Managed IT Works: Especially Against Ransomware Like Petya

It’s been 6 weeks since the last global affecting ransomware attack has occurred. The last attack brought to you by WannaCry affected millions of computers and servers throughout the globe.

That attack affected an ancient exploit going all the way back to Windows XP and was stolen from the national security agency. Hackers use that exploit and penetrated systems worldwide generating tens of millions of dollars in ransom networks.

What did we learn since then? Apparently not a damn thing.

The Petya Ransomware

Lo and behold, earlier this week a new type of ransomware called Petya/Goldeneye infected millions more, but had a completely different vector: it went after the hardware as well. Older computers used a system called BIOS or basic In-N-Out system that has been around from the late 70s. Luckily, as hardware has progressed with the newer Windows additions, encrypted hardware interface technologies such as unified extensible firmware interface or UEFI requires encryption certificates in order to make changes to the system.

None of the affected hacks that have occurred in the last couple months could penetrate the newer firmware… but the older systems were extremely vulnerable.

Why do we say we have learned not a damn thing? Because we haven’t.

Update Your Systems or Get Them Managed

In March 2017, Microsoft released a patch for the latest exploit to prevent it. People didn’t listen; they didn’t patch their system; they didn’t think it would happen to them. But it did.

That is why at Triton we extremely recommend that clients go into a managed platform. Why? In our managed platform (among the other benefits), we handle all of the arduous and tenacious patching for all of your network systems. That patching has pretty much insulated our clients from any kind of hack. Are they 100%? No. But the latest round of exploits has taken hold because people have not patched or maintained their systems in a consistent way. Patching here or there doesn’t really work because you may miss some, it may not seem important to you, but in an automated patching system, a patch is going to go into your system no matter what. That is what has saved every single person under Triton Technologies management system from getting a bug.

Managed Services with Automated Patching Works

That is why we extremely recommend even the smallest business to outsource their IT technology needs, security management, backups, and everything else that has to do with your network to a managed technology company such as Triton Technologies. Will these hacks and exploits happen again? Most certainly. There is absolutely no end to what hackers and exploiters will do to get money from people who are not serious about data security. Let us help you solve that.

WannaCry or GoingtoRelax?

On Dealing With Ransomware

A couple of weeks ago, a worldwide exploit stolen utilities from the National Security Agency were utilized to take down literally hundreds of thousands of computers, from hospitals, government, and large corporations.

For days people were freaking out and having a tremendous time securing their networks. Traditional methodologies failed. Traditional thought processes failed.

In the days and weeks since this attack, we have learned much. From the tools they use, to methodology and the exploits.

We Suffered No Incidents

At Triton Technologies, we were not affected at all. Not a single one of our clients’ computers, not a single compromise network, not even a rogue email. Not that we didn’t see a single remnant of it, but our technology, up dates and our near-religious security methodologies protected every single one of our clients.

That’s right, not a single person had a problem: business as usual. Just like with CryptoLocker.

Why We Weren’t Affected

The reason why? The exploits that were utilized by the WannaCry hackers dealt with old and unpatched systems. Every single one of our managed clients and their systems is patched daily and weekly. Every exploit mitigated, and every possible vector to enter into a network patched up.

We understand that has affected many businesses and many small business owners are freaking out. Not us. With the right managed plan and the right technology to head off potential disasters, issues like this will never affect the business. The proof is in the pudding, and not a single one of our clients is worried.

Managed IT services saves you money and protects your data. Contact Triton Technologies today and quit worrying about ransomware.

The Importance of Thorough Vendor Evaluations

In the last decade, we have seen something that is somewhat upsetting.

Vendor network evaluations are not worth anything.

Yup, we said it. From ISPs, printer providers, virtual server providers, email providers and others; all have failed to live up to their engineering personnel’s recommendations. It’s only after the disaster begins do we see what narrow scope they have been placed in with a specific goal that does not see the big picture in a network.

Case Study: Promises of a Local Cloud Provider

A long time local non-profit client of Triton Technologies was approached by a local cloud provider of managed servers. Without our knowledge, its network interface box was installed and we were called to “integrate and migrate” their servers to these new cloud servers.

We saw an immediate problem: no real questions were asked of the client during the evaluation.

If you are ever involved with non-profits, many of them will run software into the distant future to keep from buying additional software or expense. So once bought, they’ll basically run it until they have no choice anymore. That is exactly what happened here.

They were using a Windows NT 4.0 (yes, that old) software database from a company that has gone out of business, but it still worked. Years earlier we migrated the software through a VMWare P2V converter and installed it on their 2008 server in-house to keep using it as long as possible. It was working excellently, but with a major grant that came through, they wanted to update their hardware and software again.

So in 2014, we submitted a proposal and waited. Waited, and waited.

No response. Unknown to us this company came in and promised the world. In retrospect, it was a make-believe land.

A Bad Installation After a Bad Evaluation

Installed was a T1 line and a VPN link to their data center. If you know anything about a T1, it’s only 1.5 Mbps – or 66 times SLOWER – than their current 10/100 network from 6 years earlier. So after copying the server to the data center which took 22 days at 1.5 Mbps (slower than DSL), the programs the client used took over 10 minutes to run, databases over an hour, and emails were still updating 8 days later.

Fast forward 2 months and after MANY consults, an unexpected $4500 a MONTH in virtual server billables, and unable to actually FUNCTION, the client decided to pull the plug. In the end, the customer lost over $12,000 in upfront costs, about $44,000 in labor costs, and months of down time in marketing and client growth.

In the end, the vendor didn’t take into account old software, old databases and custom software that did not match the exact idea of how cloud servers work. Vendors need to ask a lot more questions about a client’s network than what they presume.

Want to see what a real evaluation looks like? Schedule a free consultation with us.

Dealing with CryptoLocker: Why We Do What We Do

As the owner of Triton Technologies, I go through constant training when it comes to MSP services, products and support methodologies.

I was at a conference in Hartford Connecticut and listening to other business owners and I heard something that isn’t heard in our office:

“Cryptolocker is kicking our butts.”

We Take Security Seriously

I can barely remember the last time I had to deal with any type of crypto virus. It was early last year (1.5+ years) and it was a personal laptop someone brought into one of our clients to use when there was some downtime. The virus was actually running in the background and they had put it on standby and took it to work. When they opened it up, it continued but the network had all the necessary defenses to prevent it from being more than a blind annoyance.

Our network firewall, the antivirus on all machines, the SSL and third party confirmed certificate communication was all working to prevent it from getting in and it worked perfectly.

The Best IT Solutions are Proactive

The call when it came was a shock but after reviewing the logs, the firewall defenses and the internetwork logs, it was mitigated and shutdown before it did anything actually.

We implement the firewalls, the solutions, the antivirus, the backup, the monitoring and the third party patching because… IT WORKS. It just works, and it keeps the hackers, viruses and more at bay.

Some clients we work with thing we’re over-the-top when it comes to planning and security, but not one has been sad when they realized by taking our advice, they got the tech they needed for dealing with CryptoLocker and avoided having their own data being held hostage against them. If you’re looking for just that kind of solution, contact us.

Taming The VoIP Beast

Or “VoIP Issues and How to Solve Them by Calling Us”.

Triton Technologies years ago was created to help the business user and the business owner: over the years we have acquired products, companies and so forth in order to grow. One of them is the skill and ability for dealing with VoIP issues.

Years ago, we acquired a failing telephone provider out of New York state and transferred all the licensing to ourselves. It took about a year to clean up the issues, but we did it and the clients we happy as punch.

Troubleshooting VOIP Issues

We’re known in the Northeast of the United States for solving VoIP issues. They aren’t that hard if you know what you are looking for, but sometimes they can be the most obvious.

VoIP is a different beast than most systems. It requires precision, accuracy, scheduling and configurations through specialized equipment such as a layer 2 or layer 3 switch, firewalls, ISPs configurations and so forth. We’ve been doing it for so long we have it down to a science.

The Woes of Self-Installation

A month ago a new client called us up and explained they were having a VoIP call quality issue, which was evident through the conversation we were having. We setup a time, came down and within minutes realized their mistake.

They had set it up themselves. That’s not the main problem, but part of the problem. VoIP needs settings, all sorts of settings to make it perfect. They had no firewall, the switch was not engaged for QoS and the modem was in a NAT mode which the ISP did not support tagged packet passthrough. For a better diagram, no better than a network printer.

So after consulting with their corporate overlords, they disbelieved what we told them and we went on our way.

Weeks Later: The Crisis and Solution

2 weeks later, the manager of the location called us back. They agreed to order everything and install it as soon as possible. Why? They lost an order which would have equaled the cost of the equipment a 1000 times over. “Replace it, replace it now, just fix it!”, he said.

The equipment was ordered overnight and installed in the afternoon. Within minutes it made a significant difference. They could instantly tell and feel the call quality difference and we put it through its paces. I asked EVERYONE to call someone, ANYONE: call a vendor, a client, your spouse, your mom, ANYONE. 24 users called at once and NOT A SINGLE warble, jitter, or call drop was heard. The system previously could only take 2 calls before it started dropping.

It’s been a solid week and we followed up with them yesterday, NOT A SINGLE issue.

The manager was pleased and advised their corporate managers for us to recommend for further dealing with VoIP issues in other locations.

The VoIP beast can be tamed, you just need to know how to train it to jump through hoops. Learn more about VoIP here and contact us.

HIPAA Compliance for Small Medical Businesses

In the last couple months due to governmental pressures for state and local charities and nonprofits, small medical businesses have been asked to fully comply with HIPAA compliance even if a single machine might one day encounter that information.

We are currently working with many translation services, small doctor offices, dentists, and branch offices of hospitals and medical centers and you think a majority would be in compliance with federal HIPAA regulations. But you would be wrong.

Patient Healthcare Information in the Past

Many of these organizations could in the past filled out a basic questionnaire and they would be authorized to deal with patient healthcare information or PHI. No one really checked up on them. Now there are auditors going out to these contractors these doctors and facilities to verify that the information that they presented in the questionnaire is valid.

Bringing in Outside IT to Reach HIPAA Compliance

We have been spectacular in deploying solutions that meet and/or exceed HIPAA compliance as well as implementing policies and procedures for our clients to meet it. It is gone extremely well over the last couple years and our due diligence in selecting solutions has paid off for our clientele.

Those auditors are highly skilled, highly trained and can easily tell when an IT person is being less than truthful with their answers. At Triton technologies we have passed all of our tests, past all of our questionnaires, and have successfully been audited by a third-party multiple times with flying colors at the end.

HIPAA Compliance: What It Takes

For clients that need HIPAA compliance, what you need is an extremely secure network, and the ability to control access to information from within that network. Mobile devices, printers, scanners, USB flash drives, external hard drives, firewalls, wireless networks, remote terminal services, and more must be secured at all times and monitored. With Triton Technologies managed services we provide all of that by default to our clients. When we started years ago before HIPAA compliance was in full swing, we implemented these knowing full well that when the time comes the solutions in the technology we implement would solve our clients problems: it has.

HIPAA compliance may seem to be a large scary beast of compliance but it is not. It just requires the right solutions, security protocols and more and your business can easily meet those security guidelines. We have the experience in this field. We can help.

Vendor Management: The Balrog

Any business owner can attest to is dealing with multiple vendors is a business in of itself. From cellular carriers, internet providers, construction companies, telephone and more, each one has their own language and each one has their own methodology.

This situation happened, and this is why right after our client signed up for our Managed IT Services plan which included vendor management:

The Client’s Story

The client is a logistics company based in Massachusetts is part of an isolated transportation park. A few companies, but nothing massive. They are quite busy at times and this time is especially busy due to the three day memorial day weekend. So basically everybody is moving as fast as possible to get done early and go home, and that is where the trouble begins.

A truck entering the loading facility was going too fast and clipped the service pole of the facility, breaking the line for internet and telephone for the other occupants.

  • The client decided to call the ISP themselves and report that a line was “down.” Mistake 1.
  • Told them it was no big deal and to go out today please. Mistake 2.

Friday being the start of the holiday, no rush was put in and no need to rush since the facility began shutting down and so forth.

The Following Week

Tuesday comes and goes, expecting the technician, nope.

Wednesday comes and they finally call us. A lot of missteps occurred causing not only our client to be down, but other tenants. Come to find out the client conveyed that the line was down, as in a saggy line, therefor no rush. Apparently it was treated like a small issue and not an outage.

Then We Stepped In

We contacted their ISP and we were able to get a truck rolled within an hour, their lines repaired and all the tenants fully operational.

Sometimes miscommunication can easily create havoc without understanding the lingo vendors need. Vendor management might seem like a small thing, but having an IT provider who has the experience and connection in the field allows you to get the most out of your resources, from internet landlines to software suites. Avoid that broken link in your chain. Want to learn more? Drop us a line.

Why a Managed IT Provider?

Why should a business chose a managed IT provider over a traditional break-fix?

Simple: Money

With a managed IT provider you get more than a body that fixes stuff when things break: they make sure they don’t break. As anyone who’s owned a car, you perform maintenance, change the oil, rotate the tires and more because it costs more when the vehicle completely falls apart, so you do preventative maintenance. As with cars, so with computers. You defrag, install updates, install patches, clean out the temp files, and more to keep your computer running in top shape.

“But I can do those things myself?” Not really. At Triton Technologies, we not only do those, but more. From constant monitoring, constantly watching and taking minor corrective action we can avert a major disaster down the line. Small changes far in advance can keep your system from even remotely encountering a problem which can cost you thousands.

Saving Money: How?

Triton Technologies does fixed pricing, how many users you have, times the cost per user, and that’s your price. Everything from onsite, remote, software, antivirus and more are included, all of it. If you were to hire a person you would have to pay their salary, plus 30%+ average in benefits and payroll taxes and you haven’t even got them into the network yet. You then have to purchase antivirus, backup, monitoring and more. You literally spend almost twice their salary to get even started.

With Managed IT you get all those services bundled together saving your organization thousands a month, with a team of people always on call, never going on vacation and simplifying your IT needs.

Each organization is unique, but the IT demands are the same. They want easy, cost effective stable networks and that is what Managed IT can deliver.