Something north of 100 countries were hit with an outbreak of the Wannacry encryption malware this past week.
The malware exploited a Windows flaw that was patched in March. The malware is also network aware, so once inside your network, it can spread to other machines. There are several take-aways from this incident:
- You should be using a supported version of Windows for desktop machines and notebooks. That means that any Windows XP or Windows Vista machines need to be retired NOW. Windows 7 will continue to be supported for another three years. If your business software will run on it, we recommend Windows 10 as an operating system for desktops and notebooks.
- You should be using a supported version of Windows Server software. This means that any Windows Server 2003 or Server 2008 machines need to be retired. Server 2012R2 and Server 2016 are the only safe options for Windows Servers at this point.
- You need to keep your machines current on security patches. Our monitoring software can be configured to force Windows updates on a scheduled basis. Alternately, each machine can be set to download and install Windows updates promptly when they are released by Microsoft.
- You need to have current anti-malware software installed on all of your machines. There are a number of excellent products on the market. We recommend F-Secure and AVG Cloudcare products. The AVG Cloudcare products integrate with our managed service offerings. For extremely small offices (1-3 machines), there is an Avira product that also works well.
- You need to consider your firewall solution. Although a bit pricey, Sonic Wall TZ series routers have the option of stopping malware like Wannacry at the outside edge of your network. We are a Sonicwall dealer.
- You need to have a backup strategy in place just in case the worst happens. We offer several backup options. If you have a limited amount of data to protect, a cloud solution like Carbonite or AVG Cloudcare Backup works well. For larger amounts of data, or where having a local copy of the data is important, we recommend a hybrid local/cloud solution, such as Intronis Backup. The biggest advantage of a hybrid system is that you can quickly recover data locally, but have the security of an off-site backup as well.
- You need to think about how long you can afford to be down if the worst happens. We offer the option of “virtual” servers where data from the primary server is backed up every few minutes to a backup server that can be quickly be brought on-line of something happens to the primary server. In many cases we can “refresh” an older server that is being replaced with new hardware so that the old server can serve as that emergency backup.
- You need to teach your staff to practice “safe computing” and avoid doing things that will expose your network to malware.
Gulfcoast Networking has the expertise to help you avoid falling victim to Wannacry and other malware. Give us a call at 727-847-2424 to schedule an appointment for us to come out and look at your business and assess your exposure.
Windows 10 appears to be “a keeper”. We believe it will be a long term benefit for most of our clients. For Windows 8 and 8.1 machines, it is a clear improvement. The case for Windows 7 machines is not quite so clear, but Windows 10 has some nice improvements.
That being said, there are issues you need to be aware of:
The most significant issue is that some business software will NOT currently run on Windows 10. If you are using specialized software, check with your software vendor BEFORE you upgrade the computers on your network. This includes cloud based software that you access via Internet Explorer. If you are using nothing more sophisticated than Quickbooks 2013 or newer, you should be fine with the upgrade.
Some older hardware isn’t quite up to the task. If your computers are less than a couple of years old, you “should” be fine. You may need to update some drivers. The two desktops we have tested internally both needed updated video drivers after the upgrade.
If you have several similar machines and are looking at upgrading to Windows 10, we recommend you upgrade one and thoroughly test everything before upgrading the rest. There is a way to revert an upgraded machine for the first 30 days, so the upgrade is relatively safe. Needless to say, always back up your data before doing any upgrade.
There is hope for some problematic hardware and software. We are seeing new video drivers being published and software vendors are working hard to make their programs work with Windows 10. There is absolutely nothing wrong with waiting until May or June to make the upgrade.
There is a great article on ZDNET regarding the Windows 10 upgrade program and how to disable the upgrade notices. You can find it here.
As always, we are available to answer any questions you might have.
Rob Marlowe, Senior Geek