Security researchers performed penetration testing on the networks of 45 various mid-sized companies and found that in real life scenarios 93% of those networks were able to be compromised to the point of business disruption. Here are the details:
The 45 companies were polled to determine what would be an unacceptable business interruption. They decided that the following met that criteria:
Disruption of production processes
Disruption of service delivery processes
Compromise of the digital identity of top management
Theft of funds
Theft of sensitive information
Fraud against users
These became the target for the penetration testers.
In order for the penetration tester to achieve their target, they followed the following process:
Breach the network perimeter – This was done by the use of compromised passwords found on the Dark Web and know vulnerabilities on devices that were directly connected to the internet
Obtain maximum privileges – In 100% of the networks, once an attacker was inside the network
Gaining access to key systems – With maximum privileges, the testers are able to gain access to other areas of the network including databases, executives computers, and production servers
Develop attacks on target systems – Once key systems are compromised the testers then figured out how to create the unacceptable business interruption. Although they could have created these interruptions, they only gathered proof that they could to present the data to the companies.
How to Defend
There are a couple main ways to defend against these kinds of attacks:
Security Controls / Segmentation – Creating least privileged access to key systems and segmenting the network will keep hackers from traversing the network once inside
Enhanced Network Monitoring – Modern cyber security tools watch activity and traffic on the network to find indicators of compromise. They pool this information into an attack history that can be used to remediate and further protect.
Your company is not as safe as you think, so contact us for free initial cybersecurity evaluation and risk report. .
Based on some recent experiences and plenty of past experiences, we thought it would be good to help customers make good choices when shopping for new computers. The easiest and best way is to trust us to do the research and know your company’s computing needs enough to provide you with the best computer for the best price. However there are some that like the thrill of the hunt and want to find the best “deal” themselves. They try to save money via sales that we honestly cannot compete with on price. This newsletter is meant to help guide them to the best options for solid performance and longevity in their investment.
Big Box Stores (Staples, Walmart, Costco, Best Buy, etc.): Seeing the local adds, these retailers are often at the top of the list for many people when shopping for a computer. They offer the convenience of being able to physically touch the computer being purchased and not having to wait for the computer to be shipped from some other part of the country. The downside is that these retailers are selling a commodity product for the smallest cost possible to maximize their profits. This means they are willing to have computers made from the least expensive parts and lowest build quality. They also find ways of scrimping on important features and masking this deficiency with flashy claims on features or partnerships with celebrity endorsements. Don’t be fooled these are disposable computers that will not stand up to the demands of a business environment.
Online Discount Sellers (eBay, Amazon, Google. Overstock, etc.): Bargain hunters are getting savvier with online tools and searches for the products they want. This type of “retailer” works much like the big box store, but you have to trust the pictures you see online and wait for the product to arrive from across the country or globe. These online stores are often just marketplaces where smaller retailers post their products to gain greater visibility then they could on their own. They are also notorious for selling what appear to be quality computers that have been “refurbished” in-house. These refurbished computers are usually years old and are a Frankenstein monster of spare used parts from their shop. Much like buying a car from a used car lot, you get all the troubles of someone else’s computer with all the reliability of a computer that is past its prime held together with old parts.
What to look for in a new computer
Business Class: This is important because manufactures who have this distinction on their products take the time to make a quality computer with mid-range parts. These computers will have all the needed features and typically last much longer then the disposable computers from other stores. If you go directly to the manufacturers website, they will typically have a section labeled Business that you can look through the models they have given this distinction.
Processors: This is the capacity of the computer to crunch through data. There are two main companies that make these chips, Intel and AMD. Intel is what I recommend for the majority of business users (except for those who only do light office work). They currently are using a system of Generations and i-series distinctions. The Generations help determine the age of the processor with the latest being 12th-generation processors, so if you are looking at a computer with a 9th-generation processor it is likely 3 years old out of the box. The i-series consists of i3, i5, i7, and i9 which is a measure of the raw computing power that the processor contains. Our recommendation for businesses are i5 for general office work and i7 if you are a power user who does many things at once.
Memory: This is the short-term memory capacity of the computer, so the more you have the more you can accomplish at once. These chips also have designations of DDR technology and PC-speed rating. The DDR technology has slowly changed over time and they are now shipping DDR5 chips for top of the line gaming computers, but for typical office computers the DDR4 technology will be the best performance per dollar. As for the PC-speed rating, it will somewhat match the DDR number with the latest in the PC5-38400 range, but again the PC4 with the highest number possible next to it will be sufficient. General office work can be accomplished with 8GB of RAM, but 16GB is becoming the new norm. Those who want more performance will need to go to 32GB or higher.
Hard Drive: This is the long-term memory storage of the computer. There have been massive improvements in technology on these in the past few years and performance has jumped substantially. This is one of the ways that big box stores save money the most, they sell an old fashioned hard drive in a new computer and performance suffers greatly. The newest technology is called NVMe and any new computer should contain this kind of hard drive to see the best performance. If cost is prohibitive, then at least get the previous technology of an SSD installed in the computer.
Everything Else: The rest is mostly personal taste. If you want wireless, then get one with wireless in it with the latest being WiFi6 and some include Bluetooth connections too. If you want a large screen, touchscreen, fingerprint scanner, lightweight, certain specific ports for your devices, or whatever other features – these will be the finishing touches that help shape your final choice.
If your company is going to looking to buys new computer, then contact us to save yourself the time and money of getting a computer or worse the wrong computer.
Here is a quick bit of Powershell that helped me to track down a “shared calendar” in a Co-Managed IT / Tier3 client’s Office 365 tenant. After looking in Shared Mailboxes and Resources for the calendar with no luck, we tried to get into the Exchange Management Console (EMC). The loading circle of death went on for an eternity, so switched to good old Powershell. Found the commands as follows after connecting to Exchange Online in Powershell:
Examples of these violations of Microsoft’s acceptable use policy can include:
Distributed denial-of-service (DDoS) attacks
Resale of pirated subscriptions
In cases where Microsoft observes this type of activity, we may take action to deactivate customer subscriptions without prior notice.”
This is definitely the time to make sure that your company has the following safeguards in place:
Antivirus with Enhanced Detection & Response – to catch the bad guys on the internal network
Multi-factor Authentication on all online accounts – make the hackers job harder with more secure connections
Password Manager – to stop using the same password for all sites (changing on character is not enough)
Enhanced Email Security – to keep the bad guys from pretending to be your company and stop the spam before it gets out
SaaS Backups – to prevent deletion of emails, contacts, calendar items, and shared online storage
Every company is entitled to a free security check-up, so contact us to schedule yours today.
Take an in-depth look at the 1:1 paradigm, a scenario in which schools are equipped to provide every student with a device to facilitate more connected and meaningful learning. Examine the detailed process of how today’s schools are moving toward a future where every student has equal educational opportunities.
Flexibility is a must in the new post-pandemic work world. Hybrid work continues to evolve, and business leaders are looking for a new operating model. Technology is the binding factor to create inclusive meetings that keep employees engaged and inspired. Updates to Teams like PowerPoint Live, the Teams camera feed, Microsoft Whiteboard—and devices like Surface Hub—encourage digital collaboration.
Endpoint Manager combines services like Microsoft Intune, Configuration Manager, Desktop Analytics, co-management, and Windows Autopilot to help secure access, protect data, and respond and manage risk.
Sign up to say connected—we’ll help you better connect and create new experiences throughout your organization with Hybrid Meetings.
With Microsoft Azure Migration Program (AMP), customers receive prescriptive guidance for a step-by-step approach for a path to the cloud from start to finish.
The program delivers technical skill building to ensure your organization can successfully adopt Azure; best practices for a step-to-step approach from start to finish; Azure engineering support for data and infrastructure foundations; expert guidance from specialized migration partners; free Azure tools to help you efficiently execute migrations; and cost effective offers to help you save money before, during, and after migration. All of this, available to all Azure customers, scaled through specialized migration partners.
Contact us for more information or assistance in migrating.
Remote work is starting to feel mainstream, but many companies are still struggling to normalize their own personalized hybrid work models. Explore four things you should avoid in order to balance the needs of a diverse and divided workforce—from investing in the right tools and overcoming meeting fatigue to finding new ways for personal connections.
Everyone knows that teamwork is vital in the National Football League (NFL)—on the field and off. The arrival of COVID-19, however, pushed the league to reimagine how to collaborate behind the scenes. Executing hundreds of live events while preserving the gameday experience for online fans and business partners was a new challenge.
In exchange for the traditional high-touch, in-person communication culture at league offices, the organization adopted a virtual home field. Microsoft Teams helped the NFL stay connected and safely execute all 270 combined regular season and playoff games and Super Bowl LV—despite the collaboration challenges brought on by the pandemic.
The Bridgeport Public Schools are providing students with a solid and adaptable educational foundation by integrating technology into every aspect of the curriculum. By taking advantage of education tools included in Windows 10, teachers are giving students the skills to prosper in whatever career they choose. Check out this video to learn more about how this school district is setting the standard for technology success in the classroom.