Knowledge Base

It is Past Time to be Open to Windows Server 2016

August 15th, 2017

Nobody likes upgrades or changes to back-end infrastructure that, on a typical day, just works.  Such is the life of the server.  Server operating systems are typically a “set and forget,” with the knowledge that this group of servers runs on that flavor of Windows, which will be upgraded at the same time as the hardware.  However, there are compelling reasons to consider an upgrade to Windows Server 2016.

The MOST pressing concern for most IT Departments we work with is Security.

One of the primary vulnerabilities CIS’ elite Security Team uncovers on a regular basis is the continued use of unpatched, unsupported, aging software and operating systems.  Critical vulnerabilities emerge rapidly as products age out of their support model.  If you are currently running Windows 2003 at the server or Windows XP at the desktop; please stop reading and make the change, we will wait.  It’s that important.  For more “current” users who are running Windows 2008 R2, or even Windows 2012, we’d like to ask you to look at those years, and consider where you were at the time.  Now that we have a real feel for how long those products have truly been in the environment, we can understand the inherent security risk in areas like Access Controls and Privileges.  Upgrading Windows provides a chance to both utilize the new tools, such as JEA (Just Enough Access) utilities, and to utilize the opportunity to review who has access to what, and why, across your environment.

Providing a more efficient and reliable platform for applications

At long last, Microsoft has decided to adopt a Container model in their Windows Server product.  With a stated goal of making Windows 2016 a cross-platform operating system for a seamless Hybrid Cloud and On-Premises model, Containers are a hugely important new development in Windows Server 2016.

The idea behind containers is to “park” or “Dock” processes that typically chew on memory resources, segregating them from other processes in a bubble of sorts.  This frees all the other applications to consume required memory and resources, functioning more reliably and efficiently either locally or remotely.  Windows Server 2016 actually includes two versions of Containers, a standard Docker and a customized Hyper-V version.

Nano, Nano.

Ok, you probably read about or used 10 products already today that have nano in their name, but this one may be the most interesting innovation of all.  Included with Windows 2016, under the hood, is Microsoft’s new small footprint Operating System, known as Nano Server.  Nano server utilizes significantly fewer resources, currently able to run on 512MB of disk space and barely 300MB of RAM, and yields a staggering 92% fewer critical bulletins and 80% fewer reboots than typical Windows Server.

Nano Server is not a typical Operating System, it does not have a GUI or command line, it is intended entirely as infrastructure, to work with Hyper-V and in the Hybrid Cloud or Native-Cloud application space.  A single implementation of Nano Server with 1TB of RAM today can run 1,000 Virtual instances of Nano Server, an impressive feat on which Microsoft hopes to dramatically improve. As Microsoft puts it, Windows 2016 is here to Virtualize any workload, without exception.

We don’t work in the cloud, should we care?  YES!

We get it, the cloud isn’t for everyone.  It can be a daunting effort just getting there, and sometimes the learning curve for end users can be too steep.  This is why Microsoft made certain to pack Windows Server 2016 with On-Premises focused enhancements as well.  A primary change is that Windows Server 2016 includes up to 24 TB of RAM to run the resource-intensive applications used by most businesses.  Significant changes have been made to Hyper-V’s encryption  capabilities, access via PowerShell, and the ease with which modification of memory and network configurations are performed.

All of these changes are aimed at delivering a better experience to clients not ready to move to the cloud or hybrid cloud, while providing a platform from which to make, first, the step to Hybrid, followed by an enthusiastic leap to Cloud!

Server power equals business capability

Servers are the underappreciated backbone of a business.  The more powerful the server the more stable and better performing it will be.  By upgrading to Windows Server 2016, your end users will get the best possible experience while running their applications and workloads, and you will gain significant scalability and flexibility to meet the changing needs of your company’s growing dynamic business.

Interested?  Contact your CIS rep today!

CIS has helped clients of all shapes and sizes restructure their Windows Server environment, through most of the previous iterations of Windows.  The CIS team has unrivaled experience providing customized upgrade and migration experiences, utilizing proprietary tools and approaches, to ensure success.  CIS can provide consultation as well as hands-on integration and implementation work for any On-Premises, Hybrid, or Cloud Server Windows environment, get in touch with us today to start the discussion!


“Tel” Me More? – Mitel Acquires ShoreTel

August 2nd, 2017

Throughout CIS’ 14-year history with ShoreTel, both organizations have undergone significant change, typically to mutual benefit.  As a ShoreTel Premier Gold Partner, CIS has been uniquely positioned to provide elite services to clients throughout the New York region, and all across the country.  CIS designs, implements, configures, and supports ShoreTel IP telephony solutions of all types, including on-premises, cloud, and hybrid offerings.

On July 27th, 2017, an announcement was made that rival manufacturer Mitel has made financial arrangements to acquire ShoreTel, with the transaction expected to close during Q3 of 2017.  The new combined organization will immediately become the 2nd largest in the Unified Communications as a Service (UCaaS) market.

Mitel has already released statements to existing ShoreTel clients and partners, fully committing to the continued support and availability of the product line.  Mitel paid a 28% premium on ShoreTel’s July 26th closing price, a clear sign that they are acquiring the line in order to bring together technology from both organizations, enhancing and blending both product lines.

With a very large enterprise presence throughout Europe, the Middle East, and Africa, Mitel has a reputation for leading industry consolidation in the Unified Communications space.  As such, they are fully expected to embrace the ShoreTel Connect and ShoreTel Summit CPaaS platforms, enhancing the product road-map and hardware portfolio available to existing ShoreTel customers.

Mitel’s next-generation platform allows an existing telephony call-control system to remain in place,  working with new Mitel equipment, software APIs, and Cloud Applications.  This means that existing customer investments in ShoreTel technology will be maintained, with NO requirement for upgrades or replacements.

The recently released July 2017 Gartner Unified Communications report ranked Mitel as a “Leader” in the Magic Quadrant.  This ranking means that Mitel is a company that analysts consider to be on a path to success, earning the label “Industry Visionary” in the write-up.  The acquisition of ShoreTel will only enhance the company’s strength and capability, through adding ShoreTel’s USA market share the new group will have annual sales reaching $1.3 billion, and will employ more than 4,000 people.

CIS is currently in the process of working with the Mitel Partner Team, ensuring a smooth transition for all clients’ administrative needs, manufacturer support, and equipment.  The CIS team is fully capable of installing, configuring, customizing, and supporting Mitel systems, and will work with Mitel to continue providing clients with the highest levels of support and technological capability.  CIS reps will be conducting awareness sessions with existing ShoreTel clients, either as a group or in a one-on-one format, and this website will continue to provide information as the acquisition progresses.

This is truly an exciting development for ShoreTel and their Client-Partner ecosystem.  Mitel’s commitment to ShoreTel’s existing technology and relationships was CIS’ paramount concern as the deal was announced, and they quickly allayed any concerns.  CIS has absolute confidence that the combined organizations will emerge as a titan in the Unified Communications industry, delivering the highest levels of service and capability to clients of all shapes and sizes, all around the world.


So Your Email is in the Cloud, Now What?

July 18th, 2017

The days of “the cloud” being a nebulous industry buzzword are over.  There are clear winners in the cloud services game and they are, as anyone would expect, Microsoft, Google, and Amazon.  Amazon AWS and Microsoft Azure are leading the field in cloud based server space, which is being utilized for everything from development to production to disaster recovery needs.  In the end-user facing arena, Microsoft’s Office 365 is far outpacing its rivals, with Google Apps a distant second, staking out territory primarily in the Not-for-Profit and Education markets.

To date, CIS has migrated over 250,000 client users or “seats” to the Microsoft cloud.  Typically email and collaboration services are the proverbial toe that clients dip in the water, testing if the cloud is really the right fit for their business, but the journey to the cloud shouldn’t stop there; email is just the beginning!

It has become imperative that any organization whose physical or virtual data infrastructure relies upon aging hardware strongly consider the Microsoft Azure or Amazon AWS when planning the next evolution of the server room or IT closet.  Myriad benefits can be reaped from migrating critical company data away from antiquated slow insecure hardware that requires on-site maintenance and care, as well as an expensive monthly outlay for power, cooling, real estate, and other such costs; to a modern, secure, reliable, disaster-proof, mobile platform.

Change can be revolutionary!

Imagine the following scenario: 

You manage IT for a 50-employee accounting firm in Manhattan.  As anyone in that position knows, in this context, “manage” means “completely run everything on a limited budget, with limited tolerance for IT requests.”  This is as tough a role as there is in the IT world.  With few dollars to spend, every decision becomes critical, and the need to squeeze extra life out of each product purchase is paramount; which is why you’re now running 10 critical production servers in a virtual environment hosted on eight year old non-warrantied server hardware with a similarly aged SAN on the back-end.  You’ve made a Capital Expenditure (CAPEX) request for new hardware each of the last 3 years, and it’s been rejected each of the last 3 years.  You know your backups run, but you’ve never given them a full failover test.  Any critical issue with your server hardware could mean the end of your job, if not the entire company.

In this scenario, the traditional method would be continuing to propose the same large CAPEX project to replace old server hardware with new server hardware, working with Dell, HP, EMC, or other such manufacturers.  The traditional method will be a short-term fix for some of your challenges, but you will eventually end up back in the same situation, while continuing to pay the overhead associated with real estate, power, warranties, etc.  And that’s only IF your CAPEX request is approved!

If you’re smart in your new hypothetical IT Management job, you will surely consider a cloud based solution, built on Azure or AWS.  Either solution will require a migration project, so there will always be a year-one request, but in this scenario the expense will yield revolutionary change in how your organizational IT costs and capabilities.

Just a few of the advantages of considering a migration to the cloud:

  • Servers and related costs become Operational Expenditures instead of repeated capital outlay
  • Cost savings for server/SAN including real estate, electricity, warranty, security, HVAC, and operational charges
  • Behind hundreds of millions of dollars’ worth of network security from Microsoft or Amazon’s infrastructure
  • Global server replication for disaster recovery and business continuity
  • Mobility and flexibility options for remote / at-home employees
  • Ease of management, monitoring, and collaboration
  • Predictable and flexible costs

A migration to the AWS or Azure platform can either move existing virtual servers directly in to the cloud, or setup new Windows Server 2016 servers in the cloud, with the data and roles transferred over to them.   As there is company growth and new servers are required, your hypothetical IT Manager character can provision them quickly and with minimal costs added to your monthly bill.

Similarly, temporary servers can be spun up then decommissioned for any specific project needs or “busy seasons.”  Going back to our avatar working at an accounting firm, for example, we can reliably predict that the firm’s computing needs are going to spike between January and May every year, and be far less demanding during the taxation off-season.  In a traditional server setting, it would be next to impossible for a small firm to repeatedly add server hardware and computing “horsepower” to the environment every year for only a few months.  However, by leveraging the cloud, you can create and eliminate servers at will, only paying for true utilization, and creating cost certainty as well as savings across the entire IT year.

Finally, through migrating to a fully cloud-based server environment, your firm gains significant mobility and flexibility.  No longer are users tied to their office or to an aging slow Citrix connection to critical data and applications.  Employees can work securely from anywhere in the world that can provide them internet access.  Similarly, leveraging these cloud offerings creates a server environment that is ironclad against localized outages or disasters in your office, city, or even region.  Both Microsoft and Amazon leverage redundant worldwide data centers, ensuring that your data and servers are always available.

CIS helps clients migrate email, data, and services to the cloud securely and successfully.  Available Managed Services programs further leverage the cloud to provide enhancements to performance, security, cost, and efficiency, translating to a better user experience and stronger KPIs for clients of all sizes.

At CIS, we see the future of Modern IT as smaller IT closets on premises, with cloud-based servers providing more secure and robust services, and affording all users the ability to work from anywhere, from any device, securely.

Want to make the journey to the cloud with us?  Contact your CIS rep, or click here to get in touch with us if we don’t already know you.  We look forward to the discussion!


Updated 6/28: New Ransomware Outbreak

June 27th, 2017

It has come to our attention that a new wave of Ransomware outbreaks has struck thousands of companies throughout Europe, Asia, and parts of the United States.  CIS is monitoring the situation and will be providing ongoing updates to clients who may be impacted.  As always, caution and diligence are the best answers in a situation like this.  Further information for remediation and protection will be provided as new details emerge.

The malicious code is still under analysis from Security and Cyber Crimes experts from around the world.  Roughly two thousand companies have reported infection, including giant enterprises such as Merck and Maersk, as well as critical government and private infrastructure in areas like power, healthcare, and emergency response.  The target list also appears to include numerous small and medium sized organizations, such as law firms and accounting firms.  Much like the recent “WannaCry” outbreak, the attack encrypts company data and demands a ransom; in this case $300 in bitcoin is the common demand, to unlock data.

As with any ongoing investigation, there have been numerous conflicting reports about the malware itself.  At this time, we can report the following recommendations with confidence:

  • The malware demands a $300 ransom paid in Bitcoin to release the encryption imposed that prevents users from accessing their devices.  This ransom should NOT be paid under any circumstances.  Communication with the email addresses provided in the ransom demand has been shut down, and there will be no recourse to recover data after paying.
  • Most major anti-malware installations [McAfee, Norton] already have signatures to block the malware.  So being updated can prevent this.
  • Creating a file called “perfc” with no extension in the C:\Windows directory prevents the malware from encrypting files.

CIS advises clients to be diligent about rolling out any critical patches and updates released by Microsoft or other key vendors.  End-user education is also increasingly important, in this scenario CIS recommends that a company-wide message be sent, reminding end-users not to click on anything in an email unless they are absolutely sure of the source and content.

We will provide further updates as more information emerges.  If you have experienced a security breach, or would like to discuss any concerns or best practices approaches to IT Security, please contact us:  212-577-6033 / http://cisus.com/contact

 


How a Managed Services Approach to Ransomware Protection Would Have Blocked WannaCry

June 7th, 2017

by Nick Seal, Practice Director, Managed Services;  Terry McBride Sr. Sales Executive

 

Beginning on May 12, 2017, in more than 150 countries around the world, business operations for companies of all shapes and sizes ground to a halt.  Over 230,000 computers were infected in only a few days by a particularly malicious crypto-worm known as WannaCry.  Despite protections that blocked initial versions of the worm, even some of the largest corporate entities across Europe were eventually breached by later permutations.  In addition to thousands of smaller companies, victims of this attack included the British National Health Service, FedEx, Telefonica Spain, and Deutsche Bahn.

WannaCry utilized a Windows Server Message Block (SMB) exploit, a known issue that had been addressed by Microsoft in March of 2017 with a security patch.  However, due primarily to lax approaches to Endpoint Security and Patch Management, millions of machines around the world remained unpatched and vulnerable to the worm which, once inside, encrypted critical client data and demanded payment for its release.  The propagation of WannaCry became so severe that Microsoft broke corporate protocol to release a critical security patch for unsupported systems still running on Windows XP and Windows 2003.

 

Cyber-Crime will cost the global economy over 6 TRILLION dollars by 2021.

 

New malware and worms are released “into the wild” on a daily basis.  Even in the short weeks since WannaCry, two major pieces of malware, Fireball and EternalRocks propagated using similar exploits.  In the case of WannaCry, a hacking group known as the Shadow Brokers leaked the Windows exploit, which was discovered originally by the United States’ National Security Agency (NSA), but not reported to Microsoft.  It is believed that the Shadow Brokers group first learned of the exploit when it was revealed in a large dump of NSA tools by Wikileaks.  Analysts estimate that cyber-crime will cost the global economy six trillion dollars by 2021.  Considering the current estimated value of the global economy is only 78 trillion dollars, the implication is clear.

The nature of worms such as WannaCry is that they can cause a major security breach via even a single vulnerable machine on a network.  There was already a two-month old security patch from Microsoft when WannaCry began to spread in mid-May.  However, unless machines were fully patched from that version forward, they were left critically vulnerable.  While device-based edge security is a common area of focus, companies typically do not work proactively at aggressively patching and securing end-points, because it can be a cumbersome difficult task that is time-consuming for any size IT team.

 

CIS takes a layered pro-active approach to help clients protect themselves as much as possible from the next malware/ransomware outbreak.

 

The CIS Managed Services team takes a security-oriented pro-active approach to managing the endpoint.  CIS engineers and technicians work with clients to make recommendations on what can be reasonably done to mitigate the likelihood of falling victim to an attack.  CIS experts continually monitor the state of global malware attacks, as well as work with organizations such as Microsoft when critical patches are released.  As part of the Managed Services program, the CIS team works with clients to regularly review and update patches to the most current secure version.  As one of the most popular attack vectors centers around the user, not the machine, end-user training and awareness seminars are an added service that significantly improves client’s odds of avoiding the next attack.

CIS takes a layered approach to management and security of the endpoint.  Among the first tasks for any new managed services client is a full review of the entire environment, with the goal of creating a common baseline of software versions, patches, and security.

Supported Software:  CIS recommends that clients use only manufacturer-supported software that gets security updates, such as Windows 10 and Windows Server 2016.  This also extends to 3rd party software such as modern versions of line-of-business applications.  If there are any machines that use Windows XP, Windows 2003, or other non-supported Operating Systems, they must be replaced or upgraded immediately.

Patching: CIS’ approach to patch management is that monthly is good, weekly is better, and daily is best.  While daily patching is not practical for all organizations, CIS strongly recommends setting up at least monthly patch cycles for workstations and servers.  Companies following this simple rule in March would have been completely protected from WannaCry in May.

Email Protection:  All email must be filtered and scanned, at a minimum by native tools within a service such as Microsoft Office 365 or Google Apps, but ideally utilizing additional layers of protection such as MimeCast or SpamStopsHere.  All links in emails should be scanned to ensure that they are not hiding malicious executable code.  End user IT Security Best Practices education should be rigorous and continual.

Anti-Virus:  CIS recommends anti-virus solutions that are not reliant on public definitions, as many traditional anti-virus products are.  When a new virus is released, if the A/V application doesn’t have a definition for it already it will be vulnerable, this is known as a zero-day attack.  CIS recommends a specific Anti-Virus product, which will not be named here, in the interest of client security, which is cloud-based and uses behavior analysis, rather than definitions, to identify malware and viruses, as it scans everything in use.

Anti-Malware:  All CIS Managed Services clients receive an additional layer of protection with an Anti-Malware platform that does utilize definition-based scans, as a secondary protocol, in the event that the primary cloud-based A/V application does miss something.

Edge Appliance:  Depending on the size and operational budget of a client, CIS recommends either SonicWALL or Cisco current-generation firewalls, with full security services, to block malicious code before it gets to the network.

End-Users:  User behavior and training can have a huge impact on security.  Supporting users directly and regularly conducting best practices seminars and hands-on training can help ensure users are following smart computing practices.

Security Testing – In addition to the standard pro-active services provided by the Managed Services team, CIS has a Network Security focused team that conducts high-level network penetration testing, vulnerability analysis, phishing and spear-fishing testing, and other social engineering, to help ensure that security standards are met or exceeded.

While there may be no such thing as TOTAL security, CIS’ philosophy is that if breaching the network is made difficult enough, the odds are strongly in your favor that the attack will simply move along to the next potential victim.  Taking a Managed Services approach to endpoint and network security will help ensure that critical company data is protected against attack vectors of all sorts.


“WannaCry” but Keep Calm & Don’t Panic…

May 15th, 2017

As you have no doubt read recently, we have an unprecedented global malware situation that has been directly impacting human lives around the world over the last few days.  As your trusted technology advisor, CIS will provide further information as more details become available.  Action must be taken as quickly as possible to protect exposed systems, we have given this maximum priority and are leveraging the entire CIS team to address all possible solutions in the most expedient manner possible.

An email to clients this morning included a screenshot of the National Health Service of the U.K.’s website’s posted outage message as one example of what has been taking place all over the world.  In this one case, a hospital’s non-emergency operations have been suspended and ambulances are being diverted as a result of the malware’s existence.  In other words, this cyber-incident can now be classified by some as “deadly.”  There are widespread examples of similar impacts to critical services from around the world, however they are currently of little consequence.  The most important thing to focus on is:  What happens now?

Immediate actions we recommend be taken include the following.  Be advised, while these items will help lessen risk they are NOT a guarantee that malware will not morph [change] into something else that will penetrate a network.

  •  Do not click on links, even though they appear legitimate.  Check to see where these links may take you.
  • Do not click on links sent via email, even if they are sent from friends.
  • Do not open attachments.
  • Deactivate all WI-FI equipment [tablets, cell phones, etc.] wherever possible.
  • Stay vigilant and propagate best practices to colleagues.

Please know that Computer Integrated Services is doing all we can to protect you.  We are enlisting all possible avenues to do our due diligence and keep you safe.  As information and mitigation procedures become available we will keep you informed.  At this point, nobody can state with 100% assurance, even with these best practices, that you will not be affected.

If you have any questions regarding this issue, please feel free to contact us.  We thank you for your business and your trust.


CIS and BeyondTrust host webinar focused on IT Privilege Abuse in Higher Education

April 26th, 2017

Cyber Security Expert, and BeyondTrust Vice President of Technology, Office of the CTO, Morey Haber

 

I’m reaching out to invite you to a webinar that BeyondTrust and CIS are hosting for a small group of IT and security leaders at Mid-Atlantic colleges and universities: Preventing IT Privilege Abuse in Higher Education.”  Please pass on to your team members!!

Below is a presentation overview and login details, plus links to a couple relevant analyst reports. I hope you can make it! If so, please hit “accept” so we know to expect you.

The presentation will cover how PowerBroker Privileged Access Management (PAM) solutions from BeyondTrust can help you to:

  • Secure faculty, staff and student access to sensitive systems
  • Store, manage and rotate privileged passwords and SSH keys
  • Monitor privileged account usage and flag in-progress threats
  • Enforce least-privilege policies without killing productivity
  • Address FERPA, PCI, HIPAA and other mandates impacting higher Ed,

We’ll start with a short overview from Morey Haber, VP of Technology at BeyondTrust, followed by a quick demo of how our integrated password management and least privilege solutions work together to prevent data breaches.

In the meantime, check out these PAM reports from Gartner and Forrester:


Navigating the 23 NYCRR 500 Financial Regulations w/ CIS & BeyondTrust

March 10th, 2017

The New York State Department of Financial Services (DFS), has released legislation:  23 NYCRR 500 to combat the persistent threat posed to information and financial systems by nation-states and independent criminal actors.  This regulation is designed to:

  • Promote the protection of customer information
  • Promote the protection of information technology systems of regulated entities
  • Require each company to assess its specific risk profile
  • Require each company to design a program that addresses its risks in a robust fashion
  • Require annual certification confirming compliance with these regulations by senior management

CIS and BeyondTrust have been monitoring the requirements of this new legislation, and recommend that anyone in the financial industry read the attachment below as a first-step in implementing a plan.

To discuss further, please contact a CIS rep at:  sales@cisus.com or 212-577-6033

NY State Financial Cyber Security Requirements


CIS Network Security Bulletin

March 8th, 2017

Welcome to the first of our Security Bulletins, prepared by CIS’ Chief Information Officer, Anthony Fama.  The purpose of these ongoing bulletins is to help strengthen IT Security awareness within our client base.  CIS strives to provide our clients with the critical information they need, in an actionable format, to support the decision making process, and ensure stability, efficiency, and security of client environments.  For further information, please contact your Account Manager or the CIS Service Desk.  Click the link below to access the full bulletin.

CIS Security Bulletin – 4-2017 (opens separate PDF)


Strategic Partnership with CIS enhances the BeyondTrust partner program and helps organizations mitigate threats involving privileged access.

March 2nd, 2017

PHOENIX, March 1, 2017 – BeyondTrust, the leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, today announced a new partnership with Computer Integrated Services (CIS), aimed to help more customers prevent privilege misuse and stop unauthorized access. As the BeyondTrust partner with the top-tier organization with a proven track record of successful joint identity and access management (IAM) and privileged access management (PAM) deployments, customers can trust CIS to accelerate deployment results, speed time to value, reduce ongoing costs and improve efficiencies.

BeyondTrust Adds CIS to Portfolio of Trusted Identity and Access Management Partners