In today’s environment, remote workers have become exceedingly more important. The remote environment is key to keeping your workforce, working over the internet while at home. Whether they are away sick or they are that on-call vital employee, your remote worker can still provide value. So, let them work while out of the office.
Covenant Computing has your remote session needs in check. We will quickly install an easy and light application that can allow remote connections to your workstations. It is easy to connect, and quick to train these remote workers how to work from the comfort and safety of home.
Get your productivity and your workforce back on track. Call us to set up a free consultation and demonstration.
Let’s first start by saying that Covenant Computing does not use SolarWinds products to support their customers. That is not to say that we will never have a compromised product – no one can say that. But, specifically, in this incident, none of the tools we use to support and secure our customers are involved in this hack and you have not been compromised. So, if you are a customer of ours, you can relax. The first thing we want to you to know is that we do not use the software indicated in this breach, and the second thing is that no action is needed on your part.
That being said, everyone needs to take a few steps to secure themselves and their businesses so that, in a situation like this, the hack can be stopped dead in its tracks or the damage can be mitigated. So, we will cover that info at the end of this article.
To call this a “hack” is an understatement. In fact, as of the writing of this article (nearly 3 weeks post-discovery) the incident discovery and response is still ongoing. Meaning that they are still discovering the impact of the breach and its entire scope.
If there are more developments, we will release them.
What we know so far...
The breach was engineered by a group that gained access to the update tool for SolarWinds Orion software. This means that the people who did this were able to insert a rogue DLL file into a software update that allowed the actors to target specific systems and information.
The payload that was delivered was designed to sniff out prime targets for attack and to open other doors to make those attacks possible and easier
SUPERNOVA is the codename used to identify the malware used to attack users of the SolarWinds Orion platform.
SolarWinds Orion was just the door...
The attacks that were proliferated were done so with future hacks in mind. These breaches targeted the supply chain (software updates). The vulnerability that was used to insert the malicious code in the update cycle has since been patched.
...the attackers likely used means other than just the SolarWinds backdoor to penetrate networks of interest...
Other reports issued since the discovery of the attack have shown that there are more than just people and machines affected. Likely targets are multi-tenant entities such as Private sector service providers and services vendors that provide cloud services and software to multiple distributors.
...attempted activities beyond just the presence of malicious SolarWinds code in our environment...
What can we do to protect ourselves?
Ok, so this is the obvious part of the article where we plead with you to protect yourself by purchasing a security plan from us. We believe that security is an all-in prospect because it makes no sense to lock the front door and leave a side window open.
So many people believe that a good antivirus is enough and in the past, we would say that was true.
For SMBs (small and medium businesses), the biggest threat is the loss of data and the disruption of their workflow. Our no-compromise Covenant Security 2021 package is our best defense offering for this type of threat. We hold your hand through implementation and through processing the changes necessary to protect your data and your business.
Covenant Security 2021 covers these key categories in the information security landscape:
The information that runs your business, that you access, retrieve, store, and publish to customers and potential clients deserves to be protected.
Communication, Collection, and Collaboration! Oh, My!
Email Systems in Microsoft 365 Business Standard and Beyond
As we implement new information systems technology for small and medium businesses, we find that (most of the time) business owners get overwhelmed by the number of options that are out there. So, as a way of simplifying the process of grasping the nuances of the Microsoft 365 suite of collaboration options, it might be useful to talk about the benefits and drawbacks of each option.
This article assumes you are a small business that has a subscription to Microsoft 365 Business Standard or Premium
Most small burgeoning businesses are in the adoption phase of Microsoft 365 email. It is the easiest and most cost-effective means of managing your email services. We highly recommend it over the G-Suite email or just plain-ole “webmail” or IMAP email systems.
Most of the time these companies are very happy with having a crispy new company url (SomeYoungCompany.Com) , a website to go with it, and want to get all of those leads pouring in to their email so they can serve these new customers that need their products and services.
Really, you will want to think about how to receive, process, and store those emails now and into the future so you don’t create additional work for yourself or your tech company and end up costing additional money down the road in labor or productivity lost that you could have saved with some advanced planning.
The quickest and easiest solution is to create a mailbox for every email address in your business and an email address for every employee and aliases if an employee is responsible for an email address other than his or her own. This will work, and may be the best fit for some businesses, but pause for a second and think of all of the email addresses in your company and how they can be best utilized within Microsoft 365. [*formerly Office 365] There are many options that can save time and money down the road. This is where a partnered IT company can help lay out your options and smooth the decision making process.
Here’s what you need to know:
Not counting Teams collaboration tools (that is a whole different article and series of instructionals) there are 4 ways of sending and receiving emails using Microsoft 365 tools that are available to subscribers.
Mailboxes are your primary source of interpersonal communication with the outside world and what most people think of when collaboration tools are discussed.
Aliases are not actually a thing in themselves, but they are worth exploring as they can be misunderstood and confused with some of the features reserved for the other means of communication.
Shared Mailboxes are meant to be a means of two way communication with a group of people. Think of it as a queue of email-communicated tasks or a well of leads for sales or a drop-bucket for communication requests from web forms.
Groups are meant to be a way for groups of people to communicate amongst themselves. This is more akin to a message board and is most used for group collaboration on a single subject or with common interest.
A mailbox is usually associated with a single user and requires a license. A mailbox is required for a user to log on to and use Office 365 email.
Mailboxes require a paid license
Mailboxes are what is commonly referred to as an “Email Addresses” but it goes deeper than that.
A Mailbox is really just a repository for message files that has an “Email Address” attached to it so the server knows where to put the emails addressed to that address.
Users need a mailbox in order to log in and use email
One cannot have access to other email features like shared mailboxes without first having a mailbox.
Every humane expected to receive email in your company needs access to a mailbox
A Microsoft 365 Email alias is another email address attached to your mailbox. You can have any number of email addresses that flag messages for your mailbox. However, any email you send will come from your primary email address.
An alias is another email address that a person can be reached at
Aliases do not require a license
All email sent to an alias goes into the users inbox.
The primary email address is always the “from” address
A shared mailbox is shared with one or more users. Shared mailboxes do not require a license and include the features of a normal mailbox.
Shared mailboxes cannot be logged into directly. It shows up on their folder list, and a user must have their own mailbox to be able to see that folder.
Shared mailboxes are not supported on mobile Outlook
Shared mailboxes appear as separate mailboxes in Outlook and Outlook on the web.
A user with “send as” permissions can send email from the shared mailbox email address
If a user with “send as” permissions replies to a message in a shared mailbox, the reply appears to come from the shared mailbox email address
A user can also (if they have permission to do so) send a message “on behalf of” a shared mailbox. The message will appear to come from “Jane Doe on behalf of ”
Calendars and contact lists in shared mailboxes are fully useable by users having access to the shared mailbox
Emails sent from a shared mailbox by default appear in the sent items of the user sending the email message.
Shared mailboxes support subfolders (i.e. it is possible to create folders under inbox for example in order to organize email)
Office 365 Groups have much the same functionality as shared mailboxes. Groups however can have associated SharePoint Team Sites, OneDrive documents, and OneNote notebooks. If collaborating around a mailbox is important to your business, a group may be a better fit than a shared mailbox.
Like shared mailboxes, groups cannot be logged into directly
Groups are supported on mobile devices
Groups appear beneath a users mailbox in Outlook
A user can send email and have the message appear to come from the group email address
A user can also (if they have permission to do so) send a message “on behalf of” group. The message will appear to come from “Jane Doe on behalf of ”
Email sent as a group email address will not appear in the group Sent Items folder, in fact there is no visible Sent Items folder. This cannot be changed
We have a client that uses several email addresses from within Microsoft Outlook. Some of them connect to Exchange. Some connect to IMAP (regular email), and some connect to G-mail. G-mail is IMAP, except it has weird requirements that change without any sort of notification.
So here we are, the client is getting all sorts of popups asking him to log into G-mail when he synchronizes mail. This happens from time to time when he changes his account settings, but it never happens all at once. So, we knew something else was wrong.
The first thing we tried was to go ahead and re-enter his password. Sometimes, for whatever reason, the password gets lost or one or the other services require a manually entered password occasionally. This wasn’t the problem as the issue did not go away.
The next thing we tried was to examine the account settings inside Google. You can do this by going to https://account.google.com. Your security settings will be where to look for password issues and security problems associated with the account. We didn’t find anything wrong, so we moved on.
The last thing we did was consult TechNet at Microsoft about this issue where we found many possible solutions. We will share those with you below:
Use a Google Application Password: Sometimes Google does not play nice with programs they feel are less than security-savvy. This is a good thing usually, but it creates a bit of an inconvenience. An App Password is a unique password that is used for these special programs that is unique to that particular program. It is not your regular password for that account, but it is used in place of that password. It is like a special password for just that application. Hence, the name “application password.” You can find the details linked HERE.
Check your license. Sometimes your Office license gets switched off for non-payment or for other accidental or weird reasons like leaving a job or changing license plans. So, check that your license is associated with your office account. Here is how to check that: Just go to “File” in the upper left corner. Then go to “Office Account” in the middle on the left. You should see that you are signed in. It will indicate that you have either a subscription product or a purchased license. If you do not see an account in this window, you should sign into Office. Here is a link that will show you how.
Privacy Settings: Outlook has privacy settings that will allow you to restrict information shared with third-party services – like Gmail. To find those privacy settings, navigate to: File > Office Account > Account Privacy – Manage Settings (on the left in the middle) A window will pop up that says “Your data, controlled by you” at the top. In this window, Make sure you have at least “All connected experiences” (bottom of Connected Experiences section) and “Experiences that download online content” checked. These features, if not turned on, cannot download account information necessary to sign into Gmail IMAP functions necessary to connect an account to Gmail through Outlook.
This is by far not a complete list of all of the problems you could be having with Outlook. It is a great program and the most widely used business application used for sending and receiving emails, but sometimes it is really just too much to handle. We get that, so our services are available to those who would want them. Just click the link below to open a new ticket with us and we will be happy to get you working again.
Many folks are discovering, in the wake of the recent WFH (Work From Home) movement, that their at-home computer is sub-par and annoyingly juice-less. In other words, you need an upgrade. Am I right? Some of you might also be thinking about budget too because of the employment crisis. So, refurbished is probably the way to go. Well, look no further! We have you covered with a list of mobile computing machines that will get your data moving a little faster. Why mobile? Because once we start creeping back into the social scene a little more, we are going to want to bring these gems along.
Covenant Computing has curated a list of laptops that will please about any budget. What did we look for? Well check out the specs:
At least an i5 Processor – The Intel processor is the staple of the previous generation of computers. Purchasing an AMD, unless it’s a Ryzen, is risky, so we avoided it. There are just too many variables. Also, let’s face it, i3 is just too slow when you are trying to get something done so you can get back to binging your favorite shows.
At least a $350GB HDD – No, we didn’t opt for a mandatory SSD here because, while they are consistently faster, refurbishers tend to put cheap SSDs into machines that have sub-par performance in order to hide that fact. Yes, some SSDs are on the list, but be careful not to let the cheap price sway you into a short term ownership experience.
At Least 8GB RAM – a large RAM space is the oil that keeps the computer engine running smoothly. While 4GB machines are attractively priced, the risk is that your computer will run out of headroom and start to slow down.
Curated Manufacturers – Let’s face it, older machines will have something go wrong quicker than new machines. The list of manufacturers we have chosen (Dell, Lenovo, MSI, and ASUS) are good picks for durability. You might pay a little more for a Dell, but it is worth it.
2GHz – 3GHz Processor Speed – We chose this speed range because it is in the middle. It’s that simple. Slower processors, while cheaper, will not relieve the slowness stress. Faster processors are just overpriced for what you get, and the ones that aren’t are using sub-par components (smaller HDD, less RAM, etc.).
So there you have it. If you’ve made it this far, you are probably truly interested in what we have found. We have shopped many places, but Amazon, for two reasons, is where we go. 1. The Price is good and 2. The Return Policy is great! Full disclosure: if you do buy something from the list, we will get a small commission on the sale.
Working in the cloud sounds difficult. It’s not! With the right expert, it can be as easy as contacting us, receiving an email, and clicking on a link. Cloud Computing removes the risk associated with remote workers. We can also connect these virtual computers to your network or active directory domain.
Covenant Computing creates and manages cloud desktop or server environments. Now you have always-on computing that is ready to go when you are. Sleeping or hibernating machines can disconnect from the network. Those are problems of the past.
Cloud (or Virtual) machines are computers that run exactly like your computer-with-a-keyboard. They stay “in the cloud”, can be accessed from anywhere that has an internet connection, and can be modified to meet any challenge. We can also upload your entire workstation to the cloud so it feels like you are working on your own machine.
Many remote computers are too slow and are expensive to upgrade. They also don’t have security, so they threaten your valuable data if they connect to your network. Therefore, cloud computing workstations and servers take that work and keep it in a secure environment, and they do all the computing. They also display the results to your workers like it is working from their own physical computer. Because they do it securely, quickly, and clearly, even slow and virus-laden workstations could have powerful cloud counterparts that will haul any load you throw at it.
Just need to connect a remote worker to an existing workstation? We’ve got that covered too! Contact Covenant Computing for a Free Estimate
In the month of August 2019, NPR verified that officials discovered 22 municipalities had been hit with ransomware. One of the officials stated that the attackers had asked for $2.5 million to unlock the files.
Getting an email that tells you that your computer has been hacked or seeing suspicious activity on your computer is a cause for deep concern. Hollywood and the press has done a great job of raising our levels of concern for this kind of intrusion. There are a few signs of intrusion you can look for, a few things to do if you see signs of intrusion, and a few things you can do right now to prevent it.
Look, I am not poking fun at anyone when I say this, but if your computer is making weird noises, it’s probably trying to tell you something. Weird noises can mean many things, and typically they are not good.