Select Page
How You Can Strengthen Your Network and Security with Passwords

How You Can Strengthen Your Network and Security with Passwords

We’ve all done it, at least once. Some of us maybe more than a couple of times, and I know there’s few that are repeat offenders. You know what I’m talking about – the bane of the security admin’s existence – default passwords.

Those are the usernames and passwords that come with every device. Even in this day and age, most systems don’t REQUIRE you to change the credentials that get you system admin rights. The bad guys know that and use it to their advantage.

When most of our business and personal systems are protected with just a name and a basic password (and maybe a trusted network range?), that’s pretty easy pickings for someone with a brute force tool or a sniffer to find out your secrets. And once the bad guys have your credentials, then what? Well after that is when the real dangers begin.

When’s the last time you changed your voicemail PIN from 0000? Perhaps your home router is still admin/password even though the FBI issued a warning for everyone to change it? And how many ERP users keep system admin “manager” around with the default password of… you guessed it. And those accounts open the door wide to anyone wanting to get in; good and bad.

If you have systems exposed to the bad guys (and we all do!) then this post is for you. STOP IT! Even if you told me “Well, none of those systems are internet exposed”, I’d ask “where are the bad actors in your network?”. If you said “outside the firewall”, I’d respond with something like “I dare you to create a share/folder called “payroll” and see how long some curious netizen (aka employee) fell into that folder looking for something juicy.

Imagine splaying your entire infrastructure wide open to someone who just happened to know that Netgear uses admin/password for all their routers? Or that your company name is NOT a good password?

So what’s a concerned system admin gonna do? It’s easy in theory and hard in practice. Here are some digital security tips that will create a stronger password security strategy:

1. Change the default username and change the default password.

2. Start using stronger passwords, not [email protected] We recommend pass phrases, or a sentence that you can remember but the bag guys will have a hard time guessing.

3. Enable account lockout so that if “x” bad passwords are guessed in a row, the account is locked FOREVER (not reset after 10 minutes, thank you Microsoft). Helpdesk notification of such a lockout will put you in the know.

4. Remove admin credentials from being used on untrusted networks. Yes, your users are untrusted! Create a management VLAN, or a specific set of IP’s that can RDP, or shutdown the access from outside devices altogether.

5. Enable multi-factor authentication. This can easily be enabled in Office 365 and Active Directory, and if your devices leverage that directory then they automatically get that 2FA protection as well.

6. Hack yourself! Run a network scanner, or hire an outsourced IT firm to investigate for you, find the unsecured devices and fix them before the bad guys do.

7. Let us help you! We can run an ethical scan IT Assessment Detective scan of your systems, attempt to break into your systems, and give you a full reporting of your IT weaknesses. As “they say” knowledge is power.

So, don’t let your next phone call to the EstesGroup be “help me, I got hacked!” And let our managed IT services company help you run your business better with a strong password security strategy – before the bad guys teach you a lesson.

Interested in Outsourcing your IT? Or have a question on data security? Ask us, we would love to chat.

An Independent Look at the Epicor 10.2 User Experience

 

Epicor ERP is a powerful platform, with thousands of manufacturers using it to run their businesses. With power, often comes complexity, and that’s been the case with earlier versions of the system. There is no perfect ERP system, and the ever-changing balance between functionality and usability is a constant series of trade-offs. Epicor ERP Version 9 often required multiple servers, performance tuning was critical, it had a Progress data base layer, even when running on SQL, and the user experience was challenging. 

Epicor invested $25M in Epicor ERP Version 10, developing a completely new platform. The system was written and optimized for Microsoft .NET Framework and the Microsoft Data Platform; including Microsoft SQL Server. Users will experience a big increase in performance (over Epicor 9) and find the system easier to manage.

According to Epicor, here are the Top 5 user ERP system experience enhancements for Epicor ERP 10.

  •  Responsiveness – Performance has doubled and scalability has quadrupled across virtually all aspects of the system. ERP 10 is much more hardware efficient, which dramatically lowers hardware costs.
  • Simplicity – ERP 10 services are hosted purely using Microsoft Windows® components, including Internet Information Services (IIS) and Microsoft .NET. An all new management architecture makes deployment and migration much easier.
  • Mobility – Touch-enabled devices are now supported for a new navigation system and a re-architected Epicor Web Access (EWA) browser client.
  • Collaboration – Epicor Social Enterprise is included with ERP 10 and is a new way for ERP users to interact with each other and with ERP data.
  • Choice – ERP 10 can be deployed on premise, hosted, or access via subscription. It is also much easier to create a high-performing virtualized infrastructure.

 The current version, Epicor 10.2, introduces some really exciting capabilities, including Active Home Page and Epicor Data Discovery (EDD). Here are some highlights:

  • Developed using the latest web standard, which makes the system mobile-friendly and responsive.
  • Manufacturing role-based KPIs, examples: Percentage of Jobs without Scrap or Non Conformance, Manufacturing Hours and Indirect Hours.
  • Finance and Supply Chain role-based KPIs, including: Price Variance, Open PO Count and Amount, and Negative Inventory Items/Out of Stock.
  • Customization capabilities to modify out-of-the-box KPIs or create entirely new ones based on existing or newly created BAQs.

The best way to get an in-depth look at the new Epicor 10.2 functionality is to experience it firsthand!

Join EstesGroup and Liberty Technology Advisors on Tuesday, April 10, 2:00 ET. Senior Epicor Consultants Stephen Schaefer and Bruce Shriver, and the President of Liberty Technology Advisors, Joel Schneider, will be doing a live Epicor ERP software demo and expert-panel discussion showcasing the Epicor 10.2 Home Page, Epicor Data Discovery, and the new Mobile CRM.

Watch as we live-demo the platform. Interact with our panel of experts. This is the perfect opportunity to get your questions answered by a completely neutral advisory firm, and one of the top implementations partners in the business!

We hope to see you there! 

 

Ad-Free Software Installs

Many folks are installing intended software on their PC’s, but what they might not realize is that often adware is bundled in with it!  So, along with a good Adobe Flash player, you end up with a new homepage, another toolbar and maybe even a PUP! (Potentially unwanted program)

Here’s some popular applications and the place to get the program, and just the program.

Got any suggestions?