Welcome to Kraft Kennedy

One of the shortcomings of Apple’s iOS devices (as of iOS 5.0.1) is the inability to recognize message priority flags.  So if a user with an iPhone receives a message that has been sent with high priority, there is no native feature in the iOS operating system that will alert the recipient to the fact that they have such a message.  However, for iOS users who utilize Microsoft Exchange for their corporate email, there is a way to bring special attention to messages sent with high priority via SMS.

The first step is to create a contact that will serve as the recipient for the SMS message.  You will need to consult the settings for your particular carrier to find the format for this address.  For AT&T users, the format will be [10-digit phone number]@txt.att.net.  Once the contact is created, create an email rule similar to the one below:

Continue reading…

Hurricane and New York City are two words that are rarely used in the same sentence…until this week.  According to the latest weather predictions, Hurricane Irene is slated to cross right over the greater NYC area as a Category 1 hurricane in just under 48 hours. Hurricanes hit the Gulf states on a fairly regular basis, and anyone who’s lived in Houston for a while can tell you stories of both the short-term and long-term impacts of past storms.  Through my involvement in the emergency services world, I’ve seen first hand the extensive planning that goes into preparing for these storms every hurricane season.  It’s been over 70 years since a major hurricane has passed directly over the Northeast, and the extent of the impact of this “once in a lifetime” storm remains to be seen.

Hurricanes are unique in terms of natural disasters in that we usually have some warning before they strike and can prepare accordingly.  It’s important to plan for a hurricane as an extended event and not just plan for the storm itself, as it can take weeks to undo the damage to local infrastructure.  With that in mind, I’ve put together the following recommendations for steps to take to protect your firm’s data and infrastructure:

• Communicate with the firm’s staff. Setting the right expectation of what measures are being taken to protect the firm’s IT infrastructure goes a long way.
• Ensure you have a good, recent backup available. Make sure the backup in stored in a safe, waterproof location, and ideally one that is accessible under emergency conditions.
• Make sure firm staff know all their remote access options. This will allow users to continue to work if they can’t physically make it to the office but the systems remain online.  Provide them a printed copy of the remote access information to have on hand.  Also remind staff to take home laptops and mobile broadband cards when they leave for the weekend. If they will be connecting to an e-mail continuity service, make sure they know the proper login credentials
• Review your disaster recovery options. If you have a reliable DR option, it may be a good idea to put it in place before the actual event.  Doing so after the storm in the event of an outage may prove much more difficult.
• Shut down as many systems as you can. This will obviously vary based on your firm’s business requirements and your faith in your automatic shutdown methodology.  If you’ve tested your UPS solution recently and know it will bring systems down gracefully in the event of a power outage, you probably don’t need to go this route; if you have any doubts, consider a preemptive power-off to prevent a hard shutdown of your entire network.  Your site may not lose power at all, but if it does and you don’t have a backup generator the outage will likely far outlast your UPS’s capacity.
• Ensure you have the ability to remote back in when power is restored. Review your VPN and out-of-band access if you haven’t used them in a while to make sure everything is still configured properly.
• Move exposed hardware out of harms way. Depending on where your IT infrastructure exists in your building, it may be in danger of being exposed to the elements.  Get hardware as far away from windows as possible, cover it if you think there’s a chance of it getting wet from above, and elevate it if it’s located on the first floor or basement.
• Power off any unprotected devices. This is especially important with your workstations, which often are plugged directly into wall sockets.  If you want to go the extra step, physically unplug devices from their power source.  Power surges during a hurricane are notorious for damaging electronics.
• Keep your cell phone plugged in whenever possible. Instruct your IT staff to do the same.  You’ll be grateful that you did if the power actually goes out and you need to get in touch with someone.
• Keep a printed emergency contact list with you at all times. Don’t rely on the contact list on your electronic devices.

AND MOST IMPORTANTLY:

• Obey any local emergency notifications and evacuation orders. I can’t stress the importance of this point enough.  If you’ve been told to evacuate, there’s a very good reason.  By sticking around, you’re likely putting yourself in harm’s way.  Stay away until you’ve been told it’s safe to return.

These storms are highly unpredictable and highly dangerous.  Hurricane Irene could change course and miss the Northeast entirely, or it could be the storm we talk about for years.  Either way, the best thing to do is to take measures as far in advance of the storm as possible and keep yourself safe when the storm actually hits.

-Danny (in addition to being a Senior Technical Consultant at Kraft Kennedy, Danny is a firefighter for the Northwest Volunteer Fire Department in Houston, TX. Ed.)

PS – Check here for some great additional info on general hurricane preparedness.

Kraft Kennedy’s standard recommendation for years has been to always get the total equipment protection insurance from the carrier when purchasing a smartphone. Smartphones are very tiny, very expensive computers that seem to get more fragile as time goes on – especially now that glass screens have become the norm over plastic. We see shattered devices all the time, especially with the iPhone 4 which has a glass front and back.

Continue reading…

I commute. A lot. My commute is over two hours each way between my home in Suffolk County Long Island and our offices in Midtown Manhattan. Much of that time, I am on my laptop using a mobile broadband connection. On average, I use mobile broadband between 2 and 4 hours a day. It all started several years ago when I decided to try tethering my Palm Treo 650 to my laptop and I never went back to not having Internet while on the train.

I eventually stopped using tethering as Verizon and Sprint phones could not handle voice and data at the same time and the Internet connection would get disconnected whenever there was an incoming call. Because of this, I eventually moved on to a dedicated 3G card for my laptop. 3G cards served me well for a while. There were two problems I had with using these. First, the software was problematic at times. Its much better now, but still far from perfect. Second, I couldn’t use the 3G card for everything. I often test out different devices such as laptops, tablets, etc. and not all would work with the 3G card. This finally led me to the mobile hotspot.

Continue reading…

As much as we try to avoid them, computer viruses are just as much a part of the computing landscape as the operating systems they infect.  We go through numerous measures to try to prevent them from making their way onto our systems, but despite our best efforts they occasionally get the upper hand.  This past weekend I received a call from a client needing assistance after a virus, W32.SillyFDC.BDP to be exact, had made its way onto their network and very rapidly spread to multiple machines.  Symantec Endpoint Protection, which the client was running on all their servers and workstations, was identifying and removing the infected files on certain servers, but these servers kept getting re-infected almost instantly.  Dealing with a virus outbreak isn’t something most people – myself included – deal with on a daily basis, but by approaching it systematically we were able to have the issue completely resolved in time for work Monday morning.  Here’s how we approached the issue (and if you’re battling the same virus, the steps below should help you get through it):
Continue reading…

A particularly aggressive virus announced its presence at one of the midsized Support Practice Group firms earlier this month when multiple user accounts suddenly became locked out in quick succession.  The virus had infiltrated the firm and launched a brute-force attack in an attempt to crack account passwords.  With the help of a network-wide scanner, the intrusion was traced to four machines, three of which were utility computers provided by service companies specializing in copying and postage printing.  Those computers, having been installed by external companies, were never given antivirus protection or patched in accordance with the other workstations.   The infected machines were quickly shut down to quarantine the virus and were later taken off the network to be cleaned.

The successful containment of what could have been a widespread network infection testifies to the effectiveness of multilayered threat protection policies and offers two important reminders about network administration:

First and foremost, it is important to regularly update Windows and install an antivirus program on every computer on a network.  Although they are easy to overlook, even utility machines that are brought to a firm by a service provider to perform a specific function must conform to standard threat protection practices.

Second, we are reminded that enabling account lockout rules in group policy is an extremely simple and effective way to combat viruses.  Locking out an account after five to ten incorrect password attempts even for a period of just ten minutes can render a brute-force attack ineffective and alert network administrators to the presence of a virus within minutes of first contact.

To enable account lockout rules on your domain, follow these simple steps:

• Open your Group Policy Management console and edit the group policy object where your network’s password policy is defined.  Typically this is done at the domain level.
• Edit the account lockout policy, which should be located under Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies

• Set the maximum number of password attempts before lockout and the time period for which you would like to lock the account.  The following are fairly standard values:

Kraft Kennedy is pleased to announce achievement in 8 Microsoft Gold and Silver Competencies (and counting!) for 2011.

The requirements to participate in the Microsoft Partner Program have recently evolved to help differentiate technical and business capabilities among participants; Kraft Kennedy has risen to the challenge by quickly exceeding the goals set forth by the program.

Each competency requires specific individuals with deep technical skills, Microsoft verified customer references, and challenging certification exams to be completed.  This commitment demonstrates our breadth, deep specialization, and proven expertise across a range of Microsoft technologies.

About Kraft Kennedy

Kraft Kennedy provides business and technology-related consulting services to the legal community. By combining outstanding technical skills with an intimate knowledge of our clients’ business and information needs we tailor solutions that enhance attorney productivity, effectiveness, and client value.

We focus on the business needs of the client and ensure that technology is used to enhance, not inhibit their business. KK’s talented staff of strategic consultants, project managers, and network consultants have years of experience with hundreds of projects for firms from small to large. Our services portfolio includes advanced infrastructure projects, business continuity and data center consolidation, desktop deployment, network design and implementation, storage design and replication, and messaging systems migration among others. Our Microsoft specialties include: Desktop, Server Platform, Unified Communications, Portals and Collaboration, Search, Systems Management, Virtualization, and Small Business Specialist Community.

People have been fighting viruses for years.  And now, more recently, Malware has become very common.  These can become a very large problem that can spread throughout an entire organization if the proper precautions aren’t taken.  We’ve learned what to do and what not to do over the years.  Here are 10 tips to keeping viruses and malware away from your network:

Continue reading…

Recent infections of the Conficker and Virut viruses at two of the small to mid-sized Support Practice Group clients have demonstrated the importance of effective threat prevention policies and the often dire implications of inadequate network protection.  While practices such as installing the latest security patches, maintaining an antivirus program with updated definitions, locking down workstation environments, and urging users not to open suspicious email attachments have traditionally proven to be effective threat management strategies, they are not foolproof.

In the event that the standard threat prevention methods fail and the servers on a network become infected with a virus, compromised security, network downtime, and the labor required to eradicate the malware are just some of the potentially massive associated costs.  Over the last few months we in the Support Practice Group have found OpenDNS Enterprise to be another very effective weapon against online threats.
Continue reading…

On August 2nd, Microsoft released an out-of-band patch addressing a critical security flaw in the Windows shell.  This flaw affects all versions of Windows and could allow remote execution of code under certain circumstances.  Obviously, any critical patch released outside of Microsoft’s normal patch release schedule should be treated with a sense of urgency.  We in the Support Practice Group have already taken steps to implement this patch at all of our clients and can happily report that we have not seen any issues whatsoever with the patch, so far.  Additional information on the security flaw and the associated patch is available from Microsoft here.