hosted-landing

Key cyberthreats and trends in 2022 so far

Fri, 23 Sep 2022 10:39:16 GMT

1 - Ransomware continues to terrorize businesses and government organisations

There were 1300 victims of ransomware who had their data publicly leaked in 2020. In the first half of 2021, that figure was already at 1100. This shows an increase of 70% already year on year. Infamous Ransomware groups like CL0p and REvil are reportedly expanding their efforts. Targeted companies are reporting that they were specifically targeted so the attackers could search inboxes and folders for compromising information tucked away in documents and emails.

Trends towards using stolen credentials instead of attacking infrastructure continue. They are also continuing to use tactics that were seen last year, including DDoS attacks and data exfiltration, and threatening to release sensitive stolen data to ensure ransom payments are made.

In 2020 ransomware pay-outs showed the highest growth rate of any cryptocurrency-related crime with total damages estimated as high as $20 billion.

Cl0p and REvil have jointly been responsible for some big headline attacks. These included JBS – the world’s largest meat producer. JBS decided to pay $11 million in ransom however they company still took several days to recover. Apple blueprints were stolen from Taiwan based Quanta Computer. Fujifilm based in Japan was forced to shut down some of its network due to a REvil ransomware attack after some of their systems were infected with Qbot Trojan. Finally, UK clothing manufacturer French Connection were the victim of another REvil attack where stolen data included the passports and identification cards of employees, including the CEO, Chief Operating Officer, and Chief Financial Officer.

2 - Phishing continues to be one of the key vectors of infection

The U.K.’s National Cyber Security Centre’s annual Active Cyber Defence Report shows that phishing scams continue to grow. They have taken down more than 1.4 million URLs associated with over 700,000 online scams.

Microsoft recently announced an ongoing spear-phishing campaign targeting the aerospace and travel sectors. The average loss from being successfully spear-phished is $1.6 million, with 30% of phishing emails being opened and 12% of these leading to users clicking on malicious links.

Phishing scams come in many forms. A recent campaign posing as an email from Walmart requested a reply with an updated address because a package could not be delivered. Those that reply with their address end up verifying their address and open themselves up for future attacks.

3 - Remote workers are under attack

Write a description for this list item and include information that will interest site visitors. For example, you may want to describe a team member’s experience, what makes a product special or a unique service that you offer.

4 - Attack monetisation and insider threats continue to rise

The commitment of cybercriminals to monetise every attack is clearly on the rise. Extortion, based on stolen confidential data is working particularly well for the criminals. Forrester predicted last year that insider data breaches would rise 8% in 2021 and that a third of all incidents will be from internal causes. The latest research from the Verizon 2021 Data Breach Investigations Report confirms this prediction – suggesting that insiders are responsible for around 22% of security incidents. In 2021, a software developer from an unnamed company in Cleveland, Ohio (USA) was arrested and faces charges of allegedly placing malicious code on his employers’ servers. It is alleged that he placed malicious code on production servers causing them to crash. When asked to return his company issued laptop it was found he had deleted encrypted volumes and Linux directories. He had also searched the internet for information on how to hide processes, escalate privileges and delete large folders and files.

5 - Cybercriminals are trying to automate their processes

Automation saves time and increases productivity. Cybercriminals know this and are doing their best to automate their processes wherever possible. Big data tools allow them to find new victims and generate fully personalised spam messages. Cloud services continue to be attacked via more traditional methods including phishing, unpatched vulnerabilities, and poorly configured remote access.

MORE NEWS

What You Need to Know About Migrating Your Company Emails to Office 365

Wed, 21 Sep 2022 11:44:25 GMT

Many business owners share a similar goal: to run their companies as efficiently as possible while maximizing productivity. With that objective in mind, many businesses are making the smart choice to move to Office 365. Doing so will help you cut costs, enhance collaboration with employees and partners, and allow you to access email and files from any device.

Migration may seem like a complicated and daunting task, and to be sure, it involves careful planning and taking the necessary steps. Having the right IT partner can make the process simple, fast, and safe. We can help you make your switch seamless and safe so you can avoid downtime, lost data, and interrupted productivity.

The keys to making the switch are excellent planning, using the right tools and partner for superb execution, and helping your employees adapt to the new environment.

Let’s break down each step.

MORE NEWS

Ransomware Is Evolving, (and so are defenses)

Thu, 01 Sep 2022 12:16:58 GMT

In 2021, ransomware and the tactics that hackers use to carry out attacks are evolving — but luckily, so are the defenses. In recent years, new ransomware have been discovered, including:

Netwalker:

Created by the cybercrime group known as Circus Spider in 2019, this ransomware allows hackers to rent access to the malware code in exchange for a percentage of the funds that are received.

DarkSide:

DarkSide is a recent group that ultimately targets theft and encryption of sensitive data, including backups through RaaS.

Conti:

Conti ransomware uses a double-extortion technique to encrypt data on an infected machine. Attackers from this group usually send a phishing email originating from an address that the victim trusts.

REvil:

Also known as Sodin and Sodinokibi, REvil is a ransomware group that has gained a reputation for extorting larger ransom payments than their competitors, as well as promoting underground cybercrime forums.

Since these newer strains of ransomware behave differently today, there is now a need for alternate methods of detection. Recently defenses have begun to harden, including improved heuristics or behavioral analysis, and the use of canary or bait files for earlier detection.

Additionally, increased effort needs to be put into predicting and anticipating risks rather than the old “detect and respond” approach.

MORE NEWS

Top Ransomware Statistics For 2022

Thu, 01 Sep 2022 12:07:24 GMT

Ransomware is an ever-growing threat to thousands of organisations and businesses worldwide. Since 2016, over 4,000 ransomware attacks have happened daily in the U.S. Here are the top ransomware statistics you need to be aware of today:

This phishing campaign is also notable for its use of a wide variety of domains for its sender infrastructure—another attempt to evade detection. These include free email domains from numerous country code top-level domains (ccTLDs), compromised legitimate domains, and attacker-owned domain generated algorithm (DGA) domains. As of this writing, we have observed at least 350 unique phishing domains used for this campaign. This not only shows the scale with which this attack is being conducted, but it also demonstrates how much the attackers are investing in it, indicating potentially significant payoffs.

Today’s email threats rely on three things to be effective: a convincing social engineering lure, a well-crafted detection evasion technique, and a durable infrastructure to carry out an attack. This phishing campaign exemplifies the perfect storm of these elements in its attempt to steal credentials and ultimately infiltrate a network. And given that 91% of all cyberattacks originate with email, Organizations must therefore have a security solution that will provide them multilayered defense against these types of attacks.

Microsoft Defender for Office 365 detects these emails and prevents them from being delivered to user inboxes using multiple layers of dynamic protection technologies, including a built-in sandbox that examines and detonates all the open redirector links in the messages, even in cases where the landing page requires CAPTCHA verification. This ensures that even the embedded malicious URLs are detected and blocked. Microsoft Defender for Office 365 is backed by Microsoft experts who enrich the threat intelligence that feeds into our solutions through expert monitoring of email campaigns.

You can read further attack analysis on the Microsoft Security Blog

MORE NEWS

Widespread credential phishing campaign abuses open redirector links

Thu, 01 Sep 2022 11:54:49 GMT

Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links. Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking. Doing so leads to a series of redirections—including a CAPTCHA verification page that adds a sense of legitimacy and attempts to evade some automated analysis systems—before taking the user to a fake sign-in page. This ultimately leads to credential compromise, which opens the user and their organization to other attacks.

The use of open redirects in email communications is common among organizations for various reasons. For example, sales and marketing campaigns use this feature to lead customers to a desired landing web page and track click rates and other metrics. However, attackers could abuse open redirects to link to a URL in a trusted domain and embed the eventual final malicious URL as a parameter. Such abuse may prevent users and security solutions from quickly recognizing possible malicious intent.

For instance, users trained to hover on links and inspect for malicious artifacts in emails may still see a domain they trust and thus click it. Likewise, traditional email gateway solutions may inadvertently allow emails from this campaign to pass through because their settings have been trained to recognize the primary URL without necessarily checking the malicious parameters hiding in plain sight.

You can read further attack analysis on the Microsoft Security Blog

MORE NEWS

Windows 365 technical requirements - What are they?

Fri, 12 Aug 2022 12:31:41 GMT

To use Windows 365, you have to have the following requirements:

Licenses need in order to use Cloud PC/Windows 365:

Users with Windows Pro endpoints: Windows 10 Enterprise E3 + EMS E3 or Microsoft 365 F3/E3/E5/BP
Users w/non-Windows Pro endpoints: Windows VDA E3 + EMS E3 or Microsoft 365 F3/E3/F5/BP

Azure subscription

Subscription Owner (setup network connection

Virtual Network (vNET) in Azure subscription

Azure vNET virtual Network must route to a DNS server that can resolve Active Directory records either on-premises or on Azure.

This AD must be in sync with Azure AD to provide hybrid identity in Azure AD

Microsoft Intune supported licenses (e.g. Microsoft 365 E3)

Intune Service Admin

MORE NEWS

Ransomware Attacks - Which Companies Are in the News?

Fri, 12 Aug 2022 12:21:29 GMT

It's estimated that around 5,000 ransomware attacks happen every day.

The figure above is simply staggering and these aren't just small companies who have overlooked their security. Included in these attacks are multinational organisations with multi million pound IT budgets. A ransomware attack really could happen to any individual or any organisation and it only takes one small vulnerability to be exploited for the attack to become a reality.

So which companies have caught our eye this week?

1 - Accenture

On August 11th, CRN reported that Accenture had been hit by a ransomware attack. Michael Goldstein, CEO of Florida-based LAN infotech said "If a $45 billion company like Accenture is vulnerable then everyone is vulnerable.

CNBC reporter Eamon Javers Wednesday first broke the news about the attack in a tweet, writing that the hacker group in a post on the Dark Web wrote, “These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you’re interested in buying some databases, reach us.”

Accenture said “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected servers from back up. There was no impact on Accenture’s operations, or on our clients’ systems,”. The critical thing to note here is that backup was clearly in place and they were able to restore servers quickly.

The attacker used LockBit to attack Accenture's sytems. LockBit is a cybercriminal gang that operates using a ransomware-as-a-service (RaaS) model—similar to DarkSide and REvil. LockBit offers its ransomware platform for other entities or individuals to use based on an affiliate model. Any ransom payments received from using LockBit are divided between the customer directing the attack and the LockBit gang.

2 - US Department of Justice

On 31st July the BBC reported that nearly 30 top US prosecutors had their office's email accounts hacked. 27 US attorneys had at least one office computer hacked.

The hack, which gave cyber-criminals potential access to 18,000 government and private computer networks, was made public last December. Accounts from four New York attorney offices were hit which included 80% of Microsoft email accounts. The department says hackers compromised the accounts as early as May 2020 - some seven months before the SolarWinds hack was made public.

3 - Wealden District Council

Wealden District Council suffered a sustained cyber attack on 14th June.

A report from Cllr Philip Lunn (Con, Crowborough South East), going to next week’s Overview & Scrutiny Committee, describes how on that day the Council’s had about 3,000 attempts to break into their email system. This compares to 20-30 in a typical day.

A brute force attack (also known as brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one. Brute force attacks are simple and reliable. Attackers let a computer do the work – trying different combinations of usernames and passwords.

4 - Transnet SOC Ltd., South Africa’s state-owned ports and freight-rail company

On July 27th, Bloomberg reported that Transnet SOC Ltd., South Africa’s state-owned ports and freight-rail company had suffered disruptions caused by a cyber attack on July 22nd.

“Transnet, including Transnet Port Terminals, experienced an act of cyberattack, security intrusion and sabotage,” it said. “Investigators are currently determining the exact source of the cause of compromise and extent of the ICT data security breach or sabotage.”

5 - Northern Trains

Self-service ticket machines operated by the Northern Trains rail franchise were targeted by a ransomware attack which took many ticket machines offline. E&T magazine reported this on July 20th stating "The operator installed more than 600 new ticket machines across the network earlier this year as part of a £17m scheme to provide passengers with modern touch-screen machines at over 400 stations across the north of England. The servers that operate these ticket machines have now been impacted by the suspected cyber attack."

MORE NEWS

What is Windows 365?

Mon, 08 Aug 2022 12:47:16 GMT

Find out what you need to know about Windows 365

Users want technology that is familiar, easy to use and always available so they can work and create fluidly across devices. Cloud PC makes this possible by combining the power and security of the cloud with the familiarity of the PC. Only Microsoft can bring together the PC and the cloud with a consistent and integrated Windows experience. Introducing Windows 365. Windows 365 is the world’s first cloud PC. With a cloud PC, Windows evolves from a device-based OS to hybrid personalized computing.

A cloud PC is your personalized desktop, apps, settings, and content streamed securely from the cloud to your devices. It enables you to decrease costs while lowering the complexity of your environment as you deploy and manage virtual endpoints in Microsoft Endpoint Manager. No additional virtual desktop infrastructure (VDI) expertise or resources are needed.

In addition, Windows 365 enables you to:

Procure, provision, and deploy in minutes, with optional automated OS updates.
Offers user anywhere access to their personalized Windows desktop experience.
Tailor compute and configurations for an elastic workforce.
Pick up where you left off on the device of your choice.
Optimize experiences on Windows endpoints.
Scale confidently with per-user pricing.

Removes the complexity of traditional VDI deployments

With Windows 365, all the building blocks are automated for you and we make sure that the service scales with you in the most optimized way possible to use Microsoft 365 apps. It is Microsoft’s best expression of Windows and Microsoft 365 and is always secure and up to date.

The Cloud PC can be accessed anywhere from any device and can scale with a user’s changing compute needs, meaning that the user could receive the self-service privileges to release an IT admin from assigning a license that provide more compute resources. The same applies for storage upgrades and Cloud PC reboots, more about this later.

Completely integrated with Microsoft Endpoint Manager

Everything works together with Microsoft Endpoint Manager. From within the Devices blade, you will get access to the Windows 365 – Cloud PC service. Quickly see the status of your environment (e.g. provisioning, connection health, etc.) with the Overview dashboard.

MORE NEWS

Windows 365 is now available for businesses to purchase, here’s what you need to know

Thu, 04 Aug 2022 14:14:47 GMT

Microsoft says that every user's apps and settings will boot instantly from any device - allowing personalised Windows PCs to be accessed from anywhere.

On July 14th 2021 Microsoft unveiled Windows 365 which is promised to “deliver a full, personalized PC experience from the cloud to any device, giving workers and organizations power, simplicity and security for hybrid work.” It’s essentially a “cloud PC” where users can stream a Windows device from anywhere – including tablets and Apple Macs.

Windows 365 offers organisations a greater peace of mind in three key ways:

Powerful

With instant-on boot to their personal Cloud PC, users can stream all their applications, tools, data and settings from the cloud across any device. Windows 365 provides the full PC experience in the cloud. The cloud also provides versatility in processing power and storage, enabling IT to scale up or down, based on their needs. With a choice of either Windows 10 or Windows 11 (once it is generally available later in 2021), organizations can choose the Cloud PC that works for them with per-user per-month pricing.

Simple

With a Cloud PC, users can log in and pick back up where they left off across devices, providing a simple and familiar Windows experience delivered by the cloud. For IT, Windows 365 also simplifies deployment, updates, and management — and unlike other solutions, Windows 365 doesn’t require any virtualization experience. With Windows 365 optimized for the endpoint, IT can easily procure, deploy and manage Cloud PCs for their organization just as they manage physical PCs through Microsoft Endpoint Manager. Small and midsize businesses can purchase Windows 365 directly or through a cloud service provider and set up their organization with Cloud PCs with just a few clicks. Microsoft also continues to innovate in Azure Virtual Desktop for those organizations with deep virtualization experience that want more customization and flexibility options.

Secure

Windows 365 is secure by design, leveraging the power of the cloud and the principles of Zero Trust. Information is secured and stored in the cloud, not on the device. Always up to date and building on the strength of rich Microsoft security capabilities and baselines, Windows 365 simplifies security and recommends the best security settings for the environment at hand.

Pricing(accurate as of 04/08/2021)

Windows 365 is available from as little as £17 user/month and is priced for both business and enterprise plans – you can see the full pricing here:

Business

Enterprise

MORE NEWS

BBC Report: Why remote working leaves us vulnerable to cyber-attacks

Sat, 30 Jul 2022 14:24:26 GMT

"An industry survey found 56% of senior IT technicians believe their employees have picked up bad cyber-security habits while working from home"

In a recent article in BBC Business News

"A cyber-crime group known as REvil took meticulous care when picking the timing for its most recent attack - US Independence Day, 4 July.

They knew many IT specialists and cyber-security experts would be on leave, enjoying a long weekend off work.

Before long, more than 1,000 companies in the US, and at least 17 other countries, were under attack from hackers.

Many firms were forced into a costly downtime period as a result.

Among those targeted during the incident was a well-known software provider, Kaseya.

REvil used Kaseya as a conduit to spread its ransomware - a malware that can scramble and steal an organisation's computer data - through other corporate and cloud-based networks that use the software.

REvil took credit for the incident and claimed to have encrypted more than one million systems.

The group then demanded a ransom of $70m (£50.5m) in Bitcoin for the release of a universal decryption tool that would allow those affected to recover their crucial files.

Hacking experts warn that such attacks are likely to become more frequent, and suggest businesses cannot afford to underestimate the hidden impact the pandemic has had on their vulnerability.

'Bad cyber-security habits'

A recent survey from the UK and US-based security firm, Tessian, found that 56% of senior IT technicians believe their employees have picked up bad cyber-security habits while working from home. Worryingly, the survey found that many employees agreed with that assessment.

Nearly two in five (39%) admitted that their cyber-security practices at home were less thorough than those practised in the office, with half admitting that this is a result of feeling less scrutinised by their IT departments now, than prior to Covid.

"One of the main mistakes we've seen is moving company data to personal e-mail accounts," says Henry Trevelyan-Thomas, Tessian's vice-president of Customer Success.

"When you do that, it's likely you don't have any sort of two-factor authentication. This then makes it easier for attackers to exploit that data. If data is leaked, attackers compromise it and it can end up in the wrong hands."

'Climate of uncertainty'

Experts also warn of a significant growth in the number of coronavirus-themed phishing emails targeting employees, being reported by several companies around the world.

During the height of the pandemic in 2020, network security firm Barracuda Networks said it had seen a 667% increase in malicious phishing emails. Google also reported, at the time, that it was blocking over 100 million phishing emails daily.

"Social engineering and phishing work best when there's a climate of uncertainty," Casey Ellis, founder of security platform, BugCrowd, tells the BBC. "As an attacker in that scenario, I've got a base of fear to work off of."

Mr Ellis says for example, one method hackers may use in a post-pandemic world could be an email that lures victims in with the promise of appointments for those who are currently unvaccinated against the virus.

"You've got an entire population wanting the pandemic to end. They're more likely to click on that," he says. "I think that companies should proactively consider that it's a really good time to invest in training to work through these kinds of scenarios."

The consequences of such phishing attacks can often be dire. While global multinationals may be able to recover from substantial losses, cyber-attacks can be catastrophic for both small businesses and individuals.

In November 2020, a Sydney-based hedge fund collapsed after a senior executive clicked on a fraudulent Zoom invitation. The company - Levitas Capital - reportedly lost $8.7m to the cyber-attack and was forced to close.

"The hackers were able to access their systems, sending out multiple fraudulent invoices, and the damage was so great that their largest client pulled out of a planned multi-million-dollar investment," says Tony Pepper, the co-founder of security firm Egress. "With enough pressure, businesses will fold."

Now, with many employers demanding workers return to the office at least part-time, experts say there are several steps companies should take to ensure that proper security procedures are put in place to keep both themselves and their employees safe.

'Prepare to face the ramifications'

Mary Guzman, the founder of Crown Jewel Insurance, is urging firms to carefully screen personal devices that have been used for work on a remote-basis during the pandemic.

"Before anyone is allowed to use them, or connect to any corporate network, appropriate analysis, and protective measures should be taken to ensure malware is not present," she tells the BBC. "Until that can safely take place, perhaps personal devices should not be allowed back in the office."

Mrs. Guzman says that employers now have two options to consider; they can re-train their employees so they know how to navigate cyber security in a post-pandemic world, or prepare themselves to "face the ramifications are for failing to do so."

Meanwhile, Tessian's Henry Trevelyn-Thomas says that the most important thing is that companies urgently take steps to address threats if they haven't already. He believes the current heightened risk of cyber-attacks is likely to become the new normal.

"This isn't a short-term phenomenon. It's a long-term issue... this is the new world that we live in."

MORE NEWS

The Biggest Office 365 Vulnerabilities

Thu, 28 Jul 2022 16:50:37 GMT

Over 70% of Office 365 business users suffer at least one compromised account each month. Office 365 applications come with some inherent vulnerabilities, especially when admins do not follow proper security measures. These are the biggest vulnerabilities to look out for:

Phishing Attacks

Phishing emails have been around for years, but they never go away – instead they mutate and seemingly live forever. One particularly popular attack is aimed at Office 365 admins. In some cases the phishing emails even appear to come from Microsoft with company logos or Office 365 logos.

“The messages include an HTML attachment that redirects the victim to a phishing site that is designed to look like the Microsoft Office 365 portal. At that point, the victim is prompted to enter their Office 365 credentials, and those credentials are promptly stolen,” writes Microsoft MVP Brien Posey in a Redmond.com column.

These emails, purportedly from Microsoft, ask Office 365 admins to perform an action, often updating billing information. This same attack has a new approach. “Instead of trying to spoof Microsoft in message’s Sender field, the attacker will send the message from another domain that has been compromised. The idea is that because the message comes from a legitimate domain (albeit one that has been compromised), filters will be less likely to block the message. Of course, an administrator who is paying attention can easily verify that the message did not come from Microsoft,” Posey explained.

The Sharepoint Attack

Sharepoint is key repository for corporate data, so needless to say it’s a top target. Experienced hackers are compromising Office 365 accounts and using these accounts to plant malware on SharePoint sites. To make matters worse they then send out link to company clients offering access to business documents.

“These scams have gone as far as adjusting the names and contents of the files to look legitimate. For example, we have seen cases where a malware-laden Excel document was posted on an employee’s legitimate OneDrive for Business shared folder, and that link was sent to all business contacts that had been active in the past six (6) months,” security consultancy TrustedSec reported.

Account Takeover Attacks (ATO)

Account takeovers are the most common form of Office 365 compromise. 71% of Office 365 deployments have suffered an account takeover of a legitimate users account. This is not just once though, on average it happens seven times a year. By hijacking these accounts, hackers have sent millions of malicious junk mails.

The attackers used login credentials stolen through data breaches, and shared across hacker forums. A big problem here is that even old passwords are valuable since many passwords so rarely change. The main culprit is having password set to never expire. The make the most of an attack, hackers watch the activity in the account to learn more about how to inflict the most damage, or steal the most valuable data such as financial information or confidential files.

Ransomware Attacks

Ransomware is on the rise with one attack happening every 14 seconds.

The Cerber ransomware attack hit some 57% of Office 365 sites, spreading throughout the tenant via email and bypassing Office 365 security by using private Office 365 email accounts. This was a variant of a previous attack, and itself the basis on newer ransomware exploits.

KnockKnock alike Attacks

The KnockKnock attack was a novel type of brute force attack. It maybe largely gone, but KnockKnock alike attacks persist to this day. Targets are normally admin accounts that have not been assigned to a particular user.

SkyHigh Networks identified as targets included service accounts (like the ones used for user provisioning in larger enterprises), automation accounts (like the ones used to automate data and system backups), machine accounts (like the ones used for applications within data centers), marketing automation accounts (like the ones used for marketing and customer communication), internal tools accounts (like the ones used with JIRA, Jenkins, GitHub etc.), in addition to accounts set up for distribution lists and shared and delegated mailboxes,” the company said.

“The reason this is so clever is that system accounts, given their purpose, tend to have higher access and privileges than an average account. Moreover, such accounts do not yield well to authentication frameworks like Single-Sign-On (SSO) or Multi-Factor Authentication (MFA) and are also subject to lax password policies. These two aspects help reveal the motivation behind KnockKnock, (i.e. attack a weak-link with the potential for elevated exploits).”

These unassigned accounts are rarely monitored, usually automated and ignored, not protected by two-factor authentication and secured with poor passwords. However, they can still be used to gain access to corporate Office 365 email accounts for phishing, data-theft, and more.

MORE NEWS

What You Need to Know About Migrating Your Company Email to Office 365

Fri, 22 Jul 2022 16:55:59 GMT

Migration may seem like a complicated and daunting task, and to be sure, it involves careful planning and taking the necessary steps. But having the right IT partner can make the process simple, fast, and safe. We can help you make your switch seamless and safe so you can avoid downtime, lost data, and interrupted productivity.

The keys to making the switch are excellent planning, using the right tools and partner for superb execution, and helping your employees adapt to the new environment.

Let’s break down each step.

1. Planning

Every business and its data are unique, and that means every migration is, too. There are lots of variables that can affect the migration, so it’s beneficial to get ahead in planning. We will help you establish a project timeline and set clear expectations about who is handling each task and when it needs to get done. Now is also an excellent time to touch base with key stakeholders to answer any questions.

We will also work with you to take a comprehensive inventory of your data for full visibility into your email environment before you get started. This helps us anticipate and handle potential complications before the migration begins. It also ensures you take stock of all your email files so you can decide which content you no longer need, thereby optimizing your Office 365 experience. After all, you don’t want to pay to move and manage data you no longer need.

As you prepare to move to the cloud, you’ll need to choose a backup solution. Office 365 provides some data protection, but it’s not a fail-safe in the event of lost or corrupted data. Reliable backup helps ensure all files can be restored quickly to minimize downtime and lost productivity.

Many migration tools require manual involvement and management to initiate and sync data — a process that can be cumbersome, time-consuming, and error-prone. But rest assured, we have the expertise and automated tools to make your Office 365 migration go smoothly. We’ll help you create your custom migration plan, which will allow your team to be up and running right away.

2. Migrating

We want to limit disruptions to your business during migration, so we recommend keeping employees’ involvement to a minimum so they can continue performing their regular duties. This will not only reduce stress; it will also help employees buy into the switch to Office 365 as they won’t get bogged down in the technical aspects of it all.

Easing employees’ concerns begins with keeping everyone in the loop. Let them know what they should expect during the move, as well as the timeline of migration activities that may impact them. We offer timely automated communications to ensure everyone has the information and instructions they need to ensure a smooth transition.

There are lots of tasks to be orchestrated at the time of the switch — and we will take care of it all to make sure your email is never interrupted, end users are well-informed, and the impact on your business is minimal.

3. Adapting

By the time you get to Office 365, you’ll want to ensure readiness so your employees can take immediate advantage of its productivity and security benefits. Whether producing a training video, posting the information to your company’s intranet, or simply sending out a company wide email with all the information staff members need – there are many sound approaches to training. Of course, we can help you and your team feel prepared and ready by providing the most useful documentation, resources, and training materials.

Don’t wait to migrate

Migrating your company’s email to Office 365 is an important project that requires careful planning and execution. An experienced IT partner can guide you as you prepare for the switch, ensure that your data is migrated seamlessly with minimal disruption, and help you and your staff get the necessary training so you can be productive in the new environment.

Whether you’re considering or preparing for email migration, reach out and let us know what questions you have and how we can help get you on the path to success.

MORE NEWS

Why Add Cloud Backup?

Thu, 21 Jul 2022 17:09:21 GMT

Why Office 365 Customers Need a Backup Solution

Many business owners using Office 365 believe that their data is totally secure. The reality, however, is a different story. Although Microsoft offers many benefits in productivity, efficiency, and collaboration with Office 365, the company doesn’t provide users with a comprehensive backup system for their underlying data.

Mechanical malfunctions and physical damage, hacking and theft, user error, and power outages all put user data at risk in the cloud. While companies do their best to prepare for these problems, no plan is foolproof, and stories of data loss are far from rare, with the average data breach costing small businesses £120,000. About 32% of companies get hit by data loss in the cloud, with the most common cause being deletion. Although nearly two-thirds of data loss is accidental, 20% is lost to malicious intent, including hackers.

Cloud Backup Saves Data, Time, and Money

Cloud backup can be the difference between a slight blip and a disaster, and it can offer end customers a way to mitigate these risks. Advantage, a managed service provider (MSP) in the U.K., had one customer that didn’t think it needed backup besides Office 365. That was until an employee inadvertently deleted 50,000 files in the accounting department’s SharePoint library.

The information was recoverable in the recycling bin, but this would have had to have been done file by file, which was going to take an estimated six days. Luckily, Advantage had been backing up SharePoint files with Cloud Backup. So the entire folder and all the files were restored within hours — a significant improvement in efficiency. After that, Advantage’s client requested backups for its entire Office 365 tenant as well.

Ransomware is another issue facing SMBs across the globe. Although it has become more sophisticated, many schemes are still simple and catch users off guard. A client of U.S.-based MSP BOAB IT was hit with ransomware in 2016, and the perpetrators wanted £6,000 for the key to unlock the data. Luckily, BAOB IT had deployed Cloud Backup a few months before the attack. So instead of paying the ransom or wasting hours recreating 44,000 encrypted files, the service provider was able to restore all of the customer's files, including every pre-attack version.

The fact is that having only one copy of important data is asking for trouble, whether it’s stored in the cloud or elsewhere. If your data isn’t backed up, you could be facing not only a loss of productivity as you scramble to rebuild, but also a loss in revenue and reputation.

Office 365 is an excellent service that gives you access to your data from virtually any place at any time — and across many devices. As a software-as-a-service (SaaS) built on the industry-leading Azure public cloud, Office 365 offers users high reliability, geographic redundancy, and secure connectivity.

This should not, however, be confused with a comprehensive data protection solution. Microsoft does not back up O365 user data, so it recommends that customers use third-party solutions. Furthermore, Microsoft doesn’t protect data from common issues like file corruption or everyday human error. Nor does it offer a way to easily revert to older versions if something goes wrong beyond their normal data retention policy.

Your MSP can help you evaluate your options in addressing these shortcomings and specifically discuss how implementing a backup solution can be cost-effective and seamless and offer peace of mind.

Cloud Backup Is Easy to Use, and Recovery Is Fast

Not all backups are created equal, however. When looking into a solution that can protect your data stored in the cloud, there are a few fundamental questions you should be asking your vendor:

• What data is actually being backed up?

• How is the backup data being stored and protected?

• How often is data backed up, and how long is each backup version kept?

• How easy is the data restoration process?

Cloud Backup is a flexible, agile, and reliable solution that offers comprehensive data protection across the full Office 365 tenant, unlimited storage and retention of user data, and a hassle-free setup and run experience. And data recovery, when needed, happens fast, which gets your company up and running with minimum downtime.

MORE NEWS

What is a cyberattack?

Fri, 08 Jul 2022 17:54:44 GMT

There are a lot of cyberthreats out there: different attack types and vectors designed to penetrate companies and home users cybersecurity.

While cybercriminals usually pursue specific goals like money, data, or disruption, they use a wide array of malware and vectors of infection to achieve these goals. Good cyber protection and cybersecurity solutions should be able to deal with all of these.

What is a cyberattack?

A cyberattack, on a high level, is a digital assault on a computer, smart device, or network. Cybercriminals use a variety of attack vectors and techniques to compromise and infect the system, and finally achieve their malicious goal.

It is important to distinguish mass and targeted attacks. Mass attacks are usually done via campaigns and involve an “as-a-service” scheme with a broad spectrum of victims. Campaigns can be spam, phishing, mass infection of legitimate sites, and so on. These kinds of attacks are automated and everyone can be a victim. On the other hand, targeted attacks are when the victim was specifically chosen and profiled in advance and such attacks are often performed manually. The most sophisticated targeted attacks are called advanced persistent threats (APTs) and these attacks usually involve many stages, can last for months, and are hard to detect.

All attacks include basic stages: preparation, infection, and post-execution. As you can imagine, if your security solution can’t react to some of these stages, there’s a high risk that the threat will be missed or detected too late.

Cyberattack techniques

Social Engineering

Social engineering is all about the human element. The attacker creates a convincing story that will trick the user into performing certain actions. This is the most dangerous and effective cyberattack technique today. People are always the weakest link in security, because if you’re creative enough you can convince people of doing practically anything. Social engineering can be combined with an account takeover and impersonation attack, making it very difficult to discover. For example, if your boss’s account is compromised, it will be difficult to verify that an email with instructions to open an attachment, was not sent by your boss. That is why even if you properly train your personnel regarding phishing scams, you still need to have a proper cybersecurity solution in place.

Password Attacks

A password attack is an attempt to obtain or use a user’s password with illegal intentions. Cybercriminals can use password sniffers, dictionary attacks, and cracking programs to get a user’s password. While largely useless with two-factor authentication in place, in some cases password attacks can be enough to get bad guys what they want. Password attacks can be prevented by simple common sense (do not tell anyone your password, do not write it down, do not use the same password on multiple services, etc.) and the usage of strong, long passwords or password managers.

Phishing and spear-phishing attacks

Phishing is a technique that employs fraudulent communications (emails, messages, SMS, and websites) that appear to come from a reputable source. The attacker impersonates legitimate service brands in other to use that inherent trust to trick people into sharing their credentials. For example, by creating a page that looks like the Office 365 web portal cybercriminals can steal user credentials in the background. It is a very popular attack technique and often goes hand-in-hand with social engineering. Phishing can lead you to disclose your confidential data (PII, financial data like credit card numbers, etc.), make you install malware, or visit an infected or malicious site.

Spear-phishing has the same goal but is specifically targeted to a person who is typically profiled over social networks in real-life before the attack. Spear-phishing is typically very convincing and hard to recognize unless detected by cybersecurity products.

Drive-by attacks

A drive-by attack is a stealthy and dangerous method of distributing malware. It’s also a good example you can point to with friends who argue against needing cybersecurity by saying “I don’t click on any links and don’t visit any shady sites”.

Typically drive-by works this way: cybercriminals utilize poorly configured or unpatched websites and inject malicious script into one of the pages. Once a user visits the website, this script will exploit a vulnerability in the browser or a plug-in and install malware into the computer. In most cases, these scripts are obfuscated and not easy to detect. These attacks are called drive-by because they don’t require any action on the victim’s part except visiting the compromised website.

Exploitation of a zero day vulnerability

A zero-day vulnerability is a software vulnerability that was not yet known to the vendor when it appeared in the wild and therefore has no patch available. Because of this, there are zero days available to protect yourself by patching. A zero-day vulnerability often comes with a zero-day exploit that can abuse the flaw. It is not easy to detect with average cybersecurity solutions as it requires deep system knowledge and constant monitoring of all applications. Eventually, every vulnerability becomes known, and the hole will be closed with a security patch. The problem is that sometimes it can take months, if not years.

SQL injection attacks

The Structured Query Language (SQL) is very often used in a servers, including web servers. SQL injection means that an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. For example, an attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box and receive all user accounts for this web application.

Cross-site scripting attacks

Similar to SQL injection, cross-site scripting (XSS) is a kind of injection breach where the attacker sends malicious scripts into content from otherwise reputable websites. It happens because poor configuration or vulnerabilities make it possible to attach code into web applications, the malicious code is bundled together with dynamic content that is then sent to the victim’s browser. The exploits can include malicious scripts in many languages including JavaScript, Flash, HTML, Java, and Ajax.

Malware attacks

A lot of cyberattacks involve malicious software (malware for short). As we already explained, malware can get into the system in a variety of ways: downloaded and launched by a user, silently installed through a drive-by, silently downloaded and executed via a vulnerability, and so on..

Man in the middle attacks

Man-in-the-middle (MitM) attacks occur when attackers intercept traffic in order to steal or modify transmitted data: namely login information, passwords, financial data, and so on. The attackers pose as a legitimate service and will pass all traffic like a proxy. These attacks typically take place on unsecured public Wi-Fi networks, where attackers easily can insert themselves between a visitor’s device and the network. Doing so they can install malware or redirect users to a malicious website. HTTPS is believed to help prevent these attacks but this is not true. Simple HTTPS encryption only secures the traffic to the server end, but does not verify the authenticity of the server endpoint.

Source: Acronis

MORE NEWS

Why Office 365 Customers Need a Backup Solution

Fri, 24 Jun 2022 21:15:30 GMT

Why Office 365 Customers Need a Backup Solution

Mechanical malfunctions and physical damage, hacking and theft, user error, and power outages all put user data at risk in the cloud. While companies do their best to prepare for these problems, no plan is foolproof, and stories of data loss are far from rare, with the average data breach costing small businesses $120,000 . About 32% of companies get hit by data loss in the cloud, with the most common cause being deletion. Although nearly two-thirds of data loss is accidental, 20% is lost to malicious intent, including hackers.

Cloud Backup Saves Data, Time, and Money

The information was recoverable in the recycling bin, but this would have had to have been done file by file, which was going to take an estimated six days. Luckily, Advantage had been backing up SharePoint files with Hosted's Cloud Backup. So the entire folder and all the files were restored within hours — a significant improvement in efficiency. After that, Advantage’s client requested backups for its entire Office 365 tenant as well.

Ransomware is another issue facing SMBs across the globe. Although it has become more sophisticated, many schemes are still simple and catch users off guard. A client of U.S.-based MSP BOAB IT was hit with ransomware in 2016, and the perpetrators wanted $6,000 for the key to unlock the data. Luckily, BAOB IT had deployed Cloud Backup a few months before the attack. So instead of paying the ransom or wasting hours recreating 44,000 encrypted files, the service provider was able to restore all of the customer's files, including every pre-attack version.

This should not, however, be confused with a comprehensive data protection solution. Microsoft does not back up Office 365 user data, so it recommends that customers use third-party solutions. Furthermore, Microsoft doesn’t protect data from common issues like file corruption or everyday human error. Nor does it offer a way to easily revert to older versions if something goes wrong beyond their normal data retention policy.

Hosted's Cloud Backup Is Easy to Use, and Recovery Is Fast

Not all backups are created equal, however. When looking into a solution that can protect your data stored in the cloud, there are a few fundamental questions you should be asking your vendor:

What data is actually being backed up?
How is the backup data being stored and protected?
How often is data backed up, and how long is each backup version kept?
How easy is the data restoration process?

Hosted Cloud Backup is a flexible, agile, and reliable solution that offers comprehensive data protection across the full Office 365 tenant, unlimited storage and retention of user data, and a hassle-free setup and run experience. And data recovery, when needed, happens fast, which gets your company up and running with minimum downtime.

MORE NEWS

Why Use Cloud Backup?

Fri, 24 Jun 2022 21:07:14 GMT

Many small businesses are not aware or prepared for the detrimental impacts that data loss can have on their operations. Cloud backup can help mitigate these risks.

Choose Cloud Backup for your backup solution for these reasons:

Complete backup coverage of your Office 365 data - including Microsoft Teams
Most frequent snapshots of Sharepoint and OneDrive data – never lose that version!
Unlimited data retention for your backups – including deleted users
Unlimited storage for your data backups – helps you adapt as your business grows
Industry leading security and privacy policy support - HIPAA and GDPR compliant
Hassle free set up and management – no client-side software installed
Full Cloud to Cloud solution – built entirely on public cloud leader Microsoft Azure

Frequently Asked Questions

MORE NEWS

The Most Common Causes Of Data Loss

Fri, 24 Jun 2022 18:49:00 GMT

Data loss affects 32% of businesses, with accidental or malicious deletion accounting for 71% of situations.

The most common causes of data loss are:

Human Error
Viruses, Malware & Ransomware
Hard Drive Damage
Power Outages
Computer Theft
Liquid Damage
Disasters
Software Corruption
Hard Drive Formatting
Hackers and Insiders

Human Error

Human error is one of the greatest causes of data loss be it accidental or malicious. In fact accidental or malicious deletion accounts for 71% of data loss. Without realising what they've done, employees can overwrite or delete important files and information. Nobody's perfect, or should that be "pobodys nerfect"? Human error can also involve data loss or damage through hard drive damage, liquid spills, software corruption and hard disk formatting.

Viruses, Malware & Ransomware

It's well known that viruses and malware can cause data loss - often catastrophic. Huge chunks of data can be deleted or held to ransom - often the only answer is to pay the ransom demands too. Emails or downloaded files are the most common causes of viruses or malware to find their way onto a computer or network. Anti-malware / anti-virus software should always be active, but threats evolve all the time. Regularly backed up data is the only way to guard against total data loss.

Hard Drive Damage

Hard drive damage is a significant cause of data loss. Hardrives are fragile, particularly those with "spinning disks". Around 140 thousand hard drives crash every week. 60% of these are due to mechanical issue and the other 40% are due to human mishandling or misuse.

Power Outages

Unless your building has a backup power supply or a UPS, a power outage can mean a significant business interruption. Unfortunately, shutting a system down without warning can result in loss of unsaved data and damage to hard drives which in turn means loss of data. Needless to say, regular backup can help protect your data and battery backup/UPS can protect from power surges or power cuts.

Computer Theft

With so many employees now using a laptop rather than a desktop, theft and or loss of a device is all too common. Around 25% of IT theft occurs from cars or on public transport. 23% takes place in the office, 15% in airports and hotels and 12% in restaurants. On top of losing the hardware, the threat of a data breach is also significant and potentially far more costly than the loss of the hardware.

Liquid Damage

Although it sounds really obvious, liquid damage is still common place and now on the rise due to more people working from home. Serious ingress of water can cause a short circuit making it very difficult to retrieve data. Corrosion inside the computer can often take some time, so often it may appear that no damage has been done. Unfortunately the corrosion takes time as the metals and acids/alkalines react together so computers may start to mis-behave some weeks or months later and then eventually stop working at all.

Disasters

"It'll never happen to me" isn't that what we all think? Unfortunately "it" has to happen to someone and fires, floods, explosions and other natural disasters can destroy a business, literally. 93 percent of companies that lost their data center for 10 or more days from a disaster filed for bankruptcy within one year. Because natural disasters can destroy a company’s technology entirely, it is often not possible to recover data lost due to a disaster. This is why it is so crucial to back up data in a remote location that cannot be compromised by a local disaster.

Software Corruption

Improper shutdowns can corrupt your data or delete your progress, wasting time and losing valuable data. Once software is corrupted, it may become impossible to run and data may well be trapped inside. Programs need to be shutdown properly before a computer can be shutdown to avoid potential data loss.

Hard Drive Formatting

Formatting a hard drive can mean instant data loss. Sometimes there is a way to undo the damage, but it really depends how it's been done. While accidentally reformatting a hard drive can lead to panic when files and documents can no longer be accessed, you can often recover lost data from hard drive formatting by running a data recovery software.

Hackers & Insiders

Hackers can gain access to your data in a variety of ways. Using servers with poor security, not having adequate firewalls/network security and using easily guessed/hacked passwords. The unfortunate truth is that data is sometimes stolen or compromised by employees themselves or other insiders.

MORE NEWS

Microsoft 365 is more than just Word and Excel!

Sat, 18 Jun 2022 21:28:14 GMT

I think we can all agree, modern day businesses wouldn’t be able to function without the well-known Microsoft products such as Word, Excel, PowerPoint, OneNote, Publisher and Outlook. But are you aware of all the fantastic apps and services that are now available through Microsoft 365?

Microsoft have gone above and beyond in designing new apps and services that will streamline your business and make sure your employees work more efficiently.

Here is a complete list of Microsoft 365 apps and services that are available to users as of 18/06/2021.

E-Mail
OneDrive
Microsoft Teams
Microsoft Editor
Microsoft Family Safety
Microsoft Stream
Exchange Online
SharePoint Online
Power Apps
Power Automate
Power BI Pro
Microsoft Planner
Microsoft Forms
Microsoft Sway
Delve
Project
Yammer
MyAnalytics
To-Do
MilelQ
Bookings
Microsoft Lists
Kaizala
Whiteboard
Workplace Analytics
InTune
Azure Information Protection

You probably recognise a couple of the services, but I know what you’re thinking…

“How am I supposed to know which ones will be a benefit to my business?”

That’s where we come in, your dedicated account manager will take the time to listen to your requirements and will put together a bespoke package designed specifically for you and your business.

What makes Microsoft 365’s fantastic offering even better, is that when you subscribe to Microsoft 365 apps and services, you get away from the need of big one-off license costs only to have to re-purchase the latest version 2 years down the line. Microsoft 365 apps are always kept up to date with the latest features, bug fixes and security patches to ensure you’re always using the best-in-class software, without the buggy niggles or the security threats that evolve in this ever changing landscape of technology.

Contact a member of the team for your free no obligation quote!

03330323333

support@hosted.co.uk

MORE NEWS

What Is "The Cloud"?

Sat, 18 Jun 2022 21:23:17 GMT

Ok, you might have guessed it but the term “the cloud” in the technology world has nothing to do with the white fluffy things in the sky. Put simply, “the cloud” refers to software and services that run on the Internet, instead of locally on your computer.

Cloud services are more common than people think, and a lot of individuals use them in their everyday life without even realising! Some common cloud services include Netflix, Google Drive, Disney+, iCloud, OneDrive, NowTV and much more!

The advantage of the cloud is that you can access the information on any device providing you have an internet connection. It’s what allows you to make edits to documentation you need for a meeting that you forgot about from the comfort of your own home, and then pick up where you left off when you get to the office.

However, with anything, The Cloud does have its downfalls. It’s important to remember that, because all your information lives online, there is always a risk of it getting into the wrong hands. Just as worse in some cases, accidentally deleted! Here at Hosted, we have lots of service offerings to help protect our customers from online threats as well as ensure their critical data is always backed up, in a simple and cost-effective way.

For more information on how Hosted can support your business, please contact a member of support team today.

support@hosted.co.uk

03330323333

MORE NEWS

What is a data breach?

Wed, 15 Jun 2022 21:41:51 GMT

A data breach exposes confidential and sensitive information to unauthorised individuals who then share the information online without your permission.

Hackers don’t discriminate, we are all at risk. They can get to you through the internet, a telephone call, Bluetooth, text messages, online services that you use and much more. We’re all at risk and could potentially experience huge complications from having our sensitive information exposed.

Usually, data breaches happen due to weaknesses in:

· Technology

· User behaviour

New technologies are being created every day. As our mobiles, computers and tablets get more applications and features, we are widening the gap for our data to slip through.

There are lots of ways we can help to protect yourself and your business against hackers, enquire through our website today or contact a member of the team for more information.

MORE NEWS

50% of UK businesses 'are leaving data at risk' - ITPRO

Tue, 14 Jun 2022 22:23:46 GMT

"Our research shows that almost four million UK businesses are vulnerable to data loss from single events and could potentially become unable to operate"

Sonia Blizzard, Beaming's Managing Director

In 2018, Internet provider “Beaming” conducted a study of 514 UK businesses and found that companies are still failing to follow best practices when it comes to protecting their data against hardware failure and/or cyber attack.

The 2018 survey showed that 17% of all respondents did not back up their business data at all. This figure was dominated by smaller businesses of less than 10 people. The figure for medium businesses of between 50 and 249 employees was much lower at 2%.

However, with nearly 50% of survey respondents saying their backups were kept elsewhere in the same building, there is still clearly a huge problem with many companies disaster recovery plans. Scaling these numbers up highlights that around 4 million UK businesses are not following best practices.

Fast forward to 2021 and the UK is emerging from lockdown(hopefully for the last time). With so many people working from home(including IT teams) how have businesses managed their data and backups?

There are a number of risks to having so many people away from the office. Traditional tape/disk backups that previously left site every day have most likely in many cases not left site at all or the backup has failed.

Those with a more sophisticated backup strategy may have faired better, but many laptops are being used at home with no backup at all leaving them vulnerable to malware and ransomware attacks, data corruption risks, accidental deletion, hardware failure, viruses, theft and liquid ingress(yes it still happens to laptops).

MORE NEWS

Skinners' Kent schools closed after data breach

Sat, 11 Jun 2022 21:51:52 GMT

Skinners' Kent Academy and Skinners' Kent Primary School have been forced to close after hackers broke into their servers stealing data and encrypting pupil information.

Officials at he schools said “they cannot be sure” exactly what information hackers have accessed.

Parents have been urged to contact their banks to let them know that personal information has been compromised.

An investigation is currently underway with the involvement of both Action Fraud and the National Cyber Security Centre . It does appear that the School Information Management System, which is where personal records for pupils, students and staff are held has not been accessed. This data has however been encrypted which would make it almost impossible to get back.

The decision to close the schools on Monday was based on the vital emergency contact information on the pupils no longer being accessible.

A spokeswoman from the trust described the hackers as "sophisticated" and also added "The trust is working incredibly hard to ensure that our students and pupils are back in our schools.....as soon as it is possible to do so."

MORE NEWS

What to Expect post COVID-19 Pandemic

Fri, 10 Jun 2022 21:47:29 GMT

For the vast majority of businesses, in the last month, we have been moving back into our office environment away from the comfort of our homes. As the spread of COVID-19 eases and work ‘normal’ we need to ask ourselves as business owners – what happens if something similar happens again?

Do you have a policy in place to protect your data? Whether working from home, the office or your local Starbucks - can you categorically manage and identify who is accessing files, sharing and removing your intellectual property?

Can you ensure that home workers are your workers? Implementing SASE based solutions, 2FA and other solutions ensures that your data is kept ring fenced plus gives a more efficient environment for your work force.

Ask yourself these three key questions:

Where is your data?
Who can access your data?
Can you account for all files and file access remotely?

As a business owner it is paramount that you know your metrics and how your business ticks. More importantly where your client information is and who is accessing it! Hosted can provide a layer of protection and security that removes malicious intent, protects valuable data assets and monitors who is accessing that data- PLUS, learn what they are doing with that data!

Want to know more? Give us a call and we will show you how to simply yet securely manage your data assets without getting too ‘techie’ and overly complicating your experience.

MORE NEWS

Working From Home - An ICO Security Checklist For Employers

Wed, 25 May 2022 22:39:15 GMT

The need for employees to work from home has increased for most companies. IT solutions need to be used as securely as possible.

The ICO has produced the following checklist to help you identify some common IT vulnerabilities.

General principles

We have clear policies, procedures and guidance for staff who are remote working. These include topics such as accessing, handling and disposing of personal data.
We are using the most up-to-date version of our remote access solution.
Our staff have been reminded to use unique and complex passwords.
We have checked if multi-factor authentication is available and configured it where possible.

Bring your own device (BYOD)

There are different approaches to facilitate home working and each has its own security considerations. See our comparison to help you decide which is the best option for your organisation.

Cloud storage

Corporate cloud storage solutions allow users to access data away from the office on any device. They can also help prevent staff from using their own personal storage or messaging services, which can present additional risks.

Our cloud storage is not set to public or accessible without a username or password (or other type of authentication).
Only key staff have been given full access to the storage area. All other staff have been given read, write, edit or delete permissions where appropriate.
We are not using any default root or administrative accounts for any day-to-day activities, and they are appropriately secured.

Remote desktop

Attackers will often try to access remote access solutions using well-known privileged accounts, such as an administrator account.
We have created generic usernames for our privileged accounts and disabled any built in or default administrator accounts where possible.
We only allow remote access connections for staff that require it.

For long-term strategies you should consider if your remote access solution should be behind a gateway or virtual private network (VPN). Short-term fixes can be applied, for example by changing the listening port of your remote access solution, but this should only be viewed as a temporary measure.

Remote applications

Remote application solutions give staff access to the corporate applications they need whilst working from home. This can help prevent staff from using their own personal applications to process personal data.

Our remote application solution does not allow access to Windows administrative tools such as PowerShell or Command Prompt.
Our remote application solution does not allow access to shortcut keys or help keys that could be used to open non-authorised applications or features.
Plain text usernames and passwords are not included in any files, folders or scripts.

For long-term strategies, as with any solution, you should look at best practices and guidance in the field. Many of the manufacturers’ best practices can be applied universally to any solution, for example server hardening and network segmentation.

Emails

As more staff will be working from home there will inevitably be an increase in email as a method of communication.

We have reviewed and implemented the NCSC guidance on defending against phishing attacks. You can access it here.
We have either blocked the ability to add forwarding rules to external email addresses or have a method in place to detect forwarding rules.
We have advised staff to use corporate email solutions and not rely on their own email or messaging accounts for the storage or transmission of personal data.

MORE NEWS