Dropbox logo

Dropbox passwords reset after 2012 hack!

By | Blog | No Comments

A Dropbox security breach in 2012 has affected more than 68 million account holders, according to security experts.  Last week, Dropbox reset all passwords that had remained unchanged since mid-2012 “as a preventive measure”.  In 2012, Dropbox had said hacks on “other websites” had affected customers who used their Dropbox password on other sites too, but now what purports to be the details of 68.6 million Dropbox accounts have emerged on hacker trading sites.

Dropbox sent out notifications last week to all users who had not changed their passwords since 2012. The company had around 100m customers at the time, meaning the data dump represents over two-thirds of its user accounts. At the time Dropbox practiced good user data security practice, encrypting the passwords and appears to have been in the process of upgrading the encryption.

The hack highlights the need for tight security, both at the user end – the use of strong passwords, two-step authentication and no reuse of passwords – and for the companies storing user data. Even with solid encryption practices for securing users’ passwords, Dropbox fell foul of password reuse and entry into its company network.  If you have any security concerns or questions, please talk to us.

Two people sat at a table

Four steps to creating a Business Continuity Plan

By | Blog, Business | No Comments

So, it’s time to create a Business Continuity Plan or to revise your current plan, but where do you start? Your plan can be as simple or comprehensive as you desire but remember – the simpler it is, the more flexible it will be. Here are the four steps you need to follow:

Identify threats or risks

First of all, take a look at the risks that will leave your employees, customers, vendors, property and operations vulnerable. Then weight the probability of each event against its potential impact to your business, as well as your readiness to respond. Consider the following factors:

Historical – what has happened in your area, to your business or operations before? Geographic – are you in a flood plain, near an airport or forest, on the coast or in the city centre. Physical – is there something about the layout or construction of your premises that might make your business particularly susceptible to a certain event? Organisational – certain industries are particularly susceptible to certain events e.g. strikes and or human error etc. Look closely at your employee, operational or technological infrastructure. Regulatory – this will actually help your process, i.e. is your specific business/industry required to prepare for any hazards?

Conduct a business impact analysis

This part of the process is about identifying the people, places, suppliers, processes and infrastructure critical to the survival of your business.

What are your products and services? Prioritise your most crucial products and services. Who is involved internally and externally? Key members of staff, agencies, suppliers who are absolutely necessary to restore critical operations.

At the end of this process you should have a list of items, prioritised by need to restore each after the event. It’s all about what has to be restored straight away and what can wait a week, month or a few months.

Develop your strategy/plan

Now you are getting to the nitty-gritty of your plan. It will list contact numbers, resources and procedures. This ‘how-to’ should include step-by-step instructions on what to do, who should do it and how. List each responsibility and write down the name of the person assigned to it.

Then keep all the information together and give one to each of your key members of staff. Also keep copies securely off-site e.g. at home.

Test, exercise and improve your plan routinely

A business continuity plan is ever-evolving and should adapt to your company’s ever-changing needs. Test and update it regularly – at least annually – or whenever critical functions, facilities, suppliers or staff change. It’s important that your staff understand their roles in the execution of the plan. The key is to ensure the plan works as intended.

If you have any questions or concerns over disaster recovery and business continuity, please contact us for advice.

Birdseye of three people at a desk

Business continuity planning – what happens if an entire system goes down?

By | Blog, Business | No Comments

You probably already know the importance of protecting your data, and have a backup process in place, but having a backup solution is only one piece of the bigger puzzle when it comes to business continuity planning. According to 2015 statistics from Infrascale, based on a collection of industry surveys, the average time it takes for a business to recover from a disaster is 18.5 hours. Even for a small company, this could be a substantial cost! Downtime can be a result of a natural disaster, hardware failure, data loss, security breach, server outage, or anything that touches your business operation. Often, there’s no way to predict when and how downtime will occur, but it can have catastrophic effects on your business.

The focus is often on the IT services and systems but true business continuity planning looks at the operations as a whole for a business. Business continuity planning is a way to continue business operations outside of normal systems, processes and procedures. For example, a basic backup system works well if someone deletes a file and needs to retrieve it, but what happens if an entire system goes down and how can you keep working?

With the emerging dominance of cloud based systems, business continuity plans are changing to reflect the reliance on internet connectivity, as well as offering viable alternatives to traditional systems. If a businesses core data and applications were cloud based, mobile workers could be quickly relocated and the business could still continue to operate. This does then raise the question of what happens if the cloud services are unavailable for a period of time so a balanced and measured approach should be taken.

You can prevent problems before they happen, minimize potential downtime and prepare for when issues occur! If you have any questions or concerns over disaster recovery and business continuity, please contact us for advice.

 

Laptop security logo

Have your webmail credentials been breached?

By | Blog | No Comments

During the last week, the BBC has been reporting that several popular webmail providers are investigating a report that millions of their users’ login details are being shared online by a hacker. Google Gmail, Yahoo Mail, Microsoft Hotmail and Mail.ru are among the services said to have been affected. The security firm (Hold Security) that flagged the issue said that it believed many of the usernames and passwords involved had not been leaked before, however, it is not clear whether users’ accounts have actually been breached.

 

Hold Security said it had obtained a total of 272 million unique pairs of email addresses and unencrypted passwords from the hacker, 42.5 million of which the company had not seen in earlier leaks.

 

Even if many of the credentials are out of date or inaccurate they could still be abused, the company warned. Microsoft said it had measures in place to identify compromised accounts. “[We would require] additional information to verify the account owner and help them regain sole access,” said a spokesman. Google said: “We are still investigating, so we don’t have a comment at this time.” And Yahoo added: “We’ve seen the reports and our team is reaching out to Hold Security to obtain the list of accounts now. We’ll update going forward.”

 

If you have any questions or concerns about email and internet security, please contact us for advice.

Windows 10 logo

The end of the free Windows 10 upgrade?

By | Blog | No Comments

When Microsoft launched Windows 10 on the 29th July 2015, they announced that it would be a free upgrade to users of Windows 7 and 8.1 for the first year.  With the 29th July 2016 rapidly approaching, some firms are still debating whether to upgrade from their legacy operating systems.

 

Windows 10 is certainly a step forward from Windows 8, the OS is clean and familiar, like it was on Windows 7 and its predecessors.  It’s easy to understand, plus it has a wealth of new, helpful features that you’ll actually want to use.

 

Since its launch, Microsoft have seen more than 200 million active devices running Windows 10, and they say that they’re very confident in the server and network infrastructure to continue to successfully upgrade more customers to Windows 10.  Clearly Microsoft are eager to get as many people as possible to migrate away from Windows 7 and 8.1 and move to Windows 10, which has demonstrated by their aggressive pushing of the upgrade. The launch of Windows 10 was revolutionary. We’re not just talking about features and changes — this was the first version of Windows to come without a price tag. Windows 10 for free!  And it’s a tactic that paid off.  Microsoft tells us that this is the most successful version of Windows yet, with unprecedented rates of take up.  But all good things must come to an end.  For those who decide not to upgrade before the 29th July 2016, you will be able to purchase Windows 10 through the Microsoft Store or Microsoft retail partners.

 

If you are still thinking of upgrading and have any questions on Windows 10, please contact us for advice.

Ransomware on a laptop

What is Ransomware?

By | Blog | No Comments

Security firms are this week warning about a sudden “huge” surge in junk email messages containing ransomware, but what is ransomware? Ransomware are computer viruses that threaten to delete your files and data unless you pay a ransom.

 

Like other computer viruses, it can find its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it; most commonly it arrives in the form of a phishing email, or spam, or a fake software update – and the recipient clicks a link or opens an attachment. The virus then sets to work encrypting the user’s files; it’s a malicious virus that locks the user out of their computer and demands a fee to return their files. Security experts have warned that ransomware is the fastest growing form of computer virus.

 

Ransomware typically propagates as a trojan, entering a system through, for example, a downloaded file or a vulnerability in a network service. The program then runs a payload, which typically takes the form of a scareware program. Payloads may display a fake warning purportedly by an entity such as a law enforcement agency, falsely claiming that the system has been used for illegal activities, contains content such as pornography and “pirated” media, or runs a non-genuine version of Microsoft Windows

 

To avoid falling victim, companies should ensure that their security protection is up to date and should regularly back up their data so it can be restored in the event a machine does get infected. If you have any questions or concerns over your current security and or backup systems, please contact us for advice.

BT Logo

BT to open up cable network to rivals

By | Blog | No Comments

Communications watchdog Ofcom has said BT must open up its cable network and allow competition to improve UK internet connections. The regulator has so far stopped short of demanding a complete break-up of BT, but said this was still an option.

Ofcom also said there was a digital divide in the UK between those with the latest technologies, and those without; it has proposed that decent, affordable broadband should be a universal right. Rivals had called for a split between BT and its Openreach operation, which runs its cables, fibre and network infrastructure.

Companies such as Sky, Vodafone and TalkTalk, who pay to use the network, say that BT underinvested in Openreach, leading to a poor service with interruptions and slow speeds. Now BT will be told to allow easier access for rivals to lay their own fibre cables along Openreach’s telegraph poles and in its underground cable ducts.

Do you have any questions over your current internet connectivity? Looking for an improved connection?  Please contact us

Storage centre image

Data storage under the sea?

By | Blog | No Comments

Microsoft has come up with a radical new way to store data – under the sea. Testing of the firm’s first underwater data centre – dubbed Leona Philpot after a character in an Xbox game – has just been completed in an initiative called Project Natick.

 

Data centres are believed to consume up to 3% of the world’s electricity, according to researchers, and large technology firms are keen to find energy efficient ways to store their increasing amounts of data.

 

Microsoft said its reasons for experimenting with underwater data centres were twofold. Firstly, half the world’s population is located within 125 miles (200km) of the coast so data centres in the sea would reduce latency – the time its takes data to travel from its source to customers. But there were also environmental reasons for the trial. Putting the data centre in the ocean eliminated the need for cooling and, in future, if such centres could be colocated with offshore renewable energy sources, they could also produce zero emissions, according to Microsoft.

 

Although storing data under the sea is a little extreme, if you do have any concerns or questions over your current data storage, please contact us

Simon Lewsley At Desk

IT jobs taking up staff time? Get an IT professional

By | Blog | No Comments

Often IT is seen as a black hole for costs with no tangible direct benefit to the business, more a necessary evil than a key tool of business! To help with these costs, often certain roles will be assigned to an admin person or often someone who knows a little about computers at home. These people generally don’t have an interest or experience in IT, but because they are salaried, the cost of them doing the IT work is hidden. Not only this but people are generally employed with a specific role, if the accounts manager is setting up a new user, which accounts jobs are not being done as a result?

 

Getting an IT professional to complete these tasks is more efficient and will ensure compliance for your IT systems. Although human error exists, it’s less likely to happen with someone who is frequently completing these required actions. It will only take a setup being done incorrectly to grind the network to a halt. The cost for this downtime is usually not calculated and it will only take one to justify the cost of an IT professional.

 

Contact us if you want to have a chat about freeing up your staff today.

Five people working at a desk on laptops

It pays to know your backup position and disaster recovery plan!

By | Blog | No Comments

In most organisations, the backups of the IT system are often handled by an administrator who will often change a tape or storage device. This is often done in a well scheduled manner and without fail. Because the tape is changed, that means you’re protected right? Wrong! What if your backups go into the cloud, does it means it’s someone else’s responsibility? No!

Who actually has responsibility for the backups? Who has visibility of the backups? If the answer is ‘no one’ or ‘we don’t know’ then you may be at risk!

As a decision maker, you may ultimately be responsible for the backups completing, and aside from this, they should form part of your disaster recovery plan. These plans don’t have to be expensive, and can be more a proactive set of processes of how to deal with minimal or no system access. At the very least, ensure your backups have test restores completed so you are sure they will work if and when you need them.

Speak to us before it’s too late!