Skip to main content
Tag

cloud endpoint management software

The Best of 2016: Our Year in Review

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Our Year In Review

2016 was a big year for Syxsense. As a company, we are constantly growing, adding new features and always focused on our customers.

IT systems management is frequently changing and it’s crucial to keep up with the latest news, strategies and updates. Every month, we share the latest Microsoft and third-party patches, explaining which to prioritize and how to implement the most effective patch strategy.

With plenty of changes on the way for 2017, be sure to stay on top of patching and IT systems management in the new year. Even when other tasks fill up your to-do-list and seem more important, prioritizing patching is the best New Year’s resolution for any IT manager. Explore the highlights and some of our favorite content from the past year.

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START FREE TRIAL[/dt_default_button]

Why IT should be the department of “now,” not the department of “no.”

By NewsNo Comments

In the short span of a decade, innovative electronic devices such as laptops, tablets, smartphones, and Internet engagement channels have made an indelible impact on everyday life, revolutionizing the means and speed in which people communicate, socialize, and purchase goods and services. Combining the personal and business use of high-tech devices and applications, however, is a more recent phenomenon that’s blazing an irreversible trail

While the growing movement of versatile devices in the workplace provides flexibility and offers a range of options to increase employee productivity, it puts the modus operandi of back-office technology in peril, leaving IT departments precariously teetering on the edge of falling from hero to zero.

The Driving Force Behind Advancing Technologies
The consumerization of IT, coupled with Bring Your Own Device (BYOD), is more than just a trend. Steered by a younger, more mobile generation of employees—raised with connected devices and uninhibited by the notion of work/life balance—BYOD is the driving force behind the inspiration of advanced technologies with the potential to make the workplace more efficient and employees more productive. Yet, this same force that is driving technology in a direction of infinite possibilities is also at work in an opposite direction, significantly impacting IT administrators who feel pressured to protect their technology universe with black-hole policies where nothing is allowed to pass through nor escape.

From the outside, some see IT departments as having a reputation for using “no” as the default response to newer technology or operational requests, whether to buy more time or as a genuine attempt to protect company policies and procedures. Although not an ideal or sustainable solution, IT departments may be at risk of becoming marginalized within enterprises as the speed of technology surpasses the speed of IT response. As today’s employees can walk into a store, buy a phone, and access company email within minutes, bypassing IT completely, a “no” from IT often only results in an unproductive and unnecessary game of cat and mouse—inevitably ending in frustration and internal conflicts.

Contrary to popular belief, IT does not intentionally oppose innovation, forcing employees to search for covert means to bypass IT and ultimately risk company security. However, the onus will invariably fall on IT administrators—whose survival depends on a willingness to adapt—to search for solutions that redirect policy-based collaboration and mitigate shadow IT, rather than identify new ways to block users from accessing sensitive information and connecting to company networks.

While providing unmatched technical expertise, IT departments face unique challenges and important decisions, particularly in relation to their shifting roles within the organization, along with employee demands regarding accessibility and flexibility. Bridging the chasm will require administrators to not only provide a common goal and a starting point from which all players have an equal advantage, but also transform from a technology provider to a technology partner. In other words, IT must evolve from the traditional department of “no” to the supportive and collaborative department of “now.”

Harnessing the Power of the Cloud
Traditional IT provisioning is often a slow and manual process, while new cloud-based solutions are automated, allowing for increased flexibility, improved agility for administrators, and enhanced efficiency that helps support a mobile workforce. With cloud management, organizations can cost-effectively support and manage a range of endpoint systems, from desktops to virtual workspaces, while improving access to vital applications and databases. In addition, these advanced solutions optimize performance and support virtualized environments without adding complexity, allow administrators to quickly find and fix infrastructure issues, provide end-to-end performance monitoring and configuration management, minimize disruptions, and reduce time, cost, and risks during migration to new environments.

As new cloud technologies emerge, collaboration between IT and the business is essential. To seize an expanded role while keeping pace with innovation, IT teams must take the lead and assume the position of driver and trusted advisor—allowing organizations to create competitive advantages by utilizing cloud solutions to solve complex technology challenges.

While many enterprises already employ a hybrid of on- and off-premise solutions, how many end users have Dropbox or Box and utilize Salesforce or Office 365? As this major shift occurs—with or without the consent of IT—organizations are bound to question if the IT department is an enabler or roadblock to innovation.

Collaboration and Innovation
By determining where and how IT departments can best support the enterprise and enhance the productivity of employees, they are sure to foster a culture of collaboration and innovation. Ultimately, this protection of the organization’s most valuable assets will secure IT’s place and guide companies through the next wave of new technology.

Ashley Leonard is the president and CEO of Verismic Software and a technology entrepreneur with 25 years of experience in enterprise software, sales, operational leadership and marketing, including nearly two decades as a successful senior corporate executive and providing critical leadership during high-growth stages of well-known technology industry pioneers. Verismic Software, Inc. provides cloud-based IT management technology and “green” solutions focused on enabling greater efficiency, cost-savings and security control for users, all while engaging in endpoint management.

Nov2014, Software Magazine

Reducing Endpoint Management Bloatware

By NewsNo Comments

Originally printed at www.btc.co.uk

Ashley Leonard, President and CEO of Verismic explains his view on the imperative of simplifying Endpoint management

It’s now well accepted that employees use multiple devices in the workplace. Desktop PCs have been augmented with laptops, tablets and smartphones. The Internet of Things will make the penetration of internet connected devices into the corporate world even greater.

The risk to the corporate network caused by unmanaged and potentially unpatched devices, commonly called endpoints, is significant. After all, it only takes one rogue to create a security flaw, so thousands could wreak havoc. Traditional endpoint management tools fail to protect businesses by being cumbersome. They are too complex, function heavy, unwieldy, and too demanding of resources: especially people and infrastructure.

COMPLEXITY 
Endpoint management tools have grown in complexity. Vendors add more and more functions to their core product, often unnecessarily, and all too often failing to help organisations control endpoints quickly and efficiently.

When speaking to organisations, from the smallest to the largest, 99 per cent of the time they primarily want asset inventory and remote control tools. That’s what they need urgently and use frequently. Customers also use software deployment and patching but only in around 75 per cent of cases. The remaining functionality of endpoint management tools is generally wasted, confusing and delaying the endpoint management process.

As a result of the excessive functionality, the User Interface (UI) of traditional tools inherits this complexity too. For IT, it becomes harder to find their way around the UI, which inevitably leads to additional costs for supplier training services or even worse, administrators giving up and performing tasks the old way.

It’s also quite often the case that traditional endpoint management tools actually require dedicated people, systems administrators, to manage the tools and keep them running, such is their complexity. Without the right people how do you even know the tool is running efficiently and effectively? It might not even be running at all. If your business doesn’t have that person or team, you’ll need to hire.

That’s another unwanted cost and another delay to managing devices – and costs are not just limited to people and training either. Traditional endpoint management tools also generate additional costs for servers, software and maintenance. This is usually a significant upfront cost as well as an ongoing maintenance cost. Some of these tools even require servers at each site within the organisation.

MANAGE YOUR ENVIRONMENT, NOT YOUR MANAGEMENT TOOL
Endpoint management tools should remain simple, focused and flexible. Here’s what businesses should be demanding:

  • A product which starts with the primary requirement for asset inventory, remote control, software distribution and patching, with additional functionality available instantly 
  • They need a simple UI, but with the flexibility to interrogate the system in more detail if required
  • Naturally, they need low monthly payments with no long-term contract
  • Businesses need endpoint management tools, which are quick to deploy and provide rapid asset discovery, even for modern environments which operate BYOD policies, virtual environments and mobile device fleets. This means using endpoint management tools which operate from the internet using agentless technology, and do not require the installation of clients that require constant updates and patches
  • Finally, endpoint management tools should operate from the cloud, because today’s endpoints are inside and outside the firewall. Cloud endpoint management is also better suited to Managed Service Providers, who frequently support customers outside the firewall. 

We’re seeing fewer and fewer businesses sign up for on premise software and an increasing demand for cloud services. Businesses neither want nor need to worry about hardware costs and the recruitment of systems administrators.

In 2014, flexibility and simplicity is the name of the game. Endpoint management providers and tools which can’t demonstrate these core principles are destined for the endpoint scrapheap. NC

Patch Tuesday: Time to Lose Your Marbles!

By Patch Management, Patch TuesdayNo Comments

Microsoft’s patches this month are few, but no less important. In fact, critical in one case!

We generally compare two sources of information to understand the impact of Microsoft’s patch updates – Microsoft’s own feed plus information from an independent source, such as US-CERT [United States-Computer Emergency Readiness Team] which uses the Common Vulnerability Scoring System (CVSS) to asses the potential impact of the IT vulnerabilities. By contrasting two sources of information we can get the real picture of how the vulnerabilities affect your business.

In this latest round, announced last week, we have four updates, MS14-052, MS14-053, MS14-054 and MS14-055. Full details for each below. Now, what’s interesting here is that Microsoft has listed the latter three as Important but by using the CVSS we can actually understand that MS14-055 has a score of 7.8 out of 10. That’s pretty high and, in our experience, anything with a CVSS score that high needs to be urgently prioritised along with the Critical update MS14-052.

What’s the risk?

MS14-055 resolves vulnerabilities, which could allow a denial of service attack against Microsoft Lync Server. This is rightfully a high-scoring ‘Important’ vulnerability that could allow someone to kill the server of a communications tool so vital to the operations of many, many businesses.

As an aside, I like to think of a denial of service attack as a marble in a bucket; the bucket is being used to remove water from a swimming pool. Every time, the bucket is used, another marble finds its way in. Before long, you’re carrying a lot of marbles and not shifting much water! This vulnerability needs resolving – its time to lose your marbles.

MS14-052 has a CVSS score of 9.3. It’s a ‘rollup’ of 36 privately reported vulnerabilities, which affect all versions of Microsoft Internet Explorer. The vulnerability could allow an attacker to execute remote code. Again, it needs to be resolved.

Next steps 

Right now, we’re looking at the binary code for each patch update and moving towards testing and piloting the updates before deployment to customers. As with all our customers, we’ll be working through our agreed deployment process using Verismic Syxsense for rollout.

Feel free to leave a comment below if you have any viewpoints on the patch updates.

Microsoft score
CVSS score
Update no.
Affected software:
Critical security bulletin 9.3 MS14-052 Windows Server 2003 Service Pack 2:
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
Windows Server 2003 x64 Edition Service Pack 2:
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
Windows Server 2003 with SP2 for Itanium-based Systems:
– Internet Explorer 6
– Internet Explorer 7
Windows Vista Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
Windows Vista x64 Edition Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
Windows Server 2008 for 32-bit Systems Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
Windows Server 2008 Server Core installation not affected)
Windows Server 2008 for x64-based Systems Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
Windows Server 2008 for Itanium-based Systems Service Pack 2:
– Internet Explorer 7
Windows 7 for 32-bit Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
– Internet Explorer 11
Windows 7 for x64-based Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
– Internet Explorer 11
Windows Server 2008 R2 for x64-based Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
– Internet Explorer 11
(Windows Server 2008 R2 Server Core installation not affected)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
– Internet Explorer 8
– Windows 8 for 32-bit Systems:
– Internet Explorer 10
– Windows 8 for x64-based Systems:
– Internet Explorer 10
– Windows Server 2012:
– Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
– Windows RT:
– Internet Explorer 10
– Windows 8.1 for 32-bit Systems:
– Internet Explorer 11
– Windows 8.1 for x64-based Systems:
– Internet Explorer 11
– Windows Server 2012 R2:
– Internet Explorer 11
(Windows Server 2012 R2 Server Core installation not affected)
– Windows RT 8.1:
– Internet Explorer 11
Impact: Remote Code Execution
Version Number: 1.0
Important security bulletin 7.8 MS14-055 – Microsoft Lync Server 2010
– Microsoft Lync Server 2013
– Impact: Denial of Service
– Version Number: 1.0
Important security bulletin 6.8 MS14-054 – Windows 8 for 32-bit Systems
– Windows 8 for x64-based Systems
– Windows 8.1 for 32-bit Systems
– Windows 8.1 for x64-based Systems
– Windows Server 2012
– (Windows Server 2012 Server Core installation affected)
– Windows Server 2012 R2
– (Windows Server 2012 R2 Server Core installation affected)
– Windows RT
– Windows RT 8.1
– Impact: Elevation of Privilege
– Version Number: 1.0
Important security bulletin 4.3 MS14-053 Windows Server 2003 Service Pack 2
– Microsoft .NET Framework 1.1 Service Pack 1
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
Windows Server 2003 x64 Edition Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
Windows Server 2003 with SP2 for Itanium-based Systems
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 4
Windows Vista Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows Vista x64 Edition Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows Server 2008 for 32-bit Systems Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
(Windows Server 2008 Server Core installation not affected)
Windows Server 2008 for x64-based Systems Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows Server 2008 Server Core installation not affected)
Windows Server 2008 for Itanium-based Systems Service Pack 2
– Microsoft .NET Framework 2.0 Service Pack 2
– Microsoft .NET Framework 3.0 Service Pack 2
– Microsoft .NET Framework 4
Windows 7 for 32-bit Systems Service Pack 1
– Microsoft .NET Framework 3.5.1
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows 7 for x64-based Systems Service Pack 1
– Microsoft .NET Framework 3.5.1
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
– Microsoft .NET Framework 3.5.1
– Microsoft .NET Framework 4
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
(Windows Server 2008 R2 Server Core installation affected)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
– Microsoft .NET Framework 3.5.1
– Microsoft .NET Framework 4
Windows 8 for 32-bit Systems
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows 8 for x64-based Systems
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows 8.1 for 32-bit Systems
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5.1/4.5.2
Windows 8.1 for x64-based Systems
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5.1/4.5.2
Windows Server 2012
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
(Windows Server 2012 Server Core installation affected)
Windows Server 2012 R2
– Microsoft .NET Framework 3.5
– Microsoft .NET Framework 4.5.1/4.5.2
(Windows Server 2012 R2 Server Core installation affected)
Windows RT
– Microsoft .NET Framework 4.5/4.5.1/4.5.2
Windows RT 8.1
– Microsoft .NET Framework 4.5.1/4.5.2
– Impact: Denial of Service
– Version Number: 1.0
Showing 1 to 4 of 4 entries

Verismic Launches Remote Control Capabilities For Its Agentless, Cloud-Based Endpoint Management Solution

By NewsNo Comments

New Syxsense Feature Allows IT Support Staff to Initiate Endpoint Support More Simply, Quickly and from Anywhere—Reducing Complexities of Organizational IT Management

 

PRLog – Sep. 11, 2014 – ALISO VIEJO, Calif. — Verismic—a global leader in cloud IT management technology and green solutions focused on providing cutting-edge products to organizations of all sizes as well as managed service providers (MSPs)—today announced the launch of Remote Control for its revolutionary Syxsense—an agentless, cloud-based endpoint management solution launched earlier this year and already transforming the way IT professionals engage in IT management.

CMS allows IT departments to focus on managing their IT environments by reducing time-intensive, mundane tasks and eliminating dependencies on cumbersome and unreliable management tools. The solution’s new remote control feature further simplifies systems management as it doesn’t require users to actively download permanent plugins, snap-ins, viewers or additional software code, as with competitor services, and can actively control an end user PC in seconds.

“Verismic’s launch of Remote Control for CMS supports our mission to provide high-value, low-cost systems management from the cloud,” says Verismic President, Ashley Leonard. “Although there are services in the remote control marketplace that work over the Internet, in nearly all cases additional plugins or viewers are required by the user, for each PC. This is additional complexity drains support desk time for the user and, in the long-term and creates a new layer of software to manage and maintain.”

Many traditional remote control tools also require the management console and end-user device to be on the same network, which is not suitable or realistic for modern, disparate teams, and does not help MSPs, who frequently sit outside the firewall.

Syxsense’s Remote Control requires only a modern HTML5 web browser and a ‘dissolvable’ target user device, to take near-instant remote control of end-user Windows PCs and laptops. This makes the endpoint support experience more efficient as the helpdesk team or MSP will need only to click the end-user device in Syxsense’s website; and the service will then push a small piece of code to the user device to connect the service. At the end of the session, the code will automatically dissolve.

CMS’s new remote control capabilities are compatible with PCs using Internet Explorer 10 or later, Google Chrome, Firefox and Safari. MSPs and helpdesk staff can provide support from a mobile device or tablet PC. The additional feature is available for all existing and new customers at exactly the same price: $3 per device, per month.

For more information on Syxsense and other innovative Verismic solutions, visitwww.syxsense.com.

ABOUT VERISMIC: Verismic Software, Inc. is a global industry leader providing cloud-based IT management technology and green solutions focused on enabling greater efficiency, cost-savings and security control for users, all while engaging in endpoint management. Headquartered in Aliso Viejo, Calif., Verismic is a growing and dynamic organization with offices in four countries and 12 partners in nine countries. Over the past two years, Verismic has worked with more than 150 companies ranging from 30 to 35,000 endpoints delivering a variety of solutions for organizations of all sizes as well as managed service providers (MSPs). Verismic’s software portfolio includes the first-of-its-kind agentless,Syxsense Power ManagerSoftware Packaging and Password Reset. For more information, visit www.verismic.com.

Media Contact
Leslie Licano, Beyond Fifteen Communications
[email protected]


— End —

InformationWeek.com|Information Week article

HealthCare.gov Breach: The Ripple Effect

By NewsNo Comments

Hackers breached a HealthCare.gov test server, reportedly affecting no records, but the repercussions could spread across many medical organizations.

Thursday’s disclosure that hackers breached a HealthCare.gov test server this summer sparked more concern about the overall vulnerability of healthcare organizations and hope that the growing number of publicly disclosed hacks will encourage those organizations to expend more resources on securing data, networks, and systems.

A hacker installed malicious code on a device that had kept its default manufacturer’s password. As a test server, it was not supposed to be hooked to the Internet, said Patrick Peterson, founder and CEO of security developer Agari in an interview. Either keeping the server unconnected or using tools that automatically change pre-set passwords would have prevented this vulnerability, he said. Because it shared the breach, HealthCare.gov should be lauded for its transparency, said Peterson.

This type of error is easily preventable, but is the kind of mistake that can occur at most organizations without proper training and IT management, said Ashley Leonard, president and CEO of Verismic Software:

I am sure it is unnerving for the public when our government’s own systems get compromised by hacking. This, on top of the recent celebrity hacking, creates a distrust in cloud. However, if you look more closely at what has actually happened, systems are being penetrated by a combination of bad IT management and poor end-user training. I believe IT managers and software vendors need a better way to share information on vulnerabilities and how to patch them. The second concern is passwords; though passwords are set to protect our most sensitive data, we have a real issue today of using technology much older than most of us. At the very least we should be moving to pass phrases, two-factor authentication, or biometrics to protect our data.

Although federal officials were quick to reassure the public that no personal, financial, or health data was stolen, a chorus of dissent arose immediately given the amount of information HealthCare.gov houses and the number of alarms raised about the site’s security weaknesses.

“IT experts have long warned about the lack of security built into the federal Obamacare website,” said Congressman Diane Black (R-Tenn.), in a statement. “The vast amount of personal information that Americans are required to put into this site is an open invitation for hackers. That is why designing a secure website should have been a top priority for this Administration.”

Information Week article

 

 

 

 

 

 

 

 

 

 

 

While politicians battle it out in Washington, D.C., CIOs and chief security officers might find it easier to wrest security funds from reluctant boards and CEOs. That can’t happen soon enough, based on the industry’s ongoing poor performance when compared with other sectors.

Read Full Article