The Tech Break

Budget. Who has it and how do we make it more valuable?

A hurdle we see with our customers is a limited budget for IT such as staffing, infrastructure, security, and so on. This limitation causes IT teams to wear multiple hats managing legacy systems. This approach has its flaws. With technology evolving rapidly, staying up to date with the latest trends is an uphill battle. Because teams are running around resolving day to day issues, their ability to drive innovation is stifled.

Companies are shifting strategies in order to reduce costs and optimize the use of resources. For example, we have seen many customers move some portion of their legacy environment to the Cloud. They benefit from leveraging the latest technologies without the large capital expense. Customers are able to pay as they grow, only using what they need.

DIY - Is this really the best use of internal resources?

There are many benefits in going to the cloud, however, taking on a cloud migration project without experience has its share of risks that could break the budget. There is an inherent learning curve when going to the cloud which takes time, research and trial and error.

What is the risk of a failed migration?

There is a lot to consider when moving to the cloud such as security, reliability, availability, vendor lock in and management. So it is important to weigh the cost versus value when choosing between “doing it yourself” versus leveraging a partner.

We Can Help!

Moving to the cloud is one example of how we help customers solve challenging initiatives. Not only can we help customers go to the cloud, but we are able to provide ongoing management and quarterly health checks to make sure customers are maximizing their investment while optimizing the performance.

Bird Rock Systems Advanced Managed Services helps customers execute on an effective IT strategy allowing the in house team to focus on aligning their department with the company vision. Quarterly health checks on areas such as cloud environments, storage, virtualization, LAN switching and wireless are of great value to customers because they don’t require an expert in each discipline 24/7. There is value and savings in the periodic review of the environment to uncover issues/potential issues, make recommendations to optimize systems and even provide remediation.

If your budget has you shorthanded and you could use the expertise of Bird Rock Systems, call us today and ask about our Advanced Managed Services. We tailor our services to your business needs!

Call us at 858.777.1617 or email us at info@birdrockusa.com.

Stay Tuned for Part IV of the “We make I.T. better” a Series on Advanced Managed Services!

Are you looking at the clock and the hands seem to be spinning faster than you can get things done?

Do not worry, you are not alone. Many of our customers biggest challenge in their I.T. environment is time or lack thereof. There are many reasons why lack of time has become a large hurdle for I.T. teams to jump. I will name a few of the most common ones that we see challenging our customers. First, day to day I.T. issues need immediate attention that ultimately take away from longer term I.T. objectives. Our customer’s time is most important and those day to day issues take precedent especially if it means their customers will experience downtime.

Second, when new technologies are implemented or new engineers come aboard there is a definite learning curve. In the past, we have seen Senior Engineers leave companies for new opportunities and this creates a hurdle for any new oncoming engineer. The common obstacle here is that the new engineer must figure out how and why the previous engineer set up technologies the way they are. Well, if you go down the line of multiple engineer changes, you can see that there is probably a knowledge gap of the how and why things have been configured. These new engineers have to spend the time learning the how and why not only from the previous engineer but potentially from 5 others before them. This is an absolute time trap and we can help solve/mitigate obstacles as such.

The third common reason for a lack of time or inability to create time is along the lines of training and certifications. Similar to the previous hurdle, when new technologies are implemented engineers need to be trained on how to use those technologies. Training is not the final straw and in many cases our customers want or must have certifications for those technologies. As you know, training, whether in I.T. or not, takes up a ton of time. After receiving training one may still have to pass a test to become certified. The time spent studying for a certification as well as the risk of not passing and having to do the process all over again is another large time sink for I.T. teams.

Do you have I.T. time constraints? Bird Rock Systems can help slow down your clock!

Our Advanced Managed Services can help solve all the issues mentioned previously. Bird Rock Systems can come into your environment on a rhythmic basis. With a team of highly skilled engineers, Bird Rock can be scheduled weekly, monthly, and or quarterly to help with your specific I.T. objectives.

Let our engineer/s learn the how and why so you can focus on other objectives.

Training can be time exhaustive and certifications can break your teams working rhythm. Bird Rock can train your team, take over tasks that your team is not trained on, and our engineers are certified to work on the solutions in your environment.  

Maybe I haven’t mentioned a time issue that you may be experiencing. At Bird Rock, we customize our Advanced Managed Services in order to align with your I.T. objectives and business goals. Our objective is to make your I.T. better and we can tackle this by freeing up your time for your specific technology needs.

Give us a call today if you would like more information or could benefit from our Advanced Managed Services! 

Call us at 858.777.1617 or email at info@birdrockusa.com.

Stayed tuned for Part III of the “We make I.T. better” a Series on Advanced Managed Services!

Stressed about I.T? Not enough time? Not enough budget? Not enough resources?

If you’re anything like our customers you probably answered yes to one, some, or all of those questions. Every day we see, hear, and feel the pressures that I.T. teams deal with on a regular basis. But why are there so many pressures? Why can’t it just be easy? The fact is there is not just one answer to these questions. Every I.T. team is different just like every business is different. They have varied working budgets, critical resource and knowledge gaps, time constraints, and varying levels of growth; rapid, slow, or mature.  These are the things that continual test and challenge I.T. teams and consequently has built an I.T. standard of reactionary processes.

The first major obstacle we see with our customers is time. There is just not enough time to juggle the daily demands of I.T. while trying to complete projects on time. Solving day to day problems, as well as working on that project due by the end of quarter are not the only processes that experience time constraints. The process of learning new technology is a huge time trap. In this day and age, technology is moving fast and the ability to be agile in the ever changing business environment is what differentiates companies as well as I.T. teams. How can I.T. teams juggle day to day, new projects, and the need to build their knowledge in an industry that is perpetually advancing? We believe we have the answer but we don’t see time as the only issue.

The second obstacle our customers deal with is a lack of budget. One of the main reasons why I.T. professionals don’t have enough time is because they have to wear many hats. The superhero of each team doesn’t just focus on security or data center or collaboration. They do it all! If a team had an unlimited budget, they could hire on engineers to focus on specifics and do nothing else. They could update all infrastructure and have outside vendors do it for them. They could pay for endless hours of training making sure their team was up to date on every new technology. There is no unlimited budget so their investment in I.T. is crucial to their competitive advantage in the market place. This leaves the team working long hours to keep up with the demands of business objectives.

The final obstacle we see with our customers is a lack of resources. Now, a lack of resources is basically the big picture problem encompassing a lack of time and budget. We see our customers working extremely hard to align their I.T. objectives with the business objectives. This can be difficult in itself but with a lack of resources whether it is training, time, personnel, or budget we see hills turning into mountains. The process of I.T. has become reactive while the rest of the business has planned ahead with a thought out strategy.

Bird Rock Systems Advanced Managed Services is your I.T. strategy. As the motto goes “No worries…we make I.T. better!”

Stay tuned for Part II of the “We make I.T. better!” Series where we will discuss how we help you solve the problems mentioned in this article.

By Matt Hannula; Marketing Associate

How can we truly gauge how large cybercrime has become? Is it in the millions? Billions? Maybe even in the trillions? There are statistics that claim each of these audacious numbers but what does it even mean? How do researchers find this data, who contributes, and how do they even define cybercrime?

Steven Cobb, a CISSP for over 20 years, who leads a research team for security giant ESET, explained the implications of cybercrime statistics and taught us to be wary about the “truth” of cybercrime at a recent SDISSA lunch and learn.

When Bird Rock Systems isn’t securing the networks of their loyal customers, they are attending technology events acting as sponges soaking up the most relevant and up to date technology information.

This past week, the Bird Rock Systems sales team and engineers attended a San Diego Information Systems Security Association (SDISSA) event, an event they attend once a month.

Stephen Cobb opened the session with a bunch of graphs showing all types of statistics for physical crime, such as theft, assault, and murder. He then pulled up statistics from CSI and PWC. These stats looked good until you saw that they only tested 500 individuals who may or may not have been repeats and the response rate was only 15%. Anyone versed in doing a scientific study knows that this is not very compelling data.

The next best study on cybercrime was from 2005 by NCSS. Their study consisted of 8000 individuals with a response rate of 23%. Sure this was a step up in figuring out how much cybercrime companies are actually experiencing but it still was not very compelling.

So why is this relevant? Why do we even care about these statistics? Mr. Cobb presented this issue as a problem to how we are measuring cybercrime. It is almost impossible for us to track cybercrime for so many reasons. How do people define cybercrime? How often do companies report cybercrime that has happened? How much cybercrime is happening in residential environments compared to commercial?

The real reason we care about cybercrime statistics is because we as companies, trying to protect data as well as keeping our networks running with minimal downtime, attach a monetary value to cybercrime. How much does it cost my company every single time a breach has occurred or a user’s data is compromised? These numbers become very helpful when C-level executives are trying to justify making a decision on large investments to secure their networks and data.

Cobb stated that the Ponemon Institute put a cost of $200 per compromised user while Verizon in their own study said it costs about .59 cents per compromised user. These numbers are so far from each toher that Cobb says we cannot trust either of them as credible sources as a cost for cybercrime. So, Cobb defined his own cost of a breach with a time cost basis.

While in Europe, Cobb was attempting to get a check approved for about $10,000. First submission received a denial of approval. Cobb tried again and once again received a denial. He then called his bank and they said they would look out for the transaction. He submitted again and sure enough the check was denied. Cobb finally called his bank and stayed on the phone until the check finally submitted through. The time it cost Cobb to get his check approved in order to make sure it was not a fraudulent transaction is the cost Cobb puts on each security breach or compromised user. Not the breach itself as a cost but the cost it takes to protect oneself from a breach. And if you wanted to know his cost per breach, it is $66! Why? Well, taking into account the time he spent to have his check approved and his average hourly wage, $66 was the most logical number for Cobb to wrap his head around.

The moral of the story is that we cannot be naïve when it comes to cybercrime statistics because there are so many factors and implications that we cannot control or track. What we can do, is make critical investments into our networks, IT team, and security initiatives to make sure we keep cybercrime at bay!

I’m creating a brief presentation for a Capture the Flag event at USC, explaining our methodology for performing Security Assessments. First of all, recurring periodic security assessments are important for your environment. Security isn’t a set-it-and-forget-it attribute. Infrastructure changes over time and tons of new attack methods are discovered every day. Security is a game of intelligently assessing risk.

Just about every organization needs to adhere to regulations that spell out the minimum security measures to have in place, and how they should be assessed. For example, HIPAA/HITECH, PCI, FISMA, FERPA, and SOX all have standards to secure data. If you’re not bound by any of these, consider using ISO27002 as a generic resource to help guide your own IT security practices.

With regular assessments you can:

• ·         Maintain a focus on IT security
• ·         Increase awareness and understanding of security issues
• ·         Prioritize security investments and focus on the high importance/rewards intiatives
•          Find out whether your environment has already been compromised
• ·         Stay on top of the latest security threats
• ·         Demonstrate to customers and partners that security is important

If you already have a particular regulation like one of those mentioned above, download the appropriate standard as a starting point. Otherwise, choose one that is similar to your type of business. In either case, print it out, give it a good read, then start from the beginning.

Here are a few main areas and tips to focus on. All of the security standards have many more requirements than these, but we need to keep the blog to 500 words or less. :o

What ways can the data be compromised? Not just from the Internet, but what from the inside of the network? From remote offices? Rogue wireless access points? Audit the firewall rules and watch logs. Use secure protocols, like modern HTTPS, SSH and SFTP rather than HTTP, Telnet, and FTP. Do the services enabled on the servers enable more than necessary?

Timely patch management is important: operating systems on servers and workstations; infrastructure services such like email and DNS; Web applications; databases; desktop applications.

How is the network perimeter defended and segmented? Review the device configurations!

Reach out to peers at other companies, participate in user groups, attend a few meetups, and come to some of the Bird Rock Systems events! Compare your infrastructure with others out there and keep your organization in line with industry best practices.

Crack open your Security Policy and run it through its paces. This is usually one of the first things an auditor will do, to see what your administrators and end users can do. See if your own standards can hold up to a little scrutiny.

Again, this information is not intended to be exhaustive or complete. Other important topics include how well your organization works, how well your procedures are documented, and how well your staff members keep up to date with the craft; physical security; encryption; social engineering.

If you think about security like the accounting team thinks about cash flow, IT security should have checks and balances. Do periodic security assessments yourself, then bring in a third party to validate!

By Larry Hoehn, Enterprise Solutions Architect 

When most people think of endpoint protection, they think of antivirus software. But targeted attacks can use a new threat that is able to evade detection or some embedded malicious content in an iFrame could bypass antivirus software.

Palo Alto Networks acquired Cyvera and branded this product as ‘Traps’. You may have seen similar products on the market, like Microsoft EMET. However, Traps integrates into WildFire, Palo Alto Network’s sandboxing technology. Plus it’s a mature product, as you’ll see below.

Traditional antivirus-based protection is based on signatures – it requires prior knowledge of the threat in order to be effective. According to Palo Alto Networks, over 20,000 new forms of malware are created per day. Antivirus-based solutions have to build signatures against all of those new forms, then distribute those signatures out to all the endpoints. This takes time and has a negative impact on the effectiveness of many antivirus solutions.

Traps is very effective against zero-day based attacks. The attacker would run into one of the exploit prevention modules within Traps, the process gets terminated, the user is alerted that an attack was prevented, and the administrator receives an alert. Traps collects forensics and provide it to the administrator.

Traps is a very thin client on the endpoint (Windows only at this time, but including XP, 7, 8, 2003, 2008 and 2012). When a new process is opened, Traps injects prevention modules into that process. This prevents the attacker from using a couple dozen different techniques available in their arsenal.

If you a looking for a way to extend the lifespan of Windows XP or 2003 in your environment, Traps may be for you since Microsoft isn’t patching those Operating Systems any more.

With Traps, malware prevention is accomplished through a series of policies on the endpoint that significantly limits the risk of inadvertently downloading malware. As previously mentioned, Traps integrates with WildFire to determine whether a file is known to be malicious. Then Traps uses malware prevention modules to ensure that the malware never executes.

Traps is available in a one, three or five-year subscription. The price is different for workstation protection vs. server protection.

To summarize, Traps blocks known and unknown exploits, known and unknown malware, and provides forensics that can be used to protect the rest of the organization. Let me know your thoughts, especially if you’ve investigated or implemented a solution that provides this type of endpoint protection.

“It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently.”

—Warren Buffet

The life of an IT professional can be rather stressful and challenging. With businesses relying on the stability and availability of secure networks and performance computing, IT feels the pressure of making every project a success. As businesses become more agile, moving at the “speed of light,” any perceived latency or downtime can cause user and customer dissatisfaction which can equate to loss of profits, productivity and confidence.

As a countermeasure, it is recommended to partner with a technology solutions provider(s) that can help manage, strengthen and optimize IT workflows and environments that align with the goals of the business and the IT department.

Are Your Technology Partners Loyal to Your Success?

We meet with customers everyday looking to expand, improve performance and secure their IT infrastructure. We recognize that there is no one size fits all solution for customer challenges/initiatives, therefore, we seek to understand customer objectives before recommending a solution. Through authentic, transparent, and honest interactions with customers, we have been successful in earning customer trust and building strong relationships.

… IT Happens

To Bird Rock Systems, being loyal means consistent and persistent support. We believe in staying committed to our customers, especially during challenging situations.  If you have been in IT for a period of time, we all know *stuff* happens. As a countermeasure, we exercise caution and proactively backup configs and have backout strategies just in case. We are in it for the “long haul.” In the midst of challenge is where some of our most loyal relationships have emerged.

Hand in hand with loyalty, integrity is an important value to seek when partnering with a solutions provider which I will talk about in my next article. Stay tuned!

Written By Larry Hoehn

Here’s a brief overview of a couple of the new features and upgrades included with the new release PAN-OS 7.0. At a high level, the new version addresses these issues:

1. Turning alerts into action. According to a report from Ernst & Young, 33% of security professionals don’t know how long it takes to respond to alerts.
2. Discovering unknown threats. According to the 2014 Verizon DBIR, there were $400M financial losses from 700 million compromised records. Much was from unknown threats and 75% of attacks spread from Victim 0 to Victim 1 within 24 hours.

To help with the first challenge, the ACC tab has been redesigned with actionable data:

That new widget shows application usage – the bigger the box, the more application usage on the network. Red means critical, orange means important. You can quickly get more detail to find critical information with a few clicks. For example, application and user activity:

And network activity with threat levels:

To help with the second challenge (discovering unknown threats): Since WildFire already analyzes 20 million samples per week (and growing), Palo Alto added multi-version detailed analysis with a single virtual machine for different versions of software. For example, a file can be run through several versions of Acrobat to see if malware is targeted to a specific version of that application. They’ve also added a new verdict to WildFire to quickly analyze threats. Previously just “malware” or “benign”, a new verdict includes “Grayware”, for things like Adware and Trackware.

A new feature is the automated correlation engine. It’s an analytics tool that verifies compromised hosts in your network. It scrutinizes isolated events across multiple logs on the firewall, examines patterns, and correlates events to identify actionable information such as host-based activities that indicate a compromised host. The engine includes correlation objects that are defined by the Palo Alto Networks Malware Research team. These objects identify a suspicious sequence of events that indicate a malicious outcome. Correlation objects trigger alerts when they match on patterns that indicate a compromised host on your network. For example:

In the example above, if these four indicators are present, we have an automated trigger to alert there is a compromised host. The following screenshot illustrates how the automated correlation engine combines indicators of threats and highlights the resulting situation as “critical”, which means it exhibits signs of worm activity to help you determine where to focus effort for fast remediation.

There are many more updated capabilities, but these were a few I though you would think are interesting. When you get a chance, take a look at the new version and let me know your thoughts!

Written By Larry Hoehn

In my previous post, I discussed how wireless technology has a role when providing secure BYOD access. Along those lines, this article explains firewall technology’s role for a secure BYOD initiative.

Today's corporate workforce expects to access their corporate networks from personal mobile devices used both inside and outside the corporate walls. Providing this access to employees and contractors drives productivity gains and fosters innovation. While the benefits can justify the requirement, BYOD introduces elements of risk that legacy technologies have a difficult time addressing.

Old-school firewall port and protocol-based security focus on attacks directed from the outside in. This method assumes that devices inside the network are trusted, since they allow access without consideration for the user’s identity, the device type, or the application in use. This leaves organizations open to attacks from inside the network.

Modern solutions take a new approach – these solutions map user and device information to network security policies, enabling IT to enforce what a user can access with a particular device and authorized application. Firewall policies can also enforce, among other things, bandwidth on a per-user or per-department basis.

How this works:

1. Users and devices connect to the network.
2. Wired or Wireless architecture shares contextual data (IP address, device type, user role) with the firewall.
3. The firewall monitors for policy violations to the network based on who and what is connected to the infrastructure.
4. Applications can be controlled based on who and what is connected to the infrastructure, or blocked if there’s no legitimate use.

The big benefit:

Security against known and unknown malware, zero-day exploits, and advanced persistent threats. The firewall automatically implements and enforces protection in near real-time to defend against dynamic attacks.

Stay tuned for my next article, where I’ll discuss a solution with a product use case!

“Growth is never by mere chance; it is the result of forces working together.”

-James Cash Penney

2014 is Bird Rock Systems’ 5th consecutive year that we have been ranked among the fastest growing private companies for CRN Magazine (2010-2014) and 4th consecutive year for Inc. 5000 and the San Diego Business Journal (2011-2014). It is truly a great accomplishment and milestone for Bird Rock Systems as we continue to grow and expand into other territories, technologies and services.

Bird Rock Systems strives to continuously grow and improve year over year and quarter to quarter. We look for ways to better serve our customers with new services and solutions that help them solve problems, strengthen security, improve performance and efficiency. Bird Rock Systems regularly evaluates business processes and how we can work more effectively across sales, services and operations to ultimately deliver the best experience to our customers. By practicing these actions of continuous improvement, Bird Rock Systems has been able to grow every year since the start of the business in 2003.

We have a great team of people that enjoy taking care of our customers. Plus, we have some awesome customers that we get to work with and be an extension of their team to solve I.T. challenges. A special thanks goes out to all of our customers. We appreciate all of your support and business over the years!