MS Exchange Critical Security Threat – We’ve Got Your Back!

You may have heard rumblings across the Internet of a giant Microsoft Exchange vulnerability that raised its ugly head this week.  On Tuesday evening, Microsoft announced the existence of four critical zero-day security vulnerabilities affecting all current versions of Microsoft Exchange Server.  That’s the same time we stepped up to make sure that all DataYard and our clients’ servers were patched and secured as soon as possible.

Starting at 2AM on Wednesday morning, our engineers began installing the needed upgrades and patches to all DataYard managed Microsoft Exchange servers .  The Exchange infrastructures in question were quickly updated and rebooted, after which point DataYard engineers took a deeper dive to determine if there were any lingering threats.

In many cases across the globe this security vulnerability had already been exploited in an attempt to open a backdoor to critical and private data – our customers were no exception.  DataYard engineers discovered malicious web shells which had been remotely uploaded by nefarious bots in the final days of February 2021. While a malicious shell was indeed uploaded on these systems to provide access to a bad actor in the future, there is no evidence to suggest that the shell was ever accessed or utilized after the initial automated upload.

As of 2PM on Thursday (3/4/21), DataYard had completed the following for all of our managed VIP clients:

  • Determined if the VIP was vulnerable to the exploit in question
  • Updated OS when applicable
  • Installed critical security patches
  • Reboot and test
  • Removed all malicious files remotely updated by third parties
  • Investigated all system logs to ensure no malicious files were executed:
    • Network traffic logs
    • System events logs
    • Exchange application logs
    • Remote login records

At this point, the team at DataYard is confident to give all of our managed Exchange VIP systems a thumbs-up and a clean bill of health.  We appreciated the trust and confidence that all of our client partners have in DataYard – we are happy to have helped to avoid this nasty security breach and potential data compromise.  Please let us know if you have any questions or requests to help make IT better.

Have a fantastic weekend,
The DataYard Team

Long Term Effects of COVID-19 on Offices

Even as businesses start to reopen and life resumes a more normal pace, much has changed since the global outbreak of COVID-19 began. People have grown accustomed to staying in, take-out and delivery services have skyrocketed, and group video chats and livestream performances have become the new normal. 

Expectations and habits have shifted on an international scale.  

At this point, it’s safe to assume things will never be quite the same as they were before 2020, and office spaces are no exception. While remote working has risen in popularity over the past decade or so, it has now become firmly engrained in work culture. Things that were once an exception are now the rule. 

Whatever your personal thoughts might be regarding COVID-19 and the measures being taken, there’s no point in fighting the shifting work climate. The best thing to do is adapt. 

Even for companies who need high-performance, extra security, and 24/monitoring, cloud hosting solutions can provide dedicated server space that keeps up with all of their demands. 

But in-between cloud servers and in-house servers, there is another option: colocation. 

Colocation is when you house your own physical server equipment in a third-party data center. You handle the purchasing and configuration of the equipment. The data center keeps it secure, powered, and cooled.  

This has proven to be a popular solution, as it frees businesses from having to store their dedicated servers in their own buildings. Advanced systems can make noise and run hot, not to mention they need backup power sourcesextra security measures, and high-speed network access. 

By placing your equipment in a data center, you can free up your own real estate and remove the responsibility of keeping your servers powered, protected, and connected. It’s a best of both worlds approach. 

However, as cloud hosting and dedicated virtual servers have grown in capabilities, many have moved away from colocation. Some have even gone as far as to say that colocation is dead. This is not true. In fact, colocation is on the rise. 

Why is that? It’s simple. Some businesses need their own equipment.  

And others just like having ownership over it. 

Office Life After COVID-19

Precautions for Sickness 

The safety of employees should be a top priority for any business. Now more than ever, it’s important that your employees feel safe. As offices have started to open, temperature checks have become commonplace. While this likely won’t last foreverflexible sickness policies almost certainly will. 

Encourage any employees who are feeling unwell to work from home. Even if their symptoms are minor, or they passed the day before, it’s best to stay safe. Businesses will likely be establishing official protocols for what employees should do when they’ve been sick. 

100% Remote Readiness 

When quarantine measures started, many offices were forced to quickly (and radically) expand their remote capabilities. In March, approximately 30% of Americans were working from home in some capacity. By April, it had increased to 62%, and it’s only continued to rise. 

It’s safe to assume that many of these people have gotten used to the process of working out of their homes. Even before quarantine started, a Gallup poll found that 54% of workers would leave their job for one that’s flexible with where and when people work. 

As an office in a post-COVID world, you need to be ready for any given employee to be able to do 100% of their job remotely. There may be specific exceptions to this within your business, such as an IT worker needing to physically access a system. Even in these situations, however, you should look into solutions that would allow for you to operate 100% remotely. 

Employees Will Have Better At-Home Setups 

Part of the concern with employees working from home is that they lack the proper setup and tools to efficiently operate. With the months of quarantine, however, most employees have naturally adapted. Desks have been purchased, areas have been sectioned off, etc. 

Still, there is an opportunity for businesses to step in and further assist their employees in their abilities to work from home. You may consider supplying employees with at-home monitors, webcams, and other tools. 

More importantly, you need to ensure the devices they’re using and the networks they’re accessing are properly set up and secured.  

An Increased Need for Remote Cybersecurity 

While a loss in productivity is a big concern for employees working from home, cybersecurity is an even larger one. Employees working on their home network from a personal device are typically more exposed than if they were working from the office. 

To combat this, a greater emphasis on remote IT security is needed. 

Implementing a VPN is a great first step, but it’s not enough. Any devices being used for work, even if they’re privately owned, need to be properly updated and maintained. You also need to ensure employees have access to the necessary tools and software. Trying to manage all of these extra devices and networks can be very taxing for businesses, even if they have an IT team. 

This is where a third-party IT partner can prove to be very useful. 

At DataYard, we provide a full suite of IT and cybersecurity services that can keep your business protected and stable, whether your employees are at home or in the office. We can also handle your hosting and cloud-based needs, allowing your business to be 100% remote-ready, if necessary. Have your own server equipment? We have the perfect colocation space for you to house it in. 

In a post-COVID office environment, businesses will need an increasingly complex range of IT capabilities. With DataYard, the process becomes a lot simpler. For IT, hosting, and cyber security in Dayton, Ohio and beyond, contact DataYard today! 

DataYard is Here for You

LEARN MORE ABOUT OUR CYBERSECURITY SERVICES

Understanding What VPNs are and Why You (Probably) Need One

If you are reading this, you’ve likely at least heard of the term “VPN”. It’s possible you’ve even used a VPN without fully understanding what it is. Today, we’re going to not only explain what a VPN is, but also why they can be very beneficial in today’s cloud-based world. 

VPN stands for “virtual private network”. While they were once mostly used by IT professionals (and maybe those looking to mask their digital activity), VPNs are very common in today’s interconnected business world, especially as remote working has become a regular part of life. With critical data being shared and accessed from different places across the world, privacy and security needs to be a top priority. 

A VPN can help with that.  

What exactly is a VPN?

Before we dive into what a VPN is, we need to establish some context. 

When you’re connecting to the internet at work, you’re (hopefully) connecting through a secured network operating off a local server. This server, among other things, acts as a buffer between your company devices and the internet. It should be equipped with a firewall and configured so that only the appropriate information can enter or exit it.  

This provides vital protection for your data while providing your employees with the access they need. 

When someone connectto the internet from their home, however, they’re most likely going straight from their device to the internet. Yes, there’s their local router and modem, but outside of a basic password set for Wi-Fi, there likely isn’t anything in the way of protection. 

While this is generally fine for personal internet usage, it can become a problem when private work information is being shared or accessed. This is where a VPN comes in. 

A VPN is a server that you connect to remotely. Once connected to the VPN, you can then browse the internet, access information on your company’s network, etc. in a secure environment. It’s essentially the same as if you were connecting to your office’s secured network, except you’re doing it across an external internet connection through a process known as tunneling.  

The actions you take, the data you share, and the places you visit are all encrypted through the VPN. 

Why Do You Need a VPN? 

The primary benefit of a VPN is enhanced cybersecurity. As we mentioned, all data sent across a VPN is encrypted. That means even if a hacker was able to get to the data you’re sharing, it would be undecipherable to them. VPNs are especially useful when people are utilizing public internet such as in a Starbucks, where you don’t know who else might be on the network. 

With so much work done on the go or remotely, VPNs offer critical security for an affordable price. For most businesses, it’s the best way to manage employees’ online activities when they’re working out of the office.  

It also provides a safe way for employees to access information kept on your company’s server.  

VPNs Aren’t Foolproof 

While a VPN is a great addition to your cybersecurity arsenal, they have their limitations. Additionally, when implemented poorly, VPNs can tax your server speeds and result in slow performance. That’s why it’s best to implement VPNs as part of a larger digital strategy for your business. 

At DataYard, our IT consultants in Dayton, Ohio can help create a proper digital strategy, including setting up VPNs, identifying weak points in your cybersecurity, rolling out updated protocols, and more. If you’re serious about improving your company’s security and technological prowess, contact DataYard today. 

Our IT Pros is Here for You

LEARN MORE ABOUT HOW DATAYARD CAN KEEP YOU SECURE

Work-Life Balance with BYOD

BYOD (bring your own device) offers a number of benefits. Employees choose the device they use, employers save on device costs, remote working is simplifiedthe list goes on. It’s not without its concerns, however.  

In addition to security risks, one of the primary red flags with BYOD is the blurring of work life and personal life. With the rise of smartphones, powerful portable computers, mobile networks, and cloud-based systems, the work-life balance has become increasingly murky. Left unchecked, BYOD can disrupt this balance even further. 

While work-life balance is sometimes labeled as an employee concern, it should be just as important to employers. It’s not just about whether their work life bleeds into their personal time, but how much of their personal life infiltrates into work time. 

True to its name, it’s a balance of both sides. Maintaining work-life balance results in employees with better attitudes who are more efficient. With the current COVID-19 quarantine measures that are in place, keeping work life and personal life separated is more difficult (and more important) than ever. 

Here is some general guidance for maintaining work-life balance with BYOD, whether your employees are quarantined at home or not. 

Separating Work and Life with BYOD

When it comes to managing devices owned by your employees, much of it is about setting expectations.  

You shouldn’t expect your employees to always have their work email pulled up, their communication app turned on, etc. In fact, unless their role requires emergency responses or it’s a special situation, it might be good to encourage employees to mute work-notifications during off hours. 

On the other hand, you should set hours when they should be online and reachable from their device. Make sure they know when their hours of availability should be. Set a policy for placing meetings/availability on a shared calendar.  

If you’re using Slack, Teams, or a similar communication tool, ask that employees keep their statuses updated. 

Speaking of tools and apps, make sure they have the necessary programs installed on their device so that they can adequately perform their tasks and responsibilities. Additionally, make sure that antivirus and firewall software is in place and activated.  

This will help protect both them and you from whatever they use their device to do. It’s hard to tell them what they can’t do with their own device, but you can mandate what they need to do if they’re going to use it for work. 

Preventing Personal Actions from Invading the Workplace 

If your employees are using personal devices for work, those devices are naturally more exposed to risks. To protect your company’s information and network from things the device might be accessing, proper security measures need to be implemented. 

For more hands-on monitoring and control, there are additional tools you can implement, such as a MAM (mobile application management), This allows you to monitor, update, and even remove mobile applications from a remote device, protecting your employees from otherwise dangerous software. 

Other tools can allow you to monitor, access, and update laptops and desktops as well. Whatever you do, it’s always important to be transparent with your employees. Make sure they know what you can see and access on their device. 

It’s a Process 

Successfully integrating BYOD requires guidelines, policies, and expectations. Maintaining the balance between work and life as your employees use their own devices is a process. It’s important that you engage with your employees, get their feedback, and adjust accordingly. 

Of course, creating policies, implementing changes, and assisting employees with any technical difficulties is a lot of work. This is where a dedicated IT team can help. 

At DataYard, we provide a range of IT services to assist modern day businesses. Whether you need cybersecurity, cloud storage, managed IT, or all of the above, we’re here to serve. For BYOD, our IT consultants in Dayton, Ohio can help create and implement policies and that maintain work-life balance and keep your systems protected. 

Contact us today! 

Keep Work and Personal Use Separate

LEARN MORE ABOUT OUR CYBERSECURITY SERVICES

Importance of IT in Quarantine Remote Work

With the outbreak of the COVID-19 virus and the implementation of quarantine and social distancing measures, most office workers are finding themselves operating from home. While many modern offices have some degree of work from home policies in place, the idea of everyone working from home day after day is a much different situation. 

Everyone is having to rapidly adjust. 

Working from home every day sounds great in theory, but it also poses a number of problems. For workers, many struggle with productivity and focus at home, especially with schools being closed and children being home.  

For business owners and office managers, there are more unique concerns. It’s very important to maintain proper IT practices and security measures while everyone is working from home. Though we don’t know how long this time of quarantine will last, it’s best to prepare for the long-haul. 

Here are a few things to be mindful of...

Employees Being Ill-Equipped 

Most office workers have a laptop, tablet, or at-home computer to utilize. If you have a bring your own device policy in place, they may even use it for work already. Even if they do, the rest of their athome setup likely pales in comparison to their work setup. If your employees have multiple monitors, standing desks, comfortable chairs, and/or new computers at the office, sitting at a dinner table with a laptop is going to be a challenge for them. 

If possible, let employees take monitors, work computers, and even desk chairs home during this time. Give tips for creating their setupYou can even have employees share their own setups.  

Security Connections 

Home networks are often much less secure than business networks. While you can’t overhaul the broadband and Wi-Fi systems that your employees have at home, you can implement protocols on the devices they’re connecting to it.  

This includes making sure their devices network settings are configured correctly, that firewalls and anti-virus software are turned on, etc. A further measure would be to implement a VPN (Virtual Private Network). This encrypts the data coming and going from a device, making it undecipherable to anyone who isn’t authorized to view it. 

This is a highly effective measure that can be implemented with simple, affordable software. 

If further security measures are needed, you could issue hardware firewalls to employees to be used at home. It’s an added expense, not to mention some additional configuration would be needed, but for employees who are handling especially valuable data, it may be necessary. 

Implementing Communication Tools and Software 

With everyone working from home, there’s a greater need for implementing communication and sharing tools. While you certainly had a number of software programs and online tools you used in office, some applications might be needed. Thankfully, there are more ways than ever to connect, share, and work collaboratively without being in the same building. 

The main hurdle here is getting your employees setup and trained on the tools. 

A Dedicated IT Team Makes Remote Work Much Smoother 

With so much already going on, trying to micromanage the individual IT needs of each remote employee can be impossible. However, it’s very important that these needs are met and that they’re handled appropriately.  

This is an especially terrible time to lose productivity, experience miscommunication, or suffer from a security breach. 

Having a dedicated IT team on hand can make a massive differenceA quality IT company is well-versed in operating remotely, and they’ll be able to assist in setting employees up with new hardware and software and making sure your systems are secure. 

At DataYard, we provide a wide range of IT services perfectly suited to help businesses adapt to the rapidly changing work atmosphere. Our IT consultants in Dayton, Ohio can help you maximize security, connectivity, and productivity while your employees operate remotely. We have the knowledge and experience to spot shortcomings, create IT strategies, and implement changes so that everyone is on the same page, regardless of where they’re working from. 

Our IT Pros are Here for You

MAKE REMOTE WORKING BETTER


Bring Your Own Device

With the increasing affordability of modern technology, along with the integration of that technology in our day-to-day lives, an individual person often has numerous devices they utilize throughout the day. Almost every adult has their own smartphone. Over 50% of US adults own a tablet. Laptop ownership is even higher among certain age groups.

Continue reading

Why SD-WAN Matters for Businesses in 2020

SD-WAN stands for “software-defined wide area network”. Whereas a traditional WAN typically operates at the point of contact, an SD-Wan is able to create a virtual architecture within the network, proving intelligent control. SD-WAN is designed for today’s network activity, bringing more customization, faster speeds, tighter security/privacy, and more.

Continue reading

Why Backing Up Data is So Important for Businesses

Remember the days of floppy disks where you entrusted important documents to tiny pieces of plastic that were easily lost, destroyed, erased? Well maybe you don’t because you’re too young to have even held a floppy disk, but it’s the same scenario with CD’s, flash drives and external hard drives today. Thankfully, we have cloud storage systems like DataYard’s OwnCloud, which is similar to Google Drive, OneDrive, and Dropbox to hold various documents.  

On top of that, many of our files end up in our email or on a project management system that we can access from any internet-connected device. 

These days, you’d have to be crazy to trust important files to a single disk, or even one hard drive. And yet, many businesses fail to properly backup their computer and server systems, leading to much bigger issues. 

Many companies that suffer a major data loss without a proper backup system in place never fully recover. Don’t think your business can suffer from data loss? Think again. 

There are many ways to lose data....

People often associate data loss with data breaches and malicious attacks, which is fair. After all, cyber-attacks, viruses, and other malicious activities ultimately result in the theft, corruption, and/or general loss of data. 

But that’s certainly not the only way you can lose data. 

Even if your systems are updated and well protected from external threats, things can still go very wrong. Machines break. Hard drives wear out. A power outage can result in the loss of unsaved information. A fire or natural disaster can destroy the equipment housing your data. 

Let alone the dreaded data loss due to something as basic as spilling a cup of coffee on a computer or network device. Nearly 30% of hard drive failures are caused by simple accidents. 

Losing data costs a lot of time and money. Having your systems down can cost a lot as wellIf you want to keep your business safe and your information protected, you need proper backup systems in place.  

For those who operate under various compliancy standards, backup systems are likely required. Failure to follow backup protocol can result in the loss of clients, as well as potential fines. 

Providing Peace of Mind with Quality Backup Support 

At DataYard, we understand just how important backups are to modern businesses. That’s why are backup services go above and beyond the various needs of our customers. Whether you have compliancy standards to meet or not, we can make sure you information is safe. 

Our cloud hosting automatically creates daily backups going back at least 30 days. Additional backups can be made as needed. Our servers our housed in our data center which is well protected against power outages and other dangers. 

Additionally, we offer colocation for those who prefer/need to use their own equipment. Want backups created offsite? We can help with that too. 

In addition to our general server capabilities, we offer consultation and management to clients across the globe, along with onsite IT services in the Dayton, Ohio area. 

Keep your business protected from data loss. Contact DataYard today.

Our Data Center is Here for You

LEARN MORE ABOUT OUR SECURITY AND BACKUP SERVICES


Your Business Needs a Next Generation Firewall

As we mentioned in a recent post, a firewall is your first line of protection against malicious presences on the internet. A firewall is the gatekeeper to what’s entering your network or device, keeping the bad things out while letting the safe information in. 

At least, that’s what it should be doing. But as malware, viruses, and hacking techniques evolve, the tools that protect against them need to evolve as well. A traditional firewall might not be enough to protect you. 

For example, once upon a time, malware and hackers exploited holes in networks and security systems. Now, however, most exploit weaknesses in applications, which make them harder to flag and block. 

That’s where Next Generation Firewalls come in.  

What Makes a Firewall “Next Gen”?

A next generation firewall (or NGFW) isn’t simply the newest version or model of firewalls on the market. It’s a complete evolution, redefining how a firewall operates and what it protects you from. 

Yes, a NGFW performs all of the traditional functions of firewalls, filtering traffic based off port, protocol, preset admin filters, etc., but that’s only the beginning. 

The exact capabilities of a NGFW can vary, but they all must meet certain criteria. Gartner, one of the most senior authorities in IT, defines them as deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall. 

In many ways, NGFW combines the features of traditional firewalls with features found in additional security tools, combining them into one efficient, streamlined package. This reduces complexity while enhancing control and improving performance. 

For businesses where data security and system integrity are top priorities, having a NGFW is a must. 

Do Small Businesses Need Next Generation Firewalls? 

There’s no question that every business should have firewalls in place, no matter the size.  But do small businesses benefit from the power of next generation firewalls? Absolutely. The level of control and security featured in a NGFW is something traditional firewalls simply can’t compete with. 

That said, it can depend on what type of data you’re storing online and within your internal system. For certain smaller businesses, it could be overkill. Then again, when it comes to digital security, it’s always better to be safe than sorry when it comes to properly caring for your customers data. 

Ultimately, it doesn’t hurt to talk to a professional team about what level of firewall you should have in place for your business. As it happens, we are a professional IT team that would be happy to answer those questions for you. Our Discovery process is a perfect health check for your security level while getting a great picture of your IT environment 

At DataYard, we provide IT consultation in addition to private cloud hosting, cybersecurity, colocation in Dayton, Ohio, and more. Big or small, we can scale our services to meet your needs on a reasonable budget.  

Contact us today! 

Is Your Data Protected?

LEARN MORE ABOUT OUR CYBER SECURITY SERVICES