facebookpixel

What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics

Best Practices

By now, almost everyone has heard of the disastrous SolarWinds hack . To re-cap, in March 2020, hackers stealthily installed malwareinto SolarWinds Orion, a network-monitoring software used for IT infrastructure management. This allowed the hackers to gain access to highly sensitive data via a covertly inserted backdoor. The attack went undetected for months and was first publicly reported in December 2020 after being spotted by cybersecurity firm FireEye. Over a period of eight months, at least 24 organizations installed the SolarWinds software laced with malicious code, including various federal, state and local governments and private sector companies

When Microsoft found out they were among those compromised in the hack, they made quick work to remove the digital certificates that the Trojaned files used, announced that it was updating Microsoft Windows Defender, moved to a sinkhole domain and changed Windows Defender’s default action for Solorigate from “Alert” to “Quarantine.” Microsoft’s quick actions lead to neutralizing and killing the malware while gaining control over the malware’s infrastructure from the attackers. 

The SolarWinds hack highlights the devastating impact of software supply chain attacks and underscores the fact that most organizations are unprepared to prevent and detect such threats. When a security breach happens, speed is a critical factor in remediation, but you also need granular insights into software delivery to understand overall system health. 

Best Practices to Avoid and Respond to a Cyber Security Attack 

According to a Cisco report , “Major incidents and losses can be avoided by proactively refreshing the technology used and by learning from prior incidents, through prompt disaster recovery, sufficient security tech, timely incident response and accurate threat detection.”  

You can help defend your company from a cyber-attack by conducting risk assessments, mitigating against risks that cannot be removed, preparing and implementing a breach response plan and implementing cyber security best practices. In addition to scanning your systems on a continuous basis, Gurpreet Dhillon, Ph.D of Virginia Commonwealth University , recommends organizations to 

  1. Install sensors or mechanisms to collect potential hazards  
  2. Conduct automatic searches at regular intervals for potential flaws  
  3. Collect results from different divisions and/or stakeholder groups  
  4. Triage and analyze results on an ongoing basis  
  5. Fix the most critical issues first and develop a priority list  
  6. Report progress and continuously improve  

If your organization falls victim to a cyber-attack despite all of the security measures you’ve taken to prevent it, after you discover the breach: 

  1. Survey: Identify the attacker and find out where the attacker entered 
  2. Limit: Filter traffic and isolate system  
  3. Record: Find effects and identify disruptions  
  4. Engage: Connect with District Attorney and engage with FBI Infragard 
  5. Notify: Notify affected persons and seek legal counsel 
  6. Learn: Document learning points and proactively ensure learning moving forward 

Even when taking the upmost security measures, a data breach can happen to any organization. Reduce your risk of a cyber-attack by implementing and following your organization’s best practices, and if a breach does occur, follow your security response plan.  

Managing Network Health via Security Analytics 

Security reporting leverages a combination of software, algorithms and analytics processes to detect potential threats to IT systems, not just sniff out hacks as they occur.    

“Many organizations do not use security analytics to its full capabilities; often the analysis is relegated simply to identifying network attacks. However, this is only one subset of the types of security analytics that should be deployed. Security analytics provides insights into how well security programs are working. It can also help identify problem areas and can warn of imminent or active attacks” says privacy and security expert Rebecca Herold . 

Ian McClarty, President ofPhoenixNAP Global IT Services , elaborates, Analytics are key to security.As the complexity of IT networks has grown, the inventiveness and sophistication of cyber security threats and attacks has grown just as quickly.” 

Endpoint analytics can also give clues to security breakdowns and help identify policies or hardware issues that may be slowing down devices, so you can proactively make changes without disrupting end users 

Paired together, security reporting and endpoint analytics can help an IT department understand the data flowing in to and out of its network, detect potential threats and monitor user experience and hardware. The safety of an organization’s data and IT systems increasingly depends on having an effective, real-time monitoring security and endpoint analytics solution. 

Kollective for Software Delivery Accelerates Patching & Provides Insight into System Health with Intelligent Analytics Reporting 

According to IBM Cost of a Data Breach Report 2020 , the average cost of a corporate data breach is $3,860,000. Extensive cloud migrations are the number one cause of data breach, with 24% occurring at the end point, 19% due to a system misconfiguration and 16% because of a vulnerability in third-party software. To help avoid a costly breach, increase your endpoint security by reducing network risk with Kollective for Software Delivery .  

Kollective helps minimize the risk of data breach by ensuring 100% delivery of software updates and security patches when distributing content via Microsoft System Center Configuration Manager (SCCM). By leveraging the scale and flexibility of the cloud, Kollective optimizes software updates and patch delivery to minimize downloads and vulnerabilities with faster and more reliable patch distribution. 

Kollective’s solution delivers: 

  • 70% faster software deployment 
  • No impact to network bandwidth 
  • Analytics that provide a full view of your network 

Want to make your SCCM more powerful? Kollective IQ is an advanced analytics platform that gives you deeper insight into all your endpoints. It allows you to easily create dashboards and reports, providing the metrics your organization needs to better understand network performance and verify the success of deliveries.  

With Kollective for Software Delivery you can achieve greater than 95% peering efficiency, and significantly reduce your Wide Area Network (WAN) bandwidth utilization. This means faster and more reliable delivery of ConfigMgr content to the edge of your network. Kollective IQ provides the analytics you need to ensure your network environment is secure and fully optimized.  

To learn more about Kollective for Software Delivery, request to speak with an expert today. 

The post What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics appeared first on Kollective Technology .

To view our Partner blog, click here

The Hidden Costs of Distribution Point Management

CMMA Blog

Microsoft Endpoint Manager (MEM) – in particular Microsoft Systems Center Configuration Manager (SCCM) – is the gold standard of software distribution platforms, but that doesn’t mean it’s perfect. There are two main issues at play:

  1. From Gartner’s Magic Quadrant for Unified Endpoint Management : “Clients’ most common concern is that using MEM is not easy. Reasons include the overhead required to architect, build and maintain Configuration Manager and integration between on-premises Active Directory (AD) and Azure AD. Managing some policies (like Windows Hello) requires use of multiple consoles.”
  2. Another big challenge associated with delivering software via ConfigMgr is that, with the rise of Windows as a Service (WaaS) for Windows 10 updates, application and image deployments have become so frequent and bandwidth heavy that they can easily disrupt your network.

While Windows does offer several free cache solutions to help fix the bandwidth issue, none standalone in their ability to efficiently deliver software at scale, nor are they easy to use. (Think: continuous management of network boundaries.) For years, the only option IT and network teams had to address this issue effectively was to purchase hardware distribution points and deploy them in strategic office locations. Unfortunately, this often introduced as many problems as it intended to fix – increasing the infrastructure footprint, for example – and became even more expensive as a result.

What’s Under the Iceberg?

Distribution points account for 80% of hidden costs of software TCOA lot of organizations look at distribution points as a one-time purchase without considering the ongoing operational costs associated with software delivery. Like an iceberg however, the total cost of ownership (TCO) for hardware distribution points extends far beyond the surface.

Here’s a look at some of the hidden costs:

  • Storage​
  • Rack space​
  • Power and cooling​
  • O/S license​
  • Server maintenance​
  • Network connectivity​
  • Support – headquarters and regional
  • Off-hours monitoring​
  • Packaging and throttling​
  • Time-consuming deployment processes

Altogether, the hidden costs of distribution points account for up to 80% of TCO.

What About Virtual Distribution Points?

Many of you may have already transitioned to a more digitized approach to software delivery and are using virtual distribution points with a cloud management gateway (CMG) in lieu of hardware. While this does help to eliminate hard costs like storage, rack space, power and cooling, there is a risk of excess data egress costs from your cloud provider.

Public clouds charge based on outbound data transfer. For smaller organizations, the cost is minimal. But enterprises that use terabytes of data to send regular software updates to thousands of employees pay substantially more.

Use a Hybrid Approach to Accelerate SCCM Deliveries Instead

One way to reduce distribution points – and the costs associated with them – is to invest in a software-defined solution like Kollective for Software Delivery instead.

Kollective’s enterprise content delivery network (ECDN) leverages Microsoft Azure to provide a secure cloud-native architecture and unique peering technology to deliver software more efficiently and at scale through an integration with your SCCM. The unique solution allows you to offload delivery from the wide area network (WAN), saving 95% of the bandwidth typically consumed by software delivery.

It can even help with remote workers. VPN saturation is a common occurrence for organizations with a large number of employees working from home. Deploying frequent bandwidth-heavy software updates can result in dropped connections, poor user experience and slowed internet – they also put business critical applications at risk.

See How Much You Can Save by Minimizing Distribution Points

Kollective for Software Delivery needs only one distribution point to scale software deployments. If you currently have 50 hardware-based distribution points and 10,000 employees, Kollective can save you nearly $2 million over a five year period.

Want to see how much you can save? Use our TCO calculator to find out.

The post The Hidden Costs of Distribution Point Management appeared first on Kollective Technology .

To view our Partner blog, click here

SCCM vs Intune: Choose the Right Tool for the Task

CMMA Blog

Delivering software updates can be a challenge, especially when you don’t know which tool is best for the job. This is often the case when Desktop Managers have to choose between Systems Center Configuration Manager (SCCM or ConfigMgr) and Intune. Although the two might seem similar, they are very different, and so are the purposes they serve.

Think of them like you would a rubber mallet and a ball-peen hammer. SCCM, the rubber mallet, can – and should – be used for big jobs, like deploying Windows 10 on bare metal machines. Intune, our ball-peen hammer, is more useful in scenarios that require finesse, like managing updates to mobile devices and applications.

Let’s dive in to see what makes them each unique, and then discuss how to use and optimize them for even greater performance.

What is SCCM?

SCCM is now a part of Microsoft Endpoint Manager (MEM) and is used to securely deploy applications, software updates, and operating systems on desktop devices.

SCCM Pros

  • Long history: More than 250,000 companies use SCCM to manage over 50 million endpoints
  • Excellent for delivering large “payloads” or large files
  • Great for complex files and packaging
  • Strong in Operating System Deployments (OSD); supports the full lifecycle of getting a machine up and running on the network, from bare metal machines to ongoing delivery analytics
  • Supports all types of software – Windows, iOS and custom line-of-business applications
  • Allows for management of content at all endpoints and servers
  • Excellent for large enterprises with complex global networks and needs
  • Flat licensing fee with unlimited usage

SCCM Cons

  • Powerful software delivery tool but requires a commitment to learn the tool and dedicated staff to use it to its full potential
  • Typical setup is on-premises and makes it difficult to update software in bandwidth-constrained offices without integrating with a Cloud Management Gateway (CMG)
  • Complex toolset which can be intimidating for new admin
  • Detailed reporting but can be a challenge to find what you need
  • Requires defining network typology and boundaries, which increases the work to maintain the network and staging of content

What is Intune?

Intune is SCCM’s mobile device and application management counterpart. Unlike SCCM it is cloud native and is used to deliver software updates to mobile devices. It is part of Microsoft’s Enterprise Mobility + Security (EMS) suite .

Intune Pros

  • Cloud native
  • Strong in mobile device management (MDM)
  • Good at light-weight, smaller applications on mobile devices or mobile OS.
  • Auto provisioning of systems – with Microsoft Intune and Autopilot, you can give new devices to your end users without the need to build, maintain, and apply custom operating system images to the devices.
  • When you use Intune to manage Autopilot devices, you can manage policies, profiles, apps after end users are enrolled

Intune Cons

  • Narrow focus on mobile devices; not a full systems-management platform
  • Doesn’t support server-side applications
  • Not intended for large applications
  • Doesn’t have the feature-set to handle complex package deployments
  • Incurs egress or monthly usage fees based on the volume of data transmitted – software deployment is often a reactive activity based on the software provider updates; usage fees add up and get more expensive over time
  • Challenges in planning – difficult to predict the number or size of software updates that will occur over time, especially in an environment where most applications are going cloud native with a higher frequency of updates

What Do I Do with This Information?

Software delivery with SCCM and Intune

Knowing the pros and cons of SCCM and Intune is great, but it doesn’t provide practical advice for how to use each effectively – or strategically – when delivering software updates. Here’s our advice, plus additional insights on how to securely speed up deployments.

Leverage Co-management – Use the Right Tool for the Job

Microsoft continues to state that Intune and SCCM will both co-exist in the future under the Endpoint Manager product family. With that in mind, it’s important to implement a co-management strategy that uses both solutions and applies them based on use case – i.e. SCCM for desktop deliveries and Intune for mobile device management.

Enable Window’s Autopilot in Conjunction with Intune

According to Microsoft, you can use Intune and Autopilot to “give new devices to your end users without the need to build, maintain, and apply custom operating system images to the devices.” This is big news as Autopilot can help with Windows 10 provisioning on mobile devices. But remember, it only works with existing OEM images, not delivery of corporate gold images.

Reduce Network Infrastructure with an SD WAN

Maintaining hardware distribution points is costly, especially when taking into consideration hardware, bandwidth and maintenance. Distributing software updates via an SD WAN instead can greatly reduce your internal infrastructure footprint and associated costs. An SD WAN also gives you greater flexibility and scale to better service a modern work environment.

Connect a Cloud Management gateway (CMG)

For those who manage all of their organization’s remote internet-based devices, it is important to set up SCCM with a CMG to deliver software more efficiently. An Azure-based CMG makes it so you don’t have to expose your on-premise infrastructure to the internet, greatly reducing network strain in remote offices with limited bandwidth.

Be Smart About How You Use Your Network

Leverage the Azure cloud for long hops across your network, but don’t do this for every delivery because it can get very expensive due to egress or usage fees. Instead, opt to use peering technology, like Kollective for Software Delivery , within regional locations to complete updates over the LAN more efficiently. This also provides significantly faster software deployments because updates occur organically and in parallel versus in a typical serial manner.

Learn How Kollective Can Accelerate Software Delivery

Kollective for Software Delivery

Whether you need to accelerate software delivery, minimize bandwidth usage or reduce the total cost of ownership (TCO) for software, Kollective can help. Our solution leverages a secure cloud-native architecture and peering technology to more efficiently deliver software at scale via SCCM – Intune integration coming soon.

  • 70% faster deployments
  • 25% less time spent on desktop management
  • Up to 99% of bandwidth saved
  • Up-to-date patch compliance
  • 100% confidence

To learn more about Kollective for Software Delivery, read the solution brief.

The post SCCM vs Intune: Choose the Right Tool for the Task appeared first on Kollective Technology .

To view our Partner blog, click here

End of Life for Windows 7 – The 7 Stages of Grief

CMMA Blog

Mourners around the globe are gathering to pay their respects to Microsoft’s most successful operating system, Windows 7, as it was laid to rest this month.

Grief Stage #1 – Denial

As with many losses, there are certainly a large number of people and businesses who choose to remain in the first stage of grief – denial. In this particular case, denial is not a river in Egypt or a good place to be. Those businesses who don’t address this loss and begin their migration to Windows 10 soon, leave themselves vulnerable to hackers, ransomware and cyber-attacks. Any one of those things could bring down a large, global company or at the very least cause major financial losses, loss of crucial company information and deeply damage a company’s reputation both internally and externally. I am confident that if you surveyed 400 million IT professionals, none of them would respond that they want any of that to happen to their company.

Grief Stage #2 – Pain &Guilt

The loss of included Windows 7 updates and security patches is hard to swallow and the idea of updating all dispersed endpoints within your enterprise to Windows 10 is painful. With this pain, you may have feelings of guilt for not acting sooner or preparing for this loss. However, the sooner you act, the sooner you will be able to move forward to the next phase. Start your migration as soon as you can!

Grief Stage #3 – Frustration, Anger & Bargaining

In the case of losing our faithful OS of ten years, frustration, anger and bargaining is a natural stage in the grieving process. Having to migrate your entire company to a new operating system is a huge undertaking. This frustration and fear of the unknown can lead to anger and bargaining. Some IT professionals will cope by questioning and proposing alternatives to this reality that Windows 7 is dead. Is there any painless way around this? Why can’t they just stick with Windows 7? Why can’t we just avoid/delay the update? What’s the worst that can happen?

Grief Stage #4 – Depression & Loneliness

Once you realize that your executives and board don’t want to find out what the worst thing that can happen, Stage 3 quickly evolves into depression and loneliness. Hackers, ransomware and cyber-attacks are absolutely worth avoiding. But how can you accomplish this massive move to a new operating system singlehandedly? It may feel hopeless and you may feel alone in trying to solve this feat. But I would bet, if your company suffers financial or other critical losses that are directly related to not migrating sooner, your depression and loneliness will mutate into something much more intense.

Grief Stage #5 – The Upward Turn

Life becomes a bit calmer and more organized once you realize there are options to help you deal with this change. Your symptoms of depression can start to lift when you realize ‘Yes, I can solve this.’

Grief Stage #6 – Reconstruction & Working Through

This is the stage where you realize you must get on with life and find an operating system that is supported and secure. You had a good run with Windows 7, but it’s time to move on. In this reconstructing stage, understanding what solutions are out there and evaluating them will serve you well.

Grief Stage #7 – Acceptance & Hope

Once you have moved on, you are ready to deal with the reality of the situation. Windows 7 is dead and is not coming back. If you are one of the 53% of companies still on W7 , you need to get your endpoints on Windows 10, as soon as possible. With a hopeful mindset, you are able to clearly evaluate your options: Do you want to take the risk and ignore these warnings by staying on Windows 7 with no support? Do you want to pay for Microsoft extended support for Windows 7? That seems like a lot of money and doesn’t help your organization transform into a modern workplace. Or, do you want to migrate to Windows 10?

Moving On to Windows 10

Whether you are in stage 1 or stage 7 of your grieving, we recommend fining your migration quickly and cost-effectively. You don’t need to invest in new hardware or infrastructure if you choose to solve it with software.

Using a Software-Defined Enterprise Content Delivery Network (SD ECDN), businesses can exponentially decrease the bandwidth load on their network, without replacing or updating their hardware infrastructure – all within a matter of days. So, wipe away your tears, stop delaying the inevitable and begin the move. With Kollective for ConfigMgr , your business can maximize the speed of software distribution, streamline your Windows 10 migration and future proof against ever-increasing system updates.

Solving it with software will get you there faster and more easily than any other option and before you know it, all the pain and anger and sadness and fear surrounding the move to a new operating system will be behind you.

The post End of Life for Windows 7 – The 7 Stages of Grief appeared first on Kollective Technology .

To view our Partner blog, click here