Network Security and Buddy Referrals Don’t Usually Mix

24 January 2022

Network Security and Buddy Referrals - Blog Graphic

Ring! Ring!

 

Me: I.T. Department, this is Daniel.  How can I help you? 

Caller: Hey, Dan.  It’s me, Terry? At Acme Reliable?  I need your help, like now.  Are you available? 

Me: Hello, Terry.  Sure, I’ve got some time, before my next remote session.  What can I help you with? 

Terry: You know I’ve got these machines you do not support? 

Me:  Right.  The ones you don’t want to pay for me to assist with. 

Terry: Yeah, splitting hairs, there.  Anyway, I have to update the control computers for these machines.  The support guys sent me new drivers, license files, and programs to install.  But, they will not install.  The antivirus program won’t let them start, I think. 

Me: As I recall, those machines are running Webroot, still.  Has that changed? 

Terry: No.  I have not taken it off of these machines, but I am about to.  These guys are telling me the software won’t run, because you have my network all effed up.  And I want it fixed. 

Me: Interesting.  Now, just to make sure I understand this, correctly … This is the machine that we changed so it would not be able to access the internet?  And we did that because when their software auto-updated, it would crash?  And when it crashed, they would charge you how much money to fix it? 

Terry: Yeah.   It that one. 

Me: And their support staff are telling you I have your network all messed up?  While you are seeing the software they are trying to install on your device is triggering anti-virus and other security alerts? 

Terry:   Uhm.   Uh … Yeah.  What does that mean?   Can I TRUST these guys?  I mean they did ask for admin access to the servers. 

Me: The computer controlling that equipment is not on the domain.  They have no need to access the servers. 

Terry: and what about the firewall? 

Me: Should not have any need there, either. 

Terry: OK.  Something is not right, here.   

Me: I’m beginning to think the same thing.  Disconnect your firewall from the internet.  Power off the modem.  Power off your servers.  I will be by, in the morning.  First step will be to export the current config, then roll the firewall back to last week’s config.  A comparison will show if they made any changes and what those changes were.   Then we will check the servers. 

Terry: But, I did not give them the admin password to the servers.   

Me: So?  Does not mean they did not mess with something they did have access to.  Who are these guys?  Are they the support staff of the manufacturer? 

Terry: No. They are a 3rd party support contractor.   A buddy in Cleveland referred me to them.  

Me: I see.  OK.   It is very possible I am over reacting to this.  But I would rather over react and be wrong than be right and not do enough to check out the situation. 

Terry:  Right.  Can you come by, tonight?  I know it’s after hours, already, but … ? 

Me: Given the circumstances, I will see what I can do about coming by, tonight.  It will be after 9, most likely.   I have a couple of remote session already scheduled. 

Terry: OK.  Thanks, Dan.  See you about 9, then.  Call, so I can let you in. 

Lesson Learned

We like to trust the referrals our friends and family give us, especially in the name of saving a few bucks. I get it, as business owners we all become penny pinchers to some degree. There is a time and place on where to skimp and save, and where to make sure the people you bring into the backend of your business truly have your best interests in mind AND that they know what they are doing. What do you think? Was Dan overly cautious, or is he being paraoid/crazy to think the worst right away?

Written By Daniel Curry

You May Also Like …

Backups Create Contract

Backups Create Contract

Ring! Ring!  Me: I.T. Department, this is Daniel.  How can I help you, today?  Caller: Hey, Dan!   It’s me,...

0 Comments

Leave a Reply