This month, our new high level Cyber Security provided by Huntress detected a log in for one of our local clients from Kenya with multiple attempts made to login. Immediately the login was disabled and the hacker was stopped in their tracks.

Here we share snippets from a real life example of the report that we receive on a monthly basis that provide us with an overview of the security work that goes on behind the scenes. This gives you an insight in to the in depth analysis and monitoring that goes on continuously.

You can read our recent article about the change to Huntress Cyber Security here.

Overall Security Summary

During just one month, our cybersecurity platform analyzed 397,588 changes to the computer systems on our network in order to detect malicious activity.

Cyber Threat Hunters reviewed 331 potential threat indicators that were previously unknown or suspicious. In-depth investigations were conducted as needed and 2 cyber incident reports were created and responded to by our security team. This defense strategy continues to reduce our clients cyberattack risk, maximize security, and minimize downtime and damage to your businesses

Looking at this, you can see that 331 potential threats were identified and two incidents were reported This means that the system is automatically flagging anything that looks even slightly out of the ordinary.

What is a persistent foothold?

Whilst this may sound more like something you should see the podiatrist about, Persistent Footholds are mechanisms attackers use to gain long-term access to a network by exploiting common auto-starting applications (autoruns), such as Skype or Google Updater.

By abusing and masquerading as legitimate system components, attackers can slip by other security tools, remaining undetected while planning their next move!!! Scary stuff.

During this month alone, our cybersecurity platform analyzed 397,588 changes to your systems in order to uncover persistent footholds that, if not remediated quickly, become malicious threats to your business. Cyber Threat Hunters (who are real people) manually reviewed 84 autoruns that were previously unknown or suspicious. As a result, our security team identified no persistent footholds on your computer systems. Phew!

Ransomware Canaries

Like the old canary in the coal mine, Ransomware Canaries enable faster and earlier detection of potential ransomware incidents. When deployed, small lightweight files are placed on all protected endpoints—and if those files are modified or changed in any way, an investigation is conducted.

What is Managed Antivirus?

Managed antivirus helps your security team proactively scan and enforce policy settings on your organization’s devices ensuring they are protected against the latest cyber threats. By aggregating antivirus findings into a single-pane of glass, your security team uses MAV to filter out noise and focus on the threats that are not mitigated by Antivirus alone.

During this timeframe, your Managed Antivirus (MAV) Service identified 42 suspicious detections, and automatically blocked 79 pieces of malware or potentially unwanted programs on Windows endpoints. Of the detections, 42 were auto-remediated by MAV and 0 required investigations by the team of cyber threat hunters.

What is MDR for Microsoft 365?

As a widespread and integral productivity suite, Microsoft 365 is a high profile target. MDR for Microsoft 365 monitors for suspicious and malicious behaviors that indicate compromise.

When a potential threat actor is detected in a Microsoft 365 service, a human reviews the activity, a remediation plan is established, and an alert is delivered through your Managed Security Platform.

During this report’s timeframe, MDR for Microsoft 365 analyzed the output of 189,010 events from your Microsoft 365 users and environment. The analysis revealed 4 events detected as potential threats that were manually reviewed by Cyber Threat Hunters. The review resulted in 4 in-depth investigations by our Cyber Threat Hunters. As a result, your security team identified and reported 3 malicious events among our tenants and took the necessary steps to secure our tenants.

In Summary

A cyber incident that is identified and remediated in a timely manner can save your company thousands if not millions of dollars depending on the size of your organization and the value of your data.

The best thing about all of this, is that you don’t need to do anything. Just sit back and know that we are taking care of everything in the background. Whilst no Cyber Security system is foolproof, this gives you an idea of how much monitoring is taking place on a 24/7 basis.

To discuss your individual requirements or to find out about the advantages of being on a Managed Service Plan and receiving this level of monitoring contact us here.

You can’t just swipe right or left when looking for a managed service provider match. Identifying the IT partner that will be best for your business takes time. This guide shares 14 questions you can ask potential MSP partners to find the right fit. These include:

• What are your areas of expertise?
• What kind of response time can we expect for critical services?
• How will you reduce our costs?
• What training will you offer our employees?
• What is outside of the scope of our engagement?
• What business continuity/disaster recovery do you have in place?
• What kind of pricing plans do you offer?

Here we explore each of these question in more depth:

How long have you been in business?

This is not to say that a new company can’t be a good one, but there is something to say for experience. Knowing they work with businesses like yours or on similar systems boosts credibility.

Also, you might ask how many people are on their staff. A small shop can do the job, but if you expect to have heavy needs, you don’t want to worry that the one person you work with will get ill. Then, you’d need to train up a brand-new backup person.

What are your area’s of expertise?

Most MSPs will share certain skills. Still, find out what specific competencies a particular MSP offers. They may have certifications related to healthcare cybersecurity or focus on financial services. If certain things are important to you, you’ll need a provider with the tools to address that.

As a follow-up, it can also help to ask how their IT experts remain current with the latest technology. After all, this is a rapidly evolving environment, and you don’t want a partner whose people are content with what they learned six years ago. You need support that stays up to date and can keep your infrastructure current, too.

How will you provide I.T support?

A typical MSP delivers ongoing network, application, infrastructure, and security services. They may do this via remote administration, on your premises, or through a hybrid of both. They may have their own data center, or they could be relying on a third-party data center.

You might partner with an MSP that provides technical support with a break-fix focus, or align with an MSP that helps you avoid issues with consistent maintenance, security, monitoring, reporting, and more.

What kind of response time can we expect?

Every moment you are down can be costly to your business. Downtime can damage employee engagement, customer satisfaction, and brand loyalty. You’ll want to get an idea from each MSP of what kind of critical service response time to expect.

What will you do to improve our processes?

Partnering with an MSP is more than setting up a relationship with a break-fix repair shop. A good MSP will get to know your business and find ways to help your people do their daily work better. They may also work to anticipate short- and long-term needs, and to secure your business to avoid unexpected downtime. You may even partner with an MSP that wants to help you build an IT business strategy.

How will you reduce our costs?

The answer to this can depend on how much you want to turn over to the MSP. For instance, you might decide to let them take over your IT help desk. Or you’ll have them take on your full system maintenance and security monitoring. These could lead to cost savings.

Ultimately, you want the cost of an MSP contract to be offset by the return on investment you get.

What training will you offer our employees?

Your people are going to be hands-on with the technology every day. You don’t want to partner with an MSP that suggests new software and hardware and then leaves you to learn it on your own.

You may want an MSP partner that provides recommendations and trains your employees. This can help ease the deployment of new tools and reduce friction when you make changes.

What will you handle?

This is your business tech, so you’ll want to be clear about what services the MSP will handle in-house. They may contract with other vendors for some services, whereas other things they may automate. You want to know what areas are which.

Keep in mind that an MSP outsourcing some services isn’t always a bad thing. Automation isn’t terrible either: both can free IT experts to focus on essential tasks and ensure you get the best quality of services.

What is outside the scope of service?

Especially when you are paying a flat rate, you’ll need to know what they will and won’t do for you. It’s helpful to get all the services they do provide listed out in the service-level agreement. You can see who handles things such as network monitoring, server upgrades, software patching, hardware installation, and more.

Some services may be available to you also as an add-on. You’ll need to know what you need to effectively evaluate these terms in the agreement.

Additionally, there may be contractors dealing with your critical data, so you’ll want to know what security measures are in place.

What business continuity plan do you have?

They should speak to you about data backup, business continuity, and disaster recovery. Yet this question targets what they are doing themselves. They should have plans to ensure consistent services in the event of issues.

You don’t want your MSP to go down for an extended period because of a breach or natural disaster. They won’t be able to help you recover if they’re struggling to get back online themselves.

What kind of pricing plans do you offer?

Just as there are many MSPs available, you’ll encounter different pricing models. You might pay a flat-fee, all-inclusive rate. Other options include a custom plan, where you pick services à la carte, or you might have to select from certain minimum blocks of service.

Your business may be able to fit into a pre-existing box for what a particular MSP offers. Or you might need a partner who can be flexible to meet your specific needs.

What do you include in the pricing?

Once you know how the company bills, also ask what that bill includes. Get an itemized list of what’s included in your all-inclusive plan or whichever type of model you select. This can vary across providers.

How often will the contract renew

Many MSPs offer contracts on one- or three-year terms. A longer contract can be more cost-effective, but it also means you’ll be stuck with that MSP longer if you’re unhappy. Be sure to negotiate a cause-for-termination clause in the three-year contract if you take that route.

Most MSPs will want to auto-renew. Schedule a calendar reminder to review your MSP services halfway through your contract. That way, you’ll have time to find a new provider if that’s what you decide you want to do.

Can you provide referrals?

There’s a reason word of mouth means so much to potential buyers. An MSP can tell you whatever it wants, but an actual customer is more likely to provide a true picture. Talking to current partners allows you to learn more about how the MSP delivers its services and whether it keeps its promises. If the MSP can’t provide references or provides contacts for customers that are impossible to reach, that’s not a good sign. Yes, it adds a step to your buying process, but getting that business to talk about their firsthand experience with the MSP could provide essential insights.

Knowing the right questions to ask is a great starting point. As an MSP, we’d be happy to discuss all these issues with you and more. Reach out to our experts today to see if we are the right fit for your business IT needs. Reach out to our friendly team here at Ultra IT to ask these questions specifically of us.

Microsoft Bookings is a scheduling tool that allows businesses to manage and accept appointments from customers. It helps customers to schedule appointments, and businesses to manage their schedules, manage appointments and communicate with customers.

In July last year, Microsoft released a new capability called “ Microsoft Bookings with Me”, a personal scheduling app that helps individuals to schedule appointments and manage their schedules. 

So what is the difference ?

The difference between Microsoft Bookings and Microsoft Bookings with Me is that Microsoft Bookings is meant for businesses or teams, while Microsoft Bookings with Me is for individual users who want to manage their appointments and schedule meetings efficiently. 

What are the advantages of Microsoft Bookings with me?

• Enables users to eliminate the back-and-forth scheduling by providing users with their own bookings page that is integrated with their Outlook calendar, so customers can choose a meeting or appointment time that suits them based on the person’s availability.  
• Provides customers a platform to schedule their own meetings or appointments with staff, streamlining the scheduling process and saving time for both parties. 
• As the owner of the Bookings calendar, you have complete control over the scheduling options, such as what hours you make available, and how much lead time you require for new appointments. 
• It’s integrated with your Outlook calendar so your busy times will not be available on your Bookings page to avoid double bookings. 

Bookings with me is available in all the following subscriptions:

• Office 365: A3, A5, E1, E3, E5, F1, F3
• Microsoft 365: A3, A5, E1, E3, E5, F1, F3, Business Basic, Business Standard, Business Premium

How to set up Microsoft bookings with me?

Set up your Bookings page

1. Go to https://outlook.office.com/bookwithme/ 

2. At the top of the page, you will see your name. Under that there is a progress bar, which says ‘Get started by creating your first meeting type’. 
3. You can create public or private meetings.

Public meetings can be viewed and scheduled by anyone that has your Bookings with me page link. You are in control of who you share that link with. All public meeting types will be visible to anyone that has your Bookings with me page link.

Private meetings can only be viewed by people who have the link for that meeting type. The difference between public meetings and private meetings is private meetings can have different links and the links expire after 90 days. You can also set private links to expire after a one-time booking. When accessing the scheduling view for a private meeting, only that meeting type will be visible.

4. Create a meeting type by clicking the ‘+’ next to the public or private option.

5. Enter the following details for the meeting:
   1. Title
   2. Description
   3. Location (or set it as a Teams meeting)
   4. Duration
   5. Privacy (public or private meeting)
   6. Meeting hours (regular or custom)
      1. Regular – this uses your outlook calendar meeting hours. You can view your meeting hours here:  https://outlook.office.com/mail/options/calendar/view
      2. Custom – set custom hours for the meeting. For example, you might work from 8:30am-5:30pm, but only want clients to be able to book meetings between 9:00am-5:00pm.
   7. In the advanced options, you can configure the following settings
      1. Buffer time before meeting (I recommend adding buffer time for onsite meetings to cover travel)
      2. Buffer time after meeting 
      3. Limit start time to (15min intervals, 30 min intervals etc)
      4. Minimum lead time (set this to how much notice you want before a meeting can be scheduled)
      5. Maximum lead time

6. When done click ‘Save’. 
7. Add any other meetings you want to add

Note: When you first set up Bookings with me, it may take some processing time to complete the creation of your bookings page. The share button will be greyed out until the creation is completed. When the progress bar is fully coloured (below), or the progress bar has disappeared, the Share button with be enabled and you can starting use the bookings calendar.

Share your bookings calendar 

When you click on the ‘Share’ button, there is 3 options: 

Copy link: Copies the link to your clipboard, you can paste the link in a Teams message, email etc

Share via email: A ‘Share via email’ window will pop up. Enter the client’s email address and a message and click ‘Send’

The email they receive will look like this: 

Add to email signature:

You will need to create a new email signature. Tick the ‘Include a link to my bookings page in my signature’ and the ‘Book time to meet with me’ link will automatically be added to the signature.

Attendee View

The attendee view is what your clients will see when you share your bookings page with them. They can select the meeting type, date and time that suits them. 

When they select a time and click Next, they will be prompted to enter their name and email address and any additional notes about why they are booking the meeting. If they are already signed in with their Microsoft work account, their name and email address will be auto filled for them. 

If they are not already signed in, when they open the bookings page, they will be prompted to either sign in with their Microsoft Work or School account or continue as a guest.

 If they choose to continue as a guest, they will need to enter their name and email address and select ‘Email verification code’. 

A verification code will be sent to them via email. If they cannot see the email, make sure to check the junk folder (it went to junk for me). 

Once the verification is complete, the meeting will be booked, and the client will receive a confirmation email with the calendar appointment.

In Summary

If you require any further assistance with this, please feel free to reach out to one of our friendly team at Ultra IT.