The Tech Break

Pictures are up from our Cocktail Mixer on Tuesday 2.12.13. Bird Rock Systems, Aruba Networks, and Palo Alto Networks hosted a technology mixer in the Alfred Mitchell room at the Torrey Pines Lodge. 

The Lodge is always a great place to host a mixer. We enjoyed refreshing drinks and tasty appetizers along with our customers and learned about up coming technologies from Aruba Networks and Palo Alto Networks in relation to BYOD and mobile security. Great way to end a Tuesday night!

Topics Covered by Palo Alto Networks and Aruba Networks:

• Research detailing a new breed of sophisticated threats that incorporate applications, exploits, and malware
• A firm understanding mobile security and BYOD today
• How to detect known and unknown threats using Next-Generation Firewalls
• Where legacy firewalls or add-on security technologies fall short in protecting networks
• Next steps on how to protect and secure your network and mobile devices from security threats

We have all seen an increase in IT services being outsourced. The exact metric on adoption and market size is hard to come by because the definition of IT Managed Services is not clear. Nonetheless top IT management have become more accustomed to the idea of Managed Service Providers and in some obscure surveys, 90% of individuals were either familiar or somewhat familiar with what Managed Service Providers actually do.

Support contracts and renewals can be a nightmare to manage. Think about every hardware, license, subscription that you have in your IT environment. You may have 5,000 plus assets that require support. All of which have different expiration dates. Who is managing all of these support contracts?

There has been a lot of buzz around the end-point these days. There are many reasons why the end-point has come to the forefront in security discussions. First, anti-virus and malware software have basically become obsolete. Zero day threats are too constant and mulitplied for companies to stay up to date on their security patches. Security needs to be in real time or close to real time. Second, we have become extremely mobile. We take our laptops, smart phones, smart pads, and many more devices everywhere we go. Now many people will say “hey, I have a next generation firewall. I don’t need end point security.” That person is exactly right, except for one problem. Your next generation firewall only works when you are connected to your network whether you are at work or you VPN.

Did you know, on average, that IT knows about 10% of the cloud applications running on their network? The other 90% of apps are never approved by IT as enterprise ready or secure. 70% of these apps are being implemented by your business leaders to communicate internally/externally and to make processes more efficient. The final 20% are all the apps that your users access on work machines including BYOD such as unsanctioned storage and email apps.

Big or small the answer to this above question is most likely “no one.” While large enterprise businesses seem to always make the headlines for security breaches, the Sony’s and Targets of the world, all organizations have seen an increasing amount of security breaches. Why? Cyber criminals do not care how big you are! If they can take money, they will! The big wigs have implemented every security prevention solution known to man in order to protect against Advanced Security threats. They still get breached. So, whats the problem?

Bird Rock Systems had a baseball style weekend. We had a Happy Hour, a Lunch & Learn in Orange County, and closed out the weekend at the Farmers Insurance Open, luckily before the storm hit on Sunday!

Kicking off the weekend on Thursday January 28^th, Bird Rock held its 2016 Happy Hour Kickoff at Societe Brewing Co. We like to hold these relaxed, fun Happy Hours every month in order to talk with our customers and get to know each other and our respective teams better! Leaving all sales at the door this is a real opportunity for our customers to meet other IT professionals, mingle with the Bird Rock team, and relax over a few colds ones! We see the value in connecting our customers so they can share experiences and advice with each other outside of a solutions provider telling them what they need.

Pictured Larry Hoehn,Jim Matteo, Matt Hannula, Kelly Sullens, Ashley KoojiThe next morning we made our way north for a Lunch and Learn at Taps Fish House and Brewery in Orange County. We hold these Lunch and Learns in order to introduce ourselves and partners to prospected customers as well as update our current customer base on the latest and greatest of technology. Bird Rock Systems Senior Network Architect, Larry Hoehn, discussed to the value and benefit of Advanced Managed Services. To sum up his presentation, Advanced Managed Services is a proactive service that allows you to maximize the investment of the solutions in your network. It is like buying a pool and having a pool guy come out once every couple months to make sure everything is working properly and is safe to swim in. We partnered with Juniper Networks for this event as well and they discussed their latest products including switching, routing, and security. After an incredible lunch with tri-tip and craft beer, we were ready to prepare for the next event.

Saturday morning felt better than ever as we walked into the Farmers Insurance Open and onto the 16^th hole at our Executive Greenside Suite! It was the best customer turn out we had ever seen and it came to no surprise. The food was amazing, the weather perfect, and golfers “wowing” as well as “choking” on the Par 3 at the 16^th. Every year we like to hold around 6 Executive events like this one, giving our customers and prospects memorable experiences. Sometimes it is golf, other times it is driving a NASCAR racecar, or target practice with high powered weapons!

The whole purpose of our events is to give IT professional’s valuable experiences whether it adds value to their IT knowledge or to their personal life, like relaxing on the 16^th hole with a Moscow Mule!

If you are an IT professional and want to be a part of our next event feel free to email your contact information to mhannula@birdrockusa.com.

“No worries…We make I.T better!”

Have you invested in security solutions in order to better protect your company and customers data?

Data has shown that even during economic turmoil, all areas in IT are likely to get cut before security.  We all know why. Security is too critical to our customers, company, and our jobs. As stated by technology investment consultant Venky Ganesan, “One of the very few times a CEO is fired is when you are exposed to a security breach.”

One breach could costs millions of dollars, ruin a company’s reputation, and result in declining profits. This is why Gartner estimates that cybersecurity spend will increase from $77 billion (2015 statistic) to $108 billion by 2019. I think it is safe to say that cybersecurity solutions will account for a large part of the enterprise business IT budget.

While a large investment in security solutions is a proactive activity, many customers implement a solution and conclude that all work is done. Most times when you spend a large amount of money on any type of investment you want to make sure you are maximizing that investment. When I buy a house with a pool, I end up scheduling for a pool cleaner to come out bi-monthly. Now, I could attempt to clean the pool myself but that would mean using up my time, understanding how to exactly clean my pool, and realize any problems that may have occurred or may occur. It is beneficial to me and the investment in my house to have a cleaner/pool maintenance professional to periodically come out to clean and inspect my pool.

This goes the same with your security investments. Though you may have implemented a new security solution and it seems to be running well, it is beneficial and proactive to periodically make sure the solution is completely up to date, running as efficiently as possible, all features of the solutions are being maximized, and that there are no hidden vulnerabilities that may have occurred over time.

Periodic review and maintenance on your investment could potentially be the difference between a breach, your job, and millions of dollars lost.

This is why Advanced Managed Services Security Health Checks is something you should consider after making an investment into a new security solution and or maximize your current infrastructure in place. There are many reasons on why this is a value add to your team and investment.

•   Leverage product/solution specific expertise that your team may not have
•   Access to advanced engineering resources to supplement your team
•   Proactively ensure updates and features are current and utilized
•   Limits risk exposure due to the proactive nature of managed services
•   Preventing vulnerabilities of downtime
•   Make sense of information overload
•   Prioritized recommendations and next steps

Ultimately, the benefits of Advanced Managed Services in a security perspective contribute to one overall goal which is maximizing your investment. To maximize your investment means you are using every opportunity possible in order to protect and secure your data while minimizing downtime.

To learn more about how you can maximize your investments and better protect and secure your data with Advanced Managed Services, give us a call today. As our motto goes “No Worries…We make IT better!”

Give us a call at 858.777.1617 or email us at info@birdrockusa.com.

You may have seen the multitude of articles that have confirmed the backdoor password in Junipers ScreenOS firewalls. As alarming as this advisory may be, especially if you run the firewalls affected (6.2.0r15 through 6.2.0r18, 6.3.0r12 and 6.3.0r20), it is time to fix the problem. The problem was “Unauthorized code” or better known as “modified code” which is a form of breach where any modification, addition, and/or development of code scripts and/or services deviates from the predefined product code trees or modules. This is probably something that we will continue to see as IT diffuses more into our everyday lives.

I do not think this is a case where one should jump ship from Juniper hardware/software rather I believe it is a time to be aware that malicious intent to compromise data is growing. If it can happen with one vendor then it surely can happen with all. This why I am writing this article. Breaches will happen, it is how quickly we respond that makes a positive difference.

Below is a very short and simple guide on how to patch your Juniper ScreenOS firewalls (link included for full detailed description).

First, make sure that you have the correct signing key. If you have not upgraded the signing key, which changed in August 2014, your ScreenOS may not boot properly. You can download the new signing key at the Juniper support site. http://www.juniper.net/techpubs/hardware/netscreen-certifications/imagekey.zip

Second, pull a fresh configuration backup on all of your devices, in case there are issues and you need a solid recovery point.

Third, On the CLI verify which signing key is currently being used. If it starts with 308201ac then you need to update your image key prior to upgrading device. New signing key for ScreenOS 6.3R21 should begin with 308201ad.

Fourth, upgrade the image key.

Fifth, upgrade ScreenOS

Final, the file will upload and when complete, it will apply and reboot which will take around 5-10 minutes. After rebooted, login and confirm the upgrade.

If you want a detailed description on how to perform the ScreenOS upgrade check out this very helpful link: http://puluka.com/home/techtalknetworking/screenoscriticalsecurityissue2015.html

If you are having trouble upgrading your device and/or do not have enough time to upgrade and need some help, call Bird Rock Systems today and let our expert engineers help make your “…IT better!”

Call at 858.777.1617 or email us at info@birdrockusa.com.