Microsoft is ending support (EOS) for 3 mainstream products within 7 months:
- SQL Server 2008 (including R2) - July 9, 2019
- Windows Server 2008 (including R2) - January 14, 2020
- Windows 7 (all versions including Home, Pro, Ultimate) - January 14, 2020
If you haven't started planning your upgrade you are running out of time, as SQL Server 2008 "expires" in 3 weeks. To compound matters, we expect a line to start forming before long of companies that want to upgrade. And by December of this year, the line may snake out the door and around the corner.
Some older hardware is not compatible with the new software versions, and it requires time to design, order, and install new hardware and software, then migrate existing domain resources and data stores. An older modular chassis running virtual machines adds another layer of abstraction that may need upgrading and would add time and cost to the project.
Those of you who have already upgraded, well done. You are already benefiting from the many enhancements and performance boosts in the new releases, not to mention the increased security and full manufacturer support.
Those who are waiting, don't delay too long. If you consider that these products will become more vulnerable and less reliable following the EOS date, you could be gambling with high labor bills to combat infections that could have been prevented with a little planning and budgeting.
For a confidential discussion of your situation and a quote for recommended upgrades, give your Technology Partner a call.
The LeeShanok Team
Last week, Trend Micro detected PowerShell scripts that were downloading ENTSCRYPT (GermanWiper), a ransomware variant that makes file retrieval impossible. The malicious scripts are delivered through spam emails containing a Zipped file with embedded LNK, which overwrites the content of local files with zeros and changes the file extension to 5 random characters.
When complete, ENTSCRYPT opens a ransom note in German requesting US $1,500 Bitcoin in exchange for a decryption key.
Since the contents were overwritten with zeros, decrypting results in worthless files containing nothing but "000000000...", which has motivated some municipalities to adopt a "we don't pay ransoms" policy.
Trend Micro recommends the following defensive steps:
- Watch your inbox for suspicious emails with URLs or attachments inside, and avoid clicking on URLs or attachments.
- Verify your data backups to make sure you have adequate storage and recent backups have completed without error. It's always a good idea to perform a trial restore of files in various folders.
- Restrict access to important data and administration tools, and use group policy to automate and enforce access controls.
- Keep your firmware and operating systems updated with available patches, and be sure to upgrade operating systems and devices prior to EOS (end of support). Example, Windows Server 2008 and Windows 7 both go EOS on January 14, 2020, so start your upgrade planning now.
On July 29, 2019, US CISA (Cybersecurity and Infrastructure Security Agency) released a newsletter recommending immediate action to safeguard against ransomware attacks.
- Backup (now & daily) all critical business and system configuration information, verify the integrity and it's ability to restore, and keep the backup on a separate device with an offline copy as well.
- Train and re-train employees on recognizing threats and phishing emails, and on the importance of reporting anything suspicious.
- Create an Incident Response Plan to address attacks, what to do when internal capabilities are overwhelmed, how to request assistance and from whom, and keep handy a paper list of state agencies like CISA in case of attack.
- Restrict employees' permission to install software.
- Application-whitelist approved programs, and blacklist everything else.
- Use strong email spam filtering to detect threats and remove executable files.
- Block known malicious IP addresses and geo-fence off certain geographies.
Many US federal agencies collaborated and published How to Protect Your Networks from Ransomware that adds more important tips:
- Build awareness and train employees to watch out for and recognize phishing.
- Configure automatic disabling of macros embedded in Office files received or sent through email.
- Categorize data based on it's value to the organization, and use physical and logical segmentation of networks and data for each organizational unit.
- Conduct periodic penetration testing using a qualified service provider.
- Backup, then secure those backups in the cloud or physically off-line behind lock and key.
Your best defense against ransomware continues to be an informed and watchful human firewall, and in case something does get through, you need quality backups completed prior to an event. Contact LeeShanok for a confidential discussion of your situation and strategies.
Your Technology Partner,
The LeeShanok Team
IT News - Social Network Security
Threats to your social network aren't new, but the frequency and cleverness of attacks and the cost of repairs make it vital to keep your awareness fresh and defenses strong. Reacting to a breach can require far more time, effort and cost than preventing one.
Attacks come from:
- Viruses & Malware - Relies on users to share malicious links with their contacts, then replicates itself to other devices
- Ransomware - Encrypts user data demanding payment to unlock it
- Phishing - Impersonates social contacts to encourage execution of malicious code
- Spamming - Sends out numerous emails resulting in blacklisting
- Identity Theft - Gathering personal information from social networks, attackers assume your identity or the identity of your contacts
- Apps - Games, puzzles and quizzes can be given access to your profile and contacts and subsystems of your device (e.g. location, camera, microphone) without your knowledge
- CEO Fraud - Impersonates company executives and key employees so that lower level employees open emails, links and attachments
Visualize social network security like layers of an onion. Your network firewall is your first line of defense, scanning inbound and outbound internet traffic, filtering content and detecting intruders. An email spam filter scans and quarantines suspect inbound and outbound messages. Endpoint protection keeps malicious code from entering and running on devices we use, which includes computers, tablets and smart phones.
Inspect the privacy and security settings on your devices and in your email and social accounts, and use strong settings when available. Avoid installing new third-party applications from unknown vendors, and limit their access with your privacy and security settings. Limit the amount of personal information you post to sites, remembering that your posts will last a long time. And share with friends, but limit automatic sharing with "friends of friends". For those being especially targeted, most email providers offer Advanced Threat Protection for a few dollars per month per user.
The most effective protection is you, a vital link in the "human firewall". Look before you click, think before you open, verify before you trust. In your email client windows, look over the sender's email address and subject, and preview the message before opening it or picking any links or attachments. If something feels amiss, it probably is. Right click on the message and move it to "Junk" (spam) folder.
Contact us to schedule a free phishing security test of your employees, followed by our IT Security for the Common Worker lunch-n-learn workshop. There is no cost for either, other than several hours of labor to deliver these services.
Your Technology Partner,
LeeShanok Network Solutions
Monsoon Storms can cause...
- Shorts and Damage from WATER
- POWER Surges and Outages
- Failure from Excessive HEAT
WATER - In your server/comm room, look for gaps between floor, walls, and ceiling, and around conduit entry paths and terminations. Water will follow cables into rack-mounted and free-standing devices, then pool in low points on the floor. Being a good conductor with little resistance, water lets big current flow where it shouldn't, zapping components in it's path. Many solders, solder paste, flux, and copper trace material tends to corrode when water is introduced. Below is shredded fibrous material that fell from soaked ceiling tiles onto a rack mounted server, thankfully this is not one of our customers.
Water Prevention Tips for Server Room
- Avoid server room locations in basement or near exterior wall or wet walls with attached pipes.
- Mount all equipment in rack, raised off floor.
- Install fire-suppression system (FM200), cap off water-based sprinkler heads.
- Keep a roll of sheet plastic, duct tape, and silicone sealer handy.
- Silicone-seal gaps/holes in walls, floor, ceiling, hard-ceiling above drop ceiling.
- Consider water detection system in server room that sends alerts.
- Send maintenance up to patch holes and seams in roof above server room.
- Get rid of water and foam fire extinguishers and replace with Class C rated models using HaloCarbon, FE-36, Halon 1211 or C02, none of which leave liquid or residue.
- Cap off water-based sprinkler heads, but check with your local fire department for regulations.
POWER - Spikes, shorts, brown-outs and outages cause unplanned shutdowns at best, but can damage electronics, destroy data and cause extended downtime for a business. Often caused by lightning strikes or downed power lines, these can also be caused by electricity shorting through water paths, and when networking devices fail they can send power surges through connected cables, frying connected components along the way as shown below.
Tips to Avoid Power Issues
- Label all cables and cable-bundles in server rooms, and label all circuits in breaker box.
- Don't save money on Uninterruptible Power Supplies (UPS battery backups), rather budget and select a model based on it's quality and available power in VA. Available power should exceed the sum of power required by all devices to be plugged in.
- Inspect the health of batteries inside UPS devices using their front display or dashboard, and replace batteries nearing end of life.
- Make sure all server racks have a ground wire attached to building and earth ground.
HEAT - Monsoon storms are accompanied by excessive heat. As the surrounding temperature rises, so does the temperature near external walls and inside server rooms, where dust accumulates inside enclosures and airflow around components slows down.
Most electronic components have temperature sensors that notify when limits are exceeded, and can even initiate shutdowns to avoid damage. The best prevention is adequate airflow around the devices in a relatively dust-free environment, with all internal fans working well.
Here is a good thermal design with "cold aisles" supplying conditioned air through hot rack space and "hot aisles" exhausting the resulting heated air. Even a small fan directed at a hot device can provide adequate cooling, but should be used as a temporary measure until a better solution can be implemented. For more information on server closet/room cooling strategies, see APC/Schneider Electric’s – Cooling Strategies for IT Wiring Closets and Small Rooms.
Monsoon storms can be dramatic and so can the damage they leave behind. With a little attention before they start, you can protect your infrastructure, data and operations.
Your Technology Partner,
The LeeShanok Team
Microsoft bundles patches for distribution on the 2nd Tuesday each month, and August 2019 is particularly important with 93 vulnerabilities fixed. Four vulnerabilities allow execution of code on remote computers, and two of those take control of a computer then spread to other computers entirely on their own (https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/). The patches below are critical according to Microsoft, and affect the following operating systems:
- Windows 7 SP1
- Windows 8.1
- Windows 10 - all versions including Server
- Windows Server 2008 R2 SP1
- Windows Server 2012
- Windows Server 2012 R2
Some of our client firms delay or screen patches and updates, but it is important to patch these critical vulnerabilities. Here are links where you can download just the security patch or the bundle for your specific operating system right from Microsoft.
In addition, enabling Network Level Authentication (NLA) prevents the worm-like behavior, by preventing initiation of remote desktop connections until the user is authenticated. But this does not prevent remote code execution. You'll need the patches to prevent that.
For a confidential discussion of your situation or to get some help with these, give your Technology Partner a call.
The LeeShanok Team
Embracing the Age of Mobility
NOTE: This article was first published in 2014, but as you can see the concepts are just as relevant today.
Embracing The Age Of Mobility & The BYOD Workplace
In today's always-connected world, the time-honored separation of work and personal time is quickly disappearing. Mobile devices such as laptops, netbooks, tablets, and smartphones have fundamentally changed how all of us live and work.
With work no longer confined to a physical office space, or limited to traditional business hours, we’ve created an increasingly mobile and dispersed workforce capable of working anywhere at anytime. 3 out of 5 workers today no longer believe an office presence is necessary for a productive day’s work. By 2015, the IDCC estimates the U.S. will have over 200 million people working remotely.
By now, it’s obvious that BYOD (Bring- Your-Own-device) isn’t just another buzz-worthy acronym or a workplace trend that will eventually fade; it’s part of the complete restructuring of the conventional way we’ve worked up to this point.
There is simply no going back to the way we were. With or without company approval, employees prefer working from devices they own and are most comfortable with, meaning it’s out with yesterday’s loud, clunky and slow in-office desktop PCs and in with today’s feature-rich, on-the-go, employee-owned mobile devices.
Although many small-to-midsize businesses (SMBs) have fully embraced BYOD for its countless benefits, this proliferation of employee-owned devices accessing company databases, files, and email servers is unprecedented. It is also risky because it increases vulnerability to security breaches and data loss.
Which raises the question: are workplaces today responsibly ushering in BYOD with safety, security, and long-term adaptability in mind?
In this e-guide, we will examine the pros and cons of BYOD and outline five safe BYOD practices to ensure a safer and smoother transition into this age of mobility.
The Mainstreaming of BYOD
It’s hard to believe that just a decade ago work mobility was practically non-existent. We worked from cubicle farms with workstations and desktop PCs straight out of the movie Office Space. The office was our only access to the company network. Select employees might be provided with company-issued laptops with pre-loaded software useful for work. Perhaps they’d be trusted with FTP (File Transfer Protocol) privileges to access and transfer files to the server. Cell phones were actually just phones.
Even when BlackBerrys were introduced to the business world, allowing people to use a mobile handheld device to access their work email and manage their schedule for the very first time, the BlackBerry Enterprise Server made it easy for IT departments to configure and manage the device.
BlackBerrys eventually gave way to iPhones and Androids.
Laptops eventually gave way to iPads and tablets that combined laptop usability with smartphone portability.
Meanwhile, the number of public Wi-Fi hotspots grew, making employees eager to access their company network and work files from just about anywhere through their mobile device.
Today, BYOD has become the “new normal”. A recent poll of 1,021 small business owners in the United States found that 68% allowed employees to use personal devices for work. 79% of CIOs at businesses who aren’t encouraging BYOD believe employees access their network with unauthorized personal devices every day.
Initial resistance to the BYOD movement has proven to be futile. Gartner, a technology research firm, predicts that 90% of businesses and organizations will support the use of personal devices for work purposes by the end of 2014. And it certainly seems that more business owners today are seeing the upside of BYOD, which include…
- Increased Production - On average, it has been approximated that businesses gain 9 additional hours of productivity per week when employees use personal devices.
- Improved Service - The benefits of this increased production and greater flexibility naturally extend to clients and customers since mobility allows workers to resolve escalated issues or almost instantly reply to inquiries outside of normal work hours. It is common these days to receive an email response after 5pm with a “Sent from my iPhone” tagline at the bottom.
- Reduced Costs - Transferring IT hardware and equipment expenses to employees can save SMBs significant money. A study conducted by Cisco’s Internet Business Solutions projected that U.S. companies utilizing BYOD can save up to $3,150 per employee each year.
Datafrom Summer 2013 Cbeyond Business Leader Snapshot™ - Surveying 711 executives running businesses w/ less than 250 employees
Additionally, since consumers are drawn to the freshest technology, and the latest upgrade to their device of choice, businesses no longer have to budget to continually upgrade to keep up with technological advances.
In 2013, telecommunications and information technology service provider Cbeyond, Inc. conducted a blind survey of 711 C-level executives of firms with fewer than 250 employees. Their findings revealed that not only is BYOD more widely accepted today, but mobile devices have also become critical to day-to-day operations and essential to meeting business objectives. Many acknowledged that it would be a challenge to do business today otherwise. A fair share of executives felt their business couldn’t survive without mobile device usage.
One troubling aspect of the aforementioned report is 32% of the surveyed SMBs aren’t sure if their data is adequately protected. While they acknowledge that BYOD puts their organization at risk, just 22% of SMBs currently have a comprehensive BYOD policy in place to address mobile device usage and define data privileges extended to personal devices. Here are a few reasons this sets a dangerous precedent.
- Nearly a third of employees use more than one mobile device during a typical workday. It’s critical that organizations, especially small businesses, know what devices are accessing their network and whom they belong to.
- With the existence of public Wi-Fi hotspots at coffee shops, restaurants, hotels, convention centers, trains, and airports, inadequately secured mobile devices are constantly exposed to hackers monitoring traffic on open networks.According to data compiled by the Ponemon Institute, 59% of organizations have experienced a rise in malware infections linked to insecure mobile devices.
- BYOD makes SMBs increasingly susceptible to costly data breaches with 38% of these breaches occurring as the result of lost or stolen mobile devices. Verizon Business has estimated that 174 million records have been stolen in 855 data breaches linked to smartphones and tablets.
- There are more than 500,000 apps in the Apple App Store. The Android Marketplace has over 200,000 apps. The security controls in place to evaluate the safety of these applications are suspect and some apps having phishing screens, hidden spyware, and malware. This means the apps or clients being used to access enterprise content could put your data at risk.
The adoption of BYOD can be beneficial to small businesses but it shouldn’t compromise company or customer data. Developing a comprehensive BYOD policy minimizes risk while still granting full (and secure) access to the files and applications your employees need, regardless of where they are.
Five Tips to Save BYOD
1. Create a Mobile Device Policy and Enforce It
Don’t be afraid to spell out what employees are expected to do - and not do - with their mobile devices. It’s important to remember you aren’t only managing devices but people as well. This is where you define acceptable and unacceptable behaviors and make it clear that there will be no exceptions.
Clearly define what types of devices are allowed. While you want to support a mix of the devices employees are most likely to carry, a line has to be drawn somewhere to prevent things from becoming unmanageable. No company, especially a small one, needs to open up things to 30 mobile devices. Minimum standards for device age and capabilities should be set. Newer technology will obviously have better security features. For instance, anything before the iPhone 3G will not permit device-level encryption.
Every policy should address acceptable personal device use when it comes to web browsing, app downloads/usage, public Wi-Fi protocol, and data transmission/storage guidelines.
2. Keep Devices Locked & Password Protected
Your employees are using devices they take with them everywhere. You have no idea where they are at any given moment of the day. More importantly, you can only hope that their mobile device is either with them or stored away safely. Devices that aren’t password protected, which are left out in the open unattended, pose a huge risk.
Keep in mind that 46% of people who use their mobile device for work admit to letting others use it from time to time. Many devices have free built-in security controls such as locked screens, the ability to remotely wipe out the device after multiple successive failed authentication attempts, and even GPS trackability.
Passwords should be strong and frequently updated. Employees should also be advised to not keep written passwords lying around.
3. Immediately Disconnect Terminated Employees or Voluntary Leaves
Be sure to remotely wipe company data from the personal device of any employee who is terminated or voluntarily leaves the company. Ideally, this data should be retrieved. This is one reason a SMBs mobile device policy must address where employees are to edit and save files. Many SMBs these days require all files to be shared, edited, and saved on Cloud-based software like Dropbox.
4. Use Available Encryption Technologies
Business critical files, folders, and hard drives should be encrypted for reliable protection against unauthorized access. Encryption prevents sensitive data from being read by potential hackers as content is transferred to and from mobile devices.
5. Use a Mobile Device Management (MDM) Solution
MDM solutions are a cost-effective means to ensure that any mobile device accessing their network is identified, controlled, and monitored. This method of centralized management makes it easy to configure devices for enterprise access, stipulates password policy and encryption settings, locates and remotely clears and locks any lost or stolen device, automates security updates, and proactively identifies and resolves device or app issues.
Any potential return from the increased productivity and reduced operating costs associated with BYOD is nullified if sloppy management of these devices leads to expensive security breaches and data loss. While SMBs undoubtedly want to accommodate employees wishing to use their own devices, they must also guide them to acceptable and safe usage. Employees are likely to resist being told what to do with devices they own, but a secure BYOD environment is only possible if a mobile device policy is written and enforced with no exceptions whatsoever.
SMBs are encouraged to ease into BYOD a little at a time. Start with just a few employee-owned devices to test security and scalability. Always remember to keep your mobile device policy constantly updated and stay in front of emerging trends and approaching market releases.
Lancaster University has confirmed that it was “subject to a sophisticated and malicious phishing attack” which resulted in breaches of student and applicant data.
What You Can Do
This attack highlights how any organization is vulnerable to being hacked. Greater vigilance, education and sophisticated protection is required. Ensure strong firewalls, password policies and data encryption are in place. Educate your employees about cyber threats, such as phishing, and urge them to be cautious, especially with their personal devices when using them for work. Finally, if you haven't already done so, upgrade to SSL. Consult with a trusted managed services provider to learn more about how you can keep your data safe from hackers.Article Source
LeeShanok Network Solutions3877 N 7th Street | Suite 320 | Phoenix | Arizona | 85014
LeeShanok IT News: End-of-Support / End-of-Life
2019 is an important year in that some of the most popular operating system and productivity software revisions will reach End of Support in 2019 or 2020, after which security and reliability patches will no longer be released by the manufacturer. With perpetual licensing, your software will continue to run after the EOS date, but it will become increasingly vulnerable to malicious attacks and instability resulting in freezes or crashes. This progression is particularly risky with server and gateway class devices, which can impact an entire organization and take time to correct.
Many of these upgrades require project planning, financial outlay and resource downtime, so it's a good idea to begin planning up to a year in advance. If you are unsure of your situation, our team is available to help you evaluate and plan.
Red - Past End-of-Support, needs replacement ASAP.
Yellow - Reaching End-of-Support end of 2019 or beginning of 2020.
- MS Office 2003 is at end of support on April 8, 2014
- MS Office 2007 is at end of support on October 10, 2017
- MS Office 2010 is at end of support on October 13, 2020
- MS Office 2013 is at end of support on April 11, 2023
Desktop Operating Systems:
- Windows XP is at end of support on April 8, 2014
- Windows 7 is at end of support on January 14, 2020
- Windows 8 reached end of support on January 12, 2016
- Windows 8.1 is at end of support on January 10, 2023
- MS Exchange Server 2007 is at end of support on April 11, 2017
- MS Exchange Server 2010 is at end of support on January 14, 2020
- MS Exchange Server 2013 will reach end of support on April 11, 2023
- Windows Server 2003 is at end of support on July 1, 2015
- Windows Server 2008 R2 is at end of support on Jan 14, 2020
- Windows Server 2012 R2 will reach end of support on Oct 10, 2023
- Microsoft SQL Server 2008 is at end of support on July 9, 2010
- Microsoft SQL Server 2008 SP4 is at end of support on July 9, 2019
- Microsoft SQL Server 2008 R2(SP3) is at end of support on July 9, 2019
- Microsoft SQL Server 2012 (SP4) is at end of support on July 12, 2022
- Cisco SA520 is at end of support on April 30, 2016
- Cisco ASA5505 Firewall end of life, last date of to purchase extended support is November 20, 2021
- VMware ESXi 5.5 is at end of support on September 19, 2018
- VMware ESXi 6.0 is at end of support on March 12, 2020
- VMware ESXi 6.5, 6.7 is at end of support on November 15, 2021
- Wireless Access Points – Replace older models on 802.11a/b/g
- Cisco Aironet 1040, 1100, 1200, 1600 have all reached end of support
- Meraki MR16 is end of support on May 31, 2021
It's human nature to wait until the last minute, but these expirations affect everyone universally and concurrently, which will cause a "mad scramble" near the end of 2019. So please don't wait too long before contacting us for advice.
Your Technology Partner, The LeeShanok Team
Hurricane season is approaching! Wait, isn't a third of the U.S. drying out right now?
Most of us feel true sympathy for the communities of victims who did nothing to deserve such loss, and those appropriate emotions make us more vulnerable to disaster related scams. Following every disaster, malicious campaigns emerge to defraud those desiring to help the victims and communities, but the real loss is from the disaster victims who will never see a penny of those diverted donations.
Scammers will call, robocall, email and even knock on doors begging for financial assistance for those less fortunate. With sophistication they've gained from years of studying and impersonating legitimate campaigns, it can be difficult to tell the good from the bad.
Disaster Scam Tips
- It is illegal to excessively raise prices because of a disaster or severe weather FEMA.gov.
- Verify a charity on BBB's Wise Giving Alliance and IRS's Tax Exempt Organization Search.
- FEMA imposters may request access to home, money, or personal info. Always request to see FEMA issued photo ID badge.
- Do not pay up front for anything without verifying with supplying organization. Federal employees will never ask for or accept money.
- Do not give Social Security number or banking information to any contractor or federal employee, and FEMA will only require these when a person signs up for assistance.
- You will never be charged by FEMA employees for inspections or assistance.
- Verify a contractor's references and insist on written estimates, along with evidence of liability and worker's comp insurance.
- When you donate or pay for assistance, don't use cash, and get a receipt on their letterhead.
- Hang up on any robocalls about flood insurance. Policyholders can call 800-638-6620 (National Flood Insurance Program).
- Posts to social media can be verified with a call to the charity, using phone number obtained outside post.
- Review FEMA's Emergency Financial First Aid Kit.
Resources to help prepare for and respond to disasters
- HOPE Coalition America with FEMA --> (888) 388-4673
- Help filling out Financial First Aid Kit --> https://www.operationhope.org
- Preparation: https://www.ready.gov
- Assistance: https://www.disasterassistance.gov/
For a confidential discussion of your situation, followed by recommendations based on industry best practices, give your Technology Partner a call.