Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
Excerpt: Managing Certificates With Windows Certificate Manager and PowerShell
By Michael Soule, Sentinel Strategic Solutions Advisor
Recently, Sentinel Strategic Solutions Advisor Michael Soule wrote a lengthy, in-depth tutorial for the IT site Adam the Automator surrounding the challenges involved with managing certificates through Microsoft Windows. It is more technical than what we typically feature on this blog and may not be easy for some people to understand, but we wanted to share an edited excerpt from it anyway in case anyone is interested in learning more. If this interests you, the full tutorial can be read here.
If you're a Windows system administrator, you might have been forced to work with certificates. Working with certificates in Windows is typically one of those extra hats a sysadmin has to take on. Certificates are notoriously complex and hard to understand, but my hope is that by the time you're done reading you'll realize that certificates aren't that scary in Windows!
Within Windows, all certificates exist in logical storage locations referred to as certificate stores. Certificate stores are "buckets" where Windows keeps all certificates that are currently installed and a certificate can be in more than one store.
Unfortunately, certificate stores are not the most intuitive concept with which to work. Each store is located in the Windows Registry and on the file system. When working with a certificate in a store, you are interfacing with the logical store; not directly modifying the registry or file system. This simpler manner lets you work with a single object while Windows takes care of how to represent that object on disk.
“You'll sometimes see certificate stores referred to as physical or logical stores. Physical stores reference the actual file system or registry location where the registry key(s) and/or file(s) are stored. Logical stores are dynamic references that reference one or more physical stores. Logical stores are much easier to work with than physical stores for most common use cases.”
Windows stores certificates in two different areas - a user and computer context. A certificate is placed in one of these two contexts depending on if the certificate should be used by a single user, multiple users, or the computer itself.
If you intend for a certificate to be used by a single user, then a user certificate store is ideal. This is the common use case for certificate-based authentication processes such as wired IEEE 802.1x.
User certificates are located within the current user's profile and are only logically mapped within that user's context. User certificates are "mapped" and are unique for each user, even on the same systems.
If a certificate will be used by all users on a computer or a system process, it should be placed inside of a store in the computer context. For example, if a certificate will be used on a web server to encrypt communication for all clients, placing a certificate in a store in the computer context would be ideal.
You'll see that a computer's certificate store is logically mapped for all user contexts. This allows for certificates in a computer certificate store to be used by all users, depending on the permissions configured for the private key.
Computer certificates are located in the Local Machine Registry hives and the Program Data folder. User certificates are located in the Current User Registry hives and the App Data folder.
PowerShell vs. the Windows Security Certificate Manager
Since certificates can be managed a few different ways in Windows, which one do you choose? Should you go the GUI (MMC) route or command-line with PowerShell?
First, consider the lifecycle of a certificate. If you only intend to install or remove a single certificate once, consider using the MMC. But if you're managing multiple certificates or find yourself performing the same task over and over again, the command-line route may be the way to go. Even if you don't know how to write PowerShell scripts, it'd be worth learning if you have many different certificates to manage.
Let's first take a look at how to discover the certificates installed on Windows using both the Certificate Manager and PowerShell.
Using the Windows Certificate Manager
To view certificates with the MMC, open up the Certificate Manager open your Start menu and type certmgr.msc. This will bring up the Windows Certificates MMC. This initial view will provide an overview of all the logical stores displayed in the left window.
There are many attributes of a certificate you can see when viewing them with the MMC. For example, you will likely want to select specific certificates.
The easiest way for you to accomplish this is by referencing the certificate's Serial Number or Thumbprint extension value. If the certificate was signed by a certificate authority (CA), it will have a serial number when issued. The Thumbprint is calculated every time the certificate is viewed.
One important feature to point out is embedded private keys. Certificates in Windows can also have a corresponding private key. These private keys are stored in corresponding physical stores as encrypted files.
To quickly distinguish a certificate with and without a corresponding private key, look at the certificate icon. In the MMC, if the icon simply looks like a piece of paper with a ribbon, there is no corresponding private key. If a certificate does have a private key, you will see a key in the MMC icon, and you will see a key at the bottom of the General tab when you open the certificate.
As with the MMC, you can view and manage certificates with PowerShell as well. Let's first inspect certificates in their physical stores (the registry and file system).
By Physical Store
Using the Get-ChildItem PowerShell cmdlet, you can enumerate all of the keys and values inside of the parent HKCU:\Software\Microsoft\SystemCertificates\CA\Certificates\ registry key path.
Each entry in the Registry hive you see will correspond to the Thumbprint of the certificate for a trusted CA and it's certificate in the corresponding property.
Another common store is the Personal store. Your certificates for this store are located on the file system rather than the Registry.
By Logical Store
Since working with certificates in their physical paths is uncommon, you will be working with the logical stores for the rest of the examples.
PowerShell can access Windows logical stores using the Cert: PSDrive. The Cert: PSDrive maps certificates to the physical stores much like the MMC does.
Unfortunately, the MMC and the Cert PSDrive do not label the logical stores the same.
If you are interested in reading the complete tutorial, along with examples, screenshots, and graphics, please click here. As evidenced by this excerpt, Sentinel can help your organization manage its certificates, or aid in demystifying the process so your IT team can handle it without much trouble. Please contact us if you would like additional information.
Five Technology Highlights From 2019
As the year comes to a close and everyone starts looking ahead to 2020, we wanted to take a brief moment to reflect on a few of the technology developments that helped shape 2019. The IT industry has come a long way in such a short time, and while in many respects we’re still talking about a lot of the same topics from year to year, there have still been plenty of noteworthy innovations that have showcased significant growth and positioned us for even greater achievements throughout the next decade. Here are five key technology highlights from 2019.
Hybrid Cloud and Multicloud
As organizations continued to shift more of their infrastructure into the cloud this year, they quickly discovered that not all clouds are created equal. The connectivity, user access control, activity logging and monitoring, automation services, application offerings, and pricing all varied widely depending on the provider. Amazon Web Services (AWS) and Microsoft Azure remained the two most prevalent public cloud offerings, and many businesses chose to invest in both as they satisfied different needs. The resulting hybrid and multicloud environments helped most of these organizations increase their agility and efficiency while keeping costs to a minimum.
This year the folks at Cisco Meraki released their most advanced security cameras to date: cloud-hosted devices that consume only a fraction of the network bandwidth of most other security cameras. They’re easy to install and manage too, with a secure dashboard tool that allows users to stream footage, adjust quality settings, quickly jump to specific times, identify motion events in user-defined areas, and share videos as needed. There are also advanced analytics tools that enable organizations to learn more about the environments the cameras are monitoring, including traffic flows and secure area entrances. Since they can only be accessed by Meraki dashboard administrators, these cameras also can’t be hacked by outsiders. If you’re curious about how the Meraki Cameras will operate in your environment, ask your Sentinel rep to send you a few to test out!
Safer Schools and Workplaces
When an emergency occurs at your office or school that puts your safety and/or the safety of others at risk, what do you do? Is there a system in place to let employees, visitors, and students know what’s happening? Sentinel began offering a number of different mass notification devices and systems this year, designed to help raise public awareness and contact emergency personnel during dangerous events such as severe weather, medical emergencies, lockdowns, and intruder alerts. The goal is to use audio and visual elements including panic buttons, video surveillance systems, phone systems, strobe lights, digital signage, overhead speakers, and text messages to keep people safe and informed about a particular situation.
Security continues to be an extremely hot topic, and one of the most talked about pieces of that particular puzzle this year has been tetration. In case you’re not familiar, tetration provides workload protection for data centers, cloud, and multicloud environments through the use of segmentation. It gives IT departments greater visibility throughout their infrastructure, enabling them to reduce the attack surface, detect software vulnerabilities, and identify security incidents faster. Things like application dependency and mapping tools help identify which workflows are talking to which servers, which also proves quite useful for troubleshooting purposes. Tetration also offers insight into a number of other areas: What process owns what port? What is the root cause of a specific network communication? Who installed that software? Why is that software running there? What is that software’s purpose? Does this process need to be talking to this server? These are the sorts of things that can start a discussion and lead to network and infrastructure improvements. If nothing else, tetration is useful as a tool to better understand what is happening inside your organization.
One of the biggest and arguably most important developments of 2019 was the sharp increase in the number of organizations deploying software-defined wide-area networks (SD-WAN) into their environments. SD-WAN creates a common network infrastructure that has security, multipathing, resiliency, and redundancy all built into it, so that way you’re properly routing your network and your traffic to different areas of the cloud. In the near future we’ll likely have cloud, core, and edge infrastructures all interlinking with each other, and SD-WAN will function as the plumbing for that. The main benefit of SD-WAN for most organizations is going to be network redundancy, along with using the transport layer however they want. The best SD-WAN solutions reduce the cost of expensive circuits such as MPLS, use direct internet access at the edge to enable technology at small or remote offices, and bring those things together so your network connectivity, from your end user to your core data center to your cloud service, remains highly secure. So SD-WAN is really the marriage of not only your traditional routing and VPN services across your WAN and end users, but it also incorporates security into that model too. It takes an overlay, puts it across the wide area network, and makes sure that everything routes and functions properly through automated and orchestrated means.
If your organization has yet to embrace some (or all) of these technology highlights, don’t worry! Everyone moves at a different pace based around need and budget. Plus, what’s right for one organization might not be right for another. Talk with your Sentinel rep about your business goals, and we’ll work with you to find the right IT solutions and services to achieve them. As always, feel free to contact us for more information. Thanks to our customers and employees for a wonderful 2019! We can’t wait to continue this technology journey with you in 2020 and beyond!
Sentinel's Holiday Gift Guide 2019
We’re once again deep into the holiday season, and if you’re still on the hunt for some fun and smart gifts to give friends and family this year, allow Sentinel to help you out with a few smart, technology-focused ideas designed to enhance the lives of anyone who receives them. These cover a variety of different categories and price points, so hopefully you can find something for everyone on your list!
The Mirror [$1,495]
It’s always a little tricky when giving anything fitness-related as a gift. Unless you’re a woman in a Peloton commercial, most people don’t like gifts that imply they need to get into better shape. Of course it’s a different story if they ask for equipment to help them exercise. As one of the latest innovations in fitness, The Mirror provides much more than a simple reflective surface you can stare at and check your outfit or makeup. It’s a home gym disguised as a traditional mirror. You can take a wide variety of classes (yoga, kickboxing, weight training, cardio, barre, etc.) with certified expert trainers either live or on demand, with customized adjustments and tips provided based on your own set of goals and preferences. It connects to Spotify for custom playlists, and can sync with Bluetooth heart monitors such as the Apple Watch to track your heart rate. The Mirror also provides performance metrics to keep an eye on personal improvements and help you achieve certain benchmarks. Yes, it’s an expensive piece of equipment, but the price reflects the level of features provided.
goTenna Mesh Off-Grid Devices [$125 for two]
If you know someone who loves to travel or regularly spends time outdoors hiking or camping, they could probably benefit from devices that enable them to stay connected just about anywhere in the world. Mesh Off-Grid devices connect to your smartphone and provide GPS location details as well as the ability to send encrypted chat/text messages to any other Mesh devices within a four mile radius. It can also send out public emergency alerts to any smartphones in the area should the situation require it. It’s a perfect way to stay connected in areas where cell service is unreliable or nonexistent, or to avoid roaming/international data charges when traveling abroad. The devices also include access to the goTenna app, which features detailed offline maps of any region in the world just in case you happen to get lost.
Neo Smartpen M1 with Transcribing Notebook [$115]
Blur the lines between analog and digital with a smartpen able to convert your handwriting and drawings into data you can download, edit, and share through all of your devices. The Neo Smartpen M1 works exactly like a normal pen, so you can take notes in meetings or jot down ideas onto a pad of paper whenever the mood should strike you. Using an internal memory card, the smartpen keeps track of every stroke and scribble up to 1,000 size A4 pages, which can then be sent to a phone, tablet, or laptop exactly as they appear on the page via the Neo Notes app. The app can also convert your handwriting to plain text, though you may need to make some minor corrections if the program has trouble deciphering your particular brand of chicken scratch. From there, notes can be edited and shared with others through common services such as Microsoft OneNote, Adobe Cloud, and Google Drive.
Hidrate Spark 3 Smart Water Bottle [$60]
Most doctors advise people to drink anywhere from six to eight 8-ounce glasses of water every day. That’s a lot of water, but essential to our survival as dehydration can leave you sluggish and create a whole host of other problems in the human body. Unfortunately a majority of people don’t quite reach the recommended daily water consumption benchmark, though it’s not for lack of effort. Days get busy, and taking regular sips from a water bottle might not be the first thing on our minds. That’s where the Hidrate Spark 3 Smart Water Bottle comes in. You fill it with water, connect it to your smartphone via Bluetooth, and keep track of exactly how much you’re drinking. Set hydration goals for yourself with the free hydration app, compete with friends and co-workers to see who can drink the most water, and receive push notification reminders encouraging you to take a sip periodically throughout the day. Oh, and it also glows to show you the water level as well as occasionally blinks to catch your attention when it’s time for a drink. You can even sync it to most fitness apps so your hydration goals can properly adjust based on your activity levels throughout the day. If you know someone who wants to drink more water but struggles to do so, this might be the perfect gift for them!
Wyze Cam Pan [$35]
While Cisco’s Meraki Cameras might be an ideal choice to keep an eye on secure areas of your business, they’re probably not the right fit for personal use around the house. That would be the equivalent of using a flamethrower to light a birthday cake candle. Thankfully there are plenty of high quality and affordable home security cameras available to help protect all types of rooms and indoor areas. Developed by former Amazon employees, the Wyze Cam Pan offers a compact security camera with the ability to pan, tilt, and zoom in 1080p HD video. Users can live stream video from anywhere through their smartphones, and even talk to others through two-way audio. The camera also has infrared night vision up to 30 feet, plus motion and sound detectors so it only records when there’s action. You can set the camera to send push notifications to your phone in certain situations, and can control certain features using a voice assistant such as Alexa or Google. All video is stored for free in the cloud for 14 days, or owners have the option of buying a separate MicroSD card to save video that way. Basically, this camera is packed with all of the advanced settings and security features you could want in an easy-to-use and inexpensive package.
Of course if your company is interested in picking up something nice to enhance technology across the organization, Sentinel would be more than happy to help make that holiday wish come true. Please contact us if you are interested in learning more!
Sentinel Gives Thanks 2019
Thanksgiving represents a time to reflect on the ways we have grown over the past year, and gratefully acknowledge the people, the events, the tools, and other factors that have helped us along the way. We have so much to be thankful for at Sentinel every single day – our customers, our partners, our employees, and beyond. It remains our greatest pleasure to work and collaborate with all of you in an effort to provide technology solutions and services that enhance the way business is conducted.
In honor of the Thanksgiving holiday, we asked Sentinel employees to highlight some of the things they’re most grateful for this year. We received a wide range of responses, and have been sharing many of them via Facebook, Twitter, Instagram and LinkedIn. Below are some of our favorites. Let us know what you’re #ThankfulFor via our social media channels!
Highlights from the 2019 Cisco Partner Summit
Earlier this month, several members of Sentinel’s management team flew to Las Vegas for Cisco’s annual Partner Summit. This invite-only three-day conference gathers Cisco partners from around the globe for educational sessions, product announcements, and networking opportunities with Cisco executives and other industry thought leaders. While much of the focus revolves around the new and expanding slate of Cisco offerings, the ultimate purpose of the event is to highlight fresh ideas and trends throughout the IT industry. Here are a few highlights from this year’s Partner Summit.
Own Your Edge
The official tagline for this year’s Cisco Partner Summit was “Own Your Edge”. It was Cisco’s way of encouraging partners to further explore the things that make them special, and to focus on developing unique assets that will provide additional value to customers. Sentinel is proud to offer a number of different solutions and services that go well beyond the scope of our partners. They include (but are not limited to) 24x7x365 network and security monitoring through our NOC and SOC, Advisory Services to properly align technology with your environment, Managed Services to handle IT maintenance and updates, as well as comprehensive and highly attentive customer service. Our mission is to ensure your organization has all of the right technology and support throughout the entire lifecycle to achieve more and establish a pattern of strong growth.
Cisco used the Partner Summit to make some announcements regarding new innovations and updates to their collaboration offerings. Webex Desk Pro is a 27-inch 4K monitor featuring an HD camera, premium sound system, and advanced noise-cancelling microphone. It seamlessly integrates with Webex Meetings for video conferencing, uses a dedicated stylus for digital whiteboarding that automatically saves to Webex Teams, includes advanced artificial intelligence (AI) for facial recognition and Webex Assistant, plus it can function as a primary monitor with USB-C ports and various touch sensitive capabilities.
In addition to Webex Desk Pro, Cisco revealed that Webex Calling will soon feature advanced calling options for users. The Unified Webex client will also begin to offer complete integration with applications and tools from Microsoft, Google, Apple, and other vendors as a way to improve the user experience across diverse types of environments. Cisco’s recent acquisition of Voicea will bring AI-assisted transcription and voice recognition technologies to the Webex platform as well.
Enterprise Networking and Data Center
As organizations continue to struggle with exponential increases in data usage and network demands, Cisco has started to place a greater emphasis on their Application Centric Infrastructure Anywhere (ACI Anywhere) multicloud solution. It’s designed to help manage complexity by enabling workloads to be easily deployed in any location and on any cloud. It’s an advanced yet cost-effective way to keep critical data flexible, available, and secure. This fits perfectly with Cisco’s recent focus on multi-domain controller architecture, which helps unify the many different types of networks utilized by many organizations today.
Software-defined networking (SD-WAN) also continues to attract a lot of attention today, which is one reason why Cisco is integrating AI and machine learning into their DNA platform. Considering the amount of data generated by your average enterprise network, these tools have the ability to analyze and resolve problems much faster than a traditional network engineer. It can also help arrange network issues by severity and the number of users/devices affected so administrators know where to devote their time and focus. Beyond that, machine learning can create a baseline for network activity, detailing common errors, abnormal user behavior, and performance metrics so it’s easier to make improvements. AI also connects with Cisco’s Worldwide Data Platform, which pools anonymous data from organizations of similar sizes and configurations to track and automatically fix common issues while offering suggestions for optimization and cost-saving opportunities.
Security remains a hot topic throughout the IT industry, so it understandably played a large role at this year’s Partner Summit. Cisco announced they’re planning to simplify their approach security by making it easier to integrate individual protection products into a complete security solution. In other words, your business will require fewer Cisco security pieces to keep your network and data safe, and the ones you do have will be easier to adapt into diverse types of environments. The addition of analytics and automation will simplify Cisco’s security operations as well, reducing the number of alerts and alarms IT administrators have to deal with on a daily basis.
Cisco’s new Threat Response service aims to make the breach experience less painful for IT security teams. It pulls intelligence from an organization’s emails, endpoints, and firewalls to help create a better understanding of what kinds of threats are present across the entire environment. As Zero Trust becomes an industry standard, Cisco wants to take a more comprehensive approach to the concept rather than adding it to their individual offerings. Zero Trust is a security framework that requires verification when someone or something requests access to specific assets. In an effort to better protect the workforce, workloads, and workplace, adopting Zero Trust creates a set of policy-based controls that provide additional visibility into users, devices, and components within an environment. This means multi-factor authentication for users, tetration and segmentation of your workloads, and software-defined access (SD-Access) protection for all endpoints and IoT devices.
If you are interested in learning more about any of the trends, solutions, or services outlined at the 2019 Cisco Partner Summit, please contact Sentinel for more information.
Sentinel Honors Our Veterans 2019
Sentinel is proud to employ veterans and military families at our locations across the country. We are honored they have chosen to bring their valuable skills, knowledge, leadership, and passion to Sentinel. For Veterans Day this past Monday, we asked U.S. Marines Veteran and Sentinel Sales Executive Kyle Donnelly to share some reflections on his time serving and offer tips on ways to honor our men and women in uniform.
On November 10, the United States Marine Corps celebrated its 244th birthday. I was an active duty Marine for four short years of that long 244. Every year on that date, I am flooded with the memories of my service which, even after 9 years, remains as fresh in my mind as ever. It’s not just the memories, but also the lessons learned; the things that molded me and continue to mold the man I am today.
I joined the Marines at a young age, and left for recruit training two days after my 18th birthday. There were an abundance of lessons learned while in the 13 weeks of recruit training, but one that did not stick right away was leadership. Being so young, I was more than happy to be a follower. The drill instructors seemed to be extra hard on the squad leaders and our platoon “guide,” so I was content with hanging in the shadows and merely following the orders passed down to me to avoid the extra attention.
It wasn’t until I was in the “fleet” that I learned the lesson of leadership. You see, contrary to popular belief, the Marines don’t want mindless drones who just follow orders with no thought. They want leaders; Marines who can make split-second decisions in stressful situations and then handle the consequence of that decision to achieve a successful outcome. In my young Marine career, I was guided by some great leaders, who pushed me to step up and fill that leadership role. They taught me how to stand up and be that figurehead people could look towards to make that split-second decision – to follow through, overcome and adapt.
This was put to the test during my deployment in Afghanistan. I was a 20-year-old Marine who was a squad leader and vehicle commander for the rear security vehicle in a platoon. Every day, my decision making would have ripple effects that affected things much larger than I could understand. Honestly, everyone’s decisions over there did. When you are out on a mission, you don’t have time to call in every threat to the people in command. You have to make those split-second decisions based on what you were trained to do. You have to step up and be a leader, if only for yourself.
The leadership skills I learned while serving have shaped my life after pretty profoundly. They’re also the type of skills that align perfectly with the Sentinel culture. Sentinel’s motto is “Always Leading”. Our customers trust us to always be in front of not only the latest technologies and industry trends, but also the latest threats. Our 24x7x365 Network Operations Center (NOC) and Security Operations Center (SOC) monitoring services teams have to make those split-second decisions on a daily basis on behalf of our customers. In the field, our engineers have to make those split-second decisions on behalf of the customer. And the customer has to place an incredible amount of trust in us to take care of their technology and security needs.
Furthermore, our customers don’t want us sitting around waiting for direction from them. Sentinel leads from the front with its expertise in all things IT. We don’t plan for tomorrow at Sentinel, we plan for the next year, the next 5 years, and the next decade. Our customers count on that guidance to stay on the path that will result in continued growth and achievement of their goals. This is a process that Sentinel has been developing and mastering since it was founded in 1982, through decades upon decades of combined experience from all of its leaders. Everyone at Sentinel embodies that “Always Leading” mentality, and it makes me so proud to apply many of the foundational skills acquired from my time serving in new and interesting ways as part of this team.
Sentinel Attends MAEDS 2019
Last month, several members of Sentinel’s Michigan team attended the annual MAEDS (Michigan Association for Educational Data Systems) fall conference hosted at the Shanty Creek Resort in Bellaire, Michigan. MAEDS is a non-profit organization that provides, promotes, encourages, advises and cooperates in the use of technology to support educational institutions and systems. The purpose of the conference is to gather teachers, school administrators, and technology vendors of all types to network with one another and learn more about the trends and advances being made within the education industry.
Presentations at MAEDS 2019 focused on a number of different topics, but primarily focused on three main areas:
+Cloud Technologies – Google G-Suite Heath, AWS, Microsoft 365 and Microsoft Intune
+Student Devices – Chromebooks in Education and One-to-One Initiatives
+Cyber Security – Ransomware, Cyber Security, Stop the Breach and Hacking Demystified
Sentinel was proud to have our own booth at this year’s MAEDS conference, and we decorated it with a college football theme that included University of Michigan jerseys, game highlight videos, a nachos station, water bottles, and miniature football stress balls. The nachos were a big hit with conference attendees and helped draw a crowd to the Sentinel booth.
As people stopped by the Sentinel booth, members of our team engaged with them in lively discussions to learn more about their technology needs and interests, as well as how we might be able to help. Some areas of particular focus included:
An Overview of Sentinel – Many of the MAEDS attendees were aware of Sentinel but did not fully understand the breadth of our service offerings. We introduced those people to Sentinel by telling them about the comprehensive service offerings that make us unique, such as Managed Services, our 24x7x365 Network Operation Center (NOC), Sentinel CloudSelect and our Advisory Services.
Multi-Cloud Offerings – Quite a few people were pleasantly surprised to learn that Sentinel was up to speed on all the latest cloud technologies. We explained that Sentinel has a full collection of “as a service” cloud-based solutions available for public, private, hybrid, and multi-cloud environments, including (but not limited to) security, backup, disaster recovery, collaboration, and wireless. The Sentinel team also has certified experts equipped to work with mainstream cloud services such as Azure, AWS, and Google. Our Advisory Services can provide assessments, planning, and deployment of any cloud solutions to ensure they seamlessly integrate into any environment.
Cyber Security – A number of MAEDS participants voiced concerns about their ability to deploy and maintain a cyber security environment on their own. Many had suffered Ransomware attacks and data breaches in the past and worried about the possibility of it happening again. We told them that Sentinel had the ability to constantly monitor or augment their network protection through our Security Operations Center (SOC) service offering. Since a majority of breaches occur due to poorly trained staff, we also provided information on security training for employees and how it could be used to significantly reduce risk and breaches throughout the organization.
On behalf of Sentinel’s Michigan team, it was a pleasure to attend the 2019 MAEDS conference and spend three exciting days networking with attendees and learning more about how technology continues to improve the education industry as a whole. If you are interested in learning more about Sentinel’s solutions and services for all types of educational institutions, please contact us for more information.
A Tale of Technology Terror
Most of the time, we think of technology as a tool that can be used to enhance productivity and make our lives easier. Innovations seem to happen on a daily basis, and it’s exciting but can also be a bit challenging for your IT team to maintain a steady grip. Only adding to those challenges are the ever-evolving threats that seem to come from everywhere yet nowhere at the same time. While Sentinel likes to focus on all of the positive things industry-best technology and services can do for your organization, in honor of Halloween week we wanted to share a story that looks at the scary side of IT. So turn out all the lights, grab a snack to nervously much on, and take a few minutes to read this harrowing tale of technology terror!
Tim loved his job. As an insurance agent, he was responsible for helping folks stay financially protected from all types of losses – such as medical expenses, car crashes, house fires, and …accidental deaths. He took comfort in the idea that the people who purchased policies from him were making a smart investment in their future, so they could more easily bounce back on one of the worst days of their lives. Unfortunately, he spent so much of his time focused on clients that he wasn’t fully prepared when a nightmare finally arrived at his doorstep. Or should I say inbox?
One cold and stormy weekday afternoon in late January, Tim received an email from his boss. “Xtra Vacation Days” was the subject line. He hadn’t heard anything about the company giving employees more vacation time, but was certainly eager to learn more. The body of the email contained a couple of minor spelling and grammatical errors, which seemed a little odd for an email that was reportedly sent out to the entire company, but those sorts of mistakes happened all the time. After all, they were an insurance company and not a news organization.
Near the bottom of the email there was a link to an external site where employees could log in with their corporate ID and verify that two extra days had been added to their vacation time allotment for the year. Tim diligently clicked the link and entered his corporate user ID and password at the login screen, but upon doing so was redirected to an error page saying the site was currently down and to check back again later.
After two more failed login attempts, Tim asked his co-worker Becky if she was able to access the site and confirm her two new vacation dates. Becky told Tim she had no idea what he was talking about. That seemed weird, so Tim went directly to his boss to talk about it. As a similarly quizzical look came across his boss’s face, Tim began to panic. If his boss hadn’t sent that email, who did? Also, does this mean he wasn’t getting two extra days of vacation?
Just as the company’s IT Director was being informed of the situation, the monitors and screens of every computer in the office turned to black. A skull then appeared, accompanied by a short message: “WE HAVE CONTROL OF YOUR NETWORK, DATA, AND BACKUPS. PAY US $100,000 OR LOSE IT FOREVER.” All users were locked out of their networked devices as the organization faced a terrifying Ransomware situation.
The insurance company that Tim worked for had strong security solutions in place to help stop attacks and prevent breaches, but unfortunately it couldn’t quite account for human error. A large number of cyber criminals use fake emails and other phishing scams in an attempt to trick people into clicking on malicious links or opening malicious attachments, and what happens as a result is certainly no treat. Organizations can take steps to prevent this by providing security training for employees. If everyone knows common tactics used in social engineering and phishing attempts, they can more easily spot and report them to the proper authorities, increasing the overall safety of the business. Think of it like an insurance policy for your security. Sentinel offers a number of different security training services, so please contact us for more information!
National Cybersecurity Awareness Month 2019
In case you weren’t already aware, October is National Cybersecurity Awareness Month. It’s the perfect time to examine the security posture of your organization and determine whether or not your IT team is doing everything necessary to ensure users and critical data remain safe from both external and internal threats. Personal accountability plays a large role in staying secure both in the workplace and at home, along with taking proactive steps to ensure end-to-end protection as attacks continue to evolve.
The overall theme of National Cybersecurity Awareness Month for 2019 is “OWN IT. SECURE IT. PROTECT IT.” There are a number of different ways both you and your organization can put this theme into practice not just this month but throughout the year. A great way to get started is by taking a closer look at what devices and applications you use. Thanks to our increasingly digital world, we interact with a large number of internet-connected things on a daily basis. That not only includes smartphones, laptops, and tablets, but also virtual assistants and other smart devices.
It’s important to understand that while these connections make it easier to interact and innovate with one another, they also create more entry points for cyber criminals to attack. If just one of those devices isn’t fully secure, it can create a pathway allowing your personal or key business information to be compromised. Check your privacy settings to restrict excessive permissions for your apps and delete the ones you no longer use. Only download apps from trusted sources and vendors. Make sure every smart device you own stays updated with the latest bug fixes and security patches. Turn on automatic updates if available. Avoid sharing too many private details in applications and on social media sites.
Beyond those suggestions, one of the most important ways to secure your accounts and devices is by using stronger passwords. A password combination of letters, numbers, and symbols no shorter than 15 total characters makes it exceptionally difficult for hackers to figure out. There are password managers available to help you generate and remember complex passwords if needed. Similarly, deploying multi-factor authentication, which sends an approval notification to your smartphone when logging in to things like email, banking, and social media, go an extra step to confirm that the only person with access to your account is you. Sentinel partners Duo offer a great multi-factor authentication services for organizations as well as individuals and their families.
One common tactic employed by cyber criminals are phishing attacks, which are designed to fool unsuspecting people into clicking malicious links or opening dangerous attachments. These are often disguised as emails sent by a boss, co-worker, or friend to help pass it off as authentic. If most of the details seem to be accurate but one or two things seem slightly off, you might want to contact the sender in person or via phone to confirm its legitimacy. Make sure to flag any suspicious items as junk or spam, then block the sender as a safety precaution.
Always be wary when accessing any public wireless hotspot. Plenty of places currently offer free Wi-Fi, including airports, hotels, and restaurants. Cyber criminals will sometimes create their own wireless networks in these places to trick or confuse people into connecting to the wrong one, then grab your private login or credit card information when you think it’s safe. When using free public Wi-Fi, make sure to confirm the network name and exact login procedure with the staff to ensure it’s legitimate. While on any unsecured network, always avoid logging in to password protected sites or applications that contain sensitive information (such as online banking), and don’t make any online purchases using a credit card if you can help it. Use your own personal wireless hotspot if you have one rather than a public wireless network, because it’s more secure.
Those are just a few tips and tricks to help keep individuals and businesses safe from targeted cyber attacks. Following these proactive guidelines not just during National Cybersecurity Awareness Month, but all year-round, and it will go a long way toward establishing strong protections moving forward. Of course there are plenty of other, more advanced security solutions available to organizations as part of Sentinel’s SecuritySelect portfolio. If you are interested in learning more, please contact us.
Comparing the Core Pieces of the Public Cloud
Everyone’s cloud journey is different. There is no single, catch-all solution or standard path to take. What is right for one organization might not be right for another. It is about examining your resources, establishing business goals for future growth, and determining exactly how the cloud can help you get there on time and on budget. There are already multitudes of cloud solutions available to satisfy nearly every sort of environment and need, and the process of picking the ones best suited to your unique situation creates an entirely new set of challenges. Sentinel has the knowledge and experience to help guide your organization through every step, from the analysis and strategy of our Advisory Services through the continued maintenance and support of our Managed Services. Here is a closer look at the primary pieces of the cloud puzzle, and where different services can provide benefits.
The two primary cloud service providers today are Amazon Web Services (AWS) and Microsoft Azure. They offer the necessary public cloud framework through which you can add applications, workloads, backup/recovery systems, data, and many other use cases. There are minimum requirements to get started in each. AWS recommends using multi-account architectures with at least three separate accounts to handle Audit, Master/Identity, and per project responsibilities. While Microsoft initially suggests having a single Azure Active Directory (AD) tenant, Sentinel understands that can be exclusionary of certain customer scenarios, as multiple Azure AD tenants are often worth consideration for shared services. Businesses can also improve their cost management by investing in Azure on a per project or per team basis.
Advanced account features such as policy enforcement are provided by both AWS and Azure, though again there are differences in terms of their capabilities and management of resources. AWS Organization’s Service Control Policies (SCP) create centralized organizational units that allow administrators to maintain maximum access limits for users and roles throughout all their accounts. Identity & Access Management (IAM) policies also fall under AWS and use very similar syntax, though an SCP never grants permissions while an IAM does. The two work in tandem to establish secure boundaries on multiple levels for the policies of your organization. Azure has a comparable policy enforcement solution that includes Azure AD Role Based Access Control (RBAC) and Azure Policy. RBAC helps organizations manage who has access to Azure resources, what they can do with those resources, along with what Azure services or products they have access to. Azure Policy enables you to create, assign, and manage policies across various Azure resources providing centralized auditing or enforcement.
One of the other benefits of cloud frameworks like AWS and Azure are their automation capabilities. AWS has CloudFormation (CFN), which standardizes infrastructure components across your entire environment to create configuration compliance and faster troubleshooting. Resources are provisioned in a safe and repeatable manner, so your infrastructure and applications can be built or changed without the need for manual actions or custom scripts. The Azure Resource Manager (ARM) has a similar function for Azure customers, enabling organizations to manage their infrastructure through specialized templates instead of scripts. This makes additions and changes easier to deploy and monitor, and they can be distributed across an entire group rather than on an individual basis.
Connectivity to the cloud is another important topic where organizations often struggle to determine the solution that fits their specific needs just because there are so many options available on the market today. That is particularly the case as businesses get into utilizing a third party for more complex scenarios, because that brings even more options into the picture. This is why it is so important your organization creates and sticks with a cloud adoption strategy, especially one aligning with critical business goals and processes. Will this specific type of connection help you get the most from your software-defined wide area network (SD-WAN) solution, or will it better integrate with your software-defined data center strategy? What effect would this new connection have on the security of your organization? These are the sorts of questions that organizations often forget to ask, and it becomes a pain point as they attempt to grow and figure out choices that will enable them to move further into the cloud.
AWS and Azure both have multiple methods of connectivity, each one designed to serve a different purpose in a cloud environment. The Virtual Private Gateway offered by AWS enables your organization to set up an encrypted VPN through the cloud that connects with physical appliances and other clouds. Another AWS options is an Internet Gateway, which connects the Virtual Private Cloud to the Internet so resources can be accessed from anywhere. There is also Direct Connect, which establishes a dedicated private network between an AWS cloud and a data center, office, or colocation environment. Because Direct Connect does not use the public Internet, they are often faster and more reliable, with lower latencies than a standard connection. These types of connectivity are similar in Azure, listed under the slightly different names of VPN Gateway, Internet Access, and ExpressRoute, respectively.
There are dozens more options for cloud connectivity that go well beyond what AWS and Azure currently offer, and each has its own set of benefits and drawbacks. For example, Cisco has their own collection of connectivity solutions that include Cloud Application Policy Infrastructure Controller (APIC) as part of the Application Centric Infrastructure (ACI) solution, along with Viptela, Cloud Services Router (CSR), and next-generation firewalls. If you are feeling overwhelmed by the sheer number of choices available on the market today, Sentinel’s Advisory Services can help you navigate these challenges. Our experts will work closely with your organization to find a cloud connectivity solution that both satisfies your long-term needs and positions you to meet critical business objectives.
One of the biggest challenges associated with working in the cloud involves security and accessibility. What users should have access to what areas of your clouds, and what types of restrictions can keep sensitive data safe? In a traditional premises environment you may be accustomed to Active Directory (AD) users and AD groups, but suddenly with the cloud there are multiple tenant spaces to manage along with granular elements like Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). Attribute-Based Access Control allows you to create a policy that utilizes tags to change access rights for associated user accounts dynamically. It requires more complex thinking compared to the traditional protocols and architecture, but offers greater flexibility and protection as a result.
When it comes to identity and access authentication in the cloud, some different solutions are applicable across all types of environments. They stretch beyond platforms like AWS and Azure and are designed to help make it easier for users to login securely. Security Assertion Markup Language (SAML) is one of the open standards for exchanging identity and security information between applications and service providers. It allows users to establish a single sign-on (SSO) for all SAML associated applications so they are not forced to provide login credentials for each one individually. For example, you can use your corporate credentials to sign in to Microsoft Active Directory as well as applications stored in the AWS cloud without needing to re-enter any information.
The cloud also makes it easier to share access to certain resources and applications across multiple accounts. This applies to users and administrators who may use different accounts for different roles or purposes (for example, one for production and one for development) but don’t want the hassle of signing out of one account and signing into another in order to access specific elements that may not be available in both. This can also work with different teams and in a business-to-business (B2B) context, meaning groups have the ability to collaborate or make changes using a shared set or resources. It is as simple as an administrator creating a role, specifying which account(s) have the ability to access it, and determining the levels of permissions to either limit or expand specific user capabilities.
When it comes to monitoring your cloud environment, many organizations remain focused on legacy solutions such as Simple Network Management Protocol (SNMP) and Internet Control Message Protocol (ICMP). Unfortunately, both SNMP and ICMP offer minimal to no network support outside of a traditional Infrastructure as a Service (IaaS) operating system, providing just enough information to let you know if your network is up or down. If you do encounter issues, they would not be able to tell you what elements are up, what elements are down, what the root cause of the problem might be, or what has changed in your environment.
So how do you get this type of monitoring information in the cloud? There are some native tools available through your cloud provider, along with application program interfaces (APIs) that provide more in-depth monitoring for those particular elements. AWS offers CloudWatch, which collects monitoring and operational data such as logs, metrics, and CloudTrail system changes into a single platform for a comprehensive view of resources, applications, and services on AWS and on premises servers. Azure Monitor occupies a similar space, using the collected data from your cloud and on premises environments to analyze the performance and health of applications, workloads, and virtual machines (VMs). A fantastic third party monitoring solution that works across all types of cloud environments is Splunk, which has all of the same features as the other services along with data encryption, automation, and potential machine learning integrations designed to help you avoid performance issues and unnecessary alerts.
Beyond your data and applications, one other critical area that requires monitoring are your cloud expenses. Because the cloud uses an Operating Expenditure (OpEx) model and your organization gets charged based on the amount of resources it uses, it is important to keep an eye on those details as you set a budget and plan for the future. Both AWS Billing and Azure Cost Management are tools that monitor usage and provide analysis and reports to forecast costs so you can properly estimate how much you will be spending on cloud and receive alerts when you approach or exceed budgeted amounts. Of course, if you are looking for an independent tool to help you maximize your cloud value and keep track of expenses, CloudCheckr offers cost analysis and cloud security recommendations while meeting the strictest of regulatory compliance requirements. It is particularly helpful if you are invested in the cloud through multiple vendors and are looking for a single dashboard to tie them together for easier management.
If you are interested in learning more about the many different cloud offerings available and figuring out which would fit best with your organization and business goals, please contact Sentinel for additional information.