Loading ...

Category: Bring Your Own Device (BYOD)

Celebrating 3 Years of Serving Grants Pass

3 years in business

It is official – the month of September marks three years in business for Farmhouse Networking. We have been truly blessed by God to have been able to serve the Grants Pass and surrounding business communities by providing exceptional IT managed services. We look forward to many more years of giving you the highest level of support possible so that you can focus on getting business done. With this anniversary we plan on rolling out some enhancements to our monthly service offerings:

Enhanced Monthly Maintenance


Standard Maintenance: For those who are not current managed clients, these basics have always been a part of our service offering:

  • 5-year Technology Plan & Budget
  • Full Network Inventory
  • Hard Disk Checkups (Bi-Monthly)
  • Hard Disk Defragmentation (Monthly)
  • Temporary File Cleaning (Weekly)
  • Anti-Virus Software (Constant Monitoring)
  • Operating System Updates (Weekly)
  • Error Log Monitoring (Constant Monitoring)
  • Power Settings Management (Constant Monitoring)
  • Windows Services (Constant Monitoring)

Continued Improvements: Over the past 3 years we have also added the following features to our service at no additional costs:

  • Ticketing System Portal
  • Email Support to Create Tickets
  • Security Incident Response Plan
  • Vendor Information Tracking
  • Third-Party Software Updates (Monthly on Firefox, Chrome, Acrobat Reader, ….)
  • Email Blacklist Checking (Daily)
  • Warranty Checking (Monthly on All Major Brands)
  • Operating System Intrusion Detection (Constant Monitoring)
  • Support for MacOS & Linux (Constant Monitoring)
  • Server Applications (Constant Monitoring)
  • Hardware Events (Constant Monitoring)

Enhancements to Come: In September, we will be adding these new exciting features to our service:

  • DNS filtering – this will further protect your network from external threats by stopping accidental surfing to malicious sites. It also can increase productivity and network speeds by limiting wasteful frivolous surfing during company time.
  • Dark Web Scan – Each monthly client will have the “Dark Web” scanned to see if any email addresses connected to the company have been involved in a previous password breach.
  • Weekly Security Newsletter – Farmhouse Networking is partnering with a national security non-profit to deliver up-to-date news and information about how to stay safe online. These weekly newsletters will be packed with valuable information and delivered to everyone in your organization.

As our service offering has expanded, we have deepened our ability to monitor our customers networks to proactively respond to alerts before they become problems. We have continued to add levels of protection to make sure that our clients systems are safe from the ever-expanding list of threats. All this has been done at no additional cost, despite inflation, up to this point. To continue offering this high level of service, Farmhouse Networking is making a couple small changes to its prices that will be effective September 1st, 2018.

  • Monthly Maintenance Clients – our services are based on a per device basis and the cost per workstation will be $25 per month for remote maintenance and $50 per month for full service maintenance. All other prices will remain the same for every other device on the network. This will only effect clients whose contracts are renewing after September 1st, 2018 – any renewed before that will keep their prices the same for the next 12-month term.
  • Small Business Clients – those who do not have a server and have less than 5 workstations, our hourly rate will be $80 per hour for on-site service and $40 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Standard to Medium Clients – those with a server or more than 5 workstations, our hourly rate will be $120 per hour for on-site service and $60 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Tier-3 Clients – those technology companies that utilize our advanced expertise to better serve their clients, our hourly rate will be $40 per hour for remote service (billed in 15-minute increments). That is only $5 more for remote support.
  • Charity Clients – those non-profits that pay for support, our hourly rate will remain at $70 per hour for on-site service and $35 per hour for remote service (billed in 15-minute increments).

For all our monthly maintenance clients, we will be calling to schedule our semi-annual meeting to check-in with you during the month of September. At that time we will be performing another network inventory to insure that all network assets are covered properly under your current contract. We cannot thank all our clients enough for your continued use of our IT services. We look forward to continuing to serve you.

Know the state of your flocks,
and put your heart into caring for your herds,
for riches don’t last forever,
and the crown might not be passed to the next generation.
After the hay is harvested and the new crop appears
and the mountain grasses are gathered in,
your sheep will provide wool for clothing,
and your goats will provide the price of a field.
And you will have enough goats’ milk for yourself,
your family, and your servant girls.
Proverbs 27:23-27

Wireless Security Upgrade

WPA3 Wireless Security - Grants Pass, OR

Strange to think that the current wireless security protocol has been in use for over a decade, but with the release of WPA3 certification today the Wi-Fi Alliance has made some serious strides towards a more secure wireless security standard.

Security Improvements

Offline Password Guessing – Attackers will now only get one guess per offline packet instead of unlimited. This will force them to interact with the wireless device directly which will make their attacks easier to detect and easier to shut them out.

Forward Secrecy – Even if the attacker is able to record a data stream and crack the current password, they will not be able to read the recorded data – only new data flowing over the network.

192-bit Encryption: – Enterprise users and tech savvy small businesses will be able to take advantage of deeper encryption for more secure connections

Wi-Fi Easy Connect – Simple to use, secure way for home users to connect their devices by scanning a QR code instead of entering a complex password.

This new security protocol mixed with the latest 802.11ax (that could bring 10 Gigabit speeds to wireless) will make 2019 a banner year for wireless technology.
If your company is interested better wireless security or faster wireless speeds, then contact us for assistance.

 

CyberSecurity Month – Internet of Things Tips

Internet of ThingsThe Internet of Things refers to any object or device that sends and/or receives data automatically via the Internet. This rapidly-expanding set of “things” includes tags (also known as labels or chips that automatically track objects), sensors, and devices that interact with people and share information machine to machine.

WHY SHOULD WE CARE?

• Cars, appliances, wearables, lighting, healthcare, and home security all contain sensing devices that can talk to another machine and trigger other actions. Examples include: devices that direct your car to an open spot in a parking lot; mechanisms that control energy use in your home; and other tools that track your eating, sleeping, and exercise habits.

• This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed.

• Though many security and resilience risks are not new, the scale of interconnectedness created by the Internet of Things increases the consequences of known risks and creates new ones.

SIMPLE TIPS

Without a doubt, the Internet of Things makes our lives easier and has many benefits; but we can only reap these benefits if our Internet-enabled devices are secure and trusted. Here are some tips to increase the security of your Internet-enabled devices:

1. Keep a clean machine.
Like your smartphone or PC, keep any device that connects to the Internet free from viruses and malware. Update the software regularly on the device itself as well as the apps you use to control the device.

2. Think twice about your device.
Have a solid understanding of how a device works, the nature of its connection to the Internet, and the type of information it stores and transmits.

3. Secure your network.
Properly secure the wireless network you use to connect Internet-enabled devices.If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

CyberSecurity Month – Mobile Device

CyberSecurity Mobile DeviceMobile devices enable Americans to get online wherever they are. Although mobile devices — from smart watches to phones and tables — can be extremely useful and convenient, there are also potential threats users may face with such technology. It’s important to understand how to protect yourself when connecting on the go.

DID YOU KNOW?

• 56 percent of American adults own a smartphone.
• More than half of mobile application (app) users  have uninstalled or decided not to install an app due to concerns about their personal information.

SIMPLE TIPS

1. Use strong passwords.

Change any default passwords on your mobile device to ones that would be difficult for someone to guess. Use different passwords for different programs and devices. Do not choose options that allow your device to remember your passwords. (We recommend LastPass Mobile App to keep track of password, encryption of the phone and fingerprint scanning for unlocking your device.)

2. Keep software up to date.

Install updates for apps and your device’s operating system as soon as they are available. Keeping the software on your mobile device up to date will prevent attackers from being able to take advantage of known vulnerabilities. (Unfortunately the carrier that you choose is in charge of the OS updates on the phones, but allow auto updates on all other apps.)

3. Disable remote connectivity.

Some mobile devices are equipped with wireless technologies, such as Bluetooth, that can connect to other devices. Disable these features when they are not in use. (Look out for NFC also as this will allow access based on how close someone gets to your phone – think crowded elevator.)

4. Be careful what you post and when.

Wait to post pictures from trips and events so that people do not know where to find you. Posting where you are also reminds others that your house is empty.

5. Guard your mobile device.

In order to prevent theft and unauthorized access, never leave your mobile device unattended in a public place and lock your device when it is not in use.

6. Know your apps.

Be sure to review and understand the details of an app before downloading and installing it. Be aware that apps may request access to your location and personal information. Delete any apps that you do not use regularly to increase your security. (Also do not root your phone or install apps from any place platforms app store.)

7. Know the available resources.

Use the Federal Communications Commission’s Smartphone Security Checker at www.fcc.gov/smartphone-security.

If your company is concerned about cybersecurity and wants to take the needed steps to protect yourselves, then contact us for assistance.

CyberSecurity Month – Small Business Tips

CyberSecurityBroadband and information technology are powerful tools for small businesses to reach new markets and increase sales and productivity. However, cybersecurity threats are real and businesses must implement the best tools and tactics to protect themselves, their customers, and their data. Visit www.fcc.gov/cyberplanner to create a free customized Cyber Security Planning guide for your small business and visit www.dhs.gov/stopthinkconnect to download resources on cyber security awareness for your business. Here are ten key cybersecurity tips to protect your small business:

1. Train employees in security principles.

Establish basic security practices and policies for employees, such as requiring strong passwords and establish appropriate Internet use guidelines, that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.

2. Protect information, computers, and networks from cyber attacks.

Keep clean machines by having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available. (Our managed monthly service contract customers already have this taken care of.)

3. Provide firewall security for your Internet connection.

A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure the operating system’s firewall is enabled or install free firewall software available online. If employees work from home, ensure that their home system(s) are protected by a firewall. (We don’t recommend the free stuff as you always get what you pay for.)

4. Create a mobile device action plan.

Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.

5. Make backup copies of important business data and information.

Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud. (We recommend backup copies in both)

6. Control physical access to your computers and create user accounts for each employee.

Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel. (Definitely agree with the separate users and least

7. Secure your Wi-Fi networks.

If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi- Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router. (Also make sure to segregate public guest traffic from private traffic.)

8. Employ best practices on payment cards.

Work with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate payment systems from other, less secure programs and don’t use the same computer to process payments and surf the Internet.

9. Limit employee access to data and information, and limit authority to install software.

Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission.

10. Passwords and authentication.

Require employees to use unique passwords and change passwords every three months. Consider implementing multifactor authentication that requires additional information beyond a password to gain
entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account. (Multifactor should be implemented on all web based applications from third party vendors.)

If your company is concerned about cybersecurity and wants to take the needed steps to protect yourselves, then contact us for assistance.

Information Security while Traveling

The SANS Institute has been putting out the OUCH! newsletter for some time now in a project called Securing the Human. In the most recent Issue, they discuss some best practices and practical advice for traveling. Here are some highlights:

Minimize Possible Losses

Here are a few tips to protect information from the hazards of traveling and possible theft:

  • Remove any data that is not needed on the device
  • Use full disk encryption & strong passwords
  • Perform a complete backup before leaving
  • Install tracking software on the device
  • Update OSes and Antivirus

Lost/Stolen Devices

Although crime is more of a factor in some third world nations or those in active conflict, the human element of losing the device is 100x more likely. Keep inventory of your devices before, during and after transporting from one location to another. Do not leave your device in the hotel room, have the hotel front desk put it in their safe or locked administrative offices.

Public WiFi

If you have to connect to the internet in public spaces and/or cannot afford mobile data on your trip, then make sure to do the following:

  • Never use public computers for sensitive information, especially banking sites
  • When on public wifi, only surf to sites with HTTPS:// secure connections
  • Consider connecting to a VPN service to further encrypt communications

If your company is requires traveling or you are planning to remotely work while on vacation, then contact us for assistance. We would be happy to walk you through the full disk encryption process, update / secure your devices and configure a company VPN service to connect to on the go.

Social Wifi Hotspot Router Drives Traffic

While investigating ambient music service for a business through Pandora for business, found this incredible new way for businesses to socially connect with the users of their free WiFi service. With Social Wifi using the Mood WiFi router setup properly users will be taken to a portal page upon connecting to the free WiFi system. This portal page asks for them to login via Facebook, Twitter, Instagram account or email address then for those who connect with social media are asked to like the business they are connecting at to gain access to the internet. This system brilliantly allows business to track who is using their internet service and deeply connect with them via social media. I could easily see this as a huge benefit for any small retail store or restaurant wanting to expand their advertising dollar with a very small budget ($35 per month).

Setup Microsoft Mobile Device Management (MDM)

Recently had some issues where another tech company was unable to properly setup MDM for their clients, so reviewed the documentation and their current efforts then came to the conclusion that they had skipped a couple steps in the initial setup that were causing the issue. Here is the proper initial setup steps:

Activate Mobile Device Management in Office 365

1. Sign in to Office 365 as an administrative user
2. Click on the Admin pane
3. Click on Mobile Management on the list to the left hand side
4. Click on the “Get Started” button
5. Wait awhile (5 minutes to 2 hours) for the setup to complete

Configure Initial Domain DNS Settings

1. Back in the Mobile Management section, look for the red x circle and click on “Manage settings”
2. First to configure custom DNS needed for automatic configuration, click on the “Set up” next to “Configure domains for MDM”
3. Click on the primary domain used for Autodiscover, etc. then click on “Domain settings”
4. Under “Domain purpose” click on “Change domain purpose”
5. Put a check next to “Mobile Device Management for Office 365” then click on “Next”
6. Take note of the following cname records:

enterpriseregistration enterpriseregistration.windows.net 3600
enterpriseenrollment enterpriseenrollment.manage.microsoft.com 3600

7. Enter these into the customers custom DNS records along with any others that are listed on that page which weren't entered previously.
8. Return to this page to confirm that the DNS settings have changed properly.

Configure Apple Push Notification (APN) Certificate

1. Back in the Mobile Management section, look for the red x circle and click on “Manage settings”
2. Click on “Set up” next to “Configure an APNs Certificate for iOS devices” to request the needed certificate to manage Apple devices.
3. Click on “Download your CSR file” to save the file locally then click “Next”
4. Click on “Apple APNS Portal” to open the Apple Push Certificates Portal
5. Sign in with a valid (hopefully domain associated) Apple ID
6. Click on the “Create a Certificate” button
7. Agree to the Terms of Use
8. Upload the Certificate Signing Request (CSR) that was save locally earlier
9. Download the new Mobile Device Management certifcate and save it locally
10. Go back to the “Install Apple Push Notification Certificate” page and click “Next”
11. Upload the new Mobile Device Management certifcate tjat was saved locally from Apple

Configure Basic Mobile Device Management Policy

1. Create a Security Group in Active directory that will be used to apply the MDM policy and run DirSync manually.
2. Back in the Mobile Management section, click on “Manage device security policies and access rules”
3. Click on the + to add a new policy
4. Give the policy a name and click “Next”
5. On the pop-up page leave the defaults and check next to “Require managing email profile (required for selective wipe on iOS)”
6. Also select “Block access and report violation” to keep users off the network until they comply with the new policy then click “Next”
7. On the following page there are additional option that give additional security but are not required, when done click “Next”
8. Change selection to “Yes” and chose the Security Group in Active Directory that will be used for MDM enforcement then click “Next”
9. Click on “Finish” to begin enforcing this new policy

The next time any user opens an associated Office App on their supported devices it will ask them to start the enrollment process which goes through a compliance check which usually requires them to delete their current Exchange Active Sync profile to continue.

Special thanks to the guys at ExchangeServerPro.com for their blog entry with the basics. Also a thanks to the Microsoft Office Blog Team for their detailed look at MDM policy setup.
If your company is using Office 365 or has a Bring Your Own Device (BYOD) policy which need mobile device management, then contact us for assistance.

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2018 - Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

Something went wrong, try refreshing and submitting the form again.