Close operating system exploits and vulnerabilities

Microsoft Patching Addresses 88 Vulnerabilities & Risks Found in Systems Today

Patching can prevent many of the most-used exploits, risks, and vulnerabilities are seen in major applications, software, and even operating systems. These patches typically contain updates to your current software suite. In recent years, Microsoft has transitioned they focus from new features and updates to focusing on the vulnerability of business’ and employees utilizing the Windows Operating System.

Microsoft releases updates to address and fix 88 security risks and vulnerabilities in it’s Windows Operating Systems, specifically relating to software and applications. The most lethal of these include 4 vulnerabilities, that exploit code has already been created and distributed on the Dark Web. It’s these bugs that can affect ALL versions of Microsoft Office and trigger malicious links, including what feels like too many, as a customary security update for Adobe’s Flash Player.

Read more

Flipboard News gets hit by data breach in IT Support Blog Clare Computer Solutions

Read Between the Lines: What Your Business Could Learn from Flipboard’s Recent Data-Breach

According to Flipboard, hackers were able to tap directly into the databases where the app-company housed customer information. The information stolen, including customer names, user names, hashed passwords, emails, and digital tokens or API tokens for your favorite social media apps. Although Flipboard does not know how many accounts hackers infiltrated, nor have they fully-assessed the damage, one thing is for sure: It’s time for many companies to begin reading between the lines. While data that was stolen is serious, it’s the number of time hackers were able to go undetected that is cause for concern. Companies need to focus on Endpoint Protection. Read more

SF Bay Area Law Firms hit by ransomware and hackers

Phishing Attacks Begin Leveraging Legal Threats From Local Law Firms

By far the most convincing email phishing and malware attacks come disguised as your “typical nastygram” from local businesses. These emails have grown in popularity with cyber-criminals. By making minor customizations to these campaigns, these phishing attacks are now being spoofed as though, local organizations are the culprits! These emails notify recipients that he/she is being sued and instructs them to review the following attached files, with a directive to respond within a specific time frame, or penalties will occur… Here’s a look at a recent phishing campaign that peppered more than 100,000 business executives. With the goal of phishing for employee personal information and exploiting data systems, by utilizing a local law firm’s system to send infected data to partners.

In May, two well-known anti-virus firms began detecting compromised files, specifically within Microsoft Word. Emails with attachments were sent with a simple variation of the message below. This exact kit is now being traded alongside others on the “dark web,” therefore we have numerous business names outlined in brackets below.

Read more

Windows Server 2008 End-Of-Life Support Begins Looming as Business Scramble to Act

It seems like we just went through this with Windows Server 2003, but we’ll soon be losing yet another Microsoft flagship product. Windows Server 2008 R2 and Exchange 2010, reached it’s “end-of-mainstream support” on January 13th, 2015 but the final blow will come January 14th, 2020. The exact same date for the end-of-support for Windows 7 Operating Systems. Microsoft will officially end its support for Windows Server 2008 and the 2008 R2 editions. It’s a sad beginning but read on and I will point you towards a few transformative paths for on-site, or cloud use.

Although 2020 seems like its lightyears away, update in an IT Infrastructure is a large task, one that will be here before you know it. So, if you’re still running Hyper-V on a Windows Server R2 platform, or worse your still running Windows Server 2003, then you need to start strategizing now, to ensure your company is protected and infrastructure is secure while moving forward.

0Weeks0Days0Hours0Minutes0Seconds

Extended Support Dates in Effect

Windows Server 2008 and SQL Server 2008 and 2008 R2 variants are already on their extended support phase now. As of July 8th, 2019, will be the final date for SQL Server 2008, while January 14th, 2020 will come shortly after. Once these dates hit, you will be running machines at your own risk in this saturated age of cyber-attacks. The good news is the fate of these dinosaur systems isn’t as bad as it would appear. It’s true this date cannot be moved, changed or deflected, but Microsoft has opened several more, cost-effective paths for businesses to begin their infrastructure evolution.

0Weeks0Days0Hours0Minutes0Seconds

Little-to-No Support Leaves Your Operating System Vulnerable

You can continue to use Windows Server 2008 R2 safely in your environments, at least until the expiration date. By doing so, you stand the risk of missing out of several new features being introduced to the Hyper-V family on any Server 2012 operating systems. These features alone warrant an upgrade to your infrastructure prior to the end-of-life support dates.

Remember that once a product reaches its end-of-life, no new features, fixes, or updates will occur. While Microsoft continues to provide what little help for customers with Server 2008 through extending support agreements, they too will no longer be able to receive any form of support from Microsoft come January 14, 2020. Leaving many business systems open and exposed to outside infiltration. All three Windows Server 2008, 2008 R2 (Datacenter, Enterprise, and Standard) will be affected, also including the Hyper-V role.

Post-Upgrade Solutions for Managing Your Old Servers 

  • Path #1:  Seen by many as the traditional evolutionary path, upgrading to a newer version of Windows Server, and SQL Server. This is where you get the most updated features in today’s security landscape. The latest version of Windows Server 2019, and SQL Server 2017.With the only caveat being to host on-premises versions or move to the cloud.
  • Path #2:  Not interested in upgrading to the latest server versions for some reason? We’ve got you covered, with a few options for those who wish to continue using Windows Server 2008 and 2008 R2. To save you money, you could move these workloads into the Azure cloud, using Azure’s Hybrid Use Benefits. The only cost incurred is the computing instance and infrastructure. With the use of Azure Reserved Virtual Machine Instances for Windows Server, you can save further on computing costs.
  • Path #3:  The last path is the most grim for many, it’s the choice to not evolve at all. This leaves many servers including file, or database to receive the updating needed to stop cyber-attackers. For business’ that have already purchased “Software Assurance or Enterprise Subscription,” will receive security updates for a prolonged period of time. We should note, Microsoft has discontinued its assurance agreements, but with more than 90% of affected business’ operating under a “Standard License,” this path doesn’t work for the vast majority of businesses. Once again leaving many without a clear-cut choice.

This is still YOUR Choice

We hope all the information from Clare Computer Solutions, will assist in making sense of the dynamic landscape in technology. If your business wants a second opinion or just a helping hand, any of our team members would be happy to assist you with making your transition as smooth as possible. Reach out today to begin discussing your options in greater detail today.

 

Begin Making Your Plans to Migrate, as Windows 7 End -Of-Life Is Coming January 14th, 2020

3 MSP Best Practices for Protecting Your Users

Cybercrimes are reaching all-time highs, with many organizations being hit with at least one of the 230,000 attacks that occurred in 2017. As a Managed Service Provider, it’s our job to make security a priory for clients in 2018. By following 3 simple best-practices, we use to begin protecting NetCentral Partners. Built to enhance MSP security, mitigate client risk, and grow your revenue.

User Education

Effective anti-virus is essential to keeping your business protected, but it’s simply not enough. With increased risks and social engineering, many have found the need for user education as a major objective for 2019. By educating end-users through security awareness training can reduce the cost of infection or data breaches. These tactics have evolved, and are beginning to target businesses through social engineering, and the favorite method for delivering an attack.

Common Social Engineering Includes:

–  Typically, an email from a trusted friend, contact, or colleague, whose account has been compromised. The message will usually have a URL link to open or download, and invoice or website.

–  Phishing emails, comments, or text messages luring readers to confirm the legitimacy of your accounts. These are usually fake email vendor emails that have been spoofed or recreated by these criminals.

–  Fraudsters are more common in major business cities like San Francisco, Oakland, San Jose, California. These criminals leave USB or zip-drives around the company’s premises, in hopes a curious employee takes it. Hoping a curious employee will insert the temporary storage it into a computer providing access to company and personal data that is saved on your systems.

These attacks are usually devised through relevant and timely education can minimize your exposure to breaches caused by user error. By training our partners and clients on social engineering, and other tactics including ransomware, email passwords or data protection, you assist in fostering the behavior with which you wish to see across your organization.

Backup & Disaster Recovery Plans

Your IT support team should always stress the importance of backups and creating a disaster recovery plan, with regular testing of each asset. If hit with ransomware, without a secure backup, businesses face the intended ultimatum. To pay the ransom and risk the money or lose countless amounts of company data.

We’ve continued to offer our clients options to fit their network, with automated cloud-based backups and physical appliances for any company’s data retention policies to avoid encryption. With access to data anywhere at any time, the best form of proactive support comes with the industry knowledge gained from building business continuity plans.

Things to Consider:

–  Who declares the disaster?

–  How are employees informed?

–  How will you communicate with customers?

The secret to building the perfect disaster recovery plan for your business comes after the plan is implemented. The most common failure point for many businesses before NetCentral support is a failure to test a backup solution. Then a small-scale disaster or accident occurs, and your business can’t restore its data. Imagine the loss of business financials, intellectual property, client data. Insurance won’t pay you for lost information, and your disaster recovery plan is the only thing between business risk and your employees. Once a plan has been implemented and adopted by the staff, it’s important to develop your process.

Patch Management

Patch Management continues to be one of the largest areas of vulnerability for businesses with more than 2 “production” servers. Most updates are security related and should be updated as needed. Outdated technology, including an operating system (OS) or Java, are common exploits in several of this year’s largest cyberattacks. By staying atop of operating system updates, you prevent your business from learning a “very costly lesson.” A great example, of this, was back in 2017, with Windows 10. Win10 initially only marked 15% of malware files, while Windows 7 machines saw over 63% according to Webroot’s 2018 Threat Report.

Patching Process

Your patching process should feel like “a never-ending cycle,” of auditing existing systems to generate a complete inventory of all your production systems, their standardization, and operating systems and applications. By building these standards with a trusted IT support team, your patching process will become easier. Through the classification of vulnerabilities, higher priorities can be remedied, while lower vulnerabilities begin to be automated, never disrupting your workday again.

By following these best practices, your business can begin thinking like an MSP. This will ensure the safety of your business, but also securing customer data. Business owners looking to scale operations should be looking to align business objectives, with an MSP that focuses on your IT experience, if you’re in need of IT Support and Services, we can help! Contact us, to begin talking about your IT stance.

Empowering Executives with Integrations for the Technology You Love

For many CIOs and COOs, the process of technology continues to be a top priority for many come 2019. As a major headache, businesses are increasing their cloud investments to move forward with digital transformation efforts were then faced with the massive undertaking of getting multiple resources connected for a seamless user experience.

Many of the local SMBs have found a lack of competency in many smaller providers, with stitching together applications and services to make up your current IT environments. It’s these environments that will increasingly become more-hybrid. With a large mix of on-premises equipment dispersed across various sites, public and private continue to muddy the waters.

As part of the many businesses moving towards a digital transformation, IoT (Internet of Things) has entered further cluttering device options and platforms that can begin to optimize your operations. As many begin with 2019 initiatives, that will further bring-on greater levels of complexity. As a result, many local business owners have identified this gap and began to address this in their technology plans.

Digital Initiatives
As many CEOs begin cracking down according to the latest “State of the CIO 2018” report, IDGs. This continues to add pressure on the organization. As one of the most experienced MSPs in the SF Bay Area, we continued to rapidly innovate, enhance your speed-to-market and greater your customers experience with your business.

By assessing your existing investments in equipment and resources to better determine what new investments need to be made, when achieving technology goals. The digital transformation many businesses are undergoing isn’t exclusively about new technology, but instead, deciphering what makes sense to retain and what needs to be integrated for legacy applications and services, it’s more of a comprehensive assessment.

With all this in mind, we offer CIO’s and COO’s a range of services to further assist in the development of these transformative plans. In our experience, these three components continue to best assist companies in their digital future.

  1. Assessments & Planning – As you begin launching digital initiatives the need to measure twice, cut once an be a great undertaking for several businesses. Involving a review of current architecture, and bandwidth demands of these assets require greater discovery and review to determine a solution that’s right for your business.
  2. Execution – Once planning and alignment are finished, technology providers assist in multiple ways to execute this vision. It takes an IT Expert to match workloads to platforms with optimization in mind, followed by the task of creating a truly digital ecosystem where your business network can be secured and managed successfully by a business that’s done it for over 30 years.
  3. Follow Through – With experience gained through time, we continue to see clients with a lack of talent and expertise in these fields. To fully integrate technology, it requires businesses to either hire someone full-time or outsource to an MSP. As your business continues to propel further towards a more connected network, how does a business keep all of this secure, and up-to-date?

Section 179 Makes Most of Our IT Products 100% Tax Deductible

2018 section 179 tax deduction write off clare computer solutions IT support leader SF Bay area

Many of our clients, rely on this tax incentive each year, to provide them with the ability to purchase or update the technology that runs their business. Utilized by many for licensing, software packages, servers, routers, and switches, many of our clients have leveraged Section 179 as an invaluable asset for the innovation and management of their network infrastructure

Below is an overview of the section 179 tax-incentive for 2018 include deduction limits, and bonus depreciation. Originally used by innovators and investors to further the(their) businesses technology goals, many of our clients rely on this credit for the larger items in their technology scope.

2018 Deduction Limit = $1,000,000 (one million dollars)
The initial deduction is good for purchasing new technology equipment or off-the-shelf software. To take the deduction successfully in 2018, the equipment must be purchased or financed and put into service between January 1, 2018, and December 31st, 2018.

2018 Spending Cap on equipment purchases = $2,500,000
The maximum amount that can be spent on equipment, before the small business tax incentive is affected, is $2.5 Million to $3.5 Million. Most businesses looking to qualify for the tax-incentive doing $2.5 Million in technology spending, don’t meet the needs of a small business.

Bonus Depreciation: 100% for 2018
An additional bonus to close-out the year-end budgeting for 2018, bonus depreciation is generally taken from the spending cap that a business reaches and is available for both new and used equipment.

What’s the Section 179 Deduction?

Most small to medium-sized businesses in the San Francisco Bay Area think the Section 179 Tax Deduction is some mysterious or complicated tax code that you’ll need an accounting or financial firm to clear. Essentially, Section 179 is the IRS tax-code allowing businesses to deduct the full purchasing price of qualifying equipment and/or software purchased or financed during the tax year. This incentive was created to encourage businesses to invest in themselves and update vulnerable technology.

Currently, Section 179 is one of the few incentives available to small and medium-sized businesses. Large businesses also benefit from Section 179 for Bonus Depreciation. Join the millions of SMBs that have begun taking action and get your team real benefits.

Here’s How Section 179 works:

In the past, businesses would purchase IT equipment, typically writing-off some through depreciation. While this writes off was better, it wouldn’t be until 2018 that the government would include the write-off of all qualified equipment purchases for the same year your IT equipment was purchased. Making a big splash so far, many of the companies looking to move to the cloud or replace an older exchange server would qualify to write-off on the 2018 Tax Return up to $1 million.

Limits of Section 179

  • 2018 Cap to the total amount of write-offs is $1 Million
  • Amount of technology equipment purchased $2.5 Million
  • Dedication phases-out on a dollar-for-dollar basis after $2.5 Million is incurred and goes away at $3.5 Million.

Who Qualifies for Section 179?

Businesses looking to purchase, finance, or lease new or used business equipment during the 2018 tax-year qualify. Most of the tangible goods purchased through Section 179 and must be placed into service no later than December 31, 2018.

If your business is looking for ways to save on technology spending, look no further. With over 30 years of experience serving the San Francisco Bay Area, our seasoned staff knows just how to get you the technology you need. If you wish to price it out, visit the Section 179 Calculator.

Not sure what you might need? Sourcing-out gaining desktops or mail-servers are always at the top of an SMBs list. If you need assistance in discovering and identifying technologies that could benefit your business, contact us today to speak with one of our many experts.