banner-why-daymark.jpg

Information Technology Navigator

Tips, Advice & Insights from Technology Pros

Pandemic Threat Reality

 

Mimecast held their 2020 Cyber Resilience Summit remotely this year covering a wide range of topics. You can read our previous blog “Mimecast Cyber Resilience Summit 2020 – Key Takeaways” for those highlights. In addition, Mimecast provided some alarming data on the pandemic threat reality that we are facing.

 

Mimecast collected 100 days of detection data from January 2020 to April 2020. The results below reveal a 36.9% INCREASE in threat detections, where the key focus of threat actors has become high volume Spam and Impersonation. Here’s the breakdown: 

Read More
Wed, Sep 30, 2020
Share:   

Mimecast Cyber Resilience Summit 2020 – Key Takeaways

 

Mimecast held their 2020 Cyber Resilience Summit remotely this year, providing some interesting updates to their suite of cyber security tools.  As a leading Email Security Gateway, Mimecast has expanded their portfolio over the last few years into a more robust and comprehensive framework that they have dubbed “Email Security 3.0”.

 

The Email Security 3.0 Framework can be broken out into three zones of protection:

Zone 1:  Perimeter – This is your traditional email delivery path and is saturated with relentless attacks.  In order to protect against these threats, Mimecast leverages their advanced Targeted Threat Protection including impersonation protection, attachment sandbox, and URL Protection.

Read More
Mon, Sep 21, 2020
Share:   

State-Backed Hackers Targeting All Exchange Servers

On February 11 2020, Microsoft released a patch for Exchange Servers that would fix a vulnerability pertaining to unauthorized access to the backend of the Exchange Control Panel. There is now confirmation from a source at the United States Department of Defense that multiple nation-state backed actors and other ransomware gangs are actively and maliciously exploiting this vulnerability on unpatched systems. The vulnerability results from the Exchange Server failing to properly create unique cryptographic keys at the time of installation. The hackers’ sophisticated exploits circumvent encryption, granting them full access of the server.

It is imperative that the latest patches from February 11th be applied as even a single Exchange instance puts you at risk.

Read More
Tue, Mar 10, 2020
Share:   

Beyond Disaster Recovery

 

For many of us, a rock-solid business continuity/disaster recovery (BC/DR) plan can mean the difference between a good night’s sleep and living in constant fear of impending doom. Hyperbole aside, many BC/DR plans are under-tested, under-architected, and misunderstood by businesses. Sure, you may have a copy of your data at a secondary site, but how do you know it’s accessible to applications in the event of a failover? How do you ensure your most business-critical applications (complex interdependencies and all) come online properly and quickly? How do you automate and orchestrate changes to networking or startup scripts when your VMs fail-over? Just as importantly, how do you effectively test that all of this will work when it matters most? 

Read More
Tue, Apr 02, 2019
Share:   

Nuances of Azure’s Shared Responsibility Security Model

The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.

It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:

Read More
Wed, Feb 27, 2019
Share:   

Reduce Costs and Network Bandwidth for Cloud Storage – Dedupe it!

As businesses continue to look to the cloud to improve efficiency, reduce costs and meet the need for agility, data protection has been a workload worth strong consideration. As an alternative to tape, the cloud provides the potential for “cheap and deep” storage targets for data that needs longer-term retention, but not necessarily the recovery performance of local storage. However, those who have migrated backup to the cloud have been unpleasantly surprised by high cloud storage costs and suboptimal performance. The culprit: lack of deduplication.

Read More
Thu, Jun 21, 2018
Share:   

Pending Initial Public Offering (IPO) Puts Security in the Spotlight

Becoming a publicly traded company has a profound impact on the way a business operates. The technology that is in place, and how it is deployed, can also come under close scrutiny. That was certainly the case for one of Daymark’s life science clients whose pending IPO put a spotlight on network security and data protection. In this blog, Steve Caprio, Daymark Cloud Consultant, answers some questions on the security journey of this enterprise.

Read More
Thu, Apr 26, 2018
Share:   

My Data Protection Deep Dive

As a Daymark Senior Data Protection Consultant, I genuinely get excited when I can learn about new features and approaches that help keep our clients’ data efficiently backed up, recoverable and secure. So, I was excited when Veritas nominated me to attend their 2017 Data Protection Interlock, an invitation-only global technical training event.

Read More
Tue, Nov 07, 2017
Share:   

Don’t Click that Link! Why Phishing Continues to Work

Cybercriminals continue to use phishing attacks on individuals within enterprises. With increased sophistication and multiple attack vectors, businesses must be vigilant at every step of the way to prevent infiltration. Let me share a recent example-

Today I received an email from a recruiter. It’s not out of the ordinary for recruiters to ping us with resumes hoping that we will see a fit for their candidate. This one was well written, had a company logo, and a picture of the sender. Including pictures is a growing trend with recruiters

Read More
Thu, Jul 06, 2017
Share:   

Cost Justifying a Data Protection Service

To date, we’ve looked at making a compelling financial case for an investment in software and making the business case for a new disk array. In this last blog, I’ll talk about making an increasingly frequent IT decision, seeking the expertise of an IT Managed Service Provider.

Read More
Wed, Nov 30, 2016
Share: