telanova Blog

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

When things don’t go to plan...

A customer called us who’d just had their office remodelled and realised there had been a miscommunication with their electrician. The customer had asked their electrician to install some network cables along with the rest of the electrical work. His quote specified he was installing the network cables in the wall, but didn’t include the actual network sockets. Unfortunately the customer didn’t spot the omission.

The customer needed to move into the remodelled office within a couple of days. No cabling company would commit to coming out for such a small job quickly. Cabling isn’t our business, but for our customers we go the extra mile. We dusted off our cabling tools and got the job done.

You won’t get this flexibility (and resourcefulness) from other IT support companies

Zero-day exploits and what you can do about them

There’s always a gap between the discovery of a software flaw and a patch being released to fix it. A “Zero-day exploit” is when the bad guys exploit the flaw before the patch is available, usually before the hardware or software maker even knows the flaw exists. Antivirus, firewalls, web filtering etc, don’t protect you from them. A recent example was the Exchange Zero-day exploit in March 2021. Thousands of organisations were scrambling around when they discovered their Exchange servers were breached.

With organised crime and nation-state backed hackers on the attack organizations need to switch to a mindset that they will eventually be breached in some way. Organizations need to take steps to limit the damage from a breach. It's a bit like sprinklers, fire extinguishers and fire doors in a building. None of them prevent a fire in the first place but limit the damage.

Every organization is different, requiring slightly different strategies, but some that will apply to all are:

  1. Software to detect and disable intrusions hopping laterally from one device or system to others (Lateral Movement Detection)
  2. Remove admin rights on devices
  3. Remove admin rights on cloud/web services
  4. Limit access within line of business applications
  5. Structure files/folders and limit access

Engage telanova as your IT team and we will advise you on appropriate security strategies for your organization and implement them.

Get more from Microsoft 365

Microsoft 365 (Office 365’s new name), is a swiss army knife, but we find that even if an organisation is using it, they only make use of one or two of its “tools”. This blog will give you a overview of the best features, the “tools” that enable them, and how they are useful.

Automation

Tool: Power Automate (previously known as Flow) Essentially you can use Power Automate to automate manual repetitive tasks. What you can achieve with it is a huge topic in itself, but here is just a small taster of what you could automate:
  • New starters
    • 4 weeks prior to start date - Send email to IT to create the account
    • On start date - Send email to new starter welcoming them
    • 1 week after start date - Send follow up email to new starter
  • Monitor Twitter for certain keywords and send an email or Teams message when one is detected
  • Notify a Team when a task is created, completed or updated
  • Approval workflows
    • Staff member places a document in a folder for approval
    • Approvers are automatically notified
    • They can either approve or reject
    • Document is moved to either an approved or rejected folder
  • Repetitive desktop application - Automate with “Power Automate Desktop”
    • Launch application
    • Enter information from another data source
    • Click buttons
    • Extract data to another data source
    • Close application
    • Repeat
    • etc

    Cloud Email, Contacts and Calendar

    Tool: Exchange Online If you’re already using Microsoft 365 chances are you are already using Exchange online. If not, this is the bit that handles your email, contacts and calendar. Some useful features are:
    • Share your inbox, calendar or contacts with colleagues
    • Sync email, contacts and calendar with your phone
    • Shared calendars e.g. for Meeting room bookings
    • Central contacts
    • Out of office
    • All available from within Outlook, mobile, or web browser

    Cloud file storage / file sharing

    Tools: OneDrive, SharePoint, Teams

    OneDrive and SharePoint might seem similar at first glance, but OneDrive is primarily for private file storage. Files in OneDrive are by default only accessible to you, but you can still share files/folders with other people. The best feature of OneDrive is the option to sync your Desktop, Documents and Pictures folders to it. Which keeps your documents safe and makes them accessible from anywhere.

    SharePoint is primarily for files that need to be shared within groups of multiple people. For example, you might have a SharePoint library for the Sales team, files you place in there would be accessible to everyone in the Sales team.

    Documents, spreadsheets and presentations placed in either OneDrive or SharePoint all support co-authoring, which is where multiple people can simultaneously work on the same file and you see their changes as they make them (similar to Google Docs if you’ve seen that in action).

    Teams is a useful frontend to access files within OneDrive or Sharepoint and can facilitate collaboration.

    Communication

    Tool: Teams

    Some useful communication features of Teams:

    • Create Teams and Channels based around how your organization operates
    • Post messages to Channels for discussion
    • Ad-hoc chat, call or video call with your colleagues and external contacts
    • Schedule and host online meetings
    • VOIP telephony

    Centralized management

    Tools: Azure Active Directory, Intune

    If you have no on-site servers then making use of Microsoft 365’s centralized management features are a no-brainer. All Microsoft 365 plans include the basic Azure Active Directory which you can “Join” devices to. Working on “Joined” devices gives you the following advantages:

    • Centralised logins - No need to create logins on each computer for each person, or share device passwords, just login with your own email address
    • Single Sign On - No prompts for passwords when accessing Microsoft 365 sites
    • Self service password reset
    • Backup Bitlocker keys (for disk encryption)

    Some plans include Intune already but it is available as an add-on to any plan. Intune enables you to:

    • Automatically push out apps to your devices - such as Office, Chrome, etc
    • Enforce security policies - such as password strength or screen locking
    • Control automatic updates
    • Automate device deployment
    • And more

    Intranet / knowledgebase

    Tool: SharePoint / Teams

    SharePoint isn't just for document storage, you can build an intranet (an intranet is a web site that is only accessible within your organization) to help your colleagues find the information they need quickly, keep them up to date on news, etc.

    Teams also has some limited functionality through the “wiki” app. You can create a simple knowledge base accessible within the Teams application. One important thing to note - anyone with access to the wiki will be able to edit it, either an upside or downside depending on your requirements.

    We have improved many of our customers return on investment by making better use of Microsoft 365. Whether that’s utilizing more of its features, or just tweaking it from the defaults to better fit their business. If you would like to discuss how we can help your organisation get more out of Microsoft 365 give us a call!

I can’t believe it’s not a real invoice!

A true story: An employee of a customer of ours recently received a very legitimate looking invoice from one of their suppliers, and at first glance even the email address looked correct. However the bank details were different, the bank was located in Mexico, and on checking the email address closely the domain - the bit after the @ sign - was different.

The customer was concerned that they had been hacked, but we investigated the email chain by checking server logs, security reports and the headers in the email which are normally hidden from view, and were able to confirm to the customer that it was the supplier who had been compromised, and that had enabled the scammer to set up a domain very similar to the real one and use the names of the employees in the emails with the fake bank details.

We analysed the suppliers email system and discovered it lacked even the most basic security mechanisms to prevent spoofing.

Clearly the attackers had access to the supplier’s customer database, as well as a genuine invoice. Although they were using a fake domain that was only one character different from the real one, the invoice and the fake email Footer had the correct details

Fortunately the employee had been astute enough to spot the different bank details, so they didn’t proceed with payment, and then asked telanova to investigate. This is why we recommend to all our customers that they make sure their staff are trained up on cybersecurity, and are constantly vigilant.

Scammers will often try and target times of the day or the week when people may be under pressure to get things done, hoping that they will be less vigilant, so Friday afternoon, month end or year end are sometimes chosen to launch these attacks. The emails may get marked as Urgent! or Final Demand! To try and increase the pressure on the recipient to act without proper scrutiny.

What else can you do to protect your organization?

Microsoft’s Advanced Threat Protection service (ATP) has a feature where you can put your supplier’s email addresses in and it will monitor for attackers trying to impersonate them.

Contact us to put these protections in place for you.

Software As A Service (SaaS)

Software as a service (SaaS) has been around for a while but what is it and what are the advantages to using it?

SaaS is software that is hosted remotely by the vendor and you access it over the internet. Instead of purchasing it outright, you pay a subscription fee to use it.

Pros:

  • Reliability. SaaS is more reliable, as long as you choose your provider with care, and check the service level agreements. It is not unknown for even the largest providers with the best-known brands to have outages and their terms and conditions may preclude any compensation for downtime.
  • Lower total cost of ownership. No capital expenditure for on-premises infrastructure or licencing, which can be just the tip of the iceberg. Maintaining on-premise infrastructure is where the true costs add up.
  • Scalability. It is easy to add subscriptions as the business expands.
  • Flexibility. Use the service from any device with a web browser
  • Saves you time. As there is nothing to install, once you have purchased the subscriptions and been sent the login details you can start using it immediately, you don’t have to wait on your IT Team to come around and install the software. If your PC breaks down you can just grab a spare one and log back into the software and carry on working with minimal downtime.
  • Compatibility? No worries. Because it is hosted remotely, you don’t have to worry about making sure everyone on your team is upgraded to the latest version.

Cons:

  • Lack of control over updates. Updates and feature changes get deployed regardless of whether you want or need them. Users can be disorientated by the sudden appearance or change of location of features within the product.
  • Scalability is usually one way, it can be hard to scale down if you no longer need licenses because you may have had to commit to a minimum contract term.
  • Reliant on your internet connection. If you have a flaky connection then you should not consider SaaS.
  • Danger of service termination if the provider goes out of business
  • You have less control over your data. To be compliant with GDPR you must choose a supplier who is also compliant with GDPR legislation

Choosing the right solution for your business can be confusing. There are some offerings that look like SaaS but aren’t. These are offerings where you remote desktop to a server running conventional software. A good question to ask a vendor is - does this run in any web browser or do you have to use remote desktop? If it doesn’t run in a web browser then it isn't really SaaS.

Talk to the experienced team at telanova, and we can help you to the right solution for your business

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand