Home Blog Page 2

Elevated risk of cyber-attacks on the Oil & Gas (Energy) sector

Elevated risk of cyber-attacks on the Oil & Gas (Energy) sector
by Stephen WagnerPosted on Posted in Business, Cloud, Oil and Gas (Energy), Security No Comments ↓

While cyber-attacks aren’t anything new and are part of everyday business risk, the increased number of attacks against the Oil and Gas industry is alarming. Traditionally when companies get “hacked”, for the most part it’s software bots scanning the internet for companies that have unpatched servers or open security holes (for example, Equifax was hacked due to an unpatched Apache Strut vulnerability). When it comes to Oil and Gas, the stakes are higher, and so is the payoff. Hence, why more and more businesses in the energy sector are coming under attack.

When there’s a specific target the above methods are still employed, however there’s the added vector of the individual and human factor actually putting effort in to compromising the systems. The added human factor bringing potential social engineering, expertise, and putting all their effort into a single target, with sometimes numerous individuals, is what makes this so dangerous. Finally, actual hacker groups often have access to “0-Day vulnerabilities”. These are vulnerabilities that haven’t been discovered to which the software developer hasn’t created a patch for. These are often used when groups are specifically targeting an organization, person, or entity.

With the decline and recession of the energy industry from 2014 to 2017, numerous companies have reduced (and in some rare cases even completely cut) their IT budgets. This includes laying off staff which actively monitor these systems, changing IT providers, and even moving to external resources (such as cloud providers) so that the company doesn’t have to maintain their own systems.

This dynamic and changing approach to IT has had its own consequences. Numerous businesses have removed most of their IT infrastructure just because they have moved to the cloud, removing all their internal IT security systems which are still required no matter where their data is stored. These systems include centralized endpoint (computer) protection, perimeter protection (corporate firewalls and unified threat management systems), active monitoring systems (monitoring the environments and security), and the infrastructure that make all these systems work. Even though some of these companies now have small or no data on their actual physical network, their credentials have become very easy to compromise, which allows attackers to access their cloud resources. They’ve essentially stripped away numerous security layers.

The recent hack on Deloitte brings emphasis to the ease of compromising some cloud based systems. The attacker gained access to their Microsoft-hosted e-mail mailboxes by getting access to the main single administrative account (username and password) which controls everything. I firmly believe in general situations that staff actively monitoring these systems could identify and stop intrusions, even stopping them from ever occurring. I also believe it would have been a different story with everything on-premise, restricted behind firewalls, perimeter security, and the complexity of the attacker not knowing or being familiar with the internal corporate network.

In addition to the move to cloud resources to save costs, companies have changed IT providers for low-cost “discount” providers. These companies advertise as providing the same services that a company is accustomed to receiving but at a fraction of the cost. These providers often don’t provide the same services, outsource support/services to other 3rd party companies (sometimes in other countries), store sensitive information on 3rd party servers, and don’t take security seriously since they focus on the number/volume of their client base and not on the quality of their work. With the added pressure of clients restricting budgets, these companies can sell and implement incorrect solutions that are often sized for a different type of business. All of this contributing to their security vulnerabilities.

Traditionally, Oil and Gas has always been big bucks! As situations and issues have arisen, money was often thrown at these issues to resolve them, this also being true with their IT systems. Over years and years, management at these companies would rarely get involved, just paying bills expecting it to work. With the decline and recession in the industry, they just assumed that they could get the same service when switching to discount providers mentioned above or migrating to cloud based resources.

Oil and Gas has always had strict IT requirements. This is due to the sensitivity of the data, compliance requirements (with regulatory bodies, associations, health and safety), value of intellectual property, adhering to governmental privacy and information acts, and investments they’ve made in big data. Additionally, due to political factors and human factors (such as environmentalism), the industry has always been under heavy scrutiny for liability (which requires even more care in maintaining and protecting data and records). This all adds to the need to protect this data.

So here we are approaching Q4 of 2017 at a time when the industry is finally picking up. Cash is starting to flow, as well as the oil in pipelines, and with the growing cyber security risk on the rise, it’s a dangerous combination that businesses need to be aware of.

Businesses and organizations need to pay special attention to their IT systems. Management needs to be actively involved, educated, and asking relevant questions. When things don’t seem right, it’s for a reason.

Not having a proper budget or resources for IT is like removing the insurance policy on millions of dollars worth of assets and equipment. You wouldn’t do the latter, so why do the former. Why would you put your IT systems that run your business and operations at risk?

 

We’ve partnered with 10ZiG to provide cutting-edge Thin Client and Zero Client endpoint devices for the latest virtual desktop solutions.

by Stephen WagnerPosted on Posted in Business, Cloud, Virtualization, VMware No Comments ↓

10ZiG Partner Logo

Today we’re happy to announce our new partnership with 10ZiG10ZiG Technology provides cutting-edge Thin Client and Zero Client endpoint devices for the latest virtual desktop solutions.

We have exciting plans which include providing VMware Horizon View solutions and utilizing 10ZiG endpoints (zero clients) for end user connectivity. We also have a few special projects in the work which may include 10ZiG‘s technologies, so stay posted for those!

Please feel free to contact us for your virtualization and VDI requirements!

 

10ZiG Corporate Website: https://www.10zig.com/

Here’s to 11 years in business!

by Stephen WagnerPosted on Posted in Business No Comments ↓

Today, we celebrate our 11th year in business anniversary!

We would like to say thank you to both our clients and vendors. Without these relationships and valued business partners, none of this would be possible!

For 11 years we have been providing IT Solutions and Services, as well as Managed Services to many different types and sizes of businesses in many different sectors. We’ve maintained and supported environments in multiple cities (from Calgary, Alberta to Carlyle, Saskatchewan), and multiple countries (from Canada to Australia).

Our Managed Services offering has helped our clients achieve their I.T. goals. We focus on quality, integrity, and high uptime to provide secure and feature rich solutions and environments. We also support these solutions and customers 24 hours a day, 7 days a week, and 365 days a year.

What makes this anniversary even more special is that it marks our expansion to Vancouver, British Columbia (as well as the Lower Mainland)!

Our new Vancouver mailing address:

Digitally Accurate Inc.
Suite 302
1350 Burrard Street
Vancouver, BC
V6Z 0C2

We can be reached by telephone at (604) 901-0140

We’d love to help you or anyone you know who is looking for IT Solutions and Services, so please don’t hesitate to contact us. We have a very attractive referral program in place!

Here’s to another year!

We’ve expanded to Vancouver, BC and the Lower Mainland!

by Stephen WagnerPosted on Posted in Business No Comments ↓

Today, 10 days away from our 11th year in business anniversary, we’re happy to announce that we have officially opened our doors in Vancouver, BC and the Lower Mainland area.

For 11 years we have been providing IT Solutions and Services, as well as Managed Services to many different types and sizes of businesses in many different sectors. We’ve maintained and supported environments in multiple cities (from Calgary AB to Carlyle SK), and multiple countries (from Canada to Australia).

Today we expand to the lower mainland in beautiful British Columbia and bring with us our experience maintaining, supporting, and managing corporate IT Infrastructure!

Our new Vancouver mailing address:

Digitally Accurate Inc.
Suite 302
1350 Burrard Street
Vancouver, BC
V6Z 0C2

We can be reached by telephone at (604) 901-0140
We’d love to help you or anyone you know who is looking for IT Solutions and Services, so please don’t hesitate to contact us. We have a very attractive referral program in place!

Today is our 10th year anniversary!

by Stephen WagnerPosted on Posted in Business No Comments ↓

Today we are happy to announce we’ve officially been in business for 10 years! It was exactly 10 years ago today that we were incorporated (July 27th, 2006).

It has been 10 years that have passed by very quickly that have included many challenges and obstacles. Throughout the years we have gone from simply providing I.T. Services billed hourly transitioning in to a full Managed Services Provider back in 2011 that designs, sells, implements, manages, and supports I.T. Solutions and Infrastructure.

We’ve come to build expertise and specializations in technologies such as Storage, SANs, Virtualization, Infrastructure, Disaster Recovery, Remote Office Connectivity, and Security just to name a few, and have evolved with these expertise to benefit specific markets such as Homebuilding, Manufacturing, Oil and Gas, Service Providers, and numerous others.

In the past 10 years we’ve provided consulting, services, and advice to over 80 companies, 5 years ago trimming that number down to a select group of companies that required mission critical Infrastructure services and Managed Services.

We’ve partnered with some of the leading companies like HP, HPe, Microsoft, Sophos, IBM, Lenovo, Symantec, and Veritas that have enabled us to provide top notch best practice solutions for our clients, thus enabling them to manage and support these environments in a cost-effective manner, contributing to their business functionality, and providing a solid foundation for them to work on their bottom line.

We cannot say THANK YOU enough to our wonderful clients, and those who have worked with us in the past. We would also like to thank our vendors and the various channel partner support teams we have worked with during solution design, technical pre-sales, and supporting the products after implementation.

 

Cheers to another 10 years of success, and cheers to expanding to new markets and areas!

 

Stephen Wagner

President

Digitally Accurate Inc.

Ready to Virtualize? Here’s some important considerations…

by Stephen WagnerPosted on Posted in Backup and Disaster Recovery, Business, Storage, Virtualization, VMware No Comments ↓

When a business makes the decision to virtualize, a whole new world opens up. Virtualization increases the capabilities of performance, disaster recovery, uptime, management of servers, management of infrastructure, the list goes on.

However, you need to make sure you Virtualize properly!

Often businesses make ill-informed decisions either based on budget, or based on misinformation provided by I.T. professionals. I want to talk briefly about a few key points which should be in your mind before making the jump to a Virtualized environment in regards to design of your solution.

1)      Performance

In virtualized environments, there are 2 key points that usually bog down the infrastructure, storage and memory (RAM).

Storage:

I’m sure you’re all familiar with the “thinking” light on computers, this is actually a LED that shows hard drive access (both writes and reads). You know how much it flashes when on a single computer when you’re doing things, now imagine 10-20 virtualized servers using the same storage system, the LED would be on solid. Enterprise (and server) storage is designed to allow more throughput and higher speeds, but keep in mind that under normal conditions even enterprise storage is designed for a single system or server to access it and provide resources to the network. This is why you really need to plan out and design your storage system.

All virtualization storage systems should be designed with virtualization in mind. With numerous virtual machines accessing the storage system (or SAN), the SAN not only has to provide high speeds and throughput, but also has to be able to process high IOPS (Input/Output per second). The storage has to respond to these I/O requests at very high speeds, all while providing high throughput of data access to each of the virtual machines. Right now for small/medium sized businesses, we recommend the HP MSA2024 SAN, which was designed for virtualization, provides extremely high IOPSs, throughput, and is extremely reliable with dual controllers. The dual controllers allow for multiple links from the SAN to the actual physical servers, this provides higher throughput, also redundancy in case a single link goes down.

There are a lot inexpensive NAS/SAN devices out there that advertise as VMWare ready, and while they are compatible, you will experience HORRIBLE issues in a production business environment with numerous VMs. I always say that these devices should only be used in labs, testing, or hobby environments. You need to expect that your SAN (including drives) will cost more than 1-2 servers.

Memory:

I can’t stress enough how important it is to load your physical virtualization host servers up with as much memory as possible. Thankfully in the last few years, using the latest generation of HP servers, RAM has become EXTREMELY affordable.

Don’t plan your solution with ONLY the amount of RAM you’ll need for the virtual machines running on a single host. In a 2-3 physical host environment add up all the RAM all you’re virtual machines will use (across all hosts), take that value and multiply it by 1.5, the product of that should be the amount of RAM you should have in each physical host. Keep in mind, if two of your physical hosts die, you’ll want to move all the VMs from the failed hosts on to the healthy host which is still running.

Further comments:

In most virtualization environments for small businesses, I always recommend to load up each physical host server with (2) X 8 or 10 Core Xeon processors. While this isn’t a rule, I always like to make sure that the virtualized CPUs correspond with a physical core, and try not to have them shared (although it’s fine if you do).

 

2)      Disaster Recovery

This is one of the most overlooked topics in virtualization. A lot of professionals actually believe that snapshots are backups, they are NOT. Snapshots are used for testing, to rollback when applying patches, are involved with backups, but are not actual real backups. Snapshots are great, but they aren’t what you’re looking for. I actually prefer not to leave virtual machines in a snapshot state for performance reasons.

It’s critical to build a disaster recovery solution that will actually allow you to have the data (or backup media) off-site. This can be achieved by using a backup system that pushes backups over fiber to a remote location, or software like Symantec Backup Exec that will actually allow you to backup to removable disk, or tape storage for the larger environments. You want to be able to have multiple point in time backups so that you can restore a system or file from 3 months ago. You don’t want to be stuck with a single backup.

A good consideration is to utilize BackupExec to backup the virtual machines to disk then to tape. This will quickly back your virtual machines up, then move/replicate the backup to tapes which in turn can be taken off-site. I know tape backup technology has been around for a while, but it’s anything from old. The latest tape backup technology can store multiple times more data that removable disks can, they also offer superior read/write speeds versus hard drives. They are also super easy to transport.

 

In conclusion, keeping these key points in mind can help you implement the best virtualized solution. It’ll help you get the best bang for your buck, and will help you avoid some problems that most first-time virtualizing companies are making today.

 

Call us for more information, and how we can help you get started with virtualization.

Client Configuration Example

by Stephen WagnerPosted on Posted in Backup and Disaster Recovery, Business, Client Configurations, HP, Microsoft, Remote Access, Security, Small Business Server, Storage No Comments ↓

In an effort to better explain Digitally Accurate’s capabilities and demo some of the solutions we implement, support, and manage we’ve decided to start putting some of our client configurations online!

This specific configuration we put together for an Oil & Gas company.

Objectives and Requirements:
-Mass Storage (Client requires 5TB+ enterprise grade storage)
-Close to 100% up-time
-Disaster Recovery solution requiring full backups weekly, and daily differentials, must be taken off-site
-Security (Both network and Anti-Virus)
-Remote Access (VPN, RDP, and Mobile devices)
-24×7 365 Unlimited Technical Support (On-site and Remote)
-Remote Monitoring
-IT Management
-Pro-active Infrastructure Management and Maintenance
-24×7 Hardware Monitoring (Client requires immediate replacement)

Solutions:
-Microsoft Windows Small Business Server Premium Edition
-2 X HP Proliant DL360 G6 Server
-Sophos Astaro Security Gateway 220 (Full Guard Bundle)
-Symantec Backup Exec 2012
-2 X HP MSL2024 StoreEver Tape Library (1 X LTO-4 SCSI, 1 X LTO-6 SAS)
-2 X HP SmartArray P800 Controller
-HP U320E SCSI Controller
-Dlink DGS-1210-48 SmartSwitch
-Symantec Protection Suite
-APC Smart-UPS XL 3000VA Extended Runtime Uninterrupted Power Supply
-APC Smart-UPS XL 48 Volt Extended Runtime Additional Battery Pack
-Platinum Managed Services from Digitally Accurate

 

HP Rack Keyboard and Video Display

HP Rack Keyboard and Video Display

125TB (compressed) of LTO-6 Storage

100TB (compressed) of HP LTO-6 Storage

MSL2024 Tape Libraries with LTO-4 and LTO-6 Tapes

HP MSL2024 Tape Libraries with LTO-4 and LTO-6 Tapes

Sophos ASG and Tape Library

Sophos ASG220 and Tape Library

Servers and Storage

2X HP DL360 G6 Servers and 2 X MSA60 Storage Arrays

2 X MSL2024 Libraries

2 X HP MSL2024 Libraries

Company website has been updated!

by Stephen WagnerPosted on Posted in Uncategorized No Comments ↓

As of today, we have rolled out a new website on or corporate site. Any feedback is appreciated!

Go to https://www.digitallyaccurate.com to check out the new layout and let us know what you think!

Digitally Accurate Inc. hits 6 years in business!

by Stephen WagnerPosted on Posted in Business No Comments ↓

Digitally Accurate Inc. turns 6 years old today! Thanks goes out to our awesome clients and vendors who made this possible!

Go to https://www.digitallyaccurate.com for information!

The importance of keeping up-to-date IT Documentation (as well as Disaster Recovery plan/policies)

The importance of keeping up-to-date IT Documentation (as well as Disaster Recovery plan/policies)
by Stephen WagnerPosted on Posted in Backup and Disaster Recovery, Business, Security No Comments ↓

In a healthy IT environment, one of the most important things you can have is documentation. Documentation provides the people who need to know with the information they require to operate, maintain, support, deliver, and protect your IT infrastructure and investment. This also allows anyone with proper skills/knowledge to perform those services in the event your usual provider may either be unavailable, terminated, switched or for some other reason can’t service you.

When going in to a new potential customer one of the biggest problems we always run in to, is that the customer has absolutely no documentation for their IT environment, no disaster recovery plan or policy, and no documents explaining licensing (licenses, licensing agreements, details, etc…).

And No! We aren’t talking about listing usernames and passwords and calling it a day, we are talking about real documentation and a small investment in time. Below is a list of some fundamentals you should have documented:

Please Note: ALWAYS protect your documentation as it is a key to access your entire network. Very few copies should exist, however the ones that do exist should be located in separate locations which are SECURE, and only protected by someone who has a vested interest in the companies well being and future.

Documentation fundamentals

  • Administrative Credentials – Most importantly, record the main master domain Administrative account (username, password, and domain), and any other administrative accounts. If any users are provided with special administrative privileges, be sure to list them as their access needs to be revoked if they are ever terminated or leave the company. If not, you are leaving a major security hole open. I’ve seen some companies leave administrative full access accounts open for users years after they left the company, this isn’t good!
  • Contact Information – Be sure to list contact information for various roles inside the company. Contact information for decision makers, and technical people should be recorded (along with after hours contact info) to make sure that if in the event something major occurs, a decision maker can be reached on the phone. The last thing you want is an emergency to occur, and it not being resolved since an IT person can’t get someone on the phone who can authorize a hardware purchase…
  • Server Configuration – Your server configuration should include all types of information (no matter how trivial). This includes networking information, administrative account details, details about Active Directory (ex. Domain name, WINS configuration, DNS Configuration), computer name, and built-in service that may be enabled (ex. DHCP, DNS, WINS, RDP, RRAS, RIS, etc…), even DHCP reservations. This provides the technical picture that shows how things were set up, and what base services are set up and providing your network by your servers. Don’t forget to include information on your server hardware. You should list all information on your server hardware, such as model numbers, serial numbers, warranty information, along with contact information on how to initiate warranty cases. Disk configuration, RAID configuration, firmware info should also be documented. This documentation should allow someone to re-setup your servers from scratch if required.
  • Network Documentation – Your networking documentation will provide the reader with how devices are dynamically configured (whether DHCP, BootP), how many devices are on the network, what networks they sit on, who has access to RDP, VPNs, how those services are accessed (IPs, hostnames), and details on how standard network services are delivered throughout your network. This documentation should provide information on how your network functions and how data goes across it. And just like your server, be sure to include models numbers, serial numbers, warranty information, and location of the hardware as well. This will provide the blueprint in the event the network requires repair, or needs to be rebuilt from scratch.
  • Network Shares – Document Network shares, file system location on the host, permission types, and description of the purpose of the share. It’s best practice to present network shares to a group of users using the same letter network drive, document this as well so it can easily be managed, or re-setup in Group Policy of required (automatic drive network mapping).
  • Workstations – Your workstations should be somewhat generalized and centrally managed. Most computers should be running the same software, based off similar hardware, and configured in the same generalized fashion. Be sure to document the process for initial configuration, required software, software configuration, and any other special options that certain users may require. It’s always good to record model numbers, serial numbers, and warranty information so it can be found quick when needed.
  • Users – Be sure to keep an activate list of users, along with group information, department, and types of access they require, e-mail addresses, and e-mail distribution lists they may be a member of. NEVER record users passwords as this is a security concern. Any work ever required by an IT professional should be easily accomplished with the Administrative credentials, even if the administrator is required to sit down with the user.
  • Printers – Be sure to record all printers, MAC addresses, and DHCP reservations you have configured for your printers. As always with all hardware, record models, serials, and warranty info. It also never hurts to record driver versions you have installed just in case it may assist with troubleshooting.
  • Licensing Information – Be sure to keep information on any major licensing agreements you have in place. Also be sure to document URLs, usernames and passwords for any licensing systems that are managed online (such as Microsoft eOpen Online Licensing, Symantec, Astaro, etc…). It’s good practice to record all licensed products, keys, and invoice numbers for the purchase of the license. In the event you may get audited, require a license key for re-installation, etc… this information will be invaluable to get it resolved quickly. This document will also clearly let you know how many licenses you have, who is using them, and what versions of software you are running.
  • Firewall Configuration – Firewall setup and configuration should be documented, along with licensing keys, port forwarding configuration, and firmware versions.

Other Documentation

A separate document that should exist is your documentation for “Disaster Recovery”. This documentation goes in to detail as to what your backup and restore policy is, how you back up your systems, how to restore your systems, and what to do in the event of a total failure where a recovery from scratch is required. If you can’t create a document that provides a step-by-step process to completely restore your businesses IT infrastructure then you are in trouble! Either find someone who can create the documentation, or implement a disaster recovery solution that can be properly documented. This documentation also allows you to test your disaster recovery solution, which you should be doing from time to time to make sure you can recovery from a failure, and that the documentation is correct!

While everything above is a good starting point for small businesses, feel free to add any other information you feel could benefit your documentation. All information is good information as long as it is organized and easily readable! Happy documenting!

If you need help with your IT Documentation or IT Services, feel free to contact us!

Top