Security Market Segment LS
Tuesday, 13 November 2018 13:16

1E helps bridge security-operations divide: claim

1E senior vice president for sales John Hammond 1E senior vice president for sales John Hammond

IT security staff want systems patched promptly, but they're not usually the people who have to do the work.

It is accepted wisdom that one of the best way to protect systems from exploits is to keep up to date with software patches.

But software is being used on more devices than ever, and it is increasingly important to a growing number of users as a result of digital transformation and related initiatives. Effectively, "we're all knowledge workers [now]", Windows system management specialist 1E's senior vice-president for sales, John Hammond, told iTWire..

Furthermore, regulatory changes such as GDPR mean a successful attack can mean large fines on top of the cost of remediation and reputational loss: "the game has changed," he said.

The average enterprise is hit by around 4000 attacks per day, so the question is not "am I under attack?" but rather "where am I under attack?", Hammond suggested.

This means bringing together IT security and IT operations – operations sees patching 90% of systems within 30 days as a success, "but that door is still 10% open".

So 1E provides tools to automate patching — even across fleets of tens of thousands of computers — and to provide real-time visibility of all the software running within an enterprise (avoiding the lag associated with conventional asset management software), including which versions and whether or not a reboot needed to complete a patch process actually happened.

The company's tools integrate with a variety of other products (open source and commercial, including anti-malware, network scanners, threat intelligence and service desk) in order to detect incidents and then automate a response.

For example, an anti-virus product might detect a particular piece of malware on a computer, and then 1E's tools can rapidly identify every computer with the same file and quarantine them until the most appropriate response has been determined and implemented. That response might be to simply remove every occurrence of that file, or stronger action may be required, such as completely reinstalling Windows.

Another example is that a threat intelligence service might report a breaking threat, in which case 1E's tools can identify systems that have already been affected, along with those that are vulnerable because they have not been patched.

Or network traffic symptomatic of particular attacks can be detected and blocked.

The process retains a copy of a system's previous state, so rollback is simple in the event that an update proves incompatible with essential software, or other problems occur.

Importantly, all this can be done in real time, automatically, and remotely – even in very large networks. Techniques used to control the impact on normal operations include peer-to-peer patch distribution (each system that receives a patch passes it on to seven other systems at the same location, and so on), and "reverse QoS" so that traffic associated with 1E's tools only uses the spare bandwidth of any given link.

According to Hammond, this approach is relevant to organisations with at least 1000 computers, especially when they are spread across multiple locations.

1E's products include Tachyon (real-time remediation of security and operations issues), Windows Servicing Suite (end-to-end automation of all Windows servicing scenarios), AppClarity (real-time software asset management) and NightWatchman (PC power management allowing powered-down systems to be patched and restarted).

Local customers include Bakers Delight plus some of Australia's largest retail chains, two of the big four banks, two of the largest mining companies as well as large Federal and State Government agencies in New South Wales, Victoria and Queensland, including those states' emergency services. Internationally, 1E's products are used by 25 of the 100 largest organisations (by market capitalisation). In all, it has sold more than 31 million licences to 1700 organisations, Hammond said.

1E opened a Sydney office in July and recently appointed Andrew Herman as its ANZ regional director. The company has a number of local partners, including Avanade, DXC, HCL, IBM, and Thomas Duryea Logicalis.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments