Month: May 2021

VPLS data center migration

ASUS Cloud, a division of ASUS, selects VPLS for a seamless data center migration

Blog Post, News / By
Return to the VPLS Blog

VPLS to migrate ASUS Cloud’s cloud infrastructure into a world-class Los Angeles facility

Published

Written by

Filed under

In effort to increase connectivity, security and data accessibility, ASUS Cloud has selected VPLS to migrate its existing Los Angeles-based data center to VPLS’s downtown Los Angeles facility located at 600 W 7th Street.

As a trusted cloud-to-edge computing and solutions provider, VPLS has an extended global network of data centers and points of presence. The company’s downtown Los Angeles facility, known as LA2, is a world-class facility with limitless reach to any carrier in the downtown Los Angeles Telecom Corridor. The 490,000 sq. ft. building offers 24/7 multiple layer security access, multiple colocation configurations, 27 MW of utility power, and connection to over 15 network carriers. Moving to VPLS’s LA2 location enables ASUS Cloud to use a broad and deep portfolio of cloud and network services, including IP transit, 100% power availability guarantee, and improved bandwidth to gain seamless and secure access to their data.

VPLS’s white-glove service approach in colocation management aims to simplify processes and enhance productivity by allowing customers to leverage VPLS’s rapid response team to handle IT needs. Backed by an expert team of technical resources, VPLS ensures secure and compliant migration of ASUS Cloud’s existing data center and infrastructure. As a result, ASUS Cloud can continue critical business services throughout the migration with minimal to no disruption to their operations.

“Migrating our colocation infrastructure is no easy feat and we’re very happy to partner with VPLS to make this happen,” states Peter Wu, CEO at ASUS Cloud. “Their team has been working diligently to ensure a smooth migration. They understand the importance of this move for our business and are dedicated to providing as little interruption to our business as possible. We are pleased with the efficiency and professionalism of the VPLS team as we plan this project to completion.”

Jay Smith, VP & GM of Data Center Operations at VPLS adds, “We are excited to enter into this partnership with ASUS Cloud and grateful that ASUS Cloud has entrusted such an important move to our team. Our experienced technicians are well-equipped to offer a smooth transition for ASUS Cloud and we look forward to having them join the VPLS family.”

Read More from this Author

If you enjoyed this article, you'll probably like:

backup and disaster recovery

A Holistic Approach to Finding and Fixing Cybersecurity Gaps

Blog Post / By
Return to the VPLS Blog

Published

Written by

Filed under

Cybersecurity is complex, and this is because technology itself is complex. For example, hosting and effectively protecting a public-facing web application requires knowledge of networking, firewalls, operating systems, web servers, databases, and endpoint protection software. However, the other reason that cybersecurity is complex is that security doesn’t just come down to technology. Cybersecurity consists of three pillars: people, processes and technology.
cybersecurity gaps

For instance, let’s take an organization with skilled engineers who ensure their firewall rules are locked down and configured according to best practices. However, in this scenario, the organization doesn’t patch the firewall regularly, and a threat actor exploits a vulnerability in old firmware (I’m looking at you CVE-2018-13379). In this case, the lack of processes caused the data breach, not the absence of technology.

Top-Down vs Bottom-Up Approach

Often our clients have engineers who know a lot about security. Their engineers may understand the difference between Telnet and SSH, the difference between regular endpoint protection and EDR, or the difference between SSL certificate inspection and SSL decryption. We even have clients that have checked off all the boxes on our How to Prevent Ransomware list yet still have cybersecurity gaps. Why?

This issue arises when engineers drive an organization’s security program.  Having one person or even one team that does not know everything there is to know about cybersecurity is not positioning an organization for success. More often than not, engineers will only focus on technology and technical controls, often reactively instead of proactively, ignoring the pillars of people and processes.

cybersecurity gaps

An effective cybersecurity strategy is to use a top-down approach instead of a bottom-up, engineer-driven approach. In a top-down approach, the security program is driven by executives, and mainly by a security authority within the organization, such as a Chief Information Security Officer (CISO). This authority measures the company against a master checklist of items. It then delegates the lower-level analysis and requirements to the other managers and their engineers who can interpret and implement the necessary security controls.

What master list does this security authority measure the company against? An industry-standard cybersecurity framework.

Cybersecurity Frameworks

As we discussed above, one person or team within the company does not have the time, authority, or even likely the expertise to single-handedly ensure your organization’s security controls are up to par. When it comes to these industry-standard cybersecurity frameworks, a consortium of security experts, with their combined expertise and diverse, real-world experience, have come together to think of everything an organization should think about when it comes to security. The result is a comprehensive, holistic set of requirements and/or recommendations spanning people, processes, and technology.

An example of the structure of a framework called the Center for Internet Security (CIS) Controls is shown below.

fixing cybersecurity gaps
Image source: https://www.cisecurity.org/spotlight/cybersecurity-spotlight-cis-controls/

It should be noted that there are a few subcategories of cybersecurity frameworks available. These subcategories are control frameworks, program frameworks, and risk frameworks, and the general advice is that, as an organization matures, they adopt one or more of each of these types of frameworks. Although we won’t get into the weeds in this blog post on the differences, some frameworks for you to explore of each type are shown below.

Control Frameworks

Program FrameworksRisk Frameworks
NIST 800-53NIST CSFNIST 800-39, 800-37, 800-30
CIS ControlsISO 27001ISO 27005
  FAIR

Adopt a Framework Today

Our recommended way to holistically find and fix all possible gaps within your security posture is to evaluate your organization using an industry-standard cybersecurity framework. And not just once – the organization should be continually evaluated against this framework, and a cybersecurity leader within the organization should drive the security program using this framework in a top-down approach.

If your organization doesn’t have a CISO or other similar security authority, or if it does but, you would like assistance getting started with a cybersecurity framework, please reach out to us. VPLS can provide virtual CIO (vCIO) and virtual CISO (vCISO) services, including cybersecurity program reviews and security assessments, to help get your organization off to a running start with a new, holistic approach to cybersecurity.

John Headley

Read More from this Author

If you enjoyed this article, you'll probably like:

Scroll to Top