Solutions Blog

When SOC plays second fiddle to NOC, you could be in for an expensive tune

It’s not uncommon for people, even some IT professionals, to assume all of their organization’s security needs are being addressed through their NOC (Network Operations Center). Chances are, they’re not. NOCs and SOCs (Security Operations Centers) are entirely different animals, however, with varying goals and staffed by IT professionals with different skillsets and security-related industry certifications. Sure, they both identify issues, then work to resolve them, but most of the similarities end there.

In 2017, well over 4 billion records were exposed to cyberattacks. Believing your company is somehow shielded from them because it’s not of the Fortune 500 variety is a fool’s paradise. No company, regardless of its size or the industry within which it operates, is immune from threats. In a recent Global Information Security survey, only half of the participating organizations believed they could even detect or predict a cyberattack. Amazingly, many organizations view security as an afterthought, and cobble together a security plan with existing personnel who are ill-equipped to handle the intricacies and demands needed to fend off the bad guys―unfortunately, there are a lot of them.

The SIEM―what it is, and why it’s critically important

It can be argued that the SIEM (Security Information and Event Management system) is the fuel that makes the SOC engine run. It collects information from devices that are on or access the network, including login attempts and data transfers, then alerts security professionals of any potential threats. There was a time when SIEMs got a bad rap, some of it deservedly so. At one time, they generated a lot of false positives, which resulted in many “boy who cried wolf” scenarios. Many customers didn’t trust them to reliably provide usable information, at least on a regular basis, and quite possibly ignored alerts on actual threats. Thankfully, however, SIEMs have gotten far more accurate and reliable in recent years, in part because they now allow for far more customization, both in reporting and automated responses.

Don’t hand the SIEM reins over to anybody

Having a SIEM isn’t a set it and forget it proposition. Dealing with security threats is a digital cat and mouse game. New cyberattacks are being invented every day, and the types of threats, such as phishing, DDoS and Trojans (to name a few) are plentiful. And even if you provide extensive, internal training, you’ll never be able to fully you’re your company’s biggest threat―end users, many of whom have a seemingly innate ability to allow, even unknowingly invite, security threats onto the network.

Specialized Security Skillsets

It’s a security analyst’s job to understand the greatest asset threats, and understand which of the customer’s assets take the highest priorities. They can create mock attack scenarios to ensure the SOC can, and will, respond when real attacks occur. From this, they can better customize security detection and ensure responses are structured accordingly.

Threat Intelligence

A key element that security analysts provide is threat intelligence, which is the proactive understanding of existing threats or those on the horizon, including, of course, how to defend against them. Ask an IT professional about their organization’s threat management plan and mediations they have in place to address the vast array of existing or future threats, and you’ll probably be met with stunned silence. If they’re not well-versed in security, chances are existing and impending threats haven’t been considered. And if they haven’t been considered, it goes without saying that they’re not prepared to defend against them.

Plugging Security Gaps

Cybercriminals are essentially looking for one thing―vulnerabilities. Not fully understanding where network vulnerabilities exist can leave organizations wide open for attacks. Some of these vulnerabilities can be addressed with simple software patches, but if nobody on staff is closely monitoring and implementing them, you’ve made an unconscious decision to leave many security gaps unaddressed. It may or may not come as a surprise that most organizations don’t have a well-defined security patch management plan in place.

Monitored and Managed 24x7x365

Providing on-going, real-time management and monitoring of an organization’s endpoints, networks, services and databases 24×7 is critical when defending against threats. Your SOC is only as good as its weakest link, and if providing this level of security and scrutiny isn’t possible, you’ve just defined a very weak link. Threat detection and related responses must be timely, regardless of threat type, time of day or day of week.

For questions, call on the experts at GDT

Sure, companies can operate their own SOC, but whether it’s done in-house or with a 3rd party managed security solutions provider, it should be managed, maintained and monitored by tenured security analysts who think, live and breathe security. Anything less might soon leave you wondering why you ever thought a SOC could play second fiddle to the NOC. And security analysts, when combined with advanced automation solutions, will greatly enhance your defense against cyberattacks and security breaches.

For more information about GDT’s SOC Managed Services, or if you have questions about anything related to IT security, contact GDT’s security professionals here. They’d love to hear from you.

And if you’d like to better address some of your network security concerns, subscribe to GDT’s Vulnerability Alerts, which contain information and links to software patches.





GDT Wins VMware 2017 Regional Partner Innovation Award

Partners Awarded for Extraordinary Performance and Notable Achievements

GDT today announced that it has received the Americas VMware Partner Innovation Award for the Transform Networking & Security category. GDT was recognized at VMware Partner Leadership Summit 2018, held in Scottsdale, AZ.

“We congratulate GDT on winning a VMware Partner Innovation Award for the Transform Networking & Security category, and look forward to our continued collaboration and innovation,” said Frank Rauch, vice president, Americas Partner Organization, VMware. “VMware and our partners will continue to empower organizations of all sizes with technologies that enable digital transformation.”

GDT President Vinod Muthuswamy said, “GDT is honored to have received the Americas VMware Partner Innovation Award in the Networking & Security category. It’s humbling to know our innovation and focus in network and security transformation is being recognized by leaders like VMware. Our close partnership with VMware is greatly enabling our customers to realize their Hybrid IT and digital transformation vision and goals.”

Recipients of an Americas VMware Partner Innovation Award were acknowledged in 14 categories for their outstanding performance and distinctive achievements during 2017.

Americas Partner of the Year Award categories included:

  • Cloud Provider
  • Emerging Markets Distributor
  • Empower the Digital Workspace
  • Integrate Public Clouds
  • Marketing
  • Modernize Data Centers
  • OEM
  • Professional Services
  • Regional Distributor
  • Regional Emerging Markets Partner
  • Solution Provider
  • Transform Networking & Security
  • Transformational Solution Provider
  • Technology

About VMware Partner Leadership Summit 2018

VMware Partner Leadership Summit 2018 offered VMware partners the opportunity to engage with VMware executives and industry peers to explore business opportunities, customer use cases, solution practices, and partnering best practices. As an invitation-only event, it provided partners with resources to develop and execute comprehensive go-to-market plans.  VMware Partner Leadership 2018 Summit concluded with award ceremonies recognizing outstanding achievements in the VMware partner ecosystem.

About GDTHeadquartered in Dallas, TX with approximately 700 employees, GDT is a global IT integrator and solutions provider approaching $1 Billion in annual revenue. GDT aligns itself with industry leaders, providing the design, build, delivery and management of IT solutions and services. GDT specializes in the consulting, designing, deploying, and managing of advanced technology solutions for businesses, service providers, government, and healthcare. The GDT team of expert architects and engineers maintain the highest level of certifications to translate the latest ideas and technologies into innovative solutions that realize the vision of business leaders.

# # #

VMware is a registered trademark of VMware, Inc. in the United States and other jurisdictions.


GDT Lunch & Learn on Data Breaches–Protecting the Corporate Consumer

On Tuesday, May 22nd, GDT SOC Analyst Moe Janmohammad presented, as part of the GDT Agile Operations (DevOps) team’s weekly Lunch & Learn series, information about data breaches. They’re seemingly a weekly occurrence these days, and while there has been a lot of discussion around protecting consumers, very little is being done for the corporate purchaser.  Watch and learn how companies and individuals can understand what their risk profile is, and when and where they may have already been compromised.

Things to Consider Prior to Selecting a Managed Services Provider (MSP)

By Richard Arneson

Change is not easy, especially if it involves moving away from an IT environment and infrastructure that your organization has utilized for years. Even though the benefits of moving to a managed services model are widely known–24x7x365 availability, greater scalability, predictable costs, and faster adoption of new technologies–there are several elements that can leave IT personnel shuddering at the thought of losing control and no longer having all IT resources on-site. Each of the following should be carefully considered when vetting out potential Managed Service Providers.

Network Operations Center

Selecting a Managed Service Provider (MSP) that outsources its Network Operations Center (NOC) can introduce several elements into the equation that were not previously considered. It is not uncommon for a provider to utilize a 3rd party NOC, which, in turn, is white labeling NOC services through another vendor. If you are in a heavily regulated industry, such as financial services, legal, or healthcare, ensuring that your Managed Service Provider’s 3rd party NOC is adhering to regulatory mandates adds another important element to consider.


Ensure that the Managed Service Provider employs engineers and solutions architects whose skillsets extend beyond those of your current IT staff. One of the key benefits of using managed services is access to specialists and experts that add value above and beyond what your current team can provide.

Preventative Measures

Sure, it is important that an MSP can resolve issues, but it is just as vital that they prevent issues from occurring in the first place. Ask them about their use of data analytics and root cause analysis to prevent future events from taking place. If you find they focus too much on break-fix, that might be a true reflection of how they see themselves and have built their company. You do not want a Band-Aid approach to managed services, but one that includes a heavy dose of preventative care.

Years of Experience

As companies increasingly adopt managed services, there are more and more vendors that now offer these services. While some of the newer ones might be able to do a terrific job, it is best not to entrust the management of your network to a company that has just entered the field. Ensure that their managed services experience spans several industries, a wide variety of customer sizes, and different infrastructures, technologies and customer sizes.

Service Level Agreements

Service Level Agreements (SLAs) in the IT industry are as ubiquitous as Cat5 cable. They simply detail the penalties and remedies, including credits, that the MSP must provide in the event the agreed-upon services are not delivered as outlined in the contract. SLAs should not be “set it and forget it” propositions. Make sure the MSP you are considering allows the SLA to be reviewed on a regular basis and allow for alterations in the event there are changes to your business needs and/or technologies.

Best Practices

The Information Technology Infrastructure Library (ITIL) is a framework that outlines best practices for the delivery of IT services and outlines the key IT services lifecycle: service strategy and design, the transition and operations of services, and the continuation of services. Ensure that your MSP vetting process includes the question, “Are you ITIL-certified, and, if so, at which level?” If your query is met with a blank stare or a stumbling answer, it is probably time to move on to the next candidate.


Utilize an MSP that has the experience to automate some of the time-consuming, tedious, and repetitive tasks to allow for more time spent on monitoring, notification, interoperability, management, and reporting.


Find out if the MSP can not only accommodate your current needs, but those that might change or evolve in the future. Companies grow and needs change, so ask questions about how they will—and have in the past—executed changes to address these issues.

If your company or organization is considering Managed IT Services, give GDT’s ITIL-certified experts a call today. They will be happy to answer any questions you have concerning your current Managed Service Provider, or plans you might have to utilize managed services in the future.

GDT Presents Lunch & Learn on Rekognition

On May 1st, GDT Network Engineer Ryan Rogers presented, as part of the GDT DevOps team’s weekly Lunch & Learn series, information about Rekognition. Amazon Web Services (AWS) has an increasingly large set of services available on their cloud computing platform.  While we all know about storage and compute resources, some services, like Rekognition, have not been as widely noted or publicized.  But that doesn’t mean it’s not interesting and/or noteworthy. Check out this video and discover this exciting new area of video analytics and the power of the cloud. 

GDT and Cisco Present Free Movie Premiere to Customers

This past Friday afternoon (April 27), Cisco and GDT hosted a premiere showing of Avengers: Infinity War at Cinemark Webb Chapel. The packed house, comprised of dozens of Cisco and GDT customers and prospects, also heard a quick presentation on Cisco’s HyperFlex multicloud platform, which delivers a simplified solution with industry-leading performance, independent scaling, support for multiple hypervisors, and flexible cluster scaling with availability zones. Also, PrimeLending’s Alfredo Granados won Thor’s hammer in the raffle! Another great GDT event!

GDT Presents Lunch & Learn on the MVC (Model, View, Controller) Framework

On April 24th, GDT Network Engineer Rabih Hamdani presented, as part of the GDT DevOps team’s weekly  series, information about the MVC (Model, View, Controller) framework. There are many different approaches to organizing and delivering software and its expected functions. But the MVC framework has long been the dominant architecture for serving up the World Wide Web.  Watch Rabih and you’ll understand what MVC is and why it has been so broadly adopted.

GDT and QTS Enter Into Cloud and Managed Services Partnership

Agreement represents continued successful execution on QTS’ strategic growth plan

QTS Realty Trust (NYSE: QTS), a leading provider of software-defined and mega-scale data center solutions, today announced that it has entered into a strategic partnership with GDT, an international provider of managed IT solutions, representing a key step in QTS’ strategic growth plan announced in February 2018. Under the agreement, QTS will transition certain cloud and managed services customer contracts and support to GDT. QTS expects to complete its transfer of approximately 200 specific customers to GDT by the end of 2018.

Under the terms of the agreement, GDT will expand its colocation presence within QTS facilities to support customers as they are migrated to GDT’s platform. As GDT is an existing QTS partner and CloudRamp customer, QTS will facilitate a seamless integration with GDT through its Service Delivery Platform (SDP), which will provide customers enhanced visibility and control of their IT environments. Upon transition of the customers, GDT will maintain the current service level and support pursuant to the terms of each individual customer contract.

“We are pleased to partner with GDT, a leading managed IT provider and current QTS CloudRamp customer, to extend our hybrid solution capabilities while maintaining the consistent world-class service and support our customers have come to expect,” said Chad Williams, Chairman and CEO – QTS.

“This agreement also represents the next step in our strategic plan to accelerate growth and profitability,” Mr. Williams continued. “Consistent with our goal of narrowing the scope of cloud and managed services that we directly deliver, this partnership improves our ability to continue to deliver a differentiated hybrid solution, while unlocking enhanced profitability and future growth opportunities for QTS. Through SDP, we can enable a broader set of services for our customers through partner platforms including public cloud providers, Nutanix for Private Cloud, Megaport and Packetfabric for universal software-defined connectivity, and now GDT for managed hosting and other IT solutions.”

As part of the agreement, GDT will pay QTS a recurring partner channel fee based on revenue that is transitioned, as well as future growth on those accounts. While the financial benefit to QTS during the year will be relatively modest as the accounts are transitioned, this partnership arrangement is expected to support future revenue growth and profitability, beginning in 2019 and beyond, without significant cost to QTS. QTS expects that, in transitioning customer contracts to GDT, the Company will be able to drive accelerated leasing performance and growth, improve predictability in its business and significantly enhance overall profitability.

“We are pleased to expand our partner ecosystem with QTS, one of the leading innovators in the data center space,” said GDT CEO, JW Roberts. “This new partnership will greatly enhance our customer-first focus and our ability to consistently deliver innovative solutions to the IT industry. We look forward to managing a smooth customer transition and delivering additional value.”

In connection with today’s announcement, QTS also announced that the Company will issue its financial results for the first quarter ended March 31, 2018 before market open on Wednesday, April 25, 2018. The Company will also conduct a conference call and webcast at 7:30 a.m. Central time / 8:30 a.m. Eastern time. The dial-in number for the conference call is (877) 883-0383 (U.S.) or (412) 902-6506 (International). The participant entry number is 7555289# and callers are asked to dial in ten minutes prior to start time. A link to the live broadcast and the replay will be available on the Company’s website ( under the Investors tab.

About GDT 

Headquartered in Dallas, TX with approximately 700 employees, GDT is a global IT integrator and solutions provider approaching $1 Billion in annual revenue. GDT aligns itself with industry leaders, providing the design, build, delivery and management of IT solutions and services.

About QTS 

QTS Realty Trust, Inc. (NYSE: QTS) is a leading provider of data center solutions across a diverse footprint spanning more than 6 million square feet of owned mega scale data center space throughout North America. Through its software-defined technology platform, QTS is able to deliver secure, compliant infrastructure solutions, robust connectivity and premium customer service to leading hyperscale technology companies, enterprises, and government entities. Visit QTS at, call toll-free 877.QTS.DATA or follow on Twitter @DataCenters_QTS.

GDT and HPE host another successful Dine & Dash event!

On April 19th, GDT and HPE hosted a Dine & Dash at Mexican Sugar, an award-winning Cocina and Cantina at The Shops at Legacy in Plano. Attendees watched an HPE presentation on the SimpliVity 380, the IT industry’s most robust hyperconverged platform. All in attendance received a $50 VISA gift card, and Ken Munson, CitiBank’s Information Security Officer, won the raffle–a weekend stay at The Gaylord Texan in Grapevine. Here’s the really cool part–each of those in attendance were sent home a hero with a gourmet Mexican food dinner for 4. Great event, and well attended with over 30 guests!

Ransomware: How to protect against it

If you’re not familiar with how ransomware works, call the city of Atlanta’s IT department. On March 22nd, they were hit with the SamSam ransomware, which created, in effect, an encrypted wall that prevented employees from accessing needed data. It effectively ground city services to a halt. The city couldn’t collect parking fines and payments for city services. Police had to hand-write reports, which greatly hindered the force’s efficiency.

The cyber attackers threatened to wipe the city’s computers clean unless they coughed up a bitcoin-based ransom payment. It’s unclear whether the payment was ever made (slowly the city has been able to bring services back online), but the attack has cost the city an estimated $2 million to date. The attackers who introduced SamSam three (3) years ago have collected almost $1 million, and that figure will likely grow.

There are a number of ways organizations can protect themselves against ransomware. Nothing is sure-fire, though; it’s a high stakes cat-and-mouse game. In the case of SamSam, as with most ransomware, it learns and adapts from each new attack.

First, make sure you’ve implemented the following…

These security measures might seem simple and intuitive, but they represent the best defenses―when implemented collectively―against falling victim to ransomware.

  • Make certain antivirus software is installed and up-to-date on all endpoints of your organization. It’s a great first line of defense, but relying on it alone could be a fool’s paradise.
  • Back up all data on a regular basis, which can be accomplished via the cloud or local storage devices. Flash storage is based on high-speed, electrically programmable memory. It performs and writes data in a flash, and is a form of non-volatile memory that doesn’t require power to maintain its stored data. Flash storage is more durable, and not as susceptible to bumps and drops, which means data is stored and maintained more securely.
  • Create Group Policy (GPO) restrictions, which are simple and easy to implement. They can provide control over the execution of files, such as those from users’ APPDATA directories.
  • Make sure the latest security patches are installed on all third-party applications like, as examples, Adobe, Flash and Java.
  • Restrict administrative rights to a few, select employees. Organizations might believe they’ve been restrictive, only to learn that, after several years, hundreds of employees have been granted administrative rights.
  • Implement security awareness training. While the aforementioned are key elements for helping secure your organization from ransomware and malware, the biggest threat comes from a lack of employee education. Make sure users ask themselves, prior to opening a link or attachment, Do I know the sender? and Do I really need to open this link or file? If they don’t consider these questions, your organization could be ripe for the picking―or phishing―which is one of the most common entry gateways for ransomware.

Consider calling on the experts

Not proactively protecting your organization’s network and data against ransomware attacks is really a pay-me-now-or-pay-me-later proposition. If you choose to ignore it or believe you’ve got it all covered, it’s a good idea to consult with network security experts like those at GDT. They can help your organization ensure the necessary steps, solutions and hardware are in place to prevent it from falling victim to a ransomware attack.