telanova Blog

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Finding files created by colleagues now furloughed

Our helpdesk received an urgent request from a customer - find a really important spreadsheet. It was created by a colleague who is now on furlough and can’t be contacted. Without it they couldn’t bill their clients! The only thing they could tell us about it was that it probably had “Shoe” in the name...

This client has 30 terabytes of data spread across 5 file servers in 4 locations. They also have a well partitioned folder structure with locked down permissions.

The built in Windows Search is useless for this task as it will only display results for folders you have access to.

We know a clever trick for searching for files: use a utility that reads the Master File Table (MFT) directly, such as WizFile. We found it in less than 30 minutes. It didn't even have “Shoe” in the name in the end.

Your organization deserves a highly skilled competent support team like telanova.

It is time to fill the gaps in your work from home security

At the start of lockdown a customer instructed us to set up an office PC for colleagues to access remotely from home… but in an insecure way. We explained the risks from hackers etc, but they wanted to wing it. Sure enough three weeks later, our monitoring detected hackers trying to hack into the PC, trying thousands of username and passwords.

To mitigate the threat we proposed setting up a private VPN to add an extra layer of security (no, not one of those you use to watch US Netflix, football). We setup their home computers, and showed them how to connect, eliminating the risk.

Lots of organisation cut corners, quite understandably when Covid started. Now is a good time to review home worker security:

  • Secure their logons
    Implement Multi Factor Authentication (MFA or 2FA). A strong password on it’s own isn’t enough. Multi factor involves an extra security step, such as an SMS or app on a phone, or biometric method such as fingerprint or facial recognition.
  • Encrypt their connection
    When users connect to your office, deploy an encrypted VPN connection. This ensures the connection between their computer and your servers is secure and the data transferred cannot be intercepted. When using cloud services make sure they use secure HTTPS connections.
  • Manage their devices
    Deploy Mobile Device Management (MDM). An MDM system will allow you to monitor, manage and secure laptops, smartphones and similar devices. If a device is lost or stolen it can be locked or wiped remotely.
  • Protect their devices
    Have a firewall that is enabled and configured correctly on the device, and use Antimalware Software that is updated and monitored.
  • Secure your business data
    Encrypt hard drives and USB drives with a technology such as Bitlocker, arrange for data to be securely backed up, and have your staff aware that they should only save data in secure locations for compliance with relevant legislation such as GDPR and PCI.

Would you like us to review and secure your home working setup? Contact us now

Are Macs vulnerable to malware?

It’s an urban myth that Macs don’t need antivirus and are immune to malware.

It’s simply not true! Here are some examples: ThiefQuest, Crossrider, OSX\MaMi, X- agent, Fruitfly, Gotofail error, safari-get, KeRanger, Mackeeper, FLashback,

It used to be the case that due to Mac’s low market share the bad guys didn’t make Mac malware. But with Mac’s increasing popularity, the bad guys are in full attack.

Mac specific malware is on the loose stealing credit card and bank details. And also encrypting and holding Mac owners to ransom. It is infecting Mac’s by hiding in software that is designed to look like a “google software update”.

Contact us if you have Mac users in your organisation and want to protect them.

If your servers were overheating would you know in time?

Remember the recent heatwave?

It’s a big problem for customers with on-site servers: the servers need cool air to disperse the heat they are generating. That’s why we continuously monitor server temperatures for customers.

Almost every electronic device generates heat. Servers generate a lot of heat and the harder they have to work the hotter they get. They have fans to expel the heat and draw in cooler air. But there are limits, if the servers are sucking in air that’s too hot, then the server will shutdown (possibly causing data loss).

A typical temp limit for the air going into the server is 42C. However, prolonged operation at high temperatures reduces the life of components, they will break more often, the system will be less reliable. This increases the risk of data loss and system downtime.

Obviously air conditioning is a great option and keeps the ambient temperature low and the systems running smoothly. In addition to this creating space around the servers for air to flow really helps. If a server or cabinet is pushed up against a wall or cluttered with boxes it can really reduce the effectiveness of the cooling. Dust is also the enemy of cooling as it has an insulating effect and reduces airflow.

With targeted monitoring we get an early warning and take action.

In one dramatic case the aircon broke down for a customer with six high power servers in a small server room. Normally their ambient temperature would be 15 degrees even in a heatwave. But now the servers were approaching “meltdown”. The customer had no idea their servers were heating up... except us. We called the customer and advised we would shut down the servers to prevent permanent damage.

Worried that your server is too hot (or want to be alerted when it is)?

How is next-generation AV different?

There is a lot of buzz in the IT world about Next-Generation Antivirus (NGAV), but what’s the difference compared to traditional antivirus?

Traditional antivirus relies on signatures. A signature is like a fingerprint, a way to uniquely identify each malware item. The antivirus vendors attempt to obtain every single malware in existence to take their fingerprints. When your antivirus updates it is receiving the latest set of fingerprints. If you encounter a new strain of malware before your antivirus vendor does, your antivirus won’t detect it. Unfortunately the malware writers can just make a trivial change to their code and the fingerprint changes too.

NGAV analyses the behaviour of each program running on your device. If a program is opening multiple files, encrypting them, then deleting the original then that’s behaving like ransomware. It will stop the program and move it to the quarantine. It does not rely on the vendor having seen that exact malware before.

Other NGAV features vary between vendors, but some useful ones are:

  • Attack forensics - View the chain of events of a particular attack, which files were touched, etc
  • Sandboxing - Run a suspicious application in a safe sandbox before allowing it to run in your environment
  • Risk analytics - Get notified of risks within your organization such as misconfigurations, vulnerabilities etc
  • Device roll back - Roll a device back to the state it was in before the attack
  • Ransomware warranty - The vendor will pay compensation if due to ransomware the device roll back feature was not able to restore the device to the state it was in before the attack
  • Self Isolation - When a threat is detected, isolate the device from the network until the threat has been resolved

Contact us to improve your organisation’s security

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand