We’ve recently set up a server that needed to be accessible via Remote Desktop from anywhere, so we had to get a bit more creative with security.

 

The Problem

In the modern days of the Internet, security is key. We often see news of data breaches for global corporations, but they’re not the only ones at risk, and ‘Hackers’ don’t need to specifically identify your network to attack it. Bots run constant access tests all over the internet, looking for vulnerabilities and areas they can work their way into. This is quickly evident if you open up a server to the internet and you suddenly receive 15,000 log in attempts in a single day. When you need to do this though, how can you help mitigate the risk?

 

The Solution

Let’s get the obvious out of the way first, Use a hardware firewall, and a software firewall, to manage access into your network – Make sure any ports you don’t need are closed by default. Also make sure you have fully up to date Anti-Virus and Anti-Malware programs running on the server itself.  One extra option to consider is locking down the access to specific IP addresses, but this only works if you know where you’ll be accessing the server from. If you’ll be on the move a lot or you’re just not always going to be accessing from the same locations this is a bit harder to manage.

Roll out the Two Factor Authentication (2FA).

2FA has been around for a while, but only in the last few years is it being taken on by small to medium businesses as a serious security measure. One of the best things about 2FA is how simple it is to both setup and use. You’ll usually have to subscribe to a third party software company, but that’s not an issue in exchange for peace of mind.

When a user logs in to Remote Desktop they enter their username and their password as normal, but then they are prompted for an access code. These codes are generated by the user’s mobile phone, a different code is generated every time they log in. This means to gain access to the Server you not only need to get past the normal Username and Password security, you need to get past this extra layer as well – which requires the use of the employees mobile phone, which is usually protected by another password.

Saying that, a password can be bypassed, guessed, and hacked – the access code is not so simple. The mobile app generates the code and transmits it to the 2FA Server which knows that if the same user enters the code within X amount of time, they can log in. If they Enter a different code they are rejected and the login fails.

Some 2FA softwares allow you manage the code via text message or phone call as well, so you don’t even have to rely on the app (If you’re still using an unsupported mobile OS like Blackberry for example)

Even if your Server isn’t open to the Internet, Two Factor Authentication is worth considering to make sure your network remains safe and secure.

If I were to create a list of the ‘Top 50 Things Every Customer Service Team Knows is Important Yet Spends No Time On’, Documentation would be top of the table.

Everywhere you go in the Tech World you’ll find Managers talking about how Documentation makes their team excel, all the while they have no procedures in place around it, and very often a Knowledge Base that’s only used to reference itself.

We all know that Documenting properly can give us the edge over the competition, so how do we actually put it into practice? Since we’re on the topic of Top Lists… (Although this one is in no particular order)

 

Top 6 Ways to Effectively Use Documentation

  1. Appoint a Manager
    Make sure there is accountability somewhere. No Accountability? No results. If you’ve got a large staff you could always appoint a Documentation Jedi per team, then one Yoda who has ultimate document power.
  2. Utilise free Software
    Or paid if you like, but considering the amount of free software out there it’s easy to save the pocket money. Use a custom Wiki or Knowledge Base designed for internal Documentation and you’ll see how powerful it can be.
  3. Focus your Resources
    Following on from the last point, don’t split your resources. By that I mean find an area/software to use and stick to it – Don’t have information for X on an Online Wiki, for Y on Sharepoint, and for Z in Onenote. You’re just slowing yourselves down and your customers will notice the difference.
  4. Use Logical Structure
    Think Hansel and Gretel following a breadcrumb trail around the woods and back to the witch’s oven. Make sure you have enough Levels so each one isn’t crowded, but not so many that you need to browse through 15 folders to find a single document. Play around to find your sweet spot, but i’d recommend not having more than 15 articles in a single folder.
  5. Don’t be Afraid to Restructure
    You set up your Knowledge Base when you had 4 clients, now you have 40 and your Logical Structure isn’t. You may need to spend a day restructuring but you’ll really notice the difference when it’s working for you again. The lost time rearranging will quickly repay itself.
  6. Make Documentation a Key Component of your Delivery Process
    By this, we mean whether its a developer writing some code, a consultant completing some custom configuration, or a business analyst scoping out a project, ensure as part of the work they are completing, they have a task to complete accompanying documentation in your designated documentation solution.

 

Follow these points and your customers will be in quick response heaven. Once brand new members of staff can answer requests from clients, you’ll know you’re a Wiki Wizard and not a Document Diva.

We use automation every day, from grocery shopping to entertainment systems. We rely on algorithms and automatic processing more than we realise, and unless it goes wrong we rarely notice it.

At QuayTech we’ve been looking at ways we can automate certain tasks to improve customer service and free up team members from repetitive tasks, but there is a stigma behind automation.

How Automation can Supercharge Customer Service
Humans are… well, human. A human can’t check a mail box 60 times a minute, and a human can’t reply to an email in less than a second. An algorithm can. When it comes to automatic replies, nearly every support team on the planet has one. Everyone knows it’s an automatic email of course, but getting a quick response can turn a satisfied customer into a happy customer. Why not take it a step further?
It can take hours for the human brain to detect patterns (and anomalies) but a bot can do this instantly. A simple alert to an engineer’s phone that says “6 clients have had the same problem with this software in the last hour” means you can have a problem resolved in minutes and hours, not days.
Communication between departments is a struggle for every growing business, but why not run an automatic notification to relay information from one team to another? In a software company, passing a ticket from development to QA automatically can drastically shorten the ticket life cycle. And no chasing other teams!

In the age of AI, self driving cars, and computer landed rocket ships, holding on to past processes can leave your business behind the market.

But is it all good?

 

When Automation Goes too Far
Robots are… well, robots. You can’t replace the human response with a line of code, and ultimately customers will always appreciate personal treatment. To that effect, an automatic reply to an email is good customer service, but only if it’s followed up later but a real human response. It’s also probably not a good idea to try and get your bot to draft it’s own responses like Asos did back in 2016 (Trust me – https://tinyurl.com/y936eb66)

 

Like most things, moderation is key, and unless you can reduce time spent or increase customer satisfaction, sticking with the human route is probably best. When you can though, automation could make a world of difference to your customer service team.

At QuayTech, we’re currently in the middle of a migration containing a few million files, so I’ve had plenty of time to think about File Transfers over the last week or two.

Back in the early 1970’s, FTP (File Transfer Protocol) was the only way of sending data across the Internet. Of course in 1973 the Internet was made up of only 83 Servers and most of them were Universities like Harvard or Tech Giants like IBM, so there wasn’t much need to encrypt or protect the data. There were no hackers, no phishing, and everyone knew who was on the other end.

The internet in 2018 is a very different place, so we need to make a few adjustments to the way we bulk send files.

 

Why you shouldn’t use Plain FTP

When we say FTP it can be a general term referring to all types of File Transfer, but more specifically it usually means Plain FTP. It’s called plain because the Data, Usernames, and Passwords are not encrypted, neither are host names, IP addresses or anything else. So what does this mean? Anyone listening in can not only view your files, but also where they are going, where they came from, and the necessary passwords to gain access.

It may have worked when Aberdeen were sending their research to Harvard 40 years ago, but sadly the Internet isn’t the safe place it was back then.

 

What should you use instead?

There are a few answers to that question, the most well known being file sharing programs like Dropbox, Google Drive, and OneDrive. Maybe more time consuming than FTP, these software companies have to go through a huge number of security checks and procedures to be able to handle your data securely, so you’re in good hands. The advantage of this is that it requires almost no set up on your part.

If that doesn’t suit you, there are two successors to FTP – SFTP and FTPS.  These use the same interface as Plain FTP, so the immediate benefit is that most FTP programs can also use SFTP and FTPS. More Importantly, both also encrypt passwords and data transmissions.

SFTP uses SSH, this means that prior setup is required to send files. Both sides of the transfer must have the SSH Key required to operate, as well as the username and password.

FTPS is certificate based, and uses TLS for encryption rather than SSH, making it quick and easy to connect to a Server with a trusted Certificate, as long as you provide the username and password.

Both of these iterations of FTP make secure transmissions between trusted systems fast and easy, and automated transmissions secure and efficient. One of the best things about SFTP and FTPS is that most Plain FTP programs now allow you to enable SSL/TLS (FTPS) or SSH (SFTP) and automates a lot of the process for you. Just remember – Don’t choose Plain FTP.

Good luck with your file transfers!