Microsoft Windows 7 Support ending January 2020 (Windows 7 End of Life)

Microsoft Windows Logo

On January 14th 2020, Microsoft will be officially ending extended support for Microsoft Windows 7. All your computers should now be running Windows 10 by this point.

What this means

When a product is in a supported state, specifically Microsoft Windows, Microsoft is currently and actively supporting the product. They are releasing security updates and patches to keep the product secure, creating updates to make sure the product is functioning properly and in a stable fashion, and supporting the products use by making sure it’s working with other Microsoft products.

Typically software, operating systems, and technologies eventually fall out of support. This means that Microsoft will no longer work to secure that product, update the product, and make the product better. This is because the product has been replaced by something newer, or is no longer supposed to be in use.

Microsoft Windows 7 has been replaced by Microsoft Windows 10 and users should upgrade before support is ended on January 14th 2020.

What now

At this point if you’re running Windows 10 on all your workstations, you have nothing to worry about (as long as you’re keeping them up to date with Windows updates).

However, if you’re running Windows 7 on any of your computers, you’ll need to start planning to either upgrade them, or replace them with new Windows 10 computers.

Chances are if the computers are old enough to be running Windows 7, the hardware is old enough that it may be better to do a workstation refresh and purchase new computers that ship with Windows 10.

Important Considerations for Businesses

You’ll also need to make sure that all the applications that your business uses (line of business applications) are supported and work on Windows 10. Some companies are behind on releases of major software packages, and some of these programs may have worked on Windows 7, but require an upgrade to work on Windows 10. You’ll need to test all your applications on Windows 10 before doing a companywide upgrade.

You’ll also need to make sure that your server infrastructure can support Windows 10 client PCs. As an example, some businesses are still using Microsoft Small Business server, which requires modifications for it to function with Windows 10 PCs. You’ll need to make sure you’re fully setup to run Windows 10.

Final thoughts

Even though it may seem like there’s a bunch of time before January 2020, it flies by quick and we recommend to start your migration project soon.

When you add up the time it takes for application compatibility testing, ordering of new computers and delivery times, configuration and deployment of the new computers, and post migration support, you’ll already be creeping up on the EoL (End of Life) date of January 14th 2020.

 

Contact us if you need help planning or executing your Windows 10 upgrade migration project!

Hosted Desktop Infrastructure (HDI) vs Virtual Desktop Infrastructure (VDI)

Business Desktop Computers

In the ever-evolving world of IT and End User Computing (EUC), new technologies and solutions are constantly being developed to decrease costs, improve functionality, and help the business’ bottom line. In this pursuit, as far as end user computing goes, two technologies have emerged: Hosted Desktop Infrastructure (HDI), and Virtual Desktop Infrastructure (VDI). In this post I hope to explain the differences and compare the technologies.

We’re at a point where due to the low cost of backend server computing, performance, and storage, it doesn’t make sense to waste end user hardware and resources. By deploying thin clients, zero clients, or software clients, we can reduce the cost per user for workstations or desktop computers, and consolidate these on the backend side of things. By moving moving EUC to the data center (or server room), we can reduce power requirements, reduce hardware and licensing costs, and take advantage of some cool technologies thanks to the use of virtualization and/or Storage (SANs), snapshots, fancy provisioning, backup and disaster recovery, and others.

And it doesn’t stop there, utilizing these technologies minimizes the resources required and spent on managing, monitoring, and supporting end user computing. For businesses this is a significant reduction in costs, as well as downtime.

What is Hosted Desktop Infrastructure (HDI) and Virtual Desktop Infrastructure (VDI)

Many IT professionals still don’t fully understand the difference between HDI and VDI, but it’s as sample as this: Hosted Desktop Infrastructure runs natively on the bare metal (whether it’s a server, or SoC) and is controlled and provided by a provisioning server or connection broker, whereas Virtual Desktop Infrastructure virtualizes (like you’re accustomed to with servers) the desktops in a virtual environment and is controlled and provided via hypervisors running on the physical hardware.

Hosted Desktop Infrastructure (HDI)

As mentioned above, Hosted Desktop Infrastructure hosts the End User Computing sessions on bare metal hardware in your datacenter (on servers). A connection broker handles the connections from the thin clients, zero clients, or software clients to the bare metal allowing the end user to see the video display, and interact with the workstation instance via keyboard and mouse.

Pros:

-Remote Access capabilities

-Reduction in EUC hardware and cost-savings

-Simplifies IT Management and Support

-Reduces downtime

-Added redundancy

-Runs on bare metal hardware

-Resources are dedicated and not shared, the user has full access to the hardware the instance runs on (CPU, Memory, GPU, etc)

-Easily provide accelerated graphics to EUC instances without additional costs

-Reduction in licensing as virtualization products don’t need to be used

 

Cons:

-Limited instance count to possible instances on hardware

-Scaling out requires immediate purchase of hardware

-Some virtualization features are not available since this solution doesn’t use virtualization

-Additional backup strategy may need to be implemented separate from your virtualized infrastructure

 

Example:

If you require dedicated resources for end users and want to be as cost-effective as possible, HDI is a great candidate.

An example HDI deployment would utilize HPe Moonshot which is one of the main uses for HPe Moonshot 1500 chassis. HPe Moonshot allows you to provision up to 180 OS instances for each HPe Moonshot 1500 chassis.

More information on the HPe Moonshot (and HPe Edgeline EL4000 Converged Edge System) can be found here: https://www.stephenwagner.com/2018/08/22/hpe-moonshot-the-absolute-definition-of-high-density-software-defined-infrastructure/

 

Virtual Desktop Infrastructure (VDI)

Virtual Desktop Infrastructure virtualizes the end user operating system instances exactly how you virtualize your server infstructure. In VMware environments, VMware Horizon View can provision, manage, and maintain the end user computing environments (virtual machines) to dynamically assign, distribute, manage, and broker sessions for users. The software product handles the connections and interaction between the virtualized workstation instances and the thin client, zero client, or software client.

Pros:

-Remote Access capabilities

-Reduction in EUC hardware and cost-savings

-Simplifies IT Management and Support

-Reduces downtime

-Added redundancy

-Runs as a virtual machine

-Shared resources (you don’t waste hardware or resources as end users share the resources)

-Easy to scale out (add more backend infrastructure as required, don’t need to “halt” scaling while waiting for equipment)

-Can over-commit (over-provision)

-Backup strategy is consistent with your virtualized infrastructure

-Capabilities such as VMware DRS, VMware HA

 

Cons:

-Resources are not dedicated and are shared, users share the server resources (CPU, Memory, GPU, etc)

-Extra licensing may be required

-Extra licensing required for virtual accelerated graphics (GPU)

 

Example:

If you want to share a pool of resources, require high availability, and/or have dynamic requirements then virtualization would be the way to go. You can over commit resources while expanding and growing your environment without any discontinuation of services. With virtualization you also have access to technologies such as DRS, HA, and special Backup and DR capabilities.

An example use case of VMware Horizon View and VDI can be found at: https://www.digitallyaccurate.com/blog/2018/01/23/vdi-use-case-scenario-machine-shops/

Conclusion

Both technologies are great and have their own use cases depending on your business requirements. Make sure you research and weigh each of the options if you’re considering either technologies. Both are amazing technologies which will compliment and enhance your IT strategy.

Digitally Accurate Inc. visits HPe Headquarters in Toronto, Ontario

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

Recently we had the pleasure of visiting the HPe (Hewlett Packard Enterprise) headquarters in Toronto Ontario. During this visit we had a chance to talk tech, visit the Canadian Center of Excellence (CCoE), and discuss some of the product road maps moving forward.

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

Digitally Accurate Inc. has been a long time partner of HPe, and we specialize in solutions that include HPe product.

In the meetings, we discussed:

  • Compute, Storage, and IoT
  • Edge IoT Compute
  • HPe 3Par Storage
  • HPe Nimble Storage
  • HPe Simplivity
  • HPe Synergy
  • HPe MSA 2050/2052
  • Virtualization (Service, VDI) on HPe Platforms
  • SAP S4/HANA on HPe TDI Certified Appliances

Here’s some pictures from the trip

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Center of Excellence Datacenter at HPe HQ Toronto, Ontario

HPe Center of Excellence Datacenter at HPe HQ Toronto, Ontario

 

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Rack at HPe CCoE Data center

HPe Rack at HPe CCoE Data center

 

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Nimble Storage and HPe Syntergy at HPe HQ CCoE Data Center

HPe Nimble Storage and HPe Syntergy at HPe HQ CCoE Data Center

 

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

 

HPe IoT Edge 1U Rack

HPe IoT Edge 1U Rack

 

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

 

 

HPe Build your Rack Visualizer

HPe Build your Rack Visualizer

We’re looking forward to our continued partnership and work with HPe!

A big thank you goes out to to Bob Wong, Christine Wang, Igor Samuk, Rob Drover, Jordan Nanos, Kyle Falzetta, Asha Wright, and Zachary Zicarelli for the invite and warm welcome!

Secure your business and enterprise IT systems with Multi Factor Authentication (MFA)

Duo Security Logo

When you’re looking for additional or enhanced options to secure you’re business and enterprise IT systems, MFA/2FA can help you achieve this. Get away from the traditional single password, and implement additional means of authentication! MFA provides a great compliment to your cyber-security policies.

Here at Digitally Accurate Inc, we’ve been using the Duo Security‘s MFA product in our own infrastructure, as well as our customers environments for some time. Digitally Accurate is a DUO Partner and can provide DUO MFA Services including licensing/software and the hardware tokens (Duo D-100 Tokens using HOTP).

What is MFA/2FA

MFA is short for Multi Factor authentication, additionally 2FA is short for Two Factor Authentication. While they are somewhat the same, multi means many, and 2 means two. Additional security is provided with both, since it provides more means of authentication.

Traditionally, users authenticate with 1 (one) level of authentication: their password. In simple terms MFA/2FA in addition to a password, provides a 2nd method of authentication and identity validation. By requiring users to authentication with a 2nd mechanism, this provides enhanced security.

Why use MFA/2FA

In a large portion of security breaches, we see users passwords become compromised. This can happen during a phishing attack, virus, keylogger, or other ways. Once a malicious user or bot has a users credentials (username and password), they can access resources available to that user.

By implementing a 2nd level of authentication, even if a users password becomes compromised, the real (or malicious user) must pass a 2nd authentication check. While this is easy for the real user, in most cases it’s nearly impossible for a malicious user. If a password get’s compromised, nothing can be accessed as it requires a 2nd level of authentication. If this 2nd method is a cell phone or hardware token, a malicious user won’t be ale to access the users resources unless they steal the cell phone, or hardware token.

How does MFA/2FA work

When deploying MFA or 2FA you have the option of using an app, hardware token (fob), or phone verification to perform the additional authentication check.

After a user attempts to logs on to a computer or service with their username and password, the 2nd level of authentication will be presented, and must pass in order for the login request to succeed.

Please see below for an example of 2FA selection screen after a successful username and password:

Duo MFA 2FA Prompt on Windows Login

Duo Security Windows Login MFA 2FA Prompt

 

After selecting an authentication method for MFA or 2FA, you can use the following

2FA with App (Duo Push)

Duo Push sends an authentication challenge to your mobile device which a user can then approve or deny.

Please see below for an example of Duo Push:

Duo Push Notification to Mobile Android App

Duo Push to Mobile App on Android

Once the user selects to approve or deny the login request, the original login will either be approved or denied. We often see this as being the preferred MFA/2FA method.

2FA with phone verification (Call Me)

Duo phone verification (Call Me) will call you on your phone number (pre-configured by your IT staff) and challenge you to either hangup to deny the login request, or press a button on the keypad to accept the login request.

While we rarely use this option, it is handy to have as a backup method.

2FA with Hardware Token (Passcode)

Duo Passcode challenges are handled using a hardware token (or you can generate a passcode using the Duo App). Once you select this method, you will be prompted to enter the passcode to complete the 2FA authentication challenge. If you enter the correct passcode, the login will be accepted.

Here is a Duo D-100 Token that uses HOTP (HMAC-based One Time Password):

Duo D-100 HOTP Hardware Token

Duo D-100 HOTP Hardware Token

When you press the green button, a passcode will be temporarily displayed on the LCD display which you can use to complete the passcode challenge.

You can purchase Hardware Token’s directly from Digitally Accurate Inc by contacting us, your existing Duo Partner, or from Duo directly. Duo is also compatible with other 3rd party hardware tokens that use HOTP and TOTP.

2FA with U2F

While you can’t visibly see the option for U2F, you can use U2F as an MFA or 2FA authentication challenge. This includes devices like a Yubikey from Yubico, which plugs in to the USB port of your computer. You can attach a Yubikey to your key chain, and bring it around with you. The Yubikey simply plugs in to your USB port and has a button that you press when you want to authenticate.

When the 2FA window pops up, simply hit the button and your Yubikey will complete the MFA/2FA challange.

 

What can MFA/2FA protect

Duo MFA supports numerous cloud and on-premise applications, services, protocols, and technologies. While the list is very large (full list available at https://duo.com/product/every-application), we regularly deploy and use Duo Security for the following configurations.

Windows Logins (Server and Workstation Logon)

Duo MFA can be deployed to not only protect your Windows Servers and Workstations, but also your remote access system as well.

When logging on to a Windows Server or Windows Workstation, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on Windows Login

Duo Security Windows Login MFA 2FA Prompt

VMWare Horizon View Clients (VMWare VDI Logon)

Duo MFA can be deployed to protect your VDI (Virtual Desktop Infrastructure) by requiring MFA or 2FA when users log in to access their desktops.

When logging on to the VMware Horizon Client, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on VMWare Horizon Client Login

Duo Security VMWare Horizon Client Login MFA 2FA Prompt

Sophos UTM (Admin and User Portal Logon)

Duo MFA can be deployed to protect your Sophos UTM firewall. You can protect the admin account, as well as user accounts when accessing the user portal.

If you’re using the VPN functionality on the Sophos UTM, you can also protect VPN logins with Duo MFA.

Unix and Linux (Server and Workstation Logon)

Duo MFA can be deployed to protect your Unix and Linux Servers. You can protect all user accounts, including the root user.

We regularly deploy this with Fedora and CentOS and you can protect both SSH and/or console logins.

When logging on to a Unix or Linux server, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on CentOS Linux Login

Duo Security CentOS Linux login MFA 2FA Prompt

WordPress Logon

Duo MFA can be deployed to protect your WordPress blog. You can protect your admin and other user accounts.

If you have a popular blog, you know how often bots are attempting to hack and brute force your passwords. If by chance your admin password becomes compromised, using MFA or 2FA can protect your site.

When logging on to a WordPress blog admin interface, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on WordPress Login

Duo Security WordPress Login MFA 2FA Prompt

How easy is it to implement

Implementing Duo MFA is very easy and works with your existing IT Infrastructure. It can easily be setup, configured, and maintained on your existing servers, workstations, and network devices.

Duo offers numerous plugins (for windows), as well as options for RADIUS type authentication mechanisms, and other types of authentication.

How easy is it to manage

Duo is managed through the Duo Security web portal. Your IT admins can manage users, MFA devices, tokens, and secured applications via the web interface. You can also deploy appliances that allow users to manage, provision, and add their MFA devices and settings.

Duo also integrates with Active Directory to make managing and maintaining users easy and fairly automated.

Let’s get started with Duo MFA

Want to protect your business with MFA? Give us a call today!

Got Battery Backup? Try the Eaton 9130 UPS and EBM!

Today we want to share with you an Eaton UPS and EBM (Extended Battery Module) we recently setup for one of our customers. This provides all their server infrastructure 3 hours of run time in a blackout! Additional EBM’s can be added to increase run-time significantly.

The Eaton 9130 uses double conversion to supply power to your equipment, and has an efficiency rating of over 95%.

In the configuration below, we used:

  • PW9130L1500T-XL
  • PW9130N1500T-EBM
  • NETWORK-MS

 

Please see below for pictures:

PW9130L1500T-XL
PW9130N1500T-EBM

 

PW9130L1500T-XL

PW9130L1500T-XL

 

PW9130N1500T-EBM

PW9130N1500T-EBM

 

PW9130L1500T-XL

PW9130L1500T-XL

 

PW9130L1500T-XL (Front)

PW9130L1500T-XL

 

Contact us for your Eaton and/or IT power requirements!

Sophos SG 230 UTM Firewall Upgrade

Sophos SG 230 UTM

This weekend, one of our customers had an aging Sophos UTM 220 which was reaching it’s end of life (EOF). The upgrade path for the Sophos UTM220 is the new Sophos UTM SG 230.

Here’s a few pictures of the unboxing and deployment:

Sophos UTM SG 230 Box

Sophos SG 230 UTM

Sophos UTM SG 230

Here’s the specifications on the SG 210 and SG 230:

Sophos SG 210 SG 230 Specifications

 

Digitally Accurate Inc. is a Sophos Partner providing hardware and services in Calgary, Alberta and Vancouver, BC. Contact us today!

We’re proud to announce our partnership with Red Hat Inc!

Red Hat Ready Business Partner Logo

We’re proud to announce our partnership with Red Hat!

Red Hat is the world’s leading provider of open source solutions, using a community-powered approach to provide reliable and high-performing cloud, virtualization, storage, Linux, and middleware technologies.

By adding this partnership to our growing network, we continue to establish and maintain ourselves as a leading all-encompassing turnkey IT solution and managed services provider for businesses. We differentiate ourselves from competition by managing and advising both on the business and technical aspects of information technology, where our competitors usually strictly focus on the technical.

Contact us today for more information!

The 10ZiG 5948q Zero Client, perfect for the power class user

10ZiG 5948q Zero Client

Today we present the 10ZiG 5948q Zero Client

10ZiG 5948q Zero Client

10ZiG 5948q Zero Client

We received two of these units last Friday (from the 10ZiG 5900 series) for demo purposes and internal use at Digitally Accurate Inc. These zero clients are perfect for corporate desktop virtualization, and these specific models are targeted for power class users who require high performance from their VDI environments. The 5948q achieves this by supporting 3 displays at 4K UHD, Gigabit Ethernet, and USB 3.0 ports.

For our demonstrations, we are using these zero clients with VMware Horizon View (the part number for the device with the VMware Horizon firmware is 5948qv).

10ZiG 5900q Series Box Shot

10ZiG 5900q Series Box Shot

The 10ZiG 5948q is small but sleek device, featuring the following:

  • 2 DisplayPort connections
  • 1 HDMI connection
  • 2 Hidden USB 2.0 Ports in the swivel base
  • 2 USB 2.0 Ports on the rear of the unit
  • 2 USB 3.0 Ports on the front of the unit
  • 1 USB 2.0 Port on the front of the unit
  • 1 X Audio Line-out, and 1X Microphone (Audio In)

Our specific unit shipped with 4GB of RAM, however they can be ordered with 8GB of RAM.

Some other highlights are follows:

  • Quad-Core Intel Pentium N Series N3710 (Based on the Intel Braswell Refresh CPU @ 1.6 -2.56 Ghz Burst)
  • Intel HD 400 Graphics
  • 7 USB Ports in all
  • Supports PoE
  • Centrally managed via the 10ZiG Manager (we’ll have more on this in a later post)
  • Optional 802.11 a/b/g/n/ac internal wireless

The 10ZiG 5948q specification sheet can be found here: https://www.10zig.com/application/files/2815/1078/4304/5948q_Series_Spec_Sheet.pdf

We were very pleased at how well put together these devices were (heavy metal feeling, no light plastic), and they are extremely visually appealing.

10ZiG 5948q Zero Client

10ZiG 5948q Zero Client

While we specifically purchased these for use with VMware Horizon View, they can also be used with Citrix, RDP, and Parallels RAS technologies, are all easily switchable with the 10ZiG Manager (deploy firmwares on the fly). You can also order the devices shipped with your firmware of choice.

Contact us today for a demo, or if you’d like to purchase any 10ZiG products!

Digitally Accurate Inc. is based in Calgary and Vancouver and is a VMware solution provider, and 10ZiG partner. Contact us for anything VDI related!

VDI Use Case Scenario – Machine Shops

VDI Use Case Scenario – Machine Shop

In today’s use case scenario, a machine shop has a requirement for many workstations with high-end compute and GPU requirements. Instead of spending a fortune on many high-end workstations and having those resources sit idle and wasted when not being used, the company could implement desktop virtualization (VDI) with VMware Horizon View on HPe proliant servers with accelerated graphics using AMD MxGPUs. Then simply roll out 10ZiG Technology zero clients!

The result? A small fortune saved! In an environment with 20+ workstations, the company could realize up to 50% in cost savings on hardware.

Benefits:

  • Enhanced disaster recovery options (backup is done on the VDI virtualization server, new backup capabilities are realized)
  • Higher up time (servers have redundant systems, end user zero clients are easily swappable if failure occurs)
  • Reduce hardware management costs (zero clients require almost no management and have a very small support requirement footprints)
  • Reduce software management costs (easier to manage virtual desktops, less time spent resolving issues)
  • Reduce IT support requirements (everything is centrally managed, easy to manage, and less problems occur)
  • Resource over-allocation (No more idle CPUs or  GPUs. Allocate what’s needed from a shared pool of resources)

 

Digitally Accurate Inc. is a Calgary and Vancouver based VMware solution provider partner! Contact us today for more information on Desktop Virtualization, VMware vSphere, VMware Horizon View, or 10ZiG Zero Clients.

Elevated risk of cyber-attacks on the Oil & Gas (Energy) sector

Oil Pump Jack

While cyber-attacks aren’t anything new and are part of everyday business risk, the increased number of attacks against the Oil and Gas industry is alarming. Traditionally when companies get “hacked”, for the most part it’s software bots scanning the internet for companies that have unpatched servers or open security holes (for example, Equifax was hacked due to an unpatched Apache Strut vulnerability). When it comes to Oil and Gas, the stakes are higher, and so is the payoff. Hence, why more and more businesses in the energy sector are coming under attack.

When there’s a specific target the above methods are still employed, however there’s the added vector of the individual and human factor actually putting effort in to compromising the systems. The added human factor bringing potential social engineering, expertise, and putting all their effort into a single target, with sometimes numerous individuals, is what makes this so dangerous. Finally, actual hacker groups often have access to “0-Day vulnerabilities”. These are vulnerabilities that haven’t been discovered to which the software developer hasn’t created a patch for. These are often used when groups are specifically targeting an organization, person, or entity.

With the decline and recession of the energy industry from 2014 to 2017, numerous companies have reduced (and in some rare cases even completely cut) their IT budgets. This includes laying off staff which actively monitor these systems, changing IT providers, and even moving to external resources (such as cloud providers) so that the company doesn’t have to maintain their own systems.

This dynamic and changing approach to IT has had its own consequences. Numerous businesses have removed most of their IT infrastructure just because they have moved to the cloud, removing all their internal IT security systems which are still required no matter where their data is stored. These systems include centralized endpoint (computer) protection, perimeter protection (corporate firewalls and unified threat management systems), active monitoring systems (monitoring the environments and security), and the infrastructure that make all these systems work. Even though some of these companies now have small or no data on their actual physical network, their credentials have become very easy to compromise, which allows attackers to access their cloud resources. They’ve essentially stripped away numerous security layers.

The recent hack on Deloitte brings emphasis to the ease of compromising some cloud based systems. The attacker gained access to their Microsoft-hosted e-mail mailboxes by getting access to the main single administrative account (username and password) which controls everything. I firmly believe in general situations that staff actively monitoring these systems could identify and stop intrusions, even stopping them from ever occurring. I also believe it would have been a different story with everything on-premise, restricted behind firewalls, perimeter security, and the complexity of the attacker not knowing or being familiar with the internal corporate network.

In addition to the move to cloud resources to save costs, companies have changed IT providers for low-cost “discount” providers. These companies advertise as providing the same services that a company is accustomed to receiving but at a fraction of the cost. These providers often don’t provide the same services, outsource support/services to other 3rd party companies (sometimes in other countries), store sensitive information on 3rd party servers, and don’t take security seriously since they focus on the number/volume of their client base and not on the quality of their work. With the added pressure of clients restricting budgets, these companies can sell and implement incorrect solutions that are often sized for a different type of business. All of this contributing to their security vulnerabilities.

Traditionally, Oil and Gas has always been big bucks! As situations and issues have arisen, money was often thrown at these issues to resolve them, this also being true with their IT systems. Over years and years, management at these companies would rarely get involved, just paying bills expecting it to work. With the decline and recession in the industry, they just assumed that they could get the same service when switching to discount providers mentioned above or migrating to cloud based resources.

Oil and Gas has always had strict IT requirements. This is due to the sensitivity of the data, compliance requirements (with regulatory bodies, associations, health and safety), value of intellectual property, adhering to governmental privacy and information acts, and investments they’ve made in big data. Additionally, due to political factors and human factors (such as environmentalism), the industry has always been under heavy scrutiny for liability (which requires even more care in maintaining and protecting data and records). This all adds to the need to protect this data.

So here we are approaching Q4 of 2017 at a time when the industry is finally picking up. Cash is starting to flow, as well as the oil in pipelines, and with the growing cyber security risk on the rise, it’s a dangerous combination that businesses need to be aware of.

Businesses and organizations need to pay special attention to their IT systems. Management needs to be actively involved, educated, and asking relevant questions. When things don’t seem right, it’s for a reason.

Not having a proper budget or resources for IT is like removing the insurance policy on millions of dollars worth of assets and equipment. You wouldn’t do the latter, so why do the former. Why would you put your IT systems that run your business and operations at risk?

 

Top