microsoft launches office 365 planner p1 p2 p3 p4 … · malicious software that is designed to...
TRANSCRIPT
Connect
P1 / CLOUD COMPUTING:
What type is right for your
business?
P2 / MICROSOFT LEADS
GOOGLE: Microsoft pulls
ahead of Google in email
amongst public companies
P3 / FIREWALL:
Why yours is only as good
as what is inside it
P4 / RANSOMWARE:
A new threat discovered in
Microsoft Word
MAY 2016
Secure data backup, greater reliability,
better resource and growth management
options, and improved collaborations are
just a few of the reasons to take full
advantage of cloud computing today.
Yet understanding the choices you have can
help you avoid some VERY costly mistakes
you could wind up seriously regretting later.
Three Types Of The Cloud
Not all cloud models are the same.
In determining what the best cloud model
is for your organization, it’s important to
know how cloud services are structured.
Basically, there are three types of cloud:
public, private and hybrid.
Public Cloud Services Offer Flexibility
And Lower Cost
A public cloud comprises a collection of
data storage and software services that can
be accessed on an as-needed monthly basis,
somewhat like an electric utility or fitness
club. It houses data facilities outside the
corporate firewall that you access through
an Internet browser without having to make
any initial or ongoing capital investment.
Well-known examples of public cloud
services include Google Drive, Microsoft
Office Online, Apple iCloud and Amazon
Cloud Drive. They provide data storage
and, in many cases, web apps.
Public clouds are best used where a high
level of privacy is not required. They can
provide access to a growing pool of newer
technologies that would not be affordable
if developed individually.
Private Clouds Support Highly
Specialized Apps
A private cloud resides within an organiza-
tion’s firewall, and is typically owned,
managed and supported by that business.
IT resources are available to members of
the organization from their own data center.
>> CONT. PAGE TWO
Ransomware Discovered
In Microsoft Word
For those of you that are unfamiliar with the term, ransomware is a type of
malicious software that is designed to prevent access to a computer system
until some amount of money is paid.
A new strain of well-hidden ransomware has recently been discovered in
Microsoft Word. Thus far, it has gone undetected by antivirus software.
This new type of ransomware has been named Locky, and is found to be
triggered by the macros in Microsoft Word. The Word document is typically
attached to an email with a subject line that refers to an unpaid invoice or
something of the like. When a user opens the attached document, they
often find scrambled text and a message prompt pops up telling them to
run a macro for the issue.
Of course, the macro does not unscramble the text. Instead it downloads and
runs a file. As soon as the download begins, the files on the computer system
start becoming encrypted. Locky also has the ability to encrypt any files on any
network the computer is attached to, making its threat even greater.
So how can you protect your business and network from a ransomware
attack?
The easiest (and often unreliable) way is to inform all of your employees NOT
to open any unrecognized Microsoft Word attachments, and if they do, NOT to
run macros.
The best way to prevent an attack is to disable macros from everywhere except
for one shared folder.
Obviously, this is no fool proof solution, but it will provide some sort of protection
for your business until malware catches up with the problem and you feel your
employees are fully educated on the issue.
If you have any questions, or a concern that your network may be infected,
contact us today at (410) 884-0225.
PARTNERS & CERTIFICATIONS
As a technology leader, we strive
to maintain partnerships and
certifications with many trusted
companies throughout our industry.
MICROSOFT LAUNCHES OFFICE 365 PLANNER
Microsoft has recently released a new app to their Office 365 Suite dubbed Office 365 Planner.
This new tool will be welcomed by a large number of Office 365 users who are looking for an
easy way to manage a variety of projects within their organizations.
In short, Office 365 Planner is an online based project management app. It offers users
a simple and highly interactive way to organize teamwork within an organization.
Office 365 Planner makes it extremely easy to add projects (referred to as plans in Office 365
Planner), share files, assign tasks, chat about different projects, and update the group regarding
work that has been completed.
Office 365 Planner uses “plans” to reference what are essentially projects. Managers can easily
setup plans for users and assign tasks along with detailed descriptions and due dates.
What Type
Of Cloud
Is Right For
Your Business?
www.XPERTECHS.com
Private clouds can support highly specialized and/or privacy-restricted
applications, like medical-records software for a health-care organization
concerned about HIPPA requirements, for example.
And, while it can be more expensive to set up initially, a private cloud
may deliver a higher ROI in the long run since you’re not paying for
ongoing shared services.
Hybrid Clouds: Balancing Complexity With Flexibility
Merging the flexibility of public cloud services with the control of
a private cloud, a hybrid cloud can provide the ideal infrastructure
for some organizations.
A hybrid cloud enables you to put some of your apps and data – archives
and e-mail, for instance – in a public cloud, and the remainder in your
private cloud. This provides the cost savings and benefits of the public
cloud while retaining the customization and security advantages of a
private cloud.
While it can be more complex to deploy and manage than a pure public
or private cloud, a hybrid cloud may deliver the best blend of control,
flexibility and cost-effectiveness for some organizations.
So Which Type Is Right For You?
There is no perfect solution – each type of cloud has its own pros
and cons. That being said, here are a few key factors to consider
when determining the best approach for your particular business:
Public cloud solutions are best suited to the flexibility and budget
requirements of smaller businesses that want access to the kind of
IT resources that bigger organizations can afford, without the cost
of development and ongoing support and management.
A private cloud, managed and supported by an in-house IT team, may be
ideal for your organization if control and privacy are of paramount concern.
A hybrid cloud could be the ideal solution for any enterprise that wants to
manage sensitive data in-house while availing itself of third-party software
and data storage for uses where the data involved isn’t as sensitive.
How To Get The Best Professional Help
While hiring a cloud-computing expert can prove extremely beneficial
in the long run, it’s critical to work with a professional who has depth
of experience in all types of cloud environments.
We’ve helped dozens of companies set up and run cost-effective, powerful
and secure cloud networks. For a Free Cloud Readiness Assessment,
contact us at (410) 884-0225 or [email protected] today.
THE MARYLAND ZOO IN BALTIMORE
XPERTECHS just announced its most recent
partnership and corporate sponsorship of
The Maryland Zoo in Baltimore.
As the nation’s third oldest Zoo and an
iconic regional landmark, The Maryland Zoo
in Baltimore continues a rich tradition of
connecting our community to wildlife and to
each other. As a leader in conservation and
education, the Zoo is proud to welcome a
new season of growth and a new generation
of visitors discovering enhanced exhibits,
exceptional animal experiences, and an ideal
setting where family memories are made.
The Maryland Zoo’s Corporate Membership
program is a premier membership
opportunity. Support from businesses like
XPERTECHS and organizations, large and
small, helps further the Zoo’s already
impressive growth and shows your commitment
to the community and conservation education.
(http://www.marylandzoo.org/membership/
corporate-memberships/)
XPERTECHS ANNOUNCES
NEW CORPORATE
SPONSORSHIP
A study by analyst firm Gartner has found that 8.5% of global public companies use cloud email
from Microsoft’s Office 365 service, with just 4.7% using Google Apps for Work.
The remaining 87% of companies surveyed have on-premises, hybrid, hosted or private cloud
email provided by smaller vendors.
Overall, the firm found that the cloud email market is still in the early stages of adoption with 13%
of identified publicly listed companies using Microsoft or Google – the two main cloud email vendors.
“Although it is still early days for cloud email adoption, both Microsoft and Google have achieved
significant traction among enterprises of different sizes, industries and geographies,” said Nikos
Drakos, Research Vice President at Gartner.
“Companies considering cloud email should question assumptions that public cloud email is not
appropriate in their region, size or industry. Our findings suggest that many varied organizations
are already using cloud email, and the number is growing rapidly,” he said.
Among the organizations using cloud email from Google and Microsoft, Microsoft is ahead in most
industries, the data showed – particularly in regulated areas such as utilities, energy and aerospace.
Where Google is ahead, it is in industries with more competition and less regulation, such as software,
publishing, retail, advertising, media, education and travel.
Types of Cloud Comput ing: Cont ’d f rom Pg. 1
Microsof t Leads Google
In Emai l Amongst Publ ic Companies
W h y Your F i r ew a l l I s O n l y As G o od As W hat I s I ns i d e I t
STARBUCKS GIFT CARD WINNER
RICHARD FEELEY
NETWORK BUILDING & CONSULTING
If you are a current XperCARE customer,
and would like an opportunity to be entered
into our monthly drawing for a $25 Starbucks
gift card, start filling out the survey you receive
each time your support ticket is closed. We
perform the drawing at the close-of-business
on the last business day of each month.
A layered defense does not rely on any one key
mechanism to keep your data and systems safe,
but rather on a variety of different tools and
techniques. Any single form of protection
might be vulnerable to a directed attack on
any given day; and they often are. The odds
of multiple, diverse defensive techniques all
being subverted simultaneously are much lower.
Although this is a time-tested and proven
strategy in information security, it's neither
common nor popular. So a common security
"solution" is to buy a firewall and plunk it in
between your internal network and the
Internet, and then get on with business.
A better solution for businesses starts on the
inside of the network and works its way out.
A firewall presumes everything behind it is
worthy of equal protection, though this is
unlikely to be the case. A layered security
approach should begin with an inventory of
the information your business needs to protect.
A database listing customer service appoint-
ments, for instance, might have no intrinsic
monetary value, but its loss or disruption
could have costly operational impacts.
Protection should begin with internal access
controls. Every major operating system in
corporate use today has the ability to apply
file-level security. This can usually be
intelligently combined with single sign-on,
centralized authentication and policy-based
controls for a comprehensive access control
and logging system.
Often overlooked is the fact that many data
breaches originate from employees, not outside
intruders. Internal access should be restricted
by need. Internal controls will defend against
both employee malfeasance and any outside
penetration.
A solid backup system is also part of your
security (although this, in turn, also requires
security controls). An under-appreciated aspect
of security is denial of service from internal
attack. Even if intruders can't make use of
information from your internal systems, if they
can alter or delete it arbitrarily, they can cause
considerable monetary loss. Tested and robust
backups mitigate this possibility.
Anti-virus protection goes without saying in
today's computing environment, but keeping
this up-to-date remains a weak point for many
businesses. Software patches are also vital to
internal security.
Physical security also receives short shrift
from most companies. No firewall in the
world will protect your network when a hacker
has the ability to physically plug in at an unused
and unmonitored network access point.
Making sure only authorized staff have access
to computers and network jacks is a necessary
step in internal security.
Similarly, if wireless access points are
broadcasting signals from your internal
network which can be received outside your
building, they present an under-appreciated
point of attack. Encryption should be strong
and wireless access authentication redoubled
over your basic network authentication schemes.
When you are finished, what you have is
something resembling a pile of sliced Swiss
cheese. Each layer may have a few holes, but
if the holes don't align, nothing will get through.