Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
The Danger of Digital Currency Mining
By Jeff Bell, Sentinel Support Analyst
Many of the websites being used to spread this malware are unaware they are doing so, as hackers often plant the malicious code known as CoinHive without their knowledge. Other sites are knowingly using the malware to generate revenue for themselves beyond what they would make through hosted ads and sponsored content.
Because this requires vast amounts of computing power, devices and networks infected with this malware will often see a sharp slowdown in operations, impacting productivity and creating frustration. Additionally, if the malware reaches a scalable company resource such as the cloud, it can push against data usage limits and create large overage fees for victims.
Sentinel’s Security Operations Center (SOC) proactively counters web theft attempts of our customers’ resources through digital currency mining such as CoinHive. Armed with high-powered IDS detection, our analysts gather critical threat intelligence and take immediate action in notifying customers of the resource theft. Sentinel also deploys proprietary, preventative countermeasures for all customers to defend against any potential currency mining threats in the future.
An Important Update Regarding Cisco CallManager
Many companies and organizations are currently operating with an outdated Cisco CallManager. Cisco Unified Communications Manager (Unified CM) gives businesses the ability to bring disparate teams and coworkers together. A leader in the 2017 Gartner Magic Quadrant for Unified Communications, Cisco CallManager provides unified communications, enhanced mobility, and scalability. The solution is open, interoperable, secure, and compliant, and can meet the needs of businesses of all sizes across industries.
As of November 30th, 2017 Unified Communications Manager Version 8 will be obsolete. This means all Cisco CallManagers pre-9.x must migrate to Version 10 or above. Licenses/Device License Units (DLU) for these systems are no longer orderable, and Global Licensing Operations will not upgrade newer licenses purchased after July 31st, 2016. To ensure continued support, organizations must upgrade older systems to version 10 or 11 as soon as possible.
After November 30th, customers will no longer be able to trade in DLUs; the support team will no longer be available to assist with pre-migration reviews or help determine how many licenses are needed at time of migration to be compliant.
If you have any questions about the Cisco CallManager migration, please feel free
to contact Sentinel to speak
with a collaboration specialist. Our team is ready to help businesses through
Prescriptions to Improve Health Information Technology
By Dr. Mike Strnad
The term "Health Information Technology" (Health IT) is a broad concept that encompasses an array of technologies to store, share, and analyze health information. More and more, healthcare providers are using health IT to improve patient care. But health IT isn't just for healthcare providers. You can use health IT as a patient to better communicate with your doctor, learn and share information about your health, and take actions that will improve your quality of life. Health IT lets you be a crucial part of the team that keeps you healthy.
Today’s information technology revolves around many levels in business. In health organizations, IT often plays a key role in the creation and management of Electronic Health Records (EHRs), Personal Health Records (PHRs), E-prescriptions, and more. Unfortunately when healthcare budgets are cut, IT is often one of the first areas on the chopping block. This has forced many health IT departments to do more with less, and take on additional responsibilities that extend well beyond their traditional skill sets. Most demanding among these is security.
Data security has been a hot topic in business technology, and will continue to be for many years to come. As ransomware and data breaches become more prevalent than ever, healthcare IT workers are stepping up and fighting to adapt in this ever-changing landscape. Thankfully the number of security specialists has been growing at a significant rate, helping to ease the burden of many IT departments. However if health organizations continue to cut IT staff and resources, they could be placing themselves at significant risk.
The key to maintaining a strong IT department for any business is to not only focus on today’s environment but to look toward the future. As we become better at deterring breaches, newer and more innovative intrusion techniques will arise. IT departments must not become complacent and should consistently invest in education for staff to ensure they are fully prepared for anything that might come their way.
Sentinel offers a comprehensive array
of products, solutions, and services designed specifically for the healthcare
industry. If you would like to learn more about our offerings and how they can
help your organization, please contact
What is IT Governance?
By Dr. Mike Strnad, Sentinel Strategic Business Advisor
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, was established following several high profile fraud and deception cases throughout the banking, securities, and insurance industries. One of its biggest benefits was that it placed a spotlight on the need to establish a more formal framework to ensure that an organization’s IT investments are fully aligned with their business objectives. This is one of the foundational tenets of IT governance.
By following a formal framework, organizations can yield quantifiable results toward attaining goals more quickly and easily than ever before. A recognized program like ITIL (Information Technology Infrastructure Library) provides organizations with a set of regimented processes to follow.
There are many reasons to make IT governance a priority for your business. The sheer number of regulations being imposed on organizations today should be one of the primary motivating factors. Companies also need to reinforce critical areas of their infrastructure such as data retention and disaster recovery. Formal IT governance programs such as ITIL, which utilize best practices, are an easy way to implement this.
If you’re looking to implement an IT governance program, make sure to contact the Strategic Advisory Group at Sentinel. Our consultants are certified experts in ITIL, and can help your organization optimize the relationship between IT and business using five keys to management best practices: strategy, design, transition (change management), operation, and continual service improvement.
In order to ensure a smooth implementation and positive results, it is essential to engage with executives throughout the organization. Forming a risk management committee with top-level management is a great way to get that conversation started. Make sure to share progress and results with as many people as possible so everyone stays on the same page and can closely monitor positive gains and areas still in need of improvement. Communication is where everything begins and ends.
If you would like to learn more about IT
governance and how Sentinel can help streamline your technology and business
processes, please contact us.
National IT Professionals Day
Every 3rd Tuesday of September we celebrate National IT Professional Day! An idea that originated with our partner Solarwinds, IT Professionals Day became a nationally recognized holiday in 2015.
This holiday is very special to Sentinel. Our amazing staff of IT professionals across the country work tirelessly with our partners to create, implement, and manage technology solutions across all types of industries and environments. They truly are the backbone of Sentinel. We are incredibly lucky to have such a talented team of individuals working within Sentinel and with our clients.
Not only do we get to celebrate IT professionals in the Sentinel family, but we also get to honor the dedication and hard work of our amazing clients. Nationwide, we work to create unique solutions hand-in-hand with the Chief Technology Officers, IT Managers, Network Managers, Cybersecurity Executives, and others that make up our clients’ IT departments. These solutions are crafted to meet the needs of their organizations in accordance with industry compliance standards. This creates a very collaborative environment between our clients and our team. Their work together allows them to learn from each other by expanding their knowledge base, exploring different sides of technology, and growing their skill set.
Beyond our clients, we work closely with our partners to ensure we are delivering the most effective and efficient solutions available. This includes participating in trainings, meetings, whiteboard sessions, and the occasional working lunch with their brilliant teams. Without these professionals, we would not be able to deliver the high quality services and solutions Sentinel is known for in the industry.
So today, and every day, we want to say thank-you to all of the IT professionals who help Sentinel to remain Always Leading. We appreciate all you do to keep us connected, running, and relevant. Thank you!
Employee Appreciation Month 2017
Sentinel appreciates their employees and we do our best to show that on a daily basis, whether it’s chair massages, health and wellness programs, holiday gatherings, take your child to work day, or celebrations of special life events. It is our belief that satisfied employees lead to satisfied customers. With that in mind, Sentinel once again held a series of fun and social events for staff at all of our locations in celebration of Employee Appreciation Month this past August. Here are some of the highlights:
The Downers Grove and Chicago offices got Employee Appreciation Month started a couple of days early with a trip to see the Kane County Cougars play some minor league baseball against the Beloit Snappers on July 28th at Northwestern Medical Field in Geneva. Employees and their families enjoyed some delicious ballpark food and beverages during the game, and a great time was had by all!
A couple weeks later on August 16th, the Downers Grove held a social hour at the end of the work day. While the party started outside, a surprise rain shower moved everything into our warehouse, where everyone had drinks and snacks that ranged from chocolate cake to mini brisket sliders. There was also enough room to play some bags for a little friendly competition.
Downers Grove rounded out the month with an employee BBQ on August 23rd. Managers grilled up a variety of burgers, hot dogs and veggie dogs at lunch time for everyone in the office, and the meal was rounded out with chips, cookies and soft drinks. Luckily the weather cooperated this time, the gorgeous summer afternoon creating the perfect atmosphere for food and fun.
Our Arizona location kicked off their Employee Appreciation celebrations with a breakfast. The management team cooked a morning meal for everyone in the office that included eggs, bacon, waffles, and donuts. As breakfast is the most important meal of the day, the healthy meal packed with protein was the right fuel to get people energized and motivated to do their best work.
Just in time for the long Labor Day weekend, the Arizona office officially closed out the month with an early afternoon social hour on September 1st. There were drinks, great conversation, and even some mouthwatering Chicago-style deep dish pizza thanks to the brand new Lou Malnati’s location that opened in Phoenix.
The staff at our Crystal Falls, Michigan office love a great meal, and pretty much all of them agree that Carlos Cantina offers some of the freshest and most authentic Mexican food in the region. So when it came time to pick a spot for a team dinner on August 8th in celebration of Employee Appreciation Month, it was an easy decision! Everyone had a fantastic time and a delicious meal that included nachos, tacos, and more.
Sports and tailgating go together like peanut butter and jelly, which is why the fine folks at our Milwaukee office chose to do exactly that for their Employee Appreciation Month event. They visited Miller Park on August 3rd to watch their beloved Brewers take on the Washington Nationals, complete with a tailgate party beforehand. Everything worked out perfectly, as the Brewers won in a 6-3 showdown!
Speaking of baseball, our Lansing office chose to visit with their local minor league team the Lugnuts for a game on August 1st against the Great Lakes Loons. Unfortunately, this doesn’t seem to be the best season for the Lugnuts, and they lost the game. Everyone from Sentinel had a fun time though, so we’ll call that a win.
Ann Arbor celebrated Employee Appreciation Month on August 15th with a pizza-filled social hour that also included a team competition based on the game show “Minute to Win It”. Teams faced off against each other in games that included a spaghetti challenge, a cup stacking challenge, pantyhose baseball, an Oreo challenge, and a table building exercise. After all the points were added up, the team of Karina Hosington, Tom Peterson, Scott Spencer and Collin Moerman came away victorious. Everyone had a great time with lots of laughs!
Similar to some of our other locations, our Grand Rapids office began their Employee Appreciation Month with a healthy breakfast on August 2nd. Everyone got together in the warehouse to enjoy a meal that included eggs, coffee, orange juice, and other assorted treats. That was followed at the end of the month with a social hour on August 30th featuring drinks, snacks, and an assortment of fun games.
Our newest office in Denver likes to do things a little differently, which is why they chose an Employee Appreciation Month activity that combined drinking beer with a little bit of exercise. They rented a pedal pub and took a ride around some local neighborhoods. A pedal pub is essentially a bar on wheels, where everyone sits on stools and drinks beer in this open air, trolley-like vehicle, but it only works when everyone is working together and using their legs to push pedals and keep it moving. Following that workout, the team stopped off at a favorite local haunt for a nice dinner.
Fun events such as these for Employee Appreciation Month are just a small part of the reason why Sentinel has been named one of the Top Places to Work in both Chicago and Arizona. If you’d like to join our team, make sure to check out our job openings!
Breaking Down Silos - An ITIL Imperative
Seven years ago, former technology journalist and current Gartner Research Director George Spafford wrote an informative article on silos that accurately reflected a trend in enterprise IT at that time. Unfortunately, silos still exist today and continue to harm businesses. Transferring information can lead to solid business growth, but only if done properly. ITIL remains the best solution to the silo situation. Sentinel’s Advisory Services Group works with our clients to assist in breaking down silos by focusing on the ITIL Framework. This is a very important piece with critical information that can benefit both IT and business professionals, which is why we’re sharing it in full here:
Note: This article originally appeared in ITSMWatch in June 2010.
Breaking Down Silos – An ITIL Imperative
By George Spafford
IT organizations typically follow a hierarchical division of labor with classic command and control structures that often results in silo'd groups. These overly verticalized groups tend to be isolated, self-invested and not working towards common goals.
On one hand, this bureaucratic structure promotes/enables specialization of technical skills but, on the other, there are imperfect transfers of data, information, knowledge and work between various groups leading to inefficiency, ineffectiveness and higher risks. IT organizations that are seeking to improve must carefully plan and take action to break down these silos for the betterment of the organization as a whole.
If improperly pursued, ITIL processes tend to exacerbate silos by formally reinforcing the roles and responsibilities of a given functional area in isolation. In actuality, the ITIL documentation does provide base sets of interactions between processes. Teams responsible for the design and implementation of processes must pay close attention towards both formally defining the integration of areas as well as promoting, formally and informally, the fact that everyone must work together in concert to support the goals of the business through IT services and their continual improvement.
As management and process improvement teams develop strategies, design and implement processes, they must take into account the integrated and tightly coupled "system" of IT processes and the nature of work. To help reduce silos and foster teamwork, this article sets forth the following base recommendations:
Tone from the top - First and foremost, from senior management downwards, it must be made clear that groups are to work together to create and value; that is to say to work together to enable the business to pursue the goal with adequate safeguards. They must make it clear that isolationism will not be tolerated and that the various groups must work together. If process documentation and such provides the letter of the law then management's "tone" must help identify and reinforce the spirit of the law. In other words, the need for various teams to work together must be an intrinsic part of how work is conducted and be clearly reinforced by senior management.
In this age of tight budgets, accelerated time to market and high expectations, management cannot afford impediments to high performance. Silo'd groups that are allowed to blame one another or develop other compensating mechanisms to overcome the perceived shortcomings of other teams will not be effective and efficient in the long-run (not to mention increase the level of risk inherent in IT services).
Formalize and promote process and data architectures - There must be an over-arching systemic perspective that guides the design of processes to maximize their value. As such, there must be a formal architecture that identifies the various processes and their relationships to one another. This includes the documentation of inputs, outputs, dependencies and so on.
The process architecture will also serve as an input to the creation of a supporting data architecture that can be coupled with a tools strategy to improve integration and overall effectiveness and efficiency. Process and data architectures are increasingly important due to complexity in the business and IT environments. If anything, a lack of formal architectures will allow organic complexity and costs to dramatically increase over time.
Design and implement processes with clear integration - In accordance with the formal process architecture, each individual process must be designed and implemented. To help avoid or break down silos, process design and implementation methodologies should take into account the following:
+Processes need to be formally documented for consistency, training and continuous improvement. This documentation must be clear and truly add value lest useless shelfware be created.
+Process integrations need to be identified in the documentation. For example, when does Incident Management need to engage Change Management and how? Process flows and sub process flows need to identify this information and have supporting detail.
+Roles and responsibilities need to be identified. The use of swim lane diagrams for visual depictions and RACI charts to methodically identify involvement can reduce ambiguity.
+There must be training when the processes are launched or revised as well as annual refresher training. It is imperative that staff understand what is expected of them.
+Documentation and training must effectively communicate why the process matters. What are its objectives and why should people bother following it?
+Processes should be reviewed at least annually or after organizational events such as mergers, divestitures, and so on.
+Management should design processes to include the necessary data collection and reporting to provide oversight both on a specific process and on the system overall. For example, the performance of one isolated server is less relevant than the performance of an overall service in the eyes of customers and users.
Recognize and address human factors - To further break down silos, job descriptions, performance reviews and compensation plans need to both reflect the output of IT overall as well as customer satisfaction and the needs of the business overall. If they are created and managed with a local focus then the silo mindset will be reinforced and attempts to create a system focus will likely fail.
Consider the following: a server engineer may be primarily judged by the number of servers built and availability of the servers specifically. Those measures focus on a fraction of what it takes to provision and sustain an IT service. As a result, the engineer may focus only his servers at the expense of the business. The perspective can change by measuring performance and such at the service level as well as customer satisfaction. Thus, it wouldn't be the engineer's server performance solely that is looked at but also the service that they are a part of such as SAP in support of accounts payable.
To break down IT silos, senior management must have the appropriate tone from the top. Process and data architectures must be developed to guide efforts from a cohesive systemic perspective. With the architectures taken into account, processes need to be designed and purposefully implemented with integration factored in. Last but certainly not least, "soft" human factor issues need to be designed and implemented to reinforce the desired organizational changes.
If you are interested in learning more about silos and how Sentinel’s Advisory Services Group can help you break them down using the ITIL Framework, please contact us.
Building A Better Disaster Recovery Plan
By Dr. Mike Strnad, Sentinel Strategic Business Advisor
More organizations than ever are starting to realize the importance of having a comprehensive Disaster Recovery Plan in place. Should a catastrophic incident such as a flood or fire destroy all or part of your office(s), it’s essential to have a clear set of instructions detailing what to do and how to proceed to get things up and running again. Failing to regularly update your DR plan or simply not having one at all places your business at exceptional risk, potentially resulting in prohibitively high costs, loss of revenue, and/or permanent damage to your reputation.
One area that is most commonly overlooked is documentation. Having decaying or outdated documentation can severely sabotage or even destroy your DR plan. Sentinel understands this, which is why our Advisory Services Group has put together a Business Continuity Executive-Level Overview that helps executives identify:
• Flaws in Business Impact Management
• Unidentified Risks
• Flaws in Incident Management
• Limitations of your current Disaster Recovery Plan
The overview concentrates on areas of vital importance that link back to a successful and dependable Disaster Recovery Plan. Some potential issues our certified experts help to uncover include:
• Old documents that have not been reviewed within a year
• New security incidents that have been occurring where risks have not been identified
• New or retired assets (servers, applications, personnel) that influenced the development of the current Disaster Recovery Plan
To learn more about the ways Sentinel’s Advisory Services Group can help your business to develop an effective and up-to-date Disaster Recovery plan, please contact us or your local Sentinel sales representative.
The Importance of a Business Continuity Plan
By Dr. Mike Strnad, Sentinel Strategic Business Advisor
Plan. Do. Check. Act. These words should be engraved in the minds technology professionals. As the focus on security continues to grow, it’s never been more imperative for organizations to have a solid Business Continuity Plan (BCP) in place should a breach, ransomware, or other catastrophe occur. BCPs get created and become stale very quickly. Susan Snedaker and Chris Rima wrote an interesting book titled “Business Continuity and Disaster Recovery Planning for IT Professionals”. In it, they described the birth of business continuity and disaster recovery, stating that this topic was originally not on the mind of many organizations.
Modern technology services allow you work faster than ever, with greater flexibility and more efficiency. As a result, recovering from a disaster big or small should be easier. But a recovery is only effective with good preparation and a well-understood disaster recovery plan. BCPs become outdated, as do knowledge base articles. These should be considered “living documents” and adjusted regularly. An efficient, reviewed, and updated BCP will not only improve your speed to recover from a catastrophe, but it will also save you money and ultimately protect and enhance your business reputation.
The key first step in creating a BCP is to understand exactly how your business operates. The better you understand the core elements of your business, the more effective the BCP will be. Looking closely at Business Impact Management, Risk Management, and Incident Response Management can help lead to an effective Disaster Recovery plan. All 4 of these elements are vital to any well-written, reviewed, and executed BCP.
Many technology and business executives have not gone through an actual DR scenario where dollars were on the line until recovery was established. Sentinel’s Advisory Services Group has this experience, and found that a plan is only as good as the accuracy of the information. Time is money, and a stale BCP could result in a lot of lost revenue.
Ultimately, it is important to review your BCP after significant changes, testing, or incidents and provide feedback. Talk to your employees and analyze what went well and what did not. The more staff members are involved in the planning and development of the BCP, the better and more efficient it will become. An Executive High-Level Business Readiness Overview could provide visibility into your process and identify gaps. Our Advisory Services team is well versed in this process and look to bring the value of our collective experience to benefit our customers. Please contact us or your local Sentinel sales representative to learn more about how we can help your organization establish a plan to bounce back quickly in the event of a disaster.
Common Misconceptions About ITIL
By Dr. Mike Strnad, Sentinel Strategic Business Advisor
Information Technology Infrastructure Library (ITIL) can be highly beneficial to organizations that follow the approaches, techniques, and methodologies it recommends. When implemented properly, businesses generally experience increases in the overall quality and return on investment made in their IT products, solutions, and services. Unfortunately, since its conception ITIL has been plagued with false rumors, myths, and general disinformation that have frequently resulted in confusion and opacity about what it is and the advantages it can provide. In an attempt to add some clarity to the conversation, here are five popular misconceptions about ITIL, paired with the correct information.
1. ITIL is a set of standards that must strictly be adhered to.
- ITIL is a set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the specific needs of a business.
2. ITIL is only for big companies.
- ITIL is a process approach that can be tailored to fit any business no matter the size.
3. ITIL is incompatible with other practices.
- ITIL is a framework, methodology, or philosophy that provides answers to all questions, doesn’t require a significant change in working practices, and doesn’t require additional guidance from outside its own closed space.
4. ITIL is for internal use only.
- ITIL represents a way for service providers to figure out what the customer values without having to bother the customer with trivial questions. The inability to do so is an indication of missing skills and ignoring a standard.
5. ITIL is primarily about processes.
- ITIL describes the capabilities required for delivering services as a set of 26 processes and four functions, divided between five lifecycle stages.
If you are interested in learning more about ITIL and the many ways it can benefit your organization, please contact us or your local Sentinel sales representative.