All Posts By

Sam Bennett

DevOps Engineer – Christchurch

By | Vacancies

Computer Concepts Limited (CCL) is a well-established, independent and innovative company providing IT managed services, consultancy, professional services and project management to a diverse client base throughout New Zealand.  We have a genuine commitment to our culture, huge compassion for people, sense of fun, brilliance in our field and pure passion for our clients.

The continued growth of our professional services team sees us looking for an experienced and professionally trained DevOps Engineer to work in our Christchurch branch.

CCL is a team of high performing, well supported industry professionals who are committed to delivering high-end solutions to our clients.  We welcome engineers who enjoy keeping up to date with new technologies, whilst at the same time building on their experience in the IT industry.

The ideal candidate will have 5+ Years experience in the industry with preferred skills in the following technologies:

  • 3-7 years of experience with coding or scripting languages – with at least two of the following (Ruby/JRuby, Perl, Python, PowerShell, Java, Go, C#, JavaScript, Bash).
  • Experience in executing Agile, Lean, and Continuous Delivery best practices.
  • Strong technical foundation in a number of the following tools and technologies:
    • Windows and/or Linux (Ubuntu/Debian and/or RedHat/Centos/Fedora)
  • Desktop Virtualization, Development tools (VMware, Hyper-V or VirtualBox)
  • Cloud computing 5+ years: (AWS, Google – GCP/GAE/GCE, Rackspace Cloud, Azure)
  • Infrastructure automation 3+ years (Chef, Puppet, Salt, Ansible, Cloud Formation, Terraform, Vagrant, Packer, ARM, Heat)
  • Build tools (Maven, Gradle, Ant, NAnt, MSBuild, Rake, GNU Make)
  • Continuous integration tools (TeamCity, Jenkins, Cruise Control, Bamboo, AWS CodePipelines, TravisCI).
  • Git SCM tools
  • Application servers, servlet containers, and web servers (WebSphere, Tomcat, Jetty, Nginx,  Mongrel, Microsoft IIS, Apache HTTP server)
  • Logging –  (Splunk, SumoLogic, Graylog, Kibana, Logstash, AWS CloudWatch Logs)
  • Monitoring – (AWS CloudWatch, Nagios, New Relic, Alert Logic, App Dynamics, Boundary)

Current certifications in some of above is expected and a willingness to specialize in a Computing and Infrastructure as code would be advantageous.

A current full New Zealand driver’s license is required.

Successful candidates will be comfortable working in a client facing role and display outstanding personal skills with an aptitude to get it right first time.

In return, CCL will provide an empowering environment that nurtures the right candidate and promotes innovation and growth. A competitive package is on offer.

To apply, please email your covering letter and CV, or use the form below:

APPLY NOW

[]
1 Step 1
Previous
Next
FormCraft - WordPress form builder

Computer Concepts Limited announces sponsorship for the 2018 Odisha Hockey Men’s World Cup

By | General News | No Comments

We are proud to announce a sponsorship agreement with Hockey New Zealand which sees us confirmed as a sponsor for the 2018 Hockey Men’s World Cup being held in Odisha.  We have a history of sponsorship in sports – we are also a major sponsor of the Otago Rugby Union and Southland Rugby –  and are thrilled to be able to support men’s hockey in this way.

Ian Francis CEO of Hockey New Zealand says “Having a sponsor onboard with the passion of CCL is a fantastic opportunity for Hockey New Zealand.  CCL’s support will assist our players for the Odisha Hockey Men’s World Cup and help the team perform to a high standard during the competition”.

Andrew Allan, CEO of CCL says “We are very proud to be able to sponsor Hockey New Zealand.  As a nationwide company with eight offices around the country, it is great to have a national sporting sponsorship in our portfolio.  It’s an awesome team and a sport which is close to the heart of many of our staff and their families. We are very excited to partner with New Zealand Hockey and the men’s Black Sticks and wish them all the best for the World Cup.”

The Vantage Black Sticks Men started their campaign on November 30th at 2:30am when they took on France and came away with a 2-1 win taking them to equal top of their pool.  A great start from New Zealand.

Service Desk Engineer – Christchurch

By | Vacancies

The continued growth of our team sees us looking for an experienced and professionally trained Service Desk Engineer to work in our Christchurch branch.

CCL is a team of high performing, well supported industry professionals who are committed to delivering high-end solutions to our clients. We welcome engineers who enjoy keeping up to date with new technologies, whilst at the same time building on their experience in the IT industry.

The successful candidate will have at least two years’ experience in the industry with specific skills or certifications in any of the following technologies preferred:

  • Microsoft Server 2008/2012/2016
  • Microsoft Exchange Server 2013/2016
  • Microsoft Skype for Business
  • Microsoft Office 365 and Exchange online
  • Hosted EUC Solutions
  • AWS cloud platform
  • Virtualisation technologies
  • Networking
  • Mobility solutions
  • Current full New Zealand drivers licence

In return, CCL will provide an empowering environment that nurtures the right candidate and promotes innovation and growth. A competitive package is on offer.

To apply, please email your covering letter and CV, or use the form below:

APPLY NOW

[]
1 Step 1
Previous
Next
FormCraft - WordPress form builder

Technical Consultant – Nelson

By | Vacancies

The continued growth of our professional services team sees us looking for an experienced and professionally trained Technical Consultant to work in our Nelson branch. A can-do attitude and a desire to be on the tools as well as being engaged with client pre-sales and design opportunities is a must.

CCL is a team of high performing, well supported industry professionals who are committed to delivering high-end solutions to our clients.  We welcome engineers who enjoy keeping up to date with new technologies, whilst at the same time building on their experience in the IT industry.

Complimenting your strong technical capability, you must have a strong customer focus, outstanding interpersonal skills with the ability to articulate well thought out solutions.

The successful candidate will have at least ten years’ experience in the industry with specific skills in any of the following technologies preferred:

  • Windows Server environments
  • Virtualization technologies
  • AWS/Azure/Cloud environments
  • Datacentre Hosting deployments
  • EUC solutions
  • Managed Mobility solutions
  • Server and Storage hardware infrastructure design and deployment
  • Network and Security design and deployments
  • Presales and design experience is expected

Current certifications in some of the above is expected and a willingness to grow these will be encouraged. A current full New Zealand drivers license is required.

To apply, please email your covering letter and CV, or use the form below:

APPLY NOW

[]
1 Step 1
Previous
Next
FormCraft - WordPress form builder

Senior Systems Engineer – Nelson

By | Vacancies

The continued growth of our professional services offerings sees us looking for an experienced and professionally trained Senior Systems Engineer to work in our Nelson Engineering team.

We are a team of high performers who are supported in delivering the best solutions to our clients; we welcome engineers who enjoy keeping up to date with new technologies, while at the same time building on their years of experience in the IT industry.

Complimenting your strong technical capability, you must have a strong customer focus, outstanding interpersonal skills with the ability to articulate well thought out solutions.

The successful candidate will have at least five years’ experience in the industry with specific experience in designing, implementing and supporting the following disciplines preferred:

  • Windows Server environments
  • VMware vSphere environments
  • AWS/Azure/Cloud environments
  • Datacentre Hosting environments
  • EUC environments
  • Managed Mobility solutions
  • Server and Storage hardware infrastructure
  • Network and Security deployments

Current certifications in some of above is expected and a willingness to specialise in a particular discipline would be advantageous. A current full New Zealand drivers licence is required.

In return, CCL will provide an environment that nurtures the right candidate and promotes innovation and growth.  A competitive package is on offer.

To apply, please email your covering letter and CV, or use the form below:

APPLY NOW

[]
1 Step 1
Previous
Next
FormCraft - WordPress form builder

Business Information / Database Specialist – Wellington

By | Vacancies

Computer Concepts Limited (CCL) is a well-established, independent and innovative company providing IT managed services, consultancy, professional services and project management to a diverse client base throughout New Zealand.  We have a genuine commitment to our culture, huge compassion for people, sense of fun, brilliance in our field and pure passion for our clients.

The continued growth of our team sees us looking for an experienced and professionally trained BI / Data Consultant to work with our national team. This role can be based in any of our branches, with preference being given to Wellington, Christchurch or Nelson.

CCL is a team of high performing, well supported industry professionals who are committed to delivering high-end solutions to our clients.  We welcome personnel who enjoy keeping up to date with new technologies, whilst at the same time building on their experience in the IT industry.

The focus of this role will be primarily internal, working alongside business units to aid them in discovering insights in the data that will be gathered from a wide variety of sources.  Engaging with the business, you will be responsible for providing guidance and leadership in turning information into action within our business.  At the same time, you will be leading the development of our ongoing strategy around data warehousing, integration and dashboarding that will grow with the business.

The successful candidate will be able to demonstrate referenceable experience in the industry and be articulate in presenting their vision for data, reporting and business intelligence.  The role will be “hands on”, meaning you will get to be part of delivering what you design too.

Demonstrable knowledge and current certification in the following technologies will be key for the successful candidate:

  • Excellent consultancy skills and the ability to get alongside key stakeholders and understand their unique challenges and requirements
  • Experience in designing and implementing Business Intelligence and Data Warehouse solutions
  • A keen interest in and knowledge of the BI and analytics industry trends and market direction
  • Enterprise experience with Data Visualisation and BI Reporting Tools such as SSRS, Power BI, QlikView or Tableau is highly regarded
  • Experience in providing quality reporting to aid and enhance decision making across a broad range of IT products and services
  • Microsoft SQL Server and Data Management and Analytics certification
  • Hands on SQL Database management skills will be required and expected
  • User requirements and functional analysis skills
  • Technical programming skills, use of API’s and coding ability to manipulate data, create reporting and solve business requirements
  • Impeccable written and verbal communication and presentation skills
  • A current full New Zealand driver’s license is required.

Successful candidates will display outstanding personal skills with an aptitude to get it right first time and also be comfortable working in a client facing role as this will be required from time to time.

In return, CCL will provide an empowering environment that nurtures the right candidate and promotes innovation and growth. A competitive package is on offer.

To apply, please email your covering letter and CV, or use the form below:

APPLY NOW

[]
1 Step 1
Previous
Next
FormCraft - WordPress form builder

ALERT: Foreshadow and Foreshadow NG

By | Security News

On 15 August 2018, information was released regarding three new Intel CPU vulnerabilities that may be exploited to steal data from computers.

  • CVE-2018-3615 (SGX, SMM – Foreshadow)
  • CVE-2018-3646 (VMM – Foreshadow NG)
  • CVE-2018-3620 (OS – Foreshadow NG)

Much like the Meltdown and Spectre vulnerabilities revealed earlier in the year, these new vulnerabilities take advantage of performance optimisation techniques to bypass security mechanisms built into the chips. The Foreshadow vulnerabilities target a different optimisation technique, potentially allowing access to a broader scope of data than Meltdown and Spectre, including data from other virtual machines in a virtualised environment.

Successful exploitation of these vulnerabilities would require an attacker to run malicious code on a targeted system. There are currently no known exploits being used against these vulnerabilities and researches have not yet released proof of concept code for the vulnerabilities.

We recommend that all clients assess their risk and appropriately patch systems to protect their environments against these vulnerabilities.  Care should be taken to read all patching instructions and release notes as well as perform thorough testing to avoid unexpected outages or performance impacts. Vendors have indicated that some performance impact should be expected for certain workloads.

Mitigation steps may involve processor microcode updates in addition to OS and virtualisation vendor updates, and in some cases may involve configuration options, including enabling new technologies and disabling HyperThreading.  Please refer to vendor guidance around opt-in steps, which will include guidance around scenarios where it is recommended and not recommended to disable HyperThreading, for example.

Processor microcode previously released by Intel in Q2 includes updates that address these new vulnerabilities.   We recommend that clients test and apply the latest microcode updates to all affected systems.

CCL’s Polaris Platform
CCL is programmatically addressing the identified vulnerabilities at the hypervisor levels.  Clients are responsible for patching their Operating Systems residing on the platform unless these are managed by CCL.  Additional information will be provided through standard change control notifications or directly from your Client Relationship Manager.

Public Cloud Platforms
All major public cloud providers have actively patched their environments and have taken steps to protect workloads:

https://cloud.google.com/blog/products/gcp/protecting-against-the-new-l1tf-speculative-vulnerabilities

https://aws.amazon.com/security/security-bulletins/AWS-2018-019/

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/mitigate-se

Client Dedicated Virtual Platforms, On-premise Private Cloud and On-premise Infrastructure
For dedicated virtualisation platforms, patching may be required at the hardware microcode and operating system level in addition to the hypervisor and may also require additional configuration changes depending on what features and products are being used.  Please refer to applicable vendor guidance for detailed mitigation requirements.  Links for the major vendors are included below.

In some cases, mitigation steps may have performance impacts.  We recommend thorough testing as part of the standard patching process.

 If you have any questions or concerns, please do not hesitate to contact your Client Relationship Manager or the CCL Service Desk on 0800 225 737 or support@concepts.co.nz.

Additional Information:

https://foreshadowattack.eu/

https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

https://kb.vmware.com/s/article/55636

https://kb.vmware.com/s/article/55806

https://www.vmware.com/security/advisories/VMSA-2018-0020.html

https://www.vmware.com/security/advisories/VMSA-2018-0021.html

https://blogs.technet.microsoft.com/srd/2018/08/10/analysis-and-mitigation-of-l1-terminal-fault-l1tf/

https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-terminal-fault

https://blogs.technet.microsoft.com/virtualization/2018/08/14/hyper-v-hyperclear/

https://blogs.oracle.com/oraclesecurity/intel-l1tf

ALERT: Email Phishing Attack

By | Security News

Over the last couple of days, we have noticed a spike in email phishing attacks in our clients’ environments.  The emails are coming into a client’s environment from well-known and trusted companies.

The phishing email requests users to open a pdf attachment that contains an image of DocuSign that has an embedded link to a fake website (in this case, it resembles Microsoft Office365).   It prompts users to enter their credentials.

The email has a PDF attachment which when opened looks like this:

And browsing to the “REVIEW DOCUMENTS” link will present a login screen that looks like this, where “compromisedsite.com” could be any number of different sites that are being used in the attack:

As you know, phishing emails can catch anyone out at any time and are one of the top methods cyber criminals use to gain access to a company’s network.  This is a timely reminder to always be vigilant.

Here are some useful tips to help spot a phishing email:

  • You aren’t expecting the email
  • The email urges immediate action
  • The email requests personal information
  • Links in the email lead to websites that ask for passwords
  • The email may contain a generic greeting rather than a name, e.g. Dear Sir/Madam
  • The email contains incorrect spelling or grammar
  • The email could include an attachment
  • The sender’s name and address does not match the sender or are spelt incorrectly
  • The link(s) in the email do not match the URL it redirects to
  • The URL does not match the company website or is not using SSL Encryption, e.g. https://

Meltdown & Spectre

By | Security News | No Comments

Meltdown and Spectre
Over the past week the IT community has been working hard to mitigate two widespread vulnerabilities, Meltdown and Spectre, identified by researchers.  These vulnerabilities are notable for the widespread and near universal impact on devices with processors, resulting in a significant number of patches being released and planned.  CCL has taken the necessary steps to secure our shared infrastructure platforms and we are actively assisting clients with advice and services to secure on-premise and cloud based environments.

We recommend that all clients assess and protect their environments against these vulnerabilities and ensure that systems are bought up to date and secured.  Care should be taken to follow patching instructions, as outages have occurred as a result of not following the prescribed steps.  Finally, Microsoft and other vendors have identified that some performance impact should be anticipated for certain workloads – estimates range from 5-30% decline in performance – older devices are more likely to be effected.

CCL IaaS platforms
CCL is programmatically addressing the identified vulnerabilities at the hardware and hypervisor levels.  Clients are responsible for patching their Operating Systems and applications residing on the platform unless these are managed by CCL.

Additional information will be provided through standard change control notifications or directly from your CRM.

Public Cloud platforms
All major public cloud providers have actively patched their environments and have taken steps to protect workloads. Similar to CCL, further patching may occur and we recommend monitoring each providers advisories.

Client dedicated virtual platforms, on-premise private cloud
For dedicated virtualisation platforms running earlier versions of VMware ESXi (ESXi 5.x) we are recommending a migration to ESXi 6.x, then patching to secure the hypervisor.  Patching is also required at the hardware firmware layer (microcode), operating system and application level in addition to the Hypervisor.  VMware has provided patches for ESXi which include microcode updates for popular CPUs.  vCenter patches are required and Virtual Hardware Version and VMware tools updates may also be necessary.  Outages will be required to complete patching including power cycling VM guest machines and guest OS server reboots.

Clients running Microsoft Hyper-V will need to apply updates at both the host and guest level.

On-premise infrastructure
Servers, desktops, and mobile phones are all impacted by these vulnerabilities and associated security patches are being released.  Patching will impact some workloads and performance may degrade as a result.  CCL recommends that clients follow standard patching processes including appropriate testing before release of patches to production systems.

Please note that anti-virus patches / registry key changes are required before the Microsoft patch can be successfully applied.  For CCL managed AV / Endpoint Security clients, the registry key has been deployed.

Patching will need to occur at a hardware firmware layer, operating system and application level in addition to the Hypervisor across multiple platforms to provide comprehensive protection against these vulnerabilities.  CCL has developed a guide for our engineering team to provide a best practice approach to managing the patching for Meltdown and Spectre.

If you would like more information or would like to discuss the potential performance impact to your workloads, then please contact support@concepts.co.nz or 0800 225 468

Additional information
The official Graz University of Technology research site containing information about the vulnerabilities and major vendor responses:

https://meltdownattack.com/

Additional vendor information:

https://kb.vmware.com/s/article/52245
https://support.microsoft.com/en-us/help/4073757/protect-your-devices-against-spectre-meltdown

Browser protections:

https://www.chromium.org/Home/chromium-security/ssca
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
https://blogs.windows.com/msedgedev/2018/01/03/speculative-execution-mitigations-microsoft-edge-internet-explorer/

Performance impacts:

https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/
https://access.redhat.com/articles/3307751

Please contact CCL if you have any questions or concerns.

CCL wins at the 2017 Resellers News Awards

By | General News | No Comments

CCL’s passion for client outcomes was rewarded this week with multiple honours in the 2017 Reseller News ICT Industry awards.  Now in their 3rd year, the awards recognise local talent across New Zealand in the IT sector.

CCL was named as the winner of two key awards.  The Mid-market Partner of the Year award which recognises a company doing a superb job of servicing customers in the 100-1000 seat market.

And the Sales Excellence award was won by Sanjeet Bal, Customer Relationship Manager based in CCL’s Wellington office.  This award is validation of Sanjeet’s passion and drive for client outcomes.

The Network Services team was highly commended for the Service Provider award and CEO, Andrew Allan was inducted into the Reseller News Hall of Fame for his contribution and support of the IT industry.

“These awards are very humbling for CCL and I am so very proud of the whole CCL team, who have provided the foundation over many years for our ongoing success.” says Darryl Swann, Founding Director of CCL. “None of this would be possible without the deep knowledge, expertise and will power our team brings to the table, every day.”

“We are delighted to have been recognised as winners at this year’s Reseller News Awards and believe this is due to the quality and breadth of the work we do, said Andrew Allan.  “These awards acknowledge the effective collaboration between our team, our clients and the right solutions.”

CCL celebrated their wins in front of almost 300 ICT industry leaders who gathered in Auckland to celebrate the 2017 Reseller News ICT Industry Awards.