1300 378 676 |
[email protected]

JAMF PRO your Apple MDM solution

By

Give employees and students the tools they need to have more ah-ha moments at work and in the classroom. Designed to automate device management for you while driving end-user productivity and creativity, Jamf Pro (formerly Casper Suite) is the EMM tool that delights IT pros and the users they support by delivering on the promise of unified endpoint management for Apple devices.

~JAMF

eStorm has extensive experience supporting our clients with MDM solutions. Jamf Pro is one such tool that we believe outperforms other MDM’s particularly in the Apple space.

Hands-on, user-initiated or zero-touch deployment. Jamf integrates with Apple Device Enrollment Program (DEP), so you can automatically enroll and configure new Macs, iPads or iPhones remotely. Time-consuming imaging and manual configurations can now be a thing of the past. Together, Jamf and Apple DEP go beyond the basic mobile device management (MDM) capabilities to help you deliver a streamlined experience.

For this looking for a more hands on approach, Mac imaging lets you take part in a manual approach to deploying computers. Utilize Jamf Pro to build modular or monolithic images and deploy them fast. Or you can completely wipe the computer’s drive and start with a fresh image.

If you’re implementing a bring your own device (BYOD) program or managing devices already in use, user-initiated enrollment is the way to go. Through a webpage, allow users to self-enroll their devices into Jamf Pro. This is all done on demand and at the user’s discretion, easing the burden on the IT department.

Device management requires more than just the basics. Go beyond simple troubleshooting and keep devices up to date and secure – all while ensuring users have the resources, apps and services they need. Jamf Pro utilises key functions to provide a great user experience. Configuration Profiles allow you to define settings with iOS and macOS and distribute them to devices utilizing Jamf Pro. Easily apply Wi-Fi, VPN, email settings and more so users can seamlessly connect to the resources they need. Unique to macOS management with Jamf Pro, policies go beyond the basic device management capabilities of configuration profiles and help you install software and printers, manage local user accounts and conduct advanced management workflows. Run scripts on macOS utilizing the Apple device management capabilities of Jamf Pro. Scripts provide more flexibility than standard configuration profiles and open the door to infinite device management capabilities.

Jamf Pro is feature rich software that supports device, App, inventory, self service and security features that are unmatched on the Apple MDM platform. Speak to eStorm about Jamf Pro and how it can improve your staff or students experience and minimise IT department stress.

Ransomware – Just how much of a threat is it?

By

cryptoman
RANSOMWARE ACTIVITY IS INCREASING THROUGHOUT 2016
Ransomware is becoming quite a common method of cyber extortion for financial gain.  This is a type of malware that prevents users from accessing their files, applications or systems until a ransom is paid, usually using an anonymous currency such as Bitcoin. While individual computer users have long been targets of ransomware, over the last couple of years, the threat has expanded. Ransomware has been in mainstream media of late due to attacks against organisations such as hospitals.

It’s important to note that not all ransomware operates the same way. The file-encrypting type is probably the most dangerous.  Not only have you lost access to your own files, but this data often contains confidential material, and the perpetrators technically do have full access.  The issue is made worse however because paying the ransom offers no guarantee that the files will be unlocked.  Ultimately, making frequent backups is by far the best defence against ransomware.

Since the average figure demanded is relatively low, usually only a few hundred dollars, the attackers tend to spread the attack quite far, and just randomly to maximise their potential gains.  These are usually in the form of emails with malicious attachments, or links to malicious websites.

Ransomware Variants

CryptolockerThrough this increase in ransomware activity from mid-2015 to early 2016, there has been a myriad new variants of the attack.

Common Ransomware Families

We continue to see sustained distribution of many well-established ransomware families used in mass infection campaigns. In many cases these renowned variants, such as CryptoWall and TorrentLocker, spawned updated versions with improved encryption capabilities and obfuscation techniques. These established attacks will continue to be a significant threat to global enterprises as malware functionality, encryption techniques, and counter-mitigation measures are adapted and introduced into new versions. Examples include:

  • TorrentLocker: Throughout 2015, we’ve seen the continued distribution of TorrentLocker, a ransomware attack based on both CryptoLocker and CryptoWall. TorrentLocker has been active since at least early 2014 and is most often used in geographically-specific spam campaigns.
  • CTB-Locker: CTB-Locker – a name that represents the key elements of the ransomware, Curve (for Elliptic Curve Cryptography), Tor and Bitcoin, was first reported around mid-2014 and remained steadily active throughout 2015. During this time, we saw many campaigns spreading CTB-Locker and its variants, including CTB-Locker distributors capitalising on the free upgrade to Windows 10.  They did this by sending out emails masquerading as Microsoft emails offering the upgrade.

We have also seen several new ransomware variants that use a range of new tactics.  Based on increased growth, we expect ransomware developers to continue developing variants with novel features in order to expand their targets

  • Chimera: The operators behind the Chimera ransomware used the malware to encrypt victims’ files, but also threatened to publish the encrypted data if victims refused to pay the ransom. The attackers targeted German-based small and mid-sized businesses in mid-September 2015.
  • Ransom32: Ransom32 was first publicly reported in late December 2015. It was one of the first ransomware variants based entirely on JavaScript.  This potentially allowed for compatibility with not only Windows, but also Linux and Mac OS.
  • LowLevel04: Operators of LowLevel04 purportedly spread their ransomware using the less commonapproach of exploiting Remote Desktop and Terminal Services.
  • Linux.Encoder.1:Linux.Encoder.1 debuted in late 2015 as one of the first ransomware variants targeting Linux web-based servers. While the encryption capabilities in the early versions proved to be suspect, many reports alleged faults in its predictable encryption key.  The targeting associated with this branch of malware family is far from more traditional Windows-based attacks.
Where to from here?

We expected to see the ransomware threat landscape increase from levels observed in 2015, and sadly we have been right. Cyber extortion has gained notoriety and momentum, with huge profits from highly publicised campaigns spreading among cyber criminals. Recent campaigns in which victims paid the ransom reinforce the success and popularity of this particular attack method.

One of the most worrying threats is the deployment of ransomware after the attackers have already had access to the network. In these cases, attackerscould conceivably conduct reconnaissance and even disable or delete backups, or identify systems that are most critical to an organisation’s operations before deploying the ransomware.  To increase the difficulty of such an attack, enterprises are encouraged to properly segment networks and implement strong access controls. In addition, companies should evaluate backup strategies regularly, and test those backups to ensure that recovery is successful.  As always, “offline” copies of backups should be stored offsite in case onsite backups are targeted.

Overall, the best way to stay protected is through education.  Emails that insist you change settings so you can read them, or ask you to follow a links to access information should be heavily scrutinised.  Do you know the sender?  Is it likely that person would be trying to share files with you that require you accessing a website to get them?  Commonly we say the malicious emails appear from a courier company, or Australia Post telling you a package is waiting for you, and click here fore details etc.  Also we have seen emails claiming to be from the Australian Federal Police (AFP) asking you to appear in court.  We have also seen others appearing to come from your local council and is referring to parking fines and things like that.

Make your staff aware of the real risks of an infection like this, and encourage them to not take the risk opening those Heavy chain with a padlock around a laptopattachments.
As soon as you notice the infection, shutdown your PC.  If you are on a network and you leave the system running, these infections will spread to the server rendering that data useless.  The sooner the infected machine is switched off, the less impact it will have.

If you do find yourself a victim of one of these attacks, contact the team at eStorm immediately so we can get you back on track. In saying that, prevention is always better than a cure, so call us so we can make sure your backup strategy is comprehensive enough to minimise the impact of an attack like this.

Solid State Drives vs Traditional Hard Drives. Which is right for you?

By


  Gone are the days of simply choosing the drive that had the largest capacity that your budget could afford. Solid-state drives have made huge advances in recent years and have started to become affordable for the average consumer. So which should you choose?

 

hard_drive_western_digital_sataHard-Disk Drives

These are the traditional type of computer storage and have been around for decades with minor changes under the hood. Due to there age, they’re a mature technology and considered by many as the default storage medium. Basically they are rotating magnetic platters and with read/write heads that move across the surface to access the data. These drives are called “mechanical” because of the moving parts, and are susceptible to failure from time to time… usually at the least convenient time.

They are available in several speeds that are measured by how fast the platters spin.  Most drives in desktop PC’s are 7,200 RPM, but in laptops you may find 5,400 RPM.  Occasionally in servers or higher end storage you will find 10,000 RPM.  The faster they are, the more expensive they are.  You can increase performance and speed by using other technology such as RAID, but that’s another article.

Modern drives are readily available in up to 8TB these days, with 2 or 3TB being considered pretty standard.

In summary. HDDs are best used when you need to store a lot of data, and high performance is not essential. As a result, HDDs are the norm for a desktop computer, and every day home consumer.

ssdSolid-State Drives

Solid-state drives essentially perform the same role as a HDD. But rather than using mechanical moving parts, they use NAND flash memory. This means they are far more robust than traditional hard drives, and offer significantly greater performance.

Solid state drives normally connect using the same SATA interface as a HDD, but a few can use PCI for very high performance applications. Data access is typically a fraction of a millisecond and data transfer can be in excess of 500MB per second.

With those fast data access speeds, your operating system usually boots within a few seconds.

So far this all sounds pretty good!  So where’s the catch?  As always, it comes down to money.  This performance, when compared to HDDs, does not come cheap. If you want to spend the same money as you would on a HDD, but you want the performance of SSD, expect to be dealing with a much smaller capacity. The capacity of SSDs range from about 60GB to 2TB with the larger cost around $1300. In most cases, this is above the budget of the average consumer. It is however becoming popular to buy a smaller SSD for installing applications and your operating system, and then a larger traditional HDD for storing your data such as photos, music and movies.  Be warned though, HDDs would often give warning signs of imminent failure… SSDs will tend to simply go from working perfectly, to being completely dead in the blink of an eye.  BACKUP BACKUP BACKUP!

 

momentus-100021850-largeHybrid

 

A hybrid hard drive is a mixture of a traditional HDD drive and a small solid-state/flash drive in a single package. The drive monitors the usage of data being read and keeps a copy of the most frequently accessed data on the flash memory as a cache. This results in SSD like performance at a fraction of the cost. They cost slightly more than traditional hard drives but nowhere near as much as solid state drives. They can often make an ideal cost effective solution.

 

All in all, I’m a fan of SSD.  And for me, if it’s in the budget, I will always get, and always recommend SSD.

Cloud Accounting with Xero – Is it right for you?

By

computer-1149148_640

‘Working in the Cloud’, ‘Cloud Computing’, ‘Cloud Accounting’… All terms we are hearing more and more. Momentum is growing for all businesses from SMB to Major Enterprise as people gain a better understanding of the true benefits of Cloud.

Not sure what ‘The Cloud’ is?

Put simply, cloud computing refers to applications and services being made available over the internet. Essentially this means they are available on demand where ever you are, without you having to install applications and servers.

Could ‘Live Accounting’ benefit you and your business? Here are some advantages to consider.

  • Available 24/7 from anywhere in the world provided you have an internet connection.
  • You get a ‘Real-time’ view of your cashflow and bank balances.
  • Automated Bank Feeds can minimise manual and cumbersome data entry.
  • Collaborate with your accountant in ‘Real-time’… no more sending data files back and forth.
  • No hardware or server installations, no manual back-ups, maintenance or support costs.
  • System upgrades occur while you’re offline, minimising your downtime.
  • No longer do you need to send your MYOB or QuickBooks files to your accountant leaving you unable to edit your own file while they work.
  • Fixed monthly costs that are cashflow friendly.

Do you want to know more about Xero?

xero-authorised-integrator-logo-RGB