Microsoft Office 365 Security

– Jeff Gorman, Business Unit Director
With more workers on the go, your business information is likely accessed by more people and from more places and platforms than ever before. With this increased access comes an increased responsibility to protect your information in all locations and across all platforms. As data becomes more accessible, attack methods can become more sophisticated and malicious. A comprehensive approach to security is required to protect your systems and data in this environment. As organizations consider integrating cloud-based services for core business functions, it is important that the security methodologies deployed by those providers are carefully considered.

One such offering that has gained significant positive attention regarding providing business services via the online model is Microsoft’s Office 365 solution. This solution combines the familiar Office desktop suite with the cloud-based versions of communications and collaboration services of Exchange Online, Sharepoint Online, and Lync Online. In support of the requirement to provide customers with details around the security of an online model, Microsoft provides a considerable amount of data regarding the security features and functionality of their offerings.
Office 365 client data is stored in Microsoft’s own network of highly available data centers, strategically located around the world. These facilities are built from the ground up to protect services and data from harm, whether natural disaster or unauthorized access. Physical security best practices are maintained, including state-of-the-art hardware, 24-hour secured access, redundant power, multiple fiber trunks, and many other features. Because of system redundancy, updates can generally be deployed to the system without any downtime for your users. The system is protected at the logical layer by robust data isolation, continuous monitoring, and a wide array of other recognized practices and technologies. All of the physical and logical security tasks are taken care of in the data center, which can drastically reduce the amount of time you spend keeping your data and systems safe.
Microsoft also provides a coherent, robust, and transparent privacy policy emphasizing that you maintain ownership of your data. The Trust Center tells you exactly how they handle and use data gathered in your interactions with Microsoft Online Services. If you decide to stop using Office 365, by default they provide 90 days of reduced functionality service, allowing you to export your data. Microsoft also provides multiple notices prior to deletion of customer data.
Office 365 is a multi-tenant service, meaning that data is distributed among hardware resources. Therefore, your data may be stored on the same hardware as that of other customers. This is one reason that Office 365 can provide the cost and scalability benefits that it does. Microsoft goes to great lengths to ensure the multi-tenant architecture of Office 365 supports enterprise privacy and security standards. Data storage and processing is logically segregated between customers through specialized Active Directory technology engineered specifically for the purpose. For organizations that want additional data isolation, a version of Office 365 is available that stores your data on dedicated hardware.
Unlike an on-premises installation that lives behind a corporate firewall and may be accessed over a virtual private network (VPN), Office 365 is designed specifically for secure access over the Internet. There are two options for user identification: Microsoft Online IDs and Federated IDs. In the first case, users create Microsoft Online Services accounts for use with Office 365. Users sign in to all their Office 365 services using a single login and password. The single sign-on application helps users easily create and use strong passwords that keep their services safe.
You can also choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their corporate IDs and passwords. In this scenario, identities are administered only on-premises. This also enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
Moving productivity services to the cloud requires a serious consideration of security and privacy issues and technologies. Office 365 is designed to deliver the enterprise-grade security you require to move to the cloud with more confidence. Microsoft’s data centers are designed, built, and managed using a defense-in-depth strategy at both the physical and logical layers, and their services are engineered to be secure using the Security Development Lifecycle. Office 365 attempts to make it easy for users and administrators to access and use data and services while following security best practices.
Contact your Keller Schroeder Account Manager for more information or a demonstration of this product and how you, together with Keller Schroeder, can benefit your environment.

Business Process Automation with SharePoint

– Rob Wilson, Business Unit Director

Since 2005, a few of us at Keller Schroeder have focused a great deal on SharePoint-related projects. No doubt it is a great product – better now even than in 2005. Maybe you have SharePoint installed and are using it for document management or collaboration, but are you using SharePoint to its full potential? One additional area where there is an opportunity to get a return on your investment with SharePoint is business process automation. More local companies are catching the wave for sure, but many, it seems, are not. If this is you, what is holding you back?

One thing that seems to be an obstacle for many is that they view SharePoint as a turnkey solution rather than a platform. There is nothing more frustrating than getting 80, 90, or even 95 percent of a solution completed using SharePoint and its out-of-the-box tools, only to find that there is no simple solution to the final step(s). Then you are faced with the dilemma: do I change my business process or do I find another solution? Sometimes, the best answer is “neither.”

Let us consider the employee on-boarding process for example. With SharePoint, we can create InfoPath forms to gather pertinent information and develop some rudimentary workflows quickly to assign tasks and route the form for approvals. But what if you want to automate the actual tasks themselves? What if you want to create an Active Directory user account for the new employee, rather than assigning that task to the security officer? What if then perhaps you want to create an Exchange mailbox? Maybe you want to allow workflow participants to approve or reject requests from their mobile devices. The out-of-the-box SharePoint tools do not have these features, but with .NET programming or third party products, you can add these features.

I am a firm believer you should never change your business process to accommodate a tool – you change the tool. At Keller Schroeder, we consider ourselves a technology company in the performance improvement business. That is one of the reasons we promote SharePoint, because it provides an opportunity to complement your business processes. If SharePoint is not the right tool for the job, we are the first to let you know. However, sometimes with the help of a little custom code or a third party solution, SharePoint is just what the doctor ordered.

Contact your Keller Schroeder Account Manager for more information or a demonstration of Sharepoint and how you, together with Keller Schroeder, can benefit your environment.

Spotlight On…

Employee Owner: Corey Ainscough


Corey has over 13 years of experience in the Information Technology field. Prior to his role with Keller Schroeder, his experiences came from the Educational environment where his focus was primarily on support of workstations for facility and staff. Corey then spent nearly seven years with Old National Bank supporting and managing projects involving development and migration of over 3,500 workstations in six states, server builds/migrations for acquired banks along with daily support of backups, messaging and nearly 400 additional applications. His most recent efforts focus around security architecture and implementation as well as Microsoft server and messaging technologies for various sized clients including a Global Nutrition Company. With over 100 locations in 30+ countries, this client utilized Corey where he spent the better part of six months traveling globally in order to support phases of a complex project including site conversions in Europe and Asia.

Global travel was a fun experience for Corey who grew up in the small southern Indiana town of Odon (population 1,400). Corey moved to Evansville in 1997 for college where he later met his wife Megan in 2006. They now live in Newburgh with their two sons Reid (23 months) and Carson (12 weeks). When he is not playing trains or reading books to his sons, Corey enjoys renovating investment properties and training for half marathons. He is a Senior Consultant.

Contact your Keller Schroeder Sr. Account Manager to learn more about Corey and how you can leverage his experience and skills to the benefit of your organization.

Corey’s Certifications include:
Global Information Assurance Certified in Security (GSEC), Microsoft Certified Systems Engineer + Security (MCSE + Security), Microsoft Certified Technology Specialist – Windows Server 2008 (MCTS 2008 Server), Comptia Security+, Comptia Network+, Certified Novell Administrator (CNA)

Licensing: The SQL

– Dezarae Miller, Inside Account Manager

Microsoft SQL Server 2012’s availability is approaching. Part of this significant release there are changes not only in the product itself, but its licensing structure. The Microsoft SQL Server Editions have been revamped to better align with the current customer deployment models. Microsoft SQL Server 2012 will be released with 3 new editions: Standard, Business Intelligence, and Enterprise.

Standard Edition will be focused on basic database, reporting and analytics capabilities. Business Intelligence (BI) will include all the features of Standard Edition plus premium BI features. Enterprise Edition will include all available Microsoft SQL Server 2012 features. The Developer, Express and Compact Editions are still available.

The new editions also produce a new licensing model for Microsoft SQL Server 2012. Their previous two licensing offerings – “computing power-based” model and “per server/CAL” model – will still be available. However, the computing power-based model’s base will shift from a “per processor” to a “per core” calculation. The Enterprise Edition will be sold using only this new “per core” model, the Standard Edition will be available in either “per core” or “per server/CAL” models, and the Business Intelligence Edition will be available only in the “per server/CAL” model.

The new Core-based licenses will be sold in two-core packs and to license a physical server correctly, it must be licensed for all cores in that server with a minimum of 4 cores per physical processor.

As with any new release, there may also be a fluctuation in price. We expect little difference in the “per processor” and “per core” models. There is an expected 27% increase in the “per Server/CAL” model. With the expected release date of Microsoft SQL Server 2012 in the first half of 2012, now is a great time to purchase the current SQL version with Software Assurance, guaranteeing your access to the free license upgrade to Microsoft SQL Server 2012 upon its release.

For any additional questions, please contact your Keller Schroeder Senior Account Manager for more information, from identifying the Software Assurance and migration benefits your company is eligible to receive to purchasing or renewing your existing licenses prior to these changes taking effect.

The People Factor

I have held about a half dozen different positions over my 30-year professional career with two highly reputable and successful companies. On the first work day of this year, I celebrated exactly 15 years with Company Number 2, which coincidentally followed exactly 15 years with Company Number 1.

Other than all of this sounding weirdly symmetrical, I can draw two rather unrelated conclusions about my career:

1. Most of my attempts at mapping out my path have been futile – that is, much of what has come my way has been the result of circumstances and influences from God and people besides myself, rather than finely tuned goals, planning or engineering on my part.

2. For me, the source of fun and fulfillment in my work has been much more closely related to the people I work with rather than the content of my job description.

At Keller Schroeder, I get to work with some of the most talented, conscientious, and caring people on the planet. I really mean that. I know I’m “supposed” to say that, as the leader of an organization. But you, as our client, know I am telling the truth because those same people are the ones who served you in 2011.

I am proud to work alongside the 78 Keller Schroeder employee-owners who contributed over 100,000 hours to the success of over 200 clients in 2011. These are people who understand how inextricably our success is tied to yours. And, these are people who are unique in how deeply they care about you – both as a client and as an individual.

We sincerely appreciate your feedback on how we are doing. Please let us know if we fail to meet your expectations. The longer we serve you, the more likely it is that we will disappoint you, at least once. We are human. How we respond when we miss the mark will hopefully contribute to your confidence in us. Also please be sure and let us know when we make your day! That’s why we are here.

We wish you a successful and prosperous 2012. I hope you have an even greater opportunity to meet and work with the people of Keller Schroeder who so frequently make it a good day for me at the office.

Larry May

Fair & (Insight) Balanced

– Jeff Gorman, Business Unit Director

The modern data center architecture in many organizations is radically different from the layout in the recent past. The proliferation of shared storage, virtual servers, and the provisioning of single applications across a variety of these resources is a significant departure from the historical model of individual physical servers supporting specific applications. The benefits of the new architecture are well documented with respect to efficient utilization of resources, potential power and space savings, improved business continuity, and many other facets that present compelling business cases.

One aspect of the new architecture that does not seem to draw much focus is the perspective that traditional tools are unable to effectively assist in the provisioning, management, and troubleshooting of this heterogeneous environment. With such a dramatically different means for allocating resources, and such a fundamental difference in what key metrics need to be gathered for management and troubleshooting, new tools are required to maximize the benefits of the intended efficiency improvements. Without a comprehensive, unified view across key platforms, it is not possible to ensure the appropriate balance of resource allocation is being achieved to ensure systems are adequately provisioned. Without that comprehensive view, it is not possible to get a unified analysis of performance across systems to assist with capacity planning, proactive allocation, and consistent service level performance.


NetApp’s Insight Balance is a performance and capacity management software solution providing analysis across IT virtualization layers and technology silos for both virtual and physical servers and storage. It is a tool designed to provide a unified view of the modern data center architecture, allowing organizations to maximize the benefits of their computing resources. The solution is not specific to NetApp storage; it works with Dell, EMC, HDS, HP, IBM, and NetApp storage as well as Windows, HP-UX, RHE, Solaris, VMware, and Hyper-V servers.

Unlike traditional management tools that look only at one silo (physical or virtual, servers or storage), Insight Balance agentless software dynamically models and analyzes the entire server and storage infrastructure to understand how application workloads, utilization levels, and resources interact, bringing much-needed infrastructure-wide intelligence to the data center. Its sophisticated analytics provide intelligent alerting, actionable recommendations, and proactive service management guidance to help with remediation, optimization, and planning. Leveraging Insight Balance as an independent advisor, IT managers invest in capital equipment only when they truly require it, not when a vendor says they do.

By helping system administrators effectively plan across the server and storage platforms that are shared among multiple systems, providing proactive management of those physical and virtual systems, and providing an integrated view for root cause analysis of issues within those heterogeneous systems, Insight Balance provides significant business benefits for organizations looking to maximize the positive impact of their data center resources.

Contact your Keller Schroeder Account Manager for more information or a demonstration of NetApp Insight Balance.

Spotlight On….

Employee Owner: Tim Deem


Tim has over 25 years of experience in the Networking arena, including experience in managing Bristol-Myers’ Global Network, and managing a regionally-based Internet Service Provider operations center. He has been directly involved in designing, planning, implementing and troubleshooting Wide Area Network (WAN) and Network Security projects for International companies, large enterprises and small businesses. In addition, his recent experience he been as the technical lead for deploying secure and robust Unified Communications (voice) solutions for enterprises with both US and International locations. He is a Senior Network Consultant.

Tim is a home grown, Evansville native and a graduate of the University of Southern Indiana. His wife, Diane, and two sons, Nathan and Joshua, live on the west side of town (Go Reitz!) and he can often be found tapping his foot to his substantial eclectic collection of music or focusing behind the lens of his Nikon D90 capturing people, landscapes, buildings and other area sights.

Contact your Keller Schroeder Sr. Account Manager to learn more about Tim and how you can leverage his experience and skills to the benefit of your organization.

Willingness Listening

There is no shortage on research and instruction regarding good listening skills. There are active listeners, passive listeners, empathetic listeners, and pathetic listeners. I would add one more category for consideration – “willingness listeners”.

Whether in leadership, marriage, parenting, or otherwise, critical knowledge and wisdom can be missed when we listen well, but do not listen with a willingness to be influenced.

How often have you been speaking to someone, and either by a shake of the head or other nonverbal cues, you know before you finish your sentence that the answer is “no”? A better question: How often do we have our own minds made up on a topic or a request before we have seriously considered its merits? Make no mistake, people who know us well are quite aware of whether we are listening just to be patient or listening with a genuine openness to change.

One of our Core Values at Keller Schroeder reads like this: “We are passionate about our clients – actively listening, understanding their needs, and making their best interests our priority.” The last phrase of this statement – pertaining to their best interests – is what inspires passion for our clients and the desire to be active listeners. If we are genuinely concerned about the best interests of someone other than ourselves, then we are naturally more prone to listen to them in a way that allows them to change our minds and our actions.

Often we listen well, and even learn well, but we do not allow this learning to change our mind, or to change us. We acknowledge its value for someone else, but we fail to see the need to apply it personally. We may think we already know all there is to know about the subject area. We may not respect the teacher or requestor as having ideas worthy of our consideration.

Regardless of the reason, we do ourselves and our businesses, families, and other relationships harm if we miss the opportunity to change for the better as a result of that which we hear and experience along our journey. The truth is that we can learn from the experiences, requests, and opinions of even the least respected or poorly informed sources.

Not all information is good or useful, but if we are not careful, we let our routines or our predispositions crowd out a powerful opportunity to change or grow. If my head begins to shake “no” (physically or just in my thoughts) before a concept has been fully communicated to me, then my chances of receiving similar ideas or input in the future from that same source with the same level of innovation and passion are virtually zero.

The key is not to be just a good listener – it’s about how we let what we hear impact us.

Larry May

Off the Beaten InfoPath

– Rob Wilson, Business Unit Director
It happens all the time! You get one of those pesky emails with a PDF attachment that you are supposed to fill out, scan, and email back to the recipient. You think to yourself “If only I were a programmer, I could show these people how to create this form better as a web page.” But while you’re extraordinary at what you do, and understand your business processes better than any other person in the whole world, you could never develop a digital solution to streamline a process, right? Wrong!

It turns out that you may have had the solution at your fingertips all along, but just did not realize it. If you have Microsoft Office Professional Plus, then you have at your disposal the premier electronic forms solution – InfoPath. If you open it up, you will find that InfoPath is as easy to use as Microsoft Word. In addition, you can put text boxes, date pickers, list boxes, and numerous other controls onto a form. You can even add an attachment field so people can attach images, documents, or other artifacts to the form. Yes, YOU can do this! When the form is completed by the recipient, it can be printed, emailed, saved as a PDF, or saved into a database. In addition, InfoPath has a big brother that separates it from the other electronic forms solutions you may have checked out – SharePoint.

When you add SharePoint to the mix, InfoPath goes from “awesome” to “awesomer!” Eh, we mean “more awesome.” SharePoint provides you with a place to centrally manage, serve, and secure your forms. Forms can be routed with SharePoint workflows. Form data can be extracted from the form to a SharePoint list where you can slice it, dice it, filter it, sort it, group it, even export to Excel. Suffice it to say you can do a lot of stuff. If you have SharePoint Enterprise, the form can be published as a web page so that the user does not have to have InfoPath installed on their desktop to fill the form out.

If you are a small business who does not have SharePoint 2010 Enterprise at your disposal, there is an InfoPath 2010 forms solution in some of the new Office365 cloud offerings. Your Keller Schroeder Sr. Account Manager can help you determine which solution would be best for you.

How to know if you could really use InfoPath and SharePoint:
– Do I have paper forms that my employees, customers, patients or partners do or could fill out electronically?
– Do I have cumbersome business processes that could be streamlined?
– Do I have good visibility to a form in an approval process or whose inbox the request is currently in?
– Do I have infrequently business processes that could be better structured to keep them from falling between the cracks?
– Do I need a way to easily slice and dice the data gathered from recipients filling out my form?

Just one “yes” to any of the above questions makes InfoPath worth a look. Common use cases we’ve witnessed include new or terminated employee forms, expense reimbursement forms, material requisition forms, time sheets, etc. Keep an eye on our SharePoint blog for an upcoming series on InfoPath, and contact us for more information.

LogRhythm & Blues

– Jeff Gorman, Business Unit Director

Many organizations simply do not have a reliable method for collecting log and event data from key systems within their infrastructure. Historically, systems that collect that comprehensive logging data have either produced a volume of data that made them unrealistic to use for extracting relevant data or have been so expensive to implement in terms of resources and staff that few organizations could justify the investment.

In today’s environment, several organizations face regulatory requirements for log management, event management, file integrity and privileged user monitoring. Whatever the driver – PCI-DSS, SOX, HIPAA, FISMA, NERC CIP, GLBA, GCSx, GPG13, or simply a desire to more proactively plan and track events within the infrastructure, organizations face challenges in meeting these requirements easily, efficiently, and affordably. The cost of acquisition, deployment and ongoing management of disparate solutions, even if they are offered by one vendor, can be substantial.

No matter what the reason for implementing a log management or information monitoring solution, the complexity of installation, operation and ongoing management will go a long way toward determining its success. A solution that can’t be deployed, learned and operated without requiring major resources can become more of a problem than a solution. IT executives need to be assured that what they invest in today will accommodate their immediate organizational needs and those in the future.

Because of these requirements, more businesses are looking for Security Information Event Management (SIEM) systems to improve their business proposition both in terms of value and efficiency.

Distinct from legacy SIEM solutions, LogRhythm fully integrates traditionally separate log management and security event management functions to collect, analyze and correlate log data – with a single console for operating and administering all components. Collecting data from any source, LogRhythm’s SIEM 2.0 platform builds on an advanced data management structure with extensive data enrichment to analyze all log data in real-time. Automated risk-based prioritization, powerful forensics, advanced visualization and alerting in a simple-to-use GUI empowers organizations to gain unprecedented visibility and control over their enterprise IT environment.

A wealth of valuable information can be derived from log data – whether it originates in applications, databases, servers, network devices or endpoint systems. By automating the collection, organization, analysis, archiving and reporting of all log data, LogRhythm enables organizations to easily meet specific requirements, whether driven by internal best practices or one of many compliance regulations. LogRhythm delivers valuable, timely and actionable insights into security, availability, performance and audit-related issues.

LogRhythm appliances come in a variety of models including High Availability solutions that support business continuity and information assurance for LogRhythm deployments. Because of LogRhythm’s distributed, incrementally scalable architecture, deployments can start with a single appliance and scale from there by simply adding appliances. Regardless of the performance, storage or geographic requirements, LogRhythm is architected for flexible and efficient expansion.

LogRhythm is an enterprise-class platform that seamlessly combines Log Management, SIEM, File Integrity Monitoring, and Network & User Monitoring into a single integrated solution. It is highly reliable and cost-effective, and can scale to fit the needs of any enterprise. With LogRhythm, you can invest in a single solution to address requirements and challenges throughout your organization, whether they are related to compliance, security or IT operations.

To learn more about how this product might benefit your environment, please contact your Keller Schroeder Senior Account Manager for more information or a demonstration.