By Robert Keblusek, Sentinel Chief Technology Officer

Our Security as a Service (SECaaS) developers have come up with another Sentinel SecuritySelect™ breakthrough. I am proud to announce our complete security visibility for Microsoft Azure and Office 365. Many enterprises move to O365 and Azure but lack a solid plan on how to backup, secure, and monitor the critical business systems moving into these and other cloud services. According to Microsoft’s Q1-2018 results, O365 subscribers alone swelled to over 120 million, which represented 42% growth, and there are no signs of it slowing. Many enterprises consider the move to O365 is a top corporate priority, but they fail to adopt cloud security beyond anti-spam filtering and lack any strategy to gain visibility into what is happening within their cloud infrastructure in real time. Brute force attacks, DLP events, and more can go without notice unless proper security monitoring and response is in place. Those that have considered both, often driven by compliance needs, simply lack the staff to take action on the thousands of events happening every second to determine which events are meaningful and actionable security risks.

What is SecuritySelect™ for Office 365?

Sentinel has developed a complete toolset that provides constant monitoring of your Microsoft cloud investments. API (Application Programming Interface) integration is provided to all of the currently available Microsoft cloud services including:

·         Azure management events

·         O365 Azure Active Directory

·         O365 Data Loss Prevention

·         O365 Exchange

·         O365 Events

·         O365 SharePoint

In addition, Sentinel’s Microsoft cloud application provides backup and restore of the server database system to further secure the O365 customer environment. Self-service portals provide for both the onboarding of the service and integration to the Sentinel SECaaS-managed SIEM. Combined with Sentinel’s own CloudSelect^® Threat Exchange, security events now have full visibility resulting in easy-to-use executive dashboards, compliance reporting, and more. For organizations that lack around-the-clock security response professionals, there is tight SLA-driven integration with Sentinel’s ALWAYS CONNECTED security operations center (SOC). Key performance indicators (KPIs) are measured and monitored, and once a threshold is met, auto-ticketing engages the Sentinel incident response team 24 hours a day, 7 days a week, 365 days a year. Daily threat hunting by security analysts further identifies actionable events that might not have hit an established threshold, while SECaaS developers add automation to alert and respond to those threats. The overall security environment, including cloud services, is also reported on within Sentinel’s quarterly and monthly security business reviews.  Actionable recommendations are made with an ongoing security document constructed by Sentinel security experts specific to events in your environment and what can be done to further protect your digital assets and critical data.  

Self-Service Portal

Sentinel’s security team will work with subscribers to quickly onboard services from their Microsoft cloud services to the Sentinel SECaaS managed detection solution. Once the integration is complete, critical logs will be available within the Sentinel customer security portal. Sentinel offers this service on the Microsoft cloud along with the option to extend this visibility to the entire organization’s security infrastructure and other cloud services. Customers can start small and grow as their security monitoring and response needs change.

Complete Visibility

After integration, the Sentinel’s Security as a Service (SECaaS)-managed SIEM provides alarm integration with deep inspection capabilities in order to help your security teams or the Sentinel SOC quickly identify and respond to threats. Logs are integrated to Sentinel’s own CloudSelect^® Threat Exchange platform where they are parsed, normalized and forwarded to the managed SIEM. Once in the managed SIEM, events are connected by correlation directives, making it easy to find, filter, and respond to actionable security events. Alarms can be customized based on reliability and risk factors to elevate the criticality to meet your organization’s security and compliance needs. Either your security response team or Sentinel’s SOC analysts can apply service-level alerting and auto-ticketing rules to assure that any indications of compromise are investigated and responded to immediately.  

Business Visibility and Results

Executive dashboards provide for clear visibility into what is happening within all of your security investments, creating a “single pane of glass” for easier management and analysis.

Customizable executive dashboards provide details on real-time, easy-to-understand security trends involving your cloud and premise environment. Adding Microsoft cloud services helps ensure that not only is this visibility available to your organization’s traditional premise and device security services, but that it extends into your crucial cloud services as well for complete visibility of your distributed digital assets. 

Compliance reporting is also available to report to your internal stakeholders or compliance auditors. Custom reporting is available to meet any specialized needs, and can be scheduled and delivered at regular intervals to IT departments, executives, and compliance officers.

In addition, Sentinel offers enhanced email security filtering for inspection of inbound and outbound messages and DLP message services. Hosted by Sentinel within our geographically distributed enterprise cloud data centers and powered by Cisco ESA and Talos threat intelligence, Sentinel’s email security services can enhance and protect your Office 365 email subscribers. Features include email filtering, anti-virus, anti-malware, spam prevention, outbound data loss prevention and more. Sentinel’s SOC constantly monitors and manages the email security gateway services and adds additional filtering rules for identified threats, phishing, and business email risk messages when identified by any subscriber within the system. 

SecuritySelect™ Cloud Security Affordable and Easy

With Sentinel’s SecuritySelect™ services, organizations can rest assured that what is happening in their cloud space is no longer a mystery. With thousands of events occurring every second, logging and finding meaningful data may seem like an impossible task. Advanced email filtering services, including inspection of inbound and outbound messages, protects users from unwanted and weaponized email attacks better than standard tools available in Office 365. Sentinel has made these services powerful, easy, and affordable.

According to the most recent Verizon breach report findings, 66% of malware was delivered via weaponized email and 73% were financially motivated. Of the approximate 20% of business email compromises reported to the FBI, also known as CEO fraud, the estimated US losses have exceeded $5.3B since 2013 and are rapidly rising. This figure is actually expected to be more than double that amount when non-reported events are taken into account.

Are you properly protecting your organization? If you are interested in learning more about how Sentinel’s SecuritySelect^TM can keep your business safe, please contact us. You can follow Bob Keblusek on Twitter, @RKeblusek.

By Michael Soule, Sentinel Strategic Solutions Advisor

The cloud refers to a large number of concepts, and navigating their respective similarities and differences can be a challenge. There are a few different deployment models, including Private, Public, Hybrid, Community, Distributed, and Multicloud. There are also a handful of different service models, such as Infrastructure, Containers, Platforms, Functions, Software, and Managed. Traditional on premise, colocated, and software-defined data centers are not going anywhere either. Choosing the right service and deployment models for your unique workloads is an essential part of any cloud journey.

Developing an optimal cloud strategy is not a simple task either. If you start the cloud journey with a clear idea of your organization’s goals and desired direction though, it can help you better analyze the options available and establish proper benchmarks of success for migrations. The process of evaluating individual technology workloads also provides a better understanding of each one’s needs and dependencies, and makes it easier to build an efficient cloud migration path that fully aligns with your unique environment.

Once your organization’s data and workloads have been migrated to their intended destination, frequent reviews are critical to ensure everything remains properly managed and optimized. Stagnation in such a dynamic technology landscape often creates inefficiencies. Traditional workloads require a large amount of effort to deploy, but continued maintenance is nominal in comparison and typically consists of operating system or application patches. In public clouds, service providers are consistently developing new services, adding features to existing services, and changing prices. Private clouds enable your organization to evaluate any new or updated service offerings and decide which ones to introduce into your environment.

Sentinel’s many CloudSelect service offerings are designed to help your organization successfully navigate the cloud journey from start to finish. Our advisory services provide assistance with the development of cloud strategy, including migration frameworks and cloud architecture recommendations. Migration services offer technical assistance in shifting data, workloads, and resources to any type of cloud environment. Once your cloud migration is complete, Sentinel’s Managed Services deliver continued maintenance and support of your workloads to keep your data and infrastructure elements optimized. If you would like to learn more about our CloudSelect services and solutions, please contact us.

By Jessica Rimkus, Sentinel Corporate Counsel

Spurred by several major headlines over the past year, cybersecurity compliance has become a growing concern for many companies. And for good reason: studies show that the cost of a data breach in the U.S. averages around $7 million. Beyond the tangible costs are the intangible ones, such as the irreparable damage a public breach can have on a company’s reputation.

With an increasing amount of personally identifiable information (PII) being stored electronically every day as technology rapidly evolves and expands its reach, the impact of a data breach has never been greater for organizations across all industries. And, as experts have remarked, it’s not a matter of IF an organization is going to experience a breach, but WHEN.

As with any imminent risk, it’s crucial that organizations are prepared. Having a robust cybersecurity compliance program is the key to that preparedness. Policies/plans like security incident response strategies and security training go a long way to ensure organizations don’t feel as panicked when a breach occurs and have the ability to reduce their exposure in terms of any liability resulting from a breach.

We have also seen increased regulatory changes with respect to cybersecurity compliance. For example, GDPR (General Data Protection Regulation) is looming for any organizations with customers residing in the EU, as compliance is required by May 25th. GDPR seeks to enhance the protections governing these citizens’ PII privacy and mandates strengthened procedural requirements, such as 72-hour notice of a breach.

Sentinel expects cybersecurity compliance to remain a hot topic as new regulations and legislation rolls out through 2018. We remain committed to helping our customers achieve and maintain compliance throughout their infrastructure. Please contact us if you would like to learn more.

It’s no secret that at Sentinel we place a high value on our employees. Their unparalleled expertise, strong work ethic, and dynamic personalities help keep us Always Leading as an IT solutions and services provider. We’re proud of the work they do on a daily basis, and hope our customers recognize the Sentinel difference.

Our new video series “My Sentinel Story” aims to shine a spotlight on some of Sentinel’s finest, as they recount how they came to work for us and what their on-the-job experience has been like overall. Today we’re happy to introduce Jericho Knuckles, a Data Reporting Analyst who’s been with Sentinel since 2007. After getting his start in our Customer Service department, he quickly distinguished himself by developing new methods to improve procedures and enhance the customer experience. Then things take a very interesting and unexpected turn. Click the play button below to find out more!

If you’re passionate, motivated, and interested in joining the Sentinel team, you can learn more about our corporate culture and browse our current job openings by visiting our Careers page.

Last Thursday, Sentinel held our Vision 20/20 Technology Summit at the Cisco offices in Rosemont. Close to 60 of our customers filled a conference room as several of Sentinel’s experts detailed the latest technology trends and solutions, as well as provided insight on ways IT departments can achieve more over the next couple of years. Whether you were unable to attend or would simply like a bit of a refresher, here are a few highlights from this fun and informative afternoon.

Cloud

In 2016, Intel Security found that 93% of organizations participating in a study had already adopted cloud technologies. Cisco currently estimates that 92% of all workloads will be cloud-based by 2020, pointing toward an exponentially high growth rate over the next couple years. Sentinel wants to help your organization explore and build a comprehensive cloud strategy to meet your unique needs and goals. Our framework includes:

·         Assessing and understanding your organization’s current cloud posture and adoption readiness, along with understanding your organization’s initiatives and driving factors

·         Designing secure, scalable, and manageable cloud architectures for your organization’s needs

·         Migrating workloads using achievable plans and strategies for the designed solution

·         Optimizing workloads and costs through detailed analytics of consumption, supply, and demand of resources

·         Managing operations more efficiently using automation and embracing change

There are three types of clouds: public, private, and hybrid.

In a private cloud, your organization manages and controls every aspect of the physical and technical infrastructure, along with how and where your data is stored. Sentinel can help you build a cloud-based infrastructure and integrate it seamlessly into your environment.

In a public cloud, providers such as Amazon Web Services (AWS) and Microsoft Azure are responsible for the management of your infrastructure and data. Sentinel will help you design and migrate workloads to public clouds in a way that benefits your organization.

In a hybrid cloud, both private and public clouds are leveraged to deliver dynamic workloads and more control over where and how data is stored. Sentinel specializes in the integration of your private cloud portals with public cloud providers to enable the benefits of scalability and global distribution.

Learn more about cloud migration, Sentinel CloudSelect offerings, and how to create an optimized Software Defined Data Center (CDDC) by contacting us.

Security

A recent report by Cybersecurity Ventures estimated that Ransomware damage costs exceeded $5 billion in 2017. This takes into consideration the damage of several factors beyond just the cost of the ransom, including the loss of data, downtime, and productivity. The WannaCry attack alone is estimated to have cost over $1 billion despite only around $100,000 having been paid for ransom.

As organizations migrate their data and systems to the cloud, the need to scale their vendor risk management program and focus on cloud security will only continue to grow. Gartner now estimates that by 2021, 50% of data will be outside of the physical control of enterprise IT, up from 10% today.

When combined with our Security as a Service (SECaaS) offering, Sentinel’s Security Operations Center (SOC) ensures your cloud data and other essential elements remain safe from attackers. We provide 24x7x365 monitoring of your security operations, to give your IT department more control and peace of mind when dealing with outside threats. If you combine that with our managed services, which handles additional triage via retainer-based or T&M engagements, we offer one of the only end-to-end security options on the market.

Think about how and where you enforce security today. You probably have a range of security products in your environment to protect your network and endpoints, whether it’s at your corporate headquarters, branch offices, or on roaming endpoints. You could block malware on your network and endpoints, but why wait until malware reaches the enterprise when you can simply block threats out on the Internet? There are many ways that malware can get in, which is why it’s important to have multiple layers of security.

DNS is a foundational component of how the Internet works and is used by every device in the network. Way before a malware file is downloaded or before an IP connection over any port or any protocol is even established, there’s a DNS request. Cisco Umbrella can be the first layer of defense against threats by preventing devices from connecting to malicious or likely malicious sites in the first place, which significantly reduces the chance of malware getting to your network or endpoints.

These are only a couple of pieces in Sentinel’s SecuritySelect portfolio. To learn more about our other security offerings, and how Sentinel is fully equipped to protect your business, please contact us.

Collaboration