By Dr. Mike Strnad, Sentinel Strategic Advisor

The more I read about Ransomware and the devastating effects it has on organizations, the more I shake my head in frustration. It seems like many organizations are investing in strong security products, but are neglecting to properly address the human factors that leave them most vulnerable to attack. Let me explain my logic.

There are plenty of security solutions that can be used to protect both internal and external server traffic throughout your environment. This includes intrusion detection systems (IDS), intrusion prevention systems (IPS), firewalls, access control lists (ACL), and more. Most of these create multiple layers of protection, which is important. Sentinel has highly skilled teams that implement rock-solid security designs like these all the time.

Many of our home security strategies operate in the same way. We install motion sensors inside and outside of our homes. We have locks on all doors with alarms that will sound if the doors or windows are opened when our system is armed. This all works well as long as we remember to alarm the systems. For many of us, it becomes a habit because we do it every day of the week. For an overworked IT department however, security often competes with dozens of other projects and priorities, and that’s not even taking into account the ever-evolving threat landscape.

Attackers are always looking for new ways to gain access to your organization’s network and systems. While a variety of defense technologies are working hard 24x7x365 to keep critical data and applications safe, many organizations forget or simply fail to understand that devoting some time and attention to the human factor can reduce risks even further.

Users are often the weakest and therefore most exploited source of access for attackers, which is why it’s essential to consistently train your staff to be on the lookout for and identify cyber threats. If cybersecurity training is out of sight, then it is out of mind. Educators often teach students by employing repetition. For example, when we learned our multiplication tables in grammar school, the teacher made us do it over and over again until it was drilled into our brains. Approaching cybersecurity education in the same way will keep your employees sharp and significantly reduce the risk to your business.

Sentinel’s Advisory Services offer cybersecurity training to ensure your employees don’t fall victim to many of the tactics commonly used by attackers to breach your organization. Please contact us if you would like to learn more.

It’s no secret that at Sentinel we place a high value on our employees. Their unparalleled expertise, strong work ethic, and dynamic personalities help us maintain our status as an Always Leading IT solutions and services provider. We are proud of the work they do on a daily basis, and hope our customers recognize the Sentinel difference.

Our “My Sentinel Story” series continues with Solutions Analyst Nadia Rios. Nadia has been working at Sentinel for more than six years, starting out with data entry and digitizing documents before her curiosity and desire to learn new things expanded her role into the education field and other exciting areas. She now uses her well-rounded skill set to excel in her current position as a Solutions Analyst, creating communications and security plans for a variety of different building types and industries. Learn more about Nadia and her career trajectory at Sentinel via the video below!

If you are passionate, motivated, and interested in joining the Sentinel team, you can learn more about our corporate culture and browse our current job openings by visiting our Careers page.

Trying to stay healthy while working in an office environment five days a week can be a real challenge. Many people spend a majority of their days sitting at desks or in conference rooms, which doesn’t exactly make it easy to stay active. Medical studies proclaiming that “sitting is the new smoking” by putting people at increased risk for cancer, heart disease, diabetes, and high blood pressure don’t seem to offer much in the way of advice on how to combat it beyond getting up for stretch breaks every couple of hours. The temptation of baked goods and other sweets that seem to frequently and mysteriously appear in the office break room can’t be great for your eating habits either.

While every person ultimately makes their own decisions when it comes to healthy living, Sentinel does our best to promote and maintain a strong wellness culture at all of our offices. We are recognized by the American Heart Association as a Gold-Level Fit-Friendly Company for the variety of health conscious options available to employees. They include the following:

·         Standing desks
Concerned that sitting at your desk all day is doing more harm than good? Sentinel offers special standing desks to employees that request them. Thankfully they can be raised and lowered as needed so nobody is left standing all day if they don’t want to!

·         Walking club
Sometimes you just need to move around for a bit, especially if you’re the sort of person that suddenly falls into a post-lunch food coma at 2:30 every day. The Sentinel walking club gets together a couple of times each week to take a few laps around the office and get the blood flowing again so you can have plenty of energy to get more done.

·         Fitness/Gym membership discounts
Sentinel employees that prefer to get their exercise outside of the office are welcome to join a local health club. We work with area gyms and fitness centers to provide discounted memberships.

·         Healthy meal and snack options in our lunch rooms
Don’t worry, there are still plenty of chips, cookies, candy, and sodas available in our lunch rooms. But in addition to those unhealthy food choices, we also have low calorie snacks and beverages for the more discerning eater. That includes organic and protein-rich items that hopefully stimulate brain power.

·         Weight loss contests
Those in search of motivation to drop some pounds are welcome to participate in any of the weight loss contests we have throughout the year. While competition against your peers is its own reward, Sentinel also offers prizes to top finishers as a little extra bonus.

·         Massage services
Work is stressful sometimes, which can tighten your muscles and raise your blood pressure. Twice a month, Sentinel offers chair massages conducted by a licensed massage therapist. They’re a great way to provide some peace of mind and perspective during a particularly challenging day or week.

Sentinel provides many other benefits and amenities to employees that go beyond wellness. If you would like to learn more about those, please visit our Benefits page. If you are interested in joining the Sentinel team, feel free to browse our list of job openings.

By Rick Spatafore, Sentinel Advisory Services Manager and GIC-HIMSS Sponsorship Co-Chair

The Healthcare Information and Management Systems Society (HIMSS) is a cause-based non-profit that provides thought leadership, community building, professional development, public policy, and events in an effort to optimize health engagements and care outcomes using information and technology. The Greater Illinois Chapter of HIMSS represents a local group of experienced healthcare professionals working in and around the Chicagoland area. Members work in hospitals, corporate health systems, consulting firms, vendor organizations, universities, and wide variety of other organizations. The majority of GIC’s members have well over ten years of experience in the healthcare field.

The purpose of GIC-HIMSS:

+To arrange meetings which provide an opportunity to share ideas and exchange experiences in the field of healthcare information and management systems.

+To assist members of this Chapter and others in developing their healthcare knowledge, increasing their effectiveness, and maintaining high-quality standards of performance through continuing education.

+To plan and conduct educational programs that promote an understanding of information and management systems work in healthcare.

Sentinel has chosen to support the mission of HIMSS and help the local community realize the vision to provide better healthcare through information and technology. We are a current HIMSS sponsor and will be participating in every GIC-HIMSS events this year – including hosting a webinar focused on healthcare technology this spring.

During the year GIC-HIMSS offers 3-4 short educational programs, an all-day educational program, a hospital tour/social program, and a social event at the national HIMSS Conference in Las Vegas. This year’s GIC-HIMSS social event takes place on Tuesday March 6^th from 6:00pm-8:30pm at the Lavo Lounge inside the Palazzo Resort Hotel and Casino.

Sentinel will be hosting our own HIMSS Customer Appreciation event on March 6^th prior to the GIC-HIMSS event at Tom’s Urban inside the New York New York Hotel and Casino form 4:00pm-6:00pm. Come relax with drinks and appetizers after a long day at the conference. If you’re able to attend, please RSVP here.

The HIMSS Conference should continue the progress made over the past few years with an increased focus on engaging with the patient and providing convenient care across the continuum. High priority topics such as interoperability and artificial intelligence will be in the spotlight. Telehealth, population health, and cybersecurity will also be areas of focus at the conference. It promises to be a highly informative and fun time, so if you work in the healthcare industry, we hope to see you there!

By Robert Keblusek, Sentinel Chief Technology Officer

Our Security as a Service (SECaaS) developers have come up with another Sentinel SecuritySelect™ breakthrough. I am proud to announce our complete security visibility for Microsoft Azure and Office 365. Many enterprises move to O365 and Azure but lack a solid plan on how to backup, secure, and monitor the critical business systems moving into these and other cloud services. According to Microsoft’s Q1-2018 results, O365 subscribers alone swelled to over 120 million, which represented 42% growth, and there are no signs of it slowing. Many enterprises consider the move to O365 is a top corporate priority, but they fail to adopt cloud security beyond anti-spam filtering and lack any strategy to gain visibility into what is happening within their cloud infrastructure in real time. Brute force attacks, DLP events, and more can go without notice unless proper security monitoring and response is in place. Those that have considered both, often driven by compliance needs, simply lack the staff to take action on the thousands of events happening every second to determine which events are meaningful and actionable security risks.

What is SecuritySelect™ for Office 365?

Sentinel has developed a complete toolset that provides constant monitoring of your Microsoft cloud investments. API (Application Programming Interface) integration is provided to all of the currently available Microsoft cloud services including:

·         Azure management events

·         O365 Azure Active Directory

·         O365 Data Loss Prevention

·         O365 Exchange

·         O365 Events

·         O365 SharePoint

In addition, Sentinel’s Microsoft cloud application provides backup and restore of the server database system to further secure the O365 customer environment. Self-service portals provide for both the onboarding of the service and integration to the Sentinel SECaaS-managed SIEM. Combined with Sentinel’s own CloudSelect^® Threat Exchange, security events now have full visibility resulting in easy-to-use executive dashboards, compliance reporting, and more. For organizations that lack around-the-clock security response professionals, there is tight SLA-driven integration with Sentinel’s ALWAYS CONNECTED security operations center (SOC). Key performance indicators (KPIs) are measured and monitored, and once a threshold is met, auto-ticketing engages the Sentinel incident response team 24 hours a day, 7 days a week, 365 days a year. Daily threat hunting by security analysts further identifies actionable events that might not have hit an established threshold, while SECaaS developers add automation to alert and respond to those threats. The overall security environment, including cloud services, is also reported on within Sentinel’s quarterly and monthly security business reviews.  Actionable recommendations are made with an ongoing security document constructed by Sentinel security experts specific to events in your environment and what can be done to further protect your digital assets and critical data.  

Self-Service Portal

Sentinel’s security team will work with subscribers to quickly onboard services from their Microsoft cloud services to the Sentinel SECaaS managed detection solution. Once the integration is complete, critical logs will be available within the Sentinel customer security portal. Sentinel offers this service on the Microsoft cloud along with the option to extend this visibility to the entire organization’s security infrastructure and other cloud services. Customers can start small and grow as their security monitoring and response needs change.

Complete Visibility

After integration, the Sentinel’s Security as a Service (SECaaS)-managed SIEM provides alarm integration with deep inspection capabilities in order to help your security teams or the Sentinel SOC quickly identify and respond to threats. Logs are integrated to Sentinel’s own CloudSelect^® Threat Exchange platform where they are parsed, normalized and forwarded to the managed SIEM. Once in the managed SIEM, events are connected by correlation directives, making it easy to find, filter, and respond to actionable security events. Alarms can be customized based on reliability and risk factors to elevate the criticality to meet your organization’s security and compliance needs. Either your security response team or Sentinel’s SOC analysts can apply service-level alerting and auto-ticketing rules to assure that any indications of compromise are investigated and responded to immediately.  

Business Visibility and Results

Executive dashboards provide for clear visibility into what is happening within all of your security investments, creating a “single pane of glass” for easier management and analysis.

Customizable executive dashboards provide details on real-time, easy-to-understand security trends involving your cloud and premise environment. Adding Microsoft cloud services helps ensure that not only is this visibility available to your organization’s traditional premise and device security services, but that it extends into your crucial cloud services as well for complete visibility of your distributed digital assets. 

Compliance reporting is also available to report to your internal stakeholders or compliance auditors. Custom reporting is available to meet any specialized needs, and can be scheduled and delivered at regular intervals to IT departments, executives, and compliance officers.

In addition, Sentinel offers enhanced email security filtering for inspection of inbound and outbound messages and DLP message services. Hosted by Sentinel within our geographically distributed enterprise cloud data centers and powered by Cisco ESA and Talos threat intelligence, Sentinel’s email security services can enhance and protect your Office 365 email subscribers. Features include email filtering, anti-virus, anti-malware, spam prevention, outbound data loss prevention and more. Sentinel’s SOC constantly monitors and manages the email security gateway services and adds additional filtering rules for identified threats, phishing, and business email risk messages when identified by any subscriber within the system. 

SecuritySelect™ Cloud Security Affordable and Easy

With Sentinel’s SecuritySelect™ services, organizations can rest assured that what is happening in their cloud space is no longer a mystery. With thousands of events occurring every second, logging and finding meaningful data may seem like an impossible task. Advanced email filtering services, including inspection of inbound and outbound messages, protects users from unwanted and weaponized email attacks better than standard tools available in Office 365. Sentinel has made these services powerful, easy, and affordable.

According to the most recent Verizon breach report findings, 66% of malware was delivered via weaponized email and 73% were financially motivated. Of the approximate 20% of business email compromises reported to the FBI, also known as CEO fraud, the estimated US losses have exceeded $5.3B since 2013 and are rapidly rising. This figure is actually expected to be more than double that amount when non-reported events are taken into account.

Are you properly protecting your organization? If you are interested in learning more about how Sentinel’s SecuritySelect^TM can keep your business safe, please contact us. You can follow Bob Keblusek on Twitter, @RKeblusek.

By Michael Soule, Sentinel Strategic Solutions Advisor

The cloud refers to a large number of concepts, and navigating their respective similarities and differences can be a challenge. There are a few different deployment models, including Private, Public, Hybrid, Community, Distributed, and Multicloud. There are also a handful of different service models, such as Infrastructure, Containers, Platforms, Functions, Software, and Managed. Traditional on premise, colocated, and software-defined data centers are not going anywhere either. Choosing the right service and deployment models for your unique workloads is an essential part of any cloud journey.

Developing an optimal cloud strategy is not a simple task either. If you start the cloud journey with a clear idea of your organization’s goals and desired direction though, it can help you better analyze the options available and establish proper benchmarks of success for migrations. The process of evaluating individual technology workloads also provides a better understanding of each one’s needs and dependencies, and makes it easier to build an efficient cloud migration path that fully aligns with your unique environment.

Once your organization’s data and workloads have been migrated to their intended destination, frequent reviews are critical to ensure everything remains properly managed and optimized. Stagnation in such a dynamic technology landscape often creates inefficiencies. Traditional workloads require a large amount of effort to deploy, but continued maintenance is nominal in comparison and typically consists of operating system or application patches. In public clouds, service providers are consistently developing new services, adding features to existing services, and changing prices. Private clouds enable your organization to evaluate any new or updated service offerings and decide which ones to introduce into your environment.

Sentinel’s many CloudSelect service offerings are designed to help your organization successfully navigate the cloud journey from start to finish. Our advisory services provide assistance with the development of cloud strategy, including migration frameworks and cloud architecture recommendations. Migration services offer technical assistance in shifting data, workloads, and resources to any type of cloud environment. Once your cloud migration is complete, Sentinel’s Managed Services deliver continued maintenance and support of your workloads to keep your data and infrastructure elements optimized. If you would like to learn more about our CloudSelect services and solutions, please contact us.

By Jessica Rimkus, Sentinel Corporate Counsel

Spurred by several major headlines over the past year, cybersecurity compliance has become a growing concern for many companies. And for good reason: studies show that the cost of a data breach in the U.S. averages around $7 million. Beyond the tangible costs are the intangible ones, such as the irreparable damage a public breach can have on a company’s reputation.

With an increasing amount of personally identifiable information (PII) being stored electronically every day as technology rapidly evolves and expands its reach, the impact of a data breach has never been greater for organizations across all industries. And, as experts have remarked, it’s not a matter of IF an organization is going to experience a breach, but WHEN.

As with any imminent risk, it’s crucial that organizations are prepared. Having a robust cybersecurity compliance program is the key to that preparedness. Policies/plans like security incident response strategies and security training go a long way to ensure organizations don’t feel as panicked when a breach occurs and have the ability to reduce their exposure in terms of any liability resulting from a breach.

We have also seen increased regulatory changes with respect to cybersecurity compliance. For example, GDPR (General Data Protection Regulation) is looming for any organizations with customers residing in the EU, as compliance is required by May 25th. GDPR seeks to enhance the protections governing these citizens’ PII privacy and mandates strengthened procedural requirements, such as 72-hour notice of a breach.

Sentinel expects cybersecurity compliance to remain a hot topic as new regulations and legislation rolls out through 2018. We remain committed to helping our customers achieve and maintain compliance throughout their infrastructure. Please contact us if you would like to learn more.

It’s no secret that at Sentinel we place a high value on our employees. Their unparalleled expertise, strong work ethic, and dynamic personalities help keep us Always Leading as an IT solutions and services provider. We’re proud of the work they do on a daily basis, and hope our customers recognize the Sentinel difference.

Our new video series “My Sentinel Story” aims to shine a spotlight on some of Sentinel’s finest, as they recount how they came to work for us and what their on-the-job experience has been like overall. Today we’re happy to introduce Jericho Knuckles, a Data Reporting Analyst who’s been with Sentinel since 2007. After getting his start in our Customer Service department, he quickly distinguished himself by developing new methods to improve procedures and enhance the customer experience. Then things take a very interesting and unexpected turn. Click the play button below to find out more!

If you’re passionate, motivated, and interested in joining the Sentinel team, you can learn more about our corporate culture and browse our current job openings by visiting our Careers page.

Last Thursday, Sentinel held our Vision 20/20 Technology Summit at the Cisco offices in Rosemont. Close to 60 of our customers filled a conference room as several of Sentinel’s experts detailed the latest technology trends and solutions, as well as provided insight on ways IT departments can achieve more over the next couple of years. Whether you were unable to attend or would simply like a bit of a refresher, here are a few highlights from this fun and informative afternoon.

Cloud

In 2016, Intel Security found that 93% of organizations participating in a study had already adopted cloud technologies. Cisco currently estimates that 92% of all workloads will be cloud-based by 2020, pointing toward an exponentially high growth rate over the next couple years. Sentinel wants to help your organization explore and build a comprehensive cloud strategy to meet your unique needs and goals. Our framework includes:

·         Assessing and understanding your organization’s current cloud posture and adoption readiness, along with understanding your organization’s initiatives and driving factors

·         Designing secure, scalable, and manageable cloud architectures for your organization’s needs

·         Migrating workloads using achievable plans and strategies for the designed solution

·         Optimizing workloads and costs through detailed analytics of consumption, supply, and demand of resources

·         Managing operations more efficiently using automation and embracing change

There are three types of clouds: public, private, and hybrid.

In a private cloud, your organization manages and controls every aspect of the physical and technical infrastructure, along with how and where your data is stored. Sentinel can help you build a cloud-based infrastructure and integrate it seamlessly into your environment.

In a public cloud, providers such as Amazon Web Services (AWS) and Microsoft Azure are responsible for the management of your infrastructure and data. Sentinel will help you design and migrate workloads to public clouds in a way that benefits your organization.

In a hybrid cloud, both private and public clouds are leveraged to deliver dynamic workloads and more control over where and how data is stored. Sentinel specializes in the integration of your private cloud portals with public cloud providers to enable the benefits of scalability and global distribution.

Learn more about cloud migration, Sentinel CloudSelect offerings, and how to create an optimized Software Defined Data Center (CDDC) by contacting us.

Security