Ivanti Blog: Posts by

2018: The Year of Transformed IT Asset Management (ITAM)

Mon, 02 Apr 2018 20:26:25 Z

In the research note Predicts 2018: Mature Your IT Asset Management Software Discipline to Deliver on the Promise of Digital Business, Gartner identifies four key findings. These align closely with challenges encountered by and recommendations and opinions from Ivanti ITAM experts, as shown below.

IT Asset Management Software Challenge: Poor Visibility Limits Vision

Gartner: “Poor visibility into and management of cloud services and software consumption are driving rapidly growing demand for accurate, timely IT asset management (ITAM) data.”

Ivanti: “Traditional ITAM has two problems, technical debt and lack of visibility. Technical debt is the tools, poor data, turn over in personnel, and manual undocumented processes people do to just get the job done. All that technical debt leads to poor visibility on the state of IT environment, which makes it difficult to be innovative in order to support the business goals.” (from “Q&A with the ITAM Experts.”)

IT Asset Management Software Challenge: New Technologies Demand Better Processes

Gartner: “Explosive growth of the Internet of Things (IoT) is driving a renewed focus on and need for effective hardware asset management (HAM) processes – a key success prerequisite for robust software asset management (SAM).”

Ivanti: “Based on our own experiences and conversations with customers, we believe…that for IT, the very definition of an “asset” is broader and less distinct than it has ever been. Network-connected cameras and large-screen displays can be found at almost any corporate headquarters. Corporate users increasingly monitor their business emails on the same devices they wear to monitor their heart rates. And every tablet or smartphone used to access corporate data may not be secured to IT’s standards. None of these is a traditional IT asset, yet each requires management by IT, at least of its access to corporate networks and resources.” (from “ITAM: It’s Time (For) A Makeover.”)

“ITAM is about managing risk and optimizing spending while still allowing the business to function efficiently. You can’t do that with inflexible processes.” “Every process should be evaluated for relevancy and effectiveness on a semi-annual basis.” (from “Q&A with the ITAM Experts.”)

IT Asset Management Software Challenge: Support the Business

Gartner: “IT leaders are increasingly looking to leverage ITAM data to support other IT, business and regulatory activities, and ITAM must either rise to this challenge or risk becoming irrelevant.”

Ivanti: “IT asset intelligence data is created by normalizing, then mapping IT assets to relevant information. Asset intelligence establishes the relationships that an asset has with other assets, services, contracts, ELP [effective license position], departments, cost centers, vendors, warranties, utilization, environment, location, and related business objectives. Asset intelligence is a critical component for a complete IT asset management solution.” (from “Three Components Required for a Complete IT Asset Management Solution (Part 3 of 4): Asset Intelligence.”)

IT Asset Management Software Challenge: Software Asset Management (SAM)

Gartner: “SAM tool implementations often overbudget and underperform their business cases due to a lack of governance and the processes needed to effectively integrate them into IT and business workflows.”

Ivanti: “Software has multiple characteristics that make its management different from that of other IT and business assets. Perhaps most significant among these are the growing use of cloud-based software and mobile devices. These and other evolutionary trends are forcing enterprises and their software providers to revisit and revise traditional software licensing and pricing practices. Nonetheless, SAM and ITAM more than overlap. They share both common objectives and core requirements for success.

“How you go about meeting these requirements and objectives depends upon specific circumstances at your enterprise. However you do so, though, you would do well to focus on technologies and processes that help you modernize, automate, and consolidate your ITAM and SAM efforts. That focus can help you and your team discover all of your most critical IT assets, provide insights from what you discover, and take action based on those insights that improve your asset management efforts.” (from “SAM I AM: Software Asset Management Is Asset Management.”)

Getting to Transformed ITAM: Get Better Licenses

Transformed ITAM is an essential element of digital business transformation. However, the challenges and changes discussed above are accompanied by roiling changes in software vendor licensing and pricing practices. Gartner addresses these particular challenges in another research note, Predicts 2018: Negotiate Software and Cloud Contracts to Facilitate Digital Business.

Gartner: “Digital business, and particularly artificial intelligence, will alter software pricing models, metrics and terms. Sourcing and vendor management leaders must grasp the impact of these changes to balance costs, risks and speed while maximizing business outcomes.”

“Be sure to choose a solution that employs software license experts, preferably with software auditing experience. Avoid employing a company that is currently providing software audit services to software vendors. This is a conflict of interest.” “When software vendors are aware that an organization employs ITAM best practices, they tend to audit them less” (from “Five Reasons Software License Optimization Is Needed for the Data Center.”)

Ivanti: Your Partner for ITAM, IT, and Business Transformation

Ivanti has the ITAM solutions you need to ease and speed transformation of ITAM and IT at your organization. We can help you help your business to tap The Power of Unified IT™, and achieve its digital transformation goals. Explore our solutions online, then get in touch with us, and add us to your transformation team.

IT in Higher Education: Some Lessons Learned, Some Homework Still Needed

Thu, 29 Mar 2018 19:48:21 Z

IT in higher education is an important topic of conversation, as evidenced by October 2017's research note from Gartner entitled 2018 CIO Agenda: Higher Education Industry Insights. Authored by analyst Jan-Martin Lowendahl, the note is based on a survey of 3,160 CIO respondents in 98 countries. Among those respondents were 247 higher education CIOs.

I believe their survey responses offer some interesting parallels with those of their counterparts at commercial enterprises, as well as some compelling guidance for higher education CIOs and their teams.

IT in Higher Education: What Do CIOs Want?

Gartner asked its respondents, "Thinking about your organization as a whole, what would you say are its top business objectives for the next two years (2017/2018)?” Among higher education CIOs, the top two responses were:

Enrollment (33 percent)
Student success (22 percent)

I believe enrollment in higher education is analogous to growth of market share for commercial enterprises. And competition for students is likely at least as fierce as competition for customers. It should be no surprise, then, that the priorities of higher education CIOs closely parallel those of the larger respondent base, 26 percent of which cited “growth/market share” as the top business objective.

In addition, I’d argue student success is as critical to growth of enrollment as customer success is to growth of commercial market share. This is a likely reason why higher education CIOs chose “student success” as their second-highest business objective.

What Technologies Matter Most to Higher Education CIOs?

Gartner also asked, “Which technology area do you think is most important to helping your business differentiate and win/is most crucial to achieving your organization’s mission?” Again, the responses show a close parallel between higher education institutions and commercial enterprises. The top technology cited was business intelligence (BI)/analytics, chosen by 23 percent of higher education CIOs and 26 percent of all respondents.

BI and analytics can deliver significant benefits to higher education enrollment growth and student success efforts, just as they aid commercial enterprises in their pursuit of customer growth and success. In the commercial world, compliance with emerging regulations such as the European Union (EU)’s General Data Protection Regulation (GDPR) require consistent, high levels of data accuracy and transparency to prove compliance claims. The steps enterprises must take to meet these requirements can enable those enterprises to use improved data to drive business growth. (See “GDPR Compliance Strategy: Turning Lemons into Lemonade.”)

When it comes to IT in higher education, initiatives such as the U.S. Department of Education’s College Scorecard and the EU-supported AlmaLaurea Interuniversity Consortium are spurring a sharpened focus on BI and analytics among participating institutions.

Security: The Foundation for Digital Transformation

Some 18 percent of Gartner’s higher education CIO respondents chose “cyber/information security” as the technology area likely to see the most new or additional funding in 2018, making it the top choice within that group. This compares with 12 percent of the larger respondent base, which ranked this choice fourth, behind “BI/analytics” (19 percent), “Cloud services/solution” (13 percent), and “Digitalization/digital marketing” (12 percent).

The growth in size, diversity, and effectiveness of cybersecurity attacks has driven commercial and governmental enterprises to focus on improving their cybersecurity for some time now. More recently, hackers are increasingly going after schools, school systems, colleges, and universities. In many cases, they are going after financial and personally identifiable information (PII) about students, faculty, and staff, information which can be sold profitably and used for multiple types of fraud. (See “Schools: Get Schooled About – Or Schooled By – Hackers.”)

Gartner analyst Lowendahl writes that the top ranking of cyber/information security by higher education CIOs is about more than protection of financial data and PII. That ranking also indicates “that increased focus on digital in higher education carries a substantial cost for security that needs to be factored into digital transformation strategies. This is especially true considering the large volume of personal data that is needed to execute on analytics efforts, adaptive learning and a host of personalized approaches to education.”

Current and future BI/analytics initiatives, along with efforts to grow enrollment levels via support of distance learning via multiple online channels, will drive higher education institutions toward transformation into digital organizations. To pursue those transformations successfully, higher education institutions and their CIOs will have to parallel their commercial enterprise counterparts in one more critical way. They must achieve and sustain consistently high levels of cybersecurity, internally and for any and all students, faculty, staff, and other stakeholders who connect with them remotely.

Learn More with Ivanti

As they have for hundreds of commercial enterprises, Ivanti solutions can help almost any higher education institution improve its cybersecurity. Ivanti can help your organization with patch management for data center servers and client applications. Ivanti can also help you gain control of your users’ applications and privileges, and combat malware more effectively. Learn more about IT in higher education via our higher education solutions page, and see how we can help your institution tap more fully into The Power of Unified IT™.

2018: The Year of Smarter, More Helpful, More Secure Service Management

Wed, 10 Jan 2018 19:31:14 Z

“Hi, I’m your IT service management solution, and I’m here to help you.”

No, that’s not the beginning of a bad joke. Nor is it just wishful (or wistful) thinking. It’s an example of what IT service management (ITSM) may increasingly come to look and sound like throughout the coming year and beyond.

The driving force behind such a transformation? Artificial intelligence, or AI. The respected market watchers and analysts at Gartner, for example, have forecast that AI is just beginning a 75-year cycle that will affect every industry, not just IT.

In the shorter term, here is one of the Gartner Top Strategic Predictions for 2018 and Beyond. “By 2021, more than 50% of enterprises will spend more per annum on bots and chatbot creation than traditional mobile app development.” Bots and chatbots use AI to interact with people in conversational, near-human ways. And they represent vectors by which ITSM will become smarter and more helpful.

AI: Help for ITSM

Ivanti and the Service Desk Institute (SDI) recently surveyed 25,000 service desk professionals about user self-service and self-help. Some 74 percent of respondents use self-service and 58 percent offer users self-help. The largest motivator for both options? Improving services to the end user, cited by 90 percent of respondents offering self-service and 81 percent of those offering self-help.

However, 83 percent of users still prefer calling the service desk to using self-service, while 88 percent prefer calling the service desk to using self-help. Why? Those users prefer the “human touch,” according to 72 percent of survey respondents regarding self-service and 88 percent regarding self-help.

AI, in the form of bots and chatbots, is poised to shift this dynamic considerably. By combining rapid processing and access to voluminous data with conversational interfaces, these AI-powered options are already successfully mimicking human-to-human interaction. They’re doing so in consumer offerings such as Apple’s Siri, Google Home, and Amazon Echo, and are gaining ground in enterprise solutions as well.

How AI Will Improve ITSM

In an article published by Data Center Knowledge in October, “The Future of ITSM: Get Ready for Artificial Intelligence,” Ivanti Systems Engineer Marcel Shaw identified three “key areas” in which AI will likely have positive effects on ITSM – incident request/creation, automated back-end processes, and knowledge management.

Incident request/creation – AI-powered chatbots will enable more accurate interpretation of incidents and requests for automated ITSM solutions, improve and personalized the user experience, and make service management more efficient.
Automated back-end processes – as ITSM solutions gain more power from AI, those solutions will integrate more seamlessly with other connected technologies, such as those focused on operational analytics or security. This increased integration will extend the reach and effectiveness of back-end processes, enabling ITSM solutions to identify and resolve more issues with less human intervention than is required with many current solutions.
Knowledge management – AI-powered ITSM solutions will “remember” historical events and “learn” from them, resulting in more comprehensive knowledge databases that improve reactions to future issues. AI will also broaden the range of knowledge available to ITSM solutions, analysts, and users. Ultimately, AI-powered ITSM solutions will be able to answer questions and make recommendations and suggestions, in conjunction with or even instead of human trainers or analysts.

ITSM and Security: Another Powerful Combination

Beyond AI, ITSM is also increasingly overlapping and gaining synergies with another critical IT function: cybersecurity. After a long history of separate, parallel evolutions, IT and cybersecurity leaders now realize that effective service management requires a reliably secure environment. In addition, effective cybersecurity requires effective service delivery and management.

Kevin J. Smith is Senior Vice President for Strategic Initiatives at Ivanti. He is also the author of “The Practical Guide to World-Class IT Service Management.” At the upcoming Pink18 conference, Kevin will present a session entitled “Odd Couple or the Perfect Pair: Security & ITSM?” Kevin will discuss how new processes, metrics, and automation technologies are bringing ITSM and security closer together, and how you and your organization can best prepare.

The Future of Your ITSM Starts Now – With Ivanti

You can read more about Kevin’s session at the Pink18 conference, Feb. 18-21 in Orlando, FL, here. You can read more of his thoughts on the current state and future of ITSM here, and listen to a podcast featuring Kevin here. And you can learn more about Ivanti’s solutions for ITSM, cybersecurity, and other critical IT functions here.

We at Ivanti look forward eagerly to greater synergy and integration among AI, ITSM, and cybersecurity. Together, we can help you and your organization tap into The Power of Unified IT™.

The Ivanti Threat Thursday Update for January 4, 2018: New Threats for the New Year

Fri, 05 Jan 2018 00:51:36 Z

Greetings and welcome. This week, software developers race to remediate a processor design flaw that puts millions of devices at risk, and a new zero-day vulnerability threatens most if not all versions of macOS. Make one of your New Year’s resolutions a commitment to share any relevant opinions, reactions, and/or suggestions inspired by what you read here, please. Thanks in advance.

Chip Design Flaw Forces Major Software Updates – US-CERT Reportedly Recommends CPU Replacement

The Project Zero team of security analysts at Google disclosed discovery of a design flaw that makes most CPUs vulnerable to memory “leaks” that create significant security risks. Disclosure of the flaw has resulted in security advisories from numerous industry entities, and rapid release of patches that offer some protection, but incur performance penalties.

According to the Project Zero blog post, the resulting vulnerabilities, known as “Spectre” and “Meltdown,” “affect many modern processors, including certain processors by Intel, AMD and ARM.” As CSO reported, Meltdown affects almost every Intel processor released since 1995, while Spectre has been verified to affect processors from Intel, AMD, and ARM.”
As The Register reported, the flaw “allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.” “At best, the vulnerability could be leveraged by malware and hackers to more easily exploit other security bugs. At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel's memory.”
There are currently no actively detected exploits of these vulnerabilities in the wild, but there is plenty of proof-of-concept code that has been used to demonstrate how to exploit them. The risks were sufficient to drive Microsoft to release a Windows patch in advance of next week’s January Patch Tuesday. However, according to the CSO report, the update was not delivered to customers using what Microsoft says is incompatible antivirus software.
By the end of next week, Intel is expected to release updates for 90 percent of the processors released during the past five years. Patches are also available now for Linux systems. According to The Register, “Similar operating systems, such as Apple’s 64-bit macOS, will also need to be updated.” These updates “will incur a performance hit on Intel products.” The slowdown may range from five to 30 percent, “depending on the task and the processor model.”
In a Vulnerability Note, US-CERT, the United States Computer Emergency Readiness Team, recommends that users apply updates intended to address Spectre and Meltdown. “Operating system and some application updates mitigate” the risk of attacks via these vulnerabilities.
CSO, VentureBeat, and Business Insider all reported that the ultimate solution recommended by US-CERT is to replace affected CPU hardware. All three reports quote US-CERT as saying “The underlying vulnerability is primarily caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware.” No such verbiage appears in the currently posted version of the Vulnerability Note linked to by those reports. However, a separate US-CERT alert says that since “the vulnerability exists in CPU architecture rather than in software, patching may not fully address these vulnerabilities in all cases.”

What We Say: The likelihood that your enterprise has the budget and executive support needed to replace every system running a CPU affected by these vulnerabilities seems low. You must therefore ensure that all of your systems and applications are as protected as possible. This means up-to-date patches, updates, and application whitelists. As these new threats make clear, effective, multi-layered cybersecurity must protect your environment from the widest possible variety of threats and vulnerabilities, not just hacker attacks. Critical success factors for defense in depth include timely, comprehensive patch management, the ability to roll out patches and software updates rapidly, securely, and where and as needed, and flexible, well-enforced whitelisting. (See “Transforming the Patching Process” and “The Equifax Breach, Patch Management, and Your Cybersecurity.”)

IOHIDeous: Every Mac At Risk?

A newly discovered zero-day vulnerability may affect every version of Apple’s Macintosh operating system. The threat reportedly enables root access to any Mac.

As TechTarget SearchSecurity reported, IOHIDeous is a vulnerability that affects IOHIDSystem, a macOS component that connects the software to user interface elements, including keyboards and cursors. As described by “a hobbyist developer and hacker from Switzerland” who released proof-of-concept code exploiting the vulnerability, IOHIDeous affects “all versions of macOS going back 15 years.”
IOHIDeous “could allow for an attacker to escalate privilege, run arbitrary code and gain root access.” Fortunately, “the flaw is not remotely exploitable,” and cannot be exploited without obviously affecting a system’s user interface.
The Swiss hacker “noted that not all of the parts [of the hacker’s exploit] have been tested across all versions of macOS,” and that part of the attack used "’doesn't work on High Sierra 10.13.2 anymore.’" However, the hacker added that “the vulnerability is still present and may be exploitable in different ways,” and that it can likely “be easily adapted for other versions” of macOS.

What We Say: Devices running macOS and iOS are gaining traction among enterprises, especially those that connect with consumers, support users’ personal devices, or both. As adoption of such devices grows, they become increasingly attractive targets for hackers and attackers. Your endpoint protection solutions and processes must protect equally all software environments your users are authorized to use. (See our endpoint management blog posts, especially “What Are the Four Keys to True UEM?” and “UEM Is Dead. UEM Is Reborn. UEM Was Just Misunderstood. Long Live UEM!”)

Improve Your Cybersecurity. Partner with Ivanti.

What does your organization need to maximize its cybersecurity? Comprehensive patch management for your data center servers, your client operating systems and third-party applications, or all of the above? Control of the applications on your network? Granular management of your users’ devices and admin rights? Better abilities to fight and recover from malware attacks?

Ivanti solutions can help you address any or all of these critical cybersecurity challenges. Ivanti can also help enhance endpoint management across your organization. Check out our cybersecurity and endpoint management solutions online. Then, contact Ivanti, and let us help your organization achieve better cybersecurity, tap into more of The Power of Unified IT™. (And do please keep reading, sharing, and commenting on our security blog posts, especially our Patch Tuesday and Threat Thursday updates, throughout 2018.)

The ICYMI Weekly Round-Up: December 18–29, 2017

Wed, 03 Jan 2018 06:16:27 Z

Greetings. In case you were wondering, “ICYMI” is short for “in case you missed it.” And this is a digest of recent news, events, and content in and around Ivanti and Ivanti.com. We hope you find it both interesting and useful. Let us know via email to icymi@ivanti.com. Thanks, and Happy New Year!

This Week’s Big News: Cybersecurity Challenges and Opportunities in 2018!

As mentioned below, the good folks at EY have published their latest Global Information Security Study. You can read the blog post for details, but here are a few findings you might find disturbing – and uncomfortably familiar.

“75% of respondents rate the maturity of their vulnerability identification as very low to moderate.”
“38% have no identity and access program or have not formally agreed such a program.”
“35% describe their data protection policies as ad-hoc or non-existent.”
“12% have no breach detection program in place.” Yet the same percentage of respondents “feel it is very likely they would detect a sophisticated cyber attack.”
“89% say their cybersecurity function does not fully meet their organization’s needs.”
“Only 4% of organizations are confident that they have fully considered the information security implications of their current strategy, and that their risk landscape incorporates and monitors relevant cyber threats, vulnerabilities and risks.”

So how does your organization compare? Whatever your cybersecurity status, experts at Ivanti and elsewhere agree. An intensified focus on basics, such as patch, application, and privilege management, can do much to make your enterprise more secure and resistant to threats.

Read more about the EY survey in our Dec. 28, 2017 Threat Thursday Update. Grab a complimentary copy of the complete EY survey to peruse and share with your colleagues and bosses. Review our security blog posts for more specific guidance on how to improve cybersecurity at your enterprise. Then, check out how our solutions can help you with patch management for your servers and applications, control of your users’ applications and privileges, and your abilities to resist and recover from malware attacks. Resolve to make 2018 the year you and Ivanti get your enterprise closer to truly effective defense in depth, and to The Power of Unified IT™.

Recent Blog Posts

IT Stories You Won’t Believe Actually Happened – customers share stories you may find hard to believe – unless you’ve experienced similar things yourself.
Security Risk: How Old Software Might Be Hurting Your Organization – Ivanti IT Asset Management (ITAM) Evangelist Patricia Adams explains why it might be time to retire those copies of Windows 7 you’re still running.
Insights into Android Supply Chain Management – Ivanti Senior Product Marketing Manager Rob DeStefano discusses why supply chain managers are moving to Android, how that shift may affect their device management, and how Ivanti can help.
Podcast Recap: Why You’ll Be Using Blockchain to Buy a House One Day, and Disney Buys the Simpsons – a fascinating discussion with the CEO and COO of Stockchain Global, a company focused on using blockchain technologies to flatten and simplify complex financial transactions.
Here’s What Our Customers Want From Santa This Year – Ivanti Marketing Specialist (and social media doyenne) Ashtyn Creel collects and shares what several Ivanti customers really want(ed) for Christmas.
The 12 Beers of Christmas: 2017 Edition – Ivanti Product Management Director (and craft beer enthusiast) Chris Goettl extends his annual tradition to include recommendations from Ivanti customers.
The Ivanti Threat Thursday Update for December 21, 2017: More Shopping and Password Threats! – almost 20,000 fake shopping sites in Japan, plus more evidence that users should not be allowed to create their own online passwords. (“Starwars,” anyone? Sadly, yes.)
Podcast Recap: IT Stories, plus 10 More of Our Best Stories – more great, nearly unbelievable IT stories from Ivanti customers.
The Ivanti Threat Thursday Update for December 28, 2017: Old and New Challenges for a New Year – highlights (and lowlights) from EY’s latest Global Information Security Survey.

Coming Up This Week

No major events on the calendar for this week, but several cool webinars are coming next week, including our monthly take on Patch Tuesday. Details in next week’s ICYMI Update. Meanwhile, check the Ivanti Events Calendar for more details and updates, and make sure to share with your colleagues.

The Ivanti Threat Thursday Update for December 28, 2017: Old and New Challenges for a New Year

Thu, 28 Dec 2017 19:54:50 Z

Greetings and welcome. This week, new survey results highlight old and new challenges to your enterprise’s cybersecurity, and what you should do to address them. Inspired to share any relevant opinions, reactions, and/or suggestions? Please feel free. Thanks in advance – and have a happy, safe, and secure New Year.

EY’s Latest Global Information Security Survey: The More Things Change…

EY has published its 20^th Global Information Security Survey, which “captures the responses of nearly 1,200 C-suite leaders and information security and IT executives/managers.” Respondents came from a wide variety of company sizes, industries, and geographic regions.

Budgets, talent, and executive awareness were frequently cited as barriers to better cybersecurity. “59% of respondents cite budget constraints while 58% lament a lack of skilled resources; 29% complain about a lack of executive awareness or support.”
Budgets are rising, although not enough at many responding enterprises. “59% of respondents this year say their budgets increased over the last 12 months. 87% say they need up to 50% more budget. 12% expect an increase of more than 25% in their cybersecurity budget.”
Executive engagement and awareness remain inconsistent. “63% of organizations still have the cybersecurity function reporting into IT.” “24% say the person with responsibility for cybersecurity sits on their board,” while “only 50% report to [their boards] regularly.”
Cybersecurity basics are inadequately addressed at many surveyed organizations. “75% of respondents rate the maturity of their vulnerability identification as very low to moderate.” “38% have no identity and access program or have not formally agreed such a program.” “35% describe their data protection policies as ad-hoc or non-existent.” And “12% have no breach detection program in place.” Yet the same percentage of respondents “feel it is very likely they would detect a sophisticated cyber attack.”
“69% of respondents have some form of formal incident response capability.” However, only 8% “describe their plan as robust and spanning third parties and law enforcement.” Further, “43% of respondents do not have an agreed communications strategy or plan in place in the event of a significant attack.”
“89% say their cybersecurity function does not fully meet their organization’s needs.”
“Only 4% of organizations are confident that they have fully considered the information security implications of their current strategy, and that their risk landscape incorporates and monitors relevant cyber threats, vulnerabilities and risks.”

What We Say: Threats to your organization are growing in number, type, and effectiveness as you read this. You and your colleagues must resolve to make 2018 the year in which you do all you can to implement tools and processes that maximize protection of your users and resources from those threats. At minimum, those tools and processes must enable your organization to discover, identify, and limit the effects of threats, using proven recommendations and best practices as guidelines.

The Australian Signals Directorate (ASD), the Center for Internet Security (CIS), and other experts agree. Effective patch management and control of applications and administrative privileges are strong first steps that can address at least 85 percent of threats to your organization’s cybersecurity. Consistent executive engagement and user education are also critical. (See “What to Do BEFORE All Hell Breaks Loose: Cybersecurity for Today’s Extreme Threats” and “User Education for Cybersecurity: Yes, It’s Worth It.”)

Resolve to Improve Your Cybersecurity with Ivanti

Whatever your current cybersecurity measures and posture, Ivanti can help to improve it. Ivanti solutions help you control your users’ applications, devices, and admin rights, while delivering the access they need to do their jobs. Ivanti can also help fight malware attacks more effectively, and recover from successful threats more quickly. Ivanti can also help enhance endpoint management across your organization.

Check out our cybersecurity and endpoint management solutions online. Then, contact Ivanti, and let us help your business tap more of The Power of Unified IT™. (And do please keep reading, sharing, and commenting on our security blog posts, especially our Patch Tuesday and Threat Thursday updates, throughout 2018.)

The Ivanti Threat Thursday Update for December 21, 2017: More Shopping and Password Threats!

Fri, 22 Dec 2017 00:27:14 Z

Greetings and welcome. This week, a survey in Japan finds nearly 20,000 fake shopping sites, and more evidence that users do not create good passwords. Inspired to share any relevant opinions, reactions, and/or suggestions? Please feel free. Thanks in advance – and Happy “Holidaze!”

Survey in Japan Finds Nearly 20,000 Fake Shopping Sites

Japan’s National Police Agency (NPA) announced that a recent survey found 19,834 fake shopping sites operating in that country during the second half of 2017.

As Japan Times reported, a survey “by the Japan Cybercrime Control Center involving information security and online service providers,” identified nearly 20,000 such sites operating in Japan from July to earlier this month. “Police are investigating 122 bank accounts designated by the sites for payment, and confirmed that so far they had received about ¥240 million ($2.1 million).”
“Police are investigating 122 bank accounts designated by the sites for payment, and confirmed that so far they had received about ¥240 million ($2.1 million). Investigators have identified online shopping scams involving 43 people, including those suspected of making their bank accounts available through the websites in violation of a law preventing the transfer of criminal proceeds.”
The Center has also “confirmed in the country the existence of 272 websites that are altered versions of existing facilities such as hospitals and shops. These websites also eventually route visitors to the scam sites.” The Center has warned the operators of those 272 sites to “fix the security flaws.”
Online fraud is on the upswing in Japan. “The police said they received 69,977 reports in the January to June period, up 4.9 percent from a year earlier and the highest since 2001 when comparable data became available. Police data showed that the leading category of reports — comprising 36,729 cases — involved the use of fraud and other malicious businesses practices to swindle customers of online shopping sites.”

What We Say: Antivirus software alone will not protect users from the growing number and range of fake websites and phishing emails. Your organization must have tools and processes that limit users’ abilities to access dangerous websites and links. Your processes must also educate and frequently remind users that they are the first line of defense for your organization. (See “What to Do BEFORE All Hell Breaks Loose: Cybersecurity for Today’s Extreme Threats” and “User Education for Cybersecurity: Yes, It’s Worth It.”)

More Evidence: Users Create Bad Passwords – Including “starwars”

As mentioned in last week’s Threat Thursday Update, 1.4 billion sets of clear text credentials found on the dark web show that users create and reuse passwords such as “123456,” “qwerty,” and “password.” The latest edition of an annual listing of worst passwords confirms such behaviors, and adds new examples.

As Dark Reading reported, “The 2017 Worst Passwords list, drawn from more than five million stolen passwords found online and in plain text by researchers at password management firm SplashData, represents mostly credentials from users in North America and Western Europe. The list, now in its seventh year, doesn't include credentials exposed in the Yahoo breach, nor from compromised adult websites.”
The top 10 passwords, ranked by count: “123456,” “Password,” “12345678,” “qwerty,” “123345,” “123456789,” “letmein,” “1234567,” “football,” and “iloveyou.” New to the list is “starwars,” which ranked sixteenth, just ahead of “passw0rd.”
“[A] new survey of 1,000 Americans by Visa shows that consumers are getting a bit weary of the password drill: 70% of the respondents consider biometrics simpler than passwords, and some 46% believe biometric authentication is more secure. Close to one-third have used fingerprint authentication on one or two occasions, while 35% do so on a regular basis. Half consider the big selling point of biometrics is no longer having to remember multiple passwords. However, users must often create or remember passwords to set up or reconfigure biometric or fingerprint-based authentication.

What We Say: You and other IT and cybersecurity leaders and teams must help your users to avoid making themselves and their organizations vulnerable to hackers and thieves via inadequate passwords. Education can help users choose and create better passwords and avoid reusing them across multiple online resources. That education must be supported with robust, consistently implemented identity management tools and processes, to minimize password-related risk. (See “Three Things You Can Do Now to Increase User Contributions to Cybersecurity at Your Enterprise” and “The Biggest Mistakes Users Make When Choosing a Password.”)

Empower and Protect Your Users and Your Enterprise with Ivanti

Ivanti can help you protect your users from themselves, their badly created, overused passwords, and many other threats. Ivanti solutions help you control your users’ applications, devices, and admin rights, while delivering the access they need to do their jobs. Ivanti can also help fight malware attacks more effectively, and recover from successful threats more quickly. And Ivanti can help enhance endpoint management at your organization.

The ICYMI Weekly Round-Up: December 11–15, 2017

Tue, 19 Dec 2017 05:30:23 Z

This Week’s Big News: Big Supply Chain Changes Coming!

2018 will likely be a big year for many warehouse and supply chain decision makers, according to new research sponsored by Ivanti and conducted by respected market watchers VDC Research.

The new study, “Taking Advantage of Apps and App Modernization in Warehousing,” is based on a survey of respondents from North America and Europe, conducted this past August. And it offers some interesting findings and compelling take-aways.

Key findings:

53 percent of IT decision makers supporting warehouse operations view their mobility deployments as immature.
56 percent of organizations plan to upgrade their existing fleet of mobile devices as their current devices near end-of-life.
One in four respondents cited a more visual and modern user interface as a critical factor influencing the decision to upgrade.

Top take-aways:

End-of-life for legacy operating systems presents challenges for warehousing operations.
Industrial browsers can ease transition to modern mobile platforms.
Modern mobility can drive speed and agility.

Read the news release to learn more about the study. Then, get your complimentary copy, check out our supply chain blog posts, and explore our solutions for your warehouse operations and supply chain challenges. Let Ivanti help you keep your New Year’s resolution to modernize your warehouse and supply chain, and further tap into The Power of Unified IT™.

Recent Blog Posts

December Patch Tuesday 2017 – our final 2017 round-up of leading vendors’ software patch and update releases, and what you should do about them.
Podcast Recap: The Present and Future of Virtual Reality, Thoughts on Bitcoin and Grey’s Anatomy – a fascinating interview with the founder of a virtual reality (VR) studio and arcade in Salt Lake City, Utah.
Transforming the Patching Process – how Ivanti is helping the University of Pittsburgh consolidate, automate, and improve patch management and cybersecurity, with tips you can use at your organization.
The Ivanti Threat Thursday Update for December 14, 2017: New Hacks and Scams, Just in Time for the Holidays! – new attacks on banking systems, a new PayPal phishing scam, and new research that highlights an old program: bad user-created passwords.
File Director 4.4 – Improved Efficiency and Metrics to Drive User Acceptance – new features to ease and speed your Windows 10 deployments and increase user adoption.
Two Great Benefits for Ivanti Customers Only: The Solution Adviser and The Insider Hub! – two exclusive ways we help our customers get more value from their Ivanti investments.

Two Great Benefits for Ivanti Customers Only: The Solution Adviser and The Insider Hub!

Fri, 15 Dec 2017 22:34:54 Z

Of course, once you become an Ivanti customer, you gain the benefits Ivanti’s solutions, our experience, our commitment to your success, and our ecosystem of partners and engaged users. But at Ivanti, every customer is also a very important person, with access to some very innovative perks. Herewith, some information concerning two such perks about which every Ivanti customer (and those who might become Ivanti customers) should know.

The Ivanti Solution Adviser

Every Ivanti customer who purchases a maintenance contract gains access to a range of resources via the Smart Service Portal at the Ivanti Technical Community. A powerful and popular feature of that Portal is the Solution Adviser.

Got a specific problem or challenge? Head for the Solution Adviser, and answer a few questions via easy-to-navigate drop-down menus. In return, you get:

A list of top solutions based on Ivanti expert opinions and relevant customer experiences;
Links to relevant postings in the Ivanti Technical Community; and
High-value supporting collateral, such as white papers and articles.

Want more? Once you’ve examined the results from the Solution Adviser, you have the option of requesting more information or support from the Ivanti team by submitting an online request. You can then request a response by phone or email, and track your case from initiation through resolution. And in the unlikely event that the Solution Adviser and support team don’t resolve your issue, you can also request escalation to review by Ivanti support management.

Ivanti is fully committed to your success. The Solution Adviser provides a fast, easy way to identify and begin pursuing your specific challenges and opportunities, with nothing else required but your access to the Smart Service Portal.

The Ivanti Insider Hub

We at Ivanti don’t just want to help you address your most pressing IT challenges quickly and effectively. We also want to reward you for your support of Ivanti. So we’ve launched the Ivanti Insider Hub.

This online resource showcases a constantly-evolving set of challenges and opportunities. You get points for each one you complete. Those points can be exchanged for items ranging from Ivanti swag to experiences with Ivanti executives. Want the chance to go fly-fishing with CEO Steve Daly, go skiing with CISO Phil Richards, or perform with CMO Steve Morton and the house band at Ivanti’s Sales Kick-Off? Become an Insider Hub advocate, and start accumulating those points!

Your Next Steps

For more information about the Insider Hub, customers can drop a line to Advocates@Ivanti.com. If you’re not yet an Ivanti customer, you can learn more about our Solution Adviser and other support services here. Then, check out our solutions online, and get in touch with us, so we can start helping you to modernize and improve IT at your organization and tap into The Power of Unified IT™.

The Ivanti Threat Thursday Update for December 14, 2017: New Hacks and Scams, Just in Time for the Holidays!

Thu, 14 Dec 2017 19:14:45 Z

Greetings and welcome. This week, new attacks on banks around the world, a new PayPal phishing scam, and new evidence that users are password-challenged. ‘Tis the season, so if you care to gift us with any relevant opinions, reactions, and/or suggestions, please feel free to share. Thanks in advance – and Happy “Holidaze!”

MoneyTakers Take Up to US$10 Million from U.S., UK, Russian Banks

A Russian cybersecurity firm claims a new group, known as “MoneyTaker,” has used multiple methods to steal as much as US$10 million from banks in three countries.

As SiliconANGLE reported, Moscow-based Group-IB claims MoneyTaker “has stolen funds from 20 companies. Some 16 of the attacks targeted U.S organizations, three attacks were on Russian banks and one bank in the U.K. was hit.”
“The group primarily stole money by targeting card processing and bank transfer systems, including the Russian Interbank System AWS CBR and the Society for Worldwide Interbank Financial Telecommunication, better known by its acronym of SWIFT.” The group also gained access to First Data Corp.’s STAR network, used by automated teller machines (ATMs), then issued new ATM cards, then used those to withdraw money from ATMs in the U.S. and Russia.
Group-IB said MoneyTaker’s use of publicly available tools and multiple theft methods make tracking and investigating its thefts more challenging. Group-IB also said it expects MoneyTaker to expand its activities, and that these “may move into new regions including South America.”

What We Say: As the Russian proverb made popular in English by U.S. President Ronald Reagan says, "Доверяй, но проверяй" (“Doveryai, no proveryai”) – “trust, but verify.” It’s not enough to put robust cybersecurity measures in place. These must be tested and verified frequently, to ensure that they are doing the most possible to keep your organization ahead of hackers and attackers. Discovery, inventory, frequent testing, and regular updates are all essential components of effective, multi-layered cybersecurity. (See “What to Do BEFORE All Hell Breaks Loose: Cybersecurity for Today’s Extreme Threats.”)

New Phishing Attack Targets PayPal Users

Just as end-of-year holiday shopping ramps up, a new scam seeks to trick PayPal users into giving up fraud-enabling identity information to hackers.

As Gizmodo reported, “an illicit campaign is underway to deceive PayPal users into believing recent transactions they’ve made ‘could not be verified.’ In emails bearing PayPal’s logo, consumers are warned that PayPal has detected suspicious activity on their accounts and that the company requires updated information to avoid fraudulent charges.”
The phishing email includes an authentic-looking PayPal logo, an apparent originating address of “service[at]paypal.com,” and erroneous uses of punctuation and English. It also includes a link to a fake PayPal web page that provides a fake case ID number, then says the visitor will need to supply “a few personal details” “to return ‘your account to regular standing.’”
The next page then asks for “your full name, address, date of birth and mother’s maiden name—everything short of a Social Security number that a person would need to effectively steal your identity. It also requests that you enter your credit card information, including the full number, expiration date and security code.”

What We Say: The Research, Investigations, Solutions and Knowledge (RISK) team at Verizon, authors of the lauded Verizon Data Breach Investigations Report, estimate that more than 90 percent of cybersecurity incidents and breaches begin with phishing expeditions such as this one. To protect your organization, you need tools and processes in place that will protect against the malicious software these unsuspecting users introduce into your environment. You also need education efforts that constantly remind users to follow this “one simple instruction” from the Gizmodo report. “Never login or provide any information to a website that you reach by clicking on a link sent to you by email, no matter how official or authentic it seems.” (See “User Education for Cybersecurity: Yes, It’s Worth It.”)

New Dark Web Data Dump Confirms It: Users Create Bad Passwords

Identity threat intelligence company 4iQ claimed discovery of a single file on the dark web that contains 1.4 billion clear text credentials. The file is not only huge, but confirms that where cybersecurity is concerned, many users are their own worst enemies.

As 4iQ posted on Medium, none of the passwords discovered in this latest cache was encrypted. The company added that it had “tested a subset of these passwords and most of the have been verified to be true.”
This latest find includes data captured in 252 previous breaches, but is “not just a list. It is an aggregated, interactive database that allows for fast (one second response) searches and new breach imports. Given the fact that people reuse passwords across their email, social media, e-commerce, banking and work accounts, hackers can automate account hijacking or account takeover.”
Analysis by 4iQ examined the nature of the passwords included in the database. The top 10 passwords, ranked by count, are “123456,” “123456789,” “qwerty,” “password,” “111111,” “12345678,” “abc123,” “1234567,” “password1,” and “1234567890.” The database also reveals high levels of password reuse.

What We Say: Surveys indicate that many companies do little or nothing to compel users to implement strong passwords, change them regularly, or avoid password reuse. Robust identity management tools and processes, combined with focused, repeated user education, are essential to breaking bad user habits and encouraging better ones. (See “The Biggest Mistakes Users Make When Choosing a Password” and “User Education for Cybersecurity: Yes, It’s Worth It.”)

Empower and Protect Your Users and Your Enterprise with Ivanti

Productivity and cybersecurity all start with your users and their endpoints. Ivanti can help control your users’ applications, devices, and admin rights, while delivering the access they need to do their jobs. Ivanti can also help fight malware attacks more effectively, and recover from successful threats more quickly. And Ivanti can help enhance endpoint management at your organization.

The ICYMI Weekly Round-Up: December 4–8, 2017

Tue, 12 Dec 2017 06:45:56 Z

Greetings. In case you were wondering, “ICYMI” is short for “in case you missed it.” And because of last week’s Thanksgiving holiday in the U.S., this is a special, two-week digest of recent news, events, and content in and around Ivanti and Ivanti.com. We hope you find it both interesting and useful. Let us know via email to icymi@ivanti.com – and thanks!

This Week’s Big News: Let the Reviews and Predictions Begin!

The end of a year all but guarantees three things. One is a mad dash among salespeople and others at businesses of all sizes and types to close the year strong. The other two? Reviews of the previous year, and predictions for the year to come.

All three activities take place in and around Ivanti as well. Two of the blog posts highlighted below feature looks back at 2017 and prognostications for 2018. We’ll bring you more of both in the weeks ahead. In the meantime, if you’ve got 2017 memories, 2018 predictions, or both to share, we’d love to hear about them. Drop us a line at icymi@ivanti.com, and let us know if we should keep your pronouncements anonymous. Thanks in advance. Oh, and Merry Christmas and Happy Holidays from Ivanti! ☺

Recent Blog Posts

Interchange IT Podcast Recap: Michael Kersey & Dallin Hudson – tales of horror (and humor) from two of Ivanti’s own IT pros.
Windows 10 Migration Tips from Real Experts – real-life recommendations from Ivanti customers via members of Ivanti’s Technical Consulting Team.
Podcast Recap: Is Bitcoin a Bubble, a Review of 2017 in IT, and Predictions for 2018 – listener questions about the Uber breach and Bitcoin’s future, plus a look back and a look ahead with industry veteran Michael Dortch (@DortchOnIT).
Predictions: 2018 Delivers Faster, More Accurate Business – predictions about supply chains and warehouses, likely including those at your organization, from Senior Product Marketing Manager Robert DeStefano.
The Ivanti Threat Thursday Update for December 7, 2017: A Skills Gap? Or a Skills Chasm? – more on the growing cybersecurity skills shortage, and evidence that industrial companies just don’t get cybersecurity – at least not yet.

Coming Up This Week

On Dec. 12, Ivanti will participate in a Customer Breakfast Briefing hosted by our partner, Bluefort Security, in London, UK. Dec. 13 brings Ivanti’s popular monthly Patch Tuesday webinar. On Dec. 14, join us for what’s sure to be a timely, informative, and lively webinar: Here's What We've Discovered about Microsoft's Updated Windows 10 Servicing Model.”

We hope to see and talk with you at one or more of these events, in person or online. Make sure to share these opportunities with your colleagues, and to check the Ivanti Events Calendar for more details and updates.

The Ivanti Threat Thursday Update for December 7, 2017: A Skills Gap? Or a Skills Chasm?

Thu, 07 Dec 2017 21:47:04 Z

Greetings and welcome. This week, new survey results indicate the cybersecurity skills gap is persistent, tenacious, and likely growing. Got relevant opinions, reactions, and/or suggestions? Feel free to share. Thanks in advance.

Survey: The Cybersecurity Skills Gap is Real – and Really Troubling

Research conducted jointly by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG) indicates that the cybersecurity skills gap is widening, and its effect on businesses is growing.

For their second annual joint study of “The Life and Times of Cyber Security Professionals,” ISSA and ESG interviewed some 343 respondents from around the world. The top three contributing factors to cybersecurity threats and vulnerabilities cited by those respondents? Lack of training of non-technical employees (cited by 31 percent), lack of adequate cybersecurity staff (22 percent), and “business executive management making cyber security a low priority (20 percent).”
Some 70 percent of respondents believe the cybersecurity skills shortage has affected their organizations. However, 62 percent also believe their organizations “are falling behind in providing an adequate level of training” for their professionals, a rise of almost 10 percent from last year’s study.
Respondents also highlighted specific areas in which skills are lacking at their organizations. The two top areas? Security analysis and investigation skills and application security skills, each cited by 31 percent of respondents.
“Survey respondents say the number one cyber security challenge is the cyber security staff being understaffed for the size of their organization (29 percent).” Respondents also said their organizations need to improve aligning cybersecurity and business goals, formalizing and documenting cybersecurity practices, and recruiting IT and business professionals “to bridge the cyber/business gap.” Such recruiting faces significant obstacles, however – 49 percent of respondents say they are contacted by recruiters about other jobs at least once a week.

What We Say: No amount of recruiting will ever completely close the cybersecurity skills gap at every – if at any – organization. The challenges to effective cybersecurity are too numerous and evolving too quickly to be solved by “throwing people at the problem,” even if such people can be found. Your organization needs to ensure that it has tools in place that automate and rationalize critical cybersecurity processes, and that maximize protections while minimizing your exposure. Fortunately, starting with basics such as comprehensive patch and privilege management and application whitelisting can significantly improve cybersecurity. They can also help get your organization closer to defense in depth that is also aligned with business goals. (See “7 Essential Real-World Security Questions to Ask Today” (Parts 1 and 2), and “What to Do BEFORE All Hell Breaks Loose: Cybersecurity for Today’s Extreme Threats.”)

Survey: Industrial Companies Just Don’t Get Cybersecurity – Yet

Many industrial companies are eagerly pursuing modernization and digital transformation initiatives, under banners such as “Industry 4.0” and “Smart Manufacturing.” Yet recent research indicates that many of these companies are woefully unprepared for the cybersecurity threats likely to grow and multiply as such enterprises become more digitally connected.

As reported by ZDNet, Honeywell Industrial Cyber Security sponsored a survey of 130 industrial companies conducted by LNS Research. That survey, “Putting Industrial Cyber Security at the Top of the CEO Agenda,” found that 53 percent of those companies have experienced at least one cybersecurity breach. Yet 63 percent “do not monitor for suspicious behavior, and 45 percent do not even have a cybersecurity expert or manager in place.”
“In addition, 25 percent of those surveyed said they never conducted penetration testing, while 13 percent said this practice – which can discover holes in network security before attackers do – occurs less than once every 12 months.”
Industrial companies are increasingly focused on the so-called “Industrial Internet of Things (IIoT)” – a combination of “sensors, Internet of Things (IoT) devices, embedded connectivity in control components, and data analytics.” While the IIoT can improve industrial processes, it also creates more opportunities for cybersecurity vulnerabilities and breaches. “Together with long upgrade cycles commonly found in industry, businesses may be setting themselves up for a cybersecurity incident.”

What We Say: In fewer than 10 days this June, WannaCry forced a Honda plant to halt production and NotPetya locked employees out of radiation monitoring systems at Chernobyl. The cybersecurity clock is already ticking at those industrial companies that have not yet experienced a significant breach. As is true beyond industrial and manufacturing concerns, cybersecurity must be an integral part of any modernization or digital transformation efforts. To pursue such initiatives without a laser-like focus on cybersecurity is to attempt to build a business on a foundation almost guaranteed to be attacked successfully, sooner or later. For maximum benefit, cybersecurity efforts must extend beyond knowledge workers, and embrace every part of the business, from the warehouse to the factory floor. (See our supply chain blog posts and “Ransomware: It’s About Much More Than Money.”)

Achieve Defense in Depth with Ivanti

Ivanti can help your enterprise improve its defenses against cybersecurity attacks, whatever business your enterprise pursues. Patch your client and server systems more easily and consistently. Fight malware attacks more effectively, and recover from successful threats more quickly. Control users’ applications, devices, and admin rights, while delivering the access they need to do their jobs. Modernize your supply chain and make your warehouse employees more agile and productive. And more.

Check out our cybersecurity solutions online. Then, contact Ivanti, and let us help you bring effective, multi-layered cybersecurity to your organization. (And do please keep reading, sharing, and commenting on our security blog posts, especially our Patch Tuesday and Threat Thursday updates.)

The ICYMI Weekly Round-Up: November 27–December 1, 2017

Tue, 05 Dec 2017 23:50:00 Z

This Week’s Big News: That’s Our Opinion (and a Few of Yours)

Ivanti is more than just a broad portfolio of solutions for a variety of IT-empowered, business-critical tasks and functions. Ivanti is also a nexus of experienced, passionate experts in multiple areas. Some are Ivanti team members, some are partners, and some are customers. And they all have opinions about a broad range of subjects, from the latest cybersecurity vulnerabilities and breaches to what the coming year will bring for IT.

This week’s blog posts provide a great sampling of some of those opinions. So check them out, below and online. Who knows? You might be moved to express one or more of your own.

Recent Blog Posts

Better, Faster, Cheaper, More: Why Your Warehouse Needs Modern Mobile Solutions – how modern mobile apps can improve worker productivity and customer satisfaction.
Mobility in the Warehouse: Obstacles and Opportunities – what stands in the way of modern warehouse mobility, and why the business benefits are worth the effort.
Extending Your Service Management Platform to Self Service Portal – how to cut through the hype around, and get to the benefits of, employee self-service.
Your Best Answers to the Question: What’s the Best Reason for Moving Interchange to Dallas? – we asked, and you answered – and here are the ones we loved most.
Mac Users Be Aware: High Sierra Flaw Exposes Root – details of a flaw in the latest macOS release, and what to do about it.
Product Newsletter Blog for November 2017 – the latest releases and updates for Ivanti Service Manager, Ivanti Endpoint Manager, Ivanti Avalanche, and more.
The Ivanti Threat Thursday Update for November 30, 2017: Big Mac Attack? – more on the High Sierra macOS flaw, plus more leaked data from a U.S. government agency.
IT, 2017-2018: A Look Back and A Look Ahead, with/by Michael Dortch – our Senior Content Development Manager takes talking to himself to a new level.
Ivanti @ Fusion 2017: Fear and Learning in Orlando for ITSM and IT Pros – notes from discussions with attendees at our booth at the show.
Interchange IT Podcast Recap: Michael Kersey & Dallin Hudson – tales of horror (and humor) from two of Ivanti’s own IT pros.
Windows 10 Migration Tips from Real Experts – real-life recommendations from Ivanti customers via members of Ivanti’s Technical Consulting Team.

Ivanti @ Fusion 2017: Fear and Learning in Orlando for ITSM and IT Pros

Fri, 01 Dec 2017 16:49:17 Z

At the Fusion 2017 conference in Orlando, Ivanti attracted a lot of attention – and not just because of the guy in the booth in the scary clown outfit. Herewith, some notes from our discussions with attendees at the show.

ITSM: It’s About the Business Now

Breaking news: business people don’t care about service level agreements (SLAs) any more, if they ever really did. And the old ways of thinking are inadequate for the journey toward digital transformation.

Those were key take-aways from the sessions given by Ivanti Director, ITSM Americas (and renown IT and ITSM evangelist) Matt Hooper. As Matt pointed out, if you had an SLA with your significant other, then told that person you were “99 percent compliant” with that agreement, your relationship would likely still be in a world of trouble.

Matt also reminded his audiences that new technology options demand new ways of doing things from IT. For example, requesting and spinning up new computing resources used to take days, if not weeks or months. This gave IT ample time to respond to, prioritize, and manage those new resource requests. Today, anyone with a credit card and an idea can go online and create a virtual server in minutes, if not seconds. Clearly, new, faster responses are required.

ITSM: Do It by the Book

The session given by Ivanti Senior Vice President for Strategic Initiatives Kevin J. Smith was also well attended, as was the follow-on book signing. Kevin is the author of The Practical Guide To World-Class IT Service Management. In his Fusion session, Kevin laid out six significant factors that are transforming ITSM. In his book, Kevin outlines the “6 Core” and “12 World-Class” processes needed to deliver high-performance service management in the modern enterprise.

Hundreds of Fusion attendees lined up for a signed copy of Kevin’s book, even though the signing was on the last day of the conference. (Apparently, they needed something to read on the flight home to get that scary clown image out of their minds.)

World-Class ITSM and More: Ivanti Can Help

We talked with hundreds of attendees about their ITSM challenges and future plans. Many expressed their need and desire to move beyond tracking tickets and incidents, to incorporate more security into their processes, or to stop paying for unused software. We also showed many how features such as voice-enabled self-service and flexible, actionable reporting can ease, speed, and improve phone interactions, for both callers and responders.

As many Fusion attendees discovered, Ivanti has modern, effective solutions for ITSM, and for other critical enterprise IT tasks. Want to improve delivery of IT and business services? Ivanti can help. Need more and better IT asset management? Ivanti can help you discover and inventory your assets, manage them across their lifecycles, survive your next audit, and reduce your hardware and software costs. Need better cybersecurity? Ivanti can help improve patch management of your endpoints and servers, fight malware more effectively, and gain greater control over your users’ applications, devices, and privileges.

Check out our solutions online. Then, get in touch with Ivanti, and let us help you help your organization tap into The Power of Unified IT™.

IT, 2017-2018: A Look Back and A Look Ahead, with/by Michael Dortch

Fri, 01 Dec 2017 16:27:47 Z

(PLEASE NOTE: The first letter of the first sentence of each question and answer below is highlighted. Please string those letters together in the order in which they appear before reacting or responding to this post.)

Since 1979, I’ve been an IT industry analyst, journalist, consultant, online and physical event speaker and host, marketer, and general provocateur. So, I thought, who better than me to get my take on IT during the year about to pass into history, and what the year about to start is likely to bring?

Dortch on Dortch on IT: The Interview

Michael Dortch: So, Michael, as you look back on 2017, what do you see as the events or trends in IT that mattered most to users?

Michael Dortch: As a matter of fact, Michael, I think the top trend, if you will, was the lack of significant events. No major breaches of corporate networks or databases of fungible information. No major technological shifts with any meaningful long-term impact on the enterprise. No major unmet needs unearthed or exacerbated. A quiet year, by and large, to the relief of many if not most IT and cybersecurity professionals, I might add.

MD: Telling, that. Moving from recent past to imminent future, then, what do you foresee as the trends or events in IT that will affect users most in 2018 – and perhaps beyond?

MD: I am steadfastly convinced that in retrospect, 2018 will appear almost as calm and uneventful as 2017 turned out to be.

Yes, Internet of Things (IoT) devices will multiply prodigiously – but their effect on enterprise cybersecurity will be all but negligible.

Yes, there will be new threats – but the defenses and remediation solutions implemented by most enterprises will likely prove to be at least as effective in 2018 as they were in 2017.

Yes, the number and types of things we call “IT assets” will continue to grow – but they’re unlikely to exceed the capacities of the processes and tools that are working so well at so many enterprises today.

And of course, consumer and enterprise user and worker demographics are shifting, even as more experienced IT professionals age out of the workplace. but that’s no reason to panic about any skills shortfall, or inadequate automation, or any gulf between user expectations and user experiences. After all, these weren’t big problems in 2017, were they?

MD: Rigorously logical, as always. So, to wrap up, what one piece of advice or guidance would you give IT decision makers now to best prepare for 2018?

MD: “Equilibrium is essential,” in 2018 and beyond. If what you’ve done so far has worked so far, stay the course. And if what you’re doing now isn’t working as well as you’d like, be assured that a few minimal tweaks are likely all you need to bring things up to snuff. No need to pursue any IT automation, modernization, transformation, or unification efforts with any but minimal alacrity. After all, it’s unlikely that your competitors are doing anything differently.

This discussion reminds me of two aphorisms I learned as a callow industry analyst all those years ago.

“If you don’t know where you’re going, any road will get you there.”

“Sometimes wrong – but never in doubt.”

Make 2018 a Better Year at Your Organization with Ivanti

If any or all of the above reads as just fine to you, great. Enjoy 2018, and good luck.

However, if any or all of the above seems shaky in any way – even just a little bit – it may benefit you and your organization to explore Ivanti’s solutions for IT asset management (ITAM), IT service management (ITSM), cybersecurity, endpoint and user experience management, and/or supply chain modernization. You know, just in case there might be an opportunity or two to automate, modernize, transform, and/or unify IT in ways that benefit your business, in 2018 and beyond. Just a thought…

The Ivanti Threat Thursday Update for November 30, 2017: Big Mac Attack?

Thu, 30 Nov 2017 17:25:01 Z

Greetings and welcome. This week, newly identified vulnerabilities in Apple’s macOS High Sierra, and new data leaks at a U.S. federal government agency. Got relevant opinions, reactions, and/or suggestions? Feel free to share. Thanks in advance.

Vulnerabilities Found in Latest macOS Release

As AppleInsider reported this week, a significant, new vulnerability was discovered in Apple’s macOS High Sierra. The flaw “can grant users access to the system administrator account on a target machine, enabling access to the account without requiring a password.”

Once empowered with System Administrator access, a user can “view all files stored on the computer in all user accounts, edit the credentials of other users, and alter other settings on the device.” The vulnerability “requires relatively few steps to accomplish, and takes advantage of a section within the System Preferences menu.”
Exploitation of the vulnerability “requires access to the computer either locally or with a Remote Access connection. It also needs an authorized user to be logged in to generate the Root account with no password.” “The ultimate protection against the exploit is to disable Guest access.”
Yesterday, Apple issued Security Update 2017-001, apparently intended to address this vulnerability. In an accompanying description of the Update, Apple said this: “For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.”
Ivanti partner Nine41 Consulting has published a blog post with links to a script that can remediate the vulnerability. It does so by setting a new password for the root account on a macOS system and disabling console access to that root account. The post also offers guidance for using the Autofix feature of Ivanti Endpoint Manager to remediate the vulnerability on all connected macOS systems during a security scan.

What We Say: Malefactors get faster and better at exploiting vulnerabilities in operating systems, applications, and networks every day. At the same time, macOS systems are growing in popularity at many organizations. Your organization must have in place tools and processes that help you and your team to identify and isolate new vulnerabilities and test and deploy corrective patches and updates as quickly as possible. Those tools and processes must be sufficiently agile and flexible to protect all of your critical systems, whatever operating systems and applications they are running. (See “Mac Users Be Aware: High Sierra Flaw Exposes Root” and “The Equifax Breach, Patch Management, and Your Cybersecurity.”)

Sensitive U.S. Government Data Exposed – Again

Another U.S. government agency inadvertently made sensitive data easily available online. This time, the information was the responsibility of a division of the National Security Agency (NSA).

As ZDNet reported, “The virtual disk image contains over 100 gigabytes of data from an Army intelligence project, codenamed ‘Red Disk.’ The disk image belongs to the US Army's Intelligence and Security Command, known as INSCOM, a division of both the Army and the NSA.”
“The disk image was left on an unlisted but public Amazon Web Services storage server, without a password, open for anyone to download.” “Chris Vickery, director of cyber risk research at security firm UpGuard, found the data and informed the government of the breach in October. The storage server was subsequently secured, though its owner remains unknown.”
“Vickery noted that the disk image also contains other sensitive files, including private keys used for the system to access other servers on the intelligence community's network. The keys belong to a third-party firm, Invertix, a working partner of INSCOM and a key developer of Red Disk,” a program designed to enable “sharing intelligence across the battlefield.”
“Unprotected [cloud-based] storage buckets have become a recurring theme in recent data leaks and exposures. In the past year alone, Accenture, Verizon, and Viacom, and several government departments, were all dinged by unsecured data.”

What We Say: The General Data Protection Regulation (GDPR) is due to come into effect on May 25, 2018. GDPR is motivating IT and cybersecurity decision makers at organizations of all sizes and types to look more closely at how and how well they are protecting the data upon which those organizations rely. This is particularly true for organizations that handle or store so-called personally identifiable information, or PII. Under GDPR, companies that fail to protect the personal information of European Union (EU) citizens will be subject to fines as high as four percent of global annual revenues or €20 million ($23.5 million), whichever is higher. Whether or not your organization does business with EU citizens, there is never a bad time to re-examine your data protection solutions and processes.

Ivanti: Your Partner for Multi-Layered Cybersecurity

Ivanti has the solutions, the expertise, the ecosystem, and the commitment to make effective, multi-layered cybersecurity a reality at your organization, today and tomorrow. We can help you keep your client and server system patches up to date, combat and remediate malware and other attacks, and gain flexible, non-disruptive control over your users’ applications, devices, and admin rights. Check out our cybersecurity solutions online. Then, contact Ivanti, and let us help you bring multi-layered cybersecurity to your organization. (And do please keep reading, sharing, and commenting on our security blog posts, especially our Patch Tuesday and Threat Thursday updates.)

The ICYMI Weekly Round-Up: November 13–24, 2017

Wed, 29 Nov 2017 04:10:40 Z

This Week’s Big News: It’s in the Warehouse!

If your company manufactures or sells almost anything, there’s a warehouse that stands at the nexus of supply, demand, and customer satisfaction. Yet in far too many cases, the technologies that determine the efficiency and effectiveness of that warehouse’s operations are outmoded, inadequate, scheduled to be discontinued by their vendors, or all of the above.

Fortunately, as you’ll see in several of the blog posts mentioned below, there are ways to modernize those technologies and the operations they support without having to “rip and replace” incumbent tools, processes, or people. Check out those posts, as well as Ivanti’s solutions for migrating old apps to new platforms, improving employee efficiency with voice enablement, comprehensive device management, and more. You’ll soon see that The Power of Unified IT™ extends beyond your organization’s offices and remote knowledge workers.

Recent Blog Posts

Mobility Opens Up Warehouse-Improvement Opportunities – get your warehouse up to speed by getting your warehouse employees moving with modern technologies.
Securing Your Company’s Digital Footprint – timely thoughts from guest blogger and cybersecurity expert Scott Schober.
Top 5 Healthcare IT Challenges: Webinar Recap – two healthcare IT leaders discuss how they are meeting the top challenges facing their industry today.
November Patch Tuesday 2017 – our monthly update of the latest vulnerabilities and updates released to address them, from Microsoft and other leading vendors.
Migration to Modern Mobile Platforms – how to transform the user experience for your warehouse workers, one app at a time.
Essential Guidance for Supply Chain Executives – exploring how to overcome the disconnect separating those who want modern, mobile warehouse applications and the executives who approve such investments.
The Ivanti Threat Thursday Update for November 16, 2017: It Only Takes One Opening… – weak passwords, online account hijacking, and a possible breach at a major retailer.
Efficiency Quick-Wins Stem from Warehouse Evolution vs. Revolution – insights from a webinar on warehouse efficiencies hosted by Ivanti and VDC Research Group.
Podcast Recap: The Inside Story from IT Security Consultant Pete Green – highlights from a podcast featuring Peter Green, Enterprise Information Security and Risk Management Professional at Forsythe Technology.
Simplifying and Benefiting from App Migration – useful guidance from a recent survey conducted by VDC Research Group.
Industrial Browsers to the Rescue! – more helpful recommendations from VDC Research about modern warehouse technologies.
Taking the Awesome Audit from Myth to Reality – ideas for making the truth match the hype about how painless compliance audits can be.
7 Essential Real-World Security Questions to Ask Today (Pt. 1 of 2) – questions 1 through 4.
7 Essential Real-World Security Questions to Ask Today (Pt. 2 of 2) – questions 5 through 7.
The Ivanti Threat Wednesday Update for November 22, 2017: If You’re Secure, Be Grateful – Intel chips at risk, and Uber reports a breach – from last year.
Ivanti Snags Homeland Security Award – Ivanti Identity Director chosen Best Identity Management Solution by American Security Today.

Coming Up This Week

On Nov. 29, Ivanti will be at the Cyber Security - Oil, Gas and Power conference in London, UK (through Nov. 30). We’ll also be hosting the ITSM Exchange in Kansas City, KS, and at the Los Angeles Cyber Summit trade show in Beverly Hills, CA. On Nov. 30, Ivanti will be at the UK Citrix User Group confab in London, UK, and at the Infosec Manchester seminar in Manchester, UK.

Mobility in the Warehouse: Obstacles and Opportunities

Mon, 27 Nov 2017 00:44:46 Z

Recent research by respected market watchers VDC Research Group indicates that mobility and modernization technologies are a top spending priority for warehouse technology decision makers. While such investments are critical, they must be made in ways that effectively address key challenges and pave the way for true operational and business benefits.

The Three Key Obstacles to Warehouse Modernization

For its recent white paper, Taking Advantage of Apps and App Modernization in Warehousing, VDC Research analysts surveyed some 143 professionals in North America and Europe. Respondents were all “responsible for the selection, purchase, and/or support of mobile solutions in warehouse deployment environments.” And most are already committed to modernizing the tools used in their warehouse operations, especially their mobile devices and applications.

Why? “A critical component of today’s digital transformation strategies is migrating legacy mobile applications running on aging equipment to take advantage of more sophisticated and functional modern mobile solutions and their intuitive interfaces. Today’s warehousing professionals face big changes in the ways warehouses, distribution centers and the entire supply chain operate. More facilities and larger spaces demand modern mobile communications and application access virtually everywhere on or off the floor.”

The result? “VDC data showed that 53% of IT decision makers supporting warehouse operations viewed their mobility deployments as immature.” Furthermore, “VDC’s data also showed that 56% of organizations plan on upgrading their existing fleet of mobile devices because these devices are nearing their end of life and/or the old age of their existing devices. In addition, the motivation to upgrade applications to a more visual and modern user interface was cited by one in four respondents as a critical factor influencing their upgrade decision.”

These desires confront the first two major impediments to warehouse technology modernization – old hardware, and old software. Legacy mobile devices simply cannot run modern applications. As VDC found, “many ruggedized mobile deployments used in warehouse deployments are text-oriented and keyboard-centric solutions.”

However, there are many challenges facing those decision makers when considering modernizing their warehouse devices and applications. Those cited most often by VDC survey respondents included application development and complexity of integrating legacy equipment and existing systems, as shown below.

To complicate things further, the leading operating systems running on many mobile warehouse devices are all approaching end of life. Microsoft’s Windows Embedded CE version 6.0 will reach the end of its life on June 10, 2018. Windows Embedded version 8.1 will do so on June 9, 2019, while Windows Embedded Handheld (WEH) version 6.5 will reach its end of life on January 14, 2020.

Some 35 percent of those surveyed by VDC cited this as the primary reason they are choosing to upgrade the mobile platforms in their warehouses. Preparing for these deadlines is “essential for any organization maintaining these deployments; the devices impacted are often required for day-to-day job-related activities/functions of their users.”

This raises the third critical obstacle to warehouse technology modernization: the need to modernize non-disruptively. “Deploying mobile solutions in a warehouse requires special care across numerous aspects due to its process-intensive nature, coupled with the fact that it is a core component of the manufacturing value-delivery mechanism. Thus, it is imperative that the deployment blends in smoothly with day-to-day activities and causes minimal disruption.”

Overcoming the Obstacles

“Modern mobile solutions offer opportunities to gain agility and speed, and can help in evolving warehouse professionals move away from processes that are governed by manual labor and paper-based tracking to one in which technology plays a vital role in better utilization of available resources and growing space restrictions.”

Getting to these benefits can be daunting. Migrating legacy applications, creating new ones, and integrating everything can be difficult, time-consuming, and expensive. “Many large enterprises have traditionally supported this through internal teams and are now sitting on often millions of lines of custom code with no clear documentation that ultimately needs recoding to leverage next generation platforms.”

Fortunately, effective, affordable alternatives now exist. Industrial browsers “incorporate critical data-capture technologies that are critical to the infrastructure and workflows in warehouse environments. When considering that many of the aforementioned legacy Windows applications are terminal screens, using an industrial browser is a logical means of porting legacy applications to modern mobile platforms.”

Industrial browsers “offer an opportunity to alleviate the pain of re- writing legacy applications, and will dramatically simplify the transition to new mobile platforms.” Increasingly, those modern platforms are running Google’s Android operating system, not Microsoft Windows. Running your warehouse applications on newer, Android-based devices offers “the opportunity to leverage your present IT infrastructure and gain access to your legacy systems, such as “green screen” telnet clients, on a modern mobile platform. New mobile platforms will be required as our workforce ages, and new entrants to the workforce will begin to expect modern mobile solutions.”

By adopting tools that enable minimally disruptive adaptation of legacy applications, your organization can gain greater control over the pace of migration. You can, for example, begin by moving to newer, Android hardware quickly, then move to new user interfaces and experiences as business needs and constraints dictate. This approach also makes it easier and more economical to integrate features such as voice enablement, and to add comprehensive device management to your environment.

Ivanti: Your Warehouse Modernization Partner

Ivanti Velocity eases and speeds porting your applications to Android devices. Ivanti Speakeasy makes voice enablement of warehouse applications fast and affordable. And Ivanti Avalanche brings “enterprise-class” device management to your warehouse. Ivanti works closely with device manufacturers, to incorporate control of their specific features into Avalanche. The solution is also highly scalable. Larger Ivanti customers manage tens to hundreds of thousands of mobile devices with Avalanche.

Whatever the specifics of your current warehouse mobility solutions, their underlying operating systems and hardware are going away, sooner or later. And you don’t want your organization to be the last of your competitors to adopt modern, Android-based solutions. Get your complimentary copy of the VDC white paper then explore our solutions online. We're happy to answer any questions you might have to get you on the path to effective warehouse modernization, starting now.

Better, Faster, Cheaper, More: Why Your Warehouse Needs Modern Mobile Solutions

Mon, 27 Nov 2017 00:02:00 Z

Your organization is likely already modernizing its core IT resources, to improve cybersecurity, asset management, user experiences, or all of the above. Recent survey findings from respected market watchers VDC Research Group offer significant incentives to extend these modernization efforts to your warehouse systems as well.

Your Warehouse: A Critical Customer Connection

Whatever you manufacture, distribute, or sell, if it spends time in a warehouse, that warehouse is a critical link between your enterprise and your customers. Warehouse operations basically determine the speed and accuracy with which every customer’s order gets fulfilled. Since people prefer to do business with those they trust, and everyone wants everything immediately all the time, warehouse operations directly affect your organization’s perception, performance, and profitability.

The recent VDC Research white paper, Taking Advantage of Apps and App Modernization in Warehousing, puts it this way. “Today’s warehouses are more complex than they were 10 years ago. Products and channels have proliferated, late-stage customization requirements have increased, the number of temperature environments has grown (e.g., cold chain, frozen etc.), and warehouse employee turnover remains high. Customer service requirements have increased; as a result, a greater percentage of products are picked by either the ‘each,’ the ‘case,’ or the ‘layer’ in the modern warehouse. Optimizing warehouse performance is becoming critical for organizations involved in the manufacturing, distribution, or sale of goods as they must find new ways to improve on-time shipment and receipts.”

Mobility: A Key to Successful Warehouse Modernization

For its white paper, VDC analysts surveyed 143 professionals in North America and Europe “responsible for the selection, purchase, and/or support of mobile solutions in warehouse deployment environments.” The top investment priorities identified by those respondents are illustrated below.

“The move towards omnichannel transactions has forced organization to make investments in a variety of technology to improve their inventory control, be more flexibility and faster, and achieve more accurate fulfillment. These factors are contributing to the need to convert warehouses and distribution centers into assets for competitive differentiation; VDC’s data shows that mobility will be front and center in this shift.”

Legacy Solutions Must be Modernized – Carefully

“Our discussions with warehousing professionals revealed that they remain laser focused on cost reduction; however, what is changing is the reliance on modern mobile platforms and data collection technologies. Technology must play an important role in helping to improve efficiency and accuracy in supply and distribution chains.”

However, current technologies will not suffice, VDC found. “More than half (56%) of the warehousing professionals we surveyed plan to upgrade their existing fleet of mobile devices because these devices are nearing their end of life and/or the old age of their existing devices. In addition, the motivation to upgrade applications to a more visual and modern user interface was cited by one in four respondents as a critical factor influencing their upgrade decision. This is notable, as many ruggedized mobile deployments used in warehouse deployments are text-oriented and keyboard-centric solutions.”

Warehouse technology decision makers can’t just “rip and replace,” either. “Mobility solutions for warehousing can either be a part of an overall IT strategy or a warehouse-focused engagement. Irrespective of the approach taken, deploying mobile solutions in a warehouse requires special care across numerous aspects due to its process-intensive nature, coupled with the fact that it is a core component of the manufacturing value delivery mechanism. Thus, it is imperative that the deployment blends in smoothly with day-to-day activities and causes minimal disruption.”

Ivanti: Modernization Without Madness

Ivanti has the solutions you need to modernize your warehouse applications with maximum business benefit and minimal operational disruption. With Ivanti Velocity, you can import legacy applications and emulate them on modern hardware, controlling the pace at which you replace incumbent systems and evolve your users’ experiences. Ivanti Speakeasy can voice-enable warehouse applications quickly and economically. And Ivanti Avalanche can give you granular control over up to hundreds of thousands of mobile devices.

Get your copy of the VDC white paper with our compliments by clicking on the link below. Check out our supply chain solutions online. Then, contact Ivanti, and let’s get started helping you build your warehouse of the future, today.