Category: Bring Your Own Device (BYOD)

Setup Ubiquiti Wireless Network with PSK & RADIUS

This is the seventh in a series that document the Tier 3 / Co-Managed IT work we did to setup a wireless test bed for a Linux based scientific device. The testing environment included two different wireless network hardware types (Ubiquiti and Cisco). There was also a Synology device used for various purposes including hosting the Ubiquiti controller inside a Kubernetes container, providing certificate services, providing LDAP authentication, and providing RADIUS authentication. Each article will detail a separate piece of the project. This article shows the basic setup of Ubiquiti Controller for PSK and RADIUS authentication from wireless devices.

Setup Ubiquiti Wireless Network with PSK

Login to Ubiquiti controller previously created – Here
Click on Setting gear icon at bottom left
Make sure you are on Wifi tab and click Create New link
- Set network BSSID
- Create Password
- Click Add Wifi Network button

Setup Ubiquiti Wireless Network with RADIUS

Login to Ubiquiti controller previously created – Here
Click on Setting gear icon at bottom left
- Click on Profiles
- Click on Radius Tab
- Click on Create New link
- Give the Profile a name
- Enter RADIUS server IP address as Authentication Server
- Enter RADIUS shared secret
- Click Add
- Click Apply Changes
Click on Wifi Tab
Click on Create New link
Set network BSSID
Change Advanced to Manual
Set Security Protocol – WPA2 Enterprise
Select new RADIUS Profile
Click Add Wifi Network

If your company has highly customized setup requirements that you need consulting for, then contact us for assistance.

Mobile Device Management for SMBs: Enhancing Android and iPhone Security with MDM

In today’s digital age, mobile devices have become an integral part of our lives, both personally and professionally. With the increasing reliance on smartphones and tablets, businesses, especially small and medium-sized enterprises (SMBs), need to prioritize mobile device security. One effective solution for enhancing Android and iPhone security is Mobile Device Management (MDM). In this article, we will explore the benefits of MDM for SMBs, its role in enhancing Android and iPhone security, and how businesses can implement MDM to safeguard their sensitive data.

1. Understanding the Importance of Android and iPhone Security

Android and iPhone, being the most widely used mobile operating systems globally, have become a prime target for cybercriminals. With its open-source nature and extensive app ecosystem, Android devices are susceptible to various security threats, such as malware, data breaches, and unauthorized access. With its user-friendliness and built-in trust, iPhone users are easily tricked into downloading and installing malware which leads to data breaches and unauthorized access. SMBs, in particular, need to be proactive in securing their Android and iPhone devices to protect sensitive customer information, intellectual property, and maintain regulatory compliance.

2. Introducing Mobile Device Management (MDM)

Mobile Device Management (MDM) is a comprehensive solution that enables businesses to centrally manage and secure their fleet of mobile devices, including Android and iPhone smartphones and tablets. MDM provides IT administrators with granular control over device settings, app distribution, security policies, and data management. By implementing MDM, SMBs can streamline device management, enhance data security, and ensure compliance with industry regulations.

2.1 Benefits of MDM for SMBs

Centralized Device Management: MDM allows businesses to manage multiple Android devices from a single console, simplifying device provisioning, configuration, and updates.
Enhanced Security: MDM enables IT administrators to enforce security policies, such as password requirements, encryption, and remote wipe capabilities, ensuring that lost or stolen devices do not compromise sensitive data.
App Distribution and Management: With MDM, businesses can distribute and manage apps on Android devices, ensuring that only authorized and secure applications are installed.
Secure Content and Data Management: MDM provides secure containers or workspaces on Android devices, segregating business data from personal information and enabling seamless data synchronization.
Compliance and Reporting: MDM offers robust reporting capabilities, allowing businesses to monitor device usage, enforce compliance regulations, and generate audit trails.

3. Implementing MDM for Android and iPhone Security

Implementing MDM for Android and iPhone security involves a series of steps to ensure a seamless deployment and effective device management. Let’s explore the key considerations and best practices for SMBs looking to implement MDM.

3.1 Assessing Business Needs and Objectives

Before implementing MDM, SMBs should assess their business needs and objectives. This includes identifying the number of devices to be managed, understanding the security requirements, and evaluating the compatibility with existing IT infrastructure.

3.2 Choosing the Right MDM Solution

There are numerous MDM solutions available in the market, each with its own set of features and capabilities. SMBs should carefully evaluate different MDM vendors, considering factors such as scalability, ease of use, security features, integration capabilities, and cost-effectiveness.

3.3 Defining Security Policies and Configuration

Once the MDM solution is selected, SMBs need to define security policies and configurations. This includes setting password requirements, enabling device encryption, configuring firewall settings, and defining app installation permissions. The policies should align with industry best practices and compliance regulations.

3.4 Device Enrollment and Onboarding

After defining security policies, SMBs can proceed with device enrollment and onboarding. This involves registering Android devices with the MDM system, configuring device settings, and installing necessary security profiles and certificates.

3.5 Monitoring and Maintenance

MDM is an ongoing process that requires continuous monitoring and maintenance. SMBs should regularly review security policies, update device configurations, patch vulnerabilities, and conduct security audits to ensure the effectiveness of the MDM solution.

4. Android vs. iPhone: MDM Considerations

While Android devices are more susceptible to security threats due to their open nature, it is essential to consider the unique security challenges posed by iOS devices, such as iPhones and iPads. Although iOS has built-in security features, SMBs should evaluate MDM solutions that offer comprehensive support for both Android and iOS devices to ensure consistent security across their mobile fleet.

5. The Future of MDM and Android Security

As technology evolves, the landscape of mobile device security continues to change. The future of MDM and Android security holds promising advancements, including:

Machine Learning and AI: MDM solutions can leverage machine learning and AI algorithms to detect and prevent emerging security threats proactively.
IoT Integration: With the rise of the Internet of Things (IoT), MDM will encompass managing and securing a broader range of devices, including wearables and smart home devices.
Biometric Authentication: MDM solutions will increasingly utilize biometric authentication, such as fingerprint and facial recognition, for secure device access.
Containerization and Virtualization: MDM will further enhance data security by implementing advanced containerization and virtualization techniques, isolating business data from personal information.

If your SMB is seeking to enhance Android and iPhone security by leveraging the benefits of MDM, contact us for professional assistance and guidance tailored to your specific needs.

Setup Cisco Wireless Network with PSK & RADIUS

This is the sixth in a series that document the Tier 3 / Co-Managed IT work we did to setup a wireless test bed for a Linux based scientific device. The testing environment included two different wireless network hardware types (Ubiquiti and Cisco). There was also a Synology device used for various purposes including hosting the Ubiquiti controller inside a Kubernetes container, providing certificate services, providing LDAP authentication, and providing RADIUS authentication. Each article will detail a separate piece of the project. This article shows the basic setup of Cisco Wireless Controller for PSK and RADIUS authentication from wireless devices.

Setup Cisco Wireless Network with RADIUS

Log into Cisco Wireless Controller
Click on Security tab at top
Click on Authentication under RADIUS on left hand side
Change both Acct Call Station ID Type to IP Address
Click Apply
Click on New
Add RADIUS server IP address
Add Shared Secret
Uncheck management
Click Apply
Click on WLANs tab at top
Edit WLAN 1
Click on Security tab
Click on AAA Servers tab
Change Server 1 to the one entered on RADIUS Authentication page
Click Apply
Click on Layer 2 tab
Change Authentication type to 802.11x
Click Apply
Click Save Configuration at the top

If your company has highly customized setup requirements that you need consulting for, then contact us for assistance.

SMBs Should Follow NIST 800 Guidelines

Small and medium-sized businesses (SMBs) are the backbone of the economy, but they are often the primary targets for cyberattacks. In fact, according to recent reports, nearly half of all cyberattacks are aimed at SMBs. To protect themselves from these threats and ensure the security of their critical assets, SMBs should consider following the guidelines provided by the National Institute of Standards and Technology (NIST) in their Special Publication 800 series.

Comprehensive Cybersecurity Framework

NIST 800 series provides a comprehensive framework that helps SMBs establish and maintain effective cybersecurity measures. By implementing the NIST guidelines, SMBs can enhance their cybersecurity posture and reduce the risk of potential data breaches, financial losses, and reputational damage.

Improved Risk Management

NIST 800 guidelines focus on risk management, helping SMBs identify and mitigate potential vulnerabilities and threats. Following the guidelines allows SMBs to proactively assess their cybersecurity risks and develop effective strategies to safeguard their sensitive data, intellectual property, and customer information.

Industry-Recognized Standards

NIST 800 series is widely recognized and adopted by both the public and private sectors. By adhering to these guidelines, SMBs demonstrate their commitment to meeting industry standards and best practices. This not only helps build trust with customers and partners but also increases their chances of securing lucrative business contracts and partnerships.

Cost-Effective Approach

Implementing NIST 800 guidelines can be a cost-effective approach for SMBs. These guidelines offer scalable solutions that can be tailored according to the organization’s size, budget, and specific requirements. SMBs can leverage the NIST framework to prioritize their cybersecurity investments, ensuring that they maximize their security efforts within their available resources.

In today’s digitally connected world, SMBs cannot afford to neglect cybersecurity. Following the NIST 800 guidelines provides SMBs with a comprehensive framework to enhance their cybersecurity posture, improve risk management, establish industry-recognized standards, and reduce costs, By working with a managed IT service provider to implementing these guidelines, SMBs can protect their assets, maintain their reputation, and thrive in an increasingly cyber-threatened landscape.

If your company is looking to implement stronger security through an standards based framework, then contact us for assistance.

Why Use a Password Manager for Your Business

Today’s cybersecurity threats are constantly evolving, so it’s crucial for businesses to protect their sensitive data. One of the simplest yet most effective ways to enhance your company’s security is by using a company-wide password manager. In this blog post, we will explore the top reasons why businesses should adopt password managers.

Simplify Password Management

With the average person having to remember dozens of passwords for various accounts, it’s no wonder that weak passwords and password reuse are prevalent. A password manager simplifies this process by securely storing all passwords in one encrypted location. Employees can then access their passwords with a single master password or use biometric authentication.

Generate Strong and Unique Passwords

One of the primary reasons for data breaches is weak passwords. Many people still rely on easily guessable passwords, such as “monkey” or “123456” or “password.” A password manager helps eliminate this risk by generating and storing strong, unique passwords for each account. (Most even have an auto-fill feature to work with internet browsers to make website login fast and secure.) This ensures that even if one account is compromised, the rest remain secure.

Enhance Security and Privacy

By using a company-wide password manager, businesses can significantly improve their security posture. These tools employ strong encryption algorithms to protect sensitive information from unauthorized access. Moreover, most password managers offer additional security features like two-factor authentication and secure password sharing, further enhancing your company’s security.

Boost Productivity and Efficiency

Lost or forgotten passwords can cause significant downtime and productivity loss for individuals and businesses. With a password manager, employees no longer need to waste time recovering or resetting passwords. They can easily retrieve their credentials whenever needed, freeing up valuable time to focus on their primary tasks.

Centralize Access Control

In a business setting, it’s crucial to have centralized control over employee access to various systems and accounts. A password manager allows administrators to manage user access and permissions, ensuring that the right people have access to the right resources. It also facilitates revoke access promptly when an employee leaves the organization, minimizing the risk of unauthorized access.

Simplify Onboarding and Offboarding

Managing employee onboarding and offboarding can be a complex process. A password manager streamlines this by providing a centralized platform for creating and distributing passwords. When an employee leaves, their access can be promptly revoked, eliminating any potential security vulnerabilities associated with ex-employee accounts.

If your company is looking to implement the ease and security of a password manager, then contact us for assistance.

The Secret Benefits of IT Equipment Lifecycle Management

In today’s fast-paced business environment, effectively managing IT equipment throughout its lifecycle has become essential. Equipment Lifecycle Management (ELM) refers to the systematic approach of acquiring, operating, maintaining, and disposing of equipment. By implementing an ELM strategy, businesses can maximize the lifespan and productivity of their equipment, while also minimizing costs and downtime. Let’s explore some of the secret benefits of equipment lifecycle management.

Cost Optimization

IT equipment can represent a significant investment for businesses. Through ELM, companies can optimize costs by planning IT equipment updates and replacements in a strategic manner. With a clear understanding of the IT equipment’s lifespan and maintenance requirements, businesses can budget for these costs well in advance, avoiding unexpected expenses that could negatively impacting their finances.

Increased Equipment Efficiency

One of the primary goals of ELM is to maximize equipment efficiency and productivity. By conducting regular inspections, maintenance, and repairs, businesses can identify and address performance issues before they become major problems. Proactively managing IT equipment ensures that it operates at optimal levels, reducing downtime and improving overall operational efficiency.

Enhanced Asset Tracking and Planning

ELM provides businesses with a comprehensive understanding of their equipment inventory. Through proper record-keeping and asset tracking systems, companies can easily identify the location, condition, and maintenance history of each piece of IT equipment. This information enables businesses to plan for IT equipment updates, replacements, or adjustments based on their lifecycle and performance, ensuring that resources are allocated efficiently.

Sustainable and Environmentally Responsible Practices

Efficient IT equipment management is not only beneficial for businesses but also for the environment. By properly maintaining and disposing of equipment, companies can significantly reduce waste generation and minimize their carbon footprint. Implementing ELM strategies, such as equipment reuse or recycling programs, aligns with sustainable business practices and demonstrates a commitment to environmental responsibility.

Effective equipment lifecycle management is crucial for businesses looking to optimize costs, improve productivity, and minimize their environmental impact. By proactively managing IT equipment throughout its lifecycle, companies can maximize its efficiency, extend its lifespan, and ensure smooth operations. Investing in IT equipment lifecycle management ultimately leads to long-term benefits and a competitive advantage in today’s business landscape.

If you haven’t already, contact us to implement an ELM strategy for your business.

Why SMBs Need Managed Service Providers (MSPs)

Small and medium-sized businesses (SMBs) face numerous challenges when it comes to managing their IT. Limited resources (both human and money), lack of expertise, and the need to focus on core business operations often make it difficult for SMBs to understand and manage technology needs. This is where Managed Service Providers (MSPs) come in. In this blog article, we will explore the reasons why SMBs should consider partnering with MSPs to enhance their IT capabilities and drive business growth.

Cost-Effective IT Solutions:

One of the primary reasons why SMBs need MSPs is the cost-effectiveness they offer. By outsourcing their IT needs to MSPs, SMBs can avoid the high costs associated with hiring and training an in-house IT team. MSPs provide a range of services, including network monitoring, data backup and recovery, cybersecurity, and software updates, all at a predictable monthly cost. This allows SMBs to allocate their resources more efficiently and focus on their core business.

Access to Expertise and Advanced Technology:

MSPs are experts in providing IT services and have a team of highly skilled professionals with expertise in variety of technology. By partnering with MSPs, SMBs gain access to the depth of knowledge and experience from IT experts who can handle complex tasks and provide strategic guidance. Additionally, MSPs stay up-to-date with the latest technology trends and can recommend and implement solutions that can help SMBs stay competitive in the market and safe from hackers.

Proactive IT Support and Maintenance:

MSPs offer proactive IT support and maintenance, which is crucial for SMBs. They monitor networks, identify potential issues, and take preventive measures to avoid downtime and disruptions. MSPs also provide regular software updates, security patches, and system maintenance, ensuring that SMBs’ IT remains secure and up-to-date. This proactive approach helps SMBs minimize the risk of costly IT failures and ensures smooth business operations.

Enhanced Data Security:

Data breaches and cyberattacks pose a significant threat to SMBs. MSPs play a vital role in safeguarding SMBs’ sensitive data and protecting them from potential security breaches. They implement robust cybersecurity measures, such as firewalls, antivirus software, and encryption, to ensure data confidentiality and integrity. MSPs can also conduct regular security audits and vulnerability assessments to identify and address any potential weaknesses in the IT infrastructure.

Scalability and Flexibility:

As SMBs grow, their IT needs evolve. MSPs offer scalable solutions that can adapt to changing business requirements. Whether it’s adding new users, expanding storage capacity, or integrating new software, MSPs can quickly and efficiently accommodate these changes. This scalability and flexibility allow SMBs to focus on their growth without worrying about the limitations of their IT infrastructure.

If your company could use the cost-effective solutions, access to expertise, proactive support, enhanced data security, and scalability that come from using a MSP, then contact us for assistance.

Why 2FA is Necessary for Business

Businesses are face an increasing number of cyber threats. To protect sensitive data and prevent hackers from gaining access, implementing stronger security measures is crucial. One such measure is 2-factor authentication (2FA). Let’s look at the importance and security benefits of 2FA for businesses.

Enhanced Account Security:

2FA adds an extra layer of security to the traditional username and password login process. By requiring users to provide a second form of authentication, such as a unique code sent to their mobile device, it significantly reduces the risk of hackers from gaining access. Even if a hacker manages to obtain a user’s password, they would still need the second factor to gain access.

Mitigation of Password-related Risks:

Passwords are often the weakest link in security systems. Many users tend to reuse passwords across multiple accounts or choose weak and easily guessable ones or re-use the same password while incrementally changing a digit or two. With 2FA, even if a password is compromised, the additional authentication factor acts as a safeguard, making it significantly harder for attackers to gain access.

Protection Against Phishing Attacks:

Phishing attacks, where attackers trick users into revealing their login credentials, are a common threat to businesses. 2FA provides an additional layer of defense against such attacks. Even if a user unknowingly falls victim to a phishing attempt and enters their credentials on a fake website, the second authentication factor would prevent the attacker from accessing the account.

Compliance with Industry Regulations:

Many industries, such as finance, healthcare, government contractors, and e-commerce, are subject to strict data protection regulations. Implementing 2FA helps businesses meet compliance requirements and avoid potential penalties. It demonstrates a commitment to safeguarding sensitive customer information and builds trust with clients.

Cost-Effective Security Measure:

Implementing 2FA does not require significant financial investment. Many 2FA solutions are readily available and can be easily integrated into existing systems. Considering the potential financial and brand reputation damage caused by a security breach, the cost of implementing 2FA is minimal compared to the benefits it provides.

In an era where cyber threats are constantly evolving, businesses must prioritize security measures to protect their valuable data. 2-factor authentication offers a simple yet effective way to do so.

If your company is interested in implementing 2FA across the entire organization, then contact us for assistance.

Two Great Tastes That Go Great Together

We have decided to make a business change that includes no longer directly selling phone services, but instead we are moving our clients to RingCentral. They are the industry leaders in this type of service and their rates are very competitive. One of their killer features is the Teams integration

RingCentral for Teams – Embedded App

RingCentral for Teams embedded app enables calling from the Teams app to both internal extensions and external numbers. It’s the simplest way to supercharge the phone experience for both end users and IT admins without having to deploy a new app to end users. Most importantly, there’s no need for an added Microsoft calling or E5 license to capture this value. This solution is ideal for organizations that want to:

leverage RingCentral’s superior telephony while maximizing the value of their Teams investment
avoid the added cost of Microsoft’s calling license

With the RingCentral for Teams embedded app, users access an icon presented in Microsoft Teams. They can then place and receive calls, access voicemails and voicemail transcriptions, and send or receive an SMS or fax. These tools fill critical gaps in Microsoft Teams, transforming it from messaging and video meeting tool to a communications powerhouse. This approach is also a money saver, as it doesn’t require the added cost of a Teams Phone or E5 license.

If your company is currently using Microsoft Teams for communications and want to add the incredible functionality that RingCentral brings, then contact us for assistance.

What every business has in common?

Every modern business has one thing in common – the internet.

Businesses are using computers, smart phones, tablets, etc. to connect to the internet for research, shopping, advertising, or any number of things. With a connection to the internet comes the need for routers, switches, wireless, and other network hardware to distribute internet connectivity across the company. There are malicious people on the internet that are setting traps and trying to break into companies which necessitate the use of tools like antivirus, internet filtering, spam filtering, and other protective measures. There are also people who work from their homes and need to have a way of tunneling safely into the network to use the resources there.

All of this has to be managed by someone in the company or you can contract with a managed IT service provider.

If your company needs help managing all the things connected to your internet, then contact us for assistance.