For businesses who have chosen cloud-based data hosting services, there’s a temptation to relax and think “great, we’re paying someone else to take care of our data, we don’t need to worry about it anymore.”

Of course, using cloud-based services can deliver major benefits for businesses. But it’s vital to remember that all the data you have “in the cloud” is still stored in a physical data centre somewhere in the world, managed by your cloud service provider.

So, good data security practice means that it’s essential to have exactly the same knowledge about how and where your data is being handled “in the cloud”, just as if it was sitting on a server in your office!

Unfortunately, worrying research results published recently by leading hosting provider TeleData UK reveals that large numbers of firms are lacking this very basic information:

  • 42% don’t know the location of the data centre their provider is using
  • 25% don’t even know if it’s in the UK
  • 33% don’t know if the data centre is ISO compliant.

That’s alarming enough, but the standout statistic for me is that 43% of businesses don’t know whether the data centre they are using has a failover to a secondary location should an outage occur.

Let’s just think about the size of the huge risk that those businesses are taking. One day, everything’s rosy in the garden, customers are happy and business is booming – then bang! Suddenly they can’t access their data. They don’t know where their data is, they don’t know how long they might be without it – or if they’re ever going to be able to access it ever again!

Committing to a cloud service provider requires detailed due diligence and fact-checking to confirm the service is fit for purpose, that all risks and eventualities have been considered and minimised, and that all GDPR and ISO compliance requirements have been met.

I bet those businesses who don’t know where their data is stored, know every dot and comma about their alarm system – which company supports them, where they are based, how long it will take them to get to the office in the event of a problem. Yet many seem to know far less about their data, their most valuable asset.

At The PC Support Group, we specialise in Microsoft Office 365 because from our long experience we believe it’s the best – and a major advantage is its transparency – you can sign in (or your IT support provider can) and find out everything you need to know about the data centre where your data is stored. That’s hugely reassuring in my opinion.

If you have any concerns about how your data is being stored and handled or would like an  informal chat about how we can help provide peace of mind or improve your data security arrangements, call us NOW on 03300 886 116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: Data Backup, IT News, IT Security.

Whenever I’m thinking about the topic for my next bulletin, my first port of call is always our support team. These are the folks who spend their days guiding our clients, resolving issues, fixing problems – so they know better than anyone what’s going on.

Maintaining a robust backup is hard work, it’s important to not only build the correct solution for your business and trust your IT support provider to look after it, but to also maintain a sense of urgency as a business owner to ensure you’re doing everything you can to keep data backup and recovery front of mind.  Therefore, today I’m returning to the topic of backing up your data.  So, why is backing up your data absolutely essential for your business?

  • Without it you risk losing your most priceless asset – the information you hold about your customers, your products and services, your finances and your people
  • Loss of just some of this information, for long enough, will sink your business
  • Back up is an important element of GDPR – and serious breaches can result in severe financial penalties
  • By backing up, if a disaster happens – a cyberattack, a fire, flood or break-in at your premises – there’s a good chance you can recover, repair the damage and go again.

I could go on, but I know you know this stuff already!  Regular data backup – ideally on a daily basis – is absolutely central to business continuity and it needs to be regarded with the same importance as activating your alarm system when you leave the office.  If you are unsure about your backup arrangements – whether they’re fit for purpose, or whether it’s happening at all, now is the time for action.  Start by asking yourself:

  • Do you know exactly what data you hold – about your customers, your employees, your business, your suppliers, your finances, your products, and services?
  • How and where is it stored, and how is it secured?
  • Do you back it up, how, where to and how often?
  • What would happen if you suddenly lost access to your live data and onsite backups?
  • How long would it be before this became a serious issue – minutes, hours, days?
  • How often do you review your backup arrangements?

Another key consideration is the choice between onsite or offsite backup arrangements. For me, that’s an easy one. Onsite backup can be just as vulnerable as your live systems. That’s because once criminals have access to your onsite network they may also get access to your onsite backups. The answer is a secure and managed offsite backup solution.

And remember, as your business develops, so will your data backup requirements. So it’s essential to periodically review your backup arrangements to make sure they reflect the needs of your business today – and as far into the future as you can realistically predict. Even if you’re happy with your backup processes, it’s a great idea to schedule regular reviews for peace of mind. For an informal chat about how you back up your data and how we can help, call us on 03300 886116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: IT News, IT Security, IT Support, Latest, News.

The latest Netwrix IT Trends report has been published which outlines the top IT priorities for organisations in 2020; in which over 1000 IT professionals took part.

“74% of organisations name data security as the dominant priority for 2020.”

Given the rising number of breaches and the shortage of cybersecurity experts, it is no surprise that data security was seen as the highest priority.

The top IT priorities highlighted in the global survey included:

  • Maintaining data security                                                             74%
  • Automating manual tasks                                                             70%
  • Digital transformations                                                 57%
  • Cloud migrations                                                             52%
  • Increasing cybersecurity awareness among employees             39%
  • Adhering to compliance standards                         39%
  • Integrate existing solutions                         35%
  • Educate/train IT staff                         30%
  • Employ additional IT talent                         22%

To read the survey in full, visit netwrix.com

Date:

Author

Category: IT Security, IT Support.

The New Year’s Eve ransomware attack on foreign currency firm Travelex was a stark reminder of just how vulnerable today’s businesses are to determined cybercriminals.

Even a successful global enterprise like Travelex, with 1,200 branches in 70 countries, can have its IT systems hijacked and its online services brought to a total standstill. The gang threatened to publish huge quantities of clients’ personal data – social security numbers, dates of birth and payment card information – unless it received a $6 million payment.

Frightening stuff. But what’s almost more frightening is that hackers aren’t just targeting big international businesses, they’re just as likely to attack your business – and mine!

And while Travelex has the scale and resources to fight back and recover, most SMEs do not. Remember, SMEs are the victims of 43% of all data security breaches, with some forced to close as a result of a ransomware attack. The loss of core IT infrastructure, essential data and business confidence forces clients to go elsewhere – never to return.

What is ransomware?

There are two types, usually delivered through a phishing attack. The first type encrypts the files on a computer or network. The second type locks a user’s screen. Both types require users to make a payment – the ‘ransom’ – to be able to use the computer normally again.

However, there’s no guarantee that the key or password, to ‘unlock’ the computer, will be provided once the ransom has been paid. In fact, you should assume that making a payment is a fruitless exercise and plan your business continuity on that basis.

That being the case it’s far better to take sensible cybersecurity measures to prevent a ransomware attack from succeeding in the first place. The Government’s National Cyber Security Centre provides great online advice to protect businesses from cybercrime but my advice would be to ensure that you’re covering the basics, which, for me, includes:

  • Regular security surveys and testing – to identify and manage vulnerabilities
  • Internet firewall protection
  • Managed antivirus services – ensuring your protection is always working correctly and up-to-date. Out of date or failing AV software is as good as no AV protection
  • Multi-Factor Authentication (MFA) – in addition to usernames and passwords when logging in to web-based systems
  • Data encryption – keeping data safe if your computer or smartphone is lost or stolen
  • Always updating software – because hackers target older systems first
  • Employee training on safe working – for example how to identify a phishing attack
  • Controlling how employees interact with the internet – to minimise browsing risks.

Although, of course, prevention is far better than cure, we can also help you to recover in the event of a successful attack, by, for example, ensuring you have robust back-up procedures in place.   For an informal chat about your approach to cybersecurity and how we can help, call us on 03300 886116 or email info@pcsupportgroup.com

Phil Bird

Managing Director, The PC Support Group

Date:

Author

Category: IT News, IT Security, Latest, News.

UK travel money firm Travelex is still offline more than 5 days after a cyberattack.

The foreign-currency seller has been working on the issue since the software virus attack on New Year’s Eve.

“We regret having to suspend some of our services in order to contain the virus and protect data,” Travelex boss Tony D’Souza said.

The company has resorted to carrying out transactions manually, providing foreign-exchange services over the counter in its branches.

Travelex has a presence in more than 70 countries and has over 1,200 branches and 1,000 ATMs worldwide, with exchange machines a common sight at airports, and customers can also use a smartphone app.

It has affected Sainsbury’s Bank, Barclays, and HSBC amongst others which all use the Travelex platform.

For more information about how to protect your business, please download our free cybercrime bulletin here

Date:

Author

Category: IT News, IT Security, Latest, News.

As of January 2020, Windows Server 2008 and Microsoft Exchange 2010 have both officially reached end of support. So, if you’re still using either of them, you’re issuing an open invitation to cybercriminals.

Whilst the systems will continue to work, Microsoft will no longer support them through security patches, upgrades or customer support; which means that your software will no longer receive updates to protect against viruses, malware or other cyberattacks.

If security is important to your business or you are required to maintain a cybersecurity accreditation standard such as Cyber Essentials, then it’s vital that you address this issue as soon as possible as not doing so will fail most security audits and accreditation standards.

So, what should you do? There are several options including migrating to Microsoft Office 365 or upgrading to a later version of Windows Server, depending on your requirements.

To ensure you protect your data from today, contact us NOW and we can discuss which is the best option for your business.   Email us on info@pcsupportgroup.com  and mention Windows Server 2008 or call our friendly team on 03300 886 116.

 

 

Date:

Author

Category: Windows 7, Windows 10, IT News, IT Security, Latest, News.

Make sure you make this year a Happy New Year by not missing the imminent Windows 7 deadline. 

At The PC Support Group, we have kept our clients up-to-date with the approaching deadline, January 14th when Windows 7 will reach its end of life.  So, if you’re one of the thousands of UK businesses still using it, you have exactly a week today to upgrade – or you could be issuing an open invitation to cybercriminals.

While your PCs won’t suddenly stop working, from next week, Microsoft will stop updating or supporting your operating system, meaning that automatic security and bug fixes will end, making it increasingly costly to maintain and vulnerable to attack.

And you can guarantee that cybercriminals will be targeting Windows 7 users after January 14th, because they know that their defences are down.

While Windows 10 isn’t right for everyone, there are many advantages of upgrading from 7 to 10:

  • It’s simple, with a minimum of disruption – in most cases you can keep your files and software on your existing PC
  • Many programs you use will already have been updated to work on Windows 10, so you can just carry on as normal
  • Although, the layout and interface is different with a little patience you’ll be able to transition and use it relatively easily
  • There are many great additional features and functionality on Windows 10 that will be a big help for your business, such as the Cortana virtual assistant and enhanced security
  • Support for Windows 10 is expected to run until at least 2025, so a small investment now will provide peace of mind for the next five years or more.

So, if you’ve decided to go-ahead and upgrade, here are just a few things to bear in mind:

  • You’ll need to calculate how many users you have and how many licences you need
  • While Windows 10 will run perfectly happily on most existing hardware, it may struggle on older machines, so now may be the time to upgrade some of your hardware too
  • Although as mentioned earlier, most software has been updated to enable it to run on Windows 10 you will need to check that this is the case with all the software you use before going ahead
  • Once you’ve established what you require, you’ll need to identify a budget and potentially look into financing options
  • Time, resource and investment will be required but upgrading will almost certainly bring productivity and business efficiency benefits, which will deliver a fast return on your investment.

It’s not too late – if you’re still using Windows 7  – contact your IT support provider to discuss if upgrading is the best solution for your business before the support ends next week,  or contact our friendly team on 03300 886 116 or by email on info@pcsupportgroup.com to find out about our IT and telephony services.

www.pcsupportgroup.com

Date:

Author

Category: IT Security.

Did you know that the UK’s SMEs are on the receiving end of an average of 65,000 cyber attacks every day? Or that the average loss from a successful attack is £25,700, per business?

I was shocked when I read these statistics, published by insurers Hiscox. Perhaps the most worrying trend of all for me is the relentless growth in ever-more sophisticated phishing scams. Even IT experts and senior executives are being tricked by bogus emails in order to steal your personal info and login details, or get you to make a payment – or simply to corrupt your computers to disrupt your operations.

The bottom line is, while some scam emails are easy to spot, the majority look very, very convincing. If it looks like it’s from a trusted company, with branding to match, it could just as easily be from a cybercriminal.

And, as Hiscox and other surveys reveal, the consequences can be extremely serious. Your business bank account could be compromised. Confidential customer data stolen. Or even worse, your entire IT estate paralysed by ransomware. Make no mistake, phishing could kill your business.

The best defences are education and motivation. Share the problem with your employees and give them guidance, after all failing to spot these emails could ultimately impact their job security.  Helping them spot the dangers now could be the best thing you can do to protect your business.

“So how do I spot a bogus email?” I’m often asked.  Here are six things that I would share immediately with everyone in your business. Beware of any emails that ask you to:

  1. make an immediate payment – don’t pay without speaking with the person to check the request is valid. Do not check via email!
  2. enter your ID and password – check with your IT support provider/department that this is a genuine requirement before entering anything you’re not 100% sure about
  3. start paying invoices into a new account – phone the requester to check it’s a genuine requirement
  4. click on a given link – check with your IT support provider/department that this is a genuine requirement
  5. download something onto your computer – don’t download anything unless you’re 100% sure of it’s content. If you’re not – check with who asked you to download it or check with your IT support provider
  6. respond because your account is under attack, been compromised or frozen – there is often no compromise and these are designed to create a panic response. Don’t! Check with your IT support provider that the alert is genuine before responding or clicking on anything

I treat everything as potentially suspicious – sadly that’s the mindset we all need to adopt. If you’re in any doubt, do not open or click on any link or divulge any personal or corporate information, without first contacting your IT team or support partner.

If you’re concerned about your business’s vulnerability to phishing attacks, email info@pcsupportgroup.com or, leave us a message here and we’ll get back to you or call us on 03300 886116 or for an informal and confidential chat.

Phil Bird,

Managing Director, The PC Support Group

Date:

Author

Category: IT Security.

Recent research by Verizon revealed that business owners and senior executives are 12 times more likely to be the target of a cybersecurity attack than any other employee – with SMEs the victims of 43% of all data security breaches.

For me, this worrying trend confirms what I have been saying to our clients for as long as I can remember: Effective cybersecurity has to start at the very top of your organisation – at board level – with clear policies, standards, roles and responsibilities that everyone understands, all backed by sufficient resources to make it happen.

It’s no surprise that top people are most at risk. They’re incredibly busy, on the move, working long hours, trying to achieve as much as possible every day – with the result that they are vulnerable to being caught off guard – and the cybercriminal only needs one mistake to pounce. And that mistake can be very expensive, not just in purely financial terms.

Executives also have onerous legal and regulatory responsibilities, with breaches likely to damage reputations, business prospects, careers – even an organisation’s very existence.

Surveys show that almost all SMEs are now aware of the business-critical importance of cybersecurity. That’s great – but now is the time to put cybersecurity at the heart of the way you do business, to protect everything you’ve worked for. Leadership is crucial, to reaffirm that cybersecurity is everyone’s responsibility, how we all have a vital role in the battle, and why it’s in everyone’s interest to become super-vigilant at work.

First, you and your senior colleagues must have a forensic understanding of all your key risks and vulnerabilities and how your data is gathered, managed and stored. You and your employees need ongoing training to guard against increasingly sophisticated efforts to trick you into revealing information which the skilled hacker can wreak havoc with. Discuss this with your IT provider and ask them if there is anything else you can do.

At The PC Support Group, we’ve developed a comprehensive, award-winning portfolio of services, solutions, advice, and guidance to help keep our clients – and their clients – safe.  We’re also Cyber Essentials-certified, having achieved the principal UK Government-backed cybersecurity quality standard.  Some of the services that The PC Support Group offer as part of our portfolio include:

  1. Security surveys and testing – to help identify and manage vulnerabilities
  2. Managed internet firewall protection – that meets the Payment Card Industry Security Standard (PCIDSS) compliance regulations
  3. Managed antivirus services – ensuring detection, protection, and removal
  4. Data backup services – keeping all your data in a safe and secure location
  5. Multi-Factor Authentication – for extra security in addition to usernames and passwords
  6. Data encryption – keeping data safe if your computer or smartphone is lost or stolen
  7. Email security diagnostics – to enhance your system’s security configuration.

Take the lead NOW and email us on info@pcsupportgroup.com or call us on 03300 886116 to find out how we can help keep your business safe and running smoothly.

Phil Bird,

Managing Director, The PC Support Group

Date:

Author

Category: IT Security.

In my last bulletin I shared with you my IT health check, designed to help SMEs to have a solid foundation of basic information about their IT infrastructure, systems and equipment. If you know what cards you have in your hand, it’s so much easier to play the right one, at the right time!

But there’s a natural follow up to an IT health check – a broader exercise, which will help equip you to deal with a nightmare scenario: How would you cope with a sudden crisis in your business?

By sudden crisis I mean, what would happen if your business:

  • lost all its data?
  • couldn’t use its core IT and telecoms systems and equipment?
  • suffered from fire or flood damage to its offices?
  • suddenly lost key members of staff – or a vital supplier?
  • was unable to access bank accounts or key management software?
  • was a victim of the theft of online, intellectual or physical property?

This is something that I continuously consider and review – to be as sure as possible that The PC Support Group could recover from any of these nightmare scenarios. I do worry about this stuff but what it makes me do is plan, and I think you know by now, that I love a plan!

Owner managers of SMEs work so hard, often for many years, to build up businesses that do great things – and provide prosperity and incomes for themselves, their families and their employees, and it really pains me to hear of events when all that effort goes up in smoke – sometimes literally.

Do you think you would survive and recover? Most importantly, do you have plans in place and resources in reserve to help you to deal with these challenges and emerge with your reputation and your business intact? If you do, your chances of making a full recovery are greatly increased. If you don’t, drawing up these plans and allocating adequate resources to cope with an emergency should be a top priority.

We have a series of free guides available about a range of business-critical issues and one is devoted to business continuity, with a six-step action plan designed to help you to prepare. The steps cover:

  • How to carry out a business impact analysis – to understand your risks and vulnerabilities
  • Assessing your current state of readiness – and identifying those areas needing attention
  • How to construct your plan – to ensure you cover all the bases
  • Communicating your plan – so that your team know what to do if something goes wrong
  • Reviewing, testing and updating your plan – because your business is constantly evolving
  • Recruiting external support – for specific expertise and to plug gaps in your plan.

This FREE, six step guide to business continuity is available now, just click on this link:

Business continuity for SMEs – how to survive a major emergency and recover in style.

If you’d like to have a chat about business continuity, or any other aspect of your IT and telecoms, email us on info@pcsupportgroup.com or call our team on 03300 886116 for an informal chat.

 

Phil Bird,

Managing Director, The PC Support Group.