Blog

Are You Prepared for Windows 2008 Server End of Life?

Windows Server 2008 has been a sensation and many people have had a positive experience utilizing it, but what does its end of life mean?

There’s a lot to it. First, Windows Server 2008 end of life infers that the manufacturer, Microsoft, will no longer update this product unless a warranty compels them to do so.

However, Microsoft mainstream support will still be under obligation to provide bug fixes and vital improvements through extended support. This implies that you can still enjoy using Windows Server 2008 as long as you don’t need any further updates currently offered by the mainstream support.

How much time do you have to change out your equipment?

You need to change over from the Windows 2008 Server to a supported server by January 14, 2020. To keep your data safe, experts recommend making the switch six months earlier than the set date. That’s how much time users have till Microsoft stops offering bug fixes and security updates through the extended security support.

Will 2020 be the real “End” of Windows Server 2008?

An end to bug fixes and those all-important security updates may be the ultimate deal breaker for users. Data managers will tell you that not having these fixes makes your data vulnerable to access by unauthorized parties and nobody wants to take chances with sensitive data.

After January 14, 2020, Microsoft will no longer offer security updates and bug fixes for this server and that will create loopholes in data security which prying hackers would be interested in exploiting. These security breaches can be avoided by installing a newer generation server with supported security updates. So, yes, 2020 will be the real end of life for Windows Server 2008, especially for data management centers.

What you need to do before Windows Server 2008 End of Life

The most logical action would be to update all equipment. There are many Microsoft products available on the market with more convenience, efficiency, and better virtualization attributes than Windows Server 2008. Do some research to ensure that you get a proper replacement that will address all the functions needed for your organization.

These servers come at a high cost (especially for large data centers) and installing them can be challenging, so the sooner you start the better. Upgrading a server system will definitely take some planning and precious time. Ample time should be devoted to installing the system. Unexpected delays are common; things don’t always go as planned with today’s sophisticated hardware and software. Don’t take chances with such important technology. With six months leeway, you can ensure that your new server is fully functional and your data is safe before the end of the Windows Server 2008.

Is it the end of life for all Windows Server 2008 versions?

No, it’s not. There are 16 Windows Server 2008 versions and this is not the end of life for all sixteen. However, mainstream security support for all Windows Server 2008 products ended on January, 13th 2015. But newer products like the Windows Server 2012 still have many years ahead.

More recent products like the Windows Server 2016/R2 offer users immense improvements in performance and may make it worth your time and money to switch.

Will I still be able to use Windows Server 2008 after End of Life?

While Microsoft will terminate the extended support service after the end of life, these servers will still run smoothly. The obvious drawback is that your data will be vulnerable and you will be missing out on many newer virtualization features. Even if it wasn’t the End of Life for these servers, newer features alone would warrant a server upgrade.

It’s not the End of Life for mainstream support

There are many data centers that will find themselves in a situation where they need help with a few issues after Windows Server 2008 End of Life. If you find yourself in this situation, Microsoft’s mainstream support may come in handy.

Get ready for the move

To plan for an infrastructure upgrade, rewrite and migrate all applications based on SQL Server 2008 to a safe storage place. The new server may need extensive troubleshooting, which can affect your timeline and efforts. SQL databases can be hosted on the Windows Server 2008 hardware as you install the new system.

During the transition, put a data protection infrastructure in place that will eliminate the risks of data vulnerability during a server upgrade. This will protect the data from the fragility of the old server and risks associated with the new system. While this may be costly, the fines associated with a data breach are often far more expensive.

To undergo this transition smoothly, work closely with organizations tasked with planning for Windows Server 2008 End of Life. These IT professionals can offer a great deal of assistance. They know what types of issues to look for and how to make the switch successful.

Exactis Data Leak Reveals the Dangers of Less Efficient Security Measures around People’s Data

The new data leak at Exactis, a marketing and data-aggregation firm based in Florida, presents a great many opportunities for cybercriminals to launch any number of attacks on unsuspecting victims over the next several months.

Exactis, which collects loads of personal data on nearly every U.S. adult, recently leaked detailed information on both people and businesses in the country, according to an exposé by a security researcher.

The exact number of people that this breach has affected remains unknown, but reports indicate that about 340 million records were involved in the leak on the company’s publicly available server.

The Florida-based data aggregation company claims to be in possession of data on a whopping 218 million U.S. adults, including some 110 million households. It further has some 3.5 billion records (digital, consumer, and business records).

Exactis data leak a lesser threat?

Many potential victims may take comfort in the fact that Exactis does not collect people’s payment information such as credit or debit card data, nor their Social Security Numbers. The marketing firm is largely interested in personal information – including names, addresses, and other very basic and specific details about people’s private lives such as hobbies, religion, and individual preferences.

Additionally, unlike the Equifax data breach that involved massive loss of people’s payment information into the hands of cybercriminals, no evidence has come to light yet indicating that the leaked data on the Exactis server actually fell in the hands of anyone with malicious intent.

According to the individual who discovered the breach, Exactis has since taken protective measures to secure the data.

However, this is not a guarantee that there’s no need for alarm. There is no way to tell just how long the individuals who infiltrated the server might have stayed there undetected. Neither does anyone know the details of their exact intent nor the kind of information they might be interested in.

What is now public knowledge, however, is that the exposed information also included home addresses, email addresses, and phone numbers – which can be a time bomb in the hands of a bad actor.

What was the mistake that led to the Exactis server leak?

The data leak at Exactis was possible because the company left the information up on a public server without any protection around it. This way of storing information in the company left the massive collection exposed for anyone who cared to access and use it. There’s no denying how tempting something like this would be for a data thief, as the database had information about “pretty much every U.S. citizen in it.”

While Vinny Troia, the security expert who exposed this leak admits to not knowing where Exactis obtains all their data, he confirms that the database is truly one of the most comprehensive information resources available of its kind.

Should this data security breach and the numbers associated with it be anything to go by, it would be one of the most detrimental to hit the U.S. in a while. This data leak would beat 2017’s Equifax breach hands down. The Equifax breach has held the record as being one of the most devastating security data breaches to date. It affected the highest number of consumers – up to an estimated total of 145.5 million individuals.

What potential risks are victims of this breach are facing?

The damage is done, so what are the repercussions? What does this mean to the individuals and businesses whose details have been breached? What possible solutions do they have at their disposal?

Spam emails

Persons whose personal details are now out there can expect to receive streams of annoying spam emails in their inboxes.

If spammers got hold of someone’s personal information from the Exactis data leak, this would mean a fresh new list of email addresses to send unsolicited offers to. This class of cybercriminals makes money off signals such as website pop-up ad impressions or email response rates. Clicking on their unsolicited emails would be generating money for them without intending to.

Phishing attacks

A direr possibility, the data might fall into the hands of identity thieves. These criminals could use the email addresses obtained from the leaked collection to create any number of phishing schemes.

The consumers who have lost their personal information, therefore, run the risk of being targeted by phishing attack emails, which involve criminals impersonating legitimate senders attempting to trick them (unsuspecting recipients) into clicking malicious links in these emails. Clicking such malicious links would trigger the download of malware onto these victims’ computers.

Attackers may also trick these victims whose emails they (attackers) have gathered, into giving out some confidential and more valuable information such as usernames and passwords, credit card data, and even Social Security numbers.

Wrap up

Knowing what to expect is the first step in preparing for the consequences of this breach. At the end of the day, you must protect yourself. It is utterly important that you do not open any email that originates from an untrusted source. Better still, consider using a suitable email authentication service to protect you from interacting with malicious emails. Watch for phishing schemes—expect them to come to your inbox and be prepared. Don’t be fooled by emails that seem a bit too urgent. Cybercriminals always use fear to get you to click on their bad links.

Should a Business Place the CFO in Charge of IT?

The work of a Chief Financial Officer in a business organization is to manage the finances, record keeping, manage financial risks, prepare financial reports, and give general financial advice. Information and Technology, on the other hand, is the department that is in charge of designing, operating, and maintaining the IT infrastructure of the organization. So where do these two critical departments intertwine in the management of the affairs of a business organization?

Why is it important to separate the two departments?

This question can only be addressed properly by having a quick overview of the functions of the IT department in an organization.

Functions of the IT Department

Some businesses have their IT department run by the CFO because they think that the IT department is more or less a wing of the finance department. This thinking may be derived from years past where companies didn’t have a large IT department and no one really understood the work that IT experts were doing.

That was way before technology took a leap to this current era where IT departments are responsible for services such as storing data, online platforms, website management, social media, and all related functions. This scenario clearly shows that the functions of IT have evolved into a massive effort to keep the company website running smoothly and protect customer and company assets. Since the website is the face of most companies now, this is a crucial aspect of doing business in a global economy.

Connection with the Outside World

Truth be told, most of what we learn and know about a given business organization is the information that can be viewed at websites and other online platforms. The profile of almost all companies is found on their web page. There you will learn things about when it was incorporated and who is in charge of various departments. The addresses of the head office and branches, if any, are there on the website, along with achievements, awards, upcoming events, press releases, and so much more.

Links are there to all social media platforms such as Facebook, YouTube, and Twitter. These assets form an organization’s direct link with their customers. For instance, if a business is portrayed in a bad light by the media, they use their social media platforms to clarify issues so that they can restore the confidence of the different stakeholders and prospective customers. When introducing new products into the market, businesses opt to use social media to launch them. These are all vital tasks that take place every day for most companies.

Storage of Company Data

Long gone are the days when data was stored in large physical files using paper copies of documents. This method came with many disadvantages. Government buildings would frequently run out of storage space. The sheer amount of paper and ink used was massive. Retrieving documents was tricky at best. If someone misfiled an important document, the staff might have to search for days to locate it. Those days are gone with online data storage. Now a company can store enormous amounts of information and retrieve the records almost instantly.

Privacy and Security

With all the good things associated with a modern IT department, certainly, there are a few challenges here and there. Now that all our data is stored online or in the Cloud, it’s available to cyber thieves. Most of them have special hacking skills that can break through the best defenses.

Security breaches can totally cripple a business and bring it to its knees. Information that healthcare organizations store is very sensitive. It can be devastating for any company to undergo a security breach, but healthcare is especially vulnerable.

The IT Department is tasked with the responsibility of ensuring that security breaches don’t happen at all and if they do occur, they are detected as soon as possible. The IT department must be vigilant in protecting a company’s data. It’s a full-time job.

Updates

Technology keeps on evolving to better serve us and this is where the IT department comes in. They consistently stay aware of security threats. They install system upgrades and train the staff on how the new upgrades are applied. They must make sure the company website works properly and all service issues are dealt with right away. If customers can’t shop or perform tasks on your website, then they’ll just go someplace else.

Should the CFO do IT work?

Given the above overview of the functions of an IT department, it is clear that the Chief Financial Officer cannot adequately deliver or even oversee most IT work. The main and only function of a CFO should be overseeing company finances. Of course, they must be consulted if the IT department needs newer equipment, hardware, or software. These expenses can be hard to budget for but they’re very crucial to maintain a thriving online presence.

Wrap Up

The financial transactions of most business organizations nowadays rest with the CFO and his department while the IT department handles servers, computers, internet security and the company’s online presence. Only IT experts are equipped to manage these tasks efficiently. The CFO should be there to facilitate financial assistance and receive reports, but not be involved directly in the IT work. Organizations should ensure that these two departments have their roles distinctly separate and well laid out.

On July 4th we as Americans honor the formation of the union we call The United States of America. Whether enjoying the holiday at the beach; a backyard barbeque; watching a fireworks celebration in the city; working hard in the office or shop; or marching in a local community parade; we all celebrate the birth of our great nation together as one.

Here’s to our beautiful lakes, our majestic mountains and everything that makes American the greatest place to live!

For anyone who’s not American, or new to our country, here’s what Independence Day is all about.

Independence Day is celebrated each year on July 4^th. It’s often known as “the Fourth of July.” It’s the anniversary of the publication of the declaration of independence from Great Britain in 1776.

In 1775, the people of New England began fighting the British for their independence. On July 2, 1776, the Congress secretly voted for the country’s independence from Great Britain. Two days later, on July 4, 1776, the final wording of the Declaration of Independence was approved, and the document was published.

The first public reading of the Declaration of Independence occurred on July 8, 1776. Congressional delegates began signing it on August 2, 1776. Fifty-six congressional delegates signed the document. The delegates signed by states from North to South, beginning with Josiah Bartlett of New Hampshire, and ending with George Walton of Georgia.

Some delegates refused to sign the Declaration, including John Dickinson of Pennsylvania, and James Duane, Robert Livingston, and John Jay of New York.

Some opposed the document but signed it anyway to present the appearance of a unanimous Congress. This included Carter Braxton of Virginia, Robert Morris of Pennsylvania, George Reed of Delaware, and Edward Rutledge of South Carolina. Five delegates were absent including Generals George Washington, John Sullivan, James Clinton, and Christopher Gadsden, as well as Virginia Governor Patrick Henry.

John Adams sent a description of how Independence Day would be celebrated in a letter to his wife Abigail on July 3, 1776. He described “pomp and parade, with shows, games, sports, guns, bells, bonfires, and illuminations” throughout the country.

An interesting note: Thomas Jefferson and John Adams, both signers of the Declaration of Independence and presidents of the United States, died on July 4, 1826, exactly 50 years after the adoption of the Declaration.

For our Help Desk employees, Independence Day is a workday. We plan to celebrate the 4^th just like the rest of our countrymen (and women!). But we do this by being here if you have any technical issues.

Our Help Desk is your front-line support for submitting incidents and service requests.

We say that we operate 24/7/365 and we mean it – Independence Day, Memorial Day, Christmas, New Year’s Day, Easter – no matter the holiday or day of the week.

You’ll have direct access to the IT professionals who help you onsite and provide the advice, guidance, and rapid restoration of services you need to keep your business running. 

When you call, one of our agents will log your request into our IT service management system and either resolve it for your then or escalate it to the next level of support.

You have the option of reporting an incident or service request by email or by contacting us by phone. When you do, this will generate a “ticket” in our IT service management system.

Once the ticket is created, you’ll automatically receive an email receipt confirmation with your ticket or reference number. This confirmation tells you that your request has been logged at our Help Desk and that it’s been assigned to a tech specialist who knows your business and is experienced in your particular IT issue.

Here’s what we ask that you provide when submitting a request to our Help Desk:

• Your name, business name, phone number, and email address.
• A detailed description of the problem or concern.
• Whether the issue you’re experiencing affects only one user, many users, your entire office or multiple offices.
• The impact your issue has on your business, including whether any critical applications have been affected.
• Anything you or your staff have done to try to resolve the issue before contacting us.

Prioritizing Tickets

It also helps if you prioritize your need. Here’s an example of what we mean:

• Non-Urgent: Your problem is minimal and doesn’t impact your ability to work. It’s something that you could wait to be addressed within the next week. (For example, you’d like us to provide a new piece of computer equipment for you.)
• Normal: The IT issue has some impact on your day-to-day operations. However, you could wait for two days for it to be addressed. (For example, you’d like us to help you find a better way to use an application or replace it with a different one.)
• Urgent: The issue you face has a significant impact on one user’s ability to work. You need help sometime during the workday.
• Emergency: This issue has a significant team-wide impact on your staff’s ability to work. Multiple employees are affected. You need help as soon as possible, no matter if it’s after hours, over the weekend, or on a holiday (like the 4^th of July). This is for things like outages and downtime.

Please do your best not to prioritize something as “Urgent” or “Emergency” when it’s not. This helps us get to those really urgent requests much faster.

We want you to know that you and your staff can enjoy Independence Day with the peace of mind that our Help Desk is always here for you. Happy 4^th of July everyone!

YOUR MICROSOFT OFFICE 365 MIGRATION CHECKLIST

First, let’s talk about why you should use Microsoft Office 365.

It’s simple…

If you do, you’ll have a full-featured, cloud-based office productivity tool that can help you work more easily, productively, and collaboratively.

This allows you to please your customers and grab more market share. There’s no better solution for small and mid-sized businesses today than Microsoft Office 365.

Why?

Because instead of simply packaging the popular applications you use (like Excel, Word, PowerPoint and more) Microsoft has taken the extra step to integrate these tools, along with others. This provides your organization with the capabilities a larger-sized business enjoys.

But there’s something you should know.

Migrating to cloud computing is a multi-phased project. There are many things to consider when making a conversion to Microsoft Office 365, or any cloud-based system.

We’ve developed this Microsoft Office 365 MIGRATION CHECKLIST to help ensure the process is seamless for your business and transparent to your customers.

Of course, we think we should do this for you.

Why?

Because it’s complicated and a lot of things can go wrong unless you know exactly what you’re doing.

But, if you’re ready to try this on your own, here’s what you need to do.

INVENTORY EVERYTHING IN YOUR IT ENVIRONMENT

Start by making a detailed inventory of everything in your IT environment. This way you can make the best decisions and estimates about what it will take to migrate everything. You’ll also be able to better determine how long this might take and develop a migration timeline that you can share with your staff.

Your inventory may include things like:

• Site Collections (a group of websites that have the same owner and share administrative settings)
• List and Libraries (a special list/library for documents)
• Pages (all files that have a dependency to another file using a URL)
• Blocked File Types
• Branding
• Workflows (pre-programmed mini-applications that streamline and automate a wide variety of business processes)
• Content Types
• Site Columns (reusable column definitions or templates that you can assign to multiple lists across multiple SharePoint sites)
• Permissions
• User Alerts
• Retention Policies (A retention policy is the only feature that can both retain and delete content across Office 365.)
• Records
• Users and Groups
• Large Lists or Libraries
• Any other UI customizations (JavaScript, altered menus, etc.)
• Customized IT Solutions

What About Our Customized Solutions?  

You could run into trouble here.

Create an inventory of all your customizations. Identify what you want to migrate. This is a good time to identify what you don’t need any longer and remove it.

Make sure you have a good overview of what you have in your sites (WSP, Sandbox, etc.) And note if one depends on another.

Map things out, so you’re sure to deploy everything in the right order when it’s migrated to your destination.

Are you running any Farm Solutions? These run codes that can affect the whole farm and can’t be migrated to Office 365. Get rid of them.

Do you have any Sandbox Solutions? As with Farm Solutions, it’s recommended that you don’t include these.

Converting any Web Parts you developed for Add-Ins could be problematic.

If you’ve built Timer Jobs, there is no real solution when you migrate to the Cloud. You must find a new way to do this.

Event Receivers: You’ll need to rewrite and host them differently to get the same results.

Determine how you can deploy your declarative artifacts. You might be able to do this with an Azure Web App or PowerShell.

Stay away from customized fields. Display Templates or Office 365 column formatting might provide an option for displaying content the way you want so you don’t need to create new fields.

Item IDs in Lists and Libraries could change during the migration.

REMOVE & REORGANIZE YOUR OLD IT ENVIRONMENT ITEMS

Microsoft SharePoint helps you custom-build what you need for your unique operations. Now’s a good time to locate and reorganize what you want to keep or delete what you don’t.

• Locate and get rid of any “Orphaned Users.”
• Locate and get rid of vacant SharePoint Groups.
• Move users with specific permissions back into Groups.
• Get rid of any Custom Content Types, Site Columns, and Workflows you no longer use.
• Locate any sites that you haven’t used or modified and determine if you still need them.
• Ask all users to check-in documents they’ve checked-out, including those that have never been checked in. (Ensure you migrate the most recent versions.)
• Find any Large Site Collections and break them up into multiple Site Collections.
• Locate Large Sites and promote them into Site Collections.
• Delete any duplicate content.
• Clean-up items that have too many custom permissions.
• Get rid of versions in your history you no longer want.
• Re-order Lists and Libraries that contain too many columns.
• Rethink and re-order very Large Lists.
• Ask all users to finish up any pending workflow tasks.

III. PREPARE YOUR NEW DESTINATION

This is the time to prepare a clean slate for your new destination. A well thought out Information Architecture can make all the difference between a successful migration and one you’re not happy with. Take your time doing this as it might be the last chance you have to do this for quite a while.

• Map out the information architecture of your new destination.
• Backup all of your data.
• Test your backup restoration to make sure it works.
• Check out all databases for any corrupt data. (Delete any that you find.)
• Run a number of migration tests beforehand. (Take note of any unsupported elements.)
• Determine the overall time required to migrate all sites. (Slow migration speed can significantly impact project duration, causing delays that can disrupt your business operations.)
• Set SharePoint to import user profiles from any specific sources.
• Map a plan for the metadata on your content.
• Look at your customizations. (If required, convert them to work in the new destination.)
• Locate any deprecated native templates or features and make a plan to replace them.

IT’S NOW TIME TO COMMUNICATE EVERYTHING TO YOUR STAFF.

Change is always difficult for everyone and this includes your users. For your Office 365 Migration to be a success, you need to let them know what to expect.

• Communicate with all users before starting the migration and let them know this is a process but that you’ll keep them informed.
• Circulate the proposed timeline to ensure it won’t interfere with their business-critical efforts.
• Let them know about the IT downtime that will occur and for how long.
• Relay any possible changes in the environments (URLs, Bookmarks, Document References, Excel Macros, etc.).
• Determine where to go to get an updated status or any assistance you might need during the migration.
• Create sandbox sites for previewing.

BEGIN THE MIGRATION

At this point, the process of migrating to Office 365 shouldn’t be too difficult if you’ve followed all the steps above. Just be prepared to deal with any unforeseen complications that might not have been revealed during the testing phase.

Workflows:

• Stop running any workflows you’ll be migrating.

Migration Scenarios:

• Use a third-party tool to migrate and granularly restructure as you transition.
• Perform multi-phased, incremental migration for large sites.

AFTER MIGRATING

It’s time to take a “test drive” to make sure everything is working properly in your new environment.

• Test your Destination Environment.
• Make sure everything migrated successfully.
• Test all your workflows and check user permissions.
• Make a complete backup of your new environment.
• Remove all access to the old SharePoint environment.

ON A WEEKLY BASIS: MONITOR YOUR OFFICE 365 ENVIRONMENT

You’re not done. It’s very important that you continue to monitor the security, usage, and other elements in your new Office 365 environment to make sure it’s running at peak performance without any glitches.

• Ensure all your users are getting what they need from Office 365. Find out if they require any assistance or run into problems.
• Always monitor data security and check for any data breaches.
• Locate any broken permissions.
• Ensure all users are using the right permissions.
• Ensure user credentials remain private.
• Control sharing of monitor permissions.

As you can see, when you move your organization to Microsoft Office 365, it’s important to plan exactly what steps you want to take, when to perform them, and who’s involved. Keep the lines of communication open, and this checklist will help you as you plan and prepare for a migration to Office 365.