Q: I just got an undeliverable message saying an email I sent couldn't be delivered, but I never sent the email. Have I been hacked?
A: Probably not. A trend has become popular with spammers recently where they use false “from” addresses in their spam messages, which is likely the case here. You might get a spam message that appears to come from someone you know or an address you recognize (it could even be your own address) when, in fact, that person never sent you such a message. Sometimes you get undeliverable messages back since your name was in the from field. Undeliverable messages are sent to the from address without regard to the server that the message actually originated from. For outgoing email, we always ensure our customers fully comply with the Sender Policy Framework that is designed to eliminate this problem. that they have an SPF record as well as a reverse lookup record to help combat this issue.
Q: What is a SSL Certificate?
A: SSL stands for Secure Sockets Layer also known as Secure Server. A SSL Certificate creates an encrypted connection between your site and anyone visiting the site. Without a SSL Certificate it is possible for every piece of data transmitted to be seen by others.
Q: Why do I need a SSL Certificate?
A: A SSL Certificate will encrypt your connection to securely allow you to connect remotely. There are two main reasons that you need a SSL Certificate.
1. To transmit sensitive data on a web site (credit card numbers and other personal data).
2. To authenticate to a server or workstation remotely (Remote Desktop or Remote Web Workplace tools).
Q: What is RPO and RTO?
A: RPO stands for Recovery Point Objective and RTO stands for Recovery Time Objective. These are technical terms used when creating a backup and disaster recovery strategy.
Recovery Point Objective (RPO) - refers to the point in time you will go back to in the event your systems fail and you have to restore from backup. So if you are backing up all of your data every hour, then your RPO will be within the last hour (assuming the location where your backup files are stored is not also damaged).
Recovery Time Objective (RTO) - refers to how much time it will take to restore your backup and get your systems fully operational as of the point in time which is your RPO. This starts to become especially important when dealing with backups that have been stored offsite. If your only means of accessing the backup files is to download them from the vendor and you have a large amount of data (and thus large backup files) it may take a long time to transfer those files, and thus your RTO could be several days (or longer). On the other hand if you don't need to transfer the data anywhere before restoring it (such as in a scenario where you are restoring to emergency standby servers in an offsite recovery environment) your RTO can potentially be only a few minutes.
Q: How does RPO and RTO affect my backup strategy?
A: When determining the backup and recovery strategy for your organization, the primary factors for consideration are RPO/RTO, cost, risk tolerance, technology, and retention strategy and requirements. You can think of all of these factors as being on a balanced beam - when one side goes up, the other must go down. So if your requirements are to have a very short RPO and very fast RTO, that will likely be a very expensive solution. On the other hand if your risk tolerance is a bit higher, and you can accept slightly lower values for RPO/RTO, and your retention strategy doesn't require you to keep lots of history, the solution can be extremely inexpensive.
Q: What are the benefits of moving my email server to the Cloud?
A: Unfortunately, there is no one size fits all answer here. As with any IT decision we advise our customers on, there are benefits, costs, and risks that must be weighed - and these factors can vary based on company size, priorities, etc..
Here are some of the common benefits:
1. Reduced workload on the server. This allows some customers to extend the life of their server in some cases, which saves on capital expense.
2. Greater reliability. When your email server is in house, if the power goes out or Internet goes down, your email goes with it. Neither is generally a concern in the cloud.
3. Always the latest technology. You don't have to worry about large upgrade projects every few years. You don't even have to worry about installing security patches on the server. It is all handled for you in the background and you will always be on the latest version.
4. Better management. If a cloud email provider has a user that gets a virus or gets a lot of spam, it can become a VERY large problem for them VERY quickly - spreading to thousands of users or more almost instantly. As a result, cloud providers put a HUGE amount of effort (time and dollars) into making sure neither are an issue.
Potential disadvantages to consider as factors in the decision:
1. Loss of control. Some small business owners take comfort in being able to do detailed troubleshooting when there is a server issue. With most cloud providers you can't access many of the 'back end' tools that you have if you are running your own server.
2. OpEx vs. CapEx. When you own your own email server, there is generally going to be a large capital expenditure every few years for new software, servers, etc. with some maintenance spend in between. We see this effect become significant once an organization gets over a few hundred users. Whereas, with email in the cloud you'll have a single monthly payment for usage.
Q: I have anti-virus software. Why did I get a virus anyway?
A: Much like the 'real world' of criminals and law enforcement, the technology world also has a constantly escalating battle between criminal techniques and the tools and processes used to combat them.
Even with the latest anti-virus software and the latest updates, only a percentage of the bad stuff will be caught. In order to truly protect yourself from the bad guys, the best practice is to implement what the technology world calls a 'defense in depth' strategy. What this means is that you don't just rely on a single tool or solution (such as anti-virus software) in your fight against the bad guys. Instead, you need to implement a range of tools that each protect in an overlapping fashion so that if one tool fails, others will still catch the bad stuff.
Q: What are the risks with opening our network to allow employees to work remotely?
A: Any time you allow ANY type of traffic into your network, there is always incremental risk involved in doing so. Rather than making this a techie conversation on security, we examine some real world elements we recommend thinking about.
1. If VPN is your chosen method to let users in, what you are doing is identical from a technical standpoint to plugging a REALLY long network cord into the wall at your office and plugging the other end into the employee's home computer. The challenge with that model is that home computer is NOT company owned, and therefore you have NO idea what's on it or what dangers it may be hiding. There are technical ways to manage this process but they are relatively complex.
2. By allowing remote access, you are allowing company information to leave your building. This poses a risk in the scenario of an employee copying corporate/confidential data to a home PC before quitting, or simple carelessness that allows access to someone at the employee’s home who shouldn’t have it.
3. By allowing employees to work remotely, you are really allowing anyone to work remotely (even bad guys). The only thing that stands between you and them is usually a password, so the strength of the employee password choice becomes a risk.
To be clear, we are absolutely NOT advocating that you deny remote access to employees. When working with customers, our role is never to tell them what they can or cannot do - our role is simply to ensure that they are making an informed decision and are fully aware of the risks they are assuming by making a particular decision. In virtually every case, there are steps you can take to minimize or even eliminate a risk - it is often just a question of cost. So even if a business owner finds a risk is too great to bear, they can often 'insure' against that risk with additional technology, thus making it a workable solution that they are comfortable with.
Q: If I am only going to do ONE thing to improve the security of my technology, what should I do?
A: This is a VERY hard question for us to answer because there are a lot of very easy things you can do that drastically improve the security of your systems and data. If we absolutely HAD to choose only one, however, it would probably be to have better passwords. More specifically:
1. Make your passwords longer (AT LEAST 12 characters)
2. Change your passwords as often as you change your oil
3. Use different passwords for different sites (there are tools to help you manage this - IronKey is one of our favorites).
4. Make your passwords complex (upper case letters, lower case letters, numbers, and symbols).
We are always shocked by how lackadaisical some people are with their passwords. Don't tell anyone what they are, don't write them down (for heaven's sake especially not on a sticky note on or near your desk), and PLEASE don't email them. Email is NOT a secure means of communications unless it is encrypted (which requires extra software/configuration in most cases).
Check this list out and make sure your super top secret password isn't there. If it is, we won't tell as long as you go change it right now. You can also plug your password into a handy free password checker from Intel to see how you score. For the conspiracy theorists among you, you can change a few digits before plugging your password in to check it.
Q: What is the difference between the $75 firewall I can get at my local retail store and the $1,000 firewall you are recommending I get for my business?
A: Glad you asked! As a very general rule, the firewalls we see in small business environment fall into one of two classes - consumer and commercial. Here’s our “in plain English” explanation that can help to understand why you might want to buy the commercial firewall.
1. Restrictions on outbound traffic. Most think of a firewall as preventing things from getting in. We also configure our customer's firewalls to prevent unwanted traffic from getting OUT. Can't be done with most personal firewalls.
2. Gateway level security. The commercial firewalls we recommend don't just keep bad guys out - they also watch incoming traffic for viruses and other bad stuff. You may already have anti-virus software on your computer, but we prefer the 'belt and suspenders' approach - two layers of protection is better than one.
3. Throughput. If you have more than a few users, the personal firewalls aren't built to handle the throughput. That means you may be paying for one speed but getting something quite a bit less. The commercial versions can handle a much higher number of users behind them.
4. Options. Personal firewalls are pretty basic - they do the job at home just fine. But the commercial ones have many other options you may want to take advantage of. The ones we recommend as an example have the ability to restrict web surfing based on content. Want to keep your employees off of shopping sites during the certain hours of the day? Easy to do with a commercial firewall. Need to connect multiple offices? Don't even try it with a personal firewall.
5. Advanced tools for the techies to keep you safer. The firewalls we recommend include fancy features like "Intrusion Prevention Services" or IPS. In English that means the firewall is smart enough to watch what is happening on your network and if it seems something it doesn't like (such as behavior that matches a known virus's behavior) it will shut it down and prevent it from doing anything. Personal firewalls only dream of being able to do such fancy things.