DISASTER RESPONSE PACK – WHAT YOU SHOULD INCLUDE

This article has been shared from the UK governments Centre for the Protection of National Infrastructure (CPNI) – the website is full of advice as to how businesses can better prepare for a disaster. Find out more at http://www.cpni.gov.uk/

Response pack

Article Summary

A Response pack should include key documents and items that may be needed by those who will manage the incident room or work with the emergency services. Example contents are set out below, however these lists are not exhaustive and other items should be added as required.

Documents:

Business Continuity Plan and Communications Plans
Contact details for nominated response staff, plus list of all employees, their home and mobile numbers
Emergency services contact details
Details of any local utility companies, emergency glaziers, salvage organisations,building contractors, local authority contingency planners Building plans, including the location of gas, electricity and water shut off points and heating and ventilation controls. Also, any protected areas where staff will be sheltered.
A recent stock and equipment inventory
Financial and banking information
Product lists and specifications

Equipment:

Stand-alone laptop computer, compatible with the local network
USB memory sticks or flash drives
Spare keys/security codes
Torch and spare batteries
Hazard and cordon tape
Small cash resource
Card and marker pens for temporary signs and other stationery (pens, paper, etc)
Mobile telephone with charger and appropriate credit

CLOUD TECHNOLOGY AND TABLET COMPUTING FOR SMALL BUSINESSES

If you are a bit of a history enthusiast then you may be aware that the tablet device is not a recent development in the world of computing. The first patent for the tablet design was in fact issued around 1888 and since then the tablet has been through various trials and tribulations which had threatened its sustainability on the consumer market. In 2002 Microsoft decided to implement a version of Window XP which was not as successful as they had hoped. Around this time tablet designs were often considered to be clumsy in the sense of heavy builds and insufficient software capabilities. However, the development of cloud technology allowed manufactures such as Apple to marry a healthy relationship between cloud applications and tablet computers, giving birth to the iPad. As you may be aware vital data is normally stored on cloud servers allowing easy access using multiple devices and locations. If this is the case, then it would be wise to ensure that the operating hardware remains effective to accommodate good screen resolution, sufficient processing power and hand-held comfort ability. If you are one for fancy aesthetics then this value will be presented in the cost of your investments. Otherwise a mid-range tablet should be priced quite reasonably, packing enough punch to allow efficient online activity without you gaining square eyes and saw wrists.

To conclude, the power of cloud technology enterprises such as Google and Amazon, have only increased an appetite for cloud convenience with their respective online services. The popularity of utilizing these services has helped to breed a familiar relationship with most tech competent consumers who often systematically log in and out of cloud based applications in order to satisfy their social, entertainment and business needs. The only thing left to consider is will we see a shift in the value businesses place on merging tablet devices and cloud technology for increased work based productivity

TOP 10 WAYS TO MOBILIZE YOUR WORKFORCE

The Benefits of adopting mobile devices within the workforce is becoming extremely popular as businesses are striving to find innovative ways to increase employee productivity. This can mean employees working more flexibly in a highly dynamic business environment or responding to real-time information at the ‘wisp of a wand’. The devices available to achieve such things are mainly dependent on individual business needs, nonetheless, still remaining accessible to all. With this being said I have listed 10 ways in which businesses can mobilize their workforce using technology.

1. Tablet PC’s – These devices are similar to notebooks but their wireless capabilities and intuitive touch screen user interfaces make you feel right at home. For the real business savvy, tablet computers are no stranger to fully functional operating systems such as Windows and being highly compacted are adaptable to your work-space layout.

2. Laptops and Notebooks – Another great addition to office mobility, offering powerful alternatives to desktop computers with excellent software handling capabilities. Laptops come in a huge variety of sizes, specifications and designs which you can use to your advantage.

3. PDA’s – The Personal Digital Assistant or PDA could be thought of as the predecessor to the modern day smart phone. PDA’s often pack large screens operated by their stylus counterpart and are capable of running limited versions of office software. Additionally the PDA’s offer remote access to email, schedules and documents through WIFI or Bluetooth connectivity.

4. 3G Phones – 3G stands for 3rd generation and currently dominates contemporary mobile broadband connectivity. The main benefit of 3G devices are that they are always connected to the internet and offer quick access to web pages.

5. GPRS – The General Packet Radio Service is the predecessor to 3G technologies which also allows mobile phone users to connect to the internet on the move. GPRS devices are an alternative to 3G as they are normally a more cost effective way to communicate business initiatives between employees.

6. WIFI – A name given to given to a group of standards, which governs the use of wireless technology and effectively revolutionising how we communicate today. WIFI technology offers users super quick access to the Internet and is widely available to the public through the development of WIFI hotspots.

7. Extranets – Essentially this is a private network in which businesses can operate using a standard Internet browser. The information included on an Extranet network may include product information, pricing and payment processes. Obviously concerns about network security may be an issue but Extranets combat this with password protection and structured levels of permeable access.

8. VPN –Virtual Private Networks offer a secure way to deliver remote access to private networks. Again, security threats are stabilized with high end encryption which leaves you to concentrate on collaborating with your virtual workforce.

9. Bluetooth – Bluetooth wireless technology uses radio waves to allow instant connection with other Bluetooth compatible devices. The great thing about this way of communication is that no phone or Internet connection is needed. Therefore activities such sharing contact information and mobile printing becomes as easy as can be.

10. Cloud Service Providers – These are companies which manage an online infrastructure where clients have the ability to manage, create and share information through a range of web based applications.

SECURITY IN OFFICE 365

If you did not know, Microsoft Office 356 delivers cloud productivity to businesses of all sizes and as an external provider of cloud services it is important to consider what security measures are actively in place to help protect customer data . The areas which normally arise with regards to security usually include data protection, privacy and data ownership. Therefore this blog has been written to identify the measures Microsoft has taken to respond to these concerns.

The current challenges in relation to cloud security include an increasing trend in mobile access to information, which has created a haven for cyber-crime. In order to maintain maximum precaution, strategies to research, monitor and prevent emerging threats are needed which means time and money for any organisation. This is where a program like Office 365 comes in. Microsoft invests a lot of money into its data center’s where the need for secure access is a highly communicated initiative. This also includes anti-spam and anti-virus technology which has been automated to counteract virtual threats.

No stranger to online services, Microsoft have gained considerable experience since the introduction of MSN in 1994. Recognizing that security is an on-going process, measures were taken to protect data from harm, whether a natural disaster or unauthorized access. This was done by a committed approach to monitoring data infrastructures, applying industry practices and investments in high-end technology in order to keep data safe. This also meant security needed to be built into the software from the start to further increase security. As Office 365 has been designed for secure access over the Internet, users have the option of creating strong passwords to enforce data protection. Alternatively users can also apply for a Federated ID which aims to increase security measures by actively monitoring on-premise-access to the system. And if this is not enough, Office 365 software hosts a range of in-built encryption’s which comply with all necessary daily activities such as emailing, documenting and even voice-mail messages. Considering the above, it seems that Office 365 covers a wide range of security initiatives designed to make the user feel at ease when it comes to handling data. Data security will always remain a major concern for businesses of all sizes and the need for high security initiatives by external cloud services should not be ignored. As demonstrated, Microsoft Office 365 is one example of a forward thinking company who takes into account the vulnerability of cloud business applications only to provide effective on going solutions. And just in case I missed it out, Office 365 wholeheartedly emphasizes user responsibility where their Trust Center provides highly valuable information on how you can increase effective handling of sensitive data.

The Most Destructive Computer Viruses Of All Time

This is our info-graphic on The Most Destructive Computer Viruses Of All Time, which is jam-packed with information to keep you safe from the troubles that lurk on the internet!

Supreme-Systems-IG-Jul-15

CPNI Security

Personnel security – In Hindsight

“This video is intended to be used in staff training to help raise awareness of personnel security in the workplace. It is made up of three chapters, focusing on staff recruitment, ongoing personnel security and staff departures.”

Personnel security – Eyes Wide Open

“This film is for anyone who has a security role within the UK national infrastructure or responsibility for security in crowded places. Through interviews, advice and re-enactments the film seeks to help the viewer recognise suspicious behaviour more readily, clarify the context of such behaviour through questioning and have the confidence to report suspicious incidents.”

 

Staff security awareness

“A short film aimed at all staff working across the national infrastructure explaining the importance of following security procedures and how everyday measures – all based on best practice advice provided by CPNI – can help reduce vulnerabilities in organisations”

 

These videos were created by CPNI.

Business Continuity Planning – Advice from CPNI.GOV.UK

This article has been shared from the UK governments Centre for the Protection of National Infrastructure (CPNI) – the website is full of advice as to how businesses can better prepare for a disaster. Find out more at http://www.cpni.gov.uk/

Business continuity planning

Article Summary

The Business Continuity Plan (BCP) is an essential part of any organisation’s response planning. It sets out how the business will operate following an incident and how it expects to return to ‘business as usual’ in the quickest possible time afterwards.

A BCP need not be specific to terrorist incidents and apply to any major disruption such as a major fire, flooding or power fault.

The plan itself sets out the agreed arrangements for bringing events under control, the necessary resources for maintaining critical business functions and the staff required for co-ordinating actions.

It also needs to be clearly presented, avoiding vague internal references and abbreviations, and structured in such a way that people can quickly find and understand what is expected from them.

A wide range of advice for developing and maintaining BCPs is available but the following is a summary of common principles:

Understanding the business

The first step is to identify the assets and processes that are critical to the business, some may have been identified during recent risk assessment exercises.

  • Which roles and individuals are vital for fulfilling business commitments?
  • What equipment, IT, transport etc will staff need to maintain operations?
  • How long can the business function before full operations are restored?
  • What alternative resources are available?
  • Which departments are vital for fulfilling orders and contractual obligations?
  • Which suppliers and other third parties are integral to daily routines?

The BCP should then present all the steps that staff are expected to follow in the aftermath of an incident in order to maintain essential operations and return to ‘business as usual’ as soon as possible.

The structure and detail of the BCP will vary from business to business and from location to location but, in general, should include:

The initial response

  • Clear roles and delegated responsibilities for those who will take charge of co-ordinating the initial response and from where in each location.
  • Do those working with emergency services have access to any prepared response packs
  • Factors determining part or full evacuation of premises.
  • How first-aid will be provided
  • Arranging internal and external communications
  • Arrangements for marshalling crowds towards pre-determined muster points.
  • Support for people with disabilities, restricted mobility or other needs.

Longer-term planning

  • When and how alternative accommodation and facilities will be utilised.
  • Arrangements to maintaining access to key records and IT systems
  • Contingency arrangements for critical operations – financial transactions, client orders, receipt of deliveries, production commitments.
  • How the appropriate staff will be able to access any contingency sites
  • Agreed procedures for re-commencing routine operations.
  • How staff kept off-site from site can be kept informed

Continuity preparations

If you do not have a business continuity plan in place then consider how best to make your organisation more resilient while the plan is being developed Some initial planning and actions could be taken now, for example:

  • Cross-training of skills amongst the workforce.
  • Documenting procedures so that delegated staff can perform unfamiliar tasks.
  • Agreed relocation options both within and outside the premises (e.g. meeting rooms that could be quickly converted to work areas).
  • Nominated contingency staff familiarised with any response planning
  • Remote access to IT systems in nominated back-up locations or staff homes.
  • Alternative sources of production equipment.
  • Secure/off-site storage of data back-ups and valuable documentation.
  • Agreed methods for out-of-hours contact for staff, suppliers, clients etc.
  • Provision of ‘Emergency packs’ include key documents and items that may be needed by those who manage from an incident room or work with the emergency services
  • Agree a communications plan for keeping both internal and external audiences informed in the midst of an incident

Further advice

A wide range of advice on business continuity is available, much of it free. The Government’s Preparing for Emergencies website provides extensive information for business (including ‘Expecting the Unexpected’) and links to key organisations. Defra’s website also contains guidance about contingency planning for a variety of emergencies. More detailed advice for business continuity professionals can be found at the UK Resilience website.

At the local level, the Civil Contingencies Act 2004 requires local authorities to provide advice and assistance to businesses in relation to business continuity management. Consult your local authority’s website for further details.

– See more at: http://www.cpni.gov.uk/Security-Planning/Business-continuity-plan/#sthash.KBUSAmLO.dpuf

Social Media Security Threats

Infographic on Social Media Security threats

Supreme-Systems-IG-v1-Sep-Oct

Get Secure with our top 10 tips..

Ten tips from the Supreme Team to help make your IT network more secure. Happy reading!

1. Educate your team…
IT Security begins with your team so teach them how to spot malicious emails. I like this article on www.pcworld.com which talks about the 3 signs you should look out for. In short if you receive an email purporting to be from your bank (or supplier, client, booking.com) which you a) are not expecting (hint: look closely at email address – you should be able to spot that the address is not really from who it is claiming to be from); b) is not addressed to you (so rather than Dear Angie, the email addresses you as Dear Customer, Dear Sir or nothing at all) and c) it has an attachment or link which you need to click on to view further information – it is a phoney! Delete immediately.

2. …revoke their rights
This is the first thing we do when we on-board a new client. We revoke local PC rights for all users. This does not always go down well in the first instance but after we explain that the easiest way to introduce viruses to their IT system is by letting their users download unverified content most business owners soon come round to our way of thinking…

3. Employ user account access controls
Just so you can ensure that only authorised users can access you business’s IT systems and information

4. Get a business grade firewall
We are still amazed by how many times during a pre contract audit we come across businesses who use firewalls (router) clearly designed for domestic use. Not all firewalls are created equal so please get a business grade firewall

5. Pay for your anti-virus – you get what you pay for if you go FREE
“You are just paying for the name aren’t you? They all do the same thing!” Wrong! As above not all AV’s are created equal. Pay for your anti-virus – Free is as free does. We will always recommend market leaders (our belief is that they must lead the market for a reason) – their products are tried and tested. If you do implement only one of our advice please do this. Don’t skimp on AV!

6. Move from Exchange to Microsoft Office 365
Another way viruses get into IT systems is via SPAM (unsolicited) email messages. Moving to Office 365 by Microsoft will give you the necessary protection against SPAM for your emails. Plans start from £3.10 per user. You can find out more here

7. Upgrade old software
Do you still have PCs running Windows XP? Are your servers still powered by Windows Server 2003? Microsoft has stopped supporting these operating systems and this means if those shady types find a way of accessing your system through these software then Microsoft will not be releasing a “patch” to stop this intrusion

8. Encrypt your sensitive information
When the word encryption is used many small business owners shudder at the thought of setting up complex and expensive systems. The fact is encrypting your critical business information is not only easy to do but also relatively inexpensive (even free if you know what to do…) Encrypt emails, USB drives and documents. You can also encrypt devices such as laptops, smart phones and tablets in case they get into the wrong hands

9. Physically secure your IT systems
Keep your servers screwed down and locked up if possible so no one can move them. Seriously! We have been to many audits where the “server room” is also being used as the storage room / packing room / general chat room…you get the idea…

10. Get a good DR Solution
Ok guilty as charged. We are DR Fanatics…but prevention is better than cure…

Hope you enjoyed our tips…until next time!

The Supreme Team

Growth Vouchers – What you can claim for…

I hope you had an enjoyable summer break and back to work feeling revitalised.

Just a quick email – you will recall I sent an email to you back in July regarding the government’s growth voucher scheme which we are accredited consultants for. If you did not receive the email, you can find it on our blog here

I have received a number of queries regarding what the vouchers can be used for so I thought I would send you an email to give you some ideas on how you can utilise the vouchers to get worthwhile business advice for your business – from an IT standpoint.

1.       Growth & Expansion

Thinking about moving office? Selling abroad? Expanding your team? We can give strategic advice on ways in which IT can help you achieve these goals. Use your growth voucher to get and pay for advice on:

  • Upgrading existing equipment to ensure your new team is more productive (i.e. new server upgrades, new OS upgrades),
  • Better IT security (do you have problems with spam, viruses, internet misuse and you need strategic advice on tacking these issues),
  • How you can make your new premises “technology proficient,
  • Getting the best broadband provision.
  • IT Failure Prevention – the bigger you get, the more dependant your business is on its IT systems. These systems are not infallible so you must put in place provisions to ensure that your business carries on as usual if they fail. You can get strategic advice on how you can implement fail-safe measures such as disaster recovery solutions that keep your systems ticking away.

2.       Competitive Advantage

In today’s fast moving market place, only the fittest as they say survive so why not get strategic advice on how you can use IT to improve your internal processes and make your business leaner and much more efficient?

The strategic advice we can give can include:

  •        Looking at ways in which you can reduce your IT costs with Cloud Technology;
  • Advice on implementing a company intranet and how to effectively use it;
  • Looking at software to help improve your in-house processes such as ERP or CRM solutions
  • Helping you reduce your communication cost or improve inter-company communications by looking at unified messaging solutions such as Lync (great for communication with teams/clients/suppliers in other countries).

3.       People Development

  • Your people are your best assets and investing in their development particularly with IT is a great way to keep them vested in your business. You can use your growth voucher to get advice on getting the best IT related training for your team.

Once we invoice for the work we do (i.e. upgrade for a new server for example) you can pay for part of this fee using your growth voucher as an element of the invoice will be consultative work. There is a 50:50 split – the government can pay up to £2,000 and you pay the rest. We will let you know how much of the total invoice you can claim.

You can find out more by visiting www.gov.uk/apply-growth-vouchers. Applying is easy – and I recommend applying for a voucher even if you don’t think you will need any such work at present. We all know how quickly things can change.

Give me a call if you want me to answer any questions – I am always happy to help.

Thanks and regards as always!

Angie Hart

Tel: 01213090060

Email: angela@www.supremesystems.co.uk