3 Takeaways for the KRACK WPA2 Vulnerability

WiFi Security and WPA2

Over the last 48 hours security researchers have discovered new weaknesses in the WPA2 Wi-Fi security protocol which could allow hackers to steal sensitive info or even inject malware into networks and network devices, with mobile devices being particularly vulnerable due to the proliferation of native apps which may not implement app-level encryption.  

As stated on KrackAttacks, the weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. 

The attack works by focusing on the four-way handshake used by WPA2 to confirm that client and access point have the correct network password and to negotiate a new encryption key to be used to encrypt all subsequent traffic. 

To prevent the attack, users must update affected products as soon as security updates become available. 

1. There is no silver bullet for cyber threat prevention; nothing is secured forever. Vulnerabilities will always await discovery and be subject to exploitation. Developers call them “bugs”, but we must all learn to speak the same language, and adopt a holistic layered approach.

2.  SANS Institute describes the term layered security as “a defensive strategy featuring multiple defensive layers that are designed to slow down an attacker”. The military uses similar tactics called “deep defense” or “defense in depth,” where their goal is to slow an attack, causing enemy casualties. In the digital world, this means causing delays for the attackers and detecting them before they can do serious damage. In some cases, a properly implemented layer may act as a strong enough deterrent to cause the attacker to look for an easier target.

3. Although an attacker may gain wireless access into your network, a layered security approach will ensure that the hole discovered can’t be exploited. By adhering to best practices like keeping systems patched and updated, implementing user roles and group policy, having end-to-end network segmentation in place to limit the spread of malware and free reign of bad actors, utilizing multi-factor authentication (MFA), securing data with data at rest and in-flight encryption, and taking advantage of app-level encryption where possible. 

If you’d like to discuss the threat landscape and how things like this WPA2 crack happen, best practices for adopting a holistic security approach, or the unique challenges inherent to your business, please reach out to me directly. We’re here to help. 

Myriad Congratulates Employees Celebrating Anniversaries this Month

October Anniversaries

At Myriad, we believe that whether personal or professional, anniversaries are a special event in a person’s life. This month, we are celebrating the work anniversaries of seven exceptional members of the Myriad team. Huge congratulations are due to:  

AnniversaryTemplate_Mario (002)Celebrating: 12 years 

A lot has changed for Mario since becoming Myriad’s very first engineer (lucky #7 employee) twelve years ago. Now he is leading and growing the Solutions Architect team, driving pre-sales engineering capabilities farther as Solutions Architect Manager. “I enjoy working with everybody on the pre-sales & post-sales side of the house. Everyone is compassionate, caring and understanding. We all try our best to get the job done right.” 

Best Myriad memory: “It’s been a great journey and rewarding experience to be part of the Myriad family since the beginning when it was just 7 of us –  a true startup! I remember wearing many hats, from testing Cisco 1700 routers and WIC-1DSU-T1’s (now vintage) to working in sales, returns, purchasing and shipping departments! I love being a part of a place where I’ve been able to witness both my career path and the company grow firsthand.” 

AnniversaryTemplate_StaceyCelebrating: 7 years 

Over her illustrious career, Stacey Solomon was promoted four times from Purchasing Assistant to her current role as Director of Purchasing, and it’s no secret that her passion for her job led to her success. “My favorite thing is the feeling that I have waking up and coming to work every day.  I really love my job and working here at Myriad.” 

Best Myriad memory: “The first holiday party. I recall us all piling into limos and heading to Wolfgang’s for dinner. It was my first time riding in a stretch limo so I was pretty excited.” 

AnniversaryTemplate_Will (002) Celebrating: 4 years 

William Sze believes the people and the culture are what make Myriad great. He was promoted to Staff Accountant two years ago and knows crunching numbers can be a tedious job, but “the people and culture at Myriad make going to work every morning much easier.”  

Best Myriad memory: “All of our parties!” 

AnniversaryTemplate_Erin (002)Celebrating: 4 years 

After joining the company as an Operations Assistant, it’s wasn’t long until her talent for hiring A-players shown through. Transitioning to her role as Hiring Coordinator 2 years ago, Erin’s favorite parts of her job are “the 1-1 coaching sessions, great coworkers, and ability to create my workflow.”  

Best Myriad memory: “Announcing the LGBTQ+ inclusive Employee Resource Group at a company-wide meeting.” 

AnniversaryTemplate_KarenCelebrating: 3 years 

As one of the warmest, friendliest Myriad team members, it was no surprise that when asked what her favorite thing about working about Myriad, Karen’s answer was simple: “The people.”  

Best Myriad memory: “When one of the members of our team experienced a fire at her apartment, I’ll never forget the way the office rallied together to support one of our own.” 

AnniversaryTemplate_AlbertLiCelebrating: 2 years 

As a Pricing Support Specialist, Albert notes that the encouragement he receives through the coaching sessions is one of the reasons he’s so great at helping our clients. “It’s amazing to know you have the support of those around you when you’re trying to achieve ever larger goals.” 

Best Myriad memory: “The first week when I started here. I remember clearly being welcomed by just about everyone I ran into that day. The environment was just so friendly that it’s stuck with me since then.” 

AnniversaryTemplate_ChelsCelebrating: 2 years
Chelsea joined Myriad as an intern and quickly became an Events and Community Coordinator soon after. She attributes her success to cross departmental support and collaboration. (“And the unlimited supply of peanut butter doesn’t hurt either!”) 

Best Myriad memory: “2017 Myriad Summer Party Pop-A-Shot Tournament, although losing in the first round to our VP of Sales who still reminds me to this day that he beat me by TWO POINTS. It was great to see fierce match-ups and an excited audience gather around for this event.” 

Thank you to Mario, Stacey, William, Erin, Karen, Albert and Chelsea for your dedication, drive, and geniality. We look forward to seeing more of your accomplishments in the future!  

Myriad Participates in Race Commemorating Heroic First Responder’s Route

Tunnels to Towers

On September 11th, 2001, firefighter Stephen Gerard Siller (Brooklyn’s Squad 1) had finished his shift and was on his way to meet up with family. The moment he received word over his scanner that a plane had hit the World Trade Center’s North Tower, he turned around and headed back to the firehouse. After calling his wife, he retrieved his gear from Squad 1 and drove his truck to the entrance of the Battery Tunnel, which had already been closed for security purposes.

Strapping sixty pounds of gear to his back, he raced on foot through to tunnel to carry out his duty as a first responder, and gave up his life helping others at the age of 34. In honor of Stephen’s legacy, the Tunnel to Towers race has become a yearly event where firemen and citizens alike—some of whom carrying 60lbs of gear to further honor Stephen’s heroic actions—run the same 5K route through the tunnel and ultimately to the Twin Towers. Held the last Sunday of September, Tunnel to Towers is one of the top 5k runs in America.

As residents of NYC, this foundation is near and dear to Myriad team members’ hearts. This year, the race had roughly 30,000 participants, including 11 members of the Myriad team. Funds raised by the event benefit programs such as Building for America’s Bravest, a program that builds mortgage-free homes for injured service members, NYC First Responder Fund, which supports the families of first responders who have lost their lives in the line of duty, and the 9/11 Never Forget Mobile Exhibit, a high-tech 53-foot tractor-trailer that educate citizens throughout the country about the events of that tragic day.

The Stephen Siller Tunnel to Towers Foundation holds close to fifty events in over twenty-five states yearly to benefit these programs. Events include communal meals, run/walks, and 102-flight stair climbs to pay homage to the 343 FDNY firefighters, 71 law enforcement officers, and thousands of civilians who lost their lives on September 11, 2001.

Myriad is so proud of our team that participated in the race this past weekend. If you’d like to learn more about the Tunnel to Towers foundation or participate in an upcoming event, please visit Tunnel2Towers.org.

 

Intel Debuts New Scalable Processors

What An IT Salesperson Actually Does

It’s about that time again when everyone is talking cores, threads, and gigahertz.  Intel is starting to roll out their newest line of Xeon processors, which are being referred to as “scalable processors” powered by the new Skylake-SP core.

The existing architecture had limitations around the number of cores and threads that Intel has been trying to solve for several years.  Rather than simply adding iterative improvements to existing processors, this latest processor family from Intel has been re-architected from the ground up to improve performance, efficiency, and security.

Outside of changes to the architecture, Intel has also moved away from the E# naming convention in favor of a metal-based tiers: Bronze, Silver, Gold, and Platinum. Whether this new convention adds clarity or complexity is yet to be seen. I know what you’re thinking: “I have to learn a whole new naming convention all over again?!” But have no fear! Here is a quick breakdown of the new tiers, as well as a cheat sheet for deciphering full model numbers under the new system:

  • Platinum (8100 series)
    • Use Cases: Mission-critical applications such Enterprise resource planning (ERP), In-memory Analytics, Online Analytical Processing (OLAP), High-Frequency Trading (HFT), Machine Learning, Virtualization, Containers.
    • CPU Cores: Up to 28
    • Socket Configurations: 8+
    • Memory: Up to 12TB
  • Gold (6100/5100 series)
    • Use Cases: OLTP, Analytics, Machine Learning, Hadoop/SPARK workloads, server-side Java, Virtual Desktop Infrastructure (VDI), High-Performance Computing (HPC), Virtualization, Containers.
    • CPU Cores: Up to 22
    • Socket Configurations: Up to 4
    • Memory: Up to 6TB
  • Silver (4100 series)
    • Use Cases: SMB workloads, Web front end, network & storage applications for organizations who are anticipating growth.
    • CPU Cores: Up to 12
    • Socket Configurations: Up to 2
    • Memory: Up to 1.5TB
  • Bronze (3100 series)
    • Use Cases: SMB workloads and basic storage servers.
    • CPU Cores: Up to 12
    • Socket Configurations: Up to 2
    • Memory: Up to 1.5TB

Unlike the ring architecture used on previous processors, Intel has developed a new mesh interconnect architecture which allows a shorter path for data to travel by increasing the number of pathways.  Intel states that the new processors are 1.65 times faster than its previous generation.  Another big improvement for performance and efficiency in the new Intel Xeon processors is the increase in the number of supported PCIe 3.0 lanes to a whopping 48 PCIe 3.0 lanes per processor!

Security has been a focus of this release.  Key Protection Technology, which makes it more difficult to retrieve encryption keys by keeping the operations for encrypting and decrypting directly on the processor rather than offloading them to memory, is another great feature of this latest technology. For a complete overview of the new system, Intel has created a comprehensive guide you can find here. We look forward to seeing these advances in tech in action!

Myriad Holds Bake-Off for “No Kid Hungry”

Cook Off

If there’s one thing the team at Myriad Supply loves more than helping our clients, it’s helping underserved communities throughout the world through charitable giving. In the past, we’ve worked with organizations such as Project Sunshine, New York Cares, and City Harvest. Last week, Team Myriad held a bake-off competition where all proceeds went to No Kid Hungry. 

Thirteen million children—nearly one in six students—in the US struggle with hunger. Three out of four teachers say their students regularly come to class hungry. No Kid Hungry is devoted to ensuring that children have enough to eat, improving their levels of concentration and ability to learn. Kids who eat breakfast miss less school, achieve better grades, and are more likely to graduate high school.  

No Kid Hungry creates programs like free breakfast programs to help students start the day off right, the “Cooking Matters” program where they give families the tools they need to cook healthy meals and stretch their food budgets, and food programs over the summer to make sure children still get meals while school is out. 

Last week, members of the Myriad team put their cooking skills to the test. With nearly fifteen cooks, Team Myriad brought their A-game. The competition heated up quickly with a spread that had everything from chocolate-and-vanilla trifle, vanilla meringue, garden vegetable gazpacho with olive oil and jalapeno garnish, and blueberry and goat cheese pie. The winning dish? Deion Stalling’s jambalaya. (Unfortunately for us, the recipe is top secret!)

Taste testers contributed a cash donation for the opportunity to sample the treats and vote on a winner. In the end, we’re proud to announce that Myriad donated close to $400 to No Kid Hungry—and had a lot of fun while doing it, too!

cookoff1

cookoff2

cookoff3

Myriad Congratulates Employees Celebrating Anniversaries this Month

August Anniversaries

At Myriad, we believe that whether personal or professional, anniversaries are a special event in a person’s life. This month, we are celebrating the work anniversaries of three exceptional members of the Myriad team. Huge congratulations are due to: 

Sam Aronov

Celebrating: 2 years 

Sam also celebrated a promotion from Account Executive to Business Development Manager in July 2016. His favorite parts of working at Myriad are “transparency from leadership and collaboration amongst my peers.”

Sam’s best Myriad memory: “It happened during the winter party. My wife and I were playing an intense game of Jenga with a coworker and his significant other. About halfway into the game, I turned away for a moment and suddenly the tower had gotten knocked over. Andy had been walking away laughing and as he turned around to see the damage, my coworker turned around as well, indignant, ready to confront whoever knocked over our game. When he connected the dots, realized who he was just about to confront our CEO, his face was priceless.” 

Kevin Ford

Celebrating: 2 years 

Over the last few years, Kevin has added multiple certifications to his already impressive list of skills as an Account Executive, including ASE (Palo Alto), JNSA (Juniper) and CSE (Cisco). He credits his success to being “surrounded by great people who motivate me to do better every day!” 

Kevin’s best Myriad memory: “2015 Winter Party for sure!”  

Anthony Castigilione

Celebrating: 1 year 

This past February, Anthony was promoted from Business Development Representative to Account Executive, becoming Myriad’s first ever 100% vertical-focused Account Executive. Anthony attributes that professional jump to Myriad’s “excellent work culture and environment that promotes both personal and professional growth.” 

Anthony’s best Myriad memory: “Every work event that I’ve had the pleasure of attending has been amazing. Shout out to our Events team!”  

Thank you to Sam, Kevin, and Anthony for the dedication to professional growth, enthusiasm, and expertise you bring to Myriad. We look forward to seeing more of your accomplishments and where the next year takes you!