We hope our blog will help you with your IT questions

medical

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
Recent blog posts

The business impacts of ransomware

Most business users have heard of "malware" - malicious software designed to disrupt a business, cause an alteration of processes, etc.  "Ransomware" is a variant of malware which in accordance with the name, is designed to infect a user's system (and potentially any connected networked systems) with code which either locks out access to the data, or which is capable of encrypting the subject data.  The perpetrator will attempt to blackmail the company into payment of a "ransom" to regain access to the affected data.  Ransomware is more widely known now, both because of the damage done to organizations, but also because these organizations were generally doing a reasonable job of protecting their systems.  Ransomware is truly an attack which relies primarily upon 1) untrained or unwary users and 2) poor information technology defenses

Some useful links are noted below with good synopsis regarding ransomware and methods such as CryptoLocker and CryptoWall:

https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-fine-line.pdf?ClickID=cqeppqsleevifazv7nenixaskqszxpkskkz

https://www.us-cert.gov/ncas/alerts/TA14-295A

https://www.fbi.gov/news/stories/2015/january/ransomware-on-the-rise/ransomware-on-the-rise

http://money.cnn.com/2016/02/17/technology/hospital-bitcoin-ransom/?iid=EL

http://www.bbc.com/news/technology-35773058

It is worth noting that some of the recommended steps to avoid ransomware focus on software and hardware solutions...but in our experience, the most advanced defenses must be used IN CONJUNCTION WITH proper user training, awareness, and discipline.  Some of the most current advice regarding prevention is offered by Trend Micro, CERT, Sophos, and the FBI.  Interestingly, the FBI has counselled victims in the past to pay the ransom...for the most part, these companies were not going to recover their encrypted data any other way.

To prevent ransomware we strongly recommend the following:

  1. Business' must train users about the risks of ransomware, what vectors are used to distribute it, and how to respond
  2. Critical systems must be backed up using image-based backups on an hourly or multi-hourly basis
  3. Windows Updates on servers and workstations must be centrally managed and as up-to-date as possible...weekly reporting should reflect any deficiencies
  4. Businesses should use at least one type of content filtering to filter (and report on) web usage of all types, and be set to block malicious content consistent with best practices
  5. Anti-SPAM should be configured consistent with manufacturers best practices...these change and should be reviewed at least monthly for configuration changes
  6. Antivirus must be up-to-date, cover ALL devices which are capable of accessing server-based data or other shared data of any type, and configured according to the latest best practices
  7. An organization's IT group must have DR design which accounts for the response scenarios involved with ransomware
  8. Be flexible and understand this threat is changing continuously...adjustments to configurations will be required
Continue reading
Hits: 1025
0

Our clients have had such a good experience with Windows 7 that Windows 8 and 10 would seem on the surface to have limited appeal

Our client inventory of over 1500 workstations reflects that well over 50% are currently running Windows 7, and that these run on both physical workstation and virtual desktop infrastructure.  Out of the 1500 are a few XP workstations, unbelievably...these run non-critical workloads such as postal machines, etc.  But as with all businesses it is important to keep not only hardware, but operating systems as well refreshed and up to date.  Two factors have prevailed in businesses deciding to remain with Windows 7...user comfort factor, and the fact that the hardware was still functioning without issues.

Anyone who has worked with Windows 8 knows that navigation and functionality are a substantial change from Windows 7.  In fact Windows 10 is somewhat more like Windows 7 in terms of navigation...however it does require adjustment.   Whether users are comfortable with upgrading is no longer really a factor.  Microsoft is retiring mainline support for Windows 7 in 2016/2017.  This creates difficulties in the event of complex support requirements with databases etc. to which Windows 7 devices are client machines.

What are the key features in Windows 10?  Check it out!

http://www.cnet.com/videos/best-windows-10-features/

https://www.youtube.com/watch?v=cVUv_gOKQ_g

https://www.youtube.com/watch?v=FZqKyhfD7-E

By most client accounts, like Windows 10 is an operating system which Microsoft has gotten right.  Although early adoption within large enterprises will be slow this is primarily due to the fact that outside of touchscreen technology, 7 does what enterprises need it to do, mainly being to conduct business in a rock-solid fashion.  As touch-screen becomes a more common request from enterprise users, adoption of 10 will likely accelerate rapidly.

If you have questions about Windows 8 or Windows 10 deployment feel free to call us at 405-822-7912 or email support@dvits.net .

Continue reading
Hits: 2947
0

How does IT infrastructure have an impact on SMB's? 

The fact is that most small and mid-sized businesses tend to wait until exceptionally painful problems occur to look into this.  Our experience has been that if IT infrastructure is correctly planned from the beginning with adequate investment, it reduces recurring problems and costs.  Here are some typical examples:

Physical Environment

Temperature / Humidity / Dust - Computers and electronics have a range of comfort which requires cool airflow (to prevent overheating), and moderate humidity levels (approximately 25%-40% humidity).  This electronics "comfort zone" is not all that different than a normal office environment. This means that small airless closets or rooms without controlled air conditioning will promote heat build-up and early equipment failure.  Enclosed small spaces with poor airflow tend to have wide and very sudden swings in temperature and humidity which result in electronics damage relatively quickly. 

  • Air-conditioning and good airflow are a requirement
  • During cold weather it is imperative to avoid having under-desk space heaters blowing on or being near workstations...feeding hot dry air into workstation air intakes promote static discharge and electronics damage as well as overheating
  • Avoid small spaces if possible
  • If expensive or sensitive equipment (ie. switches, firewalls, servers, computers) is in use ensure it is monitored with a network environment probe...the $400 or so may save many thousands of dollars as a result of equipment damage (see our managed services case histories for examples)
  • On at least a semi-annual basis, shut down workstations and use compressed air to clean out all fans and boards and to clean off cards
  • For environments where workstations must be in dusty or hot environments, it is worthwhile to consider the user of virtual desktops so that the user devices do not use fans and hard drives...it results in significant cost savings

Rack-mounting - in small- and mid-sized businesses with one or two servers it is common to see tower-type chassis which can rest on the floor like a workstation.  With our clients either large of small, we universally recommend rack-mounted servers.

  • rack-mounted chassis do NOT require tall 7 ft. racks, in smaller installations we use short 3-4 ft portable 4-post racks costing less than $500.  These can easily hold 2-4 servers.
  • this gets the equipment off the floor which minimizes the potential for water damage
  • in a rack of any type, we provide servers with faceplates (bezels) to prevent unintentional contact with power switches or drive bay latches - this alone can save thousands of dollars in recovery effort by preventing accidentally ejected drives
  • A rack-mounted server will have better-protected power cables and network cables
  • servicing rack-mounted equipment is easier and safer

 Physical Access - needless to say all servers and other core network equipment should be in secure areas.  Leaving these available to general access can lead to significant operating problems

  •  Using a changeable combination lock or electronic keypad ($200 and up) provides better and more flexible security than keyed locks for server rooms
  • Ensure only authorized users have access if possible
  • Using a server bezel (faceplate) protects server drives and power/reset buttons, especially in close quarters
  • Using an inexpensive network camera in the server room or other sensitive areas which can detect motion and log access can be helpful in deterring unwanted access to equipment

 

Power Environment

Power - All geographic areas are subject to power fluctuations.  Most business owners don't realize that these fluctuations are passed on to the processors of their unprotected IT equipment resulting in long-term damage and early equipment replacement.  Surge suppressors will NOT fulfill this purpose.

  • All servers, workstations, routers, cable/DSL modems, firewalls, switches, wireless access points need to be powered from battery backup
  • All switches, even small 4 or 5-port switches need UPS protection...otherwise power fluctuations still travel the network
  • Printers can normally be powered by a surge suppressor, but verify this from the manual. 
  • If multiple wireless access points are to be placed, ensure the core switch for the facility support power over Ethernet (PoE), and ensure the WAP's support PoE.  This ensures that the WAP's are powered from conditioned power (the switch), and it allows the facility to run without awkward power connections. 
  • Ensure that servers are powered by uninteruptible power supplies (UPS) which can perform remote shutdown of multiple.  Especially in the mid-continent it is not at all unusual for outages to far outlast battery backups.

 

Storage Infrastructure

 Storage Area Networks and Network Attached Storage

These should treated with the same care as any other server as these include processors, fans, and arrays of disk drives

  • Normally multiple power supplies are available
  • These are used to either fully or partially relieve servers of the stresses of storage of critical data (virtualized storage)
  • SANs and NAS are also used to host virtualization storage
  • Units such as DROBO (Data Robotics) and EMC devices are extremely tolerant of unclean shutdowns due to power loss.  However, most of these units can be configured to be automatically shutdown correctly by the power environment
Continue reading
Hits: 3203
0

We frequently get the question: "We've been thinking about moving our IT to "The Cloud"...does this make sense?

The response typically is "it depends".

It is exceptionally rare that moving all key IT infrastructure to the cloud is logical or cost-effective.  The vast majority of cloud implementations are actually hybrid systems with some infrastructure and processes remaining onsite and some offsite.

Lets talk about what "The Cloud" or "cloud-based" refers to.  Typically this means that rather than having the particular infrastructure for a system onsite, it exists typically across the internet at another location.  The services are available to users, but if they asked to see the equipment you would not be able to show them because its in "The Cloud" (the internet).

Cloud-based infrastructure has been around for many, many years.  Compuserve (bet you haven't heard that in a long time), AOL and Hotmail are examples of cloud-based services.  Outside of email, however, lets consider placing highly critical business processes in the cloud.  What would we be looking for which would make this an attractive option?

  • Cost - actually, no...cloud-based infrastructure is almost universally more expensive in terms of cost of ownership than in-house owned equipment when you look over time
  • Reduced management costs - this depends upon what is being cloud-based...if your are looking at Quickbooks Online you won't have to manage upgrades or manage the server on which it resides.  If you are cloud-basing a database server, you are typically still responsible for all management, backup, upgrades, etc.  In other words your IT management costs likely do not drop in this case.
  • Available from anywhere on the Internet - of course
  • Redundancy - part of the objective of critical cloud-based infrastructure is that redundancy should always be part of the deal.  Part of the premium which you pay should be that the system is always up, highly available
  • Investment is low - initial acquisition cost is extremely low, especially in comparison with building your own redundancy.
  • Someone else is handling the hardware and software upgrades, and in a way which prevents or minimizes downtime for your organization.

So what are some key ways that SMB's can use "The Cloud" to reduce their risk?  Dolce Vita has managed migrations to cloud environments for:

  • Accounting - moved clients from on-premise versions of accounting packages to cloud-based installations or to online versions
  • Specialized database servers - migrations of SQL servers from on-premise to either hosted servers or other cloud-based redundant environments - this was done in part due to environmental concerns for server equipment or because uptime was sufficiently important to require redundancy
  • Email - We have used hosted Exchange and hosted Sharepoint for our in-house email and have migrated clients to cloud-based email because of the critical nature of this for our businesses.  Having a server cluster for $10-12/month is a GREAT deal!
  • Business-specific critical databases such as client relationship management (CRM) or ERP - such as Autotask, Salesforce, etc.
  • Hosted VOIP phone systems - we use a cloud-based VOIP system without issues or regrets.  VOIP is very demanding in terms of infrastructure so it isn't necessarily for everyone.

What are the key "gotcha's" for cloud-based infrastructure?

  • Solid, redundant internet connection - if your critical process is cloud-based, and "The Cloud" has dried up and blown away what are you left with?  Typically a "Going out of Business" sign.
  • Use it mainly for processes requiring redundancy, typically we don't accept non-redundant services
  • Be sure to understand who is responsible for server or system management including system and database backups
  • For email systems, be sure you understand the costs and limitations of backups and archiving - in a legal action requiring discovery, the onus is ALWAYS on the business, not on the provider, to ensure email archiving is working and usable.
  • For any cloud-based VOIP infrastructure ensure that all internal IT issues such as bandwidth, traffic shaping, switching, and quality of service (QOS) are addressed, and be certain that at least a limited non-production test is done to ensure your environment will support VOIP adequately.

Call Dolce Vita today to talk about cloud based systems and to see whether this makes sense for your business.  We can promise answers, but not "smoke".

Continue reading
Hits: 3218
0

Malware can be a problem for any business...causing slow workstations and slow access to data for users. 

Dolce Vita has worked with organizations from small non-profits to mid-sized banks and hospitals to reduce their risk and susceptibility to malware and SPAM.  Through an understanding of key risk factors for a client business DVITS designs and manages the means to reduce these risk factors.

User education is the most effective means to reduce risks...if users gain an appreciation of the costs of malware to the organization, and if they are encouraged to accept some ownership and responsibility this is a key step.  Using a firewall which is capable of real-time website filtering based upon organizational policy is effective as is weekly reporting of all website traffic trends for the organization.

DVITS is a strong proponent of cloud-based anti-SPAM filtering and uses this technology to minimize the processing load on mail servers.  This also reduces risk to the organization by keeping malicious emails from ever reaching the mail server.

As with all security measures the network admin should be able to see a console or receive detailed reports on centralized results of these measure.  Detailed reports allow the admin to take specific actions to eliminate problems before they impact the organization.

Continue reading
Hits: 2821
0

Posted by on in Managed Services

How can organizations use managed services to control their IT costs?

Remote Monitoring and Management - Remote monitoring and management (RMM) services provide 24/7 tracking of server and workstation performance, and tracking of events critical to correct functioning of the network.  Critical services which stop or hard drive problems are reported on and even automatically corrected.  Software can be scheduled for automatic installation and regular maintenance tasks can be automated.

For organizations which have their own IT staff, Sempreon provides alerting and reporting on the network environment which is an enormously important task removed from their already full plate.  The IT staff can use Sempreon's integrated helpdesk functions to have users submit tech-related tickets and use the system to track their own remediation work, or they can escalate the ticket to DVITS for resolution.  By using Sempreon for larger organizations the hardware and software inventory as well as licensing and warranty renewals is automatically tracked and tickets can be tied to this inventory.  Sempreon allows chronic issues to be identified and eliminated.  This of course drives downtime lower and keeps your staff productive!

For organizations which do not have in-house IT, or who choose to use a staff member to handle IT as an additional duty (lucky person, that is!) Sempreon makes it possible to be alerted of significant issues and to have an exceptionally experienced resource to assist with anything from helpdesk issues to project planning.  Since Sempreon allows repetitive issues to be identified, a solution can be prioritized and planned meaning that staff can focus on their core mission for the business instead of handling tech issues.

The objective behind Sempreon RMM is to prevent problems early instead of waiting for issues to affect users. Sempreon allows DVITS to effectively act as an outsourced CIO and IT shop, with the ability to remote into a user's desktop within minutes...over 95% of our network management is handled remotely resulting in lower IT costs and higher technology reliability.  This can make any business more profitable!

Hosted Exchange Email - The key advantages to hosted email are the presence of redundant server services, simplified archiving, and reduction in management tasks.  Using Hosted Exchange 2010 for our clients has reduced hassles and provides great mobile services.  The archiving features have come in handy when clients have accidentally deleted critical email or folders. 

Sempreon DATTO Business Continuity - being able to automate the entire disaster recovery process is a huge load of any admin's shoulders, and it is even a bigger load off management's.  Our DATTO system allows for local appliance-based image backups of servers and workstations with local recovery of either data or an entire server in under 15 minutes.  In the event of a local disaster, within about 1 hour we can make the client's protected servers available from an offsite datacenter. 

 

Call Dolce Vita today to schedule a cost-free in-house demo of Sempreon RMM.

 

Continue reading
Hits: 2908
0