Month: March 2020

by Carissa Carissa No Comments

Ransomware – Your Business Could Be At Very High Risk

Jeff Gorman Keller Schroeder President

Jeff Gorman

Everyone has items in their personal life of great value.  The intrinsic value is not based on what these things could be sold for, the value is because the items are of personal significance and can not be replaced.  The same is true for your business; you have critical data and systems which are vital to the day-to-day operation of the organization, and they have immense value to your ability to stay in business, regardless of whether the data would have value to anyone else.  This is the exact dynamic that is exploited in ransomware attacks.  Cyber-attackers exploit some aspect of your business to gain access, they encrypt your data or systems to make them unusable, and because those systems have great value to you – regardless of whether the data has value to anyone else – they trust you will pay a large ransom to get back your access to keep your business functioning.

RansomwareThe largest waves of cyberattacks now are not targeted at specific companies; they come from widespread attempts to get unprepared organizations to make a fatal flaw in action to a seemingly benign request, they exploit that action, they do things like remove your ability to access data and systems which are valuable to you and your business, and they hold those systems ransom in an attempt to get you to pay to have your access reinstated.  In general, the only market demand needed by the attacker to achieve financial success is to trust that you value your data enough to need to have access to the data for your business to run.  It does not matter the size of revenue your company generates; it does not matter whether you are a global operation or a local business; they are typically not looking to sell what they have illegally accessed.  The simple fact you now need what they have exclusive access to creates exactly the situation they need to create a market where they can profit.

This scenario may seem alarmist, but we continue to see a growing number of local businesses of a variety of sizes dealing with significant impact from ransomware scenarios exactly as described.  Organizations that are not investing in a structured approach to information security practices are at a very high risk of failing to protect what is most valuable to their business.  The investments should come in a framework of layers; there is no single tool or ‘easy’ button to adequately prepare an organization against the multitude of ways attacks can infiltrate a company in today’s hyper-connected world.

Organizations that are not investing in a structured approach to information security practices are at a very high risk of failing to protect what is most valuable to their business.

If you are not investing time and money in the areas of end-user cybersecurity education to better position employees to be able to detect malicious messages, you are doing the equivalent of asking a child unfamiliar with ‘stranger danger’ to keep people from getting into your house to see your valuable items.  If you are not deploying security platforms which actively screen incoming mail messages, links, and attachments to create an entry barrier for malicious messages, and software which detects irregular behavior and malicious files on workstations and servers, you are doing the equivalent of not caring about dangerous visitors to your house and behaviors in your neighborhood which could indicate a risk to your home.  If you are not consistently patching software to ensure identified security bugs are remediated in a timely manner and you are not doing regular vulnerability assessments to understand what potential attackers could exploit in an attempt to get access to your data, you are doing the equivalent of disregarding warnings from law enforcement about knowing your windows are unlocked and knowing thieves have been seen around your house trying to get access to your things of value.

To keep the comparison going, following an Information Security framework and implementing common practices for your organization is like having visible signs outside your house with a security fence, an alarm system, exterior cameras, and a neighborhood watch.  None of those things assure you will not fall victim to losing things of value, but the presence of barriers creates more resistance than a random attacker might find worth his time.  In information security terms, the email campaign the cyber attacker launches to try to get people to click on malicious links is only of value to the attacker if it gets delivered to the user, gets clicked by the user, gets executed on the computer of the user, and is able to spread.  If your security framework breaks that chain of events, you are going in the right direction to protect your data.

Keller Schroeder has years of experience making positive impacts on our clients with respect to all aspects of Information Technology, including Information Security.  If there is any aspect of protecting your environment where you would value some professional input discussing your current posture and common practices from our certified team, please reach out to us.  We would welcome the chance to help you protect what you value most.

by Carissa Carissa No Comments

Conversations and Innovations in Healthcare IT

Rob Wilson Principal Consultant Nashville
Rob Wilson
Principal Consultant, Greater Nashville Area

As I write this, HIMSS (Healthcare Information and Management Systems Society, Inc.) just made the difficult decision to cancel its 2020 Global Health Conference & Exhibition in Orlando on short notice based on feedback from the CDC (Centers for Disease Control and Prevention) and WHO (World Health Organization) to mitigate risks associated to the spread of Coronavirus. Keller Schroeder has represented at the annual HIMSS Conference in the past, but 2020 would have been my first time to attend personally and I was excited about the opportunity to volunteer at the Interoperability Showcase. As active members in the Indiana, Kentucky, and Tennessee HIMSS chapters, we look forward to the local and regional events planned in 2020, as well as the proposed Virtual HIMSS20 Conference alternative.

Keller Schroeder Healthcare IT In the meantime, we engage regularly in Healthcare IT conversations with the practitioners in our network. I thought it would be helpful to share what is on the minds of those Healthcare IT leaders. I’ll touch on several topics that are important in our region (if not globally) right now. Because many of these topics run deep, I am making this a multi-part series – based on our decades of IT consulting for healthcare providers in Indiana, Illinois, and Kentucky, and on conversations, I have been part of in the Greater Nashville Area over the past three years.

The journey begins at a lunchtime conversation with a senior technical talent acquisition director for Nashville’s largest local employer of healthcare professionals. He worked with dozens of hiring managers at his organization to find the right people for their internal positions. Here is a summary of the priorities mentioned by the hiring managers:

  1. Security (information and physical security from both external and internal exposures)
  2. Enterprise analytics (including descriptive and predictive)
  3. Applications integration (with legacy solutions, devices, and Electronic Health Records systems)
  4. Emerging medical innovations (Artificial Intelligence, remote monitoring, population health)
  5. Affiliations (supporting affiliated medical centers in outlying areas)
  6. Staffing (competing for talent with other companies, even in other industries)
  7. Cost containment (profitability and revenue cycle analysis)
  8. Patient experience (readmission rates, patient satisfaction, higher volumes of encounters, post-discharge experience)

This list is only the beginning. I set out to understand what other challenges healthcare providers are facing both at a macro and micro level, and what we and other providers are doing to address those challenges. What I found was that from inpatient to outpatient providers, pediatric to geriatric, behavioral, urban, and rural, there are many challenges, both universal and unique. I believe Keller Schroeder is in a position to help address many of these challenges because of our healthcare experience, our diverse competencies (software, infrastructure, information security, data strategy, and staffing), and our partnerships. As the series continues, I’ll help define these challenges and how technology is being leveraged to address them.

I’ll start by saying the reason many of these challenges still exist is because they are complicated. Innovation in healthcare is about more than just waiting for technology to catch up. There are privacy and ethical concerns, business ramifications, regulatory compliance issues, training and staffing gaps, patient care implications, etc. With stakeholders spanning patients, caregivers, payers, providers, legislators, suppliers and more, it is encouraging to see the amount of progress that has been made already despite the complexities.

I look forward to sharing more about what is happening and what to expect. Watch for the series on our company blog and social channels. Reach out to your Select Account Manager or me if you would like to learn more about our experience in Healthcare IT.

by Carissa Carissa No Comments

Cisco Intersight: Cloud-Based Management for Unified Computing Systems

Kris Linville - Senior Network Consultant Keller SchroederKris Linville
Senior Network Consultant

Cisco Intersight is a Software-as-a-Service (SaaS) platform that provides global management of your Cisco Unified Computing Systems (UCS) and Hyperflex infrastructure from a single interface.  The cloud-based intelligence gathers data from Cisco UCS Manager and the Cisco Integrated Management Controller (CIMC) to learn from hundreds of thousands of devices worldwide.  The data is combined with the Cisco knowledgebase to evolve and become smarter.  Tight integration between Intersight, the knowledge base, and TAC enables proactive system support which significantly reduces the time to issue resolution.  The aggregate information is synthesized and delivered in an actionable format through the Cisco Intersight recommendation engine.

Cisco IntersightCisco Intersight supports the OpenAPI specification and fully-functional Python and PowerShell SDKs.  It also offers a user-customizable dashboard to focus on the information, faults, and tasks that are relevant to them.  The user can then leverage the cross-launch virtual KVM and tunneling capabilities for UCS Manager, UCS Director, CIMC, and HyperFlex Connect for easy access to dive deeper into the individual systems.

The Base edition of Intersight is available for free to all Cisco UCS and Cisco HyperFlex customers running the latest versions of system software.  The Essentials edition license unlocks additional features, such as policy-based configuration with service profiles, firmware management, and the option to run as an on-prem virtual appliance to ensure compliance with data locality or security policies.  The Premier edition license includes entitlement for Cisco UCS Director.

For more information about Cisco Intersight, check out the link below and then contact your Keller Schroeder Select Account Manager a call to discuss how to get Intersight working for you.

DOWNLOAD:  Experience the Power of Cloud-Based Management with Cisco Intersight

by Carissa Carissa No Comments

A Practical Approach to Digital Transformation

Rob Wilson Principal Consultant Nashville

Rob Wilson
Principal Consultant, Greater Nashville Area

By now you have heard the term “Digital Transformation” overused, and you may still wonder what it means. While definitions vary wildly, most articles on Digital Transformation agree on two things:

              • Every organization needs one
              • It’s an ambiguous term, meaning different things to different people

As the old adage goes, “If your only tool is a hammer, then every problem looks like a nail.” Some companies think Digital Transformation is all about the digitization of paper forms or preparing for the Internet of Things (IoT). Even in our own organization, there is ambiguity around the term. Our infrastructure group, for example, will define it with an infrastructure bias, while our software group is biased toward a software definition. In the end, we believe it is about hardware and software working together to improve the performance of an organization and prepare it for future disruption.

Digital Transformation

We like to think we have helped our clients undergo their own Digital Transformations for over 40 years, although few of them actually called it that. It usually comes in the form of continuous improvement, integration, or modernization projects, as examples. To that end, many have ignored the hype, knowing the same concept may resurface under another name in the future (as tech buzzwords tend to do).

Despite the fact the term is ambiguous and overused, we have decided to embrace it. Why? First, the term simply isn’t going away. It is still a trending topic in 2020 and shows no signs of fading. Second, if properly defined, it really is a good way to describe the mindset that a company must take to remain relevant and viable in the digital age.

We have taken a long look – present, past, and future – at the solutions we have developed for and with our clients. With these projects in mind, we have drafted a “Digital Transformation Framework” for the purpose of defining what it means, why you need it, how to approach it, and what outcomes to expect. Our roadmap for Digital Transformation is based upon 12 tenets we see as key in a Digital Transformation mindset.

This year, we will share the framework with you in many ways. First, we will make our Digital Transformation Framework available to you via download from our web site, along with worksheets to help you plan your own initiatives. Second, we will present deep dives of the tenets at local and regional events. And, finally, we will share success stories and educational materials on our blog and social channels in the spirit of adding clarity to a complicated topic. While many companies claim to already have a strategy in place and some even purport to have fully implemented it, we contend that a Digital Transformation is a mindset, based on a continuum of initiatives. Watch for opportunities in 2020 to learn more through our social media, attend one of our events, and even to have an assessment done at your organization.

In the meantime, if you would like to talk Digital Transformation and how it applies to your organization, please reach out to our team anytime.

by Carissa Carissa No Comments

Regarding Upcoming Keller Schroeder Events

A Message From Keller Schroeder’s President

Keller Schroeder firmly believes our purpose as an organization is to make positive impacts on our employee-owners, our clients, and in our communities. We strive to have that balance of purpose at the core of the actions we take as an organization. It is from that purpose of striving to make positive impacts that we have reached the decision to cancel upcoming events to ensure we are properly aligning with health official recommendations for protecting the well-being of the local community and slowing the impact of the COVID-19 virus by reducing non-mandatory group interactions.

We are very grateful for partners who help sponsor and support our events, for those who have registered to attend, and to our employee-owners who have invested considerable time in planning and preparing these events. It is unfortunate to have these cancellations, but we feel confident it is the right path in terms of what we view as our responsibility to contribute to making positive impacts within the community. We look forward to the health alerts being resolved and being able to resume our practice of holding excellent events to make positive impacts in the near future.

If you have questions about any specific event, feel free to contact our Evansville office at (812) 474-6825.

Best Regards,

Jeff Gorman

Jeff Gorman Keller Schroeder President