CIO Solutions' New Look

CIO Solutions’ New Look

/in

Exciting News: CIO Solutions’ New Look

We’re excited to present our updated visual identity, featuring a modern logo and refreshed colors that reflect our evolution and enthusiasm for the future.

A Fresh Coat: Why A Brand Refresh

CIO Solutions has seen significant growth and transformation over the past several years. It was time to reassess our identity, celebrate our journey, and align our brand with our future direction.

This update mirrors our dedication to growth as we continually enhance our capabilities and seek new ways to better serve our customers in the evolving business technology landscape. We’re excited to embark on the next chapter with our incredible employees and valued clients under our refreshed look.

What’s New?

On the outside:

  • Updated Logo & Colors: Our refreshed logo and color palette capture our team’s friendly, creative, and innovative energy as well as the reliability, stability, and professionalism that define us.

On the inside:

  • Mission: We empower businesses with technology services that simplify operations, strengthen security, and enhance productivity—backed by lasting partnerships built on collaboration, strategy, and genuine human connection. 
  • Vision: To be the most trusted strategic technology partner in our communities, setting the standard for excellence and transforming technology into a powerful driver of business success.  
  • Values (remain the same): Camaraderie; Trust; Quad Win; Enhance Everything, Empower Everyone; Always Invest, Never Spend; Embrace Growth; Be Proactive; Resourceful Tenacity.   
  • Tagline: Proven Technology. Real Relationships.  

 

You’ll see our refreshed branding across our communications, materials, and website!

Employee Spotlight: Micah Ulrick

Employee Spotlight: Micah Ulrick

/in ,

Employee Spotlight: Micah Ulrick

Get to know Micah Ulrick, a key member of the CIO Solutions team for nearly three years! Micah is a vCIO, or Virtual Chief Information Officer, in the San Luis Obispo office. As a vCIO, he acts as a C-Suite consultant for clients, advising them on long-term strategy, security, technology budgeting, and road mapping. He and the other vCIOs form our Strategic Client Services team.

Micah attended college in Seattle (the PNW!) where he initially studied Biology/Pre-Med before switching to Business Marketing. After college, his love of cooking led him to spend a few years working for Relay Restaurant Group under Chef Rachel Yang and Seif Chirchi at Joule in Seattle. His tech career began at a small e-commerce startup that grew into an Inc. 500 company, followed by nearly eight years at Xerox Corporation.

Originally from Vail, Colorado, Micah grew up in the Santa Ynez Valley. He currently lives in Grover Beach with his wife and their newborn baby boy. Micah is a self-proclaimed gearhead at heart and enjoys anything mechanical, from watches to cars to motorcycles. His hobbies don’t end there though! He also loves snowboarding, photography, and competitive shooting sports (USPSA, 3 Gun, Skeet, Olympic, and International Trap.) On weekends, you can usually find him detailing his cars or exploring the Beach Cities with his wife on their bikes.

Read on to learn more about Micah!

 

What would the title of your autobiography be?

How to Become Lucky and Make Friends

 

What has been your proudest moment at CIO Solutions?

Personally, I was honored as the Customer Success Champion in 2022 after just a year on the job. This is a peer-nominated award, given to employees for their commitment to client success and representing our “Quad Win” core value. But as a whole, I have never been as proud as watching our entire company come together for the “Great Blue Screen of Death Incident of 2024”.

 

What’s something most people don’t know about you?

I am an Eagle Scout

 

What’s the best advice you’ve ever heard?

Always go to the bathroom when you have a chance

 

What was the most unusual or interesting job you’ve had?

I worked in a Photo Lab before digital cameras were a thing. Specializing in 35mm, medium, and large format developing, printing, mounting, and matting.

 

If you could go back to any moment in time, when would it be?

April 19, 1775, at the Battles of Lexington and Concord for the “Shot Heard Round the World”

 

What’s the weirdest fact you know?

1 Calorie = 4.2 kilojoules. Therefore 1 joule=1/4.2 calorie. Which is equivalent to 0.24 calories.

 

What’s your favorite famous or inspirational quote?

“Comparison is the thief of Joy” -Theodore Roosevelt

 

What’s your favorite TV show? Why?

Top Gear/The Grand Tour. Apart from great hosts with wonderful chemistry. The cinematography and audio are brilliant with good 4k TV and Dolby Sound system.

 

What’s the weirdest food you’ve ever eaten? How was it?

I’m a pretty adventurous eater but I’d say Rocky Mountain Oysters (cow testicles). Surprisingly good, like a chicken nugget.

 

What could you give a 30-minute presentation on without any advance preparation?

Marksmanship

—————————————————————————————————————————————————————-

Bonus: What 3 words would you use to describe CIO Solutions?

Teamwork, Trust, and Empathy

 

We are proud of our team of skilled and friendly individuals. It’s a unique group of collaborators and innovators who share a common “can-do” mentality paired with a fondness for gifs and puns. 

Looking for opportunities to join our team? Visit our Careers page to see all open positions in our Santa Barbara, San Luis Obispo, and Fresno offices!

[vc_row][vc_column][vc_btn title=”Contact Us” style=”custom” custom_background=”#fa8c19″ custom_text=”#ffffff” shape=”square” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.ciosolutions.com%2Fcontact%2F|title:Contact”][/vc_column][/vc_row]

Why You Should Let Your IT Team Know When You’re Going Out of the Country

Why You Should Let Your IT Team Know When You’re Going Out of the Country

/in ,

Wish You Were Here: Why You Should Let Your IT Team Know When You’re Going Out of the Country

The Importance of Keeping Your Conditional Access Policies Current 

IN THIS ARTICLE: 

When planning a trip abroad, your to-do list is long. From personal tasks like setting up a cat-sitter and packing, to work-related ones like getting someone to cover key responsibilities and setting your out of office email autoreply.

Here’s another important item you may not have known about: Letting your IT team know where you’re going and when you’ll be back.

It’s not so we can live vicariously through you as you traverse a sunny beach in Bali. It’s so we can adjust your conditional access policies and keep your account as secure as possible!

Understanding Conditional Access

Conditional access is a security measure that uses criteria to limit login access to company resources. Josh Farlow, our Director of Cloud Services, explains, “These access policies are often applied to Microsoft applications. Your conditional access policy sets the conditions for who can access, and which authentication methods are required for logging in to your Microsoft 365 environment.”

One important condition is location. Josh adds, “Our default policy blocks authentication attempts outside the USA and Canada. For some companies, we include exceptions like Mexico if needed.”

Conditional Access: Location Restrictions

In this case, we’re focusing on the location parameter. Your IT team should have set approved locations as part of your access policy. For example, if you typically log in to your Microsoft 365 account from Central California, that would be the approved location that your account can be logged into from. If there is an attempted login with your credentials from anywhere outside of that area, the policy would flag that and block it. This disrupts a bad actor in, say, Uzbekistan, from accessing your account with stolen credentials.

However, if you’re going to be visiting family in Uzbekistan and need to log in to send a quick email while you’re there, your conditional access policy would prevent that. Notifying your IT team ahead of time lets them adjust the policy for smooth sailing while you’re away.

Think of it like back in the day when you had to call your credit card provider and let them know where you were traveling so your card would work in those countries without being blocked. Same idea!

Why Your IT Team Needs to Know About Travel Plans

Notifying your IT team of your international travel plans will enable them to adjust the conditional access policy appropriately for your temporary change of location. Not only will this prevent headaches and ensure smooth operations for you while you’re traveling, but it will also improve your security.

This information about your whereabouts empowers your IT provider to properly:

  • Maintain security protocols during your absence
  • Adjust conditional access settings to prevent authorized and unauthorized access
  • Proactively monitor and respond to suspicious activity

How to Notify Your IT Team

Before your trip abroad, give your IT team a call to let them know where and when you’re traveling. Once they verify your identity, they can adjust your policy temporarily to allow access from those locations should you need it.

If you’re a client of CIO Solutions, simply call into Support and let us know:

  • Where– Primary locations you’ll be traveling to
  • When– Dates you’ll be in the location(s) and when you’re returning

You can keep the “why” and “how” to yourself unless you really want to share the exciting trip you have coming up. Once we verify your identity, we’ll take it from there and you’re free to continue the rest of your trip preparations!

Adding this simple step of notifying your IT team when you’re going abroad means more security for your business and streamlined access for you. A win-win!

Are you a current client of CIO Solutions? Please feel free to reach out with any questions!

Not a client yet, but curious about maturing your IT solutions? Let’s talk!

Embracing Growth: Lessons From a Global IT Outage

/in ,

Embracing Growth: Lessons From a Global IT Outage

By Eric Egolf, CEO

We are a little over 1 week after the CrowdStrike-related incident and the chaos that ensued from it. There are many, many articles that have already been written about this incident, so I don’t want to spend too much time rehashing what’s already out there. But I do want to give a quick synopsis of the situation, share some of the lessons we at CIO Solutions learned, and highlight some of the conversations we are anticipating to see continuing to unfold in the industry.

An Overview of What Happened

At its core, the cause of the incident was simple. This was not an external threat or breach of any kind; it was a software update that CrowdStrike, a leading security software provider, released to their product. This was a specific kind of update- to a driver, not just the software. It’s common for security vendors to do updates like this so customers don’t have control over whether or not they choose to update; pushing an update through on the driver ensures it goes through to everyone and is usually done to keep customers secure.

This particular update involved a bad driver at the kernel level (the heart of what the Windows operating system uses). When the update went through it rendered the system unusable until it could have a manual intervention to roll the update back. The manual nature of the fix required, in many cases, hands on keyboards and IT personnel in front of computers, a key reason it took so long to resolve.

The fallout was huge. The disruption was widespread (estimated at around 8.5 million Microsoft devices) and globally impacted the operations of organizations. The cost of damages is in the billions.

An event like this has never been experienced before. I like to think in terms of what we can learn from it; the insights we at CIO Solutions can gain to enhance our response abilities, the advancements vendors might make from this experience, and the overall industry knowledge that will now shape future conversations.

What We Learned At CIO Solutions

I can tell you that our staff had no idea when they left work on Thursday evening what they would be in for soon. When the issue was detected, our teams were called back in for a 2-day long, round-the-clock sprint of high-octane, high-stress, high-stakes work. That was not an experience they would choose to relive.

As with any first-time event, we uncovered some areas for improvement. Most of these growth opportunities are in the areas of prioritization and documentation.

Given the circumstances, I believe we did a pretty good job prioritizing which systems to focus on first to effectively divide and conquer remediation work. But the prioritization metric was intuitive and reactive, making it more ad-hoc than it would’ve been if we had time to proactively and intentionally plan how to approach it.

Likewise, for an event of this scale, our normal help desk documentation system was not ideal. With thousands of tasks being added to the list and changing rapidly, there are likely other more robust ways we could explore to keep track of the work, progress, and accountability in an incident like this. With the experience of this unique scenario now under our belt, we can continue to explore and evaluate these learning opportunities.

Vendor & Industry Lessons

On a more macro level, there are a lot of lessons to be learned for vendors and the industry overall. One of which is how vendors empower IT Admins. Any vendor that is providing any level of software updates to systems, whether they’re in the security space or not, is going to need to re-think how they provide their IT Admins tools to control this.

Another thing we’ve seen time and time again is vendors who experience a devastating event and come back stronger as a result. Again, we’ve never seen anything at this scale, so the story will continue to play out in a unique way. Regardless, the vendors involved will be rethinking the checks and balances on their quality assurance processes. They will be forced to reexamine how they are testing updates before they go out as well as better ways to stagger updates.

Even broader, questions around secure third-party access will be part of the future conversation. As part of a 2009 EU Commission ruling, Microsoft allowed for interoperability provisions that effectively allowed third parties (in this case, CrowdStrike) access to the “kernel” level. This level of access means third-party security tools like CrowdStrike can affect Windows devices at a deeper operational level. The ability to access this level of Windows devices was a core piece of this perfect storm, and the reason that specifically Microsoft devices were impacted. It’s worth noting that Apple has no such access-level requirement in the EU and operates in a different ecosystem. Whatever this ends up looking like, there will likely be conversations around regulatory requirements, and an evolution in better more secure ways to ensure interoperability and grant third party access.

In Conclusion

The silver lining for us at CIO Solutions is that any team worth its salt comes together in adversity, and we truly got to see that in real-time. This experience connected our team even more and brought to the forefront for everyone a reminder of how agile, capable, and dedicated their colleagues are. This type of event has never been seen before and they worked together under pressure to create the playbook on the fly.  I have to give our team an A+ for teamwork, creativity, and tenacity.

As for how vendors will recover and what new processes and requirements we can expect to emerge in the industry, that’s still unclear at this point. What ultimately shakes out from this event, only time will tell. One thing is for sure, I think the industry overall will continue demanding discussions and answers around these core issues. Hopefully, we will see more solutions that will ensure that IT departments and service providers are given the controls they need, while at the same time ensuring that even mistakes by their own people internally don’t have the unchecked ability to cause such widespread havoc.

Staying Frosty: How to Keep Calm and Stay Alert Against Spoofing and Phishing

Staying Frosty: How to Keep Calm and Stay Alert Against Spoofing and Phishing

/in ,

Staying Frosty: How to Keep Calm and Stay Alert Against Spoofing and Phishing

By Micah Ulrick, vCIO

IN THIS ARTICLE: 

We’ve said it before, but I’ll say it again, cybersecurity is more critical than ever. As a vCIO, I advise my clients on cybersecurity daily. While ransomware, DoS (Denial of Service), and Brute Force attacks are still a thing, phishing and spoofing are still two of the most common and dangerous threats today. These are the primary causes of compromises.

The problem is there’s no magic bullet that will 100% protect you from these attacks. So, understanding these threats and how to identify them can make all the difference in protecting both you and your organization from significant harm.

Every time you venture into your inbox or out onto the web, remember these tips to stay frosty (a.k.a. cool and alert) against the dangers of phishing and spoofing.

Understanding Spoofing & Phishing: What You Need to Know

Spoofing is when a threat actor masquerades as a trustworthy company or contact by faking their email, caller ID number, or website. Spoofing is effective because it manipulates your confidence in well-known companies or acquaintances and relies on the human habit of quickly scanning messages and missing signs that it’s a fake.

Spoofing is typically used in phishing, a technique used by cybercriminals to trick you into willingly handing over sensitive information, such as passwords, credit card and banking information, or personal and corporate data. These attacks often come in the form of emails or texts that appear to be from legitimate sources, such as banks, vendors, or even colleagues.

In simple terms: spoofing is the faking of “who” you’re talking to, and phishing is “how” they engage with you to take action. Like actual ‘fishing’, they’re trying to hook you with deceptive bait so they can reel you in.

How to Spot Spoofing and Phishing Red Flags

Identifying Spoofs

Email Spoofing

Signs of Spoof: Inconsistencies like slight misspellings in email addresses, domain names, and display names, or emails that come from a different domain name than usual.

  • Always scrutinize email addresses, domain names, and display names.
  • Talk to your IT provider about adding an “external” banner to flag emails coming from outside your organization to enhance awareness.

Caller ID and Text Spoofing

Signs of Spoof: Unexpected calls or texts from both familiar and unfamiliar numbers claiming to be someone you know. Scammers can manipulate caller ID information to make calls or texts appear as though they are coming from a trusted contact or organization.  

  • Look out for links in text messages (don’t click them) 
  • Be wary of abnormal requests. 
  • If you receive an unexpected call or text from a colleague, stop engaging and re-initiate contact in person or using a verified number or communication source you can trust.

Website Spoofing

Signs of Spoof: Spoofed websites may look identical to legitimate ones but have different URLs. They may also be missing “HTTPS” in the URL. The security padlock symbol in the address bar of the browser may also be missing.

  • Always double-check the URL spelling.
  • Check the name for familiarity. For example, “https://your-company.com” versus “https://yourcompany.com”.
  • Look for HTTPS and the padlock symbol in the address bar. If these are missing it’s not a good sign.

Avoid Falling for Phishing

  • Scrutinize Sender Addresses: Always check the sender’s email address. Phishing emails are often spoofed and come from legitimate-sounding addresses. Look for those slight alterations in the domain name, display name, and sender address. For instance, an email from “support@closolutions.com” instead of “support@ciosolutions.com”. Did you catch the difference at first glance? That’s how subtle they are. Look closely!
  • Beware Generic Greetings: Be cautious of emails with generic greetings like “Dear Customer” instead of your name. This is usually an indication that it’s a mass email blasted to many recipients and is a warning sign that something’s not right.
  • Resist Being Rushed: Look out for “account closure” notices, “unauthorized transaction” warnings, “password update needed”, or phrases like “Your account will be locked in 24 hours” or “Immediate action required”. Phishing emails often try to rush you into a mistake by creating a sense of urgency. Take a breath, and if you’re concerned, log into the questionable account as usual (not from any links in the email) to make sure everything is as it should be.
  • Note Unusual Requests: If an email is requesting information such as passwords, social security numbers, or credit card details via email, especially out of the blue, it’s likely a phishing attempt. Remember that legitimate organizations will never ask for sensitive information like this via email. Put your antennae up for these and note the strangeness of the request.
  • Don’t Click That Link or Attachment: Hover your cursor over the link text to see the actual embedded URL destination before clicking. Opening your email on a phone? Avoid the risk altogether and go directly to the website instead of clicking on a link. Phishing links often present themselves as one thing but really lead to malicious URLs. Similarly, be wary of attachments, especially if you weren’t expecting them. When in doubt: Don’t. Click.

Advanced Threats to Be Aware Of

Now that we’ve covered the basics of phishing and spoofing, there are several advanced threats that pose significant risks. Understanding these can further enhance your cybersecurity posture.

Whale-Phishing Attacks: Watch Out, C-Suite

Whale-phishing, or whaling, targets high-profile C-Suite individuals such as CEOs or CFOs. These attacks are highly personalized and sophisticated, aiming to steal sensitive corporate information or execute fraudulent transactions. Due to the high stakes involved, whaling emails often appear very legitimate and may reference actual company projects or executives by name, or ask for a change in payroll accounts. Bad actors typically gather this data by compromising lower-level employees with the phishing and spoofing tactics above.

Spear-Phishing Attacks: We Know You. No Really.

Unlike regular phishing, which is sent to a broad audience, spear-phishing emails are targeted and customized to the recipient, making them harder to detect. Bad actors often use information gathered from social media (LinkedIn, Facebook, etc.) and other online sources to spoof effectively and build convincing requests. These typically flow from the top down. For example, a threat actor may gather information about a CEO and will impersonate them to request a wire transfer from someone on the Finance team at their company.

Man-in-the-Middle (MITM) Attacks: You’ve Got Company

In an MITM attack, a cybercriminal first gains access so they can then intercept communication between two parties, for example between an Accounts Receivable rep at one company and an Accounts Payable rep at another. Once the attacker has access, they then “lie in wait” and eavesdrop to steal data or interject themselves into the communication chain to ask for a change in bank routing and account information or payroll information to steal money.

This is often done by compromising someone’s email, but unsecured Wi-Fi networks are also a common culprit, letting an attacker intercept data transmitted between your device and the network.

Remember These Best Practices

  • Be Skeptical: Always question unsolicited emails and calls. If something seems off, it probably is.
  • Slow Down: Don’t rush to respond, and don’t impulsively click on unknown links or attachments.
  • Keep Learning (and pass it on): Cybercriminals constantly evolve their strategies, so staying up-to-date and informed is crucial. Share this information with colleagues and loved ones to create a network of aware and cautious individuals.
  • Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security, making it harder for attackers to gain access to your accounts. This typically involves a second form of verification in addition to your password, such as a code sent to your phone or an authenticator application. Enable this whenever possible!
  • Keep Software Updated: Regular updates patch fixes for identified security vulnerabilities, making it harder for cybercriminals to exploit your system. This includes operating systems, browsers, and any other software applications you use (even your phone and apps).
  • Report Suspicious Activity: If you receive a suspicious email or call or think you may have clicked on a sketchy link, report it to your IT department or service provider. Prompt reporting can prevent widespread damage and help authorities track and stop cybercriminals.

It’s up to everyone to stay informed and vigilant. The most important things you can take with you when you venture online every day are patience and suspicion. Don’t be trigger-happy with your clicks and responses, and take the time to look at emails, texts, and websites a bit closer. Trust little and verify when possible.

Stay safe, stay aware, and stay frosty out there.

 

An Additional Note For Business Leaders:

With compromises on the rise, Cyber Liability Insurance has become an essential part of protecting your business in the event of an attack. All companies, big and small, can benefit from Cyber Liability Insurance and we highly recommend acquiring it.

Did you know that CIO Solutions offers automated phishing awareness training and simulated user phishing campaigns? Reach out to your vCIO or Customer Success Manager to learn more about including Knowbe4 in your monthly service agreement at no additional cost!

Not a client yet? Contact us today to talk through your options for enhancing your IT management and security.

Employee Spotlight: Adam J. Fernandes

/in ,

Behind the Screens- Meet Adam Fernandes

Meet Adam, a versatile member of the CIO Solutions team! For the past 2 years, Adam has used his wealth of expertise to ensure smooth hardware deployments for our clients. As a Deployment Technician, he visits our clients’ offices and interacts with people at all levels of the organization to assist with any issues or questions they may face during these deployments. Adam’s commitment to helping our clients means he is always ready to go the extra mile to make a positive impact on their businesses and set them up for success.

Born and raised in San Luis Obispo, Adam holds an Associate’s degree in ‘Information Technology and Network Systems’ from Laurus College, and he landed his first IT job while still in school.

His creative passions extend well beyond the technical realm. Adam is also a screenwriter with over 70 screenplays to his name. He also worked as a chef for 15 years, plays guitar, and is an avid photographer (or as he puts it, “takes way too many photos”).

Read on to learn more about Adam!

 

What has been your proudest moment at CIO?

Professionally, being asked to be on the DOT (Deployments Team) on my first week.

Company-wise, winning both prizes in my first CIOBrew-Off with Tech-Tonic.

 

If you could go back to any moment in time, when would it be?

Prohibition-era New York. Sights, sounds, smells, and speakeasies.

 

Would you rather be the funniest or smartest person in the room? Why?

Funniest, because laughter brings people together.

 

What’s the weirdest fact you know?

The ‘Pizza Planet’ truck from Toy Story has appeared in every single Pixar film.

 

What’s your favorite famous or inspirational quote?

‘All men dream: but not equally. Those who dream by night in the dusty recesses of their minds wake up in the day to find it was vanity, but the dreamers of the day are dangerous men, for they may act their dreams with open eyes, to make it possible.’ – Thomas Edward Lawrence, aka ‘Lawrence of Arabia’

 

If you could learn to do anything, what would it be?

Fly a plane.

 

What’s something you’re planning on doing in the next year that you’ve never done?

Hopefully, visiting a country or a place I’ve never been to before.

 

What do you pretend to hate but actually love?

I don’t ‘pretend’ to hate things, but there are several rom-coms I love that might be surprising.

 

What could you give a 30-minute presentation on without any advance preparation?

Screenwriting.

 

If your life were a movie, who would play you?

John Cusack, my doppelganger.

 

—————————————————————————————————————————————————————-

Bonus: What 3 words would you use to describe CIO Solutions?

Empowering, Camaraderie, Hilarious

 

We are proud of our team of skilled and friendly individuals. It’s a unique group of collaborators and innovators who share a common “can-do” mentality paired with a fondness for gifs and puns. 

Looking for opportunities to join our team? Visit our Meet the Team page to see all open positions in our Santa Barbara, San Luis Obispo, and Fresno offices!

 

Email Authentication Protocols to Protect Your Business

Email Authentication Protocols to Protect Your Business

/in , ,

Email Authentication Protocols to Protect Your Business

By Peter Summers, vCIO

IN THIS ARTICLE: 

Email is an essential tool for businesses and individuals alike, making it a prime target for cybercriminals. Protecting your business against email-based attacks goes beyond having the latest threat detection tools and educating your users not to click on suspicious links.

Here are a few more technical email security measures, including DKIM, DMARC, and SPF, that organizations need to implement to cover their foundational bases.

Email Authentication Protocols: DKIM, DMARC, and SPF

DKIM, or DomainKeys Identified Mail

This is a protocol that enables email recipients to verify that an email is really from the sender it says it’s from and that it hasn’t been tampered with or modified during transit. DKIM works by adding a digital signature to the header of an email message when it’s sent. That signature is then verified by your email provider using a public key published in the DNS (Domain Name Server) records for the domain. If it’s checked and found to be a valid signature, the email is in fact from the sender it claims to be from and hasn’t been tampered with.

SPF, or Sender Policy Framework

SPF is an email authentication protocol that enables domain owners to specify which IP addresses are authorized to send emails on their behalf.

For this protocol, the domain owner publishes a list of authorized IP addresses in the DNS records for the domain. Email providers can use this information to confirm that emails claiming to be sent from this domain are truly coming from the approved list of IP addresses.

DMARC, or Domain-Based Message Authentication, Reporting, and Conformance

This protocol builds on DKIM and SPF by providing a way for domain owners to declare their email authentication policies and receive reports on how their emails are being handled by email providers. Giving domain owners this ability to keep an eye on their email traffic and detect unauthorized use of their domains can be incredibly useful for helping to prevent phishing and other kinds of email-based attacks.

A Dynamic Trio

DKIM, DMARC, and SPF work together behind the scenes to provide a more powerful defense against email-based attacks. Increasing the ability of email recipients to verify the authenticity of incoming email messages alone is a huge security improvement. Pair that with the ability for domain owners to specify the use of their domain name, monitor their email traffic, and detect and block unauthorized use of their domain name, and these protocols can help prevent phishing, spoofing, and other types of email fraud.

These protocols are more on the complex technical side, and they require careful planning and configuration. Be sure to work with experienced email security experts to set them up correctly and get your organization more protected against email-based security threats.

Already a client of CIO Solutions? Reach out to your vCIO to discuss DKIM, DMARC, and SPF and where it fits in your email security plan!

Not a client yet, but curious about learning how to boost your organization’s security posture? Let’s talk about your options!

Employee Spotlight: Fernando Rivera

/in ,

Behind the Screens- Meet Fernando Rivera

Let’s introduce you to Fernando Rivera, who has been an integral part of the team at CIO Solutions for 16 years. Fernando works out of our Costa Rica office, where he leads a team of talented and dedicated IT professionals while also performing his duties as a security solutions engineer.

Fernando lives between two of the nicest provinces in Costa Rica, Alajuela and Heredia, where he spends time with his girlfriend and his dog and enjoying the coolest sunsets. He is a fan of TV shows and series, playing video games, and taking care of his fish tanks (a self-proclaimed obsession). He started with a small tank (10 gallons) and has since moved up to a whopping 100-gallon one! Fernando’s love of nature doesn’t stop at his fish tank- he’s a nature fanatic and loves animal photography. It’s an advantage that his girlfriend owns a travel agency! He invites all to visit Costa Rica and experience the beautiful nature and diverse animals.

In his role as a security solutions engineer and Costa Rica team lead, Fernando has a lot of responsibilities. He and his team help protect our clients’ data and systems from cyber threats through cybersecurity solutions, patch management, and antivirus solutions. As a team lead, he guides, instructs, and directs his team in delivering the highest-quality service possible. Fernando recognizes the fundamental importance of embracing growth and keeping an eye on the changes in the technological world to keep our clients safe and happy. Over the years, he has earned several certifications and credentials, such as CompTIA A+, Network +, CrowdStrike Falcon Platform Technical Fundamentals, Sophos Certified Engineer, Webroot Endpoint Technical Certification, Windows 10 Technical Fundamentals, Watchguard Firmware Essential Certification, and Web Designer University.

Read on to learn more about Fernando!

 

What has been your proudest moment at CIO?

When I had the opportunity to visit and meet my coworkers in San Luis Obispo.

 

How would your family or friends describe you in three words?

Smart, trustworthy, and helpful

 

Who is your hero? Why?

I don’t have one hero. I have heroes: My family

 

What’s the best advice you’ve ever heard?

Whatever you can do, give your 100%

 

If you could go back to any moment in time, when would it be?

College, because at my college we got the opportunity to work in a company to get a better understanding of what life really looks like for someone in that job. I got all my best knowledge during college.

 

If you could learn to do anything, what would it be?

Digital animation for movie projects

 

If you could have an unlimited supply of one thing, what would it be?

Water, I think is the most valuable natural thing we have and we need it in everything

 

What’s something you’re planning on doing in the next year that you’ve never done?

I am planning to visit one of the seven wonders of the world (Machupichu – Perú)

 

If you could have any superpower, what would it be?

Eldritch Magic used by Masters of the Mystical Arts (Dr. Stephen Vincent Strange – Marvel Comics)

 

What could you give a 30-minute presentation on without any advance preparation?

How to maintain a fish tank with good conditions

 

—————————————————————————————————————————————————————-

Bonus: What 3 words would you use to describe CIO Solutions?

Leadership, Innovative, Competitive

 

We are proud of our team of skilled and friendly individuals. It’s a unique group of collaborators and innovators who share a common “can-do” mentality paired with a fondness for gifs and puns. 

Looking for opportunities to join our team? Visit our Careers page to see all open positions in our Santa Barbara, San Luis Obispo, and Fresno offices!

[vc_row][vc_column][vc_btn title=”Contact Us” style=”custom” custom_background=”#fa8c19″ custom_text=”#ffffff” shape=”square” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.ciosolutions.com%2Fcontact%2F|title:Contact”][/vc_column][/vc_row]

Employee Spotlight: Billy Godfrey

/in ,

Behind the Screens- Meet Billy Godfrey

Billy Godfrey is a long-time member of CIO Solutions, celebrating 10 years with us as of this month! He is the supervisor of one of the Support Department’s Dedicated Client Teams (team Helios, to be exact). These Dedicated Client Teams are just that- dedicated to a specific set of clients so they develop a deep understanding of their unique environments, needs, and preferences when a complex support issue comes up and needs a deeper dive. As Billy says, “making the client happy is what it’s all about!” 

Billy has a fascinating personal story. He was born in Oklahoma and moved to Ocean City, New Jersey, then Virginia Beach, Virginia, where he graduated from James Madison University. He then moved to Santa Barbara, California, where he lived for about eight years. He met his wife way back in seventh grade, and they were married in the Bahamas, celebrating with about 80 of their guests on a beautiful island called Elbow Cay. They now have three children: two boys, ages four and two, and a girl who just turned six months.

Two years ago, Billy and his family moved to Naples, Florida, where they have a little over an acre of land for their kids to run wild. He loves spending time with people. In the past, that meant hanging out with friends, but now it’s all about family and watching his kids grow up. 

Read on to learn more about Billy!

 

What would the title of your autobiography be?

If you are not having fun, it is not worth it

 

What has been your proudest moment at CIO?

Winning HDI Southern California Support Technician of the Year Award

 

What’s something most people don’t know about you?

I have driven cross-country 17 times and LOVE IT!

 

How would your family or friends describe you in three words?

Fun, easygoing, and full of energy

 

What’s the best advice you’ve ever heard?

“When life gets you down, you know what you gotta do? Just keep swimming.” – Dory

 

What was the most unusual or interesting job you’ve had?

Working at a gas station when I was 12 years old. Get paid under the table to pretty much stock the cold drinks and make coffee. I would also get to take home any non-sold Krispy Kreme donuts at the end of the day.

 

If you could go back to any moment in time, when would it be?

My wedding week in the Bahamas.

 

Would you rather be the funniest or smartest person in the room? Why?

Funniest – fun people have more fun.

 

What’s your favorite famous or inspirational quote?

If you are not having fun, it is not worth it – Billy Godfrey (this was also my Senior year quote in High School)

 

If you could learn to do anything, what would it be?

Be creative. This is why I married my wife – opposites attract.

 

What’s something you’re planning on doing in the next year that you’ve never done?

Maybe getting chickens

 

What do you pretend to hate but actually love?

Drama shows – like reality TV

 

What’s your favorite TV show? Why?

Seinfeld – there is a little bit of everything in that show!

 

What’s the weirdest food you’ve ever eaten? How was it?

I am a pretty picky eater so not sure I have even tried anything weird.

 

If you could have any superpower, what would it be?

I think flying but really any would be cool.

 

What could you give a 30-minute presentation on without any advance preparation?

Almost anything – I like talking even if I don’t know what I am talking about.

 

If your life were a movie, who would play you?

Jim Carrey

 

—————————————————————————————————————————————————————-

Bonus: What 3 words would you use to describe CIO Solutions?

Fun, exciting, family-like

 

We are proud of our team of skilled and friendly individuals. It’s a unique group of collaborators and innovators who share a common “can-do” mentality paired with a fondness for gifs and puns. 

Looking for opportunities to join our team? Visit our Careers page to see all open positions in our Santa Barbara, San Luis Obispo, and Fresno offices!

[vc_row][vc_column][vc_btn title=”Contact Us” style=”custom” custom_background=”#fa8c19″ custom_text=”#ffffff” shape=”square” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.ciosolutions.com%2Fcontact%2F|title:Contact”][/vc_column][/vc_row]

Fast and Furious: Here Comes The ‘New Teams’

/in ,

Fast and Furious: Here Comes The ‘New Teams’

By Josh Farlow, Director of Cloud Services

IN THIS ARTICLE: 

You have probably seen the Microsoft banners and pop-ups talking about New Teams a lot lately. So much so, that it has become something we click past and forget about. But did you know that Microsoft has set a deadline to switch all users over to the New Teams? And that date is coming up quickly.  

Starting in July, the Classic version of Teams will not be an option any longer. In this article, we’ll talk about some of the technical reasons for this shift, the new features of New Teams, and on a business level, what this mandatory change means for your planning (both immediate and in the future). 

A Foundational Shift for Better Performance 

Who doesn’t want better performance? That is really the name of the game with New Teams. The Classic version of Teams was based on Electron and was much harder to maintain, update, and develop because of the custom nature of the product. This also meant the performance was lackluster, with no roadmap to improve further. The only option was for Microsoft to scrap it entirely and start from scratch. 

Enter WebView2.  

Microsoft Edge WebView2 is a control platform that allows developers to embed web technologies such as HTML, CSS, and JavaScript in their native applications. It uses the Microsoft Edge browser as its rendering engine to display web content in applications. This means developers can write code for a website or web app, and then reuse that web code in their Windows application, saving time and effort. Sounds awesome, right?  

What all this means is New Teams will run faster, use fewer resources, and can be updated rapidly so new features and security patches can be applied sooner. New Teams is just the start; Microsoft is rolling out this platform across all apps. We will talk about that in the future, but the short story is that as this is rolled out, both the native apps (the one you open on a desktop) and the web apps will look the same and have the same features 

Security Developments in This New Model 

Since New Teams is built on an entirely new platform, that allowed Microsoft to rethink the strength of security within the code. Additionally, the deployment method used for New Teams is MSIX. This allows admins to push this out via Intune, as well as deploy it in a standard Windows Environment. When apps are deployed using MSIX, the location of the app install is invisible to the user, which ultimately provides better protection against attacks that would try to alter the installation. 

New Compatibility Requirements that Change the Legacy Game 

With the move to WebView2, the standardization across platforms (Web, Windows Native, MacOS, Citrix) will finally give us feature parity across platforms, not mixed experiences between each one.  

This is where Microsoft is drawing the line: the New Teams will NOT be supported on Server 2016 or Windows 10 LTSC or older.  

What this means: users who are running these versions (or older) will not be able to use the New Teams app. This could be a huge headache, especially considering how many businesses rely on Teams. 

However, there are a few directions to go. 

Immediate Solution: Run New Teams on the Web 

This may sound clunky, but if you recall from above, all platforms are the same experience with New Teams. The Web version is the same as the app version.  

Once the deadline hits, Classic Teams will not open or function. Users will be automatically redirected to use the Web version, so they will simply run New Teams from their browser instead. This is the message users will receive:

Long-Term Solutions: Consider This in Your Planning 

As you can see, Microsoft’s move to New Teams is more than a refresh of a product, a game changer in architecture, design, and performance for not only this app, but the whole ecosystem moving forward. These changes will continue to create a ripple effect for customers, especially ones on an older operating system. 

If you’ve been considering a server upgrade, or are thinking about what’s next for your cloud environment, here are some options to consider:  

Upgrade to Server OS 2022 

What better time to upgrade than now? Whether you’re running your own servers on-premises or using a private cloud solution (like the CIO Private Cloud*), if your infrastructure relies on Server 2016 or older, a server upgrade may be the best next move for you.  

*Despite Server 2022 having been around for a couple of years, it has finally reached the stage of maturity to now make it a viable standard platform for our CIO Private Cloud Desktop. Please reach out to your vCIO to discuss your current server year and explore server upgrade options.

Evaluate the Next Wave of Cloud Solutions 

  • VDI (Virtual Desktop Infrastructure) is a cloud desktop model recently made available within the managed services space. This infrastructure design is a shift from the classic Server Operating System model to a per-user Windows 11 Desktop Operating System one. It offers many productivity and performance benefits beyond just being compatible with New Teams. A solution like this could solve some of your business’s current challenges and pave the way for future advancements.

Interested in learning more about VDI? Reach out to your vCIO for a demo. It’s very impressive and I highly recommend taking a look!

  • Modern Office – Serverless architecture is a newer model of cloud computing that relies on Software as a Service (SaaS) solutions (primarily Microsoft 365), and the individual user’s workstation. This model would offer a great path forward as Microsoft continues to roll out this new architecture for the M365 suite, however, it requires careful consideration. This model is only a fit for specific business cases, so be sure to talk with your IT provider in depth before making a switch! 

Check out our on-demand webinar about CIO’s next-generation Cloud Desktop (VDI) and Modern Office [here]!  

Embracing the New Teams 

I hope this helps shed some light on what these seemingly random pop-ups and banners are about the “New Teams”. Now you know, this is more than just a new look, it really is a whole new Teams, especially under the hood.  

Knowing more about this now, it may seem like a big inconvenience is on the horizon. In some ways that’s true, but luckily there are options, both temporary and in the long run, to prepare your business to continue to adapt with the always-changing world of productivity solutions.  

Are you a current client of CIO Solutions? Please feel free to reach out with any questions or concerns! We look forward to helping everyone with this transition.

Not a client yet? Let’s explore your options!