Select Page
5 Takeaways from the Microsoft Exchange Server Attack

5 Takeaways from the Microsoft Exchange Server Attack

A Microsoft Exchange Server Attack Caused Hours of Downtime for Businesses Around the Globe

Last week’s Microsoft Exchange Server attack underscores the liabilities of on-premise architectures compared to their cloud counterparts. On Friday, March 5th, 2021, a zero-day Microsoft Exchange vulnerability was found being exploited across the globe. It affected on-premise Exchange servers, all versions, and allowed the attacker to read emails, exfiltrate data and run the “code of attackers” choice. Unfortunately, a zero-day exploit is one that usually doesn’t have any patches against it. In short, if you had an Exchange Server out on the internet, then it COULD likely have been compromised.

A computer popup box screen warning of a system being hacked, compromised software enviroment. 3D illustration.

Our Break-Fix Client’s Last On-Premise Exchange Server Was Compromised

Microsoft (thankfully) moved quickly, and released a LOT of information, much of it confusing, with many incorrect links. It took our team some time to weed through the chaff and get the actionable tasks from it. The patches are out now, thankfully. It might take your IT folks 4 or 5 hours to install them, and yes, it’s Exchange/email downtime to get them there.

What’s the answer?  I’d say “defense in depth”:

Here are 5 steps you can take to mitigate the potential damage of the Microsoft Exchange Server attack:

  1. PatchingPatch publicly exposed servers quickly and completely.
  2. Zero Trust – Once your servers are built, and before they are exposed to the internet, lock them down! Malware protection can help, but Zero Trust is the ultimate malware protection!
  3. Cyber Insurance – Offload the risk to the insurance company.
  4. Migration – Move the service to a more agile company. Microsoft Office 365 was not vulnerable to this exploit.
  5. Backups –  Enough said.

These 5 steps can be takeaway lessons for even those unaffected by this security breach. Cloud computing costs are decreasing while increasing cybersecurity availability via affordability. Talk to our IT specialists to learn more about how cloud technology can protect your business.

 

Worried about getting hacked?

Download our free guide to mobile cybersecurity.

SQL Server: Turning Tips and Playing Tricks

SQL Server: Turning Tips and Playing Tricks

SQL Server Configuration, Tuning & Optimization

The perspectivism of an ERP system shifts based on one’s point of reference. To an end user, an ERP system might simply be a series of screens from which one enters and extracts data. But to an ERP administrator, the view from behind the curtain might be quite different.

For an Epicor admin, the Epicor ERP application’s curtain call generally includes a number of actors: the application server, the database server, and the end user client install among them. Each of these layers requires different tricks and techniques to keep them running smoothly.

Learn about SQL Server by watching an Epicor consulting video presentation:

SQL Server Training

Server-side wisdom is not attained simply by paying for the next round. Much of this kind of information is acquired by doing. There are guide books and training materials, of course, but these cover what we tend to call the “happy path” — and anything that veers off that path is uncharted. Also, there is a certain truism about software vendors keeping their cards close. I once had an instructor shut down one of my end-of-class questions simply: “I could tell you, but I’d have to bill you for it.”

Common Epicor Admin Tasks

In that light, we thought that it would be helpful to openly discuss some of the SQL Server tools and tricks of the trade, as to assist Epicor admins and members of the user community in solving common SQL server tasks. In the above video, recorded at a past EstesGroup User Summit, Daryl Sirota, EstesGroup’s Director of Technical Services, goes over some key SQL Server considerations that cover the range of challenges that a system administrator may encounter in managing the Epicor ecosystem, including the following:

Licensing

SQL Server licensing models vary, often by the number of users vs. the number of cores. An important consideration with licensing is scalability. The more you look to scale an environment, the more licenses you may require. Moreover, how you deploy SSRS vis-à-vis also adds potential licensing complications. We would recommend that you explore the options in constructing your SQL server environments to manage these licensing concerns.

Security

Database security begins with understanding who has admin access to a given database (be it a user with physical access, a database owner, or a local SQL admin or Windows administrator). Beyond basic access, a border concern has to do with understanding how data is leaving the database — whether through replication, application access, an external API or a basic user download. Understanding how your data may leave the server is a good starting point to understanding how to safeguard it through cybersecurity or endpoint security.

Backups

Backing up your data for future disaster recovery scenarios introduces a number of challenges. Firstly, it should be clear that backing up your data is not enough. You need to test your backups to make sure they are complete and can be restored properly. Moreover, RTO and RPO considerations extend beyond an individual DB. Backing up an individual database is one thing. Another equally important element is being able to back up and restore your entire SQL server. Disasters can happen to an individual DB or to your entire server, and different strategies will be required, depending on the kind of failure.

Performance

There are a number of simple steps that can be taken to optimize performance. First, confirm that you’ve formatted drives to a 64K cluster size, to optimize efficiencies. Another step might be as simple as separating the database and transactional log volumes, due to their different IO patterns. Additional decisions, such as how you choose to allocate data, or how to separate the SQL engine from SSRS, can also impact performance.

Redundancy & Availability

Redundancy is less about backup and disaster recovery than it is about constructing a server environment that is sufficiently resilient, such that the overall system can operate even when one of its components fails. This might involve virtual machine replication, in order to provide redundant database servers. In our ECHO managed hosting environment, for instance, our SQL servers are replicated such that if SQL server were to go down, a redundant VM steps in and takes its place.

A SQL Server Maintenance Plan

Beyond the above, a number of PowerShell and SQL scripts can be put to use to complete a number of common tasks, such as copying a production environment to a test instance, truncating transaction logs, updating the task agent settings or recreating SQL replication in support of e-commerce solutions.

On-Premise vs. Hosted vs. SaaS

On-Premise vs. Hosted vs. SaaS

Which is right for your business? On-Premise, Hosted or SaaS?

Technology changes at such a rapid pace that it can be hard to keep up. Today we are going to dive into the key differences of on-premise vs. hosted vs. SaaS (software as a service) and provide some great reference points that you can align best with your business.

On-Premise, Hosted, Cloud & SaaS Definitions

On-Premise Solutions

The best place is to start with a quick history lesson. Most businesses have some from of IT infrastructure that they leverage that allows them to operate efficiently and effectively. The traditional method that many businesses begin with is on-premise. In today’s world, on-prem deployment is considered a legacy approach. A legacy approach is not always wrong, as an on-premise solution does have its benefits.

Benefits of On-Premise Solutions

  • Increased security since control is controlled locally.
  • Performance can be important to users who have slower internet speeds and for when occasional software requires local installs for best performance.
  • On-premise software usually carries more features due to development cycles.

Weaknesses of On-Premise Solutions

  • Infrastructure: Average server life span is around 5 years and can be shorter depending on growth.
  • Cost: Considered a Cap-X expense and can be more expensive then SaaS counterparts.
  • Security: Endpoints, backups, patch management, etc. — all needs to be considered.
  • Future proofing: Many servers are more expensive upfront than required to account for future growth. If this is not applied correctly during initial purchase, it can lead to increases in long-term spending.
  • Remote access: Unless originally configured, users outside the office (remote workforces) will have a hard time accessing required resources.
  • Performance degradation: Over the course of time, hardware breaks down and will need to be replaced.

Hosted & SaaS Solutions

This is the future of where most businesses are heading. Hosted solutions generally come in two forms: hardware and software. A hosted server is very similar to on-premise as the main difference comes from the server physical location. This generally means that you get the same benefits as the on-premise solution but with far fewer of the weaknesses. SaaS generally refers to software without requiring the infrastructure to run the software but does not always have the same features.

Benefits of Hosting & SaaS

  • Time to deploy: SaaS-based solutions can be deployed almost immediately in most cases.
  • Expense: Upfront costs are low for SaaS.
  • Minimal Infrastructure: With SaaS solutions, hardware requirements are generally taken on by the company offering the SaaS solution. Hosted has the benefit of being able to right-size resources for the organization with the ability to scale on demand.
  • Flexibility: With both SaaS & hosted solutions, you can increase or decrease resources on the fly.
  • Security: Backups and updates are generally applied by the provider. This is not always the case and requires additional costs depending on the vendor.
  • Performance: Both solutions scale and are not affected by hardware degradation, as the underlying hardware is upgraded by either the data center or the SaaS vendor.

Weaknesses of Hosting & SaaS

  • Internet connection: Both solutions require decent bandwidth at location in order to function.
  • Transparency: Data storage with SaaS solution is beyond the control of the business owner. Hosted solutions will disclose where data is being stored.
  • Long-term costs: Upfront costs are generally lower and moved into an operating cost structure which can be higher, especially if on-prem hardware is owned.

Examples of Deployment Options

Scenario 1 – Startup / Small Engineering Consultancy

A small business with 5 people, you have 3 people working in one location, and 2 employees working remotely. You have minimal overhead, and you are expecting to grow quickly, so you need flexible and scalable systems.

What your key systems might look like:

Large Corporate Business Systems

In this example, a hosted, lightweight solution is totally appropriate. It allows you to focus on the business and not have to worry about managing an IT environment. New users can be added in minutes and can access information from anywhere with no specific hardware requirements other than an internet connection.

Scenario 2 – Established Mid-Size Engineering Consultancy

A mid-sized business with 50 people, you have 20 people working at one office location and users scattered throughout the states with no aspirations of any other offices at this stage. You have an established client base you work for and provide some specialist engineering design services which require some specific CAD software.

What your key systems might look like:

Key Small Business Systems

In this example, you probably have an existing investment in infrastructure and are probably already running a Windows network. You are probably also running an intranet and have appropriate network storage and data backup facilities. You have your own or regular IT support so you can manage your own environment. In this case, you may prefer the software to be installed on your network so you can control it. Hosting is less of a benefit for you, but you may still choose this option for convenience if your current environment is not appropriate for the software due to age or if it is already running at maximum capacity. Over the next few years, we will see a lot of businesses in this space start to run a hybrid model of on-premise and hosted software solutions.

Scenario 3 – Large International Corporate

As part of a global engineering consultancy, your systems are dictated by your owners. They are designed by an internal IT team to fit in with rules and processes as established by an internal governance team. They are very rigid and highly controlled, and most of your systems are on-premise where you have a team of internal IT technicians maintaining them.

What your key systems might look like:

Midsize Business Systems

In this example, the environment and the software are governed by internal policies. These are not agile systems, and they require a large investment in infrastructure. A massive amount of time and effort goes into establishing and maintaining these systems. Eventually, large corporates will start moving towards more agile hosted solution.

EstesGroup understands that not every business operates in the same manner. Some businesses require on-prem solutions while other businesses might be able to increase efficiency and reduce costs by moving to a hosted or SaaS-based solution.

If you are interested in finding out how you can make technology work better for your business, including which solution would fit best, we would love to help by setting up a 100% free business technology assessment. If you have any questions or are interested in find out how to make your business technology operate better, please email Chris Koplar at [email protected] or call 760-216-3452.

Cloud Business Solutions for the Virtual Office

Cloud Business Solutions for the Virtual Office

Virtual offices become the business solution of the now

The term “cloud” is a term as elusive as it is enormous, and a virtual office these days often appears to be anything you want it to be. The sky, after all, is a big place. And fitting lightning in a bottle is no easier than pinning a hard-and-fast definition on the digital computing donkey known as the cloud. When it comes to software deployments, cloud application deployment can mean different things to different people. Unfortunately, this amorphous ambiguity has tangible, deleterious effects on the user community. At its core, a cloud business solution implies real-time data access, and a virtual office is simply a cloud-based environment that enables secure and complete data interaction from anywhere in the world.

Remote Worker in a Private Cloud

SaaS vs. Managed Application Hosting

Let’s begin with the simple admittance that not all clouds are created equal. In cloud computing, you can make a vast sky-and-earth distinction between web and private hosting environments. Let’s lightly look at both.

 

Web-based solutions:

Purely web-based applications are hosted by a vendor, not the customer. The customer accesses these applications over the internet, often through a simple web browser. Technology consultants often call these deployments “software as a service” (SaaS). This is due to their subscription-based costing model.

 

Private cloud business solutions:

Private cloud deployments replicate on-premise versions of the software. Customers work with a surrogate hosting partner. The hosting of the application isn’t controlled by a software vendor.

 

These are the basic options for cloud deployment in a computing environment. This is important to know because if you choose the best cloud business solution for your company infrastructure, you can expect tremendous impact on your company’s capabilities. Thus, you can achieve your strategic objectives.

 

Does your hybrid cloud lining need a business solution tailor?

In software circles, “tailor-ability” refers to the customization capabilities of an application. Can you safely tailor your application to the needs of your organization? Compare this to core code modifications that were common and often detrimental to ERP implementations of earlier eras. An easy customization process ensures that your cloud solution can adapt to your business like a good ERP lets you easily upgrade.

 

In this new world, software vendors tout themselves based on toolsets. These computing tools allow customers to tailor an application. The IT department, or an IT consultant, can then address idiosyncratic needs. These solutions promise maintainability and upgradability. And all is well in the world.

 

However, as software vendors move enterprise platforms increasingly to web-based cloud architectures, the highly touted tailoring functionality can vanish faster than a morning mist in the desert. Moving from traditional office to virtual office is obviously the future of application management, but a web-based infrastructure can limit users.

 

Fortunately, a hybrid cloud environment assists companies with needs that revolve around complex business environments. Premiere data centers, secure virtual conference rooms, remote worker empowerment, and even futuristic capabilities like machine learning, all become accessible and customizable computing tools.

 

 

Will SaaS be enough?

As cloud deployments go, hybrid cloud computing can save companies time, money, and headaches. This is especially true if SaaS is not the most applicable cloud management application available. Software-as-a-Service, or SaaS, is a management tool that is ideal for companies with standard requirements. Cloud infrastructure for configure-to-order environments, for example, needs highly adaptive and robust capabilities. Virtual office services create a cloud-based business address for remote teams to securely meet.

 

An ideal solution often isn’t the first choice of companies moving to cloud services. Cloud applications are as diverse as the businesses that could benefit from a computing solution that transcends a physical office. What if the sales cycle ends with meeting rooms in the cloud that aren’t specifically helpful to the software buyer? You might regret ever giving out your phone number.

 

 

Are you on-premise and going cloud?

I once heard the CEO of a software vendor describe his own transition to the cloud this way: “On-premise vs. cloud has become a matter of customizability vs. configurability.” That is to say, if you are bound to the web-based or SaaS version of the application, and you’re in search of customizability or tailor-ability, you’re out of luck.

 

Unfortunately, this memo has been slow to reach the prospective user community. Sales engineers demonstrate the software in its on-premise form, on locally-deployed machines, with the full gamut of features and capabilities, only to have the customer ultimately sign the dotted line for the web-based cloud version of the application, a neutered version, bereft of many of the bells and whistles that were so brightly touted during the beauty contest that was the software selection phase. Tricky cloud.

 

What happens when tire meets the cloud terrain of virtual office?

Companies frequently move through a software selection cycle that ends with a cloud-based solution deployment:

  • Closing the sale and finally owning the software license
  • Implementing the purchased software
  • Training employees and customizing the solution based on business needs

In the third phase of cloud-based application deployment, disappoints surface. For example, clients often struggle to implement an enterprise resource system in a large, and complex business environment. One customer came to us amid such disappointment. Company management purchased an ERP application in the cloud in its Software-as-a-Service (SaaS) form. In this case, “cloud” meant an underpowered, web-based subscription service version of the application. Vapor-ware.

 

 

What are some alternatives to SaaS?

Alternatives available in private cloud hosting become necessary in complex environments common in the manufacturing and distribution industry. Frustrated with the limitations of the web-based version, our customer first came to us scrambling to understand just what they had been mandated to implement and whether there were any other options for implementing the software that did not so badly hamstring the organization. Had the management team received an impartial explanation of “the cloud” and its variants, they may have averted many of the frustrations of trying to implement an enterprise system in a complex business environment with a tool that was frankly too underpowered to be up for the task.

 

A business cloud solution can surface confusion.

If you’re looking at a web-based cloud version of a software, ensure that the vendor’s demonstrations use that specific version. Similarly, if you’re deliberating between the on-premise application and a version of the cloud, work for answers to the following questions:

  1. Web-based applications operate largely on the server, and operate in a shared environment. This normally limits the amount of server-side tailoring available. Given the thin or zero-client environment, what kinds of tailoring capabilities are available in such an environment?
  2. Reporting solutions frequently operate on the server, creating challenges when trying to develop custom reports. Does the web-based solution have answers to these challenges?
  3. User-defined data is often a key capability in complex manufacturing and distribution environments. How does the system in question handle these requirements when deployed in a web-based manner?
  4. What options are available when it comes to cloud-based versions of the application? How do they differ, in terms of features and capabilities?
  5. What are the core capabilities of the application, in terms of both configuration and customization? Are these capabilities present in all versions?
  6. Are there any specific modules of interest that might be affected by a cloud decision, such as field service or product configuration? Do these modules differ in their capabilities based on their cloud versions?

Addressing these concerns at the time of selection verses the time of reflection is key. Nobody wants to reflect on an overlooked version of a software, especially when making the decision to move to a business solution in the cloud.

 

 

In-House, Web-Based or Private Cloud Solutions

In-House, Web-Based or Private Cloud Solutions

If only purchasing software for business enablement could be as simple as tapping a button in an app — click once for on-premise installation, twice for web-based deployment, thrice for private cloud solutions. When considering software, users normally think about features and capabilities intuitively — making big decisions seem easy at first. This stems from the hope that core data and program logic is consistent across platforms.

Server virtualization, the World Wide Web and cloud computing have changed the dynamics of software development, acquisition, installation and deployment.

 

However, new technology often becomes a point of stagnancy, or even complacency, for businesses. This can sometimes result from hesitancy, but it’s often caused by oblivion.

private cloud solutions

 

How Will You Know What You Don’t Know?

 

Technology changes quickly, and the evolutions now, more often than not, push web-based and private cloud solutions away from the realm of preference and into the world of necessity. When I first entered the business field in the 90s, I never would have imagined that I could license a software application on a subscription service, much like I do a newspaper or magazine. My mind hadn’t even conceptualized the idea that a software application could be accessed entirely through the World Wide Web. Back in the day, we were just trying to make it through Y2K in one piece. But as the technology advanced, the options and opportunities presented themselves, and now more than two decades later, I increasingly work with companies engaging software in a cloud context.

 

 

IT Symbiosis

 

The industry shift to public and private cloud solutions has not only changed the very way in which applications are deployed, it has also leveled the playing field. Your company can now outsource some or all of your IT needs, allowing for growth within a predictable technology budget. A partnership with a managed services firm provides updates, compliance, security, training — all from a specialized team built specifically to adapt 24/7 to the volatile growth inherent to IT. Companies no longer need to house their own elaborate, expensive IT departments to keep up with the times. In light of recent cybercrime upswings, this is a critical time to focus on the survival of small and midsize businesses, which often face closure upon ransomware or other security breaches.

 

Since technology evolves on a daily basis, it’s always time for your team to consider new possibilities to protect the future of your business. If your architecture is outdated, or you’re overdue for a security audit, it might be time to get a full analysis of your IT infrastructure. Moving from on-premise servers to hosted, cloud-based environments can be one way to ensure business continuity. That said, “the cloud” might not be the right fit for your business, so let’s look more closely at business enablement through three common deliveries, which can be infinitely customized into hybrid forms.

 

 

The Basics

 

The deployment of an application normally takes on one of the following forms:

  • On-Premise: In an on-premise installation, the application is installed on an on-premise, in-house server. It can be like having a furnace closet or an underground mad scientist laboratory, depending on the size of the company and the specific technology burden.
  • Cloud-Hosted: Cloud-hosted applications are installed on a virtual server, which means they are hosted in the cloud. Hosted solutions often replicate an on-premise architecture. Ease of backups, cybersecurity, updates and compliance are common reasons businesses choose cloud-based solutions. This option allows organizations to leverage 100% of the application features that are available in an on-premise install.
  • Web-Based: A web-based deployment foregoes installation entirely — it’s based on subscribing to an application that is already installed, deployed, and interacting with the application through web-based protocols.

 

A common trope of cloud computing with regard to on-premise installations has to do with the limits in physical contact that it presents — you can’t go down the hall and hug your servers. I’ve never actually tried to hug a server, but I think it would feel rather strange to do so. This hug-ability factor speaks to the level of control that companies possess when they install an application on their in-house server stack. There might be problems with this approach, but at least the company owns the problems and their resolutions. Moreover, when it comes to hugging, data is a much more recognizable object of affection. I can think of countless times that I have tried to “get my arms around the data” when working on a project. Access to the data layer is often an important feature, especially when performing custom reporting, and in some cases, the abstraction of the data layer present in web-based applications may make it hard to understand just what is happening to the data itself, making reporting a challenge.

 

Purely web-based versions of an application provide the core capabilities, but the features and functionalities available in a web-based version tend to be limited when compared to their on-premise counterparts. Consider Microsoft’s Office 365 suite. While highly similar to a client install, there are some limitations to the things we can accomplish in the web version of Excel, for instance, when compared to its client-based counterpart. Working with ERP systems, I’ve found this trend to be consistent — if you’re leveraging a web-version of an application, expect to be privy to a subset of the overall functionality available with an on-premise version. And if you’re utilizing a version that is entirely web-based, tailor your expectations accordingly.

 

Speaking of tailoring, the ability to alter an application to fit your company’s needs also tends to be greatly reduced in web-based applications when compared to on-premise counterparts. By tailoring, I am referring to the ability to insert user-defined data or business logic into your application and have this custom functionality work in conjunction with the application’s standard behavior. In some ways this limitation is a good thing, as I’ve certainly seen companies entangle themselves in their own tailored threads. Conversely, a little tailoring can yield big gains in efficiency and effectiveness. As it is, a company purchasing web-based software out-of-the-box should understand what is in the box and only in the box, and that the box can’t be easily repurposed.

 

Depending on the application in question and the needs of the business, I‘ve found private cloud solutions to be a nice midpoint between the two poles of on-premise and web-based architectures. Cloud hosting specifically allows companies to possess fully-featured applications in the cloud, avoiding the problems associated with on-premise installations. This affords a measure of control unavailable with pure web-based applications. Moreover, it creates the levels of functionality and customizability that allow companies to do more than the basics. And should the company need assistance in the management of their application stack, we can cleanly pull in additional resources to lend a hand. Hosted applications also offer a variety of administration options — from in-house talent to partnered resources — and can adapt efficiently to new technology.

 

IT Strategies for Remote Teams (Video)

IT Strategies for Remote Teams (Video)

Brad Feakes Director Professional Services
Brad Feakes

SVP Epicor Services, Professional Services

Daryl Sirota – Director, Technical Services
Daryl Sirota

Technical Services Director

 

Brad and Daryl talk about IT strategies for remote teams

 

Brad and Daryl sit down this week for a Q&A style chat to unravel a few of the complex IT issues in today’s work from home (WFH) environment.  At a high level, Daryl emphasizes how we should not make the mistake of trying to plug pieces of cloud software together expecting them to work properly.  That is almost impossible to do effectively without the appropriate policy to guide the technology.  You will need to understand how you will provide guidance to your end users faced with a variety of remote work environments (working for a cafe, home office, etc) and the new tools you will use to manage staff.

 

They move on to talking about some of the end-user WFH problems from asking the question “what does work from home mean?”  to discussing what technology can be used to help get users up and running while also creating business efficiencies.

 

Throughout the discussion, Daryl covers a variety of other topics such as data security, public vs. home wifi, two-factor authentication, remote access vs. remote control utilities, data access, machine vulnerabilities and many other topics.

 

Brad and Daryl do an excellent job of taking some big, complex issues around WFH and explain the issues that every business owner needs to be aware of as they navigate moving their staff into the cloud and potentially hiring a company like EstesGroup to help them with their remote IT management.

 

Of course, you can always reach out to our managed IT services team.  We’ll help you throughout the entire process of moving your company into the cloud and help you avoid the costly mistakes that can put your entire business at risk.

 

Are you having issues with or have questions about your current IT management? Contact us today.