You hear about the importance of patching your systems on a regular basis. Occasionally, you hear about people who got a virus because they didn’t patch theirs. What you don’t hear about very often are strong, concerted efforts at hacking into massive amounts of systems… even less often, that it actually worked, and it was Google that fell prey.

“Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks,” Reavey wrote.

You may be asking yourself why a Google employee would be using anything other than Google Chrome as their browser. Smart web companies utilize many different browsers to ensure that their website will display properly to the many different visitors and their different browers.

Many names: Aurora, Google Attack, IE Vulnerability

There are many security vulnerabilities in Internet Explorer. You may have heard of this one referred to as ‘Aurora’, ‘Google Attacks’ and/or the ‘Microsoft IE Vulnerability (MS Advisory 979352)’.

Hydraq is a malware trojan designed to take advantage of this unpatched vulnerability in Internet Explorer. Its purpose is to attack large enterprises and acquire large amounts of intellectual property. According to Symantec’s Security Response website , this trojan opens a back door that allows a remote attacker to perform actions on a compromised computer. Here is a small list of what it can do:

• Adjust token privileges.
• Check status of, control, and end processes and services.
• Download a remote file, save it as %Temp%\mdm.exe, and then execute it.
• Create, modify, and delete registry subkeys.
• Read, write, execute, copy, change attributes, and delete files.
• Shut down and restart the computer.
• Clear all system event logs.

This trojan is different in that you be infected by just visiting a website. It can be a standard looking website – maybe even a blog like this one. Symantec Security Response has already found dozens of websites that include the attack code, and more are surely going to be coming online.

Security firm Websense has published an article with some of the instant messages and email messages that have been making their way around the Internet.

The China Connection

According to a  New York Times article, evidence has been found that Chinese hackers may have had a hand in the exploit code.

“If you look at the code in a debugger you see patterns that jump out at you,” he said. In this case he discovered software code that represented an unusual algorithm, or formula, intended for error-checking transmitted data.

The error-checking code mentioned above has only been published exclusively on Chinese-language websites.

Protect your South Florida Small Business Computer Network

Our advice:  Keep your Windows Operating System, Antivirus and Antispyware programs updated regularly. Don’t open email attachments that seem suspicious. If,  when visiting a website, you receive a pop up message from an anti-virus application that you’ve never heard of and didn’t install yourself, ignore it. It’s probably a virus waiting to happen.

DO THIS NOW: Use Internet Explorer to visit Microsoft Windows Update and apply all critical patches. Even if you are a Firefox or Chrome user, you use Internet Explorer.

If you run a small business with 10 to 150 employees that is based in South Florida (Ft. Lauderdale, Boca Raton, West Palm Beach to Ft. Pierce)  and you are not sure whether or not you are getting these updates, or you are questioning if you have a Antivirus/Antispyware solution, give us a call or drop us a line.  We’re ready to assist you in keeping your business computer network safe and have many plans available.

More information: Microsoft Security Advisory Bulletin MS10-002.

[Update: 1/28/2010] Very good site with current zero-day vulnerabilities and how long they have been in the wild and not patched.

Computer Network Support and Managed Services Pro

I was delighted this morning to open up the online edition of ChannelPro Magazine and find that DedicatedIT was featured in the “Pricing Managed Services Like the Pros” article.

Not only is it nice to see your name in print, but it’s very flattering to be called a “Managed Services Pro” by a well-respected magazine like ChannelPro.

I guess that taking a leap of faith and deciding to perform only Managed Services (and not hourly, break-fix work) for our clientele is beginning to pay off. It has allowed us to focus and become  “pros” at what we do.

Was DedicatedIT the only Computer Network Support Company that Had Difficulty Pricing Services?

No. The article says that DedicatedIT was not alone in not really knowing how to price our services. What we were doing was so new, there really weren’t any playbooks or other companies from which to to copy.

Here is an excerpt from the article:

Most newcomers to managed services struggle with price-setting. Adam Steinhoff found it easy. “It was probably a little too easy,” chuckles Steinhoff who is president and CEO of DedicatedIT, a managed services provider in West Palm Beach, Fla. He just arbitrarily chose figures that sounded low enough to attract customers but high enough to earn a profit.

Read the full article on pricing computer network support for managed services providers.

I am told by our clients that our response times, our ‘fix it the first time’ mentality and our staff’’s warm personalities are what keep them doing business with us.

However, I know that our monitoring system has something to do with it, as well. You see, we have a monitoring system that watches our clients’ computer systems 24 hours a day, 365 days a year. It alerts our team to services that need to be restarted, settings that need to be tuned, configurations that aren’t optimal and even software that is outdated. It’s this ability to be proactive and catch and correct small issues before they become big ones that gives a managed services provider like DedicatedIT the upper hand.

Every Managed Services Provider has a Computer Network Monitoring System now-a-days, Right?

Yep, but they don’t make the MASSIVE investment, of nearly $50,000, that DedicatedIT spent on our first one. Because the bar has been set low enough to allow nearly anyone with a credit card to become a managed services provider, how the data, that these monitoring systems create, is used is the most important distinguishing factor now.

South Florida Medical Office asks us to hit ‘Snooze’

Most of our clients sign up for one of our unlimited computer network service plans, but a few decide to keep their monthly costs low and go with a bare-essentials, preventative maintenance and monitoring only plan. The primary difference between the two is that, with the unlimited plans, we just fix stuff without asking you. With our lower-cost plan, we let you know that something needs to be fixed and you tell us if/when you want it fixed and then we bill you hourly. You can even decide to fix it yourself if you feel comfortable.

Recently, we received an email from one of our low-cost plan clients:

I am fully aware of the server status and all surrounding issues at this point. I will be in contact with your team, as I previously discussed with Adam, as soon as I have resolved the issues at hand. We can then discuss, Dedicated IT’s future role with the company.

No need to keep sending emails reminding us of the server status needing this type of assistance at this point

At first, I was taken aback from the email. Then, I quickly become very proud of our company. Our process worked!

1. An alert came in to notify us of something not quite right.
2. Our staff took ownership and reviewed the information.
3. Next, they emailed the client to let them know about the issue.
4. Included in the email were the options and our recommendation.
5. Each few days, we followed up with our client to make sure it was top of mind.
6. After weeks, the client got a stern “DANGER, DANGER” email.
7. Finally, obviously fed up with our tenacity, the client emailed us and asked us to stop.

My response to our client?

[Business owner] hired DedicatedIT to ensure that your network is safe. It could be considered negligent if we did not email you to let you know that backups and/or hard drives are failing. As always, it is up to you all how/whether you want the items fixed, but we need to continue to alert you.

I hope that you understand.

Will your South Florida Managed Services Provider Stand up to YOU when it’s the RIGHT thing to do?

Just because a company is able to purchase a monitoring and billing system that let’s them become a managed services provider doesn’t mean that they have the processes, management structure and confidence in place to actually BE a managed services provider.

Make sure that your company is in good hands. It takes more than software and a credit card to be a high-quality, long-lasting business partner who won’t let you shoot yourself in the foot.

Read more about our Managed Services and Computer Network Services plans for your South Florida business with 10 to 150 employees.

On December 22, 2009, a United States court of appeals ruled that Microsoft must stop selling versions of Microsoft Word (including Microsoft Office suites) that contain certain functionality that was ruled to infringe on a United States patent.

Brief History:

When Microsoft released the Office 2007 product line, they updated the code base to utilize XML as a more efficient and open standard (.docx, .pptx, .xlsx, etc).  However, at the same time, they also embedded certain “Custom XML Markups” that seem to have previously been patented by another person or company.  Therefore, they have to remove the patented code.

What this means:

Any and all licenses for Microsoft Office 2007 and Microsoft Word 2007 that are purchased after January 11, 2010 must use updated media or must be patched.

Reparations:

Thankfully, Microsoft has made this easy for us all by providing a simple update that will be located at the Microsoft Download Center and will be available before January 11, 2010.  We can use this to update current media we possess or will possess (media ordered tomorrow has probably been sitting on shelves in a warehouse for months if not longer).  The other alternative will be to download a new image of the programs (ISOs) from your MSDN, Volume Licensing, or Open License sites.

If you need assistance or have further questions, please comment below.

“I LOVE the speed of the system and the new monitor is AWESOME” – Sue Ellen

Lake Worth Law Office Computer Network Upgrade

This past week, one of our clients got their desktop computers upgraded to Windows 7 without charge. This didn’t happen as part of a holiday promotion, or because we were feeling extra generous.

The upgraded performed by DedicatedIT included:

• Upgrading the desktop computers from Windows XP to Windows 7.
• Migrating all personal settings like wallpaper and printers.
• Reinstalling all of their applications (WordPerfect, Time tracking, etc.)
• Training their staff how to get around Windows 7.

What did this South Florida law firm (Lake Worth, specifically) do so right to have a major upgrade like this completed for no charge?

• Step #1: Started doing business with DedicatedIT in 2001.
• Step #2: Signed a  DedicatedIT Complete contract for their Lake Worth computer network support.
• Step #3: Purchased Microsoft Software Assurance as recommended by DedicatedIT.
• Step #4: Let us do our thing.

Result of the Computer Network Upgrade?

The upgrade was delivered on time and with minimal pain to the staff. More importantly, they didn’t spend a dime.

[update 1/4/2010]: Spoke with our client today. The paralegals are happy with the upgrade, but did complain a little about the way that some functions in Word Perfect when used on Windows 7. They did admit that it was likely just a “change” thing and they will get used to it.

Refreshingly simple computer network support for your South Florida business (or law firm) with 10 to 150 employees.