PowerShell – AD Recycle Bin Check or Enable…

2017-07-27T00:00:58+00:00 March 24th, 2016|Uncategorized|

When I begin working with a new customer Active Directory environment, one thing I always like to know is whether or not the AD Recycle Bin is enabled for safety.  If you don’t already know, the Active Directory Recycle Bin is a feature that appeared in the 2008 R2 era, and gave us the not-too-easy ability to save us from our own administrators.  Over the years, especially with Server 2012 R2, the ability to restore AD objects have become as easy as a few clicks.  I won’t say that it’s a “no-brainer”, because there are a couple reasons why you might not want to enable it, but I will say that it only takes deleting a couple objects accidentally to make a compelling argument for implementation.  For some further reading, check out this TechNet Guide.

If you want to use PowerShell to check if the AD Recycle Bin is enabled, run the following command to find out (requires that you have the PowerShell AD modules installed):

Get-ADOptionalFeature -Filter 'name -like "Recycle Bin Feature"'

…and if it is NOT enabled, you will see a result something like this in the image below; notice that among the other information, the “Enabled Scopes” is empty.

AdRecycleBinCheck

So if the Recycle Bin is NOT enabled, and you want it enabled, what then?  Well, if your Forest Functional level is already at Server 2008R2, one way is to enable it with the following PowerShell command:

Enable-ADOptionalFeature `
–Identity 'CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=domain,DC=com' `
–Scope ForestOrConfigurationSet `
–Target 'domain.com'

…which looks a bit like this, as I enable the feature and then re-check:

AdRecycleBinEnable

As you can see above, the AD Recycle Bin is now enabled in my lab AD forest.

Note that in the above code example, I’m using “back-ticks” to be able to wrap lines.  However, in my screen cap I put it all on one line.  I’ll go over the back-ticks in a future post, but for now be careful with them, or remove them and include the entire command on one line.

So to recap, when ENABLEDSCOPES isn’t populated (e.g. {} ) it’s off.  If it contains values, then it is enabled!

And remember this: after enabling the AD Recycle Bin, you cannot disable it anymore!

How Healthcare Organizations Get ROI from the Cloud

2017-07-27T00:00:59+00:00 March 8th, 2016|News|

March 8th, 2016 – Like many healthcare organizations today, your internal IT costs may be high as a result of capital-intensive investments in hardware. In addition, you may find that your key resources are spending precious time fixing IT problems when they could be focused on their primary job. When it comes to shifting your organization away from this expensive way of doing business, you’ve probably considered a cloud-based solution. But you may be unsure if it’s the right choice.

At the top of your questions might be whether or not the cloud can provide the level of security required to manage your highly sensitive patient data.

Adopting cloud technology is a viable, sustainable, and cost effective solution for healthcare facilities. At Coretek, one of our primary goals is for clients to realize between a 20-40% savings in the first year of moving to a cloud-based solution. In fact, a return on investment is usually realized within one year of investing in our cloud solution.

Here are just a few of the ways that you get ROI out of the cloud:

OPEX budgeting is predictable

Not only does the cloud free up physical space by not requiring servers, floor space, cooling, heating, power and racks, but IT budgeting becomes predictable. With an operational expenditure model, you can now do new resourcing models without impact to your budget and operations.

New levels of efficiency

In many healthcare facilities, servers are showing their age, applications may be running slower and more and more time is spent fixing broken technology. Instead of trying to be the IT expert managing a closetful of hardware, the cloud keeps you out of react mode and focused on day-to-day priorities. With a cloud solution, ‘tier one’ problem solving becomes automated, saving you valuable time and resources.

Additionally, there are over 80 different products in the cloud today that have been turned into single solutions, and each of these 80 products can now be delivered instantly through one cloud-based solution specific to your needs. With so many ways to streamline processes, automatically comply with regulations, and avoid wasting precious resource time, physicians and clinicians benefit from new levels of efficiency.

Makes HIPPA easy and provides business continuity

In many healthcare facilities, servers are showing their age, applications may be running slower and more and more time is spent fixing broken technology. Instead of trying to be the IT expert managing a closetful of hardware, the cloud keeps you out of react mode and focused on day-to-day priorities. With a cloud solution, ‘tier one’ problem solving becomes automated, saving you valuable time and resources.

Coretek’s cloud solutions are not only powerful, but you can now realize a significant ROI while propelling your healthcare business forward with the most modern technology. For more information on our cloud solutions, click here.

How To Maintain Physical Control of Your Devices

2017-07-27T00:00:59+00:00 March 7th, 2016|News|

March 4, 2016 – In our previous blog post we discussed the importance of containing your data in your company. In this article we are extending the concept of securing your business to the importance of maintaining physical control of your devices.

Why is this important? With the rise of data breaches and the use of BYOD at work, you need to be able to control, monitor, and secure how your employees use corporate and personal devices to share confidential information.

What if you could lock certain functionality by location, which are standard on most mobile devices (cameras, unapproved Wi-Fi hotspots), or even erase all corporate related data when an employee leaves the company? Maintaining physical control of your corporate and BYOD devices is possible through Mobile Device Management (MDM), which monitor, deploy, and secure your corporate environment.

Here is a list on how MDM allows you to maintain control of your employees’ devices at work:

  1. Make changes when you want. With MDM you have the ability to turn off certain features on any devices used for work (e.g. even those personal devices). You might not want employees to use their camera during a quality control service at your company’s manufacturing facility. Also, many companies block employees from accessing networks that are not considered secured (e.g. coffee shops). You control what features are accessible to your employees at any given time to reduce the risk of penetration.
  2. No access granted. With MDM you can limit the functionality of a device based on location and time. If you don’t want files to be shared after working hours you will be able to set that functionality on all mobiles or a select group. Just be aware that your CEO might always be working!
  3. I never got my laptop back. Many companies let employees leave their jobs keeping corporate laptops. This means that they have access to confidential data as former employees. With MDM you can erase the data from any mobile devices at any given time, without it being in your physical possession. So, as soon as that employee resigns, you can wipe out all corporate data and applications.
  4. BYOD. Once a user enrolls into a Mobile Device Management program, the IT staff has the ability to configure different corporate services (e.g. secure e-mail) that employees can use. This means that your staff can continue to use their personal devices both for pleasure and work-related tasks. Only the corporate services (e.g. e-mail, file-sharing) are controlled by your IT team. This is important as you have full control of the corporate data stored and shared via BYOD, but leaves your employees happy that they still control their personal information.

Having control of mobile devices at work is more important than you think. If you don’t have MDM in place your data is vulnerable to attacks, thus putting you and your business at risk. Being able to monitor, deploy certain features, manage specific applications (e.g. access to Wi-Fi, password request), and erase company data is essential to securing your company.

At Coretek we look at how your employees are using mobile devices at work and define what needs to be done to secure your company. We help you design and implement a strategy that meets your needs. At the end of our involvement with you, your IT staff will be prepared to maintain physical control of all devices, while protecting your business.

 

Containerization of Data: Take Back Control of Your Data

2017-07-27T00:00:59+00:00 March 7th, 2016|News|

February 26, 2016 – Hackers are getting more aggressive every day, just as new gaps in security systems also continue to pop up. It’s estimated that 60% of enterprises allow use of personal devices in the office, opening your company to security threats and data leakage. Your challenge is to provide security as this trend continues to play out.

The risks of losing confidential information and being subject to governmental penalties can put your company at risk (potentially out of business)! Enterprise Mobile Management (EMM) aims to protect your company by managing your employees’ mobile device applications and functionality, like DropBox or Sharefile, aiming to increase security while providing the right tools for your staff to work more efficiently.

Containerization of data.

Have you ever received an excel report from a client prompting you to insert a password to view the document? That’s an example of containerization of data across mobile devices.

Containerization of data describes taking your data protection to the next level through where and how you store your data. Usually, companies store their data inside the cloud or a shared data center. But, with containerization of data, data is encapsulated within a privately controlled corporate environment. Also, the data is encrypted with a security key, so nobody can penetrate the data unless they have the necessary credentials.

E-mail data leakage.

The most common way for companies to lose their data is through email. Most companies allow employees to use their personal devices to receive work related documents or emails. If your employee were to lose their phone, say leaving it behind on an airplane for example, and you didn’t have the proper security protocols in place, a hacker could easily infiltrate your employee’s email and steal confidential data.

Imagine if your CEO were to send a confidential e-mail to the CFO about the company’s 5-year strategy, including budget and revenue projections. Would you want your competitor to have access to that message? Or, what if you were discussing a merger with another company and the deal went off because your e-mail appeared on the front page of your local newspaper? You may think it can’t happen to you, but without proper security, your company is very much at risk.

In a containerized environment, all e-mail is secured, encrypted, encapsulated into that device, and cannot be hacked.

Shared file data leakage.

The other way data leakage can occur is through public applications on mobile devices. Many companies leverage free tools, like file sharing services, to increase productivity, but don’t realize that these unsecure consumer-grade applications are magnets for hackers.

For instance, confidential information on merger and acquisition is often shared between companies across multiple devices, increasing the possibility of data leakage if none of the companies have secure environments in place.

In a containerized environment you can share a file using your secure ShareFile app, and the person receiving the document will be able to open the file using your encrypted and secured server. You even have the ability to expire the document if it isn’t opened in a certain period of time. This is a great way to ensure your data will only get into the hands of the interested parties.

Whether you’re a small company or a big business, it’s imperative to protect your data by containing the information under one secure environment. Enterprise Mobile Management controls where emails can be sent, how they are accessed (prompting for a password), and where documents can be shared. Your data is “contained,” no matter where your employees are and what devices they are using.

For information on how Coretek can help with your Enterprise Mobility Management, click here.