As the rate of game-changing technological shifts continue to increase across multiple industries, compliance functions will need to reevaluate how they go about examining risk and implementing risk-management protocols. What should compliance functions be doing now to proactively adapt to this changing environment? And what can you do to help them along this journey?
Marshall Public Schools are preparing their students for life after graduation using Windows 10 in S Mode. Students are able to gain valuable technological skills without requiring the school district to sacrifice security.
As we work on finishing our 5th year in business, Farmhouse Networking continues to enhance its offering to our clients and improve the way we do business. Each one of these changes is carefully researched and painstakingly implemented to make sure that impact on end-user experience is minimally invasive. Here is a list of the major changes taking place now:
New Customer Documentation: We have been using a new document management system to securely store information about our clients networks, create standard operating procedures on how we specifically care for individual clients, and keep track of passwords for all the things that need securing. This will keep our staff and backup techs apprised of all our customers equipment and standard operating procedures so that things get done right.
New Maintenance Software: After much market research to improve our current system of auto-magically maintaining customers computers, we found something better. It took some negotiations with them but we got the price down to close to the same, so there will be no increase in price. Just better software to serve our customers with. We can now monitor more of the network and in a deeper way so that there is even less possibility of downtime due to computer issues.
New Employee: You read that right. Farmhouse Networking has officially contracted with our first employee. The work load has finally reached the point where occasional help from my family is just not enough. Peter deGreyt will start work on Monday, November 11th, 2019. He has previously worked for another local managed service provider and graduated from Southern Oregon University with a degree in business analytics. His first contact with many of you will likely be to input customer information into our new document management system.
If your company is interested in working with a company that takes IT seriously, then contact us for assistance.
Had the pleasure of helping a local company, that has expanded out to several nearby counties, keep in touch with everyone through video conferencing. They had been working from a laptop connected to a big screen TV for months, but were not able to get everyone in their new conference room into the frame. Farmhouse Networking recommended the Logitech Tap conference room system for them because they are using Microsoft Teams for their video conferencing as it is included with their Office 365 subscription.
What is Tap?
Tap is Logitech’s solution bundle to create an easy to use video conference room experience. It comes with
A large Logitech Meet-Up conference camera that has integrated speakers / microphone, ability to pan and zoom around the room automatically to whomever is speaking, and remote control for manual adjustments.
An Intel NUC (Next Unit of Computing) mini PC that is specifically programmed to function as the host for the meetings.
A Logitech Tap touch controller that makes creating and managing meetings a breeze. Meetings are setup, screens are shared, and conferences are controlled with just a touch.
All the mounting and cables that are needed to get the system connected.
If your company is looking to upgrade your conference room experience, then contact us for assistance.
A recent briefing from the FBI’s Internet Internet Crime Complaint Center (IC3) detailed current best practices and industry standards for cyber defense. Here is a summation:
Cyber Defense Best Practices
Backups – Regularly back up data and verify its integrity. Backups are critical in ransomware; if you are infected, backups may be the only way to recover your critical data.
Training – Employees should be made aware of the threat of ransomware, how it is delivered, and trained on information security principles and techniques.
Patching – All endpoints should be patched as vulnerabilities are discovered. This can be made easier through a centralized patch management system.
Antivirus – Ensure anti-virus and anti-malware solutions are set to automatically update and that regular scans are conducted. Centrally managed is even better.
File Permissions – If a user only needs to read specific files, they should not have write-access to those files, directories, or shares. Configure access controls with least privilege in mind.
Macros – Disable macro scripts from Office files transmitted via email.
Program Execution Restrictions – Implement software restriction policies or other controls to prevent the execution of programs in common ransomware locations, such as temporary folders supporting popular internet browsers, and compression/decompression programs.
Remote Desktop Protocol – Employ best practices for use of RDP, including use of VPN, auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts.
Software Whitelisting – Implement application whitelisting. Only allow systems to execute programs known and permitted by security policy. This one takes careful planning.
Virtualization – Use virtualized environments to execute operating system environments or specific programs. No physical access to servers makes hacking harder.
Network Segmentation – Implement physical and logical separation of networks and data for different organizational units. Keep guest traffic out of your business network.
No Saved Passwords – Require users to type information or enter a password when their system communicates with a website. Better yet use a password management tool.
If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.
You read that right! As a Microsoft Partner, Farmhouse Networking is able to setup free training lead by Microsoft Community Development Specialists for any client that purchases new Microsoft Office licenses or renews a current license agreement. Here are the courses offered:
Empower your Business with Microsoft Teams
Get to Know Windows 10
LinkedIn: Build Your Business Pipeline with LinkedIn Sales Navigator
Office Fundamentals – Five Series Workshop
Fundamentals of Word
Fundamentals of Excel
Fundamentals of Outlook
Fundamentals of PowerPoint
Fundamentals of OneNote
And several more…
If your company is going to upgrade to Office 2019 or is looking to migrate your email to Office 365, then contact us to get in on the free training for your entire company.
All someone has to do is look at the pricing model above to see why Backblaze is a no brainer for long term storage (not to mention the first 10GB of storage is free. With its recent inclusion as a destination for web server’s WHM backup, Farmhouse Networking has been recommending our hosting provider customers to make the switch from AWS Glacier. Here is the steps to make the switch:
Setup Backblaze Buckets
Login to Backblaze account
Click on the Create Bucket button in the B2 Cloud Storage Buckets section
3. Give the Bucket a name and keep the bucket private for the backups. Click on the Create a Bucket button.
4. Copy down your Backblaze Bucket name and Backblaze Bucket ID
Setup Backblaze Application Key
Click on the App Keys section
Click on Add a New Application Key
3. Give the Backblaze Application Key a name, chose the newly created bucket from the list and make sure to leave the Type of Access as “Read and Write”. Click the Create Key button.
4. Make sure to copy down the Backblaze Application keyID and Backblaze Application applicationKey. This will be the only time they are both shown. If you lose the Backblaze Application applicationKey then you will have to delete the current one and create a new one.
Setup WHM Backup to Backblaze
Connect to WHM as root user and choose Backup Configuration from the menu. The specific WHM backup settings are not discussed here, but feel free to contact us for advise on how to do so.
2. Click on Additional Destinations. Chose Backblaze B2 from the Destination Type and click on the Create New Destination button.
3. Enter in a backup name. Click on the “System Backups” if that is desired. Leave the Backup Directory blank. Enter in the Backblaze Bucket ID and Backblaze Bucket Name copied down earlier. Enter in the Backblaze Application Key ID and Backblaze Application Key. Click on the Save and Validate Destination button.
Make sure to disable your old AWS Glacier backup destination. All backups on Glacier should be set to auto delete according to a lifecycle, but if not then wait 120 days from creation to remove them to avoid any penalties. Speaking of lifecycles, it is a good idea to change the lifecycle settings on the Backblaze bucket to auto delete after a determined number of days since they do charge for total storage utilized.
If your company is would like to discuss the layers of security you have in place, then contact us for assistance.
Got a call a couple weeks ago from a local church:
“we came in and open the computer and we have ransomware on there. We can’t even get to any of our stuff. It’s telling us to email somebody and so that they can free up the computer.”
How does this happen?
Generally these things happen because people click on things they shouldn’t. Whether in an attachment in email from someone they don’t recognize, a link in social media that sounds too good to pass up, or an advertisement for something they can’t live without. Once the user gives permission for something to open or run on their computer the game is over and the hacker wins.
What to do when it happen?
Stop using the computer.
Leave the computer alone! Do not carry out any further commands, including commands to Save data.
Do not close any of the computer’s windows or programs. Leave the computer alone.
Leave everything plugged in and do not turn off the computer or peripheral devices.
If possible, physically disconnect the computer from networks to which it is attached.
Call us immediately. Write down any unusual behavior of the computer (screen messages, unexpected disk access, unusual responses to commands) and the time when they were first noticed.
Write down any changes in hardware, software, or usage that preceded the malfunction.
Do not attempt to remove a suspected virus! Let the professionals do the dirty work.
How to prevent this from happening?
Layers of protection is the simple answer. A good antivirus installed to stop the bad programs from running, DNS filtering to keep users off of bad sites / advertisements, a good backup of all data to recover when this does happen, and most important of all EDUCATION – teaching users what safe internet usage looks like and having policies in effect to train them can mitigate 60-70% of infections.
If your company is would like to discuss the layers of security you have in place, then contact us for assistance.
“Office workers across the UK are wasting 14 days per person each year — or 1.8 billion hours a year in total — because the technology they’re given isn’t good enough.” – BetaNews
Outdated Tech = Wasted Time
Slowness: When a computer is slow, so is the worker operating it. As a computer ages, like anything else, the parts inside wear down. Regular maintenance and replacement are the solution to increasing employee productivity.
Crashing: As computer crashes happen data is damaged or lost. This means work has to be re-done. Crashing can be a sign of software issues or hardware issues that require proper diagnosis. Once fixed employees can get back to business without interruptions.
Incompatibility: Out-dated software or hardware can cause what used to work perfectly to stop all together. Regular updates of all software and replacement of aging hardware is always the best policy. Helping employees stay on track with standard operating procedures makes work flow possible.
Security: Hackers are constantly working to find new ways of breaching security measures. Without current security solutions (firewall / DNS filtering / antivirus / SPAM filtering / password management ) and up-to-date systems, your network is a sitting duck. Network downtime due to a breach can be a business killer.
If your company is using out-of-date technology, then contact us for assistance.