Author: admin

Security IT Summit | Nov 5, 2020

Security IT Summit 5 November 2020

Virtual Event | UK

Join Loop1 at the Security IT Summit 2020 – a free 1-day virtual event

We’re pleased to be part of the Security IT Virtual Summit taking place on November 5, 2020. The Security IT Summit is an excellent platform for collaboration between those working in the IT industry and those who provide the latest solutions and services in this sector. The Summit consists of pre-arranged, one-to-one business meetings, interactive seminars and valuable networking opportunities, all to enable you to create lasting business relationships.

Attendance is free of chargefind out more and register at Security IT Summit 2020.

Find out where else you can meet the Loop1 team.

Why attend?

The event will guarantee:
– Pre-arranged meetings with solution providers of your choice
– 25 minute meeting slots will be relaxed and civilised, with no hard sell
– Attend a tailored programme of inspiring seminars
– Easily compare and benchmark potential products, services and solutions
– You will be one of just 65 VIPs at the event, ensuring that you get personal attention
– Attendance is entirely free of charge, which includes entry to our seminars.

Loop1 Welcomes Xlate Group to the Loop1 Family

Loop1 Welcomes Xlate Group to the Loop1 Family

Austin, TX [24 March 2020] Loop1, an Austin-based enterprise IT services management organization, is pleased to announce its continued global expansion with the acquisition of Melbourne-based Xlate Group, a technology services integrator specializing in network and telecommunication systems, applications development, and integration across Australia and Asia.

Commenting on the acquisition, Bill Fitzpatrick, Chairman and CEO of Loop1 said, “The skills and expertise of the Xlate Group are an ideal extension of our North American and European teams. I’m pleased to be adding such a talented team of people along with strategic client and partner relationships to round out our global capabilities.”

Luke Woolmer, group managing director for Xlate has assumed the role of president for Loop1 and will oversee global marketing efforts. “I’m very proud to have joined the Loop1 family; together we now have operations in all global regions and clients in more than 60 countries,” said Woolmer.

The Xlate acquisition brings with it Cisco Premier Partner status with specializations in enterprise networking operations, unified communications, and Webex Collaboration, capabilities that will form new lines of business with the internationalization of the Group.

Xlate Group CEO Anthony Bettanin has assumed the global chief operations officer role for Loop1 and will relocate to Austin. “We welcome the acquisition and merger with Loop1. We will go forward as Loopsters to deliver world-class global service coverage. Loop1 is known around the world as the leading ITOM (IT Operations Management) specialist implementation company and the fit with our APJ operations was natural. We are now able to truly offer 24/7 full-stack monitoring for clients with global operations, supporting the SolarWinds® suite of IT operations management software.”

“I’m delighted to congratulate Loop1 and Xlate on their recent acquisition. We’re excited about their global expansion and welcome the extensive technical expertise Loop1 brings to our customers in the APJ region,” said Sojung Lee, vice president, APJ sales, SolarWinds.

With the acquisition, Loop1 has now grown to more than 100 employees worldwide with offices in Austin, Cork, London, Singapore, Sri Lanka, and Melbourne.

About Loop1: Loop1 is a global IT Operations Management company specialized in the SolarWinds IT operations management (ITOM) product offering. Loop1 has developed the ITOMplus implementation framework leveraging the Loop1 Monitoring Maturity Model (L1M3).

About Xlate Group: Xlate are an APJ-focused technology service provider with operations in Australia, Singapore, and Sri Lanka. Xlate has specialized in Cisco Webex collaboration and communications, network and telecommunications servicing.

Contacts:

Courtney Griffin, Marketing Manager, Americas Courtney.Griffin@loop1.com +1 (512)580 2041

Luke Woolmer, President Luke.Woolmer@loop1.com    +61 413686657

 

 

A Healthy Active Directory Makes for a Healthy Environment

A Healthy Active Directory Makes For a Healthy Environment Do What You Can to Bolster Your Security Posture

October is National Cybersecurity Awareness Month! In honor of the occasion, our Loop1 Technical Account Manager, Katie Boldizar, gives insight about the importance of maintaining Active Directory (AD) and how a healthy AD can significantly improve your cybersecurity protocols!

Keeping your AD secure is fundamental to maintaining services for Microsoft-based servers and networks. Proper upkeep of your Active Directory is crucial to cybersecurity because Active Directory holds the keys to the proverbial kingdom—so to speak. With the ability to assign and enforce security & encryption protocol, control the storage & flow of data, and manage access rights, certificates, & security roles, AD is truly the core of the entire IT infrastructure.

Because Active Directory is such an integral piece of our technical environments, there are numerous housekeeping tasks that need to be addressed to maintain optimal domain health. But, due to the chaotic nature of the modern SysAdmin role, many of these tasks are often neglected, overlooked, or take a backseat to more mission-critical tasks. We’ve all heard the saying the squeakiest wheel gets the grease – well, that sentiment rings true for IT professionals world-over.

Alas – You are not alone in your journey to maintaining a healthy AD. SolarWinds has a deep bench of security-related tools that will help increase the security posture in your environment with minimal time and effort on your part. Let’s look at some of the most commonly overlooked tasks and how SolarWinds Access Rights Manager (ARM) can simplify these tasks.

To start, let’s talk about finding and fixing the broken inheritance permissions.

I won’t make you air your dirty laundry in a public forum, but, I am willing to bet that someone reading this is thinking to themselves, “When was the last time I checked for broken inheritance permissions in my environment?” – Last week? Last month? Maybe even last year??!

Regardless of where you fall on this spectrum, establishing a regular maintenance schedule can help you avoid broken inheritance permissions and will further secure your environment from external attack. For practitioners utilizing SolarWinds ARM, I encourage you to incorporate the out-of-the-box features into your maintenance schedule. A handy, built-in report will identify all your corrupted inheritance issues with no manual processes or messy scripts to maintain, saving you time and effort in the long run.

It’s possible that you are using some kind of complex scripting to automate this process in order to avoid setting up reminders to check for errors or anomalies. While it may be more convenient to automate most of the time, in this instance automation can pose a security risk to your AD.

Creating automatic workflows to check permissions instead of establishing a schedule could lead to a situation where incorrect permissions are applied to the wrong object. This could be anything from granting the wrong permission to a file resulting in a breach of confidential data, to security permissions being incorrectly applied to an Organization Unit (OU), resulting in a catastrophic failure. Ultimately, inaccurate inheritance permissions can cause errors or inability to edit objects for administrative accounts or groups trying to modify the Active Directory – a headache we all want to avoid.

Next, we need to talk about circular nested groups.

For those of you new to the conversation, circular nested groups occur when groups are created that include overlapping user access by means of nested group access creating an infinite loop in the full membership path. Active Directory allows “children” to also be “parents” in the same instance of their family tree so to speak, which can lead to circular nested groups. If you have a nested group structure that loops in a circular manner, every user who is a member of any of the other recursive groups will be granted access rights for all of the groups. Needless to say, this structure makes group membership assignments ineffective and pose rather obvious security risks.

You are more likely to have circular nested groups as more and more layers are added to your nested group structure. There are a number of ways to identify circular nested groups in your environment from manual process to utilizing PowerShell scripts, but for those that can, we recommend using SolarWinds ARM which can automatically identify any recursion that exists in your environment.

The last major task we need to discuss is monitoring assigned permissions using DirectAccess.

Because DirectAccess gives us the ability to determine how permissions are assigned to any user and identify users with directly granted permissions, we are able to swiftly eliminate any inappropriate access, thus reducing overall risk and strengthening security posture. SolarWinds ARM can pinpoint all of the direct access rights on your file server(s), allowing you to use the built-in drag and drop functionality to effortlessly direct access rights into a particular group. As always, security best practices should be top of mind when using DirectAccess to set permissions in Active Directory.

Using DirectAccess to assign permissions through group membership ensures that we are eliminating security risk where possible. This approach allows us to utilize the rule of privilege – an AD best practice that emphasizes the importance of assigning users the permissions they need to do their job and nothing more. Keep in mind that the rule of privilege is used to prevent the spread of potential threats to your entire environment and has nothing to do with the trustworthiness of your employees or team members.

All-in-all, Active Directory is an extremely useful tool utilized by nearly 90% of businesses to supports sysadmins, accidental DBAs, and IT professionals of all sorts, in their attempt to keep our IT environments safe and secure. If you are looking to bolster your security protocols, your first step is to ensure that your environment is set up properly. Once that is established, maintaining regularly scheduled checkups in your Active Directory will help you sustain a secure environment. Beyond that, utilizing DirectAccess, checking for broken inheritance permissions, and keeping a clean environment are the best ways to keep your organization safe from a security threat. Good luck and God’s speed in your security journey. For further support, or any questions you may have about Active Directory contact a member of the Loop1 team today!

By: Katie Boldizar
Loop1 Technical Account Manager
Network+, Security+, SCP
https://katieboldizar.com

Loop1 Systems Welcomes Kenson Network Engineering to the Loop1 Family

Loop1 Systems Welcomes Kenson Network Engineering to the Loop1 Family

Austin, TX, – Loop1 Systems, an Austin-based enterprise IT service organization, proudly announces the acquisition of Kenson, one of the U.K.’s most respected suppliers of network management tools, expertise, and support.

Kenson has served the market for more than 15 years and in 2017, the company received the SolarWinds Channel Renewal Partner of the Year Award.

“The commitment to SolarWinds is steadfast and evident in the 10-year track record they have with SolarWinds,” said John Woolford, COO of Kenson. “Couple that with their dedicated and service-oriented culture and it was apparent Kenson was a perfect fit for them, and them a perfect fit for Kenson.”

Through this acquisition, Loop1 and Kenson will continue to serve and grow the service and delivery of SolarWinds Certified Professional®(SCP) training and professional services throughout Europe Middle East and Africa (EMEA). While Loop1 has operated in EMEA since 2012, with offices in Cork, Ireland, the addition of Kenson to the Loop1 family dramatically amplifies both Loop1 client offerings and expands its SolarWinds relationship.

“I’m delighted to congratulate Loop1 and Kenson on their recent transaction,” said Ludovic Neveu, Group Vice President, sales, SolarWinds, EMEA, “Both companies have been longtime SolarWinds Partners and we look forward to their continued success, helping to deliver SolarWinds solutions to customers across the region.”

After assuming full ownership of the U.S. parent company in 2017, Loop1 co-founder Bill Fitzpatrick set his sights on growing international business. This acquisition propels Loop1 towards this goal by tripling the size of EMEA presence and adding 30% to global revenue while reinforcing the Loop1 family values.

“Our teams share common values and terrific expertise,” said Fitzpatrick. “As we’ve begun to combine our capabilities the collaboration has been fantastic. I am excited about what this team will bring to our EMEA clients in the months and years ahead.”

 

About Loop1:

Loop1 is committed to helping clients achieve their goals through exceptional monitoring tools that are integrated and automated. We deliver collective intelligence through the Loop1 Monitoring Maturity Model (L1M3). L1M3 allows our clients to gain insights, drive outcomes and foster innovation among IT teams and infrastructure services. Headquartered in Austin, Texas, with offices in Cork, Ireland, and London, England, Loop1 is able to provide technical solutions either onsite or remotely to clients around the world.

Visit loop1.com for more info.

 

About Kenson:

Established in 1989, Kenson is a long-respected supplier of SolarWinds IT operations management software and support services across the UK.  Through best-in-class tools and industry leading expertise, Kenson helps clients improve IT productivity and reduce operating costs. Kenson is proud to maintain long term client relationships across all industries, with a dedication to unrivaled client support.

Visit kenson.co.uk for more info.

###

Q&A with our Loop1 Engineer on keeping your servers secure

Servers are integral to network functionality and are also one of most common targets of a cyber attack. According to Verison’s 2018 Data Breach Investigations Report, the second most common type of security breach the world is a Denial of Service (DoS) attack on servers. Servers, cloud servers, and even hybrid servers can all receive a DoS attack. As such, servers of all types have inherent security vulnerabilities that need monitoring.

computer server illustration

Katie Boldizar, our Loop1 Technical Account Manager, shares her observations about current server security practices and discusses the future of server monitoring and server security as IT environments become more complex.

Katie has over 10 years experience working in IT infrastructure, installation, configuration, and security. Prior to her career in IT, she served as a Multiple Launch Rocket System repairer (94P) in the U.S. Army.

 

Q: What measures to maintaining server security often get overlooked?

A: In order to keep any server secure, you need to patch the server on a regular basis. Another key component to consistent server security would be “hardening” the server:

      • Vetting what software is and isn’t allowed on a server
      • Limiting the server’s open ports (connections to the outside world)
      • Controlling the internet access to the server (who can access the server and what types of devices can access the server)


Q: What good practices do you recommend to others to ensure uninterrupted server security?

A: Making sure the server is properly hardened is my first recommendation. Monitoring who logs into a server and controlling user permissions to which part of a server can be accessed by what user would be other good practices to put into place.

Lastly, I recommend implementing policies that focuses on user accountability, such as regularly changing passwords and setting server usage standards.

 

Image of a data center full of server racksQ: What are the most common SolarWinds tools you’ve seen used for server security?

A: I’ve seen many environments utilizing SEM (Security Event Manager) with file integrity monitor software, which can not only track any files and folders within a server, but also provide details about any changes made to all files and folders within a server.

ARM (Access Rights Manager) is another common tool. ARM is used for automating server access and setting user permissions, which is helpful in preventing data loss and security breaches.

 

Q: What are your thoughts on maintaining physical server security versus cloud server security?

A: For me, there is not too much of a difference. I feel that most now view cloud hosted servers just as secure as on-premise servers. Though, there is an ongoing debate.

 

Q: What are your predictions for the use of cloud-based and cloud hosted servers over physical servers?

A: Serverless architecture adoption and microservices have grown in popularity as more clients are moving away from container-based services. Additionally, I’ve seen an increase in the use of cloud security automation, which allows you to launch security protocols as a response to cloud events such as a DoS attack.

Though, many large organizations that invest a lot in security and choose to keep their data centers onsite may favor housing their data on physical servers.

 

Q: Lastly, what are your recommendations to keep a company’s data secure in cloud servers?

       A: My top recommendations for cloud security:

  • Educate employees about cloud security awareness and best practices
  • Create a data backup plan
  • Be aware of who has access to the data
  • Always use encryption and have a strong password policy

As cyber attacks and DoS attacks on servers continue, maintaining and monitoring server security remains an ongoing process in safeguarding who has access to the data on a server.

Creating a regular patch and update schedule, educating all employees about security awareness, and monitoring who/what device(s) have access to a server are just a few preventative steps to making sure your servers ready for a cyber attack.

By: Katie Boldizar
Loop1 Technical Account Manager
Network+, Security+, SCP
https://katieboldizar.com