telanova Blog

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Finding files created by colleagues now furloughed

Our helpdesk received an urgent request from a customer - find a really important spreadsheet. It was created by a colleague who is now on furlough and can’t be contacted. Without it they couldn’t bill their clients! The only thing they could tell us about it was that it probably had “Shoe” in the name...

This client has 30 terabytes of data spread across 5 file servers in 4 locations. They also have a well partitioned folder structure with locked down permissions.

The built in Windows Search is useless for this task as it will only display results for folders you have access to.

We know a clever trick for searching for files: use a utility that reads the Master File Table (MFT) directly, such as WizFile. We found it in less than 30 minutes. It didn't even have “Shoe” in the name in the end.

Your organization deserves a highly skilled competent support team like telanova.

It is time to fill the gaps in your work from home security

At the start of lockdown a customer instructed us to set up an office PC for colleagues to access remotely from home… but in an insecure way. We explained the risks from hackers etc, but they wanted to wing it. Sure enough three weeks later, our monitoring detected hackers trying to hack into the PC, trying thousands of username and passwords.

To mitigate the threat we proposed setting up a private VPN to add an extra layer of security (no, not one of those you use to watch US Netflix, football). We setup their home computers, and showed them how to connect, eliminating the risk.

Lots of organisation cut corners, quite understandably when Covid started. Now is a good time to review home worker security:

  • Secure their logons
    Implement Multi Factor Authentication (MFA or 2FA). A strong password on it’s own isn’t enough. Multi factor involves an extra security step, such as an SMS or app on a phone, or biometric method such as fingerprint or facial recognition.
  • Encrypt their connection
    When users connect to your office, deploy an encrypted VPN connection. This ensures the connection between their computer and your servers is secure and the data transferred cannot be intercepted. When using cloud services make sure they use secure HTTPS connections.
  • Manage their devices
    Deploy Mobile Device Management (MDM). An MDM system will allow you to monitor, manage and secure laptops, smartphones and similar devices. If a device is lost or stolen it can be locked or wiped remotely.
  • Protect their devices
    Have a firewall that is enabled and configured correctly on the device, and use Antimalware Software that is updated and monitored.
  • Secure your business data
    Encrypt hard drives and USB drives with a technology such as Bitlocker, arrange for data to be securely backed up, and have your staff aware that they should only save data in secure locations for compliance with relevant legislation such as GDPR and PCI.

Would you like us to review and secure your home working setup? Contact us now

Are Macs vulnerable to malware?

It’s an urban myth that Macs don’t need antivirus and are immune to malware.

It’s simply not true! Here are some examples: ThiefQuest, Crossrider, OSX\MaMi, X- agent, Fruitfly, Gotofail error, safari-get, KeRanger, Mackeeper, FLashback,

It used to be the case that due to Mac’s low market share the bad guys didn’t make Mac malware. But with Mac’s increasing popularity, the bad guys are in full attack.

Mac specific malware is on the loose stealing credit card and bank details. And also encrypting and holding Mac owners to ransom. It is infecting Mac’s by hiding in software that is designed to look like a “google software update”.

Contact us if you have Mac users in your organisation and want to protect them.

If your servers were overheating would you know in time?

Remember the recent heatwave?

It’s a big problem for customers with on-site servers: the servers need cool air to disperse the heat they are generating. That’s why we continuously monitor server temperatures for customers.

Almost every electronic device generates heat. Servers generate a lot of heat and the harder they have to work the hotter they get. They have fans to expel the heat and draw in cooler air. But there are limits, if the servers are sucking in air that’s too hot, then the server will shutdown (possibly causing data loss).

A typical temp limit for the air going into the server is 42C. However, prolonged operation at high temperatures reduces the life of components, they will break more often, the system will be less reliable. This increases the risk of data loss and system downtime.

Obviously air conditioning is a great option and keeps the ambient temperature low and the systems running smoothly. In addition to this creating space around the servers for air to flow really helps. If a server or cabinet is pushed up against a wall or cluttered with boxes it can really reduce the effectiveness of the cooling. Dust is also the enemy of cooling as it has an insulating effect and reduces airflow.

With targeted monitoring we get an early warning and take action.

In one dramatic case the aircon broke down for a customer with six high power servers in a small server room. Normally their ambient temperature would be 15 degrees even in a heatwave. But now the servers were approaching “meltdown”. The customer had no idea their servers were heating up... except us. We called the customer and advised we would shut down the servers to prevent permanent damage.

Worried that your server is too hot (or want to be alerted when it is)?

Stop sharing passwords

A manager called us, needing his assistant to send some emails for him. He was planning on sharing his password.

A major security no-no! If you share your password:

  • The person you have shared it with may have access to things they should not - like personal emails or private appraisals
  • There is no accountability - if they access/edit/delete an email, there may be no way to show if you did it or if the other person.
  • The more people that know a password the more chances are for it to be compromised - making it less secure.

The truth is if sharing your password is the only way to share access - it is a sign of poor IT.

The good news is they were on Office 365, a proper email system, which allows you to grant a colleague access to your emails and the ability to send them as you. We helped him grant access to his assistant, no password sharing required.

There are a few cases where sharing passwords might be unavoidable - like log-ins to third party websites or devices that only allow one account. In these cases we suggest a secure password manager like LastPass. Password managers allow you to securely store and share passwords and keep them updated without having to actually give someone the password. It has other advantages: the passwords can be more complex (as you don’t have to remember them); security checks are carried out for weak or potentially compromised passwords.

If you are sharing or struggling to manage your passwords then contact us.

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand