Get Started Today!  732-747-9373   

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

MICROSOFT 365 - just another 365?

In November 2017, Microsoft introduced a new cloud product: Microsoft 365. As if the current branding of Microsoft’s cloud 365 offerings weren’t confusing enough, along comes Microsoft 365. 

What sets Microsoft 365 apart from the other 365 cloud offers is the bundle of services included in the offer. First and foremost is Azure Active Directory (AAD). The Microsoft 365 product bundle stakes out Microsoft’s future vision of not only cloud computing, but also of Microsoft’s path forward past desktop operating systems and applications. Microsoft 365 powered by AAD provides the first and only cloud based security and authentication system that can work over most mobile and desktop systems. Since AAD uses Microsoft’s InTune cloud offer, Microsoft 365 provides the first generation of unified security management across mobile and desktop operating systems. I would categorize the technology as first generation Microsoft technology, where it normally takes Microsoft three generations to get it right. This three generation cycle will probably be completed in a record time of less than 24 months.

The key to making it work is AAD’s ability to manage Windows desktops like Active Directory. Using Windows 10 upgraded with the Creator’s Upgrade, AAD has the ability to be the single-sign-on (SSO) source for users. The Microsoft 365 cloud license includes AAD, Exchange Online, Office Pro for up to five devices, and Windows 10 Enterprise. Microsoft is heavily pushing the concept that any computer running Windows 7 or above can run Windows 10. They may be right, but doing an in-place upgrade is tricky at best and a disaster at worst. For our clients wanting to try Microsoft 365, we are recommending either replacing their computers or at least installing a new Solid State Drive to improve performance and deliver Windows 10.

Microsoft 365 is designed for clients who want to get rid of their servers and move everything to the cloud. With Microsoft providing AAD to manage and control security, Microsoft 365 provides businesses the ability to control end points so that they can monitor and protect business data. As you plan for the end of life for Windows Server 2008 and Windows 7, Microsoft 365 must be seriously considered.

Click here for more information

0 Comments
Continue reading

Should You Invest in BitCoin?

If you follow the financial news at all, you can’t help but notice that BitCoin continues to reach new highs. Should you be “investing” in BitCoin?  

BitCoin–created less than ten years ago by an as yet anonymous person in the Far East–has become all the rage in the financial markets. The BitCoin “market” is completely unregulated and is not monitored or protected by any government. 

If BitCoin were to fall from its current high of about $9,000, to $10, an “investor” would lose almost everything. Given the high risk of holding BitCoin, I would categorize keeping any funds in BitCoin as pure speculation. What drives the value of BitCoin today is simple supply and demand. Since the underlying algorithm that “mines” BitCoin is fixed and only allows for slow BitCoin “currency” growth, an increase in demand can cause the value to jump. Likewise, if the investors head for the doors, you could lose everything. 

Another factor driving the BitCoin stampede is Wall Street’s introduction of derivative contracts built on BitCoin. To put this in perspective, think of the housing market meltdown in 2008. Rather than a piece of real estate, the underlying asset in this case is a cyber-currency that could disappear overnight. If you can believe it, it will be vastly more risky. 

My advice for the typical investor is to stay clear of BitCoin unless you are prepared to lose all of the real dollars used to purchase them.

Click here for more information on BitCoins

0 Comments
Continue reading

Kaspersky Labs - Back Door for the Russians?

In early summer the federal government issued a directive to have any government agency using Kaspersky Labs anti-virus software to remove it immediately from their computers. Why? The government’s cyber security team linked attempted breaches to cyber criminals using access built into Kaspersky Labs AV software in attacks on government systems. The Wall Street Journal headlined that “Russia has Turned Kaspersky Software into Tool for Spying”.  The software routinely scans computers for malicious files, but can also be used to look for data files that might be valuable to cyber criminals or foreign governments. Apparently, the federal government’s cyber defense team has documented cases where the Kaspersky software was used as a tool for taking federal government documents. 

Kaspersky Labs denies the allegation, saying that it has no ties to either Russian crime syndicates or the Russian government. The US government thinks otherwise. What should you do if you're using Kaspersky Labs AV software? We recommend replacing Kaspersky Labs with another AV software package. Why take the risk? DeckerWright Corporation uses Webroot with all of its clients and recommends this software, but most of the AV programs on the market do the job.

Click here for more details.

0 Comments
Continue reading

Cell Phones Thefts for Two-Factor Authentication (2FA)

There is a growing problem with cyber criminals stealing cell phones to access a victim’s two-part authentication in order to access financial accounts. Unlike the typical theft of a cell phone, the cyber criminals in this case transfer the victim’s phone number to a phone in their possession. They do this by compromising the victim’s email and then instructing the cell phone carrier to transfer the phone number to another device through the cell phone carrier’s web site. The victims find out about the change when they are unable to send or receive calls and messages on their phones. Getting this fixed with the cell phone company is time-consuming and painful. In the meantime, the bad guys have full access to the victim’s email account to reset passwords and the cell phone to get the 2FA code. By the time the victim realizes what is going on, their accounts are cleaned out. 

This problem first surfaced for people with BitCoin accounts. Cyber criminals are able to search social web sites looking for any reference to BitCoins. Once a target is found, they use dark web databases to identify the victim’s email addresses and possible passwords. Once the cyber criminals gain access to the email account they have access to the user’s cell phone listed in case of a problem. With the cell phone number, the cyber criminals are able to find out the cell phone carrier. The last piece of the puzzle is identifying possible BitCoin wallet locations, like CoinBase, to target. Once they confirm that they have found the right “wallet”, they move to the last step: transferring the phone number. With the email address and control of the cell phone, the criminals now have access to the victim’s accounts. When the criminals transfer BitCoins to their account, the transaction is not traceable and it is not reversible. Forbes magazine interviewed several victims who lost thousands of dollars from this exploit. 

In order to protect yourself, use complex passwords. If you discover your cell phone number has been transferred, reach out to your bank and BitCoin “wallet” companies to try and freeze the accounts. Insulate your BitCoin accounts by linking them to bank accounts or credit cards with low balances. Make sure the information your cell phone company has is current, and that you get notified of any changes. Use a back-up email account for account validation to reduce the likelihood of your email getting hacked.

Click here for more details.

0 Comments
Continue reading

When 1 GIG of Bandwidth Isn't Enough

Verizon recently announced the availability of 1 GIG internet connections in selected markets. Google also provides 1 GIG service in several metropolitan centers across the US, so 1 GIG internet is not far off even if you don’t have it now. What difference does it make? 

If you download thousands of movies or songs, it will take less time on a 1 GIG connection. What it won’t do is make your Netflix or Spotify streaming any better. Going to 1 GIG connections for most businesses will provide the opportunity to do more, faster. However, there are limits to the positive business impacts of these new higher bandwidths. A second characteristic of every internet connection is latency. Latency is measured as the time it takes for one packet of information to go to a web location and return. The amount of bandwidth doesn’t have any impact on latency since latency is dependent on the distance to and from the web location and all of the technology in between. Latency is measured in milliseconds (1000 ms equals 1 second). On a local area network, the typical latency between your computer any anything else is 1 ms. Put your server on the internet on the opposite coast, and the latency ranges between 40 to 90 ms depending on the service provider and location. 

What difference does latency make? Different types of applications are designed to expect different latency. A database package like QuickBooks is designed to run with latency below 3 ms, so you couldn’t put your Quickbooks database on a server on the other coast and expect it to work. Web sites are engineered to support high latency and won’t care about 70 ms connections. Software applications need to be carefully architected to match the network they are going to be running on. 

Latency doesn’t have much impact on steaming services like Netflix or Spotify. Once the first packet arrives, the rest are right behind. The internet service most susceptible to high latency is Voice Over IP (VOIP) phones. When latency gets over 200 ms, VOIP call quality suffers. High latency is one reason help desk calls to India are so bad. 

So go ahead and order the new 1 GIG service when it is available in your area. Just remember that bandwidth is only one factor in making your applications work.

Click here for more details.

0 Comments
Continue reading

Coming this Fall: A (more) Streamlined Service Delivery Process

 For the last several months, we've been hard at work revamping our service delivery and ticketing process to better serve you. What we're hoping to achieve is a smoother flow of tickets from open to close as well as a higher level of communication with clients on ticket progress. Clients will be receiving more automated communications when ticket statuses change. The system is interactive, so the client may respond with questions or additional information.

The system is designed to prevent tickets from getting stuck. In cases where we are dependent on third party information or action to complete a ticket, a client may be notified that the ticket is "pending closure", as we have not yet received the required information. These regular and scheduled follow-ups will help push issues through to positive conclusions for our client.

The process begins with the creation of a ticket. It's here that we would like to emphasize how important it is to send service requests through the "front door" versus contacting engineers directly. Requests sent directly to engineers, whether by email or phone call, might go unaddressed for hours if not days depending on the engineer's busyness and schedule. Service requests sent to help@deckerwright.com or made by calling the Help Desk will be responded to more quickly than service requests sent directly to engineers. Clients should expect to get reminders when they don't follow the right process for opening tickets.

Another add on to this process is more real-time client satisfaction scoring. The survey is simple: select either a happy face, a neutral face or a sad face to express your satisfaction with the service provided. Adding a quick comment is optional. The results are recapped and shared with our technical services and sales teams. 

0 Comments
Continue reading

PREPARING SYSTEMS FOR HURRICANE SEASON

Having a business at the Jersey Shore during hurricane season you become addicted to the weather channel. Where is the latest hurricane, and is it going to impact us? After making it through Super Storm Sandy, here are some pointers to relieve your stress about the inevitable storm: 

  1. If you are in a flood prone area, make sure you have a plan for getting your computer equipment to higher ground.
  2. Keep equipment in inner rooms away from windows. 
  3. Make sure your backups are functioning and that there is a cloud copy of your data.
  4. Have a paper copy of key business information, bank accounts, key clients, employees and vendors with you.  This should be part of your Business Continuity Plan.
  5. If a storm impact is imminent, gracefully shutdown all of your computing resources.
  6. Distribute your systems and have some systems cloud based. Data redundancy between local and cloud systems will provide for business continuity in the event you lose power for an extended period.
  7. Establish a cell phone account with a data plan that allows you to use your phone as a mobile hot-spot. 
  8. Have a location with backup power available. Use your phone as a hot spot to get Internet connectivity.
  9. Have spare batteries and fuel for at least three days to keep your phones and computers charged. 
  10. Establish communications protocols with your staff on how to communicate in the storm’s aftermath.  
  11. Maintain access to your data remotely. If not used daily, test periodically to make sure the remote access to your data works. 
If you follow these steps and are able to get at least some of your key data cloud hosted, your business should be able to weather the storm with no problem.

Click here for FEMA's recommendations for small businesses

0 Comments
Continue reading

EQUIFAX AND YOU: WHAT WE KNOW

Equifax recently announced a breach that compromised the records of up to 143 million clients. The data gathered by the criminals includes names, social security numbers, addresses and birthdates. For anyone who has had their identity stolen, you find out quickly that with this information, a criminal can open a line of credit in your name and start drawing on it. 

How did it happen? Criminal attacks, or “exploits”, fall into two broad categories: those that are custom-targeted at a specific client and those that are designed for a broad market. The Equifax attack was a custom attack directed at Equifax. The attack took advantage of a web server vulnerability that the criminals discovered during their probing process. Anyone who has an internet connection is constantly being probed by criminals looking for a vulnerability they can exploit. With Equifax, the criminals could easily identify Equifax web sites and the underlying web server technology. With that knowledge, the criminals were able consult dark net web resources to customize the attack by looking for a specific weaknesses. Once inside the web server, the criminals were able to piggyback on connections to the Equifax database filled with consumer information. By hiding their activity in the millions of daily transactions, the criminals were able to mask their activity for months. Equifax began to look for a breach when the possibility of a breach was brought to their attention by a third party. 

How can Equifax figure out what happened? By searching through billions of log file entries. The task is painstaking and time-consuming. Equifax retained the leader in breach forensics, Fire Eye, to conduct the investigation. Finding the “Day Zero” event is like finding a needle in a hay stack, but not knowing which hay stack of 100’s to start looking in. After reviewing the log files, experts can find a trail of log entries that would lead them to the “Day Zero” event and give them a rough idea of what happened. Unless the log files are carefully taken care of, the criminals have the ability to modify them, in effect completely masking their activities. 

What can you do to protect yourself? Unfortunately, if you use credit, do online banking, or have credit cards, you are at the mercy of the financial and credit reporting companies to safe guard your data. Sign up with a credit reporting agency that can monitor activity on your account and put stops on the issuance of new credit. Yes, Equifax was one of the big three credit reporting companies, but unfortunately the credit reporting companies are the main gate keepers for credit reports. Ironically, the breach of a credit reporting company makes having an account with a credit reporting company more of a necessity.

Click here for more information on how to protect yourself.

0 Comments
Continue reading

NEW CYBER SECURITY SERVICE

DeckerWright is pleased to announce the launch of a new service offering, Cyber Security as a Service (CSaaS). The service is designed to meet regulator and/or contractual requirements for IT. With cyber security service, key security services are provided that are normally lacking at small and medium sized businesses. These services include network and server log file retention for six months, cyber security meetings, public IP address penetration testing, end user phishing attack testing, and end user training. This service offering supplements a client’s defenses to provide the critical pieces of the security puzzle that are needed to be compliant. Additional cyber security consulting services include Security Risk Assessments, baseline security document development including Business Continuity Plans, Document Retention Plans, Document Destruction Plans, Employee Acceptable Use policy, and other documents as required by contract. Contact us for more details!

Click here for more information

0 Comments
Continue reading

All Clouds Are Not The Same

We have been actively moving clients into cloud environments over the past few years. The cloud environments we use include Green Cloud Technologies, Tetherview, Amazon Web Services (AWS), and Microsoft Azure. Each cloud technology addresses a different client need.

Green Cloud’s cloud infrastructure looks and works a lot like an enterprise IT infrastructure. It provides the easiest path to a cloud infrastructure by allowing you to move things from an existing premise-based Windows environment to a cloud-based Windows environment. The relatively simple pricing model charges for computing resources and bandwidth used. 

Tetherview provides a cloud infrastructure for companies looking to replace their existing networks or gain control of distributed employees and cloud resources on one desktop. The Tetherview pricing model is the easiest to understand: you pay per virtual desktop and for the amount of storage used collectively. 

Microsoft and AWS provide the most flexible and scalable cloud technologies. Both support Windows and Linux virtual machines. The pricing model used by both services meters resource and bandwidth usage by the minute or by the byte. While the per minute or byte fees seem small, they can quickly add up to large bills. The Microsoft Azure cloud works seamlessly with Office 365, making it a good choice for companies looking to expand capacity with high integration to Office 365. Amazon provides the most scalable and buildable architecture. With Amazon, you can select a datacenter and choose where in the datacenter to put your machines. The systems may be set up with automated failover to other datacenters and could even be configured to allow auto scaling to add CPUs, memory, or disk space with no human involvement.  Again, with the per minute and per byte pricing model, setting up redundancy requires moving large blocks of billable-per-byte data, creating a gold mine of revenue for Amazon. 

Regardless of your cloud needs, DeckerWright Corporation has the experience and skills to help your business soar in the clouds!

Click here for more information.

0 Comments
Continue reading

Latest Blog

In November 2017, Microsoft introduced a new cloud product: Microsoft 365. As if the current branding of Microsoft’s cloud 365 offerings weren’t confusing enough, along comes Microsoft 365. What sets Microsoft 365 apart from the other 365 cloud offers is the bundle...

Account Login