Blog

  • Partner Webinar Series

    Partner Webinar Series

    March 27th, 2020
    Read More

    Being stuck in your home should not have to stop you from becoming educated in different areas that will benefit your infrastructure. Partners of High Availability, Inc. are offering several different webinar series focused on how to protect, backup, and secure your business.

    Continue to check back as this list will continually be updated!

    FireEye- The Come in the Night Emerging Ransomware Trends

    • Tuesday, March 31st at 11 am EST
      • The latest on ransomware threats
      • Threat actor tactics
      • Ways to use intelligence to defend your organization
      • Register here    

    Pure Storage- Protect Ransomware's Next Target – Backups

    • Tuesday, March 31st at 9 am PST | 12 pm EST
      • Threat landscape and attack economics
      • How new variants are targeting backups
      • True data immutability to avoid malicious encryption
      • Data copies that can't be eradicated or modified, even by you
      • Recover strategies to ensure data is available in mins and hours
      • Register Here

    Nutanix- Nutanix Coffee Break Series

    • Every other Thursday at 11:30 am EST // 20-minute sessions
      • Schedule
        • April 9th- Files (Storage Solutions)
        • April 23rd- Beam (Multicloud Governance)
        • May 6th- Era (Database Services)
        • May 21st- Calm (Application Automation)
      • Register Here

    VMware- Getting to Know vSphere 7

    • 5 Part Series at 1 pm EST
      • April 1st  - The New vSphere – Essential Services for the Modern Hybrid Cloud 
      • April 6th – vSphere 7 with Kubernetes: Modern Infrastructure for Modern Applications
      • April 27th – Simplifying Operations with vSphere 7 Helps Us Keep Workloads Safe
      • May 4th- Intrinsic Security: How vSphere 7 Helps Us Keep Work Loads Safe
      • May 11th – Running Elastic Infrastructure for AI and ML workloads with vSphere and Bitfusion

    Zix- Let’s Get Prepared, Not Scared: Productivity and Security in Uncertain Times

    • Thursday, April 2nd at 2 pm EST // 60-minute session
      • How you can develop and manage a resilience plan for your organization
      • Tools and tactics to enable secure, productive remote work
      • Tips for ensuring effective modern workplace security
      • Register Here

    Elastic- Webinar Series

    • April 2nd - Building charts with Kibana Lens
    • April 8th - Elastic Observability Engineer training preview: Structuring data
    • April 15th- Getting started with Elastic App Search
    • April 22nd- Elastic APM: Introduction, getting started, and exciting new features
    • April 28th- Introduction to logging and observability with the ELK Stack
    • April 29th- Voice-enabled Elasticsearch cluster management on Elastic Cloud
    • Upgrading Your Elastic Stack to 7.x
    • Getting Started with Kibana
    • Elasticsearch: Getting Started
  • 5 Ways Cisco Is Helping Remote Employees to Work Efficiently

    5 Ways Cisco Is Helping Remote Employees to Work Efficiently

    March 24th, 2020
    Read More

    Cisco is making it easier and more affordable than ever for employees to collaborate and connect. With their current promotions and offerings around their collaboration tools, your team will be able to formulate business continuity plans and scale out quickly to support remote workers.

    1. Free Webex Online
      1. With more and more people working from home, and some for the first time, Cisco is offering its online Webex platform to individuals and small businesses for free! Utilizing the free online version is an excellent alternative for low volume license requests. Users will get access to unlimited meetings (up to 100 participants), mobile and desktop meeting abilities, screen sharing and recording (1GB of cloud storage), and unlimited messaging with Webex Teams! Click Here for more information.
    2. Webex Enterprise Trials
      1. A free Webex Enterprise trial, at either 30 or 90 days in length, is the perfect starting point for organizations looking to provide host meeting accounts to employees and need centralized administrative management and reporting capabilities. The trial will give you access to unlimited video meetings and webinars (up to 200 participants), recordings, content sharing, unlimited messaging through Webex Teams, desktop and mobile app experience, analytics, and so much more! Keep in mind; you’ll need your VAR (Value-Added Reseller) to get you access to this offer. Reach out to your dedicated H.A. Account Manager or contact us directly.
    3. Free Trial for FedRAMP Organizations
      1. FedRAMP (Federal Risk and Authorization Management Program) organizations are also able to take advantage of Cisco’s free unified communications trials. The FedRAMP product has extra security measures in place like continuous monitoring for cloud products and services, and password requirements for all meetings. The trial, which only includes access to the Cisco Meeting Center for up to 200 participants, is available for 50 seats per customer with the ability to go up to 1,000 seats for 90 days. You’ll need to work with your VAR to take advantage of this offer. If you’re interested, please reach out to your dedicated H.A. account manager or contact us directly.
    4. Free Virtual Events
      1. Did you have to cancel a large live event recently? Perhaps your mid-year kick-off or upcoming tradeshow? With Cisco and Vbrick you can bring your event back to life through live streaming with Rev. Rev is the industry-leading enterprise video platform, and Cisco and Vbrick have teamed up to offer free trials! For a limited time, your organization can host three events for up to 500 participants each or one event for up to 5,000 participants. The offer includes live streaming, slides, chat, and Q&A! Click Here for more information.
      2. P.S. Make sure to check out our latest blog on the vendor tradeshows that just went digital! I wonder if they are using Rev…
    5. Expansion Opportunities for Existing Customers
      1. Cisco is making it easy, and affordable, for current subscribers to expand their Webex capabilities to accommodate your new fully remote staff. With Cisco’s “Surplus Usage Waiver Period”, which takes place from February 1st until May 31st, current subscribers can add 20% more accounts for Webex Meetings, Events, Training, Support, and Teams at no additional cost during the waiver period. This offer only applies to EA (Enterprise Agreement), and User Meeting and Named User subscribers. If you’re interested, please reach out to your dedicated H.A. account manager or contact us directly.
  • High Availability, Inc. Named to the 2020 Tech Elite 250 by CRN®

    High Availability, Inc. Named to the 2020 Tech Elite 250 by CRN®

    March 23rd, 2020
    Read More

    Audubon, PA, March 23rd, 2020 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company has named High Availability, Inc. to its 2020 Tech Elite 250 list. This annual list acknowledges the top tier of North American IT solution providers that have earned the highest number of advanced technical certifications from leading technology suppliers, scaled to their company size. These organizations have differentiated themselves as premier solution providers, earning multiple, top-level IT certifications, specializations, and partner program designations from the industry’s most prestigious technology providers.

    Each year, The Channel Company’s research group and CRN editors work together to identify the most customer-centric technical certifications in the North American IT channel. Solution providers that have earned these elite designations — enabling them to deliver exclusive products, services, and customer support — are then selected from a pool of online applicants.

    “We are excited to be included in the 2020 CRN Tech Elite 250,” said Steve Eisenhart, Chief Executive Officer of High Availability, Inc. “Over the last ten years, we have invested more in engineering than all other departments combined. We have seen tremendous value when it comes to on-going education, training, and certifications for existing and emerging technology partners. We are continuously investing in additional engineering talent to support our expansion into new practice areas like Security, Cloud, and Managed Services. We recognize the value our engineers bring to our end-user community and are dedicated to doing all we can to deliver top-notch support and service.”

    “Solution providers that continue to pursue vendor certifications and extend their skill sets across various technologies and IT practices are proving their commitment to delivering the greatest business value to their customers through an incomparable level of service,” said Bob Skelley, CEO of The Channel Company. “Our CRN Tech Elite 250 list recognizes leading solution providers with expansive technical knowledge and esteemed certifications for exactly that reason.”

    Coverage of the Tech Elite 250 will be featured in the February issue of CRN, and online at www.CRN.com/TechElite250

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom-tailored systems and solutions to fit both current requirements and future IT and business needs.

     

    ###

    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or lthompson@hainc.com

  • Conferences Made Virtual!

    Conferences Made Virtual!

    March 20th, 2020
    Read More

    At High Availability, Inc. the safety of our employees and customers is our number one priority. Our partners hold the same values. With that in mind, some of our partners moved their in-person conferences and technical summits online. If you are someone who always wanted to attend one of these conferences, this is an excellent opportunity to check them out!

    1. NVIDIA GPU Technology Conference
      • March 25, 2020
      • You can choose from a library of talks, panels, research posters, and demos that you can view on your own schedule, at your own pace. 
      • Register Here
    1. VMware Empower
      • April 20, 2020
      • Previous Registrants will be refunded on original form of payment and will receive a confirmation email when refunded.
      • Register Here: Registration link not available; follow their website for further details
    2. Splunk Virtual Global Partner Summit
      • April 22, 2020
      • Splunk Virtual GPS is designed to give each person a tailored experience
      • Register Here
    3. ElasticON
      • April 23, 2020
      • Connect with Elastic engineers, experts, and users.
      • Register Here
    4. Red Hat Summit
      • April 28-29, 2020
      • This virtual event will deliver the same inspiring content, with keynotes, breakout sessions, access to Red Hat experts, and more
      • Register Here
    5. Dell Technology World
      • May 4, 2020
      • All keynotes, breakout sessions, and live chats with experts will be virtual.
      • All registrants will be automatically registered for the virtual experience at no additional charge.
      • Registrants can opt to roll over their conference pass to Dell Technologies 2021 or request a full refund (if you already registered you should have already received an email about this)
      • Register Here: Registration link not available; follow their website for further details
    6. Rubrik’s FORWARD
      • May 11, 2020
      • Previous registrants will receive a refund and automatically be registered for FORWARD digital summit.
      • Register Here
    7. Cisco LIVE
      • June 2-3, 2020
      • Previous registrations will be fully refunded
      • All keynotes, innovation talks and technical content will be live-streamed
      • Opportunity to interact with Cisco experts
      • Stream Here
    1. ZertoCON
      • Register Here: Registration link not yet available; follow their website for more information
  • From Zero to Protected in 15 Minutes with Cisco Umbrella

    From Zero to Protected in 15 Minutes with Cisco Umbrella

    March 5th, 2020
    Read More

    Cisco Umbrella might just provide the fastest Mean Time to Value of just about any IT security solution on the market. That’s because you can go from entirely unprotected to enjoying the security shield of Cisco Umbrella’s DNS security platform in as little as 15 minutes. In fact, it could be even faster if your environment is already using the free, publicly accessible Cisco Umbrella DNS resolvers (208.67.220.220 & 208.67.222.222), which many administrators configure by default on domain servers and Internet edge routers.

    So, let’s say you’ve gotten a trial or purchased licenses for Umbrella. What happens from there?

    Activating Your Account

    Initially, you will get a welcome email. If you have registered for an Umbrella trial, it will look like Initially, you will get a welcome email. If you have registered for an Umbrella trial, it will look like the image below. If you purchased your Umbrella licenses outright or signed up for monthly Umbrella service through a Managed Services Provider (like High Availability), your email may look a little different.

    Click the “Activate” button in the email, and you’ll be taken to the Umbrella Dashboard portal to finish registering your account:

    Create a password and hit Submit. Let’s be good security practitioners – use a unique, complex password for every website! We won’t cover it here, but you can enable your Umbrella account for 2-Factor Authentication later on – and you should! You’ll be taken to the Umbrella login page. Enter your new credentials and LOG IN.

    Basic SetupOnce you’re logged in to your new account, you’ll immediately be presented with a wizard to help you get started! In Umbrella’s terms, a “Network” is a type of Identity, which is a way to identify your users and devices to Umbrella. Identities can be a public IP address range, an internal LAN subnet, an Active Directory user or group, a mobile device, or a roaming computer. The “Network” identity is basically a public IP range that DNS traffic belonging to your organization will originate from. This might be the IP address of your firewall or another IP block assigned by your ISP. You’ll want to identify the correct IP block (subnet address as well as prefix length) before proceeding. In this wizard, you’ll set up your first Umbrella Network. Enter a label for the network (maybe it’s “Headquarters” or “Philadelphia” or whatever else – you can change it later), and then enter the public IP prefix that DNS traffic from this site will originate from. If you’re using IPv6, use the appropriate radio button in the wizard to enable those addresses as well.

    When you’ve filled out the network details, click Next.

    Next, Umbrella will prompt you to download the Umbrella Roaming Client for your operating system. You can do that now, or you can click Next. This blog won’t be going into the Roaming Client deployment, and you can always download it later.

    And that’s it! Well, that’s it for the setup of your initial Network Identity. We have just a couple of other quick tasks to get Umbrella protecting our network. For now, click “Start Using Cisco Umbrella.”

    You’ll be taken to the Umbrella Dashboard. This view shows you an overview of everything going on with your Umbrella account. Navigation is on the left-hand side.Sending DNS Traffic to UmbrellaBut wait! We aren’t protected yet! If we open a browser and go to a nefarious website like http://www.internetbadguys.com (OK, that’s actually a test site run by Umbrella, and it’s not dangerous to go to for testing!), we see that we can reach the site. Umbrella isn’t protecting us yet. ?

    What did we miss? Well, we need to actually forward all of our site’s DNS traffic up to Umbrella so it can check it against the security and content-filtering policies and respond appropriately. Now, it’s possible you’re already using the Cisco Umbrella (or OpenDNS as it used to be called) DNS servers, 208.67.222.222 and 208.67.220.220, as your upstream DNS resolvers on your router or Active Directory servers. If so, then you’re already sending your traffic to Umbrella, and just by identifying your Network in the Umbrella dashboard, you are ready to apply policy. But for this example, let’s assume we did not have the Umbrella servers as our DNS resolvers yet. This step of the configuration will vary depending on your environment. If you use AD servers for your internal DNS resolution, you will need to update them with the Umbrella DNS servers. In my test environment, I’m using a Meraki MX firewall, which conveniently has a preset for Umbrella. Just select that and save the change, and now clients in my network will be assigned the Umbrella servers as their DNS resolvers. In this case, the change won’t take effect until the next DHCP lease renewal, but if you assign an internal server like an AD server and redirect that DNS server to use Umbrella, the change is instant.

    Once this change is made, trying the Umbrella test site nets us the desired result ?The last step in the DNS traffic flow configuration is preventing anything on our network from side-stepping Umbrella by reaching out directly to another DNS server. This requires setting up additional outbound restrictions on your border firewall to prevent DNS traffic to other destinations besides Umbrella. Note that this particular step may be something you want to implement gingerly to avoid clobbering something that had a hard-coded public DNS resolver for a reason or something like that. I show the final state configuration here, but you may need to start with a slightly more lenient policy and lock it down after some monitoring.And that's done! Now all DNS traffic from our environment is flowing to Cisco Umbrella, which is identifying it based on source public IP prefix and applying a DNS security policy per our Dashboard settings. Policy TuningAt this point, after just a couple minutes of work, we have Cisco Umbrella providing basic security protections to our network via DNS security, because the default Umbrella policy includes blocking major security threats. If we return to the Dashboard and go to the Policy configuration, we see the default policy. You can add multiple policies for differentiated treatment, but that’s future tuning.If we click “Edit” on the Security Setting Applied area, we will see our default security policy. Clicking the Edit button within the security policy would allow us to enable or disable different security categories. The default provides a baseline level of protection, enabling other categories will increase security with a possible increase of false positives, but you can tune these based on your organization’s security posture.After adjusting our Security policy, we can go back to the Policy overview and drill into our Content Filtering policy. Here the default is not to do any content-based blocking, but as an example, I show selecting the preconfigured “Low” level of restriction and applying it. Each of the default content presets becomes increasingly restrictive, or you can select the “Custom” option and tailor the blocking categories to your needs.

    After saving these settings, we can head back to Dashboard Overview, and after a little while, we’ll start to see statistics populate.

    Based on these values, Umbrella is doing its job, providing a baseline level of security and content DNS security to our corporate network, protecting our users from phishing attacks, malware distribution, botnets, and inappropriate web content – all with about 15 minutes of work. ?

    Wrapping Up (or Continuing On)

    Now, don’t think this is the end of the road. There is a lot more you can do with Cisco Umbrella. This jumpstart just got our toes wet and helped us set up a basic level of protection and policy for our corporate LAN users. However, Umbrella can do much, much more. Just a few of the other important and valuable things you can do with Umbrella include:

    • Deploy Umbrella virtual appliances to provide better context about the origin of DNS requests within your environment and more granular DNS security policy
    • Active Directory integration for differentiated policy based on user or AD group membership
    • Deploy the Umbrella Roaming agent to protect your computers even after they disconnect from the corporate network
    • Integrate with your MDM to apply Umbrella protection to mobile devices
    • Download and deploy the Umbrella SSL Root CA certificate to allow seamless blocking of SSL-encrypted sites
    • Enable the Umbrella Intelligent Proxy to protect users transparently even when reaching a “gray” site
    • Integrate Cisco Umbrella with your SIEM platform
    • Schedule automated reports to update administrators and management about the value that Umbrella is bringing to your organization
    • Review a risk-categorized inventory of cloud-based services your organization uses and allow or block them based on corporate policy
    • Consider deploying Umbrella Secure Internet Gateway (SIG) features for cloud-based security beyond DNS, including full-time web proxy and cloud-delivered firewall services

    High Availability is well-versed in all aspects of Cisco Umbrella and would be happy to help you plan out a deployment and assist with the configuration of any or all of the above features. But even if you want to get going on your own, this blog has shown you how quick and easy it is to provision your Cisco Umbrella account and get genuine security value for your business in just a few minutes.

    Contact your High Availability account manager today to learn more about Umbrella, start a free trial, or discuss how we can help you better secure your network and your business.

  • The Anatomy of an Advanced Persistent Threat (APT)

    The Anatomy of an Advanced Persistent Threat (APT)

    February 27th, 2020
    Read More

    The Anatomy of an Advanced Persistent Threat (APT)

    The annual number of data breaches increases every year, and 2019 was no exception.  The total number of data breaches in 2019 is up 33% over 2018, according to research from Risk Based Security1.  The average data breach can cost organizations millions of dollars for remediation, along with decreased customer loyalty, customer distrust, a potential loss in future revenues, and a negative brand reputation.

    To prevent data breaches, it is important to first understand the anatomy of a cyberattack and the tactics, techniques, and motivation behind it.  I will attempt to breakdown the high-level phases of an Advanced Persistent Threat (APT) attack while referencing tactics and techniques from the MITRE ATT&CK framework.

    An APT is a broad term typically used to describe a stealthy threat-actor, that has gained unauthorized access to network.  The motivation is to mine highly sensitive data or intellectual property, data that the cybercriminal can ultimately sell or monetise.  For the purpose of this blog, I will reference the term APT and threat-actor interchangeably.

    For more information regarding the MITRE ATT&CK framework, go here: https://attack.mitre.org/techniques/enterprise/

    Figure 1: The anatomy of an APT attack

    Without any further ado, let’s quickly jump into the anatomy of an APT attack.

    Step #1: Initial Reconnaissance (MITRE – PRE-ATT&CK)

    The first step to a targeted attack is some type of reconnaissance, where research and information is gathered about the targeted organization with the objective of getting past the organization’s border security and gaining a foothold inside the internal network.  Information could be publicly gathered on an organization’s network ranges, IP addresses and domain names.  Vulnerability scans can then be performed on assets on the external network to determine and exploit known vulnerabilities.  The technique (among others) described here is listed under “Technical Information Gathering” within the MITRE PRE-ATT&CK framework.

    Step #2: Initial Compromise (MITRE – Initial Access)

    The second step consists of various entry vectors to gain their initial foothold within a network. One typical technique includes a targeted phishing campaign.  The cyberattacker will phish their target organization’s employees into opening a malicious attachment or clicking a crafted URL in the hopes of delivering their payload by exploiting a zero-day vulnerability in a common browser or application, like Microsoft Office.  Other common techniques include exploiting vulnerabilities on public-facing web servers and databases.

    Step #3: Establish Foothold (MITRE – Execution & Persistence)

    Once the threat actor has gained a foothold through the initial compromise, the next step is to execute malicious code on the server or endpoint to allow full access into the machine. 

    The threat-actor will attempt to maintain persistence after the initial compromise.  Persistence describes the ability to maintain control and access to the compromised system across system restarts, changed credentials, and other interruptions that could potentially cut off access.  Typically, persistence is accomplished by replacing or hijacking legitimate code or adding startup code.

    Step #4: Escalate Privileges (MITRE – Credential Access & Privilege Escalation)

    After the threat-actor has full access into the compromised node, the threat-actor will then seek to gain greater access to the system and data through the use of privileged accounts.

    The threat-actor will first attempt to harvest access credentials from the compromised host using a technique called Credential Access.  Examples of these techniques are password hash dumping, keystroke logging and several others.

    Immediately after the gaining access to privileged accounts, the threat actor will attempt to use privilege escalation techniques on targeted systems and key high-value targets.  Examples of elevated access include SYSTEM/root level accounts, domain admin, user account with admin-like access and service accounts.   Using legitimate credentials will make the APT harder to detect.

    Step #5: Internal Recon (MITRE – Discovery)

    The threat-actor will then attempt to perform additional reconnaissance on the internal network.  Techniques such as file and directory discovery, network share discovery, cloud service discovery, port scanning and network analysis are all used to identify high-value targets that house other data of interest. 

    The internal discovery process allows the threat-actor to observe and to provide orientation regarding their existing internal environment.  After the initial orientation, the threat-actor will then explore the services and assets around the initial entry point to benefit their primary objectives. 

    Step #6: Lateral Movement (MITRE – Lateral Movement)

    Lateral Movement involves techniques that allow the threat-actor to enter and control additional systems on the internal network.  In order to accomplish their primary objectives, the threat-actor will need to explore multiple networks to locate high-value targets before subsequently gaining access to sensitive data.  Part of the process involves pivoting through multiple systems and gaining access to different accounts.

    The rate of Lateral Movement is entirely dependent on the ability of the APT to exist in the environment undetected.  If the threat-actor believes that they can exist without being detected, they may continue in a stealth mode for some time.  However, if the threat-actor believes that they run the risk of being detected, they will attempt Lateral Movement techniques much sooner.

    Some examples of Lateral Movement techniques are Windows Admin Shares, remote access tools such as PsExec, remote desktop service such as RDP, COM/DCOM for local code execution, stolen web session cookies, exploitation of remote services like SMB, and many others.

    Step #7: Maintain Presence (MITRE – Persistence & Defense Evasion)

    The APT ensures continued access to the environment by installing multiple variants of malware backdoors or by some type of remote administration tool.   

    These remote administration tools are typically installed onto the compromised node(s) and set up in a reverse-connect mode.  The reverse-connect connectivity mode will initiate a session to central command & control (C&C) servers to pull and execute commands.  This connectivity method is designed to evade detection on perimeter firewalls, as the compromised node reaches out to the C&C servers, similar to other network traffic destined to the Internet.  Unlike botnet traffic which is volumetric, APT C&C communications typically blend in with normal traffic and cannot be detected without having continuous network monitoring and advanced network analytics.

    Techniques used for defense evasion include uninstalling/disabling security software or obfuscating and encrypting data and the deletion or modification of audit logs or command history.

    Step #8: Complete Mission (MITRE – Collection & Exfiltration)

    In order for the threat-actor to complete their mission, sensitive data needs be collected from remote systems prior to data exfiltration.  Common target sources include data from network shared drives, email collection, cloud object storage, etc.  The collection process may be automated using scripts to search for and copy information based on criteria such as file type, location, or name at specific time intervals.

     

    Once the threat-actor has collected data, they will attempt to chunk or package it, then using compression and encryption to further avoid detection.  Techniques for getting data out of a target network typically include transferring it over their command and control channel or an alternate channel and may also include putting size limits on the transmission to masquerade as normal traffic.

    Even after the initial data breach has occurred, the threat-actor may often leave the backdoor open for future attempts at data exfiltration.

    In conclusion, Advanced Persistent Threats have a very high likelihood of success and is very difficult to detect.  In truth, there is no single “silver-bullet” technology solution that will prevent a determined cyberattacker from ultimately achieving the goal of an initial compromise.  However, there are ways to mitigate the risk and reduce the impact of an APT to the organization.

    Building a strong defense against APTs will require a strong Cybersecurity Program.  Here are some recommendations:

    1. Adopt an industry-standard framework for security controls, like CIS Critical Security Controls, to holistically protect the entire organization and its data.
      1. Perform an assessment to understand the current state of the critical security controls within an organization
      2. Example security controls are:
        1. Inventory of hardware and software assets
        2. Continuous vulnerability management
        3. Controlled use of administrative privileges
        4. And many others…
    2. Assess state and implement security controls
      1. Leverage technology and security awareness training to apply the proper controls and polices
      2. Ensure the proper technical tools/sensors and controls exist for the detection and mitigation of APTs.
    3. Manage and assess risks to your business and organization
    4. Measure maturity and progress
      1. Use a risk-based approach to periodize security controls.
      2. Develop a roadmap to measure maturity and progress over time
    5. Monitor and measure security
      1. Establish and measure meaningful security metrics
      2. Monitor those metrics to minimize incident impact
      3. Perform system-specific assessments to “harden” and secure the system or platform.

    Security is a journey, not a destination.

    References

    1 Risk Based Security “Data Breach QuickView Report 2019 Q3 Trends”

    Resources

    https://resources.infosecinstitute.com/anatomy-of-an-apt-attack-step-by-step-approach/

    https://www.iacpcybercenter.org/resource-center/what-is-cyber-crime/cyber-attack-lifecycle/

    https://attack.mitre.org/

     

  • 8 Common Excuses for Not Using a Managed Services Provider

    8 Common Excuses for Not Using a Managed Services Provider

    February 20th, 2020
    Read More
    1.  “We wouldn’t be a good fit for a managed services provider. We are very unique!”
      1. We hate to burst your bubble, but you’re not that special, at least when it comes to IT! Yes, your team, goals, mission, etc. are all unique, but every company has the same IT problems when it comes to infrastructure. Whether it be storage, backup, networking, wireless, or anti-virus, similar problems span across all verticals, and we have seen them all before! We assure you, the High Availability, Inc. Managed Cloud Services team can tackle any problem you throw our way.
    2. “We don’t want to lose control of our infrastructure.”
      1. Many IT professionals believe that as soon as you go to a managed services provider (MSP), or even Amazon or Azure, you lose control, but that is not the case! The Managed Cloud Services team at High Availability, Inc. is simply the tool you use to enforce your own rules. We are helping you keep control of your infrastructure! In fact, we bet you will feel more in control of your devices than ever before. Moreover, our team would never make changes without you knowing, but we would argue that your employees might. With us managing and monitoring your infrastructure, you eliminate the ad-hoc and unplanned changes your employees may make on the fly. In short, we are helping YOU implement structured control.
    3. “Our data would be less secure.”
      1. When you protect data for hundreds of clients, you have to be secure. It's not only your data on the line; it's all our customer's data as well! With that being said, we take extra precautions when it comes to security. And, we can guarantee we can secure your data better than you can now, because – it's our job!
    4. “We don’t see the benefit of working with a managed services provider.”
      1. In IT, there are two inevitable truths; hardware breaks and software has bugs. When one of your devices breaks, who is spending the next twenty-some hours fixing it? The people who should be working with the end-users (you), or the people maintaining your infrastructure (us). Let us handle the fires and the hiccups, so you can focus on your day-to-day.
    5. “We do everything already.”
      1. No, you don’t. When was the last time you brainstormed and worked with the lines of business to see what they want to accomplish? Between patching, backups, and general maintenance, do you even have time for anything forward-thinking? Working with H.A.’s Managed Cloud Services team will allow you to work on the big picture items, while we take care of the nitty-gritty.
    6. “We have monitoring.”
      1. Okay, so you have monitoring, but do you actually use it, and do you use it correctly? Most of our customers that have monitoring today don’t properly maintain it, and it becomes white noise... some of them even turn it off completely! At H.A., monitoring is our world. We make changes, move things around, and change thresholds daily! Moreover, while most companies review their infrastructure on an annual basis, we work it in your contract at regular intervals.
    7. “My team doesn’t mind patching.”
      1. They are lying to you. No one likes patching. Who wants to be patching at 3:00 A.M. on a weekend? Not your team since it’s not regular working hours. And, how do you compensate them? Time and a half? Give them off on Monday? Well, our team is already working. In fact, the Managed Cloud Services team at High Availability, Inc. is working 24x7x365. Moreover, our Level 1 and Leve 2 support desk team is all U.S. based (and will always be!). Additionally, unlike some MSPs, we don’t outsource our IT. When you have an issue, no matter the day or time, you will also be working with an H.A. team member.
    8. “I don’t want to reduce headcount.”
      1. If the objective of bringing in a managed service provider is to reduce your headcount…you’re doing something wrong. A managed service provider should never be brought in to replace your team; the MSP should be brought in to reallocate your team. An MSP, like the Managed Cloud Services team at High Availability, Inc., will allow them to work with other lines of business and take on higher-value tasks that only an internal person can accomplish.
  • High Availability, Inc. Recognized on CRN’s 2020 MSP500 List

    High Availability, Inc. Recognized on CRN’s 2020 MSP500 List

    February 19th, 2020
    Read More

    High Availability, Inc. Recognized on CRN’s 2020 MSP500 List 

    Audubon, PA, February 19th, 2020 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company has named High Availability, Inc. to its 2020 Managed Service Provider (MSP) 500 list in the Elite 150 category. This popular list identifies North American solution providers that deliver operational efficiencies, IT system improvements, and a higher rate of return on investments for their customers. These accomplished MSPs work tirelessly to guide their customers and create solutions for complex IT issues.

    This annual list is divided into three categories: the MSP Pioneer 250 who are focused primarily on the SMB market; the MSP Elite 150, large data center-focused on- and off-premises; and the Managed Security 100 made up of off-premises-focused, cloud-based IT security services.

    “MSPs are the critical bridge for customers looking to assess, implement and migrate their IT and cloud solutions to drive efficiencies, lower costs and secure your environment,” said Bob Skelley, CEO of The Channel Company. “On behalf of our team at The Channel Company, I want to congratulate the accomplished companies on CRN’s 2020 MSP 500 list and thank them for their commitment to finding innovative solutions that move the IT channel forward.”

    The MSP500 list will be featured in the February 2020 issue of CRN and online at www.crn.com/msp500  

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.

    ###

    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or lthompson@hainc.com

Join the High Availability, Inc. Mailing List

Subscribe