Cyber Security Advice for Medical Practices

The sudden increase in cyberattacks happening all around the world is not without its reasons. More than 80% of information – including private details about ourselves – are now stored digitally. Every information is valuable to attackers, which is why we are now seeing more attacks as well as new forms of attacks targeting individuals and large corporations.Cybersecurity for medical practice

For medical practices, information security is essential. Patient information and details about the practice’s operations are too valuable to handle carelessly. There are ways to improve cybersecurity throughout your medical practice and we are going to discuss some of them in this article.

Follow the Standards

The healthcare industry is highly regulated down to the last letter and information security is no exception. The HIPAA medical information security guidelines are something that every healthcare service provider must follow.

Fortunately, most solutions available to the industry already take HIPAA compliance very seriously. You know you can count on the software, devices, and other solutions that comply with HIPAA to safeguard your information. Following the correct security standards is a great first step to take.

Secure the Equipment

Using the correct, well-secured equipment is another must. You can’t count on poorly secured equipment, especially in today’s world where attacks to IoT and electronic devices are more common than ever. Similar to choosing software and solutions, there are standards to follow.

According to Rishin Patel Insight Medical Partners’ President and CEO, newer equipment is designed to be more secure from the ground up, especially compared to older alternatives. His company provides easy access to the most advanced products and technologies so that medical practices can remain safe and protected.

Have a Backup Routine

To have a strong information security foundation, the third thing you need to add is a good backup routine. Maintain on-site and off-site (cloud) backups of sensitive information so that your medical practice can recover from catastrophic cyberattack seamlessly.

In the event of a ransomware attack, for instance, you can wipe your computers and restore essential data from various sources. When hardware fails, there is still a cloud backup to turn to. Adding a good backup routine to the practice’s everyday workflow completes the equation and provides your medical practice with a good security foundation.

Train the People

Once the foundation is laid, it is time to tackle the biggest information security challenge of them all: the people. Bad habits like using a weak or common password, exchanging login information or user access with coworkers, clicking URLs from illegitimate sources, and copying data to a flash drive and then not handling it properly are still the most common causes of cyberattacks.

It is imperative that the people involved in handling information know how to handle information securely. Information security trainings are great for changing some of the more common bad habits quickly. As an extra layer of security, putting in place a set of security policies is also highly recommended.

There are still so many things you can do to protect your medical practice from cyberattacks, but these first steps are the ones to take to get started. Be sure to implement these measures immediately before your practice becomes the victim of a cyberattack.


eCommerce Payment Methods

What Payment Methods Should Your E-commerce Store Accept?

The market today has so many payment methods, making it increasingly difficult to decide which of these you should accept for your ecommerce store. Indeed, it is quite common for someone to spend hours on end trying to review different payment systems to see which one offers the best services at the lowest cost. The following is a list of the best three you should be considering especially if your e-commerce site deals with international payments.

Veem

Veem is a payment processing system that has quickly gained prominence in this niche for its reliability and low cost. Created to eliminate bank wire transfers, the company has ushered a new day in payment processing for ecommerce sites. From inception, it captured the imagination of many merchants who make regular international wire transfers.

What’s more, its currency exchange rates are consistently fair and the transactions are simple and fast. To avoid exorbitant international wire transfer fees, especially when wiring money to businesses in countries like China, merchants use Veem. The payment processor is a good choice for merchants who cannot afford incessant glitches and who value excellent customer service.

PayPal

PayPal is perhaps the most popular payment-processing platform online. The most notable difference between PayPal and all other payment-processing platforms is that merchants and customers deposit and withdraw their money from different PayPal accounts separately and from their local bank accounts.Online payment

PayPal is said to be a managed bank transfer service that enjoys the trust of customers and merchants alike. This unique standing allows it to settle transactional disputes on the behalf of merchants. When working with PayPal, you pay its transaction fees when you receive and when you send money, making it an unpopular choice among small e-commerce stores that may be dealing with low-value but large volume items.

Paymill

Paymill is an ecommerce payment processing system that helps sites process credit cards, prepaid cards and debit cards securely. The company is registered in Germany and is the leading payment processing companies in many European countries, including Germany, Austria and Switzerland. While it is based in Europe, Paymill is quite popular even in other parts of the world and has the capacity to fulfil e-commerce payment needs from merchants around the world.

Paymill doesn’t charge set-up fees and has no monthly or annual fees. This is why it is quite popular with e-commerce startups looking for a scalable, reliable and flexible payment processor. What’s more, the process of adding debit card processing to an e-commerce site is extremely easy, often requiring a little coding that most programmers can do in a few minutes.

Whatever the size of your ecommerce site, chances are you can use any of these three top payment processors that customers already know and love. Before deciding on one, take you time, visit their websites, confirm the fees you will be required to pay, including all hidden charges and then make a decision. Your ecommerce site deserves a payment method that is seamless, easy to use for your customers and that builds confidence between you and your customers.


Connecting local Active Directory Cloud (AD) and Azure

Active Directory Cloud Enablement

Connecting local AD to Azure

Active Directory Cloud Simplifies user Access (Microsoft)With the deployment of more and more Office 365 services, managing separate AD instances can be daunting.  Fortunately Microsoft offers great tools to get your Active Directory Cloud initiative working. Azure’s AD is the backing AD for the Office 365 services. In this article, I am providing a summary of the key points to remember when connecting to Azure’s AD.

Microsoft provides a very powerful set of tools to easily connect a local Active Directory to Azure. There are also some advanced options available if you decide to use Azure as a full blown AD server for your organization. However, it is important to be very careful. Here is what can happen if the connection isn’t done right: most if not all of the users will be locked out of their account. That means, no email (Outlook), no SharePoint, no OneDrive.

 The key is to configure the ADD connect tool with a custom setting in order to make sure that the local domain doesn’t take over the Office 365 domain. The following steps assume that you have Office 365 deployed for your main domain. For example, NewPush.com is our main domain. 

Quick summary to connect the Active Directory Cloud 

1)    Check that all your local users have their email address set up properly in the “mail” attribute of your local AD. At this stage, you should also make sure that you have an Office 365 account set up with Global Admin privileges, and on the default Microsoft domain (e.g. globaladmin@yourdomain.onmicrosoft.com.

2)    Installing the ADD. This is straightforward, however, make sure to not finish the install with the defaults, as we modify the sync rules in the next step. If you already installed, and have the wrong settings, you need to uninstall, reboot, and reinstall.

3)     Select custom synchronization setting and select the mail attribute as UPN for sync which results in your main domain remaining the one used on Office 365. 

References for Active Directory to Azure Connection

1)      http://www.microsoft.com/en-us/download/details.aspx?id=47594

2)      https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-get-started-custom   Custom installation of ADD connect Start to end. 

 Please let me know if you found these instructions helpful, and do not hesitate to send me feedback.

 


NewPush Recognized as Top 20 VMware Cloud provider 2016

CIO Review recognition

NewPush started using VMware technologies from its inception in 1999. At the time the first dot com boom was just heating up. Many virtualization technologies were emerging for the Intel platform. Over the years we kept focusing on providing enterprise grade infrastructure. Meanwhile, we have kept increasing the role of VMware as we understood that for Intel based hardware VMware provided the most reliable enterprise soluitons. As a result, we have moved the use of VMware from our development labs to our production systems and data-centers. Since the 2010’s we are formally a VMware partner providing VMware Cloud solutions. Most noteworthy, the last few years have shown a tremendous growth in the capabilities VMware Cloud delivers. Therefore it is our pleasure to announce that CIO Review has recognized NewPush as a top 20 VMware technology provider.
20 most promising VMware Cloud solution providers - 2016

VMware Cloud Solutions

Important milestone for NewPush

This recognition is a milestone that is important to us. We have worked hard to pioneer and to be successful deploying state of the art VMware based cloud technologies. Our recent work focuses on NSX, vSAN, and the vRealize suite. As we continue our quest to provide the best cloud services to our customers, we look forward to deploy the new Docker and Hadoop enablement technologies.

Looking ahead

Cloud technologies keep changing at an ever increasing pace. Companies who stay ahead are going to continue to have a competitive advantage, by providing a better customer experience. By partnering for technology decisions with NewPush, you can spend more time with your core business, while ensuring that you have a trusted partner with a proven track record to help you keep a competitive edge on the IT front. If you would like the NewPush advantage for your company, please do not hesitate to get in touch today. We are here to help 24 hours a day, seven days a week.


Email Hosting: cPanel (Exim) email loop – Too many “Received” headers – suspected mail loop

Email Hosting Issue: email looping on cPanel (Exim)

When your server’s email flow stops, it is like the life blood of a company that stops. As soon as an email issue appears we have to jump on them immediately and get to the core of the problem. Smart trouble-shooting is key. At this point we have to look under the hood of cPanel. cPanel (WHM) is an email hosting and website hosting automation control panel.

Every now and then, you get a cryptic bounce message that drives you to dig deeper. In this case, we fist saw “potential email loop” in the bounce message. However, that was not enough. We had to then look at the email logs on cPanel. The place to look was “Track delivery.” Meanwhile the customer’s email are bouncing, and the pressure is mounting. In the end we were able to fix the issue quickly.

Problem: email loop detected on email hosting server

You see the following symptom. You send mail to a user on cPanel, and the following error is displayed in the “Track Delivery” section of the users cPanel account:
Too many "Received" headers - suspected mail loop

Solution: fix MX settings of the email hosting control panel (WHM cPanel)

  • Go to the MX record section of cPanel.
  • Reset the delivery method to local.
  • If the method is already set to local, make sure you change it to “backup”, save, and then back to local.

What else can cause a mail loop? Make sure that you do not have a conflict in domain forwarder or email forwarder.

Background

cPanel uses Exim. On Exim, the destination domain is in /etc/localdomains. If the email is stored on a remote server, list the domain in /etc/remotedomains. The steps to take in the solution section act on the MX record editor of cPanel. These steps force cPanel to properly populate these files.

If you have similar issues, and have a hard time figuring out the solution, let us know. We are happy to help with any email system, cPanel, Plesk, Domino, or Exchange. Contact us at support at newpush.com, or through the contact us page.


New Available Build Notification (85380)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, SpamExperts.

What’s new this week:
Change from Apache to NGINX
We’re excited to announce that to further improve the responsiveness and performance of the webserver, we’re switching from Apache to NGINX over the next weeks. There is no action required on your end for this, and nothing will visibly change for your users.

Changelog:

Filtering (services):

  • The logging system now stores the decoded version of the ‘To/CC/From/Subject’ headers (#23203)
  • The logging system now distinguishes recipient rejection that is the result of a cached lookup rather than a fresh callout (#16480)
  • The ‘api_set_administrator_callout’ API call now allows setting a blank email (i.e. removing any contact) (#22489)

Front-end / GUI:

  • Admins can now manage sub-admins using Control Panel API: /api/admin/update ; ‘/api/admin/wipe’ ; ‘/api/admin/binddomains’ ; ‘/api/admin/unbinddomains’ ; ‘/api/domain/getowner’ (#24195)
  • Resolved issue with ‘Release and Train’ option not working from the Log Search (#24276)
  • You are now able to assign an Admin under a sub-admin (#22245)
  • Increased the speed of transferring domains (#22602)
  • Changed the Bandwitdth Overview so it is now showing if a domain belongs to a sub-admin (#23543)
  • Admins are now able to remove Sub-Admins via API : ‘/api/admin/remove/username/’ (#23391)
  • Resolved issue with: “Invalid request parameters” error when trying to view the Error Details for a message in the Log Search (#24366)
  • The Control Panel API ‘/api/domainslist/get/’ can be extended to provide information about available services for each domain (#21596)
  • The SpamPanel now recommends using a Password Manager when creating custom passwords (#22393)
  • Improvements to the SpamPanel API ‘/api/domaincontact/set/domain/’ (#24452)
  • Updated error messages when using setting cluster update times and allowed SSH IP’s (#22030)

Plugins & Integration tools:

  • cPanel: Resolved issue with erros showing in log when terminating an account (#24389)
  • Plesk: Resolved issue with PHP Warning: “Illegal string offset id” when clicking the Domain List (#24399)

For more information, please do not hesitate to contact us.

 


New Available Build Notification (84851)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, SpamExperts.

 What’s new this week:

Quarantine retrieval / release via the API:

We’ve recently added the ability to retrieve and release messages via the software API.  It’s likely that you are already using the API, e.g. to get a list of messages in the quarantine matching certain criteria, and so retrieving or releasing messages via the API should be much simpler than also having to manage doing this via an IMAP connection.

This also allows you to build your integration with tighter security controls, as you can create a dedicated API user that only has access to the specific required functionality, rather than having to use the admin IMAP credentials

Updated reputation system:

We have updated the SpamExperts IP/URL reputation system with this release, to make more efficient use of our centrally produced intelligence data. This will not only further improve the filtering quality, it will also ensure that any reported false negatives/positives are processed more quickly to ensure optimal spam and virus filtering for your clients.

Changelog:

Filtering (services):

  • It is now possible to retrieve and release messages from quarantine via the API (#21713)
  • It is now possible to use the value “default” when setting the default value, which will change the default back to the value used when installing the cluster (#5100)
  • Default values may now be used with api_set_maximum_messages_per_connection (#18614)

Front-end / GUI:

  • Resolved issue with Overview returning a blank page in Internet Explorer (#24196)
  • Add retry time as an action for log search results (#21935)
  • Resolved issue with Add Domain page not showing correctly (#24251)
  • Resolved issue with not being able to remove the `&` character in restricted local parts via the interface (#23860)
  • Resolved issue with “Authentication failed” error when trying to view / release quarantined messages (#24235)
  • Resolved issue with Manage Administrators page not loading list of administrators when French language is used (#24271)
  • Changed the way Outgoing Reports is showing to make it more clear (#24227)
  • Resolved issue Overview search field not searching for the following format `.net` (#24313)
  • Resolved issue with api/admin/add/username failing to add uppercase usernames (#24351)
  • Resolved issue with domain unbinding from an admin account (#24308)
  • Resolved issue with admin contact email address not being added correctly (#24361)
  • The SpanPanel API ‘/api/admin/transferdomains/’ requires accepting the domain before it is assigned to the new admin (#24304)

Plugins & Integration tools:

  • cPanel: It is now possible to enable / disable reseller access in cPanel plugin (#19245)
  • cPanel: Resolved issue with cPanel terminate account not removing addon domains (#24079)
  • cPanel: Resolved issue with cPanel not displaying domains and returning the error: “There are no domains on this server” (#24325)
  • Plesk: Resolved issue with Toggle Protection not adding the correct route (#24286)

For more information, please do not hesitate to contact us.

 


New Available Build Notification (84419)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, SpamExperts.

 What’s new this week:

System Administration:

We have now implemented the ability for our clients to select one or more contacts which should receive our automated server problem notifications emails. To configure this for specific contacts please make sure that the option “Monitoring emails – Receive notifications about server problems” is ticked in the client area (https://my.spamexperts.com).

Filtering (services):

  • This build includes general filtering/performance updates only

Monitoring:

  • You can now choose which contact will receive the monitoring system notifications (#19510)

Front-end / GUI:

  • No new updates this week

Plugins & Integration tools:

  • cPanel: It is now possible to enable / disable admin access in cPanel plugin (#19245)
  • cPanel: When using the “Terminate Account” option in cPanel, the domains are now removed from the filtering server (#24079)
  • Plesk: Resolved SecurityError: blocked a frame with origin (#24241)
  • DirectAdmin: It is now possible to use branding in DirectAdmin (#22918)
  • DirectAdmin: Removed the term “SpamPanel” from the plugin (#24043)

For more information, please do not hesitate to contact us.

 


New Available Build Notification (83705)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, SpamExperts.

 What’s new this week:

Email user level whitelist & blacklists

Over the last couple of weeks, we have been working hard on getting the email user level whitelisting and blacklisting option available from the interface. This is now available, and allows the email users to manage their own list of sender domains and email addresses that they would like to whitelist or blacklist.

Changelog:

Filtering (services):

  • This build includes general filtering/performance updates only

Front-end / GUI:

  • “Cancel 2FA” is no longer available once the user set the 2FA (#23749)
  • Resolved issue with “Sender is invalid” response when trying to whitelist or blacklist a domain (#24133)
  • Resolved issue with “You have no permission to remove admins” error when using api/reseller/setproducts API (#24148)
  • The 2FA is no longer required the second time when the page Manage Email users is refreshed (#24142)
  • The labels no longer use the term “SpamPanel” (#24045)
  • The Admins are now able to get a list of their sub-admins via API call (#24169)

Plugins & Integration tools:

  • No new updates this week

For more information, please do not hesitate to contact us.

 


New Available Build Notification (83328)

This is our spam / virus filter update for customers on the mx1 / mx2.tnpw.net filtering cluster. The information is brought to you by our vendor, SpamExperts.

 New “Overview” page for super-admins and admins

The “Overview” page, where super-admins and admins are able to view a list of the domains configured in the system, has been significantly modernised.  The page looks similar, and all the old functionality is there, but the page now only has to load once, and can then refresh the content (e.g. when you change page or search) without having to reload.  Working with the overview page will be a much smoother and faster experience.  Over time, we’ll be modernising more of the web interface in this way.

You are now also able to transfer a domain to an admin, or unbind a domain from an admin, directly from the overview page.

We’ve also made a few changes to the whitelist and blacklist pages.  You can now search and sort the lists, and also export the lists to a CSV file.

Plesk for Windows SpamExperts add-on

We’ve completed the initial release of our opensource Plesk for Windows integration. Detailed instructions on how to install this add-on can be found on our knowledgebase here. Any feedback is greatly appreciated.

Changelog:

Filtering (services):

  • A new API method, api_set_recipient_protection_report_template(), is available, for making bulk changes to protection report settings (#23822)
  • A new API method, api_set_recipient_protection_report_language(), is available, for making bulk changes to language settings (#23979)
  • An error has been fixed that would cause the api_get_domain_count() API method to return an incorrect value when domains had multiple destinations (#23989)
  • When a message expires from the delivery queue, the status (in the logging data) is now updated to either “bounced” (if a delivery status notification was generated) or “queue-expired” (#19762)
  • When a message is not fully processed (e.g. the sending server gives up before completing) the status of the message (in the logging data) is now set to “not-accepted” (#24003)
  • When a message is removed from the quarantine, the status of the message (in the logging data) is now set to “quarantine-removed”. This also prevents these messages from appearing as releasable in protection reports (#19763)

Front-end / GUI:

  • It is now possible do assign domains directly from the Overview (#13683)
  • It is possible to add Local recipients that contain only ascii characters (#24054)
  • Added option to export user defined white and blacklists (#22856)
  • Added option to search the user defined white and blacklists (#22855)
  • Added search option to use defined white and blacklists (#22854)
  • Removed the term “SpamPanel” from the interface (#24043)
  • Resolved issue with email user not having access to sender whitelist / blacklist (#24069)
  • Resolved issue with Archive search date option showing the wrong date (#24044)
  • ‘Download .eml’ button is now displayed in the incoming|outgoing delivery queue (#24085)

Plugins & Integration tools:

  • 0: MX record changes are handled in the instance settings (#23362)
  • 0: It is now possible to handle auto protection on multiple subscriptions for one customer (#23929)
  • 0: Resolved issue where unprotecting a domain enabled the original MX records of other domains as well (#23981)

For more information, please do not hesitate to contact us.