aspectra Blog: Get the latest from our expertsen2020-10-01T04:44:46+02:00Welcome Lauri!2020-08-12T00:00:00+02:00<p>We had the pleasure of welcoming the new apprentice Lauri Neuenschwander at aspectra on 3 August 2020.</p> aspectra - the next phase2020-07-02T00:00:00+02:00<p>A new era begins as aspectra joins the&nbsp;CymbiQ Group. Drawing on&nbsp;aspectra's&nbsp;expertise in secure hosting and operation of business critical applications,&nbsp;CymbiQ&nbsp;is now able to offer the complete range of Cyber Risk Resilience Services as a one-stop provider.</p> Invisible, yet highly available2020-06-09T00:00:00+02:00<p>In the public cloud, ressources&nbsp;are nearly unlimited and services are&nbsp;easily and&nbsp;flexibly&nbsp;scalable. Is high availability under these conditions still an issue?</p> Client Spotlight: Unblu2020-05-14T00:00:00+02:00<p>The Conversational Platform for Financial Services by&nbsp;Unblu&nbsp;provides banks and insurance companies with dedicated customer service in a secure environment.</p> Airlock WAF 7.3: Dynamic blacklists for rogue actors2020-05-07T00:00:00+02:00<p>The Airlock WAF 7.3 has been in use at aspectra since April. The new version offers a number of useful innovations. One of them is the IP Blacklist.</p> #SID2020: Five minor and one major tip for computer security2020-02-11T00:00:00+01:00<p>Cyber security is a constant challenge. It is a complex and sometimes confusing issue. For today's Safer Internet Day 2020, we provide a selection of simple tips for safer computer use.</p> Client Spotlight: CRESTA2020-01-20T00:00:00+01:00<p>Our long-standing client PERILS assumed responsibility for the CRESTA Secretariat in September 2018 and launched a new website that provides quick and user-friendly access to CRESTA-related information.</p> OpenShift 1012019-12-10T00:00:00+01:00<p>OpenShift, containers, microservices, pods... so many buzzwords, so little clarity.&nbsp;What&nbsp;do these terms mean and how do they relate to each other? In today's post we will try to give you an overview on the&nbsp;functionality of container platforms.</p> How secure is SMS-based 2FA?2019-11-20T00:00:00+01:00<p>SMS are still widely used as the second factor for strong authentication (mTAN). Find out in this blog post why this can lead to ever more problems.</p> e-Commerce: Two-factor authentication mandatory as of 14 September 20192019-09-11T00:00:00+02:00<p>As of September 14, secure authentication will be mandatory for all e-commerce in the EU. This is when the new European Payment Services Directive PSD2 comes into force. What are the implications for Swiss providers?</p> DDoS attacks are growing in number and sophistication2019-08-19T00:00:00+02:00<p>The defense against DDoS attacks is like an arms race: As the defense measures improve, the attacks become more dangerous.</p> Focus on security and customer needs2019-07-29T00:00:00+02:00<p>When we launch new products or exchange hardware, taking risks is not on the cards. The case of Pure Storage exemplifies how thoroughly aspectra evaluates and tests a new product to guarantee the security of a solution.</p> The crux of data storage2019-07-03T00:00:00+02:00<p>In these times of digital transformation, data is piling up like&nbsp;sand in the Sahara. The handling is challenging and the solutions for storage are manifold.</p> OpenShift - New technology, new opportunities?2019-06-20T00:00:00+02:00<p>IT is a rapidly changing world. The term "container" has only been known in this context now for a few years. No sooner have experts become familiar with containers though, the technology had already been further developed. One new form, OpenShift, opens up exciting new possibilities and presents us with new challenges.</p> Client Spotlight: An app that saves lives2019-01-30T00:00:00+01:00<p>Two years ago, the project "Tracking System" was launched with the aim of more quickly rescuing mountain hikers&nbsp;in distress&nbsp;and optimising the planning and execution of rescue operations with the support of modern technology. What has been achieved so far?</p> Container Technology: Now Available from aspectra2019-01-17T00:00:00+01:00<p>Containers offer many advantages and are an essential component of DevOps. Now aspectra presents its customers with an OpenShift farm for containers.</p> Net neutrality: equal treatment with obstacles2019-01-07T00:00:00+01:00<p>Net neutrality ensures that all data is treated equally during transmission - regardless of sender, receiver or content. For our customers, this equal treatment is the indispensable prerequisite for secure and fast data transfer.</p> Weather scarf 20182018-12-20T00:00:00+01:00<p>Monitoring and logging are part of aspectra's core business. But many phenomena outside of our IT architectures can also be presented with surprising clarity&nbsp;using statistical presentation methods.&nbsp;</p> The PURE Joy of Flash2018-11-29T00:00:00+01:00<p>Until recently, the SSDs on the aspectra Shared ESX Farm were housed in the same storage as the HDD. The performance advantages of the SSD could therefore only be partially exploited. Thanks to the purchase of an<a data-tabindex-counter="1" data-tabindex-value="none" href="https://www.purestorage.com/products/flash-array-m.html" tabindex="-1"><strong> all-flash array from Pure Storage</strong></a>, the IOPS could be significantly improved.</p> Zabbix Summit 20182018-11-22T00:00:00+01:00<p>The Zabbix Summit 2018 took place in October in the lovely Latvian capital Riga, with workshops, presentations of real use cases, demos and integration examples. aspectra was part of it.</p> IT security in clouds inadequate2018-11-13T00:00:00+01:00<p>A <a data-tabindex-counter="1" data-tabindex-value="none" href="http://www2.gemalto.com/cloud-security-research/##" tabindex="-1"><strong>study</strong></a> by the Ponemon Institute concludes that data in the cloud is insufficiently protected. This is not because the clouds do not offer appropriate protection. The problem is that they are not being implemented by customers.</p> Which IT certification will it be?2018-11-08T00:00:00+01:00<p>Whether food, refrigerators or cars: Certifications and labels attest that the products are eco-friendly, safe or "fair". Such attributes, in particular those pertaining to security, are also relevant for the IT. So what are the implications for the financial sector?</p> Guest post by Interxion: How are data centres classified against the Tier Classification System?2018-10-16T00:00:00+02:00<p>You may well have already come across the term "Tier"&nbsp;in connection with data centres. Now one might ask oneself, what is meant by this? In data center geek-speak it quite simply stands for "category of performance".</p> Why did aspectra enter into partnership with Akamai?2018-10-11T00:00:00+02:00<p>Akamai is one of the hidden champions of the Internet. At any given time, a large part of the world's Internet traffic flows through their networks. But what are the services offered by Akamai and why is aspectra an Akamai partner?</p> Cloud Connectivity — Part II: Managed Network Access2018-09-21T00:00:00+02:00<p>The outsourcing of applications to the public cloud poses challenges to the communication between users and applications, but also between hybrid applications, such as data in the data center and web applications in the cloud.</p> Deflecting cyber attacks before the front routers2018-08-31T00:00:00+02:00<p>Distributed denial of service attacks can not only paralyze servers and websites, but also open the door to cybercriminals. In order to reliably protect against massive attacks, multi-level concepts are needed.</p> Not all that glitters is GDPR2018-08-30T00:00:00+02:00<p>Microsoft's German Azure Cloud does not fully comply with data protection regulations - even though it is operated by the German T-Systems. This is the conclusion of the Magazine for Professional Information Technology iX.&nbsp;</p> Wanted: Linux Professional (m/f)2018-08-28T00:00:00+02:00<p>To complement our Linux team we are looking for an experienced, independent and motivated systems engineer (80-100%).</p> Would you like your tokens hard or soft?2018-08-09T00:00:00+02:00<p>The physical RSA token has been increasingly replaced by the software token over the last few years. Hardware tokens as key rings or software tokens as apps on your smartphone? What are the pros and cons for the user?&nbsp;</p> These are the Cloud Trends 20202018-07-12T00:00:00+02:00<p>Increasingly, large companies are turning to multi-cloud models when it comes to their IT infrastructure. Multi-cloud solutions will be the norm by 2020. A new survey of 1730 IT decision-makers from eight European countries commissioned by aspectra partner Interxion demonstrates this trend.</p> Why a Central Log?2018-06-21T00:00:00+02:00<p>A central log facilitates the analysis of the data and offers additional security against attacks. aspectra offers it to its customers free of charge in a basic configuration.</p> Cloud Connectivity — Part I: Use Cases2018-05-31T00:00:00+02:00<p>The outsourcing of applications to the public cloud poses challenges for communication between users and applications, but also between applications that operate in hybrid mode, such as data stored in a data center and web applications in the cloud.</p> Optimised DDoS protection 2018-05-15T00:00:00+02:00<p>DDoS&nbsp;mitigation&nbsp;solution&nbsp;against new and evolving threats stops attacks already&nbsp;in front of our firewalls and&nbsp;front routers.</p> Managed Hosting2018-04-23T00:00:00+02:00<p>Outsourcing is here to stay, and managed hosting remains in high demand on the market. In recent years, the range of services behind the term "managed hosting" has changed dramatically.</p> CLOUD Act v. GDPR2018-04-19T00:00:00+02:00<p>The US Supreme Court has dropped the data disclosure case against Microsoft. So Microsoft has won... or has it?&nbsp;</p> Recertification of ISO 27001:2013 and ISO 27018 successfully accomplished2018-04-18T00:00:00+02:00<p>Since 2011 aspectra has undergone annual information security audits by KPMG. The 2017 audit demonstrated for the seventh time in a row that our processes and services meet the highest standards.</p> R.I.P. TLS 1.0 (and 1.1)2018-04-15T00:00:00+02:00<p>Many web servers still support the encryption protocols TLS 1.0 and TLS 1.1, although all standard&nbsp;browsers have long been compatible with TLS 1.2. How do you exclude legacy TLS standards on the server side and what should you pay attention to?</p> Two-factor authentication - in a nutshell2018-04-09T00:00:00+02:00<p>In an environment, such as e-banking, where security is&nbsp;critical, two- or multi-factor authentication (2FA, or MFA) has become&nbsp;an increasingly&nbsp;common method to controll access. This security procedure is also known as "strong" authentication.</p> Protection against memcached amplification DDoS attacks2018-03-15T00:00:00+01:00<p>Recently, a new DDoS record was set at 1.7 terabits per second. The attack took advantage of incorrectly configured memcached servers as reflectors. How can you protect yourself from such an attack?</p> Will the Supreme Court force US cloud service providers to breach the GDPR?2018-03-05T00:00:00+01:00<p>In the coming weeks, the U. S. Supreme Court will decide whether or not U. S. cloud providers will have to disclose data to U. S. authorities even if they are stored outside the United States. If the court so judges, the compliance of US cloud providers with the EU-GDPR is fundamentally undermined.</p> Testing sirens2018-02-12T00:00:00+01:00<p>On Wednesday 7 February 2018,&nbsp;sirens howled&nbsp;for half an hour all across Switzerland. Thanks to Akamai CDN, the website <a data-tabindex-counter="1" data-tabindex-value="none" href="https://www.babs.admin.ch/en/alarm/sirenentest.html" tabindex="-1" target="_blank">sirenentest.ch</a>,&nbsp;operated by aspectra, was able to cope with the rush of visitors without any problems.</p> Does ISO certification demonstrate GDPR compliance?2018-02-05T00:00:00+01:00<p>On 25 May 2018, the EU's new General Data Protection Regulation (GDPR) comes into force. All organisations with customers or members in the EU are affected. Failure to comply will result in fines running into the millions. Does ISO 27001 certification of the hosting services provider automatically ensure GDPR compliance?</p> Critical Cisco vulnerability gap closed!2018-02-01T00:00:00+01:00<p>An error in Cisco's ASA software allows attacks via WebVPN. aspectra has closed the corresponding gap.</p> Web analysis: Piwik is now Matomo2018-01-26T00:00:00+01:00<p>Piwik's developers have renamed the open source web analytics tool Matomo. That means "honesty" in Japanese. The name is new, everything else remains the same - or gets even better.</p> Client Spotlight: Deal Estate2018-01-18T00:00:00+01:00<p>Do you want to set a real estate transaction on track in a matter of hours? A new digital platform for investors, brokers and owners of real estate, a first of its kind in Switzerland, makes this possible.<br /> &nbsp;</p> IAM as a Service2017-12-14T00:00:00+01:00<p>Even enterprise organizations and software manufacturers find the implementation of Identity &amp; Access Management (IAM) a hard nut to crack, but the operation of an IAM is also equally challenging.</p> WAF as a Service2017-07-06T00:00:00+02:00<p>The use of web application firewalls is becoming standard. However, costs and complexity&nbsp;still pose an obstacle for many projects - unless you use them as a service.</p> Risk-based authentication2017-03-03T00:00:00+01:00<p>Increasing security requirements in day-to-day online activities can be a real hassle&nbsp;for today's&nbsp;creatures of habit and are known to spoil the digital experience. Risk-based authentication is a way to make life easier without taking major risks.</p> GDPR - Swiss companies also affected by the new EU Data Protection Regulations 2016-11-10T00:00:00+01:00<p>The General Data Protection Regulation (GDPR) of the EU is to bring&nbsp;about drastic changes - also for companies in Switzerland. Their applicability in practice remains to be seen.</p> E-Health: Why "one-stop shopping" is not a quality feature2016-09-15T00:00:00+02:00<p>When operating e-health projects, tasks and responsibilities must be clearly separated. The most important learnings from Aspectra's collaboration with e-health providers.</p>