Search
Close this search box.

Broadcom’s VMware takeover: Navigating turbulent waters

Broadcom’s acquisition of VMware warrants careful consideration by both VMware users and the broader technology community, writes BUI National Sales Manager Paul Wallett.

By Paul Wallett | National Sales Manager, BUI

Broadcom’s acquisition of VMware in November 2023 ignited a fierce debate within the technology community. While some applauded the $69-billion deal as a strategic move to streamline operations and simplify the virtualisation and cloud computing market, others voiced concern about its effects on VMware’s products and customers. In the short time since the takeover, there have been significant developments that VMware users and the IT industry now need to navigate.

Impact on VMware customers

I’ve used VMware solutions myself and have seen firsthand how they can enhance business efficiency, agility, and innovation through virtualisation and cloud technology. With products like VMware SD-WAN and VMware SASE consistently acknowledged for being reliable and able to cater to organisations with diverse infrastructure and operational requirements, it’s no surprise that VMware’s portfolio has been a popular choice for so many businesses and enterprises for so long.

However, since Broadcom assumed control of VMware, the VMware product landscape has been transformed, with two key announcements directly impacting existing customers.

Firstly, Broadcom’s introduction of a subscription-only model for most VMware products is a sea change for customers who have traditionally favoured perpetual licences. The shift eliminates the option of perpetual licences, potentially disrupting customers’ long-term investment planning and leading to higher costs in the form of recurring subscription fees.

Secondly, Broadcom’s decision to discontinue 56 standalone VMware products – including flagship offerings like vSphere, vSAN, and NSX – has roiled VMware customers worldwide. For countless organisations, these products are the backbone of core IT functions such as virtualisation, storage, and networking. Their discontinuation has left customers scrambling for alternatives and grappling with the gruelling task of migrating to other platforms.

Implications for the IT industry

Beyond the immediate concerns for customers, Broadcom’s acquisition of VMware has wide-ranging implications for the technology industry.

VMware’s virtualisation and cloud computing leadership fostered a vibrant ecosystem of partners, resellers, and service providers. However, Broadcom’s restructuring efforts – including the termination of partner agreements and the introduction of an invitation-only partner programme – have disrupted these relationships, causing waves of uncertainty within the IT industry.

Furthermore, Broadcom’s focus on maximising revenue from enterprise customers risks alienating loyal small and medium-sized businesses (SMBs) and managed service providers (MSPs). The transition to subscription-based licensing models and the discontinuation of key VMware products may impact SMBs and MSPs disproportionately, limiting their access to VMware’s technologies and services and prompting them to look elsewhere for similar IT solutions.

Charting a course for the future with BUI

As Broadcom continues to reshape VMware with streamlining initiatives and new product plans, customers will face more turbulent waters. Those who navigate the stormy conditions with care will emerge stronger. And fortunately, they don’t have to brave such challenges alone: BUI remains steadfast in its commitment to help people thrive in the evolving world of virtualisation and cloud computing.

From crafting tailored migration strategies to implementing robust cybersecurity measures and optimising network performance, BUI offers comprehensive solutions to enable performance and productivity in the digital era. Our expert technologists can provide the guidance and support that customers require as they adapt to Broadcom’s VMware changes.

If you’re wondering what’s next for your VMware technology stack, trying to make sense of the revamped licensing environment, or thinking about alternative virtualisation solutions, then contact BUI today. We can evaluate your IT setup, take stock of what you have and what you need, and identify the best resources for your particular goals. With a trusted technology partner like BUI on your side, you can confidently chart a course for the future and get back to business as usual.

BUI National Sales Manager Paul Wallett has 20+ years of experience in the technology industry and an extensive background in business development, sales management, and operations management.

DFIR as a Service: Effective incident response when you need it

If cybercriminals breached your systems today, would you be ready to act? Zandre Janse van Vuuren explains why DFIR as a Service is such a compelling solution for businesses that don’t have their own Digital Forensics and Incident Response teams.

By Zandre Janse van Vuuren | Service Delivery Manager: Cyber DFIR, BUI

Cybercrime has become more sophisticated, more frequent, and more damaging than ever, with companies falling victim to data breaches, ransomware scams, and other types of cyberattacks that often result in substantial financial losses and reputational damage. In the aftermath, they’re turning to Digital Forensics and Incident Response specialists to find answers – and to help them strengthen their security posture and avoid a repeat incident.

What is Digital Forensics and Incident Response?

Digital Forensics and Incident Response (DFIR) is a niche field within cybersecurity that concentrates on identifying, preserving, analysing, and recovering digital information to investigate and respond to security incidents and cybercrimes.

DFIR specialists play a critical role in mitigating cyber threats and maintaining the integrity of connected digital systems. Their key focus areas typically include Incident Response, Digital Forensics, Analysis, Recovery, and Reporting.

Incident Response

DFIR specialists are responsible for quickly identifying and responding to security incidents like network intrusions, data breaches, malware infections, and cyberattacks. Their primary goal is to minimise the damage caused by the incident and prevent further unauthorised access by the perpetrator.

Digital Forensics

DFIR teams use sophisticated tools and investigative techniques to gather and analyse digital evidence from various sources, including servers, computers, portable drives, smart devices, mobile phones, and network logs. They must follow strict collection procedures and maintain a chain of custody to preserve the integrity of digital evidence so that it is admissible in any legal proceedings related to the incident.

Analysis

DFIR teams thoroughly examine all digital evidence to uncover the scope of the incident and identify the perpetrator’s methods and motives. They also evaluate the extent of the damage caused to the victim’s connected environment by analysing logs, file systems, memory data, and network traffic, among other things.

Recovery

DFIR specialists have advanced technology and security skills and can work to recover data, systems, or services lost or compromised due to the incident. This process may involve restoring backups, removing malware, and implementing new, more comprehensive security measures to reduce the victim’s attack surface in the future.

Reporting

DFIR specialists are responsible for documenting their findings and preparing detailed technical and forensic reports suitable for legal purposes, regulatory compliance, or internal investigations. They can also appear in court as expert witnesses.

DFIR as a Service

Last year, the average cost of a data breach was $4.45-million. Researchers estimate that cyberattacks will cost the global economy $10.5-trillion by the end of 2024. And by 2025, lack of skill or human failure will be responsible for more than half of significant security incidents.

It’s clear that cybercriminals are taking advantage of a perfect storm: our hyperconnected digital world, the global shortage of security professionals, readily available hacking tools, and the relative ease of operating anonymously on the web. In this volatile climate, you have to go beyond protecting and defending your IT environment and plan for when disaster strikes.

If you do not have an in-house team of DFIR experts to identify and contain threats, mitigate the impact of security incidents, and conduct in-depth investigations, then you should consider opting for a DFIR-as-a-Service solution. This will enable you to leverage the expertise of a trusted security partner and enjoy the five main benefits of DFIR-as-a-Service.

1. Access to experienced security pros

DFIR-as-a-Service partners usually have a team (or teams) of security professionals specialising in incident response and digital forensic investigation. These experts have cutting-edge skills and a wealth of experience gained from working on DFIR cases involving business and enterprise organisations in diverse industries. As a customer, you can tap into a much broader knowledge base than your company’s own and take advantage of the insights and lessons learned by these pros.

2. Rapid response when it matters most

Every second counts when you’re dealing with a security incident. DFIR-as-a-Service partners are prepared to respond quickly when called upon. They have established procedures and playbooks to deal with the incident, and defined service-level agreements governing their engagements with you. As a result, you can expect swift incident analysis and containment, proper incident management, and dedicated support from DFIR experts – all crucial elements for minimising the impact of the incident.

3. Specialised tools and technologies

DFIR-as-a-Service partners invest in cutting-edge tools to give their teams advanced incident response and digital forensic analysis capabilities. They also harness their relationships with technology peers, think tanks, and research institutions to gain deeper insights into the evolving threat landscape. As a customer, you can benefit from specialised technologies and sophisticated industry research without ever having to source these independently.

4. Reduced legal and regulatory risks

DFIR-as-a-Service partners are external parties who provide objective assistance and an outsider’s perspective on your security posture and any incidents. As DFIR experts, they are equipped to ensure that all digital forensic investigations are conducted thoroughly and impartially in compliance with legal and regulatory requirements. You can rest assured every incident will be handled responsibly, professionally, and with complete transparency.

5. Cost efficiency

Creating and managing an in-house DFIR team is a costly and time-consuming process. It involves finding and training DFIR professionals and procuring state-of-the-art hardware and software – all of which can strain your budget. On the other hand, when you hire a DFIR-as-a-Service partner, you instantly broaden your organisation’s DFIR capabilities without having to bear the overhead costs associated with maintaining a full-time internal team.

As cybercrime continues to evolve at an unprecedented pace, the importance of Digital Forensics and Incident Response cannot be overstated. If you’re serious about holistic protection for your organisation, then a robust DFIR strategy is not just advisable – it’s imperative.

A DFIR-as-a-Service solution customised for your company is a proactive investment in security that will give you the peace of mind that comes with knowing you have a team of specialists on standby to help you safeguard your assets, protect your reputation, and preserve business continuity in challenging times.

BUI Cyber DFIR Service Delivery Manager Zandre Janse van Vuuren is a certified computer, digital and mobile forensics specialist and incident handler with a background in security operations.

Call in our security and digital forensics experts when it matters most. From lone attackers to ransomware groups, cyberspace is filled with adversaries. Solid preparation is essential. Our Cyber DFIR team can provide all the support you need in times of crisis. Learn more about our Digital Forensics and Incident Response retainer service, available now.

BUI earns ISO 22301 certification

Our commitment to ensuring business continuity – even in the face of disruption – has been recognised by the British Standards Institution.

We’re proud to announce that we have earned ISO 22301 certification after a rigorous independent evaluation by the British Standards Institution last month. The ISO 22301 badge is recognised internationally and sets the standard for Business Continuity Management Systems.

“This certification highlights the strength of our company’s business continuity strategy,” says Gayle Roseveare, our Chief Operating Officer (COO) here at BUI. “It proves to our staff, partners and customers that we’re prepared for any eventuality – and that we’re able to serve and support the people who rely on us, no matter what. Our ISO 22301 badge represents our commitment to effective risk management, organisational resilience, and reliability – even in the face of disruption,” notes Roseveare.

What is ISO 22301?

Developed by the International Organisation for Standardisation, ISO 22301 lays out a framework to help companies like ours create, implement, and maintain a comprehensive business continuity management system (BCMS). The main aim is to ensure that companies are protected against unforeseen business challenges and equipped to respond and recover when such events do occur.

“BUI is a global company with offices in East Africa, South Africa, the United Kingdom and the United States,” says Roseveare. “On any given day, our teams are provisioning cloud infrastructure, monitoring and securing digital environments, and delivering a wide range of IT services to customers. We operate around the world and around the clock – and we have to be able to do so continuously. Whether there are power outages in South Africa or internet connectivity issues in Europe, we need to ensure we can deliver uninterrupted services to our customers. Our ISO 22301 certificate validates our planning for disruptive incidents and disasters.”

Why is ISO 22301 certification important?

“In an unpredictable business climate, it pays to be prepared,” explains Dhiren Boodhia, our Group Governance and Compliance Manager. “And that goes double for service providers like us. To earn our ISO 22301 certificate, we had to demonstrate that we have a thorough BCMS in place; that the staff in our various offices understand the BCMS and the processes required to sustain it; and that we are focused on maintaining business continuity and sustainability regardless of market uncertainties and challenges. I think the ISO 22301 badge is an important differentiator – especially when customers are looking for a steadfast technology ally that is as dedicated to legal and regulatory compliance as it is to protecting the business resources of the organisations it works with,” he says.

For customers who choose to partner with BUI, there are five key benefits, adds Boodhia.

  1. Consistency. ISO 22301 emphasises the importance of consistency when it comes to best practices and business processes. “We’ve been assessed on our capabilities around risk assessment and impact analysis as well as our strategies for mitigating disruptions. Our teams excelled in every area – and that means our customers can expect the highest standards of service and care from everyone at BUI,” says Boodhia.
  2. Data protection. With the cyber threat landscape evolving so quickly, data privacy and data security are critical considerations for customers. “ISO 22301 includes extensive conditions for data protection and data recovery,” notes Boodhia. “Our ISO 22301 badge, together with the ISO 27001 certification we achieved for our commitment to information security management, should give our customers even greater confidence: we handle all data respectfully and safely.”
  3. Faster recovery. “ISO 22301 requires us to have a holistic strategy in place to deal with disruptions and disasters. It also mandates a detailed recovery plan to ensure that downtime is minimised – for our company and for the business organisations we serve,” says Boodhia. “BUI customers can be assured that, in the event of an issue, our teams will follow a step-by-step framework to resolve the problem as quickly as possible.”
  4. Greater compliance. By achieving ISO 22301 certification, BUI has met the global benchmark for business continuity management, adds Boodhia. “Many of our customers operate in highly regulated industries, like financial services and healthcare, and they must adhere to their own standards in terms of the services they provide to their clients. BUI is committed to maintaining essential functions during adverse circumstances – and that’s a big plus for customers who have strict compliance obligations.”
  5. Peace of mind. ISO 22301 calls for certified organisations to update and improve their business continuity processes to ensure that their strategies remain current, relevant, and effective. “We’re obligated to adapt and enhance our BCMS plan as our company grows,” explains Boodhia. “It’s good news for our customers because it means we’re always prepared. Whatever happens, the BUI services and solutions that so many businesses utilise every day will be available.”

Our commitment to your success

ISO 22301 may be our newest certification, but it’s also a testament to our unwavering focus on our customers, notes our COO. “To be a dependable, reliable technology partner, you need to anticipate the challenges you’re going to face and then take the necessary steps to ensure that you can address those challenges as soon as they arise. We’re being proactive today so that we’re ready for tomorrow – and always on hand to help our customers be productive, secure, and resilient,” Roseveare concludes.

Do you have a disaster recovery plan in place?

Our experts can help you craft a comprehensive backup strategy aligned with your business structure, your IT resources, your budget, and your goals.

Contact our team to arrange a discussion today.

BUI achieves Fortinet’s Cloud Security Specialization

We’re pleased to announce that we have achieved Fortinet’s Cloud Security Specialization as part of the Fortinet Engage Partner Programme. We’re the first Fortinet partner in South Africa to earn this level of recognition and one of the few partners in the EMEA (Europe, Middle East, and Africa) region currently holding this particular specialization.

Fortinet’s Cloud Security Specialization is awarded only to those partners who have demonstrated the advanced knowledge and skills required to deploy and manage Fortinet’s range of cloud security solutions effectively.

“We’re thrilled with this achievement, and we’re so proud of our people,” says Donovan Vernes, BUI Service Delivery Manager (Network Operations). “Fortinet has very strict qualifying criteria, from technical expertise and experience to sales alignment, and we met every single benchmark.”

Cloud security specialists

The BUI Network and Security teams are already highly certified, with credentials that span the full breadth of the Fortinet certification path, but Vernes emphasises the significance of our new Cloud Security Specialization. “It’s a validation of our cloud capabilities and an acknowledgement of our commitment to deliver the best possible cybersecurity solutions to our customers.”

Cloud adoption continues to accelerate as customers modernise and transform their operations, notes Vernes. “We’re seeing more and more business organisations with public, private, hybrid and multi-cloud environments in play. These complex systems can be challenging to secure – and even more so when there are diverse technologies involved… That’s why customers need experts they can count on to provide consistent, quality service and support. By earning the Fortinet Cloud Security Specialization, I believe BUI has distinguished itself as a trusted security advisor and guide,” he says.

The cost of cybercrime

The cost of cybercrime is predicted to hit $8 trillion this year – and no company is immune to the threat posed by cybercriminals. “Organisations of all sizes, across sectors and industries, are potential targets,” warns Vernes, citing statistics from Fortinet’s recent research.

“According to The 2023 Global Ransomware Report, half of enterprises fell victim to a ransomware attack in the last 12 months, and 46% were targeted by ransomware two or more times,” he says, adding that phishing, access via vulnerable ports, and remote desktop exploits were the most common tactics observed.

“Now, more than ever, enterprises should strive for unified security,” advises Vernes. “By integrating your security tools, technologies and systems, you can gather relevant, actionable data from your business sources and gain deeper insights regarding potential threats. This will allow you to close security gaps, enable faster detection and response, and minimise your attack surface.”

Fortify your defences

As a Fortinet partner, BUI offers professional consultations, reactive support, and managed services tailored for each customer’s security journey. “Our comprehensive security expertise, our advanced security solutions, and our ability to help customers improve their overall security posture sets us apart,” says Vernes.

Comprehensive security expertise

Cybersecurity is a critical profession in this digital age, but there aren’t enough professionals to meet the global demand. “The skills shortage is a major concern for customers, who want top talent to protect their business resources,” says Vernes.

“As a Fortinet Select Partner, BUI is required to have top talent… Experienced technologists who have undergone specialised training to address the unique security challenges of hyperconnected workplaces. Customers who choose BUI are choosing a team with deep cloud and security expertise and a track record of success.”

Advanced security solutions

As a Cloud Security Specialization partner, BUI has access to Fortinet’s advanced security solutions, including FortiGate Cloud (for the management and maintenance of Fortinet’s FortiGate Next-Generation Firewalls), FortiCASB (Fortinet’s Cloud Access Security Broker for monitoring security risks), and FortiCWP (Fortinet’s Cloud Workload Protection solution). 

“There’s a wide range of Fortinet tools available to give customers greater visibility across their cloud infrastructure and greater control over their connected systems,” explains Vernes. “Customers who choose BUI can benefit from single-pane-of-glass cloud management, streamlined network and security operations, and holistic protection with cutting-edge technology.”

Improved security posture

To maintain business continuity in a world of evolving cyber threats, organisations must ensure the security of their cloud environments. “A clear understanding of the enterprise security posture is vital,” says Vernes.

“Customers need to know how effective their defences really are so that they can adjust their IT strategies accordingly. We can help them find the right Fortinet products to support their security goals, and ensure that the requisite network, application and platform solutions are correctly integrated and fully optimised,” he concludes.

Let’s secure your business organisation today.

Looking for a technology partner to enable comprehensive protection for your organisation’s users, devices, applications, and network edges?

Book a consultation with us to explore Fortinet’s cutting-edge security solutions for public, private, hybrid and multi-cloud environments.

Industry certifications to help boost your cybersecurity career

Keen to improve your job prospects in the field of cybersecurity? BUI Cloud Security Architect Neil du Plessis highlights the credentials that could give you a competitive advantage.

There’s a high demand for cybersecurity specialists equipped to help organisations defend themselves against cyberattacks. Industry certifications that validate your cybersecurity experience can be a great way to publicise your abilities, increase your earning potential, and boost your career prospects in this field.

Microsoft, the International Information System Security Certification Consortium, Offensive Security, and eLearnSecurity provide some of the most comprehensive cybersecurity certification courses on the market, according to BUI Cloud Security Architect Neil du Plessis.

Microsoft’s cybersecurity training path

Microsoft offers a variety of cybersecurity training options to help you achieve technical certifications that showcase your industry-relevant skills. Du Plessis advises starting with the SC-900 certification to get to grips with the fundamentals of Microsoft’s security, compliance, and identity solutions.

“You’ll gain valuable insights into the relationship between these solutions and how they can be leveraged to ensure end-to-end cybersecurity. After that, you can move on to technology-specific and role-based certifications in security operations, identity and access management, and information protection, in line with what you want to achieve professionally.”

Du Plessis recommends the following order:

“Microsoft has outlined its own recommended path for individuals looking to specialise in security, compliance, and identity, but I think you can adapt this learning journey to suit your personal outcomes,” says Du Plessis.

Quick Tip | The Microsoft Security, Compliance, and Identity Training and Certifications Guide contains more information about the SC-900, AZ-500, MS-500, SC-400, SC-300, SC-200, and SC-100 certifications, and Microsoft Learn has an extensive collection of free training materials to aid your studies and exam preparation.

Cybersecurity certifications from (ISC)²

The International Information System Security Certification Consortium – or (ISC)² – offers technology professionals a range of information security certifications. (ISC)² certifications are recognised globally and deal with everything from security administration to operations and management. These are the four that Du Plessis suggests:

Certified in Cybersecurity (CC) is an entry-level certification aimed at graduates, beginners, and novice practitioners in the field. “It’s designed to give you the foundational knowledge required to start a career in cybersecurity,” says Du Plessis. “If you’re new to the industry or perhaps changing your job focus, this could be the first rung on the ladder as you develop your skills.”

Systems Security Certified Practitioner (SSCP) is a credential that proves your ability to implement, monitor, and manage IT systems and infrastructure securely. “It’s a way to demonstrate your holistic understanding of the best practices, accepted policies, and international standards regarding security operations,” says Du Plessis. The SSCP certificate is a popular choice among experienced systems administrators, systems analysts, and systems engineers.

Certified Cloud Security Professional (CCSP) is best suited for information security leaders with experience in cloud security architecture, design, operations and orchestration. “With the CCSP certification behind your name, prospective employers will know that you have advanced capabilities when it comes to protecting critical cloud assets,” says Du Plessis.

Certified Information Systems Security Professional (CISSP) is widely regarded as the globe’s premier cybersecurity certification. “But it doesn’t come easy,” notes Du Plessis. “CISSP certification requires a substantial investment of both time and money. There’s a staggering volume of course information to get through, but the reward is well worth it. Plus, the credential itself can open new doors for you.”

In the United Kingdom, the CISSP certification is comparable to Level 7 of the Regulated Qualifications Framework. And in South Africa, many universities will accept CISSP as recognition of prior learning if you pursue a postgraduate study programme (to achieve an Honours degree, for example).

(ISC)² offers several other certifications, but Du Plessis cautions that they’re geared toward professionals in particular disciplines or industries. “If your focus area is governance and compliance, or risk management, then Certified Authorisation Professional (CAP) may be a good path to explore. But if your responsibilities include protecting sensitive patient data and medical records, then becoming a Healthcare Information Security and Privacy Practitioner (HCISPP) might make more sense.”

Quick Tip | The (ISC)² Cybersecurity Qualification Pathfinder tool can help you decide which certifications match your current and future career goals.

Niche credentials for specialised jobs in cybersecurity

Penetration testing and digital forensic investigation are highly specialised fields that require cybersecurity pros to expand their practical, technical, and analytical capabilities. “For those with the necessary credentials in these niches, there’s certainly no shortage of work,” remarks Du Plessis. “At BUI, our penetration testers are booked months in advance. And worldwide, there’s a growing demand for forensic experts who can help organisations uncover evidence of cybercrime.”

The OSCP (Offensive Security Certified Professional) course presented by Offensive Security is considered far more technical than other ethical-hacking qualifications on the market. “It’s also one of the few cybersecurity certifications that requires students to prove their practical skills in a test environment,” adds Du Plessis. “The combination of hands-on training and real-world simulation is hugely beneficial.”

The certifications offered by eLearnSecurity are also worth looking into – especially if you want to narrow your focus by specialising in penetration testing for web or mobile applications, says Du Plessis. The eLearnSecurity Certified Professional Penetration Tester (eCPPT) credential is recognised on all seven continents, and the Web Application Penetration Tester eXtreme (eWPTX) and Mobile Application Penetration Tester (eMAPT) certifications are respected in IT circles.

The eLearnSecurity Certified Digital Forensics Professional (eCDFP) accreditation is designed for senior technologists with existing cybersecurity knowledge. It focuses on the processes and methodologies used in modern digital forensics investigations.

These cybersecurity certifications are just a starting point. It’s always a good idea to do additional research to see what fits best for you. “Keep an eye on cybersecurity news sites, group forums, and social media, too,” advises Du Plessis. “The security industry is evolving rapidly. If you’re in the loop, then you’ll be able to update your skills accordingly with the right certifications.”

Join our global team of extraordinary technologists.

Bring your talents, skills, and unique perspectives to a collaborative community of technology professionals.

We’re always excited to grow the BUI community! Take a look at our current vacancies, listed on our career portal.

Practical pointers to help you improve workplace data security

Businesses that take a proactive approach to cybersecurity are better equipped to safeguard sensitive data and spot suspicious activity.

Keeping sensitive data safe and secure is a challenge for businesses of all sizes. Major shifts in the workplace – from in-person to remote and hybrid productivity – forced companies to change, or at least re-assess, their cybersecurity practices and protocols. And far too often, they were not adequately prepared for the evolving cyberthreat landscape.

In fact, according to CyberEdge’s ninth annual Cyberthreat Defence Report, more than 80% of organisations suffered from a successful cyberattack in 2021. With data privacy and data security top of mind, businesses are looking to strengthen their defences against cybercriminals. Here are four simple steps you can take to better protect your workplace data.

1 | Identify the ‘crown jewels’ of your business

Knowing what kind of data cybercriminals want is an essential part of your defence strategy. Therefore, creating an inventory of your so-called crown jewels (the most valuable data and data-related assets within your organisation, including hardware and software information) is important.

In addition, you should have a current (and actively maintained) list of every end-user who has access to your critical business data. Keep accurate records, with device and location details, so that you can carry out the necessary forensic investigations in the event of a data breach.

 2 | Make sure you’re updating and authenticating – always

Keep your operating systems, software packages and web browsers up to date and ensure that all devices have automatic updates enabled. When your connected environment is well maintained, with patches and updates carried out timeously, then your overall security posture is that much stronger.

In addition, make sure that your staff use multifactor authentication (MFA) when they log in. Simple username-and-password combinations are not enough to keep cybercriminals at bay, and MFA could mean the difference between a successful or an unsuccessful hack.

3 | Actively monitor your connected environment for suspicious activity

You should monitor your IT environment continuously to detect misconfigurations, vulnerabilities, breach attempts, and cyberattacks in real time. If you have dedicated cybersecurity personnel, they can implement endpoint security technology to help monitor your network. If not, you can bring in SecOps experts to actively identify, investigate, and mitigate cyberthreats 24/7/365.

Moreover, make sure that everyone in your organisation understands the importance of good cyber hygiene and is following the security policies you have in place. When your people know how to spot phishing attempts, for example, then they can respond appropriately.

4 | Prepare your response plan in advance

No matter how many safeguards you have in place, the unfortunate reality is that cyber incidents still occur. However, responding in a comprehensive manner will reduce the impact on your business and send a positive signal to your customers and employees. Therefore, you should have an incident response plan prepared in advance.

This document should be stored safely and your dedicated response team should be able to access it quickly when the need arises. Make sure your incident response plan includes clearly defined technical, operational, legal, and communication-related steps for your team to follow.


BUI is proud to be a Champion organisation for the 2022 edition of Cybersecurity Awareness Month. This article was originally provided by the National Cybersecurity Alliance and is republished here with permission.

Improve your cybersecurity posture with an expert partner.

Cybercriminals are targeting enterprises big and small to try to gain access to sensitive, confidential, or proprietary data and resources.

How are you protecting your IT environment? Stay ahead of threat actors by choosing a managed detection and response service from BUI.

Three ways to improve your household cybersecurity

Your home network is your gateway to the internet. Are you taking appropriate measures to protect your connected household from cyberattackers?

The COVID-19 pandemic forced people to embrace working from home – a concept they had little or no experience with at the time. Many employees have since returned to the office, but remote work remains a popular choice. According to the 2022 State of Remote Work report by Buffer, 97% of remote workers would like to work remotely, at least some of the time, for the rest of their careers. As remote and hybrid work models continue to evolve, it’s vital for households to be vigilant about cybersecurity.

Most households are linked to the internet in some way. They can be hard-wired to the net or they can leverage wireless technology to connect computers, gaming systems, TVs, tablets, mobile phones and smart home devices to the worldwide web. Having the right cyber protection in place is essential to ensure that everyone in the home can use the internet safely and securely for personal and professional activities. Here are three simple ways to improve your household cybersecurity.

1 | Secure your wireless router

Using a wireless router is a convenient way to allow multiple devices to connect to the internet from different areas of your home. However, unless your router is secure, you risk the possibility of outsiders accessing information on your devices or using your network for nefarious purposes.

It’s important to secure your router from Day 1. Manufacturers assign preset passwords to routers – and these defaults are often weak or easy to guess. If you leave the factory-set password in place, then you effectively leave the door open for cybercriminals to breach your home network. Make sure you change the default router password when you set up the machine itself.

2 | Install security software on household devices

All devices connected to your home network should have security software installed – and updated regularly. Many modern devices have automatic update features, and you should enable them to ensure that your gadgets function optimally and securely at all times.

With the most up to date security software, operating systems and web browsers, your household devices will be better protected against viruses, malware and other cyberthreats.

3 | Back up household data

While steps can be taken to reduce the chance of your household network, devices and user accounts being hacked or compromised, they can never be 100% effective. Households should embrace the practice of backing up data.

You can protect your valuable work, photos and other digital information by making electronic copies of important files and storing them safely. This can be done using cloud software in addition to manual storage devices like portable hard drives and USBs.

By taking simple, proactive steps like these in your own home, you can defend your household members against online fraudsters and scammers.

BUI is proud to be a Champion organisation for the 2022 edition of Cybersecurity Awareness Month. This article was originally provided by the National Cybersecurity Alliance and is republished here with permission.

Improve your cybersecurity posture with an expert partner.

Cybercriminals are targeting enterprises big and small to try to gain access to sensitive, confidential, or proprietary data and resources.

How are you protecting your IT environment? Stay ahead of threat actors by choosing a managed detection and response service from BUI.

Four basic online safety tips to remember

If you look out for phishing scams, protect your passwords, and update your devices regularly, then you can improve your online safety.

Cybersecurity has become one of the biggest topics inside and outside of technology circles over the past two years. From securing personal devices for digital learning and remote work during the COVID-19 pandemic to safeguarding corporate data against cyberattacks, there’s been a seemingly endless news cycle dedicated to concerns around online safety.

It’s easy to feel overwhelmed or even powerless in the face of rapidly increasingly cybercrime, especially when there are fresh headlines about data breaches and phishing scams almost every day. But end-users – the people using technology to communicate, collaborate and connect – have an important role to play as the first line of defence when it comes to thwarting scammers, fraudsters and threat actors.

Unfortunately, many individuals are not aware of the most basic cybersecurity practices for everyday life. During Cybersecurity Awareness Month this October, Champion organisations like BUI are trying to change that – by sharing practical, actionable tips to help everyone #BeCyberSafe. Here are four basic online safety tips that you can implement right now.

1 | Watch out for phishing scams

Phishing (when a cybercriminal poses as a legitimate party in the hope of getting individuals to engage with malicious content or links) remains one of the most popular tactics among cybercriminals. In fact, about 90% of data breaches occur due to phishing, according to Cisco’s 2021 Cybersecurity Threat Trends report.

While phishing has grown more sophisticated, suspicious email characteristics (like poor spelling and grammar, typos, low-quality graphics and fake logos in a message) can be a tell-tale sign that the content is risky. Read our explainer blogs – Phishing: Can you spot these common types? and Three ways to shore up your defences against phishing – to learn more.

And remember… If you think you have spotted a phishing attempt, be sure to report the incident to your internal IT teams and service providers so that they can remediate the situation and prevent others from possibly becoming victims.

2 | Protect your passwords

Having a unique, long and complex password for each of your accounts is one of the simplest ways to boost your online safety. And yet, only 43% of the public say that they “always” or “very often” use strong passwords, according to the National Cybersecurity Alliance’s 2022 Cybersecurity Attitudes and Behaviours Report.

Password cracking is one of the go-to tactics that cybercriminals turn to in order to access sensitive information. And if you are a “password repeater”, once a cybercriminal has hacked one of your accounts, they can easily do the same across all of your accounts. Read our blog – The importance of digital identity management – to find out why it’s vital to make your login credentials rock solid.

3 | Enable multifactor authentication

Multifactor authentication or MFA – which prompts a user to input a second set of verifying information or to sign-in via an authenticator app – is a very effective measure that anyone can employ to reduce the chances of a cybersecurity breach.

According to Microsoft, MFA can block over 99.9% of account compromise attacks. Therefore, it is a must for any individual who is looking to secure their devices and accounts. Remember, multifactor authentication – from one-time PINs to biometric scans – will put an extra barrier between your sensitive data and the cybercriminals who want to access it.

Read our blog – Three simple ways to improve your data privacy – to explore other ways of protecting your personal information.

4 | Turn on automatic updates

Making sure that your devices are up to date should be an essential part of your cybersecurity routine. Don’t ignore software updates and patches! Cybersecurity is an ongoing effort, and updates are important for device maintenance and security.

Instead of trying to remember to check for updates, enable automatic updates whenever you can. This way, you’ll reduce your chances of having older, possibly vulnerable or risky versions of software that could be exploited by cybercriminals.

BUI is proud to be a Champion organisation for the 2022 edition of Cybersecurity Awareness Month. This article was originally provided by the National Cybersecurity Alliance and is republished here with permission.

Improve your cybersecurity posture with an expert partner.

Cybercriminals are targeting enterprises big and small to try to gain access to sensitive, confidential, or proprietary data and resources.

How are you protecting your IT environment? Stay ahead of threat actors by choosing a managed detection and response service from BUI.

Three awards for BUI as Microsoft SA honours top partners

We scooped three prestigious accolades at the 2022 Microsoft South Africa Partner Awards.

We’re excited to announce that we won the Azure Infrastructure Partner of the Year Award, the Modern Work Partner of the Year Award, and the Security Partner of the Year Award at the FY22 Microsoft South Africa Partner Awards on 28 September 2022.

The gala dinner and prizegiving ceremony took place at the Marriott Hotel Melrose Arch in Sandton, where members of the local Microsoft Partner ecosystem gathered together, in person, for the first time since 2019. Microsoft SA’s awards evenings in 2020 and 2021 were held virtually as lockdown protocols remained in place at the height of the coronavirus pandemic.

Celebrating innovation

The Microsoft SA Partner Awards are presented annually to acknowledge the partner organisations that have excelled in delivering Microsoft solutions over the past 12 months. Award submissions are reviewed by a panel of judges and entries are evaluated in terms of partner competencies, cloud transformation, entrepreneurial spirit, and sales performance, among other factors.

This year, Microsoft SA CEO Lillian Barnard praised partners for pushing beyond all limits to modernise, transform, and enable success for enterprises in South Africa and around the world. In her opening speech on the night, Barnard remarked: “Let me start first by just expressing my gratitude on behalf of the Microsoft company for all that you’ve done in our markets, and in our business. The work that you continue to do in our country is just simply inspiring. You are driving digital transformation and innovation, and you are doing this with a deep sense of commitment.”

Driving transformation

BUI was named Azure Infrastructure Partner of the Year for its proven success in helping customers modernise their infrastructure and migrate their applications and data to the cloud. “We’re always thrilled to receive this award,” says Managing Director Ryan Roseveare, highlighting the ninth time that BUI has won this award.

“This accolade is a tremendous achievement in recognition of our team’s focus and positive outcomes. It’s also a validation of our consistency, our high standard of work, and our dedication to our customers. We’re actively driving digital transformation by helping businesses to become more agile and more resilient with Azure’s extensive range of solutions,” adds Roseveare.

Enabling productivity

As the Modern Work Partner of the Year, BUI was acknowledged for enabling performance and productivity with Microsoft’s comprehensive set of cloud-powered tools for the modern workplace. “From Office 365 to Microsoft Teams and Microsoft Viva, we’re empowering customers with the technology they need to communicate and collaborate effectively in remote and hybrid scenarios,” says National Sales Manager Paul Wallett.

“We’re also supporting our customers as they adapt to new ways of working, and making sure that they’re able to leverage the full power of the cloud and the Microsoft resources at their disposal to take their enterprises to the next level,” he continues. “The whole BUI team is invested in creating real value for customers – by delivering cutting-edge business solutions and world-class service.”

Accelerating security

Roseveare is thrilled to take home the Security Partner of the Year award yet again – especially after the recent expansion of BUI’s security portfolio. “In an environment where the right skills are harder to find than ever before, we’re putting more energy and focus into our security solutions and services – because customers are looking for trusted partners to help them protect their digital environments. From our own Cyber SoC and MDR facilities, and as part of Microsoft Security Experts, we’re helping businesses to manage and strengthen their cyber defences,” he says.

“We’ve earned our reputation as a leader in the security space by combining talent and technology,” notes Wallett. “Our security operations division includes some of the most highly skilled and highly certified professionals in the country, and we’re constantly innovating with the Microsoft stack to offer our customers bespoke solutions to accelerate their security.”

With three new Microsoft Partner of the Year awards to celebrate, Wallett and Roseveare are quick to praise the BUI team. “I’m so proud of everyone,” says Wallett. “It’s rewarding to receive these accolades and to be acknowledged in our industry, but none of it would be possible without the dedication shown by our people every day.” Roseveare agrees. “It’s wonderful to see the team’s efforts honoured by Microsoft. We look forward to another year of collective success as we continue to support customers through every stage of the cloud journey,” he concludes.

Improve your cybersecurity posture with an expert partner.

Cybercriminals are targeting enterprises big and small to try to gain access to sensitive, confidential, or proprietary data and resources.

How are you protecting your IT environment? Stay ahead of threat actors by choosing a managed detection and response service from BUI.

Start planning your StorSimple data migration today

Microsoft support for the StorSimple 8000 series will end in December 2022. Have you started planning your data migration yet?

On 31 December 2022, Microsoft will end support for all StorSimple 8000 series devices and StorSimple Data Manager and Snapshot Manager software. This end of support (EOS) date will coincide with the discontinuation – or end of life (EOL) – of the StorSimple service.

If you’re using StorSimple as your hybrid cloud storage solution, then it’s important to understand how EOS for the 8000 series and EOL retirement of the service itself will impact your enterprise. Here’s what you need to know…

EOS for the StorSimple 8000 series is effective on 31 December 2022. On that day, Microsoft will end support for:

  • StorSimple 8000 series (8100, 8600, 8010, 8020) devices
  • StorSimple Data Manager
  • StorSimple Snapshot Manager

EOL for the StorSimple service is also effective on 31 December 2022, which means the following will no longer be available:

  • All cloud management capability
  • Access to live data and backups
  • Access to customer support resources (phone, email, web)
  • Hardware replacement parts and repair services for StorSimple 8000 series devices
  • Software updates for StorSimple 8000 series devices

StorSimple users are being encouraged to finalise a migration strategy as soon as possible to avoid losing critical stored data when the StorSimple service is discontinued at the end of the year. Today, we’re answering the most common questions about StorSimple migrations to help you take your next steps…

Q. Why is Microsoft ending support for the StorSimple 8000 series?

A. The StorSimple 8000 series follows Microsoft’s Fixed Lifecycle Policy. Mainstream Support ended on 1 July 2020 and Extended Support will end on 31 December 2022.

Several other StorSimple products – including the StorSimple 5000 series, 7000 series and 1200 series – also follow Microsoft’s Fixed Lifecycle Policy, and adhere to their own EOS timelines:

Since its launch in November 2014, the StorSimple 8000 series has been embraced by enterprises looking for the best of both worlds: the scalability of cloud storage for limitless capacity, and on-premises physical or virtual storage arrays for performance and flexibility. Now, as Microsoft continues to expand its portfolio of Azure hybrid storage capabilities with new services for data tiering and cloud ingestion, there are more options for customers to store data natively in Azure.

Q. I have data stored locally on my StorSimple device. What will happen to that data, beyond the StorSimple EOL date in December 2022?

A. You will lose all data stored locally on your StorSimple device, which has a limited, local cache capacity. Microsoft has advised customers: “Once the StorSimple cloud service is shut down, you will not be able to access tiered files that your local device only holds a cloud reference for… Eventually, the device will stop working when it is no longer able to reach the cloud service.” To preserve your data, you need to migrate it into a new solution before the StorSimple EOL date in December 2022.

Q. I have a StorSimple 8000 series device on-premises. What will happen to it, beyond the StorSimple EOL date in December 2022?

A. Depending on your contractual obligations, you may be able to keep the device hardware. Microsoft has indicated that it will not ask for leased devices to be returned. Bear in mind that your device will stop working; the StorSimple service will stop working; and hardware and software support will no longer be available from Microsoft.

Q. What are my StorSimple migration options?

A. As a StorSimple customer, you have a range of choices for migrating your data – but the right choice will depend on your particular business environment. You’ll have to evaluate your existing StorSimple deployments and workloads, and then match them with an alternative solution that can support your current file-storage demands and scale to meet your future requirements. Need help? Talk to our experts, who can recommend the right solution for your enterprise and customise a migration strategy to streamline your StorSimple move.

Q. How long will it take to complete my StorSimple migration?

A. Every StorSimple migration project is different and time-to-completion will depend on the structure of the existing StorSimple deployment, the data volumes in play, and any bandwidth limitations, among other factors. The depth and breadth of the planning and preparation done beforehand will also affect the speed and progression of the migration, so make sure that you engage with your cloud solution provider in advance.

The timelines announced by Microsoft (EOS for the StorSimple 8000 series and EOL for the StorSimple service) are concrete – and there are only a few months left until yearend. If you haven’t started planning your StorSimple data migration yet, then you should prioritise the task immediately so that your stored files remain accessible beyond 31 December 2022.