By Dr. Mike Strnad, Sentinel Strategic Business Advisor

The start of a new year is a time to reflect on the past and set goals for the future. As we place 2017 in the rearview and settle in to 2018, I thought it would be a good time to share some thoughts on a couple of notable technology topics and developments that are set to shape the year ahead.

Despite the increase in security spending throughout 2017, there were still a remarkably high number of breaches that left many organizations understandably concerned about whether they were making the right investment. For 2018, I think it’d be wise for businesses to adjust their security strategy to focus on their most vulnerable asset: end users. Make training and education a top priority to ensure employees and other users are fully aware of and updated on the latest cybersecurity threats. The more your end users know how about spotting and stopping attacks, the lower the chance of a breach occurring.

This is a good segue into another topic that can help organizations fight against breaches: business continuity planning. A business continuity plan assesses the threats and risks a company is facing, and creates an actionable strategy to ensure that personnel and assets are protected and able to function in the event of a disaster. The number of companies currently operating without a business continuity plan is astonishing, and a single breach has the potential to cause large-scale devastation.

As the number of severe weather events and other natural disasters have increased in frequency and scale over the last several years, many organizations have become overly reliant on their technology and supply chains to help restore their business. This also exposes them to a large number of risks with significant potential to cause further damage and destruction.

There are many fallacies when it comes to business continuity. Here are a few of the most common misconceptions, along with explanations as to why they are untrue: 

•    "Our individuals will recognize what to do in a disaster."  
Even the finest employees cannot be expected to react properly and take correct actions when confronted with a disaster. 

•    "We have insurance to shield our damages."  
Insurance without help is not a business continuity strategy. Appropriate coverage is a significant and important part of the plan, but is far from the only part essential to recovery.

•    "We don’t have the time or money to create a business continuity plan."  
Time spent developing and sustaining a business continuity plan is an investment in your company. Most of your fixed costs will continue after an incident, whether or not you remain open for business.

•    "Business continuity and disaster recovery planning are the same."  
Business continuity is a proactive plan to avoid and mitigate risks associated with a disruption of operations. It details steps to be taken before, during, and after an event to maintain the financial viability of an organization. Disaster recovery is a reactive plan that goes into effect after an incident. It deals with the safety and rebuilding of critical employees, locations, and operational procedures after a tragedy. DR is a piece of business continuity planning.

When you combine properly trained end users with a strong business continuity plan, it results in a dual layer of protection to keep your organization safe and able to bounce back quickly should the worst occur. I firmly believe that being over prepared is better than under-prepared, and hope that in 2018 more organizations choose to be proactive instead of reactive when it comes to the safety and stability of their technology and infrastructure. If you would like to learn more about the benefits of security training and business continuity planning, please contact Sentinel. 

On September 10, 2017, Hurricane Irma made landfall in Florida. The Category 3 storm caused widespread flooding, damage, and devastation throughout the state, leaving many homes and businesses significantly damaged. Thankfully careful tracking and analysis of Irma gave state officials enough advance notice to warn residents about the impending hurricane and order evacuations to help keep people safe and minimize potential risk and loss of life. Among those in Irma’s projected path was Sentinel customer Avow Hospice.

Avow is a non-profit organization specializing in hospice and palliative care services for the seriously ill and their loved ones. They are based in Naples, Florida and have been serving the community of Collier County since 1983. Avow is always open, available to care for its hospice patients around the clock.

Sentinel had been providing technology solutions and services to Avow for 15 months prior to the hurricane. During that time we collaborated with them on a number of different projects, including a refresh of their network and data center, as well as the addition of monitoring and managed services to ensure their IT environment and infrastructure were operating at their highest potential.

As Hurricane Irma began to gain strength in the Atlantic Ocean, teams from Avow and Sentinel held multiple emergency planning sessions to determine how best to establish redundancy, communicate, and provide care to patients before, during, and after the storm. While Avow had backup and disaster recovery solutions in place, the company had never fully tested the DR capabilities of its powerful new systems. Hurricane Irma’s pending arrival changed that. Avow discovered they could backup and restore their data, but it could take weeks to accomplish. After identifying that risk, Sentinel and Avow placed Avow’s data in a secure cloud so it could be accessed from anywhere in the world. That way, a complete recovery could be provided if necessary.

Avow also expressed concern about how to communicate with patients and loved ones should they call with questions or concerns during the hurricane. Sentinel arranged to have all incoming calls to Avow forwarded to our Network Operations Center (NOC) once evacuations began on Saturday, September 9. Callers routed through the interactive voice response (IVR) system were given instructions and guidance on what to do in a variety of scenarios. The call routing remained in place until power and systems were restored four days later.

Members of the Sentinel team kept a running activity log of calls and remained in daily contact with Avow throughout the duration of storm to provide updates and verify the backup emergency systems were working without incident. “Sentinel provided those updates, and it saved us a lot of time and trouble,” said Dan Vohasek, Senior Director of IT at Avow.

When Avow employees returned to work on the morning of Tuesday, September 12, their infrastructure had been recovered from the backup, and tests confirmed everything was working properly. Even though their network and data center were operating as normal, it would still be weeks before power, gas, and other standard community services achieved a similar level of stability as everyone continued to clean up from Hurricane Irma. Many of Avow’s home care patients were struggling in the aftermath of the storm. Having a fully functional infrastructure, however, allowed the organization to deliver a lot of care despite conditions being less than ideal.

For Avow, working with Sentinel to develop and execute an emergency backup and recovery plan for their organization saved a lot of time and stress through a highly dangerous and destructive severe weather event. “I didn’t have to think or worry about it,” Vohasek said. “It was all handled. Sentinel got it done, and got it done right. I’m grateful for that, and I’m sure our patients are too.”

If you would like to learn more about how backup and recovery can help your business, please contact Sentinel.

Whether you work in the IT industry or simply know others that do, buying holiday gifts for the tech-savvy people in your life can be a challenge. There are an escalating number of gadgets and devices designed for use in various aspects of our daily lives, and digging through the massive pile to uncover a hidden gem is an arduous task unto itself. In the end it mostly comes down to personal tastes, practicality, and budget, though sometimes it’s just nice to pick out something fun. Sentinel wants to help, so here are a few gifts to enhance the life of your favorite lover of technology.

Beam+ Smart Presence System ($1,995)

At a price tag of nearly $2,000, it’s the most expensive item on this list, but sometimes it’s worth it for the type of connection it provides. The Smart Presence System features a video screen atop a motorized device, able to easily move around locations and interact with others on an as-needed basis. It’s great for corporate meetings, facility tours, hospital consultations, school classes, and much more. If you live far away from friends or family, this is a way to interact and eliminate those borders. Those who are sick or injured or stuck at home can get out into the world a bit with this device as well.

HTC Vive ($600)

Virtual reality continues to be a hot new realm of technology, and the HTC Vive headset is one of the best money can buy. Take an incredible journey to parts unknown, or play thousands of games while immersed in incredible virtual worlds. As businesses begin to explore how to use VR and artificial intelligence to enhance interactions and the way we do business, embracing world building devices like the HTC Vive creates more possibilities than you can possibly imagine.

Apricorn Aegis Secure Key USB 3 Flash Drive ($139-$399)

Take your USB storage to the next level with this highly encrypted flash drive from Apricorn. It includes an embedded alphanumeric keypad that allows you to enter a 7-16 digit PIN code before gaining access to your data. The military-grade encryption also intercepts hardware and software key logging attempts and is immune to the risk of BadUSB malware tampering. Storage size options range from 16GB all the way up to 480GB.

HP Powerup Backpack ($100)

With so much concern over the battery life of our devices, it can be a comfort to know that you’ve got some extra charge available right inside the case you’re carrying. The HP Powerup Backpack has a built in battery that is able to charge your laptop, tablet, and smartphone wherever you might be. It has enough juice to fully restore your laptop battery, charge your tablet up to three times, and keep your smartphone alive through ten complete battery cycles. Controls also allow you to adjust power distribution as needed, so you can divert a charge if one device needs more juice than the rest.

Faraday Cage EMP Privacy Bag ($28-$118)

An Electromagnetic Pulse (EMP) releases a short burst of electromagnetic radiation that has the potential to severely disrupt or damage any electronic devices within its range. You may have seen them used in movies or TV shows as a way to knock out the power, internet, or phone signals, typically to commit a crime. In reality, the likelihood of an EMP attack is relatively small, though if one were to occur there’s no way to know its size, strength, or proximity. Many large businesses keep critical data and other important technology elements locked inside of a Faraday Cage to ensure they remain protected and functional should the worst occur. For those concerned about their personal devices, several companies now make bags and backpacks that function as Faraday Cage devices. If you place your phone, tablet, or laptop inside one of these bags, it will block all outside signals and keep your devices from being destroyed.

iFixIt Pro Tech Toolkit ($60)

Created for the tinkerers and active repair engineers, the iFixIt Pro Tech Toolkit contains more than 70 different tools ready to work with the nuts and bolts of just about any technology you can think of, contained within a small, easy-to-transport case. They examined thousands of repair guides and used that data to develop a comprehensive toolkit capable of piecing back together everything from laptops to smartphones and beyond. This is standard government issue for many FBI and CIA teams and features a lifetime warranty on all parts. 

By Geoff Woodhouse, Sentinel Solutions Architect

High performance computing has always used the best and fastest hardware on the market. The costs are always expensive, but a necessity to make every piece of the system achieve top speeds. From the processor to the memory to the special low latency networking cards, every fraction of a second counts. This includes the switching and the Fibre Channel SAN running 15K drives. While that remains a standard way to build high performing systems, the birth of Hyperconverged Infrastructure (HCI) technologies like vSAN, 3D XPoint, and NVMe allows the storage to be much faster and closer to the server compared to having it on a centralized SAN on the network.

VMWare’s vSAN and other technologies like it bring centralized storage to the server. This type of software requires multiple nodes for resiliency so the data remains safe even if a node loses power or a hard drive dies. For example, if a server does lose power, the software will realize it lost a copy of the data and will start building a new copy across the remaining nodes in an effort to keep the data secure. Once the server is brought back online, the system evaluates everything and updates the cluster.

In addition to this software, there have also been recent hardware improvements on the servers themselves. There is now 3D Xpoint technology developed by Intel and Micron. With 25,000 IOPS and 300 microsecond latency, this new technology is the fastest storage there is. Another example is Intel’s Optane, also known as M.2 drives, which are available in retail stores. This new technology approaches the speed and density of RAM, but stores data like a hard drive. It runs on Non-Volatile Memory Express (NVMe). Since Solid State Drives are so much faster than Hard Disk Drives, a bottleneck develops at the RAID controller in the server. M.2 drives remove the standard RAID controller and use the new NVMe technology to talk directly to the server on the PCI bus.

One of the biggest challenges with this new type of M.2 storage running on NVMe concerns space. On the standard retail market, a 3TB SATA drive is priced around $50 and a 1TB SSD costs $300, while the significantly smaller 512GB M.2 is also $300. As with all technology, the price is less about the amount of space you get, but how fast it operates. Eventually the storage on these devices will improve and become an even more viable solution for high performance and data center workloads.

With all of these advances in this new type of software and hardware, there are huge performance benefits to the data sitting on the server. When compared to the delays of going through the local network and accessing a high speed SAN, it is clear this new technology will be the future of high performance computing. Sentinel remains Always Leading by helping our customers find the technology to improve the speed and performance of their business. If you would like to learn more about HCI and how recent innovations can help you achieve new heights, please contact us.

By Ted Joffs, Sentinel IT Solutions Team Lead

My entire career so far has been focused on risk; mostly in the technology arena. Regardless of the job role, including a technology engineer, risk manager, solutions architect, IT leader, and my current position as a consulting engineer, one thing has always been clear: risk must be mitigated. Today, risk is commonplace with every organization and thrives in the form of cyber threats. Technology has brought us vast advances in manufacturing, banking, medicine, and retail, but with it comes a significant increase in our risk footprints, which can lead to a significant loss of finances, data, or reputation.

Before beginning the process of mitigating cyber risks (some call this risk management; which is an incorrect term in my opinion), it’s essential to better understand what they are and their potential impacts. The risks themselves are varied but tend to fall into the following categories:

Accidental & Intentional Security Breaches

Security breaches are the exposure of systems or data beyond their intended and authorized access footprints. When looking at accidental security breaches, this can include things like a database backup left unsecured, private data sent to the wrong party, or something as simple as a data center cage left open while the engineer was on a smoke break. These may seem trivial, but when your data is breached or your corporate secrets are exposed, you will be left shouldering the responsibility. Then there are intentional security breaches, like those that wreaked havoc on the NSA, Adobe, and the Veterans Administration. These come in the form of virtual or physical attacks intended to either steal data or disrupt services to an organization or individual. These are the attacks that most organizations try to prevent first and foremost – often at the expense of other attack vectors.

Operational System Failures

Operational system failures are a form of cyber risk that I see frequently as a direct result of poor systems maintenance, lifecycle management, and a general overuse of the phrase, “If it ain’t broke, don’t fix it.” Just because something is working doesn’t mean you can skip replacements, patches, or upgrades on a routine basis. Remember, a five-year lifecycle is about the maximum you should try to squeeze out of IT systems. You should really start to mitigate risks around the three year mark. How long do you think your business can run without access to any of its data because you didn’t replace your SAN before it failed due to drive age?

Downline and Upline Risks

Downline and upline risks are the result of doing business with vendors/suppliers. You might think most of these types of risks fall to the business side of the world, but that’s an inaccurate interpretation. If your phone systems, internet, international circuits, hosted email, CRM, payroll systems or other elements go down, employees are likely to hold you responsible. These are the types of risks that you can’t control completely, but are still responsible for.

---

Next time, I’ll explain how you can mitigate against security breaches from a high level. Sentinel offers a variety of security solutions and services that can help mitigate the risk to your organization. Please contact us if you would like to learn more!

By Nora Gibbons, Sentinel Social Media Specialist

Every year we ask our team to share what they are thankful for leading up to Thanksgiving. Here are some of their responses.

“My big adorable dog”

“My dog Tyson”

“My fur baby”

“Healthy family”

“15 wonderful years at Sentinel”

“Family”

“My trip to Iceland”

“Wonderful team”

“Cubicle neighbors”

“Harley, my rescue puppy”

“SPIFFs”

“My family”

“My family”

“My family”

“Jesus”

“Family and friends”

“Faith and family”

“My health”

“God and my family”

“Welcoming me as your new co-worker. Glad to be here!”

“Real family. Work family. Bourbon.”

“My work family”

“My Sentinel family. My home. My health. God’s blessings.”

“Our amazing team across the country”

“Giving back to the community”