MS Exchange Critical Security Threat – We’ve Got Your Back!

You may have heard rumblings across the Internet of a giant Microsoft Exchange vulnerability that raised its ugly head this week.  On Tuesday evening, Microsoft announced the existence of four critical zero-day security vulnerabilities affecting all current versions of Microsoft Exchange Server.  That’s the same time we stepped up to make sure that all DataYard and our clients’ servers were patched and secured as soon as possible.

Starting at 2AM on Wednesday morning, our engineers began installing the needed upgrades and patches to all DataYard managed Microsoft Exchange servers .  The Exchange infrastructures in question were quickly updated and rebooted, after which point DataYard engineers took a deeper dive to determine if there were any lingering threats.

In many cases across the globe this security vulnerability had already been exploited in an attempt to open a backdoor to critical and private data – our customers were no exception.  DataYard engineers discovered malicious web shells which had been remotely uploaded by nefarious bots in the final days of February 2021. While a malicious shell was indeed uploaded on these systems to provide access to a bad actor in the future, there is no evidence to suggest that the shell was ever accessed or utilized after the initial automated upload.

As of 2PM on Thursday (3/4/21), DataYard had completed the following for all of our managed VIP clients:

  • Determined if the VIP was vulnerable to the exploit in question
  • Updated OS when applicable
  • Installed critical security patches
  • Reboot and test
  • Removed all malicious files remotely updated by third parties
  • Investigated all system logs to ensure no malicious files were executed:
    • Network traffic logs
    • System events logs
    • Exchange application logs
    • Remote login records

At this point, the team at DataYard is confident to give all of our managed Exchange VIP systems a thumbs-up and a clean bill of health.  We appreciated the trust and confidence that all of our client partners have in DataYard – we are happy to have helped to avoid this nasty security breach and potential data compromise.  Please let us know if you have any questions or requests to help make IT better.

Have a fantastic weekend,
The DataYard Team

Understanding What VPNs are and Why You (Probably) Need One

If you are reading this, you’ve likely at least heard of the term “VPN”. It’s possible you’ve even used a VPN without fully understanding what it is. Today, we’re going to not only explain what a VPN is, but also why they can be very beneficial in today’s cloud-based world. 

VPN stands for “virtual private network”. While they were once mostly used by IT professionals (and maybe those looking to mask their digital activity), VPNs are very common in today’s interconnected business world, especially as remote working has become a regular part of life. With critical data being shared and accessed from different places across the world, privacy and security needs to be a top priority. 

A VPN can help with that.  

What exactly is a VPN?

Before we dive into what a VPN is, we need to establish some context. 

When you’re connecting to the internet at work, you’re (hopefully) connecting through a secured network operating off a local server. This server, among other things, acts as a buffer between your company devices and the internet. It should be equipped with a firewall and configured so that only the appropriate information can enter or exit it.  

This provides vital protection for your data while providing your employees with the access they need. 

When someone connectto the internet from their home, however, they’re most likely going straight from their device to the internet. Yes, there’s their local router and modem, but outside of a basic password set for Wi-Fi, there likely isn’t anything in the way of protection. 

While this is generally fine for personal internet usage, it can become a problem when private work information is being shared or accessed. This is where a VPN comes in. 

A VPN is a server that you connect to remotely. Once connected to the VPN, you can then browse the internet, access information on your company’s network, etc. in a secure environment. It’s essentially the same as if you were connecting to your office’s secured network, except you’re doing it across an external internet connection through a process known as tunneling.  

The actions you take, the data you share, and the places you visit are all encrypted through the VPN. 

Why Do You Need a VPN? 

The primary benefit of a VPN is enhanced cybersecurity. As we mentioned, all data sent across a VPN is encrypted. That means even if a hacker was able to get to the data you’re sharing, it would be undecipherable to them. VPNs are especially useful when people are utilizing public internet such as in a Starbucks, where you don’t know who else might be on the network. 

With so much work done on the go or remotely, VPNs offer critical security for an affordable price. For most businesses, it’s the best way to manage employees’ online activities when they’re working out of the office.  

It also provides a safe way for employees to access information kept on your company’s server.  

VPNs Aren’t Foolproof 

While a VPN is a great addition to your cybersecurity arsenal, they have their limitations. Additionally, when implemented poorly, VPNs can tax your server speeds and result in slow performance. That’s why it’s best to implement VPNs as part of a larger digital strategy for your business. 

At DataYard, our IT consultants in Dayton, Ohio can help create a proper digital strategy, including setting up VPNs, identifying weak points in your cybersecurity, rolling out updated protocols, and more. If you’re serious about improving your company’s security and technological prowess, contact DataYard today. 

Our IT Pros is Here for You

LEARN MORE ABOUT HOW DATAYARD CAN KEEP YOU SECURE

Why Server Maintenance is So Important

Updates have become a regular part of our lives. Whether it’s your phone, your computer, your software programs, or even a gaming system, you likely receive a notification every week or two informing you that there’s an update available.  

In certain situations, these updates may be required before you can continue to use a particular device or piece of software. Often, however, they are “optional”. That is, you get to choose when (or if) they’re done. 

While these updates are important and provide critical functionality and security updatesignoring them won’t have immediate repercussions for most personal devices. That’s not to say you shouldn’t be updating your phone or that personal copy of PhotoshopIgnoring updates can lead to technical issues, and may even expose you to security risks.  

That’s why, when it comes to commercial devices, it’s critical to always stay on-top of updates and general maintenance for the sake of security and performance. This is especially true when it comes to your server systems. 

What Does Server Maintenance Look Like?

Updating and maintaining a server is more than simply installing a newer version of the OS that runs on it. A server doesn’t just involve a singular piece of software, but a network of software and firmware that works together to keep your systems running. Because of this, updates and patches are performed across multiple areas of the server. 

Additionally, servers need to be physically examined, cleaned, have their temperatures monitored, and more. 

The most critical part of server maintenance, however, is verifying and updating backups. With proper backups in place, a business is protected against any number of otherwise catastrophic situations. Should updates cause an issue or temporarily take your system offline, backups can be utilized to quickly get you up and running. 

However, to keep things running and updated, systems have to occasionally go offline, powered down, and/or reset so that changes can be implemented. Update scheduling and rollouts are an important part of server maintenance. This allows updates to happen during non-critical hours, usually late at night or over the weekend. 

While it might seem like a hassle to keep everything constantly updated and occasionally experience a brief loss in performance as your system is updated, it’s far better than the alternative. Server updates and maintenance are what keep your systems running optimally and protected from the latest in cyber threats.  

The strategies used by hackers and malicious programs are constantly evolving as system weaknesses are discovered. Constant maintenance and upgrading are the only ways to keep your systems safe. 

As you might imagine, this involves a lot of on-going work, often requiring a dedicated person (or team) to monitor statuses, schedule updates, and rollout changes. Because of this, many modern businesses rely on third parties to handle their ongoing monitoring and maintenance. 

At DataYard, we not only employ an experienced staff of IT professionals, but we have our own data center fully equipped to handle your hosting needs. With these two areas of service combined, we’re perfectly positioned to be all-in-one network solution. 

We’ll make sure that your systems are monitored, maintained, and equipped with the latest cyber security in Dayton, Ohio. Contact us today. 

Our Data Center is Here for You

LEARN MORE ABOUT OUR HOSTING AND MANAGEMENT SERVICES


What to Look for in Colocation

With a growing need for flexibility, scalability, complexity, and power, more and more businesses are keeping their server systems off-site. While cloud servers work great for a number of businesses, some companies need (or just want) to utilize their own equipment. 

Colocation is still very much alive in the 2020soffering a best of both worlds approach to hosting. Businesses get to purchase, setup, and control their own equipment. However, they don’t have to worry about housing, cooling, or powering it. 

That is, as long as they choose the right colocation provider. What should you look for when deciding on a colocation site? 

What to look for in colocation...

Scalability 

One big reason businesses look to colocation is because they simply don’t have the space to house their equipment. But it’s not enough for a colocation space to meet your current needs. As your business grows, your technical needs will grow as well. This doesn’t just mean you need more space, but you will also need more power. 

Before looking at a colocation space, consider what your technical needs might be 5-10 years from now. Make sure that you choose a provider that can easily grow with you, providing the space and resources you need. 

Accessibility  

While colocation systems might be housed off-premises, they’ll still need to be accessible to your team. After all, it’s your equipment. With how dependent businesses are on keeping their systems operational at all times, you need to be able to get to your equipment anytime, day or night. 

24-hour access, 7 days a week, 365 days a year is a must. 

Security 

Servers don’t just need digital protection; they need to be physically safe as well. While protecting your systems from cyber threats might be the responsibility of your team, it’s up to your colocation provider to keep your equipment safe. 

In addition to keeping it secured from unauthorized access and theft, they also need to keep it temperature controlled, safe from power outages, and more. 

Our Colocation Services 

In need of a secure, scalable, and reliable colocation facility to house your servers and equipment? Our Data Center is an excellent choiceWherever you’re operating from, our facility has the capacity and capabilities for both today’s and tomorrow’s needs. 

Here’s what you can expect from our colocation services: 

  • Move-in Ready 
  • Scalable 
  • 24/7/365 Customer Access 
  • SOC 2 TYPE II Certified 

Not entirely sure what you need? Maybe you’re looking for additional help building out your infrastructure? Our experienced team of IT consultants in Dayton, Ohio is up to the task. For all of your hosting, IT, and data center needs, DataYard is here for you. 

Our Data Center is Here for You

LEARN MORE ABOUT OUR COLOCATION SERVICES


Helping Your Employees Work from Home

Even if your company had a work-from-home policy before quarantine, most of your employees probably aren’t used to working every single day from their house. It’s important to ensure that your employees are well taken care of as they work remotely. Here are a few things you can be doing to help workers make the most of their at-home employment.

Continue reading

Work-Life Balance with BYOD

BYOD (bring your own device) offers a number of benefits. Employees choose the device they use, employers save on device costs, remote working is simplifiedthe list goes on. It’s not without its concerns, however.  

In addition to security risks, one of the primary red flags with BYOD is the blurring of work life and personal life. With the rise of smartphones, powerful portable computers, mobile networks, and cloud-based systems, the work-life balance has become increasingly murky. Left unchecked, BYOD can disrupt this balance even further. 

While work-life balance is sometimes labeled as an employee concern, it should be just as important to employers. It’s not just about whether their work life bleeds into their personal time, but how much of their personal life infiltrates into work time. 

True to its name, it’s a balance of both sides. Maintaining work-life balance results in employees with better attitudes who are more efficient. With the current COVID-19 quarantine measures that are in place, keeping work life and personal life separated is more difficult (and more important) than ever. 

Here is some general guidance for maintaining work-life balance with BYOD, whether your employees are quarantined at home or not. 

Separating Work and Life with BYOD

When it comes to managing devices owned by your employees, much of it is about setting expectations.  

You shouldn’t expect your employees to always have their work email pulled up, their communication app turned on, etc. In fact, unless their role requires emergency responses or it’s a special situation, it might be good to encourage employees to mute work-notifications during off hours. 

On the other hand, you should set hours when they should be online and reachable from their device. Make sure they know when their hours of availability should be. Set a policy for placing meetings/availability on a shared calendar.  

If you’re using Slack, Teams, or a similar communication tool, ask that employees keep their statuses updated. 

Speaking of tools and apps, make sure they have the necessary programs installed on their device so that they can adequately perform their tasks and responsibilities. Additionally, make sure that antivirus and firewall software is in place and activated.  

This will help protect both them and you from whatever they use their device to do. It’s hard to tell them what they can’t do with their own device, but you can mandate what they need to do if they’re going to use it for work. 

Preventing Personal Actions from Invading the Workplace 

If your employees are using personal devices for work, those devices are naturally more exposed to risks. To protect your company’s information and network from things the device might be accessing, proper security measures need to be implemented. 

For more hands-on monitoring and control, there are additional tools you can implement, such as a MAM (mobile application management), This allows you to monitor, update, and even remove mobile applications from a remote device, protecting your employees from otherwise dangerous software. 

Other tools can allow you to monitor, access, and update laptops and desktops as well. Whatever you do, it’s always important to be transparent with your employees. Make sure they know what you can see and access on their device. 

It’s a Process 

Successfully integrating BYOD requires guidelines, policies, and expectations. Maintaining the balance between work and life as your employees use their own devices is a process. It’s important that you engage with your employees, get their feedback, and adjust accordingly. 

Of course, creating policies, implementing changes, and assisting employees with any technical difficulties is a lot of work. This is where a dedicated IT team can help. 

At DataYard, we provide a range of IT services to assist modern day businesses. Whether you need cybersecurity, cloud storage, managed IT, or all of the above, we’re here to serve. For BYOD, our IT consultants in Dayton, Ohio can help create and implement policies and that maintain work-life balance and keep your systems protected. 

Contact us today! 

Keep Work and Personal Use Separate

LEARN MORE ABOUT OUR CYBERSECURITY SERVICES

Importance of IT in Quarantine Remote Work

With the outbreak of the COVID-19 virus and the implementation of quarantine and social distancing measures, most office workers are finding themselves operating from home. While many modern offices have some degree of work from home policies in place, the idea of everyone working from home day after day is a much different situation. 

Everyone is having to rapidly adjust. 

Working from home every day sounds great in theory, but it also poses a number of problems. For workers, many struggle with productivity and focus at home, especially with schools being closed and children being home.  

For business owners and office managers, there are more unique concerns. It’s very important to maintain proper IT practices and security measures while everyone is working from home. Though we don’t know how long this time of quarantine will last, it’s best to prepare for the long-haul. 

Here are a few things to be mindful of...

Employees Being Ill-Equipped 

Most office workers have a laptop, tablet, or at-home computer to utilize. If you have a bring your own device policy in place, they may even use it for work already. Even if they do, the rest of their athome setup likely pales in comparison to their work setup. If your employees have multiple monitors, standing desks, comfortable chairs, and/or new computers at the office, sitting at a dinner table with a laptop is going to be a challenge for them. 

If possible, let employees take monitors, work computers, and even desk chairs home during this time. Give tips for creating their setupYou can even have employees share their own setups.  

Security Connections 

Home networks are often much less secure than business networks. While you can’t overhaul the broadband and Wi-Fi systems that your employees have at home, you can implement protocols on the devices they’re connecting to it.  

This includes making sure their devices network settings are configured correctly, that firewalls and anti-virus software are turned on, etc. A further measure would be to implement a VPN (Virtual Private Network). This encrypts the data coming and going from a device, making it undecipherable to anyone who isn’t authorized to view it. 

This is a highly effective measure that can be implemented with simple, affordable software. 

If further security measures are needed, you could issue hardware firewalls to employees to be used at home. It’s an added expense, not to mention some additional configuration would be needed, but for employees who are handling especially valuable data, it may be necessary. 

Implementing Communication Tools and Software 

With everyone working from home, there’s a greater need for implementing communication and sharing tools. While you certainly had a number of software programs and online tools you used in office, some applications might be needed. Thankfully, there are more ways than ever to connect, share, and work collaboratively without being in the same building. 

The main hurdle here is getting your employees setup and trained on the tools. 

A Dedicated IT Team Makes Remote Work Much Smoother 

With so much already going on, trying to micromanage the individual IT needs of each remote employee can be impossible. However, it’s very important that these needs are met and that they’re handled appropriately.  

This is an especially terrible time to lose productivity, experience miscommunication, or suffer from a security breach. 

Having a dedicated IT team on hand can make a massive differenceA quality IT company is well-versed in operating remotely, and they’ll be able to assist in setting employees up with new hardware and software and making sure your systems are secure. 

At DataYard, we provide a wide range of IT services perfectly suited to help businesses adapt to the rapidly changing work atmosphere. Our IT consultants in Dayton, Ohio can help you maximize security, connectivity, and productivity while your employees operate remotely. We have the knowledge and experience to spot shortcomings, create IT strategies, and implement changes so that everyone is on the same page, regardless of where they’re working from. 

Our IT Pros are Here for You

MAKE REMOTE WORKING BETTER


Bring Your Own Device

With the increasing affordability of modern technology, along with the integration of that technology in our day-to-day lives, an individual person often has numerous devices they utilize throughout the day. Almost every adult has their own smartphone. Over 50% of US adults own a tablet. Laptop ownership is even higher among certain age groups.

Continue reading

Deciding Between Colocation vs. In-House Hosting

Cloud-based hosting is the go-to option for many businesses, large and small. It provides great flexibility while keeping things simple. Sometimes, however, you need your own server equipment. Whether it’s to meet compliancy needs, maximize control, or simply because you prefer to own instead of rent, there is still very much a place for physical hosting in today’s cloud-based world. 

However, if you own your own equipment, that means you’ll need to house and power it. While a server is essentially just a computer, it comes with some critical requirements: 

  • Continuous power supply 
  • Digital and physical security protection 
  • Total temperature control 
  • A fair amount of space 
  • And more 

If you’re able to accommodate those needs, you might choose to keep your servers in-house. Otherwise, there is colocation. Colocation is where you store your own equipment in a third-party data center that’s built to handle the special requirements of server equipment. 

Not sure which option is best for you? Let’s take a look at both. 

What's the difference between in-house hosting and colocation?

In-House Hosting

With in-house hosting, you’ll need to setup a proper server room on your property. This will need to be fitted with power-supply redundancies so that your servers don’t crash if the power in the building unexpectantly goes out.  

The primary benefit of in-house hosting is immediate access. If you have the IT staff to manage and support it, they’ll able to get directly to it at a moment’s notice. Of course, that also means you need to have an in-house IT team that can support it as needed. 

If your team is already stretched thin, it can be yet another thing they have to deal with. 

Additionally, many offices, even larger ones, simply aren’t equipped to meet the needs of a server system. It can also increase your utility costs more than you think. 

Colocation 

Colocation is pretty straight forward. You supply the equipment and a data center takes care of the rest. A proper data center is well-equipped to house and supply server equipment, making sure it stays protected and running properly.  

While there is some initial setup cost, along with the on-going rental fee, the expense of colocation is actually comparable to the cost of in-house hosting. That’s not to say you should put your server equipment in just any data center.  

You want to make sure it’s a trustworthy facility that can exceed your needs and provide room for growth. 

Reliable Colocation Wherever You Are 

At DataYard, we can handle almost all IT and hosting needs. From cloud hosting to colocation and beyond, our data center is equipped to meet your storage and security requirements. With colocation at Data Yard, you’ll receive 24/7/365 access, so you can get to your equipment whenever you need to. 

Need additional support or guidance for your server setup and infrastructure? Our team of IT consultants in Dayton, Ohio  can help ensure you have all of your bases covered. 

Contact us today! 

Our Data Center is Here for You

LEARN MORE ABOUT OUR COLOCATION SERVICES