News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
Latest Updates

Follow us on Facebook too. Click to go there now

Tell us what your favorite affordable conferences are
Posted by Amy Babinchak on 11 January 2019 03:28 PM
Around the new year a couple of publications came out with their calendar of events and conferences. Most of the ones on the list are large expensive conferences where you'll be dropping $5,000 for fees, hotel, travel and food in the end. But there are plenty of great opportunities to attend less expensive events, save a bundle and still come away with a quality education. I'll be publishing such a list. Which low cost events are your favorites and why? Tell us in the survey below please!


Amy Babinchak

Managing Partner, Third Tier


Make your IT business better than the competition. IT Pro Helpdesk, TechYourBooks, Super Secret News, Women in IT Scholarship program, Ransomware Prevention Kit and more.

Read more »

Getting the MSP staff meeting right
Posted by Amy Babinchak on 28 December 2018 12:31 PM

It’s been in the headlines everywhere. People have even written books about the giant waste of time that meetings are. They’ve shortened them to “stand-up meetings,” “morning roll call,” or “scrum” and just to remind people that they really don’t want to be there and how much time they are wasting they make them stand up for the whole thing. Books have been written titled with words like, “meetings suck,” or “death by meeting.” Yes, meetings really have a bad reputation. Certainly, meetings can be overdone. If they become too frequent then they eat into productivity and serve as a crutch for poor employee management. But they do not have to be this way. I don’t care what they say. Meetings are essential for keeping the staff of MSPs on track and if you have a distributed workforce, your corporate identity together too. In my business and in a growing number of businesses, all of the employees work from their home office and client locations. But even if your business has an office that everyone works from day in and day out, scheduling all-staff meetings can actually save you from meeting fatigue and help you build your team.

For MSPs, and my MSP business specifically, our weekly staff meetings are critical to our success. Why is it that some think meetings are a terrible waste while for some of us those meetings are the glue that holds the company together?

Meetings as the glue that binds

Meetings done well can be the glue that binds your company together. All companies struggle to find their identity and to get employees to adopt that identity. Meetings can be that conduit to bring everyone together. Stick with me here and see how we’ve done this.

In my MSP, there are two kinds of meetings.

  1. All staff client review meeting. Three hours. A once-every-other-week breakfast meeting.
  2. All staff training meeting. Four hours. A once-every-other-week technical training over dinner.

These are the only meetings we have. That totals four meetings a month. One week it’s a morning meeting. The next week it’s an evening meeting. If you over-schedule your staff then that is when meeting fatigue builds and the hatred of meetings begins. We don’t do that.

Each meeting has a purpose but it is loosely structured. The purpose of the meeting is known. The “loosely” part is the glue that binds. Thinking of meetings as dual purpose, staff cohesion and productive, has an interesting effect. People actually like them.

Client-review meetings

As a consulting firm, our client-review meetings are held on Tuesday mornings. Tuesday is a nice day because it isn’t Monday. You know what I mean. Monday can be hectic when issues that cropped up over the weekend and were held by your supported user-base can flood in. Hopefully, not all of your Mondays are hectic but we avoid them just in case. Tuesdays are generally always days of calm.

The client-review meeting is a time for talking about what’s happening with a selected group of clients. When we were smaller we reviewed every client. Now we review select groups of them. The group of clients selected changes with each meeting. The group selected includes clients represented by different members of the staff. That way everyone has a responsibility to be prepared although we do not announce which clients are going to be reviewed in advance. This means that your staff members know that they had better be ready to be called upon to report the status of any client.

You probably also don’t want to be the last person to arrive for the meeting. My staff can be brutal to the last to arrive. Excuses are not tolerated well by them. Inevitably the last person uses the excuse that traffic was heavy. Since we’re all coming to the meeting from somewhere and since they are all on good terms there’s always some ribbing about how “I managed to get here and I come farther than you, dude.”

And so the meeting begins.

“Dave, please tell us what’s happening with Acme Industries.” Dave will report on what’s been done there recently. What the client is thinking of doing in the future. How their business seems to be going. Outstanding issues that he’s working on and he might ask for advice on how to address a particular issue.

As this is a meeting of peers. There’s a good amount of poking at each other like siblings, talk about the latest Marvel movie, maybe a bit of sports talk, maybe a bit of new music talk. There will be some griping about clients. The frustration expressed about a challenging technical problem. Jokes told. There will be some cases of, “Hey I have a client with that same problem” or “I solved that problem for another client.” There will be some munching of bagels. We move on to the next client review.

We keep anything negative to a minimum and the manager’s role is to let the venting and chatter occur but keep it under control. Let the conversation veer into Marvel briefly and then bring it back then move on to the next client.

The glue that binds all MSPs is laid in these meetings. Talk about common interests. Good-natured discussion and general light atmosphere mixed with a hardcore understanding of the clients’ needs brings everyone together to the common goal of providing great service and it keeps us all on the same page.

In addition, as we assign projects and others report progress on those projects for their group of clients if your progress is less it is going to stand out. We aren’t a group to call that out during the meeting but it quickly becomes obvious when you are in a group of your peers. A self-leveling occurs. The weaker members step up to get closer to the stronger members of the team.

Staff-training meetings

On the opposite Tuesday evening, we meet for technical training and dinner. We meet in our conference room at the end of the day and the company brings in dinner for everyone. These meetings are held from 4-8 p.m. We’ll get carryout from a local restaurant or sometimes pizza but we try to make it something a bit nicer than pizza since they are missing dinner at home.

If you’ve been in IT for a long time you can think of these as a corporate version of the user group. The purpose of this meeting is to make sure that our technical staff stays current with new technology. We will pick a topic, work together through online training courses, view webinars and go through virtual labs. There is frequent stopping of the online sessions for discussion between the techs about the impact of something that was just presented or the meaning of it. Sometimes we’ll get deep into one topic for several sessions and sometimes it’s a new topic each week. We try out the things we’ve learned in test environments and we banter about how we’re going to use this new technology to benefit clients, what our standards should be and who will be the first client to use it in production. We decide together which new technology we should deep dive into next.

These training sessions are another bonding experience. There’s nothing like eating together around a table with light chit-chat to bring a group together. It’s also a great experience to be in a learning environment with a bunch of other very bright people.

MSPs and other IT businesses can’t build teams without meetings

All good professional IT techs like to learn, so coming to these meeting fulfills many needs — social, learning, and professional development. All employees have these basic needs that contribute to their job satisfaction levels. Between these two meetings, employees get to show their competence, contribute to the knowledge base of the company, help plan future technology implementations, develop social relationships with their peers and expand their knowledge too. The end result is a win-win for the company and for the employee. For MSPs — and all other IT-based firms — meetings don’t have to be terrible. They can be a very productive use of time — particularly when they serve multiple purposes.

Read more »

Ransomware Prevention Kit updated
Posted by Amy Babinchak on 12 October 2018 03:29 PM

The ransomware prevention Kit has been updated and reorganized to better reflect our current thinking on ransomware prevention.

We continue to believe that it is only IT best practices that can prevent ransomware. This was reinforced by the most recent major outbreak that resulted from IT admins failing to apply security updates in the timely manner. We also continue to believe in the onion layer approach to security.

There is a new wrinkle though and it’s the cloud. Our edge has moved from the Firewall down to the User Credentials. Backups have become decentralized because they need to cover the cloud as well as the local files. Whole networks have become decentralized and so the Kit is evolving to reflect this new reality. Together this means that there are more moving parts than ever and therefore more places for something to go wrong.

Toward this end we’ve branched out into security policy and now Intune policy too. From FSRM to Defender configuration. From network to local OS.

This weeks update includes Intune policy with samples, export and import tools that will allow you to use them across many tenants. The creation of these policies reflects the inclusion of Intune in the new Microsoft 365 licensing groups. As businesses move from the Office 365 plans into the more secure laden Microsoft 365 plans these policies will form the foundation of new best practices.

ransomware prevention kit

Continued Support

There are two way to support our efforts at preventing ransomware infection.

If you would like to donate to our scholarship fund and continue to support our efforts in fighting ransomware please go to to make a donation.

If you would like to support the authors of this kit please go to and make a purchase.


About Third Tier

Open a ticket with us! Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.




Read more »

Ransomware Prevention Kit Update: Configuring Windows 10 Security Using Intune
Posted by Amy Babinchak on 09 October 2018 12:44 PM

Recently I've written about how to configure Windows 10's security features for non-domain joined machines using local security and local group policy tools and I added those policies and paper into the Ransomware Prevention Kit. Now I'm adding an article and pre-built policies for Intune too. You can use these with joined or non-joined machines so long as you are managing them in Intune. With the availability of Microsoft 365 which now includes Intune for the same price as Office 365 Intune makes more sense that ever. I've also found it much easier to use and more full featured than last time I looked at it. On top of that Microsoft isn't investing in Group Policy anymore so we all have to move along to other tools eventually anyway. 

Here's the article. To use my pre-built policies see the Ransomware Prevention Kit. I'll be adding an article there shortly on how to use the tools I've included along with the sample policies. 


About Third Tier

Open a ticket with us! Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.





Read more »

Use Intune to remove a forgotten iPhone passcode
Posted by Amy Babinchak on 06 September 2018 11:16 AM

Recently I applied a new compliance policy to our corporate iPhones. This included the requirement that the passcode be changed occasionally. The time came to change my passcode. It was late at night. I typed in something twice and successfully changed it. However, in the morning the passcode I thought I had typed was not working. Obviously in my sleepy state I had successfully entered something else twice. Oh Joy.

My phone gave me a few tries with wait times between each one then a warning that if I reached 10 failures that I would have to reset the phone. For me setting up a new phone is like getting a new computer. I have a lot of apps, data and photos. Far more than the iCloud backup will hold so I knew I would be losing stuff. Probably not critical things but enough to be annoying.

Then I remembered seeing something in Intune that might do the trick.

Joining your phone to Intune


Your phones, whether personal or corporate need to have registered with Intune first or you won’t be able to do this. Fortunately mine was so I could immediately use the Remove Passcode feature of Intune. (see the next section)

To register your phone with Intune each phone will need to download and install the app Company Portal from the iTunes store. Once installed they will need to login with their Office 365/AzureAD account and then accept a bunch of prompts which will download the management profile.

This does not mean that the corporation now has access to everything on your phone. That will depend on the policy that the corporation has set for personally owned devices. Most often the corporation is only concerned about helping you configure your email profile, keeping the device up to date and being able to help you can back into it should you get locked out. Your situation may vary so before you join your phone make sure you know what the policy is.

The Company Portal app will walk you through the process. Basically you have to login, install the management profile and then adjust any settings that are required by your organization. There are a bunch of screens that are required to make this happen, perhaps 20+ but it’s really not complicated. Below I’ve highlighted the most significant steps.

Log in using your Office 365/Azure AD credentials and accept the terms of service.

Company portal app accept the terms

Next you’ll get a couple of screens that describe what is going to happen. You’ll continue along and install the management profile.

Company portal what's going to happen nowcompany portal app install the management profile

A certificate from Apple will be installed. Be sure to install it and then Trust it as prompted. Finally you will need to bring your phone up to the current OS version and perhaps tweak a few settings. The app will let you know which ones and take you there.

Company portal app allow remote managementcompany portal app update settings

You can click Check settings and the How to resolve this link to get instructions for what change is needed on your phone. Most often it will be that you need to set a more complex passcode to gain access to your phone than you are currently using. Eventually, you are Done!

Don’t worry it is far more complex to show all of the screenshots and explain the process than it is to do. When everything is showing pretty green checks hit that Done button.

   company portal update the phonecompany portal all green checks

How to remove the passcode using Intune

Log into with an admin account. Launch Intune. Navigate to Device/All Devices and then select the phone that you want to remove the passcode on.

Press the Remove passcode button at the top of the page. It took my phone less than a minute before the passcode was gone. Then within another minute the Intune policy for my phone kicked in and I was asked to create a passcode. Voila, new passcode. This time created with a clear and awake brain.


About Third Tier

Open a ticket with us! Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.




Read more »

Help Desk Software by Kayako Fusion