Tag Archives: Microsoft

Another Month, Another Office 365 Outage

January 26, 2016 Kris Price

As reported by the Register this week, Office 365 has suffered another outage, resulting many customers unable to log in to their email.

Only a month previous, on December 18th 2015, an outage hit he UK and Europe mainly effecting customers using the Azure platform although there was some impact on its Office 365 service as well.

The current outage seems more serious however as it has been on going for around 7 days. The issue specifically relates to user accessing their emails via Exchange Online or any application that connects via IMAP.

Microsoft admitted that the impact will have hit a “large number of users”. What caused the issue? A Microsoft update that stopped the IMAP protocol that stopped data being loaded from Exchange Online databases. Not great!

Microsoft released the following statement, to address users concerns:

“As part of our efforts to improve service performance, an update was deployed to a subset of code which is responsible for obtaining the subscribed folder list. However, the update caused a code issue that prevented the list from being automatically loaded”.

Despite promises by Microsoft to fix the issue by the 23rd of January, as of the 25th it was still not resolved.

Microsoft, meanwhile, told users: “The deployment process is taking longer than initially expected due to a configuration issue.

“Engineers reconfigured the problematic portion of capacity and are continuing to monitor the deployment to ensure it propagates throughout the infrastructure in a timely manner. Customers will begin to experience service restoration as the deployment progresses.”

What is Distributed Denial of Service Attack?

September 18, 2015 Kris Price

DoS & Its Types
Denial of Service (DoS) occurs whenever a website stops to offer services. Denial of services is the result of some attack or presence of too many online visitors on a specific site.

There are many kinds of attacks that disable a system. In some cases, peer-to-peer software is used to corrupt the firmware. Among all types of attacks, Distributed Denial of Service (DDoS) attack is most common. DDoS brings a lot of traffic to a website that is impossible to handle. Networked computers are used by hackers to bring a flood of traffic to disturb business continuity. As website is designed to handle a limited number of customers’ requests at a time, it crashes when flooded with too much traffic.

DDoS Attacks Frequency
DDoS attacks occur on frequent basis. According to Wikipedia, DDos occurs on an average of 28 times per hour. What is more ironical is an increase in the number of attacks on regular basis.

Who are DDoS Attackers?
There are many reasons that compel hackers to use distributed denial of service attack. One cannot pin down exact reasons and who the attackers are. It is believed that DDoS attacks are used by competitors against a business as deceitful tactic.

Objectives behind DDoS Attacks
Attackers use DDoS attacks to get ransom money. Companies are warned to pay an amount, otherwise their system will crash. Once company pays the given amount, it becomes the target of hackers for long term. On the other hand, companies that refuse to pay the ransom suffer due to hindrances in business continuity and downtime, which means to shell out for system recovery and their business reputation.

Sometimes, DDoS attacks are the result of a protest. When hacker groups have conflict with the actions of certain groups, they attack their websites to show reaction. There are many hackers that just use these attacks for the sake of pleasure or to cause trouble for others.

Companies Affected by DDoS Attacks
Steam, Sony Playstation Network, and Xbox Live Network of Microsoft are some of the significant companies that are affected due to DDoS attacks. Side by side large scale companies, small companies are harassed by these attacks because they do not have preventive measures to mitigate the effects.

Unintentional DDoS Attacks
DDoS attacks can be accidental. It may happen that a lot of visitors have found something interesting on a website (video, picture or article) and visit the site at the same time. Website might not be ready to handle an increase in number of visitors, therefore, the system stops to give service any more.

DDoS Attacks are Expensive
Nuestar reported* that DDoS attacks cost more than $100K in an hour for almost 29% businesses. Due to these attacks, customer support centre was affected more than any other department.

In a nutshell, businesses must have an influential plan for DDoS and business continuity. Best practices should be used to reduce the number of DDoS attacks. As a result, the affects of downtime on clients and business can be controlled.

* https://goo.gl/kkwKzT

Key Points to Convince Clients for Software and Hardware Upgrades

September 4, 2015 Rob Mackle

Microsoft declared that Windows Server 2003 will get to an end on 14th July 2015. Expected date is over now, but Server 2003 is working perfectly and the challenge created by this software in different IT rooms is related to the challenge MSPs have to face while persuading customers to upgrade technology. It is necessary that old hardware and software should be improved on timely basis. Here are some selling points, which can help service providers convince clients to upgrade their technology:

Security is a Challenge
Due to security reasons, Server 2003 was conferring as time bomb. Microsoft has introduced no patches for 2003 Server, therefore, system will no longer be protected from Trojans, viruses, and data breaches. Though Server 2003 is still able to work, the use of unsupported software keeps all important data at risk. Remember that it is better to spend small amount on software and hardware upgrade than to suffer a serious data breach.

Easy to Avoid Failure
Generally, all moving parts of machines are prone to malfunctioning. In other words, whatever is connected to network is open to failure. Hard drives are the most vulnerable part of the hardware. It is the reason why most companies change hard drives and fundamental components to reduce the chances of failure. When hardware is upgraded at a suitable time, it minimizes annoyance for clients and service providers.

Productivity of Upgraded Technology
Though old components can work, they can create problems. Selection of new tools means you can get additional power to boost up. When graphics, memory, and video cards will be upgraded, the end result will be received in the form of highly responsive system, where users are able to carry on multi-tasks without any issue. In addition, software upgrades give access to latest tools and features so that IT users can work more professionally. For MSPs, productivity is crucial factor and basic selling point that compels clients to use upgraded technology.

Competitive Role of Companies
In business world, computers are excessively used and considered as moral fiber of production. Computers improve company’s reputation when these are used for server management, networking, and desktop virtualization. To flourish your business, it is necessary to have an updated IT based environment, with no threats of viruses, and data breaches. Moreover, upgraded system supports a business to dominate in competitive market.

How to Plan for System Upgrade?
Many clients do not show any interest to switch over to latest technology. When their attention is focused on issues, such as compliance standards, productivity level, and data breaches, they understand the importance of hardware and software transition. It is the responsibility of service providers to make the system upgrade process hassle-free for clients by planning smooth migration. MSPs must have the list of systems that need to be upgraded, and determine the perfect time for transition. There must be a well laid plan to check what will be upgraded, when to upgrade, and what amount of budget to allocate in order to perform these upgrades. If your transition plan is revised after four years, it will keep software and hardware up to date.

Data Protection Strategies Important For MSPs

August 10, 2015 Damien Garvey

Protection of data is becoming one of the serious issues for MSPs. To provide maximum data protection to small and medium sized companies, service providers need to place security at top of the list. Due to new technologies, systems and devices, important data is vulnerable to serious threats. It is the need of the hour to create policies for the security of data to tackle such threats.

Inform Clients on Security Policies:
Many companies do not advertise managed security services, but it helps in providing information to clients for data protection policies. Select reliable source of publication for latest information. Check Twitter and LinkedIn to get an idea of latest trends. In case your clients are not well informed about your security policies, chances are they can find out from your competitors. As a result, clients will figure out how to get some IT solutions from your competitors.

Train Staff on Trending Security Threats:
New threats are coming into sight daily. To cope with such threats, companies need to educate their staff. Workers must have intimate information about Phishing scams, malicious mails, lateral attacks, and malware that start off through guest access.

Standardize IT Solutions:
To minimize the risk of data breaches, it is necessary to select only standardized technology solutions. A firm that is working with an enterprise-level PSA solutions can get maximum benefit by selecting standardized solutions. For example: access rules, liabilities, and planning for disaster recovery can be established by IT managers by selecting standardized apps. It has the ability to improve exposure, as well as response time whilst offering a medium to check performance level.

Avoid File Sharing Services?
Due to P2P technology, it is common to borrow applications and files. This feature gives way to data breaches. When file sharing services are used, it becomes difficult for users to avoid malicious code that get confidential information, as well as breach copyright ownership. Instead of avoiding such services, MSPs can demonstrate that they are following data protection policies to handle such situations:

– Inform clients what type of risks are linked with P2P and file sharing networks;
– Use firewall and perimeter network defense systems to block programs related to file sharing;
– Keep on observing the network to make certain that unofficial file sharing networks are not running;
– Have some restrictions where staff is permitted to save important data.

Plan for Patch Management:
Microsoft has fixed a particular date of each month for patch management. All recognized flaws are fixed at that particular date so that programs and operating systems work in a safe environment to give productive end results. In May 2015, about 46 vulnerabilities were noted* in Windows Server, Silverlight, SharePoint, Desktop Windows and Adobe’s Flash.

MSPs have thousands of software applications, and each of these software has gateways for intruders. In order to patch up such holes which lead towards data breaches, patch management technology is used to maintain security level. There are many companies that do not consider this tiresome process as important to execute each month. MSPs must have all-inclusive priority based strategies for patch management.

* – http://www.symantec.com/connect/blogs/microsoft-patch-tuesday-may-2015

Characteristics of Advanced Data Archiving Software

August 5, 2015 Kris Price

Data archiving is a specific process to transfer data to a storage device for future use. Unlike backups, data archives do not contain copies of actual data. Before selecting archiving software, there are many useful features to consider. Data archives are based on older, but important data that can be retained for compliance. Searchability is bare-bone feature that helps in providing useful solution for data archiving. To get significant search functionality, data archiving software have particular attributes:

Granularity
In order to carry on searches, granularity plays an important role. It is an indispensable capability which is necessary to perform e-discovery process. As bulk of data is examined at this stage to get important information, software must have competence to carry on searches on following basis:

Data Sources: Through search, access end results from which file server, such as Microsoft SharePoint, financial apps
Data Type: Microsoft Office document, PDF, email and many other files
Important Data: Files such as social security numbers, bank account number and credit card numbers
Author of Document: Search by author of file

Storage Optimization
Another significant feature, other than granularity, is known as Storage Optimization. When this feature is selected, it helps in reducing the amount of data, as well as access data in seamless way. Storage Optimization feature gives benefits in form of reducing operating costs and capital. It helps in improving information governance, access to data for analysis and reporting and lower risk.

It seems absurd to find a lot of copies of same data in search results. To cope with this situation, deduplication engine (available in archiving software) is used that works all the way to avoid such situations. Through compliance, effective policies are developed for keeping data in archives for a specific time period. Archiving is best for certain type of data that is required to be backed up, but will not be accessed frequently.

Flexibility
Third most important feature of archiving software is flexibility to support maximum data platforms and popular applications. Some software offer facility to archive data from social networking sites like organization content on Twitter or Facebook.

Additionally, wide range of sources, writing capabilities and data targets should be handled properly for extraction. An organization cannot afford to follow limited tracks, such as tape archives, when unlimited and affordable archival alternatives are offered to them. Wide-ranging media is supported to extract archived data. Furthermore, extracted data can be written to DVD, tape, Blu-ray and many other mediums.

In a nutshell, best software for data archiving require more features, such as automation and compliance regulation to assist users in managing data. Once you confirm what type of data is important for future use and how long you need to store that data in the archives, organization can get maximum benefit from archiving software.

How Unpatched Software Give Way To Data Breaches?

July 3, 2015 Damien Garvey

It is a fact that IT related business is growing by leaps and bounds, and has changed the usage of organizational devices significantly within the last decade. With the growth of business, it has become essential to have some security measures. IT professionals have warned about risks associated with hyper-connectivity. Enterprises face great risks because the shortcomings of unpatched software are exposing data to cyber crime attacks. Therefore, it is the need of the hour to use advanced systems for data security.

Windows XP has lost its value due to security issues and instabilities which are associated with the operating system. When an OS developer like Microsoft cannot provide patches and critical updates to cope with security issues, the need for a new and well-defined operating system emerges.

What are the consequences of data breaches when complying with HIPAA (Health Insurance Portability and Accountability Act)?

HIPAA Breach Rule

HIPAA is an act related to accountability and health insurance portability. In order to give maximum protection and privacy to health information, federal law has set some rules and regulations. OCR (Office for Civil Rights) is responsible for enforcing security law. For data security, OCR gives notification to organizations when certain information is breached. When businesses do not apply latest software patches, customers could get affected by data breaches and their social security numbers and/or credit card numbers could be stolen; and as a result, HIPAA penalty could be levied. Organizations have been fined by OCR because many have become the victim of malware caused by failure in selecting software patches.

It is notable that HIPAA or OCR does not inform organizations to keep their software updated. When companies do not pay attention to software flaws and keep on working with patching software, issues such as data breaches become unavoidable.

How to Run System Smoothly?

To check data security, it is significant to use vigilant approach and observe applications of third-party against protection vulnerabilities. Unsecure data can be the result of supportive software or operating system that is functioning in the environment. To cope with data issues, security updates and advanced patches should be applied. For a small business or an enterprise, assistance of IT administrator is the only solution to get peace of mind.

In a nutshell, the penalty of data breaches should not be only in form of levying fines, but there must be some rules to meet the demands of industry. Organizations know methods to find out security risks and satisfactory solutions. In other words, patch your software and use updates to keep your data safe and secure. Organizations can improve ways of data protection by using cloud computing. As compared to public cloud, private cloud using companies are much more satisfied with security of data.