The Case for Cyber Security

While leaders in the metals industry are always looking ahead for the next big thing, most at their core remain very old-school in their principles.  A company that has found maintained success in the industry certainly would not be blamed for wanting to stick with their tried and true approach while avoiding new overhead costs wherever possible.  However, with the exponentially increased reliance on software solutions (ERP systems for example) and back-office databases, the need for an impenetrable cyber security system is as pressing as ever.  So just exactly how does this marriage of old school principles blend with new age tech?  The success and ease at which it does may surprise you!


The best way to gain an understanding of how cyber security operates in the industry is to analyze specific case studies.  Take a look at a company like Paragon Consulting Services for instance, and more specifically their software division ‘Metalware.’  ‘Metalware’ is a robust, integrated ERP platform designed specifically for the metals industry.  The platform, and all its data are hosted on IBM i servers that are housed in one of many intensely secured facilities across the nation.  Expedient, a well-established security company that is responsible for the protection of these machines, offers 24/7 on-site monitoring year round in all eleven of their facilities.  A reason for these facilities strategic spacing is to combat the possibility of a worst-case scenario like that of a natural disaster.  In this instance, the resulting damage won’t be as catastrophic towards the system and companies will still be able to access their data and other essentials that are hosted on the servers.


These precautions look to combat against unpredictable natural causes, however, a security companies main goal is to defend against a much more common threat; cyber hackers.  While the IBM i machine is the only operating system available that is not susceptible to malware or viruses, many other routine daily business operations can be exposed due to lack of protection.  Whether it be clicking links from phony emails, or forgetting to sign out of an account after usage, the risk of exposure to compromised security is at an all time high.  While having an outsourced security company providing their expertise is always invaluable, the rate at which the reliance on cyber technology is increasing almost demands that an in-house employee be trained in the skill of defense as well.



Naturally, some companies might not be in a position to transfer to an IBM i system or have existing staff members trained, whether it be due to financial or time constraints.  If this scenario sounds familiar to your current situation, there’s no need to worry as you can still take steps to ensure your systems protection.  Here are some examples of recent advancements that have been made in the security industry:

  • Outsourced firewall protection that can be configured for automatic failover. A company such as Expedient offers managed firewall services which allow users to maintain existing IP address assignments, while also decreasing recovery time objectives (RTO) in the case of a failover event.  These managed firewalls are easily scalable, allowing companies to properly adjust to the size of their network traffic as demand increases over time.
  • While there are many readily available anti-virus and anti-malware programs listed across the web, it is important to do some in-depth research to avoid choosing outdated software. Advanced Threat Prevention systems offer larger scaled security to combat the always increasing threat of cyber hackers.  These protection systems benefit and contribute to a global threat intelligence database which stores a wide list of known malicious files.  Unknown files are inspected thoroughly and in turn are either accepted as non-malicious, or quarantined and added to the database as malware.
  • Two-Factor Authentication. While not necessarily a new concept to the security world, it has become much more prominent with the coinciding rise in threats.  Most web applications usually only require a simple username and password when attempting to gain access to a certain VPN.  Two-Factor Authentication demands a second layer of identification, usually in the form of a text message to the phone that is registered during the initial authentication process.  When suspicious activity is identified, or there has been an attempted log-in from a foreign device, the system will send the registered phone a text embedded with a code needed to validate the activity.  The VPN will be locked until the code is entered.


Tons of critical company and client information can be stored in databases that are always susceptible to breach.  Making sure that every base is covered in this fast paced technological era has never been more important, or convenient, in this always evolving industry.





Image source:

IBM Business Partner