Cloud Services



Direct iT has been providing custom and off-the-shelf cloud computing services for over 5 years. We have specialized in solutions that make sense for small businesses, including:

Cloud Consulting — our engineers can help you move to the cloud, whether it is an individual application or your entire business network. Our R&D labs have also done extensive testing of various cloud-based solutions and can help you evaluate which cloud solutions really make sense.

Virtualized Networks and Servers — With virtualization, we can move legacy applications to the cloud. We can also convert your existing physical servers into cloud-based virtual servers.

Cloud-based Backup — We backup your most vital data to our cloud datacenters, so that even if there is a fire, theft, flood, or other disaster in your office, your data is still safe.

Cloud-based Disaster Recovery – If your internet connection is fast enough, we can keep a backup copy of your entire server in the cloud, ready to be used in case of a disaster.

Cloud-based Email Security and Spam Filtering — Our cloud-based spam filtering solution keeps spammers and viruses from being able to directly attack your Exchange server and your network – our cloud takes the brunt of their attacks.

Cloud-based Network Monitoring — With RemoteNet, we monitor your servers from our cloud datacenters, saving you the cost of an in-house monitoring solution.

Cloud-based Helpdesk Services — The RemoteNet program also includes BlueBox, Direct iT’s custom cloud-based helpdesk solution, so that you don’t need to invest in any helpdesk tools yourself.

Custom Cloud Software Migration – Have an application that you’d like to see in the cloud? Our cloud software team can help application vendors, software companies, or anyone with a custom software solution find innovative ways to move that solution into the cloud.

Cloud Services Blog

Direct iT at the DefCon 25 Security Conference

Direct iT at the DefCon 25 Security Conference 

Hackers and security researchers from all over the world descended on Caesar’s Palace in Las Vegas last weekend for the DefCon 25 security conference.  Direct iT’s security and compliance team was onsite to hear about the state of the art in network security, and hear from antivirus vendors, chip designers, penetration testers, as well as representatives from the FTC, the Department of Defense, the Navy, and many major security product companies.  There were a lot of hot topics under discussion about the role of security research in a world where hacking has been increasingly influential.
A few of the hottest hacking topics included:
  • Microsoft’s WannaCry bug and related exploits –  Egyptian security researcher Saif El-Sherei demonstrated techniques for analyzing and reverse-engineering Microsoft patches to identify undisclosed security holes that those patches were addressing, and showed how he used this technique to also identify a new related undisclosed security hole.
  • Hardware-level security problems – a lot of new research was presented about the security implications of hardware bugs, including the SandSifter — a program for detecting and analyzing undocumented, hidden, or buggy instructions in x86 CPUs ( which was used to find bugs in Microsoft Azure virtual machines and in virtually all common CPUs).  This is a growing field within security research, based on the idea that no matter how secure our software is, that software has to run on hardware and if that hardware is not also secure we will still get hacked.   Other research was presented about how simple it is to produce counterfeit or backdoored hardware ( including relatively simple methods for implanting a hidden transmitter inside RSA 2-factor tokens, inside computer mice, and even for making counterfeit versions of special USB password-storing keys).
  • Cloud, SaaS, and hypervisor security –  there was a lot of focus on a new set of advanced tools for detecting and mitigating breaches that Microsoft is going to be giving free with Enterprise versions
  • Counterfeit and backdoored hardware hacks – there was a lot of discussion about how governments around the world place backdoors in computer and networking hardware, as well as how individuals also can exploit hardware.  One group of researchers presented a method for doing secure computation on insecure hardware.
  • IoT hacking – the takeaway from the IoT security part of the conference was not that hackers using advanced techniques could break into a few IoT devices — more that virtually all IoT devices are designed so insecurely that very standard, well-known security exploits are often all it takes to break into these devices.
  • Car hacking  – similar to the IoT findings, several groups presented research about car-related security hacks and also brought a few modern cars to the conference for hackers to analyze on-site.  What the research revealed was that car manufacturers are using out-of-date components to begin with and not doing any significant security hardening of car systems — for instance, modern Nissan and Infiniti cars were found to use a 10-year-old cellular chip that was used in the original iPhone, which has a number of well-known security exploits that can be used against the cars.  Similarly, radio researchers analyzed signals from Jeep wireless keys and found that anyone recording the radio signal from a Jeep key can easily clone that key.
  • Voting machine hacking – hackers at the conference took apart and analyzed several different types of common voting machine, quickly finding that many were based on Windows XP and were vulnerable to a number of common security exploits, including one that could be exploited over wireless.  In fact, it took less than an hour for them to break into one of the voting machines. 

Direct iT Meets White House Cybersecurity Coordinator

DIT CEO David Javaheri with Rob Joyce

Special Assistant to the President and White House Cybersecurity Coordinator Rob Joyce visited the Foley Hoag offices in Boston on 5/22/17. Joyce was in Massachusetts to speak about the President’s May 11 Executive Order on Cybersecurity and how IT and security companies can collaborate.

Federal Government Focusing on Cybersecurity

The meeting focused on a number of new initiatives including:
  1. CyberMA: Part of CyberUSA, CyberMA is a new threat sharing platform that allows security companies to securely share information about new threats with each other in order to collaborate (like the cyber-criminals do)
  2. Education: There was also a lot of focus on introducing cybersecurity as a career choice at all educational levels.
  3. Executive Order: Joyce explained the three primary points of the May 11 executive order — (1) securing the federal government, (2) securing corporate systems that are vital to our infrastructure, and (3) securing the global internet.   He also hinted that the President’s new office of innovation could potentially offer more resources for security in the future.

Microsoft Sues Justice Department Over Spying

lawsuitbuttonOn April 14th, Microsoft filed a lawsuit against the Justice Department in the Federal District Court in Seattle.  The lawsuit alleges that federal law enforcement agencies have used an unconstitutional interpretation of the Electronic Communications Privacy Act of 1986 in order to access to thousands of Microsoft customers’ data that is stored in the cloud (primarily email such as Office 365 and Hotmail).  Microsoft claims that because this spying is so widespread, and because many of the orders also demand that the spying be kept secret, and have no end date (either for the spying or the secrecy), this violates the Fourth Amendment right to protection from unlawful search and seizures. Microsoft also claims that their First Amendment right to inform customers they are being spied on is also being violated.

“From September 2014 to March 2016, Microsoft received 5,624 federal demands in the United States for customer information or data. Nearly half — 2,576 — were accompanied by secrecy orders.”

Often, gag orders prevent companies from reporting government spying on their customers.  However, some companies use what is referred to as a “warrant canary” — which is a statement somewhere on their website/service that they have never been subject to any warrants/spying.  The idea is that when the government begins spying, the company can remove the canary notice from their site, so that users can realize the notice is gone and become aware that spying may have occurred, without the company specifically notifying the users in violation of the gag order. You can read more about warrant canaries at https://canarywatch.org/  

You can also read the coverage in the New York Times at  http://www.nytimes.com/2016/04/15/technology/microsoft-sues-us-over-orders-barring-it-from-revealing-surveillance.html?_r=0

 

Tips and Tricks – Connect Your iPhone To Your Corporate Mail, Contacts, and Calendar

If you have an iPhone and corporate email with Microsoft Exchange, or cloud-based email with Microsoft Office 365(tm), then it is easy to connect your iPhone to your mail, contacts, and calendar.

Beware, though — if you sync contacts and calendar, your personal contacts and calendar entries may get synced to your corporate server — some users may only want to sync e-mail.

Step 1. First tap Settings, then go to Mail, Contacts, Calendars, then Add Account and choose Microsoft Exchange. 

Step 2. Fill out the Email, Username, and  Password fields.  Some users may also have to fill in “Domain” — note, this is not your email domain, ask your corporate IT person for your Windows domain if you do not know it.   If you make a mistake, you will be prompted to change the information.

Exchangeiphonestep1

Step 3.  Choose whether you want to sync Mail, Calendar, or Contacts and tap save.

exchangeiphonestep2

 

That’s it — now your iPhone should begin syncing with your corporate email.

Product Review – Synology DiskStation DS214 NAS (Network Attached Storage)

SynologyLogo_enu_no_slogan_for_web

 DiskStation DS214

Synology has been bringing enterprise storage functionality into a much lower price range for years. The Synology DiskStation DS214 is an affordable 2-drive NAS with a number of enterprise features, released in 2014. We’ve tested out a number of these units both in our lab and in the field, and here’s what we have found:

Synology DS214

Quick Facts:

  • 2X 3.5″ SATA drive bays (sold diskless)
  • Gigabit connectivity
  • DS214+ available — the “plus” edition has 2x Gigabit connections instead of 1
  • Supports CIFS, SMB, NFS, and iSCSI
  • Compatible with Vmware(tm) vSphere hypervisors
  • Other features include encryption, syncing between multiple devices, and LUN snapshots

Our experiences:

  • Performance: The Synology will easily saturate the gigabit network interface (unlike many other similar low-cost devices); read and write speeds approaching 100MB/sec mean this device performs quite well
  • Reliability:  While not as reliable as an enterprise SAN, the Synology is a reliable and
  • Setup and Maintenance: The DS214 can be a bit tricky to setup, but maintenance is a breeze

 

Overall, we have tried a large number of different NAS units and at the price point, the Synology is hard to beat.


Call Direct iT Now!

781-996-4918

One of our IT specialists is waiting to talk to you.

Free Cloud Computing Guide

If you would like a free guide explaining the basics and best practices of cloud computing, and how cloud computing can lower costs, please sign up below:

Your Email (required)

About Direct iT

Direct iT, Inc. is a New England based IT services firm offering products and services for small businesses in Greater Boston, New Hampshire, Rhode Island, and the rest of New England. Cloud, compliance, and document management services are also available worldwide. Many of our customers are along the Route 128 technology corridor.

Direct iT, Inc. Main Offices

39 Emerson Rd. Suite 215
Waltham, MA 02451
Sales: 781-890-4400
Support 781-890-1907
sales@directitcorp.com