Date:

Author

Category: Ransomware, IT News, IT Security, Latest.

We all know that ransomware and phishing are huge challenges facing all businesses during normal times, but just to kick us when we’re down, there are scammers out there targeting our businesses on the back of the coronavirus whilst we are all extra vulnerable.

Remember, SMEs are the victims of 43% of all data security breaches, with some forced to close as a result of a ransomware attack. The loss of core IT infrastructure, essential data and business confidence forces clients to go elsewhere, and never has utilising that infrastructure, to keep business going, been more important.

I expect we’ll start to see companies approached by criminals to exploit the uncertainties and panic they’re feeling over their cashflow stopping and their struggle to keep their businesses going.

Businesses are desperate for detail, what will happen, when, what money they’ll get and how. So, any information will be jumped on and business owners everywhere may not think to stop and check it’s a legitimate source. One unconsidered click and you could be subject to a ransomware attack, corrupting all your data on top of all the other challenges.

That being the case it’s far better to take sensible cybersecurity measures to prevent a ransomware attack from succeeding in the first place. The Government’s National Cyber Security Centre provides great online advice to protect businesses from cybercrime.  So, rather than frightening ourselves instead, let’s focus on what we can do to protect ourselves and our teams.

  1. Ignore online offers for vaccinations and home test kits. There are currently no vaccines, pills or over-the-counter products available to treat or cure coronavirus disease 2019 (COVID-19) — online or in stores
  2. Watch out for emails with attachments claiming to provide CV19-related information. For the most up-to-date information about the coronavirus pandemic, visit https://www.gov.uk/coronavirus. Other useful sites include and the World Health Organisation or WHO (https://www.who.int/) and Centres for Disease Control and Prevention or CDC (https://www.cdc.gov/)
  3. Watch out for texts and emails claiming to be HMRC, UK Government, or other official organisations; asking for bank details so that money can be transferred directly into your bank account or asking for a payment (e.g. an “admin fee”) in order to hand over a much larger amount of money. The details are still being worked out.  Anyone who tells you they can get you the money now is a scammer. Valid information can be found at:
  1. Never click on a link or an attachment unless you’re certain that it’s safe. This is exactly what the criminal is trying to get you to do, so be absolutely,100% sure that it’s genuine. If this takes some investigation such as a phone call to the sender, it’s well worth it
  2. Add Multi-Factor Authentication (MFA) which will add an extra secure layer to your email account on top of usernames and passwords and makes it almost impossible for hackers to intercept.

And most importantly, share this information immediately with all your staff so they are all vigilant and don’t inadvertently create an additional major challenge for your business.

If you’d like our help to improve your defences against cybercrime or any other aspect of IT or telephony support, call us NOW on 03300 886116 or email info@pcsupportgroup.com

 

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: Business Continuity, IT Support.

Downtime is one of those words that every business owner and manager just dreads to hear.

When some or all of your people can’t access core IT systems and data, it’s always bad news – for relationships with customers, for productivity, for morale and, ultimately, for the bottom line.

But in the manufacturing and engineering (M&E) world, the downtime discomfort is doubled and the numbers that result can be, well, eyewateringly large.

Are you sitting down?

Research shows that the average manufacturer experiences 800 hours of downtime per year – or more than 15 hours per week.  For the average automotive manufacturer, one MINUTE of downtime costs almost £18,000.

Of course, the precise damage and cost of unplanned downtime depends on many factors and varies from one business to the next. Hopefully, your downtime costs don’t come close to those of our automotive friends.   But even losing a few hundred pounds per hour could make the difference between profit and loss on a job.  

And downtime can have horrible knock-on impacts, with expensive machinery lying idle,  inventories becoming depleted, staff abandoning other important tasks to understand the implications of the downtime and then advise customers of delivery delays and not to mention supply chain management.   Your reputation for reliability and great service, hard-earned over many years, is suddenly under immediate threat.

Running an IT and telephony support business as I do, I’d love to be able to say that unplanned downtime is 100% avoidable! The reality is that it’s very difficult to prevent every conceivable cause of downtime. Occasionally even the best technology fails and human error is always a possibility.

Faced with a challenge like this, you have to get practical – very quickly! What do we do about this then? Well, here are some key things that manufacturing and engineering businesses can do to minimise unplanned downtime – and even planned downtime too:

  1. Understand the risks and potential costs to your business of downtime
  2. Create a strategy and action plan to proactively manage all aspects of your IT
  3. Put a disaster recovery plan in place
  4. Organise regular automated backups
  5. Regularly check your backups
  6. Monitor and update all your devices and systems.

The thing is, for most businesses with limited IT resources and expertise,  the most efficient and cost-effective way of ensuring that these tasks are completed and checked is to work with a trusted IT service partner with specific technical expertise and management skills.  One that understands your business essentials, such as speed of response, proactive support and the importance of security, and is familiar with the M&E sector too, in particular the vital role of reliable IT, in your ERP and MES environments for example – and where your vulnerabilities may lie.

Although there are costs involved, as there are engaging with any supplier, these are usually very reasonable, while the impact of not making this investment can be huge.

Just one more tip: Make sure your prospective partner offers flexible terms so that you can quickly and easily go elsewhere if you need to – beware those businesses that want to tie you down to long contracts with onerous terms!  To help you find the right IT service provider for your business, we’ve also created this helpful guide.

If you’re concerned about the impact that downtime could have on your business and what you can do to prevent it, email us on info@pcsupportgroup.com or call us on 03300 886116 for a confidential chat about how we can help.

www.pcsupportgroup.com

Date:

Author

Category: IT Security, IT Support.

The Fourth Industrial Revolution is providing a world of opportunities for UK manufacturing and engineering (M&E) businesses. In particular, the increased use of automation and computer-controlled manufacturing techniques means that IT systems have evolved to become a mission-critical part of all M&E businesses.

Despite economic and political turbulence, UK M&E businesses are investing in the future, contributing almost 70% of total UK spend on research and development and maintaining our reputation as a global centre of manufacturing and engineering excellence.

But it’s never been more important for M&E businesses facing unique security challenges to protect themselves, their people, their intellectual property and other trade secrets from cybercriminals. Manufacturers with large, dispersed operations, MES systems, ERP software, hand-held RFID devices, and collaboration tools that lack security features, are vulnerable to hackers looking to extort businesses owning valuable brands, inventions or designs.

Research by Make UK, formerly EEF, shows that some firms are largely unaware of the threat and lack basic security measures. Its 2019 statistics show that 65% of its members had been attacked, with 27% suffering financial or other losses, while 33% do not train staff in even basic cybersecurity.

The most effective cybersecurity systems have multiple layers of protection – and a key defence as part of that mix that I believe is essential for all manufacturing and engineering businesses is Multi-Factor Authentication (MFA). When you log in to your online bank, enter your email or username and password, you’re then asked for another code – that’s MFA. It adds an extra security layer, or ‘factor’, on top of usernames and passwords which, as we know, are often not strong enough.

MFA provides a unique, time-limited code via a hand-held device, such as PINsentry from Barclays, that’s almost impossible for hackers to intercept. Even if the criminal has a stolen email address, username, and password, MFA keeps data safe.  Here’s a quick checklist to get you started on MFA:

  • If you haven’t already, make a list of everything you and your business accesses using an email address, username, and password
  • Identify those systems or services that are cloud or web-based – as they are the ones most at risk of being hacked
  • Check with the providers of these systems and services (or ask your IT support company) to see if MFA can be applied – and then do so immediately
  • For those not MFA-enabled, review your current username and password policies, make sure they are securely stored, limit access to them and make them as strong as possible.

We would strongly recommend the Government-backed Cyber Essentials accreditation scheme for all M&E businesses. Cyber Essentials provides advice and guidance on security processes and measures that your business needs to keep your infrastructure safe from attacks. Cyber Essentials accreditation demonstrates achievement of a respected cybersecurity quality standard, providing peace of mind as well as adding weight and value to your offer.

If your current provider hasn’t mentioned MFA to you yet, then you should be a bit worried about that! We regard this kind of advice and guidance as part and parcel of our proactive support service that keeps our clients’ businesses as safe as possible and delivers reliable, smoothly-running IT.

If you’d like to find about more about MFA, or how we can help you with cybersecurity more generally, you can either leave us a message here, email them on info@pcsupportgroup.com or speak to our friendly team on 03300 886116 or for an informal and confidential chat.

www.pcsupportgroup.com

Date:

Author

Category: Business Continuity, Business, IT News.

For all businesses, regardless of size or sector, the well-being of our employees is paramount.

But as we all wrestle with the unique challenges created by coronavirus, the well-being of anyone affected will be best served if they have a job to return to and a bright future to look forward to. So, in these stressful times, all owners and managers will be focused on protecting the health of their businesses too, so that they are still a going concern when the crisis is over.

Late last year we shared with you the importance of business continuity planning, to ensure that you’re fully prepared in the event of a sudden crisis. A key element to consider was to enable staff to work effectively from remote locations other than the office –  a challenge that many businesses are currently facing of course. But the fact is that agile working delivers major business benefits and with today’s technology, it has never been easier to work away from the office. Here’s why:

  1. Agile working improves business performance as it results in more productive and motivated employees, who in turn provide better customer service to your clients. Agile working can cut costs and drive efficiencies too, for example by reducing expensive and time consuming business travel – lowering your carbon footprint in the process.
  2. There’s a host of great, simple to use tools, which enable employees to be able to work anywhere, anytime such as Office 365, SharePoint, OneNote, Microsoft Teams and VoIP telephony – and much much more. And, in the cloud, you can securely store and access everything you need to work productively 24/7.

The important thing is to select the right technologies and systems best suited to your particular business needs, those of your clients and the working patterns of your employees. We can help you make those assessments and make recommendations about the best way forward for you.

If you’d like to revisit your business continuity arrangements, our FREE, six step guide to business continuity is still available, just click on this link: Business continuity for SMEs – how to survive a major emergency and recover in style.

Meanwhile, if you’d like to chat about how The PC Support Group can help you to put the right technology in place to protect your business from the effects of unexpected events – and help drive efficiencies at the same time, call us NOW on 03300 886 116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

For businesses who have chosen cloud-based data hosting services, there’s a temptation to relax and think “great, we’re paying someone else to take care of our data, we don’t need to worry about it anymore.”

Of course, using cloud-based services can deliver major benefits for businesses. But it’s vital to remember that all the data you have “in the cloud” is still stored in a physical data centre somewhere in the world, managed by your cloud service provider.

So, good data security practice means that it’s essential to have exactly the same knowledge about how and where your data is being handled “in the cloud”, just as if it was sitting on a server in your office!

Unfortunately, worrying research results published recently by leading hosting provider TeleData UK reveals that large numbers of firms are lacking this very basic information:

  • 42% don’t know the location of the data centre their provider is using
  • 25% don’t even know if it’s in the UK
  • 33% don’t know if the data centre is ISO compliant.

That’s alarming enough, but the standout statistic for me is that 43% of businesses don’t know whether the data centre they are using has a failover to a secondary location should an outage occur.

Let’s just think about the size of the huge risk that those businesses are taking. One day, everything’s rosy in the garden, customers are happy and business is booming – then bang! Suddenly they can’t access their data. They don’t know where their data is, they don’t know how long they might be without it – or if they’re ever going to be able to access it ever again!

Committing to a cloud service provider requires detailed due diligence and fact-checking to confirm the service is fit for purpose, that all risks and eventualities have been considered and minimised, and that all GDPR and ISO compliance requirements have been met.

I bet those businesses who don’t know where their data is stored, know every dot and comma about their alarm system – which company supports them, where they are based, how long it will take them to get to the office in the event of a problem. Yet many seem to know far less about their data, their most valuable asset.

At The PC Support Group, we specialise in Microsoft Office 365 because from our long experience we believe it’s the best – and a major advantage is its transparency – you can sign in (or your IT support provider can) and find out everything you need to know about the data centre where your data is stored. That’s hugely reassuring in my opinion.

If you have any concerns about how your data is being stored and handled or would like an  informal chat about how we can help provide peace of mind or improve your data security arrangements, call us NOW on 03300 886 116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: Data Backup, IT News, IT Security.

Whenever I’m thinking about the topic for my next bulletin, my first port of call is always our support team. These are the folks who spend their days guiding our clients, resolving issues, fixing problems – so they know better than anyone what’s going on.

Maintaining a robust backup is hard work, it’s important to not only build the correct solution for your business and trust your IT support provider to look after it, but to also maintain a sense of urgency as a business owner to ensure you’re doing everything you can to keep data backup and recovery front of mind.  Therefore, today I’m returning to the topic of backing up your data.  So, why is backing up your data absolutely essential for your business?

  • Without it you risk losing your most priceless asset – the information you hold about your customers, your products and services, your finances and your people
  • Loss of just some of this information, for long enough, will sink your business
  • Back up is an important element of GDPR – and serious breaches can result in severe financial penalties
  • By backing up, if a disaster happens – a cyberattack, a fire, flood or break-in at your premises – there’s a good chance you can recover, repair the damage and go again.

I could go on, but I know you know this stuff already!  Regular data backup – ideally on a daily basis – is absolutely central to business continuity and it needs to be regarded with the same importance as activating your alarm system when you leave the office.  If you are unsure about your backup arrangements – whether they’re fit for purpose, or whether it’s happening at all, now is the time for action.  Start by asking yourself:

  • Do you know exactly what data you hold – about your customers, your employees, your business, your suppliers, your finances, your products, and services?
  • How and where is it stored, and how is it secured?
  • Do you back it up, how, where to and how often?
  • What would happen if you suddenly lost access to your live data and onsite backups?
  • How long would it be before this became a serious issue – minutes, hours, days?
  • How often do you review your backup arrangements?

Another key consideration is the choice between onsite or offsite backup arrangements. For me, that’s an easy one. Onsite backup can be just as vulnerable as your live systems. That’s because once criminals have access to your onsite network they may also get access to your onsite backups. The answer is a secure and managed offsite backup solution.

And remember, as your business develops, so will your data backup requirements. So it’s essential to periodically review your backup arrangements to make sure they reflect the needs of your business today – and as far into the future as you can realistically predict. Even if you’re happy with your backup processes, it’s a great idea to schedule regular reviews for peace of mind. For an informal chat about how you back up your data and how we can help, call us on 03300 886116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: IT Security, IT Support.

The New Year’s Eve ransomware attack on foreign currency firm Travelex was a stark reminder of just how vulnerable today’s businesses are to determined cybercriminals.

Even a successful global enterprise like Travelex, with 1,200 branches in 70 countries, can have its IT systems hijacked and its online services brought to a total standstill. The gang threatened to publish huge quantities of clients’ personal data – social security numbers, dates of birth and payment card information – unless it received a $6 million payment.

Frightening stuff. But what’s almost more frightening is that hackers aren’t just targeting big international businesses, they’re just as likely to attack your business – and mine!

And while Travelex has the scale and resources to fight back and recover, most SMEs do not. Remember, SMEs are the victims of 43% of all data security breaches, with some forced to close as a result of a ransomware attack. The loss of core IT infrastructure, essential data and business confidence forces clients to go elsewhere – never to return.

What is ransomware?

There are two types, usually delivered through a phishing attack. The first type encrypts the files on a computer or network. The second type locks a user’s screen. Both types require users to make a payment – the ‘ransom’ – to be able to use the computer normally again.

However, there’s no guarantee that the key or password, to ‘unlock’ the computer, will be provided once the ransom has been paid. In fact, you should assume that making a payment is a fruitless exercise and plan your business continuity on that basis.

That being the case it’s far better to take sensible cybersecurity measures to prevent a ransomware attack from succeeding in the first place. The Government’s National Cyber Security Centre provides great online advice to protect businesses from cybercrime but my advice would be to ensure that you’re covering the basics, which, for me, includes:

  • Regular security surveys and testing – to identify and manage vulnerabilities
  • Internet firewall protection
  • Managed antivirus services – ensuring your protection is always working correctly and up-to-date. Out of date or failing AV software is as good as no AV protection
  • Multi-Factor Authentication (MFA) – in addition to usernames and passwords when logging in to web-based systems
  • Data encryption – keeping data safe if your computer or smartphone is lost or stolen
  • Always updating software – because hackers target older systems first
  • Employee training on safe working – for example how to identify a phishing attack
  • Controlling how employees interact with the internet – to minimise browsing risks.

Although, of course, prevention is far better than cure, we can also help you to recover in the event of a successful attack, by, for example, ensuring you have robust back-up procedures in place.   For an informal chat about your approach to cybersecurity and how we can help, call us on 03300 886116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: Business, IT Support.

For most SMEs, the days of the big Christmas and New Year shut down are long gone. In today’s fast-moving, non-stop world, clients expect services to continue uninterrupted throughout the festive season, while many businesses use the holidays to catch up and prepare for the year ahead.

What this means is that it’s essential that your IT systems and equipment are fully functioning 24/7/365. So, to help you keep your IT show on the road over Christmas and the New Year, and because it is the season for giving we thought we’d share some top tips with you.

  1. 🎁 Confirm your IT support arrangements

Make sure your IT support is available during Christmas and New Year. Find out about special seasonal arrangements and circulate contact names and numbers

  1. 🎁 Switch on Out of Office messaging

Let clients and key contacts know who they can contact, when and how

  1. 🎁 Stick to your backup schedule

Automating your online backup ensures that your data stays safe, even when you’re not in the office

  1. 🎁 Check that your anti-virus protection is up-to-date

Don’t leave yourself vulnerable to attack by putting this off until January

  1. 🎁 Make the most of flexible/remote working capabilities

Use your technology to enable employees to stay productive by working at home – and help them to spend precious time with family and friends; but get them to check their technology is working beforehand

  1. 🎁 Use social media to stay in touch

Regular, automated posts maintain visibility with clients and can remind them of your office opening hours, key contact details and where to go for assistance

  1. 🎁 Make sure your website looks its best

Clients and prospects often take time over the holidays to review their current and future supply chains – so ensure that your website is up-to-date and telling your story

  1. 🎁Set festive messages on your phone

Cloud-based telephony such as VoIP enables you to do this whether you’re in Lapland or Liverpool!

  1. 🎁Prearrange a status report call with your IT manager or support provider

To satisfy yourself that all is working normally – or to instigate action if required

  1. 🎁 Review and learn lessons

Did your IT operate normally during the festive season? If so, capture this year’s arrangements and you’ve already got a plan in place for next year!

If you’d like to speak to our team regarding our fully managed IT & telephony support please leave us a message here, email us on info@pcsupportgroup.com or call us on 03300 886 116 for an informal and confidential chat.

Phil Bird,

Managing Director, The PC Support Group

Date:

Author

Category: IT Security.

Did you know that the UK’s SMEs are on the receiving end of an average of 65,000 cyber attacks every day? Or that the average loss from a successful attack is £25,700, per business?

I was shocked when I read these statistics, published by insurers Hiscox. Perhaps the most worrying trend of all for me is the relentless growth in ever-more sophisticated phishing scams. Even IT experts and senior executives are being tricked by bogus emails in order to steal your personal info and login details, or get you to make a payment – or simply to corrupt your computers to disrupt your operations.

The bottom line is, while some scam emails are easy to spot, the majority look very, very convincing. If it looks like it’s from a trusted company, with branding to match, it could just as easily be from a cybercriminal.

And, as Hiscox and other surveys reveal, the consequences can be extremely serious. Your business bank account could be compromised. Confidential customer data stolen. Or even worse, your entire IT estate paralysed by ransomware. Make no mistake, phishing could kill your business.

The best defences are education and motivation. Share the problem with your employees and give them guidance, after all failing to spot these emails could ultimately impact their job security.  Helping them spot the dangers now could be the best thing you can do to protect your business.

“So how do I spot a bogus email?” I’m often asked.  Here are six things that I would share immediately with everyone in your business. Beware of any emails that ask you to:

  1. make an immediate payment – don’t pay without speaking with the person to check the request is valid. Do not check via email!
  2. enter your ID and password – check with your IT support provider/department that this is a genuine requirement before entering anything you’re not 100% sure about
  3. start paying invoices into a new account – phone the requester to check it’s a genuine requirement
  4. click on a given link – check with your IT support provider/department that this is a genuine requirement
  5. download something onto your computer – don’t download anything unless you’re 100% sure of it’s content. If you’re not – check with who asked you to download it or check with your IT support provider
  6. respond because your account is under attack, been compromised or frozen – there is often no compromise and these are designed to create a panic response. Don’t! Check with your IT support provider that the alert is genuine before responding or clicking on anything

I treat everything as potentially suspicious – sadly that’s the mindset we all need to adopt. If you’re in any doubt, do not open or click on any link or divulge any personal or corporate information, without first contacting your IT team or support partner.

If you’re concerned about your business’s vulnerability to phishing attacks, email info@pcsupportgroup.com or, leave us a message here and we’ll get back to you or call us on 03300 886116 or for an informal and confidential chat.

Phil Bird,

Managing Director, The PC Support Group

Date:

Author

Category: IT Security.

Recent research by Verizon revealed that business owners and senior executives are 12 times more likely to be the target of a cybersecurity attack than any other employee – with SMEs the victims of 43% of all data security breaches.

For me, this worrying trend confirms what I have been saying to our clients for as long as I can remember: Effective cybersecurity has to start at the very top of your organisation – at board level – with clear policies, standards, roles and responsibilities that everyone understands, all backed by sufficient resources to make it happen.

It’s no surprise that top people are most at risk. They’re incredibly busy, on the move, working long hours, trying to achieve as much as possible every day – with the result that they are vulnerable to being caught off guard – and the cybercriminal only needs one mistake to pounce. And that mistake can be very expensive, not just in purely financial terms.

Executives also have onerous legal and regulatory responsibilities, with breaches likely to damage reputations, business prospects, careers – even an organisation’s very existence.

Surveys show that almost all SMEs are now aware of the business-critical importance of cybersecurity. That’s great – but now is the time to put cybersecurity at the heart of the way you do business, to protect everything you’ve worked for. Leadership is crucial, to reaffirm that cybersecurity is everyone’s responsibility, how we all have a vital role in the battle, and why it’s in everyone’s interest to become super-vigilant at work.

First, you and your senior colleagues must have a forensic understanding of all your key risks and vulnerabilities and how your data is gathered, managed and stored. You and your employees need ongoing training to guard against increasingly sophisticated efforts to trick you into revealing information which the skilled hacker can wreak havoc with. Discuss this with your IT provider and ask them if there is anything else you can do.

At The PC Support Group, we’ve developed a comprehensive, award-winning portfolio of services, solutions, advice, and guidance to help keep our clients – and their clients – safe.  We’re also Cyber Essentials-certified, having achieved the principal UK Government-backed cybersecurity quality standard.  Some of the services that The PC Support Group offer as part of our portfolio include:

  1. Security surveys and testing – to help identify and manage vulnerabilities
  2. Managed internet firewall protection – that meets the Payment Card Industry Security Standard (PCIDSS) compliance regulations
  3. Managed antivirus services – ensuring detection, protection, and removal
  4. Data backup services – keeping all your data in a safe and secure location
  5. Multi-Factor Authentication – for extra security in addition to usernames and passwords
  6. Data encryption – keeping data safe if your computer or smartphone is lost or stolen
  7. Email security diagnostics – to enhance your system’s security configuration.

Take the lead NOW and email us on info@pcsupportgroup.com or call us on 03300 886116 to find out how we can help keep your business safe and running smoothly.

Phil Bird,

Managing Director, The PC Support Group