Sadly, in the past 2-3 years we have had far too many opportunities to help customers recover from Ransomware and other nasty problems due to Internet usage. Most of our customers feel that the PICS in a Box appliance is one of the most important “pieces of equipment” their business uses. They want it to be protected from hackers, and in the event it is damaged, compromised, stolen or destroyed, they want to be able to recover as quickly as possible.
The following are some recommendations as to how you can make a PICS in a Box appliance more resistant to compromise (hacking, ransomware, viruses, etc.), as well as information about backing up the system, in the event a restore needs to be done.
Many of these suggestions would be applicable to all systems in your business.
Please be aware that recovering data/systems is time consuming, costly and a major disruption to your business. You should do whatever you can to protect your systems from being hacked, as well as have a solid recovery plan in the event they are.
Safeguarding PICS in a Box
Don’t expose RDP to the internet at large – limit access to the PICS in a Box appliance to only allow specific IP addresses to connect to it. If you want to use a VPN, please see the information in Remote Support Policy, by pressing F1 in PICS and searching for “Remote Support Policy”.
Limit access to the PICS in a Box appliance from other systems – Turn on the local windows firewall, and create rules specific for communications on the internal network. Beyond Remote Desktop (RDP) access there should be little or no need for users working on other systems to access anything on the PICS in a Box appliance. In some cases, a domain login script mapping may be set up for users to access their PICS “home” folder. This is located at d:\ww\wwusers\xxxxxx\prodrun where xxxxxx is the user’s windows user id. Note that it is a WaudWare standard to map a Y: drive to that location for each user.
Anti-Virus – You should use Anti-Virus software on the PICS in a Box appliance. If you have trouble with the one you use, you can use the Microsoft Security Essentials (Anti-Virus for PICS in a Box) Firewall (https://www.microsoft.com/en-ca/download/details.aspx?id=5201). Regardless as to which Anti-Virus software you use, please be sure to set up the exclusions we recommend in our Anti-Virus software and Anti-Virus exclusions document, available in PICS Help.
Internet surfing on the PICS in a Box appliance – With regard to Internet Browsers, we recommend that you configure the Gateway firewall to only allow users on the PICS in a Box appliance to access the PICS Help website and not let users go anywhere else on the internet.
Email on PICS in a Box appliance – Make sure that the PICS in a Box appliance is only configured for outgoing email. Press F1 in PICS and search for Sending email from WaudWare software – CodeRunner, EmFx, PRE and WebPICS. Further, email clients such as Outlook should not be installed on the PICS in a Box appliance. In the event that you require an email client on the PICS in a Box appliance, we strongly recommend it be used for outgoing email only.
Backup – Make sure that the system is being backed up properly. There are 2 backups which must be run daily, and many of our customer as well as us at WaudWare have additional backup systems beyond these. Search for CopyPICS and Data Replication software in PICS Help for more information. Simply hit F1 when you’re logged in to PICS.
PICS Help is loaded with helpful information tailored for new and practiced PICS Users. PICS Help provides users with in-depth knowledge and understanding of screens, procedures and reports found in our Produce Inventory Control System (PICS) software. Go PICS!