The prospective client was having issues with their IT provider and wanted H Grant Designs to assess and resolve their environments.
Current Mode of Operation
3 Windows 10 Pro PCs
2 Windows 7 Pro Desktops
1 Windows 10 Home Laptop (personal laptop)
1 Windows 10 Pro Laptop
1 PowerEdge T320 server
1 Sonicwall TZ350
The prospective client was using a provider who was not providing ample support. Upon our site visit, we learned that the current support provider was not an effective solution. Phone calls went unanswered and messages left regarding support issues were unaddressed. We asked if they needed the on-site server and thankfully the answer was no. All of their computer resources were cloud-based. The PC naming conventions were inconsistent, and the current support provided did not want to swap users. The client was also using Windows 7 on devices, which is non-supported software. In order for remote workers to access the server, one of the computers had to be powered on and logged in. During our connectivity troubleshooting, H Grant designs learned the client was using Sonicwall’s NetExtender. The network setup is using the Sonicwall’s Wifi and then a Unifi AP Lite for guest wifi. The client did not have any backups of email, files, and computers, and did not have any type of phishing protection. A remote worker’s laptop was also domain-controlled, and the user had no control over what could be downloaded or installed..
Discovery and Implementation
Upon the client approving our quote, we were astonished to learn that the main server password was the name of the company. While we hoped that this would be the only issue, we found more problems. The support provider provided seven Office365 licenses and they were told they weren’t allowed anymore. One user was using an alias of another email and never saw any messages unless she was logged in using the old email credentials. The client was paying for patching and one computer was not updated in three years. During our onboarding and patching process, one computer took nine hours to update. Multiple laptops that were used for personal use was also tied to the local server, forcing us to dejoin the domain.
Another laptop had a mystery set of passwords for which no one, including the IT company, knew the credentials, so we were forced to reformat the laptop. We put in SSD for this laptop. We also set up 2fa for all users and established the emails correctly. Instead of using the Windows Server 2012 R2, we went with Datto Workplace and Microsoft Intune for centralized management.
We also installed a brand new firewall with a brand new 24 port Unifi POE switch and 1 AP Pro. We replaced the Windows 7 computers with new Windows 10 Pro computers and gave the user a desktop so she did not have to use her personal laptop.
We implanted email backup and also used Ironscales for protection.