Loading ...

Category: Compliance

Compliance Requires Penetration Testing

Compliance is and always has been a complicated matter. Here are the quotes from the three types of compliance – CMMC, HIPAA, and PCI:

CMMC – Risk Assessment L2-3.11.2 – VULNERABILITY SCAN: Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.”

HIPAA – § 164.308 Administrative safeguards. (a)(1)(ii)(A) – Risk analysis (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity or business associate.”

PCI – 11.3: External and internal vulnerabilities are regularly identified, prioritized, and addressed”

To summarize what this all mean – compliance requires penetration testing and vulnerability scanning. Networks have to be tested regularly to make sure that there has been nothing missed which would allow a hacker to breach the network and steal the treasure of information. Our recommendation is to scan at least quarterly, if not monthly, to find these vulnerabilities and address them before the hackers find them.

If your company has compliance requirements that you need consulting for, then contact us for assistance.

A Medical Office’s Journey to the Cloud

Today we tell the story of a medical office’s journey to the cloud. This particular client was facing their server operating system reaching end of support (a HIPAA violation) in the near future. They had begun by looking at their electronic medical records software company’s online offering, which didn’t have all the functionality of their on-premises software and was very expensive (this is typical).


They next decided to look into moving their current on-premises software into the cloud and we were asked to help with the testing. We determined that it would be best to move the file portion of the server to SharePoint / OneDrive to increase their mobility and flexibility. We also determined that it would be best to move them away from on premises Active Directory into Azure Active Directory / Intune to allow authentication and security policies. Finally we began testing the on-premises software hosted on a server in Azure with a VPN connection to their office.


The SharePoint / OneDrive and Azure Active Directory portions went through with little issues. The server, however, was not as we had hoped. The Azure VPN connection was expensive due to it always being on and no way of turning it off outside of business hours. The performance of the SQL database that the on-premises software used was basically unusable. The other option would be to create virtual desktops on Azure for this purpose but the cost and functionality was not what the customer was hoping for.


This has lead them back to searching for an online EMR software that will meet all their requirements. This will be tough because most companies are good at some things, but not all things and compromises usually have to be made. Our hope is that this story is a lesson to other companies. The cloud may sound like the newest and best way to work, but the costs and functionality are often worse than expected.

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Cost of Insuring Your “Digital” Employees

We were discussing the price customers paid for their monthly maintenance of computers and the comparison was brought up about insurance costs. As a business owner with employees, it is necessary these days to offer health insurance as part of their compensation package. If the company has vehicles that are used for business, then the government mandates that they be covered by minimum amounts of insurance. These costs are then built into the price the business owner then charges their clients for products or services.

Insurance Statistics: 

  • According to Business.com, the average cost of health insurance for a single employee was $645 per month and $1,850 per month for a family.
  • According to NerdWallet.com, the average cost of car insurance was $179 per vehicle per month. 

Questions:

So what about the “digital” employees of the company, aka the computers and network equipment that make business possible. How much are business owners paying to “insure” these assets? What are businesses willing to pay to make sure that their computers and network don’t have a sick day? Does the cost of insuring them include preventative care? Who does the business call in case of an accident or breakdown in the middle of the day? Does the cost of insuring include on-site service or transport to a service center?

If your company wants to keep their digital employees healthy and insure them from accidents, then contact us for assistance.

RMM Automation: Export List of AD Users Last Login Days Ago

As our business continues to grow our focus is on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services. This blog will be highlighting tips for using Powershell to get an Export List of AD Users Last Login was more than 90 Days Ago.

Research

You need to find out what the Organizational Unit (OU) path that you are trying to get the count from. The following command will list all OUs in the domain.

Get-ADOrganizationalUnit -Filter 'Name -like "*"' | Format-Table Name, DistinguishedName -A

If you want the entire organization then you will need the top level information which looks like DC=[DomainName],DC=local

Variables

$SearchOU = This is the full DistinguishedName from the above output.

Script Snippet

$InactiveDays = 90
$Days = (Get-Date).Adddays(-($InactiveDays))
  

Get-ADUser -Filter {LastLogonTimeStamp -lt $Days -and enabled -eq $true} -SearchBase $SearchOU -Properties LastLogonTimeStamp,UserPrincipalName |
  
select-object Name,mail,@{Name="Last Login Date"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp).ToString('MM-dd-yyyy')}} | export-csv C:\support\inactive_Users.csv -notypeinformation

The script will take several seconds to run based on the number of users in the OU being searched. The output is saved to the local c:\support directory and you can modify this script to include the FTP upload based on our previous article – https://www.farmhousenetworking.com/rmm/automation/rmm-automation-export-log-files-to-ftp/ The script can also be easily modified to change the number of days since last login.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

RMM Automation: Active Directory User Count

As our business continues to grow our focus is on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services. This blog will be highlighting tips for using Powershell to get an Active Directory User Count.

Research

You need to find out what the Organizational Unit (OU) path that you are trying to get the count from. The following command will list all OUs in the domain. 

Get-ADOrganizationalUnit -Filter 'Name -like "*"' | Format-Table Name, DistinguishedName -A

If you want the entire organization then you will need the top level information which looks like DC=[DomainName],DC=local

Variables


$SearchOU = This is the full DistinguishedName from the above output.

Script Snippet

(Get-ADUser -Filter * -SearchBase $SearchOU).count

The script will take several seconds to run based on the number of users in the OU being searched. The output is an integer number. You can do the same sort of thing for an Active Directory Group Count or Active Directory Computer Count:

(Get-ADgroup -Filter * -SearchBase $SearchOU).count

or

(Get-ADcomputer -Filter * -SearchBase $SearchOU).count

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Zero Trust – Cyber Security Audit

Security Audit - Grants Pass, OR

This is the tenth and finale in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on Cyber Security Audit. 
 

Cyber Security Audit

Cyber Security Audit is a process where both internal and external systems are tested for their ability and susceptibility to being successfully attacked by hackers. This usually involves an inventory of current systems, research into known vulnerabilities, and testing of those found to see what information can be accessed. Once this process is complete a report is generated to detail both what is found and how those vulnerabilities can be addressed to protect the business’ most valuable commodity – information (intellectual property and client data). Here are some questions to ask:

  • Do you have an inventory of all assets in your organization? Is it up to date?
  • Have you tested your internal network for vulnerabilities?
  • Have you had a penetration test performed on your external network?
  • Do you know what compliance standards apply?
  • How do you document policies and procedures? Who oversees that?

If your company is wanting to have a free cyber security audit, then contact us for assistance.

Zero Trust – Network Security

This is the ninth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on Network Security. 

Network Security

Network Security is having the proper hardware and configuration of that hardware in place to protect the business network. This configuration includes segmenting network traffic to keep specific types of traffic, like guest devices, separate from traffic of business devices. It also includes keeping outsiders out of the network and detecting when they have breached security measures. Here are some questions to ask:

  • Do you have a business class router / firewall?
  • Do you have business class switches and access points that support segmentation?
  • Is your network configured to segment business traffic from guest traffic?
  • Are devices like VoIP phones and network cameras on their own network?
  • Is geo-location blocking turned on for non-essential countries?
  • Is network traffic being analyzed for suspicious activity?
  • Do you filter internet traffic?
  • Can your network detect and respond to a breach?

If your company is wanting to lock down network security, then contact us for assistance.

Zero Trust – Application Whitelisting

This is the eighth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on Application Whitelisting. 

Application Whitelisting

Application Whitelisting is a process of determining which software programs the company absolutely needs to do business, marking them as safe, and blocking any other program that tries to run on company computers. This methodology has the distinct advantage of blocking almost all forms of malware on computers. Pairing this with a good next-gen antivirus creates an impenetrable wall against malware threats. It also prevents users from accidentally or intentionally running something that should not be on company computers. Here are some questions to ask:

  • Do you know all software on your computers?
  • Do your users spend time on company computers listening to music?
  • Have any of your users ever downloaded software without asking?
  • Do you have a computer use policy? How is that enforced?

If your company is wanting to lock down what is running on company computers, then contact us for assistance.

Zero Trust – Software Patching

This is the seventh in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on software patching. 

Software Patching

Software patching is a neccesity because no person who writes code is perfect and hackers are actively looking for these mistakes. The hackers find the mistakes and then develop ways of using these to exploit the software, computer, or whatever else they can gain access to. The only way to combat both the mistakes and the exploits is to discover them before the hackers do and patch the hole in the software. This patch can however lead to unforseen consequences to the software, so a plan for testing and deployment of patches is needed to avoid unexpected downtime to businesses.Here are some questions to ask:

  • Do you know all of the hardware and software on your network?
  • Do you check for hardware, operating system, and other software regularly?
  • How do you check for updates, patches, or upgrades to software?
  • How do you install these patches? Is it automated?
  • Are these patches tested before installation?
  • What happens if a patch causes problems?
  • Do you have a log of all installed updates?
  • Are any systems or software on your network no longer supported for updates?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Zero Trust – Endpoint Security

Endpoint Security - Clackamas, OR

This is the sixth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on endpoint security. 

Endpoint Security

Endpoint security is a fancy term used to describe how the computers on the network are protected. This used to be done by antivirus but due to the complexity of the attacks hackers are using to compromise networks these days, the definition has expanded greatly. This now includes things like Enhanced Detection & Response software, Security Operations Centers, DNS Filtering, employee train and more. Here are some questions that you should be asking yourself:

  • Are your endpoints protected by antivirus or enhanced detection & response?
  • Is website traffic being monitored? Restricted?
  • Are your employees being trained in cyber security?
  • Are computer logs being monitored for malicious activity?
  • Would unusual or suspicious activity on a computer be noticed? Alerted on?
  • Do you have security permissions set on all file shares?
  • Do you have least privileged access configured on those shares?
  • Do you keep track of what software is installed on all workstations?
  • Do you block access to unauthorized software?
  • Are files encrypted on servers and workstations?
  • Are your mobile devices managed? Can you wipe them remotely?
  • Are USB ports blocking removeable storage devices?
  • Are endpoints set to automatically log-out?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Archives

Categories

Plant a Seed @ 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2023- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

[contact-form-7 id="452" title="Free Network Evaluation"]