Category: Blog

What Is Technology Competence

Posted on by Elevate Services Group

 

According to the LawSites blog, as of this writing, there are 36 states that have adopted the ABA’s updated Model Rule 1.1, which states that lawyers should maintain technology competence. The rule is purposefully vague to allow for the constant changes in technology that the legal industry is encountering. Unfortunately, the vagueness can create some anxiety for lawyers who want to meet the requirements of the rule. What does the ABA mean by “technology competence”, and how can lawyers achieve competence?

 

 

To better understand the expectations of the ABA and the states embracing its rules, it is necessary to take a closer look at how technology has impacted legal representation and ways that it can improve a lawyer’s practice.

 

Your main goal as a lawyer has always been to represent your client to the best of your ability. It was once enough to be knowledgeable in your legal area to ensure competent representation, but skilled representation today also means being able to use technology to improve efficiency, security and ideally the results you get for clients.

 

Technology Competence—The Basics

 

Update to ABA Model Rule 1.1

 

To get a grasp on what technology competence means for you and your practice, it is helpful to read the updated ABA rules:

 

Maintaining Competence

 

To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.

 

As you can see, the rule is not terribly specific about what it means to be competent in technology for a lawyer. It states that you should, “…keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology…” However, if you consider what the relevant technologies are in law—and their benefits and risks—you can get a clearer idea of how to approach tech in your own practice.

 

Relevant Technology in Law

 

There are some technologies that are quite relevant to the practice of law and are being used by lawyers across the country and the globe. These include:

 

Electronic Discovery

 

Discovery has always been the backbone of case building, but electronic tools have increased the power and efficiency of the discovery process in numerous ways. These tools allow for more comprehensive preservation of information, more thorough review of information and faster production of information. Failing to leverage electronic tools in the discovery process is doing clients a disservice.

Law Firm Technology Competence in USA

 

Internet Investigations

 

You do not have to be a professional internet investigator to get a lot of benefit out of internet searches. Just being able to do simple internet searches for information can make the investigation process faster and more thorough than it otherwise would be. There are also numerous tools available online for conducting investigations.

 

Cyber Security

 

Considering that most of the information you obtain for clients and from clients will be digital, it is incredibly important that you take basic cyber security measures to protect that information. From hackers looking to blackmail victims to government agencies reviewing every bit of information they can get their hands on, there is a multitude of actors who can target your data and compromise your practice.

 

Understanding the Technology Used by Clients

 

The clients you represent are using technology in a myriad of ways. You need to have a basic understanding—or possibly a much more in-depth understanding—of what tech they are using and how they use it. That means educating yourself not only on legal tech but also on any tech pertinent to your clients and their legal needs.

 

Courtroom Technology

 

There are a variety of tech tools that can make you more effective in the courtroom. They can help you better organize, present and explain information to your audience. Every little advantage you can get can make a difference when presenting your case.

 

Legal Technologies that Make Business Easier and More Efficient

Many legal technology tools are fairly mundane, but that does not make them any less useful. You can leverage them to provide your legal services with less work on your end. File sharing, automated document assembly and electronic court scheduling are all useful.

 

Using Technology to Better Serve Your Clients

 

Your ability to serve your clients is improved in many different ways through technology competence. While it may take time and effort to improve your competency, the benefits of doing so can be significant for both your clients and your practice.

 

To learn more about legal technologies that might benefit your firm, please contact our managed IT services team.

Cutting These Two Corners Could Lead to Business Disaster

Posted on by Elevate Services Group

 

 

Cost-cutting measures are not unusual for organizations as they traverse the standard lifecycle of products and services. What you decide to cut during the lean times can have just as much impact as to where investments go when your business is flush with cash. Some organizations start their cuts in advertising and marketing but eventually make their way to technology projects. Managing expenses and balancing them with the associated risks is a critical task in organizations, but there are two places where the risk simply isn’t worth the savings in expense reductions: cybersecurity and proactive support for your business technology. Reducing your funds in these two vital areas could cause a negative impact on the organization that has a ripple effect felt for years to come. Here’s why these are the two places that you should never cut corners in your business.

 

Protecting Your Organization’s Business Systems and Data

 

Cybersecurity is a broad term that refers to a range of activities including hardware protection, software patches, password requirements, staff training, server maintenance, cloud-based controls and more. There is no simple definition of what can be included in cybersecurity and business requirements change on a fairly regular basis. This alone makes it difficult to set a budget and stick with it — or reduce it over time. The ever-changing nature of threats that can effectively cripple an organization in a very short period of time means that your business will need to continually invest in learning and growth opportunities to reduce the risk to your organization.

 

Data protection is another facet of cybersecurity that demands consideration. From the 2018 GDPR (General Data Protection Regulation) to more recent requirements in various states, data privacy and compliance has come to the forefront of the security conversation. Businesses must first wrangle and then protect sensitive personal, health and financial data — not to mention securing their business systems from infiltration by hackers. Skimping on these critical tasks or attempting to do them in-house with limited resources can open your organization to significant fines if you’re found to be non-compliant with global or state-supported regulations.

 

Smoothing the Cost of Technology

 

It’s always tempting to cut out what could essentially be considered insurance: the ongoing maintenance and support of your technology hardware and software. When your business reverts to paying only for systems that are broken and unable to be used, you’re left with a hodgepodge of user complaints due to slowdowns that aren’t “bad enough” to be sent out for repair. Plus, you’re looking at a hefty fee for getting any break-fix work done quickly — and forget about being able to budget effectively by guessing what could potentially require repair or replacement during the year.

 

Proactive maintenance of your business systems allows business users to maintain a high level of productivity while also factoring your technology costs at a reasonable level throughout the year. It can be extremely challenging when you’ve exhausted your budget for break-fix support for the year, only to find that it’s only the beginning of the third quarter. In that case, you’re either siphoning funds from other crucial projects or trying to limp through the remainder of the year until you can reset your budget and resolve outstanding problems. Investing in proactive maintenance means you don’t have to question whether a fix is “important enough” to be resolved as long as the issue is within your service threshold.

 

Protecting your business from unnecessary risk can feel like a full-time job for busy technology leaders. Fortunately, IT managed services providers are able to help with both proactive maintenance and providing the high level of cybersecurity expertise that is needed to help protect your business from both current and emerging threats.

Is The CMO Responsible For Digital Technology Decisions Part 2?

Posted on by Elevate Services Group

 

All businesses today are faced with numerous technology decisions. The rapid rate of tech development and adoption has led to some truly remarkable transformations in the business landscape—and in the responsibilities, various professionals are expected to perform. CMOs are no exception. In fact, if you have been a CMO for very long, you have likely seen your list of responsibilities grow as new tech has arrived. It is precisely because you are expected to leverage marketing technologies to achieve business objectives that you need to participate in the decision-making process regarding digital technologies. Your perspective is vital to ensure that your company chooses the right technology and gets the maximum benefit from that technology once it is incorporated.

 

Why the CMO Needs to Be Involved in Technology Decisions

 

As the chief marketing officer, your main responsibilities are focused in the marketing segment of your business. Once, your role would have centered on building the brand, engaging customers and advertising. Now, you are still expected to ensure that these areas are seen to. But you are also expected to maximize your effectiveness by utilizing all the technology tools available to you. Your engagement with marketing technologies and your familiar with the marketing and business objectives of your company make you a unique, knowledgeable voice in the digital technology decision-making process. You do not necessarily have to be solely responsible for those decisions, but you do need to play a major role.

 

When deciding how heavily you should be involved in tech decisions, you can ask yourself two questions:

 

Does the technology decision have anything to do with marketing?

 

There are plenty of technology decisions that do not involve marketing. The IT department in your organization and the CIO, in particular, make tech-related decisions every day, many of which have nothing to do with the marketing department. From servers to power supplies, password resets to OS installs, the IT team has plenty on its plate that falls squarely within the realm of technology. It would be a waste of your time and of theirs if you were involved in decisions that did not relate to your field of expertise.

 

Of course, there is an increasing number of technology decisions that do involve marketing or affect marketing. The spending on marketing technologies is expanding at a rapid rate across most businesses because it offers so many possibilities and is often required to remain competitive. Any technology decisions that relate to customer engagement, customer data, advertising, or anything to do with marketing or achieving marketing objectives should have your input.

 

Does the technology decision have anything to do with customer interaction?

 

Customer interaction does fall under the marketing umbrella, but it has become more of its own area as companies have embraced social media platforms and CRM technology. Your company needs to collect customer data and it needs to maintain a constant presence for customers, all of which can benefit from the deft touch of marketing professionals. You can help other decision-makers understand what works and what does not when it comes to engaging customers and keeping them engaged.

 

Make Your Job Easier by Partnering with the CIO

 

As fast as you can learn marketing technologies and incorporate them into your business, there will always be a lot you do not know. When approaching such a massive subject as digital technologies, it makes sense to combine your abilities with others in your organization to ensure the best possible results. The CIO is the perfect partner in your efforts. While you focus on achieving marketing objectives, the CIO can focus on ensuring that the technology your business uses to achieve those objectives is functional and that nothing slips through the cracks. The work of the CIO makes sure that all the marketing technologies you rely on are there when you need them.

 

Developing a relationship with the CIO benefits both of you in a myriad of ways. You can learn more about how the different technologies in your organization function and support one another—which allow you to make clearer decisions about what tech you want to use moving forward. By working with you, the CIO gets a better grasp of how you use technology to achieve marketing objectives. Ultimately, the CIO should be able to offer suggestions that would not have been possible without the familiarity gained by working hand in hand with the marketing department.

 

Choose Your Role in Technology Decisions

 

Every organization is unique and requires a customized approach to tech decisions. You are the best person to determine where your role fits within the framework of tech decisions for your company. It may be best for you to head the decisions, or it may be better to serve a support role. What is important is that you take firm steps into the realm of marketing technology and apply your marketing knowledge to the decision-making process. The business will benefit from it, and your role as CMO will only get more interesting and engaging as a result.

How CEOs Can Use Their Blog To Communicate With Staff & Customers

Posted on by Elevate Services Group

 

 

As a CEO, you have tremendous influence over your company’s brand, messaging, values and strategies. You also have a personal brand that increasingly today needs its own shaping, nurturing and feeding.

 

One powerful way to improve your personal brand and your company’s messaging is to have your own blog. Your voice, insights, opinions and news needs a vehicle that can project your thoughts across multiple channels.

 

Knowing why a blog makes sense and best practices is an ideal way to get started.

 

Why Should I Create a CEO Blog?

 

First, consider the multiple audiences to which your voice matters. There are stakeholders and in some cases shareholders that value your communication.

 

Internal blogs allow you to communicate to employees in a very different way. The benefits include:

 

  • Providing an up close and personal insider perspective on work, values and messages you want to convey
  • Promoting your internal persona
  • Promoting and reinforcing key messages
  • Building and celebrating a positive company culture
  • Fostering two-way communication between the c-suite and other employees

 

What Is the Difference Between Internal and External CEO Blogs?

 

External blogging has its own advantages. The tone and content of internal and external blogging likely will be different but the tone, themes and messaging should remain consistent. The advantages of external blogs are:

 

  • Thought leadership. Insights on industry trends, needs, challenges and transformation help establish you as a leader in your field.
  • Valued added. Customers and potential customers are more likely to choose your business if you can provide them with valuable, needed information that helps them do their business better.
  • Authenticity. Build authenticity with external stakeholders with consistent valued content, especially in challenging times or crises. That’s when your voice should be loud, not silent.
  • A face with a brand. Too often companies, especially as they grow larger, become faceless. A blog helps put a human face on your business and brand. Your blog helps keep your business front of mind, especially when they see your information popping up regularly in email inboxes and on social media.
  • Brand loyalty. Customers are going to come back when the products and services they receive are of high value. A blog can help in reinforcing your commitments to quality, customer service and continuous improvement.
  • Spreading your message. When your content is compelling, readers will like, share and forward it to others. This viral marketing, at no additional cost to you, spreads your brand and your thought leadership.
  • Beating the competition. It’s likely some of your competitors are blogging. Get ahead of them with better, regular and more valuable information.

 

In a 2016 New York Times article, Microsoft founder Bill Gates, who focuses much of his energy now on his philanthropic foundation, spoke about why he blogs. “It … helps to have a platform for talking about the work I’m doing, both through the foundation and separate from it, because I find people are curious about it,” Gates said.

 

What Makes for a Successful CEO Blog?

 

The best CEO blogs are authentic. They don’t just regurgitate press releases or quarterly results. They inject humanity and persona into the work that your company does and gives you a visible, recognizable brand. Here are some other elements of a successful CEO blog:

 

  • Personalization to a point. This is not the place to talk about your son’s high school graduation. However, personalization is important. Instead, offer glimpses behind the curtain about why and how decisions were made or what you see as key issues or opportunities in the industry.
  • Design matters. You want your blog to be easily readable, especially on mobile devices.
  • Onmichannel. Content is valuable … and you and your marketing team should strategize about how to get the most out of what you provide. Longer blog posts can be followed up by other content — written by you or others — that points back to your hub information. Posts should be teased or delivered via multiple social media platforms. Depending on your business, that may include LinkedIn, YouTube, Facebook, Instagram or Twitter.
  • No jargon. Inside baseball is cool, but not when no one can understand what you’re writing. If you’re going to use jargon, be sure that it commonly used within your industry. Otherwise, you could alienate existing and potential customers.
  • Focus on customers. All of your blog content should have a singular focus: What do our customers need? Whether it’s product information, industry news or company information, be sure that it is written to help customers solve problems. Ideally, those problems are those your company is uniquely qualified to address.
  • Use humor … if it’s funny. Humor is a lot harder to write than you would think. Written words cannot easily express tone, pace and intent. Humor adds a personal element to your writing, but it has to be done with care and strategically.

 

Where Can I Find Good Examples of CEO Blogs?

 

Looking for inspiration for your own blog? There are plenty of sources of great CEO blogs and leadership blogs from which to take inspiration. Here are a few examples to review:

CEO blogging can have a deep impact on internal and external messaging. With a clear understanding of goals and tips, your blog will be ready to be published.

Happy Father’s Day!

Posted on by Elevate Services Group

June 16th is Father’s Day, a great reason to spend a little quality time with the family doing a few of Dad’s favorite things.

Whatever your plans are, take some time this Sunday to let Dad know how much you appreciate everything he’s done for you over the years, and how glad you are to have him in your life.

And if this is your day? The {company} team hopes that it’s a great one!

Happy Fathers Day

How Much Should A Small Business Spend On Information Technology?

Posted on by Elevate Services Group

 

 

For small businesses, information technology spending is always a balancing act. On the one hand, you need to keep to your budget to maintain financial stability and weather the unexpected. On the other hand, you are well aware of the constant tech advances happening all around you and the last thing you want is to be left behind by the competition. So, how do you determine your IT spending? The answer is, “It depends.”

 

Spending on IT technology needs to be based on your unique business needs. While it can be helpful to know what the average spending is for businesses, particularly businesses similar to yours in your industry, duplicating what another company does will not necessarily yield optimal results. You have a limited budget. You need to make it count. Doing so requires carefully examining your business, your options, and most importantly, your company objectives. Only when you know where you are and where you want to go can you determine exactly what you need to spend on IT.

 

What is Everyone Else Spending on IT?

 

Just because you need to define your own path does not mean you should ignore what everyone else is doing. It can be a helpful starting point to examine how much other small businesses are spending on technology. According to one study, the average spending on IT across all industries was 3.28 percent. The average came from considering a wide range of industries, with the lowest spender being construction at less than 2 percent and the biggest spender being banking and securities at 7 percent.

 

A study focusing on industry alone does not give a clear idea of what small businesses are spending, though. Other studies that looked at the size of the business found that small and mid-sized businesses actually spent more on IT as a percentage of their revenue than large businesses. Small businesses spend around 6.9% of their revenue on information technology, while midsized businesses spend around 4.1% of their revenue on IT. For large companies, the percentage drops to 3.2%. The smaller percentage spent by larger companies is often the result of scale—they put so much money into IT that they get better rates, perform the work in-house, etc.

 

How to Decide What You Should Spend on IT

 

The best way to choose how much to spend on IT is to ask targeted questions designed to paint a clearer picture of what your IT needs actually are. These questions should include:

 

What are you spending on IT right now?

 

Every business needs an IT budget, regardless of size. If you don’t have an IT budget, now is the time to make one. To see how much you have been spending on IT, add up your expenditures on information technology over the past year.

 

What are your business goals?

 

With so many options available, it is normal to feel a little overwhelmed when you consider information technology. Clarifying your business goals gives you perspective on your IT needs. Your IT expenditures should help you achieve specific business objectives. If the money you are spending on IT is not helping you achieve those objectives in a measurable way, it can likely be better spent elsewhere—either on different IT tools or on other areas of your business.

 

How is your current IT spending related to your business goals?

 

Each IT area that you invest money in, can and should be connected to your business objectives. Go through all of your information technology spending and verify that it is doing something for your business. If it is not working for you it is time to make some changes.

 

What specific IT spending can improve your ability to achieve your objectives?

 

There are specific areas in IT that offer leverage for your industry. You will need to identify what these are and determine how they fit into your overall strategy. Collaboration, security, data collection, marketing—what tech are you fairly certain will make a substantial impact if you add it to your business?

 

In what ways can you delegate or outsource the IT budgeting process?

 

If you are like most owners or managers, you have limited bandwidth that is already mostly consumed by running your business. Assessing your IT needs and embarking on a path to meet those needs will take time, energy and expertise. Consider who you can get to help with this process, whether internally or externally.

Are you interested in learning more about your IT options? If so, please contact our managed IT services team. We can help you clarify your IT needs.

How to Install Microsoft Launcher on Android Devices

Posted on by Elevate Services Group

 

If you haven’t looked lately at what Microsoft’s mobile offerings, it’s time to look again. Microsoft’s first forays into the iOS and Android mobile spaces (circa 2010) were underwhelming to say the least, but in recent years the company has turned things around in an impressive fashion. One of these recent developments, Microsoft Launcher, is an immensely powerful tool and an Android exclusive. We’ll review what Microsoft Launcher is and then walk you through the installation and setup process on your Android device.

 

 

What Is Microsoft Launcher?

 

Microsoft Launcher is an app available on the Google Play store, but it doesn’t operate in the way most apps do. In the Android ecosystem, launchers are essentially replacement interfaces for your home screen. When you select a launcher besides the default one that comes with your phone, you gain access to whatever functionality is built into that launcher.

 

I’m an iPhone User and I’m Confused

 

It’s OK; we understand. There’s not really any parallel to this on iOS. Android phones offer far more customization on the home screen than iPhones do. It’s a difference in philosophy: Android users who customize effectively benefit from a polished, streamlined home screen. Those who don’t end up with a mess. Apple prevents both extremes by providing their own polished home screen and limiting what users can modify.

 

What Microsoft Launcher Can Do

 

Microsoft Launcher gives you system-level integration with your Microsoft accounts. This is powerful stuff if your business is using Microsoft 365. Integrate your contacts, calendar, documents, and more at the system level. Once installed, swipe right for deep Microsoft interactions, or swipe two fingers down to access Launcher settings.

 

How to Install Microsoft Launcher

 

To install and configure Microsoft Launcher, first download the app from the Google Play store. Next, choose Microsoft Launcher as your new home screen. In most versions of Android you’ll tap the square soft key from the home screen to bring up a “select launcher” pane. If that doesn’t work, try opening the app from your “all apps” menu.

 

When you choose Microsoft Launcher as your new launcher, you’ll get a system warning about setting the app as default. Click OK.

 

What Just Happened?

 

When you clicked OK, your home screen changed, perhaps drastically. Congratulations, you’re now running Microsoft Launcher! Customize your home screen with your favorite apps (Microsoft apps encouraged, of course), and be sure to sign in to your Microsoft account in settings.

 

Swipe Right

 

When running Microsoft Launcher as your home screen, you can swipe right for all sorts of Microsoft interactions. See your calendar, task list, and recent OneDrive documents. You can interact with these here, and changes will update across all your devices. You can even send a photo directly to your PC, similar to Apple’s Airdrop feature.

 

Conclusion

 

Microsoft Launcher is a powerful tool for Android users who use Microsoft 365 at work. We recommend downloading right away!

What Technology Should Small Law Firms Choose

Posted on by Elevate Services Group

 

It is questionable whether there is any industry today that has not been forced to adopt new technology to remain competitive. But for small law firms, the need to utilize technology appropriately is necessary for more than just competitiveness—it is actually being increasingly pushed by jurisdiction. In just the past few years, the ABA Model Rule 1.1 went through revisions so that the rule now states that attorneys need to maintain a certain level of competence with technology, and 36 states have adopted the revised comment to Rule 1.1.

 

 

With technology competency becoming a standard for practicing attorneys, it is clear that every law firm needs to do what it can to incorporate technology into their practice. What this adoption will mean may vary somewhat from firm to firm, but the general push should be to meet the standards of the industry in all possible areas. For many firms, that will mean making some changes.

 

Technology for Small Law Firms—What You Need to Know

 

Where you and your firm sit on the technology spectrum may be far different from another attorney or another firm. You may have already taken significant steps to incorporate technology tools into your operation. You may have been doing things the same way for decades and only be interested in making the minimal changes to comply with changing professional expectations. Or, you may be somewhere in the middle. The following tips are meant to serve as a starting point on how to identify where changes need to be made and to make those changes as efficiently as possible.

 

Set aside time for research and the adoption of new technology.

 

For most lawyers, time is at a premium. Between courting new clients, keeping up with legal changes, researching cases, preparing and filing documents, traveling and doing all the other things required for you to run your firm, you are probably quite pressed for free time. However, you are also adept at measuring the workload of new projects and making time for those projects—which means you have the ability and aptitude to make technical changes to your firm. You just need to remain aware of what you are getting into and set a pace that fits with your circumstances.

 

If you do not want to do all of the work yourself, you can also delegate or outsource it. Whether you assign duties to employees, hire an IT services company familiar known for servicing law firms, or both, you can accomplish a lot when you share the workload.

 

Learn what it means to be technically proficient as a law firm.

 

You may already have clear ideas about the changes you need to make. But if you aren’t, consider doing some research on legal tech today. There are books available that discuss legal tech for small firms and there are plenty of websites that do the same. Educate yourself on what a technologically savvy firm looks like today so you can see where your firm is lacking and where you should aim to be moving forward.

 

Areas to research include:

 

  • Document management
  • Time and billing software
  • Legal practice management software
  • Collaboration tools
  • Security technology
  • Mobile technology
  • Potential technology certifications available

 

Conduct an assessment of the technology your firm uses.

 

Once you have an idea of what the expectations for legal technology use are in today’s environment, you can conduct an assessment of your firm to see where you are and what changes you need to make. Identify what technology you currently use for various tasks, determine what changes need to be made, if any, and then make a plan to facilitate those changes.

 

Prioritize technology adoption.

 

Ideally, you could make all the changes you need to make simultaneously. But if you do not have the time, resources, or assistance to make all those changes possible right now, you will need to prioritize which are most important. Your priorities will be based on the specific goals of your firm. For example, e-filing is becoming an industry standard for law firms. If you are still using mostly paper, moving into an e-filing system will probably be a big priority. That may mean purchasing a scanner to digitize your existing documents, as well as implementing an e-filing system for your firm to use moving forward.

 

Consider Partnering With A Managed IT Services Company.

 

Most small firms do not have the resources to employ a dedicated IT department. Managed IT services offer a way to take advantage of technical proficiency and skill sets as you need them—like when you need to do a technology overhaul on your firm. You can get the assistance you need from professionals so you can focus on running your firm.

 

If you would like more information about managed IT services for your solo practice or small law firm, please contact us.

Critical Update From The NSA

Posted on by Elevate Services Group

The NSA Is Urging To Patch Remote Desktop Services On Legacy Versions of Windows

 

The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats. Recent warnings by Microsoft stressed the importance of installing patches to address a vulnerability in older versions of Windows.

 

 

Microsoft has warned that this flaw is potentially “wormable,” meaning it could spread without user interaction across the Internet. We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw.

 

CVE-2019-0708, dubbed “BlueKeep,” is a vulnerability in Remote Desktop Services (RDS) on legacy versions of the Windows® operating system. The following versions of Windows® are affected:

 

  • Windows® XP
  • Windows® XP
  • Windows Server® 2003
  • Windows® Vista
  • Windows Server® 2008
  • Windows® 7
  • Windows Server® 2008 R2

 

What Is A Wormable Virus?

 

This means that the virus can get into your system without you doing anything like clicking a malicious link. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights without your knowledge.

 

Any future malware that uses this vulnerability could propagate from one vulnerable computer to another. This is how similar malware like WannaCry spread around the world. Experts are worried that this flaw could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

 

Another Problem

 

Although Microsoft has issued a patch, potentially millions of machines are still vulnerable. This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability.

 

For example, the vulnerability could be exploited to conduct denial of service attacks. It is likely only a matter of time before remote exploitation tools are widely available for this vulnerability.

 

NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.

 

What Should You Do?

 

Microsoft has released a critical update for their Remote Desktop Services that impacts multiple Windows versions. The patches are for devices and systems that are both in and out-of-support, which is rare for Microsoft to do. This shows the importance of these patches.

 

The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. To apply the patches, go to the Microsoft Security Update Guide for in-support systems and KB4500705 for out-of-support systems.

 

Microsoft recommends that customers running one of these operating systems download and install the update as soon as possible.

 

Does This Mean Even Systems Without Support Can Get The Patch?

 

Yes, Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. This means that you wouldn’t have received any security updates to protect your systems from the CVE-2019-0708 virus.

 

Given the potential impact to customers and their businesses, Microsoft decided to make security updates available for platforms that are no longer in mainstream support. All Windows updates are available from the Microsoft Update Catalog.

 

What Should You Do Before We Apply The Update?

 

It’s recommended that you back up all of your important data first. If you have a reliable backup, and if the patch creates problems, you can still access your data. You should do this before you install any patches.

 

What If You Can’t Apply The Patches?

 

If you can’t apply the patch for your system there are other things that you can do:

 

  • If you don’t need the Remote Desktop Services, you can disable it.
  • Block the TCP port 3389 (this prevents unauthorized requests from the Internet).
  • Enable NLA (Network Level Authentication) for Windows 7 and Windows Server 2008.

 

Of course, the best thing to do is to contact us. We’ll know exactly what to do.

 

What Else Should You Know?

 

If you had updated from Windows 7 to Windows 10 or from Windows servers 2008/2008 R2 to Windows 2016 or 2019, you wouldn’t need to worry. This is why it’s essential to keep your systems up to date.

 

Soon, on January 14, 2020, support will come to an end for all Windows Server 2008, 2008 R2 equipment and the Windows 7 operating system.

If you’re still using these servers or operating system, it’s crucial to replace them now so that there’s no disruption to your daily operations or loss of data.

Any hardware or software product that reaches its end of life is a potential gateway for hackers to enter through. In addition to the security hazard, there are other reasons why it isn’t a good idea to keep using old equipment such as unresolvable outages.