• +32 9 277 90 00
  • info@itaf.eu
  • Mo - Fr: 9 AM - 6 PM
  • Dutch
  • French

Microsoft Teams vs Slack – Which is better?

Right now, there are two popular messaging app choices: Microsoft Teams and Slack. Both tools offer the same solution, which is smoother communication for teams. Due to the similarities between the two, it can be challenging to gauge the better fit.

However, there are real differences between the platforms, and the decision of which to adopt is important. With the right communication tool, you can improve how you collaborate. The wrong tool can complicate your processes and set you back.
Now, the comparison between Slack and Microsoft Teams isn’t even, but overall here’s how they stack up and where each platform shines.

UX And Display

Slack and Microsoft Teams look similar design-wise. Each has a panel on the left-hand side with channels, where users have conversations. You get basic one-line messaging. You can add emojis to messages, share files, and make audio and video calls.
There is one feature that offers a different experience: the search.

Slack has a less robust feature. Any user can tell you it’s difficult to find what you’re seeking with the search. If you need to go back to a conversation or find a file, you need to know what words or phrasing were used. Otherwise, it stays buried.

With Microsoft Teams, users can search by a question, user, topic, or meeting. You can also add subject lines to posts, which helps with finding conversations later.

Security

Here are some of the key areas of concern and how each messaging app addresses them:
Sensitive data leakage – the same collaborative benefits that employees love from these apps can be a major headache for security and compliance teams. Preventing data leakage is a must have when controlling risk with Slack and Teams.
• Slack – Slack offers no built-in data leakage prevention capabilities for identifying and controlling access or sharing of sensitive data.
• Teams – While Microsoft Office 365 offers some rudimentary data leakage prevention capabilities, the jury is still out on whether these capabilities will make their way into Teams.
• Advantage – Neither. Organizations in regulated industries will need to look outside of Slack or Teams if they wish to detect and protect sensitive data from leakage.

Account compromise – leveraging identity best practices, including single sign-on and multifactor authentication is a must have for any enterprise cloud application.
• Slack – Slack supports two factor authentication natively, and SAML SSO can be enabled for “Plus” accounts for integration with a third party identity system such as a CASB or an IDaaS. Unfortunately, Slack also has a checkered past with respect to their ability to protect customer account data.
• Teams – Microsoft offers similar capabilities including two factor authentication and SSO via AD or SAML.
• Advantage – Microsoft Teams.

Data encryption in-transit and at-rest – encryption, properly implemented, can allow an organization to use cloud apps while maintaining the security of a locked down, premises environment.
• Slack – Slack states that all data is encrypted at-rest and in-transit using, “the latest recommended cipher suites and protocols.” While that’s a little vague for our taste, we’ll count it – partially. The challenge for enterprises is that this encryption (and the corresponding keys) is fully controlled by Slack, not by the enterprise.
• Teams – As with Slack, Microsoft has promised data-at-rest and in-transit encryption for Teams. Unfortunately, this scheme suffers from the same limitations as Slack’s approach to encryption
• Advantage – Neither. Enterprises concerned about data-at-rest protection should look to third party security technologies like CASBs.

External users – collaboration with external business partners can be a dangerous proposition if left unchecked. Getting a handle on who can join these messaging applications is critical to preventing data leakage.
• Slack – allows external users, but those users can only be added by Team Owners and Administrators, providing centralized control over third party access.
• Teams – Microsoft doesn’t allow any external users to access Teams, for now. It’s highly likely that this is a short-term limitation that the Microsoft development team is already working on.
• Advantage – Microsoft (until they catch-up on this feature and lose the advantage).

Third party apps & integrations – great for users, a nightmare for admins – third party apps allow users to create new integrations at the click of a button, often without IT intervention.
• Slack – Slack boasts a directory of more than 750 integrated applications.
• Teams – Microsoft claims more than 150 external connectors at launch, with many more to come.
• Advantage – Neither. In both cases, it’s easy to connect potentially insecure apps with broad permissions that create uncertainty around control.

Support

Both Slack and Microsoft Teams have strong customer support teams and online support centers. With Slack, you can contact the team over email, live chat, or phone. There’s also a robust customer support center.

Still, Microsoft Teams has them beat. With Microsoft Teams, you can take live, online instructor-led classes. There are specific videos and content for onboarding, such as how to build channels and teams. You can also use their interactive guide. Overall, Microsoft backs Microsoft Teams, so you’re going to experience a higher quality of support.

The Best Communication App For Your Team

In our experience, if you need a more robust, secure communication app, Microsoft Teams is a good choice. And if you have Microsoft’s Office 365 productivity suite, you can use Microsoft Teams for free. However, Microsoft Teams still isn’t a perfect tool and won’t solve all of your communication problems.

Even with Microsoft Teams, you’re going to experience friction from shallow conversations and one-line messaging. And until now, teams have had to deal with that. It’s often just the nature of working remotely.

But, what if you could make remote work feel and operate like you’re working together in-house?

Microsoft Teams as a part of Microsoft 365

ITAF supports the concept of modern and digital workplace and helps you set up the Microsoft 365 tools in the right way, provide your organization with high-standard innovative approach in building your modern IT ecosystem.

Contact ITAF for professional support.

The Malware of the Future – Independent and Adaptable

Ask most people to tell you what Artificial Intelligence (AI) is and you’ll likely get a blank stare or a stammered answer about computers beating Russian expert chess players.

The truth is that AI covers a lot of different topics and can mean a lot of different things in a lot of different industries, everything from nailing down which type of customer to market a new brand, to pinning down a possible early diagnosis for an ER visit without talking to a person, to a self-driving car figuring out the best route possible for a cross-country trip while the family reads together or watching a movie.

AI in malicious software, also known as malware, is a more frightening thought. It does not act like Skynet from “The Terminator” of HAL from “2001: A Space Odyssey”, but it does have some troubling tendencies that can make it harder to predict, harder to identify, and harder to stop. This has cybersecurity experts on high alert.

What is AI-driven Malware?

This type of malware plays by its normal rules, but the AI allows it to infect computers at a faster rate and make the attacks more efficient. “Dumb” malware deploys the same type of attack every time in every situation while its AI-powered can assess things about the system it is attacking. Whether or not it has antispyware software, if it has connections to other networks like the cloud, and can read keystrokes to try to pull passwords and usernames out of the memory banks.

What Are its Capabilities?

AI-driven malware can do as much as its programmers equip it to. One example would be a worm with a limited memory capacity that could “remember” what actions it takes that trigger anti-spyware software on a computer. It could use this memory to figure out how to stop performing that action and trying a different route to infect more devices.

Going Independent

The closest thing a piece of malware could be to the scary AI you so often see in movies is the power to operate independently. Normally then AI is deployed it is not alone in the job. There is usually a “command and control” server somewhere that the AI is reporting back to. This allows a hacker to see what the malware has discovered in a system and direct it to perform certain commands accordingly. The problem for the hacker happens when that link back to the command center is discovered and the police come knocking on the door. But an independent piece of malware doesn’t need direction from an outside source. It can “think” for itself by making decisions based on what it observes inside your system. If there is no strong antivirus software, the AI-powered malware will understand that is has pretty much free reign to do what it wants to. At this stage it can also move forward to infiltrate your email contact list, your personal information, even keystrokes from the last time you logged onto your bank account.

How can ITAF help you?

If you need help with protecting your business and your brand, Contact ITAF. Our experienced security experts can help you with installing and maintaining some of the most effective protection against any security risks, training your employees and helping to defend your business from the lasting effects of hacking attacks.

Sixth generation (Gen 6) of Cyber attacks

As the cyber attack vectors are ever-evolving, it is becoming increasingly challenging for companies and individuals to protect themselves from the dangers lurking in the digital landscape.

Recent research carried out by security researchers has concluded that most companies operating these days are lacking the basic cyber defenses and those which have are only capable of combating with 3rd generation of cyber-attacks while the demand now is for 6th generation.

Now to those who are unaware of the “Generation” difference of cyber-attacks and here’s the timeline:

Generation 1 – Started in the 1980s, the Generation 1 Cyber Attacks had hackers spreading the virus to PCs and workstations via Floppy disks. And this led to the invention of signature-based anti-virus solutions- with first being probably from Norton.

Generation 2 – In the Mid 90s/ cyber attacks on networks paved way to the next generation of attack evolution which made companies introduce firewalls to secure the perimeters of IT infrastructures from cyber crooks.

Generation 3 – This generation of cyber attacks was witnessed at the start of the 20th century where attackers started to focus their exploitation on industrial applications- which paved the way to hackers to see cyber-crime as a business. Botnets were being used to send out spam paving way for companies to introduce Intrusion Prevention Systems (IPS).

Generation 4 – Rise of targeted attacks began in 2010 where governments around the world started to use cyber tools as weapons for mass destruction. And this led to the introduction of Behavioral Analysis solutions.

Generation 5 – The year 2016 witnessed the emergence of multi-vector attacks which were mostly state-sponsored and thus had the potential to destruct at a greater note.

Generation 6 cyber attacks – In the evolution timeline of cyber attacks, the Gen 6 attacks happen to be most destructive as hackers are devised with tools to attack everything and anything digital. Also, in the coming days i.e. after the introduction of the 5G network, attacks on IoT might increase at an alarming rate which will pave way for complex security requirements.

How can ITAF help you?

If you need help with protecting your business and your brand, Contact ITAF. Our experienced security experts can help you with installing and maintaining some of the most effective protection against any security risks, training your employees and helping to defend your business from the lasting effects of hacking attacks.

Launch of our new website – ITAF.eu enterprise edition

It’s here! We’re announcing the launch of our newly 2020 redesigned website! With you in our mind, new ITAF.eu provides an easier navigation through our portfolio & our information is just a click away: the latest trends & products, our history, contact & expertise: accessible within a glance!

Highlights – What’s new?

Services (itaf.eu/services)

 

ITAF Services

Supporting more than 1,500 customers every day means that we have a portfolio with more than 100 services related to various ICT demands. Therefore, we have structured portfolio in category groups with dedicated landing pages oriented to the specific products services. These services are related to the ICT infrastructure, Microsoft products implementation, IT security hacks, cloud and hosting solutions, ICT field services and proper hardware equipment. In this way our website users can now tell what we do and how we can help theirs businesses with any ICT related support and concept.

Categories:

Microsoft Services
IT Support Services
IT infrastructure & Telephony
Cloud & Hosting
Security Services
ICT Field Services
Hardware & Software
Modern Workplace

Blog

 

ITAF Blog

When speaking about latest trends and products’ releases, but also implementation tips useful for any-sized enterprise, new blog page has introduced 7 categories, each gathering specific blog posts within. Whether it’s about business applications, or complete ICT infrastructure valuable info, ITAF blog is a place to find some answers, stay tuned and up-to-date with latest industry info.

Contact pages

 

ITAF Contact

Even though remote control and ICT support management is our expertise, we strive to localize our business if any on-site intervention for regional customers is needed, by being present in administrative centers supported by ITAF’s ICT service centers. Each of our 9 locations – 7 in Belgium and 2 in Serbia – have a dedicated landing page and clarified contact details which can easily help anybody to find a nearest service center and to contact us directly in few ways – via website, phone or on-site.

ICT Service Centers and Offices:

IT Support Ghent
IT Support Brussels
IT Support Antwerp
IT Support Roeselare
IT Support Turnhout
IT Support Leuven
IT Support Oud-Heverlee
IT Support Belgrade
IT Support Novi Sad

ITAF – Modern Workplace Partner

 

Modern Workplace

In a step with digital transformation and power BI tools led by our experts, ITAF is continuing to grow as a modern workplace partner, giving a speed to the market by implementing and optimizing ICT infrastructures with best of breed tools and platforms.

Dynamics 365 Business Central – the Best ERP Solution for Startups

When you are consolidating a business project, choosing the best ERP for startups can be the key to success of the business. One of the most important decisions you need to make is abandoning Excel, hand written books or basic accounting software and take the plunge and buy a product that integrates all areas of your business. In these entrepeneurial projects, there is usually the preconceived idea that all of the processes of the business can be carried out manually by one person or a small team. However, it is difficult to know the growth rate that the business may have, and getting more customers means more administrative work that can be difficult for team members to undertake over time without the tools that enable them to do it.

ERP of New Generation

Thanks to the advantages offered by the cloud and the packetization of services, the new generation of ERP on the cloud can reach small and medium sized businesses in different sectors who can now benefit from all of the potential of the core of Dynamics NAV in the third generation of Microsoft ERPs: Dynamics 365 Business Central.

Bear in mind that, the more willing you are to adapt your business processes to the product standard, the less expensive the implementation will be and the faster you will be able to start to work with your new ERP.

The Best ERP for Startups

The main objective of an ERP is to help companies with their daily business processes. Although startups are typically small businesses, this doesn’t mean they should opt-out of using an ERP. An ERP for startups can be beneficial in the sense that it contributes to creating good business practices and surviving in the world of business. Below, we are going to try and analyse why Dynamics 365 Business Central is the most suitable ERP for startups.

Regulate Your Monthly Costs with Dynamics 365 BC

Business Central is a SaaS product (Software as a Service), so you can regulate on a monthly basis how many product licenses you need and therefore scale costs each month depending on the finance forecast. This enables you to scale your expenses and be more flexible in your day to day work.

Without Investment in Infrastructures

Most startups don’t have the necessary IT resources to be able to implement, manage and maintain an ERP on their own servers. Business Central is stored on the cloud and, therefore, you don’t have to invest or maintain hardware infrastructures.

Furthermore, in terms of the rumours as to whether the cloud is secure or not, we believe that the cloud is more secure than most local solutions. Why? Part of the answer rests on the regulations that have been established to guarantee cloud security. Most of the implementations on local servers are not independently audited or certified, so it is difficult to evaluate the state they are in.

Organic Growth of Your Business

Business central adapts to your growth rate. You can start with the basic features which enable you to carry out your day to day work, with the confidence of knowing that, when you grow, all of the features of the product will be there for you, without increasing the price of the license.

In addition, so you can work more comfortably, you can adapt each user’s work area, so you only give them the direct accesses to their tasks, and therefore avoid them having all of the features offered by an ERP and they will be more productive.

Update Without Cost

Dynamics 365 Business Central is committed to launching updates every 6 months and the positive thing is that you will be able to enjoy all of the developments automatically and without your licence increasing in price. If you want to work with an ERP for startups which is in constant development and always has up to date features, this is your chance.

Increase Your Productivity

Being productive is important for all businesses, regardless of the number of employees. However, for a business who wants to make an impact, being productive can be the key to success of the business. Business Central will help you to organise your data, avoid duplicating data and simplify complicated tasks so you can centre your efforts on making your business project grow. In addition, being stored on the cloud, you will be able to access the data from your ERP from anywhere and from any device and continue working, even when you’re not in the office.

We must not forget to mention the integration possibilities that exist between Business Central and Office 365. You will be able to carry out a large number of tasks relating to the management of your business easily and quickly without leaving your email, and you will be able to update data directly from Excel, amongst other options.

Analyse Your Results

Dynamics 365 Business Central incorporates the Dynamics NAVanalysis by dimensions which enables you to analyse your company’s data. You will be able to decide on what lines you want to analyse the results of your business. For example, if you have more than one office, you may be interested in analysing results by delegation or by type of service, by department, etc.

Microsoft Dynamics 365 Business Central Support for Your Business

Whether you are starting your business from zero, or you want to upgrade by cutting the costs and growing the potentials with a best of breed ERP solution, ITAF consultants will help and support your business with implementation the Dynamics 365 Business Central. Contact us now and we will be glad to support your beginnings and upgrade the predefined infrastructures.

Benefits and Advantages of Cloud Computing

Cloud computing is a term used to describe the use of hardware and software delivered via network (usually the Internet). The term comes from the use of cloud shaped symbol that represents abstraction of rather complex infrastructure that enables the work of software, hardware, computation and remote services.Cloud computing is computing based on the internet.

Throughout the years, people would run applications or programs from software downloaded on a physical computer or server in their building. Cloud computing allows people access to the same kinds of applications through the internet.

Cloud computing is based on the premise that the main computing takes place on a machine, often remote, that is not the one currently being used. Data collected during this process is stored and processed by remote servers (also called cloud servers). This means the device accessing the cloud doesn’t need to work as hard. By hosting software, platforms, and databases remotely, the cloud servers free up the memory and computing power of individual computers. Users can securely access cloud services using credentials received from the cloud computing provider.

Why Cloud Computing

Here’s a list of key benefits an enterprise can expect to achieve when adopting cloud infrastructure.

1. Efficiency and/or Cost Reduction

By using cloud infrastructure, you don’t have to spend huge amounts of money on purchasing and maintaing equipment. This drastically reduces costs. You don’t have to invest in hardware, facilities, utilities, or building out a large data center to grow your business. You do not even need large IT teams to handle your cloud data center operations, as you can enjoy the expertise of your cloud provider’s or ICT partner staff.
Cloud also reduces costs related to downtime. Since downtime is rare in cloud systems, this means you don’t have to spend time and money on fixing potential issues related to downtime.

2. Data security

One of the major concerns of every business, regardless of size and industry, is the security of its data. Data breaches and other cybercrimes can devastate a company’s revenue, customer loyalty and brand positioning.

Cloud offers many advanced security features that guarantee that data is securely stored and handled.

Cloud storage providers implement baseline protections for their platforms and the data they process, such authentication, access control, and encryption. From there, most enterprises supplement these protections with added security measures of their own to boost cloud data protection and tighten access to sensitive information in the cloud.

3. Scalability

Different companies have different IT needs – a large enterprise of 500+ employees won’t have the same IT requirements as a start-up. Using cloud is a great solution because it enables enterprise to efficiently scale up/down their IT departments, according to business demands.

Cloud based solutions are ideal for businesses with growing or fluctuating bandwidth demands. If your business demands increase, you can easily increase your cloud capacity without having to invest in physical infrastructure. This level of agility can give businesses using cloud computing a real advantage over competitors.
This scalability minimizes the risks associated with in-house operational issues and maintenance. You have high-performance resources at your disposal with professional solutions and zero up-front investment. Scalability is probably the greatest advantage of the cloud.

4. Mobility

Cloud computing allows mobile access to corporate data via smartphones and devices, which is a great way to ensure that no one is ever left out of the loop. Staff with busy schedules, or who live a long way away from the corporate office, can use this feature to keep instantly up-to-date with clients and coworkers.
Resources in the cloud can be easily stored, retrieved, recovered, or processed with just a couple of clicks. Users can get access to their works on-the-go, 24/7, via any devices of their choice, in any corner of the world as long as you stay connected to the internet. On top of that, all the upgrades and updates are done automatically, off-sight by the service providers. This saves time and team effort in maintaining the systems, tremendously reducing the IT team workloads.

5. Disaster recovery

Data loss is a major concern for all organizations, along with data security. Storing your data in the cloud guarantees that data is always available, even if your equipment like laptops or PC’s, is damaged. Cloud-based services provide quick data recovery for all kinds of emergency scenarios – from natural disasters to power outages.

Cloud infrastructure can also help you with loss prevention. If you rely on traditional on-premises approach, all your data will be stored locally, on office computers. Despite your best efforts, computers can malfunction from various reasons — from malware and viruses, to age-related hardware deterioration, to simple user error.

But, if you upload your data to the cloud, it remains accessible for any computer with an internet connection, even if something happens to your work computer.

6. Control

Having control over sensitive data is vital to any company. You never know what can happen if a document gets into the wrong hands, even if it’s just the hands of an untrained employee.

Cloud enables you complete visibility and control over your data. You can easily decide which users have what level of access to what data. This gives you control, but it also streamlines work since staff will easily know what documents are assigned to them. It will also increase and ease collaboration. Since one version of the document can be worked on by different people, and there’s no need to have copies of the same document in circulation.

7. Competitive edge and how to migrate to the Cloud?

Not every company will migrate to the cloud, at least not yet. However, organizations which adopt cloud find that many benefits that cloud offers positively impacts their business. Cloud adoption increases every year, since companies realize that it offers them access to world-class enterprise technology. Therefore, ITAF created a custom cloud solution ready to respond to any necessities. Let our cloud specialists help you choose the right solution between private or public cloud for your business.

Contact ITAF for more information.

6 Important Steps in Implementing the Windows Server

Everyone knows that an out-of-the-box Windows server may not have all the necessary security measures in place to go right into production, although Microsoft has been improving the default configuration in every server version. Specific best practices differ depending on need, but addressing these six steps before subjecting a server to the internet will protect against the most common exploits. Many of these are standard recommendations that apply to servers of any flavor, while some are Windows specific, delving into some of the ways you can tighten up the Microsoft server platform.

1. User Configuration and Network Configuration

Modern Windows Server editions force you to do this, but make sure the password for the local Administrator account is reset to something secure. Furthermore, disable the local administrator whenever possible. There are very few scenarios where this account is required and because it’s a popular target for attack, it should be disabled altogether to prevent it from being exploited. With that account out of the way, you need to set up an admin account to use. You can either add an appropriate domain account, if your server is a member of an Active Directory (AD), or create a new local account and put it in the administrators group.
Don’t forget to protect your passwords. Use a strong password policy to make sure accounts on the server can’t be compromised. If your server is a member of AD, the password policy will be set at the domain level in the Default Domain Policy. Stand alone servers can be set in the local policy editor. Either way, a good password policy will at least establish the following:

  • Complexity and length requirements – how strong the password must be
  • Password expiration – how long the password is valid
  • Password history – how long until previous passwords can be reused
  • Account lockout – how many failed password attempts before the account is suspended

1.1 Windows Server Network Configuration

Production servers should have a static IP so clients can reliably find them. This IP should be in a protected segment, behind a firewall. Configure at least two DNS servers for redundancy and double check name resolution using nslookup from the command prompt. Ensure the server has a valid A record in DNS with the name you want, as well as a PTR record for reverse lookups. Note that it may take several hours for DNS changes to propagate across the internet, so production addresses should be established well before a go live window. Finally, disable any network services the server won’t be using, such as IPv6. This depends on your environment and any changes here should be well-tested before going into production.

2. Windows Features, Roles Configuration and Update Installation

Microsoft uses roles and features to manage OS packages. Roles are basically a collection of features designed for a specific purpose, so generally roles can be chosen if the server fits one, and then the features can be customized from there. Two equally important things to do are 1) make sure everything you need is installed (f.e. NET framework version or IIS); without the right pieces your applications won’t work. 2) Uninstall everything you don’t need. Extraneous packages unnecessarily extend the attack surface of the server and should be removed whenever possible. Servers should be designed with necessity in mind and stripped lean to make the necessary parts function as smoothly and quickly as possible.

2.1 Update Installation of Windows Server

The best way to keep your server secure is to keep it up to date. This doesn’t necessarily mean living on the cutting edge and applying updates as soon as they are released with little to no testing, but simply having a process to ensure updates do get applied within a reasonable window.
There are different kinds of updates: patches tend to address a single vulnerability; roll-ups are a group of packages that address several, perhaps related vulnerability, and service packs are updates to a wide range of vulnerabilities, comprised of dozens or hundreds of individual patches. Keep in mind that the version of the OS is a type of update too, and using years-old server versions puts you well behind the security curve. If your production schedule allows it, you should configure automatic updates on your server. It’s much more dangerous, however, to leave a production system unpatched than to automatically update it, at least for critical patches. If at all possible, the updates should be staggered, so test environments receive them a week or so earlier, giving teams a chance to observe their behavior.

3. NTP Configuration and Firewall Configuration

A time difference of merely 5 minutes will completely break Windows logons and various other functions that rely on kerberos security. Servers that are domain members will automatically have their time synched with a domain controller upon joining the domain, but stand alone servers need to have NTP set up to sync to an external source so the clock remains accurate.

3.1 Firewall Configuration on Windows Server

If you’re building a web server, for example, you’re only going to want web ports (80 and 443) open to that server from the internet. If the server has other functions such as remote desktop (RDP) for management, they should only be available over a VPN connection, ensuring that unauthorized people can’t exploit the port at will from the net.
The Windows Server firewall is a decent built-in software firewall that allows configuration of port-based traffic from within the OS. On a stand alone server, or any server without a hardware firewall in front of it, the Windows Server firewall will at least provide some protection against network based attacks by limiting the attack surface to the allowed ports.

4. Remote Access and Service Configuration

As mentioned, if you use RDP (Remote Desktop Platform), be sure it is only accessible via VPN. Leaving it open to the internet doesn’t guarantee you’ll get hacked, but it does offer potential hackers another inroad into your server. Make sure RDP is only accessible by authorized users. By default, all administrators can use RDP once it is enabled on the server. Additional people can join the Remote Desktop Users group for access without becoming administrators.
In addition to RDP, various other remote access mechanisms such as Powershell and SSH should be carefully locked down if used and made accessible only within a VPN environment.

4.1 Service Configuration on Windows Server

Windows server has a set of default services that start automatically and run in the background. Many of these are required for the OS to function, but some are not and should be disabled if not in use. Following the same logic as the firewall, we want to minimize the attack surface of the server by disabling everything other than primary functionality. Older versions of MS server have more unneeded services than newer, so carefully check any 2008 or 2003 (!) servers.
Finally, every service runs in the security context of a specific user. For default Windows services, this is often as the Local System, Local Service or Network Service accounts. This configuration may work most of the time, but for application and user services, best practice dictates setting up service specific accounts, either locally or in AD, to handle these services with the minimum amount of access necessary. This keeps malicious actors who have compromised an application from extending that compromise into other areas of the server or domain.

5. Further Hardening

Microsoft provides best practices analyzers based on role and server version that can help you further harden your systems by scanning and making recommendations – server security patching. Although User Account Control (UAC) will prevent applications from running as you without your consent. This prevents malware from running in the background and malicious websites from launching installers or other code. Leave UAC on whenever possible.
The tips in this guide help secure the Windows operating system, but every application you run should be hardened as well. Common Microsoft server applications such as MSSQL and Exchange have specific security mechanisms that can help protect them against attacks like ransomware, be sure to research and tweak each application for maximum resilience. If you’re building a web server, you can also follow our hardening guide to improve its internet facing security.

6. Logging and Monitoring

Finally, you need to make sure that your logs and monitoring are configured and capturing the data you want so that in the event of a problem, you can quickly find what you need and remediate it. Logging works differently depending on whether your server is part of a domain. Domain logons are processed by domain controllers, and as such, they have the audit logs for that activity, not the local system. Stand alone servers will have security audits available and can be configured to show passes and/or failures.
Log defaults are almost always far too small to monitor complex production applications. As such, disk space should be allocated during server builds for logging, especially for applications like MS Exchange. Logs should be backed up – link to back up and disaster recovery landing according to your organization’s retention policies and then cleared to make room for more current events. Consider a centralized log management solution if handling logs individually on servers gets overwhelming. Like a syslog server in the Linux world, a centralized event viewer for Windows servers can help speed up troubleshooting and remediation times for medium to large environments.

6.1 Monitoring

Whether you use the built-in Windows performance monitor, or a third party solution that uses a client or SNMP to gather data, you need to be gathering performance info on every server. Things like available disk space, processor and memory use, network activity and even temperature should be constantly analyzed and recorded so anomalies can be easily identified and dealt with.

Windows Server Setup and How Can ITAF Help You?

Each one of these steps can take some time to implement, especially if you are doing this for the first time. But by establishing a routine of initial server configuration and infrastructure, you can ensure that new machines in your environment will be resilient. For any query related to your server-to-server communication setup, please contact us and we will be glad to help you.

IT Support Engineer

Job description

Would you like to be part of an internationally oriented company? Are you interested in Windows, Linux and Mac environments? Do you like new challenges and customer requests every day? Then you are at the right place at ITAF!

As an IT Support Engineer you visit our customers in the Flemish Brabant region (Leuven-Brussels). You work from Leuven or Zaventem yourself depending on where you need to be that day.

The following items are part of your duties:

– install network equipment, servers and VOIP equipment in which you work closely with an English-language back office
– onsite help the customer with IT matters for which he / she is requesting assistance
– provide remote support from the office
– keep track of the equipment being delivered
– prepare quotes for client equipment (printers, PCs, laptops)
– go to data centers in Antwerp and Brussels to add hardware
– …

No lack of variety!

You have a healthy work ethic so that you are also available outside office hours to offer our customers the best service.

Profile

General Requirements:

1) You have a thorough basic knowledge of various aspects within IT:
– Hardware
– System administration
– Networking (in a LAN) (DNS, DHCP, IP and subnetting)
– Operating systems (Windows, OSX, iOS, Android, Linux)

2) With the above basic knowledge you are able to (on different operating systems):
– Troubleshooting to be performed on client devices
– Set up mail clients
– VPN configurable
– Attach file shares
– Change hardware in client devices
– Help troubleshoot network incidents
– Install new hardware (small NAS, Printers, PCs)
– Help with server installations

3) You have knowledge of/or know the following:
– pfSense
– Mac / Apple
– Cisco
– Ubuntu Linux
– Zimbra
– Office 365
– PBX / VoIP

4) You are a team player who can independently look for a solution if an incident occurs, but can escalate on time and clearly if necessary. You communicate smoothly with customers and colleagues to solve problems as quickly as possible. You are eager to learn and your drive ensures that you want to achieve the best solutions for our customers.

Offer

We offer you the opportunity to work in a young and dynamic team where you work closely with an English-language back office.

We also offer you an attractive salary, mobile phone, laptop and a company car. On top of that there are the extra-legal benefits such as meal vouchers, group insurance and hospitalization insurance!

How do you apply for this position?

Send your CV and motivation letter to katrien.boon@itaf.eu

Internal Project Manager

Location: Belgrade – Novi Sad

We are looking for a bright and smart administrative co-worker who will join our ITAF team as Internal Project Manager: you will be supporting ITAF in various fiels: office management (7 office at the moment & counting…), business improvements, marketing, internal ICT improvements, …

Do you have a nose for performing the job on time & do you have an eye for detail? Are you a good communicator & do you like working in team? Are you interested in a wide range of tasks & challenges in different domains?

Then keep on reading!

So, you:

– have a bachelor’s or master’s degree Business Administration / Finance / Economics or related field
– are very analytical, detail oriented and dispose of a strong sense for logical thinking
– able to distinguish essential from non-essential
– are a true team player
– have excellent communication skills
– are good in English, both written and spoken (this is a must, you will communicate and read/write documentation in English)
– are able to prioritize & work with short deadlines
– are a fast learner with the ability to solve problems effectively & correctly
– have an pretty good command of MS office applications (Word, Excel and Powerpoint)

Job description:

– You don’t need to have IT knowledge, but a passion for IT understanding is an asset!
– Internal projects are always the first to be, put aside if a customer request comes in, so being flexible & effectively communicative is an absolute must for this position.
– Supporting & leading internal projects in various domains eg. office improvements, marketing projects
– Assisting senior colleagues with a wide range of professional challenges
– Contacting colleagues and suppliers when required

What can we offer you?

– A compensation package depending on your experience and skills
– An attractive position in an international and dynamic company
– An opportunity to grow in proportion with your skill set, motivation and ownership that you take
– A modern and cozy working place with positive and friendly atmosphere

How to apply for this function?

Please send your CV and motivation to apply for this job on the email: katrien.boon@itaf.eu

Scroll Up