Computers

Backup Internet Connection – “Site Health” Checklist 1024 411 Vaughan

Backup Internet Connection – “Site Health” Checklist

These days there would be very few organisations that are not dependent on Internet access for the smooth running of their business. However, despite this dependence on the Internet, many organisations rely on a single Internet connection – typically a wired service.

If you’re an NBN customer, Telstra include a free 4G backup service with their SmartModem; which automatically kicks in – in the event of an NBN outage (speed of up to 6Mbps).

If you have a dedicated fibre service, we can provide a 4G backup service that works in the same way – and without the 6Mbps speed restriction.

“Site Health” Checklist 1024 411 Vaughan

“Site Health” Checklist

In this article we provide a Checklist for key tasks and processes that should be in place to ensure the smooth running of your computer network.

This checklist covers the following areas:

  1. Backups and Disaster Recovery
  2. Anti-virus
  3. Passwords
  4. E-mail scams
  5. Servers
  6. Backup Internet connection
E-mail scams – change of bank account details – “Site Health” Checklist 1024 411 Vaughan

E-mail scams – change of bank account details – “Site Health” Checklist

One of the more “sophisticated” scams – and particularly expensive if it succeeds – is where the scammers attempt to get an organisation to update the bank details that they hold on file for a legitimate supplier, and replace the legitimate suppliers bank account details with the scammers bank account details.

These scams are becoming increasingly prevalent, no doubt because of the financial payoff, when they’re successful.

Here is a recent example:

https://www.smh.com.au/business/small-business/devastating-blow-homewares-business-hit-by-apparent-email-scam-20180813-p4zx4y.html

Make sure that your staff are alert to the fact that these scams exist. We have written a previous blog article which covers e-mail and other scams in detail (see link below), we encourage you to share this article with your team:

https://zen.net.au/how-to-protect-against-e-mail-and-other-scams/

Have strong Accounts Payable controls. Any request for a change to existing payment details or addition of a new bank account / supplier should be considered a potential red flag and require careful scrutiny and independent verification to ensure that the new bank details are legitimate.

Also consider informing your clients to always double-check any advice that they receive in relation to an updated bank account for your organisation – as this could be an indication of a scammer seeking to impersonate one of the staff within your business.

Servers – “Site Health” Checklist 1024 411 Vaughan

Servers – “Site Health” Checklist

Hardware monitoring

  • If your servers are from a Tier 1 vendor (e.g. HP, Dell) then they most likely will have ‘Out of Bounds’ management capabilities installed (Dell = DRAC, HP = ILO).
  • These ‘Out of Bounds’ systems have the ability to monitor the internal hardware components of your servers and can provide alerts when faults are detected – and sometimes even before faults occur! (i.e. they can predict hardware failures).
  • Of course, to take advantage of this feature, the alerts need to be configured. However because the configuration of the alerts is not entirely straight-forward, in our experience frequently these alerts are not configured.
  • Where you have Servers with redundant components (e.g. power supplies, storage devices), provided that you’re aware of the faults, the components can often be replaced by the vendor without any downtime.

Disk space monitoring

  • Any Windows system that runs low on (or out of) disk space on any volume will typically experience degraded performance at the very least – or worse applications will either stop working altogether or will start behaving “unusually”. All of these outcomes will be disruptive to users.
  • Configure disk space monitoring on servers by setting thresholds / alerts for each logical volume; so that in the case of low disk space, intervention can be taken before any disruptions to services occur.

Security patches

  • Particularly on servers that are accessible from the Internet (i.e. servers that provide services to external users) and thus are far more susceptible to ‘attack’ from malicious third parties; ensure that Microsoft and 3rd party application security patches are regularly reviewed and applied to protect against known vulnerabilities.
Passwords – “Site Health” Checklist 1024 411 Vaughan

Passwords – “Site Health” Checklist

Choose passwords that would be difficult for others to guess and then don’t update them regularly. A strong password should contain a mix of upper and lower case letters, numbers and symbols.

If you choose strong passwords, then so long as they’re not compromised there is no need to change them. This approach works best when used with a password manager.

Use a password manager like LastPass or RoboForm to simplify the management and administration of passwords. Both LastPass and Roboform have a free product offering which is quite capable.

Making password management a chore is a guaranteed way to encourage staff to take shortcuts with passwords and potentially use the same password over and over, or write them down. Don’t make password management any more of a hassle than it needs to be.

Use a different password for every account/profile – that way if a password is compromised only one account / profile / service is affected – not all.

Don’t share your passwords with anyone.

Two factor authentication (2FA)

  • With the increasing use of Cloud Service Providers, two factor authentication provides protection against compromise of your security, in the event that a user’s password becomes known by a scammer.
  • How 2FA works, is that anytime a service is accessed from an unknown (or new) device for the first time. A challenge / alert is sent to a known device (typically a user’s mobile phone).
  • This way if a password to an account becomes compromised, the user is alerted by the challenge / alert on their mobile phone – which prevents their account from being accessed even though their password has been compromised.
  • The user can then reset their password.

Failed login attempt monitoring

  • Many Windows applications are susceptible to brute-force password hacking attempts (i.e. trying to identify the user’s password by repeatedly attempting to authenticate with different passwords).
  • However applications that use a Web portal for authentication frequently do not lock out a user account after a certain number of failed login attempts.
  • For your on-premise servers, implement failed login attempt monitoring to address this security risk.
Backups and Disaster Recovery – “Site Health” Checklist 1024 411 Vaughan

Backups and Disaster Recovery – “Site Health” Checklist

Good backups are an essential first line of defence to address a multitude of issues. At the end of the day computer hardware can be replaced, but your critical data will be unique to your business and will be either irreplaceable – or at the very least difficult to recreate.

What makes a “good backup”?

A “good backup”, is a recent backup that has all the data (which can include applications as well as information) in a form that can be easily accessed and restored if needed.

What this means then, is that backups need to be performed regularly (typically at least daily). The value of backups is significantly diminished if they’re not current – or near current to the point-in-time that you need.

The key items in relations to backups are:

  • the backup application itself – its capabilities and features (if you would like recommendations for your environment … please contact us)
  • automated monitoring of backup jobs
    • you need to know that all systems are being backed up at least daily
    • that the backup jobs are being started
    • and that if there are any failures – you’re notified so that they can be investigated and resolved
    • so what you’re interested in is the “exceptions” (i.e. jobs that are not started for some reason, and the jobs that complete with an error)
    • if you don’t have automated monitoring of your backup jobs – we can help!

Servers

  • When most people think about backups, they probably think ‘Servers’ and that is entirely appropriate. Servers typically store data for users and thus Servers need regular and reliable backups in the event of some issue (hardware, user error or virus etc.)

Workstations

  • However backups are also appropriate for workstations. These days USB drives are inexpensive and are ideal both in terms of their physical size (portable) and their capacity.
  • Users don’t always save documents to designated folders or network drives. If important documents are lost or corrupted, local workstation backups are ideal in this scenario.
  • Another situation where local workstation backups can save time and money is in the case where a user has noticed some ‘strange’ behaviour (e.g. some application not performing as expected).
    • If the behaviour cannot be resolved in 15 – 30 mins, and the user can advise that the behaviour started a few days ago.
    • If you have regular backups you can restore back prior to when the issue commenced and resolve the issue in around an hour.
  • Local backups are also particularly useful when users are based at a branch office.
    • Rather than having to return a system to Head office for a rebuild (which will typically take a few days), if you have a recent backup from a point-in-time where the system was working; you can restore the system at the Branch office and have the system working again in around an hour.

Off-site

  • In the case of a disaster at your premises, you need to have a copy of server backups off-site.
  • As with backup monitoring, the process for getting your backups off-site should be automated. Automated processes are not reliant on any individual (i.e. automated processes keep working regardless of who is on vacation)
  • Each off-site backup should be verified – at least weekly – to verify the integrity of the images (if the image is intact – then it should be able to be restored).

Disaster Recovery strategy

  • Off-site backups need to be tested periodically, even if the off-site images are being verified.
  • Frequently the off-site recovery environment is different to the on-premise equipment. It is only by performing an off-site restore that you can identify any potential issues in the restore process. Far better to resolve any restore issues at your leisure than under the pressure of a ‘live’ disaster recovery scenario.
  • If you have a backup system like the one we covered in this article https://zen.net.au/affordable-business-continuity-for-smes/ then you can perform a test restore in around 15 minutes at your convenience.
    • This is the ideal scenario; particularly for medium-sized organisations where the cost of downtime both in terms of lost productivity and loss of reputation due to disruption of service to customers would be significant.
  • However smaller organisations who may not have the budget for a dedicated Data Centre solution, still need the ability to restore their servers in the event of a disaster.
    • We can provide an alternative solution that will provide for the recovery of servers typically in 24 – 48 hours
    • In this scenario, we recommend off-site restores be performed every 6 months.
Anti-virus (AV) – “Site Health” Checklist 1024 411 Vaughan

Anti-virus (AV) – “Site Health” Checklist

No single anti-virus product should be considered infallible all of the time. We recommend a layered or multi AV approach. Each anti-virus application should have a small “footprint”) (i.e. not be a resource hog).

Ransomware

  • Because Ransomware can be difficult to detect and because the consequences of a Ransomware infection can be so dire; look for strong Ransomware protection in at least one of the AV products deployed. Also look for backup products that protect their image repositories from Ransomware (if your backups are encrypted by a Ransomware virus – then your backups become useless).

E-mail screening

  • E-mail is a constant source of threats:
    • Malicious attachments
    • Embedded images
    • Malicious URL’s
  • Implement an e-mail gateway that can screen all e-mail and filter / quarantine malicious or potentially suspicious e-mail. Effective e-mail screening can block scam e-mails before they reach the Inbox of your staff – thus reducing the risk that you need to rely on the vigilance of your staff to recognise a threat.
Backup for Office 365 1024 411 Vaughan

Backup for Office 365

In our last article we looked at Office 365 Licensing, whether you’re using Office 365 or some other Cloud Service Provider, our view is that you should never rely on the cloud service provider to backup and protect your data (although some cloud service providers do provide backups as part of their service – typically you don’t get to choose the backup frequency or the data retention period. And in the event that you need to perform a restore, the restore options are generally limited).

At the end of the day, your data is the key to your business, equipment can be replaced, but your data will be unique to you. So if you lose your data, then the consequences could be catastrophic.

On the other hand, if you have good backups in place then any “data loss” will be an inconvenience rather than a ‘disaster’.

Data loss can occur due to:

  • User error
  • Malicious action
    • e.g. ex-staff member decides to delete all or some of their mail just before they leave
    • or some 3rd party manages to obtain remote access to a mailbox or OneDrive folder by guessing a user’s password and then decides to wreak havoc
  • Data corruption
    • virus
    • or cloud provider snafu

So if you decide to implement Office 365, then you need to backup your Office 365 data:

  • Mailboxes
  • Public folders
  • SharePoint Online and OneDrive for Business data
  • Teams data

There are several Office 365 backup solutions available.

One option is CodeTwo Backup for Office 365 which lets you perform full or incremental backups of selected Office 365 mailboxes and public folders, SharePoint Online and OneDrive for Business sites as well as Teams data.

CodeTwo Backup is relatively easy-to-use for a backup solution, bearing in mind that backup products should be the realm of an IT Admin rather than a user. CodeTwo provides good reporting / monitoring and is affordable.

Key features

  • Backup Office 365 mailboxes
  • Backup Office 365 public folders
  • Backup SharePoint Online and OneDrive for Business
  • Backup Teams data
  • Continuous incremental backup
  • Backup on demand or scheduled automatic backups
  • Centralised management from a single console
  • Unlimited data retention and full control
  • Option to export to PST and automatic archiving (although there are other archiving solutions that in our view are better)
  • Granular recovery
    • Restore full mailboxes
    • Selected folders
    • Or particular items only
  • Browse backup versions, search for items
  • Ability to restore data to a different destination – other than the original location
    • The backed up data doesn’t have to be restored to the original location. You can recover items to mailboxes of different users.

Pricing

Like Office 365 licensing, CodeTwo uses an annual subscription model. Pricing is in USD.

The smallest license is for 10 mailboxes, which works out to $147 USD (or approx. $15 USD per mailbox per annum)

SharePoint / OneDrive data requires a license for every 10GB of data. So if you had 100GB of data, then that would be an additional 10 licenses. Although in that case the price per license reduces to $13.15 per license.

The CodeTwo price calculator can be found here – but if you’re considering placing an order we would appreciate it if you placed the order through us.

Office 365 License Comparison 1024 411 Vaughan

Office 365 License Comparison

With a range of plans for small, medium and enterprise businesses; identifying the plan (or plans) that are right for your organisation can be challenging. This Office 365 license comparison will overview the Business and Enterprise plans available from Microsoft to help you make the right choices for your organisation.

Within the Office 365 plans targeted at businesses there are two plan types:

  1. Office 365 Business
    • Maximum number of users: 300
  1. Office 365 Enterprise
    • No ceiling on the number of users

Office 365 Business

There are three Office 365 Business plans:

Plan Per Month (ex-GST) Per Annum (ex-GST)
Office 365 Business $12.00 $144.00
Office 365 Business Essentials $6.90 $82.80
Office 365 Business Premium $17.20 $206.40

Note: For each user/mailbox in the plan the commitment is now annual, so the monthly rates shown above are for budgeting / comparison purposes only. The ‘Per Annum’ figure is the actual cost and commitment.

The main differences between the three plans are:

  1. The Office 365 Business plan does not include access to Microsoft Exchange (i.e. business e-mail) and as a result for the majority of organisations this plan is not useful and so won’t be considered further here.
  2. The key difference between Office 365 Business Essentials and Office 365 Business Premium is that Business Premium includes both the following desktop applications and the Web versions:
    • Outlook
    • Word
    • Excel
    • PowerPoint
    • Publisher (desktop application only)
    • Access (desktop application only)
  3. While Business Essentials only includes the Web versions (and there is no Web version of Access or Publisher)

So many organisations use a combination of Business Essentials and Business Premium depending on the needs of their user’s and their budget.

For a detailed comparison of Business Essentials and Business Premium plans click here

Office 365 Enterprise

There are four Office 365 Enterprise plans:

Plan Per Month (ex-GST) Per Annum (ex-GST)
Office 365 ProPlus $17.40 $208.80
Office 365 Enterprise E1 $11.00 $132.00
Office 365 Enterprise E3 $29.00 $348.00
Office 365 Enterprise E5 $50.70 $608.40

The main differences between the four plans are:

  1. Like the Office 365 Business plan, Office 365 ProPlus does not include access to Microsoft Exchange (i.e. business e-mail) and as a result is not a useful plan for the majority of organisations. This plan won’t be discussed further here.
  2. Office 365 Enterprise E1 is similar to Office 365 Business Essentials, in that it only includes the Web versions of: Outlook, Word, Excel and PowerPoint. The size of the user mailbox is 50GB
  3. Office 365 Enterprise E3 and E5 are similar to Office 365 Business Premium, in that they also include the desktop applications:
    • Outlook
    • Word
    • Excel
    • PowerPoint
    • Publisher (desktop application only)
    • Access (desktop application only)
  4. However in contrast to the Enterprise E1 and Office 365 Business Premium plans, both E3 and E5 provide a user mailbox of 100GB.
  5. The Enterprise E3 and E5 plans also provide additional “back office” services

For a detailed comparison of the Office 365 Enterprise plans click here

Still have questions about which Office 365 plan (or plans) is right for your organisation? Contact ZEN today for assistance

Comparison of Office 365 Enterprise Plans 1024 411 Vaughan

Comparison of Office 365 Enterprise Plans

Comparison of Office 365 Enterprise Plans

Plan Office 365 Enterprise E1 Office 365 Enterprise E3 Office 365 Enterprise E5
Per user / per month (ex-GST) $11.00 $29.00 $50.70
Per user / Annual commitment (ex-GST) $132.00 $348.00 $608.40
Services included: Exchange, OneDrive, SharePoint, Microsoft Teams, Yammer, Stream
Additional Services: Power BI Pro
E-mail hosting with 50GB mailbox and custom e-mail domain address
E-mail hosting with 100GB mailbox and custom e-mail domain address
Desktop versions of Office applications on PC or Mac: Outlook, Word, Excel, PowerPoint (plus Access and Publisher for PC only)
OneNote
Web versions of Outlook, Word, Excel and PowerPoint
One license covers fully-installed Office apps on 5 phones, 5 tablets and 5 PC’s or Mac’s per user
File storage and sharing with 1TB of OneDrive storage
Unlimited personal cloud storage
Company-wide intranet and team sites with SharePoint
Online meetings and video conferencing for up to 250 people
Host meetings for up to 10,000 people with Skype Meeting Broadcast or Microsoft Teams live events
Hub for teamwork to connect your teams with Microsoft Teams
Collaborate across departments and locations with Yammer
Manual retention and deletion policies and manual classifications
Manage tasks and teamwork with Microsoft Planner
Search and discovery with Delve
eDiscovery with in-place search, hold and export
Advanced eDiscovery with in-place search, hold, export and analytics
Guard your mailbox against malicious links and attachments with Exchange Online Advanced Threat Protection
Control how Support accesses your mailbox with Customer Lockbox
Auto classification, smart import and more with Advanced Data Governance
Asses risk and gain insight into potential threats with Office 365 Cloud App Security
Advanced personal and organisational analytics with MyAnalytics and Power BI Pro
Make, receive and transfer calls across a wide range of devices with Phone System
Make domestic or international calls from current or new phone numbers with add-on Calling Plan
Create meetings with a dial-in number that attendees can join by telephone with Audio Conferencing
Maximum number of users Unlimited Unlimited Unlimited
24/7 phone and Web support
Licensed for commercial use

<< Return to Office 365 License Comparison

Join our Newsletter

We'll send you newsletters with news, tips & tricks. No spams here.

Input this code:captcha