Now, when a data breach occurs, someone always has to play the blame game. “It’s the stores fault. Their IT security wasn’t compliant. Clearly they should have fixed x and prepared for y…” Well, I don’t believe approaching these sort of issues from that angle is productive. Security is never infallible and *stuff* happens, so wear a helmet and get used to it or get out of the business.

If you want to blame something, blame the reliance placed on regulations as a means of securing customer information. Regulations are not, and have never been a catchall solution. A chef doesn’t make good food because their restaurant passed a health inspection, yet, in IT security, people throw around the types of compliance they have like that’s something significant. That’s not how it works. If you work in retail IT, then PCI compliance isn’t some sort badge of honor, it’s more like an acknowledgement that you’re not incompetent. If you had a room full of people and you wanted to find the most educated, you wouldn’t start by asking who completed grade-school, so if you only judge a breached business by whether it was compliant or not, you’re asking the wrong questions. Compliance is a minimal requirement and, like most minimum requirements, it logically follows that anything greater than it is better. What we need to start asking then is “could this breach have been reasonably avoided?”

These businesses were legally required to be PCI compliant, but there’s so much more to providing IT security than following some paint-by-the-numbers security guidelines. The key thing about IT security is that you can never eliminate the risk, you can only mitigate it. That leaves one question remaining, could the Home Depot breach have been reasonably avoided?

I can’t easily answer that. Depending on how you look at it, the breach was both avoidable and unavoidable. It’s impossible to know, because we don’t know if Home Depot did a good job securing their customers data, that information hasn’t been released yet. What I can say, is that if more banks had adopted chip based credit cards, then the breach wouldn’t have been as bad. Chip cards are harder and more expensive to “clone” thus making them less valuable to criminals. Would this have prevented the breach? Probably not. Would it have decreased the damage? Yes, significantly so.

If you think about it though, that’s IT security in a nutshell. There’s no such thing as absolute security. The only absolute in IT security is the absolute chance of any system being breached. P(Breach) ≠ 0 and whatnot. If someone wanted to dedicate enough resources, they could breach any system. To combat this, those in IT security must follow a constant process of checking and confirming their systems are as they should be. It’s a process of confirming that vulnerabilities are secured as they are discovered.

In summary:

Could more have been done to prevent the Home Depot breach?

Sure, there’s always more that can be done to improve security.

Does the status of their PCI compliance matter?

Not that much, except from a legal standpoint.

Would having stronger security made a difference?

Not necessarily, but it couldn’t have made it worse.

Now I’m not the kind of guy to self-promote in the aftermath of a major breach, but we have a free eBook on how AuthAnvil can help secure Retail IT. It covers how many of our features can help to meet and surpass the requirements of PCI DSS. So, if you’re interested in what PCI compliance actually requires or are looking to beef up your systems security, just Click Here.

Author: Harrison Depner

The post Home Depot: Yet another retail breach.PCI compliance just doesn’t cut it appeared first on Kaseya.

HIPAA, or the Health Insurance Portability and Accountability Act, is a set of regulations in the United States which apply to all people who have access to the data and or networks which contain ePHI. If you only manage a network for a client who handles ePHI, and even if you never access the information, you will still count as a “business associate” under the act, are legally required to be compliant with the act, and can be held liable in the event of a data breach.

This means that if you do, or intend to, support clients in the field of healthcare, then you need to be HIPAA compliant. Even though HIPAA is a piece of U.S. legislation, many countries have similar pieces of legislation with similar requirements.

This leaves us with a key question: What does HIPAA compliance require when it comes to IT security, identity, and access management?

Fortunately, I’ve boiled the answers to this question down into a list of simple yes or no questions you can ask your client. If the answer is no, consider that a bad sign.

Security Policies and Procedures

Policies must be established to handle and manage all security violations. You can ask your clients questions like:

• Are your employees aware of the penalties that will ensue from security violations?
• Are internal penalties in place for employees who violate security procedures?
• Do all your users know what to do in the event of security incidents or issues?
• Is there a process in place to document, track, and address security issues or incidents?
• Is there someone tasked with checking all security logs, reports, and records?
• Do you have a security official in charge of a password and smart security policy?
• Have you ever undertaken a risk analysis?

Access Management

Access to ePHI must be restricted to those who have permission to access it. You can ask your clients questions like:

• Do you have measures in place to authorize or supervise access to ePHI?
• Are there processes for determining the validity of access to ePHI?
• In the event of employee termination, is their access to ePHI blocked?

Security Awareness Training

HIPAA requires that a security awareness training program must be established for all staff. You can ask your clients questions like:

• Are employees regularly reminded about security concerns?
• Do you hold meetings about the importance of password, software, and IT security?
• Are your employees aware of the process surrounding malicious software?
• Do you have procedures for regular review of login attempts?
• Do those procedures check for any discrepancies or issues?
• Have you established procedures to monitor, manage, and protect passwords?

The Worst Case Scenario

There should be a plan in place for the protection and use of ePHI in the event of an emergency or disaster. You should ask your clients questions like:

• Are there tested and revised plans in place for an emergency?
• Have the applications and data needed for these emergency plans been analyzed?
• In the event of a disaster (I.T.E.O.A.D.), can copies of ePHI be made or retrieved?
• I.T.E.O.A.D… Can all ePHI be restored or recovered?>
• I.T.E.O.A.D… Will your ePHI be protected?
• I.T.E.O.A.D… Can critical ePHI related business functions be completed?

Contracts for Business Associate

Business associate contracts are critical for both ITSPs and MSPs involved who work in the healthcare setting. While not signing an agreement can provide a slight amount of protection from being liable under the law, detailing and signing off on your agreed-upon duties and liabilities can provide significantly more protection in the event of an investigation, audit, or breach. Documentation is key when it comes to protecting yourself.

Technological and Physical Protection

Procedures that limit physical access to facilities and equipment that house ePHI data need to be in place. Additionally, it is just as critical that procedures must ensure all ePHI is only accessible to employees who have permission to do so.

As someone working from an it position, it is your responsibility to ensure that access to applications and data containing ePHI is limited only to authorized users. This is where authentication becomes critical.

One method you can discuss with your client is known as multi-factor authentication (MFA). With MFA, users log in with a password as well as an additional security factor like a fingerprint scan or one-time use code from a secure mobile app. MFAs advanced level of security also allows businesses to explore other productivity and security solutions like single sign-on (SSO), which allows for a single credential to provide access to others. For many businesses which are required to comply with HIPAA regulations, multi-factor authentication and single sign-on are both convenient and practical solutions to many of their compliancy woes.

For a helpful HIPAA security checklist: Click Here
For more information on Multi-Factor Authentication: Click Here
For more information on Single Sign-On: Click Here

Author: Harrison Depner

The post Security and Healthcare IT: A HIPAA Compliance Questionnaire appeared first on Kaseya.

Kaseya Certified Administrator (KCA): Test Prep and Exam

April 12 – 13, 2014, Mandalay Bay, Las Vegas

Special Kaseya Connect Pricing: $995

This 2-day training class is for experienced Kaseya administrators who do not need a training program, but simply want to take the Kaseya Certified Administrator exam. Attendees will use this session to understand how the exam is structured, review key concepts on the exam, and then sit the exam.  This session is for those already experienced with Kaseya Virtual System Administrator (VSA) and already comfortable with general system configuration, agent deployment, audit, live connect and remote control, and have strong exposure to functions such as Patch Management, Ticketing, Info Center, Monitoring, and Agent Procedures.  During this test prep session, candidates will be provided with the virtual lab environment utilized for the practicum on the exam, and run through sample hands-on exercises to prepare.   On day 2, participants will take the Kaseya Certified Administrator exam, proctored by a Kaseya representative.  Note: A “pass” on the exam is not guaranteed, but for those who do not pass, the training platform and a re-test will be extended for 30 days after the conference.

Kaseya Certified Administrator (KCA): Quick Start Boot Camp 

April 12 – 13, 2014, Mandalay Bay, Las Vegas

Special Kaseya Connect Pricing: $1500 (a $2500 value)

During this expert led, 2-day in-person workshop, administrators who are new to Kaseya will get started on the path to becoming a Kaseya Certified Administrator through an introduction to the core functions of the VSA. Topics will include Agent Deployment, Views, Templates, Agent Menu, Audit, Remote Control, Live Connect, Patch Management, Monitoring, Policy Management and Agent Procedure. Participants will be provided with a virtual lab environment and hands-on lab exercises during the course. After the course, participants will be given 90-days of access to the virtual lab environment, during which the remaining hands-on labs can be completed while preparing for the KCA exam. Students will have one attempt at the KCA exam during their training period.

Don’t miss the opportunity to combine valuable training with your Kaseya Connect registration while our early bird conference rate is still in effect through February 28. Register now for Kaseya Connect and our pre-conference training to guarantee your seat. Space is limited, and participation is reserved on a first-come first-served basis, so sign up early.

The post Get on the Path to Become a Kaseya Certified Administrator at Kaseya Connect appeared first on Kaseya.

First, you need to download the “HP ESXi Offline Bundle for VMware for VMware ESXi 5.0” zip file from http://goo.gl/7Ajrz. Then you need to upload the file to a datastore on your host. If you have many VMware hosts to configure, make sure you you upload the file to a datastore that is shared by all your hosts.

Now you need to either enable SSH on the host, or use the VMware vSphere CLI. In this example, we will be using SSH. To enable the SSH server on your host, in vSphere Client, go to Configuration –> Software –> Security Profile and click on “Properties” for “Services.”

Choose “SSH” and click on “Options” to either just manually start it or set it to automatically start with the host. Also make sure that the firewall allows for SSH connections.

Then use your favorite SSH client to connect to your host. Enter the following command (replace with your datastore name):

esxcli software vib install -d /vmfs/volumes/datastore1/hp-esxi5.0uX-bundle-1.1-37.zip

You should get information like this:

In this case, the providers are already installed so no changes are made to the host. When you install the providers, a reboot of the host is required.

To verify that the new CIM providers are installed, go to “Configuration” for your host and click on “Health Status.”

Now you should see the items under the Storage tree for example. They were most likely not visible before loading the providers.

With the KNM CIM monitor, test by entering root/hpq as the namespace to use and you will see that you have many more vendor specific counters to monitor.

The post How to load HP CIM providers in VMware appeared first on Kaseya.

Retail point of sale systems typically contain a computer, monitor, cash drawer, receipt printer, customer display and a barcode scanner. Many also include a debit/credit card reader, a signature capture device and a customer pin pad. These all-in-one POS units run sophisticated software that handles several functions including sales, returns, exchanges, coupon validations, layaways, multiple payment types, gift cards, quantity discounts and more.

Obviously, it’s vitally important to keep a POS system for retail up and running efficiently. But that presents a management issue. A POS system for retail can be widely dispersed and is not integrated into a traditional LAN environment, making it difficult to monitor and manage. Many network management tools either aren’t designed to handle that situation, or are too big and complex to roll out. Additionally, they don’t recognize the monitoring and management needs of your retail IT software and specialist hardware.

More than 60% of retail IT departments have POS issues that require on-site visits. Even if you could solve some of those issues remotely, you’d still have to tackle them one at a time, which becomes a never ending break/fix cycle.

This POS management challenge can be resolved by distributing software updates to local download points, without disrupting business, and by actively monitoring update processes for your retail IT software’s specific requirements. Light-weight monitoring from any device to any other device means no VPNs or network overhead, and no special site requirements.
By the very nature of this industry, POS systems for retail are widely dispersed, only tenuously attached and business critical. This creates special challenges for retail IT professionals. But it doesn’t have to…

With the proper retail point of sale system, you can proactively monitor and manage IT environments anywhere, anytime, whether in or out of a domain, which includes POS and peripherals, software and process through log parsing, backup applications and servers, mobile devices, tablets, scanners and kiosks and desktop migration.

Free white paper: Top 5 Retail IT Challenges and Solutions.  Download this white paper to learn more how to proactively monitor and manage a POS system for retail.

Reference: http://en.wikipedia.org/wiki/Point_of_sale

The post POS System for Retail: Make IT Management Challenges a Thing of the Past appeared first on Kaseya.

Whether you’re new to the platform, exploring new features, or just need a refresher, you will be pleased to know that Kaseya Support TechJams are back by popular demand!

The past year has seen both the platform and customer base grow exponentially.  As such, we have many new features and modules to cover for a wider global audience.

Kaseya Support will be running weekly 50 minute sessions where our support specialists will guide you on:

• How to get the most from the Kaseya platform
• Best practices
• Common issues and queries seen by support and how to solve them
• Module specific tips and tricks

These live sessions will help you to get the best from the product, gain understanding into the inner workings, and fine-tune the services you provide to your customers.  So please register and make the most of this new resource!

Schedule: Each TechJam is at 8am PDT/11am EDT/3pm GMT (or 4pm BST)

• 3/15/2012 – Endpoint Security, Antimalware, & Antivirus
• 3/22/2012 – Backup
• 3/29/2012 – Live Connect
• 4/05/2012 – Monitoring
• 4/12/2012 – Service Desk
• 4/19/2012 – Performance Tuning
• 4/26/2012 – Info Center/Reports
• 5/03/2012 – Patch Management
• 5/10/2012 – TBD
• 5/17/2012 – Agent Procedures
• 5/24/2012 – Network Monitor
• 5/31/2012 – Ticketing
• 6/07/2012 – TBD
• 6/14/2012 – Agent
• 6/21/2012 – Policy Management
• 6/28/2012 – Online Backup

Kaseya Support Specialists routinely document commonly asked questions, configuration techniques, and troubleshooting steps in knowledge base articles.  To enable our customers to get the best from the product, we have brought these resources together to form the foundation of the Kaseya Support TechJam sessions.

Much more than a product demonstration, Kaseya Support TechJams are designed to bridge the gap between the platform user guide and real world scenarios so that you can build upon your knowledge and practical experience of Kaseya.

Click here to register today!

The post Kaseya Support TechJams Return! appeared first on Kaseya.

IT administrators that have embraced bank systems technology via automation believe that computers are the best possible tool for managing networks and devices for regulatory compliance. Computer IT automation removes the human error factor that banks run into when tasking employees with repetitive manual projects that could easily be automated. Anytime you can remove the human element and rely instead on a machine to handle repetitive tasks, accuracy rates rise and human resources can be refocused on more complex issues.

Computer automation also helps banks deal effectively with the constant growth in governmental regulations. Through automation, banks can report verification of compliance and then focus on exceptions (where the problems existed). All actions and functions are fully accountable and easily accessed via the platform’s systems management reporting tools.

Banks can have up to the minute status information on all systems and security parameters. Reports for internal use and for external auditors can be produced at the push of a button resulting in peace of mind for bank administrators. They, and the external bank examiners, know that the bank’s network is under control and proper security measures are in place.
IT automation delivers relief from the administration, monitoring and helpdesk chores that eat up time and resources. IT departments reap immediate time and personnel savings, while reducing licensing fees for software maintenance. Regulatory compliance is easier as are the reporting tasks associated with data, communication and financial reporting that are required from all financial institutions, regardless of size.

Automated bank systems technology is helping financial institutions of all sizes work smarter, better and faster. And where large banks have been using automation for decades, we’re seeing an increasing number of small to mid-sized institutions taking the same route in the interest of saving time, money and hassle.

The post Bank Systems Technology that Gives Banking IT Administrators Peace of Mind appeared first on Kaseya.

• A single, web-based interface to deploy all hardware and software inventory and IT asset management  processes
• Asset data audit, tracking
• Tracking of all hardware and software assets within a single database
• Asset tracking throughout the lifecycle including move, add, change and delete (MACD) activities
• Online, always accessible vendor, service and maintenance contracts ensuring accurate tracking of financial and service impacts of asset changes
• Details on discovered software applications including software category and threat level

This IT asset management software solution would deliver a comprehensive up-to-date network inventory whenever you desired. You could view and manage the network efficiently from anywhere at any time. You could gain access to any computer or server, and troubleshoot any issue from your office. You’d know, at any time, exactly what software was running on the system, when the system was installed, when the license expires, its OS version, the latest security update installed, how much memory or capacity it had and so forth… down to the smallest detail.

Learn more about how IT asset management software can help save your IT organization time, money and headaches. Download the free whitepaper “IT Systems Management Automation: Why to Embrace It” to learn more.

The post 7 Capabilities Your IT Asset Management Software Should Provide appeared first on Kaseya.

• New monitors, actions and events can be created and tested in the development environment provided by Kaseya, before they are exported and used in Kaseya Network Monitor.
• A comprehensive library of pre-made classes, such as SFTP client, HTTP client and file management, are available to developers.
• The develop environment includes debugger, keyword highlighting, integrated help and other features available in state-of-the-art development tools.

Included scripts

In the default KNM installer there are a number of bundled scripts. The scripts are located in the “script” directory in the KNM folder. The included scripts is a great place to start if you want learn to develop your own script.

ApacheStatus_.lua
Monitors work threads in a Apache web server

BackupExec_.lua / BackupExec_11D_.lua
Monitors the completion status of backup jobs.

CheckCertificateExpiryTime_.lua
Checks if a HTTP certificate is about to expiry, the period can be set in days.

CiscoIPSecGlobalTunnelBandwidth_.lua
Monitors the bandwidth usage of all IPSec tunnels open on a firewall.

CiscoIPSecTunnelBandwidth_.lua
Monitors the bandwidth of a specific (named) IPSec tunnel.

iLoHealth_.lua
Monitors health status parameters of an HP iLo2 watchdog computer.

PrinterOutOfPaper_.lua
Checks if a Windows attached printer is out of paper.

WBEM_ESXi_HP_Fan_Status_.lua
WBEM_ESXi_HP_PSU_Status_.lua
WBEM_ESXi_HP_RaidArray_Status_.lua
Monitors VMWare ESXi hardware parameters (Fan, raidarray and PSU health status)

Steps to start developing scripts

First you need to download the Lua IDE. Its shipped with KNM and all you need to do is to logon to the KNM web interface and go to the “About page”.

Click on the Lua IDE link and download the installer. Start the installer and follow the instructions on screen. When the installer is done, located the Lua IDE in the start menu and start it.

Scripts written must adhere to the programing model of KNM, to get started quickly and avoid writing boilerplate code, you can use a script template. In the menu “Insert code” , click the “insert template script” menu item.

Before we can run the debugger and test this boilerplate code, we need to add a new host. KNM Lua script is always run in the context of a host. API calls are always relative to a host, meaning that its not possible to perform actions against different machines in the same insttance of a script. Therefore before starting a debugging session we always need to select a host.

Click the “Open host list” in the tool bar and add a host by entering it the text field below the list and click “Add host”.  When added, select it in the list and click the “select host” button.

To test the template scripts just inserted into the empty document, click on the cogwheel in the tool bar or hit CTRL+F5 to start a new debugging session.

The script will be executed by the IDE the exact same way KNM will execute it, the interface will be emulated using standard windows controls.

To learn more about using the IDE and the Lua API, open the link below.

Click here to open the Lua  API documentation.

How to deploy and use a script

When you are happy with your script its time to deploy it to KNM.

1. Located the script on your computer
2. Copy the script to the “script” directory in the KNM folder
3. Done

When deployed to KNM it can be used in the Lua script monitor.

1. Select a object and open up its object info page
2. Click New monitor
3. Select Lua script in the script category
4. Select the script from the drop down list in the “Lua script monitor properties” section.
5. Configure the script parameters
6. Done

Note that when selecting a script, it permanently removes the option to select another script, if you need to use a different script, create a new monitor for that script.

Hope this mini-tutorial have been helpful, the Lua API opens up a lot of possibilities to monitor company specific processes and systems.

Please let us know if you´ve written a script that you want to share !

The post Introducing KNM Lua scripting appeared first on Kaseya.

One of the most important aspects of a monitoring system is its capabilities to monitor all kinds of file and folder related processes. KNM has several ways to perform file and folder monitoring, one of them being the directory property monitor.

The directory property monitor is a flexible file and folder monitor that can test file count, directory size, relative size changes and age of files in a directory. The test can be limited in scope to files matched by a wildcard. The directory property monitor also stores statistical data, for each test it stores the size of the directory and the number of files it contains. This data can later be used in reports.

The configuration of the monitor is straight forward, just remember that the path is relative to the monitored device. For example \\mymachine\myshare would be entered as \myshare only.

The following scenarios can be monitored:

• Directory contains a minimum number of files
• Directory contains a maximum number of files
• Oldest file in directory is not older then a certain number of hours
• Newest file in directory is not older than a certain number of hours
• Relative directory size between test
• The absolute size of files in directory

Sometimes even this is not enough, thats where Lua scripts come in to the picture. Next time we will take a look at the Lua scripting language thats built into KNM and how to use the Lua Integrated development environment that ships with KNM.

The post Easy Directory & File Monitoring with Kaseya Network Monitor appeared first on Kaseya.