UPDATE – In early October, 2016, Go West IT was approved by Microsoft as a Tier One Microsoft Cloud Solution Provider (CSP) and we are actively moving Microsoft cloud customers to this new CSP model to mitigate data privacy concerns associated with 3rd party distributors being granted access to customer data.  Now customers can enjoy the benefits of Microsoft cloud services without granting data access to an undisclosed 3rd party distributor.


Microsoft Office 365 is a solid business platform but Microsoft’s new Cloud Solution Partner (CSP) model has a HUGE security control gap that is bad for Microsoft, bad for Microsoft Partners, and worst of all is bad for business customers.

Microsoft’s initial Office 365 (“O365”) business model was widely perceived as a threat to the Microsoft Partner community.  The traditional reseller model was scrapped.  Partners were asked to promote a relationship whereby customers contract directly with Microsoft and Partners are paid small recurring advisory fee for promoting, implementing, and supporting O365.  Partners got on board, adjusted their business models, and made it work. 

Now Microsoft is eliminating the advisory fee and forcing partners to purchase Office 365 services via a select group of distributors for resale to customers.   That’s good, right?  WRONG!  There are huge security control gaps with CSP.

Microsoft has relinquished Global Admin control of O365 tenants (customers) to their CSP distributors.  The distributors developed software that interacts directly with O365 via APIs to manage license provisioning and end user support.  This gives their front-line help desk personnel full administrative privileges to each O365 tenant they manage.  Neither Microsoft nor the distributors have been able or willing to share any information regarding security controls to mitigate this substantial risk. 

There is a simple resolution to this problem:  Microsoft, as part of a routine vendor management process, should obtain an SSAE 16 SOC II audit from the distributors that describes adequate controls and adherence to the policies and procedures that govern those controls.  The distributors should be willing to provide their SSAE 16 SOC II audit report to Partners at a minimum.  Partners should be demanding this evidence, and should retain copies of the same as evidence of their due diligence. 

Customers are largely unaware of the delegation of rights to their O365 tenant.  Without an SSAE 16 SOC II audit report, customers have no way of providing regulatory agencies, auditors, or insurance carriers evidence of controls to protect their hosted data. This renders the Microsoft CSP model infeasible for any customer organization with a regulatory burden.

Go West IT has firsthand knowledge of a CSP distributor changing a Global Admin credential for an O365 tenant without verifying the identity of the individual making the request.  Go West IT is not aware of any wrongdoing or any breaches of any kind by the CSP distributors.  We do not want that to happen.

Go West IT has proactively discussed this issue with representatives at Microsoft and two of the CSP distributors.  Microsoft, in an effort to make CSP HIPAA compliant, has published directions for how to remove the distributor as a Global Admin.  Unfortunately, doing so also removes the ability to add, change, or remove any licensing via the distributor platforms and thereby makes this “remedy” impractical at best. To date, neither Microsoft nor the distributors have provided any visibility or assurance that adequate controls are in place as Microsoft presses forward with promotion of CSP.

Microsoft Open License software can be purchased with Software Assurance (“SA”) which gives your business rights to new versions of the software released during your SA term.  The initial SA term is two years and it can be renewed after the initial two year term.   There are certain periods of time when this is a tremendous value and now is one of those times.  Any business purchasing Server 2012 R2 or SQL 2012 licensing should absolutely consider adding SA to the order because SQL 2016 will be released on June 1, 2016 and Server 2016 is due out later this year.  For the incremental cost of SA you are in effect pre-buying the soon to be released versions at a HUGE discount.  Talk with your Microsoft partner about when to purchase Software Assurance (SA) or give Go West a call.  We will be happy to give you guidance on they best way to purchase your Microsoft licensing.

Go West IT helps business choose and implement IT infrastructure strategies.  This includes on premise and cloud implementations.  Part of our role is to help customers navigate the unknowns and this is particularly true when it comes to choosing a cloud provider or cloud strategy.

One of our Network Engineers sent an email to our technical staff this morning to let us know the legal team at Amazon Web Services (AWS) has contemplated some scenarios other cloud providers haven’t covered in their terms of service.  If you are worried about how your IT infrastructure might hold up in the event of a zombie apocalypse it is worth a read.  If you don’t have insomnia and a few hours to kill, pay particular attention to paragraph 57.10 near the bottom of the document.


In all seriousness, there are significant differences between cloud providers and it pays to work with a partner like Go West IT with implementation experience across many cloud providers that gives us first hand knowledge of how to choose the right fit for your needs.



Microsoft’s release of Windows 10 has been a success by most measures.  The Windows 10 interface is a good blend of Windows 7 and Windows 8/8.1 and an easier adjustment for users moving from Windows 7 than was the move to Windows 8/8.1  .

Many consumers have already taken advantage of the free upgrade to Windows 10 from eligible operating systems via the “Get Windows 10” app that was automatically installed via Windows Update.  Now the “Get Windows 10” app will start to appear on business computers that are members of a Windows Domain.

Go West IT recommends that businesses instruct employees not to upgrade to Windows 10 on their own.  If your business wants to take advantage of the free Windows 10 upgrade we strongly recommend that you start first by running the upgrade on a small test bed of computers to make sure your all of your hardware and business critical applications are compatible.  Once compatibility is validated we recommend upgrades are planned outside of business hours to avoid idle employees while the upgrades are performed.  Businesses may also want to plan for some employee training or resources to help users adjust for the sake of maintaining productivity.

The free Windows 10 upgrade is available through the end of July 2016.  Many expect the free upgrade timeframe will be extended, but an extension has not yet been announced.  The free upgrade to Windows 10 is a good value for businesses, and Go West IT recommends you plan to take advantage of this opportunity.

Go West IT will be pleased to assist businesses with testing and planning Windows 10 Upgrades.  Our help desk, desktop support specialists, and engineers are all well versed with Windows 10 and can assist with addressing questions and concerns.   Please call our office if you would like to discuss your Windows 10 Upgrade strategy.

Thank you to our Veterans and their families for the service and sacrifices you have made for this great country!

By now many of you have noticed the new “Get Windows 10” upgrade icon in the bottom right corner of your computer screen.  Eligible operating systems can take advantage of a free upgrade to the latest Windows desktop OS when it is released on or about July 29, 2015.  Now you need to decide if you should upgrade.  The answer is yes but businesses should absolutely WAIT to upgrade until you have tested the new OS for compatibility with your line of business applications.  When businesses do upgrade, you should do so systematically to prevent unforeseen issues in your environment and to prevent a productivity hit while users adjust to Windows 10.

We can control the Windows 10 rollout in your environment but it requires that you act now to get ahead of your employees to block the pre-registration, download and upgrade via the “Get Windows 10” icon.

Some of our engineers have been running virtual instances of Windows 10 beta for some time now and I plan on upgrading very soon after it becomes available.  I’m excited about it and I am hopeful it will be a great platform.  Regardless, you should wait to upgrade the computers in your business and when you do upgrade you should have a plan that includes a roll back strategy.

Please just give us a call if you would like to discuss options for delaying the upgrade or developing a strategy to deploy the Windows 10 upgrade.


Twelve years passes quickly when you’re having fun.  End of Life for Microsoft Server 2003 is July 14, 2015.  After this date Microsoft will cease support for the twelve year old operating system.  If your business still relies on a server running Server 2003, you successfully leveraged the initial investment in both the OS and the hardware.  It is absolutely time to upgrade.  It isn’t too late to start the planning but you do need to take action soon.  Take this opportunity to evaluate your needs and set your business up for success today and well into the future.  This may be the perfect time to migrate to cloud platforms or to virtualize on premise servers.  Take a few minutes now to investigate your options and come up with a plan.  If you need help, call Go West.  We can help you make informed decisions about how to position your business for success for the next twelve years.

Server 2003 eol

Along with unveiling details today about the upcoming release of Windows 10, Microsoft announced that Windows 7.1 and Windows 8 users will be able to upgrade to the latest version free of charge within the first year of the release.  This is a clear indication that Microsoft wants to drive quick adoption of this platform by enticing users to jump over and beyond Windows 8.

I am anxious to see if business customers will be able to take advantage of the free upgrade opportunity.  Line of business software providers will need to quickly develop, test, and support the latest OS in order for businesses to make the leap within the first 12 months.  The sooner businesses ask about and press for compatibility, the better.

The move to Windows 10 will likely be easier for consumer users and their familiarity with the new OS, good or bad, will also influence business adoption pace.

Via WordPress.org: “WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.  This presents significant reputational, regulatory, and possibly operational risk to companies that conduct business on WordPress sites.  Websites sites should be updated to the latest version, 4.0.1, as soon as possible.”

Go West IT recommends that you contact your website developer to perform this upgrade, as it may also require that numerous plugins are simultaneously updated to maintain functionality.  If you do not have a web developer please feel free to contact Go West IT for guidance.

Go West IT is honored to be included in the Colorado Biz Magazine 2013 list of Top 250 Private Companies in Colorado.  We are extremely thankful for the continued growth of Go West IT.  We attribute our success to our loyal customers, our  team of dedicated professionals, and a service offering that delivers real value to our customers.Top 250 Private Companies