As of January 14th, 2020, Microsoft will be ending all support for their hugely popular Windows 7 operating system, which has technology professionals strongly recommending businesses upgrade to Windows 10 in response.
This brief video on the subject discusses what the end of Windows 7 support means for users and the risks that come with choosing not to upgrade before January 2020.
If you have questions or want to find out how we can assist you with upgrading smoothly to Windows 10, give us a call at (678) 389-6200 or email us at firstname.lastname@example.org.
If you use Microsoft’s Skype for Business, that service will be ending on July 31, 2021. Microsoft wants all customers to start using Microsoft Teams instead. Many of the more popular services of Skype are now available on Teams.
Microsoft says, “We’ve brought the key set of Skype for Business Online capabilities into Teams along with new voice, video, and meetings innovation. We encourage all Office 365 customers to start using Teams today, whether independently or side-by-side with Skype for Business.”
Starting September 1, 2019, if you’re an Office 365 customer, you’ll be directed to Microsoft Teams automatically.
If your business uses Skype, Microsoft’s FAQ page has very helpful information to help you transition, including these videos:
Capital One Data Breach Affects More Than 100 Million Customers and Small Businesses in The U.S. & 6 Million in Canada
On July 29, 2019, Capital One reported that their customers’ confidential information was compromised. This includes the Social Security and bank account numbers of more than 100 million people and small businesses in the U.S., along with 6 million in Canada.
The McLean, Virginia-based bank discovered the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator. They waited until July 29 to inform customers.
How Did The Hacker Get Into Capital One’s System?
According to court documents in the Capital One case, the hacker obtained this information by finding a misconfigured firewall on Capital One’s Amazon Web Services (AWS) cloud server.
Amazon said that AWS wasn’t compromised in any way. They say that the hacker gained access through a misconfiguration on the cloud server’s application, not through a vulnerability in its infrastructure.
Capital One says that they immediately fixed the configuration vulnerability that the individual exploited and promptly began working with federal law enforcement.
Who Breached Capital One’s Data?
Paige A. Thompson, a former software engineer in Seattle, is accused of stealing data from Capital One credit card applications.
Thompson was a systems engineer and an employee at Amazon Web Services from 2015 to 2016. In a statement, Amazon said that she left the company three years before the hack took place.
The FBI arrested Thompson on Monday, July 29 for the theft, which occurred between March 12 and July 17. Thompson made her initial appearance in U.S. District Court in Seattle and has been detained pending an August 1 hearing. Computer fraud and abuse are punishable by up to five years in prison and a $250,000 fine.
What Information Was Compromised?
Thompson stole information including credit scores and balances plus the Social Security numbers of about 140,000 customers and 80,000 linked bank account numbers of their secured credit card customers. For Capital One’s Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised.
The largest category of information obtained was that of consumers and small businesses when they applied for one of Capital One’s credit card products from 2005 through early 2019.
Capital One said, some of this information included names, addresses, phone numbers, email addresses, dates of birth and self-reported income.
Other data obtained included credit scores, limits, balances and transaction data from a total of 23 days during 2016, 2017 and 2018.
This is one of the top 10 largest data breaches ever, according to USA TODAY research.
What Is Capital One Saying About The Breach?
They will offer free credit monitoring services to those affected. Capital One said it was “unlikely that the information was used for fraud or disseminated by this individual” but committed to investigating the hack fully.
They’ve set up a consumer website about the breach at www.capitalone.com/facts2019 that you should refer to if you’re worried that your information was compromised.
Capital One expects that this hack will cost them approximately $100 million to $150 million in 2019.
What Should Capital One Customers Do?
If you’re a Capital One customer, you should check your account online. You should also freeze your credit through each of the three main credit bureaus: Experian, Equifax and TransUnion.
It’s important to remain vigilant. Businesses should sign up for Dark Web Scanning to detect whether your confidential business information is there for cybercriminals to use.
Prevention is always the best remedy. Ask your IT provider to ensure your that your firewall is properly configured and to continuously remotely monitor your network for intrusions.
Are You One Of Many Affected By The LabCorp Data Breach?
Financial & Personal Information of 7.7 Million Exposed
Just yesterday we wrote about the Quest Diagnostics’ breach affecting nearly 12 million. Today we’re writing to tell you about a LabCorp breach affecting 7.7 million people. Both of these breaches were caused by a third-party; the American Medical Collection Agency (AMCA). AMCA provides billing collection services to both LabCorp and Quest Diagnostics.
AMCA has informed LabCorp that it is in the process of sending notices to approximately 200,000 LabCorp consumers whose credit card or bank account information may have been accessed. AMCA has not yet provided LabCorp with a list of the affected LabCorp consumers or more specific information about them.
“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA for those who sought to pay their balance. LabCorp provided no ordered test, laboratory results, or diagnostic information to AMCA. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.”
The information included in the breached system includes:
Bank account information,
Credit card information,
First and last name,
Date of birth,
Address and phone,
Date of service and provider, and
Forensic experts are investigating the breach. It’s possible that the AMCA breach could impact other companies and millions of more consumers.
What Should You Do?
Anyone who was affected by the data breach should freeze their credit report to prevent criminals from opening credit card accounts in their name. They should also be concerned that their Social Security numbers were exposed.
If you believe that your information has been leaked, you can contact LabCorp customer service on their contact page.
If you are still using Windows Server 2003 or XP, Windows 7, Windows 2008 R2, or Windows 2008 you could be in trouble. A wormable virus may be coming your way. The virus is designated as CVE-2019-0708.
This means that the virus can get into your system without you doing anything like clicking a malicious link. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights without your knowledge.
What Should You Do?
Microsoft has released a critical update for their Remote Desktop Services that impacts multiple Windows versions. The patches are for devices and systems that are both in and out-of-support, which is rare for Microsoft to do. This shows the importance of these patches.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. To apply the patches, go to the Microsoft Security Update Guide for in-support systems and KB4500705 for out-of-support systems.
Note: Clients & Customers on a valid managed services agreement are being taken care of and there is no immediate action for any computer, server or other devices under a valid managed services agreement.
Microsoft recommends that customers running one of these operating systems download and install the update as soon as possible.
Does This Mean Even Systems Without Support Can Get The Patch?
Yes, Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. This means that you wouldn’t have received any security updates to protect your systems from the CVE-2019-0708 virus.
Given the potential impact on customers and their businesses, Microsoft decided to make security updates available for platforms that are no longer in mainstream support.
It’s recommended that you back up all of your important data first. If you have a reliable backup, if the patch creates problems you can still access your data. You should do this before you install any patches.
What If We Can’t Apply The Patches?
If you can’t apply the patch for your system there are other things that you can do:
If you don’t need the Remote Desktop Services, you can disable it.
Block the TCP port 3389 (this prevents unauthorized requests from the Internet).
Enable NLA (Network Level Authentication) for Windows 7 and Windows Server 2008.
Of course, the best thing to do is to contact your local IT services company. They’ll know exactly what to do.
What Is A Wormable Virus?
This means that any future malware that uses this vulnerability could propagate from one vulnerable computer to another. This is how similar malware like WannaCry spread around the world. Experts are worried that this flaw could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.
“This vulnerability is pre-authentication and requires no user interaction,” Pope said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”
Have There Been Any Attacks Yet?
Microsoft said they haven’t found evidence of attacks against this dangerous security flaw. But one could happen at any time. Right now they are trying to prevent a serious, imminent threat with these patches.
Simon Pope goes on to say:
“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
What Does The Microsoft Remote Desktop Do?
You use the Microsoft Remote Desktop application to connect to a remote PC or virtual apps and desktops made available by your admin. You can control your desktop computer and all of its contents from another computer.
The app lets you connect to your desktop from wherever you are. The access to the remote desktop happens over the Internet or via another network. It lets you interact as if you were physically working from your desktop.
The Remote Desktop application also gives the “master” computer access to all of the contents on the remote computer.
What Else Should We Know?
If you had updated from Windows 7 to Windows 10 or from Windows Servers 2008/2008 R2 to Windows Server 2016 or 2019, you wouldn’t need to worry. This is why it’s essential to keep your systems up to date.
Soon, on January 14, 2020, support will come to an end for all Windows Server 2008, 2008 R2 equipment and the Windows 7 operating system.
If you’re still using these servers or operating system, it’s crucial to replace them now so that there’s no disruption to your daily operations or loss of data.
Any hardware or software product that reaches its end of life is a potential gateway for hackers to enter through. In addition to the security hazard, there are other reasons why it isn’t a good idea to keep using old equipment such as unresolvable outages.
Where Can We Get Help?
Contact us to ensure your Microsoft desktops and servers are secure and protected from unauthorized intrusions.
Microsoft began notifying Outlook.com users of a 2019 security breach that occurred between January 1st and March 28th. Hackers were unintentionally given unauthorized access to some accounts, where they were then able to view subject lines, email addresses, and folder names. While no login details—including passwords—were directly accessed as part of this breach, Microsoft did warn users to reset their passwords.
Although the hackers could not view the actual content in the bodies of emails nor download attachments, this incident still represents a major—and disturbing—security incident. This breach serves as a reminder to every business to tighten up its security measures and protect its assets.
Use multi-factor authentication.
Do not leave this as an optional measure for your employees; require it. Multi-factor authentication uses more than one form of identity confirmation—this is the “multi-factor”—to prove the identity of the person attempting to access a particular platform—this is the “authentication.”
Depending on where in the product the Microsoft breach happened, multi-factor authentication could even have possibly prevented or limited the breach. In general, this authentication process adds a strong layer of security. Hackers don’t usually have both the password and the PIN, secret questions, or other ability to verify their identity.
When vetting which type of authentication to implement—if you have this option—consider using the one that is easiest for employees to have on hand, but hardest for others to get a hold of. Trying to make this relatively convenient for your employees will make it easier for them to comply, which will keep your business more secure. Multi-factor authentication is a measure that should go hand-in-hand with training your employees to use strong passwords.
Account for all devices—including mobile—in your security processes.
Very few companies still limit employee access to business assets strictly to desktops at work. There is a growing trend of employees being able to work remotely, even if it is not full-time. A recent study showed that as many as 70% of employees work remotely at least once a week. Whether working from home, a rented office space, or on-the-road, they are using their devices to log in from a distance, well beyond the secured confines of your office. This figure was accounting for full-time employees; contractors only increase the number of remote workers further.
The security processes implemented at your company needs to account for how all of your employees are accessing company resources. Email access on mobile devices is one of the most common ways in which employees take their work on-the-go, and so it’s a strong starting point for building out these protocols. Because confidential company information is being accessed on these devices via networks over which companies have no control, it is critical that both the email servers as well as the devices being used have robust security systems in place.
While new improvements continue to roll out to tackle these issues, solutions that work across all devices are the norm. Security software, as well as encryption tools, can help protect data regardless of the device, particularly when combined with encouraging employees to log-in via secure VPN networks. Cloud options for data storage are offered by providers with a menu of security options; it’s worth walking through your needs and investing in top-quality solutions.
Document your security processes.
With all of the work that goes into developing security processes, even more needs to be carried out to maintain their implementation and ensure that they remain up-to-date with new tech trends and emerging risks.
This is a vast and complex undertaking. All existing assets must be brought onto any updated infrastructure. Employees must be set-up for and onboarded to the security procedures, and checkpoints must be established so that their compliance may be monitored. Systems must be monitored for any breaches, as well as smoothly updated across all users and data to accommodate any new vulnerabilities that arose since the previous update. Different components, whether hardware (including different devices, such as mobile) or software, may experience issues with any updates. New members of the internal information technology must be introduced to the systems while existing members must stay abreast of any new developments; even team members working simultaneously on the same project must address potential communications issues.
Thorough documentation of processes helps achieve this by providing an objective record of the systems in place. This can be used for onboarding; for internal audits; for evaluating alternatives or potential improvements; and even for reviewing the source of vulnerabilities and providing accountability should an issue arise. This sort of record-keeping is an essential component of transparency in company policy and helps enforce quality control on internal processes. Of course, it must also be protected with the highest measure of security since it arguably contains “the keys to the castle.” Decentralizing its storage and scattering protected, encrypted components of it across multiple storage solutions can help protect company assets from the sort of large-scale breach that could otherwise bring your data assets to their knees.
And so, the large-scale Microsoft breach serves as a reminder that active vigilance must always be maintained over internet security, without relying entirely on one single individual, provider, or service. No single entity can be trusted to be entirely safe when major players like Microsoft are clearly vulnerable, despite the teams of brilliant engineers hired to implement safeguards and the millions of dollars invested in diverse preventive measures. Every business needs to be proactive in protecting itself through rigorous internal standards, ranging from staff training through the implementation of mandatory security precautions, to minimize the risk of vulnerabilities being exposed and exploited. Factoring in every employees’ data paths and employing multiple layers of overlapping security efforts at every step of the way—and documenting these processes for easy internal accountability and refinement—are critical for business informational security in this highly connected digital age.
Firewalls were developed over thirty years ago and function as the first line of defense for many business networks. This piece of network equipment is a perimeter defense that determines whether packets can move into or out of the network. While the basic concept of a firewall is simple, the way that it performs this function and the features it offers continue to evolve based on current threats.
Types of Firewalls
Firewalls come in two major categories: hardware and software. The physical firewalls are network appliances that connect to the rest of the IT infrastructure so it’s able to monitor packets. There are several methods they can use to secure the network and assist with thwarting potential intruders.
Stateful firewalls retain information about the connections being made. It offers good performance because this technology allows it to skip inspecting every single packet. Once it has inspected a connection, it allows it for subsequent packets.
Application-level firewalls that are hardware based are designed to protect the application’s connections. They address common attack methods used on that type of application, such as stopping cross-site scripting for a web application.
When someone thinks about a standard firewall, a proxy firewall is most likely what’s on their mind. It stands between a host device and the data source and inspects the packets that are sent between them. This type of firewall may not stand up to complex attacks due to its simplicity, but it masks a lot of the network information.
This firewall is another basic one that focuses on checking the TCP handshake. It’s not resource intensive since it doesn’t look at the packet, but that does mean that it won’t protect against sophisticated attacks.
These firewalls have advanced features that give businesses more ways to stop malicious traffic from making it through the appliance. Some examples of these include deep packet inspection, checking attachments in sandboxes, and terminating encrypted traffic. Third-party data can be incorporated into the rules and filters of the firewall to improve protection against emerging threats. They can also incorporate technology that is found in other types of IT security hardware, such as intrusion detection. The drawback of this firewall type is that it can significantly slow down network traffic.
This firewall is a software package that’s installed on the business network and does not rely on a hardware appliance for protecting traffic.
Some applications have firewalls built into the software itself to act as a second layer of protection. Anything that gets through the physical firewall of the business network and reaches the application layer needs to go through another inspection. These firewalls focus on threats that are most common for that piece of software.
A cloud-based firewall leverages cloud computing technology for the virtual appliance. Some advantages of a cloud firewall include the ability to scale quickly, high availability, and cost-efficiency. For organizations with limited IT budgets, using a cloud-based service can give them access to powerful features that they wouldn’t have access to without paying a substantial upfront hardware fee.
The right firewall for your organization depends on the typical threats that you face, the sensitivity of the information you’re protecting, and your performance requirements.
Did you know? Microsoft is ending support for Windows 7 in January 2020. Beginning this April, Microsoft will start displaying pop-ups on all Windows 7 computers alerting the users that their support for Windows 7 will be ending.
Don’t be alarmed. Microsoft also did the same thing with Windows XP before shutting down their support for the Windows XP Operating System.
MPowered IT is in the process of discussing upgrade options with every one of our clients and local companies. We’d like to schedule time with you to discuss your options. Feel free to connect with us by calling (678) 389-6200 or sending an email to email@example.com.
TrickBot is up to its tricks again. Once cyber experts get a handle on it, TrickBot releases new modules that advance its capabilities. Here’s what you need to know to protect your organization from TrickBot.
Don’t Get Tricked By TrickBot
TrickBot is up to its tricks again. Once cyber experts get a handle on it, TrickBot releases new modules that advance its capabilities. Here’s what you need to know to protect your organization from TrickBot.
TrickBot is a modular banking trojan that targets user financial information and acts as a vehicle for other malware. It uses Man-in-the-Browser attacks to steal financial information such as login credentials for online banking sessions. (The majority of financial institutions consider Man In The Browser attacks as the greatest threat to online banking.)
Malware developers are continuously releasing new modules and versions of TrickBot— And they’ve done this once again.
How Is TrickBot Distributed?
TrickBot is disseminated via malspam campaigns. Malspam is a combination of malware and spam. It’s usually delivered through phishing or spear-phishing emails. Its goal is to exploit computers for financial gain.
These malspam campaigns send unsolicited emails that direct users to download malware from malicious websites or trick the user into opening malware through an attachment.
TrickBot is also dropped as a secondary payload by other malware such as Emotet. Some of TrickBot’s modules abuse the Server Message Block (SMB) Protocol to spread the malware laterally across a network. (SMB is an application-layer network protocol that facilitates network communication while providing shared access to client files, printers and serial ports.)
The developers behind TrickBot have continue to add more features via modules to this potent trojan virus. It can download new modules that allow it to evolve if left unchecked.
How Does The TrickBot Malspam Campaign Work?
The malspam campaigns that deliver TrickBot use third-party branding looks familiar to you and your staff such as invoices from accounting and financial firms. The emails typically include an attachment, such as a Microsoft Word or Excel document. If you open the attachment, it will execute and run a script to download the TrickBot malware.
And, TrickBot is really tricky. It runs checks to ensure that it isn’t put in a sandboxed (quarantined) environment. Then it attempts to disable your antivirus programs like Microsoft’s Windows Defender.
And even worse, TrickBot redeploys itself in the “%AppData%” folder and creates a scheduled task that provides persistence. Persistence is the continuance of the effect after its cause is removed. So, even after you remove TrickBot, it can still create problems.
What Happens If Your Network Gets Infected With TrickBot?
TrickBot’s modules steal banking information, perform system/network reconnaissance, harvest credentials and can propagate throughout your network.
Will harvest your system information so that the attacker knows what’s running on your network.
Compares all files on your disk against a list of file extensions.
Collects more system information and maps out your network.
Harvests browser data such as cookies and browser configurations.
Steals credentials and configuration data from domain controllers.
Auto fills data, history, and other information from browsers as well as software applications.
Accesses saved Microsoft Outlook credentials by querying several registry keys.
Force-enables authentication and scrapes credentials.
Uses these credentials to spread TrickBot laterally across your networks.
What’s New With TrickBot?
In November 2018, a module was developed and added that gave TrickBot the ability to steal credentials from popular applications such as Filezilla, Microsoft Outlook, and WinSCP.
In January 2019, three new applications were targeted for credential grabbing: VNC, Putty, and RDP.
In addition, it can also steal credentials and artifacts from multiple web browsers (Google Chrome/Mozilla Firefox/Internet Explorer/Microsoft Edge) including your browsing history, cookies, autofills, and HTTP Posts.
How Can You Protect Your Organization From TrickBot?
We recommend that you contact us and arrange for the following to protect against the TrickBot malware:
Implement filters at the email gateway to filter out emails with known malspam indicators such as known malicious subject lines, and block suspicious IP addresses at the firewall.
Use managed antivirus programs on clients and servers, with automatic updates of signatures and software. Off-the-shelf antivirus isn’t enough.
Arrange for vulnerability scans to detect TrickBot or other malware threats that are hiding in your IT systems.
Apply appropriate patches and updates immediately after they are released.
Provide Security Awareness Training for your users. Regular training will ensure that they can recognize social engineering/phishing attempts, and refrain from opening attachments from unverified senders.
Help you employ a Password Management solution so your usernames and passwords aren’t disclosed to unsolicited requests.
Deploy a managed Anti-Spam/Malware Solution with the latest signature and detection rules.
Review security logs for indicators of TrickBot. If any are found, we can isolate the host and begin investigation and remediation procedures.
Make sure you adhere to the principle of least privilege, ensuring that users have the minimum level of access required to accomplish their duties. We’ll also limit administrative credentials to designated administrators.
Implement Domain-Based Message Authentication, Reporting & Conformance (DMARC). This is a validation system that minimizes spam emails by detecting email spoofing using Domain Name System (DNS) records and digital signatures.
If you don’t have a policy regarding suspicious emails, we can help you create one and specify that all suspicious emails should be reported to security and/or IT departments.
Don’t let TrickBot use its tricks to steal your confidential data. Contact us for comprehensive IT Security Analysis and Remediation to keep TrickBot out of your network.
Have you seen a new application — Chromium — suddenly appear on your computer? It’s likely that if you did not intentionally download it, the app is malware that should be removed immediately.
While Chromium is a legitimate product, hackers have been using it to deliver adware and potentially unwanted programs, redirect browsers to different websites and track Internet activity. The results of such unwanted software can range from minor irritation to serious privacy concerns, including identity theft.
What Is Chromium?
Chromium is an open-source browser application that was initially created by Google. Chromium is the source code for what became the Chrome browser. When Google released Chrome in 2008, it also released the Chromium code. The Chromium project is now managed by The Chromium Projects and is designed for developers to create a faster, more stable and safer form for web browsing.
Chrome itself still includes some of the Chromium source code along with proprietary features, such as automatic updates. Google owns and manages the product, which is by far the most popular browser worldwide, with 62.5 percent of the market share as of February 2019.
Why Is Chromium Popular with Hackers?
Because it’s an open-source product, Chromium is vulnerable to misuse. Browser hijackers are a type of malware that makes changes to a user’s browser settings without their knowledge or consent. Most users unintentionally download hijacking malware when clicking through online ads or when downloading or purchasing other software.
How Does Malware Chromium Work?
The malware Chromium app uses a virtual layer to push ads or redirect browsers to e-commerce websites. Other types can direct users to dangerous, malicious websites that can themselves contain infectious viruses and programs.
What’s worse is that the bad Chromium browsers track your browser activity and can grab browsing data, including personally identifying information, passwords and financial data such as credit card numbers and bank account numbers. The hackers then sell this information to third parties, who often use it illegally. This activity can mean privacy breaches, unwanted use of cards and accounts, and identity theft.
There are many different Chromium-based browser applications that are dubious, despite appearing to be legitimate. Usually, these apps claim to improve browsing speed and security and boast of having new features that other browsers lack. These claims lure users into a false sense of security and invite downloads that cause trouble. These questionable app names include BeagleBrowser, BrowserAir, Chedot, eFast, Fusion, MyBrowser, Olcinium, Qword, Torch and Tortuga, among others.
How Is Chromium Malware Installed?
Often, these rogue programs are part of the Custom or Advanced settings of an app. The most common victims of these unwanted applications are users who hastily download software and install it quickly without reviewing each step. To avoid these inadvertent downloads, it’s important to pay attention during download and installation steps. Be wary of any software that is bundled with other programs and never accept offers to install third-party programs.
How Do I Uninstall Rogue Chromium Browsers?
There are several step-by-step guides online to show how to remove the malware, do thorough scans of your computer for rogue files and registry keys, and clean and reset browsers. The steps are very specific to your operating system and browsers. Two good online guides are here and here.
Being aware of types of malware, how they infect your computer and what they do can help prevent you or your employees from the frustration, time and irritation of fake Chromium browsers.
Thank you again for making the final push to the deadline on our website launch. I can’t tell you enough how much I appreciate your commitment to quality. Feels like I’ve got someone fighting by my side.Nicole B.
Our experience during a recent project was great. Our engineer kept us informed as we went through the process. Even when we hit a snag, the team responded very quickly and got everything resolved. They even took care of a separate issue I was trying to get handled for some time. They really came through.Eleanor C.
I am impressed with the professionalism and courtesy of the mPowered IT technicians. We are thrilled!Stephanie C.
mPowered IT is extremely professional and dependable. They consistently deliver results and as an owner, I trust that they will take care of my business. Their attention to detail has earned my business.David B.
In working with John Mamon (CEO) over the years, I have personally witnessed his commitment to making sure the customer comes first, consistently creating raving fans of his services. When we started thinking about a managed services partnership to help our education clients manage, secure, and control their tablets, mPowered IT was our first call. Our partnership was not only a great decision for PowerUp EDU, it is an even better decision for our customers!Jerry G.
I cannot imagine trying to manage our tablets without your help.Peggy W.
I just called mPowered IT on an issue and they were fantastic and fixed the problem in a matter of minutes.Matthew J.
I have worked closely with John Mamon, CEO of mPowered IT, for the past 7 years. He understands the business advantage that well-managed IT can bring and has a sound understanding of what makes IT work for business. Many IT Service Providers talk a good talk, but they haven’t built the delivery capability to actually achieve what they promise. John has instilled in his team the discipline and knowledge necessary to keep IT running optimally for his clients, enhancing the client’s return from every IT dollar invested.John K.