Oh, what a day to not be in IT

[bill_schubert]

I ran my IT shop for 12 years and tried a number of different ways to monitor and support business PCs.  One of them was Kaseya.  None of them were Solar Winds (those guys were and probably still are arrogant jerks).  

The problem with companies smaller than, say, 50 PCs is that they have the same problems as larger companies with far fewer assets.  They can't afford a network administrator or, if they do, it is a cousin who 'knows all about gaming computers.'  The only way to help them is to overlay a system from companies like Kaseya or Solar Winds or Labtec or one of a dozen others.  In order for those systems to be useful and to protect the users from themselves is to give them administrative rights to every PC, printer, router, phone and modem on the network.

There, of course, lays the problem.  We talked about this a lot in my company and worked pretty hard to update and periodically change the administrative passwords we used.  So much so that we occasionally had to scramble to figure out that password on the customer we hadn't interacted with in a couple of months.  We were better at it than any other company I saw which really made me uncomfortable for the industry.  

So we knew that one day the small IT companies would be hit and all of their customers would be attacked.  This has happened twice now and will keep on happening.  I have no idea how the small computer support companies handle this.  I'm still in contact with one or two and may ask.  But for now I'm just happy to be able to watch Wimbledon without my guts twisted in a knot.

Comments

[gracegiver]

Hi Bill.
Your line about the cousin who knows all about gaming computers gives me a good chuckle this AM. Perfectly described. I suspect soon we'll be in an environment where the small businesses who can't afford a real IT team, will need to sign up and pay for security via big corporations.
I read the other day these ransom wear attacks are the new Nuke fears we lived with for years. No need for the enemy bomb drops because we have bombs too.
Oh, the times we live in!

(thanks for adding me back, btw)

[bill-schubert.livejournal.com]

Yeah, I'm just glad to be out of it so I don't have to answer questions of the small businesses. There is no safety for them anywhere. The best they can do is Azure or AWS. Get the stuff on the cloud and go virtual. Let Microsoft, Amazon, and Google worry about data protection. Obviously not cheap and small businesses seldom include IT security in their budget. It is tough.

Always nice to expand my horizons with new people.

[stainsteelrat.livejournal.com]

Ransomware is one of my current greatest fears. We had a virus infection at the school some years back that knocked out the network for a couple of weeks, mostly because we had to shut down the servers to prevent the infection spreading. I had to assist remotely as I had a trip booked to Brazil. Nightmare!

First time I've heard of Kaseya, but we've not had any need for something like that.

[msconduct.livejournal.com]

Because we're in the habit of thinking "What's the ABSOLUTE worst that could happen?" we don't consider cloud storage a sufficiently safe solution against ransomware. It's been breached before. We go old-school and do local backups which we physically unplug every day as an extra layer of protection.

Admin passwords are the devil incarnate. My business partner systematically removes as many of them as possible from our clients (we do corporate rather than small business). They reliably cause untold havoc.