This change has been met with mixed reactions from users, some of whom are happy with the seamless integration of Microsoft’s browser with their other applications, while others are frustrated by the lack of choice in their default browser.  Many of us like to use other browsers like Chrome or Firefox and this new roll-out will ignore your default browser of choice.

There are some manual fixes you may need to complete in order to get this to work.

• Users may manage this setting at any time in the Outlook for Windows app via File > Options > Advanced > Link Handling. When the experience in Teams arrives, users will also be able to manage this setting within the Teams app

If you are managed client of iResolve Tech PH we are working on a fix that will prevent this change from not using your default browser but we are under a tight timeline here as we just learned about this new “feature” that could cause some issues for people that use Outlook and Teams.  So this manual work around may be necessary until we get our settings rolled out.

How this will affect your organization:

Web links from emails in the Outlook for Windows app will open side-by-side with the email in Microsoft Edge so users can easily reference the link and email without switching back and forth between apps. The email will open in the Outlook app in the Edge sidebar. Links will open in Microsoft Edge even if it is not the system default browser in Windows.

• Only links set to open via a web browser are affected. Links that are set to open in a client app or within Outlook itself will continue to do so.
• User experiences will vary by policy configuration; please see the next section.
• Web links from all accounts in the Outlook for Windows app will open in Microsoft Edge, but the side-by-side experience is not available for non-AAD or non-MSA accounts at this time.

Example of “User Notification Experience” that will be presented when this change hits your computer:

The post Changes to Outlook and Teams: Links Now Open in Edge Browser appeared first on iResolve Tech PH.

iResolve Tech PH Security Standards of 2023

The IT Security Landscape has changed dramatically over the past 3-6 years. What it took to protect a IT Industry Companies in 2016 just doesn’t work in 2023. It’s time to ensure you have the next generation of protection in place to assure you don’t fall victim to a massive attack, data breach and extreme down time.

The first major change is making sure you are protected by “Next Generation Antivirus” protection, “Next Gen AV” for short.  This new solution uses a combination of artificial intelligence, behavioral detection, machine learning algorithms, and exploit mitigation, so that known and unknown threats can be anticipated and immediately prevented. Legacy AV of the past (2016-2020 solutions) just don’t work and can be sidestepped by a hacker very easily.

In the past, security companies compiled a database of known attacks and code that could be used against an endpoint, often cataloging what were called ‘signatures’ that are associated with specific types of malware to detect and prevent these attacks. But the “Bad Actors” (what we call hackers) have many more sophisticated approaches that find ways right around these legacy AV defenses!

So how do you know if you are using the Next Gen AV Solution? Ask! Your IT Partner should be able to discuss what they have in place to keep you safe and whether their AV solution  is classified as Next-Gen AV or not. Have them prove to you that the product has prevention of both Known and Unknown Malware. Ensure this solution is cloud managed and monitored to assure if/when any detections occur they are being reviewed and remediated.

2022 saw the rise in prominence of what we call Endpoint Detection and Response (EDR) tools. Prevention techniques like AV, patching of your computers, software updates, etc. all are important but what we call a prevent strategy. When meeting with IT Industry Companies Managers and Owners, we often use the following comparison to make it easier to understand: Prevention is like locking your windows and doors to your Practice when you leave at night. Ensuring things are locked prevents quick and easy access into your building,  keeping the Bad Actors from being able to easily open a door or window for access.

Some IT Industry Companies subscribe to a Security Service like ADT or similar company.  They place sensors on doors, windows and even have motion detection and video cameras in place. This keeps a watch over your clinic or hospital and would alert this company should an intrusion occur so that a quick response to this intrusion can occur and possibly mitigate damage to a minimum.

This is what an EDR solution is.  It is like an alarm system for your computers and networks.  This paired with a Next-Gen AV would allow quick detection of any issues. It watches for “motion” a Bad Actor makes, or what we call a lateral attack move. It can detect if someone is in and isolate that computer or device so that it can NOT attack any other devices on your network. This allows your IT Security Partner to respond to the attack and get a good indication of how the attacked occur.

Next-Gen AV and EDR solutions form the backbone of the IT Security standard for 2023. More and more insurance companies are requiring this solution be in place to be able to offer Cyber Security Insurance. We highly advise veterinary clinics and hospitals ensure they have these new 2023 security requirements in place. We are seeing a huge spike in attacks recently and most of the IT Industry Companies we review are relying on old, outdated technology from years past.

Need help assuring your Practice is protected.  Contact us today for a FREE Security Assessment

The post Next-Gen Security for Veterinary Hospitals appeared first on iResolve Tech PH.

A strong cyber defense is essential for IT Industry Companies to protect themselves from the increasing threat of remote access tools (RATs). Without proper protection, you could be putting your practice at risk of a major cyber attack that could compromise sensitive client, patient, and business-related information.

Register For Our Upcoming Webinar

During our upcoming webinar, iResolve Tech PH Director of Operations William Lindus will examine what remote access tools (RATs) are, how they enter your network, and what you can do to ensure your VPNs are secure. You’ll learn why signature-based anti-virus solutions are outdated, how phishing attempts have become more sophisticated, and more! You won’t want to miss this exciting event.

Do You Have Rats in Your Network? Veterinary Cybersecurity in 2023

Date: March 27, 2023

Time: 12:30pm PT

Hosted By: Southern California Veterinary Medical Association (SCVMA)

Cost: FREE for SCVMA members, $25 for nonmembers

Reserve Your Spot Today

 

The post Is Your Practice’s Network Secure? appeared first on iResolve Tech PH.

The post Winner Winner Chicken Dinner! appeared first on iResolve Tech PH.

What are RATs and how do I know if my computers or networks have them?

How to prevent RATs from getting in?

During the onset of the Covid-19 pandemic, the need to work remotely was something everyone wanted. As essential businesses, IT Industry Companies remained open but had to change their processes, and we saw a climb in practices requesting remote access for their team members to safely connect to their networks from home. The scramble was on to put in quick solutions that allowed the ability for said staff to assist their IT Industry Companies without the need of being at the practice.  If you were one of these practices, I’d highly advise assuring these tools are reviewed and secured to protect your practice from attacks!

Remote Access Tools (RATs) are the easiest way hackers can gain access to a clinic or hospital computers and network.  Many of these tools remain to be in place because the ability to work remotely can assist with employee productivity but also provides a huge risk to the practice if done incorrectly.

There are two main ways veterinary clinics and hospitals can allow remote access. One involves using your firewall to allow a connection from a home computer to your work network. This is often called a VPN (Virtual Private Network).  The other is using third party software that gets installed on a computer at the practice and allows access to that computer or server.

VPN – Virtual Private Network – Once the VPN is established the computer that has connected would have access to internal private network resources like file shares, printing, remote connections and sometimes running of the practice management system from a home computer. You may have heard this called a “Tunnel,” as it acts as a private tunnel allowing only this system access into the network.

VPNs that allow a home computer to connect have some major security concerns if not implemented correctly. If that connection is not secured properly, it can be like taking your staff’s personal computer that runs at home and plugging directly into the network at work. Let’s think about that for a second. Would you allow your staff to bring their personal computer from home and allow it to get set up, plugged in, and used as a machine in the practice? We highly advise against that as there are many unknowns about that computers “hygiene” that could comprise your network.

To assure VPNs are secure, we advise you ask your IT (Information Technology) professional the following questions:

Do you have 2FA/MFA enabled for that connection? A user is required to put in a username and password for this VPN connection to work in most cases. However, it is also advised that there is some sort of secondary check that either sends a text message back to that user to confirm they are who they are, or some sort of application that requires this user put in a revolving code that changes every 30 seconds. Usernames and passwords get compromised all the time and using 2FA/MFA reduces the risk of that password leak and allows a hacker access by simply typing in your username and password. Lock down your remote access with 2FA/MFA and ask your IT provider how this can get enabled if not already in use.

Is the VPN only allowing specific access to your private network? Once a VPN connection is established, ask your IT provider what private network access is allowed. This should be very minimal. As an example, we would advise this VPN only allows a remote connection to an internal PC or Server, not the whole network. Only allowing specific protocols is what we call them. Ensure this isn’t wide or it is like connecting that home computer directly to your practice’s private network.

As mentioned above you could be using remote access third party software to allow connections to your computers or server. These are tools like Teamviewer, LogMeIn, Splashtop, RemotePC, Chrome Remote Desktop by Google, AnyDesk, Kaseya, ScreenConnect or something similar. This is software that gets installed on a computer or server and then allows access via a cloud portal or software that makes a connection to that computer.

We highly advise asking your IT provider for a full list of software installed on all computers to start. Ask them to go through this list and identify what software would be considered a RAT (Remote Access Tool). Once you identify that software and wat computer it is installed on, ask yourself: Is this software needed? If that software is NOT needed, then we highly advise it gets removed. Perhaps it was there to allow temporary access but didn’t get removed; in this case removing it will remove your risk.

If the tool IS needed, then let’s refer to the recommendations we made on VPNs above. For instance, we want to ensure that the software is locked down by 2FA or MFA.  In this case it’s typically the cloud provider that allows this option and it is highly, highly recommended it gets enabled right away. This again will prevent access to your computers with just a simple username and password. It requires that this user confirms that they are who they claim to be after entering their credentials.

RATs could be in your network, and we highly advise reviewing to ensure they get removed if they are not essential. If they are needed, please lock them down properly with MFA or 2FA. Proper technology hygiene requires that you know what is in your network, how it is being used, and how to safeguard your practice against threats.

It’s a Cat and Mouse game today with IT Security. Let iResolve Tech PH be your guide!

The post Are there RATs in your Computers and Networks? (Remote Access Tools) appeared first on iResolve Tech PH.

Join Debbie Boone as she speaks with Joe Axne, CEO of iResolve Tech PH

His goal is to educate his clients on the right way to set up and maintain their IT Infrastructure for their IT Industry Companies.

https://www.podbean.com/pu/pbblog-u7k9p-654e83

————————————————————————————————————

UVP 178 You Saved What Information Where? Information Security In Your Practice

———————————————

EP.35 Technology to Improve Practice Efficiency  –

#IVETSOHRD with Dr. Caitlin DeWilde & Dr. Stacee Santi.i

In This Episode:

Dr. Stacee and Dr. Caitlin chat with Joe Axne, Owner of IT Guru, about ways you can use technology to improve your practice’s efficiency.

Listen in to get some great tips you can implement in your practice today!

Don’t forget to download the PDF to get a summary of the 5 key takeaways from this episode!

More About Joe Axne, Owner IT Guru:

Joe has more than 20 years of IT systems and services support experience. He started as a desktop technician in the early 90’s and was promoted continuously throughout his career to a Sr. Systems Administrator and Team Lead for American Medical Response (AMR).

The post PodCasts appeared first on iResolve Tech PH.

A zero-day exploit has been released that will need some attention this week!

First of all, let me explain what a “zero-day exploit” is, in case you don’t know. In the IT world, this is a report of a vulnerability or a flaw that has been identified in software or hardware, which can create opportunities for cybercriminals to “exploit” the opening well before anyone realizes something is wrong. Zero-day exploits are something to review and get patched (or fix via a workaround) as soon as possible.

iResolve Tech PH stays in consistent communication with IT Industry Companies peers and contacts. Recently, the news of a Microsoft Support Diagnostic Tool (MSDT) vulnerability, known as “Follina,” came across our feeds with an extremely strong warning to get something in place to remediate this threat as soon as possible. Why? Because cybercriminals (so-called “bad actors”) can now exploit this MSDT using a simple URL (weblink) protocol from a calling application, such as MS Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.

In other words, this is a serious breach, and it needs to be resolved manually for now. Microsoft’s Security Response Center issued a workaround, CVE-2022-30190, on Monday, May 30, 2022, regarding the “Follina” vulnerability. You can do it on your own until Microsoft develops and distributes a patch to fix the issue permanently. We strongly recommend that you work with your IT provider or person responsible for maintaining your network to put the following precautions in place:

Workarounds

To disable the MSDT URL Protocol

Disabling MSDT URL protocol prevents troubleshooters from being launched as links including links throughout the operating system. Troubleshooters can still be accessed using the Get Help application and in system settings as other or additional troubleshooters. Follow these steps to disable:

1. Run Command Prompt as Administrator.
2. To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename“
3. Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”.

1. How to undo the workaround
   1. Run Command Prompt as Administrator.
   2. To restore the backup registry key you created above, execute the command “reg import filename”

If you are a client of iResolve Tech PH, we will be developing a script that will run all this in the background against all managed machines.

If you are in need of assistance in assuring your veterinary clinic or hospital is protected, iResolve Tech PH can complete a Security Assessment to ensure this and the many other layers of necessary protection are in place in your practice. Learn more about them here, and reach out to contact us for a complimentary 20-minute consultation here.

The post Zero-Day Exploit Requires Updates to Maintain Security appeared first on iResolve Tech PH.