Spotlight On…

Employee Owner: Warren Swingle

WarrenSwingle

Warren has over 16 years of experience in designing, installing and troubleshooting networks. He has extensive knowledge of data networking, including years of significant experience on voice networks. He has led or played critical technical and project management roles in numerous deployments of Cisco Unified Communications at clients ranging from local businesses to international organizations. His work also includes being the lead network architect in redesigning a secure and stable network for a large financial institution, including a robust business continuity plan. Warren is a Senior Network Consultant.


Warren is a Southern Illinois native and has made Evansville his home since 1998. He and his wife Jennifer have 2 boys, Jack (age 9) and Ethan (age 8). He is a Cub Scout Den leader and helps coach his boys’ baseball and football teams. When he has free time, he enjoys bike riding, fishing, and geocaching with the family.


Contact your Keller Schroeder Sr. Account Manager to learn more about Warren and how you can leverage his experience and skills to the benefit of your organization.


Warren’s Certifications include:
CCNA, Cisco Certified Design Associate (CCDA), Cisco Certified Voice Professional (CCVP), Cisco Wireless LAN Specialist (CWLAN)


Keller Schroeder Security Practice

– Brad Mathis, Sr. Information Security Consultant


Keller Schroeder has a Security Practice? Tell Me More…


Since the launch of our Security Practice in early 2011, Keller Schroeder has been performing ongoing security assessments at organizations throughout the Midwest. Apparently, we’ve been so busy performing security assessments that we may have failed to adequately spread the word of our Security Practice to our entire client base. This came to our attention recently when a long-time client emailed us and asked if we had recommendations for companies that offer security services such as vulnerability assessments and penetration testing. Whoops!!


Based upon the client’s initial email, it was possible they didn’t realize we offered those services. Our immediate response to the client was: (client contact information removed for privacy)

(Client),

I was forwarded your email regarding Security Assessment companies. I wasn’t sure if you were aware of our security practice at Keller Schroeder. We have been quite successful and have kept a rather full calendar in 2011 focused purely on security.

To quickly introduce myself, I was brought in early last year to run with the Keller Schroeder Security Practice. That being said, my sole focus has been providing Security Services consisting of security assessments. These assessments have included internal and external vulnerability assessments, penetration testing, wireless security assessments, compliance and best practice reviews, configuration reviews, and the like. Since Spring of 2011, we performed security assessments at twenty-four (24) different client locations throughout the Midwest; some of these consisting of multiple engagements.

I have attached my Keller Schroeder mini-bio, which highlights my security certifications and career experience.

If you can fill me in on what your specific security assessment needs and requirements are, I will try to help get you pointed in the right direction. Most of what was listed in your email are things we should be able to help with. However, we have an external security partner we could work with as well, should your scope call for it.

As a past security assessment services consumer, I have worked with many of the larger security assessment companies out there. I learned that I often paid a large price, but received little value in return. In building our security practice, I have tried to build a blend of fair cost to the client with a better return on their investment. So far, so good. Satisfaction has been high.

Let me know if you would like to discuss further. If you determine Keller Schroeder’s Security Practice is not the right fit, we can definitely set up a conference call with our external security partner.

Let me know if you have any questions.

Thanks,

Brad Mathis, CISSP, CGEIT, CRISC, GPEN
Senior Consultant, Infrastructure Security
Phone: (812) 492-7377
Fax: (812) 474-6835
bmathis@kellerschroeder.com
www.kellerschroeder.com


As we feared, our assumptions were correct. An excerpt of the client’s response is below:

Thanks for the e-mail. I was not aware Keller offered this service. Let me get with (internal contact) when he gets back and see if this can be an option. He is due to return on the ….


Are you just now finding out that Keller Schroeder has a Security Practice? Contact your Keller Schroeder Account Manager for more information and to discuss opportunities that we can assist with to help identify your infrastructure security strengths and opportunities.


Barracuda Backup Solution

– Jeff Gorman, Business Unit Director
Regardless of the industry in which you operate or the size of your business, having a solid backup and recovery plan is vital. No business can afford to gamble with its data by using outmoded or high-failure backup methods. In today’s world of cost-effective high speed Internet connectivity, data can frequently be protected by shipping it over the wire and storing it at secure offsite locations where it can be accessed in a time of need. Barracuda Backup is one option that has proven to be highly successful in meeting the needs of businesses with respect to online based data backup and offsite replication.
How safely the data is stored is a logical consideration when looking at online backup solutions. Since offsite storage is the best way to ensure data integrity in case of a disaster, the manner in which data is transported and stored is critically important.
When the Barracuda Backup Server is installed and configured, it performs an initial backup of all selected data and stores it locally. An advanced digital cataloging system shreds data into small pieces and tracks the changes of these parts over time to make sure duplicate data is not being retained. This deduplication helps minimize storage and bandwidth costs as it prepares to send data offsite.
To create an offsite copy of critical data, the Barracuda Backup Service sends data to one of two secure data centers via the Internet using an encrypted connection. Before data is transmitted, those shredded and cataloged parts are symmetrically encrypted then compressed for transfer and remote storage efficiency. The symmetric key to unlock those parts is in turn asymmetrically encrypted. The Barracuda Backup Service encryption method exceeds the United States Government’s approved encryption standards for protecting Top Secret information, ensuring that data is protected.

The last copy is created when replication occurs between the two data centers, providing another layer of redundancy. All data is mirrored from one data center to the other and can be accessed from either. Barracuda Networks distributes data for each customer across two geographically dispersed data centers to minimize the potential impact of an event at either location. Each data center is highly secure including alarms, controlled access, fire suppressors, redundant bandwidth, and emergency power generators – everything necessary to ensure valuable data is not in danger.
The Barracuda Backup service [PDF] was also designed with recovery in mind. Administrators manage the device through a Web interface. Because all critical data is mirrored offsite and administrative instructions are sent from the Web interface down to the Backup server, nothing critical is lost if the server is damaged. Barracuda Networks provides a number of tools and protocols to access and restore data either from the local box or from the cloud. This includes the Web interface, the Barracuda Restore Tool, WebDAV, and even FTP. A business can begin restoring data from the cloud as soon as it has connectivity. In the event that the local backup server is a total loss, and there is a significant amount of data that needs to be restored quickly, Barracuda Networks Technical Support can load data on a hard drive or a replacement Barracuda Backup Server and ship it overnight.
Neglecting to protect data until disaster strikes is an extremely high-stakes risk. In the event of a disaster, the likelihood for a company’s survival drops dramatically without access to critical data like company financials, accounts payable records, or customer records.
For some business owners and IT administrators, whether or not they have a solid data backup solution at all becomes their single standard in determining disaster preparedness. In reality, every business has different backup requirements, recovery needs, and priorities, and should create a regular process to analyze and identify critical systems recovery procedures in the event of a total loss. Each business and possibly each system a business utilizes may have different requirements for acceptable recovery time. These should be related to the available recovery options and their associated costs.
The overwhelming dependence of modern businesses and organizations on information technology to operate and remain profitable dictates the necessity of an affordable plan that allows for full and immediate recovery. A business should never be in a position where all of their data exists on a single device or at a single location. As a result of advances in technology with systems such as Barracuda Backup, organizations can now manage these together at an affordable cost.
Contact your Keller Schroeder Account Manager for more information or a demonstration of this product and how you, together Keller Schroeder, can benefit your environment.


Microsoft Office 365 Security

– Jeff Gorman, Business Unit Director
With more workers on the go, your business information is likely accessed by more people and from more places and platforms than ever before. With this increased access comes an increased responsibility to protect your information in all locations and across all platforms. As data becomes more accessible, attack methods can become more sophisticated and malicious. A comprehensive approach to security is required to protect your systems and data in this environment. As organizations consider integrating cloud-based services for core business functions, it is important that the security methodologies deployed by those providers are carefully considered.

One such offering that has gained significant positive attention regarding providing business services via the online model is Microsoft’s Office 365 solution. This solution combines the familiar Office desktop suite with the cloud-based versions of communications and collaboration services of Exchange Online, Sharepoint Online, and Lync Online. In support of the requirement to provide customers with details around the security of an online model, Microsoft provides a considerable amount of data regarding the security features and functionality of their offerings.
Office 365 client data is stored in Microsoft’s own network of highly available data centers, strategically located around the world. These facilities are built from the ground up to protect services and data from harm, whether natural disaster or unauthorized access. Physical security best practices are maintained, including state-of-the-art hardware, 24-hour secured access, redundant power, multiple fiber trunks, and many other features. Because of system redundancy, updates can generally be deployed to the system without any downtime for your users. The system is protected at the logical layer by robust data isolation, continuous monitoring, and a wide array of other recognized practices and technologies. All of the physical and logical security tasks are taken care of in the data center, which can drastically reduce the amount of time you spend keeping your data and systems safe.
Microsoft also provides a coherent, robust, and transparent privacy policy emphasizing that you maintain ownership of your data. The Trust Center tells you exactly how they handle and use data gathered in your interactions with Microsoft Online Services. If you decide to stop using Office 365, by default they provide 90 days of reduced functionality service, allowing you to export your data. Microsoft also provides multiple notices prior to deletion of customer data.
Office 365 is a multi-tenant service, meaning that data is distributed among hardware resources. Therefore, your data may be stored on the same hardware as that of other customers. This is one reason that Office 365 can provide the cost and scalability benefits that it does. Microsoft goes to great lengths to ensure the multi-tenant architecture of Office 365 supports enterprise privacy and security standards. Data storage and processing is logically segregated between customers through specialized Active Directory technology engineered specifically for the purpose. For organizations that want additional data isolation, a version of Office 365 is available that stores your data on dedicated hardware.
Unlike an on-premises installation that lives behind a corporate firewall and may be accessed over a virtual private network (VPN), Office 365 is designed specifically for secure access over the Internet. There are two options for user identification: Microsoft Online IDs and Federated IDs. In the first case, users create Microsoft Online Services accounts for use with Office 365. Users sign in to all their Office 365 services using a single login and password. The single sign-on application helps users easily create and use strong passwords that keep their services safe.
You can also choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their corporate IDs and passwords. In this scenario, identities are administered only on-premises. This also enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
Moving productivity services to the cloud requires a serious consideration of security and privacy issues and technologies. Office 365 is designed to deliver the enterprise-grade security you require to move to the cloud with more confidence. Microsoft’s data centers are designed, built, and managed using a defense-in-depth strategy at both the physical and logical layers, and their services are engineered to be secure using the Security Development Lifecycle. Office 365 attempts to make it easy for users and administrators to access and use data and services while following security best practices.
Contact your Keller Schroeder Account Manager for more information or a demonstration of this product and how you, together with Keller Schroeder, can benefit your environment.


Business Process Automation with SharePoint

– Rob Wilson, Business Unit Director


Since 2005, a few of us at Keller Schroeder have focused a great deal on SharePoint-related projects. No doubt it is a great product – better now even than in 2005. Maybe you have SharePoint installed and are using it for document management or collaboration, but are you using SharePoint to its full potential? One additional area where there is an opportunity to get a return on your investment with SharePoint is business process automation. More local companies are catching the wave for sure, but many, it seems, are not. If this is you, what is holding you back?


One thing that seems to be an obstacle for many is that they view SharePoint as a turnkey solution rather than a platform. There is nothing more frustrating than getting 80, 90, or even 95 percent of a solution completed using SharePoint and its out-of-the-box tools, only to find that there is no simple solution to the final step(s). Then you are faced with the dilemma: do I change my business process or do I find another solution? Sometimes, the best answer is “neither.”


Let us consider the employee on-boarding process for example. With SharePoint, we can create InfoPath forms to gather pertinent information and develop some rudimentary workflows quickly to assign tasks and route the form for approvals. But what if you want to automate the actual tasks themselves? What if you want to create an Active Directory user account for the new employee, rather than assigning that task to the security officer? What if then perhaps you want to create an Exchange mailbox? Maybe you want to allow workflow participants to approve or reject requests from their mobile devices. The out-of-the-box SharePoint tools do not have these features, but with .NET programming or third party products, you can add these features.


I am a firm believer you should never change your business process to accommodate a tool – you change the tool. At Keller Schroeder, we consider ourselves a technology company in the performance improvement business. That is one of the reasons we promote SharePoint, because it provides an opportunity to complement your business processes. If SharePoint is not the right tool for the job, we are the first to let you know. However, sometimes with the help of a little custom code or a third party solution, SharePoint is just what the doctor ordered.


Contact your Keller Schroeder Account Manager for more information or a demonstration of Sharepoint and how you, together with Keller Schroeder, can benefit your environment.