Not a day goes by when you don’t see an article or video online about Microsoft. So when this global technology giant invites your company for a sit-down Q&A, it’s a real honour!
Check out the written Microsoft Partner Spotlight interview below and watch the shortened video—where our VP of Cybersecurity and Emergency Technologies Hugh Lindley speaks about Avaleris and what we do, security trends we’re seeing, and more.
Meanwhile, also make sure to subscribe to the Avaleris SecureScoop Newsletter (it’s free!) for monthly updates on the company, as well as new information and technology in the identity and cyber security landscape.
MICROSOFT: Tell us about Avaleris in 30 seconds and the work you do?
Hugh Lindley: Avaleris is a Microsoft Gold Partner and niche professional services company that helps enterprise clients enable digital business transformation. We do this by reducing our clients’ security risks, increasing their operational efficiencies, and empowering their users—all while driving business value for them. Our success comes from working closely with a range of industries all across Canada to understand their business objectives and delivering services and Microsoft solutions in a highly responsive, well-managed, straightforward and professional manner.
What is Avaleris’ relationship with Microsoft?
We have a longstanding partnership with Microsoft. In fact, the genesis of Avaleris was when Microsoft acquired our previous security software company—and it’s continued through today with local and national Microsoft offices, as well the engineering team in Redmond. For many years, our relationship has delivered significant business value to our clients—through Microsoft’s technology, as well as our deep technical expertise and deployment experience.
What is the one thing companies need to do today to be set up for success in this new world?
To me, the key thing is to set your enterprise up for flexibility. A key lesson I learned during over the last year was just how resilient our IT infrastructure actually was (and still is). Pre-pandemic, we had invested in the ability to work remotely, mostly so we could easily access our IT infrastructure while working on client sites. But this investment also allowed us to almost seamlessly transition to working from home when the pandemic hit in March 2020. Unfortunately, I don’t believe this is last crisis we will live through—but building for flexibility is something that I would absolutely like to carry forward.
What does “the future of work” mean to you?
It means many things to me. Working from anywhere, from any device. It means much better and richer security tools that allow protected security domains to span corporate and personal devices. The future of work is also about significantly better remote working technologies—completely cloud aware operating systems. Finally, it’s about the ability to analyze and work with significantly large data sets.
What is the one investment that every organization needs to make in technology?
There are so many, but if you force me to pick one, it would be to invest in transitioning to the cloud. I’m actually going to cheat and pick two—so my second recommendation is to also invest in much stronger authentication for users and administrators.
Given all the changes to the way we are working, what are the common pain points you’re hearing from customers?
The main challenge they’re dealing with is regarding security—that is, whether they feel confident that they have the appropriate amount and coverage for their security controls. The second pain point would be how in managing the rate of change we’ve seen over the last year or so.
What is the top priority area that you’re hearing about from the customers you work with?
Security. Always security.
Security used to be simple, but these days are long gone. There is no one perimeter, data is everywhere, and organizations must be smart about their approach. What is the one error in security that organizations are making today?
The single biggest error organizations keep making is that they do not understand their risk profile—nor do they feel they have the time to even take appropriate action. Even if organizations feel they don’t have time, they must do at least three things. First and second, increase the level of authentication you have in place with two-factor authentication, and put internet-grade antivirus and anti-malware in place immediately. Third, ensure you have desktop encryption enterprise-wide. All of these security measures should be the norm in today’s organizations—not the exception.
As we see different security breaches occurring today, how would you articulate the challenge organizations are having with point solutions vs. single platform solutions?
I think it’s easy to buy into the allure of a single product to address a single problem in a specialized or unique way. This is in fact what product vendors do to make sure their products stand out in the marketplace. However, this approach fails to address a significant economic challenge that most companies face—which is a lack of people power and brain bandwidth that they can throw at managing and reducing their IT security risks.
The beauty of M365 is that you get a full stack of integrated security capabilities that can be managed from a centralized interface by a smaller group of analysts, while also significantly improving your security posture.
Beyond the CISO, security needs to be every BDM’s (business development manager’s) priority. How can CISOs help educate and prioritize security with their peers?
The problem here is that business units incorrectly perceive IT security as their CISO’s problem. However, the reality is that IT security problems affect all business units—especially ones that are being innovative and actively undertaking business transformation initiatives.
Business units need to view IT security and the CISO as their business partner in identifying security risks, providing pragmatic and practical advice and guidance on addressing those risks, and making sure that the corporate brand and corporate/client nformation are adequately protected.
Why should organizations be on M365? How does it benefit productivity and security?
Organizations should ensure they have M365 everywhere and on every device, so that a great deal of security is weaved right into the full stack. This is especially important given what we’ve learned from COVID, which highlighted and accelerated the need for employees to be able to work from anywhere. In many cases, M365 exceeds what organizations can provide even on-premises—and it all works really well together.
VP of Cybersecurity and Emerging Technologies
Avaleris focuses exclusively on hybrid identity, enterprise mobility, and cloud security, enabling businesses to improve their agility and security while enabling employee productivity and collaboration.