Arraya Insights

by

A few years ago at my previous company, I considered VDI (Virtual Desktop Infrastructure) on-premises for a specific use case around engineering. We were trying to build a more efficient way for our engineers to use graphic intensive compute over a centralized connection instead of having to purchase expensive desktops. Unfortunately, we couldn’t justify the cost of the on-premises hardware, so we just kept purchasing desktops.

For some customers, VDI is an absolute requirement driven by the business. The cost of centralized servers, associated storage and ongoing maintenance and management costs aren’t a roadblock for these use cases. The cost is justified by a mobile, security or remote access component.

A new option has emerged for remote desktops, powered by the cloud. Microsoft and Citrix have teamed up to release XenDesktop Essentials, built on Azure. Anyone can now quickly spin up and test a VDI environment without concern for procurement cycles or complex licensing plans.

The cloud is the perfect vehicle for delivering remote desktops. It can scale up and down as you need and you only pay for what your employees use. With the right automated management, costs can even be further controlled.

There are some key use cases for VDI that are made easier when then cloud is part of the solution.

Mergers and Acquisitions

In some M&A situations, VDI can be a windfall to unifying a single culture. VDI can be used to provide a new, singular employee experience. The challenge is that the environment may be transient. An investment in on-premises hardware may be a large cost to incur for a temporary benefit.

There’s the procurement lifecycle to consider as well. M&As operate on a fast schedule. Procuring and configuring a VDI environment could take longer than the business is willing to wait to integrate.

By leveraging VDI in the cloud, you can quickly build images on standards and supply them to your new employees.

Office 365

Many customers don’t take advantage of the breadth of Office 365. Office Pro Plus is usually left behind due to aging operating systems on fat clients. With Citrix XenDesktop Essentials, you can run the HDX Real-time Optimizations Pack for Skype for Business as well (full features here).

Think about how your Office 365 deployments might differ if you could roll out all the amazing collaboration features without having to worry about the desktop OS. The management and support alone of running the platform on a consistent image would be worth the investment for some companies.

Windows 10

Your employees have been running Windows 10 at home for over a year now, but Enterprises are lagging behind. Windows 10 is being billed as the most secure desktop operating system ever and the ROI is well documented.

A big reason that Enterprises aren’t moving as quickly as they can is because of legacy hardware and a perception of poor performance. I’ve installed Windows 10 on 12 year old hardware with great results, but this fear still lingers. VDI can absolutely address this issue.

Another reason is the OS management. This becomes easier when you are talking about VDI in the cloud. Imagine managing a consistent desktop image instead of individual operating systems across a range of hardware devices. With cloud based VDI, you can deploy a more secure operating system quickly and replace aging hardware as it breaks instead of all at once. Since you’ve invested in VDI that is scalable, you can scale down as hardware is replaced.

VDI is also a great way to test Windows 10 deployments without having to allocate spare (and, in a lot of cases, legacy) hardware. You can assign and allocate test images to the business to perform user acceptance testing easily.

Cloud VDI is Here!

The benefits of running VDI in the cloud are obvious, but speed and scalability are among the top reasons. The above use cases go beyond just these advantages and can demonstrate a real difference in the speed at which your company adopts new technology.

Citrix in Azure is our latest offering for cloud based VDI. If you’ve standardized on VMware and want to serve only applications, we can also have conversations around running Horizon or XenApp Essentials in Azure. Reach out to the Microsoft Practice at Arraya for more information!

by

Cyber security wasn’t just a hot topic for Arraya Solutions last Thursday, it was the only topic. The latest threats, response tactics, and more took center stage at Arraya’s first-ever Security Forum. Attendees of the half-day event, which was held at The Hub in Conshohocken, PA, were given a unique opportunity to participate in a flyover of today’s security landscape guided by Tom Clerici, Director of Arraya’s Cyber Security Practice. During a trio of presentations, Clerici cited real examples, his own experiences as a cyber security professional, and even used a touch of humor to demonstrate the practical strategies organizations can use to keep their data safe.

The event began with a session on top threats and emerging trends. For all of the positives technological advances such as IoT and the Cloud have brought to businesses, they’ve also opened up new attack vectors for malicious actors to exploit. While this doesn’t mean businesses should be wary of these options it does mean they need to incorporate a greater emphasis on security.

One emerging threat in particular seems to have separated itself from the pack. “Ransomware is absolutely becoming the attack method of choice,” Clerici argued. “The bad guys have weaponized it in such a way that it’s become incredibly profitable.”

He went on to describe how ransomware has grown to the point where it can now be reasonably described as a business. “The groups launching these attacks are setting up help desks,” he explained, to help victims obtain the bitcoin needed to ransom their data. “Each morning, we go into work, we log in to our system, and we start checking our email. The bad guys are now doing the same thing.”

Clerici capped off this session by putting on his prognosticator hat to make a few predictions about the future of cyber security. Some of these were bleak – ransomware, for instance, isn’t likely to be going anywhere. Others, however, offered hope – a massive push toward greater security for connected devices is on its way.

After a short break, the second presentation kicked off with a clip from the TV show The Office. In the scene, a group of office workers rapidly descends into an outrageous panic during a surprise fire drill. Far from just being a silly diversion in a day of serious discussions, this clip exemplified what could happen if an incident occurs and a business is not prepared to respond.

“The reality is that, at some point, you will experience some kind of attack,” Clerici explained. “I believe that preparedness and planning beforehand are key to ensuring manageable repercussions as opposed to painful ones.”

This process doesn’t only require planning. It also must include constant analysis; speedy containment, eradication, and recovery; and post-incident reviews and adjustments. To illustrate the risks of being caught unaware, he used the breach that occurred at Anthem, which exposed nearly 80 million records. In this case, the initial breach occurred in February 2014 and the suspicious network activity wasn’t noticed until January 2015. The fallout – including cleanup, notification, and improvements – numbered in the hundreds of millions of dollars. As Clerici pointed out, that doesn’t even include the damage done to the company’s reputation.

Despite security’s rising profile, progress on this front can be slow. Clerici theorized this may be due to a communication gap between the business and technical sides of an organization. Bridging this divide was the subject of his final presentation at the Security Forum.

He listed three things IT can do to better translate security for leadership teams. The first is to know the audience. This includes knowing their level of tech savviness and adjusting the language contained in a security pitch accordingly. Next is to know their priorities. Operations leaders don’t have the same care-abouts as financial leaders. A discussion that isn’t razor-focused on the priorities of the person sitting on the other side of the table will likely have them glancing at their phone. Lastly, he suggested shifting ownership of security from IT to the organization as a whole. To do this, conversations should begin with top departmental risks, leaving it to IT to come up with the tech architecture to address them.

Gain the insights and skills you need to fight back

Missed the Security Forum? Catch Tom Clerici at Arraya’s 3rd Annual Tech Summit on June 8 in King of Prussia, PA. During this free, full day event, he will lead multiple strategic, action-oriented sessions devoted to the topic of keeping businesses and their data safe from cyber criminals. Also on the docket are sessions on data center, enterprise mobility, the cloud, and more – all presented by the members of Arraya’s technical team to guarantee an experience that is truly “for techs, by techs.” Register today: https://events.arrayasolutions.com!

Contact Arraya’s Cyber Security Practice by visiting: https://www.arrayasolutions.com//contact-us/. Feel free to leave any comments or questions relating to this post on our social media pages: LinkedIn, Twitter, and Facebook.

by

Every tech knows the feeling of opening up Notepad on their machine, loading a lengthy log file, and diving in. Locating one specific answer amongst that endlessly scrolling sea of data is no small feat. Yet, for many admins tasked with searching for the root cause of an issue, this was standard operating procedure. It doesn’t have to be, however, as a better alternative may already be waiting in corporate data centers.

VMware’s vRealize Log Insight provides a central location for admins to manage their infrastructure and application logs. It offers a clear, intuitive picture of an organization’s IT environment, unlike its lower tech, labor-intensive predecessor. If that sounds good so far, a new licensing decision by VMware may make it even more appealing.

Recently, VMware decided to include the solution in its vCenter license bundles. As a result, organizations who own vCenter now have 25 vRealize Log Insight licenses at their disposal. Included with those licenses is the ability to add VMware offerings including: Horizon View, NSX, OpenStack, and more. Additionally, business with access to NSX licenses starting at 6.2.3 are also entitled to vRealize Log Insight. (Note: The specifications for this offering depend on NSX license type. Learn more here.)

Where vRealize Log Insight bests legacy methods

Whether an organization has vRealize Log Insight and hasn’t turned it on yet or is interested in licensing it as a standalone, there’s value to be had there. This is particularly true when the tool is stacked up against legacy methods of log-keeping. Some of the advantages offered by vRealize Log Insight are:

  • Interactive visual dashboards – The data gathered by vRealize Log Insight translates into easily-digestible visual dashboards. These dashboards – which depict (and can be sorted by) headers such as events, errors, warnings – automatically select the display option that makes the most sense for the data. This gives IT a near-real time, at-a-glance look at what’s going on across the company.

 

  • Quick hits & deep dives – By way of integration with VMware’s vRealize Operations, vRealize Log Insight provides structure to the unstructured log files of old. The results it generates can be filtered based on the fields that matter most to IT. This ability allows IT admins to perform quick queries and deep dives into issues with ease.

 

  • Out of the box virtualization insights – Native support for vSphere is built-in to vRealize Log Insight. This gives IT teams access to logs concerning their virtualized infrastructure, mission critical applications, and more. As such, there’s no concern of a lengthy gap between roll out and when the solution can begin generating meaningful value.
  • Highly-scalable functionality – The true power of vRealize Log Insight comes from its scalability. Admins can peruse a marketplace for content packs dedicated to connecting the solution with other VMware tools and those from leading hardware vendors such as Dell EMC, Cisco, and more. While non-VMware solutions can be tied to vRealize Log Insight by way of content packs, it will require a license adjustment.

Next steps: How to start utilizing vRealize Log Insight

Regardless of whether your company wants to stand up free licenses, expand on an existing deployment, or purchase the solution as a standalone, Arraya Solutions can help. Our engineers will work with your team to roll out vRealize Log Insight and configure it in the way that makes the most business sense for your organization.

The first step will be to review the content packs available in VMware’s marketplace, the idea being to determine what’s available to you under your current licensing and what would need to change to give you access to the most valuable content packs to you. From there, the content packs would be downloaded and integrated to the solution. A guided tour of the dashboards and search features would follow, leaving IT in a position to collect, analyze, and respond to data from every corner of their network.

Want to talk more about vRealize Log Insight? Reach out to our Data Center team today by visiting: https://www.arrayasolutions.com//contact-us/. If you’d like to leave us a comment or a question regarding this post, please do so via any of our social media accounts: LinkedIn, Twitter, or Facebook. While you’re there, click “Follow” to stay updated on our latest blogs, company news, and exclusive learning opportunities.

by

Almost every customer that moves to Office 365 starts the migration with email. Perhaps it has to do with the send/receive relationship of email. Regardless, email is the function most IT organizations are comfortable using to test the cloud. At Arraya, we enable this by helping customers create a rock-solid tenant, layer on some security, and move their mailboxes out.

Afterwards, some customers aren’t sure what to do next. There are a couple of options, but in order to move beyond the commodity of email, you need to talk to the business and find out what their needs are. Let’s take a look at the non-email workloads in Office 365 and find out how to get conversations going to make the most of that initial investment.

Skype for Business

Every product in Office 365 has its unique benefits, but few have the impact of Skype for Business. Besides the obvious benefit of real-time collaboration, Skype helps reduce email through its integration with Outlook.

Picture this – you’ve just received an email in your Inbox and it requires just a short conversation. Right from the message, you can start a chat or an audio or video call with the person and address the issue right there.

One of the biggest benefits is conferencing. When you use Skype, starting a conference is extremely easy. You click the link in the meeting and you’re in. You click on Join Online from the reminder and you’re in. There’s no other client to load or anything. You are just in the meeting.

SharePoint/OneDrive for Business

The roadblocks with SharePoint and OneDrive for Business getting deployed have to do with the mental block of putting your critical business files in a cloud location. While security is always critical, don’t assume that your files on an on-premises Windows file share are secure. Even the best laid NTFS permissions scheme goes out the window once someone has a USB drive or puts that file in an email.

The entry point to SharePoint and OneDrive for Business is usually email, but there is much more to these two solutions. When coupled with Office Pro Plus, files become more powerful with co-authoring, versioning controls, and sharing right from the desktop client.

If you stick with file sharing, Delve can be an extremely powerful way to surface content to your users. Think of Office 365 as not only an amazing collaboration tool, but as a massive dataset for how people work with each other. Delve helps uncover documents that those in your network are working on while respecting the security of the documents.

SharePoint portals are also a powerful way to collaborate beyond basic file sharing. You can build powerful intranet portals and workflows to support your business operations. In order to bring out this value, you have to talk to IT champions on the business side and help them develop use cases.

Yammer

Yammer is one of the most powerful and least utilized tools in the Office 365 platform. This is Enterprise Social at its best. The roadblocks here are usually coming from HR, but HR can also be the champions for this platform.

While Yammer allows your employees to voice their opinions, don’t think of it as a suggestion board. Distribution Groups have long been used by employees to request access from a group of people without having to know who to turn to specifically.

Consider this scenario: One of your employees has a game-changing idea. They have no idea where to go, but you have Yammer. This employee can log into the engineering group and pose the idea to a group of people that might be interested. Then, they can explore the idea together in a social environment.

Moving Past Email

If you’ve made the investment in Office 365, you’ve made an investment in an entire platform, not just the next iteration of email. There are ways for you to move forward and bring that value to the business. Arraya Solutions can help you navigate these more advanced workloads and make sure you do it in a secure way.

These tools represent the core of Office 365, but there are many other tools in the suite as well. Microsoft keeps improving and adding more product sets and functionality to the platform. To find out the latest, contact the Microsoft Practice or schedule a hands-on session for you and your business users to find out the difference Enterprise level collaboration can make!

Another way to further your Office 365 knowledge? Join us on June 8th for the 3rd Annual Arraya Solutions Tech Summit. This free event includes a full day of sessions presented by the members of Arraya’s technology team covering the challenges and solutions most relevant to today’s IT professional. Each session promises a “for techs, by techs” examination of topics such as cyber security, data center, mobility, and Office 365. Don’t miss your chance to further your knowledge and skills while also connecting with fellow IT pros from across the Mid-Atlantic area. Register today: https://events.arrayasolutions.com!

by

Office 365 is the undisputed king of collaboration. No other solution offers the benefits of the cloud while covering the range of collaboration services that Microsoft offers – from email to voice, conferencing to social portals, intelligent security to personal file sharing, and more. Office 365 E3 has been the sweet spot for many organizations with E5 gaining ground.

If your business hasn’t yet made the jump to Office 365, there’s never been a better time. The first quarter of 2017 has proven to be a windfall of new features. Let’s take a quick look at what was announced.

OneDrive for Business Sync Client

In January, Microsoft announced that the OneDrive for Business sync client would support syncing select OneDrive for Business and SharePoint Online folders to your local PC. This completely changes the way customers interact with the file sharing service and brings it back in line with where customers are comfortable finding files – Windows Explorer.

If you haven’t migrated your files to OneDrive for Business or SharePoint yet, it is likely worth a look. Customer adoption is much easier with this new feature. With it, you don’t even need to check the online portals anymore.

Word, Your Professional Editing Assistant

We remember you fondly, Clippy, but Microsoft Word and Outlook have a new trick up their sleeve. If you’ve been using Word, you’ve likely noticed that misspellings aren’t the only things being called out anymore. Word and Outlook are now actively helping you write better.

As an English major, I was dubious about this change, but I find that it offers helpful assistance. The best advice I ever received about writing was from a CIO who told me to re-read everything and remove anything that wasn’t concise. This is by far the best use of this new feature. Learn more about Editor.

Stick by What You Say

Editing isn’t the only intelligence that’s been added recently to Office 365. With tighter integration through Cortana, you can be reminded of the commitments you’ve made in email.

Consider this scenario, you email a co-worker and write, “I’ll get back to you Friday.” Currently, unless you flag that email or add a task, you’re likely to forget. Cortana is intelligent enough to realize you’ve made a commitment and will offer to make you a reminder so you stick to it.

Excel Co-Authoring

Another thing you’ll notice if you’ve been using Word backed by files stored in OneDrive for Business or SharePoint is co-authoring. We use this a lot at Arraya, but what we’ve longed for even more is co-authoring in Excel.

While this has been available in Excel Online for a while, it is finally making its way to the Excel desktop client. Editing spreadsheets will never be the same.

Teams

If you haven’t tried Teams yet, you need to. This new combination of tools (Skype, SharePoint, Office files, Calendar, conferencing, Power BI and more) is worth a serious look. By combining existing tools together, Microsoft offers a unique collaboration experience built on the standard tools found already in Office 365.

We’ve found some good use cases for this tool already. For example, any project cutover is ideal because of the real time collaboration and file storage capabilities. Also, any project group or team that likes to work real time instead of through the send/receive relationship of email would benefit from Teams. Check out our whitepaper here.

Building Value

Office 365 continues to innovate in the collaboration space and is a tool that can make a real difference in your company. If you own Office 365 E3 and up, these features have likely been enabled already and are ready for you to use without changing your subscription price or requiring you to make changes to your environment.

If you’re interested in learning more about these solutions and what else is possible in Office 365, reach out to our Microsoft Practice for a conversation!

Another way to further your Office 365 knowledge? Join us on June 8th for the 3rd Annual Arraya Solutions Tech Summit. This free event includes a full day of sessions presented by the members of Arraya’s technology team covering the challenges and solutions most relevant to today’s IT professional. Each session promises a “for techs, by techs” examination of topics such as cyber security, data center, mobility, and Office 365. Don’t miss your chance to further your knowledge and skills while also connecting with fellow IT pros from across the Mid-Atlantic area. Register today: https://events.arrayasolutions.com!

by

When Cisco unveiled its HyperFlex 2.0 release, there was one thing on everyone’s mind: all-flash. The 2.0 update gave customers the ability to choose between a new
all-flash version of Cisco’s hyperconverged solution and an updated take on the hybrid version already on the market. While the addition of all-flash is a big story, it isn’t the only reason to get excited about the 2.0 release.

It’s not surprising all-flash grabbed so much attention, considering the advantages it brings to the HyperFlex platform, which is built on Cisco’s proven UCS solution. All-flash means higher IOPS, greater consistency with larger workloads, and lower latency – the latter of which is also enabled by Cisco’s Fabric Interconnect networking.

What about the wear and tear normally a concern with all-flash? Cisco addressed that concern with HyperFlex’s log-structured file system. This feature handles caching and storage capacity differently based on whether nodes are arranged in a hybrid or all-flash memory configuration. One thing these arrangements have in common is that incoming data is stored over multiple nodes as dictated by availability. This – combined with the fact that incoming write queries can be, depending on corporate policies, recreated across SSDs and set as persistent – helps reduce the chance data will be lost should a SSD or node go belly up.

HyperFlex 2.0 advancements go beyond all-flash

Sure, all-flash is the main story of HyperFlex 2.0, but it’s far from the only one. Let’s take a look at five other developments that make HyperFlex 2.0 worth considering:

  1. Advanced notice of compatibility issues – Admins overseeing environments where multiple clusters are joined together using the same Fabric Interface (FI) will be particularly interested in the UCS Manager Interoperability Matrix. This tool provides a clear look at what’s compatible and what isn’t, allowing admins to address conflicts before they cause problems.
  2. New deployment options – Starting with 2.0, HyperFlex clusters are now deployable on existing Fabric Interconnects. Previous releases supported only installing HyperFlex clusters on new Fabric Interconnects. This move gives organizations the ability to reuse existing investments in UCS and the additional flexibility in terms of how they build and deploy their environments.
  3. Easier-to-execute external storage installs – Changes to HyperFlex’s Installer tool have made it more convenient to deploy external storage options, such as iSCSI and Fibre Channel. The Installer can automate the creation of vNICs and vHBAs, among other essentials, to prepare a cluster for ESXi storage configuration.
  4. Third party management and backup integration – The addition of Rest APIs brings new third party options to HyperFlex. Organizations who demand choice in how they manage hyperconverged clusters can use Rest APIs to integrate with many third party management tools. Also, Rest APIs make it possible for HyperFlex to create native snapshots that connect with outside backup providers.
  5. Updated performance benchmarking – HyperFlex 2.0 introduces the HCI Benchmark tool, an easy-to-deploy utility offering insight into valuable best practices. Built-in to this tool are benchmark recipes for various workloads, including SQL, VDI, and others.

Event: See for yourself what HyperFlex can do

Want to learn more about HyperFlex? Arraya Solutions will be hosting a free hands-on HyperFlex lab next Wednesday, April 12th at Cisco’s Malvern, PA office. Attendees will get to experience installing Cisco’s HyperFlex Data Platform, performing administrative tasks, creating a datastore, and more firsthand. Space is limited so register now by visiting www.arraya.rocks/events.

If you’d like to start a conversation before the event, our team is always available through www.arrayasolutions.com/contact-us /. You can also get a hold of them through social media, at our LinkedIn, Twitter, or Facebook pages. Remember, follow us to keep up with all of our industry insights, special events, and more.

by

The telecom space has seen its share of upheaval lately. Considering the importance of collaboration tools to modern businesses, it’s not surprising many organizations have expressed concern about the future of their platform. Should these businesses decide to strike out in search of a more stable solution, they’d be hard-pressed to find a steadier option than Cisco.

As other vendors in the sector struggle to find their footing, Cisco has continued to rack up distinctions and commendations for its collaboration offerings. Recently, Gartner named Cisco a Leader in five of its Magic Quadrant Reports covering the communication and collaboration disciplines. As per these reports, Cisco is seen as a pacesetter in Unified Communications, Web Conferencing, Group Video Systems, Unified Communications for Midsize Enterprises, North America, and Contact Center Infrastructure.

What does it mean to be a Leader according to Gartner? It takes demonstrating a strong ability to execute in a given space and a complete vision for how to evolve those services. These reports also took into consideration factors such as track record of success, the size of a vendor’s market footprint, and its ability to address a diverse (and sometimes conflicting) slate of customer demands. One example of the latter is developing a solution that balances customers’ desire for customization with their preference for simplicity and user-friendliness.

A closer inspection of the numbers shows just how well Cisco stacks up when compared to its collaboration competition:

  • Cisco has made a seemingly permanent home in the Leader section of the Unified Communications Magic Quadrant. This marked the ninth straight year that Cisco has achieved the honor.
  • Other than Cisco, zero companies made the Leader category in all five of these lists. The closest another company came was making Leader in three of the five.
  • For five years running, Gartner has placed Cisco at the head of the class on its Contact Center Infrastructure quadrant. This consistency speaks to Cisco’s lasting “ability to execute.”

Making the jump to a reliable, high-performing alternative

Taken collectively, these numbers are evidence of a stability and a breadth of expertise that is a rare commodity in the enterprise collaboration area. Businesses looking to replace a legacy solution or a long-standing – but suddenly shaky – vendor would do well to consider Cisco as a potential landing spot. Beyond the specialties covered above, Cisco can provide the networking solutions and physical infrastructure needed to build a seamless and highly reliable collaboration environment. This comprehensive approach is unique to Cisco.

Moving away from a familiar vendor to one you may have never worked with before can be an anxiety-inducing proposition. Arraya Solutions can help reduce that and build confidence by performing health checks on existing systems to show where things stand. Arraya also offers migration assessments to preview for businesses what they can expect as they move from one collaboration vendor to another.

Want to start a conversation with the members of our Cisco Collaboration team? What about scheduling an assessment or health check? You can do it all by visiting: https://www.arrayasolutions.com//contact-us/.

If you’d like to leave us a comment on this post, you can do so at any of our social media accounts: LinkedIn, Twitter, and Facebook. While you’re there, click the “Follow” button to make sure you’re the first to know about our latest blogs, learning opportunities, and more.

by

My previous post, a recap of how Arraya spent our 2016, kept to the year’s highlights. While this new post will also look back at last year, I’d like to focus in on a single issue: cyber security. Unfortunately, doing so requires going back to some of last year’s lowest points. Despite all of the positive developments that took place in IT, those who work in technology may always associate 2016 with cyber security challenges due, in no small to part, to the rise of ransomware.

Here are just a few of the more alarming ransomware figures I’ve come across lately:

Ransomware may have been 2016’s biggest IT security story, but it wasn’t for lack of competition. Plenty of cyber security incidents that had nothing to do with ransomware grabbed headlines. There was Yahoo’s disclosure of two separate breaches, affecting a total of 1.5 billion users, which reduced its sale price to Verizon by $250M. Additionally, its board withheld bonus money and stock options to the CEO while firing its general counsel without severance pay. Hacking and breaches were also at the forefront of the race for the White House. Malicious insiders even managed to open the doors to the Department of Health and Human Services’ network, allowing cyber criminals to make off with the personal information of as many as five million people.

It seemed like cyber security – and cyber security shortcomings – were everywhere last year.

Finding peace of mind in a chaotic time

Cyber security is not a new concern for Arraya. Throughout the company’s history, Arraya has aligned itself with partners and vendors who share a similar commitment to customer safety and privacy. As cyber security threats continue to evolve, and the headlines become more prevalent, we decided to take a more strategic approach to security, moving beyond point solutions to enterprise security aligned with business objectives.

From this concept, Arraya’s new Cyber Security practice was born. Rather than focus on a specific partner, the intention is for this practice to straddle Arraya’s areas of expertise. Rather than looking only at tools and architecture, this practice will also focus on strategy, governance, compliance, incident response and vendor security. I see this in particular as a differentiator. Many companies do either consulting or systems. Few do both.

The person tasked with executing this vision is Tom Clerici, Arraya’s new Cyber Security Practice Director. Tom is someone I’m extremely excited for customers to meet. His record of accomplishment in cyber security is outstanding. Tom earned a Bronze Star Medal while serving as a Communications and Cyber Warfare Officer with the United States Air Force. After a seven-year stint with the Air Force, Tom went on to build the information security program for one of the country’s largest mortgage lenders from the ground up.

Last year proved to be a difficult one for many businesses in terms of cyber security, as the above stories and statistics indicate. By bringing someone with Tom’s credentials on board and creating a vision for vendor-agnostic cyber security, I believe Arraya is ready to be a leader in the move to a more optimistic and secure future.

Note: IT leaders looking to meet Tom and learn more about Arraya’s Cyber Security Practice can do so on April 13th at the Arraya Security Forum. During this free half-day event, Tom will present on three topics, starting with a look at how cyber crooks are pushing past corporate defenses and how those threats evolve based on industry. Following that, Tom will walk attendees through the “before, during, and after” of incident response. The day’s final discussion will be on bridging the gap between cyber security and business leadership.

Arraya’s Security Forum will be held at The Hub in Conshohocken, PA. Space is limited so reserve your spot today: arraya.rocks/events.

by

During my time in a previous role, I remember attending a vendor presentation where the salesperson listed all the reasons why I needed to invest in a third party threat intelligence service.  Most of the pitch was aimed at the attack trends happening in my industry and how to stay safe. His presentation got me thinking about what threat intelligence would be most relevant to me. Specifically I thought about which types of users would be targeted, what I was worried about losing, and where I should look for attack indicators. I started examining different event logs within my infrastructure that I knew no one else was analyzing – many of them weren’t even security logs – and I was amazed at the wealth of data out there just waiting to be analyzed.

I believe third party threat intelligence offerings can be an integral part of an enterprise information security program. However, I also think you can leverage existing systems to create your own intelligence. A big piece of your organization’s cyber security story can be uncovered with a minimum amount of log analysis.

Here is a pair of tips on how to do just that.

Start Logging Events That Can Be Analyzed

Turn on logging features where they are available and write code that logs critical events in custom applications. If your servers, network devices, applications and PCs aren’t logging, there’s no way to know what’s happening. I’d recommend forwarding those logs to a centralized security incident and event management system, but even if you don’t have the budget for that, ensure the logs are saved somewhere. The longer you can keep them without impacting system performance, the better. Looking at two hours’ worth of logs doesn’t give you enough events to trend activity over time. Looking at 60 days’ worth of data can provide reliable trending information.

Where possible, it’s also a good idea to fine tune what you’re logging otherwise you’ll be stuck sifting through a host of unnecessary logs. My favorite example of this is an old Windows log clarifying that “A handle to an object was requested.” There were thousands of entries but they were all useless. Newer versions of Windows Server allow you to make your logs granular so you only get what you need. This helps when trying to identify certain types of logged behavior.

Where to Find Threat Intelligence

Personally, the perimeter firewalls and DNS are my favorite place to start. If you do have computers that are talking to the bad guys, this is where you’re going to find it. For example, let’s suppose you are using Office 365 and the majority of outbound requests from your network are to Office 365 IPs. That would make perfect sense and would indicate expected behavior. If the majority of requests are to an IP address in Russia that you can’t identify, you likely have a problem. The firewall is also a good place to watch for denial of service patterns. If you total the allowed and denied requests per minute and baseline it over time, it will provide you with a nice graph of what “normal” looks like. Then you can set up alerts when the amount of requests starts to spike to “abnormal” levels. If requests suddenly triple or quadruple without any business correlation, it could be an indicator of a denial of service attack.

From a user perspective, I like going to three distinct places – antivirus, web filtering, and device blocking. These systems will tell you who’s downloading malicious files, what bad websites users are going to, and if they’re plugging in unauthorized USB drives or smartphones. Logs for failed installs at the PC level will tell you who’s trying to install unauthorized software. The nice part about these logs is they can be traced to a user and you can take action. This level of intelligence can indicate where future problems are likely to come from internally.

It’s also a good idea to review Active Directory group membership on a recurring basis. Think about how often someone gets added to an AD group because they need temporary access to data.  How often is that group purged of temporary users? You can also look at the logs to determine who is adding, changing, and deleting group membership as well as the users themselves. The logs for VPN and multifactor authentication can provide a wealth of information about remote access. It’s important to know who’s working remotely, what time are they working, etc. The intelligence gained here provides insight into who’s likely to be comprised. For example these users may not connect to the home network often enough to receive patches and antivirus definitions.

Event: Your cybersecurity questions answered  

Want additional advice on building and maintaining more effective cyber security initiatives within your organization? Join me on April 13 at Arraya Solutions’ first-ever Security Forum. During this free, half-day event, I’ll present on a variety of topics, including the most dangerous emerging threats and the proper way to build an incident response team and plan. This event will provide today’s IT leaders with some of the knowledge and skills needed to guide their organizations to success in a business world plagued by high-tech threats.

Space is limited so reserve your spot today: arraya.rocks/events.

Feel free to send any questions you’d like to have answered prior to the event to https://www.arrayasolutions.com//contact-us/ or use social media (LinkedIn, Twitter, and Facebook) to leave me a comment on this post.

by

Something’s wrong in your data center – who are you going to call? If your organization works with a Managed Services provider, that’s likely your answer. However, who specifically is going to pick up the phone? Will it go to someone local you know and trust? Someone who understands your environment? Or will your request drop into the queue of a faceless technician in an offshore call center?

Some MSPs value anonymity. They treat their support resources as a revolving door. As one person exits, someone else picks up the headset. Maintaining a level of distance between team members and customers enables them to scale and offload responsibilities onto other providers in different regions. This increases the geographic area they are able to cover. They also see it as a way to standardize their response, building scripts and runbooks to classify and manage issues.

If any of this describes your Managed Services provider, finding a specific answer to “Who are you going to call?” might prove difficult.

Dispelling longstanding Managed Services myths

Arraya Solutions believes Managed Services is deliverable with a personal touch, without sacrificing efficiency. Beyond their usual support tasks, our team members take an active role in customer conference calls and strategy sessions. If a situation requires it, they can travel onsite to work shoulder-to-shoulder with the Customer’s team to solve problems and execute changes.

A Tech Advocate backs our Managed Services staffers in their relationship-building efforts. This person is a ranking member of the team whose focus is enhancing the services Arraya provides. It’s this person’s responsibility to understand the ins and outs of a customer’s IT environment. They become a trusted voice in conversations concerning upgrades, direction-changes, and more. The goal is to elevate Managed Services from strictly infrastructure support to more of an advisory function.

As for the idea of Managed Services as a revolving door, that’s not one Arraya shares in. While some turnover is inevitable, Arraya’s intent is for employees to make a career here. To encourage that, we invest heavily in employee training, giving team members every opportunity to learn the latest technical skills and experience.

Standing out from the Managed Services crowd

Arraya is a big believer in transparency and encouraging customers to get to know their team. This human approach serves as a worthwhile differentiator in a marketplace increasingly crowded with Managed Services providers. It’s part of the innovative methodology that has earned Arraya a place on CRN’s Managed Service Provider (MSP) 500 List every year since the list’s inception.

Want to learn more? Visit https://www.arrayasolutions.com//contact-us/ to get a conversation started today.

If you’d like to leave a comment on this story, please do so through our social media presence: LinkedIn, Twitter, and Facebook. While you’re there, follow us to keep up with our latest blogs, industry insights, and exclusive learning opportunities.