This blog post is more about the use of retail routers at the office than at home, just to make that clear from the beginning. We would also recommend non-retail routers at home, but that is not feasible for everyone.
What is a retail router?
This is a phrase I am coining to describe any router that is generally available from your local retailers like Staples, Walmart, etc or delivered as part of the internet service from your local provider. They include brand names like ASUS, D-Link, Linksys, and Netgear. They range in price from $30 for the extreme low end to $450 for a gaming router. These routers are built for home and small office networks that have very few users or devices connected at any given time. They may include some features that sound “business-like” such as Virtual Private Network (VPN), Stateful Packet Inspection (SPI), VLAN, and Quality of Service (QoS) – remember though that these are also only able to support a minimum number of users and devices connected at any given time. If you try to use a retail router to run your business network then you will find that performance will be severely degraded and these features will not work as advertised.
There is also the issue of security. These routers are rarely if ever updated even when new vulnerabilities are found. This makes them ineligible for PCI or HIPAA compliance situations.
Is there a non-retail router?
So what to do about this situation? Time to call your trusted IT services provider who will be able to get you a non-retail router, but that begs the question – what is a non-retail router?
These routers are built by network professionals who design the hardware to perform under the pressures of the office environment and to handle the work from home remote workload. These routers include brands like Cisco, Juniper, Ubiquiti, and Araknis. They range in price from $150 for an office of up to 5 people to $10,000 for a high traffic company with hundreds of users. These routers handle VPN, SPI, VLAN, QoS, and many other services all at once with ease. Security is baked into these routers with the best ones having the ability to be managed from the cloud. They provide consistent access to all connected users and devices at all times. Your trusted IT services provider will work with you to “right size” the router to your business needs.
If your company is going to have full time work from home employees and is concerned about their ability to perform, then contact us for assistance.
The Federal Trade Commission (FTC) has agreed with Zoom to settle their allegations that it “engaged in a series of deceptive and unfair practices that undermined the security of its users.”
The conditions put forth by the settlement The FTC complaint said that:
Since at least 2016, the company misled users by touting that it offered “end-to-end, 256-bit encryption” to secure users’ communications, when in fact it provided a lower level of security, i.e., it encrypted communications but stored the encryption keys on its servers
The company misled users by saying that recorded meetings that were stored on the company’s cloud storage were encrypted immediately after the meeting ended, which was untrue in some cases
In July 2018, the company compromised the security of some users when it secretly installed a hidden web server on Macs that helped with frictionless installation of the Zoom application
The settlement does not oblige Zoom to admit fault or pay a fine, but obligates it to:
Refrain from misrepresenting privacy and security practices, including about how it collects, uses, maintains, or discloses personal information; its security features; and the extent to which users can control the privacy or security of their personal information
Implement a comprehensive information security program and obtain biennial assessments of its security program by an independent third party and notify the FTC if it experiences a data breach
Implement a vulnerability management program
Assess and document on an annual basis any potential internal and external security risks and develop ways to safeguard against such risks Deploy safeguards such as MFA to protect against unauthorized access to its network; institute data deletion controls; and take steps to prevent the use of known compromised user credentials
Review any software updates for security flaws and ensure the updates will not hamper third-party security features
Quoted from https://www.helpnetsecurity.com/2020/11/10/ftc-zoom/
If your company is going to use video conferencing to assist with work from home or to remotely connect with clients, then contact us for assistance.
A company named Arctic Wolf, a leader in enterprise security operation centers, published a report that states that the number of corporate credentials with plaintext passwords on the dark web has increased by 429% since March.
There are also startling statistics on the increase in email phishing attempts and the use of unsecure public wireless connections. These numbers are like due to the Work From Home employees using their own insecure computers and cyber criminals trying to take advantage of the trend. It appears that security measures that are used in the office need to be extended to the Work From Home network as well.
If your company is currently or is going to have Work From Home users, then contact us for assistance.
Farmhouse Networking continues to make strides in providing our customers with the best, most cost effective, and environmentally friendly computing experience possible. Part of that process is what has come to be known as Lifecycle Management. Each piece of hardware has an expected amount of time in which it is cost effective to use and support it. Once this time frame has been exceeded the cost of supporting the device becomes greater than the cost as shown in the following graph:
FHN Lifecycle Management
So the question remains what to do with the old computers when the time comes to replace them. Previously here in Grants Pass, OR we could support a local charity by taking them to Southern Oregon Aspire to have the computers dismantled and hard drives shredded. Now that their doors are closed we are stuck with dropping them off at the local dump, but what if you could make money while being responsible with the environment?
Farmhouse Networking is now partnering with a company called Arcoa, who do just that. Here is what they do in their R2 rated responsible recycling facility:
“We help you recover value from retired electronic equipment through responsible methods of reuse and recycling. Resale offers the best potential for value recovery, but the fast pace of innovations in technology and short product life cycles can limit equipment’s potential for reuse. From there, the best option may be to recycle the items in an environmentally friendly manner. We’ve built a robust de-manufacturing process to offer additional options for asset value recovery by disassembling equipment for commodity grade materials, which can be diverted from landfills and be used to create new materials.”
Hard drives will be electronically wiped, magnetically degaussed, or shredded based on need. The rest of the parts will be dismantled and sold with part of the profit returning to your company to help offset the cost of buying new computers. What could be better than making money on the buy?
If your company is heading towards a hardware refresh, then make the environmentally sound choice by contacting us for assistance.
According to the Microsoft Office 365 development roadmap, an exciting new feature is coming to Microsoft Teams:
“Cortana is coming to the Teams mobile app, using AI and the Microsoft Graph to provide voice assistance in Teams. To stay connected to your team even when you have your hands full, click the microphone button on the top right and ask Cortana to make a call, join a meeting, send chat messages, share files, and more. These voice assistance experiences are delivered using Cortana enterprise-grade services that meet Microsoft 365 privacy, security and compliance commitments. Cortana will be available in the Teams mobile app on iOS and Android in the coming weeks for Microsoft 365 Enterprise users in the U.S. in English.”
If your company is looking to collaborate with your office effectively, then contact us for assistance.
Office 365 has had the option to create resources, either equipment or rooms, that can be scheduled. Setup is fairly easy inside the Office 365 Admin console and you get to choose several options:
Select Room or Equipment, give it a name, an email address (no license required), and set the capacity. Once setup it is easy to use:
How can you tell when the room or equipment is available?
Open Outlook and create a new meeting. Add the room or equipment to the meeting as if it were a person and select Scheduling Assistant to see a live calendar view of the room or equipment’s availability. If the hour slot is clear, it’s available; if it’s blue, it’s reserved.
If your company needs help setting up Office 365 Equipment & Room Calendars, then contact us for assistance.
In this unprecedented time that we are currently experiencing, you have had to set your team up to work remotely, often without thinking about how they might actually get work done, let alone security of all things. Our employee checklist and no-cost cybersecurity training course will provide your team with the tools they need to ensure that they are safe and productive – right out of the gate. These free resources are part of our initiative to keep our community safe and working during this time of crisis, without the additional disruption and financial impact of a breach.
Don’t let a change in circumstance allow for a change in cybersecurity standards.
According to the executive order made by Oregon State Governer, Kate Brown:“On Friday night, I frankly directed them to stay home. And now I am ordering them to stay home.”
The following guidelines are in effect for businesses:
It closes and prohibits shopping at specific categories of retail businesses, for which close personal contact is difficult to avoid, such as arcades, barber shops, hair salons, gyms and fitness studios, skating rinks, theaters, and yoga studios.
It requires businesses not closed by the order to implement social distancing policies in order to remain open, and requires workplaces to implement teleworking and work-at-home options when possible. They must also elect a representative who will be in charge of monitoring social distancing.
What FHN is doing?
FREE Remote Access – Just a re-iteration that all our monthly managed services clients will have remote access to their systems at no additional cost. If you are not a managed client then we can set you up with secure remote access to your data or network depending on need. Please call sooner rather than later as we have to take care of our managed clients first and there may be a wait at this point.
On-site support continues – At this time there is no restrictions on service industries who perform on-site visits to complete work, so Farmhouse Networking will continue to do so for the foreseeable future. We will be taking precautions such as protective masks, gloves, or perhaps more extreme measures (hazmat suit) to insure the safety of our staff and clients. We ask that clients keep these visits to emergency needs and planned projects until these social distancing rules are lifted.
Stocking up on essentials – We have been closely monitoring our distribution channels and several of them have been stating that non-essential items would take up to one month to receive. As a courtesy to our clients and to better service them in times of emergency IT needs, we will be stocking up on computer and network parts that are most often needed.
What should clients do?
Remote workers – Send unneeded on-site staff home to work remotely. With remote access capabilities, video conferencing, and VoIP phones – there is no reason to keep them in harms way. We are experts in these technologies and can get you up and running on them quickly.
Maintain infrastructure – For remote workers to be able to get access to their computers there needs to be a solid foundation at the business location.
Workstations, servers, and network equipment should be on battery backups to keep them from going offline unnecessarily due to power fluctuations – triggering a need to go into the office.
Is part of your network over 6 years old? Now may be the time to replace the network equipment to avoid downtime and unneeded office visits in the future.
Now more than ever backups are needed in case anything should go wrong. Recovery times are bound to be increased as the lock down on businesses increases.
Don’t forget to leave the A/C on especially if you have a server closet, they work better in cooler temperatures.
Planning – With a possible slowdown in business now is the time to take stock of your company, to get used to this new normal, and make plans for the long term implications of this craziness on our businesses.
If your company needs any help weathering the COVID-19 storm, then contact us for assistance.
When it comes to phone service there is not much difference between providers. They all bring dial tone to your business and route calls to their destination. They all provide the same set of features that users have come to know and use.
What Makes Farmhouse Networking Different
No Introductory Rates: Most local providers will offer an attractive introductory rate to get your business. The only bad part is after one years time you are automatically changed to the regular price which is often $10-$20 more per line.
No Installation Costs: As we are a growing provider of phone services, anyone signing up for phone service with us this year will have no installation costs.
No Bogus Taxes or Fees: We have looked at phone bills from the major local providers and each of them has some bogus tax or fee added to the phone bill. (The only valid ones are Telecommunications Relay Service, Telephone Assistance Program, the Telecommunications Devices Access Program, E911 (VoIP), FCC Regulatory Fee (VoIP), FUSF (VoIP), and P.U.C. Fee – in case you were wondering)
Phone Costs: Unlike computers, there is no reason why you need to buy brand new phones. There are vendor programs that sell re-conditioned phones at much lower costs and they work just as good as the new ones. There is also leasing options available to help ease the pain of purchasing phones too.
Our Prices: We are not out to gouge our clients or nickel / dime them to death as you have already read. The only question now is how much do we charge? For the standard user, the cost of a phone line is only $29.95 per month. The cost of a standard fax line is only $22.50 per month.
Extra Features: We have several features that most of the other providers just don’t. A customer portal that clients can use to chat with fellow employees, check voicemails, track expenses, and make other account changes. A mobile app that can be used to turn your smart phone into an extension of your desk phone and more. Also failover to another phone number – if the power or internet is out you can have your calls routed to any other phone.
If your company uses phones for business, then contact us to see the true difference.
Farmhouse Networking has had a long standing policy that we do not keep a record of client passwords (except when needed for device administration). That is about to change, but before we talk about our new password policy let’s talk password storage:
Common Password Storage
Here are some popular places where many businesses store their passwords that make them very vulnerable to being stolen.
Passwords written on paper (that are not under lock and key):
On your desk under your keyboard (or taped underneath)
Under your stapler or desk decorations
On sticky notes stuck to your monitor or desk
On a scrap of paper on your desk or in a drawer
In a notebook or address book
In a old-fashioned Rolodex file
Paper printouts or photocopies of your passwords
Anyone with access to your office could easily find and steal passwords stored like this.
Passwords stored in your computer (without using encryption):
Remembered in your web browser
A document called “Passwords” that you’ve created anywhere on your computer, perhaps using Microsoft Word or Excel
A document with any other name on your computer (including the password as the name)
Email drafts that you’ve created (but not sent) containing password information
Anyone with access to your computer could easily find and steal passwords stored like this, including both a person with physical access to it as well as a virus or hacker gaining access via the internet, or scamming you into granting them access, even once.
Passwords stored in your smartphone or tablet (without using encryption):
Electronic “Notes” containing password information
Other documents or emails similar to the ones listed in computer storage above
Anyone with access to your device could easily find and steal passwords stored like this.
Passwords sent via regular (insecure) email:
Emails that you have sent to yourself containing password information
Emails that you have sent to anyone else containing password information
Any information that you send using regular (unencrypted) email puts that information at risk of being stolen. Email is neither private nor secure. Sending an email is like mailing a postcard, and hackers and thieves can easily read the contents. You should never send passwords (or any other confidential or sensitive data) via regular email.
Secure Password Storage
Now for the discussion of Farmhouse Networking’s new password policy. We are partnering with a company to provide a storage of passwords and other client documentation with military grade encryption. This partnership also allows us to address the dangers that common password storage present by offering our clients this same encrypted password storage service. Here are some of the benefits of this service:
Each user has a personal password vault
Shared company password vault
Security groups to manage access
Auditing & reporting (Compliance)
Secure password sharing
1-Click Login Tool (for all major browsers)
Mobile Device Access
Only $15 per month (Compared to Lastpass Business at $4 per user per month)
If your company is using common password storage of any kind do yourself a security favor and contact us to upgrade to secure password storage.