Northern Micro Profiled by Business in Focus Magazine

December 2016 – This month’s edition of Business in Focus Magazine featured a five page article about Northern Micro
 
Business in Focus Magazine is an international magazine distributed across North America with over 360,000 copies distributed monthly.
 
We’re so excited to be spotlighted as a local Ottawa business and get international exposure in the media!
 
Read the full article here:

What is the Best Device for Your School?

As an administrator, how can you be certain you are making the best possible investment for your students and your school?
It’s a big responsibility. Budget restrictions make school purchasing decisions extraordinarily important. You will want to make sure that every dollar is used to further the educational and administrative goals of your school. Just as every student has different strengths and challenges so do the various devices on the market. In addition, different schools have different need profiles: some schools give priority to a rugged and durable device, some want hybrid options, some are solely price driven while others are motivated by a combination of factors.

This article highlights a number of options that may be of interest to those in the education sector looking for a budget or mid-range device.

Top 10 Reasons to Use Windows 10 in Your Classroom

Windows 10 is an effective tool for getting great results in the classroom. The best version of Windows yet, it brings you exciting new features and innovative new tools to get things done, fast. Windows 10 Education expands upon Windows 10 Enterprise, and is specifically designed to meet the needs of schools—staff, administrators, teachers and students.

There are many exciting ways and opportunities for classrooms to benefit from this tool. What makes this version of Windows rise above any other platform? Let us tell you about the top 10 innovations that caught our eye:

1. Windows 10 is Designed for All Styles of Learning

We all learn differently. A whopping 73% of teachers report that technology allows them to tailor their teaching methods in a way to best meet the various different learning styles of their students. Windows provides a range of modalities: voice, pen, touch, and gesture that allows students to interact with their PCs in a way that best suits them. A more natural fit lends itself to a better learning experience.

2. Think With Digital Ink

Windows 10 allows students to draw upon the benefits of old school tools while using new technologies. Studies have found that students can boost their science test scores by 25% to 36% when they diagram their problem solving with a pen versus those students who only use a keyboard. Windows 10 provides an awesome inking experience across devices and applications that engages students, enhances their learning experience and boosts their results.

3. Outstanding Assistive Learning Technology

A full 10% of the population is thought to be affected by specific learning disabilities that have a profound effect on individual educational outcomes. Windows devices are equipped with the widest array of assistive technology available that can help each student to reach their full potential. Teachers can easily create inclusive teaching environments that allow them to effectively reach and teach every student.

4. The Safest Windows Ever Made

Parents are rightly concerned with the safety and security of their children and and likewise the safety and security of their children’s data. Windows 10 is the safest Windows ever with new and improved safety and security updates. It includes innovative new tools for data protection, student identity authentication, and malware protection. Windows 10 delivers more built-in security features than ever before and updates are always enabled to keep your security current for the supported lifetime of the device.

In addition, Windows Hello makes everything safer and also means that students will never forget their passwords. It’s a fast password-free way to unlock your Windows device. Windows Hello uses a face, fingerprint or companion device to recognize the user.

5. Collaborative Learning Across All Devices

Collaboration is king and the ability to collaborate is a valuable skill that students will rely on throughout their lives. Digital tools encourage and allow students to work together easily. Windows OneNote collaboration enables students and educators to work on the same document at the same time, within the same classroom or across an ocean. Students can stay organized, share information and spark creativity while collaborating on homework, research or group assignments. Use Windows 10 to add personal notes on web pages and share them with others. Teachers are able to monitor student participation, because all collaborative contributions are tracked.

Students can also collaborate on Skype. They can show each other their work instead of just talking, which brings a much more personal aspect to the collaboration. Speaking of Skype, virtual field trips are a huge educational bonus offered by Microsoft. Students can virtually visit any museum in the world or listen to a host of awesome guest speakers.

6. A Platform That Will Never Be Outgrown

Not exactly one size fits all, but rather one platform suits all. Windows 10 provides a single platform that will continue to meet the needs of students of all ages. Students can go from learning their ABCs on Endless Alphabet to writing their dissertations on Office 365. Not only that, but younger students will learn practical skills that they will actually need to know and rely on as older students, like Word and Excel.

7. Work Across Devices and Compatibility is Easy

You can move easily between devices and open your files from any device and pick up right where you left off. Also, Windows 10 allows you to easily connect to printers, cameras, digital microscopes and all of the other external tools a student may need. Windows is compatible with the widest range of connected devices found in and for the classroom. In addition, you can access traditional educational resources as well as new educational resources, such interactive digital textbooks.

8. Windows Helps You Get Things Done

Demonstrations are essential to the learning process. Teachers overwhelmingly report that technology allows them to demonstrate concepts and ideas that they are often unable to demonstrate any other practical way. Windows multi-doing abilities allow students and teachers to get things done faster and save time, get things done in a snap with Snap Assist, virtual desktops, Task View and Cortana. For example, Cortana learns your pronunciation and vocabulary and allows a user to provide voice instructions for many tasks and allows you to get more done. Students can ask for Cortana to research a topic on the Internet while they keep on writing their paper. How efficient is that?

9. Deploy and Manage Your Way

Windows 10 makes deployment easy. Users will find and enjoy a seamless transition process. Windows provides educational institutions with simplified ways to deploy and manage their data including in-place upgrades and deployment assistance packages.

10. Get More for Free Than Ever Before

Affordable is good and free is better. With Windows 10, we can see a real emphasis on creating affordable devices and solutions for everyone. Microsoft is committed to providing schools and students with advanced technology at a price they can afford. Many free products and services for students and teachers are available. In addition, schools can take advantage of very affordable and cost-efficient Academic Volume Licensing and other special low-cost offers. Furthermore, tools such as Office 365 can be free for students based on the school board’s licensing. Student can now access the same tools at home that they use at school.

Northern Micro Partners with Bomgar to Offer Secure Access Solutions in Canada

Ottawa, Ontario – September 23, 2016

Northern Micro announced an exclusive Canadian partnership today with Bomgar that will see the two companies work together to deliver enterprise-grade remote support and access management solutions. Bomgar’s solution enables support technicians to securely access nearly any computer or mobile device, regardless of location, language or operating system.

With Bomgar, Northern Micro’s customers now have access to a secure remote support solution that is integrated with many leading service desk platforms, eliminating the need for on-site tech support visits, significantly improving first call resolution, agent productivity and customer satisfaction.

“Bomgar is the market leader in secure remote support software and was the natural choice when we decided to diversify our solution portfolio in this arena,” said Herman Yeh, President of Northern Micro. “We are excited to offer this unique solution into the Canadian marketplace and help customers address their tech support issues that result from increased mobility.”

“We are pleased to add Northern Micro as a referral and services partner.” Said Russ Duffey, vice president of strategic alliances at Bomgar Corp. “Northern Micro’s technology expertise and customer base make it an ideal partner for us to expand the benefits of Bomgar’s proven remote support software in Canada.”

IT service and support has become increasingly complex with the constant introduction of new mobile devices, paired with the persistent threat of security breaches.  To keep pace with the demand for efficient and effective technical support, IT organizations need remote support technology that can reach across multiple operating systems and computing devices, including laptops, smartphones and tablets. Bomgar allows IT technicians to remotely support nearly device, anywhere—whether behind or outside the firewall—speeding time-to-resolution and improving service levels.  Bomgar also provides the most comprehensive set of security features on the market to protect the integrity and security of your systems and data.

About Bomgar

Bomgar connects people and technology securely, providing leading remote support and privileged access management solutions that strengthen security while increasing productivity. Bomgar solutions help support and security professionals improve business performance by enabling secure, controlled access to nearly any device or system, anywhere in the world. More than 9,000 organizations across 65 countries use Bomgar to deliver superior support services and manage access to valuable data and systems. Bomgar is privately held with offices in Atlanta, Jackson, Washington D.C., Frankfurt, London, Paris, and Singapore.

Visit Bomgar at www.bomgar.com, or on Facebook, Twitter, LinkedIn, and Google+.

About Northern Micro

Northern Micro is Ottawa’s premier provider of Information Technology hardware – from client devices to data centre infrastructure. We create IT solutions that solve the unique business challenges of our clients. Highly trained experts, coupled with focused partnerships with the most respected names in the industry form the foundation on which Northern Micro is built.

For over thirty years, our award winning team has been recognized year after year for our commitment to customer service excellence, community involvement, employee engagement, and sustainable environmental contributions.

To learn more about Northern Micro, visit www.northernmicro.com, or on Facebook, Twitter, and LinkedIn.

Northern Micro Honoured as Canadian Personal Systems Partner of the Year at HP Global Partner Conference 2016

Boston, Massachusetts – September 14, 2016

Northern Micro, one of Canada’s leading IT solution providers, announced today that it has been honoured by HP Inc. as the Canadian Personal Systems Partner of the Year at this year’s HP Global Partner Conference 2016.

Northern Micro was selected based on a variety of revenue and growth factors that were reviewed and selected by HP’s channel leadership team.

“We are a partner-led company focused on growing and winning with the channel,” said John Cammalleri, Vice President, Canada Commercial Channels at HP Inc. “This year’s award winners, including Northern Micro, are perfect examples of the great things we can do together with our channel partners.”

“It is my honour on behalf of Northern Micro to receive this award. I’d like to thank our team, and HP’s Ottawa team that made last year such a success. We look forward to another successful year of collaboration” said Herman Yeh, President, Northern Micro.

This year also marks the first year Northern Micro has been awarded HP Inc. Platinum Partner Status partner, the highest possible partner tier available from HP Inc.

About Northern Micro

Northern Micro is Ottawa’s premier provider of Information Technology hardware – from client devices to data centre infrastructure. We create IT solutions that solve the unique business challenges of our clients. Highly trained experts, coupled with focused partnerships with the most respected names in the industry form the foundation on which Northern Micro is built.

For over thirty years, our award winning team has been recognized year after year for our commitment to customer service excellence, community involvement, employee engagement, and sustainable environmental contributions.

To learn more about Northern Micro, visit www.northernmicro.com, or on Facebook, Twitter, and LinkedIn.

What the Modern Data Centre Looks Like from EMC's Perspective

August 12, 2016

We sat down with David van der Knaap, EMC’s Senior All-Flash Account Manager for Eastern Canada, and discussed EMC’s vision on today’s Modern Data Centre. Dave was able to share his insights on this transformation, and provide insight on how EMC is helping customers in their journey to a Modern Data Centre.

What is EMC’s vision of a Modern Data Centre?

The First step towards creating a Modern Data Centre is to explore the benefits of converged and hyper-converged infrastructure.

Companies no longer need to build their own IT by selecting components from a variety of manufactures to create a heterogeneous environment and hope that everything will work together. Customers now have the flexibility of choosing converged infrastructure, where compute, networking and storage are all engineered to work together. When deployed, the focus can now be placed on the core competencies of the business, while having confidence that the infrastructure can always meet the needs of the business.

The second step with a Modern Data Centre is the process of automation.  Whether you’re deploying VMware or Open Stack, you will want to be able to consume Infrastructure-as-a-service (IaaS) to have that self-service catalogue –  that portal within your infrastructure to provide actual services to your users.

There are a lot of process changes that happen within the Data Centre once you go down this route. Since you’re building a lot of automation in your Data Centre, your staff can focus their attention on innovation and bringing more value to your business.

In the end, this is what it’s all about, the Modern Data Centre is about being agile, while the roles of the people change. EMC can help every single step of the way, and this what we’ve been helping our clients achieve: whether it’s the people, the processes, the infrastructure, the automation layer, we are helping guide our customers towards their modernization and efficiency goals.

What does EMC do differently than other vendors in the data storage space?

From my time at EMC, what stands out between EMC and the others in this space is the amount of innovation that we do. We have the most market share in the storage space, and we’ve always been at the forefront of innovation. With that said, innovation is a two-fold process, and where EMC is so good at differentiating ourselves is capitalizing on opportunities.

A great example of this is when we acquired XtremIO in 2011. It’s no secret that VMAX has always been at the heart of EMC. There’s no better platform out there delivering such robust enterprise availability, it’s really the gold standard. Knowing that all-flash was the future of the data center, we were so surgical in execution with the XtremIO go-to market strategy, even if that meant cannibalizing some of our other, more established, lines of business. The reality was that we had better technology that could better fit our customer’s needs, and we weren’t afraid to pivot towards it.

Being able to do that is very difficult for companies to do, especially when it’s at the core of your business. EMC excels at doing just that, researching the trends, innovating within our space, and always having a customer-centric view of our solutions, and I think that’s the number one reason we’ve remained the market leader.

What are some of the biggest advantages and disadvantages to moving onto the cloud?

With regards to advantages, cloud enables customers to focus on their core business and the possibility of reducing the amount spent on IT infrastructure is a huge benefit to companies. For example, when we look at some of our customers in Aerospace, their purpose is to build complex flying machines. IT is a necessity because of the nature of their business, but their core business is building airplanes, not building IT. This is the same thing with all our clients, it doesn’t matter where you are, or what industry you’re in.

Another key benefit is the gains on efficiency and manageability. Customers want to have a holistic view on their infrastructure. The management of all of this has been dramatically simplified now, where it was previously so much more complex and difficult to maintain such visibility.

One caveat is that not every workload is ready to migrate to the cloud; you must evaluate its suitability on a workload by workload basis and decide what you want to leverage the cloud for.

On the disadvantages side, it’s very hard for companies to relinquish control of their infrastructures. I think it’s always been a core part of companies and it’s a major decision to hand over control and have other providers give that service to you. So you don’t necessarily control your SLA SLOs.

There’s also a misconception that there’s always going to be cost savings, but the cost savings don’t necessarily mean it’s going to be cheaper when evaluated over the long-run. Customers need fully evaluate their cloud strategy and what optimal mix is going to be right for them.

What is the VCE VxRack system, and what’s different about it versus other Converged Infrastructure systems?

Converged infrastructure, like Vblocks, will have individual server, storage, and networking components that are all managed and engineered to work as a single system. With VxRack, everything becomes Software Defined, so you have Software Defined storage options that are either done from ScaleIO or VMware VSAN, and you have more flexibility.

You could have storage nodes, you could have compute heavy nodes, but the important part, is that it always follows the main tenants of the modern Data Centre, where everything is modular and highly scalable, and you’re just adding nodes as your needs grow. We’ve also recently made announcements around a platform node, called Neutrino, which allows you to easily deploy cloud-native infrastructure as a service (IaaS) within hours.

Then there is the VxRail system, a hyper-converged system better suited for smaller, environments that wouldn’t require the scale of a vBlock or VxRack system.

Where should an organization start when they are evaluating the available Data Centre solutions in the marketplace?

Always start with the workload first, figure out what the needs are, and then work your way down to figure out the required infrastructure. Infrastructure requirements for more traditional applications like SAP will be different from cloud-native applications or Hadoop-based solutions. There is no such thing as “one size fits all” in infrastructure, and this is where partners like Northern Micro and EMC can help guide customers.

Northern Micro is the Fastest Growing IT Solution Provider in Canada Among Those Named on CRN’s 2016 Solution Provider 500

OTTAWA, ON – August 8, 2016 – Northern Micro outpaces the competition among Canada’s largest IT Solution Providers

Northern Micro, one of Canada’s leading IT solution providers, announced today that it has been recognized as the fastest growing Canadian firm listed on CRN’s 2016 Solution Provider 500.

The Channel Company released its annual CRN Fast Growth 150 list today, an annual ranking of North America-based IT firms with gross sales of at least $1 million who have experienced significant economic growth over the past two years. The 2016 Fast Growth list is based on gains in gross revenue between 2013 and 2015. Only four Canadian firms were listed with 2016 Fast Growth 150, and only 22 Canadian firms were listed on the 2016 Solution Provider 500 with Northern Micro ranking 2nd and 244th, respectively.

“To be Canada’s fastest growing IT Solution Provider among a peer group of the largest firms in the country is a tremendous achievement for our team,” said Herman Yeh, President of Northern Micro. “I am grateful for the incredible effort, passion and value our team delivers to our clients every day – none of this would be possible without their skill, talent and unrelenting dedication.”

“The companies on our 2016 Fast Growth 150 list are growing at an incredible rate, establishing themselves as clear leaders in today’s IT channel,” said Robert Faletra, CEO of The Channel Company. “Their rapid expansion in a climate of economic uncertainty and unprecedented technological advancement is especially impressive. We congratulate each of the Fast Growth 150 honorees and look forward to their continued success.”

The Fast Growth 150 list is highlighted in the August issue of CRN and can be viewed online at http://crn.com/ and a full list of the 2016 Fast Growth 150 can be found here.

About Northern Micro

Northern Micro is Ottawa’s premier provider of Information Technology hardware – from client devices to data centre infrastructure. We create IT solutions that solve the unique business challenges of our clients. Highly trained experts, coupled with focused partnerships with the most respected names in the industry form the foundation on which Northern Micro is built.

For over thirty years, our award winning team has been recognized year after year for our commitment to customer service excellence, community involvement, employee engagement, and sustainable environmental contributions.

To learn more about Northern Micro, visit www.northernmicro.com

Follow Northern Micro:
Twitter, LinkedIn and Facebook

About the Channel Company

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequaled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelco.com

Northern Micro Ranks #1 in Ottawa with 2016 CRN Solution Provider 500 Annual Ranking

Ottawa, Ontario – June 6, 2016

Northern Micro, one of Canada’s leading IT solution providers, announced today that CRN®, a brand of The Channel Company, has named Northern Micro on its 2016 Solution Provider 500. The SP500 list is CRN’s annual ranking of the largest technology integrators, solution providers, and IT consultants in North America by revenue.

Moving up 111 spots to #244 from #355 last year, Northern Micro is now recognized by CRN as the largest IT company in Ottawa. Only 22 companies from Canada were named on this year’s SP500, with Northern Micro ranking in 10th place among them.

“We are truly honoured to be acknowledged by CRN for all of our hard work. It’s an incredible privilege to work with some of the most talented technology specialists in the country.” said Herman Yeh, President of Northern Micro. “Our entire team is to be congratulated for the tremendous effort they’ve made to grow the company by focusing on fulfilling our company’s mission of delivering the ultimate in customer satisfaction.”

The SP500 is CRN’s predominant channel partner award list, serving as the industry standard for recognition of the most successful solution provider companies in the channel since 1995.

“The 2016 Solution Provider 500 represent a total, combined revenue of over $344 billion – a testament to their success in keeping pace with rapidly changing demands of today’s IT market,” said Robert Faletra, CEO, The Channel Company. “This prestigious list recognizes those companies with the highest revenue and serves as a valuable industry resource for vendors seeking out top solution providers to partner with. We congratulate each of the Solution Provider 500 companies and look forward to their continued success.”

Click here for a complete list of the 2016 SP500 list.

About Northern Micro

Northern Micro is Ottawa’s premier provider of Information Technology hardware – from client devices like notebooks and desktops, to datacenter infrastructure. We create IT solutions that solve unique business challenges. Highly trained experts, coupled with focused partnerships with the biggest names in the industry form the foundation on which Northern Micro is built.

For over thirty years, our award winning team has been recognized year after year for our commitment to customer service excellence, community involvement, employee engagement, and sustainable environmental contributions. Northern Micro is the proud recipient of the 2014 Intel Partner of the Year Channel Cares Award for the outstanding charitable and environmental contributions and the 2014 EMC Federal Partner of the Year.

To learn more about Northern Micro, visit https://nmicro.wpengine.com/.

About the Channel Company

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequaled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace.

To learn more about The Channel Company, visit www.thechannelco.com.

Protecting against Cyber Security Threats, and what it means for Businesses and Governments in Canada (Part 2)

A Conversation with Intel Security (Part 2) – Read Part 1

July 4, 2016

Intel Security Director of Sales Engineering Douglas Cooke sat down with Northern Micro on June 29 to discuss the security landscape, competitors and Intel Security’s measures to address cyber-security. What follows is the second part of their conversation.

What is Intel Security doing differently to respond to these cyber security threats compared to other vendors?

So the primary change that we’re making is that to some extent, the industry or parts of the industry have been concentrating on protection. That includes things like firewalls and antiviruses. In the early days, those were pretty effective technologies – you could keep out the vast majority of hacking activity in your environment with these protection vehicles.

But going from 300 viruses a day to half a million, you certainly have to admit to yourself that although you’ll have as strong a protection defending mechanism as possible and use all the latest techniques for protection, you are going to be compromised at some point; and therefore, you have to build up capabilities that will start to think about detecting anomalous and suspicious activity in your environment and allow you to use that detection of suspicious stuff to see if there’s something that shouldn’t be going on and react to it.

In the past, you used to be able to just rely on the protection. Now you can’t, you have to be in a position where not only are you protecting, but you’re watching for suspicious activity and you’re putting mechanisms, technologies in like SIM and other things that allow you to monitor for suspicious activity that can be highlighted for a knowledgeable analyst who can say “That is bad, and it’s not caught by a protection mechanism, and I’m going to go clean that up.” We call it, protect, detect and correct.

“We call it protect, detect and correct.”

These new tools we have to compliment protection include detect and re-mediate when you detect a problem; and that’s the fundamental change we’re taking and leading.

So other industry leaders are also following a similar approach to the “protect, detect and correct” model. What’s different about Intel’s security model vs. theirs?

The industry is adopting that partly because industry players like Forester or Gardner are driving it that way. The challenge for most of other vendors is that they only have a single point product: they might have a protection mechanism, or they might be protecting email. They’re only point products, and the thing that differentiates us and what we believe is that you have to have an ability to coordinate the variety of security and protection tools that you have and add detection and correction capabilities to them in addition to having them work together.

One of the big things about this is that you need the visibility that all of the individual tools can give you . Things like firewall have a few alerts showing this kind of activity, and the antivirus is getting some alert showing this activity. You need to be able to take that information, put that into systems, analyze it and correlate it; and from there, see some suspicious activity in your environment. And you could always do that using the fact that you can bring together a number of protection tools and compliment them with these detection capabilities so you have greater visibility.

The reason that we’re different is that for a number of years we’ve had multiple security technologies that we’ve been working to make work well together. We integrate them closely, take advantage of the data they generate to correlate and analyze, see suspicious activity and then use the unique tools we have to go and correct the environment when we find the problem. We’re really one of the only vendors that’s positioning themselves across the endpoint and the network to have a full connected integrated set of tools that do protection, detection and correction.

So for example, Fortinet would say something slightly different from that, and Cisco for example for also say something similar. They appear to have a very similar approach to having multipoint security, much like how you’re describing Intel’s. So what is Intel doing specifically that would be better or different than say Fortinet’s solution?

There are some other vendors that are saying that they have an integrated approach, but what truly differentiates us is the way we’re doing that integration.

The challenge has been that customers have taken the burden of integrating. So if you look at banks for example, they’ll have a mail gateway from somebody, they’ll have a web gateway from somebody else, and they’ll have an endpoint protection product that’ll have a management console. And they would actually do a lot of work to integrate those tools – they would do combined reporting, and they would maybe try to set up scripts to have those systems work together. So in the past, most of the burden has been on the customers to integrate these various security tools.

Intel Security understood that about 5 or 6 years ago, and we developed this special technology called the data exchange layer. This is a message-buff infrastructure that is designed to allow security tools from any vendor to be able to share information to support integration activities. And this is a technology we’re putting in place – we’ve primarily concentrated to get our own tools to work well to demonstrate how it works. Now with vendors starting to do the integration, the challenge has been that when they go to integrate, for example if Blue Coat wants to integrate with an endpoint vendor, they’ve got to have their product managers discuss with each other, build API’s and build software that allows those two particular point products to integrate. That works, and over time they could have a large series of integrations; but it’s just not scalable. If Blue Coat makes a change to their software, that might impact their API’s and they would have to change them. There’s just all this work that has to be done between all these vendors to keep this integration going over time and it’s just not practical.

“And that works, and over time they could have a large series of integrations. But it’s just not scalable.”

We work with a small number of partners to demonstrate that we can work outside of our own ecosystem and bring in the partner community, and we’ll expand that over time; but the idea is that once integration is built using this message bus infrastructure, it is scalable, and it can change over time as these companies change. It doesn’t need to be a point-to-point, and it really can work as a community capability to allow these products to work better together over time.

So it’s taking more the platform approach?

Yes. The word platform is key here. It is a platform approach where you have a series of security capabilities that have an underlying platform that allows them to share data and integrate together.

The sharing is the idea that it’s a published subscribed model. So if there’s information that’s available on one component of your security capability, in this case it would be your intrusion prevention that’s happening in you network. If it sees something happening, maybe it’s an alert or it’s a suspicious file, it can pass that information to be evaluated by another technology.

The example would be let’s pass that file to the sandbox which could be anybody’s sandbox in the general context. So that sandbox would evaluate it, the file gets passed through the message bus, and the sandbox sees through the message bus and says “I’ve got a file that’s been put along the message bus. What do I do with the file? I analyze the file, create some results and publish those results to the message bus.” The results would go back to the intrusion prevention system and might say “That’s a bad file convicted” and the IPS would stop that file from going through.

But the great thing about that message bus is that the information about that file can propagate across the message bus to any other security technologies that’s on the bus. So maybe there’s an endpoint technology on there that says “Hey, we just found this bad file in some other place in the organization. We know it’s bad because we evaluated it on the sandbox. I should act on that, and I’ll go tell every other endpoint to be careful of that file.”

So from a technology standpoint, what are some of the important things that customers should consider when they’re evaluating technologies themselves?

They need to understand where their gaps are. So if they have a particular gap, they need to evaluate the capabilities and meet that gap; but they also need to evaluate how they are going to fit it into our overall security strategy and how the company is trying to tackle strategy in total.

Security is a program – it’s not this technology or that. It’s a program that encompasses a wide variety of controls and capabilities. And what they need to think about is having those controls integrated so when they look for a new technology to fill a gap that they have, they should think about that technology is going to fit in with the rest of the integrated technologies that they have.

Let’s switch gears then: let’s talk about the threat defence lifecycle. How would you describe that?

The threat defence lifecycle is built on top of the concept of protect, detect and correct. So we needed a mechanism where we could provide full visibility with the protection as an organization is operating on a day-to-day basis.

One of the things that we know is that as an organization continues to grow, they’re going to continue to do different types of business and move their business in different ways. Which means that they’re going to invest in different technologies to promote their business. These are not security things – these are things to move their business.

It may be that they need to move to cloud technologies to get more efficient in what they’re doing so that they can offer some of their processing databases and move them up to the cloud to be more efficient, save some money and provide greater options from a bursting capability. So we know that companies are going to change over time.

At the same time, the security risk is changing because the hackers are always doing new things. Whatever new technologies come out and whatever new things users are doing, the hackers are always adjusting. So you need to have an ecosystem that allows you to adapt over time.

The lifecycle incorporates protection, detection and correction. So the idea that we’re going as well as we can with protection, we’re going to have very strong mechanisms at the endpoint and at the network to stop the obvious and known malware threats that are coming through. And then we’re going to put ourselves in a position with technologies included in the defence lifecycle around data analytics and correlation to be able to see what’s going on.

Those capabilities are fed by the information supplied from the protection technologies, and if we see suspicious activity as part of the process without the security operations center, then we’ll use correction technologies to go and put things back to normal and get the business back into doing business as opposed to solving a security issue.

You already mentioned the DXL, the data exchange layer, which seems to be pretty unique for the Intel Security platforms. What are the other competing solutions out there that would be really comparable to that DXL layer?

Well I don’t think we believe that there’s anybody out there that’s doing that in a serious way, and the reason I say that is that there’s a lot of examples of message-bus infrastructure in other parts of IT. It’s used quite a bit in the application development area quite widely.

The concept of a message-bus infrastructure isn’t new, and our data exchange layer is based on a technology called MQTT – that’s the foundation of it. We made some extensions and some enhancements with it, but it’s definitely known technology. There are some vendors that are doing some similar things but only in the network world that would maybe tie together network components. But we’re the only vehicle that we know of that is across the IT spectrum from endpoint servers and connecting with the network side and being made available to work properly in the cloud environment.

It’s primarily because of Intel who does this on a regular basis. They look at the security industry and say, “What do we have to do in order to make a big change on how we do things?” So the visibility and understanding how contributing needs to evolve in the next few years. This data exchange layer is really something that’s been built and funded by Intel, not just Intel Security, to be effective across the complete IT spectrum including enterprise, IOT, cloud and all those sorts of things.

We don’t believe that there’s anybody else that’s gone as far as we have in the breadth and the depth of the strategy as we have.

Talking about ransomware, you mention that that’s a growing threat in the business world, hitting businesses, institutions, even governments in some cases. How can governments be protected from that with Intel Security?

This is where they primarily have to take advantage of the most recent technologies. This can get frustrating for customers, but unfortunately you have to keep up to date. There may be new technologies that you have to invest in because this is the newest of the new things, and it’s the most difficult to deal with. Furthermore, it could have the biggest impact on your organization.

If a hacker gets on the right laptop at the right time and lock it up with encryption, this could bring your company to a complete stop. So you have to be investing in the most recent technologies that we have whether its reputational based, malicious code protection or dynamic application containment. These newest and greatest technologies that we have as a part of the defence lifecycle have to be in place to combat ransomware.

There’s a growing trend towards using public and hybrid cloud services as part of businesses IT as well. How is Intel Security looking to secure those parts of the infrastructure as well?

We see there’s really 3 things you have to think about when it goes to cloud. The first one is that organizations do a lot of work with SaaS based applications, you know Salesforce and those types of things for example. So organizations have to think about greater mechanisms to give them greater visibility to what apps are being used and then to be able to have an understanding of what data is being passed through in order to protect their data. So we’re doing a lot of work through our web gateway and are coming to help customers gain visibility and control over what they’re doing with SaaS based applications.

The second is thinking about when they want to move their processing, either in whole or in part, over to cloud based environments like Amazon. What we do in that world is try to provide visibility. Through our security management tool called EPO, we can have visibility to systems you’re running in cloud environments and give you the same visibility control and measurement of security posture whether it’s on your premise or on a cloud environment.

The third one is that Intel Security is introducing capabilities to protect the organizations interest as they use SaaS applications such as Sales Force. It starts with providing the organization more visibility to the SaaS applications in use being mindful of shadow IT. It then extends to Cloud Access Service Broker functions to monitor data flowing to SaaS data repositories to ensure it is meeting compliance requirements that will come to the market in 2016.

They need to start with some analysis of the maturity of their program in general, and where they have gaps.

I would say that all organizations have some level of security. They need to start with some analysis of the maturity of their program in general and where they have gaps. They need to have someone who has some knowledge internal or someone they could bring in to help the organization determine where they’re at now, what the maturity level of the various capabilities they have, and what the most significant gaps are.

So just to wrap things up, what would your recommendation be as a first step for organizations that are thinking about and revaluating how to protect themselves from attacks?

It may be that they haven’t invested enough in technologies that will minimize the impact on the organization through hacking from a browser. Maybe they haven’t invested in that sort of thing, and you can see a series of gaps, and they would move towards those gaps. That’s the best way for an organization to work. They should understand what their needs are and go find the appropriate technologies to address that need.

But when they move over and start evaluating those technologies, they’ve got to think about the security in total. They’ve got to understand their maturity in the different areas and disciplines of security that they need whether its vulnerability management, network protection or endpoint protection data leakage. For each of those, they have to establish what their current maturity is and then think about the gaps they need to address in priority and how overtime they can fill the gaps and make their entire program more mature.

Protecting against Cyber Security Threats, and what it means for Businesses and Governments in Canada (Part 1)

A Conversation with Intel Security (Part 1) – Read Part 2

July 4, 2016

Northern Micro sat down with Douglas Cooke, Director of Sales Engineering with Intel Security to discuss what Intel Security is doing to address the new realities of cyber-security. What follows is the first half of their conversation.

Who should be concerned about cybersecurity in Canada?

Anybody that’s using a computer, even the most basic ones people have in their personal lives, has to be concerned because they have important personal information on their PC, financial information and information about their families – all of which is under attack by hackers.

If you think more about the business community, everybody has to be thinking about cyber security because every business has data and information that may be valuable to somebody else.

The bottom line is that everybody needs to be concerned about cyber-security these days.

Where are these attacks coming from and originating from?

There are some areas with more activity than others – for example, we know some activity comes from Eastern Bloc countries while some activity comes from Asia. So it’s hard to necessarily define exactly where it’s coming from.

It all comes down to money, and in most situations it’s to have financial gain. There’s organized crime doing it, there are individual hackers that are knowledgeable doing their own thing, and there are some nation-state activity that’s happening which is more limited against who it’s being done against. But it’s hackers all around the world generally attacking anyone that’s out there.

There’s many different motivations for it, but the primary motivation is financial.

If you were to put an unprotected server on the internet, within a matter of minutes, there would be people probing that system trying to understand if there’s value on that system and compromise the box in order to get information and make financial gain on it.

There’s always activity that’s out there doing things. Some of that’s reconnaissance, and if anything does show up on the internet, there are people that are looking at it and just trying to see what they can find; and on the other side of it, there’s a lot of targeted activity where a hacker group will use specific campaigns against someone in various ways to get credit card data from a retailer for example.

These attacks might be about social engineering to go after someone, but it’s just everywhere. There are really many different motivations for it, but the primary motivation is financial.

What are the most common types of attacks that that businesses should be concerned about?

There are a few categories for these different attacks. There’s a lot of malware that’s used out there that’s used by less sophisticated hackers, and this is malware that will do different things – keyboard streams for example – so they can get onto a system.

There’s a wide variety of viruses and malware mainly trying to get a presence in an organization from where a hacker can get a foothold and do other things like extradite data. That’s all out there, and all the malware that’s been used in the last 5-6 years gets used over and over again in different ways.

There’s lots of variance of those types of viruses. So there’s a lot of activity in that way; but just in general, companies have to be concerned about it, and a majority of that will have issues on production because it could make the systems and environment unstable. It could be gathering data off their systems for example.

One of the things that’s very interesting these days is ransomware where a hacker will use some type of mechanism to get control over a workstation; or if they’re lucky enough to get a server where they get control, they can  put a stream up that says, “I’ve encrypted your data. If you don’t forward me money then I won’t give you access to your data back.”

News articles detailing ransomware attacks across Canada.

Ransomware is a new thing that’s getting lots of publicity, and it’s very troubling for companies because it can severely impact their ability to continue their business.

Isn’t using a firewall or antivirus enough to protect businesses from these kinds of attacks?

This is something that has changed in the past few years – the technology that’s been used previously is just not effective enough.

The firewall marketplace in particular has gone through many changes which first started many years ago, and firewalls we’re initially a very crude mechanism to say, “I want my organization to be able to reach out and talk in this way to the internet,” and you could sort of filter what happened inside and outside of your organization.

Typically what you want to do is filter the majority of access that was coming into your organization to be extremely limited; and before the internet, computer systems were tout between companies; but you would only allow point-to-point connection. You would only allow these computers to talk to these versions and specific computers and really tie it down.

And that’s what the security industry is: it’s an arms race.

Because of the internet, overtime you had to open things up and a firewall could only work on a protocol level. It was missing things because people would hide things in this older HTTP protocol. What you would traditionally do was look at the protocol against this system or that port and shut it down; but if there was something inside the protocol, you couldn’t have visibility of it.

So firewalls changed over time, and now they’ve become much more knowledgeable about what’s happening within the protocol: they have visibility and they can filter it even better than they used to. But again, the hackers just get better and they find more ways to get around these newer, better security technologies.

Similarly with antivirus 20 years ago when I started the business, there were only a couple of hundred viruses per month. Each vendor including McAfee knew about every virus, and we could detect and prevent and clean up every virus that impacted users. So unless you were the first user to get it, we could protect everyone else.

The problem now is that there are half a million viruses per day, and vendors like ourselves can’t keep up and evaluate each and every one of them and get information back to our customers about what the latest ones are today. It’s just too big of a problem.

We’ve had to adapt to things; and as a result, the hackers have adapted. That’s what the security industry is – it’s an arms race. We provide capabilities for known tactics by hackers and build technologies to stop what they’re doing. Then they adapt to these new measures, and in turn the security industry has to adapt once more.

Right now, we have to adapt from firewalls which have gone to the next-generation to obtain even more capabilities that are still not good enough; and the antivirus capabilities we’ve had in the past have to be changed and enhanced so that they do a better job. We’re in a constant race.

What are your predictions for the greatest threats in the Canadian IT security space in the next year?

I think what’s most relevant for the majority of governments and businesses in Canada is a general vigilance against the more sophisticated attacks. A big class of those is ransomware right now, but that’s just one class of many.

You’ve just got to have a comprehensive approach, and not the fallacy that one tool is going to do everything.

Some would talk about the growing threat of mobile, and there are new things that are happening with mobile. But I think in general that the main thing organizations have to build up to is the general threat of the sophisticated hacker. That’s the key issue organizations have to spend their time thinking about.

What are the biggest misconceptions that you commonly find in the Information Security space?

I think that the biggest misconception is that a single tool, some silver bullet, is going to solve all of your issues. That some fancy new thing on the network or some fancy new thing at the desktop is going to solve your problem, but that’s just not the case. Maybe there are some new capabilities that are out there that will slow the hackers down for a small period of time, but they will simply learn to move around it and find some other way to get you.

You have to take a complete approach, a strategy approach to security and think of it in a more holistic fashion with a set of properly integrated security capabilities across the network, endpoints, and cloud activity. You must have a comprehensive approach and eliminate the fallacy that one tool is going to do everything.