News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
Latest Updates

Follow us on Facebook too. Click to go there now

Apr
16
Survey: Transitioning an established MSP for the next decade
Posted by Amy Babinchak on 16 April 2018 11:53 AM

I'm looking for some information on where everyone is regarding transitioning their MSP from traditional infrastructure model into something that is ready to continue to provide value to clients as they move toward the cloud. Your answers here will help us build out a roadshow and future blog content. Thanks for taking a few minutes to help out.

https://forms.office.com/Pages/ResponsePage.aspx?id=CEtIRBCvwEyPI4AgwsgbpNuyp0aA_L9BtbaeZpAjy3NUNU5TSE1RSEkwV0RDMDUzMVdFTDU4RVEyWC4u

thanks,

Amy Babinchak

_____________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »



Apr
11
Finding the Soul of your MSP
Posted by Amy Babinchak on 11 April 2018 04:13 PM

Third Tier is not an MSP and this article is not about us. We exist to help MSPs and IT professionals in general. It is about another business I own that is an MSP and I hope that it helps.

Every vendor we deal with tells us that we need to find our unique value proposition. I own an MSP in Oakland County, Michigan. There are over 2,000 IT businesses in my County. How am I supposed to be unique from that many others? It is a question that I struggled with for many years. I knew that I was unique but I didn’t know how to express it. If you are struggling with those same issues, then this article is for you.

It’s not as difficult as you might think to find your unique value proposition because you already are unique. All you need to do is identify your uniqueness, embrace it and then put it front and center in your messaging. So how do you identify your uniqueness?
Contrary to what vendors will tell you, your unique value proposition doesn’t have anything to do with the products you offer, the packages you put together, your pricing, the speedy response of your staff or probably not even their credentials. It has everything to do with the CEO/Owner of the business, their outlook, attitude and reason for choosing to be in this business in the first place. Every small firm takes on the personality of their CEO. Instinctively you know this. Just look at your clients, their businesses and the CEO of those companies. You probably have clients that are in the same business as each other but those two companies are not identical. They are unique because of the person that formed the company in the manner that is operates today. That person and their values are the drivers of the business and this where you are going to find your unique value proposition.

You may not be aware of what makes you unique or what has brought you to this point so I recommend starting from the beginning.

Origin story

I’m going to tell you the story of the beginning of my business and point out along the way where it indicates a point that eventually turns into the unique value proposition that we offer today.

In the nascent beginnings of my business I was essentially working two jobs. One as a systems engineer for a software company that had me travelling 3 weeks a month, flying into places around the Country to bail out the local systems engineer from a messed up deployment of our software and restoring the customers faith in our company. I had to fix both the technical issue and the customer dissatisfaction issue. It was grueling, and I wasn’t happy travelling that much. It was always my experience that they better you become in IT the more travel you end up doing. Meanwhile, being a person that wants to help others, I ended up with a collection of small business clients that I was helping on the side. They accumulated over time as referrals from the individuals I was helping at the school districts I interacted with during my day job. I was asked if I could help their uncle, cousin, wife, husband with an IT problem at their small business and of course I said, sure. I would talk them through it over the phone from the airport, stop by after hours or on weekends and I would witness just how lousy their current situation was. I offered advice and implemented changes. They came to trust me. This unexpectedly turned into me being their primary IT support person.

Lesson 1 in my uniqueness is that I like to help people

I got hooked on working with small businesses because I was impressed with the passion that many of them had for the work they were doing. I felt that passion in myself and for my chosen career. A had a drive that can only come from within and makes you want to keep going, doing more and more because you simply love it. These small business owners had that too. They had no problem accommodating my crazy schedule, meeting me afterhours and on weekends because they loved their business and wanted to make it better. And I wanted to make it better for them too. I found a synergy that couldn’t be denied.

Lesson 2 in my uniqueness is that small business owners think like me and I like them

 
I worked myself into a state of exhaustion and I mean that literally. I had found what I loved but it was killing me. I made the decision to quit my job and focus on small business only for a while. That while turned into my new life but I didn’t know that then. I asked my clients to sign a contract agreeing to pay me every month in return for my continued work. Every one of them did. I was now a business owner with contractual clients.

Lesson 3 I have a need for a certain baseline of security in my life


As I continued to encounter small businesses and understand their needs and the technology they were using I found myself introduced to small business server. What an amazing product suite for small business it was. It contained everything they needed from an on-premises server but I didn’t know the product. Because I love technology I threw myself into learning everything about it. I understood the underlying technologies, server, DNS, DHCP, Exchange, IIS, SQL I was even certified in those. But I had never seen or heard of ISA the firewall product in this suite. So I started learning it online and I dove in deep and began to participate in forums and mailing lists dedicated to the product. Not too far into that I realized that I actually knew quite a bit and I began offering advice and solutions to my peers online. This eventually led to the receipt of an MVP award from Microsoft. I had gone to my first conference the year before at the invitation of a Microsoft MVP and encountered other Microsoft MVP’s for the first time. What a thrill to be recognized by my peers as an expert.

Sacrificing money for a long time I hired a few technical people to help me in the business as it grew. This worked for me because I’m not a money motivated person. I had my motivation serviced by the excitement of learning and teaching as it turns out. After becoming an MVP I found myself offered opportunities to speak at conferences and contribute to books. I also had started a technical blog. I found that my passion now included learning and teaching too. This was really an expansion of wanting to help that I identified in myself earlier.

Lesson 4 I love to learn. I love to help and I love to teach


I expected my new technical staff to be the same as me. I felt and still feel that the relationship with the small business is the most important part of the job because without it we cannot offer good solutions to their problems nor help them use technology to reach their goals. We’d be outside looking in. Instead of inside as a part of the team.

We all need to be learning and growing in our technical expertise all the time. My staff needed to be people with a passion for technology and a love of small business. We needed to have that one-on-one relationship with our clients. That I expected my new staff to be like me is the thing that forms the personality of a business. Small businesses are an extension of the owner.

Lesson 5 We need to be part of our clients’ team and our relationship with the client is the #1 thing


From this point the business was set on a definite path and it had its personality. Loving and committed to small business. Learning new technology. Bringing solutions to our clients because we were part of their team. A group with passion for the career path they have chosen.

Finding your strengths

I found the strengths in my business by looking at our origin story from before day one until the personality of the business became clear.
• I like to help people
• Small business owners think like me and I like them
• I have a need for a certain baseline of security in my life
• I love to learn. I love to help and I love to teach
• We need to be part of our clients’ team and our relationship with the client is the #1 thing

The interesting thing about our strengths is that none of them speak directly to technical expertise. And yet under lying all them is an assumed competency. I can’t stand it when I don’t know everything about a product or solution and I expect my staff to be experts. I need to dig in deep and become the expert. So that love to learn needs to be expressed more definitively as a strength

• We need to be experts in each of the technologies that we offer to our clients

I read once that if you put 10,000 hours, which takes about 10 years to accomplish that you will the #1 expert in that thing. 10 years into Harbor Computer Services we won a big award from Microsoft; Small Business Partner of the Year. It was confirmation that we were doing the right thing. This occurred at the height of the 2008-2010 economic depression and all of our clients kept us on, even as they all laid off 20-25% of the employees. It was a double whammy of acknowledgement that we’d accomplished our reason for being which was to do great things for small businesses.

I’ve also heard that if you read one article about a thing, say Office 365, for example that after only 18 months you will be one of the world experts in that topic. I have adopted this philosophy in learning too and my staff trains together for 4 hours each week toward this end.

Building your solutions around your unique value

Many businesses have tag lines and I’m a big fan of them. It tells you something right off the bat about that business and it’s a great conversation starter. Before I successfully defined my unique value proposition I struggled with creating a tagline. For many years we simply use Small Business Specialists. We used that phrase before, during and after Microsoft’s appropriation of phrase. While it communicated our market focus it didn’t communicate our uniqueness. However, once I sat down to think through the above narrative of our origin story a new tagline, the conversation starter, the thing that brings us to providing technical support and solutions to small businesses in the first place became evident.

We care about your business

It’s not fancy or complex or trendy. But it conveys trust, relationship and our reason for wanting to work with our clients. This phrase speaks to the small business market. Small businesses run on relationships and trust.

This is how I found the soul of my MSP.

_____________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog



Read more »



Mar
29
It's time to take a fresh look at Windows Defender
Posted by Amy Babinchak on 29 March 2018 01:51 PM

Microsoft has stuck to it with Windows Defender. For several years it kind of sat there and didn’t do much. (I’m sure some Microsoft person just cringed.) But now it’s a full-fledged antivirus, antimalware, anti-ransomware protection machine that is built-in and free. It is specifically designed to protect Windows 10 and does so by protecting not only against drive-by downloads, definitions, and definition-less behavior tracking but it also protects against fileless malware running in memory via bad WMI, PowerShell, vbscript, and DLL’s. I’m going to argue that it’s the best way to protect your Windows 10 computers — in my MSP practice we’ve made the decision to not install any third party A/V onto Windows 10 computers. In fact, Defender was recently credited with averting what could have been a massive worldwide cyberattack.

For those of you who aren’t there yet, you should know that Microsoft has made a big deal about Defender playing nice with other antivirus applications, but what that means is that Defender takes a backseat and you lose some significant security features. Let’s take a look at what happens when you install another A/V product onto Windows 10.

Windows Defender passive mode

 
Windows Defender

 

Microsoft

Windows Defender has two modes, active and passive. The mode is switched automatically depending on whether another A/V is present on the machine or not. That other A/V has to be Defender aware. Certainly, by now they should all be, but you could encounter some that aren’t. I would call into question their modernity if that is the case.

Active mode: This is when Defender is on and no third-party A/V is installed. You get Enhanced rootkit and bootkit detection, offline scanning and cleaning, online scanning and cleaning, real-time protection from virus, malware, rootkits, and spyware. It also has cloud-delivered protection for near instant updates and dedicated protection based on Microsoft’s Big Data learning.

Passive mode: This is when a third party antivirus product is installed. When this occurs Windows Defender A/V will be disabled. However, you do have one option. You can manually enable something called “limited periodic scanning.” Consider it a fail-safe. When enabled, Defender will do a quick scan occasionally. To enable this open Windows Defender, go to Anti-Virus Protection Settings. Here you’ll see your antivirus software listed. Expand the Windows Defender options and toggle periodic scanning to On.

Many of the blogs you’ll see on the Internet say that Windows Defender antivirus gets disabled automatically when you install a third party A/V product. This is true, but it isn’t as straightforward as it sounds. What is frequently missed is an understanding that other defensive features are also disabled because they are part of the A/V feature set in Defender.

Malware protections get disabled, too

 

Below is a chart showing that attack surface reduction, network protection, and controlled folder access are also disabled when real-time protections are not enabled. (This is another way of saying that Defender is in passive mode.)

Windows Defender

You’ll note in the table above that Defender comes in two flavors. It’s either with ATP (Advanced Threat Protection) or without (standard). To get the ATM version, you need to have one of the following license types. For the rest of us, it’s the standard version of Defender, which is what I’m going to be talking about for the rest of this article because ATM is really a different animal that includes a single pane of glass management, threat hunting, remediation, and more.

  • Windows 10 Enterprise E5
  • Windows 10 Education E5
  • Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
  • ATM add-on

The real question is, of course, what did I really lose? To answer that question you need to understand what attack surface reduction, network protection, and controlled folder access do to protect Windows 10. We have the following definitions:

Attack surface reduction measures consist of:

  • Block executable content from email client and webmail.
  • Block Office applications from creating child processes.
  • Block Office applications from injecting into other processes.
  • Impede JavaScript and VBScript to launch executables.
  • Block execution of potentially obfuscated scripts.
  • Block Win32 imports from macro code in Office.

Controlled folder access is Microsoft’s answer to the ever-increasing number of ransomware infections. Controlled folder access allows only a list of known applications to write in user folders like Documents, Pictures, or the like. Users can extend the list of folders to protect and whitelist applications that are allowed to do file creation or editing.

Windows Defender Network Protection uses SmartScreen technology to block any executable from connecting to potentially malicious HTTP-based sources on the Internet. Network protection extends SmartScreen from an Internet Explorer and Edge solution to the system level, allowing protection of other browsers and potential malware.

And also potentially AMSI, too

 

The Anti-Malware Scanning Interface will be disabled as well. Your antivirus product may be modern enough to have picked up this functionality on its own. It was Microsoft’s intention that any third-party antimalware tool can use this interface. But if not, then you’ve also lost a very important tool. AMSI protects you against malicious code. As I type this, there is a rash of so-called fileless infections occurring. A fileless infection is when an attacker gains access to the machine (through brute force, phishing, social engineering…the usual culprits), launches PowerShell (for example) and loads their code into memory. No file was written to, there’s nothing on your machine except in RAM, from where it does its dirty work. AMSI is designed specifically to protect you from PowerShell scripts, group policy WMI calls, and VBscript that are obfuscated to hide from basic A/V products. AMSI views these in their plain state as they attempt to run, passes it through a filter to look for bad behavior, and stops it from running.

Test Defender

 

If you are the curious sort and would like to test Defender to see what is off, what is on, and what the difference in behavior is, Microsoft has a website where you can test the various features to make sure that they are working properly. Here you can test antivirus, drive-by downloads, real-time cloud protections and more.

Still not convinced?

 

Now the question is should you disable Defender services? Heck no! Windows Defender is one of those integrated features like IE was back in the day, so if you disable it in services Windows will become unstable. Save yourself some grief. Defender is third-party antivirus aware. Let those applications configure Defender for you. They will put it into passive mode for you. If they don’t then it’s a clear sign that your software isn’t keeping up with the times.

It is time to give Defender a shot. I know I read a lot of “defender sucks” stuff out there. It’s time to look at it again with a clear mind and see the direction that Microsoft is taking this product. It’s not the same old Defender you’ve hated for the last decade. It’s now a truly integrated security system. The days of benchmarking one A/V over another on how fast they caught a virus or Trojan are gone. It’s no longer a good measure. The attackers are smarter. The attacks are varied and they are coming from all directions. Defender is the integrated solution that we’ve been hoping would come along and Microsoft has really stepped up to the plate with this one. They’ve always been a great come-from-behind company and they’ve done it again with Defender in Windows 10 and in Server 2016, too. They are built on the same code so Windows Server is enjoying better built-in security now, too.

 

________________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog

 


Read more »



Mar
26
Recording of Securing Office 365
Posted by Amy Babinchak on 26 March 2018 02:15 PM

On February 13th, Amy gave a webinar on the standard set of security settings that her MSP is using. It is based on the E3 environments but many of the settings are also available in other business plans as well. This set represents the starting position. You can use this information to build your own starting position for new Office 365 clients.

The webinar was very well received. Thank you for the compliments. It means a lot to us here.

I learned more helpful information from you in one hour today than I’ve learned collectively over 5 years from Microsoft. I am very, very appreciative and grateful for you and your efforts.

Great webinar today – I learned a lot!

You can download the recording here and the slidedeck here. In the slide deck be sure to view the notes. I've include some powershell scripts there.

Our next webinar will be on the new Ransomware configurations we have for Windows 10. Keep an eye here on the blog for the date and time.

________________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog

 


Read more »



Feb
5
Webinar: Establishing security baseline settings for Office 365
Posted by Amy Babinchak on 05 February 2018 04:30 PM

Upcoming webinar on establishing baseline security for Office 365 on February 13th. It will be based on the E3 plan but applicable to any business plan. 

Office 365 contains far more security options than we ever had available to us in our on-premises deployments. In this webinar Amy will share her MSP's security baseline settings. This includes: email, sharepoint, onedrive, teams and more. 

Go here to download the meeting invitation. http://www.thirdtier.net/downloads/SECURING365.ics

_____________________________

About Third Tier

Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix your accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Read more »




Help Desk Software by Kayako Fusion