Loading ...

Category: Servers

Zero Trust – Software Patching

This is the seventh in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on software patching. 

Software Patching

Software patching is a neccesity because no person who writes code is perfect and hackers are actively looking for these mistakes. The hackers find the mistakes and then develop ways of using these to exploit the software, computer, or whatever else they can gain access to. The only way to combat both the mistakes and the exploits is to discover them before the hackers do and patch the hole in the software. This patch can however lead to unforseen consequences to the software, so a plan for testing and deployment of patches is needed to avoid unexpected downtime to businesses.Here are some questions to ask:

  • Do you know all of the hardware and software on your network?
  • Do you check for hardware, operating system, and other software regularly?
  • How do you check for updates, patches, or upgrades to software?
  • How do you install these patches? Is it automated?
  • Are these patches tested before installation?
  • What happens if a patch causes problems?
  • Do you have a log of all installed updates?
  • Are any systems or software on your network no longer supported for updates?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Surviving a Flood

Had a client walk into their office to find it flooded with an inch and a half of water on the ground and it got me thinking about what could be done to mitigate the risks associated with this sort of “Act of God” at the office.

Can’t Stop the Flood

It goes without saying that there is no way to realistically prevent a flood besides the usual preventative building maintenance that most businesses are not in control of anyways. It makes sense then to choose an office space where the owner is into proactive repairs on the building, even if it costs a little extra per month. It would also be good to talk to your business insurance provider to make sure that such Acts of God are covered. Clean-up and recovery though usually covered by the building owner can get expensive if your contract doesn’t cover it. 

Prepare for the Worst

Practically speaking it may not be possible to keep computers out of the water in a flood. At this particular client we did have the computers up on blocks just in case of this very thing. All network equipment should also be in a safe place, ideally in a locked cabinet high off the ground.

Recovery can happen

If the worst does happen, the first thing to do is shut off the electricity to the building. After that take careful inventory of all that is plugged in and remove it from electrical outlets. If equipment is wet, keep it unplugged for a couple days in a dry environment to make sure it is free from moisture. Once sure it is dry, plug in the equipment and test whether it will come back online. If anything was submerged in water, it is best to plan on replacing it as most water has minerals in it that will stick to components in the computer and could cause and electrical short.

If your company is not ready for the worst, then contact us for assistance.

RMM Automation: Sort Files Into Folders Based on Filename

Optimize File Storage - Clackmas, OR

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for RMM automation. Here is a script that we came up with to handle a particular client that dumps tons of PDFs into a folder unsorted and wants individual folders created for each unique file name. We have tailored this script to be used not only at that client but for any folder on any Microsoft Windows computer that needs to be sorted in this manner. This script could easily be modified to sort other types of files.

Variables

Here are the variables we are using for this script:

  • $SourceFolder = This is the target folder to be sorted

Script Snippet

# Defines the folder that sorted data will go into 
$TargetFolder = $SourceFolder + " Sorted"

#Defines how to match files with similar names, in this case we put files with the same name then a dash or underscore and other numbers or letters to be placed in the same folder
$MatchRegEx = "[-_]"


#Grabs only the PDF files in the folder being sorted (modify for other extension types or remove filter to sort all files)
Get-ChildItem -Path $SourceFolder -Filter *.pdf |
    ForEach-Object {
        #Creates folder name for child folders in sorted data
        $FileNameFolder = $_.Name -split $MatchRegEx
        $ChildPath = Join-Path -Path $FileNameFolder[0].Replace('.pdf','') -ChildPath $_.Name

        [System.IO.FileInfo]$Destination = Join-Path -Path $TargetFolder -ChildPath $ChildPath

        #Checks if folder exists and if not creates child folder
        if( -not ( Test-Path -Path $Destination.Directory.FullName -erroraction silentlycontinue) ){
            New-Item -ItemType Directory -Path $Destination.Directory.FullName
            }

        #Copies file into child folder
        Copy-Item -Path $_.FullName -Destination $Destination.FullName
        }

This script is non-destructive meaning that the files are copied and not moved. This script gives screen output of each new child folder created.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Zero Trust – Endpoint Security

Endpoint Security - Clackamas, OR

This is the sixth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on endpoint security. 

Endpoint Security

Endpoint security is a fancy term used to describe how the computers on the network are protected. This used to be done by antivirus but due to the complexity of the attacks hackers are using to compromise networks these days, the definition has expanded greatly. This now includes things like Enhanced Detection & Response software, Security Operations Centers, DNS Filtering, employee train and more. Here are some questions that you should be asking yourself:

  • Are your endpoints protected by antivirus or enhanced detection & response?
  • Is website traffic being monitored? Restricted?
  • Are your employees being trained in cyber security?
  • Are computer logs being monitored for malicious activity?
  • Would unusual or suspicious activity on a computer be noticed? Alerted on?
  • Do you have security permissions set on all file shares?
  • Do you have least privileged access configured on those shares?
  • Do you keep track of what software is installed on all workstations?
  • Do you block access to unauthorized software?
  • Are files encrypted on servers and workstations?
  • Are your mobile devices managed? Can you wipe them remotely?
  • Are USB ports blocking removeable storage devices?
  • Are endpoints set to automatically log-out?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Zero Trust – Trusted Vendors

This is the second in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the vendors you purchase network equipment from. 

Trusted Vendors

Trusted vendors are those who supply workstations, servers, routers, switches, power protection, software, and anything else connected to your network. Here are some questions that you should be asking yourself:

  • Do you know who makes your network equipment, servers, computers, and software?
  • Do you know the way to contact their support and have current account access information?
  • Do you have current warranties / support contracts on hardware and software?
  • Is the hardware able to perform at the level needed?
  • Are you purchasing software from those who meets industry standards?
  • If a subscription, how much are you paying and are you on the correct plan for your needs?
  • When is the last time you upgraded your software and hardware?
  • Have you budgeted for the next upgrade?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

Hackers Penetrate 93% of Company Networks

Hacked - Grants Pass, OR

Security researchers performed penetration testing on the networks of 45 various mid-sized companies and found that in real life scenarios 93% of those networks were able to be compromised to the point of business disruption. Here are the details:

The Target

The 45 companies were polled to determine what would be an unacceptable business interruption. They decided that the following met that criteria:

  • Disruption of production processes
  • Disruption of service delivery processes
  • Compromise of the digital identity of top management
  • Theft of funds
  • Theft of sensitive information
  • Fraud against users

These became the target for the penetration testers. 


The Process

In order for the penetration tester to achieve their target, they followed the following process:

  • Breach the network perimeter – This was done by the use of compromised passwords found on the Dark Web and know vulnerabilities on devices that were directly connected to the internet
  • Obtain maximum privileges – In 100% of the networks, once an attacker was inside the network
  •  Gaining access to key systems – With maximum privileges, the testers are able to gain access to other areas of the network including databases, executives computers, and production servers
  • Develop attacks on target systems – Once key systems are compromised the testers then figured out how to create the unacceptable business interruption. Although they could have created these interruptions, they only gathered proof that they could to present the data to the companies. 


How to Defend 

There are a couple main ways to defend against these kinds of attacks:

  • Security Controls / Segmentation – Creating least privileged access to key systems and segmenting the network will keep hackers from traversing the network once inside
  • Enhanced Network Monitoring – Modern cyber security tools watch activity and traffic on the network to find indicators of compromise. They pool this information into an attack history that can be used to remediate and further protect. 


Your company is not as safe as you think, so contact us for free initial cybersecurity evaluation and risk report.  .

Find and remove Office 365 Public Folder Calendar

Here is a quick bit of Powershell that helped me to track down a “shared calendar” in a Co-Managed IT / Tier3 client’s Office 365 tenant. After looking in Shared Mailboxes and Resources for the calendar with no luck, we tried to get into the Exchange Management Console (EMC). The loading circle of death went on for an eternity, so switched to good old Powershell. Found the commands as follows after connecting to Exchange Online in Powershell:

get-publicfolder -Recurse

Remove-PublicFolder -Identity \[PublicFolderName]\[calendarname]\

If your company is looking for local management of your Office 365 tenant or need advanced support for your IT team, then contact us to find out how much you can save with us. 

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

    Something went wrong, try refreshing and submitting the form again.