Author: Neroli Baird

by Neroli Baird Neroli Baird No Comments

How to stop ransomware attacks in 2017

In May 2017, an ominous message greeted workers in the UK’s National Health Service (NHS): “Oops, your files have been encrypted!”

This is how malware known variously as WannaCry, WannaCrypt or WannaCryptor 2.0 announced itself to the wider world. With systems locked and critical files encrypted, doctor’s surgeries had to close and hospitals turned patients away from essential treatments.

How did this happen? Security experts believe an NHS user clicked a link or opened a file they shouldn’t have. Others pointed the finger at the NHS’s network of antiquated hardware and unsupported software as the main factor that facilitated the spread of WannaCry.

The worm spreads

Distributing ransomware isn’t hard. This type of malicious software is easy and cheap to spread. In the case of WannaCry, and its related variants, it can infect connected systems without any user interaction, much like a worm that continually replicates itself. The victim then has a powerful incentive to pay up and, if they don’t, the criminals’ investment has been minimal.

The victim then has a powerful incentive to pay up and, if they don’t, the criminals’ investment has been minimal.

Why is healthcare vulnerable to ransomware?

Hospitals and other organisations in the healthcare sector are attractive targets, specifically because of the:

  • Ageing hardware, software and security systems that they often run.
  • Misconfigured systems, specifically security software that is easy to bypass.
  • Valuable data they hold, including sensitive patient health records and personal information.

Should you pay hackers a ransom?

Cybersecurity experts advise against paying a ransom to hackers.

In the first instance, there is no guarantee you will gain access to your encrypted files. An Australian study found that close to a third of affected organisations who did pay failed to recover their data. Paying may also encourage the criminals to continue their activities, and they could even re-target your organisation.

How to stop ransomware infecting your organisation

Like any infection, prevention is better than cure, especially when it comes to the security of your network. Even if you are dealing with a tight budget, skeleton IT staff and minimal cybersecurity expertise, you don’t necessarily have to spend big to ensure your network remains free of malware like WannaCry.

Your users should be the first line of defence. If employees don’t know what to look for, how can you hope to remain malware free? As a matter of priority, you need to:

  • Train your staff so they know how to identify phishing attacks that could contain malicious ransomware.
  • Ensure your organisation is running updated software with the latest security patches.
  • Regularly back up your systems to physical sources and the cloud.
  • Have a clear email security protocol that discourages users from clicking on suspicious links, attachments or emails.
  • If a computer is infected, isolate it from the network and alert all staff.
  • Invest in hardware that’s up to the task of warding off threats.

Ransomware is constantly evolving, so it’s a case of mitigating the threat to ensure your networks, data and reputation aren’t compromised.

by Neroli Baird Neroli Baird No Comments

Office 365 advances the learning process

Cloud-based technologies are revolutionising teaching and learning, and Microsoft’s Office 365 Education offers sophisticated tools to do just that.

Office 365 comes with a lot of the usual Microsoft software offerings, now bundled together in a subscription-based model. However, more importantly for school CIOs and IT education decision-makers, Office 365 features Education, a state-of-the-art collaboration product that has the potential to improve teaching and learning processes.

Office 365 Education offers students and teachers a whole new way to communicate via cloud-based email, web conferencing and document-editing tools. It also provides access to applications and files from any connected device.

Recognising the popularity of apps, Office 365 also has apps that can complement its Education package. These include OneDrive, which offers 1TB of file storage per user and accounts that can customised according to a school”s needs; Yammer, a private social networking app that lets students and teachers communicate at any time; and Lync Online that enables audio and video calls.

Additionally, students and teachers can share Excel, Word and PowerPoint files and simultaneously work on them from different locations, doing away with the hassle of needing to integrate document versions later.

Classrooms for the digital age

Office 365 Education includes Microsoft Classroom, a homepage where teachers can manage classes and assignments online. This can help with tasks such as organising multiple class sections (e.g. History or Geography A and B), creating assignments, collaborating with other teachers on syllabuses and providing students with feedback.

Students can engage with teachers and classmates as well as access class materials if they”re off sick, while apps such as Sway allow teachers to design interactive online lessons, assignments and even newsletters from a phone, tablet or browser.

Office 365 also comes with protection against spam and viruses, making it a secure place to share documents. As a cloud-based service, it”s also logical to use Office 365 for data backup and storage.

A long way from blackboards and chalk

Office 365”s education tools allow for anytime, anywhere learning. They also incorporate new ways for teachers and students to collaborate on assignments and projects while allowing for better management of files on all devices including mobiles.

Technology has advanced rapidly since the first Apple IIs and IBM PCs arrived in classrooms around the world. Today, schools have access to digital tools that were once the exclusive domain of the workplace. Student engagement is just one of the many benefits – because we know how much the typical K-12 pupil loves technology.

by Neroli Baird Neroli Baird No Comments

The hidden costs of purchasing a PC

This article first appeared on ThinkFWD.

Contributor: Stuart Corner

“Procurement and deployment of the PC and other devices is about to be dragged, kicking and screaming, into the 21st century as a growing number of companies explore the potential benefits of PC-as-a-Service (PCaaS) and Device-as-a-Service (DaaS),” says Tom Mainelli, program vice president of devices and displays at IDC.

According to a IDC survey from earlier this year, almost 25 per cent of IT decision-makers are already actively considering PCaaS, and a further 20 per cent say they plan to do so within 12 months. And it’s not difficult to see why.

At one extreme, running a fleet of PCs in a corporate environment requires considerable capital outlay for their purchase and for the provision of the IT resources needed to maintain them. At the other extreme, these functions can be outsourced through leasing and support contracts, but that typically requires three separate relationships: hardware supplier, finance company and support provider.

Most organisations will have a PC procurement and support regime that sits somewhere between these two extremes, but in any variant there are many hidden costs. IT consulting firm Nash Networks estimates that the purchase of hardware and software typically accounts for less than 50 per cent of the total direct costs.

Nash Networks lists a whole set of indirect costs that it says can account for as much as 50 per cent of the total cost of ownership, and are often completely hidden. These costs generally arise through suboptimal maintenance and/or inadequate user support. They include lost or reduced productivity because of downtime and time spent by staff providing informal IT support to colleagues.

The DIY system

A good indication of what’s involved in supporting a fleet of PCs under a do-it-yourself (DIY) model is MTC Training’s course, Managing Enterprise Devices and Apps Using System Center Configuration Manager (SCCM). SCCM is a product from Microsoft designed to facilitate the management of Windows PCs. The course is intended for experienced IT professionals who are typically enterprise desktop administrators. These are people who deploy, manage and maintain PCs, devices and applications.

Here’s a list of topics covered – that is, what someone in such a role is expected to undertake:

  • Managing desktops and devices in the enterprise.
  • Preparing the infrastructure to support desktop and device.
  • Deploying and managing the configuration manager client.
  • Managing inventory for PCs and applications.
  • Distributing and managing content used for deployments.
  • Deploying and managing applications.
  • Maintaining software updates for managed PCs.
  • Implementing endpoint protection for managed PCs.
  • Managing compliance and secure data access.
  • Managing client status, power management and remote administration.
  • Maintaining configuration manager sites and site systems.

If not leaving it up to a provider, a business would have to single-handedly conquer all of this. It could represent a costly undertaking, and might also be well beyond the capabilities and resources of an organisation.

The PCaaS alternative

PCaaS replaces these with a single contract and a per-device monthly fee. PCaaS contracts are based on a fixed hardware refresh cycle, generally three years, with hardware and software support that includes ensuring software is kept up to date and, in particular, that the patches needed to keep systems secure are applied expeditiously.

There’s also a strong argument for PCaaS purely on the grounds of optimal deployment of capital. Every business needs access to capital to fund its growth, and while PCs are vital to the operation of most businesses, the operation of the PCs is not core business. Capital can be more usefully applied to business growth if PC provision is made an operating expense.

This is particularly true for startups and small businesses. The advent of Software-as-a-Service has reduced business small business costs enormously in recent years. Provided under an ‘as-as-service’ model, the PCs needed to access that software remove yet another barrier to entrepreneurship.

PCaaS allows businesses to not only outfit their offices without having to buy everything outright, but also streamlines their IT support costs as part of the service. It’s important to be aware of these costs, as you don’t want to be left unexpectedly out of pocket when you budget in your PCs.

by Neroli Baird Neroli Baird No Comments

Four ways to enhance your endpoint security

It’s quite likely you use several devices, such as a smartphone and a laptop or desktop PC, to run your business. Each device, however, represents an access point for threats like viruses and malware. Endpoint security aims to secure these network ‘endpoints’ so that suspicious online activities are blocked at the point of entry.

The need for endpoint security has risen sharply, particularly in response to the rise in mobile threats and the growing internet of things (IoT). Most vulnerable are SMBs with offsite employees who need to access the company’s network. But the reality is that all businesses are at risk, given today’s ever-shifting and undefinable security perimeter.

So, what are today’s SMB leaders doing when it comes to endpoint security? How can you ensure every tech outpost in your business is secure? Here are four key strategies.

1. Remove or limit administrative access

Most employees don’t need administrative rights to perform their day-to-day jobs. If an endpoint app does require administrative access to your network, it can be added to a database of approved programs by an access control tool. Limiting administrative access in this manner can greatly limit damage within your core network caused by an attacker who is targeting the endpoint device.

2. Use advanced authentication

Many successful endpoint breaches are the result of employees using the same password across multiple sites. If just one site is compromised, it’s only a matter of time before yours is broken into. Two-factor authentication fixes this problem by requiring extra credentials to access the system, such as a token code or smart card. This blocks attackers even if the password has been stolen.

3. Keep your systems up to date

New security vulnerabilities are being discovered all the time. Hackers are constantly keeping watch – and using them against SMBs to find out which ones neglected to patch their systems. If you use various endpoint devices in your business, it’s important to ensure your business apps, anti-malware programs and other security tools are kept up to date with the latest security patches and virus definitions.

4. Conduct security training and awareness sessions

A recent IBM study found that 60 per cent of business data breaches originate from employees, with about a quarter of these being accidental. Ongoing awareness and training on security best practices, in areas such as data encryption, password security and BYOD (bring your own device), can help keep your network safe.

As your data network gains more endpoints, the number and variety of cyber risks will only increase. These steps will help to ensure that your SMB is better protected and more resilient against online attacks.

by Neroli Baird Neroli Baird No Comments

Secure and stable storage strategies for businesses

Even the smallest of businesses can generate a huge amount of data, and that data has to go somewhere.

Government regulations require businesses to keep and back up certain data for legal reasons; many firms choose to retain information like employee records, emails and instant messages; and every new version of a software application has to be stored somewhere. All that information must then be backed up to protect the business against viruses, ransomware and spyware that might infect their system and put a halt to trading. And that’s not even considering those firms that want to analyse their big data to further profits and business goals.

What are the options?

Despite the mission-critical status of all this data, many small and medium sized businesses lack an overarching storage strategy that can ensure the business keeps trading no matter what. There are a number of options, and the good news is the price-per-gigabyte of storage has never been cheaper – even outside the cloud.

Small and medium sized businesses can opt for:

  • Direct attached storage (DAS): Devices connected to PCs or servers, usually via USB. Good for information that’s frequently accessed.
  • Network attached storage (NAS): Devices that connect directly to the network and operate as a file server. Good for storing large files.
  • Cloud storage: Online storage that comes in public, private or hybrid configurations. Good for mobile access.
  • Offline media: Backing up data on to tape drives, DVDs or Blu-rays sounds a bit old-fashioned, but Google still backs up Gmail onto tape as a last resort and Facebook has its Blu-ray Cold Storage Data Center. Good for archiving.

How to choose your storage strategy

For most small and medium sized businesses, a combination of these storage solutions will make up a good strategy, but figuring out the ideal combination can be challenging. Small and medium-sized businesses need to analyse their storage needs closely, looking at which applications generate the most data, how quickly and from where most data needs to be accessed. They also need to assess how old the data is, if it’s being unnecessarily duplicated, and if it’s business related or operations related.

Mission-critical data, like operations-related software applications and the business website, is the most important regardless of the size of the company. Firms need to consider having at least two complete separate copies of this – with one offline – to ensure business continuity.

In the end, the budget and volume of data will help determine the combination of solutions an SMB requires. However, careful assessment of the data, the legal and regulatory ramifications, and business continuity are all essential for a secure and stable storage strategy.

by Neroli Baird Neroli Baird No Comments

Do you need to upgrade your network?

Upgrading your company’s network isn’t likely to be cheap or straightforward. Your network affects every aspect of your business’ ICT, and downtime or making the wrong decisions will impact everyone.

Whether you’re replacing outdated technology or expanding your network infrastructure, regular upgrades are essential for keeping your business productive and profitable as well as your data secure. On the other hand, if your network is already fit for purpose, upgrading too early will mean unnecessary expenditure and hassle.

If you’re the one responsible for making that call, you should be able to evaluate your network’s suitability and decide whether it really needs an upgrade right now, what type of upgrade and how to make the switchover with as little impact on the day-to-day as possible.

What types of upgrades?

Networks aren’t a one-size-fits-all solution — they’re as diverse as your business needs them to be. Networks can be upgraded to:

  • Expand your range or capacity: As your business grows, so does your network. You could be adding more computers to your office, linking to remote locations or hiring more cloud storage to host your growing data.
  • Improve security: Network upgrades are an opportunity to improve your business’ resilience to cyberattacks. Updating hardware and software will help protect your company’s data and the privacy of your staff.
  • Boost productivity: Like any good investment, your network upgrade should pay for itself before long by improving productivity, saving time and reducing maintenance.

Figuring out what you need

Everyone on your network has unique needs and, while an upgrade may not be able to satisfy them all, you should aim for the best compromise. Talking to department heads and sending out surveys can offer valuable insights that you might not have considered.

You should also check capacity and usage statistics to see whether network speeds and storage need improvement. If you don’t have the resources or the know-how to evaluate your network capabilities, you can hire consultants to do it for you.

Planning the upgrade

Your survey results offer an idealistic guide to work from, but you first need to think about practicalities, such as:

  • How many devices need to connect to your network?
  • Will people connect to your network outside the office?
  • What type of software will they be using?
  • How much data is sent and received every day?

Any upgrades you make should primarily help your business achieve its objectives, which also means minimising the negative impact on the business and on users as much as possible.

You’ll never truly be finished upgrading your network but, through careful planning and projections, you can establish a flexible network capable of supporting future growth. Technology comes and goes, but the infrastructure you lay down today can future-proof your business for years to come — not to mention making subsequent upgrades a lot easier.

Wired or wireless?

One decision you could face when rolling out your new network is whether to replace your wired connection with a wireless network hosted in the cloud.

While wireless connections are more convenient, on-premise networks have traditionally been faster and more reliable, as they experience less downtime and don’t have the same range of limitations. This has started to change, however, and cloud services also offer adequate security for most business needs.

For many companies, a hybrid model is the ideal middle ground — storing less sensitive data and apps in the cloud while keeping more critical data on your premises. This can reduce costs and improve convenience while ensuring you’ll always have access to your data when you need it.

And that’s the key consideration — are you providing the people who use your network the speed, access and capabilities they need? If not, then it’s time to upgrade and ensure you’re not holding your business back.