In the Pipeline

Project Status

Several major site network projects will continue to occupy most of our time through the end of the year. Sites in Richmond, Marshall and Independence are either just wrapping up or are scheduled for completion by the end of November. One new facility build-out is on the calendar for the first Quarter of 2017. At this point, that should round out all large scale network tasks that we have on the forecast.

Operations Reviews

We will not be scheduling any large projects for the month of December. We have set aside this time to deal with internal maintenance and management activities which are essential to smooth and efficient operations going forward into FY2017. Internally, we’re doing a full top-down review of all business applications with three specific targets in mind.

First, we are focusing on finding a way to improve our client tracking and management functions by consolidating ticketing/labor reporting (AutoTASK) and Remote Monitoring operations (Solarwinds N-Able) into one program. We have a live evaluation of this consolidated application scheduled for December. If this works, we will be able to improve our efficiency, reduce our monthly licensing fees and pass further cost reductions on to the support agreements.

Second, the traditional IT environment is changing much more rapidly than expected. It’s quickly moving away from on-premise mail management setups such as Microsoft Exchange. Newer versions of Microsoft Server designed for the small business environment no longer include Exchange and as a standalone purchase or as a hosted solution, it gets really pricey, really fast.

What this means is that Exchange Defender (while being a very good product) isn’t broad enough to cover all types of scenarios in use by our client base. We need to find a product that enhances e-mail security while also reducing costs at the client level. We are currently evaluating Mail Protector on our internal network to see if this product is a suitable replacement for Exchange Defender. Again, this is a key element in the multi-layer Enhanced Security protocol we’ve been implementing over the past two years.

Third, we have been working hard towards compiling a list of important recurring items at the client site network level. In this mix are due dates for Server-support battery refresh maintenance, licensing due dates for SonicWall, Trend Micro and others. Beginning in January, we’ll be sending out forecast reports for each site that will let you know what is due, when it’s due and what costs to expect. This effort is designed to help you manage expenses for the year.

Security Concerns- Trojans, Viruses and Ransomware

Speaking of Enhanced Security, we have had a higher than normal number of calls related to virus and Phishing issues in October. Several clients have reported getting e-mails about something called PopMoney from US Bank. This is a Phishing scam where the sender is looking for you to provide them with your bank credentials. If you see this, do not answer it, click on it or do anything with it other than to delete it immediately. Sample e-mail below:

 
 
Dear Customer,

Our records show that you’ve received a popmoney transfer from another U.S. Bank customer. To accept your payment click the link below and register your account with the U.S. Bank popmoney service.

Accept Payment

 
Thank you for using Popmoney offered by U.S. Bank.

Sincerely, Customer Care

 
*********************************************************************

This email was sent to you as part of the services of U.S. Bank. If you have received this email in error.

Email ID: POP122

Issues with e-mail which include attachments is on the rise and we expect that to expand as the online shopping season approaches. Many, if not most, of these e-mails contain what appears to be an invoice attachment. Again, do not click, open or otherwise activate this attachment as they are almost always Trojan droppers for Ransomware. Flag the e-mail as Junk and then delete it.

Another new one reported by a client concerns your Domain Name Registration. See example below:

************************************************************************************************************************************

This is a very important case, so please transfer this email to your CEO or appropriate person. Thanks a lot.) 

Dear CEO/Principal,

We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. We formally received an application on October 13, 2016 that a company claimed “TaiYeng Trade Ltd” were applying to register “Your Domain Name”  as their Brand Name and some “Your Domain Name” Asian countries top-level domain names through our firm.

Now we are handling this registration, and after our initial checking, we found the name were similar to your company’s. Since now the cyber-squatting events and domain name abuse are very serious, in order to avoid such incidents cause unnecessary loss of benefits to your company.so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we would finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we could handle this issue better. After the deadline we will unconditionally finish the registration for “TaiYeng Trade Ltd” Looking forward to your prompt reply.

Best Regards,

Ned Zhang Senior Consultant Manager

This e-mail and any attachments are confidential and may contain information that is exempt from disclosure by law and subject to copyright. If you have received this message in error, please let me know and delete it.

P please consider the environment before printing this e-mail

***********************************************************************************************************************************

First off, your Domain Name is registered to your company. You pay for this and the only way this changes is if you either don’t pay to extend ownership or somebody has your credentials and changes the ownership. This type of e-mail is an attempt to get those credentials and it also drops a Trojan into your system potentially opening you up to hacking or Ransomware infections. Again, if you see this, flag it as junk and delete it.

Our Enhanced Security protocols are set up to help defend you from this type of stuff as much as possible. It’s a multi-layer configuration including local Antivirus applications, e-mail filtering, SonicWall protection at the Gateway, OpenDNS checks for malicious sites and WebRoot virus/SPAM protection at the web level. That may sound like overkill but in today’s environment, it is essential to cover every base possible. This setup handles most eventualities but in the end, it comes down to the end user being educated on what not to do. Click-happy computing, downloading Coupon sites, allowing browser “helpers” to be installed or browsing at places that have nothing to do with their business function are examples of the weak links that cause most of our virus response tasks. Fortunately, we have been able to keep this down to a minimum this year having less than ten instances total for all of 2016. We are aiming to reduce that even further in 2017.

So if you need help briefing users on the potential hazards out there, what to do and not to do or if you need an Acceptable Internet Use Policy for employee records, drop me a line at tech@itservpro.com and I’ll see what we can do to help out.

End of Year Reminders

  • Support Agreements have been sent out. If you wish to continue having us support you, please sign and return the last page by 25 November so we can get the records straight for FY2017. If you decide to discontinue support, please let me know as soon as possible so I can get your vendor transition scheduled before the end of December.
  • Disaster Preparedness Plans (DPP)- if you need help writing a new DPP or revamping an existing one, let me know so I can help tailor it to your specific needs. Effective plans take a while to work up so it’s not a light task.
  • Annual Insurance Coverage Review- The end of the year is a good time to get with your insurance agent and find out exactly what type of coverage your business has for computing equipment. Basically, there are two types of concern here. You either have Fair Market Value coverage which means you get paid for what the device or item would fetch at the time your claim is filed. That’s usually far less than what it takes to replace it. Or you have Full Replacement which means they pay your claim to get the same or similar device or item. When it comes to Workstations, Servers or things like high end Routers, Full Replacement is the best option.
  • Company Policy Updates- We have access to multiple company policies, all free from the SANS Institute and easily modified to fit your needs. If you need help with this, let me know.

End User Blog Topics

If you have any topic you’d like to see us post for you, please feel free to drop us a line. Sometimes the sheer volume of things involved in daily networking operations cause confusion and when you throw in the rapid changes to technology, this stuff can become a blur. If you ask it, we’ll answer it in understandable terms.