The Newberry Group Blog

Archived Categories

Sort By: Title   |   Blog Date
Tuesday, August 19, 2014

Keeping Student Data Secure in Education

As students and teachers alike are embracing online learning tools, a need for better internet security in schools is becoming more apparent. The recent report on tech adoption in education by the Consortium for School Networking (CoSN) and the New Media Consortium (NMC), highlights this trend of hybrid learning models that “blend the best of classroom instruction with the best of Web-based delivery.” However, the report also points out that the safety of student data is considered a “difficult challenge” and “solutions are elusive.”

While internet security is a pervasive issue for all industries, schools deserve some extra attention. Along with the increased need for bandwidth to access online courses and tools, students and teachers are all too quick to share personal information through the internet. Schools need to carefully plan their network security in much the same way they plan their physical security. There has to be a good balance between access and security.

The solutions for balancing the security of student data with providing the right level of access required in today’s learning environment don’t have to be “elusive.” There is a full suite of solutions, such as network access controls or web filters, that are available at affordable prices and can offer the necessary protection for K-12 schools up through universities.

So what should you look for in a solution? Here are some good starting points:

  • URL Filtering – In 2013, 85% of malicious links used in web or email attacks were located on compromised legitimate websites. Controlling which websites can be accessed can limit the possibility of malware infecting your network.
  • Secure Data Transfer – An estimated 6% of all PCs will suffer at least one episode of data loss per year. 20% of all laptops suffer hardware related data loss in the first three years. A good IT strategy implements an off-site backup solution for important data. In an education environment, that would include student records. Securing this transfer of data is necessary as not only can the physical data be accessed but the transmissions of that data can also be intercepted.
  • Mobile Device Security – On average, network administrators are only aware of 80% of the devices on the network. In an educational setting, where nearly every student has a mobile device with the ability to connect to a local network, this figure is most assuredly much lower. Utilizing an agentless solution that discovers devices as soon as they access the network will protect vital information such as student records and institutional data while allowing the proper access necessary for the learning environment.
  • Bandwidth – With the inclusion of streaming media in today’s curriculum and the distribution of network resources across a geographically separated campus, load balancing bandwidth is essential to providing consistent access for both students and faculty
  • Efficient Configuration – School IT departments are minimally staffed. And often, the staff is simply challenged by time and resources just to maintain let alone implement and improve the network. Solutions that are easy to configure and maintain yet provide robust security features are a must.

Posted by: Gerald Kennedy
 | permalink

Wednesday, July 23, 2014

How to Choose Security Solutions for Mobile Healthcare - Part 2

To read Part 1 of this series, click here.

According to the HIMSS Analytics 3rd Annual Mobile Survey, the top benefit to having mobile tech in facilities is increased access to patient information, and the ability to view data from a remote location. But this means there are thousands of devices accessing a provider’s network. In order to select a proper security solution that not only meets HIPAA requirements but offers the protection for medical device end points in use, medical IT Administrators must look at a number of factors:

  • What is on my network? This is the first and most important step in providing a secure IT enterprise. Many IT administrators believe they know what devices are on their network. However, healthcare facilities are littered with transient devices such as personal phones and tablets, patient monitors and diagnostic tools that have unique and often antiquated operating systems. These devices may only show up on IT networks once a week or perhaps once a month. It can be a daunting task to know exactly what is connected to the IT enterprise.
  • Controlling BYOD. Practitioners, nurses, and administrative staff often use their own unregulated devices, such as phones and tablets, to record data and communicate with staff and patients. Add to that the fact that many facilities offer open WiFi to their patients and guests. This creates a massive amount of end points that are not monitored and leave the IT enterprise vulnerable to malware, viruses, and advanced persistent threats. Survey findings shows that 32% of hospitals are not even using technology to enforce their BYOD policies.
  • End Point Compliance. Knowing what is on the network is one thing. Keeping known devices compliant is something else entirely. Security of an IT Enterprise is only possible through awareness. Once the devices are discovered IT administrators must be certain that they remain compliant. Having the ability to confirm applications and disable those that are unauthorized, verify whether or not the devices meets established security policies, knowing if the device is compliant with the latest security patch and antivirus definitions is essential.
  • Cost vs. Risk. While the Federal Government provides some mandates that direct medical IT Administrators to protect patient data, the healthcare IT network remains largely susceptible to your average hacker. It is up to each healthcare IT Administrator to protect the physical network to the degree they feel necessary to secure data and network end points. Healthcare budgets, like many vertical industries, are balanced toward production vs. protection. In the HIMSS Analytics survey, lack of funding was the most common barrier to implementing a security solution. An effective solution with low cost of ownership is necessary. And while incentive programs such as EHR Incentive Program may seem to add balance to this in favor of the healthcare facilities, the incentive received is certainly not equivalent to the cost of losing patient data.

Network administrators can’t secure what they can’t see. It is imperative that administrators have access to real-time visibility of everything on their network and be able to control what is on their network at all times. When choosing a solution that meets all of these requirements, look for one that is simple to install on your network, without the need for agents or client software.

If you’d like to talk more about end point security solutions or need help, get in touch with us!

Posted by: Gerald Kennedy
 | permalink

Monday, July 21, 2014

How to Choose Security Solutions for Mobile Healthcare – Part 1

The last time I visited to the doctor, he recorded everything on a tablet device. While it’s convenient, mobile security is always at the forefront of my mind. I was doing a bit of reading on mobile security and came across the Medicare and Medicaid (CMS) Electronic Healthcare Records (EHR) Incentive Program. This program gives healthcare providers a financial incentive for demonstrating the meaningful use of certified EHR technology or for adopting, implementing, or upgrading EHR technology. EHR technology allows providers to easily record and share patient data so that it’s consistent and readily available throughout the provider chain. This is certainly a great benefit to all healthcare providers as well as patients. No need to transfer records and records can be updated in real time through hand held devices, patient monitors, or diagnostic tools connected to the network.

However, broader access to electronic databases and the use of additional devices to access that data only adds to the already vulnerable IT environment within the healthcare industry. IT components within healthcare are already severely susceptible to hacking and advanced persistent threats. Medical device end points, such as monitors and diagnostic tools, could have severely outdated operating systems that don’t lend themselves to standard patching processes. Even personal healthcare devices, such as insulin pumps, have known vulnerabilities as demonstrated by Jerome Radcliffe when he hacked his own insulin pump. These weaknesses, coupled with the fact that medical practitioners regularly bring their own smartphones and tablets and are often unregulated at many facilities, leaves a provider network open and vulnerable.

The HIPAA Security Rule provides standards for the securing of electronic health information. These rules are in place to protect patient data through access control, audit controls, integrity controls, and transmission controls. While important, they rely on the provider to select and implement the necessary security solutions to prevent a data breach. And without proper security for personal and medical end point devices, it is only one finger in a dam that has many holes.

Stay tuned for Part 2 later this week where I discuss the factors to consider when looking at different security solutions.

UPDATE: Part 2 is live! Check out: How to Choose Security Solutions for Mobile Healthcare - Part 2

Posted by: Gerald Kennedy
 | permalink

Monday, June 09, 2014

Case Study: Optimizing Barracuda Load Balancer to Meet Web Application Demands

Barracuda Load BalancerChallenge:

A regional energy cooperative wanted a way to provide seamless application availability for their customers and scalable performance for future growth demands. Their current Barracuda Load Balancer and Oracle ERP solutions were deployed by a 3rd party using a method that would significantly impact performance and scalability in their  virtualized environments.  With a deadline on the horizon, they needed a solution that offered both flexibility and availability while minimizing complexity.


Newberry conducted a network and infrastructure assessment and found that the current Load Balancer and ERP deployment would only meet a fraction of the organization’s web application demands.  Newberry’s engineer worked closely with the customer to fine tune their Barracuda Load Balancer and rebuild their Oracle ERP system from the ground up while keeping the principles of scalability and application uptime at the forefront.


Newberry enhanced the organizations ability to manage and scale critical application environments by:

  • Creating custom Load Balancer services and rules to automate application failover, rewrite URL requests for cross-platform compatibility with Oracle, and utilized URL redirection to simplify end user navigation during their initial orientation.
  • Tuning the Load Balancer’s application layer for session persistence and Layer 7 health monitoring.
  • Clustering the Load Balancers together using High Availability for seamless failover and web application availability.
  • Identifying I/O performance bottlenecks in virtual and networking environments.
  • Redesigning the customers ERP architecture by reducing complexity and adding additional nodes which resulted in doubling the amount of concurrent users and sessions available.
  • Training and knowledge transfer with System and Network Administrators covering operations, maintenance and advanced troubleshooting.

Why Newberry Group?

As one of the few Barracuda partners that can support the entire product line beyond what was required by this customer, Barracuda immediately turned to Newberry to make this project a success. Newberry’s Barracuda-certified engineers brought their in-depth knowledge, experience and passion for technology that was needed to exceed the demands of this time critical project.

Posted by: Nicholas Trifiletti
 | permalink

Tuesday, May 20, 2014

Case Study: Protecting a Large-Scale Federal Network with Sourcefire NGIPS

Sourcefire logoChallenge:

A Federal agency recognized that they needed to improve their threat protection by monitoring all traffic as it passes through their gateways without hampering their network performance. This agency knew that malware was entering into their network enterprise but was not able to detect it.  Due to client data sensitivity and the need to ensure the security of the network for their customers, they needed to be able to apply customized protections as quickly as possible.


Newberry Group partnered with Sourcefire to provide a solution that included multiple Sourcefire Next-Generation IPS Sensors at the four main data centers. The Sourcefire IPS solution provides the agency with real-time contextual awareness and threat protection with the ability to act intelligently and automatically when an internal host is affected by a client side attack.


With Sourcefire’s NGIPS, Newberry Group helped the customer meet performance and customization demands so that the agency has access to:

  • Real-time contextual awareness with the ability to see and correlate extensive amounts of event data related to their IT environment—applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviors, files and threats.
  • Advanced threat protection to discover, assess and respond to hacking activities, intrusion attempts and vulnerabilities in order to stay ahead of threats.
  • Intelligent security automation with event impact assessment, IPS policy tuning, policy management, network behavior analysis, and user identification. This significantly lowers the total cost of ownership to the agency and enhances their ability to keep pace with changing environments.

Posted by: Tony Hausmann
 | permalink

Monday, April 21, 2014

Case Study: Installing a Websense Web Security Filtering Appliance


Websense logoA Federal agency recognized that they needed to improve their current web security solution to allow for better filtering of the Internet traffic coming in and going out of their network.  They needed to provide for data loss protection, as well as utilize real-time analysis of malware and recognized advanced threats with the ability to perform forensic activities. They needed the solution to provide protection for local and remote users as well as support multiple campus sites.  Additionally, in the end, they wanted to be able to centrally manage the system post-deployment and develop reports for Executive staff and trend analysis.  Thus the solution needed to have an easy to use interface that allowed for the monitoring and management of the entire system from a single location.


Newberry Group partnered with Websense to provide a technical solution that included multiple Websense appliances and the implementation of the Websense Web Security Gateway Anywhere (WSGA) solution installed at a main campus and a satellite location.  The final solution included the following:

  • Scalable deployment for up to 12,000 users with high availability and automated failover and load balancing.
  • Deployment of Websense’s TruHybrid solution that protected the agency’s branch offices and remote and mobile users.
  • Provisioning through a single unified interface.
  • Deployment of Websense’s TruDLP to prevent data loss and enable compliance with agency and NIST standards and policies.
  • Real-time analysis utilizing Websense’s Advanced Classification Engine (ACE) and threat intelligence from Websense’s ThreatSeeker Intelligence Cloud.
  • An advanced threat dashboard providing actionable forensic detail on who was attacked, what data was attacked, where the data almost went, and how the attack was executed.
  • File sandboxing to protect the environment from advanced malware.
  • Training of Websense Administrators on system operation, maintenance and report generation.


Newberry enhanced the agency’s overall environment by optimizing the customers filtering and security monitoring.  The agency now has the ability to:

  • Identify and monitor security vulnerabilities while being supported by manufacturer recommendations, industry best practices and compliance requirements.
  • Implement security configurations for web filtering policy down to a user level.
  • Provide reporting documentation to support security investigations or remediation.
  • Direct reach-back to Newberry engineers and Websense Premium Support

Why Newberry Group?

As a preferred Federal Executive Partner for Websense, Certified Triton Integrator, and Authorized Training Center, Newberry can offer a full scope of products and services to each of our clients. Our in-house certified Websense engineer trainers are able to provide a wide range of professional services that include integration, configuration and installation of Websense technology as well as standard and customized training courses to meet a client’s specific needs.  

Posted by: Valerie Root
 | permalink

Thursday, March 13, 2014

Case Study: Ensuring Network Health with ForeScout CounterACT

Newberry Blog | ForeScout Logo and CounterACTChallenge:

A large Midwest firm wanted to allow employees and guests to access to their networks and internet regardless of the device being used. They also wanted a way to ensure anti-virus and security vulnerability patches were up-to-date on their own Windows devices.

The company needed a solution that provided visibility of their network and attached devices, provided an agentless capability, and was easy to install and manage. Compatibility with the client’s current switch and MDM vendors was another key factor as well as ensuring it could move forward with a future global deployment.


Newberry partnered with ForeScout to provide a plan around the CounterACT solution. The client tested the solution for more than a month to ensure that the product worked well with the existing infrastructure, that it was easy to use, and that it would not cause network disruption.

CounterACT also provided the organization with a large amount of instant information they did not have access to previously. Now they can see who’s connected to specific switches, see who was the last person to log into the network on a specific Windows PC or user IP address, then enforce policies against those devices and machines attempting to connect.


Forescout CounterACT enhanced the health of the customer’s network by providing:

  • A more efficient and effective way to control network access (authority to connect) and ensure endpoint compliance.
  • Real-time inspection and easy manageability of guests, contractors and employees using a variety of devices to connect.
  • The ability to enforce security policies to only allow devices on the main network that have up-to-date antivirus, OS, and application patches.
  • The ability to quarantine any noncompliant devices and devices with viruses and immediately reduce the threat of malware entering the network.
  • An agentless solution with unprecedented compatibility with over 16 switch vendors and multiple MDM, antivirus and antispyware vendors.
  • Fewer resources required for network access control (NAC) deployment, maintenance and administration

With ForeScout CounterACT, Newberry was able to quickly improve the customer’s network health and provide an automated solution for network access control, mobile security and endpoint compliance. Do you have a similar network access situation? Learn more about how Newberry can help.

Posted by: Tony Hausmann
 | permalink

Thursday, February 13, 2014

Case Study: Optimizing a Barracuda Web Application Firewall cluster

Barracuda Logo and Web Application FirewallsChallenge:

A Federal agency had recently purchased ten Barracuda Web Application Firewalls (WAF) from another vendor and had installed the devices themselves.  However, since the Barracuda WAF solution was new to them and the configurations were transferred from another solution, they were unsure if they had installed the devices in the most optimal setup.  


The agency relied on Newberry for a technical review of the installation of ten Barracuda Web Application Firewalls to validate operational efficiencies, infrastructure design, and to determine if deployed security policies for protected sites were effective in protecting from external threats.

How We Solved the Problem:

After determining the intended functionality of the configuration, Newberry’s Barracuda-certified team used current network diagrams to review the logical placement of each WAF in their respective data flows to determine correct placement and deployment method.
A full review of the WAF environment was performed to determine if the services, security policies, advanced security protection features, and administrative access controls were appropriately set up to protect against external threats and comply with NIST standards and agency policies. The configuration of enabled services such as High Availability (HA), Load Balancing, Data Theft Protection and Caching/Compression were also reviewed to ensure optimal performance and adherence to Barracuda’s recommended configuration.
Our team also analyzed firewall logs and reports to identify any security vulnerabilities and made configuration recommendations to enhance performance and offer a greater level of security.


Newberry enhanced the overall performance of the customer’s network and WAF configuration by:

  • Identifying security vulnerabilities that were supported by manufacturer recommendations, industry best practices, known vulnerabilities, and compliance requirements.  
  • Providing fixes for the identified vulnerabilities
  • Offering recommendations for enhancing security and performance of the WAF and the overall network
  • Lastly, providing a report of the assessment/configuration that included a management summary and the technical findings.  

Why Newberry Group?

As one of the few Barracuda partners that can support the product line to the extent that was required by this customer, Barracuda immediately turned to Newberry to conduct this review. Newberry’s Barracuda-certified engineers brought the in-depth knowledge and experience needed to perform even the most intricate configuration and troubleshooting tasks.

Need help with your Barracuda product installation? Learn more about how we can help.

Posted by: Steve Carney
 | permalink

Wednesday, November 13, 2013

Building Effective Teams

Newberry Blog | Building Effective Teams Exceptional individual performer, or team player; which is more rewarding and which is more valuable?  Most organizations talk “team” but unfortunately many primarily recognize and incentivize individual performance.  Further, some organizations unwittingly go out of their way to attract and promote people who actually resist the idea of linking their performance to someone else or the “greater good.”  They seek out the lone wolf with the gaudy numbers for that silver bullet fix and regrettably those gaudy results are often achieved at the expense of others and the long term health of the larger organization.   It is a fact in both team sports and business that a seamlessly executing team is the best way to accomplish complex tasks and sustain long term exceptional performance.  Effectively integrated teams are also central to cutting across boundaries to get things done - - truly becoming organizationally agile and successful.

So in a short-sighted world that glorifies and rewards the individual in spite of the proven negative consequences to sustained performance, how do you assure the building of effective teams?  Fortunately experts like Michael Lombardo and Robert Eichinger have some ideas:

Practice #1:  Have a Plan.  A clearly articulated plan energizes, aligns, brings focus, encourages efficiency, and empowers.  Involve team members in creating that plan and you will only enhance their energy and commitment to “The Plan”.

Practice #2:  Run Interference.  An effective team leader has made the effort to become a “Maze Bright” organizationally agile person and is therefore an extremely good advocate for their team.  As discussed in my July 28, 2013 blog on Organizational Agility, no skill is more respected by your team. When you can go off into the wilderness of the organizational maze and consistently come back with results that benefit your team and make their professional lives easier, their loyalty to you, the team, and “The Plan” is assured.

Practice #3:   Make a Concerted Effort to Communicate and Inspire.  Show an interest in the work of your people, adopt a learning attitude toward mistakes, celebrate successes, have visible measures of success.  Invest time in understanding each person uniquely.  You don’t have to agree with them, you just have to understand them.  Give them the benefit of your thinking, particularly with respect to key objectives.

Practice #4:  Build a sense of joy and fun in the team.  Learn to celebrate wins.  Use humor and support it in others; look for opportunities to build group cohesion outside the office.

Building a “Dream Team” is not an easy task.  Blending individual talents and ensuring that you are taking advantage of each person’s strengths and avoiding unreasonable exposure to each person’s weaknesses is hard.  However, it is very much worth the effort.  High performing teams establish an uncommon trust between the team members in which individuals value the team above their own singular objectives.  Weaknesses are not considered “bad.”  They simply represent opportunities to cover for each other for the good of the team and take part in achieving a shared ultimate objective.  When the team is at its best, this exceptionally valuable behavior happens without any ill feeling, it just happens.  In the words of John Wooden, the immortal College Basketball Coach, “The main ingredient of stardom is the rest of the team.”

Posted by: Christopher Steinbach
 | permalink

Wednesday, October 30, 2013

The Responsibilities of Cleared Personnel

Newberry Blog | image of cyber handWith October being National Cyber Security Awareness Month, this is a good time to think about the responsibilities that come with having a security clearance. It’s especially timely with the recent high profile security events of Chelsea Manning, Eric Snowden, or Aaron Alexis. We may seem surprised by their actions, but if we think back to Aldrich Ames or Robert Hanssen, we see that these events are not the first of their kind.

When we obtain security clearances as government employees or contractors, we take on a multifaceted obligation: protect the technology and information that we have access to, ensure that others are doing the same, and ensure that we and our colleagues remain fit to work in a secured environment.

Once we complete the background investigation and possible polygraph process, we are given strict guidelines in how we handle and protect information from both a technological and a philosophical perspective. No matter how obvious it may or may not be, the information we access is directly or indirectly related to the safety and well-being of our warfighters abroad, our allies, our state department representatives, and even civilians. Even if you encounter information or programs that you disagree with from a philosophical, moral, or legal perspective, there are internal government avenues to voice your concern without jeopardizing the information to the general public. Choosing the avenue of public disclosure only serves those who wish to harm our interests or freedoms. That route is very treacherous, possibly traitorous and most likely illegal.

Even though you may be confident and diligent in your efforts to protect information, that doesn’t mean those around you are thinking the same way. It is equally your responsibility to be observant of the actions taken by others working with sensitive information. When suspicions arise, muster the moral courage to approach the appropriate personnel and report your concerns.  Quick action could result in stopping a serious security incident.

Lastly, we must be cognizant that we and our colleagues are displaying the mental capacity to operate in a secure environment. Working in a secure setting can easily create a false sense of security and we assume that individuals around us are just as fit to be there as we are. However, secure areas are just as susceptible to criminal activities as an urban street corner, including anything from theft to shootings. There appears to be a growing number of mentally unstable individuals who have somehow slipped through the security screening process or co-workers who are upset by a life event that feel impelled to pursue indiscriminant or directed attacks against co-workers. We must be alert to suspicious signs and have the moral courage to approach or report those who may no longer be fit to work in a cleared environment.

Some view the Mannings and Snowdens of the world as whistleblowers or even heroes. However, the information they released was not theirs to disclose or release and may ultimately seriously affect the freedoms of Americans. Conversely, attacks within a cleared setting, such as the recent Navy Yard shooting attack, raised concerns about the security screening process.  These unfortunate recent events can serve to reiterate that protecting information and maintaining a secured environment is an ongoing responsibility for everyone with a security clearance. By following tried and true policies and procedures the right outcome can be achieved.

Posted by: Steve Cadogan
 | permalink

Page size: