Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
Sentinel's Spring Event Calendar
At Sentinel, we’re all about providing our customers with innovative and industry-best technology solutions designed to enhance the way business is conducted and promote growth. Our “Always Leading” approach also means that we keep a close eye on trends and new developments throughout the IT industry and pass that knowledge along to our customers so they can make the most informed decisions when it comes to their technology investments.
One of the ways we like to keep our customers educated is by hosting events. Not only do events provide an opportunity to learn more about a specific topic or solution with some of our experts, but they also allow us to get to know our customers and their needs better while building a stronger relationship. No matter if you’re a long-time Sentinel customer or are brand new to us and have never attended a Sentinel event before, we’d love to see you! Here are some fun and interesting events we have coming up over the next month. Please visit the Events page on our website or click the individual event links below if you would like to learn more and RSVP!
Wednesday, April 3
Safer Schools Seminar [Register]
Our Downers Grove, IL headquarters will be hosting a special presentation and discussion focused on the latest technologies to help improve school safety. There are a number of comprehensive solutions designed to improve alert systems and communication so teachers, students, and administrative staff remain aware of emergency situations and can make critical decisions to help stay out of harm’s way and minimize risk. Attendees will also have the chance to talk with other education professionals to share strategies and insights related to security and incident management.
Wednesday, April 10
HyperFlex Lunch and Learn [Register]
While most organizations and IT professionals are familiar with Cisco HyperFlex and hyperconverged infrastructure (HCI) solutions, there have been some exciting new advancements to the technology that experts from Sentinel and Cisco are excited to share with you as part of a special lunch and learn event at Gibsons Steakhouse in Oak Brook, IL. Find out how you can easily deploy applications across multiple environments and types of clouds, then manage them all at once using a highly intuitive, simple system. It’s an agile and adaptive version of HyperFlex you’ve never seen before, plus a steak so delicious you won’t soon forget it.
Friday, April 12
Cisco Meraki MV Webinar [Register]
Unable to leave the office, but have an hour to spare? Join Sentinel and Cisco for a special webinar that will dive into the brand new features and innovations available for security cameras as part of their Meraki platform. It eliminates all the infrastructure traditionally associated with an enterprise video deployment, plus stores video directly on the cameras themselves so there are no servers or cloud space required to operate them. There are plenty of other great benefits as well, all of which will be revealed through this special Webex presentation. Those registered will also have the opportunity to win an MR33 wireless access point and other Meraki-related prizes!
Friday, April 26
Avengers: Endgame Movie Premiere [Register]
Sentinel will be teaming up with two superheroes of technology – HPE/Nimble and Veeam – to host the premiere of the gigantic blockbuster Avengers: Endgame for our customers in the Phoenix, AZ area. Before the movie, there will be some exciting presentations on the AI-Driven Data Center and protection strategies for Multi-Cloud environments. You may want to hurry up and register for this one, as seats will be gone in a snap!
A Closer Look at Cisco Meraki
by Paul Wiercioch, Sentinel Senior Sales Executive
Organizations interested in getting a different management and visibility perspective of their technology consumption should consider adopting Cisco Meraki. It combines wireless (MR), cameras (MV), voice and switching (MS), plus security (MX) technologies into a single, cloud-based platform that’s easy to use and manage. You don’t need to deploy it for every piece of your environment, but it does offer significant advantages for those working with multiple or complex IT environments such as public school systems, government agencies, and multinational corporations.
The primary benefits of Meraki are ease of management, ease of deployment, and simple visibility. Three years ago, I was working with a customer that had separate systems for each piece of their environment. They had their switching infrastructure on one system, their firewalls on another system, their access points on a third system, and a small closet with monitors for their security camera system. The IT director wanted a solution that enabled him to manage as much of the environment as possible from the least number of systems possible so he and his team could respond to issues quickly. He immediately saw the value of having a standardized platform like Meraki with the ability troubleshoot, manage, patch, and deploy different technologies through one system.
As another example, a long time Sentinel customer was preparing to open up a new remote office location. We had already deployed non-Meraki wireless technology for this organization over the last couple of years, but they wanted to give Meraki a try this time because of the camera system and the ability to manage everything from a single pane of glass. They also needed the solution to be deployed in under 90 days, which meant we had to move quickly and order the equipment, configure it, install it, and then train their IT staff on how to use it.
That type of conversation seems to happen more and more these days. Organizations are looking to shorten the time it takes to deploy a normal, complex, and expensive solution while also making it manageable for end users who are working at a remote location without any on premise IT personnel to troubleshoot any issues. They need the ability to connect and integrate with the system from a branch location on the other side of the country to make adjustments as needed and quickly respond to end users.
Sentinel is responsible for properly qualifying our customers to make sure the technology they want actually aligns with and can fulfill their needs. An ideal candidate for Meraki should be looking to consume more than one piece of the proverbial pie. If you only want to look at switching, there are certainly benefits to be found in Meraki’s cloud management tools, deployment and update capabilities, along with its troubleshooting features. But there are other cloud platforms on the market that are fully devoted to the switching side of things and might be a better fit for your organization. If you’re looking to combine and integrate two or more systems and appliances however, like switching and wireless or switching and security, then Meraki is second-to-none in the industry just because of what you can see and what you can touch.
If you are interested in learning more about Cisco Meraki and how it can benefit your organization, please contact Sentinel for more information.
The Benefits of a Cloud Framework
by Michael Soule, Sentinel Strategic Solutions Advisor
At Sentinel’s Tech Summit earlier this year we discussed a variety of topics, but a common theme among them was the proliferation of cloud services. My presentation focused on the benefits to operational maturity that can be achieved through the strategic adoption of already established cloud services rather than building your own. Implementing a best practice alignment framework can not only improve your cloud operations, but has a wide-range of advantages for your workloads and infrastructure elements no matter where they are running.
There are plenty of great best practice alignment frameworks available today to help you get the most out of your cloud and premise infrastructure investments, including the AWS Well-Architected Framework, the Microsoft Operations Framework, the Information Technology Infrastructure Library (ITIL), and by association, the Capability Maturity Model Integration (CMMI). Do some research and choose one that’s best suited to your particular organization and environment. If you are interested in learning more about methods and strategies to measure your cloud operational maturity, I’d recommend checking out books like Eli Goldratt’s The Goal, The Phoenix Project, or even Simon Wardley’s Maps.
The cloud provides an opportunity for organizations to consider change and reevaluate the status quo. More often than not, the discussion will be more complex than simply moving some virtual machines to the cloud. It enables cloud service providers and standards agencies like the National Institute for Standards and Technologies (NIST) to develop frameworks and offer guidance on how to properly measure and improve your IT posture. The AWS Well-Architected Framework is a great example of this, as it features specific questions that encourage you to consider innovative ideas and approaches you might not have come up with on your own. These frameworks also incorporate on premise infrastructure elements so you’re not just focusing on the cloud.
One example I used during my presentation is a question from the Reliability Pillar of the AWS Well-Architected Framework: “How do you monitor your resources?” This single question can lead to multiple in-depth technical discussions about what is most valuable, from a stack of switches to your organization's enterprise resource planning (ERP) system. Every piece plays an important role in your IT operations, whether you own the facility it resides in or not.
This is just a small portion of what was covered at the Tech Summit. There were many other important topics worth exploring in greater detail, including new identity management tools that incorporate certificate-based authentication or single sign-on technologies, as well as modern systems management that use Infrastructure as Code (IAC) or Functions as a Service (FaaS). Sentinel offers Jumpstart packages designed to help your organization make real progress on its cloud journey. They focus on establishing public cloud landing zones to create a standardized configuration baseline, along with shifting your backup and disaster recovery solutions to the cloud as a way of modernizing your existing processes. If you are interested in learning more about these packages or any of our other CloudSelect offerings, please contact us.
Three Takeaways From the 2019 HIMSS Conference
By Rick Spatafore, Sentinel Advisory Services Manager
Healthcare professionals from around the world gathered in Orlando last week for the annual HIMSS (Healthcare Information and Management Systems Society) Conference & Exhibition. The five day event focuses on healthcare education, innovation, and collaboration through the convergence of information and technology, so providers can deliver top quality, transformational patient care. There are plenty of classes and seminars to choose from, as well as special programs and networking opportunities. It’s nearly impossible to detail all of the fresh ideas, products, and trends that were highlighted over the course of the week, but here are some of this year’s notable highlights.
The use of artificial intelligence (AI) and machine learning in hospitals and medical centers has shown slow but steady growth over the last few years. There are many ways to deploy this type of technology in a clinical setting, but most of the primary benefits thus far have come in the area of research, as analysis of patient data allows for better and more predictive diagnoses. Adoption has remained slow overall for a number of reasons, but mainly because most healthcare organizations aren’t yet sure how to properly incorporate AI into their day-to-day operations in order to maximize its effectiveness. Continued concern over patient safety and the ethical impacts of how patient data might be used have also held back its expansion. Recent use case studies at the university level have generated very promising results so far, which suggests a brighter future ahead.
One path to advanced technology implementation by healthcare organizations involves deploying an adoption model developed by HIMSS. There were a few new ones announced at this year’s conference, but the most interesting among them is INFRAM (Infrastructure Adoption Model). It is designed to help healthcare organizations assess and map the technology infrastructure capabilities required to achieve their business goals, benchmarks, and standards. Your facility’s IT adoption and maturity levels are ranked according to an international eight stage model, so you can better understand how to proceed in a way that improves care delivery, reduces cyber risk, and establishes a clear path toward future development.
HIMSS also announced the results of their 2019 Cybersecurity Survey, which pooled data from 166 different healthcare security professionals to provide insight into what steps organizations are taking to protect their information and assets.
+As the number of security incidents continues to rise, virtually every U.S. healthcare organization experienced a significant breach in 2018. Most were the result of attackers using email with malicious links to gain access to networks and credentials.
+Healthcare organizations are starting to place a greater emphasis on cybersecurity, allotting more money to spend on protection technologies.
+Complacency when it comes to cybersecurity creates a significantly higher risk for healthcare organizations. It’s essential to consistently evolve your security solutions and strategies, because hackers are always changing their approach and developing new tools in an attempt to breach your environment.
+There are notable cybersecurity gaps in many healthcare organizations, particularly those conducting day-to-day operations with legacy systems. Gap and penetration tests should be a regular occurrence in healthcare IT departments to ensure sensitive and private data remains safe in the event of an attack.
Sentinel works with a large number of healthcare organizations to provide smart IT solutions and services designed to enhance patient care, improve productivity, and protect critical data. If you are interested in learning more about our complete portfolio of healthcare-related technology offerings, please contact us.
Will You Be Our Valentine?
Love is in the air at Sentinel, and not just because Valentine’s Day is right around the corner. In honor of the holiday, we asked some of our staff to share what ignites passion for their jobs and the IT industry in general. There were many enthusiastic responses, from building lasting relationships with customers to learning something new every day to the simple yet profound pleasures of using a wireless mouse. Check out the full list below. Sentinel’s highly knowledgeable and passionate technology experts are ready to help your organization achieve unprecedented growth and success with IT solutions you’ll love. Please contact us for more information.
“I love helping our customers and their IT departments drive valuable business outcomes for their company.”
- Chris Danly, Sales Executive
“I love technology. My cordless mouse has changed my life.”
-Kevin Mondry, Solution Specialist
“I love the Sentinel support team for their tireless work in developing projects and ensuring customer satisfaction.”
-Mike Sherrill, Sales Executive
“I love having co-workers that feel like family.”
-Marissa Mathis, Project Administrator
“I love the Sentinel bench, because they are incredibly smart and utilize a consultative approach to best assist our customers.”
-Alex Brnilovich, Sales Executive
“I love getting to work with a diverse group of people and growing with them.”
-Nadia Rios, Solution Analyst
“I love learning from the unique experiences of our customers and growing my relationships with them.”
-Bill Owens, Sr. Sales Executive
“I love always learning! People in IT constantly discuss how they solve problems, so every day I feel like I learn something new, even in the smallest way.”
-Diane Jackson, Solutions Architect
“I love building relationships with customers, co-workers, and our partners.”
-Chris Vasquez, Sr. Sales Executive
"I love helping students upgrade their technology at school through E-Rate projects. I also love working in an industry that is forever changing, and plays an increasingly important role in the overall security of a business."
-Mike Kmiotek, Sales Executive
The Vital Importance of Cloud Readiness Assessments
By DJ Coluzzi, Sentinel Product Manager for Cloud and Managed Services
If your organization is planning to move a portion of its IT environment into the cloud, make sure to go through a readiness assessment of some sort first. There are a lot more than technical issues you can run into when transitioning into the public cloud. It can have a serious impact on your finances, compliance, and security as well, so you need to be prepared for all that before making such a major decision.
One of the most misleading ideas I’ve heard recently is that businesses need to jump into the cloud with both feet and migrate large portions of their environment all at once. The reality is that almost every organization invests in the cloud slowly, going piece by piece over many years. The other common piece of misinformation about the cloud, especially when you're talking about Infrastructure as a Service, is that it’s always "cheaper" than buying it outright. It's cheaper in the sense that you don't need a lot of capital in order to make those purchases, but you could very easily spend a lot monthly for the lifetime of that system. Plus, it continues to require regular maintenance and management. For example, you still have to patch Infrastructure as a Service (IaaS) because it's comprised of servers. That’s different compared to something like Office 365, where the entire back end is handled by Microsoft.
There are so many different paths you can take into the cloud, and what works for one organization might not work for another. Say you’re thinking about adding IaaS to your cloud portfolio through Amazon Web Services (AWS). Beyond the solution itself, you also need to consider how it might affect Office 365 or Salesforce or Dynamics – all of which can be cloud-based. A cloud readiness assessment will help you understand your environment not just from a technical architecture perspective, but a business one as well, so you know what can and can’t be supported. That’s especially true when it comes to finances, because you’re moving from a CapEx model to an OpEx one, where expenses are subscription-based rather than a single lump sum purchase.
When Sentinel conducts a cloud readiness assessment, it enables your organization to do a number of different things. You can evaluate different cloud solutions to figure out which one fits best with your IT requirements and future business goals, or simply determine the impact of one specific solution. It helps uncover weak spots within your environment so you know what area or areas are in need of reinforcement. An assessment also answers questions you may not have thought to ask, such as: What happens if your network goes down and you can’t connect to the cloud? Has the company properly budgeted in anticipation of the monthly OpEx costs? How will on site hardware and intellectual property integrate with the cloud? These are important things to know before you commit to the cloud.
As part of a cloud readiness assessment, the Sentinel team conducts thorough technical reviews by looking at your bandwidth, reliability, resiliency, network, and other important factors. We need to know what portions of your IT environment will be moving into the cloud and what services it will take so we have the right information to put together a proper financial and business impact analysis. That analysis is then presented to your executive team so they understand what will happen when the business shifts to a cloud-based model. Our experts also consult with your IT department to make sure any technical gaps are addressed prior to the migration.
Sentinel offers smart and comprehensive cloud solutions for organizations of every size and type of environment. Our goal is to ensure you have all the necessary tools and expertise throughout every step of your cloud journey. If you are interested in learning more about our cloud readiness assessment or any of our other cloud-focused solutions, please contact us.
Sentinel Technology Summit 2019: A Recap
Sentinel held our third annual Technology Summit last Thursday. Around 60 of our customers braved the cold and snowy conditions to pack a large conference room at the Cisco offices in Rosemont, where a group of experts from Sentinel detailed emerging IT industry trends and new innovations designed to enhance the way we conduct business. It was a highly informative and interactive afternoon, with presentations focused on communication and collaboration, cloud, and security. Here are a few highlights on each topic, in case you were unable to attend or just need a reminder of what was covered.
Communication and Collaboration
The modern workplace continues to show strong growth in the areas of communication and collaboration, as more people use social tools and mobile devices to conduct business. Today’s employees spend about 80% of their time at work collaborating with others, and the number of team-based projects has nearly doubled in recent years. An estimated 72% of employees will have the ability to work remotely by 2020 as well, further diversifying the workforce while making it easier than ever to connect, share, and contribute.
A majority of the latest communication and collaboration tools, such as telephony, messaging, and conferencing are being developed through the cloud, as businesses continue to shift their environments with an eye on future growth and increased adaptability. Meanwhile, demand for premise-based endpoints and infrastructure tools is expected to remain steady or slightly decline over the next couple of years.
Meetings are also undergoing a major upgrade. Developers are creating new platforms that combine a number of different tools to address many of the biggest challenges associated with scheduling and conducting meetings. Smart calendar integration, bot-assisted scheduling, connected chat and document sharing, one button click to join, facial recognition for participants, plus AI-powered transcription and notes are all features either already in use or currently in development to create an easy and truly modern meeting experience for businesses.
Hybrid and Multicloud
Today’s cloud experience can be divided into three distinct parts: Workload, Consumption, and Operations. Workloads are the core business function – what your organization consumes in order to generate revenue. Consumption of IT using measured services or pooled resources then run those workloads in the cloud. Operations such as broad network access, on demand self-service, and rapid scalability of your environment also play an essential role by helping maintain workloads.
A workload is the holistic view of the applications, systems, compute/storage, and network infrastructure performing a function or process. Think of all those different elements like pieces of a greater whole – they can have value on their own, but when combined they are the primary building blocks in the creation of a workload. Not every workload is a great candidate to be moved to the cloud, so when determining your cloud posture it’s important to perform a detailed analysis to figure out and move only the workloads that best align with your business drivers, outcomes, and goals.
Traditional consumption models include environment, networking, storage, servers, hypervisor, OS, middleware, runtime, applications, and data, entirely managed by your organization outside of the cloud. As you invest more in cloud through Infrastructure as a Service (Iaas), Platform as a Service (PaaS), and Software as a Service (SaaS), many of those different elements become managed by your provider, which makes them easier to maintain and gives your IT department more time to work on other important projects.
Your level of operational maturity should also be a major factor when determining the best way to use the cloud in your environment. Once you have consolidated and started to virtualize your environment, it would be wise to select a framework to provide further guidance in your migration to the cloud. There are a number of different models available, though the AWS Well Architected Framework (WAF) is ideal for just about every type of workload. Some of its benefits include:
+Run and monitor systems to deliver business value and to continually improve supporting processes and procedures.
+Protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
+Recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues.
+Use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.
+Run systems to deliver business value at the lowest price point.
Whether you’re just getting started or are looking to move further along in your cloud journey, there are a couple of key things to keep an eye on. The first is your cloud landing zones, which form the foundation of any public cloud. Do your research and know what you’ll be getting in terms of connectivity, user access control, activity logging and monitoring, as well as automation services that might be available. Secondly, make sure you have a robust cloud backup available should something go wrong. Keep your business and configuration data separated, make sure you have on demand testing for your backup data, maintain a third copy of your data at an offsite location, and don’t forget to accommodate for changes in your environment as you invest more in a public cloud.
Security
Gartner estimates that by 2021, 50% of data will be outside of the physical control of enterprise IT, up from 10% today. As companies migrate their systems to the cloud, the need to scale their vendor risk management program and focus on cloud security will continue to grow.
The median cost of a data breach for an enterprise organization in the U.S. was $7.9 million in 2018. Ransomware remains the top variety of malicious software, found in 39% of all cases. Of those that experienced a breach, 65% say the attacks evaded their existing preventive tools. When malware gets in, it acts quickly. A majority of data winds up stolen within hours of an attack, and it takes an average of 197 days for most companies to actually identify a breach. This is why organizations need to consider solutions that go beyond simple malware detection tools to help identify malware quickly once it has penetrated the network.
Many organizations are shifting from point-in-time security assessments to constant monitoring of both internal and external assets. Three primary options worth consideration are:
+Data-Centric Audit and Protection (DCAP) – Central monitoring of user activities and administrators for specific data sets, including vendors adding AI/machine learning or behavior analytics, to provide greater insight through monitoring and intelligence.
+Cloud Access Security Broker (CASB) – Provides security access controls at the API level to services such as O365, Dropbox, Salesforce and much more.
+Data Loss Prevention (DLP) – Not only at the email level, but within the network and endpoints both on the network and while mobile. Discover data, pattern match, set policies on data based on sensitivity and encryption level.
Of course if your IT department needs some additional help and/or fewer security responsibilities, Sentinel’s Security Operations Center (SOC) provides high value, “eyes on glass” 24x7x365 monitoring of your environment. When you combine that with our managed services for additional triage via retainer-based or T&M engagements, we offer one of the only end-to-end security options on the market. Those interested in improving their current security posture should also engage with our Security Advisory Services, who have a comprehensive array of assessments including security gap analysis, NIST cybersecurity framework alignment, device scans, penetration testing, social engineering testing, security awareness employee training, virtual Chief Information Security Officer (vCISO), and a whole lot more.
If you are interested in learning more about any of the information, solutions, and services highlighted at this year’s Tech Summit, please don’t hesitate to contact us. A very special thank you to all of the customers who joined us last week for this incredible event. We hope it was helpful as you figure out your plans for IT in 2019. And of course thanks to our presenters: Sentinel Chief Technology Officer Robert Keblusek, Advanced Strategic Solutions Advisor Mark Combs, as well as Sentinel Strategic Solutions Advisors Adam Bertram and Michael Soule. We hope to see everybody again next year for our Technology Summit 2020!
A Preview of Sentinel's 2019 Technology Summit
Sentinel’s third annual Technology Summit takes place on Thursday, January 24th, and we couldn’t be more excited about it. Several experts and thought leaders from Sentinel will detail the latest trends and emerging technologies over the course of an engaging and interactive afternoon with a select group of our customers. It’s a highly informative and fun way to kick off 2019, and can provide some additional guidance as you work toward creating an IT plan for the year. Here’s a brief glimpse into what we have planned for the event:
Our keynote speaker for the 2019 Tech Summit will once again be Sentinel Chief Technology Officer Robert Keblusek. He’s set to provide a comprehensive look at how the IT industry continues to evolve in an effort to meet the needs of businesses today while positioning them for greater success in the future. More organizations are turning to cloud-based enterprise networking to optimize their environments. These secure, intelligent and highly adaptable networks use data and user behavior to provide deep insights and recommend adjustments to streamline resources and automation. Aligning your IT environment with business goals and compliance requirements is another challenge facing many organizations today. Bob will introduce Sentinel’s Advisory Impact Methodology (AIM), and how it can help transform your technology and processes to significantly improve business outcomes.
Sentinel Advanced Strategic Solutions Advisor Adam Bertram will follow the keynote presentation with a lively discussion about the future of collaboration. As the number of smart devices we use both inside and outside the workplace continue to increase, it creates whole new challenges when attempting to connect and collaborate with co-workers, partners, and customers. Thankfully new technologies such as customizable cloud-based applications are redefining the ways we work together, so it becomes easier to schedule meetings, share files, and communicate with others no matter your device or location. He'll also talk about Communications Platform as a Service and how it can help embed communications into digital business processes to improve interaction and engagement.
As investment in and adoption of the cloud continues to expand at a rapid pace, Sentinel Strategic Solutions Advisor Michael Soule wants your organization to be prepared for the journey ahead. Just because certain cloud technologies are popular or come with an expanded portfolio of features doesn’t necessarily mean they’re the right fit for your organization. For example, those in the earliest stages of cloud adoption shouldn’t suddenly be trying to develop a multicloud environment complete with automation and complex workloads. You need to learn how to walk before you can run. During this presentation, you’ll get some tips on developing a strong cloud strategy, as well as how to optimize costs so your organization gets the most from your cloud investments.
Security remains a top priority for many businesses, and the number of security solutions available on the market today seems to the growing along with the number of cyber attacks. With so many different security products and applications to choose from, it’s tougher than ever to find the right combination that will keep your environment, sensitive data, devices, and users safe. Sentinel Strategic Solutions Advisor Mark Combs will discuss the most effective way to develop a security strategy for your organization, as well as highlight the importance of regular assessments, penetration testing, and security training. You’ll also hear more about two-factor authentication and the advanced threat detection behind Sentinel’s Security Operations Center. There may even be an in-depth analysis of an attack, so you can better understand the necessary steps to take when facing a major threat.
Once the presentations are finished, all of our speakers as well as some additional Sentinel experts will be on hand for a wide-ranging discussion and Q&A, where those in attendance can dive deeper into any topic they’d like or get help with a specific IT issue their organization is facing. If there is enough time, Sentinel CTO Robert Keblusek might also host a short breakout session on the topic of networking should there be enough interest.
Overall we hope the 2019 Tech Summit provides a comprehensive portrait of the IT landscape both today and for the future, so those in attendance can use technology to enhance and protect every aspect of their organizations. If you are interested in learning more but are unable to attend the event, please contact us for additional information.
The Importance of Regular Disaster Recovery Testing
By Geoff Woodhouse, Sentinel Solutions Architect
It is essential for organizations from every industry to have a proper disaster recovery (DR) plan in place. A well-established and regularly tested DR plan serves as an insurance policy so that if something happens and production fails, you’ll have business continuity and can return to work quickly with just about everything intact.
Most organizations should check on their DR plans as part of a yearly cycle, just to make sure you’re fully covered and actually can failover. Of course size, industry, and budget are also factors when determining the frequency of your checkups. Some large enterprise companies do quarterly DR testing, while smaller companies might have never done a DR test or even be aware of what one is. If your business occupies three floors of a skyscraper, you've probably done a DR test, because millions of dollars are at stake if your site and production shuts down. There may also be compliance laws that require DR testing at a regular cadence. A family-run business with 30 employees might think they can get away with being down for a few days, but without the ability to process orders or access accounting software things can get brutal very quickly. Many companies can’t survive being down for more than a week, no matter their size.
The DR testing process is relatively straightforward, but involves a lot of different elements that make it challenging. In the most basic sense, Sentinel examines information from your organization to determine if the amount of CPU, memory, and storage is available at your DR site is equal to or larger than the hardware requirements currently being used in production. If it fits, that’s great and you should be able to restore everything in the event of a disaster. If it doesn’t, certain data and applications may not restore properly, creating additional problems and extending the recovery time, perhaps indefinitely. It's all about math, sizing and adding the pieces up trying to make sure everything will work. Sentinel can update the current DR environment and will ensure you have the correct product licensing to establish a robust solution your organization can failover and not run into any problems.
Don’t assume your DR setup from two or three years ago is fine. Maybe your business has grown and you're using more VMs or more servers. Will the older DR plan you have work with your current situation? The good news is that most organizations will never experience a DR event where production shuts down and there are problems with the failover. Better to test it and find out rather than keeping your fingers crossed there will be enough capacity when you really need it. If you are interested in learning more about Sentinel’s DR testing services, please contact us for additional information.
Password Security Tips
By Mark Combs, Sentinel Strategic Solution Advisor
As you work on your resolutions at the start of 2019, one of them should be to improve your password security. Between frequent data breaches, improvements in hacking tools, and generally poor password selection by users, it has become easier than ever for cyber criminals to gain access to your otherwise secure accounts. Depending on what information an attacker gains access to, your data or identity can be stolen or held for ransom.
Here’s a report from CBS News about a nasty sexploitation password scam that has been going around these last several months. My wife and I both received very similar ransom threats recently, and you can check out the screenshot below to see what one of them looked like.
My account password must have been compromised on a site I used a long time ago. Although the password mentioned in the ransom email was relatively simple, I only use those types of passwords for things I really don’t care about. It also helped me identify exactly what site was compromised because I very rarely reuse passwords.
It is important to educate yourself and others about these types of password security scams. Organizations should invest in cyber security awareness training to ensure all of their users understand the threats that are out there and the methods criminals employ to obtain your password and other sensitive information. A single training session won’t do the trick, which is why a solution like Wombat (Proofpoint) requires users to complete security training modules at regular intervals as a way to refresh their memories and stay up-to-date on new or changing tactics.
One important way to improve the security of your own passwords is by making them longer. Many organizations and applications require users to come up with a password that meets certain complexity requirements, such as including some combination of letters, numbers, and symbols. That’s fine, but increasing the number of total characters used (a minimum of eight) offers greater password protection in the long run. Here’s a cool little tool to help you generate truly random words that you can string together for secure passwords. Throw a number or two in here or a special character and you have a strong password that is easy to remember. Humans are predictable, so when they think they are creating random words more likely they are probably not. This tool circumvents human error.
Unfortunately, standard passwords are often not enough and can still be compromised in a corporate data breach, regardless of the site or application. This is also why you should never reuse passwords or use the same password on multiple accounts, because it creates additional points of vulnerability. Two-factor authentication adds an extra layer of security by requiring users to login by providing both a password and a second identity confirmation element such as a code sent to your smartphone or a fingerprint ID. Our partners at Duo offer one of the best two-factor authentication solutions available to help your organization reduce risk and establish secure connections to all applications.
If you are interested in learning more about password security and the steps your organization can take to keep your users and critical data safe, please contact Sentinel for more information.