Description

Complying with General Data Protection Regulation (GDPR), video-sharing platform Dailymotion disclosed to France's Commission Nationale de l'Informatique et des Libertés (CNIL) on Friday that it suffered a credential-stuffing attack.


What You Can Do

Ensure strong firewalls, password policies and data encryption are in place. Educate your employees about cyber threats such as phishing and urge them to be cautious. Upgrade to SSL if you haven't already done so. Consult with a trusted MSP to learn more about how you can keep your data safe from attackers.

Article Source

LeeShanok Network Solutions

3877 N 7th Street | Suite 320 | Phoenix | Arizona | 85014
BRatia@leeshanok.com

Did you know that power outages are a leading cause of business downtime? According to Inside Energy, power outages are 4X more common today than they were fifteen years ago.

Power outages by the numbers:

  • 80% of outages are caused by the weather
  • 20% of outages are due to human error and equipment failure
  • Outages cost U.S. businesses $150 million per year

Mother nature and human error can cost you thousands unless you have a plan in place to quickly get back to business. Check out this infographic today to learn more about the state of the U.S. power grid and how to ensure your business stays on if the power goes out.

The State of the U.S.
Power Grid Infographic

LeeShanok Network Solutions

3877 N 7th Street | Suite 320 | Phoenix | Arizona | 85014
BRatia@leeshanok.com

This is our second newsletter highlighting the IoT (Internet of Things), a worldwide network of devices that communicate with one another as they collect, analyze, share and store data collected from sensors. This can be beneficial when used by hospitals to monitor patients, and by governments to monitor traffic, pollution or weather. But the balance tips when the collected data is personal in nature or the receiver of the data has unethical or malicious intent.

There are trust challenges with these devices, which tend to have weak or no authentication but which still connect to protected domains. This allows anyone holding one of these devices to gain privileged access to storage, email and cloud accounts, and other aspects of the "secure" network. Here are 4 recommendations to consider:

Select Network Equipment from Magic Quadrant Leaders

Gartner Group's 2018 report Magic Quadrant for the Wired and Wireless LAN Access Infrastructure lists 3 leaders: Cisco, HP Enterprise, and Extreme Networks. Only these 3 are both visionary with a strong ability to execute. Other providers are visionary, but slow to execute on new ideas, while the rest are followers without much ability to execute.

Cisco Validated Designs (CVDs) provides a design foundation for a broad set of technologies, features, and applications. Every aspect has been thoroughly tested and documented, helping ensure a deployment that's faster, more reliable, cost effective, and predictable. Check out Cisco's Remote and Mobile Assets CVD.

Identify Connected IoT Devices

This can be challenging, as devices may identify themselves with cryptic strings and no manufacturer or product identifiers. Device sniffing tools like Angry IP Scanner will provide snapshots of connected devices, and device-visibility software like ForeScout can provide real-time 100% device identification and control. wikiHow details several ways to Identify Connected Devices.

Segment IoT Networks

Splitting a computer network into VLANs (sub-networks) boosts performance and security, both being important as quantities of IoT devices are predicted to surpass PCs and laptops in 2020. Cisco provides a good video overview of Network Visibility and Segmentation.

Monitor and Manage Network Traffic

There are tools available to monitor and manage network traffic, but most are focused on performance and reliability. Here is a recent diagram of network protocols used by various IoT industries and use models. As you can see, there is complexity at all layers that must be sorted through to gain understanding. Give LeeShanok a call to help with IoT monitoring and management.

Watch for our next IoT newsletter, where we'll focus on IoT in select industries, Industrial and Manufacturing environments being one of the first in our series.

Your Technology Partner,

LeeShanok Network Solutions

itsupport@leeshanok.com
Tucson: 520.888.9122 | Phoenix: 602.277.5757

CompTIA Managed Services TrustmarkTM signifies commitment to industry best practices

Phoenix, AZ - February 5, 2019 - LeeShanok, a Managed IT and Cloud Technology Provider, announced today it has received the CompTIA Managed Services Trustmark™, a respected industry credential that signifies its adherence to best practices for technology service delivery and customer interaction.

“Earning this credential identifies LeeShanok as a business that meets or exceeds the best business practices the IT industry has to offer,” said Nancy Hammervik, senior vice president, industry relations, CompTIA. “This includes managed services agreements, standard operating procedures, systems and tools for delivering services and general business operations.”

The Trustmark was developed by CompTIA, the non-profit association for the information technology industry, in collaboration with industry experts and leaders, to identify businesses that have made a commitment to the highest levels of integrity and sustained quality service.

"Attaining this level of accreditation is an important achievement for our company," states Eric LeeShanok, President of LeeShanok Network Solutions. "As a Managed IT partner, it is important that our team continually strives to improve our processes, best practices and meet industry compliances. We appreciate that CompTIA has reviewed our company to be trustworthy to have the Managed Services Trustmark credentials. Our clients rightfully expect and deserves to be serviced by a Technology Partner that abide by a code of conduct with integrity. It is a trust and a partnership we take very seriously."

To earn the CompTIA Managed Services Trustmark, LeeShanok was evaluated on several aspects of their business operations, including organizational structure, technology tools and systems they utilize, standard operating procedures and IT service specific activities. The company also committed to abiding by a code of conduct and provided customer references.

Visit CompTIA Managed Services Trustmark to learn more.

About LeeShanok

LeeShanok Network Solutions is committed to providing leading Managed information technologies with Expertise, Efficiency, and Excellence. World class customer service is our number one priority. We are a full service Managed IT and Cloud Provider that guarantees the best end results with system reliability with our proven company processes and technologies. We believe in using innovative network technology to improve business communications and optimize business operations. We believe in supporting industry standard technologies to accomplish our mission. We provide a “Higher Level of Information Technology”.

About CompTIA

CompTIA is the voice of the world’s information technology (IT) industry. Its members are the companies at the forefront of innovation; and the professionals responsible for maximizing the benefits organizations receive from their investments in technology. CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy. Visit http://www.comptia.org/home.aspx or follow CompTIA at http://www.facebook.com/CompTIA and twitter.com/comptia.

Contacts:

Eric LeeShanok
President
LeeShanok Network Solutions
602-277-5757

Description

Another ransomware attack has struck - This time the massive attack targeted AriZona Beverages. AriZona Beverages may have been relying on age-old IT systems. In light of this, the news that AriZona Beverages was hit with a ransomware attack last month, and subsequently has spent a fortnight rebuilding its network, might not come as a massive shock to some.


What You Can Do

This is one of the trickiest cyber threats out there because just relying on routine backups may be enough to not protect your business. Backups need to be clean and have been done prior to infection. Discuss your backup architecture with a professional to be sure you are truly creating a clean version of your data each time it is stored in backup. A managed plan can do this for you regularly.

Article Source

LeeShanok Network Solutions

3877 N 7th Street | Suite 320 | Phoenix | Arizona | 85014
BRatia@leeshanok.com

LeeShanok IT News: End-of-Support / End-of-Life


2019 is an important year in that some of the most popular operating system and productivity software revisions will reach End of Support in 2019 or 2020, after which security and reliability patches will no longer be released by the manufacturer. With perpetual licensing, your software will continue to run after the EOS date, but it will become increasingly vulnerable to malicious attacks and instability resulting in freezes or crashes. This progression is particularly risky with server and gateway class devices, which can impact an entire organization and take time to correct.

Many of these upgrades require project planning, financial outlay and resource downtime, so it's a good idea to begin planning up to a year in advance. If you are unsure of your situation, our team is available to help you evaluate and plan.

Legend:
Red - Past End-of-Support, needs replacement ASAP.
Yellow - Reaching End-of-Support end of 2019 or beginning of 2020.

Business Applications:

  • MS Office 2003 is at end of support on April 8, 2014
  • MS Office 2007 is at end of support on October 10, 2017
  • MS Office 2010 is at end of support on October 13, 2020
  • MS Office 2013 is at end of support on April 11, 2023

Desktop Operating Systems:

  • Windows XP is at end of support on April 8, 2014
  • Windows 7 is at end of support on January 14, 2020
  • Windows 8 reached end of support on January 12, 2016
  • Windows 8.1 is at end of support on January 10, 2023

Servers:

  • MS Exchange Server 2007 is at end of support on April 11, 2017
  • MS Exchange Server 2010 is at end of support on January 14, 2020
  • MS Exchange Server 2013 will reach end of support on April 11, 2023
  • Windows Server 2003 is at end of support on July 1, 2015
  • Windows Server 2008 R2 is at end of support on Jan 14, 2020
  • Windows Server 2012 R2 will reach end of support on Oct 10, 2023
  • Microsoft SQL Server 2008 is at end of support on July 9, 2010
  • Microsoft SQL Server 2008 SP4 is at end of support on July 9, 2019
  • Microsoft SQL Server 2008 R2(SP3) is at end of support on July 9, 2019
  • Microsoft SQL Server 2012 (SP4) is at end of support on July 12, 2022

Security Devices:

  • Cisco SA520 is at end of support on April 30, 2016
  • Cisco ASA5505 Firewall end of life, last date of to purchase extended support is November 20, 2021

Virtualization:

  • VMware ESXi 5.5 is at end of support on September 19, 2018
  • VMware ESXi 6.0 is at end of support on March 12, 2020
  • VMware ESXi 6.5, 6.7 is at end of support on November 15, 2021

Wireless Infrastructure:

  • Wireless Access Points – Replace older models on 802.11a/b/g
  • Cisco Aironet 1040, 1100, 1200, 1600 have all reached end of support
  • Meraki MR16 is end of support on May 31, 2021

It's human nature to wait until the last minute, but these expirations affect everyone universally and concurrently, which will cause a "mad scramble" near the end of 2019. So please don't wait too long before contacting us for advice.

Your Technology Partner, The LeeShanok Team

itsupport@leeshanok.com
Tucson: 520.888.9122
Phoenix: 602.277.5757

IT News - Chrome Vulnerability

When you prepare to leave work, do you shut down or restart your computer?

If not, it's unlikely you restart it when you arrive at work either, meaning Windows and your web browsers continue running un-patched and un-protected. This is a problem with the newest zero-day vulnerability in Google's Chrome web browser, and Malwarebytes warns ... "Considering how many users keep Chrome and all their tabs opened for days or even weeks without ever restarting the browser, the security impact is real." 0 PC Magazine echos the caution: "If you don't close Chrome, updates will not be applied." 1

To complete installation of many Windows patches, you must restart your computer. Updates to Chrome usually remind the user to restart the app, but more significant Chrome patches also require restarting your computer.

You ask "What about my tabs, I use the same tabs every day?" Chrome saves open tabs when you restart the app with the "chrome://restart" command, or restart your computer while Chrome is still running. Still not convinced? Start Chrome, open several tabs, then in the address field, type "chrome://restart" and watch the magic. Chrome will shutdown and restart, restoring all previously opened tabs.

Now let's update Chrome.

Update Chrome on Windows PC or Apple Mac

If Chrome has an available update, it will begin applying it immediately.

After updating, always restart Chrome. Better yet, restart your computer by typing in Chrome's address field type "chrome://restart" which will save and recreate your open tabs. When Chrome restarts, in the address field type "chrome://help".

Update Chrome on iPhone, iPad

You may have your apps set to update automatically, but it's wise to verify this patch. Settings > iTunes & App Store > Updates. Make sure it's green and enabled as shown.

Then open App Store and apply update to Chrome if available.

Update Chrome on Android

Settings > Google Play Store > My Apps & Games



If the button is labelled [OPEN], your Chrome already has the latest update. But if you see [UPDATE], click it to update Chrome.


Your Technology Partner,

LeeShanok Network Solutions

itsupport@leeshanok.com
Tucson: 520.888.9122 | Phoenix: 602.277.5757

0 Google Chrome zero-day: Now is the time to update and restart your browser
1 How to Update Google Chrome

In early 2018 LeeShanok Network Solutions was chosen from a variety of competitors to manage the technology infrastructure of Reid Park Zoo (https://reidparkzoo.org/) and Reid Park Zoological Society.

There were many challenges to overcome as we designed and upgraded their technology infrastructure and campus-wide WiFi, but together we persevered and prevailed. Their CEO talks about their experiences in the following video testimonial (https://www.leeshanok.com/reid-park-zoo/).

Our local world-class zoo has lots of scheduled events that would be fun for team-building as well as family time (https://reidparkzoo.org/events/). We are happy to be partners with these two outstanding organizations, and to assist their team with the enrichment they bring to our community!

Your Technology Partner,

The Leeshanok Team

3877 N 7th Street | Suite 320 | Phoenix | Arizona | 85014
Tucson: 520.888.91222 | Phoenix: 602.277.5757

IT News - Social Network Security

Threats to your social network aren't new, but the frequency and cleverness of attacks and the cost of repairs make it vital to keep your awareness fresh and defenses strong. Reacting to a breach can require far more time, effort and cost than preventing one.

Attacks come from:

  • Viruses & Malware - Relies on users to share malicious links with their contacts, then replicates itself to other devices
  • Ransomware - Encrypts user data demanding payment to unlock it
  • Phishing - Impersonates social contacts to encourage execution of malicious code
  • Spamming - Sends out numerous emails resulting in blacklisting
  • Identity Theft - Gathering personal information from social networks, attackers assume your identity or the identity of your contacts
  • Apps - Games, puzzles and quizzes can be given access to your profile and contacts and subsystems of your device (e.g. location, camera, microphone) without your knowledge
  • CEO Fraud - Impersonates company executives and key employees so that lower level employees open emails, links and attachments

Visualize social network security like layers of an onion. Your network firewall is your first line of defense, scanning inbound and outbound internet traffic, filtering content and detecting intruders. An email spam filter scans and quarantines suspect inbound and outbound messages. Endpoint protection keeps malicious code from entering and running on devices we use, which includes computers, tablets and smart phones.

Inspect the privacy and security settings on your devices and in your email and social accounts, and use strong settings when available. Avoid installing new third-party applications from unknown vendors, and limit their access with your privacy and security settings. Limit the amount of personal information you post to sites, remembering that your posts will last a long time. And share with friends, but limit automatic sharing with "friends of friends". For those being especially targeted, most email providers offer Advanced Threat Protection for a few dollars per month per user.

The most effective protection is you, a vital link in the "human firewall". Look before you click, think before you open, verify before you trust. In your email client windows, look over the sender's email address and subject, and preview the message before opening it or picking any links or attachments. If something feels amiss, it probably is. Right click on the message and move it to "Junk" (spam) folder.

Contact us to schedule a free phishing security test of your employees, followed by our IT Security for the Common Worker lunch-n-learn workshop. There is no cost for either, other than several hours of labor to deliver these services.


Your Technology Partner,

LeeShanok Network Solutions

Tucson: 520.888.9122 | Phoenix: 602.277.5757

SCROLL TO TOP