#31
Air Date: 06/16/2020

Microsoft 365 Add-On Security Features for Business

LISTEN TO THE SHOW
Learn More About Managed IT Services

Microsoft 365 Add-On Security Features for Business

Transcription

Dan Diamond: Good morning. It's 8:30. It's time for Bit-Wizards ' Tip of the Wand and on the phone with me today, you'd say, oh, it's Vince and Sam. No, it's not Vince and Sam. It's Louis and Brett. Good morning, guys.

Louis: Morning.

Brett: Morning.

Louis: Morning, Dan.

Dan Diamond: Good morning.

Louis: We're excited to be here. I know you don't have your usual guys, but hopefully the change-up adds a little new blood.

Dan Diamond: Oh, absolutely. Louis, you've been on here before. Always a pleasure talking with you, sir. Aren't you a prior Navy guy?

Louis: I am, yes. I am very grateful to the Navy. They helped me pay my way through school. I was on the Sea College Program, so I was in from '87 to '89 active and then four years of Reserve after that.

Dan Diamond: Gotcha. Well, thank you for your service, Louis. Appreciate that. And Brett, what is your role in Bit-Wizards?

Brett: I'm an infrastructure engineer here. Basically help our clients with anything and everything IT from fixing your email all the way to migrating your organization to the cloud.

Dan Diamond: I see.

Louis: Brett's quite a rock star. He's being humble. He actually is helping with our cloud architecture team as well. And he was employee of the year last year. We took nominations from the entire company, he was hands down the star for the year. So, great guy. We're lucky to have him.

Dan Diamond: Wow. Man, we have the two big brains of the company here it sounds like. All right guys, let's get started.

Announcer: Bit-Wizards : Bits & Bytes.

Louis: So today I picked something near and dear to my heart and one of our other technicians Michael Chance was definitely bringing it to our attention today. It's been in the news for quite some time. I don't know that it's new, but Elon Musk and his SpaceX company has a subsidiary called Starlink and their goal is to bring broadband internet access to the world through low orbit satellites.

Dan Diamond: Elon Musk has got his fingers in a lot of things, doesn't he?

Louis: A lot of different things. Actually, it's a 10-year plan that started in 2015. About $10 billion budgeted. Some leaked info said that they expect revenues of 30 billion by 2025. They were actually going to use that money to help fund their Mars plan as well. But this is a game-changer if it's effective. The plan is many low-level orbit satellites provide about one terabyte of throughput per second, with some ground stations. And this is going to allow broadband to be available in some hard to reach rural areas not to mention the potential to get freer internet access to places that don't currently have that. China and North Korea and whatnot.

Dan Diamond: So this is going to provide people that don't have any hard-line or anything. They go through the satellite.

Louis: Exactly. It already exists, but there's been a lot of problems. A lot of them are geosynchronous higher orbit satellites. They have issues with latency and whatnot. It does work. It's in existence today, but this is a plan to get worldwide coverage with these low orbit satellites. And there are some issues. There's the issue of space debris. We're talking about a lot of satellites, in the thousands in order to provide this coverage. And actually one of the unforeseen consequences has been an effect on astronomy. With the reflective satellites, they've actually developed a non-reflective coating to put on the satellite so as to not mess with astronomy people looking at the sky, checking out the stars.

Dan Diamond: Hey, you're in my way. I can't see Mars. I could understand that. But when they do this, the low-level satellites, just as a layperson know a little bit about that. How much from the upper outer atmosphere is it going to be just right on the crest before it drops into the atmosphere to fall to earth?

Louis: Now this part, forgive me, I'm not quite as up on this, but one of the big issues is about cleaning up the space debris. So they're actually working out problems for being able to get these satellites out of the low orbit. Dispose of them. But I believe that they're under 600 miles. I think they're trying to get into, what is it, 350? Do you know Brett?

Brett: I don't know.

Dan Diamond: Okay, too technical.

Louis: Like I said, I'm a little bit rusty on the details here for the low orbit stuff, but that is a big... The low orbit is what's allowing for the increased speed, but it is going to cause problems about cleaning it up.

Dan Diamond: Just got a little background on me, Louis. I was in Space Command for a while. I was up in Thule Air Base, Greenland, where they had the satellites, not satellites, but they would be able to have a full look at all of the space junk. They called it space junk and everything was numbered. Every little thing. And they had to make sure that everything was there on a regular basis. If anything dropped out or anything was added, they kept track of all of that. And it was amazing how much stuff is up there. I completely understand.

Louis: Yeah. You may know a lot more about it than us. It's just, it's a fascinating area. I'm looking forward to the results but everything is more complicated than you think. And this just sounds complicated on its surface.

Dan Diamond: It does. Did they say how many satellites they were trying to put up in the air? For coverage wise.

Louis: We were discussing that. I heard 40,000 and I find that dubious. I know they talked about getting 1, 500 up there to do their, I want to call it beta testing, but I guess their first round. Commercial venture with 1, 500 and something. I did read that. I think that number is a little bit more solid. I read it on the internet so it has to be true.

Dan Diamond: Of course. So how's this going to impact your clients? Do you have clients in outlying areas that would be able to benefit from this?

Louis: We do have issues. In fact, I might hand it over to Brett because we have had places that have difficulty, which then prevent the full functioning of their capabilities.

Brett: Yeah, we have some clients that have offices in remote places up in the Alabama area and things like that. They've had to pay extra money in order to get fiber and things like that trenched to their building which is very expensive. Anyone who's ever even started looking at those numbers, it'll drive you crazy. 20 grand is usually a ballpark what it will cost to get a line trenched to you, depending on basically the length that needs to be trenched. And then we have other clients that they're not able to get that fiber connection, the more stable internet. They're using things like DSL, which is not great at all. These are our clients that have... They'll have regular issues where basically they're dropping connection constantly, or they can't use some of the tools that the home office uses because they don't have the bandwidth in order to use those tools because it's bandwidth-heavy. But yeah, this type of technology would definitely improve their business. Make them a little bit more efficient and give them a more constant stream of a connection that way they can use the robust set of tools. It's only going to get more data-heavy as we keep going because we keep... Us geeks, we like to build a lot of extra things in the things that already exist.

Dan Diamond: Yeah, you guys are good at that. So when it comes to your clients, this is going to be a real benefit for your clients because then they have even more tools to be able to use because it sounds like they're stifled right now just for the mere fact of they don't have the access or the bandwidth that they need to run all the tools that you guys can provide for them.

Brett: Yeah, absolutely.

Louis: Absolutely. As we move more toward software as a service and cloud-based computing, they still want that for these remote offices, but we are so heavily dependent on that broadband to get a good user experience. So now with this in place, hopefully, it's very successful and there'll be another arrow in the quiver, so to speak.

Dan Diamond: Yeah, that sounds great. What year did you say this is going to start happening?

Louis: Well, it's actually underway. The concept was in 2015. They've already launched a few satellites. They'd said 10-year program. So 2025. Anybody who's ever built anything, I'm sure we can add a 20% increase at that time, but they're already having some success and of course, they're discovering problems and obviously there's a lot of regulatory issues with, I forget, what is it, the International Telecommunications Organization with our FCC, obviously in the United States and a lot of hurdles. But I would love to see it implemented and available in 2025 and moving in that direction.

Dan Diamond: And so you guys are all up on this. So if your clients that get this, you can immediately, once they have access, you can immediately upgrade your clients to be able to utilize all of this.

Louis: Absolutely. I mean, I have no idea what the details are, but I will say that about obviously we stay up to date on the tools that are available for our clients. Lifelong learner is one of our six core values. This field is constantly changing and it's really incumbent on us to really stay... We try to stay bleeding edge for ourselves and leading-edge for our clients. So we try a lot of tools, ourselves. Find some of the problems. We don't necessarily recommend jumping into the very first time things are out, but we will, and then we'll find the pain points. While we have a lot of tools that we support. We're a big Microsoft shop. Our priority is our clients, not any particular partnership we have with anybody. So we want to make sure that we're giving the best advice.

Dan Diamond: Well, with your Managed IT Service, you can keep everybody abreast of all the information on the latest information, keep everything up to date. And now this is just one more thing that you'll be able to help out your clients with so that they will be able to manage their business a lot better because obviously more bandwidth means that you'll be able to utilize more, faster and better.

Louis: That's right, absolutely.

Dan Diamond: All right guys, let's switch gears here for a minute.

Announcer: Bit-Wizards : What's Up Our Sleeve?

Brett: Okay. So today our topic is Office 365 hardening and why it's good for your business. Out of the box, if you have Exchange Online, if you have Office 365, you're thinking you're good. You're not using any commercial utilities like Gmail or Yahoo, but Office 365 out of the box is more secure than those standard commercial products, but there are other features that can be added for extra security and also threat management. One of those tools that we use here pretty heavily it's called Advanced Threat Protection or ATP for short. Utilizing ATP enhances security features that are already built into Office 365. These tools include advanced malware detection, filters, more robust attachment and URL scanning. Some of those tools, you can basically change the settings to where if someone sends you an attachment and that contains malicious content within it, ATP will scan that and kick it out. Basically make it to where you can't open that attachment. And obviously this is going to cause some lag with email. It's gotten much better. Now you barely notice it. It happens, but in the early days of ATP, you would get an email and depending on how you had that configured, basically, you would get the email and you would see that there was an attachment there, but you weren't able to open it because ATP was still scanning that for viruses or malware or anything nasty that may come across. I haven't seen that in months. So it's gotten much better. It's much faster now. You can also set it to where an email isn't even delivered until any of the URL links or any of the attachments are actually scanned and made sure that they're safe before they even deliver that email to your inbox. So there are a lot of different ways you can configure that as well as some of the other tools. There's also...

Louis: That Advanced Threat Protection, Bit-Wizards in our Managed Services we have a couple of different pricing, but people don't actually pay for the license. We pay for the licenses part of the cost. And we tack that on. Obviously we could increase our profit margin by taking that off, but we actually require it for all of our clients. It adds that extra layer of protection, the vulnerability to help users from getting tricked. I listen to the show regularly and I do this daily and even I managed to fall for one just last week. Now, fortunately, I realized what I was doing in the middle. I'm working on refinancing my house. And I got something that asked me to get a secure document. And it looked like my title company. It was close, but it wasn't exactly the same, but of course, I was a bit rushed and not thinking, and I clicked the link and I tried to log in and it was a phishing trying to get my password and sure enough, they were able to get it. I caught it right away. And I went up and changed my password before anybody was able to do anything with it. That type of scenario. Obviously this didn't catch that because the link was legit going to a place to just grab it. But ATP adds that extra layer of protection, and we definitely get it for all of our clients.

Dan Diamond: So these bad guys are getting pretty good at it.

Brett: Yeah, definitely.

Louis: I haven't fallen for anything in quite some time. I guess I was due and I'm glad I caught it. I was kicking myself for not looking a little closer. We warn people all the time, and then we fall into it ourselves. We get a little busy and a little rushed and you don't take that extra look.

Dan Diamond: Yeah, that happens and with your Managed IT Service with your clients if one of the people that work in the business happens to do that, then you're able to hopefully fix it.

Louis: Absolutely. I will say that there's no guarantee. Bit-Wizards isn't going to... We provide basically the vault and the guards, but unfortunately, if you walk them into the vault, there's not much we can do.

Dan Diamond: Good point.

Louis: But the service is set up in layers so that if they get through, what happens... So if it's ransomware, we have the backups to then restore so that we can wipe those machines and you're not done. So the idea is that the service is provided in layers. So even if they get through we can restore, get back to normal and not be taken out of business.

Dan Diamond: And that's your fix for that problem. And for those that don't have Managed IT Service, and they don't get their information backed up and that happens to them they either pay the ransom or they're out their information, is that right?

Brett: That's absolutely true.

Dan Diamond: Devastating.

Brett: Yeah, absolutely. And also some of the tools that are available within the ATP are data loss prevention measures that you can implement with your business. If you work with clients and you're regularly working with social security numbers, driver's license, banking information, you can basically configure it to where if an email contains that information you can configure your environment in such a way to where that email will not be allowed to go out. It'll basically be blocked. You'll see that there are numbers that even if it remotely resembles a social security number or driver's license number, it's going to halt that email and basically make it to where you're not able to send out that information in plain text, essentially. So there's a lot of protection there. If you want to make sure that you're protecting your clients and also protecting your business. Open you up to a lawsuit and things like that when accidents happen. So those are the kinds of things that we try and implement for our clients to make sure that they are protected as well as their own clients.

Dan Diamond: Okay. So it sounds to me like Office 365 is probably one of the best products out there right now for what you use it for.

Brett: Yeah, absolutely. There are third-party tools that you can get outside of this stack, but in our experience, they don't integrate as well, obviously, because they're not built-in. A lot of things are missed and sometimes they can even hinder production. If there's an issue with that third-party tool, but not your Office 365, sometimes email doesn't get delivered or things slip through because they're not staying on top of it like Microsoft is.

Louis: I think the key takeaway that I'd want a business owner to have out of this segment is that Office 365 has just a myriad of configurable settings to vary for different kinds of businesses. From ultra-secure and ultra lockdown, which of course affects convenience and productivity to loosening things up depending on your needs. And so just getting Office 365 out of the box, installing it, you're already winning compared to other tools. That's absolutely true. But there's an entire set of best practices which are different based on your needs. At Bit-Wizards obviously we consult with our clients to figure out what those are. We have a standard set that we do one layer above what you get on Office 365 just by default, and then we configure based on the needs of the client. Even doing it on your own there's a lot of services and training in order to look at it. So I think the key takeaway for business owners to understand there's a new layer and if you educate yourself a little bit, you can set those best practices for yourself. And of course, if you don't want to, feel free to give us a call.

Dan Diamond: Yeah. Well with Bit-Wizards because you are a Managed IT Service, you know the best practices, you know the best out of Office 365. It sounds like there's a lot to this and you guys know it inside and out. So if they hire you for managed service, then you will be able to immediately implement all this in their business after you find out what their business goals are, be able to tailor the Office 365 to what they need, so they can get maximum production and maximum efficiency out of the product as well.

Louis: Absolutely. Yeah. And it's included in the service. That hardening is part of the service that we set up for people in the monthly charge. It's not extra. It's just part of the service.

Dan Diamond: Good deal. And just a backup on that, I have Office 365 and it is a monthly payment to have that service, to have that program, but it's always being updated. So you're always going to have the latest version of everything in Office 365. And I like that idea.

Louis: Yeah, absolutely. Yeah. I know there was a segment... I listen to show every time, and they had a segment on software as a service application and it's really nice. The subscription model makes it an operational cost instead of a capital expense. But on top of that, you keep getting all of the extra value as it goes forward. And there's never these long... It's been three years, let's do an upgrade and it totally disrupts your business. It's a new model across the board. It is in Office 365 and much of the business applications and it's a great thing.

Dan Diamond: And you guys at Bit-Wizards are the experts when it comes to Office 365, no doubt about that. Guys, let's go to the next segment.

Announcer: Bit-Wizards : From the Spell Book

Brett: This is where we demystify some technological geek speak. So this week, our term is phishing. Kind of ties into the Office 365 Advanced Threat Protection because there are tools to prevent phishing within there. Phishing is a cybercrime essentially. A target or targets, they try and contact you by email, telephone, text message. They try and pose as a legitimate business or a resource that maybe you use. And they try and lure sensitive information out of you. Whether it's banking and credit card details, passwords, things like that. One of the ways that they try and do this, it ties into is phishing and spoofing are closely related. It's where they spoof someone's email address that you're used to. And it's like, okay, this is George, my friend. He's sending me this link. So George is safe. I'm going to click this link. Basically, a lot of times it's even what Louis had stated, you click the link and then it has you log in. They just harvested your credentials, or it takes you to a site where it gives you the cyber lockdown. It says your computer's locked and you can't do anything. You got to call this number. All they're trying to do is either get on your computer to harvest information or they're just trying to give you a quick one-time charge. Charge you on your credit card kind of thing. This is the most common type of cyber attack. Basically, it's super simple. They even have bots that people create in order to blast out these emails to thousands of people every day, just trying to harvest credentials or credit card numbers, banking information. The tools that are within ATP, you can stop that from occurring. Say if you wanted to protect one person, say the CEO of the company, it's like, okay, want to make sure that someone can't send out an email to our internal employees stating, hey, I need you to go out and buy a bunch of Amazon gift cards, because that's a common one. So the tools within ATP basically stop those attacks from occurring and you can either set it to quarantine that message and just put it in a lock box or you can have it to where it just immediately deletes it. No one ever even sees the email. So just depending on your business needs. We can set that up however works best for you.

Dan Diamond: Yep. And you guys are the experts, so I would imagine if your clients had questions about maybe educating some of their new people that came in about how, what to click on, what not to click on since you guys are the experts and probably seen most, if not all of these different phishing expeditions if you will, you could probably help educate a lot of people because that's the bottom line, isn't it? Don't click on it because that is the beginning of the end.

Louis: Yeah. That's absolutely true. They get sophisticated. They do occasionally get through the ATP. Office 365 does a lot of that. We always recommend when you find those is to log them as spam because we're helping everybody else. They have their huge AI that when you report it as spam when somebody else tries to get that same email, it'll be blocked. So it's good. But they get pretty clever. They'll do the COVID scams because that's current or for all I know they might be doing Black Lives Matter scams right now. Whatever's in the news. Whatever's at the top. They'll just start figuring out a way to make it look like something legit. And like I said, I fell for one just last week. I was kicking myself. Lecturing everybody about taking an extra look and I didn't take an extra look till after I entered my password. And I said, wait a minute, let me go look at this. And I said, sure enough, that is not legit. Fortunately, because I noticed it right away I was able to go up, change my password right away before anybody... But that's what they would do in a phishing scam. So if you gave them your password, one of the first things they're going to do is go up and change your password so you can't get access. Two-factor authentication, of course, is something we also promote because that would prevent them from being able to do that. You would get the notice on your phone if they tried to do that. So even though I fell for it, I had two-factor authentication. It's likely they couldn't have changed my password, although they might have had access for a while.

Dan Diamond: Yeah. The two-factor authentication that goes hand in hand with Office 365, right?

Brett: It's not turned on by default, but yeah, you can definitely implement that very easily across the board for your organization.

Louis: That's one of the things we do here. One of the things we recommend for almost all of our clients. There are exceptions though if you have... One of the problems with multi-factor authentication is you have to have a cell phone. What if you have a user on the shop floor that is a shop floor user. Who's going to be having that phone for two-factor? So there are all these unique scenarios in which we have to look at them and decide what is best for the business. You have to weigh productivity versus security in a balanced way to be able to maximize the business.

Dan Diamond: Well, that makes sense, because anybody could find that out, I'm sure. That's interesting. The two-party authentication I find to be pretty secure. We have that here and I have that also with my Office 365 was set up by you guys as a matter of fact. At first, it seems like, oh, this is another step that I really don't want to have to take. But after a while you think, you know what, I'm glad I have this.

Brett: Definitely.

Louis: They're even getting better with authenticator apps where you don't even to have to do a whole lot of work. It'll almost just ask your authenticator app on your phone to just approve and you just hit approve and it's over. So they're working to get the security, but they're also keeping an eye on that convenience. They're also keeping an eye on how can we make this secure but easier? How can we remove the pain? And so things are moving that direction. Obviously, like I said, the scenario I had, if nobody actually has the phone, now you have an issue. We actually had that. So nobody here at Bit-Wizards ties certain SAS accounts to their names. So we actually have the IT cell phones just sitting right up there and it's available to the team to be able to authenticate if we need it.

Dan Diamond: Gotcha. All right, guys, this is the part of the program where you say thank you to one of your clients.

Louis: We'd love to send a big thank you and shout out to our customer Heartland Steel Products. They manufacture products from steel and have locations all over the country. From design to delivery their products are made easy to use, made to last and manufactured here in the United States. So we want to thank Greg Kelly, the CEO and Kathleen Winter, the operations officer for allowing Bit-Wizard to help with their infrastructure operations and hopefully helping Heartland Steel be number one in their field.

Dan Diamond: Cool. Where were they headquartered at, Louis?

Brett: Harrison.

Dan Diamond: Harrison, is it?

Brett: Harrison, Ohio.

Louis: Ohio, yeah Harrison.

Dan Diamond: Because I know you guys are nationwide and you got some places outside the country, don't you?

Louis: Not in the Managed IT field. So our custom software, we have done business internationally, but not for Managed IT. We only work inside the United States. Not that we couldn't, we just simply don't have any customers. Heartland has an office in Lodi, California, and definitely I'm a big wine drinker, so I wouldn't mind going out to Lodi.

Dan Diamond: Louis is volunteering. Okay, I'll go out there.

Louis: We have a partner in the Czech Republic in Prague and unfortunately, my C personality doesn't allow me to do it if it's not business-oriented. So even though I'm a founder and I probably could have found a reason to go, in our 12-year partnership, I have never been to Prague. Vince has been, I don't know, half a dozen times.

Dan Diamond: Yeah. Send Vince. That's the idea. I got you.

Louis: He's the front man. He's definitely best with the... Well, he's the smartest guy I know. And I'm lucky to have him as a partner and my best friend. We've been friends for 38 years.

Dan Diamond: Gosh, that's great.