News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
Latest Updates

New! Tech Your Books, Look a Whale, Super Secret News, and Be The Cloud. Check them out on our website.

Jan
12
Learn from Susan Bradley how to successfully manage patching Windows 10
Posted by Amy Babinchak on 12 January 2017 03:23 PM

Susan Bradley is our resident patch-o-holic, builder of the PatchGrid and contributing author of the Ransomware Prevention Kit. She’s presenting a webinar on what you’ll need to know about managing patching for Windows 10. It’s a brave new world which calls for new procedures and processes.

The Past, Present and Future of Patching Windows

Tuesday, January 26th @ 11am, 1pm, 3pm EST
Enroll by January 20th and Save 15%

Join Susan Bradley and review historical patching issues , and how Windows 10 is shifting how we manage change and deployment of our operating systems.
This
training will cover how:

  • Change to Windows 7 and Windows 8.1 impacts your patching schedules.
  • Track and discover post release issues.
  • Manage the patching changes for Windows 10.

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »



Jan
4
Another scholarship awarded
Posted by Amy Babinchak on 04 January 2017 11:00 AM

We are please to be able to award another scholarship. Our awardee this time is Denea Brooks who has achieved her Security+ certification.

She’s also studying for her master in information systems and security in Austin TX.

Our goal is to encourage women to enter this field and to make those that are here more visible by supporting their certification. If you know a woman achieving certification, tell her about our scholarship program.

http://www.thirdtier.net/women-in-it-scholarship-program/ 

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »



Jan
2
The new patchgrid is here
Posted by Amy Babinchak on 02 January 2017 03:35 PM

Yes there still are patch issues. For example, Excel 2013 send to pdf is broken after security update if you’re using the click to run version.

Find out what else is going on. A new patch grid has been uploaded and is ready for you.

Get your updated patchgrid

 

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »



Dec
28
What cool tech did you get this year?
Posted by Amy Babinchak on 28 December 2016 10:00 AM

I added to my growing IoT collection a Phillips hub. It works with both Nest and Echo so everything stays in the family. More automation here we come. 

Of course there's this issue to consider. If you ever have a need to hide something, you'll find it is getting harder and harder. http://www.cbsnews.com/videos/can-amazon-echo-data-be-used-as-evidence-in-murder-case/


Read more »



Dec
27
How to configure email encryption in Office 365
Posted by Amy Babinchak on 27 December 2016 11:10 AM

Originally published at http://techgenix.com/secure-encrypted-email-office-365/

So you’ve rolled out email, yay! But have you enabled your users to send secure encrypted email?  It is a very underused feature among small- and medium-sized businesses.  This makes me kind of sad because every business sends some personal data that should be protected. Quotes, bids, specifications, drawings, credit card information, health questions, benefits, or employment information, if sent via email should be sent in a secure manner. Whether it’s protecting other people’s Personally Identifiable Information (PII), required protection of credit card data (PCIDSS), or your businesses’ secrets, encrypted email use is a must.

The encrypted email feature is included in the Office 365 E3, E4, E5, and K1 plans. If you don’t have one of those plans, you can add Azure Rights Management Service (RMS) or Enterprise Mobility & Security (EMS) to your plan.

Enable Office 365 Message Encryption

It’s not at all difficult to implement message encryption. I’ve tried the GUI method of enabling the message encryption with mixed results so I’m going to recommend that you skip it and use PowerShell instead. It’s not complex. Just punch in the following commands.

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Set-IRMConfiguration -ClientAccessServerEnabled $True

You might want to wait a couple of hours to give the command time to take effect. This is Microsoft’s recommendation for any feature on/off request. I’ve found, though, that this feature seems to happen nearly instantly. You can verify that you’ve got it turned on by using the following command to check the status:

Get-IRMConfiguration

Configuring encryption rules

The next step is to let Office 365 know when you want a message to be sent securely. This is done by setting up rules in Exchange Online. The GUI is flexible enough to allow you to tailor these rules to your businesses’ needs. I’ll show you how to allow the users to decide when to send an encrypted email and then how to configure a rule that will scan for content in a message and encrypt when it detects that it contains that data.

Configuring a manual encryption rule

If you’ve used encrypted email before, then it’s probably been a manual encryption process. By that I mean that when you are ready to send an email you have to tell the system that you want to send it with encryption. Office 365 Message Encryption does this, too, but it also has automated super powers that I’ll show you later. Let’s get encryption going by enabling our users to decide if a message should be encrypted:

Setup custom encryption rules

We’ll set up a rule that says if the subject line contains the word SecureMail, then apply message encryption to it. Here’s how:

Setting up a manual encryption rule

  • Click the + to add a new rule
  • In the Name field type a name for the rule
  • Under Apply this rule if…click the arrow and choose The subject or body, then subject matches these text patterns. For the text pattern type SecureMail or some other term that your users will type to indicate that the message should be encrypted.
  • Chose an encryption trigger word
  • Check the box to Audit this rule and choose a level. This is optional, of course, but I like to have a record of when the rule was triggered in the logs.
  • Finally, select the Enforce or Test options and click OK to enable the rule.

Configuring an automatic encryption rule

Now it’s time to put the super powers to work. Let’s say that we want to make sure that any email containing a Social Security number is automatically sent using message encryption. Because protecting PII is a regulation to which most businesses are subject to, we don’t want to depend on our users remembering to add the word SecureMail to the subject line. If they do, great! But if they forget, the rule we’re about to create will do it for them.

You’ll start to configure your rule in the Exchange Admin Center by going to mail flow, and clicking the + sign to create a new rule. Under Apply this rule if…The message contains any of these sensitive information types… You’ll be presented with a list  according to country information types. Pick the ones that if contained in an email you want to encrypt.automated encryption rule

Resist the temptation to add another condition because I’ve found that doing so results in a hit-or-miss implementation.  Under Do the Following, pick Modify the message security… and pick Apply Office 365 Message Encryption from the menu. Now set an exception for messages sent internally. In Except if…choose The sender is located…and pick Inside the organization

Your finished rule will automatically catch outgoing sensitive data and encrypt it.

Customizing the portal and email messaging

By default the email message is pretty bland and I think it looks suspicious. Email recipients are wary these days so you’ll want to give them a signal that it’s OK to click on the attachment. Customization is the way to let the reader know that this email from you is legitimate. You can do that by adding your logo, customizing the disclaimer text to match your corporate standard and including some standard messaging that will let the recipient know that this email is indeed from you.

The process to do this is another set of straight forward PowerShell commands. I’ve included them here because as is often the case with PowerShell commands they aren’t readily discoverable. Why would you look for commands related to IRM under OME?

Here is what the portal looks like by default and after I’ve applied PowerShell commands. Notice that after applying the changes the top bar now includes my company name. There are also PowerShell commands that allow us to add a logo, which we’ll do below.

Here are the PowerShell commands that you need to apply branding to your encrypted email, including adding your logo.

This command customizes the portal from which the recipient will read your email.

Set-OMEConfiguration -Identity <OMEConfigurationIdParameter> -PortalText “<text for your portal, string of up to 128 characters>”

Example: Set-OMEConfiguration -Identity “OME Configuration” -PortalText “ContosoPharma secure email portal”

This command adds your logo to the email and the portal. Note that despite the example your logo path must point to an Internet accessible location.

Set-OMEConfiguration -Identity <OMEConfigurationIdParameter> -Image <Byte[]>

Example: Set-OMEConfiguration -Identity “OME configuration” -Image (Get-Content “C:\Temp\contosologo.png” -Encoding byte)

Supported file formats: .png, .jpg, .bmp, or .tiff

Optimal size of logo file: less than 40 KB

Optimal size of logo image: 170×70 pixels

I can further customize the encrypted message by adding my own disclaimer statement and instructions.

This command lets you add a note to the email above the instructions for viewing encrypted messages

Set-OMEConfiguration -Identity <OMEConfigurationIdParameter> -EmailText “<string of up to 1024 characters>”

Example: Set-OMEConfiguration -Identity “OME Configuration” -EmailText “Encrypted message from ContosoPharma secure messaging system”

This command customizes the disclaimer statement in the email

Set-OMEConfiguration -Identity <OMEConfigurationIdParameter> DisclaimerText “<your disclaimer statement, string of up to 1024 characters>”

Example: Set-OMEConfiguration -Identity “OME Configuration” -DisclaimerText “This message is confidential for the use of the addressee only”

All of the above PowerShell commands are documented in TechNet here.

This is what the text now looks like after my changes. Notice that the name of the portal has been changed to Harbor Computer Services secure email portal and our logo is present at the bottom of the page. Our branding of the portal will give the viewer more confidence in the process of viewing the encrypted message.
Custom encryption branding

What happens when a reply comes in?

When someone replies to an encrypted message that you’ve sent or forwards that message to another party, the encryption is maintained. The user experience is just like Outlook Web Access so it’s a simple click of Reply, Reply all or Forward to respond to your message. When you receive a reply to your message you’ll be directed to read it in your secure email portal. However, you do have the option of applying an unencryption rule to incoming replies. This would save your staff a step but may not be acceptable in some compliance scenarios.

Next steps

Office 365 contains many options for protecting your information. Secure messaging is just the beginning. If you’re a consultant, you’ll find that configuring this feature for your clients will open up new opportunities. Microsoft has loaded Office 365 with security features with compliance as a main differentiation point. You’ll do well to exploit this feature set.

 

 

About Third Tier Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »




Help Desk Software by Kayako Fusion