Newsletter Archives

• Moving away from basic auth

  Posted on April 16, 2022 at 22:23 CDT by Susan Bradley • Comment in the Forums

  I have a variety of email accounts. Some business, some personal, some purchased strictly to see how the experience of something is like, some because I’ve had them for years. So I still have the first ISP  based email I ever had (remember the old phone company of Pacific Bell? I have an old pacbell.net email account)

  So over the years I’ve had to move to different email clients and platforms in order to still use them. Over the years I’ve also moved ways that I’ve accessed email.  For example I no longer use pop and pst files. I’ve lost too much data over the years to rely on pop anymore. Also because I use email on phones, tablets, devices, as well as computers and laptops I’ve moved to imap. If your mail is hosted on an Exchange server or hosted Exchange server it allows you to get the same email on different devices and in different locations.

  If your email is hosted on Godaddy they have moved to Microsoft 365 a few months (years?) ago. Lately they’ve been phasing out basic authentication. So what you’ve had to do to get your email working again is to delete the account out of your email client and walk through setting it back up again.

  In my case I use em email software on one particular computer and when you walk through setting it back up again you get prompts to authenticate to Godaddy using modern authentication. So when you put in your name and email address you get the Godaddy log in window and then an approval screen that looks like the image below:

   

  

  After you’ve set it back up again in the case of godaddy email it no longer connects to pop or imap but rather https://outlook.office365.com/EWS/Exchange.asmx

  So while this has been a PAIN to reset up all of these email accounts on various devices – especially since I’ve had to reset passwords on a few accounts that I couldn’t remember the passwords for all of these years – it’s wise to stop using basic authentication. Why? Because attackers can perform brute force techniques more easily on email that only uses basic authentication.

  Bottom line, if all of a sudden your email stops working – it may not be your email client – it may be that you need to reset up your account again so it gets the new more secure setup.

   

   

  Cloud Services Patch Lady Posts

• Know where your data is

  Posted on November 18, 2021 at 14:34 CST by Susan Bradley • Comment in the Forums

  So the other day I was needing to get a backup of a QuickBooks file from someone for a project. In my office we get a copy for purposes of forensic analysis.  Even when the QuickBooks is online, there is a third party app that allows us to convert the online data to a desktop version (it’s called Exportmybooks for anyone interested). We do this in my business even with online QuickBooks to ensure that we have a copy of exactly what the accounting books were at a specific time.  Too often with accounting systems people move information around or things get changed and thus this ensures we can showcase (in court, in meetings, etc) what it was at X date in time. Long story short this is for analysis and forensic work and the data I obtain isn’t necessarily from clients that I work with on a regular basis.

  So the other day I contact someone to get a backup of the QuickBooks and I ask them “Do you know if you have Desktop QuickBooks or Online QuickBooks”? They say “It’s on my laptop”. No problem I have a Splashtop SOS subscription so I can reach out remotely to people using a process of having them get a link and then giving me a one time code for this very need. So I log into their computer and I don’t see an icon on the desktop for QuickBooks. “Can you open your QuickBooks” thinking they hid the icon or something. They then launched a web browser and went into online QuickBooks.

  It just hit me funny because that’s not “on your laptop”. That’s actually saved in the cloud and your laptop can get it it from the browser. I was reading a post the other day that was talking about how as we pivot more to cloud services (and trust me, I can see this over time that more and more businesses ARE moving such services to cloud offerings even if you personally won’t be) that we really need to rethink how we protect things. We can’tjust assume because something is up there that it’s automatically protected.

  1. Authentication – make sure multifactor is enabled
  2. Got a backup of that cloud? – We often rely on the vendor for cloud backups but should you?
  3. Security and monitoring of the cloud  – recent case in point is this Microsoft security blog post regarding Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs (say that three times fast).  How can I as a consumer of cloud services know that my vendors are up on protecting their cloud services? For those folks with small businesses – the one in particular that you may need to review with you or your IT provider is the Azure Site recovery service that takes cloud backups/sets up virtual machine fallover service.

  Bottom line, your data is “not just on your laptop”.  Act accordingly, and start thinking of better ways to protect it.

  Cloud Services Patch Lady Posts

• Why your reseller for Microsoft 365 matters

  Posted on February 1, 2021 at 01:20 CST by Amy Babinchak • Comment in the Forums
  

  MICROSOFT 365

  Why your reseller for Microsoft 365 matters

  By Amy Babinchak

  Many suppliers sell Microsoft 365 plans. Not all are created equal.

  Many people and businesses think that Microsoft is the sole source of Microsoft 365 plans. That is not true; you have a choice of suppliers. Microsoft has partners or resellers who also sell the service. What you need to know is that not all of them offer you the same thing, because Microsoft has different types of relationships with partners. To confuse matters even more, purchasing from Microsoft directly has limitations. Understanding your options before purchasing is essential.

  Read the full story in AskWoody Plus Newsletter 18.4.0 (2021-02-01).

  AskWoody Plus Newsletter, Cloud Services, Microsoft 365 AskWoody Plus Newsletter, Microsoft 365

• Gmail – it’s not you, it’s them

  Posted on December 15, 2020 at 17:48 CST by Susan Bradley • Comment in the Forums

  2020 is not a good year for technology…

  

  Gmail is not having a good day.

  Cloud Services Gmail, Patch Lady Posts

• Links to all the Microsoft portals

  Posted on December 11, 2020 at 15:06 CST by Susan Bradley • Comment in the Forums

  For anyone who needs to log into the Microsoft 365 portals, this is the listing of all listings:

  https://msportals.xyz/

  Bookmark it – you’ll need it!

  Cloud Services Patch Lady Posts

• So which one am I?

  Posted on December 11, 2020 at 14:52 CST by Susan Bradley • Comment in the Forums

  

  If you use Microsoft 365 you’ve probably seen this screen.  And if you are like most of us you stop at that screen and ask yourself… okay which one should I click on?

  To me this is one of the most confusing things about the Microsoft 365 setup process.  You can (and usually do) have something called a Microsoft account.  This hooks into their old hotmail/live/Microsoft store infrastructure.  And then there’s the Microsoft 365 account which is tied into something called Azure Active directory.  It hooks your account into the online email, Teams meetings, and even allows the IT admin to control things on your computer (the Intune piece as it’s called).

  This is one area that Microsoft needs to explain better, or put in more of a division between the Microsoft account and the 365 account.  Either that or provide a verification site online that you could put in an email address and Microsoft would respond back as to what service was tied to that account, when it was set up, what services were hooked to it.  Yes I realize every attacker would use that site as well, but for us paying customers there needs to be a better way to help us understand what is the RIGHT answer you want when we are faced with this question.

  This is one reason that I prefer to have a Microsoft account (the store account – a personal account) not be the same as an account I use for Microsoft 365 (business account).  This makes it easier and then I don’t get this screen.  In the cases where someone has set up a personal Microsoft account the same as the business account, I would recommend that you go through the process of renaming the personal account to keep you from getting this annoying and confusing question.

  Cloud Services, Windows 10 Patch Lady Posts

• Family plans: Good and not-so-good deals

  Posted on July 27, 2020 at 01:00 CDT by Tracey Capen • Comment in the Forums

  SHORTS

  By TB Capen

  As our tribes spend more time together, some tech vendors are offering better prices for shared products.

  Dropbox: Dipping from the same pot.

  Spotify for two, please.

  Read the full story in AskWoody Plus Newsletter 17.29.0 (2020-07-27).

  AskWoody Plus Newsletter, Cloud Services, Cloud Storage AskWoody Plus Newsletter, Dropbox, Shared accounts, Spotify

• Before moving to the cloud, check the foundation

  Posted on January 13, 2020 at 01:05 CST by Tracey Capen • Comment in the Forums

  CLOUD SERVICES

  By Amy Babinchak

  For small businesses, migrating to cloud-based services will impose some significant changes in how local computing gets done.

  But there are also some principles that never change. The cloud might alleviate some information technology (IT) issues, but the basics of good networking practices remain — and they still need to be understood and adhered to.

  Before any sort of tech migration, establishing a solid IT foundation is essential; this process includes both IT professionals and the technology infrastructure.

  Read the full story in AskWoody Plus Newsletter 17.2.0 (2020-01-13).

  Cloud Services AskWoody Plus Newsletter, Cabling, Cloud computing, Internet connectivity, Updating