What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Morris, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Critical Components Any Professional Disaster Recovery Plan Must Have May 29, 2020
We hear a whole lot about ransomware and cyber criminals these days. Andromeda helps our clients combat most data breaches with multi-tiered security solutions and employee training. But, every business is still vulnerable to incident. That is why a full proof and dependable Disaster Recovery & Business Continuity plan is an essential. Before you hit the world wide web searching for DR solutions and backup plans, take a look at these 5 critical components any professional disaster recovery plan must have.
Your disaster recovery plan should consider appropriate business continuity variables.
Disasters happen; they come in many shapes and sizes. Server crashes, accidental file deletion, physical disasters such as fire or flood and the increasingly common ransomware or malware infection are all scenarios.
You must ask two important questions yourself in regards to business continuity:
- How much time can pass between recovery points, ie: how much data can you afford to lose; this is commonly known in Business Continuity as RPO – Recovery Point Objective
- How much time can pass between the disaster and recovery, ie: how much time can you afford to lose; this is commonly known in Business Continuity as RTO – Recovery Time Objective
Ideally, your RPO and RTO are as low as possible.
A good Disaster Recovery Plan will consider these factors and have various options for restoring files, folders or even whole servers. On top of that, it is important that these options take into account minimalizing data loss and interruption.
Data should be stored both locally and offsite.
Many people have an easy time seeing the value in the offsite backup. Whether that’s tape drives taken offsite daily, external USB drives treated the same, or data sent to the cloud for storage, it carries with it a feeling of great comfort knowing that “if the building burns down” the data is still safe.
What few realize is what we mean when we speak about downtime, for incidents that are not quite as catastrophic as a burning building. In those cases, it can take an unacceptable amount of time to get your hands on that offsite backup or to download an entire server from the cloud.
With a Disaster Recovery Plan option that offers backups both locally and offsite (cloud based), you are able to restore large quantities of files and entire server images quickly. Your onsite device should also have the capability to virtualize as a temporary server in the event your main server crashes.
Find a disaster recovery plan option that provides multiple restore options
When you think about restoring from a disaster, you may believe that so long as you have a version of your data somewhere, you are secure. In reality though, your recovery time objective can be greatly impacted by the different options available to you after a disaster. A disaster recovery plan with multiple options for virtualization, restoration and data access is an absolute must.
You may have heard the term “virtualization” before. Being able to virtualize your server either on a physical device at your location or in the cloud simply means that you have a temporary solution that will keep your business up and running while you resolve whatever issue corrupted your data, server or situation in the first place.
A catastrophic hardware failure can put your business down for hours, sometimes days. Rushing that process up can incur huge costs as well: rush delivery, emergency dispatch etc. In the event of a hardware failure, a virtual copy of your last backup can be spun up. Once completed, you can resume working swiftly. This quick recovery allows you to deal with hardware replacements, scheduling and budgets in an organized fashion.
A top tier solution will provide you with onsite virtualization and an option to virtualize in the cloud. Cloud virtualization is not as quick and can produce some lag time. Nonetheless, in the event your backups are stolen or disaster strikes your building (fire, flood etc.) – the ability to spin up and virtualize data from the cloud means that your business is not at a standstill.
Find out what type of support a vendor provides for disaster recovery plans.
Your company does not want to struggle to get their files restored. You can’t wait hours and hours to restore a file you accidentally deleted. Don’t wait for hours to hear back on the status of a data restore. Your IT partner should understand the solution they are providing and be able to work with you directly. Cut out the intermediary. Ensure your vendor monitors all the warranties, all the software support calls, and all monitoring; ensuring your backups are humming all day every day – as they should be.
Don’t trust just any business continuity or disaster recovery plan solution.
There are literally hundreds of options out there for Disaster Recovery. A quick Google search will give you pages of results. Comparing them is mind numbing, and if we are being honest . . . who takes the time to do all that? Your first step is to find an IT partner that you trust. Check their references. See if they have case studies to show how a disaster recovery functions with the product. Ask for a demonstration of the product. This is serious stuff and you need to trust the hands maintaining and protecting your data.
The post 5 Critical Components Any Professional Disaster Recovery Plan Must Have appeared first on Andromeda Technology Solutions.Stop These 3 Hazardous File Sharing Habits Yesterday! Jan 03, 2020
File sharing is an essential portion of any business. It is the way we get information from one person to another. BUT, it can also be the way hackers gain access to your sensitive information – files or, worst of all, confidential data.
If you’re using Dropbox, OneDrive, Google Drive, or other consumer-grade file sharing and cloud sync applications – or if you depend on file sharing of any kind to run your business (hint . . . you do)- listen up!
Here are 3 habits you should break yourself and your staff of immediately.
Top 3 File Sharing Habits to Break
1) Using Consumer Grade Solutions . . .
Consumer grade solutions are just that . . . consumer grade. You aren’t a ‘consumer’, you’re a business owner with sensitive data to protect. With more and more employees/businesses depending on BYOD (Bring Your Own Device) as well as the ability to access files any time & any place, it is important that your file sharing system is professional grade. Look for enterprise grade security options like SSL Encrypted Transfer, Firewall Protection, Password Protection and Virus Scanning.
2) Emailing Files Without Proper Encryption . . .
You may not care if a hacker gets a hold of your grocery list or photos of the family dog, but when it comes to confidential data such as financial statements, medical records or other sensitive materials, it is safe to say you cannot afford criminals sniffing through your files. For this reason, NEVER send files via email without proper encryption. Business grade email and proper practices can nip this in the butt. You’d be amazed how many files fall into the laps of cyber criminals this way though.
3) Using Flash Drives…
You spend time and hard earned resources to protect your network from outside threats . . . only to destroy everything when you innocently plug in an infected flash drive you picked up innocuously enough at a trade show. Flash drives bypass security systems you have in place and may run automatically without being checked for infection by your antivirus solution. If you must continue using flash drives . . . at a minimum update your antivirus to prohibit autorun and mandate scans to all USB-attached devices when plugged into your PCs.
The post Stop These 3 Hazardous File Sharing Habits Yesterday! appeared first on Andromeda Technology Solutions.Hackers Attacking Exchange Servers In New Warning From Microsoft Jul 03, 2020
Recently, Microsoft's Defender ATP Research Team issued guidance relating to defending against attacks that target Exchange servers.
They are coming under increasing attack based on the latest Microsoft statistics, which show a marked increase in the use of web shells on on-premises Exchange servers.
The company is currently tracking multiple ongoing attacks, some of which are using fileless techniques. That adds an additional layer of complexity when it comes to detecting and preventing attacks.
According to the advisory issued by Microsoft, the recent campaigns:
"...exploit a remote code execution vulnerability affecting the underlying Internet Information Service (ISS) component of a target Exchange server.
...This is an attacker's dream: directly landing on a server and, if the server has misconfigured access levels, gain system privileges...In many cases, after attackers gain access to an Exchange server, what follows is the deployment of web shell into one of the many web-accessible paths on the server."
Web shells are versatile, highly customizable tools hackers deploy on compromised servers to not only gain, but also to maintain their access. They are used to remotely execute arbitrary commands and code, deliver a wide range of malicious payloads and to move laterally within the network to other devices.
Microsoft said that the most recent spate of attacks are specifically targeting vulnerabilities like CVE-2020-0688. If there's a silver lining to be found, it lies in that there are already security patches available that protect against the most commonly used exploits in the recent string of attacks.
Unfortunately, those patches are unevenly applied across the Enterprise landscape, which leaves a significant percentage of corporate Exchange servers vulnerable to attack. Based on the latest company statistics released at the time this piece was written, although the patch has been available for some weeks, 82.5 percent of all Exchange servers were as yet unprotected. If yours is among that number, the fix is easy.