Uncategorized

MCS becomes Veeam Cloud Partner

We have partnered with the backup software maker, Veeam, to offer cloud disaster recovery services powered by Veeam. This partnership allows MCS to utilize Veeam’s most advanced software and features to backup our customer’s data. These features include, near real time VM replication, WAN Acceleration, virtual labs, point in time recovery, and more.

Of all of the backup software we evaluated, Veeam was a clear winner both in performance and features. What this means for our customers is that they can have peace of mind knowing that their data is safe and secure at our data center. We know a backup is only good when you can actually restore from it in a timely manner. Veeam allows us to bring up your operations at our business continuity center within minutes of an outage.

Microsoft Pushes Out of Band Security Patch

On Tuesday, November 18, 2014, Microsoft released an out-of-band security update (MS14-068) to address a critical vulnerability in Windows. The update deals with elevation of privileges and affects Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 and Windows 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1, as well as Windows Technical Preview and Windows Server Technical Preview.

MCS is currently patching our data center infrastructure and also helping our customers with an active RightTrack service agreement automatically. We strongly encourage customers to apply this update as soon as possible if they do not have an active service agreement with MCS already. The patch does require a reboot so some downtime must be scheduled.

ShellShock Exploit Should be Patched Immediately

If your organization is running any Linux, Unix, or Mac systems, you are likely vulnerable to the ShellShock attack. The issue is with bash, a very common text shell that runs on these OSs to provide a command line UI.

Our systems have already been patched to the latest available bash package as of this post. There is the possibility for an attacker to gain control of a vulnerable machine. ShellShock is rated a 10 out of 10 on the U.S. National Vulnerability Database’s severity scale.

Please contact MCS if your organization runs any Linux or Unix servers. At this time, there is no patch available for MACs. Most Linux repos have at least a partial fix available now.

Looking for a Web Application Developer and QA Tester

MCS is growing and we have immediate positions available for a Web Application Developer and a QA Tester. These positions are needed to supplement our existing in-house development team. Visit our Employment Opportunities page for more information and to apply online.

Windows Server 2003 Support Ends Next Year

The Microsoft Windows XP end of life cycle has come and gone. Now, XPs server counterpart, Windows Server 2003 and 2003 R2, will be loosing support as well. According to the Microsoft Support site, Windows Server 2003 will no longer be supported after 7/14/2015. After this date, Microsoft will no longer push out security patches.

MCS recommends that any Server 2003 machine should be migrated to a newer version as soon as possible. The later versions of Windows Server like 2008 R2 and 2012 will still be supported for years to come but in most cases, Server 2012 will be the best path. If you are worried about how long an investment in a new server may last, Microsoft states on their website that:

“Microsoft will offer a minimum of 10 years of support for Business and Developer products. Mainstream Support for Business and Developer products will be provided for 5 years or for 2 years after the successor product (N+1) is released, whichever is longer.”–http://support.microsoft.com/gp/lifepolicy

Legacy server managers might see this July 14th, 2015 date as plenty of time to upgrade although that may not be the case. For those servers running Exchange 2003, support has already ended as of 4/8/2014 making a migration even more critical.

Any server currently running Windows Server 2003 has had a long life and the time has come to upgrade. To put its age into perspective, a student going into the 2nd grade at the time of Server 2003s release would now be entering college in 2014. In computer terms, that is an eternity. MCS has been assisting business customers transition to newer server platforms for over 11 years and we can help your organization too. Contact us today for a free evaluation.

RightTrack, our Newest IT Service Offering

Some of our customers might know this new service as simply as an IT Service Agreement, but we have added extra value with our new RightTrack service. Customers that want a simple and proactive solution to their IT needs should defiantly consider RightTrack. This offering ensures that your business is heading down the right track by combining a guaranteed service level, networking monitoring, and a dedicated engineer assigned to your account.

With MCS RightTrack, you get access to our entire team of veteran IT consultants while still having an assigned tech for most service calls. This service is a perfect fit for business that are on the fence about whether or not to hire a full time IT person. Hiring a single IT manager is very expensive when you factor in salary, recruiting, management, benefits, vacation, and idle time. Instead, going with RightTrack from MCS gives you a tech that does not waste time, and has the experience of working with several other companies just like yours. This allows MCS to recommend best practices that are tried and true without spending lots of time in the process.

For more information about this new service, please visit MCS RightTrack

MCS Offers DR and Business Continuation Services

We are proud to announce that we have launched our Business Continuation center. It is located right next to our data center so we can provide high speed access to your critical data. In the event of a disaster, our clients that have signed up for business continuation services will have access to workstations with phones, Internet, and their DR servers. By securing workstations before a disaster, our customers have the ability to install their custom software and run drills to prepare. Then, if this service need to be used in the real world, the process will be smoother and quicker.

We feel this addition to our existing Disaster Recovery services is a great fit for the demands of our customers. If you are interested in adding Business Continuation to your service, contact us for a quote and a tour today.

The OpenSSL Bug, Heartbleed, Has Vast Security Implications

As you may have heard in the news, a vulnerability, the “Heartbleed Bug”, was discovered this week in OpenSSL (Version 1.01 and beta 1.0.2), the software that is widely used for encryption across much of the internet. MCS run servers were not found to be vulnerable to this bug.

The security risk is that a vulnerable server could be exploited to feed data contained in RAM to an attacker. Among this data could be SSL private keys. With a private key, secure website traffic can be eavesdropped.

Along with private key information, attackers could also gain access to any sensitive data residing in memory. On a database server for instance, this could lead to direct access to any database content currently being stored in memory. The implications of what types of data that can be exposed will vary from server to server and the full scope of what that data could be used for in the future is unclear.

To test your servers, use the tool at https://filippo.io/Heartbleed/. You can also let the engineers at MCS take the burden off of your shoulders and perform a Heartbleed audit and patch any affected servers. Request a Heartbleed audit now.

As a web user, you also need to be mindful of sites that you have used and logged into before they were patched. As a precaution, changing your password to these sites is recommended as long as they have been patched and a new SSL private key has been created. The reason for this is if a private SSL key was compromised at any point, any traffic to the server is considered insecure and your login information, as well as any information you saw on your screen while at that site, could have been seen. Odds are that your data was not snooped in on by a malicious party and changing passwords should just be a precaution. As with most security recommendations though, your should always plan for the worst and hope for the best.