That Time HIPAA Had a Breach

By Christopher Draven, Client Experience at Umbrella Managed Systems

CMS, the division of the HHS which provides “education and complaint-driven enforcement” of HIPAA regulations, announced suspicious activity in one of its systems this month. Unfortunately, information of approximately 75,000 individuals was accessed.

“While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.” – CMS stated in an October 19th, 2018 press release.

An Interesting Case Study

Watching how the government agency responsible for oversight of these types of incidents responds has been interesting. CMS has followed the same steps they advise other organizations use:

  • Take immediate steps to secure the system by deactivating access to the affected system.
  • Launch an internal investigation.
  • Notify the appropriate legal authorities
  • Coordinate efforts to notify, offer protections, and support to impacted individuals

The investigation is ongoing, but CMS confirmed no banking, federal tax information, or PHI was exposed during the breach.

An Unexpected Twist

Two days before the initial breach was announced, the U.S. Department of Health and Human Services (HHS), announced a new Security Risk Assessment tool for use by HIPAA-Covered entities. Boasting new usability features, the project included support from the Office of the National Coordinator for Health IT (ONC) and the Office for Civil Rights (OCR) – Federal agencies involved in HIPAA privacy regulations.

It is unlikely CMS will feel the sting of fines or public corrective action plans (read our Anthem Breach post). However, it is encouraging that CMS reported the breach and ‘walked the walk’ in handling the situation.

How Umbrella Can Help

Properly securing your system is not only wise but also a regulatory concern. The Umbrella ITMS 3.0 program addresses the constant barrage of threats from Ransomware, Phishing, and other attacks on your infrastructure.

At a high-level, our program offers:

  • Drive Encryption
  • Next Generation Firewall Security
  • Security Awareness Training
  • Advanced Email Security and Encryption

Knowing your system vulnerabilities and planning for the worst is how you can recover from a cyber-attack. For more information on how Umbrella can help your business improve system resiliency and put safeguards in place to combat Ransomware and other malicious attacks, please get in touch!

The Beast of Microsoft: Windows 10 Upgrades

By Sam Orlando, Systems Engineer | Team Lead at Umbrella Managed Systems

The Beast of Microsoft: Windows 10 Updates

There was a time when managing Windows updates was simply a matter of configuring Group Policy to change settings on every workstation centrally. Patch management remained behind the scenes – an easily tamed beast – a worry for IT to handle while end users worked without interruption. Systems stayed updated, and all was as it should be…

…until the introduction of Windows 10.

What Changed

The newest of Microsoft’s operating systems have pulled patching out of the hands of IT service providers and leaned more heavily on users to manage their machines. Experts in the industry (Computer World, Windows Central, and RCP Magazine) have cried out to Microsoft to reconsider, to no avail.

In response, technology companies got crafty by snooping through buried registry settings which drive the Windows Update process. The change worked, for a time, then Microsoft released new updates and features to wrest away control once more.

The Impact

There are real issues to the way Microsoft wishes to handle system updates:

  • Persistent user notifications
  • Patching and System Reboots occur while users are trying to work
  • System admins do not control which updates are applied

Windows 10 is the first subscription-based operating system, meaning features and functionality are in a constant state of change. These upgrades are typically dispersed twice a year – sometimes causing a business to come to a crashing halt. Recent updates (1709 and 1803) catch users in failure loops (where the update fails, attempts to revert back and then restart the update, only to fail again and restart the cycle).

System admin groups have been buzzing with ideas on how to get a handle on Windows 10 patching. However, the constant flux of the operating system means most solutions don’t work or are quickly outdated.

A New Normal

In the end, we are confident and eager that Microsoft will provide the right features and fixes that will allow them to meet their Windows 10 model while allowing service providers to keep maintenance work behind the scenes where it belongs.  Umbrella has always believed in a smooth end user experience.

…and to that end, we fight on.

Ransomware

By Christopher Draven, Customer Experience at Umbrella Managed Systems

Ransomware Breach: 40,800 Patient Records at Risk

The news continues to remind us that Ransomware is a real and continuing threat. Earlier this month, an obstetrics and fetal diagnostic lab announced a 40,800 patient breach on June 30th, 2018. When these stories break, our clients often reach out and ask what Umbrella is doing to minimize the risk.

As data and systems security experts, we spend much of our time examining technical vulnerabilities and providing our clients with recommendations. Industry reports and our research shows there are two key factors when measuring the resiliency of your technology stack – Aging Technology and Employee Education.

Systems Aging Out of Support

Older operating systems may feel familiar and comfortable. However, those tools become security nightmares once Microsoft announces the end of support. As new threats develop, Microsoft stops releasing software updates to fix any holes in the software, which leaves a computer open to new threats.

For example, if you have any of these operating systems on your network, it is time for an upgrade:

  • No Longer Supported: Windows XP and Windows 2003
  • Support Ending in 15 Months: Windows 7, Windows Server 2008 R2, and
    Microsoft SQL Server 2008 R2

Employee Education

Unfortunately, we are only human. Employees are often the weakest link in an organization’s security. Hackers develop sophisticated tools and methods to trick your users into giving up system credentials.

How Umbrella Can Help

The Umbrella ITMS 3.0 program addresses the constant barrage of threats from Ransomware, Phishing, and other attacks on your infrastructure.

At a high-level, the program offers:

  • Drive Encryption
  • Next Generation Firewall Security
  • Security Awareness Training
  • Advanced Email Security and Encryption

Knowing your system vulnerabilities and planning for the worst is how you can recover from a Ransomware attack. We encourage you to reach out with any questions about ITMS 3.0 or your own system vulnerabilities.

For more information on how Umbrella can help your business improve system resiliency and put safeguards in place to combat Ransomware and other malicious attacks, please get in touch.

Microsoft Whiteboard for Windows 10 Available Soon!

By Sam Orlando, Automation Engineer at Umbrella Managed Systems

WhiteboardIf your team is looking for ways to collaborate and share ideas, but don’t want to spend a lot of money on project management software, then you’re in luck. Microsoft will be pushing out a new app that will be standard with Windows 10 and available on the Microsoft Store. The application is simply called Whiteboard.

Microsoft Whiteboard

Whiteboard is just that; a canvas upon which you can share content and ideas. You can get a preview of Whiteboard now in the MS Store, but it will soon be part of an update for Windows 10 users.

If your business is using Microsoft’s Office 365 for Business, then you will have more collaborative tool options available in Whiteboard to aid in planning and sharing drawings, notes, pictures, documents, links, and even live camera feeds, all in real time. Office 365 domains can allow their users to log into Whiteboard using their O365 account and share their Whiteboard with other members in your domain.

In my first experience with Whiteboard, I loved the flexibility of being able to draw out ideas and share them with someone who can then add/adjust the same image at the same time. The only real con is that writing text with a mouse is difficult. This would be better suited for a digital pen, especially with a tablet so you can write directly on the screen with a stylus. Still, you can add text notes and still be able to type text with a keyboard; it’s not totally reliant on freehand writing.

Video

One of the cooler features is the ability to add a web camera to show live video on the white board. Whether to be used as part of the content or simply to give a face to the pen on the other end. (The gamer in me is thinking of ways we can use Whiteboards to have drawing wars, or play Whiteboard Charades.)

My hope is that they include Whiteboard as an option for use with MS Teams. It would be powerful to be able to add Whiteboards to Team Hubs where teams are already communicating together.

This new tool provides everyone the freedom to share ideas in more ways than just words. Why describe it with text, when you can draw it, show pictures, and add video via web links, etc?

P.S. Did I mention that Whiteboard is free?

Tips and Tricks : RoboForm Password Manager

By Curtis Bagnall, Solution Engineer at Umbrella Managed Systems

RoboForm FeaturedHave you ever found yourself stuck on a website, continuously trying various passwords you might have used when you set up your account? It’s painful to keep seeing the message, “incorrect email or password, please try again.”

Trying to remember your passwords can be very frustrating. Sadly, we see lots of people resort to using the same password for all their accounts. This is a disaster waiting to happen when it comes to security and accounts being hacked.

The other option is to have a unique password for every site you log into. But keeping track of all those passwords is impossible without some help.The good news is that there are some great solutions to this problem. One of them is called RoboForm.

The RoboForm Password Manager

RoboForm LogoRoboForm is a software program to manage your passwords and logins. It will also generate secure passwords for you for new accounts. And the most time saving part is that RoboForm will fill in login screens for you automatically.

RoboForm is a cloud based service, so you can install RoboForm on PCs, Macs, iPhones, Android Phones and tablets. They all sync with your passwords in the cloud, so you can use any device to log into a website.

This is really convenient because you only need to remember one “Master Password” to your RoboForm account. Once you’ve logged into RoboForm, you have access to all your other passwords.

One of my biggest concerns for clients is how their passwords are stored and encrypted. RoboForm stores passwords locally first, and they get encrypted and transferred to the RoboForm servers using AES256-based encryption. Your master password is used to unlock the encryption on the fly, allowing the software to put in your account name and password with the click of a button. (It’s crucial to pick a long, strong master password and keep it private.)

RoboForm offers a free personal version, but the real power comes from paying for RoboForm Everywhere. The price? It’s only $25 per YEAR and that works across all your devices.

If you’re struggling with passwords, I suggest you give RoboForm a try. If you would like more information, or any help getting something like this set up, Umbrella is only a phone call away. We’re always happy to assist you!

Organizational apps to consider… Instapaper, Trello and Simplenote

By John King, Business Development Manager at Umbrella Managed Systems

Umbrella Managed Services: Time ManagementI find myself getting distracted by digital squirrels constantly. Scrolling through LinkedIn or the numerous websites I follow can lead to a serious time drain. A few of the apps I keep on my computer and iPhone have increased my organizational processes and efficiency.

Instapaper

My favorite app that keeps me moving forward without too much distraction is Instapaper. Instapaper is an app and an extension for Chrome that allows me to save articles so I can read them later.

I’m constantly absorbing content from multiple sources… throughout the day I don’t have time to read. Sometimes I want to learn more about solitude, but don’t have the time to get through the content. I click the little “I” on my Chrome browser. When I get a free moment, or want to hunker down for a reading session, Instapaper makes it easy to sort, categorize and access my reading list.

Simplenote

Instapaper is great for cataloging and capturing documents and articles, but for keeping my thoughts organized, I like to use Simplenote. Simplenote is exactly what it sounds like. It’s a simple way to take notes. I keep it right next to my email app on my iPhone (unfortunately my most used app).

My favorite feature of Simplenote is how it can sync across all my devices and web log-ins. (I seem to get epiphanies late at night and don’t want a cumbersome process to jot down my brilliant ideas.)

Trello

I’ve covered reading and writing. Now it’s time for…task management. Trello is my digital project manager for all things professional and personal.

Trello uses a visual card system that moves across your device from left to right. Just like we read. It’s intuitive. Sometimes it’s the little things that entertain me. It’s visually pleasing and has great functionality underneath.  I use it for my own tasks, but it can be used as a collaboration tool in teams.

These are my favorite apps right now. As you can tell, organization is a priority for me. I struggle with organization every day. These apps keep up to date on my reading lists, organize my thoughts and keep me on task. And the single most important part of these apps; they’re free. I know there are many apps to choose from… I hope these are suggestions you can add to your toolset! Feel free to share your favorite apps in the comments. Or give me a shout for a deeper dive into these wonderful apps.

Google has come a long way. Google Home, Google Chrome and Google Cloud.

By Curtis Bagnall, Solution Engineer at Umbrella Managed Systems

Umbrella Managed Systems - Google has come a long wayGoogle started out as a company to help you find information whenever you need it. An individual who has mastered the art of Google-fu could become a jack of all trades. I myself have been able to make countless fixes on my car, as well as becoming a temporary washing machine mechanic thanks to the power of Google. But Google is so much more than just a search engine. With appliances, watches, TV, automobiles, and even houses becoming a “Smart” version of themselves, there are a lot of amazing possibilities that could determine how we will live in the future.

Google Home

You may or may not have heard of a gadget called Google Home. It’s a device that’s controlled by your voice. And it can find and tell you today’s weather, determine the drive time you’re facing to get to work, and play the music of your choice.

There are so many other things that it can do to make your life easier. For instance, you can set voice commands that lock up your house at night; control which lights are on in the house and how dim or bright you want them to be; set and schedule the AC or heat temperatures; start and check the status of your washer and dryer appliances; start making a pot of coffee; record something on TV; and even place orders when you’ve run out of stock on an item. Google is making multi-tasking at home easier than ever, and more services are being added all the time.

Google Chrome

Have you ever sat at a new computer and needed to access something you’ve bookmarked previously, but were unable to due so because they were saved on your old computer? With Google’s Chrome web browser, you can access all your bookmarks and other settings and saved information from many devices such as Computers, Laptops, Phones, and smartwatches. It also caches your searches and interests allowing you to find what you need faster and suggest things you may be interested in. In my line of work, this makes it very easy for Umbrella to help our clients when they get a new computer, or must temporarily move to a different location.

Google Cloud

Umbrella has partnered with Google’s cloud services. This allows us to move our client servers to the cloud and design them in a way that best suits their businesses. Cost is continually going down for this service, and more features keep getting added. We’re big supporters of what Google has done to make technology more accessible and easier for people to use.

Want to know more about how we can help you integrate Google technologies into your business? Give us a call!

Are you reading this blog post on a Windows 7 machine?

By Curtis Bagnall, Solution Engineer at Umbrella Managed Systems, talking about the upcoming Windows 7 end-of-life support.

Windows 7 End-of-Life SupportIf you don’t have any computers that run the Windows 7 operating system at your business, you can stop reading this blog post. If you do in fact have even one computer that runs Windows 7, then the following will better help you prepare for what is in store for you over the next two years.

What does Windows 7 End-of-Life Support mean?

Microsoft stopped offering free mainstream support of Windows 7 on January 13, 2015. But don’t worry, you are still able to get patches and updates until January 1, 2020. But on January 14, 2020, Microsoft will be stopping all support for Windows 7 machines. This means that security patching and technical support will no longer be provided from Microsoft.

I know that two years from now seems like a long time. But depending on the number of computers that need to be upgraded, and the scheduling and deployment it will take to roll out a new operating system, it could come faster than you’d think.

Why is this important for your Company?

The biggest issue of continuing to use Windows 7 after January 1, 2020 is the lack of security patches. This leaves businesses open to increased risk of getting hacked. Generally, it takes around two months for a hacker to tear apart a new security patch and find the vulnerabilities and entry points into a computer. That’s why Microsoft is releasing new patches every week… and why Umbrella is testing/implementing them on all machines that we support. (We apply patches in a test environment to make sure they don’t cause any obvious problems before approving them to be pushed out to client machines.)

However, when the security patches stop coming, it will only be a matter of time before a new threat is spreading through the network. Think of the most recent Ransomware outbreaks that have been in the news recently such as WannaCry and Petya. By manipulating old XP security patches, a vulnerability was found. And both programs sweep through the world locking down network information for many businesses and medical practices.

Resolution and How Umbrella can help

Even though we are two years away from support ending for Windows 7, now is a good time to make sure you have a plan in place to upgrade your Windows 7 machines. If you need help upgrading the Windows 7 machines in your business, please call 816-437-7265 or email sales@umbrella-ms.com to get started. We would appreciate the opportunity to help you!

Why Should You Consider Moving to Office 365?

By Curtis Bagnall, Solution Engineer at Umbrella Managed Systems, talking about the trend of customers migrating to Office 365.

Office 365Here at Umbrella, we’ve been seeing a lot of our customers interested in moving to Office 365 for email, calendar and contact management.

What is O365, and why are organizations moving to it? How will moving to O365 effect my company’s workflow? Will making the move to O365 be more cost effective than what I’m currently using now? These are only a few of the questions I get when talking with companies about making the move to a cloud-based exchange server.

So, what is Office 365?

O365 comes in 2 parts. The first part is that it’s a cloud-based hosted exchange server that will host you email, contact and calendar database. Second, it has subscription offerings for the Microsoft Office suite of applications. These include Outlook, Word, Excel, and so on depending on the subscription level.

How is this different then having my Exchange server in my building?

Expense. When you have an on-premise server, you generally need to replace it every five years. On top of that, when it comes to upgrading licensing, it can bring the costs up to the tens of thousands of dollars. Instead of having a hefty capital expense when you need to upgrade, you’ll have an operational expense that saves you from overspending and surprises. Also, your data is now in the cloud on Microsoft’s servers. That means your data is always available to you no matter where you are. And it’s always backed up, so the chance for data loss is almost zero.

What benefits will the end users see?

Every user that gets a license for the office suite will be able to install Microsoft Office on up to five devices. If they have a laptop, tablet, desktop, or phone, they can install the program on all of them instead of having to buy individual licenses for each device. Each user will get up to 7GB of online storage space to save their documents to if they need to access them from different devices, or just want them to be securely backed up.

Every two years or so, Microsoft comes out with the latest and greatest version of the Office Suite. In the past, if you wanted the new version, you’d have to buy a new license for it. Now, as soon as the newest version of Office is released, you can upgrade without any additional costs.

These are just a few of the benefits when migrating your company to O365. There are many more! If you would like to know more, or talk about some of the options that would benefit your company, please give us a call. We will gladly discuss and answer any questions you may have.

Your Network Isn’t As Protected As It Should Be.

By Curtis Bagnall, Solution Engineer for Umbrella Managed Systems

Umbrella Managed Systems: Cylance PROTECTWith the increase of Ransomware attacks this past year, it’s more important than ever to protect the data on your network.

Somebody in your office can accidentally click a questionable link on a website or in an email. Suddenly, all the information that that you rely on to run your business has been locked down and encrypted. On your screen appears a ransom message telling you to pay up if you ever want to access your information again.

At Umbrella, we’ve had several clients get hit with such attacks. We monitor their backups very closely. And can restore data from them if something like a Ransomware attack happens. But, we want to be even more proactive. We want to make sure your network is as protected as it can be, so attacks don’t happen in the first place. Through our research, we’ve found a product that provides the line of defense we need. The product is called CylancePROTECT, and it has had a 100% success rate on blocking attacks. With no breeches worldwide.

How It Works

Umbrella Managed Systems: Cylance PROTECTCylancePROTECT redefines what antivirus (AV) can and should do for your organization. It uses artificial intelligence to detect and prevent malware in real time. By taking a mathematical approach to malware identification and using machine learning techniques instead of reactive signatures and sandboxes, CylancePROTECT renders new malware, viruses, and bots useless.

The best defense requires protecting the most vulnerable location—the endpoint. Cylance’s mathematical approach stops the execution of harmful code regardless of having prior knowledge or employing an unknown obfuscation technique. No other anti-malware product has the accuracy, ease of management, and effectiveness of CylancePROTECT.

What CylancePROTECT Means For Your Business

Ultimately, the best thing is that you don’t have to worry about your employees clicking on the wrong link and putting your organization’s data at risk. There’s no longer a risk of having to shut down your servers and restore them from good backups. That process can take a full day to complete, which is nothing but expense and lost productivity.

Umbrella is taking a stand against cyber-attacks aimed at our clients. We’ve decided to go with a more proactive solution instead of playing defensively. Our solution is CylancePROTECT, and we will be reaching out to all of our clients in the next few months to speak with them about deployment. If you aren’t a current customer of Umbrella, please give us a call to learn more about how we can proactively manage your systems.