midlands

How a Spring Storm might Shut Down my IT Systems…

Seras IT is a managed service provider serving the greater Midlands area of Columbia, S.C.  We routinely install, manage, and monitor computer systems and networks from Orangeburg to Irmo and Lexington to Forest Acres.  Going into the summer months, this area of the Midlands experiences sudden thunderstorms on a weekly basis, because of this we normally see an increase this time of year with power failure in electronic devices. 

What should I look for that might indicate a power surge or loss concern?

  • Any power-on or system startup failures or lockups

  • Blank screen and complete loss of power

  • “File Corrupt” errors from any of your applications

  • Unplanned rebooting or intermittent lockups occur during normal operation

  • Sudden loss of ethernet internet service, but wireless still works

  • Errors in the integrity of the digital data in the computer or other memory-type

  • Internal or external hard drive malfunction

  • Unusual levels of heat due to fan malfunction

Obvious symptoms that will lead you to suspect you have a faulty power supply are your computer is simply dead, you are seeing smoke at the outlet or computer location, or you are hearing popping noises when the PC is turned on.  Thunderstorms can also be responsible for downed power lines leading to external power surges; before the power goes out, voltage along power lines often fluctuates wildly, causing dangerous power surges.

The sudden storms rolling through this time of year also come with the inevitable lightning strikes which can wreak havoc on your electronic devices via creating extreme power surges.  According to the National Lightning Safety Institute, 1 out of every 200 homes will be hit with an extreme power surge this year. NLSI - CLICK HERE

Protection is cheap, easy, and secure!

To help combat this threat we suggest layering surge protectors at your home or office. The first layer in this protection plan would be to call your local electrician and have them install a whole-home surge protector directly at the main fuse box to the home or office. Having accomplished this you can move on to the second layer of surge protection that is more DIY friendly and comes in the form of the surge protectors you can buy at any electronic store. We call these point-of-use surge protectors, and they are designed to protect one or more appliances by acting as a buffer between your electrical outlet and the electronic device it is sending power to. In addition, these protectors will also aid against internal power surges caused by your larger home and office appliances. When these appliances switch off, all the electricity it had been receiving suddenly has no where to go. This results in a brief increase in voltage throughout the home’s wiring, and anything hooked up to your home’s electrical system can be damaged by this surge. Many of our business customers include a battery backup in their power grid to reduce the potential for corruption within a server or other critical devices during sudden loss of power.

Regardless of what your technology environment includes, our technicians are always ready to design a strategy, implement a plan, and manage your critical network devices. Contact Us today for more information!

U.S. Warns that Cyber Attacks may be Imminent: What can you do to Protect your Business?

Seras is committed to ensuring that our customers are protected and ready to handle any cyber-related threat that comes their way.  We help businesses all over Columbia, Lexington, and Irmo install and configure their computer networks, but we also work hard to keep them efficient and protected in the future using a variety of tools and scheduled activities that ensure their success. 

With the current turmoil ensuing in Eastern Europe regarding the Russian invasion of Ukraine, there has been a shift in focus in the technology industry towards securing all weak points to prevent Russian interference of U.S. public and private communications networks.  The White House alongside the F.B.I. and CISA (the cybersecurity and infrastructure security agency), have therefore issued several warning notices for American business owners to be mindful of while they fortify their networks against potential Russian state-sponsored black hat cyber actors.

The FBI and CISA recommend organizations remain cognizant of the threat of state-sponsored cyber actors exploiting default MFA protocols and exfiltrating sensitive information. Organizations should:

• Enforce MFA for all users, without exception. Before implementing, organizations should review configuration policies to protect against “fail open” and re-enrollment scenarios.
• Implement time-out and lock-out features in response to repeated failed login attempts.
• Ensure inactive accounts are disabled uniformly across the Active Directory, MFA systems etc.
• Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. Prioritize patching known exploited vulnerabilities, especially critical and high vulnerabilities that allow for remote code execution or denial-of-service on internet-facing equipment.
• Require all accounts with password logins (e.g., service account, admin accounts, and domain admin accounts) to have strong, unique passwords. Passwords should not be reused across multiple accounts or stored on the system where an adversary may have access.
• Continuously monitor network logs for suspicious activity and unauthorized or unusual login attempts.
• Implement security alerting policies for all changes to security-enabled accounts/groups, and alert on suspicious process creation events (ntdsutil, rar, regedit, etc.).
— https://www.cisa.gov/uscert/ncas/alerts/aa22-074a

CISA goes on later in the article to include a list of best practices and recommendations for business owners to implement to further reduce the risk of malicious cyber attacks.

Security Best Practices

• Deploy Local Administrator Password Solution (LAPS), enforce Server Message Block (SMB) Signing, restrict Administrative privileges (local admin users, groups, etc.), and review sensitive materials on domain controller’s SYSVOL share.
• Enable increased logging policies, enforce PowerShell logging, and ensure antivirus/endpoint detection and response (EDR) are deployed to all endpoints and enabled.
• Routinely verify no unauthorized system modifications, such as additional accounts and Secure Shell (SSH) keys, have occurred to help detect a compromise. To detect these modifications, administrators can use file integrity monitoring software that alerts an administrator or blocks unauthorized changes on the system.

Network Best Practices

• Monitor remote access/ RDP logs and disable unused remote access/RDP ports.
• Deny atypical inbound activity from known anonymization services, to include commercial VPN services and The Onion Router (TOR).
• Implement listing policies for applications and remote access that only allow systems to execute known and permitted programs under an established security policy.
• Regularly audit administrative user accounts and configure access control under the concept of least privilege.
• Regularly audit logs to ensure new accounts are legitimate users.
• Scan networks for open and listening ports and mediate those that are unnecessary.
• Maintain historical network activity logs for at least 180 days, in case of a suspected compromise.
• Identify and create offline backups for critical assets.
• Implement network segmentation.
• Automatically update anti-virus and anti-malware solutions and conduct regular virus and malware scans.

Remote Work Environment Best Practices

With an increase in remote work environments and the use of VPN services, the FBI and CISA encourage organizations to implement the following best practices to improve network security:
• Regularly update VPNs, network infrastructure devices, and devices used for remote work environments with the latest software patches and security configurations.
• When possible, implement multi-factor authentication on all VPN connections. Physical security tokens are the most secure form of MFA, followed by authenticator applications. When MFA is unavailable, require employees engaging in remote work to use strong passwords.
• Monitor network traffic for unapproved and unexpected protocols.
• Reduce potential attack surfaces by discontinuing unused VPN servers that may be used as a point of entry for attackers.

User Awareness Best Practices

Cyber actors frequently use unsophisticated methods to gain initial access, which can often be mitigated by stronger employee awareness of indicators of malicious activity. The FBI and CISA recommend the following best practices to improve employee operations security when conducting business:
• Provide end-user awareness and training. To help prevent targeted social engineering and spearphishing scams, ensure that employees and stakeholders are aware of potential cyber threats and delivery methods. Also, provide users with training on information security principles and techniques.
• Inform employees of the risks associated with posting detailed career information to social or professional networking sites.
• Ensure that employees are aware of what to do and whom to contact when they see suspicious activity or suspect a cyberattack, to help quickly and efficiently identify threats and employ mitigation strategies.
— https://www.cisa.gov/uscert/ncas/alerts/aa22-074a

These items are quite complex and can be overwhelming to most businesses. Seras is here to help navigate these suggestions and figure out how to incorporate them into your IT infrastructure. Our team of knowledgeable, friendly technicians works hard to make changes as painless as possible and work in alignment with your goals for success. To request more information or a free assessment, email us at ithelpdesk@serasIT.com or click here.