Remote IT Support – How we do it

Remote support is a great tool which we use all of the time in supporting our customers.  It is important though that you know how we do it and that it is safe, since bogus remote support can be used by scammers to rip you off.

Here is how we do it safely:

We only use RealVNC VNCviewer.  We pay an annual subscription and this makes available to us their “instant support” tool.

We call you ask you to visit their website and download a “one-time” application.

You run the apllication, nothing is installed on your device.

The application asks you to suppply a nine digit code – we supply that from our end, via the phone.

You see a privacy warning – we are accessing your machine so please close down anything you don’t wish us to see.

In a moment we have access to your machine.  We can move the cursor around, open applications and files but we can’t change anything – another step is required for that and we will not ask for that unless it is required.

At any time, either side can shut down the session and nothing is left on your device besides the inbitial download which, of course, you can delete but is often pays to keep it for future use.

We will never ask you for passwords or financial details, and you should never divulge them to anyone.

I trust this helps you understand the process of remote support, and how we make it safe for you.

Free IT audits

Not often something is free but worthwhile.  We buck the trend with our free IT audits.  We are able to assess your IT system, generally remotely, and provide you with a free report on its security, integrity, and general suitability for your business.

It really is free, there is no obligation on you to follow our advice, although of course we would welcome that, and if we then do some business together then we will be delighted.

Call us now on 0798452670, or email info@flyingflounder.co.uk to get started

What makes us different?

First of all, we are local – really, not just another firm including your local town in their keywords.  We relish the opportuniy to establish a long term business relationship with you.

Next we are experienced, for more than 20 years, helping businesses and individuals with their IT needs.  During those 20 years we have covered a lot of ground, from databases, programming, server setups, mail servers, business continuity planning, disaster recover planning, fault finding, networking, wireless connectivity, domain management, hardware supply, website design and creation, the list goes on!

Our moral compass:  We are seeking to establish a business relationship.  We’d like you to become a customer who sees us as the “go to guys”.  We aim to do this by acting with integrity and honesty.  We will only recommend solutions and work which benefits you and will not overcharge for them.  We will respond in a timely manner and if we can’t do something we will say so.  We will tell you about our charges first before doing the work.

We don’t aim to be super speedy, rather we will consider things properly and come up with the best solution.

How can we help you?

ESET Secure Authentication

ESET products are all excellent, today I’m giving a shout to ESA – a system which provides two factor authentication (2FA) for a whole number of applications, including windows logins and remote desktops.  From a server console one can administer a network, for example, such that users can only login in with a second factor in addition to their passwords.  The second factor is sent to to the user in a number of possible ways, we use mobile phone push approvals and this works well.

A note on usage, it is easy to disable the 2FA on a device, for example of someone goes on holiday and getting push approvals on their mobile would then be  a pain.  Look in the portal, under components, select the device and change the setting to “disable 2FA”.  Don’t forget to change it back upon the person’s return!

Windows server keeps restarting for no apparent reason?

This can cause all kinds of problems and is sure to ruin your day.  Here are a few of the possible causes:

Windows is not activated.

Did you fire up a trial version and then forget it was a trial?  Maybe 180 days ago?  You either have to get a licence or rearm the server but if you do nothing your server will restart like clockwork every hour, until you do!

Bad Microsoft update.

Is there a good one?  Sorry Microsoft, that’s uncalled for for an outfit that takes such great care in testing its patches!!

Very recently, like yesterday, I had two windows 2012 R2 servers restarting endlessly every ten minutes.  Not conducive to chilling.  turns out dear old Ms screwed up on one of their updates again:

http://www.edugeek.net/forums/windows-server-2012/226016-server-2012-r2-standard-randomly-restarting.html

In case that page ever goes, it was KB5009624.

The above article tells you how to fix this, basically take away the offending update.  There is a patch seemingly but I’m waiting for the next patch Tuesday.  Sigh!

Software incompatibility.

You can get some doozies under this heading and they can be a bear to sort out.  Maybe your antivirus doesn’t like playing with another system on there.  Maybe an app is not designed to run on that server version.  sure you can fix it yourself, but I’d say “better call that bounder the flounder!”

Perhaps you can think of more, but that’s all from this flounder right now.

Secure it with SSL

Obtaining and applying secure certificates for your website or server can be a bit of a faff.  There are  alot of choices as to the type of certificate to go for and how it is then applied is then a bit of a mine field.  I have found the help provided by some of the larger providers to be a bit lacking, so if you are struggling with your new cert then why not contact us and we will take the strain for you!

Email encryption – a few common fallacies

The dawn of GDPR is upon us.  All email now need to be encrypted right?

Depends!

There are common misconceptions surrounding emails and encryption and security in general.  First of all, let us consider the way things were a few years ago.  All emails sent in plain text –  a bit like a postcard – the postman could enjoy reading it and nobody is any the wiser.  Also in those days usernames and passwords sent in plain text – same problem.  Now the World is a much less trusting place and these approaches no longer cut the mustard.  So what should you do?

Encrypted channel

This is a bit like sending your good old fashioned postcard but this time inside a tinbox with a seal on it.  The postman will have to look elsewhere for his thrills.  The postcard is still in plain text but a man-in-the-midde is unable to intercept it.

Encrypted email

This time the email contents are treated to a cipher which renders them unreadable and makes them unintelligible to the recipient without the password you choose.  This is akin to the prying postman being able to look at your postcard but it is written in Martian and he only speaks English.  Added to which he doesn’t know it is in Martian!

Encrypted channel & email

Of course you can do both, which is the most secure option of all.

Practicality

Come the glorious day of the 25th May it will not, even then, be practical to send all of your emails in a totally encrypted way.  I would certainly recommend it for sensitive data though and we can supply software to help with this.  This same software can be used to encrypt files and folders on your PCs, laptops and servers too.

I would always recommend that you use an encrypted channel for your emails wherever possible.  Make sure TLS/SSL is turned on, and encrypt your passwords.

 

Help with GDPR

Ok, I have weakened!  I resisted the temptation to harp on about GDPR for a long time.  Now in the week of the enactment of the UK law I find myself writing about it.  Why?

Frankly I have been quite nauseated by the feeding frenzy exibited by IT distributors and consultants generally relating to this new data protection law.  The scent of blood in the water is just too much for many it seems and the idea that they can swoop in and make mega bucks from a poor frightened client is just too much for them!

Let me say right now we are not after your blood, nor more than a reasonable amount of your money.  We are in a position to help you with your GDPR compliance with respect to the IT matters it touches upon.  We can help you secure your emails and your PCs and servers.  Encryption is not mandated by GDPR but it will never be a bad thing to be able to say in your defence that it had been implemented should a data breach ever occur.

Solutions, not snake oil.

Please drop me a line with your requirements outlined.

WiFi in the potting shed

Or the polytunnel, tool store, wood cabin, holiday cottage, barn, studio, ty bach, or whatever.

Here is the scenario; you have decent internet in the house but you find that the wirless hub that came with it just doesn’t reach itself through the 2 feet of granite, tin sheets, cob walls or straw bales.

Who you gonna call?  Well us of course!

We have providing local homes and businesses with wireless bridges for some years now and we have learned the ins and outs, plusses and minuses and common pitfalls, so you don’t have to.

We can set you up with such a bridge between your house/office and external building.  It is not, now, uber expensive and we always take a care for the finshed installation, including essential kit such as lightning protectors, so you’ll be safe as well as connected.

Please contat us for details.

Conficker is dead. Or is it?

Cast your minds back to 2009.  A nasty new internet worm is abroad and rampant.  These were the days of Conficker.

A lot has been written about this threat in the past.  The impact in 2009 was huge, with over 10 million infections and some of the compromised networks included the UK Houses of Parliament, and the UK MoD.  Embarrassing!  The worm was effective because it embodied multiple attack vectors simultaneously.  It famously exploited a weakness in Microsoft’s Netbios and took advantage of weak passwords.

So why mention this now?  Well, just last week a customer had their internet connection shut off because the ISP detected the tell-tale signs of Conficker – DNS requests for Conficker sinkholes coming from the customer’s router.  This cost the customer a lot in hours of support while we painstakingly scanned their network, strengthened passwords.  After a lot of searchng we found the culprit machines to be tills runnng Windows XP, with no Windows updates, hence prone to infection.  There is a moral here: expect the unexpected.  The pcs and laptops of the firm were reaonably up-to-date with Windows 10, AV protection, and updates.  No one thought the tills were a vector!

Thankfully I had been urging this customer to sign up to our AVG Managed Workplace service. This protects the customer by monitorng the devices on a network and making sure they get approved Windows patches and antivirus protection.  They had held off because of the (I would say reasonable) monthly cost.  Now they know how reasonable the monthly cost is versus the unexpected one of a virus outbreak, so they are going ahead with the AVG.  A lesson learned!

What steps can you take to protect yourself?

  • Make sure you have Windows Update working properly
  • Make sure you have effective antivirus
  • Consider the configuration of your firewall – you can use this to protect yourself and log any “dubious” traffic.
  • Be careful with Windows settings, such as “Autoplay”.  Allowing alien usb memory sticks onto your network can exploit weaknesses here and should be a no-no.

Alternatively, make life simple for yourself and engage a local friendly IT firm who can automate much of this for a small monthly fee.  We would be glad to do it for you and the cost is around £3 per machine, per month.  Not much for a whole lot of peace of mind.