Windows Server 2008 R2 End-of-Life Support Looms. The Time to Act is Now!
It seems like we just went through this with Windows Server 2003, but we’ll soon be losing yet another popular Microsoft standby – Windows Server 2008 R2. End-of-life mainstream support for the system has already ceased as of January 13, 2015, but the big blow is still ahead. Read more
Business downtime is much more common than you may think. Every business faces the risk of business interruption every day, from an employee clicking on something that they shouldn’t have, hardware failure, the list just goes on and on. Read more
Microsoft has publicly announced January 14, 2020, as the end date for extended support, also known as End of Life (EOL), for the Windows 7 operating system. As of this date, Microsoft will no longer produce any patches or updates to address known or otherwise newly discovered issues for the Windows 7 platform. Read more
Update on Issues with Reflexion Email Security Service
As of 2:30 pm EDT, all inbound and outbound mail delivery
through Reflexion is returning to normal, although some end users may
periodically notice delays due to the high volume of emails we are currently
processing. We expect that any delays will continue to improve as the queues
are processed. We will continue to provide updates as the operation progresses
back to a fully healthy state with no delays.
Please know that all email that was queued in the last 24
hours has been safely processed and will be sent and received as the flow
resumes – no emails were lost by the Reflexion operation as a result of this
We expect improvements throughout the day. The operations
and development teams are diligently monitoring the service to ensure all
Reflexion customer email is fully resumed. Note: This issue affected customers
of the Reflexion service and did not impact any of our services in Sophos
While we are still finalizing the root cause of the problem, we have determined that during the initial incident the IO limits of our storage infrastructure was exceeded, due to a routine maintenance process that was executed incorrectly. We are continuing the investigation and will provide a thorough root cause analysis (RCA) once complete.
We sincerely apologize for the inconvenience this has caused
and will continue to provide updates during the day
Business downtime is much more common than you may think. Every business faces the risk of business interruption every day, from an employee clicking on something that they shouldn’t have, hardware failure, the list just goes on and on. There are ways to protect your business from this loss of production time and data. Join us to hear real-world examples of downtime, and how you can protect yourself with a true business continuity solution.
What can happen to my password if it is stolen? Once an
attack has happened and the criminal has your data, he or she likely runs
through the following steps, which we like to call, “A Hacker’s Post Breach
Checklist:”The hacker will:
Inventory the stolen data: Hackers will look through the
stolen data files for authentication credentials, personal information like
names, addresses and phone numbers, and financial information like credit card
“Hackers will often start by selling data on military or government accounts,”People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use.”
Mark Laliberte – WatchGuard’s own Information Security Threat Analyst
Sell personal information:Next, the hacker will package up
personal information like names, addresses, phone numbers, and email addresses
and sell them, typically in bulk. These are more valuable the more recent they
are. According to Quartz, a full set of someone’s personal information
including identification number, address, birthdate, and possibly credit card
info costs between $1 and $450 with a media cost of $21.35.
Look for the good stuff:Hackers will then inventory
authentication credentials further and look for potentially lucrative accounts.
Government and military addresses are very valuable, as well as company email
addresses and passwords for large corporations. Since people often re-use their
passwords, hackers can often use credentials for military or corporate accounts
to target other companies. For example, Dropbox was breached in 2012 using
credentials stolen in the LinkedIn data breach earlier that year. A hacker may
plan such a hack himself, or he/she may sell the credentials to others on the
dark web for a much higher price.
Offload the cards: Financial information like credit card
numbers are packaged and sold in bundles. An individual with the right
knowledge could easily buy credit card information in groups of ten or a
hundred. Usually a “broker” buys the card information, then sells them to a
“carder” who goes through a shell game of purchases to avoid being detected.
First the “carders” use stolen credit card to buy gift cards to stores or to
Amazon.com, then use those cards to buy physical items. The carder may then
sell the electronics through legitimate channels like eBay, or through an
underground dark website.
Sell in bulk After several months, the hacker will bundle up
authentication credentials and sell them in bulk at a discounted price. By now,
most of the credentials are worthless since the company has most likely
discovered the breach and taken steps to repair it. For example, a database
containing the entire LinkedIn credentials dump is still available.
How to Create Strong
Why are strong
Good computer security includes the use of strong passwords
for all your accounts. Passwords can be the weakest link in a computer security
scheme. Strong passwords are important because password cracking tools continue
to improve and the computers used to crack passwords are more powerful. Network
passwords that once took weeks to break can now be broken in hours.
Password cracking software uses one of three approaches:
intelligent guessing, dictionary attacks, and automation that tries every
possible combination of characters. Given enough time, the automated method can
crack any password. However, it still can take months to crack a strong
For a password to be
strong and hard to break, it should:
Contain 6 or more characters
Contain characters from each of the following
Letters (uppercase and lowercase) A, B, C,…;
a, b, c,…
Have at least one symbol character in the second
through sixth positions.
Be significantly different from prior passwords.
Try to change your password(s) every 6 months.
When typing in your password, make sure no one is watching
you type. Ask anyone around you to kindly look away.
Password reuse, like
what Marc is describing above, can create opportunities for more breaches. For
example, Dropbox was breached in 2012 because a Dropbox employee’s Expedia
password was stolen in a separate data breach and they reused that password for
their work account.
A strong password
policy doesn’t need to be the only line of defense to your systems and network.
Adding multi-factor authentication creates multiple layers of security to
protect users and resources.
What can you do to
Good passwords are critical to information security. Lack of
thought in creating password policies increases the chances of unauthorized
access or compromised data. The SANS institute recommends that strong password
policy include the following characteristics:
Contain a mix of uppercase and lowercase
letters, punctuation, numbers, and symbols.
Contain at least 15 characters.
Be unique from other accounts owned by the user.
Never include dictionary words
Never include patterns of characters
Go even further in your password policy by encouraging the
use of pass phrases, which use phrases along with the strong password
guidelines to add even further difficulty to passwords being compromised.
For example: The phrase “iced tea is great for summer”
The easiest solution
– use a password safe
Password safes save your passwords securely, allowing you to
save the information on your personal computer without opening yourself up to
giving away private information advertently. They can also generate random
passwords for each of your accounts.
These password safes store all of your passwords in a single account,
which has a master password you need to remember. This allows you to use truly
random combinations in all of your other passwords, making them much harder for
malicious users or bots to crack. Two examples of such services are: LastPass
and Password Gorilla.
Change your Passwords
The RIT Password Standard requires passwords to be changed
annually. . In addition, passwords should be changed:
Whenever a malicious program such as a virus is detected or
a machine is compromised insome way.
If there is a job change (job is completed, job is
terminated, or a job transfer changes the need for access).
From any default passwords. If they are shared with anyone
other than the authorized user(s)
Don’t Use your
username or any part thereof:
These are the don’ts!
Name(s) of yourself, family, friends, pets, or
Computer terms and names, commands, sites,
companies, hardware, or software
Birthdays or other personal information such as
addresses or phone numbers
A set of characters in alphabetic or numeric
order (ex. abcdef), in a row on a keyboard
(ex. qwerty), or a simple pattern (ex. 123123)
Words that can be found in a dictionary
Your UCLA ID number, a bank account PIN, credit
card number, etc.
Any of the above spelled backwards
Any of the above preceded or followed by a digit
(ex. qwerty1, 1qwerty)
DON’T Reuse passwords.
If you do, a hacker who gets just one of your accounts will own them all. (Some
systems will not let you reuse passwords.)
DON’T Use a
dictionary word as your password. If you must, then string several together
into a pass phrase.
DON’T Use standard
number substitutions. Think “P455w0rd” is a good password? N0p3! Cracking
tools now have those built in.
DON’T Use a short
password—no matter how weird. Today’s processing speeds mean that even
passwords like “h6!r$q” are quickly crackable. Your best defense is the longest
Cyberattacks continue to grow in scale, ferocity, and audacity. No one is safe. Large corporations are a target because hackers see the potential payoff as huge. Small companies are vulnerable too because they don’t have the financial muscle needed to invest in sophisticated security systems. Now more than ever, businesses must do whatever it takes to keep their data and tech infrastructure safe. If non-techie employees understand key cybersecurity terms, they’ll have a much better chance of making the right security decisions. There are thousands of cybersecurity terms but no one (techie or otherwise) is under obligation to know all of them. Some terms are, however, more important than others and these are the ones all staff must be aware of.
Note that knowing these cybersecurity terms is more than just mastering the definitions. Rather, it’s being able to understand the patterns and behavior that define them.
Adware is a set of programs installed without explicit user authorization that seek to inundate the user with ads. The primary aim of adware is to redirect search requests and URL clicks to advertising websites and data collection portals.
While adware mainly aims to advertise a product and monitor user browsing activity, it also slows down browsing speed, page-load speed, device performance, eats into metered data, and may even download malicious applications in the background.
Botnets are simply a collection of several (and they can number in the millions) Internet-enabled devices such as computers, smartphones, servers, routers, and IoT devices that are under a central command and control.
Botnets are infectious and can be propagated across multiple devices. Botnet is a portmanteau of “robot” and “network.” Some of the largest and most dramatic cyberattacks in recent times have involved botnets, including the destructive Miraimalware that infected IoT devices.
When you hear the term espionage, what first comes to mind is the world in a bygone era. But espionage is as alive today as it was a century ago. The difference is that thanks to the proliferation of information technology and the ubiquity of the Internet, espionage can now be executed electronically and remotely.
Cyber-espionage is the gathering of confidential information online via illegal and unauthorized means. As you’d expect, the primary target of cyber-espionage is governments as well as large corporations. China has been in the news in this regard though other world powers such as the United States and Russia have been accused of doing the same at some point.
Defense-in-depth is a cybersecurity strategy that involves creating multiple layers of protection in order to protect the organization and its assets from attack. It’s born out of a realization that even with the best and most sophisticated technical controls, no security is ever 100 percent impenetrable.
With defense-in-depth, if one security control fails to prevent unauthorized access, the intruder will run into a new barrier. It’s unlikely that many hackers will have the knowledge and skills to surmount these multiple barriers.
5. End-to-end encryption
End-to-end encryption is a means of securing and protecting data that prevents unauthorized third parties from accessing it during rest or transmission. For instance, when you shop online and pay with your credit card, your computer or smartphone has to relay the credit card number you provide to the merchant for authentication and payment processing.
If your card details fall into the wrong hands, someone could use it to make purchases without your permission. By encrypting the data during transmission, you make it harder for third parties to access your confidential information.
A firewall is a defense mechanism that is meant to keep the bad guys from penetrating your network. It’s a virtual wall that protects servers and workstations from internal and external attack. It keeps tabs on access requests, user activity, and network traffic patterns in order to determine who can and cannot be allowed to interact with the network.
Hashing is an algorithm for encrypting passwords from plain text into random strings of characters. It’s a form of security method that transforms fixed-length character strings into a shorter value that represents it. That way, if an intruder somehow got through to the password file or table, whatever they see will be text that is useless to them.
8. Identity theft
Identity theft is sometimes referred to as identity fraud. It’s the No. 1 reason why hackers seek to access confidential information and customer data especially from an organization. An identity thief hopes impersonate an individual by presenting the individual’s confidential records or authentication information as their own.
For example, an identity thief could steal credit card numbers, addresses, and email addresses then use that to fraudulently transact online, file for Social Security benefits, or submit an insurance claim.
9. Intrusion detection system (IDS)
It’s relatively uncommon for a cyberattack to be completely unprecedented or unknown in its form, pattern, and logic. From viruses to brute force attack, there are certain indicators that point to unusual activity. In addition, once your network is up and running, all network traffic and server activity will follow a relatively predictable pattern.
An IDS seeks to keep tabs on network traffic by quickly detecting malicious, suspicious, or anomalous activity before too much damage is done. The IDS blocks malicious traffic and sends an alert to the network administrator.
10. IP spoofing
IP address forgery or spoofing is an address-hijacking mechanism in which a third party pretends to be a trusted IP address in order to mimic a legitimate user’s identity, hijack an Internet browser, or otherwise gain access to a restricted network. It isn’t illegal for one to spoof an IP address. Some people do so in order to conceal their online activity and maintain anonymity (using tools such as Tor).
But IP spoofing is more often associated with illegal or malicious activity. So organizations should exercise caution and take appropriate precautions whenever they detect that a third party wants to connect to their network using a spoofed address.
Keylogger is short for keystroke logger. It’s a program that maintains a record of the keystrokes on your keyboard. The keylogger saves the log in a file, then encrypts and distributes it. While a keylogging algorithm can be used for good (some text-to-voice apps for example use keylogging mechanism to capture and translate user activity) keyloggers are often a form of malware.
A keylogger in the hands of nefarious persons is a destructive tool and is perhaps the most powerful weapon of infiltration a hacker can have. Remember, the keylogger will capture all key information such as user names, passwords, PINs, pattern locks, and financial information. With this data, the hacker can easily access your systems without breaking a sweat.
Malware is one of the cybersecurity terms you will hear the most often. It’s a catch-all word that describes all malicious programs including viruses, Trojans, spyware, adware, ransomware, and keyloggers. It’s any program that takes over some or all of the computing functions of a target computer for ill intent. Some malware is just little more than a nuisance but in many cases, malware is part of a wider hacking and data extraction scheme
13. Password sniffing
Password sniffing is the process of intercepting and reading through the transmission of a data packet that includes one or more passwords. Given the volume of network traffic relayed per second, password sniffing is most effectively done by an application referred to as a password sniffer. The sniffer captures and stores the password string for malicious and illegal purposes.
Pharming is the malicious redirection of a user to a fraudulent site that has colors, design, and features that look very similar to the original legitimate website. A user will unsuspectingly key in their data into the fake website’s input forms only to realize days, weeks, or months later that the site they gave their information to was harvesting their data to commit fraud.
Phishing is a form of social engineering and the most common type of cyberattack. Every day, more than 100 billion phishing emails are sent out globally. Phishing emails purport to originate from a credible recognizable sender such as e-Bay or Amazon or financial institutions. The email will trick the recipient into sharing their username and password on what they believe is a legitimate website but is in reality a website maintained by cyberattackers.
Knowing these cybersecurity terms is a first step in preventing cyberattacks
While technical controls are crucial, employees are the weakest link in your security architecture. Nothing makes employees better prepared for a cyberattack than security training and awareness. For most organizations, the IT department represents only a fraction of the entire workforce.
Tech staff can therefore not be everywhere to explain cybersecurity terms and help each employee make security-conscious decisions. Therefore, making sure your non-techie staff is familiar with these cybersecurity terms is fundamental.
Microsoft has unveiled a raft of new capabilities for its Teams collaboration tool, including customized backgrounds for video calls, live text captions and integration with its Whiteboard “digital canvas” tool.
Microsoft also offered an update on user adoption, saying there are now 500,000 organizations using Teams. That’s up from 329,000 last September, and 200,000 a year ago, and highlights growth in a crowded market that includes Slack, Google Hangouts and others.
Unlike some competitors like Slack, which has 10 million daily active users, Microsoft doesn’t break out individual user statistics.
There are more large-scale deployments, too, said Lori Wright, general manager of Microsoft 365. That list includes more than 150 companies with at least 10,000 monthly active users, up from 54 companies last fall. (Last month, Facebook said its Workplace also has 150 customers with more than 10,000 users, while Slack has 150 organizations paying for Enterprise Grid, which is aimed at larger deployments.)
“It is our two-year anniversary and the macro trends that have been going on for quite some time continue to drive the growth and momentum of Teams,” said Wright. “This includes things like more remote workers than ever before, the move from being tethered to your desktop to having mobile devices, [and] being able to break down corporate hierarchies and create more inclusive cultures where people can find the information they need.”
Teams is available as part of subscriptions to Microsoft’s Office 365 suite, which has more than 155 million individual users. Microsoft also offers a free version of Teams.
Since its launch, Teams has been positioned as a core communication and collaboration tool within Office 365, effectively replacing Skype for Business. Among those making the transition are Microsoft’s own staffers: the company said today that 180,000 of its employees have switched from Skype for Business, with Teams used for all communications.
“Microsoft is killing it with Teams, a lot quicker than I thought they would be at this point,” said Patrick Moorhead, founder and president of Moor Insights & Strategy. “The company has come a long way when you realize how many years it was behind in cloud tools and I’d say it is leading right now – even bringing out features startups have begun to offer.”
Angela Ashenden, principal analyst at CCS Insight, agreed that the latest adoption data highlights Microsoft’s success in “maintaining incredible growth rates with Teams.”
However, she added that the monthly active user figures provided by Microsoft don’t necessarily show that Teams is being relied on for team collaboration yet. (Daily or weekly active use would be a better indicator, she said.)
“We’re clearly seeing more experimentation with the platform among a broader proportion of workforces, but it’s likely that this adoption is more through use of the Skype For Business meeting capabilities within Teams than use of the core messaging platform,” said Ashenden.
New meeting features
Among the new functions aimed at improving the Teams meeting experience are customized backgrounds, which build on the previously blurred background feature, allowing users to choose the backdrop visible to others during a video call. The aim is to reduce distractions, Microsoft said, and encourage more Teams users to take part in video meetings.
With Intelligent Capture in Microsoft Teams Rooms, Microsoft also wants to make it easier for remote participants to see drawings on analog whiteboards during meetings. Intelligent Capture processing can resize, focus and enhance whiteboard images and text, overlaying the information onto a video stream in real time.
Moorhead said that the digital whiteboard feature is the most significant feature announced at Enterprise Connect. “It takes a very analog work tool every information worker is familiar with and digitizes it,” he said. “I was very interested that with the extra camera feature you could literally look through the person drawing and annotating.”
“Data shows that the vast majority of meetings have at least one remote attendee,” said Wright. “A remote attendee is at a disadvantage anytime someone gets up to write on the whiteboard because they can’t really see the content, they are trying to make it out, they are trying to look through a human body and understand what is happening. We have solved this now.”
Customized backgrounds and Intelligent Capture features are slated to roll out later this year.
There is also support for Microsoft’s digital canvas app, Whiteboard – which lets users collaborate on creative work and share ideas within Microsoft Teams Rooms. (That’s the multivendor conference room control system rebranded from Skype Room Systems earlier this year.) That allows content to be moved from a physical to a digital whiteboard without having to replicate the information from scratch. The feature is now in public preview.
“With the new content camera and the Microsoft Whiteboard app, we see Teams starting to embrace collaboration that spans both physical and online situations, with the forthcoming Surface Hub 2 also playing an important role,” said Ashenden.
Live captions automatically creates a real-time text transcript during a meeting, which is useful for meeting participants who are deaf or hard of hearing, those who struggle with a particular language, or for those connecting from a noisy location.
“The live captions capabilities are also particularly interesting as these could help where it’s hard to hear the audio due to background noise or connectivity challenges,” said Ashenden, “but it will also be valuable where meeting participants or audiences are not native speakers.
“Over time, you can see this becoming the platform for real-time translation during meetings and events as well.”
Security and compliance upgrades
Microsoft also announced features aimed at Teams admins.
Private channels is “one of the most requested features” in Teams, said Wright, and allows a certain channel within a team to be locked down for private conversations. The functionality will be available later this year, Microsoft said.
The company also touted information barriers designed to help avoid conflicts of interest within an organization by limiting which individuals can communicate with each other. That should be useful for meeting compliance demands.
“Think about a financial institution where you have buy-side and sell-side investors; you have to be able to create a strong ethical wall or information barriers so that information can’t cross between those two groups,” said Wright, adding that that feature is “coming soon.”
Finally, new data loss prevention (DLP) capabilities detect sensitive information in Teams conversations to prevent such data from being leaked or shared without authorization. This is generally available now.
Ashenden said the security and governance features will be critical for many highly regulated companies that “see Teams as a way to provide a more secure and compliant alternative” to consumer tools within their organization.
“Security and trust are key focal points for differentiation for Microsoft, and data loss prevention and information barriers provide more controls and reassurance for IT organizations,” she said.
This story, “As Teams turns two, Microsoft adds compliance and meeting features” was originally published by Computerworld.
When computer systems fail, or disaster strikes, business comes to a grinding halt. Replacement hardware takes time to order and install, infrastructure needs to be rebuilt, and backups need to be prepared and applied. This can take days or weeks, even with a good backup solution. Unfortunately, when business is down, every second counts.
Business continuity is a term that describes your capability to continue to deliver products or services following a disruptive incident. But, business continuity planning can be an afterthought until cyber theft or a natural disaster occurs and all systems come to a halt. Small business (non-IT or non-technical businesses) can prepare for business continuity by planning for the following 5 disasters:
Not “Planning to Fail.” Machines and hardware fail.Machines and hardware fail. While most IT hardware is fairly resistant to failures, most devices fall far short of a perfect track record, and no one is immune to hard disk or internet connection failures. While it can be costly for your company to eliminate any single point of failure in your IT infrastructure, having a disaster recovery plan that does this is the only way to ensure that a hardware failure doesn’t interrupt your service or cause data loss.
Failing to Plan. Only 6% of companies without a disaster recovery plan survive a disaster. When something goes wrong- whether it’s a natural disaster such as flood or fire, a criminal attack like a burglary or cybercrime, or human error causing a system failure or other incident – you need more than insurance policies to protect your business. Disaster Recovery and Business Continuity Planning (DRBC) is your first line of defense when an incident occurs. While insurance companies sort out claims, it needs to be ‘business as usual’ for most companies, and there’s no time to wait for paperwork to be completed and this is where your disaster recovery and business continuity planning are vital.
Understanding that IT Disasters are Costly. The costs associated with not preparing for an IT disaster are staggering; and many companies that aren’t effectively prepared for disaster situations simply cannot bounce back from a significant crisis. In fact, up to 75 percent of businesses fail within three years after a major natural or data disaster. The good news is that research shows companies with business continuity planning recover faster and more effectively following an emergency. In the meantime, the expected cost of data breaches and data loss will top $2.1 trillion by 2019 as more data is digitized, and the majority of these data breaches will come from existing network infrastructure and IT systems.
Remembering that Humans Make Mistakes; and Preparing for It.80% of downtime instances impact mission-critical applications and business data and the majority are caused by human error. Human error is, by far, the most common and most frequent cause of business disasters. By definition, human errors are unintentional but can often be the hardest to prevent and correct. Having a disaster recovery plan that creates a series of incremental online data backups lets you easily restore your files to an error-free state. A disaster recovery plan that incorporates checking and double checking, along with online backups is often the best remedy.
Disasters affect everything. Your business runs 365 days a year; your systems run 24/7; your data is needed in real-time. A data center outage costs about $8851 per minute and can cause forfeited sales, lost data, damaged equipment, disrupted processes, legal or compliance liabilities, damaged client relationships and reputation, and wasted resources controlling the damage.
Businesses with a disaster recovery plan report increased savings, enhanced system reliability, improved security and reduced insurance premiums…even without a disaster. It’s important for you-as a business owner, office manager or CEO to remember: “the time to prepare the roof is while the sun is still shining.” (Kennedy)
The above photos are actual clients of Direct One Networking who were flooded by a pipe that busted inside of their facility. Direct One and our network engineers were able to successfully keep this client up and running even when this disaster occurred.
It is never too late to discuss and implement your business’s business continuity plan – Give us a call 503-496-0669.