Latest Tech Archives - Page 5 of 7

The latest in the ever-evolving world of technology

Windows 365 – Windows 11 Comes to your Browser!!

July 15, 2021/in Cloud, Hardware, IT Security, Latest Tech, Microsoft, Security, Windows /by Harriet Besford

Microsoft has just announced a new “Cloud PC” product where users can stream windows devices from anywhere!

When COVID-19 hit, many people in offices were forced to start working from home. Because of this, Microsoft sped up into the development of Windows 365 so people, wherever and whenever, can work more collaboratively.

Windows 365 will work similarly to what we know as game streaming. The computer will be hosted in a data centre, somewhere remotely, and then streamed to local technology.

This means all sorts of devices from anywhere, ranging from family computers in your home to monitors in the office, that runs Windows desktop can leverage Windows 365 and then you can close the session knowing that your data is safe, secure and saved.

Security Is Key

It is way more secure than working on a local PC, as your local PC is most likely full of personal applications, data and untrustworthy applications, which may go against your business practices. Windows 365 then solves multiple problems such as keeping Word documents and important PDFs where they belong, in business cloud storage, and not at risk of exploitation.

Additionally, Windows 365 will have ultra-fast connections to Azure and Office 365 data, which is very useful when it comes to handling data and finding sufficient ways of sharing workload amongst peers.

Microsoft is marketing it as the new way of using a PC, they want to find a way of demonstrating and solving the difficulties of working from home, so as they state, it is a “hybrid Windows for a hybrid world”.

So when do we get to see it, and how does it work?

The software will launch in August for business customers of all sizes however under the technical covers of it all, it is built on Azure Virtual Desktop and managed through Microsoft Endpoint Manager (MEM), Microsoft’s cloud-hosted device and application management solution and for those without MEM, tools are directly integrated into the Cloud PC portal. A MEM licence is therefore not essential.

Windows will also use multi-factor authentication capabilities and admins can apply security policies using MEM if needed. Furthermore, Microsoft has designed a custom “security baseline” meaning a set of policies can be applied to Windows 365 as a simple baseline, however, you can modify this to fit your criteria.

There are even plans in the future for an offline mode, though this will not be included in the initial release. When that happens, they would then be supporting an offline mode where the whole virtualisation environment can run locally and be isolated from your local operating system. When your connection gets restored then that workload will automatically move back up into the cloud. In the complex cybersecurity environment we have seen, businesses need a solution that helps their employees collaborate, share and create while also keeping their data secure.

If you want further information about Windows 365 and how this could change your business practices, then please feel free to reach out and get in contact using the details below

Call 01235 433900 or Email : [email protected]

This article was written by 17 year old Harriet Besford, a Didcot Sixth Form student who joined us at Planet IT for a week’s work experience. Harriet has a keen interest in Cyber Security with plans to study it at University. I think from reading this article, you will agree that she has a strong future in this field!

Windows 11. Huge Steps Forward, But The Death Of Many Devices

June 28, 2021/in Cloud, Hardware, IT Security, Latest Tech, Microsoft, Security, Windows /by James Dell

Microsoft have announced Windows 11!

For now, we can ignore the fact that Microsoft promised that Windows 10 was the last Windows version…. and all the other misleading info around this new version even existing. Windows 11 is here, and it has LOTS of improvements and design changes.

However, this article is not to talk about those. As Windows users, we all know that the move from OS to OS can be hard. Businesses struggle to get the user base, applications and configuration from your current version of Windows to a new one. It can be a mammoth task!

You won’t have a choice to keep Windows 10

That said we know Microsoft will ultimately force your hand. In 2025 Windows 10 will lose support and join XP and 7 in the list of operating systems people continue to use even though they are not supported or safe.

The big change with Windows 11 is that a number of hardware items that were previously supported with Windows 10 will no longer be supported. This is what drove me to write this article. It means many businesses will need to replace a lot of machines. So, I wanted to highlight the devices you may have that are now on a limited life span, a ticking clock as it were, to the end of support.

The official Windows 11 requirements:

Two Process cores of 1Ghz or higher
4GB of RAM
64GB of Storage
TPM 1.2 or higher with Secure Boot Capabilities

What this therefore means, is that Intel’s i3, i5 and i7 processors from the 6th and 7th get are not eligible to update to Windows 11. While on the AMD side all A and Fx Series processors are not supported. Ryzen 1000 and 2000 chips will also not support Windows 11.

Now this is a big change as Microsoft. In the past they have done their best to only remove a small number of devices from support. This was truefor upgrades to Windows 8, 8.1 and 10 all supporting the same devices which could run Windows 7.

What does that mean for my IT estate?

Audit now! You need to understand which devices you have that won’t be supported on Windows 11 and they need to enter a hardware refresh plan in the next 3 years. By 2025, these devices must be replaced.

For many this won’t be an issue. But for some education and small businesses, this is going to be a large finical burden. These changes can also hit companies using custom built PC’s which use hardware which may be from cross generations. There’s a chance these will not support the Windows 11 software.

If you are struggling to understand which devices will and won’t accept Windows 11, there is a tool from Microsoft which will tell you in your device is eligible to run the Windows 11 which you can get here: https://aka.ms/GetPCHealthCheckApp

If you would like to discuss with myself or any of the Technical Architecture team at Planet IT about how you can get ready for Windows 11 you can reach us usin:

LinkedIN: James Dell

Or email [email protected]

NOW it’s time to embrace the fibre roll-out!

June 1, 2021/in connectivity, Latest Tech, Security, Telephony, voip /by James Dell

In the last 12 – 18 months Planet IT has seen a huge rise in the demand for better connectivity, fibre ethernet and faster speeds, motivated by the desire to move to resilient cloud-based solutions and the drive for remote working.

Many organisations pre-COVID, were simply “getting by” with copper variants such as FTTC (fibre to the cabinet) and GEA (generic ethernet access). These were previously adequate for the business requirements of the SME market. However, the epidemic has increased the need for reliable, sizeable, and dedicated managed data circuits.

Accessible to the masses

Historically, ethernet circuits or leased lines (as they are commonly referred to) were deemed cost prohibitive to the masses (unless you were a large corporation). But, they relied heavily on available infrastructure, exchange capacity or location. This is no longer the case. In fact, many rural locations are surprisingly well supported. They are no longer suffering with poor speeds or service restrictions, as a direct consequence of outdated equipment or lack of infrastructure in the exchange.

Now’s the time!

With the upcoming switch off around copper-based services, there has never been a better time to review data connectivity in your area.

Currently the UK is undergoing a major fibre roll out utilising underground fibre optic cables to transmit data far quicker and with fewer reliability issues than copper wires. This has resulted in the cost to deploy such services reducing considerably, making ethernet circuits accessible to all, without a high price tag.

Furthermore, many ISP’s will absorb the first £2,800 of ECC’s (excess construction charges) previously passed on to the end user, as these covered the costs to determine the route required to deliver circuits to site.

Why Ethernet?

It’s simple! Just look at the benefits:

Speed: Synchronous dedicated bandwidth (simply put, you get the same speeds up and down)
99% SLA – Faster engineer response and fix
Security
Flex up & down to help cope with peak times and demand.
Real time bandwidth management and reporting
Exchange and Carrier diversity
Increased efficiency

As an aggregator, Planet IT offer managed ethernet circuits at a price which do not involve a sharp intake of breath, strong coffee, and a seat!

Challenge Accepted

In fact, why not challenge us to beat your price? We are so confident that we will be able to beat your current price, that if we cannot, we’ll buy you lunch!

Best case scenario, you save on your ethernet. Worst case, you eat for free.

Give me a call on 01235 433916 or email [email protected]… I’m up for the challenge. Are you?

Virtual Roundtable Recap: Facing and Overcoming IT Challenges In Education

May 28, 2021/in Cloud, Latest Tech, Microsoft, Remote Working, Security, Telephony, voip /by James Dell

This week, our panel of special guests came together for an educational virtual round table event. Our panellists discussed the challenges they have faced in their education provider and how as IT professionals, they overcame these challenges.

We also opened the floor up to our selected guests so that the panel could try to help them with their challenges.

Our panel included:

David Higgs, Security and Service Experience Centre Lead at Imperial College London

Mike Pearce, ICT Network Manager at St. Cuthbert’s Roman Catholic Academy Trust

Graham Rivers, ICT Network Manager Moulsford Prep School

James Dell, Head of Technical Architecture and Education specialist at Planet IT

Discussion Points included:

The challenges encountered when delivering IT solutions to their organisation
How our guests overcame these challenges and turned them into successes
New trends & technologies critical for educational IT in the next 12 months
The ever increasing threat of cyber attack
BYOD (Bring Your Own Device)
Hiring and building a team on a budget

Did you miss it? Or would you like to watch it again? Well, the good news is that we recorded it and you can check it out here:

Remember, if you you have any questions or challenges that you dafe in your Education IT career, then please reach out to James Dell and he would be more than happy to talk you through the solutions he found to any similar obstacles. Call 01235 433900 or email [email protected]

Internet Explorer is Dead – What you need to do now

May 20, 2021/in Backup, Cloud, IT Security, Latest Tech, Microsoft, Security /by James Dell

Internet explorer is finally coming to the end of its long slow walk to its grave. As of the 15th of June 2022, all devices not running an LTSC or Long Terms Servicing Channel version of Windows 10 or Windows Server will lose the application as part of the 15th of June update.

However, this is much larger than many would initially perceive. Many custom-built or 3rd Party applications use the IE framework to deliver content and allow users to interact with their platforms. The removal of internet explorer, which long advertised and overdue, will affect many businesses adversely.

To make your life a little easier there are actions you can complete now to engage the Microsoft Edge support for many of these legacy programs, and to make life easier, you can follow the steps on page 5 and 6 of this document, from Microsoft that will help you make your business Microsoft Edge ready.

Does It Matter?

For many of you, this won’t be an issue, but remember now is the time to be testing this; if you have any application that opens on IE11 session by default on Windows 10 or Windows Server, you need to ensure it runs in Microsoft Edge before the 15th or move the server/ desktop to the long-term servicing channel if you cannot support the application.

As a side note, it is worth noting that Office 365 and all Microsoft services will not support Internet Explorer from the 17th of August in any form, so while you can use IE on LSTC to support custom applications, you will struggle to use the product for anything outside of these products and Microsoft. Many other vendors are moving fast to drop Internet Explorer from their supported browsers lists.

If you have 3rd party applications which rely on Internet Explorer, now is the time to be reaching out to my team at Planet IT to start looking at how you move away as not only is this issue going to become worse but with no updated Internet Explorer is likely to be a source for vulnerabilities we see when scanning people’s networks.

If you want to talk to one of our team about how we can help you move away from Internet Explorer and associated 3rd party applications. Then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly, you can reach out to me via DM or at [email protected].

Education in Focus: Biggest IT Refresh Year Ever

May 11, 2021/in Backup, Cloud, Education, IT Security, Latest Tech, Microsoft, Security /by James Dell

There comes a point in the academic year where exams ramp up, teachers, lectures and support staff are focused on getting student’s through their end of year exams and keeping the momentum up until the summer break.

Meanwhile in the cool dark of the server room, the IT Support teams across all academic settings are preparing for the calm before the storm.

This year, while we may not be seeing exams like we previously would, the IT Teams in our educational establishments are preparing for their busiest summer refreshes ever. The woes of 2020 are behind us and the shift to classroom learning returning for 2021/22, the push is on to make the infrastructure improvements that were put off during COVID.

Saying all that, budgets are likely to also be tighter than ever. So how can IT teams get the absolute most out of their IT projects?

To help we have put together 5 top tips for smashing your summer projects in 2021

Plan Early

When it comes to any form of IT project the further ahead you are planning the better chance of success you have, so start early!

Engage vendors and technology partners. Test the market and understand your options. If you are looking 6 months ahead of where you need to be, then when do you have to make the choice on the technology or the vendors you are going to use? Be armed with all the information you need so you can overcome the challenges the project throws at you.

Have a contingency plan

As you begin to plan your project, look at the what if’s…

For example, if you are replacing a server infrastructure, what happens if the new servers fail? Or before you have moved the data, if the old servers fail, do you have a backup? Have you tested it?

By implementing a rock-solid contingency plan you are positioning yourselves in such a way that you can overcome whatever challenges come your way.

Choose a partner you can trust

Remember you are not in this alone.

Whatever the chosen project you are undertaking there are partners who will help you achieve the goals of your organisation. However not all partners are equal. Not all partners have the same approach.

Find a partner who has the certifications and accreditations with the vendors you want to work with, i.e Dell Gold Partner or Microsoft Gold Partner with certified engineers. Don’t settle for “the local firm” as 9 times out of 10 they will get out of their depth very quickly. They’ll can end up making the challenges of delivering IT in education much worse.

So, pick a partner you can trust, and you know when you’re up against it, will have your back!

Only choose best of breed technology and don’t settle for last generation.

Lots of companies see education as an opportunity to move stock which the corporate world no longer wants – for example, servers which are now end of sale or software which has been pushed into its last few operational years.

You should never settle for anything other than the best in breed technology for your establishment. If budgets constrain that, reduce the scope of the project or limit the technology used. Don’t settle for old, refurbished or reconditioned equipment just to hit a financial goal. In the long term, you will pay the price when the equipment cannot be serviced and needs replacing before the business has got the full value from the solution.

Maximise gains using operations leasing

When making purchases in education, you have a great opportunity to access low cost or even free finance offerings for all of your large purchases. So, leverage these deals to extend your budget.

Limit the capex spend and get the best solution you can and prevent the project delays of stretching upgrades over 2-3 years which really need to be done today.

Using these top tips, your organisations should be able to avoid the pitfalls of so many education providers in the past and make sure you take step in the right direction when making your upgrade this summer.

Just remember you are not alone. At Planet IT we have a team of specialists who can not only support you with the decision making and selection of new equipment, but can support with the role out, implementations and upgrades to your systems.

If you want to talk to one of our educational team about how we can help you with your summer projects then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

Backup Webinar Recap: The Uncomfortable Truths

May 4, 2021/in Backup, Cloud, Latest Tech, Microsoft, Remote Working, Security /by Michael Davey

This week, we hosted a Live Webinar based all around the Uncomfortable Truths about your Backups.

Our resident Backup guru, Michael Davey was joined by Arcserve expert, Steve Butterfield and between them they covered

✅ Microsoft 365 data protection

✅ Immutable storage & Ransomware Protection

✅ How are you storing your data & the 3-2-1 rule

✅ Scaling your infrastructure with Backup & DR

✅ How to combat storage creep

Did you miss it? Or would you like to watch it again? Well, the good news is that we recorded it and you can check it out here:

Your Questions, Answered.

We received lots of questions throughout the webinar. Unfortunately we weren’t able to answer them all during the live session so we have compiled them all and asked Michael and Steve to answer them again.

Remember, if you you would like to find out more about backup in general or speak about your own backups specifically, get in reach out to your Planet IT account manager, call 01235 433900 or email [email protected]

Would cycled tapes not be immutable being out of the drive most of the time?

Tape and especially WORM tape were the original air-gapped / immutable storage

While out of the drive then tapes are largely immutable outside of extremes involving strong magnets, But you do have to put them in the libraries to use them which brings two issues,

1. They are available to be overwritten while in the library.

2. They require manual intervention to remove/replace.

However, definitely a big improvement over no airgap.

What is the licensing model? Is it based upon per user for 365 and per source TB for onsite storage?

Universal licensing which runs on your own hardware or VM covers all data sources including O365 and so is

licensed per TB of protected data, no limits on retention and can be any mix of Physical machines, Virtual machines and O365

Per user licensing is also available and may be of interest if you are adding it to existing Arcserve licensing.

Per user or per TB licensing is available from our cloud (SAS Offering )subject to a max of 100 users per TB for capacity based licensing )

The reason people do Full backups is because incremental backups all depend on the previous ones , isn’t that a disaster waiting to happen with incremental forever ?

Our Incrementals act and restore like Full backups, they do not depend on any other incremental backup therefore one “Broken” incremental affects neither the incremental before or after it.

What is the most common security breach you see that can also impact backups?

I think Michael answered this but a stat for you from Sophos “The state of Ransomware 2021”

37% of the 5400 respondents surveyed were hit by Ransomware in the last year

Ransomware is still the major threat

A pretty bold statement was made “Completely Ransomware Safe” Can you back this claim with something factual?

Like Unsinkable ships, Completely ransomware safe is conditional on the type of attack i.e. Nothing is completely safe if Physical access is allowed for instance , however we believe that our Ransomware capability is the strongest and most complete in the industry and we are the only backup vendor to offer a Money Back Guarantee.

For 0365 backup only do we need an onsite appliance?

You have choice, You can purchase Arcserve UDP and have it protect O365 in the following ways

An Appliance running on Prem or in hosted Colo
Software running on your own hardware, VM or in your own public or private cloud instance
Software as a service running from our Cloud based from our Datacentre in Manchester or AWS in London ( Other Geo’s are available )

While On-Prem may seem an odd choice to some for a cloud based service, do remember the 3-2-1 rule and the fact that even in the event of an Internet or Azure outage you could still access your data locally. The main thing is it is held elsewhere so we would always caution against any service backing up O365 which is hosted in Azure

What is Conditional Access, and why is it an essential part of your security posture?

April 6, 2021/in data, IT Security, Latest Tech, Security, Software /by James Dell

By now, you should be aware that the modern digital landscape is full of threat actors. That are always looking for any opportunity to find a weakness in a business’s security posture and then leverage this to gain unauthorised access to data for malicious reasons.

To protect against these attacks, we often look at antivirus and anti-ransomware technology and products like MFA or Two-factor authentication. The truth is that MFA is part of much larger protection that can be afforded a system through an approach known as Conditional Access.

How does Conditional Access work?

Conditional Access (CA) is the process of defining entry vectors and criteria; in its most simplistic form, consider CA to be a door that only opens if you are wearing the right clothes, have arrived in the right vehicle, and are holding your ID. In real terms, CA allows a business to define controls around what can be accessed by who, from where and under what circumstances.

I feel that conditional access is an underutilised part of any defence arsenal. This is partly due to a lack of understanding in the IT community about the technology and a misconception about its limitations. These beliefs and options come from a legacy of Software as a Service (SaaS) and on-premises infrastructure being integrated minimally, however with modern SaaS, IaaS, PaaS and on-prem working in a heavily integrated way. Conditional Access allows you to take advantage of the proper protection that can be afforded a system without comprise.

Is it widely used?

All the major SaaS, IaaS and PaaS vendors support conditional access, and an optimum way to deploy the technology is as such.

Limit access to login to Geo Locations that are trusted and used by the business
Allow internal networks or trusted networks to have fast passed authentication
Only allow data access from trusted and complaint enrolled devices
Require MFA in any location that is not inside a trusted network
Remove support for legacy authentication methods
Deploy true Single Sign-on across all platforms and devices
Limit access to the data and services a user needs based on the roles of that user
Only allow devices that have Antivirus and Anti-ransomware installed and up to date
Only enable devices that have the latest operating system updates
Integrate all systems into a single platform, use Conditional Access and MFA to protect the whole network, not just cloud services.

By undertaking this approach, you can reduce the attached surface of your infrastructure and protect data while not limiting your staff’s functionality by placing unwanted security barriers in place.

The diagram below shows how the conditional access approach works.

Conditional Access Explained

Do you think your business could benefit from the technologies of conditional access? Do you want to know more? Then please reach out to a member of the Architecture team at Planet IT via [email protected] or call 01235 433900, and we can talk to you about the options available that work with your more comprehensive technologies.

4 Steps to the Perfect Backup Plan

March 31, 2021/in Education, IT Security, Latest Tech, Security /by Michael Davey

Today is World Backup Day, for many it’s a day to be celebrated, but for just as many, it’s a stark reminder of the dark omen that is an uncertain backup environment or plan.

We all know the basics of backup right? The things we all want to achieve

Retention
Redundancy
Recovery

I could happily go on for far longer than any of you would care to read on each of these topics!

Today however, I want to talk about the practical elements of making sure your backups and overall disaster recovery plan are the best they can be. Starting with some basic questions.

Are you backing up your whole environment?
Are you running your backups daily?
Are your backups retained for the right amount of time?
Do you take backups off-site?
Are your backup sets fully automated?
Are your backup jobs encrypted?
If you have cloud resources (Microsoft 365, Azure, AWS) are these backed up?

In an ideal world, you would want each of the above to be a confident and resounding YES! However, this is not always the case – we often hear the ill-fated “I don’t know”.

So, what can we do to be certain on the above and confidently rest knowing our backups will be there for us should the worst occur?

Step 1 – Check the List

Firstly, I would start by checking your infrastructure or approach your IT Team to get the answers to the above questions. Understand that if the answer to any of them is no, in this first step, it’s less important to know why, just to understand the position you are currently in. Once you’ve established that, let’s move on to step 2.

Step 2 – Check the Kit

Once you have a firm understanding of your overall backup integrity, it’s time to push past the smoke and mirrors and figure out exactly what you are working with. Check your storage, check your software and make sure it isn’t letting you down. There are so many options available in today’s market, but a quick search of your products and the competition should help you understand if you need to make any changes.

Step 3 – Make your Plan

At this point, you’re either happily relishing in confidence… or you’re not.

If you’re not… bear with me, I promise, we’ve just ripped off the worst of the band-aids and from here… the only way is up. When making your plan, it’s important to work out what you need first, what you want second and then figure out the cost implications (if any) your business will need to work towards. Everyone loves a good deal (or better, a free deal!) but sometimes investment is required to ensure you have the right infrastructure for your plan. When making your plan, make sure you are referencing the list from Step 1 and work out the following:

How long do I want to keep my backups?
What is my off-site storage plan?
Do I have Cloud Resources that need to be backed up?
How efficient do I want my backups to be?
How long can I afford to be offline in the event of a disaster?
How much data can I afford to lose in the event of a disaster?

The answers to these questions will help you to understand how much storage you need, whether you need a cloud or second-site storage plan, if you need high performance equipment and your Recovery Point/Time Objectives. Know that even if the plan is loose, it’s more than you had at Step 1 and it will help you enormously when collaborating with your teams, suppliers and peers to achieve the best outcome.

Step 4 – Reach Out

At this point, we’ve gone from scratching our heads, to having a clear understanding of the potential issues, a goal to aim for and a plan to get there. Now it’s time to reach out.

Speak to your team and your suppliers and get them on board with your plan. From this point forward, you’re taking control of your backup & disaster recovery plan. You’ve worked out what you want to achieve and you’re making it happen. That, or you were happy from Step 1 – either way, grab a coffee and your favourite lockdown biscuit, you’ve earned it!

Remember, if you ever have any questions, just ask. I, or one of the team here at Planet IT, are always happy to be used as a sounding board and can offer our expertise for your specific situation.

Feel free to reach out to me via LinkedIn or email me at [email protected].

HAFNIUM and Exchange Vulnerabilities – What To Do Now…

March 26, 2021/in Education, IT Security, Latest Tech, Security /by James Dell

There has been lots of noise in the press and on social media about the HAFNIUM threat actors and the current vulnerability that has been detected in all current versions of Exchange on premise.

If you haven’t read up on the attack and the risks you can do so here;

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2021-patch-tuesday-fixes-82-flaws-2-zero-days/

https://www.kaspersky.co.uk/blog/exchange-vulnerabilities/22385/

https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/

These articles have been leaving a lot of IT managers and CTO running around looking for solutions. They need a way to quickly patch up the servers and cover over a hole that has been there since at least last November, when as far as the first reported case of an attack using this vulnerability. However, what do you need to be doing next?

We all know that Microsoft issued patches on a non-standard update to Windows or a (out-of-band) update. For those out of the know, this means this Hafnium vulnerability is bad! Microsoft rarely break their patch cycle but when they do as with the SMB vulnerabilities with WannaCry. When they do it means you need to be act fast.

By the time these latest OoB updates where released, Microsoft made it clear that these attacks where already happening, which means for some of you who are readying this article thinking you are safe because you ran the patch, you may not be.

The four most dangerous vulnerabilities already being exploited allow attacks to pull off a three stage attack on compromised systems.

The attack chain is simple;

First, access a compromised Exchange server (one missing the patch) this can even be an Exchange Management point for Office 365, it doesn’t need to be a full running system.
Then they create a Web shell for remote server access
They then use this to harvest data from the network and systems associated with this Exchange server, essential using it like an open front door.

So how do you protect against the Hafnium threat?

This is where you need to be looking at having a product in place as your antivirus/antimalware which uses EDR or XDR technology and has up to date behaviour and exploit prevention and detection.

Watch out for the following detections

Exploit.Win32.CVE-2021-26857.gen
HEUR:Exploit.Win32.CVE-2021-26857.a
HEUR:Trojan.ASP.Webshell.gen
HEUR:Backdoor.ASP.WebShell.gen
UDS:DangerousObject.Multi.Generic

So what should you do next?

As Microsoft has already released an update to fix all these vulnerabilities, we strongly recommend updating Exchange Servers as soon as possible, Microsoft have even gone as far as releasing a quick install roll up which should work for most Exchange servers. For more complex deployments like DAG’s, then Planet IT can support you with this process.

You then need to focus on your defence strategy on detection lateral movements and data exfiltration to the internet. For this we recommend that you pay special attention to outgoing traffic to detect cybercriminal connections.

As always you should ensure that you are backing-up regularly and make sure you can quickly access it in an emergency, if you have questions on this then Michael Davey – [email protected] and his Back Up Services team will be more than happy to help.

Make sure you have an Endpoint Detection and Response product in place. If you don’t reach out to your Planet IT account manager who can provide you with details of what is available and works with your security landscape.

Finally make sure you are using a reliable endpoint security solution such as Kaspersky or Sophos that has included in it Exploit Prevention, Behaviour Detection, a Remediation engine. It would also be beneficial to ensure that your product has a Vulnerability and Patch Management capabilities.

If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect you business, should that be with new technology, strategies or even better back ups you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : [email protected]