Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

In case you didn’t hear, another big vulnerability was reported by Microsoft on May 14, 2019 known as “BlueKeep” which takes advantage vulnerabilities of Remote Desktop Services (RDS), Remote Code Execution (RCE), and Remote Desktop Protocol (RDP).  However, BlueKeep only affects older version of Windows, so users of Windows 10 and 8 can rest easy.  The severity of the vulnerability though has forced the hand of Microsoft and they have actually made and released a security patch for its unsupported versions.  They have classified this vulnerability as a critical level threat.

This is why as of June 4, 2019, Microsoft once again urged its customers to apply the patch as soon as possible as more than 1 million devices are still vulnerable to the attack.  This is to avoid another widescale malware attacks like those of the WannaCry ransomware attack back in 2017.  Many companies were affected by the attack and caused many business operations to stop, more notably hospital operations.

What can you do to avoid being affected?

Microsoft has already provided the solution to BlueKeep, make sure you download the latest security patch for your corresponding OS (you can find the patches here).  You may need to reboot your servers to ensure the patch is running properly.

For those who are Trend Micro users, specifically those who use Deep Security, if you are unable to apply the patch due to other reasons, such as being unable to reboot your servers, please make sure that you apply the correct policy for the virtual patching of Deep Security to ensure the security of your servers.  Below is the Deep Packet Inspection (DPI) rule:

  • 1009749 – Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

You can view the official Trend Micro article on it here.

For those who are looking into a longer-term solution, you can consider solutions such as Citrix Gateway and Virtual Apps to secure your remote connections to Windows servers.

To learn more about these solutions, you can contact us at 893-9515 and we will help introduce you to different options that you have to help prevent these kinds of vulnerabilities!

Cloud Backup vs. BCDR: The Difference Between the Two

Cloud Backup vs. BCDR: The Difference Between the Two

When discussing whether business’ have a business continuity and disaster recovery (BCDR) in place, many would say that they have some in place but really only have Cloud Backup in place.  So, what is the difference between the two?  Cloud backup, simply put, is backing up your data to a remote cloud-based server which is accessible to many different and connected resources.

While BCDR is focused more on ensuring that your business will be able to continue after a disaster, whether it be natural or due to human error.  Business continuity focuses more on the continued activity or how fast your business can go back into operation after a disaster, while disaster recovery refers to the set of policies which are put in place to protect your business’ technology infrastructure.

You can separate backup, disaster recovery, and business continuity by the time it takes to restore and/or recover your data and get back to work.  BCDR plans can help you speed up recovery time from days and weeks to simply just minutes or hours.   Below are three main reasons why businesses should have a proper BCDR plan in place:

To prevent downtime and loss of revenue

Businesses usually can’t afford downtime as it can significantly affect profits, with a BCDR plan, you can minimize the downtime and loss of revenue you would incur.

To prevent data loss

A BCDR plan in place can help you prevent the loss of data to ensure that your business can still operate, a study once found the 87% of businesses that lost access to their data for more than a week would eventually close down a year later.

To protect the business reputation

With how consumers expect most business to accommodate them 24/7, it can damage the business reputation once long periods of downtime is experienced by consumers.  With a BCDR plan in place, you can help prevent these types of reputation losses from happening.


To learn more about BCDR solutions, you can refer to our product page here, or you can contact us directly at 893-9515 and we will be happy to help you!

A Closer look at Processor Vulnerabilities

A Closer look at Processor Vulnerabilities

The past few years has been rough on processor security, this especially for Intel as one of the biggest processor vulnerabilities Meltdown and Spectre was for nearly all their modern CPUs.  Although patches came out almost immediately to solve these issues, this was just the start to the security vulnerabilities as other attacks such as MDS (Microarchitectural Data Sampling) have been popping up.  So why are these vulnerabilities and security flaws only now coming to light?  These issues actually are quite complex and would need a further understanding of the advances of CPU technology such as the following below:

  • L1/L2/L3 caches
  • Speculative execution
  • Pipelines and buffers
  • Hyper-Threading

If you are unfamiliar with the above technologies, they basically function as ways to help improve the speed of the CPU.  In theory, without these components, we could have a much more secure processor at the cost of performance.  Vendors are caught in a predicament of wanting to increase performance but also have to consider the security implications of newer technology.  This shows in the patches for recent vulnerability fixes which brought performance down of the CPU by 5-30%.  The latter number can be alarming but does not usually affect home users as the 30% is more frequent for servers.

Although vendors are still working on improving their security to prevent future vulnerabilities from happening, there are still ways to make sure that your data is protected like adding an additional layer of security.  With the help of 3rd party security vendors such as Trend Micro can help with products such as Deep Security through virtual patching.

To get a more in depth understanding of the processor vulnerabilities, you can refer to this article here.  To learn more about Trend Miro Deep Security, you can visit our page here or contact us directly at 893-9515 and we will be more than happy to answer your inquiries!

Keep your Data Safe Anywhere with Microsoft Azure Information Protection

Keep your Data Safe Anywhere with Microsoft Azure Information Protection

With the convenience of the internet and the evolving application market, company data is moving through different channels at a faster rate than possible before.  This makes it easier for businesses to better serve the clients while also improving their operations.  However, this also means that your data may be out there unprotected and used by people who should not have that data in the first place.

In 2016, the Identity Theft Resource Center (ITRC) recorded that about 1,093 US agencies and companies suffered from data breach instances, this is a 40% increase over 2015.  As information is a company’s critical asset, we should take the necessary steps in making sure that it is well protected from breaches.

With how freely we access and share data, the chances of incurring a leak of sensitive data such as intellectual property or customer data is not that farfetched.  So how do we prevent this from happening?  One way is to create a classification of protection levels that are easily identifiable through labels such as Personal, Public, General, Confidential, and Highly Confidential.

This is where Microsoft Azure Information Protection (AIP) can help you.  AIP is a cloud-based solution which provides a continuous classification and protection of your corporate data wherever it may be.  It provides this with its end-to-end protection and control for sensitive data which include data classification and labeling, data protection, data usage monitoring, and responding to malicious data usage activities.

Protect sensitive information anytime, anywhere

With AIP, you will be able to classify and label your corporate data for protection for its whole lifecycle.  Also, since it is a cloud-based solution, it provides you the flexibility to integrate and protect with your Microsoft cloud services and applications such as Microsoft Office 365, SharePoint Online, Exchange Online, and OneDrive for Business.  Below are a few of the features that you can expect to see with AIP:

  • Simplified and intuitive controls that help you make the right decisions and stay productive. Data classification and protection controls are integrated into Microsoft Office and common applications. One-click options make it easy to classify data.
  • Persistent protection that follows sensitive data to ensure it’s always protected—regardless of where it’s stored or with whom it’s shared.
  • More visibility and control over shared data through tracking of shared data usage with powerful logging and reporting that allows you to monitor and analyze this data. Access to data can be revoked if required.
  • Safer sharing with customers and partners through definitions of who can access data and what they can do with it based on a use rights policy. For example, some users might be able to view and edit certain files but not print or forward them.
  • Deployment and management flexibility to protect data whether it’s stored in the cloud or on-premises. You can choose how encryption keys are managed, including Bring Your Own Key (BYOK) options.

 


To learn more, you may contact us at 893-9515 and we will be more than happy to help you with your inquiries!

Citrix Connect: A Closer look into Citrix SD-WAN for your Business Critical Application

Citrix Connect: A Closer look into Citrix SD-WAN for your Business Critical Application

Looking to improve and secure connectivity and app performance for every location?

It’s time to stop the slowdowns. For today’s modern businesses, the classic hub-and-spoke WAN doesn’t make sense when your branch locations are relying on SaaS and cloud apps.

Join us in our upcoming event, Citrix Connect, as we learn first hand from our Citrix experts from Singapore on how you can improve your app performance while bringing down your overall expenses! 

The event will be on May 22, 2019 from 10AM to 2PM at the Discovery Primea Makati, Shakespeare function room.

Get a chance as well to win raffle prizes at the event! 

You may contact us at 893-9515 loc 102 to lean more on how you and your company can register for this workshop!

Data Protection: Looking Closer at Cloud Storage

Data Protection: Looking Closer at Cloud Storage

The way we store data is evolving, from the days of punch cards, magnetic tape, discs, solid state, and flash we have now arrived to having what is called cloud storage.  A research from IDC shows that IT Infrastructure sales into the cloud has finally surpassed traditional IT environments for the first time in the third quarter of 2018.

With Cloud Storage being the new trend in the storage sector, it is no wonder that organizations are hopping on the bandwagon.  Cloud storage boasts that it will ensure business continuity and scalability. However, when done in practice, the transition is nuanced due to reasons such as financial restraints and multi-generational IT infrastructures.

We should also still consider that even though there are newer technologies, some forms of the older technology for storage still retain their use cases depending on the industry.  This is why even though cloud is seeing more usage lately, most companies are still between different storage solutions so that they can determine which data should be moved to the cloud and which can stay on premise, a hybrid cloud approach. 

Moving to the Cloud needs to be well thought-out

Although many companies are currently adopting a hybrid cloud approach, Gartner predicts almost 90% of companies will be on a hybrid-cloud infrastructure by 2020, many are still struggling to find the right balance.  Research from backup solutions vendor, Arcserve, found that 64% of respondents believe that it hasn’t gotten easier to safeguard business critical data compared to 5 years ago. This is despite all the technological advancement we’ve had throughout the years; the problem is still the same for them.  This means that finding the right technology is only the first step, you will also need a proper process and team who will help you with the transition to a cloud-based system while not neglecting the on-site system.  This is key if you want to ensure continuity in the current global environment filled with cyber threats and multi-platform integration.

Therefore, it is advisable that you take your time when attempting to move your data to the cloud.  This should be done with the help of those who can help you deliberate which data would benefit from moving to the cloud and staying on premise.  You will need the help of a provider who will make sure that the solutions that you have are considered while also looking into your best interest when it comes to cost you will incur. 

If you are interested in learning more about Data Protection, you may refer to our data solutions page here, or you can also contact us directly at 893-9515 and we will be happy to help you through your journey!

Cisco Umbrella: Camuto Group Case Study

Cisco Umbrella: Camuto Group Case Study

The Challenge

A US footwear and lifestyle brand company, the Camuto Group, has been thriving in their industry due to the unique designs that sets them apart from the competition.  However, the company’s creativity is also one of its IT’s main pain points when it comes to security.  With almost 100 employees working remotely and another 250 roaming laptop users, it makes it difficult for IT to allow the flexibility to access the wide range of edgy sites which many web filtering solutions block incorrectly.

Tom Olejniczak, Camuto Group’s network engineering manager says that they found the traditional approach to securing the web experience (Proxy servers) caused too many problems that needed manual resolution.  Meaning whenever someone could not access a site, someone from IT had to go to that user to help resolve the issue, which was not feasible for them given the multiple remote and roaming users.

They needed to find a network security solution that protected on and off-network devices which didn’t add to their latency that could help them as malware and social media started to cut into the productivity of the users.

The Solution

Tom says that the company has been following Umbrella as their first line of defense since it was still OpenDNS.  However, to test if there were better alternatives, they decided to try two similar products to Umbrella.  The result of the test was that Umbrella outperformed both products whether it was by malware protection and overall user experience.

This was achieved by deploying Umbrella’s virtual appliances.  This gave them the visibility to see if internal networks or Active Directory users were infected or targeted by attacks without the need to touch devices or reauthenticate users.  Users working out of the corporate network are protected via Umbrella’s roaming client which was simple to put in place as adding someone to a group in Microsoft Active Directory.

The Camuto Group saw immediate impact on the security, almost four hundred detections of malware were redirected on a daily basis.  The solution itself also was great for user experience as it is unobtrusive and even helped improve the speed of the internet slightly, about five to ten percent.

The ability to white and black list sites was one of the main concerns of the company that Umbrella helped solve quite easily.  Tom says that they are able to choose safe and HR-acceptable categories for content filtering fast, it would usually take them about 3 minutes make a change.

To learn more about the Cisco, you may check out our product page here or you can contact us directly at 893-9515 for more details!

Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

You may be hearing more and more these days of new security vulnerabilities being discovered in the news and may be wondering what exactly it may imply?  Simply, a vulnerability represents the ideal opportunity for cyber criminals to infiltrate your system to compromise your data or to perform data theft.

According to current data now, we can see that these vulnerabilities will be popping up more often as 2017 had a record-breaking year for reported exploitable vulnerabilities, with almost 20,000 security flaws reported over the year.   For the year 2018, the data is still being tallied however, a report from RiskBased Security has already noted that more than 10,000 vulnerabilities have been reported in which 3,000 potential flaws which enterprises have failed to patch.

To better understand vulnerabilities, our friends from Trend Micro has segregated them into types in which to classify them:

Traditional vulnerability – is a programming error or other type of software issue that hackers can use to sidestep password protection or security measures and gain unauthorized access to legitimate systems. These are the most rampant types of security vulnerabilities.

Zero-days – are brand new software issues that have only just been identified and have not yet been patched by vendors.  As Trend Micro explained, “that’s because the vendor essentially has zero days to fix the issue or has chosen not to fix it.”

Undisclosed vulnerability – these are flaws that have been identified and reported, but are not yet disclosed to public users, giving vendors time to patch the issue.

So, what can you do to help address these vulnerabilities?

To help keep your enterprise safe from these vulnerabilities, Trend Micro suggests that you pay attention to current security research so that you can apply the necessary findings to help keep your business safe.  Another would be to make sure that you keep yourself up to date with updates and patches.  However, with the number of vendors and patches, it can sometimes be too much for your IT to patch immediately due to the volume.  Trend suggests the following patching prioritization scheme to help ease the load of your IT team:

  • The severity of the patched issue. Microsoft and other vendors will rate vulnerabilities according to how critical they are to overall risk. More critical patches should be applied as soon as possible, whereas less critical updates can represent a lower priority.
  • Vulnerabilities impacting your enterprise’s particular key software. Similarly, updates for software systems that are used on a daily basis within the enterprise and provide essential functionality should be prioritized over other updates. A patch for a software that is only intermittently used, or only impacts a small number of users in a single department of the company, for instance, can be put on the back burner.
  • Those currently being exploited. It’s important to prioritize patches for vulnerabilities that hackers are currently using to mount attacks.

To learn more, you may visit the original Trend Micro article here, visit our product page here, or you can also contact us directly at 893-9515 and we will be happy to answer your inquiries!

Hyperconverge Workshop: A Test-Drive Awaits!

Hyperconverge Workshop: A Test-Drive Awaits!

Join us for our upcoming event this coming April 4 at the EDSA Shangri-La Lubang Function Room to learn how you’re IT Infrastructure can become fast, efficient and simple by using HPE Simplivity!

Test drive HPE Simplivity and experience for yourself what the platform has to offer for your organization. That’s not all, join our games such as a drive simulator and win yourself exclusive prizes!

To find out how to register, please contact us at 893-9515!

Our Speaker

Nick Paddon-Row

Pre-Sales Solution Architect, APAC Incubation Hewlett Packard Enterprise

Nick is a senior pre-sales Solution Architect within the Hybrid IT (HIT) business unit of HPE.

Nick came to HPE in May 2017 as part of the acquisition of SimpliVity, a market leader in Hyper Converged Infrastructure (HCI) solutions. Prior to SimpliVity, Nick spent 5 years inside VMWare working with some of the largest virtualization users in the South Pacific region. 

Now Nick is helping HPE customers across the region begin their journey towards a Software Defined Data Centre, his strong technical background and foundational knowledge of virtualization give him a unique insight around hybrid IT and our customers appreciate his ability to align technology to tangible business outcomes. In addition to his extensive technology industry background, Nick holds double degrees in Applied Science.

Microsoft Office Suites: Office 365 or Office 2019?

Microsoft Office Suites: Office 365 or Office 2019?

Are you looking to get Microsoft office for your business but unsure which product you really need between Office 365 or Office 2019?  You aren’t alone, many other users and businesses usually are unsure what the main difference between the two are.  Many consider them the same product and buy Office 2019 since it’s a one-time payment and perpetual license compared to the monthly or annual subscription cost of Office 365.

However, one thing that is not considered is that Office 365 is always updated with the latest version unlike Office 2019 which you would need to update from time to time or even purchase the latest version.  For a better understanding of the main difference, you can refer to the table below for what features are included for both suites:

Below are some videos from Microsoft’s campaign to help show you the benefits of Office 365 over the Office suite:

To learn more about Microsoft and Office 365, you can visit our product page here, or you can directly contact us at 893-9515 and we would be happy to help you!