integraONE logo

Recent Tech News


NEW February Blog - Why Office 365 Subscribers Still Need Email Security

Email is probably your greatest vulnerability when it comes to security threats to your organization. Find out how some companies are managing the potential security risks of Microsoft Office 365...

Continue reading our February Blog


Back to Top


January Blog - How Much Downtime Can Your Business Tolerate?

Information technology is critical to any organization in today’s world regardless of its industry or size.  If you own a business, then you know that technology is entrenched within so many facets of your organizations.  Whether your IT resources are hosted on premise or in the cloud, you need your IT infrastructure to work so that your workloads flow reliably and uninhibited on a 24/7 basis. Continue reading our latest blog

Back to Top



IntegraONE Named HP Enterprise East K-12 Partner of the Year

Allentown, January 16, 2018 — IntegraONE, a leading technology solutions integrator headquartered in Allentown, PA since 1990, was recently named HP Enterprise East K-12 Partner of the Year.  The award was announced at the 11th Annual HPE Public Sector Summit held on January 10 at the Ritz Carlton in Tysons Corner, VA outside Washington, D.C.  The HPE East territory covers partners from Maine to Florida.

“I am proud to recognize IntegraONE’s incredible work with HPE Public Sector,” said Joseph Ayers, HPE VP and GM, US Public Sector. “IntegraONE has helped our customers leverage HPE to embrace hybrid IT and power the intelligent edge. Together, HPE and IntegraONE had a landmark year with significant growth across all segments of our business, and we look forward to continuing our success for many years to come,” he added.

More than 135 HP Enterprise partners including IntegraONE were invited to attend the full day event which included presentations by key HPE corporate executives and public sector leadership, HPE thought leaders, and industry leaders.  It featured breakout sessions with HPE Public Sector sales team leaders, a partner showcase, partner reception, and finally the HPE partner awards ceremony at 5 pm.

“This award is a tremendous honor for IntegraONE to receive and it’s a reflection of the hard work and dedication of the entire team.” said Marty Andrefski, President, IntegraONE.  “We are proud of our more than 25-year partnership with HP Enterprise. That partnership is stronger than ever and continues to grow and enable us to provide industry leading solutions to our K-12 clients,” he explained. 

For more information on IntegraONE’s solutions, including IoT technologies, please visit

Pictured at the award presentation in the photo above are (from left to right):  Robert Strelser (HPE Director, Fed Channels), Romano Ninassi (HPE DM Mid Atlantic /Southeast Channels), Terry Richardson (HPE VP, Channels and Alliances), Chris Townsend (HPE Sr. Director, US SLED), Chris Satterly (VP, Sales Operations, IntegraONE), Joseph Ayers (HPE VP and GM, US Public Sector), and Brian Falvey (HPE Sr. Director Point Next Public Sector).

About IntegraONE
Founded in 1990, IntegraONE provides clients throughout Pennsylvania, New York, New Jersey, Delaware, and Maryland with a full range of networking and technology solutions around the following core competencies: network infrastructure, data center solutions, security technologies, unified communications, managed services, IoT technologies, and technical repair services.  

IntegraONE maintains partnerships with industry leading technology companies such as HP Enterprise, HP, Inc., Cisco, VMware, Fortinet, APC, Axis, Barracuda, Bradford, EMC, Ruckus Networks, Kaspersky, Lenovo, Eaton, FireEye, ForeScout, Cylance, Veeam, StorageCraft, Lightspeed Systems, CheckPoint, Trend Micro, and more.


Allentown Headquarters: 7248 Tilghman Street, Suite 120, Allentown, PA 18106
Central PA Office: 1007 Mumma Road, Suite 100, Wormleysburg, PA 17043
Pittsburgh Area Office: 100 Northpointe Circle, Suite 201, Seven Fields, PA 16046
Philadelphia Metro Office: 1300 Virginia Avenue, Suite 305, Fort Washington, PA


Back to Top


IMPORTANT: HP Notebook Computer and Mobile Workstation Battery Safety Recall and Replacement Program

integraONE would like to make you aware of this recall posted by HP, Inc.:

In cooperation with various government regulatory agencies HP has announced a worldwide voluntary safety recall and replacement program for certain notebook and mobile workstation batteries.

The potentially affected batteries were shipped with certain HP notebooks and mobile workstations sold worldwide from December 2015 through December 2017. These batteries were also sold as accessories or provided as replacements through HP or an authorized HP Service Provider.

HP’s primary concern is for the safety of our customers. The batteries have the potential to overheat, posing a fire and burn hazard to customers. For this reason, it is extremely important for customers to check whether their batteries are affected.

Please read the attached press release from HP


Back to Top


FOR IMMEDIATE RELEASE: IntegraONE Launches IoT Dedicated Practice as Part of Digital Transformation Initiative
Allentown, December 12, 2017 — IntegraONE, a leading technology systems integrator based in Pennsylvania since 1990, announced today that it has launched a dedicated Internet of Things (IoT) practice as part of its larger digital transformation initiative.  

The new IoT practice will be led by Peter Walsh, IoT Practice Manager, IntegraONE, and focus on consultative development strategies, and secure datacenter for at-the-edge implementations and management.  IntegraONE is a recognized leader in networking, data center, and security solutions among its vendor partners. The company has served clients in the healthcare, commercial, education, government, and financial industries for more than 27 years.  

IntegraONE’s emphasis and investment in this new IoT solution area evolved from its close relationship with its clients and understanding of the impact of digital transformation, including IoT, on their strategic business initiatives and objectives.

“This new focus area is another step in our continued dedication to providing the most advanced technologies to our clients to enable them to meet their ever-changing technology needs and organizational objectives,” explained Marty Andrefski, President, IntegraONE.  “It allows us to have deeper conversations with our clients around how we can help them meet the challenges of IoT and digital transformation.”

IoT has roots across all industries and early adopters of these solutions are realizing a higher customer experience, cost savings, and insight into both opportunities and threats that they didn’t have in the past.  In the vast IoT landscape, IntegraONE’s focus is on the optimization of client strategy and the assessment of infrastructure to ensure solutions are never underpowered and always secure.

IoT solutions are helping businesses realize operational efficiency, including break/fix, utility optimization, process efficiency, and resource tracking and sharing. As more connected devices are introduced to the business environment, the case for adoption of IoT strategies grows stronger. IntegraONE’s new IoT practice enables clients to respond to this challenge and manage these devices effectively.

“Smart buildings, smart schools, smart healthcare are the reality of the world today as digital transformation affects every type of organization from healthcare and long-term care facilities, to K-12 schools and higher education, to government entities, financial institutions, and commercial businesses.  IntegraONE knows how to simplify the vast IoT landscape into a custom strategy for our clients,” explained Pete Walsh, IoT Practice Manager, IntegraONE.  “Our job is to make sure our clients are tapped into the full power of what an IoT solution can offer while also ensuring they have the right security and protection in place,” said Walsh.

For more information on IntegraONE’s solutions, including IoT technologies, please visit

About IntegraONE
Founded in 1990, IntegraONE provides clients throughout Pennsylvania, New York, New Jersey, Delaware, and Maryland with a full range of networking and technology solutions around the following core competencies: network infrastructure, data center solutions, security technologies, unified communications, managed services, IoT technologies, and technical repair services.  

IntegraONE maintains partnerships with industry leading technology companies such as Cisco Systems, HP Enterprise, HP, Inc., VMware, Fortinet, APC, Axis, Barracuda, Bradford, EMC, Ruckus Networks, Eset, Kaspersky, Lenovo, Eaton, FireEye, ForeScout, Cylance, Veeam, StorageCraft, Lightspeed Systems, Trend Micro, and more.

Allentown Headquarters: 7248 Tilghman Street, Suite 120, Allentown, PA 18106
Central PA Office: 1007 Mumma Road, Suite 100, Wormleysburg, PA 17043
Pittsburgh Area Office:
Philadelphia Metro Office: 1300 Virginia Avenue, Suite 305, Fort Washington, PA

Back to Top


December Blog - The Year in Review

by Brad Rudisail, MCITP, MCSE, Virtualization Administrator, Network Engineer

It is that time of year when we pause and reflect on the year from a cybersecurity point of view and review some of the year’s most devastating and extraordinary cyber-attacks.  More importantly, we look back at them in order to determine how best to combat similar attacks in the future so that our organizations do not garner unwanted headlines in the year ahead.

Continue reading December Blog

Back to Top


Cylance - New exploit allows malware that’s quarantined in some antivirus programs to still infect computers...

There’s an interesting new exploit being discussed online that deserves some attention: malware that’s quarantined in some antivirus programs can still infect computers, partially due to a quirk in how Windows handles files via NTFS.

Information security auditor Florian Bogner discovered this exploit while conducting penetration testing for some of his clients and named it AVGater.

Bogner lists the affected vendors who have patched the vulnerability here and believes others may also be affected. (Rest assured that Cylance’s product doesn’t have this vulnerability. There, that’s been said.)

Why is the Exploit Specific to Windows Applications?

Unprivileged Windows users can interact with their antivirus application’s UI. They usually may change some of the application’s settings and see warnings related to potential malware. But in order to conduct actions such as monitoring file access or putting suspected malware files into quarantine, the antivirus application must interact with the Windows System level within user mode, which is more privileged. Checking scanned objects for known threat identifiers with signatures, heuristics, or both probably involves the kernel.

There are channels between the unprivileged user, the Windows System, and the kernel and those channels have been shown to be susceptible to privilege escalation with the AVGater exploit. When an object is restored from the antivirus application’s quarantine, that action is carried out by the Windows System privileged user. In Windows, the System can circumvent access control lists.

Anyone with access to a Windows computer can make an NTFS directory junction, otherwise known as a soft link. They’re implemented through reparse points, and can be used to link one folder to another, provided they’re within the same logical drive on the disk. An example of a logical drive in Windows is C, which is the default main HDD partition.

Let’s say a malicious DLL file has been quarantined by the antivirus application. An attacker who exploits the AVGater vulnerability can create an NTFS directory junction from the quarantine location to any other folder within the logical drive. Bogner believes the targeted folder would probably be inside C:\Program Files or C:\Windows, but it doesn’t have to be.

According to Windows’ DLL search order, applications will look for a DLL in the System or Windows folders, including their children, if the DLL can’t be found from a known path or the application’s folder. If the DLL the application finds is malicious, then bingo, you’ve got a cyberattack.

Attack Scenario

Bogner describes the AVGater attack scenario as follows:

A vulnerable antivirus program quarantines a malicious DLL. Then the NTFS directory junction process is exploited to link the malware from the original source path to another folder, usually within C:\Program Files or C:\Windows to maximize the probability of the malicious DLL’s execution.

That NTFS directory junction process is a way to privilege escalate to the System level. The malicious DLL can be written to a folder the unprivileged user doesn’t have access to. Because of the DLL search order, the malware can be executed and then an attacker who doesn’t have administrative access can then take control of the targeted computer.

To protect against the vulnerability, Bogner recommends frequent antivirus software patching, and not giving users in corporate environments the privileges needed to restore files from quarantine. I’d suggest that you can also consider AI-driven antivirus solutions.

For more information, please visit our partner, Cylance.

Back to Top


Fortinet Quarterly Report: The Battle Against Cybercrime Continues to Escalate


Fortinet just released its Threat Landscape Report for Q3 of 2017. Its findings are drawn from millions of sensors deployed inside production environments across the globe.

This quarter’s report focuses on three key threat indicators: exploits, malware, and botnets. The first two provide a view into criminal attempts to identify and compromise vulnerable systems. The third, botnets, provides insight into malware that has managed to penetrate a network and its communications back to its command and control center. It also examines important zero-day vulnerabilities and infrastructure trends of the corresponding attack surface to add context about the trajectory of cyberattacks affecting organizations over time. Combined, they provide insight into what cybercriminals value, and the techniques they rely on to access those resources. This information, in turn, provides valuable information on what sorts of security measures organizations should be focused on.

In terms of exploits, 79% of organizations being monitored saw severe attacks in the third quarter, with an average of 153 attacks per firm. The top exploit of the quarter, targeted at the Apache.Struts vulnerability, was reported by 35% of organizations. That is the exploit that attackers leveraged to nab approximately 145 million records from credit bureau Equifax, which was first reported on September 7th.

One of the key takeaways from this data is that whether it’s WannaCry in Q2 or Apache Struts in Q3, long-known and yet still-unpatched vulnerabilities continue to bite organizations time and time again. Which is why it is imperative that IT teams pay close attention to critical patch releases and establish an aggressive patch and replace protocol. In addition to lapses in regular patching, network and device hygiene are the next most neglected elements of security. They may not be the most fun or sexy part of security, but they are critically important.

According to Phil Quade, Fortinet’s Chief Information Security Officer, “long-known and yet still-unpatched vulnerabilities consistently serve as the gateway for attacks. Remaining vigilant of new threats and vulnerabilities in the wild is critical, but organizations also need to keep sight of what is happening within their own environment. Of course, continually removing unnecessary application services, stamping out vulnerabilities, and maintaining good order in IT environments is easier said than done. However, there is an increased urgency for prioritizing security hygiene, along with a need to embrace fabric-based security approaches that leverage automation, integration, and strategic segmentation. Our adversaries are adopting automated and scripted techniques, so we need to raise their price of attacking to combat today’s new normal.”

As with exploits, malware analysis helps uncover adversary intent and capability. During Q3 the FortiGuard Labs team detected nearly 15,000 unique malware variants from over 2,600 different families, which while down slightly from Q2, still represents a huge variety of ways to compromise a network. Of the total number of organizations analyzed, 22% reported attempts to infect their systems with ransomware, with the Locky ransomware family roaring back to take the top spot after a summer of relative quiet with three new variants: Diablo6, Lukitus, and Ykcol.

In addition, 25% of organizations detected malware targeted at their mobile devices, up from 18% in Q2. This is a clear indicator that cybercriminals are looking for new ways to infiltrate networks by targeting devices without the level of control, visibility, and protection that traditional systems receive. Effective mobile security strategies must deal with this reality through mobile application controls and malware protections built into the network to cover any device anywhere.

The most common functionality among top malware families was dropping malware onto vulnerable systems. This technique helps malicious payloads wrapped in dynamic packaging to slip through legacy defenses. Once deployed, the majority of malware strains attempted to establish remote access connections, capture user input, and gather system information, demonstrating the increased intelligence and automated nature of today’s malware.

The fact that so many high-variant downloaders and droppers topped our charts is a good reminder that single-point, signature-based AV alone is not an effective security strategy. It is essential that IT teams integrate layers of malware defenses together capable of detecting known and unknown threats, and deploy them at multiple layers throughout the environment.

While exploit and malware trends highlight efforts to compromise a device or network, botnets provide a post-compromise viewpoint. Once a network has been breached, installed botnet malware attempts to communicate with the remote malicious hosts for updates and instructions or to deliver pilfered data. Detecting command and control traffic in a corporate environment clearly indicates that something went wrong from a defense perspective.

In Q3 there were about two active botnets per organization detected inside their networks, with 3% of organizations seeing 10 or more infections. Interestingly, while botnet activity was down in Q3, those botnets that were most active Gh0st, Pushdo, Andromeda, Necurs, and Conficker remained the most prevalent, which was an exact repeat of Q2.

One of the most compelling data points is that 75% of the organizations that reported Gh0st botnet infections in July also reported them in August, and 70% of those also reported September infections. The first takeaway is that while most organizations seem to be focused on responding to the symptoms of an infection, many are not very good at understanding the scope of a breach, or are not thorough enough in their incident response. They need to have a plan of steps to follow, and either they don’t have a plan or they are skipping some essential steps. They may also be too focused on remediating systems but are not being very effective at getting at the root cause.

The other is that while all organizations are vulnerable, midsize companies seem to be more frequently compromised over both small and large firms. While smaller firms likely have less protection, they also have less – and less valuable – data, so they tend to be ignored. Larger firms, on the other hand, certainly have the data cybercriminals want, but also greater resources to protect it. It’s midsize firms, however, that typically have enough valuable data to make them a worthwhile target, and yet not nearly the same security resources of their larger counterparts. Simply put, we see more botnets in mid-sized companies because they have a higher infection rate (malware is somehow successfully dropped onto their systems) than other companies. 

As the threat landscape becomes more intelligent and automated, organizations will need to respond in kind. The time between breach and compromise will soon be measured in milliseconds, which makes it imperative that organizations automate basic security hygiene, such as patch and replace, hardening systems, and implementing two-factor authentication. AI and automation need to fill this gap by replacing basic security functions and day-to-day tasks currently being performed by people with an integrated expert security system that can determine device vulnerabilities, track and patch devices, and apply security protocols or policies, and configure and monitor security and network devices.

As the volume, velocity, and automation of attacks continue to increase, organizations need to ensure that a strategic threat detection and incident-response strategy is in place. Only a security framework that utilizes advanced threat detection, comprehensive threat intelligence sharing, an effective IR strategy, and an open architecture that can tie security and networking components into an integrated defense and response system is going to be able to protect organizations going forward. The evolving attack surface requires flexibility to quickly implement security strategies and solutions and seamlessly add advanced techniques and technologies as they emerge.

You can read more important takeaways in the full Global Threat Landscape Report. Also the infographic (below) summarizing valuable data points from the report.

Back to Top


November Blog - Why you Need to Focus on IoT Device Management

by Brad Rudisail, MCITP, MCSE, Virtualization Administrator, Network Engineer

The cloud is most definitely one of the most transformational technology architectures of the past several years as companies have utilized it to digitally transform their organizations and services.  The cloud brings with it near limitless scalability and agility as well as unrivaled levels of redundancy.  Those who recognized the value of migrating their resources and assets to the cloud have enjoyed the dividends of this new approach to delivering workloads.  However, there is another facet of the cloud that most companies are just beginning to utilize, that in itself could be equally transformational – the Internet of Things (IoT).

Continue reading November blog

Back to Top


Prepare Today for the Next Wave of Digital Transformation

"IDC estimates that by 2025, we will live in a world that has over 80 billion IoT connected devices that generate over 162 zettabytes of data."

When people and devices interact in the connected world, they feed incredible synergies among humans, machines, software, and environments. But it's the quality and efficiency of those interactions, and the insights gathered from them that affect your organization's ability to be transformative and achieve the business outcomes needed to thrive in the digital age.

Why accelerate your mobility and IoT transformation?

Create store location services that deliver personalized offers and product information with location-based services. Enhance daily customer experiences with applications purpose-built for specific tasks, as well as specific industries. 

Develop ‘smart workplaces’ to boost employee productivity and efficiency. Ensure secure collaboration and productivity across campuses and remote offices. Accelerate your business with a mobile-first digital workplace.

Uncover new ways to drive efficiencies, engage customers, and develop new business with greater insights at the Intelligent Edge. Computing at the edge reduces delay and avoids bandwidth consumption while transmitting data to the cloud or data center.

Want to learn more about what digital transformation and IoT can do for your organization? Talk to an integraONE expert today.  Call us at 800-582-6399 or email



Back to Top