facebookpixel

What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics

Best Practices

By now, almost everyone has heard of the disastrous SolarWinds hack . To re-cap, in March 2020, hackers stealthily installed malwareinto SolarWinds Orion, a network-monitoring software used for IT infrastructure management. This allowed the hackers to gain access to highly sensitive data via a covertly inserted backdoor. The attack went undetected for months and was first publicly reported in December 2020 after being spotted by cybersecurity firm FireEye. Over a period of eight months, at least 24 organizations installed the SolarWinds software laced with malicious code, including various federal, state and local governments and private sector companies

When Microsoft found out they were among those compromised in the hack, they made quick work to remove the digital certificates that the Trojaned files used, announced that it was updating Microsoft Windows Defender, moved to a sinkhole domain and changed Windows Defender’s default action for Solorigate from “Alert” to “Quarantine.” Microsoft’s quick actions lead to neutralizing and killing the malware while gaining control over the malware’s infrastructure from the attackers. 

The SolarWinds hack highlights the devastating impact of software supply chain attacks and underscores the fact that most organizations are unprepared to prevent and detect such threats. When a security breach happens, speed is a critical factor in remediation, but you also need granular insights into software delivery to understand overall system health. 

Best Practices to Avoid and Respond to a Cyber Security Attack 

According to a Cisco report , “Major incidents and losses can be avoided by proactively refreshing the technology used and by learning from prior incidents, through prompt disaster recovery, sufficient security tech, timely incident response and accurate threat detection.”  

You can help defend your company from a cyber-attack by conducting risk assessments, mitigating against risks that cannot be removed, preparing and implementing a breach response plan and implementing cyber security best practices. In addition to scanning your systems on a continuous basis, Gurpreet Dhillon, Ph.D of Virginia Commonwealth University , recommends organizations to 

  1. Install sensors or mechanisms to collect potential hazards  
  2. Conduct automatic searches at regular intervals for potential flaws  
  3. Collect results from different divisions and/or stakeholder groups  
  4. Triage and analyze results on an ongoing basis  
  5. Fix the most critical issues first and develop a priority list  
  6. Report progress and continuously improve  

If your organization falls victim to a cyber-attack despite all of the security measures you’ve taken to prevent it, after you discover the breach: 

  1. Survey: Identify the attacker and find out where the attacker entered 
  2. Limit: Filter traffic and isolate system  
  3. Record: Find effects and identify disruptions  
  4. Engage: Connect with District Attorney and engage with FBI Infragard 
  5. Notify: Notify affected persons and seek legal counsel 
  6. Learn: Document learning points and proactively ensure learning moving forward 

Even when taking the upmost security measures, a data breach can happen to any organization. Reduce your risk of a cyber-attack by implementing and following your organization’s best practices, and if a breach does occur, follow your security response plan.  

Managing Network Health via Security Analytics 

Security reporting leverages a combination of software, algorithms and analytics processes to detect potential threats to IT systems, not just sniff out hacks as they occur.    

“Many organizations do not use security analytics to its full capabilities; often the analysis is relegated simply to identifying network attacks. However, this is only one subset of the types of security analytics that should be deployed. Security analytics provides insights into how well security programs are working. It can also help identify problem areas and can warn of imminent or active attacks” says privacy and security expert Rebecca Herold . 

Ian McClarty, President ofPhoenixNAP Global IT Services , elaborates, Analytics are key to security.As the complexity of IT networks has grown, the inventiveness and sophistication of cyber security threats and attacks has grown just as quickly.” 

Endpoint analytics can also give clues to security breakdowns and help identify policies or hardware issues that may be slowing down devices, so you can proactively make changes without disrupting end users 

Paired together, security reporting and endpoint analytics can help an IT department understand the data flowing in to and out of its network, detect potential threats and monitor user experience and hardware. The safety of an organization’s data and IT systems increasingly depends on having an effective, real-time monitoring security and endpoint analytics solution. 

Kollective for Software Delivery Accelerates Patching & Provides Insight into System Health with Intelligent Analytics Reporting 

According to IBM Cost of a Data Breach Report 2020 , the average cost of a corporate data breach is $3,860,000. Extensive cloud migrations are the number one cause of data breach, with 24% occurring at the end point, 19% due to a system misconfiguration and 16% because of a vulnerability in third-party software. To help avoid a costly breach, increase your endpoint security by reducing network risk with Kollective for Software Delivery .  

Kollective helps minimize the risk of data breach by ensuring 100% delivery of software updates and security patches when distributing content via Microsoft System Center Configuration Manager (SCCM). By leveraging the scale and flexibility of the cloud, Kollective optimizes software updates and patch delivery to minimize downloads and vulnerabilities with faster and more reliable patch distribution. 

Kollective’s solution delivers: 

  • 70% faster software deployment 
  • No impact to network bandwidth 
  • Analytics that provide a full view of your network 

Want to make your SCCM more powerful? Kollective IQ is an advanced analytics platform that gives you deeper insight into all your endpoints. It allows you to easily create dashboards and reports, providing the metrics your organization needs to better understand network performance and verify the success of deliveries.  

With Kollective for Software Delivery you can achieve greater than 95% peering efficiency, and significantly reduce your Wide Area Network (WAN) bandwidth utilization. This means faster and more reliable delivery of ConfigMgr content to the edge of your network. Kollective IQ provides the analytics you need to ensure your network environment is secure and fully optimized.  

To learn more about Kollective for Software Delivery, request to speak with an expert today. 

The post What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics appeared first on Kollective Technology .

To view our Partner blog, click here

The Hidden Costs of Distribution Point Management

CMMA Blog

Microsoft Endpoint Manager (MEM) – in particular Microsoft Systems Center Configuration Manager (SCCM) – is the gold standard of software distribution platforms, but that doesn’t mean it’s perfect. There are two main issues at play:

  1. From Gartner’s Magic Quadrant for Unified Endpoint Management : “Clients’ most common concern is that using MEM is not easy. Reasons include the overhead required to architect, build and maintain Configuration Manager and integration between on-premises Active Directory (AD) and Azure AD. Managing some policies (like Windows Hello) requires use of multiple consoles.”
  2. Another big challenge associated with delivering software via ConfigMgr is that, with the rise of Windows as a Service (WaaS) for Windows 10 updates, application and image deployments have become so frequent and bandwidth heavy that they can easily disrupt your network.

While Windows does offer several free cache solutions to help fix the bandwidth issue, none standalone in their ability to efficiently deliver software at scale, nor are they easy to use. (Think: continuous management of network boundaries.) For years, the only option IT and network teams had to address this issue effectively was to purchase hardware distribution points and deploy them in strategic office locations. Unfortunately, this often introduced as many problems as it intended to fix – increasing the infrastructure footprint, for example – and became even more expensive as a result.

What’s Under the Iceberg?

Distribution points account for 80% of hidden costs of software TCOA lot of organizations look at distribution points as a one-time purchase without considering the ongoing operational costs associated with software delivery. Like an iceberg however, the total cost of ownership (TCO) for hardware distribution points extends far beyond the surface.

Here’s a look at some of the hidden costs:

  • Storage​
  • Rack space​
  • Power and cooling​
  • O/S license​
  • Server maintenance​
  • Network connectivity​
  • Support – headquarters and regional
  • Off-hours monitoring​
  • Packaging and throttling​
  • Time-consuming deployment processes

Altogether, the hidden costs of distribution points account for up to 80% of TCO.

What About Virtual Distribution Points?

Many of you may have already transitioned to a more digitized approach to software delivery and are using virtual distribution points with a cloud management gateway (CMG) in lieu of hardware. While this does help to eliminate hard costs like storage, rack space, power and cooling, there is a risk of excess data egress costs from your cloud provider.

Public clouds charge based on outbound data transfer. For smaller organizations, the cost is minimal. But enterprises that use terabytes of data to send regular software updates to thousands of employees pay substantially more.

Use a Hybrid Approach to Accelerate SCCM Deliveries Instead

One way to reduce distribution points – and the costs associated with them – is to invest in a software-defined solution like Kollective for Software Delivery instead.

Kollective’s enterprise content delivery network (ECDN) leverages Microsoft Azure to provide a secure cloud-native architecture and unique peering technology to deliver software more efficiently and at scale through an integration with your SCCM. The unique solution allows you to offload delivery from the wide area network (WAN), saving 95% of the bandwidth typically consumed by software delivery.

It can even help with remote workers. VPN saturation is a common occurrence for organizations with a large number of employees working from home. Deploying frequent bandwidth-heavy software updates can result in dropped connections, poor user experience and slowed internet – they also put business critical applications at risk.

See How Much You Can Save by Minimizing Distribution Points

Kollective for Software Delivery needs only one distribution point to scale software deployments. If you currently have 50 hardware-based distribution points and 10,000 employees, Kollective can save you nearly $2 million over a five year period.

Want to see how much you can save? Use our TCO calculator to find out.

The post The Hidden Costs of Distribution Point Management appeared first on Kollective Technology .

To view our Partner blog, click here

SCCM vs Intune: Choose the Right Tool for the Task

CMMA Blog

Delivering software updates can be a challenge, especially when you don’t know which tool is best for the job. This is often the case when Desktop Managers have to choose between Systems Center Configuration Manager (SCCM or ConfigMgr) and Intune. Although the two might seem similar, they are very different, and so are the purposes they serve.

Think of them like you would a rubber mallet and a ball-peen hammer. SCCM, the rubber mallet, can – and should – be used for big jobs, like deploying Windows 10 on bare metal machines. Intune, our ball-peen hammer, is more useful in scenarios that require finesse, like managing updates to mobile devices and applications.

Let’s dive in to see what makes them each unique, and then discuss how to use and optimize them for even greater performance.

What is SCCM?

SCCM is now a part of Microsoft Endpoint Manager (MEM) and is used to securely deploy applications, software updates, and operating systems on desktop devices.

SCCM Pros

  • Long history: More than 250,000 companies use SCCM to manage over 50 million endpoints
  • Excellent for delivering large “payloads” or large files
  • Great for complex files and packaging
  • Strong in Operating System Deployments (OSD); supports the full lifecycle of getting a machine up and running on the network, from bare metal machines to ongoing delivery analytics
  • Supports all types of software – Windows, iOS and custom line-of-business applications
  • Allows for management of content at all endpoints and servers
  • Excellent for large enterprises with complex global networks and needs
  • Flat licensing fee with unlimited usage

SCCM Cons

  • Powerful software delivery tool but requires a commitment to learn the tool and dedicated staff to use it to its full potential
  • Typical setup is on-premises and makes it difficult to update software in bandwidth-constrained offices without integrating with a Cloud Management Gateway (CMG)
  • Complex toolset which can be intimidating for new admin
  • Detailed reporting but can be a challenge to find what you need
  • Requires defining network typology and boundaries, which increases the work to maintain the network and staging of content

What is Intune?

Intune is SCCM’s mobile device and application management counterpart. Unlike SCCM it is cloud native and is used to deliver software updates to mobile devices. It is part of Microsoft’s Enterprise Mobility + Security (EMS) suite .

Intune Pros

  • Cloud native
  • Strong in mobile device management (MDM)
  • Good at light-weight, smaller applications on mobile devices or mobile OS.
  • Auto provisioning of systems – with Microsoft Intune and Autopilot, you can give new devices to your end users without the need to build, maintain, and apply custom operating system images to the devices.
  • When you use Intune to manage Autopilot devices, you can manage policies, profiles, apps after end users are enrolled

Intune Cons

  • Narrow focus on mobile devices; not a full systems-management platform
  • Doesn’t support server-side applications
  • Not intended for large applications
  • Doesn’t have the feature-set to handle complex package deployments
  • Incurs egress or monthly usage fees based on the volume of data transmitted – software deployment is often a reactive activity based on the software provider updates; usage fees add up and get more expensive over time
  • Challenges in planning – difficult to predict the number or size of software updates that will occur over time, especially in an environment where most applications are going cloud native with a higher frequency of updates

What Do I Do with This Information?

Software delivery with SCCM and Intune

Knowing the pros and cons of SCCM and Intune is great, but it doesn’t provide practical advice for how to use each effectively – or strategically – when delivering software updates. Here’s our advice, plus additional insights on how to securely speed up deployments.

Leverage Co-management – Use the Right Tool for the Job

Microsoft continues to state that Intune and SCCM will both co-exist in the future under the Endpoint Manager product family. With that in mind, it’s important to implement a co-management strategy that uses both solutions and applies them based on use case – i.e. SCCM for desktop deliveries and Intune for mobile device management.

Enable Window’s Autopilot in Conjunction with Intune

According to Microsoft, you can use Intune and Autopilot to “give new devices to your end users without the need to build, maintain, and apply custom operating system images to the devices.” This is big news as Autopilot can help with Windows 10 provisioning on mobile devices. But remember, it only works with existing OEM images, not delivery of corporate gold images.

Reduce Network Infrastructure with an SD WAN

Maintaining hardware distribution points is costly, especially when taking into consideration hardware, bandwidth and maintenance. Distributing software updates via an SD WAN instead can greatly reduce your internal infrastructure footprint and associated costs. An SD WAN also gives you greater flexibility and scale to better service a modern work environment.

Connect a Cloud Management gateway (CMG)

For those who manage all of their organization’s remote internet-based devices, it is important to set up SCCM with a CMG to deliver software more efficiently. An Azure-based CMG makes it so you don’t have to expose your on-premise infrastructure to the internet, greatly reducing network strain in remote offices with limited bandwidth.

Be Smart About How You Use Your Network

Leverage the Azure cloud for long hops across your network, but don’t do this for every delivery because it can get very expensive due to egress or usage fees. Instead, opt to use peering technology, like Kollective for Software Delivery , within regional locations to complete updates over the LAN more efficiently. This also provides significantly faster software deployments because updates occur organically and in parallel versus in a typical serial manner.

Learn How Kollective Can Accelerate Software Delivery

Kollective for Software Delivery

Whether you need to accelerate software delivery, minimize bandwidth usage or reduce the total cost of ownership (TCO) for software, Kollective can help. Our solution leverages a secure cloud-native architecture and peering technology to more efficiently deliver software at scale via SCCM – Intune integration coming soon.

  • 70% faster deployments
  • 25% less time spent on desktop management
  • Up to 99% of bandwidth saved
  • Up-to-date patch compliance
  • 100% confidence

To learn more about Kollective for Software Delivery, read the solution brief.

The post SCCM vs Intune: Choose the Right Tool for the Task appeared first on Kollective Technology .

To view our Partner blog, click here

Transform How You Deliver Software With Kollective For ConfigMgr

CMMA Blog

A little over a year ago, deep down in the Kollective labs, we set off on a journey. A journey to add additional use cases to our world leading, cloud based, network optimised peering solution for enterprises. Another massive event happened around the same time – my first son was born. Watching him grown and develop, from crawling to walking bears some synergies to the development of our ConfigMgr solution. Initially, we set off to develop our integration into ConfigMgr with basic functionality; we started our journey crawling. Today, we are releasing our most mature product: Kollective for ConfigMgr – #K4CM which is truly an enterprise-ready solution. It’s been a real labour of love.

Get Current & Stay Current

Kollective has been delivering world-class leading-edge video distribution within the Enterprise space for almost 18 years, and now we have leveraged that very same technology to solve the rising and present challenge of delivering content via our direct integration into #MSFT #ConfigMgr. So why? Well… the demand on Enterprises to get current and stay current is more relevant today than it has ever been. Due to the multitude of threats facing organisations, the need to remain up-to-date is critical, and often the most challenging areas to maintain are those situated at the edge of your network infrastructure in those remote and often poorly connected sites. Secondly, the introduction of the as-a-service model has changed the approach that organisations must take for maintaining their software environment. The most obvious of these is the current adoption of Win10 and with it the need to maintain the cadence of the ongoing servicing model.

A Solution Based on Market Needs

Kollective has taken an intelligent approach to solving this challenge by building a solution based upon real life deployment experience and the challenges it presents. By putting our solutions into the hands of our trusted customers we have been able to gain a true measurement of our performance and most importantly build a solution around what the market needs, not just what we think it needs. We’ve achieved this by listening to our customers through the business vertical, so that we integrate a solution which produces productivity gains for all the players.

  • For system administrators, we enable them to deploy content at a scale which cannot be matched with today’s current ConfigMgr infrastructure. Kollective for ConfigMgr reduces the load and bandwidth on the WAN infrastructure which is often strained during these huge deployment events.
  • For infrastructure managers and architects, we simplify your existing environment by reducing your on-premise server environment, and promote a cloud-first adoption strategy, enabling you to service and meet the needs of a modern mobile workforce.
  • For CIO’s and those with budgetary and commercial responsibilities, the simplification and productivity gains aren’t just intangible benefits. The shift from distribution points to a cloud-based solution can equate to significant real-world cost savings and productivity gains.

Most importantly, Kollective for ConfigMgr delivers a world class user experience to your workforce, reducing frustration and support calls, whilst delivering software content on an ‘on-demand’ basis to where it needs to be, when it needs to be there.

Simple Deployment & Adoption

I sure some of you readers have experienced the perpetual never ending software delivery project. By the time a hardware solution is deployed, using traditional hardware solutions, it’s already time to update the outdated hardware and therefore the project seems to enter a never-ending loop.

Kollective’s intelligent peering solution is linked to our cloud infrastructure, resulting in the most streamlined deployment and adoption. We are 100% software, so there is no complex hardware to procure and implement, and we can be simply installed onto any system within an organisation (often within days) reducing costly and time-consuming project lifecycles. Enterprises with K4CM can begin to benefit from our optimisations almost immediately.

The Next Destination

Just as the development of my son will continue to move onto the next stage of his journey, the same is also true for our #K4CM. We are planning some great additions and features in the coming months, so watch this space. If you feel that this might be a juncture that you’ve arrived at or are fast approaching, and you need to evaluate and understand what the impact will be for meeting the demands for frequent ongoing software deployments to stay current in a distributed or remote network environment, then look to us. With a simple, easy to implement and scalable solution, Kollective for ConfigMgr addresses the demands of today’s often overly congested networks and offers a strategic solution for future proofing all of your deployment needs going forwards.

THE DEATH OF WINDOWS 7 REPROT

How today’s enterprises are preparing for tomorrow’s security disaster.

LEARN MORE

SIX MONTHS UNTIL THE END OF WINDOWS 7 SUPPORT

Don’t let Windows become your next big security risk

Microsoft will end included support for Windows 7 on January 14, 2020, yet almost one-fifth (18%) of large enterprises still haven’t completed their migration to Windows 10. Learn what options IT teams have to prepare for the end of Windows 7 and to manage the regular cadence of Windows as a Service updates.

THE CLOCK IS TICKING

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

Download The White Paper

Related Blog Posts

The post Transform How You Deliver Software With Kollective For ConfigMgr appeared first on Kollective Technology .

To view our Partner blog, click here