LeeShanok IT News: Website URL Scanning

LeeShanok IT News
Virtual Trade Show Invitation

Phishing and spam emails can use 2 methods to infect your computer, infected attachments, and URL links to malicious websites. Attachments can be saved to your local Downloads folder and scanned for threats prior to opening the file. However, it’s been more challenging to evaluate URL links for threats on the remote website.

Web-based URL scanning services have become commonplace to test links in an email you’ve received. Better to test the URL before you use a web browser to go to a malicious website, which can download malicious content that can infect your computer. There are good URL scanners, and at least one to stay away from.

Risky URL Scanner:
  ScanUI  (https://urlscan.io)    DO NOT USE!

First, notice the “Recent Screenshots” section? These are available publicly and will often contain various screenshots from sessions running on the website or server, some of which may contain snips of spreadsheets and other work being done in connected sessions. Confidential information can be scraped from these screenshots by anyone, as they are made available publicly.

Second, notice the “Recent Scans” section? All scans of a website or server are made publicly available, and each recent scan may contain screen shots of connected sessions during the time of that scan.

This site should be avoided, and under no circumstances should you ever enter your own company website or server into urlscan.io. A better alternative would be to use the following “good” URL scan site.

Good URL Scanner:  VirusTotal  (https://www.virustotal.com/gui/home/url)

Your technology Partner,

The LeeShanok Team

Phoenix: 602-277-5757 | Tucson 520-888-9122 | itsupport@leeshanok.com

Virtual Trade Show Invitation

LeeShanok IT News
Virtual Trade Show Invitation

The AZ Tech Council hosts their annual “Tech & Business Expo”, a trade show normally at Tucson Convention Center that includes lots of interesting presentations, workshops, and vendor booths. This year with COVID-19, the event is going virtual and being entirely held inside the Verbela Open Campus platform. Navigating and communicating inside the event involves customizing an Avatar, and by using computer speakers and microphone a participant can speak with and listen to others in the event. Want to listen to a presentation? Just navigate your Avatar into the auditorium, sit down, and watch and listen to the presentation. The keynote speaker is from Raytheon sharing “Vision with Precision for Arizona and the Globe”.

LeeShanok’s team will be hosting a booth (called a “private room”) where we’ll be available to discuss technology ideas and best practices with attendees. We will have flyers on various topics available that you can download to your computer. We also will hold a post-event raffle of a $250 Amazon Gift Certificate, and a handful of $50 Certificates as well. To be entered into the raffle, attendees will need to take a screen snip of our private room and email that to us.

For members of AZ Tech Council, registration costs $20, and for non-members it’s $40.

Virtual Booth Exhibition Hall

Auditorium for Presentations

My Avatar in Auditorium

Overview and Registration

We believe that virtual events are the wave of the future, reducing the need to travel while  enabling effective engagement and interaction within the event.

Come see us at our booth, and keep fingers crossed during our raffle.

Your technology Partner,

The LeeShanok Team

Phoenix: 602-277-5757 | Tucson 520-888-9122 | itsupport@leeshanok.com

Microsoft Exchange 2010 End of Life

Microsoft Exchange 2010 End of Life

Microsoft Exchange 2010 is reaching End of Support on October 13, 2020, the final step in the software’s life cycle. Though the software will continue to function after this date, Microsoft will stop providing any patches and updates, nor will they provide technical support or time zone updates.

Companies who’s email domain is hosted on Microsoft (Office) 365 with Exchange Online are not affected.

Migration alternatives are:

  • Microsoft 365 with Exchange Online
  • Microsoft Exchange 2016

Prior to October 13, 2020, you can migrate directly to Microsoft 365. But after this date, you will have to first migrate to Exchange 2016, then migrate to Microsoft 365.

Microsoft’s full report is found here:  https://docs.microsoft.com/en-us/microsoft-365/enterprise/exchange-2010-end-of-support?view=o365-worldwide

What should you do now ?

  1. First contact your account manager at LeeShanok to discuss your email server
  2. We will determine if you’ll need additional licensing and provide a quote with licensing and labor needed
  3. Then we’ll prepare for and perform your migration

From then on, you can be more at ease with a supported and secure email platform on into the future.

Your technology Partner,

The LeeShanok Team

Phoenix: 602-277-5757 | Tucson: 520-888-9122 | itsupport@leeshanok.com

LeeShanok IT News: Microsoft 365 Conditional Access

LeeShanok IT News:
Microsoft 365 Conditional Access

Access to your company domain and data stores may be controlled by sophisticated next-generation firewalls and access policies. But what about your remote and home-based workers who connect to your Microsoft Azure Active Directory, On-premise Exchange and Exchange Online, SharePoint Online, Teams, or Dynamics using their own devices and sitting in various locations? If they use an older device and connect through a public Wi-fi hotspot, there are numerous risks that your on-premise edge protection never gets the chance to evaluate.

Microsoft now provides Conditional Access controls that provide “zero trust” evaluation of all conditions or signals with enforcement of consistently applied and pre-determined access policies, providing protection from any user with any device at any location using any browser or app and accessing any data store.

Here is a simple model:

Conditions or Signals can include:

  • Sign-in attempt
  • User credentials
  • Device (including mobile phones)
  • Location (example: outside the U.S.)
  • Client Apps (examples: web browser, email client)
  • Mobile device

Enforced access policies can include:

  • Require MFA (multi-factor authentication)
  • Block legacy authentication
  • Block access by location
  • Require compliant devices
  • Require compliant operating systems
  • Block access except for specific apps

Policy enforcement can require:

  • User must satisfy policy BEFORE accessing calling app
  • User signs in to calling app, then policy is enforced

This structure can plug holes in out of date (legacy) policies. One legacy policy may allow senior staff members easy access to sensitive data once they’ve authenticated into your domain. This may be fine if they are using their office computer inside your firewall, but what if they are using an old laptop running Windows 7 in a public Wi-fi hotspot? There are multiple vulnerabilities present with this access attempt. Serious risk would also occur if that employee’s credentials were stolen, which an imposter could then use to gain access to the domain for easy access to anything, including your most sensitive data.

Zero-trust Conditional Access evaluates every connection attempt regardless of privilege, and after the condition or signal is evaluated successfully, the access policy is applied to that user’s connection, and if successful they are granted access to certain data by the app, device, and location being used for that one session.

This may sound inconvenient to senior staff whose time is valuable, but it happens very fast and is mostly un-noticeable. One common policy is to require MFA for every access attempt, regardless of user, device, or location. In today’s world where staff may work in the office, from home, at a restaurant, or the airport, it controls every access attempt according to policies that make sense for your business.

Requirements may include additional Microsoft licenses, however, these may already be bundled with Microsoft/Office 365, Azure AD, Intune, or Enterprise Mobility and Security Suite licensing that you already own.

  1. First, contact your account manager at LeeShanok to let us know you’re interested
  2. We will determine if you’ll need additional licensing, but many of our managed client firms already have all that’s needed
  3. Our team will ask you some questions, gather information, and design your Conditional Access
  4. Finally, we’ll set up the controls and implement the designed structure

From then on, you can be more at ease with the increased security to your domain, accounts, apps, and data.

Your technology Partner,
The LeeShanok Team

  • 1
  • 2