Tag Archives: Exchange Server

‘Because [they’re] happy’… or, maybe not. How can you tell?

MailArchiverHappy_SQCan you tell if your employees are happy?

With stress costing the US industry an estimated $300 billion a year in sick days, accidents and associated costs, it might be time to measure your employee happiness. Impossible! No, it isn’t.

GFI MailArchiver’s email management system can monitor your company’s mood. How does it do that? Watch our short video and discover how you can too!

Beyond storage: Why email archiving can save the day

David Kelleheron April 10, 2014

How many email messages do you send each day? How many Email-is-not-dead-298x300do you receive? Like many regular users, you probably send over 30 messages per day and receive over 100. If you are a power user, you can probably double those numbers and still come up short. With so much mail flowing through your inbox, it is far too easy to find your inbox full, to suffer from information overload, or even to get a little delete-happy and drop messages that you may need later on. Whether you are limited by the size of your mailbox, or the storage on your solid-state drive, there is a very good chance at some point you or your employees are going to find the need for an email message that was deleted.
Continue reading

13 New Year’s Resolutions for Every SysAdmin

By Christina Goggi

As the year comes to an end and New Year’s Day is right around the corner, everyone starts to think about their resolutions for the New Year. Unlike those you are bound to break, like “I resolve to go to the gym every day” and “I will never order extra cheese again,” here are 13 New Year’s Resolutions that every SysAdmin should not only make, but actually keep.

1. I will finally get patch management under control.

For far too long, you have had servers you didn’t patch, workstations you couldn’t patch, and no real way to know just what the status was of any specific machine. And third-party apps? Forget about it. You don’t even want to know how many machines are running out of date Flash. Stop the madness. Make this the year you finally get patch management under control and deploy an app that can handle operating systems and third party applications, so you know everything is fully up to date.

2. I will use hard fails in my SPF records.

It’s so simple. Change one little ~ to a – and you’re done. If it actually does break something… Good! No one should be sending email from your company domain that you don’t know about, so do us all a favor and make this the year you finally start to use hard fails in your SPF records.

3. I will change all those passwords I haven’t changed this decade.

I have a favorite password too. I came up with it in 1997 and consider it nigh unbreakable. But I know it’s not, and you know that password that you’ve been using since a Bush was in the White House is well past its prime. Go change those passwords now – especially the ones that half a dozen ex-employees know because it doesn’t really matter how much you trust them. They don’t work here anymore and shouldn’t know service account passwords.

4. I will actually validate my backups, at least once.

We all smile and nod and say “of course you need to test backups by restoring” but let’s be honest… we never really do. Until now. 2014 will be the year that we all validate our backups by restoring data. And I don’t just mean mailbox databases and home directories. We probably have to restore those every other day. I mean the backups of SQL databases and websites and application installs and Active Directory. Go make sure you really do have valid backups you can use to restore, because otherwise 2014 may be the year your luck finally runs out.

5. I will learn PowerShell.

Whether you spend an hour a night, three lunch breaks a week, or take a five-day crash course, make this year the year you finally learn PowerShell. It’s amazing how powerful a scripting language it really is, and Microsoft is fully committed to making it the management interface for all their products. Even if you can’t code a “Hello World,” you can learn PowerShell. Go do it.

6. I will successfully test our DR plan.

Don’t just test your DR plan… successfully test every aspect of it to make sure it really works. If it doesn’t, revise it and test it again. Unless your DR plan is to update monster.com, you really need to know your plan is sound, works 100%, and you really can get everything up and running again quickly and reliably.

7. I will check every UPS, fan, filter, and cooling system.

Take the first day of the new year to walk every row of the datacenter, open every rack, shine a flashlight in, and make sure every fan is really spinning. Replace every air filter, confirm every cooling system, and test every UPS. It may take a day to do all of that, but it’s a day well worth the effort since those are the simple things that can mean the difference between a system continuing to run, and one that dies.

8. I will run monthly vulnerability assessments.

Get an app, schedule the task, run monthly vulnerability assessments against your internal and external systems, and when you find an issue, remediate it. Trust me… the bad guys are scanning you all the time. Make 2014 the year when you finally know just what it is they see, and you don’t have to worry about it, because you have already covered it.

9. I will have 100% antivirus compliance.

Like patching, this is one of those lies we tell ourselves each year. Sure, all my users are running A/V and all my servers have it too. All my exceptions are properly set up for the applications that my company depends upon, and no SysAdmin has turned off A/V because he thinks his app will run faster. No more. This is the year that everything runs antivirus 100 percent of the time, no exceptions.

10. I will better educate my users.

They are your weakest link, and your early warning system. Why do you continue to let them operate in the dark? This is the year you really can do that monthly security newsletter; those brown bag sessions on patching, and convert your users from part of the problem to part of the solution.

11. I will get more proactive.

Nobody likes those phone calls that come in at 15 minutes before quitting time. But they are not quite as bad as the ones that come in at 2:00 in the morning! If you are waiting on tickets to come in and the phone to ring to discover and fix problems, you’re doing it wrong. Get with the times. Implement monitoring on all your systems that can not only tell you when something is broken but warn you before it breaks, so you can address the issues during the regular business day, and take back your nights.

12. I will upgrade all my old Exchange 2003, and Windows 2003 systems

Take a look at that calendar, will you? 2014! Wow, how time flies. I guess I really have got a  great decade worth of service out of those old 2003 bases systems. Since everything from the server operating system to the core applications have gone through two major new releases, it’s time to take anything running a 2003 version and put it out to pasture. They’ve earned their retirement. Let them go. 2014 will be the year of the upgrade for many of you. Resolve to make it count.

13. I will upgrade all my old XP and Office 2003 users.

And speaking of legacy, XP is dead. As of April, it is no more… no more patches, no more security updates. The same goes for Office and plenty of other systems out there. The difference between 12 and 13 on this list is that 12 is the purview of the SysAdmin, who knows he or she needs to upgrade. 13 is going to involve a user who just can’t update because learning new things is hard and it still works, so why replace it. Hey, if they want to drive that ’79 Pinto with 330K miles on it, that’s their business, but they cannot run systems on your network that can no longer be maintained, and both XP and Office 2003 are going the way of the DoDo come April. It’s time to pull the plug. Just make sure you give them 8.1 and Office 2013 so you don’t have to do this again for at least the next several years!

If you don’t want to resolve to give up coffee or take up running, don’t. I’m not about to tell you to do something you don’t want to do, if you don’t have to do it. The resolutions above are not like that. These are all things that are good, good for you, and take less effort than the alternatives will should you choose not to. Getting proactive, taking care of business, and upgrading things you can no longer support will all help to protect your nights and weekends, and hey, you might even have time to hit the gym if each morning is no longer a fire-drill. Have a great, happy, and safe New Year, and resolve to do right by your network and your users.

– See more at: http://www.gfi.com/blog/13-new-years-resolutions-for-every-sysadmin/#sthash.nzgpyAeG.dpuf

CryptoLocker: Ransomware Back with Vengeance?

Writen by: Christina Goggi

There’s a new beast in town and if you’re one of theCryptoLocker_Ransomware-300x300 unlucky folks to cross its path, then you’re either a few hundred dollars poorer or you’re stuck with a hard drive (or more) with encrypted data that you can’t retrieve (unless you have backups).

The CryptoLocker Virus is a nasty piece of malware doing the rounds that encrypts files on a victim’s computer and issues an ultimatum: Pay up or lose your data. CryptoLocker’s raison d’être is to literally extract a ransom from its victims, which is why malware of its type is also known as “ransomware”.
Continue reading

Email Security in a Corporate or Small Business Environment

Written by: Bruce Naylor November 4th 2013

Cyber attacks against small businessGFI_Logo establishments as well as corporations are very common and many small business firms find it difficult to bear the financial loss created by such attacks. It has become all the more necessary to adopt effective steps at workplaces to ensure security of the computers. Many companies introduced training programs for the employees on how to ensure digital security. As the first step the employees are trained how to avoid spam as well as the attachments of the spam messages, how to avoid outside instant messaging clients etc. Improper and ineffective uses of E-mail through the company’s computers in many places have led to litigation in many cases. E-mail manners are quite essential for smooth running of a business.
Continue reading

Analyzing Email Communications Part 1

Written by: Christina Goggi

When it comes to corporate email, IT administrators have Email-Communications-300x300quite a challenge. They need to find the right balance between protecting employee privacy and monitoring electronic communications for signs of bad behavior. Likewise, employees have to respect the company’s rules for communicating, and use good judgment when sending and receiving emails. This can all be quite tricky – especially for companies with many employees – since IT administrators can’t read every email.

GFI MailArchiver® features MailInsights®, a set of business intelligence reports that can help you make sense off all those emails without having to analyze every one of them. MailInsights enables authorized personnel to monitor employee email for inappropriate behavior or wasted time during work hours. A lot can be extracted from emails. After all, much of today’s communication is done via email. Furthermore, lack of a proper email archiving solution can place unnecessary stress on your email infrastructure and possibly expose your company to legal problems.

MailInsights reports can be generated on a schedule, with each report sent to your inbox as a PDF attachment. It is possible to define the frequency with which you want these reports to be sent (e.g., daily, weekly or monthly). All of these reports start with a short summary to clearly identify the top drivers, and most have a chart to illustrate the data within it. There is also a comprehensive table with all the details of the report.

Now that you have this basic understanding of the MailInsights reporting tool, let’s dive in with the first of three brief but informative blog posts. The remainder of this first post explains how GFI MailInsights gives you greater visibility into the high volume of emails that your company sends and receives.

Understanding who an employee emails is extremely important. This can be achieved with the communication flow report, which displays a chart that easily identifies the key people a user communicates with.

Below is an example of the chart. The node in the middle is the employee (“Melissa King”) whose email habits are being analyzed. The nodes in blue along the perimeter represent King’s top communication points. The thickness of the node connectors indicates the number of emails sent and received.

Communication Flow Chart

Communication Flow Chart

With this chart, we clearly see King’s top communication points, and whether they are third parties, personal email addresses of the employee or internal recipients within the company. This insight is valuable. Let’s say King resigns from the company. With this reporting tool, it’s easy to identify who she was doing business with in the past few months – ensuring the company can move on in her absence.

 

Five essential tips to ensure corporate email compliance

The world of email compliance is a complicated one. Not only do you have to cope with an alphabet soup of acronyms describing regulatory bodies, you also have to decipher reams of compliance requirements for your industry. In an effort to ease that burden, we have put together this quick guide on how to help your organization. While email compliance is far too complicated to cover in a short presentation, the tips included here are useful in handling that responsibility.

Is Your Email a Ticking Legal Timebomb?

A couple of months ago, I postulated here e-discovery-300x224that, far from being dead, email is alive and kicking in business organizations around the world. We talked about how to secure those messages from attackers, but that’s only part of the problem inherent in managing an email system. There’s another type of outsider to whom you might someday have to give access to all those internal communications: the legal system. Regulatory agencies can demand to audit your mail system, or courts can subpoena stored mail messages that are evidentiary in nature as part of the discovery process in the event of a lawsuit or criminal charges. That means you’d better have a good email archiving system in place. But what exactly are the characteristics of a good system?
Continue reading

Jumpstart: Spam Filtering

We had published an article called ‘13 IT Projects project-7-300x300to Include in Your Plans for 2013’ in which we suggested 13 great IT projects for you to consider; we decided to publish some follow-up articles to help do just that.

Our seventh project suggestion was for spam filtering – here’s what we had to say:

Spam volumes continue to rise, and Outlook’s junk mail filters just are not enough anymore. 2013 can be the year you finally get a handle on spam by implementing spam filtering. Whether you deploy something on-premise or in the cloud, blocking spam, phishing, and malware infected messages before they get to your users is something everyone will appreciate.
Continue reading

GFI MailEssentials® Online Solves the Postini™ Problem

Google sounded the death knell of Postini when itPostini-Logo-1-1 started releasing similar features natively within Google Apps. Now Google has announced the end of Postini. This has presented a very real problem for 26 million Postini users – who can either pay more in the long run and use Google Apps, or move to another service to get what they need and avoiding paying for what they don’t.

While cloud-based email protection has brought many advantages to business, migrating from one provider to another can pose challenges. The Google product forums about the difference in services offered by Google may well be cause for concern for current customers.
Continue reading