Read the latest posts from the PremierePC blog. Office Updates, Q & A, Solution Highlights, TechBytes, and more
We have moved! Our updated physical address is 1302 Rutherford Rd, Greenville, SC 29609
Read the latest posts from the PremierePC blog. Office Updates, Q & A, Solution Highlights, TechBytes, and more
A complete security platform which bridges the gap between endpoint protection logging and secure resource access. In addition, we are offering compliance modules and enhanced security operation center analysis.
We now have Governance Risk and Compliance and Enhanced Managed Detection and Response modules for the most enhanced compliance needs.
For ALL clients, regardless of PSL or PSC plan type, we are rolling out the next evolution in end-point security. We are partnered with a leading provider recognized by Forrester Wave (see end of post) and will now be able to identify and block more attacks.
Stop attacks, accelerate detection, and respond faster.
We are offering superior ransomware detection, malware detection, malicious behavior detection, memory threat detection, host isolation, and machine learning on an ongoing basis.
In addition, we will now be able to log and respond to security information and event management for any device that is managed by PremierePC. All of this is backed by the MITRE Att&ck framework and a team of security experts which help us reduce the noise and focus on issues that require our involvement.
Further, we are now able to integrate logs from 365, our firewalls, and our networking gear, to provide a near end-to-end logging service to help identify any risks, whether they originate in the cloud, on the network, or on the device.
Both services are being layered on to our clients at no additional cost.
PSL clients will have 7 days of log retention. PSC clients will have 30 days of log retention.
If you have compliance requirements that require log retention past that, let us know as we can offer modular retention options up to five years.
For the vast majority of clients, having this baseline will be superior to anything you had before and will assist us in favorably completing cyber liability insurance forms.
We are now able to integrate identity management from Azure / 365. We can prepare the ability to securely share resources whether you are in the office or not, effectively removing the VPN barrier. Secure Access Service Edge (SASE) enables fast secure and reliable connections to all your resources from everywhere.
SASE will be available on a per device basis for an additional cost. This is the equivalent of an always-on VPN, allowing us to extend your network, wherever you are, with no additional clunky software. This tech is going to help us reduce the reliance on firewalls and VPNs and enable you and your team to compute more reliably, more cost effectively, and more efficiently in the future.
With this end-user experience, we can link all employees to commonly used applications such as 365, the help desk, or other web services you and your team use.
No matter where you go, your resources are at your fingertips. (These can be seen by all or limited to certain users.)
Elastic, used by PremierePC, is a Leader in Security Analytics Platform.
Elastic, used by PremierePC, is an approaching Leader in Endpoint Detection and Response Providers.
Starting Monday June 19th, PremierePC will be introducing a new client portal. This will be a phased roll out over the next several months, as we bring forward new capabilities and features around supporting our clients.
Phase 1 – June 19
Phase 1 will introduce a new case logging method, where existing clients will be able to log in to the portal with their 365 / Google credentials. This will enable a smooth login process, no additional username / password is required. With this setup, all users may now view any of the cases they opened or were opened on behalf of them at any time, without having to wait for a PremierePC support reply.
In addition, we will be rolling out several new case template options to help you better focus on supplying the pertinent information we need to successfully resolve your matter more efficiently.
There will be two client portals during this first phase. ALL tickets created after June 19th will be in the new portal. LEGACY tickets created prior to June 19th will be in the existing portal, along with invoices, domains, products, services, and other non-ticket features.
We will be adding additional features every week and expanding what the platform can do. You can look forward to a more integrated process with a more robust live chat, and a more scrutinized level of service internally.
Phase 2 – TBD, 6+ months
Migration of all invoices and accounting functions.
Thank you all for your patience during this transition.
We are excited to finally bring features and capabilities that have been frequently requested by you.
Email spoofing is the practice of forging a false email header to mislead the recipient into believing the email came from a different, trusted source.
This type of attack can be used to steal private information, which can then be used to further damage an organization.
Extortion, IP theft, and malware infection are just some of the risks a spoofing email attack can present. With so much on the line, a strong email security position is critical to corporate success.
PremierePC clients receive an additional layer of inbound filtering to help mitigate these risks. Enter Message Review.
Inbound filtering stops the junk and lets the good email through. Messages containing offensive, harmful, or policy violating content are held for user review, while good messages continue on their way.
Many email users report that they receive a high amount of spam on a regular basis. And even worse, they don’t always know where their filtered messages go. Big problems can result from false-positive handling when a good message your email provider thinks is spam goes missing.
Inbound email filtering handles messages more intelligently so there are less false-positives. When questionable messages are held, users get a notification that lets you preview, deliver the message, and whitelist the sender, so potentially important messages are no longer buried.
Inbound Filter gives a big upgrade to standard email spam filtering, giving every user detailed visibility into what messages were held with insightful analytics and filtering statistics. Now it’s possible for email users to see easy to read and understand details about the security of a message, so you can be 100% sure it’s safe to release to their inbox.
Users get message review notifications at the interval that works for you. Whether you want them every hour, never, or anything in between… the choice is yours.
Inbound Filter lets users preview the HTML content of a message (images optional) so you can determine whether or not it’s a message you wish to receive in your inbox without risking a malware infection or phishing attack.
Each message has an analytics section which shows data related to the reasons a message was held, where it came from, and even a map showing the point of geographic origin.
There’s also a timeline section, so it’s clear to see the path of a message during it’s lifetime and quickly identify areas where delivery was delayed or interrupted.
Click the link in the most recent Message Review email to access the portal.
Navigate to emailservice.io and request a link for access.
Scoring range = 0-600
Spam tolerance – aggressive 140 – 200
Under 140, deliver as normal
140-200 – tag subject as [possible spam]
Over 200 goes to message review
Promotions – 90
Advertisements, newsletters, and other types of marketing email that isn’t necessarily spam.
SPF soft fail – 70
Messages that came from an IP not designated by the SPF record for the sender domain. Messages with an SPF soft fail (“~all”) should be treated as spam or suspicious.
SPF hard fail – 70
Messages that came from an IP not designated by the SPF record for the sender domain. Messages with an SPF hard fail (“-all”) should be discarded.
From address SPF soft fail – 70
Messages that came from an IP not designated by the SPF record for the From address domain. Messages with an SPF soft fail (“~all”) should be treated as spam or suspicious.
From address SPF hard fail – 70
Messages that came from an IP not designated by the SPF record for the From address domain. Messages with an SPF hard fail (“-all”) should be discarded.
Reply-To address SPF soft fail – 70
Messages that came from an IP not designated by the SPF record for the Reply-To address domain. Messages with an SPF soft fail (“~all”) should be treated as spam or suspicious.
Reply-To address SPF hard fail – 70
Messages that came from an IP not designated by the SPF record for the Reply-To address domain. Messages with an SPF hard fail (“-all”) should be discarded.
Multiple From/Reply To addresses – 100
Messages that come from a different addresses in the From or Reply-To headers. This is a common attribute for phishing messages but is also common to newsletters and other bulk mailings. Use with caution as it may cause some false positives.
DKIM Signature Failed Verification – 200
Messages that contain a DKIM signature that failed verification. DomainKeys Identified Mail (DKIM) is an email authentication protocol designed to prevent message modification in transit, a method often used in phishing and email scams. This result indicates that the message signature is either spoofed or the message has been modified in transit.
Attachment with a macro – 400
Messages that contain a Microsoft Office file with a macro. Macros are a powerful way to automate common tasks in Microsoft Office and can make people more productive. However, macro malware uses this functionality to infect your device.
Potentially Unwanted Applications – 600
Messages that contain an attachment that is a Potentially Unwanted Application (PUA). Potentially unwanted applications are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software which might be unexpected or unwanted. Potentially unwanted applications are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use.
Encrypted Zip File – 600
Messages that contain an encrypted archive file (zip or rar). Encrypting an archive file can be used to avoid detection of a threatening file contained in the archive.
Encrypted PDF File – 400
Messages that contain an encrypted PDF. Encrypting a PDF file can be used to avoid detection of a threat.
In addition, we added Foreign/Uncommon Top-Level Domain rules.
At PremierePC, your security is our number 1 priority.
As announced last month, all legacy business Egnyte plans have been transitioned to the Advanced File System (AFS) plan.
At $20 per license, AFS includes 200GB / User, Active Directory and SSO Integration, and Role-Based Administration.
Public Cloud File Caching (PCC) – Egnyte Public Cloud Connector provides a solution to bridge customers’ requirements for public clouds while keeping the business content on the Egnyte platform.
Basic Ransomware Artifact Detection
Ransomware Alert (Email notification) – Setting up email alerts allows you to react in real-time to new issues discovered within your content sources. You can even customize these alerts, so the right people are notified of the appropriate type of issue.
User Individual File Recovery
AD / SSO Integration – When users from your company attempt to log in to Egnyte, Egnyte can be set up to authenticate directly against your directory service. This ensures that you don’t have to manage passwords in two separate places. Your directory service can serve as the system of record for all password information, and Egnyte will utilize this information to authenticate the user.
Role-Based Administration – An Administrator in Egnyte performs many functions: Adding and deleting users, updating billing information, managing trash retention policies, and more. Role-based Administration enables you to delegate some of these administrative tasks to Power Users. Role-based Administration also allows you to enable certain features for a subset of users.
Full Plan comparison between Legacy Business and the new Advanced File System Plan: MSP Plan Comparison Legacy Business vs AFS
Egnyte has developed an array of features built specifically for the architectural, engineering, and construction industry. These features are included in what is known as the AEC add-on package. The AEC add-on package is optional and can be purchased for an additional fee.
|Advanced Procore Integration
|Support for additional data flows between Egnyte and Procore with near real-time continuous sync.
|BIM File Preview
|Preview (including rotate, zoom, orbit and measure) native industry file formats, including CAD, without the need for specialized software.
|Project Lifecycle Management
|Revoke permissions and sever links to protect content for anyone no longer requiring access and initiate any predefined content retention, archival, and deletion management policies.
|Automated Retention, Deletion & Archiving
|Designate policies to retain, delete and/or archive files based on file or version creation date.
|Designate specific folders and as project, assign status (Active, closed, etc.) and start and end dates.
|Advanced Ransomware Protection & Recovery
|Identify and mitigate ransomware attacks and recover cryptolocker impacted data
|Digital Image Text Search
|Make image and scanned document text discoverable within Egnyte Search results (such as a PDF, JPG or TIFF).
|Upload photos directly to the relevant project folder based on geolocation, keeping them organized and making them easily accessible.
|Automate creation of your project folder structure with templatized permissions
DMARC (Domain-based Message Authentication, Reporting, and Conformance)
Brand impersonation is a huge problem for companies worldwide. According to the 2022 State of the Phish report, 65% of organizations faced Business Email Compromise (BEC) attacks.
Through the creation of a global email security standard called DMARC, email security is increasingly asking for identification for all emails to be let into an organization through the DMARC standards. DMARC not only requires you to have proper identification but also provides detailed information on how your emails are used worldwide. DMARC also provides valuable data on the emails being sent and received, including the sources, IP addresses, and domains. This information can then be used to help organizations better understand the patterns and trends in email communication and to develop more effective email security protocols.
Think of DMARC as a virtual identification license for your inbox. Just like the check-in agent at an airport, the DMARC system checks to make sure that the email sender is who they say they are. This helps to prevent phishing attempts and email spoofing, which can lead to data theft or compromise of sensitive information.
The question becomes, as a company leader, why would you allow sending an email that does not have proper identification out to the public? These emails are now being quarantined into spam or outright rejected more than ever due to improper identification in the headers. Email is the lifeblood of communication in your business. Can you really afford that big contract or large invoice to be stuck in some trap or spam folder because it didn’t have proper identification? How about your marketing efforts? You’ll spend valuable time, money and resources on your outbound email campaigns only to have them stopped at the door without proper I.D.
Even worse, there can be somebody trying to impersonate your email with a fake I.D. and misrepresent your company!
In short, DMARC is the standard for keeping you and your information safe. So, when it comes to your inbox, don’t be afraid to ask for ID. After all, it’s better to be safe than sorry.
PremierePC has layered intelligent DMARC services to all managed domains, with monthly reporting sent straight to your inbox.
BIMI (Brand Indicators for Message Identification)
BIMI is a way for companies to assert their brand identity in email communication and provide a more trustworthy and recognizable customer experience. BIMI involves using a company’s logo in the recipient’s email client next to the sender’s name. This visual representation of the sender provides a clear and recognizable identity, helping to reduce the risk of phishing and impersonation attacks, and improve the deliverability by up to 60%.
BIMI is the final step of email authentication. It validates and displays your brand logo next to the emails sent from your domains in the recipient’s inbox to ensure that the sender is who they say they are, and you can quickly recognize the brand behind the message.
Bimi is available for your domain at no additional cost; give us a call to learn more.
A fully integrated IT solutions provider for local business clients. Serving the Upstate of South Carolina including Greenville, Spartanburg and Anderson counties.
Physical Address: 1302 Rutherford Rd, Greenville, SC 29609 | 864.335.9223 | Payment Remittance: PO Box 5293 Greenville, SC 29606