It’s OK to Ignore the CEO, When it is NOT the CEO!

ImagineBrad Mathis  – [Senior Consultant – Information Security]

Imagine the following scenario.

You are going through your daily routine and you receive an urgent email from the CEO.  The email is urgent, appears to be time sensitive, and is requiring you to act immediately.  You are aware the CEO is currently out on vacation or away on business, and is therefore unreachable.  However, the email is direct and to the point.  “Get this Done!”  The email is asking for you, a member of the financial team, to process a payment or monetary transfer.  It may even inform you someone from another company will be reaching out to you with further instructions, such as account numbers and routing information. An abbreviated example of such an email may look something like this:

CEO Email
What if you also received an email ahead of this one from someone in finance saying “Keep an eye out for an email from the CEO asking about a funds transfer”, followed by an email from the alleged company the CEO mentioned in their original email?  Transferring large sums of money from one account to another is a normal part of your job.  Although this chain of events is a bit out of the ordinary, it also seems perfectly legitimate.  Would you process the transfer?  Would a co-worker?

Sadly, far too many organizations are falling victim to these type of crimes known as CEO Fraud and Business Email Compromise (BEC).  Some of the email senders’ email accounts are spoofed, meaning the criminal sender is making the recipient think the email is from the actual sender.  Even more concerning is when the actual senders’ email account credentials are compromised and the criminal is able to send emails directly from the account of a CEO, CFO, Attorney, and so on.  This may sound complicated, but it isn’t.  With the advancement of malware laced email attachments and infected links, it is far too easy to install malicious software on a victim’s workstation, thereby allowing the criminal to capture every keystroke the legitimate user types.  Even more concerning, cameras and microphones can be controlled by the criminals.

The FBI estimates the organizational amount lost to Business Email Compromise between October 2013 and February 2016 to be $2.3 Billion.  Since January 2015, the FBI has seen a 270 percent increase in identified victims and exposed loss! Keep in mind, this is only the amount of loss actually reported.  Many businesses remain quiet and never report their losses for fear of public reputation damage.

Know Be 4Luckily, the risk of becoming a victim to this type of crime, as well as other email and web based threats can be reduced.  A modern and evolving layered security infrastructure is extremely important.  It cannot and should not be overlooked.  However, the most effective and most overlooked method to reduce your risk of becoming a cybercrime victim is effective and measurable End User Security Awareness Education.

While we constantly stress the importance of Vulnerability and Patch Management, this does not just apply to your technology.  User vulnerability levels need to be assessed in order to gauge their likelihood of falling prey to a Phishing email and other criminal scams.  This activity is most effective when supplemented with required security awareness training.  This is where it sometimes gets tricky.  The simulated phishing campaigns and security awareness training requirements must apply to ALL employees, up to and including the President and CEO.

Identifying your employee vulnerability baseline is an important and effective step toward lowering your overall risk profile, as well as empowering your workforce to always be on the lookout for malicious and criminal activity that can threaten your business.

So, Yes… It is OK to ignore the CEO’s request when it cannot be verified it is truly the request of the CEO.  When the business is on the line, they will thank you for your due diligence.

How vulnerable are your users?  How likely are they to fall prey to becoming a victim?  How have you taken steps to get data to support your answers to those questions?  When performing these employee vulnerability baseline assessments, we have already seen as high as a 75% failure rate for the initial Phishing test.  Launching an effective awareness solution that allows you to measure risk and track improvements is a critical first step in lowering your employee vulnerability risk, making your organization less likely to become a victim of cybercrimes such as CEO Fraud, Business Email Compromise, and Ransomware.

Contact Keller Schroeder today to find out how we can help you implement solutions that effectively reduce your employee vulnerability risk through ongoing security awareness training and testing.


ProofPoint Email Protection – Not Your Average Spam Filter

ProofpointChance Webster  – [Systems Engineer – Network Solutions Group]

In today’s fast paced world, e-mail is the medium that drives business.  Not only do we use email to conduct day to day operations and communicate with employees, customers, and business partners, we also use email to advertise products and services, convey information to a large group, or even send that all-important casserole recipe to a coworker.  With the pervasiveness of email, a common business concern is how to filter out junk mail or messages with malicious content.  There are many good solutions on the market today, however there are sometimes gaps in coverage as vendors try to keep up with ever-evolving tactics used by spammers and other malware techniques.  A complete solution to mitigate both junk mail and mail-based risks and provide solid intelligence on these threats is ProofPoint Email Protection.

ProofPoint Email Protection is a cloud-based platform that grows with your business and can be used to develop a highly reliable, low latency solution to protect your users from malicious or otherwise unwanted messages by use of policies rather than a set of rules that apply to everyone in the organization.  By using policies to define your message filtering rules, administrators can allow for a more targeted audience for messages from a particular source, sender, or classification of messages, if required.  Since ProofPoint Email Protection is cloud-based, it also provides for continuity of incoming email if your email servers go down and will automatically restart delivery when your email services are restored.

Proofpoint DemoProofPoint Email Protection also provides a high level of visibility and reporting for your email administrators while also providing your users with some level of control.  Messages can be searched using the message tracing logs and dozens of search criteria to quickly identify messages and take action as necessary.  There are also a large number of detailed reports that can be used to provide a vast array of information and allow administrators to make informed decisions when approving or denying messages with questionable content.  End users can also be provided some freedom to opt in or out of routine quarantined message notifications, ProofPoint-managed or Administrator-defined Safe and Block lists for known spam or malware sources, or even Bulk Message delivery.

If you are considering more effective ways to manage against mail-based malware risks or the loss of time related to sorting through spammed messages, make contact with your Keller Schroeder Account Manager and let us show you more about the ProofPoint Email Protection solution.


What is Office 365?

Office365
Dezarae Miller, Inside Product Manager
What is Office 365 exactly?
Office 365 is a cloud-based subscription service, hosted by Microsoft, that end users access across the Internet. It offers a variety of services and software based on the Office platform. It isn’t just hosted email, but includes a range of services including instant messaging, collaboration, and more. These services can either be purchased as a suite, as individual components, or mixed and matched.
The most common individual plans consist of:

  • Exchange Online Plan 1 & 2 – Email
  • SharePoint Online Plan 1 & 2 – Collaboration
  • Lync Online Plan 1 & 2 – Instant Messaging, Voice, and Video
    The pricing for SharePoint Plan 1 or Exchange Plan 1 come in at $48.00 per user/per year. For Plan 2, the plans come in at $96.00 per user/per year. Lync pricing is $24.00 per user/per year for the Plan 1 option and $66.00 per user/per year for the Plan 2 option. All Plan 2 offerings include features from Plan 1.
    The suites used by most businesses include:

     

  • Office 365 Midsize Business – limited to 300 users, Office Pro Plus desktop version, components of Exchange, Sharepoint, Lync
  • Office 365 Enterprise E1 – Components of Exchange, Sharepoint, Lync
  • Office 365 Enterprise E3 – Office Pro Plus desktop version, components of Exchange, Sharepoint, Lync
  • Office 365 Enterprise E4 – Exchange, Sharepoint, Lync, Office Pro Plus desktop version, Enterprise functionality
    Pricing for these plans ranges from $96.00 per user/per year to $264.00 per user/per year. Midsize Business, E3, and E4 include the desktop version of Office Pro Plus for the period of the subscription.
    Office 365 service is built on an update structure. Updates are provided once per quarter. Any new releases of products are automatically upgraded during those quarterly updates. Also, since all services are hosted by Microsoft, your organization can benefit from being backed by a 99.9% schedule uptime SLA, and a premium disaster recovery service.
    As you can see, Office 365 offers plans from small to enterprise businesses with options to mix and match according to your business needs. If you have any additional questions, please contact your Keller Schroeder Account Manager for more information.

     


Get ready For Exchange Server 2013!

Toby Ellis, Sr. Consultant


Get ready For Exchange Server 2013!


In the fall of 2012 Microsoft announced the release to manufacture of Exchange Server 2013. Although it was ready to install in environments new to Exchange Server, the prerequisites were not yet available for upgrading a current installation of Exchange Server 2007 or Exchange Server 2010. Now that Microsoft has released Exchange Server 2007 Service Pack 3 update roll-up 10 and Exchange Server 2010 SP3 it is now possible to migrate to Exchange Server 2013 in coexistence scenarios with the previous versions of Exchange Server.


Windows Server Operating System requirements include Windows Server 2008 R2 Service Pack 1 or Windows Server 2012. Core Mode installations of Windows Server 2008 R2 or Windows Server 2012 are not supported but you can convert any Core Mode installation to a Full Mode installation easily. Management tools will install on Windows 8 Professional 64 bit or Windows 7 Professional 64 bit with Service Pack 1. If you are still running Exchange Server 2003 you will first need to migrate to Exchange Server 2007 or Exchange Server 2010 before migrating to Exchange Server 2013 as there is no direct migration path from Exchange Server 2003 to Exchange Server 2013.


Now that we have our server side and management PC configurations ready for the upgrade, we’ll need to look at the client side. You will need to have Outlook 2007 Service Pack 3 or newer for Windows workstations. You will need Entourage 2008 or newer for MacIntosh systems. The redesigned Outlook Web Application supports the current version of all major browsers: Internet Explorer, Firefox and Chrome on Windows XP SP3 and newer. It also supports Safari, Firefox and Chrome on the Mac. Chrome version 24 or newer can even support offline access to the Outlook Web Application for when you are on the go and without an internet connection!


exchange-2013


Exchange Server 2013 has a number of new features that will benefit any organization whether you are new to Exchange or migrating from a previous version. Some highlights include:

  • Storage – Mailbox databases each run under an isolated process, so one problematic database won’t take down the whole server.
  • Integration – better integration with SharePoint 2013 and Lync 2013 allows in place eDiscovery across these applications.
  • Compliance – built-in DLP (Data Loss Prevention) and eDiscovery across Microsoft collaboration services.
  • Simplified – simplified Exchange roles provide for scalability and ease of administration.



For the latest information on system compatibility please read the Exchange 2013 System Requirements.


For any questions regarding preparing for and executing a successful Exchange Server 2013 implementation, contact your Keller Schroeder Sr. Account Manager.




Barracuda Message Archiver

– Jeff Gorman, Business Unit Director

 

Without question, email is the de facto standard for business communication. As the use of email grows, companies are facing the challenge of ensuring that their email traffic is adequately stored and compliant with various industry regulations as well as other corporate policies.

Not long ago, before the onset of many of the corporate, government and industry regulations that companies must adhere to today, the predominant way to store email and other sensitive data was through backup tape. One reason for the reliance on this form of data retention is that, until now, the cost and complexity of email archiving solutions made them difficult for businesses to consider. However, accessing data through backup storage can often be costly and inconvenient for most companies. Email archiving solutions present a much more centralized and secure option for storing email so that it can be retrieved easily and in a timely fashion.

There are four primary reasons to consider an email archiving solution to help manage the massive amounts of data that are sent and received by an organization.

First, the solutions provide litigation support. The cost of finding and producing information relevant to legal proceedings in an unmanaged retention environment can be excessive. Archive solutions structure the storage of mail and are designed to greatly simplify that data collection process.

Second, the solutions excel at storage management. Not only does the volume of email messages continue to increase annually, the size of the average email also grows each year. With increased use of file attachments and embedded images in mail messages, the storage requirements are rapidly growing. Archiving solutions provide a more resourceful way of handling this issue than simply provisioning additional storage. The ability to migrate messages beyond a certain age to storage outside of the live mail database, while still leaving it readily available to end-users, reduces the workload on mail servers. The ability of archiving solutions to deduplicate and optimize the storage used for the archived data further reduces resource requirements.

Third, implementing an email archiving solution improves knowledge management within the messaging environment. Email archiving systems provide additional tools essential to storing and controlling access to an organization’s knowledge base, kept within the messaging environment.

Finally, an email archiving solution achieves industry compliance. There are numerous regulations impacting most business verticals that require some form of email retention as well as specific parameters of how email should be stored and for how long it must be retained.

Email archiving solutions help with the concepts of:

  • Email permanence (maintenance of messages in their original form)
  • Security of email (protection against unauthorized access & safeguarding from destruction)
  • Auditability (accssibility of messages in a timely fashion, by authorized personnel only)

These characteristics make email archiving solutions beneficial for organizations requiring compliance with FRCP, SOX, HIPAA, SEC/NASD, and many other regulatory guidelines.

One archiving solution that has a proven track record with organizations of all sizes is the Barracuda Message Archiver, which has the capacity to store and index years’ worth of data through a combination of internal and external storage. In addition, the Barracuda Message Archiver’s comprehensive email indexing features allow administrators and auditors to quickly sort emails based on typical message fields: sender, recipient, received date, created date, subject line, size, attachments, importance, words in the message body and so on. Further, email attachments are fully indexed and messages can also be tagged for in-depth searches for the purposes of legal discovery, regulatory compliance requirements or for efficient sorting of large repositories of emails.

The Barracuda Message Archiver helps achieve compliance by maintaining integrity over the storage, access, and content-based policies governing emails. With its role-based administration, the Barracuda Message Archiver enables you to assign special privileges to Auditors enabling them to search and enforce content-based policy to comply with regulations. With a set of tamper-resistant protections built into the system, the Barracuda Message Archiver safeguards against potential alterations or deletion of archived emails.

The exponential growth of email has created a variety of data management challenges across all industries. Contact your Keller Schroeder Senior Account Manager today to coordinate a review of your current messaging infrastructure and to discuss whether an email archiving solution may help you achieve multiple modern-day business requirements.
 


Microsoft Office 365 Security

– Jeff Gorman, Business Unit Director
With more workers on the go, your business information is likely accessed by more people and from more places and platforms than ever before. With this increased access comes an increased responsibility to protect your information in all locations and across all platforms. As data becomes more accessible, attack methods can become more sophisticated and malicious. A comprehensive approach to security is required to protect your systems and data in this environment. As organizations consider integrating cloud-based services for core business functions, it is important that the security methodologies deployed by those providers are carefully considered.

One such offering that has gained significant positive attention regarding providing business services via the online model is Microsoft’s Office 365 solution. This solution combines the familiar Office desktop suite with the cloud-based versions of communications and collaboration services of Exchange Online, Sharepoint Online, and Lync Online. In support of the requirement to provide customers with details around the security of an online model, Microsoft provides a considerable amount of data regarding the security features and functionality of their offerings.
Office 365 client data is stored in Microsoft’s own network of highly available data centers, strategically located around the world. These facilities are built from the ground up to protect services and data from harm, whether natural disaster or unauthorized access. Physical security best practices are maintained, including state-of-the-art hardware, 24-hour secured access, redundant power, multiple fiber trunks, and many other features. Because of system redundancy, updates can generally be deployed to the system without any downtime for your users. The system is protected at the logical layer by robust data isolation, continuous monitoring, and a wide array of other recognized practices and technologies. All of the physical and logical security tasks are taken care of in the data center, which can drastically reduce the amount of time you spend keeping your data and systems safe.
Microsoft also provides a coherent, robust, and transparent privacy policy emphasizing that you maintain ownership of your data. The Trust Center tells you exactly how they handle and use data gathered in your interactions with Microsoft Online Services. If you decide to stop using Office 365, by default they provide 90 days of reduced functionality service, allowing you to export your data. Microsoft also provides multiple notices prior to deletion of customer data.
Office 365 is a multi-tenant service, meaning that data is distributed among hardware resources. Therefore, your data may be stored on the same hardware as that of other customers. This is one reason that Office 365 can provide the cost and scalability benefits that it does. Microsoft goes to great lengths to ensure the multi-tenant architecture of Office 365 supports enterprise privacy and security standards. Data storage and processing is logically segregated between customers through specialized Active Directory technology engineered specifically for the purpose. For organizations that want additional data isolation, a version of Office 365 is available that stores your data on dedicated hardware.
Unlike an on-premises installation that lives behind a corporate firewall and may be accessed over a virtual private network (VPN), Office 365 is designed specifically for secure access over the Internet. There are two options for user identification: Microsoft Online IDs and Federated IDs. In the first case, users create Microsoft Online Services accounts for use with Office 365. Users sign in to all their Office 365 services using a single login and password. The single sign-on application helps users easily create and use strong passwords that keep their services safe.
You can also choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their corporate IDs and passwords. In this scenario, identities are administered only on-premises. This also enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
Moving productivity services to the cloud requires a serious consideration of security and privacy issues and technologies. Office 365 is designed to deliver the enterprise-grade security you require to move to the cloud with more confidence. Microsoft’s data centers are designed, built, and managed using a defense-in-depth strategy at both the physical and logical layers, and their services are engineered to be secure using the Security Development Lifecycle. Office 365 attempts to make it easy for users and administrators to access and use data and services while following security best practices.
Contact your Keller Schroeder Account Manager for more information or a demonstration of this product and how you, together with Keller Schroeder, can benefit your environment.


What’s New In Exchange 2010?

Microsoft’s Exchange Server 2010 is in the spotlight.  What’s new in Exchange 2010 you ask?  As always, Microsoft has evolved their product to align with current technology trends and added a number of features for both Systems Administrators as well as users.  In the following article, we will take a look at just a few of these enhancements and what they have to offer.

From the administrator’s perspective, one of the most significant improvements has been to the storage architecture.  Microsoft is boasting that Exchange 2010 provides an additional 50-70% reduction in disk I/O over Exchange 2007. In addition, Microsoft has replaced all the previous high availability solutions (LCR, CCR, SCR, & SCC) with their new Database Availability Groups (DAGs).  DAGs are simple to configure and allow for Exchange database fault tolerance utilizing an underlying Windows Clustering service. Up to 16 mailbox servers can participate in a DAG, providing automatic database-level recovery from a database, server, or network failure.  To support this improvement, Microsoft has eliminated “storage groups” and shifted databases to the Organizational level.

Another great addition is Role Based Access Control (RBAC), which replaces the standard permission model in Exchange 2007.  While smaller organizations may not immediately see the value of RBAC, larger organizations with a variety of administrators in different roles will quickly see the benefits.  Permissions are now based on Exchange tasks that a user needs to perform and the ability to control these features are now available within the Exchange management tools.

Anxiously awaited is Exchange 2010’s new Legal Hold feature which allows you to preserve the contents of an end user’s Exchange mailbox.  End users can still utilize their personal mailbox in a normal manner, however, copies of all items are retained, even if the end user deletes them or if archived content has expired.  A complementary feature to Legal Hold is the new multi-mailbox search feature, making it notably easier for organizations to perform E-discovery. As the feature’s name implies, multi-mailbox search allows a designated person to perform organization-level searches across end users’ mailboxes.

In summary, Exchange Server 2010 provides new levels of reliability and performance, simplifies administration, and adds numerous features to better the end user experience.   As an added bonus, OWA now provides support for both Safari and Firefox web browsers.

For more information regarding Microsoft’s Exchange 2010 and how it can benefit your organization, please contact your Keller Schroeder Senior Account Manager.


Putting Your Stock in Exchange – Are Microsoft’s Newest Releases for You?

Are you using Microsoft Exchange for email and productivity collaboration? If not, you might want to take a look. According to the RadiCati Group [doc], in 2009, there have been 280 billion emails sent every day. Thanks to great SPAM filtering products like Barracuda and IronPort, however, most of those messages don’t reach your inbox. For the messages that do, Microsoft Exchange is a great place to house them for better management, sharing and security. Exchange commands 57% of the corporate messaging software market demonstrating a strong showing in email and productivity collaboration tools.

Microsoft has released numerous versions of Exchange since its inception in 1996. Today, many companies host Exchange 2007 which incorporated significant changes from Exchange 2003 such as a 64 bit architecture for increased RAM utilization, the introduction of multiple roles (allowing an administrator to separate out all functionality of the system into various physical servers or virtual servers for greater load manageability), greatly improved high availability/redundancy features that can withstand an entire server failure with zero impact on the end users, an introduction of Unified Messaging integrating voicemail with your mailbox, and a multitude of other enhancements. It was a complete redesign of Exchange 2003 and, from our experience, a vastly superior product. For more information, you can visit Microsoft’s Exchange Server 2007 Product Overview site.

If you prefer being at the leading edge of technology, Exchange 2010 was just Released to Manufacturing (RTM) by Microsoft on October 8th, which means Microsoft has officially signed off on the new code and it will soon be available to the public for purchase and installation. New features of Exchange 2010 include Role-Based Access Control Permissions providing an administrator more granular control of permissions, new Exchange Management Console features, integration with Active Directory Rights Management Service, new transport and routing functionality along with many enhancements for Outlook Web Access (OWA) resulting in an interface more closely resembling the standard Microsoft Outlook client. For a complete list of the new features and enhancements please visit the Microsoft Exchange 2010 website for more information.

Microsoft has continued to improve each new release of Exchange Server, meeting the challenges of the ever-changing infrastructure and addressing end-user requests and needs. With the many user experience enhancements in addition to Administrator benefits Microsoft has implemented, it is easy to see why Exchange is so prevalent and commands such a strong share of the messaging market.

Contact your Keller Schroeder Senior Account Manager to learn more or discuss the benefits of implementing this Microsoft Exchange 2007 or 2010 within your environment.


Message in an eBottle – Email/Message Archiving Solution

Read the story of Donald Wylie (pdf).

As IT professionals investigate solutions to enable their companies’ message storage needs, litigation concerns, and compliance with increasing regulatory requirements; message archiving quickly becomes a topic of discussion. For many, the Barracuda Message Archiver has become their solution of choice. As a complete and affordable email archiving solution, it enables you to effectively index and preserve emails, enhance operational efficiencies and achieve regulatory compliance needs.

The four driving forces for message archiving include:

Storage Management – Not only is the volume of email messages continuing to increase, the average size of an email message is also becoming larger. Increased use of file attachments in email messages results in the average email ranging between 22KB and 350KB. The ability to adequately keep up with these increasing storage demands can be costly. Although storage solutions can provide short term resolutions, email archiving solutions provide a more resourceful way of handling the issue over a longer period.

Knowledge Management – Your email system contains an increasing amount of vital company intelligence, some of which may not be replicated anywhere else. If that email becomes unavailable, you run the risk of losing that intelligence. Email archiving solutions can provide management tools for storing and controlling access to an organizations knowledge base.

Litigation support – Any company in any industry is vulnerable to being implicated in lawsuits. Today’s litigation discovery can involve all parties and requires that all information relevant to the lawsuit be provided at the request of the court of law. Finding and producing such information can often cost more than the actual damages claimed in the lawsuit itself. The use of an email archiving solution can help mitigate many of those costs.

Compliance – The driving force behind the increased demand for email archiving solutions is compliance. The staggering number of regulations – some industry estimates are as many as 10,000 worldwide – requiring email retention and specific parameters regarding how and for how long email should be stored can be confusing for administrators.

The Barracuda Message Archiver is a complete email archiving solution that meets all four driving forces. It enables effective indexing of emails, enhances operational efficiencies and addresses regulatory compliance. It provides everything needed to comply with government regulations within an easily administered plug-and-play hardware solution. It can store and index all email for easy search and retrieval by both in-house personnel and third-party auditors. It receives automatic updates, similar to Barracuda’s SPAM and WEB filtering products, to its extensive library of virus and policy definitions enabling enhanced monitoring of corporate and compliance guidelines, email attached document file format updates, and security updates for the underlying platform.

To learn more about this appliance or to facilitate an evaluation unit, please contact your Keller Schroeder Sr. Account Manager.

 Barracuda Message Archiver FAQ
http://www.barracudanetworks.com/ns/products/archiver-faq.php