Computer Integrated Services’ Network Security Team is monitoring the following…
At 12:37AM EST on October 16th, 2017, ARS Technica disclosed to the World a “new” flaw in a wireless protocol (communication language). They call it KRACK (“Key Reinstallation Attacks”). This vulnerability theoretically makes it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.
This issue potentially affects any device using WPA2 (Wi-Fi Protected Access II). To quote one report, “Both Windows and iOS aren’t believed to be vulnerable to the most effective attacks. Linux and Android appear to be more susceptible.”
CIS is monitoring this issue on behalf of our clients, and will provide patches or further advisories when they are available from manufacturers. At the time of this writing, the attack has NOT been reported to have stolen any information. If you have specific concerns about this issue, please contact the CIS Service and Support Desk at email@example.com.
CIS and Micro Focus, global leaders in Identity and Access Governance, are teaming up on October 5th to bring an exciting engaging dinner event to C-Level executives interested in learning more about the organizations and their cutting-edge Identity solution. The event will feature a private dinner and discussion with Dan Shmitt, Chief Information Officer, Major League Baseball (MLB) Advanced Media. Mr. Shmitt will share his experiences working with both organizations, and host a round-table discussion focused on the many advantages gained from implementing the solution. Highlights will include:
The event will take place at a famous New York City steakhouse, and is by invitation only. If you are interested in attending, please contact your CIS rep, or email us and someone will get right back to you.
To celebrate our many years of partnership, and reward our treasured mutual clients with a top-end dinner and night out, CIS and ShoreTel are pleased to announce we will be hosting an exclusive Client Appreciation Dinner on the evening of September 27th. The Italian restaurant selected for the event is among the most well-reviewed in New York City, and is sure to provide a first-class experience for everyone in attendance. We are doing everything possible to touch base with personal invitations, but if you are a CIS or ShoreTel client who has not heard from us, and would like to attend, please contact your CIS rep today!
Throughout CIS’ 14-year history with ShoreTel, both organizations have undergone significant change, typically to mutual benefit. As a ShoreTel Premier Gold Partner, CIS has been uniquely positioned to provide elite services to clients throughout the New York region, and all across the country. CIS designs, implements, configures, and supports ShoreTel IP telephony solutions of all types, including on-premises, cloud, and hybrid offerings.
On July 27th, 2017, an announcement was made that rival manufacturer Mitel has made financial arrangements to acquire ShoreTel, with the transaction expected to close during Q3 of 2017. The new combined organization will immediately become the 2nd largest in the Unified Communications as a Service (UCaaS) market.
Mitel has already released statements to existing ShoreTel clients and partners, fully committing to the continued support and availability of the product line. Mitel paid a 28% premium on ShoreTel’s July 26th closing price, a clear sign that they are acquiring the line in order to bring together technology from both organizations, enhancing and blending both product lines.
With a very large enterprise presence throughout Europe, the Middle East, and Africa, Mitel has a reputation for leading industry consolidation in the Unified Communications space. As such, they are fully expected to embrace the ShoreTel Connect and ShoreTel Summit CPaaS platforms, enhancing the product road-map and hardware portfolio available to existing ShoreTel customers.
Mitel’s next-generation platform allows an existing telephony call-control system to remain in place, working with new Mitel equipment, software APIs, and Cloud Applications. This means that existing customer investments in ShoreTel technology will be maintained, with NO requirement for upgrades or replacements.
The recently released July 2017 Gartner Unified Communications report ranked Mitel as a “Leader” in the Magic Quadrant. This ranking means that Mitel is a company that analysts consider to be on a path to success, earning the label “Industry Visionary” in the write-up. The acquisition of ShoreTel will only enhance the company’s strength and capability, through adding ShoreTel’s USA market share the new group will have annual sales reaching $1.3 billion, and will employ more than 4,000 people.
CIS is currently in the process of working with the Mitel Partner Team, ensuring a smooth transition for all clients’ administrative needs, manufacturer support, and equipment. The CIS team is fully capable of installing, configuring, customizing, and supporting Mitel systems, and will work with Mitel to continue providing clients with the highest levels of support and technological capability. CIS reps will be conducting awareness sessions with existing ShoreTel clients, either as a group or in a one-on-one format, and this website will continue to provide information as the acquisition progresses.
This is truly an exciting development for ShoreTel and their Client-Partner ecosystem. Mitel’s commitment to ShoreTel’s existing technology and relationships was CIS’ paramount concern as the deal was announced, and they quickly allayed any concerns. CIS has absolute confidence that the combined organizations will emerge as a titan in the Unified Communications industry, delivering the highest levels of service and capability to clients of all shapes and sizes, all around the world.
It has come to our attention that a new wave of Ransomware outbreaks has struck thousands of companies throughout Europe, Asia, and parts of the United States. CIS is monitoring the situation and will be providing ongoing updates to clients who may be impacted. As always, caution and diligence are the best answers in a situation like this. Further information for remediation and protection will be provided as new details emerge.
The malicious code is still under analysis from Security and Cyber Crimes experts from around the world. Roughly two thousand companies have reported infection, including giant enterprises such as Merck and Maersk, as well as critical government and private infrastructure in areas like power, healthcare, and emergency response. The target list also appears to include numerous small and medium sized organizations, such as law firms and accounting firms. Much like the recent “WannaCry” outbreak, the attack encrypts company data and demands a ransom; in this case $300 in bitcoin is the common demand, to unlock data.
As with any ongoing investigation, there have been numerous conflicting reports about the malware itself. At this time, we can report the following recommendations with confidence:
CIS advises clients to be diligent about rolling out any critical patches and updates released by Microsoft or other key vendors. End-user education is also increasingly important, in this scenario CIS recommends that a company-wide message be sent, reminding end-users not to click on anything in an email unless they are absolutely sure of the source and content.
We will provide further updates as more information emerges. If you have experienced a security breach, or would like to discuss any concerns or best practices approaches to IT Security, please contact us: 212-577-6033 / http://cisus.com/contact
Cyber Security Expert, and BeyondTrust Vice President of Technology, Office of the CTO, Morey Haber
I’m reaching out to invite you to a webinar that BeyondTrust and CIS are hosting for a small group of IT and security leaders at Mid-Atlantic colleges and universities: “Preventing IT Privilege Abuse in Higher Education.” Please pass on to your team members!!
Below is a presentation overview and login details, plus links to a couple relevant analyst reports. I hope you can make it! If so, please hit “accept” so we know to expect you.
The presentation will cover how PowerBroker Privileged Access Management (PAM) solutions from BeyondTrust can help you to:
We’ll start with a short overview from Morey Haber, VP of Technology at BeyondTrust, followed by a quick demo of how our integrated password management and least privilege solutions work together to prevent data breaches.
In the meantime, check out these PAM reports from Gartner and Forrester:
PHOENIX, March 1, 2017 – BeyondTrust, the leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, today announced a new partnership with Computer Integrated Services (CIS), aimed to help more customers prevent privilege misuse and stop unauthorized access. As the BeyondTrust partner with the top-tier organization with a proven track record of successful joint identity and access management (IAM) and privileged access management (PAM) deployments, customers can trust CIS to accelerate deployment results, speed time to value, reduce ongoing costs and improve efficiencies.
CIS is delighted to announce the publication of Geoffrey Carman’s second book, which can be found for purchase here. Geoffrey is one of the most well regarded and widely read minds in the field of Identity and Access Governance. His first book, “Definitive Guide to IDM Tokens,” published in 2014, remains the authoritative work on the subject. For this next effort, Geoffrey focused on creating something he felt was lacking, a manual for IDM Validator, hence the book’s name “IDM Validator: The Missing Manual.” The work delves into covers testing methodologies and reviews all actions in Validator with highlighted examples; it is sure to be a fixture in the technical library of anyone working with Validator for years to come.
Click here to learn more about CIS’ Identity team and their capabilities.
CIS is pleased to announce that Alex Errico, a Senior Sales Executive who has been with the firm for 3.5 years, will be giving his second presentation on IT Security and Compliance to the Midtown Regulatory Group (MTRG). The MTRG is a group of over 800 senior compliance and legal officers and lawyers from brokerage firms located throughout the United States that meet monthly to discuss regulatory issues. Following a very successful introductory discussion and subsequent presentation to the collected group in 2016, Alex was invited back to present to MTRG on April 5th, 2017. Alex will cover current and emerging trends in the world of IT Security, and will review the numerous ways in which CIS helps clients meet and maintain compliance.
Click for more information on CIS’ Network Security and Data Communications offerings
Click for more information on CIS’ Identity and Access Solutions
CIS and Micro Focus are pleased to announce a series of exclusive informational dinners being held in Houston, Toronto, and New York City at high-end restaurants across three dates in February. A guest speaker, the IDM Director from NASDAQ, will present his recent use-case wherein the ability to demonstrate adequate control over access to regulated information for internal and external audits was required, and how these capabilities were gained utilizing Micro Focus security tools implemented by CIS world renowned subject matter experts. We will enjoy dinner, drinks, conversation, and hear some valuable information about a critical subject that is surely on everyone’s radar in 2017.
Seating for the events is currently on an invitation only basis, please contact CIS to express interest, we will do everything possible to accommodate anyone who would like to attend, but please understand that space is limited.