EFS Network Management Bi-Weekly Antivirus Review

Bi-Weekly Antivirus Review

EFS Network Management encourages users and administrators to check your antivirus software for desktops and servers.

The antivirus software should be reviewed bi-weekly for known security issues and known stability issues. Your antivirus software should be checked to ensure that it is functioning correctly. We tend to get complacent and not think to check our antivirus software.

Sometimes the software may stop getting its daily updates for various reasons. The antivirus software might be expired and it needs to be renewed with the vendor. A firewall setting may have been enabled and now the firewall is blocking the updates. It could be the desktop firewall or the network firewall. A group policy might have been enabled that blocks the updates, by accident. Malware maybe blocking the updates. A new security update might have broken the antivirus updates software. The service could have been disabled during a troubleshooting session and never turned back on. The antivirus software might have been uninstalled to address an issue and the antivirus software never got re-installed. The antivirus software may no longer be compatible with the current version of software that your are running.

There are many more reasons why the antivirus software may not be working. So it is very important to check that it is working and that it is up to date.

  • Check the antivirus definition files and they should be within a few days of the current date.
  • Check the last time that the operating system had a full virus scan.
  • Check the antivirus history files and logs.
  • Check the antivirus quarantine and delete all files if they are not critical.
  • Check the antivirus expiration date, if the one being used is not a free version.
  • Check the antivirus exclusion paths and make sure that they are not excluding critical systems.
  • Check the antivirus software for services that may not be working, especially if you are running an antivirus/malware suite.
  • Search the web or Youtube on “How to’s” for your version of antivirus software” make sure the information is coming from a reputable source. This will empower you with working knowledge of your antivirus software.
  • If it has been a while since your last deep scan, update your antivirus software, boot into safe mode for Windows computers and run a full system scan.
  • If you suspect you have malware, then a bootable antivirus software may be needed in order to deal with the malware.
  • While checking for antivirus, check for the last good backup of the operating system and create recovery disks or jump drives if you do not have them.

If issues do arise from checking your antivirus or you need assistance please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.

EFS Network Management - Windows 10 Anniversary Update

Windows 10 Anniversary Update

The Windows 10 Anniversary Update will be available August 2, 2016. This is a large 3GB update with lots of new features and improvements as well as the depreciation of other low usage features. This update will be free to current Windows 10 users.

For home Windows 10 users the update will be automatically installed. For domain business users the update will be optional but is recommended by Microsoft.

If you need to delay the update Windows 10 Pro or Enterprise, you can delay the upgrade by at least four months. In Windows 10 version, go to Settings > Update and Security > Advanced Options and click the Defer Upgrades check box.

For Windows 7 users Microsoft is making its last big push to get the Windows 7 operating systems upgraded. On July 29, 2016 the Windows 10 upgrade will no longer be free and will cost $119 for home edition and $199 for Pro Edition.

Here is a brief summary of what’s new in Windows 10 Anniversary Update?

  • Cortana is getting a big update, and you will not be able to turn it off.
  • The Edge browser is getting a big update.
  • Windows Defender is getting a big update and new features.
  • New pen and ink features and updates for touch screens
  • Xbox Gaming Integration
  • New IT deployment for schools.
  • New Personal Logon Screen
  • New Dark Themes
  • Linux Friendly Bash Shell
  • Changes to the Start Menu
  • Action Center Update
  • New Fingerprint Sensor update

What is being removed?

  • Wifi Sense sharing
  • Kids Corner
  • Sleep / Hibernation
  • No more nags to upgrade

Should you update to Windows 10 from 7 or upgrade to Windows 10 Anniversary? It really depends upon if your business environment is ready. Are all your applications and hardware devices Windows 10 ready with drivers and stated that they will work under Windows 10? If so you can upgrade. If not, then it is simple, the applications and devices need to be updated before upgrading to Windows 10. Windows 7 Extended support will end 1/14/2020.

If you miss out on the free Windows 10 upgrade, your low cost option is when you are ready to replace the computer, then get it with Windows 10 (When you are ready!). The newer hardware will be better for Windows 10 anyway.

For further reading, please see these references below:

Windows 10 Anniversary Update

What is being removed from Window 10 Anniversary Update

More about Cortona

Arstechnica on Windows 10 Update

Windows 7 Support life-cycle

EFS Network Management - Uploaded ToQuarterly Firmware Update Review

Quarterly Firmware Update Review

EFS Network Management encourages administrators to check firmware updates for various devices. Most all computer based devices today have some type of firmware. This firmware should be reviewed for known security issues and known stability issues.

Types of devices that have firmware are printers, copiers, desktops, notebooks, handheld devices, credit card machines, fax machines, alarm systems, phone systems, video systems, key fob systems, smartphones, hard drives, servers, controller cards, firewall devices, wireless devices, scanners, network switches, USB drives, barcode scanners, mice, security devices and more.

These are vectors of attack and exploitation. A lot of these devices have embedded web servers. Since most users never access them they go forgot about. If malware gets a foot hold in your network, it may scan for devices that have known vulnerabilities. Malware is increasing in sophistication and looks for areas to hide that are not normally checked or updated. While attacks on printers etc are rare, they do offer a weak security link that could become an issue.

It is important to update all these devices on a regular schedule to close that gap of a potential security breach. Examples of breaches are the Home Depot case study, and Target attacks in which devices, etc were not patched and that lead to the exploitations. These examples allowed remote attackers control over their networks, servers and point of sale devices. More recent firmware issue example is the Lenovo UEFI exploit was found on ThinkPad and HP systems. For details review the Lenovo Security Advisor LEN-6718.

Your best defense is to keep all your devices updated and current.

That said also expect issues with updates. This is a primary reason a lot of devices do not get updated. The updates can deprecate old features, change the way things work and be disruptive. However while that maybe true, it could be more disruptive if malware gains a foothold into your network on an unpatched device, and repeatedly re-infecting other devices, computers, etc.

Ideally one would want to update as soon as a patch is released. However many vendors do not do a good job at communicating an update, or if you are not an a vendor’s mailing list you may not get the update.  So a practical approach is to check the devices in your inventory and look up the latest firmware version. Next read about the update and do a web search for any known issues with the update. Then install and test the update. Fall back to an older update if issues occur and if the device allows a down grade.

Lastly update your documentation or management software. Then add the next firmware update review on your calendar or task management system.

If issues do arise from the updates please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.

EFS Network Management - Bi-Annual Backup Restore Testing

Bi-Annual Backup Restore Testing

EFS Network Management encourages users and administrators to check and review their backup systems and conduct restore testing.

It is that time of year again to test and review your backups. There is no worse feeling when you lose data, go to do a restore and find that your backups are not really backing up data. You find out the hard way that the backups for the last year are all bad, due to a glitch in the software, bad media or a dozen other oh my gosh things.

That is why testing your disaster and recovery procedures is a must. It is very important to do a test restore of a random or critical file to an alternate location. This simple test restore with check many things. It is test the backup catalog,  the backup index, the backup media and its ability to find the correct media for the restore, it will test the stability of the backup software, and instill confidence in the backups.

There are several things one should check while doing the restore test.

  • First check to see if there are any product updates for both security and features.
  • Check to see when your maintenance license will expire and prepare to renew.
  • Check your back jobs and clear/save the log files and the event files.
  • Check your media logs and make sure that there are no errors with the media that you are using.
  • Check backup times. If your backups are running during the day and started the night before, it maybe time to invest in faster technology or adjust your backup scheme.
  • Check both your full backups and incremental backups.
  • If you are run several backup jobs restore test from each backup job and from random dates.
  • Review your backup methods, times and types.
  • Review and test the backup notification system. Review who is getting notified and what types of notifications are being sent.
  • Test the security of the backups. Who has access to the backups and the decryption keys.
  • Test the encryption and decryption of the backup data. Do you have a backup of the encryption keys to decrypt the backups.
  • Test the disaster recovery boot disks or USB keys. Do you have backups of these disk and who have access to them?
  • Review your backup schedule and types and how often i.e. daily, weekly, bi weekly, monthly, quarterly, yearly and accounting snapshots?
  • Review where the backup data is being stored, in the cloud, off site, or on site.
  • Review how often the backups are being recycled and do they comply with data retention policies?
  • Review instructions and policies on doing backups and restores. Have they been updated to match the current software and processes.

It is important to conduct these tests and reviews to make sure that you have quality backups, procedures, documentation that comply with your company’s retention policies. When disaster strikes it can be very painful, if you do not have good quality backups.

If issues do arise during restore testing, please reboot the system to see if it will self-heal and recover. If it does not recover please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.