Over time, you may wonder if your value for money is paying off when it comes to managed IT services.  Does it work?  Does it make sense?  ION Technology Group would like to share this customer’s story with you.  And yes, this story is true.

Preface

A customer contacted ION Technology Group to inquire about the range of services offered.  During their conversation with the customer, they heard a very familiar story and that was, “We’re not sure if anything is wrong with what our current technology provider is doing for us, but we have a gut feeling that something isn’t right with the network.

The Discovery Process

During ION Technology Group’s review, they found a lot great things taking place, a few items that needed some attention and a few more misconfigured services that appeared to be more severe; however, more testing would be required.  Given the authority and approval for an ethical penetration test (pentest), they performed the testing without any passwords or user names.  The discovery process was completed and the findings compiled for presentation to the customer the following day.

The Results

ION Technology Group found multiple public addresses owned by the customer that were responding to public requests.  Furthermore, they were able to log into the customer’s on premise email server, hijack the owner’s email account and further send emails on behalf of the owner to several key personnel within the business.

They also found open ports for the Remote Desktop Protocol (RDP) and were able to circumvent unpatched systems and take control of several servers and workstations.  A theme to the problems was slowing unfolding and that was a lack of proper configuration and computer maintenance.

Lastly, they were able to seize the accounting server and take ownership of the accounting system.  They had control over key services within the network and had this not been an approved ethical pentest and had been a team of bad guys/gals, this would have been a devastating event for the customer.  So much that ION Technology Group demonstrated what actions nefarious persons might have done with this level of access to include hiding in plain sight.

The Corrections

In all cases noted above, ION Technology Group shut down outside access to all systems and reconfigured the services along with some new equipment and software to broker the connections.  Once reconfigured, they performed the same types of tests in the presence of the customer.  The re-tests showed that with the proper configuration, equipment, computer maintenance and services in place, the customer can still perform the same tasks they were performing and that the network was now secure from outside attacks and potential hijack.

What is Happening Today?

Ion Technology Group is providing managed IT services to all server level equipment and has been since 2011.  There has been one network outage in seven years due to the failure of a server motherboard.  The replacement part was installed the following morning (Saturday) and by 10:30am, the business was back to 100%.  It is 2018 and time for the customer’s Agreement renewal.  When the Agreement was presented and the discussions started, the customer stated, “Your services have paid for themselves 10-fold.”  “Where do I sign?”  There was no discussion; rather, an acknowledgement of the diligent work that has been performed year after year.

At ION Technology Group in Voorhees, NJ, your business matters. If you have the itchy feeling that something is not quite right with your network, they will help. From 24/7 Remote Monitoring and Management support to computer repairs, they will correct any technology situation presented. Visit their website for more information, or call (856) 719-1818.