged, and ready to lend our support or insight. Ninety nine out of a hundred times, the idea that a salesperson would willingly remove him or herself from such a discussion would be unthinkable. In this blog, I’m going to talk about that one exception.

Last month, Arraya Solutions held our 4^th Annual Tech Summit. This event is a full day of deep dives into the technologies driving the conversation in areas such as security, data center, cloud, and networking to name a few. Each of those sessions was created and presented by a member (or members) of our in-house team of engineering talent. The Tech Summit is a great opportunity for IT pros to further their knowledge or learn a new skill. The only wrinkle, at least from my perspective as Arraya’s Sales Director? Since its inception, the Tech Summit has been a “by techs, for techs” – and a sales-free – experience.

That’s right, my team and I are considered persona non grata at the Tech Summit until the end-of-day happy hour. The idea is to give the reins to the people who architect and deploy solutions for our customers. Our engineers think of the talk tracks, they design the presentations, and they handle any questions. There’s no sales focus on the conversations at the Tech Summit. Instead, it’s techs talking to techs about best practices, real world experiences, use cases, and more.

As hard as it is for my team and I to remove ourselves from the conversation, it helps knowing our customers are in good hands. After my first experience with Arraya’s Tech Summit last year, I was blown away by the feedback I received from attendees. They heaped praise on the content, the presenters, and the agenda. The response was positive enough to convince me that, even though it goes against my nature, “by techs, for techs” is the perfect format for an event like this.

All credit is due to our internal team here at Arraya for making this event such a resounding success. It starts with our Marketing team, who go to great lengths to make sure the day goes smoothly. They may make it look effortless, but I know how much energy goes into making it appear that way. Of course, as I’ve mentioned previously, the real stars of the day are Arraya’s engineers. For some of these folks, it’s as if they work two jobs during Tech Summit season. They support our customers by day, then, at night, they go to work building slide decks and recording demos. They put a “superhero” effort into delivering unmatched value to attendees.

Earlier, I mentioned that in ninety nine out of a hundred instances it would be unthinkable for a salesperson to step back from customer conversations. That figure isn’t exactly accurate. Why? Well, last year, Arraya held a second Tech Summit in November, focused specifically on the Central Pennsylvania area. This year, we plan to do something similar and so my team and I will again head to the sidelines in favor of Arraya’s engineers. And you know something? I couldn’t be more excited to let tech take center stage.