This particular ransomware strain, although hitting numerous hospitals in the UK and many other organizations across the world had a kill switch. The ransomware would attempt to connect to a domain with a very long and complex name, if the domain was _not_ live, the ransomware proceeded to encrypt all files. If the domain _was_ […]
Avoidance and procrastination are not good options — especially in an age of high-profile cyberattacks. DR programs have to be tested to work out the kinks and discover unanticipated problems. Taking these three steps will help your company get serious about disaster recovery testing: Step 1. Create a culture of testing Start with the assumption […]
Where is your DR site? The night Hurricane Sandy hit the New York metropolitan area in 2012, some Manhattan companies that backed up to New Jersey data centers found themselves in a major jam: The storm had knocked out power across the entire region, crippling backup sites as well as main sites. Conclusion: You want […]
I’ve just co-authored a new book on OpenStack architecture. Part of my motivation for writing it was to help people avoid the most common mistakes when embarking on a new OpenStack initiative. First, I’ll talk about avoiding three of these errors, and then I’ll talk a bit about the new OpenStack book. Mistake 1: Failing […]
Moving a credit union to a managed cloud A federal credit union in the Midwestern U.S. hired OnX to address four specific challenges: On-premise data center. For years, the credit union managed its own data center, but it wanted to migrate to a managed cloud environment. Cybersecurity and compliance. News reports of a series of […]
Moving and managing data centers is the core of our Managed Service business. Transitioning our clients to hyperscale cloud requires a different level of engineering, because much of what we do in the enterprise needs to be translated to Public Cloud. This translation does require some investment; however, once you’ve done it, the opportunities to accelerate […]
Level One: Essential Protection Your first line of advanced support is built on a basic, straightforward foundation that’s easy to implement. Log manager and log review. This analyzes the huge volumes of data in your cloud. You can look for things like performance management, security incident response, and compliance requirements. Fully managed intrusion detection. […]
Intrusion Detection Is Not A Cure-All A ransomware attack in early 2016 dubbed “SamSam” was so severe — and, frankly, frightening — that the FBI sent out an alert to watch out for it. The problem was hackers discovered a huge security hole in a popular piece of open-source networking software and used it to […]
Understand the Key Web App Attack Vectors Start by familiarizing yourself with hackers’ favorite ways into apps, such as: SQL injections Cross-site scripting (XSS) Denial of service (DoS) attacks There are many more, of course, and new ones are being dreamed up every day. Make sure your security team stays abreast of all of these […]
Level One of Dual-Speed IT involves a continuous, steady acceleration to support the stability of the organization and operational needs of the core business. This level is internally focused – the traditional enterprise IT that companies like OnX have worked with for many years, designing systems that promote scale and provide availability for their mission […]