We’ve been talking a lot about session hijacking recently and we’re starting to get a lot of questions about what that term means. By definition, a session hijack is a security attack where an unauthorized person takes control of a user's authorized session in a computer system.

In a typical online scenario, when a user logs into a website or application, a session is established between the user and the server to maintain their authenticated state. This session is generally maintained through the use of session tokens or cookies.

Session hijacking occurs when an attacker intercepts or steals the session information, allowing them to impersonate the legitimate user and gain unauthorized access to the system. There are several methods through which session hijacking can be carried out:

Please be aware that Microsoft Office 2013 has reached its end of life, effective April 11, 2023. This means that Microsoft will no longer provide support, updates, or security patches for the Office 2013 suite. While the software will continue to function, its lack of ongoing support and security updates may leave you vulnerable to potential security threats.

Back in 1999, the first Prometheans were trying to come up with a name for this venture of ours. Earlier tales have been told of how Promethius came to be a part of it, but what I’d like to discuss today revolves around the “Consulting” portion of that storied name.

You see, consulting has always been a major value that we bring to the table, but many of our clients don’t avail themselves of it. In the early years of the Promethius experience, it was very common for Prometheans to be part of our clients’ teams. We attended staff meetings, board meetings and sometimes even staff birthday parties. We consulted on annual budgets, strategic initiatives and even staffing decisions. As technology progressed, however, it became much more common for small companies to departmentalize their tech. It became common practice to rely on software vendors for advice on software functionality, for instance. Rather than work with a trusted advisor to gather requirements and wish lists, company leaders, and sometimes general staff, would start meeting with software vendors and let the demos do their work.

In recent years, many of our prospects/customers approach us already knowing the products and services they wish to purchase. Too often this sort of thinking has led to computer support being viewed as a commodity. Seeking the lowest-priced help desk support can cause some real problems and has left many small companies in dangerous positions in this age of cyber threats.

The risks today are too great to rely on client/vendor relationships. We need to go back to a world of partnership. We need relationships in which we can have real discussions of threats, problems, options and solutions. If there is no trust, then everything seems like a sales pitch. The fact is that the most profitable solution for Promethius, the vendor, is often the “solution” that we would advise against. It would be easy, for instance, to recommend a time and materials solution to our clients that only reacts to problems after they have revealed themselves through some sort data loss or security breach. This kind of arrangement might be good for our bottom line, but it would be irresponsible for us to recommend such a strategy.

So, the moral to the tale is to discuss technology strategies with your trusted advisors and more importantly, choose vendors that you can trust as the number one criterion. View your technology providers as a team of experts that is there to help you make decisions to run your business. If your website developers can’t work with your SaaS providers or your Managed Services Provider, then some changes might be in order because technology needs to work in concert to be effective. Give us a call if you’re interested in discussing your IT strategy.

Promethius began migrating on-prem Microsoft Exchange Servers to the cloud about fifteen years ago and we haven’t looked back. Initially, multi-tenant, cloud-hosted Exchange Servers were owned by third-parties, like Intermedia and AppRiver. This arrangement worked very well until Microsoft decided to get serious about the hosting game in 2011 with Office 365 (I’m purposely ignoring their BPOS service that launched in 2008 because I still have nightmares about it). Microsoft seriously undercut the pricing of its own partners and put most of them out of business. The positive of this move, however, is that Office 365, and now Microsoft 365, have become very solid and essential business services boasting almost 2.4 million business customers. Of course, Microsoft 365 isn’t just email hosting, it’s hosted documents via SharePoint and OneDrive and it’s a project management via Planner and the list goes on and on.

In our 10 years of experience with Microsoft 365, we’ve had very few issues of lost emails/documents, but it should be recognized that Microsoft 365 doesn’t offer a traditional backup and recovery system with lots of retention options, etc. As far as disaster recovery of Microsoft servers go, they seem to rely on their extensive redundancy. This is probably adequate, but companies sometimes get caught off guard when it comes to the email and document retention policies. Deleted emails have a maximum recovery period of 31 days and SharePoint/OneDrive documents have a maximum recovery period of 93 days. Keep in mind also, that this isn’t the industry standard off-site backup. These emails and documents are saved to the same network that is hosting the live data. Many small companies choose not to pay for third-party backup even when these facts are pointed out, but a third-party backup of your most crucial communications and company documents is probably worth a discussion. You might be surprised to learn how affordable it is.

Among many other horrible things, 2020 was a year of rampant computer fraud. Therefore, 2021 is the year we pay for it. Insurance companies took a beating and now it’s time for premiums to rise and requirements for policy renewals to get harder. Insurance companies are now beginning to mandate something that IT companies, including Promethius Consulting, have been pushing for years…Multi-Factor Authentication.

Supply chain issues abound, and if you plan on purchasing computers this year you had better plan way ahead.  In fact we are advising clients to expect delays as long as six months.  This video explains the situation in detail!  

Millions of employees have suddenly dispersed to their homes in an attempt to stay safe and productive. Unfortunately, many home offices were not designed for comfortably working for eight or more hours at a stretch. Also, many homes and apartments do not have the same physical protections and roominess that we find in our cubicles and offices at work. This is leading to accidental coffee spills and laptops being dropped off the corners of tables at the absolute worst time in history for these types of accidents to take place.

Due to the Windows 7 operating system end of life, desktop computers and laptops have been getting steadily harder to procure for the past year or so. When Wuhan China locked down due to Covid-19, many hardware providers were effectively out of business. To make matters worse, major distributors, like Tech Data and Ingram Micro, have maintained less inventory in recent years and are now, themselves, on partial lockdown due to Covid-19. This has culminated in the perfect storm for hardware procurement. Most of our favorite hardware models are on backorder for weeks or months. Even our backups (less popular models) and safeties (retail) are now quickly running out of stock.

What’s the answer? Don’t break your computer!  Physical damage to an older computer or mobile phone is to be avoided at all cost. Don’t take extra risks balancing your computer on a stack of books on the corner of your dining room table, even for just a second. Use extra caution when taking your phone out of your pocket because getting a new one activated, even if you can get your hands on a replacement, is next to impossible in this environment.

If you’re planning hardware purchases in the next 6 months, please talk to us now so we can develop a strategy. As always, give us a call at 317-733-2388 if you have questions.

You’ve likely heard that hackers are coming out of the woodwork to take advantage of all the novice remote employees. After all, it’s no secret that home networks are generally less secure than their office counterparts. So, the question is, “can your office network be at risk from the actions (or inactions) of home users?” Hopefully, we all know that the answer to this question is, “yes.” If not, THE ANSWER TO THIS QUESTION IS “YES!”

Let me just state first that if you are one of our vDESK customers, then you are safe and that this article does not pertain to you. For those of you who are not vDESK customers, please let the above statement sink in. vDESK is the solution that allows you to sleep at night in situations like this (and the countless more ordinary ones).

Ok, so you’re not a vDESK customer and you still want to be secure in a work-from-home scenario. Let’s first look at why there are risks. What’s the difference?

Well, at least we’re all in this together. There is certainly disagreement on where we go from here, but we are all here together now. By here, I mean we’re all immersed in the mess that the novel Coronavirus has wrought. Regardless of your politics, religion, color of your skin or number of genders you believe there are, we are all doing our best to do our jobs from the comfort (confinement) of our homes.

At Promethius, we’ve had this ability for years and most of us have taken advantage of the opportunity from time-to-time. I doubt, however, that many of us will look forward to that opportunity for quite some time in the future. I have had the opportunity to speak with lots of our clients, vendors and friends during this unique time and most of us seem to be in pretty good spirits, all things considered. Sometimes we need a change of pace and it can be a bit of a relief knowing that we have to do it and that the rest of the world has to do it too. Our hearts go out to those who suffer from illness, to those separated from loved ones and to those who have lost their jobs.

If there is anything we can do to help you, as a friend and neighbor, please give us a call. These are weird times, but maybe it’s our opportunity to get back to being neighborly. I don’t know about you, but I’m finding that I have a little more time on my hands these days. Of course, we’re still here and available to help as your friendly neighborhood IT vendor as well. Just let us know how we can help!