So the latest with the Spectre/Meltdown disaster is that Microsoft have now released a patch to stop the patch that Intel released to mitigate the Spectre/Meltdown shenanigans
There is a lot of noise around GDPR. Every vendor has a product or a suite of products aimed at helping with compliance. There is no silver bullet. Indeed, much of GDPR isn’t a technology based problem.
We know that many organisations already have an investment in Office 365 and aren't aware that it has many features that can assist with important aspects of GDPR such being able do identify and secure personal data.
eDiscovery and Data Classification are key parts of GDPR. Office 365 Advanced eDiscovery includes machine learning combined with analytics which allows the sorting of large quantities of data for eDiscovery purposes.
It can eliminate duplicate files, and reconstruct email threads allowing users to to explore and discover large, unstructured data sets and quickly zero in on what is likely to be relevant.
Another important GDPR requirement is Data Loss Prevention (DLP). Office 365 can help identify sensitive information across many locations, such as Exchange Online, SharePoint Online, and OneDrive for Business.
Once it finds that information it can help with both classification and in preventing the accidental sharing of sensitive data whether that be cloud based on via desktop versions of Excel, PowerPoint and Word.
A third key GDPR areas is security. Office 365 has several features and modules to assist in that regard including Advanced Threat Protection and Threat intelligence which can provide protection from active threats such as viruses and malware whilst also evaluating emerging threats before they might impact your business.
Moroever, Office 365 offers full audit logs showing what your users are doing, facilitating any requirement to investigate security of compliance.
Consilium are actively working with organisations around the upcoming GDPR and Cyber Essentials deadlines. Please get in touch if you want to discuss how we can help you move forward with these objectives.
In addition to Microsoft based solutions we work with key partners including Veritas, Palo Alto Networks and Veeam to provide solutions to the many challenges facing organisations around GDPR and security.
There has been a lot of information in the news, and a lot of hysteria around the Meltdown and Spectre in relation to hardware exploits.
First of all, this is different from all other vulnerabilities in that it is hardware with the issue. It means hardware from Intel, AMD, ARM and others are affected. It also means that Apple devices which were traditionally thought of to be invulnerable now are. With the exception of Apple Watches – comforting.
It has been brought about by making CPU's faster and more efficient by making memory tricks the CPU to use faster and other techniques used such as speculative execution which executes a task before its required. All these performance designs helped create this issue.
In general every piece of hardware ever issued, every PC, Phone or device will be affected. It is in our estimation the biggest security we have encountered, even a bigger issue than the recent Wannacry malware outbreak.
Currently there is no known malware taking advantage of the vulnerabilities. So there is some time. You will rely on your AV to see attempts to take advantage of this flaw via specially crafted malware.
What can happen?
This exploit allows access to memory within the machine, which can be used to read data and inject your own. Passwords could be vulnerable, or any other core components.
The flaw is a hardware flaw which your operating system uses to perform day to day operations. Unfortunately because it is a hardware fault, it is impossible for the CPU manufacturers to fix. They have turned to the Operating system Companies such as Microsoft, Apple etc for a mitigation which prevents the problem being exploited for nefarious ends. It doesn’t fix the issue however. Only hardware updates can do that. For example Microsoft still say you need to have the Hardware fix to properly address it. Its entirely up to the PC manufacturers to do that.
There will be no mitigation for Windows XP/2003 and also its unlikely firmware updates will fix it given the age of hardware related to it.
Steps to fix!
There are some high level steps to mitigate the flaw. Unfortunately we are not aware of BIOS updates as yet to fix the problem.
On Your Microsoft PC/Clients:
Update your AV. It needs to be compatible with the January 2018 Windows Updates. There is a registry key which is set to allow the mitigations to come down from Microsoft. Some Antivirus programs will set this, others will not, so will need to be set.
Install all Microsoft updates to January 2018.
Confirm the following settings appear with the following Powershell command:
In an ideal world, Green settings on the following:
The above is what you are looking for, as the firmware supports mitigation, so the chipset supports hardware mitigation, but if that does not show and is red, then you are relying on the operating system to do it. As long as one line is green then the mitigation is in place, but the risk varies. If hardware support isn’t available you are reliant on the operating system to protect you.
Windows 7, 2008R2 and Windows 2012 and so on will require an additional registry key to enable this support.
Microsoft do not guarantee that the software fix will completely address the problem as officially you need to replace your hardware! It is best effort on their part. The official guidance is that if you are working on sensitive information is to replace the CPU with a non vulnerable CPU!
Its not great but that is the reality.
As above, but the patch is not enabled until you enable the registry key to turn it on.
It is totally unclear at the moment that high impact to performance, but from the initial discussions on social media 6% on desktops and reports of up to 30% drop on loaded servers is to be expected. On high Loads such as SQL Queries and I/O throughput has been measured to be adversely slowed. The effects of which is variable.
In the end its up to you to address the risk profile. If its ok to have a bit more risk, then patch, if not then replace your hardware.
Microsoft live Presentation - https://aka.ms/EMEAOOBCPU
NCSC UK guide - https://www.ncsc.gov.uk/guidance/meltdown-and-spectre-guidance
Official info on Spectre attack - https://spectreattack.com/
Windows 7, 2008 and 2012 Registry key - https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released
Veritas Vision 2017
More than a week has come and gone since Veritas Vision in the amazing City of Las Vegas. On a somewhat sombre note my thoughts go out anyone caught up in the attack earlier this week. It so easily could have been me or anyone else I was with only a week before.
The conference itself was set within the huge Aria hotel, one of the latest flagship hotels on the Vegas strip. A glamorous venue for what was going to turn out to be an awesome event. I met some amazing people form the VERITAS team, customer and partners alike.
Vision 2016 was in the same hotel at the same time as last year but I think this year was different? I’ve been to many Veritas Vision (formerly Symantec Vision) conferences over the years so why was this one different? For starters, last year was the first Vision conference after the demerger with Symantec so I think there was a bit of uncertainly all round. What direction are Veritas taking? Where will they be in a year? What’s their R&D strategy and product roadmap? So, on that, I think veritas have found their feet. What do I mean by that? Well, they are no longer ‘the NetBackup folk’ They truly are now one of the leaders in information management. Yes, the new enhancements to NetBackup look awesome and the largest appliances have faster throughput and greater capacity than ever before, never mind the enhancement to the virtual appliances for your more remote locations. In addition to the integration with Azure/AWS and the Nutanix tie up, it’s the new technology that’s exciting.
It’s the Information map. It’s Velocity, It’s Access and the Veritas Resiliency Platform and the wrap around solutions to address GDPR next year. It all seems to be coming together nicely into a portfolio of collaborative solutions that not only address your information management issues but address your GDPR compliance requirements and concerns.
One of the many interesting sessions was busting the myths around GDPR. If you are concerned about GDPR I suggest you have a look here: https://www.veritas.com/gdpr
Quote from IDC: “We believe VERITAS GDPR portfolio is the strongest in the data assessment area’
Moving on from GDPR, the whole wraparound 360 data management suite is exciting. The management of your data is becoming more and more and a daily struggle and with data growth growing exponentially, it’s something every organisation needs to address, and soon. Some of the largest companies in the works are built on the power of harnessing their information using a proper, defined information management strategy (Amazon/Uber/AirBnB to name just a few). They aren’t built on bricks and mortar or tangible assets, in fact, many have very few assets!! They are built on the basis of harnessing and using data effectively and turning data into useful information and turning information into big business. But in order to achieve this you need to know what that data is, where it is and whom the data belongs.
Another highlight of Vision was the inspiring Richard Branson who gave a keynote speech. He has always been someone that inspires me. Maybe it’s his constant smiley face, I don’t know. What is clear is that he is very much a people person and it’s clear to see people are at the heart of building his successful empire. A phrase that stuck with me “don’t treat people the way you would like to be treated, treat people the way THEY would like to be treated’.
The conference closed on a high. The awesome 80’s band ‘Foreigner’ (you know the song ‘I want to know what love is’) closed what was a fantastic conference.
If you were swithering about the benefits of going to Vision I can wholeheartedly recommend it for next year. Not only is the conference itself highly informative and fun but the hospitality VERITAS lay on during the conference and in the evenings is second to none.
And if you didn’t know, VERITAS was the mythological Roman Goddess of ‘Truth’ and the message throughout Vision 2017 was simple;
‘The Truth in information’
Let us help you find the truth in your information and your most valuable digital asset. For instance, why don’t you talk to us today about a dark data assessment? https://www.consilium-uk.com/archiving-data-management/free-dark-data-assessment/
Let us help you identify where your data is, what it is and help young on your journey to an information management strategy, GDPR compliance and unlocking the truth in your information. I for one and very buoyed by Vision this year and even more so at the prospect of helping our customers on their information management journey.
Just before I went on holiday (which is now a distant memory) I attended the Veritas #netbackupforum event in the beautiful city of Lisbon. Located in the Marriott hotel, never before have I attended an event where the main auditorium was in a converted car park underneath the building!! What a great venue and idea (photo below). The event itself gave some fantastic insight into the Veritas strategy and products moving forward and some valuable technical sessions focussing on the technology solutions important to our mutual customers. The event was attended by a mix of customers from all over EMEA and partners alike. Although centred around NetBackup, the more recent ‘wrap around’ solutions across the veritas stack were very well received by the audience. If you had a perception that Veritas were ‘just the backup guys’ then think again. They have far more to offer.
The power of information is not to be underestimated and this is what Veritas is all about. Some of the biggest businesses in the world such as Uber/AirBnB/Amazon are only a matter of a few years old and have built their business on the power of turning access to data into meaningful powerful Information to grow and run their Business. Knowing where your information is, at any given time and more importantly, understanding what that information is and the value to the business is crucial. If you’re not addressing your data management issues, your competitors sure are.
To ensure you stay ahead of the competition, understand what and where your data is and to become GDPR compliant (May 2018), please talk to us about how Consilium UK, working with the Veritas technology stack, can transform your unstructured and unmanaged data into a comprehensive data management strategy that can transform and drive your business forward.
Steven Brown, Consilium UK.
I can’t seem to go to a seminar or a conference or even every other customer meeting without the words ‘Digital Transformation’ being bandied about. So what is Digital Transformation? It seems that different people have different interpretations of what it means. In the business world, I prefer to use the term ‘Digital Business Transformation’ (DBT). Many perceive DBT as simple process changes such as shifting away from traditional marketing towards digital marketing or taking a standard paper bill and converting it into a PDF version that now arrives in your email. Yes, OK, this is a part of DBT but that’s really just the surface of what it’s all about.
We may think technology has made our lives easier but it’s created a whole new layer of complexities for businesses striving to complete in a globalised and everchanging market. Digital transformation is fundamentally changing the way your business or organisations processes work. One of the complexities of DBT is the ever changing technology landscape. Your DBT strategy needs to be developed where people and technology are the driving force behind your business transformation and continuous process improvement. All aspect of your business need to be considered including standard business functions such as HR and operations, admin, logistics. As it stands, people are what makes the world go round so people have to be at the heart of any transformation process. When considering your DBT strategy, just a few of the basic questions you need to consider are:
- How do we (internal and external customers) use technology and how will we use technology in the future?
- Has my DBT strategy considered shifts in technology trends and how people will access data and information moving forward?
- How can I bring together all aspects of my business into a combined coherent digital strategy?
It’s a massive change for traditional businesses. Businesses that refuse or are slow to change simply will not survive in this new age. We can all cite poor customer experiences (poor service/ supply chain/ communication etc) with many well known online retailers who’s traditional models are high street retailing. Yes, they now have an online shop but they still operate with legacy backend systems, poorly connected applications and data disparately spread across their organisation. This isn’t digital transformation. This is making a small change without any real transformation. One of the perfect examples of a fully digitally transformed business is Amazon (some may argue it never needed to transform as it was always digitally based). Amazon started in the digital age so has a distinct advantage in the market. Their operation is extremely slick compared to most other businesses trying to operate in that space. Why? Because every aspect of their business considers how people use technology, how people want to use technology and they can easily adapt to technology changes as their business has been built with that constant technological evolution in mind.
I blogged about GDPR (General Data Protection Regulations) a while ago and adhering to GDPR guidelines and creating a DBT strategy are all part of the overall puzzle businesses need to solve. The bigger and more complex the business the bigger the DBT challenge. Large organisations are appointing DBT teams. Smaller businesses can’t afford such luxuries and Consilium UK often talk to businesses of all shapes and sizes about making the changes to a digital age. We consult in many technologies to help our customers stay ahead so talk to us about your thoughts and concerns. It’s fair to say some business need to move quicker than others but to ensure continued business success everyone needs to be considering how the world is changing and how their business needs to adapt to this constant change.
Consilium UK is proud to be represented at the Digital Transformation event in Edinburgh on Thursday 23rd of February at Dynamic Earth.
We look forward to seeing you there.
There is finally a proper solution to protect against Ransomware!
Palo Alto Networks, a 6 year Gartner leader for Enterprise firewalls, have leveraged their expertise and cloud platform to create a class leading endpoint security platform.
Traps is an advanced endpoint protection solution that can (and should) replace your current AV. Whilst you may think your AV has protection against malware and viruses; it doesn’t. Zero Day attacks can evade virus signatures and the additional malware protection on current AV solutions aren’t robust enough to afford the right level of protection.
Traps uses multiple methods of prevention. Traps checks everything that is run on an endpoint against a whitelist in the cloud called Wildfire. When Traps encounters code it hasn’t seen it detonates that code in Palo Alto Network’s cloud and either denies if it is deemed a threat or adds it to the whitelist going forward. That whitelist is shared with all Traps customers amounting to a huge repository used by all Traps installations. In addition Traps has a number of other tools as it’s disposal including
Static Analysis via Machine Learning
- Policy Exclusion Restrictions
- Cloud Detonation
- Application Whitelisting
- Lightweight Client
- SaaS or Traditional Licencing Model
Not only is Traps effective, it’s also fast. As there is no active scanning it’s superior in terms of performance on the desktop. Some customers move to Traps purely for the benefits in performance for their desktop and VDI users.
Contact us today for a FREE trial or to sign up for webex to learn more. We will even give you a FREE drone for attending
We are also running events in Glasgow and Edinburgh in February for our Scottish customers
Brexit or no Brexit, the regulations for data protection in the UK change on the 25th of May 2018. The Government has confirmed that the decision to leave the EU will not affect the introduction of the GDPR.
So, what is the GDPR and who does it apply to?
I could really bore you here but in simplistic terms, the GDPR is a new ‘one stop shop’ set of regulations governing the access and control of cross border data and will replace the current legislation (Data Protection Directive) of 1995. The aim is to crate a consistent approach (European wide at least) to manage and protect people’s data. The rules will also govern how the data is transferred out of the EU. They apply to any organisations that control, retain or process personal information relating to any EU citizen in both the public and private sectors.
If you’re looking for some hefty bedtime reading or simply suffer from insomnia, I suggest having a good read through the information Commissioners dedicated GDPR pages here: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
We work with organisations of all shapes and sizes, public and private and many have expressed concerns that, as it stands, they don’t meet the regulatory guidelines from May 2018. What can they do? The first step has to be knowing where and what your data is and how it is transferred in, around and out of your organisation.
If you don’t know what or where your data is, how can you report on it? You can’t!
We conduct ‘Dark Data’ assessment for clients and often the results are staggering. Organisations backup a ridiculous amount of data unnecessarily increasing storage, retention and recovery costs and the volume of data being retained and backed up is increasing exponentially. We often hear ‘it’s easier to throw more storage at the problem that it is to address the problem’. This must change and the GDPR may just be the catalyst to change.
If you are legally obliged to retain data for x years, you must be able to report on your data. If you don’t have appropriate retention/archive and delete policies you could be retaining data considerably longer than you are legally obliged to. OK, so what’s the big deal with that? Well, even if you are not legally obliged to retain the data, if you have it, you must be able to report on it.
Our relationship with VERITAS is key to identifying and understanding where and what your data is, creating information management solutions and helping you down the joyous road towards GDPR compliance.
VERITAS Data Insight:
Check out the Data Insight and GDPR pages at VERITAS and talk to us today about how we can help. The clock is ticking.
One of the benefits of course of being on Office 365, is the rapid release of new features.
Microsoft maintain a list of new features, and their expected release date on their roadmap.
Many of these are fairly small, however of good news to many of our customers will be the update of mailbox sizes in the popular E3 plan to 100GB!
A nice wee xmas present for some of you there.
The threats we see on a daily basis include attacks specifically designed to skirt around traditional antivirus defences. Ransomware is a multimillion Pound industry, and before an attacker launches a ransomware campaign they confirm that the AV doesnt see their attack, and makes sure they also exploit widely used applications such as PDF readers and Web browsers.
The attackers can also buy Exploit systems with support online. So they dont need to know the technical elements before they launch.
I recently created a Demonstration video showing zero day threats against Palo Alto Networks Traps. This is an advanced endpoint protection product and in my eyes the best replacement for traditional endpoint AV. The key is not to what we know is a threat, but we must know what is good, threat and most importantly unknown. Consilium can deploy this in the traditional on-premise ESM Server as well as a managed service for smaller organisations.