News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
News
Feb
2
Sample Client Phish Prevention E-mail
Posted by Philip Elder on 02 February 2015 03:13 PM

Original Posted Here: MPECS Inc. Blog: Sample Client Phish Prevention E-mail

Here’s a sample of an e-mail we would send to our clients on a semi-frequent basis to help keep users wary and informed.

If there is ever a doubt about an e-mail claiming to represent anything from a bank to a newspaper NEVER click on any link in that e-mail.

Open a new browser session and navigate directly to the purported site and log on there.

In today’s day and age we need to be very mindful of clicking on anything.

For anything with a link in it hover your mouse over and a small pop-up will happen:

image
The above snip came from hovering over the Unsubscribe link in the email below.

As a rule, NEVER click on a link on any e-mail with perhaps the exception of the ones CONTACT sends out with software update links. Even then, hover your mouse over the link in her e-mail just in case someone is specifically targeting the firm!

One more point: We’ve been seeing a LOT of Word and Excel based macro virus transmission files. Anyone sending something should be requested to do so in PDF format if at all possible. For folks on the not-so computer savvy side they can click on FILE –> SAVE AS –> PDF (change Save As Type to).

While PDF files are not much safer than Office files they, at least at this point, marginally better. ;)

Happy Monday everyone. :)

Philip Elder
Microsoft Cluster MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book

Chef de partie in the SMBKitchen ASP Project
Find out more at
Third Tier: Enterprise Solutions for Small Business


Read more »



Nov
13
Protecting Merchant Point of Sale Systems during the Holiday Season
Posted by Third Tier on 13 November 2014 08:27 AM

One of the services that we provide to members of the SMBKitchen ASP at Third Tier are classified documents prepared by various government agencies relating to IT security. Being aware of the current threats can give you a leg up on protecting your clients. Having access to the research let’s you understand the threats in a way that your competition simple won’t. When you know more, you can provide more value to your clients. It really is that simple.

We’ve never before been able to share this information with the general public but recently this document came to us and was declassified for public consumption. Below is the first page and link to document the full document.

This advisory was prepared in collaboration with the Financial Services Information Sharing and Analysis Center (FS-ISAC), the United States Secret Service (USSS), and the Retail Cyber Intelligence Sharing Center (R-CISC), and is directed towards retailers or companies which are processing financial transactions and managing customer personally identifiable information (PII) during the upcoming holiday season and beyond. This advisory serves to provide information on and recommends possible mitigations for common cyber exploitation tactics, techniques and procedures (TTPs) consistently and successfully leveraged by attackers in the past year. Many of these TTPs have been observed by the FS-ISAC, through its members, and identified in Secret Service investigations.

The TTPs discussed in this report include:

• Exploiting commercial application vulnerabilities

• Unauthorized access via remote access

• Email phishing

• Unsafe web browsing from computer systems used to collect, process, store or transmit customer information  

This document provides recommended security controls in these four commonly observed areas to protect customer data and also provides recommendations to smaller merchants who should work with their vendors to implement these recommendations (see Appendix A).

 
This advisory is not intended to be a robust, all-inclusive list of procedures as attackers will modify TTPs depending upon the target’s network and vulnerabilities. This report does not contain detailed information about memory scraping Point of Sale (PoS) malware that has been used in recent high- profile data breaches. Secret Service investigations of many of the recent PoS data breaches have identified customized malware only being used once per target.  A list of observed PoS malware families is provided in Appendix B.  

These recommendations should be analyzed by cyber threat analysis and fraud investigation teams based on their operational requirements.  The information contained in this advisory does not augment, replace or supersede requirements in the Payment Card Industry Data Security Standard (PCI DSS); however, the PCI DSS version 3.0 recommendations are cited when appropriate.1 

Download the full document

_____

Not a Third Tier customer yet? Let me introduce:  We’re Third Tier. We provide advanced Third Tier support for IT Professionals and MicroStaffing for IT consulting firms. Come on over, create an account (no charge) and follow our social media locations.

Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN


Read more »



Sep
22
KB913086: Security Updates Available as ISO Files at Microsoft Download Centre
Posted by Philip Elder on 22 September 2014 01:35 PM

Original Posted Here: MPECS Inc. Blog: KB913086: Security Updates Available as ISO Files at Microsoft Download Centre

Microsoft’s security updates can be downloaded in ISO form.

The above site has a list of links to the ISO downloads.

image

We have set up a link on Microsoft’s Download Centre site to sort the ISO files with newest at the top:

image

We suggest bookmarking this link to gain quick access to the newest or latest ISO downloads.

Hat Tip: Thanks to Derek Knight and Russ Stamm (quietman7).

Philip Elder
Microsoft Cluster MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book

Chef de partie in the SMBKitchen ASP Project
Find out more at
Third Tier: Enterprise Solutions for Small Business


Read more »



Apr
10
HeartBleed Exposure
Posted by amy on 10 April 2014 07:01 PM

The announcements are starting to trickle out from the bigger players in the industry as to who is patched and who doesn’t use OpenSSL. I came across a nice visual list of some of the biggies.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-fb-main-link

There are other lists of tens of thousands of websites  but I find it a bit overwhelming. We’ve created a client facing document for you and it’s in the knoweldgebase at ThirdTier/Helpdesk/Knowledgebase in the SMBKitchen ASP project. It’s free for everyone through the end of this month.

What you really need to know is that 66% of the Internet uses OpenSSL. The list includes GoDaddy which is the biggest provider of SSL certificates, which means you probably can’t trust your certificate and will need to rekey it. GoDaddy recommends  it. Further you need to change your passwords on effected websites and anywhere else that you use that same password but (and here’s the tricky part) you need to not do it until you’ve verified that they are patched.

https://lastpass.com/heartbleed/ is a website checker. Add: portnumber to the end of the URL to check alternative ports other than 443.

Here is what we would say at SMBKitchen ASP:

  • Save yourself first. Get changing those passwords
  • Check with your vendors to see if any products you use were exposed
  • Send your clients an email educating them about Heartbleed
  • Offer your assistance with any website where they have difficulty changing their password
  • Rekey your clients GoDaddy certificate after first telling them why it’s necessary
  • and in general be the great IT consultant they want you to be and provide leadership on this issue

Are you not a member of SMBKitchen ASP? Join up. It’s free through the end of the month. http://www.thirdtier.net/smbkitchen-asp/ Our goal is to help IT firms be more aware, be better consultants and survive in the new era.

—–
Not a Third Tier customer yet? Let me introduce:  We’re Third Tier. We provide advanced Third Tier support for IT Professionals. Come on over, create an account (no charge) and follow our social media locations.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN


Read more »



Mar
25
Use Group Policy Preferences to Reveal Extensions in Windows Explorer
Posted by Philip Elder on 25 March 2014 11:44 AM

Original here: MPECS Inc. Blog: Use Group Policy Preferences to Reveal Extensions in Windows Explorer

We have a number of different default Group Policy Objects that are set up and linked to specific Organizational Units.

With the advent of a flat OU setup in Windows Server Essentials we made an active decision to maintain a similar OU structure to Small Business Server Standard as it made more sense from so many perspectives.

One of our default GPOs that is created and linked at the domain level is the Default Domain User Security Policy. Once created we edit the GPO’s properties to disable Computer Configuration settings and set a comment in place for the date created and by whom.

image

In this GPO we have a number of settings but the one we are focusing on here has to do with the recent RTF zero-day vulnerability we are hearing about.

image

Under User Configuration –> Preferences –> Control Panel Settings –> Folder Options we see the above.

We set Show hidden files and folders and uncheck Hide extensions for known file types.

image

Since these settings are user oriented they will be picked up by users on their next logon.

Note that while these settings help users to understand what they are seeing nothing replaces training users to hover over links, not click on links in an e-mail, or be cautious about the sites they visit.

Philip Elder
Microsoft Cluster MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book

Chef de partie in the SMBKitchen ASP Project
Find out more at
Third Tier: Enterprise Solutions for Small Business


Read more »



Jan
31
Protecting Your Yahoo Account
Posted by Philip Elder on 31 January 2014 01:16 PM

Original Posted Here: MPECS Inc. Blog: Protecting Your Yahoo Account

So, apparently Yahoo has suffered yet another breach. A quick search of the news sites (Bing Search) would bring up more info.

Sign in to Yahoo and change the account password as soon as possible.

Then, enable Second Sign-In Verification:

image

We suggest using SMS as the primary method for protecting the account as opposed to the security questions.

Under Account Info:

image

Once the mobile is confirmed make the following setting:

image

This at least will provide a layer of protection unless the verification system itself also gets compromised. But, if that’s the case Yahoo would probably have bigger problems on their hands! :S

While you’re at it please enable 2FA (2 Factor Authentication) on all Microsoft IDs and download the Authentication App to your mobile device and _use_ it!

Now that online service providers are starting to allow us to protect ourselves with additional security steps the onus is on us to use those features!

Philip Elder
Microsoft Cluster MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book

Chef de partie in the SMBKitchen
Find out more at
Third Tier: Enterprise Solutions for Small Business


Read more »




Help Desk Software by Kayako Fusion