Category: IoT

How to find weak passwords in your organization’s Active Directory

Introduction

Confidentiality is a fundamental information security principle. According to ISO 27001, it is defined as ensuring that information is not made available or disclosed to unauthorized individuals, entities or processes. There are several security controls designed specifically to enforce confidentiality requirements, but one of the oldest and best known is the use of passwords.

In fact, aside from being used since ancient times by the military, passwords were adopted quite early in the world of electronic information. The first recorded case dates to the early 1960s by an operating system created at MIT. Today, the use of passwords is commonplace in most people’s daily lives, either to protect personal devices such as computers and smartphones or to prevent unwanted access to corporate systems.

With such an ancient security control, it’s only natural to expect it has evolved to the point where passwords are a completely effective and secure practice. The hard truth is that even today, the practice of stealing passwords as a way to gain illegitimate access is one of the main techniques used by cybercriminals. Recent statistics, such as Verizon’s 2020 Data Breach Investigations Report leave no space to doubt: 37% of hacking-related breaches are tied to passwords that were either stolen or used in gaining unauthorized access.

For instance, in a quite recent case, Nippon Telegraph & Telephone (NTT) — a Fortune 500 company — disclosed a security breach in its internal network, where cybercriminals stole data on at least 621 customers. According to NTT, crackers breached several layers of its IT infrastructure and reached an internal Active Directory (AD) to steal data, including legitimate accounts and passwords. This lead to unauthorized access to a construction information management server.

Figure 1: Diagram of the NTT breach (source: NTT)

As with other directory services, Microsoft Active Directory remains a prime target for cybercriminals, since it is used by many businesses to centralize accounts and passwords for both users and administrators. Well, there’s no point in making cybercrime any easier, so today we are going to discuss how to find weak passwords in Microsoft Active Directory.

Active Directory: Password policy versus weak passwords

First, there is a point that needs to be clear: Active Directory indeed allows the implementation of a GPO (Group Policy Object) defining rules for password complexity, including items such as minimum number of characters, mandatory use of specials characters, uppercase and lowercase letters, maximum password age and even preventing a user from reusing previous passwords. Even so, it is still important to know how to find weak passwords, since the GPO may (for example) not have been applied to all Organizational Units (OUs).

But this is not the only problem. Even with the implementation of a good password policy, the rules apply only to items such as size, complexity and history, which is not a guarantee of strong passwords. For example, users tend to use passwords that are easy to memorize, such as Password2020! — which, although it technically meets the rules described above, cannot be considered safe and can be easily guessed by a cybercriminal.

Finding weak passwords in Active Directory can be simpler than you think. The first step is to know what you are looking for when auditing password quality. For this example, we will look for weak, duplicate, default or even empty passwords using the DSInternals PowerShell Module, which can be downloaded for free here.

DSInternals is an extremely interesting tool for Microsoft Administrators and has specific functionality for password auditing in Active Directory. It has the ability to discover accounts that share the same passwords or that have passwords available in public databases (such as the famous HaveIBeenPwned) or in a custom dictionary that you can create yourself to include terms more closely related to your organization.

Once installed, the password audit module in DSInternals Active Directory is quite simple to use. Just follow the syntax below:

Test-PasswordQuality [-Account] <DSAccount> [-SkipDuplicatePasswordTest] [-IncludeDisabledAccounts] 

[-WeakPasswords <String[]>] [-WeakPasswordsFile <String>] [-WeakPasswordHashesFile <String>] [-WeakPasswordHashesSortedFile <String>] [<CommonParameters>]

The Test-PasswordQuality cmdlet receives the output from the Get-ADDBAccount and Get-ADReplAccount cmdlets, so that offline (ntds.dit) and online (DCSync) password analyses can be done. A good option to obtain a list of leaked passwords is to use the ones provided by HaveIBeenPwned, which are fully supported in DSInternals. In this case, be sure to download the list marked “NTLM (sorted by hash)”..[…] Read more »….

 

How Object Storage Is Taking Storage Virtualization to the Next Level

We live in an increasingly virtual world. Because of that, many organizations not only virtualize their servers, they also explore the benefits of virtualized storage.

Gaining popularity 10-15 years ago, storage virtualization is the process of sharing storage resources by bringing physical storage from different devices together in a centralized pool of available storage capacity. The strategy is designed to help organizations improve agility and performance while reducing hardware and resource costs. However, this effort, at least to date, has not been as seamless or effective as server virtualization.

That is starting to change with the rise of object storage – an increasingly popular approach that manages data storage by arranging it into discrete and unique units, called objects. These objects are managed within a single pool of storage instead of a legacy LUN/volume block store structure. The objects are also bundled with associated metadata to form a centralized storage pool.

Object storage truly takes storage virtualization to the next level. I like to call it storage virtualization 2.0 because it makes it easier to deploy increased storage capacity through inline deduplication, compression, and encryption. It also enables enterprises to effortlessly reallocate storage where needed while eliminating the layers of management complexity inherent in storage virtualization. As a result, administrators do not need to worry about allocating a given capacity to a given server with object storage. Why? Because all servers have equal access to the object storage pool.

One key benefit is that organizations no longer need a crystal ball to predict their utilization requirements. Instead, they can add the exact amount of storage they need, anytime and in any granularity, to meet their storage requirements. And they can continue to grow their storage pool with zero disruption and no application downtime.

Greater security

Perhaps the most significant benefit of storage virtualization 2.0 is that it can do a much better job of protecting and securing your data than legacy iterations of storage virtualization.

Yes, with legacy storage solutions, you can take snapshots of your data. But the problem is that these snapshots are not immutable. And that fact should have you concerned. Why? Because, although you may have a snapshot when data changes or is overwritten, there is no way to recapture the original.

So, once you do any kind of update, you have no way to return to the original data. Quite simply, you are losing the old data snapshots in favor of the new. While there are some exceptions, this is the case with the majority of legacy storage solutions.

With object storage, however, your data snapshots are indeed immutable. Because of that, organizations can now capture and back up their data in near real-time—and do it cost-effectively. An immutable storage snapshot protects your information continuously by taking snapshots every 90 seconds so that even in the case of data loss or a cyber breach, you will always have a backup. All your data will be protected.

Taming the data deluge

Storage virtualization 2.0 is also more effective than the original storage virtualization when it comes to taming the data tsunami. Specifically, it can help manage the massive volumes of data—such as digital content, connected services, and cloud-based apps—that companies must now deal with. Most of this new content and data is unstructured, and organizations are discovering that their traditional storage solutions are not up to managing it all.

It’s a real problem. Unstructured data eats up a vast amount of a typical organization’s storage capacity. IDC estimates that 80% of data will be unstructured in five years. For the most part, this data takes up primary, tier-one storage on virtual machines, which can be a very costly proposition.

It doesn’t have to be this way. Organizations can offload much of this unstructured data via storage virtualization 2.0, with immutable snapshots and centralized pooling capabilities.

The net effect is that by moving the unstructured data to object storage, organizations won’t have it stored on VMs and won’t need to backup in a traditional sense. With object storage taking immutable snaps and replicating to another offsite cluster, it will eliminate 80% of an organization’s backup requirements/window.

This dramatically lowers costs. Because instead of having 80% of storage in primary, tier-one environments, everything is now stored and protected on object storage.

All of this also dramatically reduces the recovery time of both unstructured data from days and weeks to less than a minute, regardless of whether it’s TB or PB of data. And because the network no longer moves the data around from point to point, it’s much less congested. What’s more, the probability of having failed data backups goes away, because there are no more backups in the traditional sense.

The need for a new approach

As storage needs increase, organizations need more than just virtualization..[…] Read more »

 

“To be successful, CISOs must have intentionality and focus”

Most of today’s CISOs got into the role accidentally. Yet tomorrow’s CISO will have chosen this role by intent. It will be a chosen vocation. Therefore, CISOs will need to focus on the role and start cultivating the skills required to become a security leader. This was a key message from a presentation on The Future CISO by Jeff Pollard, Principal Analyst, Forrester Research.  Speaking at the Forrester Security & Risk Global 2020 Live Virtual Experience on September 22, Pollard urged CISOs to check if they are “Company Fit” and to prepare for what’s next. He also outlined the six different types of CISOs: transformational, post-breach, tactical/operational, compliance guru, steady-state, and customer-facing evangelist. Pollard showed how CISOs can build a roadmap for transitioning from one type to another and explore strategies for obtaining future CISO and related roles.

By Brian Pereira, Principal Editor, CISO MAG

“CISOs do an insanely challenging job under challenging circumstances. They have to worry about their company, adversaries who attack, insider threats, and also employee and customer experience. This is not easy. That’s why intent matters,” said Pollard.

He advised CISOs to plan for the role and make a meaningful contribution at the C-Level. Skills enhancement, both for the CISO and the security teams is also crucial.

Pollard alluded to the example of Pixar Animation Studios, which achieved immense success and bagged many awards because it has intent and focus.

“Pixar is a company that matches this intent. They know exactly what they want to do. They have a specific methodology for stories, how they think about content. Technology drives the stories that they tell. They are an incredibly innovative company. There is a secret history of Pixar that ties in with the CISO role,” said Pollard.

Pixar earned 16 Academy awards, 11 Grammys, and 10 Golden Globes.

“They earned all these awards because they operate with intent and focus. When you operate without intent and focus, and when you don’t plan for this role, and when you don’t actively cultivate all of the skills that you need, then this happens,” said Pollard.

By “this” he meant that CISOs lose focus and find their role challenging, which could even lead to burn out.

He urged security leaders to start writing their own stories and to think about their stories with intent, discipline, and rigor.

Why CISOs lose focus

The CISO was never a “No” department. In saying “Yes” to everyone and trying to do everything for everyone, CISOs lost their focus.

CISOs juggle many tasks like product security concerns, compliance concerns, regulatory issues, legal issues, beaches and attackers, and incident response. And then, there are new priorities that come up.

“0% of CISOs are great at everything. And that’s what most security leaders have had to do. You can’t do all of that and be effective. It’s not possible. But that’s what happened to the role — priority after priority and trade-off after trade-off. None of it results in the success that we want,” said Pollard.

He added, “CISOs haven’t operated with constraints, which lead to focus. And focus leads to innovation. We are just doing too much and not succeeding. We are too tactical. We say yes to a lot. The CISO is not the department of No.”

How many are C-level?

While most security leaders aspire for a seat at the table in the board room, very few make the cut.

A 2020 study by Forrester Research shows that just 13% of all security leaders are actual C-level titles or CISO.

The Forrester study considered those with an SVP or an EVP title and compared that to those with a VP, Director, or another title — across Fortune 500 companies. The other data point from this study is that the average tenure of the CISO is 4.2 years and not two or three years.

“Even those who got a seat at the table are not treated like a true C-level executive. They do not have the same access for authority that those others have. And most of the 13% are on their third or fourth CISO role. After the second one, they don’t take that laying down anymore. They demand to be an actual C-level,” said Pollard.

What CISOs need to do

CISOs need to plan for a four-year stay, and they can take some inspiration from Pixar by writing their own stories.

“The reason why this is so important is because you are looking at a four-year stay. It’s going to be hard for CISOs because they are going to do all their tasks for four years with all these limitations. They can make mistakes if they do not operate with intentionality and if they don’t fight for what they deserve. The good news is that CISOs can get this right and write their own story. It’s just about thinking about it in terms of intent and our own story,” advised Pollard.

Going back to the Pixar example, he urged CISOs to simplify and focus. Like Pixar, they should combine characters (or tasks) and hop over detours.

“You will feel like you are losing valuable stuff, but it is actually freeing you. Fire yourself. find a way to replace yourself. Get rid of activities that you don’t need to do. And don’t be afraid to empower the direct reports that work for you,” he said.

Reproduced with permission from Forrester Research 

The 6 types of CISOs

Forrester Research began thinking about the future or the CISO two years ago and came up with a concept that there were 6 types of CISOs. The roles could overlap, and one could have the attributes of other types as well.

Pollard said the CISO should consider these 6 types when thinking about their intent and focus. These types give one the opportunity to think about their roles and future careers —  and even life after being a CISO.

We started thinking about this concept of the future CISO two years ago. We figured out there were 6 types of CISOs out there.

1. The Transformational CISO

This is a more strategic type of CISO who thinks about customers and business outcomes. They focus on turn around and transformation of the security program. They take it from one that may be too insular and too internally focused to one that focusses on the outside of the organization. They do this to make the security program more relevant to the rest of the business.

2. The Post-breed CISO

This CISOs comes in after the organization has been breached. There is intense media and board speculation. Add to that, litigation, regulatory investigations, and potential fines. There is a lot of chaos and they must remediate the situation and lead through the turbulence.

3. Tactical / Operational expert

This is the action-oriented CISO who gets things done. They are adept at sorting out technical issues and building out cybersecurity programs for the company.

4. Compliance Guru

They have a thorough knowledge of compliance requirements and they operate in a heavily regulated industry. They help the company to figure out how to navigate international issues and wars as well as oversight from the FTC, PCI, HIPPAA, and other regulatory bodies. For them, Security is always a risk management conversation.

5. The Steady-State CISO

The minimalist who doesn’t rock the boat and change the status quo overnight. They maintain a balance between minimal change and keeping up. Maybe things are just fine at the company right now and security is working for them.

6. Customer Facing Evangelist 

This type is common at the tech and product companies. They evangelize the company’s products and services with a commitment to cybersecurity. And they speak about how security and privacy help customers.

CISO Company Fit

Forrester defines “CISO Company Fit” as the degree to which the CISO type at the company matches the type the company needs to maximize the success of both parties.

“If the company fit is not suitable, then security leaders have to deal with burn-out and angst.  And part of that burn-out comes from the fact that they may not have CISO Company fit,” said Pollard..[…] Read more »…..

This article first appeared in CISO MAG.

<Link to CISO MAG site: www.cisomag.com>

How Password Reuse Puts Your Enterprise at Risk

You might remember the 2016 LinkedIn data breach disaster when Russian hackers released 117 million breached passwords online.

Just in February 2019, TurboTax maker Intuit locked several users out of their accounts after discovering that an undisclosed number of accounts were hacked. The method used was a credential stuffing attack, which exploited users who had reused a password on multiple accounts.

Instances like these are very common. Data breaches happen every day – it might be happening this very instant.

Why is password reuse a risky business for enterprise owners?

Not trying to sound hyperbolic here, but your customers’ password methods could mean the difference between saving or losing your business to the dark web.

Passwords are the first (and in some cases, the only) defense mechanism that businesses adopt to protect them from attackers.

But herein lies the problem: As employees or enterprise owners, we have the habit of bringing our bad password practices to work. So, when a seemingly irrelevant password from a data breach is leaked online, attackers can use these to access all of your corporate networks.

This was what happened after the LinkedIn data breach case. Hackers got their hands on a password that an employee was using on LinkedIn to access the corporate network’s Dropbox. This led to the exposure of 60 million Dropbox credentials. One reused password was all it took to take down Dropbox.

The consequences of such a breach? Irreparable damage, financial jeopardy, and insurmountable destruction to a brand’s reputation (to name a few).

When it comes to using recycled passwords and how it threatens your enterprise, here are the most important takeaways:

  1. When your customer reuses an already compromised password: Hackers can easily crack open other accounts.
  2. When employees reuse the same password for business and personal accounts: Hackers can breach your entire business network.

Password security is crucial to businesses and it is high time we act on it. We need to change our mindset and find better ways to manage passwords. Here are a few ways to fix the most common password recycling mistakes.

7 remedies for the password reuse epidemic

1. Change default passwords

Sure, default passwords are easy to remember, but they’re a hacker’s go-to for access into accounts. Replace passwords with passphrases, instead! These are usually more difficult to guess, yet easy to remember. To be extra careful, don’t use publicly common phrases, such as popular memes or movie quotes. Use something that only you will know.

2. Do not store passwords in plain text

If you have been storing your business passwords in a spreadsheet, well, don’t. If you’re caught in the ransomware puddle, and that list is exposed, repercussions will be ugly. Paying a ransom will be the least of your problems. The loss of revenue from downtime and customer churn will also take a bite.

3. Do not use easy-to-recognize keystroke patterns

“Zaq12wsxcde3” may seem like a strong password – until you have a closer look at your keyboard. When the pattern is recognizable, it will put your information at risk. Go for a random series of letters and numbers instead.

4. The obvious! Do not reuse passwords

Do not use the same password for two accounts. While this might seem like too much work, you can always opt for password management tools. This will help you securely keep track of your credentials.

5. Adopt a “my passwords are at risk” mentality

Cracking open a business password can be a goldmine for hackers looking to exploit data on a large scale. Therefore, carry the mentality that a hacker may break into your account at any moment. Treat every account as unique and be sure to seal them with complex passwords.

6. Two-factor authentication is a boon

While using long, complex passwords is a good practice, these are not enough for most purposes. That’s where two-factor authentication comes into play. Adding one more step to your login processes, like a fingerprint or iris scanner, can further protect your business from attack.

7. Get creative

Names of celebrities, sports teams or pets are a big “no”. Crooks can easily harvest such information from your social media profiles. A safe way is to use random words and numbers that won’t mean anything.

What else can you do?

Avoiding password reuse is not a robust security plan. Why not? You simply cannot discipline all of your employees, nor can you assure they’re following good password hygiene outside of work. However, there are three things that you can do: […] Read more »

 

 

Instituting Security in IoT Networks to Prepare for Massive 5G Rollouts

IoT is dramatically transforming how we approach business⁠— from manufacturing to energy to retail, the industry use cases are endless.

Internet of Things networks of connected devices can generate mountains of data in a matter of seconds, enabling projects like smart cities and autonomous cars, and fundamentally changing what’s possible in enterprise and consumer services. We’re likely to see more use cases emerge in the coming years, as the number of IoT devices is set to increase; by 2025, it is projected that there will be 75.44 billion connected devices.

However, IoT technology is still kind of like the Wild West – while the possibilities that come along with exploring this untamed territory are seemingly endless, the risks associated can be extremely high. In the first half of 2018 we saw a 29 percent increase in DDOS attacks, which can be directly attributed to IoT. Now more than ever, cyberattacks have the power to spread from end user to end user with incredible speed, making it even harder to pinpoint the genesis of the attack given the massive number of connected devices on the network.

Despite the security risks, enterprises cannot afford to ignore the significant use cases as connected devices move from the well-understood traditional endpoints to connected IoT sensors attached to almost any device. The advent of 5G will enable enterprises to collect and analyze vast amounts of data from IoT edge devices around the globe, paving the way for cost and performance reductions, but the need to protect the valuable data on these devices will be an opportunity for the bad-guys who will want to either steal or control it.

Operators should view this as not only an opportunity to fortify their networks against cybercriminals but as a competitive advantage to offer services to spot and mitigate risks as more operations move to the edge. With a proliferation of endpoints and more avenues into the network, there must be a massive shift from a “reactive” mode of operations to a “predictive” mode of operations. Furthermore, as 5G rollouts continue across the globe, the attack surface will only increase. 5G networks will enable and support new services and users via IoT devices, exposing the network to severe threats.

Here are a few best practices when it comes to managing IoT security issues.

Start with the Network

A perimeter-based security approach is no longer sufficient when today’s era of cybercriminals can launch an attack from any and all sides using a variety of vectors. Protection must be embedded into the network fabric to further strengthen lines of defense, enabling real-time monitoring and detection.

To thwart potential attacks, businesses need a comprehensive security policy that leverages automation, anti-malware software and firewalls while also regularly documenting their cybersecurity policies. Security cannot be an afterthought – it must be built in from the very beginning to every component of the network. Starting from the network means that you are applying security to the broadest number of endpoints possible, so even if embedded security has not always been a consideration when rolling out new solutions, this will ensure the best possible coverage and awareness as new solutions are considered and deployed.

Automation is Your Friend

According to a recent study by the Ponemon Institute, security automation increases the productivity of IT security personnel and more accurately correlates threat behavior to better address the volume of threats. Security programs powered by automation are by design, nimbler and more actionable, and even the most seasoned security teams can benefit from this additional help. Investing in solutions that are able to glean insights from network automation tools can quickly interpret data into actionable insights, empowering security teams to better pinpoint security threats.

Education is Key

There is a serious skills gap when it comes to implementing security automation technology. This problematic shortage is only opening businesses up to greater vulnerabilities. Until we can close this gap, network equipment and security solutions with built-in automation and seamless integration will be key. A well-rounded security posture calls for comprehensive training programs for anyone who is, or will be, involved in managing the IoT environment. Consider training at the start of any IoT deployment and ensure that staff are well-versed in the workings of any new solution before it is designed and implemented on your network. Vendors will have both product specific and general cybersecurity training options […] Read more »….

Louise Bowman: Cloud Expert of the Month July, 2019

Cloud Girls is honored to have amazingly accomplished, professional women in tech as our members. We take every opportunity to showcase their expertise and accomplishments – promotions, speaking engagements, publications and more. Now, we are excited to shine a spotlight on one of our members each month.

July’s Cloud Expert of the Month is Louise Bowman

Louise Bowman is a customer-focused enterprise sales executive that has been in the IT industry for almost 20 years. Her career began at Rackspace, a Global Managed Hosting & Cloud provider, where she built the insides sales team – both in San Antonio and London. In 2007, she returned to her hometown of Denver, and began working for ViaWest, now Flexential, a National Colocation, Managed Hosting and Cloud provider. There she was a Major Account Executive managing top ten named accounts, and later was asked to build ViaWest’s inside sales team. Her next adventure, NIMBL, a national system integrator based in Denver, gave her the opportunity to move up the IT stack where she began working within the SAP ecosystem selling software, consulting, staffing and managed application services to clients primarily in the Pacific Northwest.

Bowman is intrinsically motivated by responsibility, positivity, winning others over, learning, complex deals, and dynamic and thriving organizations. She is currently a member of Cloud Girls and is the SAP ASUG Pacific Northwest Chair Lead.Outside of work, she enjoys great food and wine (cooking or eating out), traveling, skiing, hiking, working out, murder mystery movies andbooks, and spending time with her husband & fur baby, Edie! Louise has a Bachelor of Science degree in psychology from the University of Colorado, Boulder, where she was member of Phi Beta Phi and Captain of the Women’s Lacrosse team.

When did you join Cloud Girls and why?

Manon Buettner, Cloud Girls’ co-founder, and I had met earlier in 2014, and through many discussions she invited me to I join Cloud Girls in 2015. I was able to attend my first retreat in Park City – that weekend really gave my insight into what an amazing organization Cloud Girls is, especially all the women involved.

What do you value about being a Cloud Girl?

First, the annual retreat because this is the time I have been able to learn about each “girl” in the group, dig into key issues and how others see/handle situations, let our hair down, laugh, play and leave with a feeling of belonging. This event always reminds me what a dynamic, eclectic, accomplished and vocal group I am a part of – I am proud to be a Cloud Girl. Second, the ongoing education, strong network and our community involvement.

What is the best career advice you’ve ever received?

“Feel, Think, Do”

What is the best professional/business book you’ve read and why? 

Gallup Poll’s “StrengthFinder” by Tom Rath. This book is the only personality test that has ever really resonated and gave me great insight into myself and others.  I highly recommend to this to everyone, no matter your profession […] Read more »

 

65 Percent of Organizations Believe IoT Increases OT Security Risks

According to Kaspersky Labs State of Industrial Cybersecurity 2018 survey, 65% of organizations globally believe that operational technology (OT) or Industrial Control Systems (ICS) risks are more likely with the Internet of Things (IoT). Over the next year, 53% say that realizing IoT use cases and managing connected devices is a major priority.

As OT and IT converge, organizations can use IoT devices to boost the efficiency of industrial processes, but these devices and processes also present new risks and points of vulnerabilities. Industrial organizations surveyed feel unsafe, with 77% of respondents saying their organization is likely to become the target of a cybersecurity incident involving their industrial control networks.

Of the concerns related to IoT, 54% of respondents claim that the increased risks associated with connectivity and IoT integration are a major cybersecurity challenge, as well as new types of IoT security measures that need to be implemented (50%) and implementation of IoT use cases (45%).

According to Kaspersky Labs, companies relying on ICS are falling victim to conventional threats, including malware and ransomware. Almost two-thirds of companies experienced at least one conventional malware or virus attack on their ICS in the last year, 30% suffered a ransomware attack, and 27% had their ICS breached due to the errors and actions of employees.

Targeted attacks affecting the industrial sector accounted for only 16% in 2018 (down from 36% in 2017)  […] Read more »

 

 

Big Data’s Big Peril: Security

We live in a world that is more digitally connected than ever before, and this trend will continue well into the foreseeable future. Mobile phones, televisions, washers and dryers, self-driving cars, traffic lights, and the power grid – all will be connected to the Internet of Things. It has been said that by 2020 there will be 50 billion connected things. These devices produce exponentially growing amounts of data such as emails, text files, log files, videos, and photos.

The world will create 163 zettabytes (a zettabyte equals one sextillion bytes) of data annually by 2025. Enterprises of all sizes can gain competitive advantages and valuable insights by incorporating big data and predictive analytics into their business strategies to fuel growth and drive operational efficiencies. But with all this data at hand, it’s vital to understand which data is actionable, and how it needs to be considered. Here are two examples of ways businesses are utilizing big data to improve the bottom line.

First, big data analytics can reduce customer churn. Predictive models are being built using customer demographics, product profile, customer complaint frequency, social media, and disconnect orders to flag customers who are likely to churn. Companies can identify these customers to better understand their issues and improve inefficient business processes. They can also recommend products that meet customer feature and price needs.

Second, big data can help prevent network outages. This is especially critical with government, medical, and emergency services networks, where outages can have severe impacts. Predictive models can ingest network logs to look at past device performance and predict hours in advance when an outage may occur, giving network engineers time to replace faulty equipment […] Read more »