Despite the new features and polish - it will still work the same as before.  Emails sent to support@digitalfoundation.net will still create a ticket.  By using keyworkds in the subjectline (low, high, critical, and emergency) you can can assign the priority.

All tickets created in the system AFTER business hours will be addressed the next business day.

We thank you for trusting Digital Foundation and look forward to leveraging the features in this new system to keep us organized as we grow.

Sincerely,

Joshua Erdman

We are working on a disaster recovery service for clients who desire a disaster recovery audit, want us to track all License keys (not just volume license keys) and want us to maintain copies of all non-volume license and software.  Look for an email in the upcoming months describing this service.

Thank you for taking the time to help us invest in your network.  Any concerns, insights, or actions that we may need to take should be sent to us via email to: support@digitalfoundation.net.

Sincerely,

Joshua Erdman

By 1PM Digital Foundation has taken corrective action on all Cisco and SonicWall firewalls to protect against this threat.  We believe this new security policy will have no adverse affects to our client networks, however we are open to the possibility. If you have noticed problems with file transfers since this morning, please contact our office so that we can run additional tests.  If you do not have a Cisco or SonicWall firewall (such as Linksys) - the security policy cannot be applied.  Updates to the Microsoft Software will be applied the 2nd Tuesday of September.

References:

http://www.microsoft.com/technet/security/advisory/2269637.mspx

http://news.cnet.com/8301-27080_3-20014625-245.html

Microsoft just released a set of critical updates.  They feel these updates were important enough to release these out of their normal schedule.

Please leave your computer running over the weekend to ensure the updates get installed.  Just log off your computer but leave your computer turned ON.

Install Adobe Updates

Now that we have mentioned security another thing we need to discuss are critical updates for Adobe software.

Security firms estimate that during this year critical updates for Adobe will surpass updates for Microsoft Software.  So please install all Adobe Acrobat and Adobe Flash updates when you are prompted.  You can also proactively invoke an update by starting Adobe Acrobat (or Adobe Reader) then click Help -> Check For Updates.

It is our goal to keep all our clients safe, but unfortunately Adobe does not provide an Admin tools to monitor and maintain secure versions for computer networks so any help you can provide is appreciated.

We thank you for your business and continued trust in us.  Please feel free to call our office if you have any questions regarding these updates.

Sincerely,

The Digital Foundtion Support Staff
(805) 594-1987
www.digitalfoundation.net

Microsoft has released an important security update for Internet Explorer.  Your windows computer will install this update tonight provided that you log off at the end of the business day and leave your computer powered on.  Please forward this to friends so they know to install the Windows Updates on their personal PCs as well.

Leave your PC powered on Every Thursday Night

We ask that in your office you pick at least one night EVERY week that all PCs are left on.  During this time your computer has been configured to perform basic maintenance such as installing this critical update, and also various virus scans, and disk defragmentation.  Generally most clients leavce thier PCs on every Thursday night.

Malicious Email Activity

I have been keeping track of malicious emails and have seen quite a variety of messages purporting to be from: Bank of America, UPS, IRS, AOL, ISAA, eBay, Western Union, VISA, 'Your Mail Server', and even random people asking, "Is this photo is yours?" with a convenient link included.

Please be careful with these emails.  You should no longer use the convenient links in emails sent from: your bank, inventment center, eBay, etc.  If you ever have an email warning you to update your account, reset your password, check your balance, etc - it is BEST to type in the addres in the address bar.  Again - do not click the convenient link inside these emails.

We have a news article with links to examples of these malicious emails.  To see them just visit our support website and click on news.

You can also click this link (if you dare):  http://support.digitalfoundation.net/esupport3/index.php?_m=news&_a=viewnews&newsid=37

Improve Your Protection

Viruses and these malicious emails are getting more advanced every year.  The emails look more realistic, the viruses are more pervasive.  Please educate all your users to watch thier internet hygene.  In addition, for several of our clients we have deployed an advanced firewall that provides an additional layer of security.  It checks alls emails and browsed websites for viruses before the data is sent to the computers inside your office network.  If this is something you are interested in,please contact us and let us know.  We have been nothing but impressed with this technology.  Prices start at $500 for a network of 8 computers. Additional features include website blocking by category, and failover to a second internet connection.

We thank you for your business and continued trust in us.  Please feel free to call our office if you have any questions regarding these threats.

Sincerely,

The Digital Foundtion Support Staff
(805) 594-1987
www.digitalfoundation.net

Please be careful when you receive emails that contain embeded links.  Updates for your PC are automatically applied, please do not try to 'help' us by applying updates from emails sent to you.  Below are copies of the emails (with the hyperlinks removed) for your reference.

Below is the Fraudulent Update for Microsoft Outlook email:

-- BoA Email --

-- End BoA --

-- IRS Email --

Taxpayer ID: josh-00000270611200US

Tax Type: INCOME TAX

Issue: Unreported/Underreported Income (Fraud Application)

Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below):

review tax statement for taxpayer id: josh-00000270611200US http://www.irs.gov.reffea1.co.uk.bad/fraud_application/directory/statement.php?email=josh@digitalfoundation.net&tid=josh-00000270611200US

Internal Revenue Service

-- End IRS --

-- IT Email --

Dear user of the digitalfoundation.com mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox (josh@digitalfoundation.net) settings were changed. In order to apply the new set of settings click on the following link:

http://digitalfoundation.net.bad/owa/service_directory/settings.php?email=josh@digitalfoundation.net=http://digitalfoundation.net.polikko.eu.bad/owa/service_directory/settings.php?email=josh@digitalfoundation.net&from=digitalfoundation.net&fromname=josh

Best regards, digitalfoundation.net Technical Support.

-- End IT EMail --

I have seen other emails that look very legitimate - Such as ones purporting to be from PayPal and Microsoft - they even use all the authenic images FROM the PayPal website.

Caveat: updating Adobe Acrobat Reader may cause problems for users of Adobe Acrobat Creator (we reccommend the newest version of both products).

http://www.adobe.com/support/security/bulletins/apsb09-10.html

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Recently Adobe has discovered security vulnerabilities in Flash which is used commonly in programs such as Adobe Reader and Adobe Acrobat. Flash is also used commonly in many web browsers. Most of the security attacks have come from malicious pdf files through email. Digital foundation recommends that you do not open any pdf files from unknown sources and have antivirus software up to date, which we do for our maintence clients. To be fully secure, uninstall all adobe software such as acrobat, reader, flash player, ect. although it is not reccommended since these programs are commonly used everyday. Adobe should be releasing a patch soon to fix these vulnerabilites.

For more information click the link below:

http://www.nationalterroralert.com/updates/2009/07/26/homeland-security-issues-vulnerability-notice-adobe-flash/

Internal Account Audit

To see all your active accounts, we are going to use: Outlook

Just open Outlook, Create a new email message and click the TO: button at the top.

This will display all the active user accounts on your network.  If you see any accounts that should be deleted or have not had their passwords reset , please let us know so we can take the necessary precautions.

User Account Management

Digital Foundation provides an administrative form specifically for the task of deleting, disabling, or analyzing user accounts and their data.  This form can be found at: http://forms.digitalfoundation.net/

Many of our clients use multiple services necessary to keep their business running (ie - Credit Card Authorizations, Internet Orders, VoIP, E-mail, etc). We have researched networking equipment that would allow clients to utilize dual connections.  So with this new equipment, you can have two Internet connections, a primary connection (typically the fastest and most reliable) and a secondary connection (usually the lowest cost and only used to fall back on, typically from Charter).  If the primary connection ever becomes unavailable, this router would automatically switch Internet access to the working connection.

An alternative to paying for two connections, is to consider business class Internet service.  This involves one or more bonded T1 connections.  T1s are more expensive, and a single T1 is slower than DSL and Cable, but being business class, you can expect resolution in hours, not days.  Many providers use T1s to bundle your internet, phone, and long distance service. Bundling usually includes discounts since you are getting everything in one package. The opportunity today is exceptional, rates for phones and internet are much more competitive.

The primary goal of this email is introduce you to this capability - and to provide a chance for you to consider it.  Please let us know if you have any questions.  It is our goal to help you save money and run as efficiently as possible.

We have researched and found this is nothing new from what you have already been exposed to for the last year.  There is so much media attention because on April 1st this worm is programmed to connect to its servers to receive updates and new instructions.  For our maintenance clients, Digital Foundation already monitors the state of your anti-virus, but we are double-checking each PC in order to prevent any possible threat.

For our hourly clients, home users, or just for your own piece of mind; here is a quick test to see if you are infected:
Attempt to browse http://www.microsoft.com – if you are infected you should not be able to browse any sites that contain anti-virus utilities and Operating system updates.

60 minutes covered this virus and discussed PC infection in general.  The most important point they made although Antivirus is vital for every organization, but user education just as important.  The office is no place for users to browse through recreational websites, download recreation files, participate in chat rooms and online games.  In addition – users should take thought before they open attachments.

More details can be found at: http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm

We thank you for your business and continued trust in us.  Please feel free to call our office if you have any questions regarding this threat.

Sincerely,

The Digital Foundtion Support Staff
(805) 594-1987
www.digitalfoundation.net

 

http://www.sophos.com/blogs/gc/g/2009/03/23/dhl/

As always, never open attachments from untrusted sources or attachments that you are not expecting.

Please pass this important note on throughout the office, friends, and family.

The latest email threat has a subject line regarding Obama's acceptance speech.  It contains an attachment designed to infect your machine and steal your passwords.

Bottom line: Only open attachments you are expecting.

Worms and Viruses

There are plenty of websites, email messages, and stolen software out there intent on infecting your computer.  After 6 years of protecting machines and cleaning infected ones the best policy is to avoid recreational activities on important computers.  This includes, Facebook, MySpace, gambling websites, gaming websites, and other social, chatroom, and hobby sites.

4 steps to protection:

1. Treat your computer like an innocent child.  You would take your child to Sears, you would let them watch weather info on weather.com but you probably would not visit a casino in Las Vegas for Gambling - or to the bar to socialize. 
2. ALWAYS run an antivirus software at home AND work - keep it up-to-date (downloading updates everyday is a good idea).
3. ALWAYS install the latest Windows updates.  We do this for you on yoru business machines, but it is important to keep your home machines protected as well.
4. ALWAYS backup your data - that means store the improtant data on your server or copy it to a disk.

The lastest virus/worm running around is knows as Conficker (aka DownAdUp)- which take advantage of a security that Microsoft fixed in October.  It is three months later and this virus has infected MILLIONS of computers.  Each infected PC was not updated.

References:

http://www.snopes.com/computer/virus/obamaspeech.asp

http://mcpmag.com/news/rss.asp?editorialsid=1741

Online Backup Services - http://Amazon.com/s3

Please make sure that your PCs are left on EVERY Thursday night to ensure the weekly Virus Scan.

For those of you that use a laptop, please look at your laptop's power settings.  We want to make sure it does not sleep while you leave it on overnight.  To look at the settings, right-click the PowerPlug icon in the bottom right-hand corner of your screen (This is a battery icon instead if you are running on battery power) and choose 'adjust power properties'.

We want to make sure that when the laptop is plugged in it never goes into stand by.  This is reflected in the picture - it is the bottom-left hand option.

Power Consumption

We figure, on average, each PC uses somewhere between 150W to 300W - this is equvalent to $1.50-$3.00 per month per PC (depending on LCD vs CRT display and the number of drives in the PC).

PC Maintenance Details

There are many tasks that must be performed to keep each PC running fast and stable:

Maintenance Task	Frequency	Day
Virus Scan	Weekly	Thursday
M$ Updates	Monthly	2nd Tuesday
Disk Clean Up	Monthly	1st Thursday Night
Disk Check	When Necessary
Defrag	Every 6 Months	Wednesday Nights

Users may also perform Defrags on their own machines allowing you to keep your PCs off on Wednesday nights as well.  Contact DF Support for more information.

References:

Power Savings Calculator: http://pmdb.cadmusdev.com/powermanagement/quickCalc.html#calculatorTop

For our maintenance clients and their office computers, these updates are already being applied automatically

Note: This update requires a reboot before it becomes effective.  No current threats exist yet that would be able to take a advantage of this vulnerability since it was discovered internally at Microsoft.  This gives us time to apply this fix to your servers without interruption.

References:
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx