Arraya Insights

by

Has your boss ever walked up to you and said something like: “We need to better secure our network!”? With the amount of cyber-attacks occurring lately, security is top of mind for almost every Access deniedorganization. Unfortunately, “We need to better secure our network!” is an extremely broad phrase and it doesn’t offer much in the way of actionable direction.

Since that phrase is so broad, let’s whittle it down and focus on two parts: the network edge and the data that traverses it (outbound). The edge is as good a place to start as any considering it consists of front line devices like firewalls, routers, gateways (web and email), and reverse proxies. Data, on the other hand, is also a good place to start because it’s the basis of so much of what we do.

Your network edge needs to be hardened enough so nothing penetrates, but flexible enough to allow your organization to do the work it needs. Even if we dance this jig perfectly, we still need to be concerned about the data leaving the organization. We need to make sure it ends up in the right place, is used for the proper purposes, and is protected. Unfortunately, accomplishing that means fully trusting the people, systems, and policies within other organizations. Folks in IT just love the sound of that…

The expectation for edge devices is that they’ll let the good stuff in and keep the bad stuff out. Ensuring that they stay true to that goal is a full time job in its own right. When you take into consideration all of your other responsibilities: users, their endpoints, and your systems, mandates like “better securing your network” can make 40 hour workweeks sound like a pipedream for IT. But they don’t have to be. Until cloning is approved for mass use, Arraya Solutions and our Managed Services are the next best way to keep IT’s workload in check without sacrificing security.

Our team is ready to help you secure your network edge and protect what’s most valuable to you: your data. The way we do this is two-fold:

  • Microsoft Azure Rights Management – This tool enables businesses to maintain control over their data; even when it has to leave the farm. It does this by giving the organization the ability to assign certain permissions to documents, limiting what can and can’t be done to them – as well as by whom. The document itself is protected so even if a document is sent to a contact outside of the company, any specified permissions are retained. For example, a document could be set so that it can’t be edited, printed, or even screen-grabbed by anyone. Those restrictions will stay in place regardless of where the document travels.
  • Arraya’s Managed Edge service – This service is built upon a base of Cisco SourceFIRE technology which we use to monitor traffic coming in and going out of a business’ network. SourceFIRE updates itself daily, so it is always tuned to the latest security threats. This technology allows our industry-respected Managed Services team to collect and analyze information about an organization’s network traffic, allowing the team to spot and contain possible problems early. Say an organization typically only does business in a certain region. If our team notices traffic coming in from outside that region, we can respond to it. That response is completely dependent on what the customer wants. We can simply alert the customer to what we noticed, or we can begin remediation efforts. We recognize every business has its own security culture, and our desire is to assimilate into it.

Our Managed Services take work off IT’s plate, allowing on-site personnel to focus on other items occupying their to do lists. With the support of our full team of Managed Services professionals, objectives like “We need to better secure our network!” stop being a source of frustration for IT and instead become much more attainable.

If you’d like to learn more about Arraya, or our solutions for securing your network edge and your data, please contact us at: http://www.arrayasolutions.com/contact-us/. From there, our team will work with you to devise the best strategy for your business.

by

Heads up: Microsoft’s SQL Server is coming to Linux! That’s the most eye-catching item contained in a recent blog post by Microsoft highlighting the changes coming to SQL Server in the months thoughtful businesswomanahead. When viewed as a whole, these announcements seem indicative of the more powerful, smarter, and more available future Microsoft envisions for SQL Server.

In a separate post, TechCrunch noted the idea of SQL Server and Linux playing nicely together would have been virtually “unthinkable,” as little as a few years back. But that was then and this is the new Microsoft. These days, the company has made tremendous strides towards becoming a solution-provider capable of stretching across platforms. After all, it was only back in November that we were talking about a huge player in the Linux space like Red Hat Enterprise making its highly-anticipated debut in Microsoft Azure.

This latest move is still an important one for Microsoft, just as it is for Linux. However, the biggest winners may be customers. All of a sudden, customers no longer need to be concerned about being locked in to a set path for their database management solutions. Rather than overhauling their existing environment to make way for SQL Server – or bypassing SQL due to Linux commitments – they now can run the solution they want from a platform their teams are already comfortable with.

There’s not a business out there looking for ways to reduce flexibility, so this move is bound to attract attention. As it stands now, the basic relational database features of SQL Server are available on Linux as part of a private preview. Microsoft is planning to release the full offering by mid-2017.

Features to watch for in SQL Server 2016

While the SQL-to-Linux news certainly grabbed the most eyeballs, there are other key pieces of news tucked into the Microsoft blog. The post also laid out the plans for SQL Server 2016, an offering Microsoft views as “the most significant release of SQL Server” it has ever undertaken.

Businesses can expect the following features and more built-in to SQL Server 2016:

  • Revolutionary data security – It’s not enough to encrypt data solely while it’s on the move, a fact recognized by Microsoft. As a result, SQL Server 2016 encrypts data when it’s at rest, on the move, or being stored in memory. This gives IT and business leaders confidence that their data – regardless of what it’s up to – is safe from prying eyes and cyber thieves.
  • Sky-high performance – Expectations for technology performance couldn’t be higher. Microsoft addressed this situation by imbuing SQL Server 2016 with in-memory database support for all workloads. The end result? Performance increases ranging from 30-100x.
  • Cross-device support – The issue of flexibility has already come up once in this post, and here it comes again. Staffers demand flexibility in regards to the kind of devices they can use at work. They want something that’s familiar to them. SQL Server acknowledges this and offers Business Intelligence for staff on every device, including iOS, Android, and Windows Phone.

Also on the docket as part of SQL Server 2016? Advanced analytical capabilities powered by R support which allow for data to be crunched and processed in real time. SQL also can be used to help divvy up workloads across hybrid architectures, which can cut expenses while also making businesses more nimble.

If you have questions about SQL Server 2016, SQL’s upcoming pairing with Linux, or any Microsoft topic, our team of Microsoft experts are ready to provide you with the answers you need. Arraya Solutions is a two-time winner of the Microsoft Rising Star Award for our region and we’ve amassed decades of knowledge and experience across the entire Microsoft stack.

To start a conversation with one of our experts, visit: http://www.arrayasolutions.com/contact-us/. Or, reach out to us on one of our social media accounts – Twitter, LinkedIn, and Facebook. While you’re there, be sure to follow us to keep up with our latest blogs, events, and announcements.

by

Care to guess how many personal devices employees used for business purposes last year? According to one estimate, employees used an average of three personal devices to do their jobs in 2015. devices on deskExpanding that figure out, three devices per employee comes to roughly 15 billion devices across the eligible workforce. Consider that, 15 billion devices, each with enterprise network access and each in need of proper security. It’s no wonder IT has so much on its plate.

We’ve found Cisco’s AnyConnect solution to be a great way to provide employees with the secure mobility and device flexibility they want. However, we’ve also noticed a trend amongst some businesses that adopt AnyConnect. Once it’s up and running, they see it working, and so they move on to the next concern. The “set it and forget it” mindset works in some areas, but not with security. Especially not in a climate where cyber criminals and hackers are continuously refining their skills and their attack patterns.

Why you should be considering an AnyConnect upgrade

It’s important to regularly update any security tool to ensure you’re getting the most from it and Cisco’s AnyConnect is no exception. If you haven’t upgraded to the latest version of AnyConnect (version 4), here are four benefits your company could be missing out on:

  • Access to AnyConnect ISE Posture – This module gives IT the ability to assess endpoints before admitting them to the enterprise network. IT will be able to gauge a device’s antivirus, antispyware, and firewall capabilities beforehand and restrict access if those elements aren’t up to snuff. Then, IT can adjust user privileges accordingly to allow the necessary adjustments to be made. Once a device is compliant, IT can lift those restrictions and return privileges back to their appropriate level.
  • Enhanced AnyConnect VPN – AnyConnect’s Identity Extension capabilities have been extended to cover desktops and MAC addresses. Until the release of 4.0, this was only available on mobile devices. As a result of the expansion, ASA firewalls will be alerted to the identity of a desktop platform when a VPN connection is initiated. This will allow the firewall to reconfigure access policies and monitor user activities accordingly.
  • Corrected SSL Vulnerabilities – Of course, the latest and greatest version of any tool should build on the strengths of what came before – addressing any weaknesses in the process. This is certainly the case with AnyConnect 4.0. Open SSL vulnerabilities which had been discovered in earlier iterations of the solution were remedied in 4.0, making for a safer and more secure user experience.
  • Increased Network Visibility – Once your business has upgraded to the newest version of AnyConnect, it will also gain access to any sub-revisions made to the solution. The most recent of these sub-revisions, version 4.2, takes strides to increase IT’s visibility into the corporate network. Its Network Visibility Module (NVM) lets IT team members monitor and analyze user behavior on connected devices. This way they can spot and address high-risk behavior more quickly than they could in the past.

Get started on critical security upgrades

If your organization is still leaning on an older version of AnyConnect – or really any security solution – now is the time to upgrade. You can get the conversation started by visiting us at http://www.arrayasolutions.com/contact-us/. Our award-winning team will work with you to analyze your security environment and determine where improvement could be made. Our experts are also available to help you through these deployments, ensuring continuity and a faster ROI.

We can also be reached on Twitter, LinkedIn, and Facebook. Message us directly to be put in touch with one of our security experts. Be sure to follow us while you’re on any of those sites to stay updated on all of our latest blog posts, special events, and industry insights.

by

Whether they’re supporting a Help Desk, an Office 365 deployment, or some other piece of a customer’s IT environment, the members of our Managed Services team are great at what they do. cole troise headshotLook no further than our three-year run on CRN’s Managed Service Provider (MSP) 500 list, in the Elite 150 category, for proof of just how good they are. Despite all of the outstanding work they’ve put in helping us solidify our place as one of the top MSPs in the region, our Managed Services team members rarely get a turn in the spotlight. Until now.

Meet Cole Troise. Cole is one of our Managed Services Support Specialists. Before joining Arraya nearly a year and a half ago, he had already accumulated over a decade of IT experience. Since coming on board, Cole has become a core member of our support team. We decided this made him an excellent choice to give us an inside look at our Managed Services team and what makes these resources so valuable to our customers.

A guided tour of Arraya’s Managed Services

1. What does an average day look like for you?

There really isn’t an average day, but there are some regular occurrences. The first thing I do when I get in is check my emails, my schedule, and what tickets have come in overnight. I’ll also follow up on the status of any ongoing issues. If I see any trends that a customer should be aware of, I’ll make sure to pass that info along to them. Outside of those things, it’s hard to say. Every day is usually something new.

2. What can customers expect when they call you?

Customers can expect to have my full attention when they call. Obviously, when it comes to closing tickets, speed is important, but in our department, we preach quality over quantity. We want to do the job right the first time. That requires taking time to listen and learn a little bit more about the customer and the environment.

3. How do you make life easier for a customer’s IT team?

IT is swamped. I’ve always said that Managed Services does the things onsite IT doesn’t want to do, can’t do, or doesn’t have time to do. Entrusting those things to us lets IT work on bigger projects. That way, when they report back to the rest of their organization, they’ll have real progress to show off.

4. What’s the greatest value our team brings to our customers?

I think we’re most valuable as a source of advice. Our team works with all kinds of customers and, while we haven’t seen everything, we’ve definitely seen a lot. Our collective experience allows us to give reliable recommendations when it comes to consistent issues, potential weaknesses, or underutilized systems.

5. How important is building a relationship with the customer to your position?

It’s extremely important. Any time a new customer comes on board, there’s always a little apprehension at the start. However, once I show what I can do and how I can help, they start to buy in and rely on me for more things.

Building relationships doesn’t just come down to earning wins. Our team also submits regular reports, takes part in status calls, and if we can get some face time, we’ll do that as well. We do anything we can to make them feel like we’re a part of their department.

6. What do you enjoy most about working at Arraya?

There’s never a dull day. I know that every day is going to be something different. I also enjoy our team. Everybody is so willing to jump in and share their expertise.

7. How is it different than other places you’ve worked?

I come from a Managed Services background. The biggest difference I’ve noticed about Arraya is the level of experience and knowledge. It’s totally different than anything I’ve been around before in my career.

Cole is just one piece of an entire team of dedicated support resources, each of whom is focused on helping customers monitor, manage, and protect their infrastructures and applications. Our team can supplement on-site IT personnel, allowing them to focus on their strengths while we cover any areas where they may come up short.

To learn more about what Arraya’s Managed Services can do for your business, please visit us at www.ArrayaSolutions.com/contact-us/. We can also be reached directly on social media through our Twitter, LinkedIn, and Facebook accounts.

by

Email, IM, phone calls – they all help us connect with colleagues, however, sometimes they’re not enough. There’s an old adage about how 93% of communication is nonverbal. Putting aside business man smiling at laptopwhether or not the percentage really is that high, the importance of face time to building long-lasting connections can’t be ignored.

How can this need for face time be reconciled with the ever-present desire for more mobility? That juggling act falls to IT and it usually leads to a discussion of video. Here are three use cases detailing how the Arraya team has helped customers leverage Cisco’s video solutions to support their evolving communication and collaboration initiatives.

Use Case #1: Simplifying video conferencing

End users want mobility and they want flexibility. One thing they don’t want? Complexity. Even the most powerful video conferencing solutions can fail to deliver much in the way of ROI if employees find them too complex for regular use.

Cisco’s TelePresence Management Suite (TMS) simplifies the logistics involved with planning a video conference. TMS will automatically book the rooms and ports needed for a conference based on input from the person planning it. In addition, TMS integrates with numerous external apps, including Microsoft Outlook, to ensure the right people receive notice of and access to a video conference.

For one of our customers, a health care and rehabilitation facility located in central Pennsylvania, video has become a critical part of external communications. Among the solutions we’ve helped the customer deploy is a UCS TelePresence system built on an on-premises video infrastructure, including TMS with Microsoft Exchange integration and Jabber Guest. These tools let the customer’s team hone their abilities by scheduling educational sessions with outside consultants. Handling these interactions remotely increases the ease with which sessions can be scheduled and cuts the travel expenses racked up by consultants.

Use Case #2: Face time no matter where employees are

The simplest way to define today’s workspaces is “wherever an employee happens to be.” Anything beyond that is going to turn into a lengthy list. Even though employees may be scattered, they still need to form connections and work together as a team. According to one study, 87% of remote users feel more connected when they have access to video.

Cisco’s Unified Communications Manager is a call control platform capable of managing the ins and outs of employee communication. It covers the entirety of the communication spectrum, including voice, video, and messaging among others. This reliable, highly-scalable solution lets employees start a video conference as easily as they start an instant message conversation.

One of our clients – a global provider of laboratory technology – saw value in increasing the amount of face time its employees had with outside consultants. The customer also wanted to provide that same level of connectivity to remote employees. Arraya helped the customer achieve these goals by deploying UC technology which upgraded endpoints to handle “desk-to-desk video” capabilities. This let staffers and consultants connect via video – without the need for a massive infrastructure overhaul.

Use Case #3: Caring for patients remotely 

Health care providers are treating larger and larger populations, due in part to people living longer. Despite the positives inherent in that statement, it’s a reality that has also served to put great strain on providers. After all, there are only so many skilled professionals to treat that ever-increasing list of patients.

Cisco’s TelePresence solution eliminates borders, allowing health care providers to better serve more patients. This solution connects a provider’s team with a distant subject matter expert. The resulting bridge allows a provider’s team to tap into the expert’s knowledge and gain insight and training which could prove invaluable when it comes to serving patients. Beyond that, TelePresence can link patients with specialists via video and audio, allowing for remote consultations and increasing the number of patients a lone specialist can treat.

Delays associated with specialists traveling amongst multiple healthcare networks was an issue that lead one of our customers – a collection of healthcare facilities spread across southeastern Pennsylvania – to embrace TelePresence. Working with Arraya to deploy the necessary technology – including server connector, expressway, etc. – helped the customer give employees the training and 360 degree collaborative care options needed to deliver an unmatched quality of care to patients. Also, these solutions improved the efficiency of patient-specialist interactions by minimizing the need for costly and time-consuming travel.

Fostering collaboration with video 

Want to learn more about how Arraya can help your business reach its communication and collaboration goals? Visit us at http://www.arrayasolutions.com/contact-us/. Or, we can also be reached directly through our Twitter (@ArrayaSolutions), LinkedIn, and Facebook pages. Be sure to follow us on each of those platforms to access our latest company news, blog posts, and special offers.

by

I’ve written in this space previously about IT trends and Arraya’s methods for carefully weeding out the flashes-in-the-pan from those destined to business hand shows touch screen mobile phone with streaming imagesfundamentally change the way companies do business. One term you’ve probably heard quite a bit lately is Internet of Things, or IoT. From my point of view as a technology executive, it’s clear that IoT can be a game-changer. I see IoT as a transformational shift capable of giving adopters a valuable edge over the competition for years to come.

While I may be on board with IoT, I’ve encountered others in the business world who have some reservations, mostly the usual anxieties about ROI, security, and budget. However, it’s been my experience that these concerns are misplaced and, by embracing IoT with the help of a best-of-breed IT partner, organizations can achieve immediate and long-lasting positive results.

In terms of ROI and cost effectiveness, there is tremendous worth to be gleaned from the analytical capabilities offered by IoT technology. For example, fostering connections between mission-critical devices gives organizations the ability to collect and process incredible volumes of data. This data can provide near-real time insight into all aspects of the business, leading to faster and better decisions. In addition, this data can spur product or service improvements, improve OEE levels, maximize asset utilization, and more.

As an extension of creating a smarter and more connected business environment, companies can spot improvement opportunities and gain early warnings when something is about to go wrong. This includes machines that are slowing down or process changes that may actually be hindering productivity. That early notice is valuable and so is the ability to monitor and diagnose problems remotely. IoT-enabled sensors and cameras allow teams to spot issues and begin troubleshooting them without having to leave their workspace.

In manufacturing environments, IoT can make production lines smarter. This technology eliminates the need to interrupt production while settings are adjusted to account for different product types. Instead, lines can be pre-programmed to handle multiple products, putting valuable time back into the workday. Companies can also bring new products to market much faster by providing an avenue for better collaboration between design teams and the shop floor.

Of course, where connectivity goes, concerns about security and breaches are sure to follow. IoT shouldn’t be looked at as a risk-driver, however. True best-of-breed IoT solutions are built upon a solid security foundation. Security surrounding access points, device interactions, and the interactions between partner and customer are all essential to these solutions. By securing the full connectivity spectrum, IoT technology can play a key role in hardening organizations against security breaches.

It’s not just data security that can benefit from IoT technology. Video analytics and better communication between management, safety response teams, and the average employee can improve workplace safety from a physical perspective too. This in turn can help companies avoid lawsuits levied by injured guests as well as workers’ compensation claims.

Bringing IoT connectivity to all industries

I’ve mostly looked at IoT through the lens of a manufacturer, but by no means is manufacturing the only industry which can benefit from IoT investments. Consider health care, for example. The cost of a malfunctioning machine isn’t measured in dollars and cents in settings such as hospitals. In these instances, the early diagnosis of equipment problems could save lives. That’s just one of many potential use cases, when considering other verticals.

I’m not alone in seeing the tremendous impact IoT technology can have on all types of organizations. As a company, Arraya is committed to spreading awareness of this. Late last year, we held our first-ever Delaware Valley Manufacturing IoT Summit. This event brought manufacturing leaders together from across our area to learn about the latest IoT solutions and how those solutions could help them better serve customers. We were very proud of the response this event received and we have multiple similar events in the works for April 2016.

Earlier this month, we joined a select group of IT partners who’ve achieved Cisco’s IoT Manufacturing Specialization. This certification recognizes our ability to connect manufacturers and IoT solutions and provide world class support for those deployments.

IoT technology is no mere buzz phrase. If an organization’s technology leaders haven’t gotten the ball rolling on these conversations, business leaders would be wise to do so. It’s the first step towards launching sweeping and meaningful changes across every side of an organization.

by

IT security pros: “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” Sun Tzu wrote that in “The Art of angry guy pointing
War.” Even though he didn’t have corporate digital security in mind when he did, it’s still a quote that should ring true in the fight against hackers and cyber crooks. After all, the better the security team understands those on the other side, the better prepared it will be to efficiently repel intrusions.

That’s the kind of insight found in “Flipping the Economics of Attacks,” a new study released by the Ponemon Institute. This study compiled the expertise of IT security insiders across multiple countries to formulate a look at attacks from the hacker point of view. Here are four things businesses should know about attacks and attackers.

#1 – Who They Are

If a company knew exactly who was attacking it, stopping that attack should become pretty easy. While Ponemon can’t provide the names/faces of all suspected cyber crooks, what it can do is give companies a look into the personalities and goals of attackers.

For instance, the study found:

  • An average of 69% of respondents said hackers were motivated strictly by the money involved in a successful cyber attack
  • 72% of respondents described hackers as opportunistic when it comes to choosing their targets. Most would rather go after a weaker target then one that was hardened and ready for an attack
  • 69% of respondents said hackers would call off an attack should a target present too strong of a defensive front
  • While some attackers do score big paydays, the typical earnings of attackers can be quite humble. Hackers earn an average of $28,744 per year for their devious efforts

#2 – Cost & Time

Security and IT pros work long hours ensuring their systems are ready should attackers come knocking. Unfortunately for IT pros hoping attackers at least feel their pain in this regard, it turns out the average hacker has an enviable work-life balance. The study found that the typical hacker spends roughly 705 hours per year preparing and launching attacks, or a little over 13 hours per week. It’s safe to assume that’s far less than the time security pros are spending to keep them out.

This study also found the time and financial investments needed to execute an attack were shrinking. It showed:

  • 53% surveyed said it costs less to launch a successful attack
  • 53% said the time spent planning and executing an attack dropped

Those who believe the time spent planning and executing attacks has gone down believe it’s due to:

  • Increasing numbers of exploits and vulnerabilities (67%)
  • Attackers getting more efficient (52%)
  • Hacker tools becoming more effective (46%)

#3 – Tools of the Trade

Protecting corporate data from attackers can become a matter of escalation. If attackers’ tools and methods keep improving, it puts an onus on security pros to ensure their tools and methodologies do the same. Otherwise, they risk leaving themselves and their business vulnerable.

According to the study:

  • 63% of respondents said the use of hacker tools increased over the last two years
  • 64% of those surveyed described these tools as being “highly effective,” a proclamation sure to send shivers down the spines of security pros
  • 31% of respondents said they saw significant improvement in the quality of hacker tools, a total of 84% said they saw some level of improvement
  • On average, hackers spent $1,367 on the specialized tools they used to launch attacks

#4 – Hacker Response to Defense

If a backdoor is left open thanks to missed patches or other poor security practices, of course hackers are going to take advantage and let themselves in. But what about the companies that present a hardened defensive front? Hackers’ response to these companies shows just how hard they’re willing to work to get what they want.

According to the study:

  • If companies can drive up the time needed to conduct a successful attack by 40 hours or more, 60% of attackers are likely to give up and move on to easier targets
  • Typically, hackers spend 70 hours total planning and executing an attack against an average security infrastructure. Elite infrastructures force attackers to spend 147 hours on the total process.

Keep attackers at arm’s length

Knowing the enemy isn’t just a good defense strategy, it’s the best defense strategy according to the Ponemon study. Sharing threat intelligence among peers can thwart an average of 39% of cyberattacks, according to the study’s respondents. However, 15% of participants went even further, saying 76%-100% of attacks could be prevented by threat intelligence.

Threat intelligence is a core component of Cisco’s IT security solutions, including Rapid Threat Containment. This solution brings together Cisco FireSIGHT Management Center and Identity Services Engine to form a barrier capable of standing up to next-level security threats. Rapid Threat Containment uses continually-updated threat intelligence to keep pace with the latest attacker tactics. This allows it to identify and isolate threats from something like malware as soon as they enter the corporate network.

To start a conversation on Rapid Threat Containment, or any one Cisco’s leading security solutions, visit us at: http://www.arrayasolutions.com/contact-us/. Our award-winning Cisco team has spent decades assisting customers to build security solutions which address their specific needs. Our team also has the implementation and support experience needed to ensure immediate and full value is achieved early on and for the duration of the solution’s life cycle.

Upcoming Event: Join Arraya Solutions and Cisco on March 23rd for a Cyber Threat Response Clinic, where you’ll experience a live demo of a malware attack – and how to respond to it. View details and register for this complimentary workshop at www.arrayasolutions.com/events

Want to learn more? Follow us on Twitter (@ArrayaSolutions) and on LinkedIn (Arraya Solutions) to stay in the loop with all of our latest special offers, blogs, and more.

by

Heads up: Edge and Internet Explorer users may have noticed a slight uptick in the number of downloads dubbed untrustworthy by those browsers so far this year. The reason? Effective January safe_data1, Microsoft changed Windows’ default settings so many files downloaded from the Internet bearing an SHA-1 code signature are viewed as suspicious.

Late last year, there were rumblings that SHA-1 encryption was on the fast track to being cracked. Should that have happened, it would have left anything protected by that coding open to being accessed and manipulated by hackers and cyber crooks. While the use of SHA-1 has long been looked at as the opposite of a “best practice,” these threats spurred Microsoft and others to double down on efforts to get users to modernize wherever possible. This includes updating to modern browsers designed to work with new, more effective coding, such as SHA-256 or greater. Also, it means migrating any internal certificate infrastructures away from SHA-1 and over to something more secure.

As far as scope goes, this change will only impact new files. Any files timestamped and released before that January 1 date will continue to be marked as trustworthy by browsers. In addition, signatures verified by Code Integrity are immune from this modification.

It’s important to note that users will still be able to download and access any of the files thought to be untrustworthy. The purpose of this change is to alert them about the increased risks which may lie ahead. If they so choose, customers can override or alter the settings imposed by this change to better suit their needs.

This is the case right now, but long term is a different story. Come January 1, 2017, Windows will automatically block SHA-1 signatures. There is a possibility that end date will come much sooner, however. Microsoft and other browser makers have considered moving it all the way up to June 2016.

The path to a safer, more modern IT environment

Whatever the end date, it’s critical to begin the process of weeding out any legacy systems likely to be affected by this change as soon as possible. That way, when the time does come, business can carry on as per usual – without any heightened fears of attacks.

The Arraya Solutions team is well-versed in identifying and securing weak points in any IT infrastructure. Our team will work with onsite IT to plan out and execute the necessary changes. We can help businesses make the jump to modern browsers such as IE11 or Edge, or leave behind vulnerable and outdated tools such as Windows XP or 2003. If customers issue their own, SHA-1-based certificates for internal use, our team stands ready to assist them with upgrading their internal PKI to use a SHA-256 or greater.

If you’re ready to start a conversation, our team can be reached at http://www.arrayasolutions.com/contact-us/. We’re also available to answer any of your SHA-1 or general IT infrastructure questions through our social media accounts. Be sure to reach out to us on Twitter @ArrayaSolutions, on LinkedIn, or on Facebook.

by

In the summer of 2012, Microsoft announced it was purchasing Yammer. I’ll be honest, at that time I was at a company where we used Yammer and no one there was sure what the play was other Smiling man typing on laptopthan Microsoft entering the Enterprise Social space. Years later, it is clear that Yammer fits in well with the collaboration suite of Office 365.

In case you haven’t seen it, Yammer is a social portal for your business. It really helps reduce email load, as I’ve previously written about, by shifting more general content to a place where interested people can find it.

Here is a sample screenshot of Yammer. You can see Janet is looking for some ideas about an upcoming conference. This is a perfect use case. In addition to Updates, you can also post Polls, Praise and Announcements.

yammer screenshot

Microsoft is making a change to their Office 365 licensing and enabling Yammer across every Office 365 subscription in addition to other improvements that will help make social an underpinning of the Office 365 experience, similar to how Skype for Business appears across the suite.

If you aren’t ready to roll out Yammer, take note that you should adjust your licensing accordingly. Here are some tips though to get things going a little bit quicker.

From a deployment and usage perspective, Yammer is close to SharePoint. If you’ve ever have seen a poorly executed SharePoint plan, then you know governance and driving adoption is key to its success.

The biggest roadblock to implementing Yammer may be internal paranoia about posts. While Yammer is social in nature, it is a professional network. It is important to communicate out its intention and purpose to your end users. Besides sending out an email announcement (since you don’t have Yammer yet), you can also write up a usage policy that users must agree to before signing in. Along these same lines, you can type in keywords to watch out for. This can be anything from expletives to internal company project names and intellectual property word cues.

Similar to SharePoint, you can lock down Yammer from the outside world, leaving it accessible anywhere, but only to your internal users. This helps prevent data leakage to the internet since this is a professional, yet slightly informal area to collaborate.

Lastly, talk to your departments and find out how they communicate with the company today. For example, would HR benefit from a portal where employees can ask benefits questions? Does your executive leadership want to solicit ideas from employees in a new way?

Setting up the structure of Yammer in this way is key. You could align straight to organizational structure, which may drive some adoption, but finding a collaboration pain point (typically within email) and then shifting it to Yammer is sure to increase adoption in a significant way.

If you are thinking about deploying Yammer through this change by Microsoft, a partner like Arraya can help you plan out the governance and adoption strategy. We can discuss how other companies leverage it and talk specifically about the collaboration challenges you are facing.

by

Last week, VCE officially pulled the tarp off of VxRail, its newest hyper-converged infrastructure solution. VxRail combines industry-leading technology from EMC and VMware to deliver whats3x-9743-1440 VCE has referred to as a “quantum leap” forward for hyper-convergence. It sees this as a solution capable of transforming the way we think about modern day IT infrastructure.

At Arraya, we believe customers of all sizes can see significant ROI from VxRail deployments. Smaller customers could leverage this technology as their main data center solution, while larger businesses might be more interested in using VxRail as a point solution capable of powering critical projects. Whatever the individual use case may be, we wanted to shine a light on VxRail to give customers a better look at exactly what it can do for their data centers.

Here are three common data center needs and how VxRail can address them.

Need #1: “I need a solution that will grow with my company.”

A business’ data center needs right now look different than they did as little as a few years ago – and they’ll likely look different five years in the future. The onus is on IT to find solutions capable of scaling along with those needs. The ease with which this can be executed keeps costs down and keeps IT focused on other projects.

In terms of scalability, VxRail:

  • features performance and capacity that can be increased by adding additional nodes, up to 64 nodes (or the equivalent of 16 appliances) per cluster.
  • allows businesses to start small, covering as few as 20 virtual machines (VMs) upon its initial deployment. This number can grow to thousands of VMs.
  • offers a range of possible compute, memory, and storage configurations, accounting for all use cases.
  • supports 80 cores and 24 TB of raw storage in a single hybrid appliance (contains 4 nodes), meaning a 64-node cluster supports 1,280 cores and 384 TB of raw storage.
  • All-flash VxRail nodes will be available in Q2.
  • boasts a “pay-as-you-grow” model to keep deployments in line with business goals.

Need #2: “I need a data center solution that includes data protection.”

Data protection is top of mind for IT teams in every industry. These teams want to be able to rest easy in the knowledge that their business’ data and apps are protected. They also want to know that, in the event that something should go wrong, their data and apps will still be there when they need them.

In terms of data protection and availability, VxRail:

  • features EMC RecoverPoint For Virtual Machines technology which enables IT pros to recover data and virtual machines from any point in time.
  • Includes VMware vSphere Data Protection, enabling centralized de-duplicated backup and recovery.
  • leverages EMC CloudArray technology allowing for storage capacity expansion from the appliance with storage from public and private clouds.
  • cuts time spent recovering data and apps from a disk by 30% on average.

Need #3: “I need a data center solution that reduces complexity.”  

Corporate IT needs have skyrocketed, but the size of their IT teams haven’t always followed suit. Supporting these growing and evolving requirements has left time at a premium for IT. The need is there for any and all solutions capable of putting time back into their schedules.

VxRail reduces complexity by:

  • giving IT leaders the ability to manage routine data center tasks at the VM, appliance, and cluster levels – including across multiple clusters – from one location.
  • utilizing a layout and user experience that IT is already familiar with, allowing teams to get up to speed much more quickly.
  • providing visibility via VCE Vision – allowing IT to keep a close eye on the overall health and availability of the solution.
  • integrating seamlessly with existing VMware tools to provide a more fully-realized version of those tools.

Build a smarter, more efficient data center

These are just some of the challenges IT pros can address with a VxRail deployment. Ready to learn more? Contact us today to start a dialogue with a member of our skilled team of EMC, VCE, and VMware experts. They can help you determine whether VxRail is right for your environment and in what capacity. Begin the conversation at http://www.arrayasolutions.com/contact-us/. Our team can also be reached on Twitter @ArrayaSolutions, on Facebook, and on LinkedIn.