SpireTech Company News and Tips
On Tuesday March 2nd, Microsoft announced a new zero-day vulnerability targeting Exchange email servers. M365 Exchange online is not affected. Microsoft quickly released out-of-band patches to address the vulnerability. Our NOC (Network Operations Center) immediately went into action, patching client’s exchange servers late into the evening.
For more information on the breaches, please see the following articles:
- Tech Community / MS Patch Response – Released: March 2021 Exchange Server Security Updates – Microsoft Tech Community
- MS Security Center Response – Multiple Security Updates Released for Exchange Server – Microsoft Security Response Center
Unfortunately, this information comes to light after the exploits have been observed in the wild by security researchers, as is often the case with these vulnerabilities. Our NOC has been examining systems looking for evidence of attack, and we believe that the attack is more widespread than Microsoft initially disclosed. We will be notifying any affected clients directly. Read more...
We’ve been watching Elon Musk’s new satellite-based internet service with interest. SpaceX opened it up to more people last night, and if you are working remotely and live in an area where high speed internet isn’t available to you, you might want to get signed up. People that sign up now are supposed to receive their equipment later this year. Speeds are up to 150mb/sec with latency in the 40ms range, which is better than old DSL lines and most cellular-based services.
It is not a mobile solution – it is not intended for use while traveling, unfortunately. Service is locked to the general area around the address you provide when signing up. The satellite dish automatically aims itself, so installation is relatively straightforward. Pre-orders are $99 (refundable), the equipment is $500, service is $99/mo, and you can sign up at https://www.starlink.com/
This is an option for people who can’t get fast service over fiber or cable – perhaps those still limited to old copper lines. Read more...
Legacy Edge (the first version of the Edge Browser) and Internet Explorer 11 will no longer be able to access any Microsoft online services on August 17th of this year. Microsoft has installed tools to redirect users to the new Edge Browser.
On March 9th 2021, Legacy Edge will stop receiving security updates. Some banks and websites are still requiring Internet explorer for compatibility with their sites.
Everyone should be using a modern browser, such as the new Edge, Chrome, or Firefox. If you access websites that claim to require Internet Explorer, those websites will need to be updated very soon for compatibility with modern browsers.
2020 was a year of fairly flat growth at SpireTech. We imagine this has a lot to do with economic uncertainty related to Covid. We’re hoping that the floodgates will open for new business as the vaccine becomes available, businesses re-open, and pent-up demand for work that has been put on hold will get things moving again. We feel for all the small business owners that were forced to close or restrict activities during this time.
Review of 2020 Business Activity
We spent a lot of the year focused on improving security, moving to the cloud, and enabling work from home. Some of the areas we worked on include:
- Rollout of new services supporting and installing M365 business voice
- New M365 Security Pack service offering designed to increase client tenant security
- Increased service desk staff to reduce response times
- Increased focus on training – each staff member is encouraged to spend 10% of their time each week on continuing education and skill development
- Implementing EOS (Entrepreneurial Operating System) business management processes
We’ve also been continuing to attend conferences and quarterly IT business peer group events (virtually) to keep up on current trends and best practices. Read more...
SpireTech does not use any SolarWinds software. However, the longer-term effects of this hack are likely not going to be known for a while – if at all – because SolarWinds was used by many government agencies and larger enterprise companies.
As of this point, we know of no customer-affecting data breaches as a result of this hack. However, with a hack of this magnitude, it is important to consider the larger supply chain – perhaps even your vendor’s vendors. For example, Microsoft makes extensive use of contractors. Microsoft has disclosed they were affected by the SolarWinds hack and there was unauthorized read-only access to their source code repository. No access to customer data has been reported or disclosed as of this writing.