We live and work in a mobile-first, cloud-first world. But the cloud revolution hasn’t happened the way many people expected it to happen. Instead of organizations moving everything wholesale to the cloud in a “lift and shift” approach, it’s happened just like the introduction of every other “big new thing” over the last several decades: cloud technology has ended up being layered on top of what we’re already doing. So now we have desktop apps and SaaS apps and Web apps and mobile apps and cloud apps, and apps that defy categorization. (What is Office 365? Is it a desktop app? A cloud app? A mobile app? The answer is “D. All of the above.”) Read More
Ugh. Passwords. The concept has been around as long as civilization itself. But are they the best way to protect account access in the digital age? How do you insure that people use “strong” passwords? What is a “strong” password, anyway? And when is a password – regardless of its strength – not enough?
The difficulty from an administrative perspective is that the restrictions we impose on our users in an attempt to force them to create strong passwords are often counterproductive. If the password must be at least 8 characters long, must contain both upper- and lower-case characters and at least one numeric and one “special” character, and cannot be a word that’s in the dictionary and must be changed every 90 days and cannot be a password that you’ve used before, you’ve almost guaranteed that it’s going to be written down somewhere because it will be nearly impossible to remember.
So what’s an admin to do? Well, there are some guidelines that we can give users to help them create strong passwords that are easy to remember. Read More
I got an interesting email this morning. It was “from” one of the owners of Xiologix – but the return address was a bit odd: “firstname.lastname@example.org” As this unfolded, it became obvious that this was a classic “spear phishing” attack. I’ll run you through the email exchange for entertainment purposes, and then talk about the lessons to be learned here. The original message was short and sweet: Read More
Well over a decade ago, at a Citrix conference, I saw an amazing video. It showed a team of people in geographically separate locations collaborating to solve a business problem, sharing access to applications and data in the process. It showed a business person leaving his office, and having his running applications seamlessly follow him to a mobile computing device in his car, then, when he got home, seamlessly follow him to the computer in his home office, all the while continuing the collaboration session with his teammates. At the time, none of this technology existed outside of developers’ imaginations (and whatever prototypes they might have been working on in their labs).
Today, not only does the technology exist, it is relatively commonplace. Telecommuters access data and applications with performance that is every bit equal to that of their colleagues in the office. Engineers work on CAD drawings remotely with no loss of performance or graphic resolution. Radiologists can view a diagnostic image on an iPad from the sidelines of their child’s soccer game. Companies have discovered the cost savings available from Bring Your Own Device (BYOD) programs. And it all goes back to the basic vision that work is something that you do – it is not necessarily a place where you go. Read More
Citrix XenApp v6.5 hit EOL June 30, 2018
Citrix XenApp v6.5 was a great, stable product release. XenApp v6.5 on Windows Server 2008R2 has been the workhorse for lots of organizations for a long time. But it’s time to move on. If you’re still running XenApp v6.5 you need to know a few things. First, it hit “End of Maintenance” a month ago (December 31, 2017). That means there will be no more product upgrades or updates released, and that means that it will be a security risk to continue running it, and that risk will increase every day. Second, it will hit “End of Life” on June 30, 2018, and that’s not very far away. At that point, you will be pretty much on your own. There may still be some support information available in the support forums or documentation library, but that information will no longer be updated. And there will be no product support from Citrix, unless you’re willing to pay a lot of money for it. So what are your options? Read More
If you’re still running XenApp v6.5, you know you need to develop a migration plan. XenApp v6.5 hits “End of Maintenance” – after which there will be no further code maintenance – at the end of calendar year 2017, and End of Life on June 30, 2018. So if you don’t have a migration plan in place, you don’t have a lot of time to develop one. Furthermore, if you’ve been tracking the evolution of the XenApp and XenDesktop products, you’ve probably noticed that new releases are coming more frequently these days as new and enhanced functionality is added to the products. That’s both good news and bad news: good news because the products are getting better and better, bad news because upgrading your Citrix infrastructure can involve a significant work effort. It is not unusual for a XenApp or XenDesktop infrastructure upgrade to take 100 to 120 hours of work effort on the part of your own IT team, if you have the skill set in-house to do it, or on the part of your Citrix consulting partner if you don’t. Read More
Some years ago, we knew RSA as the company that made those key fob tokens for dual-factor authentication. Indeed, they were pioneers in the multi-factor authentication space, and to my knowledge, no one has ever found a way to successfully beat their SecurID token-based authentication. But RSA is so much more than that these days. Even the venerable SecurID product has grown into a powerful and flexible Identity Management solution.
Unfortunately, “powerful and flexible” can sometimes translate into “I’m not sure where to start with this.” So here are three questions that may help you get on the right track: Read More
The cyberwar over who will control your PC and the data on it has been dragging on for literally decades, with no end in sight. Malware is big business. It isn’t about just wreaking havoc for the heck of it anymore – it’s about monetization: incorporating your system into a botnet that can then be rented out on the Dark Web, stealing your identity and sensitive financial information, or encrypting your data and holding it for ransom. This latter version, so-called “ransomware,” rakes in tens of millions of dollars annually from its victims, and, as we’ve stated previously, has proven to be one of the most challenging forms of malware to protect against. Read More
Veeam and Cloud Replication
If you’re using Veeam to back up your virtualized server environment, congratulations! You’re using one of the best products on the market for enabling the “always on” enterprise. But what are you doing for disaster recovery? Do you have an automated process for getting a copy of your most critical data out of the building, and a way to run critical applications somewhere else if your data center is destroyed or rendered inoperable by fire, flood, or other disaster? Read More
**UPDATE** October 12, 2017
Microsoft has now released an update to their earlier announcement. They have clarified that, as of October 31, RPC over HTTP will no longer be supported on Office 365, but the protocol will not actually be removed. This means that Outlook 2007 will not suddenly stop working as a mail client against Office 365 as of October 31. It does mean that "the quality of the mail experience will decrease over time," as it will no longer be a supported protocol, and Microsoft will no longer be issuing code fixes or updates for non-security-related problems.
In early July, Microsoft made an announcement that you may not have noticed. As of October 31, 2017, RPC over HTTP – which several generations of Outlook have used to connect to Exchange servers remotely – will no longer be supported in Office 365 (or Exchange Online, if you’ve subscribed to that as a separate service). Instead, Outlook clients will have to use MAPI over HTTP, which was introduced in May, 2014. This has important implications for all subscribers (and prospective subscribers) to these services. Read More