Do you remember how some of the best days in high school science class were when you got to go in the lab? When you had a problem to solve and you got to roll up your sleeves and experiment until you got the answer?
We got to do the professional version of just that last week, when we brought a handful of customers and special guests to the HP Customer Experience Center in New York. This is a living production laboratory for testing and learning, featuring the latest-and-greatest technology from HP today.
What made the trip invaluable:
• We learned from the best in the business. At the Experience Center, HP offers its top subject matter experts to share new and emerging technology and answer questions on the spot. Technology represents one of the biggest line items for any company, and business leaders need to be confident that their suppliers and partners understand their needs and environment to offer the right resources at the right cost at the right time.
• We saw the latest technology in action. Nothing is more important than seeing first-hand how different products and software can perform. The demonstrations not only presented good introductions to different resources, but they illustrated how to make the most of your technology. (Dare I admit that being in a nearly 10,000-square-foot facility with all that cutting-edge IT brought out the best geeks in us?)
• We solved some vexing problems. A couple of clients came looking for answers to specific challenges with storage. In that real IT setting, HP experts were able to configure and demonstrate a storage array that would specifically eliminate those problems. Those clients now have a strategy to discuss with their business leaders and to use in determining how to prioritize the HP recommendations.
• We got a sneak peak at what’s coming next. Our visit last week allowed us a glimpse into HP’s next generation of products, and how they will integrate with existing platforms.
Unique opportunity for customers
This hands-on experience is a rare perk of collaborating with CTG, which is an HP Gold Partner. During our nearly 10-year history, we have worked with a host of technology manufacturers, but we have chosen this specific partnership for HP’s comprehensive and integrated product portfolio. We know that all technology has a lifecycle, and our clients trust us to recommend hardware and configurations that meet today’s needs and are scalable for future business growth.
What our customers and guests told us was that this hands-on day gave them better insights into how HP’s architecture and products can deliver on all IT needs, from security to software, hardware to mobility. Because HP is one of the biggest in the industry, we know it can be daunting for our clients to navigate through all those products. This visit allowed our customers to learn more about why we trust HP, which delivers products that are equally innovative and reliable.
What happens next?
Our CTG team will be meeting with local HP account teams to host a technical discussion, where we will dive deeper into the day’s learnings.
And in keeping with our commitment to be on the leading edge, we already are planning our next visit to the HP Customer Experience Center. If you've got an IT challenge that is continuing to haunt you, let our CTG team know – and join us on our next trip to this IT laboratory.
John Monahan is co-founder of CTG.
Tuesday, April 28, 2015
Thursday, April 23, 2015
Kidnapping Your Data
Ransomware attacks at several of our customers over the past several weeks – including two in the past five days alone - speaks to the urgency with which you should understand and take action.
Ransomware, sometimes known by the names CryptoLocker or CryptoWall, are exploits that encrypt your data and then demand money to free it. So far, we've had some luck in mitigating the data loss for some customers that have been hit. Good backup practices in those cases saved the day.
First response is essential
I can't stress this enough: Call us immediately – but don’t wait for us to arrive before starting the first steps outlined below.
The key first step is to right click the ransom note (usually a text file in the same directories as the encrypted files), select properties, and whomever owns that text file, well, that is the one that's infected.
Next, get any machine(s) off whatever network that file owner might have been using around the date/time that the file was created. Turn it off. Don't turn it back on until the operating system has been reloaded.
We'll want to look at every ransom note text file on the drive to make sure you don't have more than one infected machine. Do not delete those ransom note files: They're not infected, and they'll tell us how far the malware got before it stopped. They also hold important information should your worst case recovery option – paying the hackers - becomes the only option.
Now that you’ve (hopefully) mitigated the problem’s spread, start lining up your recovery options.
1. Do you have a good recent backup? A good backup solution can reduce the amount of data lost to hours, or, at worst, days. Days might not be a big deal depending on the volume of changes to a file. The proposal you wrote a year ago? Not a biggie. Your accounting database? Probably a biggie.
2. Pay the ransom. Unfortunately, you might have to balance the ransom cost with the value of that hijacked data. At least you won't have ABC News doing a story on you, like a certain sheriff's department in that link above. The good news is that these efforts are specifically intended to generate revenue. In an odd bout of honor among thieves, they’ll want to unlock your files after payment because, if they don’t, then no one will pay.
Why? Why? Why?!! (or should that be How?? How?? How??!!)
The first thing we hear is "How did this happen? I have anti-virus running!" That doesn't really matter. In fact, we've seen in one case that anti-virus programs were blocking less than 20 percent of malware.
The latest efforts have gotten even more sophisticated. Where once you had to actually do something – such as click on a link or ad, go somewhere potentially suspect, or download software – now you just need to visit your favorite well-known website (think big trusted organizations with ads on their sites). This has gotten pervasive enough to get its own name: malvertising. Yes, those flashy (pun intended) ads that pop up and try to get your attention are the vector for this exploit. I'll skip repeating what other news stories or blogs say, and we can go on to some good suggestions to avoid this issue.
How to avoid ransomware
While you might be tempted to move to a remote cabin in Montana or disconnect the Internet entirely, you do have other viable options. But they come with some trade-offs, such as Web pages not rendering how they're intended or having to occasionally let scripts run on a site that requires it. Get hit once and lose critical data, and those trade-offs become more tolerable.
1. Choose your browser wisely. I rarely use Internet Explorer unless a vendor’s site is still locked in to some proprietary Microsoft Web things. Consider switching to FireFox or Chrome. Most of the security analysts I know and listen to use FireFox as their primary browser.
2. Add some extensions (add-ons) to your browser. Add and enable Flash and script blockers, which will stop ads and scripts from automatically running and potentially delivering the malware to your machine. For FireFox, I have FlashBlock and NoScript running. Each gives me the option to enable the Flash or scripts on a case-by-case basis, but nothing runs automatically, For Chrome I use FlashControl and ScriptSafe.
3. Stop clicking on shortened URLs. Those things can take you anywhere, and you won't know until it's too late. I know that kitten pic that someone tweeted about is incredibly tempting. Don't do it. At least not on a company PC.
4. Keep your applications and operating systems up-to-date. When you receive security patches and updates, be sure you are routinely running them.
5. User Awareness is paramount. You can’t take adequate precautions without being aware of the dangers. Given the ever-changing threat landscape of the Internet, make awareness a recurring theme. Over the next few months, we'll be putting together a regular published newsletter that you can forward to your employees.
6. Good backups are the answer. That statement probably stands on its own. Whether it's some outsider encrypting your data or a disk drive failing, you want to be able to get that data back.
The bad guys are getting more creative, and your traditional firewalls and anti-virus are no longer enough to hold off the horde. CTG is ready to come in and consult on ways to better protect your data from thieves, vandals and kidnappers.
Jeff Garell is co-founder of CTG.
Wednesday, April 15, 2015
4 Reasons You Need CTG as Your IT Partner Right Now
It’s easy to call Convergent Technologies Group an IT company. But that’s like saying Nike is an athletics company or Kraft is a food company. Each of us provides a range of products or services under that category umbrella, but each of us has strategically honed in on core offerings that reflect what we can deliver best for our customers.
Being nimble and staying on the leading edge of the ever-changing IT market has been an integral part of CTG’s evolution over the past decade. We now offer a core platform of services that allow us to meet many common IT needs for our customers, no matter where they are in their lifecycle or within their industry.
Some customers come to CTG looking for a specific service, then deepen their relationship with us as they learn more about our extended capabilities. Other clients – including startups and smaller mom-and-pop operations – recognize us from the beginning as a daily partner to whom they can entrust their complete IT needs.
So, why should you consider CTG right now as your IT partner?
1. We build the data center that meets your needs. From the initial steps of planning the architecture that aligns with your business operations to implementing storage and backup services to handle everyday tasks, we start by sitting down with our customers to understand both current and targeted goals, working to develop an IT framework that can scale with the business. Within that, we incorporate disaster planning and recovery, as well as integrating the best applications to support your varied business tasks. With our strong relationships to the nation’s top IT manufacturers, including as an HP Gold Partner, we can deliver the highest-quality platforms at the smartest cost for your business, including next-generation resources such as virtualization.
2. We keep your IT secure. Every day, you hear news of attempted – or worse, successful – hacks on corporate technology networks. Because this is one of the biggest worries for business owners, we have developed critical processes using the most-effective tools to put up the best defense. The first step, with the customer’s blessing, is to do our own penetration testing to identify a network’s vulnerabilities, coupled with security audits and assessments. We then offer best-in-class resources, which are continually updated, to protect you and your business.
3. We offer managed services that keep your doors open for business.Our remote support and help desk actively track and monitor your network operations, because we know that even the best systems can have their bad days. We often find and solve those hiccups before you – or your customer – even notice. We also offer cloud solutions and other resources that allow you to focus your energy on where it matters most: your business and customers.
4. We support you wherever you are. Work doesn't happen in the office from 9-to-5 anymore. You and your workers are handling more and more remotely, whether delivering a presentation at a client’s office or catching up on a project at home after leaving early to watch a child’s performance. We can implement the best mobility resources and wireless solutions to ensure you can work productively, while maintaining the highest network security.
Information technology long ago stopped being a one-size-fits-all business commodity. We know that, which is why every solution we craft is based on the specific needs of our customers. We listen to what you need, then apply our expertise to develop the IT services that let you run your daily business effectively and efficiently.
John Monahan is co-founder of CTG.
Tuesday, April 7, 2015
Why You Need to Audit and Test Your Network
Security is a moving target. What’s acceptably secure today might not be tomorrow.
On the product side, even firewalls may have an undiscovered vulnerability lurking in the code. Recently announced vulnerabilities – such as HeartBleed, ShellShock and recent Windows fixes – were for things that had been sitting in the code for a decade or more and just hadn’t been found yet.
As discussed in last week’s post, threats on networks are intensifying, and your efforts to protect your business need to step up to that challenge.
Our CTG team regularly conducts either individual or a combination of security tests, working with our clients on the best approach to identify any vulnerabilities.
Good detection without a solid incident response capability is nearly worthless. Just ask Target and Home Depot: These companies’ systems both detected breaches, buth their response protocols were not followed or were not fully tested.
An incident response plan mirrors many of the characteristics in disaster recovery planning:
That said, vulnerability scans are useful for helping to determine a device’s susceptibility to recently discovered exploits. For example, ShellShock and Heartbleed were long unknown vulnerabilities discovered in 2014. Vulnerability scanners were some of the first to release signatures and automated tests to help discover whether your systems included those risks.
Jeff Garell is co-founder of Convergent Technologies Group.
On the product side, even firewalls may have an undiscovered vulnerability lurking in the code. Recently announced vulnerabilities – such as HeartBleed, ShellShock and recent Windows fixes – were for things that had been sitting in the code for a decade or more and just hadn’t been found yet.
As discussed in last week’s post, threats on networks are intensifying, and your efforts to protect your business need to step up to that challenge.
Penetration Testing
To see how secure your network is, consider one of today’s security tests:- External: Attack from the outside and attempt to breach the network perimeter.
- Internal: Attack from within to see what is possible if an intruder (or insider) got inside.
- Social Engineering: Focus on whether your employees say or do something that could open a door to a breach.
- Physical: Attempt to enter the premises under false pretenses and gain enough access to implant a remote access device, install software/malware or grab data without being detected.
Our CTG team regularly conducts either individual or a combination of security tests, working with our clients on the best approach to identify any vulnerabilities.
Monitoring, Detection and Incident Response
No matter how well you patch, secure and maintain your systems, ever-changing threats can thwart the best-laid plans and efforts. Putting your detection systems to work is just the first step.Good detection without a solid incident response capability is nearly worthless. Just ask Target and Home Depot: These companies’ systems both detected breaches, buth their response protocols were not followed or were not fully tested.
An incident response plan mirrors many of the characteristics in disaster recovery planning:
- Foresight to consider what can go wrong,
- Written processes and procedures to avoid the “seat of pants” activities when it does,
- Chain of command and reporting processes so management at all levels can remain informed and make appropriate business decisions.
- And practice, practice, practice.
Vulnerability Scanning
Vulnerability scanning is not a penetration test, however a penetration test includes vulnerability scanning. A vulnerability scan is an automated testing tool for basic probes and simulated attacks. With penetration testing, our highly skilled team uses our knowledge to attempt to bypass your security controls and gain access. An automated scanner can’t make tactical decisions based on responses.That said, vulnerability scans are useful for helping to determine a device’s susceptibility to recently discovered exploits. For example, ShellShock and Heartbleed were long unknown vulnerabilities discovered in 2014. Vulnerability scanners were some of the first to release signatures and automated tests to help discover whether your systems included those risks.
Policy Audits
A policy audit often completes an Internal Penetration test. We’ll look at your written security policies (you do have written security policies, right?) and validate that they meet your targeted security posture and are implemented consistently.Reporting and Remediation
Clients come to CTG to identify issues, and we complete each penetration testing and related analysis with comprehensive executive and technical briefings. We’ll tell you exactly what we uncovered, and, more importantly, we’ll offer specific recommendations on how to enhance your network security.Jeff Garell is co-founder of Convergent Technologies Group.
Subscribe to:
Posts (Atom)