With Thanksgiving behind us and New Years ahead of us, it is only natural to look back on the year. While our inner nerds could geek out for hours about the modern technologies introduced in 2022, there is one thing that Clare Computer Solutions is even more enthusiastic about: helping clients like you succeed. Let us look at some of the ways we’re able to help customers improve their businesses this year.
Remediating Cyberattacks #1
One day CCS was contacted by a company that wasn’t a client…yet. They had a big problem though and needed immediate help. Criminals had hijacked their domain name and DNS registration. Not only had this company lost control of its web presence, but also its email. This company needed to figure out how the criminals had taken control of the domain, closed the security hole and restored ownership of its domain name and DNS control before business suffered.
CCS accepted the challenge. We determined that the attackers had gained access to the company email due to a misconfiguration of Office365. Once inside the email system, the attackers were able to search until they found the passwords to the domain registration website. They logged in and transferred the domain ownership to themselves at a different domain registrar and then updated the DNS records to misdirect all emails.
Our security experts poured over the customer’s Office365 configuration until they found the improper setting that allowed the criminals to gain access to the email system. We remediated the misconfiguration to prevent further misuse while also reviewing other security settings to make sure Office365 was properly configured.
We then worked with the FBI, the Internet Corporation for Assigned Names and Numbers (ICAAN) that oversees the domain name system, as well as the two internet registration companies (the one that managed the legitimate registration and the other that received the hijacked registration) to begin the process to restore the domain name to its rightful owner (and hopefully prosecute the attackers).
This customer was so pleased with our response that it decided to not only sign up for our managed services for its local office but to also have us manage an office on the East Coast along with remote users in India. We are now able to proactively protect the business and jointly create strategic plans to protect and grow the business.
Remediating Cyberattacks #2
A second incident involved a client that had used us for years reactively under our legacy break-fix model. This customer felt that their organization was too small to be a target, so they did not need to invest in managed security services. Unfortunately, no company is too small for cybercriminals.
The attackers were able to breach Office365 security and launch a ransomware attack on some of the servers. Fortunately, due to our working relationship over the years, this customer had adopted some of our recommended tools, including a backup appliance. Once we identified which servers had been affected, we were able to pull the backups and restore the servers to their ransomware-free state. We also reviewed their Office365 settings, found the misconfiguration, and closed those security holes. In about a day and a half later, CCS was able to have this customer back up and running with improved security.
After this event, the customer realized that they didn’t have to be a high-profile company to attract the attention of cybercriminals and asked us to begin onboarding them to our managed services program that includes industry-standard security features like multi-factor authentication, endpoint detection and response, web and email filtering, and device encryption. They are much better protected against future attacks.
Adapting to changes in work
While security attacks are sensational, our security work is playing defense. But we also love to play offense and help customers grow and improve.
We had one customer that had shifted many employees to remote work during the pandemic and now had an underutilized office building. The challenge was this building contained the server room with all their infrastructure. They did not have the time or money to convert to cloud infrastructure and did not want to abandon the infrastructure that worked well and was already paid for.
CCS devised a plan in which we moved all their existing equipment from their building to a co-location facility. Over the course of a weekend, the equipment was moved, reconnected, reconfigured, and returned to operation in time for work on Monday morning. At this point the customer was able to get rid of the building and save thousands of dollars each month in real estate costs…money which they could then re-invest in the business.
Enabling Rapid Growth
One day we received a call from an existing client with a great problem: one of their largest customers, a large online retailer, was seeing massive growth and needed this client to grow to support them. Though this client was based in the Bay Area, the retailer wanted this client to expand to several areas across the US to support the retailer’s growth. The client had looked at larger nationwide managed service providers but determined they still liked CCS better. Could CCS help them expand nationally despite being a regional MSP?
We jumped at the challenge. We knew that it was important to have one coherent plan across all the sites so that everything would work seamlessly, but the client needed local experts to manage installation and day-to-day issues. Collaborating with the client, we settled on a model where CCS would coordinate with local MSPs at all the new locations. The strategy was developed between headquarters and CCS, and then implementation was overseen locally. The client loved this solution as it gave them the familiarity and attention of a local MSP while also allowing them to maintain consistency as they grow across the country.
Key Takeaways from 2022
What can be learned from our experiences in 2022?
- No company is too small to be a target. “Security by obscurity” is not effective. If you have a business license, you are a target. Protect yourself accordingly.
- Office365 is a significant improvement over on-premises Exchange servers…but if it isn’t properly configured attackers can compromise it. Make sure you have security experts regularly review your Office365 configuration to keep your business safe.
- Adapting to remote work can save money. Use technology to shrink your real estate footprint while increasing employee productivity. It can improve both the bottom line and the top line.
- Technology can enable rapid growth. Make sure you have access to experts who not only are familiar with the latest technologies but can also advise you on which are best for your situation.
With January 1 just around the corner, now is the time to reflect on 2022 and prepare for 2023. Whether your New Year’s resolution is to better protect your business against attacks or position your business for growth, Clare Computer Solutions will be here to help you succeed. Here is to a great 2023!
