, ,

Cyber Essentials: Five Security Controls

Five Security Controls that you can put in place today, explained without the technical jargon.

,

Why You Need Cyber Essentials…

Cyber Essentials is a Government-backed scheme designed to help organisations protect themselves against common online threats by setting standards which are proven to be effective at mitigating cyber-attacks.

The main benefits of Cyber Essentials compliancy are;

  • Security: Compliancy with the Cyber Essentials standard is proven to mitigate up to 80% of cyber-attacks
  • Reputation: By displaying your Cyber Essentials certification you show your customers and stakeholders that you take the security of your business seriously
  • Opportunity: A Cyber Essentials accreditation enables you to bid for lucrative Government contracts and gives you a competitive advantage in the Automotive, Aerospace, Health, Finance and Education sectors too
  • Save Money: Insurance companies look favourably on businesses that have implemented Cyber Essentials which often translates into lower premiums

Ready to get started? Supreme Systems will handle your accreditation process in 3 stages, ensuring you’re certified first time;

  1. Perform an audit of your IT security and a gap analysis
  2. Implement the controls and processes required
  3. Manage your submissions and a few days later you will receive your certificate

If you need support on how to obtain Cyber Essentials Accreditation, visit www.supremesystems.co.uk/cyber-essentials or call 0121 309 0126.

Turn Your Home into a Smart Home in 5 Ways.

Do you know that virtually everything in your home can be controlled by your remotely? No really. Lights, thermostats, TV, radio, CCTV even your oven can be connected to the internet and controlled by a mobile device or smart speaker. Most people think turning their home into a smart home would be a difficult process, best left to technophiles. The reality is that it is easy to do. Read on for our tips.

1. Hello Alexa, Siri, GA

To get the best our of your smart devices, we recommend that you get a  virtual voiced controlled assistant (VVCA) like Apple’s Siri, Google’s Assistant or Amazon’s Alexa. Whilst you don’t need this, it makes it easier for you to run a smart home as all your devices can be controlled from one unit. If you decide to get a virtual assistant, you will also need a smart home controller which will help you control your devices. For Amazon this will be the Echo / Echo Dot, Apple Siri can be controlled using an iPhone, iPad or Apple Watch and Google Assistant is controlled by Android Smartphones or Google Home.

2. Control Your Lights

Use light bulbs that connect to your Wi-Fi connection. You can adjust your lighting system to turn on and off whenever you want. Since these light bulbs are typically energy-efficient, you won’t be hit with a surprise bill in the mail.

A wide variety of smart lighting is on the market. While some systems require a VVCA to operate, there are also smart light bulbs with built-in Wi-Fi connection allowing you to connect direct to the device. Lifx is one such device so its setup is relatively simple. The bulbs are multi-colored and dimmable, but because they rely on Wi-Fi, their reliability will depend on your Wi-Fi router.

3. Turn up (or down) the heat

Your home can be set to the right temperature every time and you don’t have to be in your home to do this. Smart thermostats, like Nest, connect to the internet via Wi-Fi so they can be controlled with a smartphone or VVCA. The main benefit of a smart thermostat is that it can detect when you aren’t home and determine when to shut off the heat or air-conditioning to preserve energy.

Setting up a smart thermostat with a VVCA gives you the extra perk of being able to set the temperature just by speaking a voice command.

4. Smart Security Cameras

For added home security, invest in a smart security camera. There are a wide variety of smart security cameras on the market such as outdoor motion sensors, smart locks, and surveillance devices. Most smart security cameras store hours of footage on a cloud-based storage, which means you can save it for the police.

You can even live-stream footage to your smartphone or tablet, so you watch your home while you’re away. Some of the larger systems require professional installation, but there are plenty of DIY options. The only thing you’ll need is a Wi-Fi password, the smartphone app, the security camera, and tools to place the camera wherever you want in your home.

5. Do your laundry and cook dinner Smart-ly

A smart washing machine like this one will let you control your laundry from your phone and VVCA. Smart washing machines look like other washers but come with lots of useful extra features that set them apart. You can turn the washing machine on or off – perfect if you forgot to press start, receive notifications when the wash cycle has ended and get the machine to diagnose its own faults!

You can also cook in a smart way too. You can control your oven from wherever you are. Turn it on, switch off, increase the heat and even view your dinner. Now you never have to miss a second of your favourite TV show. And if you have a VVCA even better, “Alexa, start dinner please”

Moving? Well Get Planning!

Gone are the days when an office relocation involved a couple of moving vans and a redirection notice to the post office. Nowadays, there can be an entire IT infrastructure and business network configuration to shift, as well.

Moving can be a stressful time and it can be easy to overlook things. To avoid this, we have provided you with a checklist to make your office relocation smooth and problem-free. Don’t forget that we are always happy to assist with moving your IT and network equipment as well as telecoms and connectivity. Give Julian a call on 0121 309 0126 to see how we can help.


Planning & Preliminaries

  • Establish a time-frame and schedule for the overall process and any high-level projects or resources that need specific attention.
  • Take a comparative look at your existing premises. What provisions are in place for power, water, internet connectivity and telecoms
  • Make a more detailed blueprint of your new office space, including where workstations, IT infrastructure, offices, conference facilities, equipment stores, fixtures and auxiliary spaces should be located.
  • Engage an architect and/or building contractors for any new construction, additions or upgrades to existing structures.
  • Assemble cost estimates and contingency funding levels, to get an overall budget for the move.

Equipment & Technology

  • Make an inventory of all your existing IT assets, prior to your office relocation.
  • Make a comparative assessment of the IT infrastructure at your present location and at your new premises.
  • Determine the positioning requirements for network equipment, IT infrastructure connections, power, cooling and air conditioning.
  • Assess your existing network cabling and what needs to be done at the new location to bring it up to current industry and best practices standards. Structured cabling solutions are now recommended as the norm, along with fibre optic cable networksto maximise data throughput and internet connection speeds.
  • If you have IT acquisitions or equipment upgrades already scheduled, the process of office relocation may give you the opportunity to rationalise or consolidate some or all of these projects into smaller, less complex and more cost-effective packages.
  • Develop a strategy for the selling of or disposal of unused or obsolete equipment, furniture and fittings.
  • Make a list of all your business-critical applications and the software required to support them.
  • Consider business continuity and your available options for handling network downtime. These may include the provision of redundant hardware, offline software or mobile apps.


Telecommunications

  • Make an assessment of what (if anything) needs to be done to give priority to voice data on your network. This provision will ensure that your IP (Internet Protocol) telephony has the bandwidth it requires for high-volume and high-speed business communications.
  • Take an inventory of your personnel, business divisions and the number and type of communication devices that you’ll need to cater for: desktop handsets, softphones linked to computer systems, smartphones, other mobile devices, etc. This will not only clarify who’s using what but will also establish the kind of network strength and enterprise telephony package that you’ll need at your new premises.
  • Arrange to transfer all the existing phone numbers that you wish to keep. Whether they’re landline, virtual (cloud-based), or mobile, there are options available for retaining your established and recognised business telephone numbers.
  • If new phone lines are required, this is the time to determine how many you want and what kind of telephony features should be assigned to each. Adding new lines, managing accounts and provisioning your lines with features and tools are all straightforward procedures under a VoIP system.


Network Access & Security

While it’s easy for administrative details to get overlooked in the confusion of moving, an office relocation also provides you with an opportunity to re-evaluate and potentially improve your network security and access control measures. Your checklist for this section should include:

  • Make an inventory of protected assets and resources – including any new ones generated by your business expansion or office relocation.
  • Develop a plan for protecting confidential information and intellectual property while you’re in transit, or in the transitional phase between systems at your old and new premises.
  • Make a detailed list of your employees, business units, administrators and the network access rights and privileges that they currently enjoy.
  • Create or update your company’s security policy, setting out all the relevant access and verification procedures (passwords, security tokens, biometrics, etc.), individual or group network rights and the penalties for violation or abuse.
  • Establish the tools and procedures that you’ll need for monitoring your IT infrastructure, network hardware, databases and application software.
  • Renew any existing contracts with relevant security vendors or providers and negotiate new ones as required.

 

8 Interesting Facts About VOIP

1. It’s scalable.

The simplicity of installing additional services and users makes VoIP an ideal option for companies who seek the flexibility required to scale up or scale down their telephone network.

2. Integration’s simple. 

Setting up and installing a VoIP solution is incredibly easy. Particularly with the support of a dedicated communications provider. By evaluating the required bandwidth and network capacity, your provider will recommend and install the best equipment to support your individual business requirements.

3. Quality’s not an issue.

Back when internet connections were unreliable, VoIP struggled to compare with ISDN in terms of quality. However now, with superfast broadband and QoS commonplace, businesses can enjoy crisp, clear VoIP along with the added security of auto call forwarding and voicemail to e-mail.

4. Cost savings all round.

The first saving is on the cost of calls, of course. However, you can also eliminate the cost associated with maintaining and upgrading a traditional phone system by switching to VoIP.

5. Easy to manage.

Working alongside a dedicated communications provider makes managing your VoIP solution simple. Thanks to the use of web portals, the following amendments can be made promptly:

  • Adding or removing a user
  • Installing additional lines
  • Setting up call forwarding
  • Amending your system configurations

6. Security is paramount.

Much like other providers of sensitive online services such as online banking and digital payments, VoIP developers are constantly building sophisticated defence measures like firewalls, redundancy and encryption to ensure your business data remains secure.

7. Improved efficiency.

The portability of your VoIP number means you can take your connection with you, wherever you go. Ideal for employees who travel both locally and abroad. What’s more, its web-based functionality means it integrates seamlessly into other functions like e-mail, fax and conference calls.

8. Keep your numbers.

A common misconception is that switching to VoIP means you have to change your phone number, resulting in unwanted administration. VoIP providers actually offer number porting facilities as well as additional landline and Freephone numbers to support your business as it grows.

21 Online Scams You May Not Know About

Are Your Employees Keeping Your Data Safe? Don’t count on it!

Let’s illustrate with this true story…

A man was making his way to his local jobcentre when he spotted something glistening in the morning sun. Full of curiosity, he went to investigate and discovered it was a USB stick. Being a frugal man, he popped the device into his pocket, thinking he would be able to put it to good use later. When he returned home, he connected the USB to his laptop, but before reformatting the device he decided to check out its contents (we mentioned earlier he was a curious soul). As he sniffed around, he realized with amazement that the device contained high level security information for Heathrow Airport. 174 folders containing maps detailing CCTV camera locations, labyrinthine tunnels snaking below the building and even the exact route the Queen takes when she uses the airport.

Understandably worried, the man quickly ejected the device and brought it to… the Daily Mirror (go figure, it surely had nothing to do with the money The Mirror and other tabloid newspapers were offering for information of this type). The news caused a huge uproar and led to BAA (then owner of Heathrow, now Heathrow Airport Holdings Ltd) overhauling the way company data was handled (and so they should! Can you imagine what could have happened if that information had gotten into the hands of unscrupulous types. “The exact route the Queen takes when using the airport” – makes you shudder…)

No one knows how this sensitive information found its way to a street in London, however, all signs point to the USB drive being dropped accidentally by a hapless employee. This story hammers home a vital point: whether you’re an international airport hosting more than 70 million travellers each year or a small business with 5 employees, your biggest security risk isn’t hackers based in outer Mongolia but your employees!

So how do you keep your data safe? Well the EU General Data Protection Regulation (GDPR) sets out some guidelines regarding protecting sensitive information but here are some of our top tips:

1. Identify your important data

Before you even start thinking about how you protect your company data first do some housekeeping. First identify the information you need to protect (“crown jewels” such as financial information or trade secrets, employee records, customer data / payment info). Once you know what needs to be protected, you will then need to know how this information is collected (or created), how it is stored (servers, cloud, mobile devices, emails) and also how it moves (i.e. email, Wi-Fi, portable device such as a USB).

2. Now Protect It!

  • Encrypt your data. That way if it is accidentally lost it would mean nothing to anyone who finds it.
  • Use strong passwords to protect your most sensitive information.
  • Will you know when your important data is leaking, or being accessed or taken? There are intelligent tools that can give you this information.
  • Is cardholder information handled exclusively by a secure payment portal?
  • How is your important data backed up?
  • Is it necessary for all your users to be able to download data from the office? Consider disabling USB ports and any other portable devices. If you have a company intranet disable the ability to download files so work can only be done within the shared area.

3. Control, Control, Control

  • Limit access to the data you need to protect to those who need it, and terminate their access when they no longer need it?
  • What physical security do you have in place?
  • Do you know at all times who should have access or has had access to the data you need to protect?

4. Limit 3rd Party Access

It is not necessary to give full access to your systems to 3rd parties. A well segmented network will allow for limited access to only certain parts. Never give 3rd parties access to your systems indefinitely. Encourage them to agree set times to carry out their work. After this time disable their access.

5. Reusing or disposing old kit? Make sure it is wiped properly

6. Educate your staff

Hackers continuously find new ways to access information, which is why creating a culture of consistent awareness of threats is so important.

One team meeting about cyber security is not enough to guarantee that employees understand how to keep data secure. Cyber-attacks come in many different forms and are always evolving, so everyone needs to be kept up to date on what to look out for.

,

As we turn 10, even more improvements to our services

1. Better Reporting

You know how you do something one way for so long you fail to see its shortcomings until someone new comes along with fresh eyes and tells you that what you have been doing for so long is, well, meh? This is how we felt recently when we tasked one of our graduates to improve our reporting, really thinking that they would find nothing to improve. But find improvements they did!

Our reports will now allow you to see at a glance what type of issues are affecting your users, include information relating to a particular device plus a chart that will allow you to compare trends through the year. There is so much more valuable information provided in the new reports – there is even a section that outlines the background aspect of our work, so you get a feel of other things we do for you that you don’t see.

We are beta testing the new reports with some of our clients. They go live in September so look out for them – we think you will like them.

2. Model Office Docs

Account Managers have spent time with our customers putting together model office documents for their business. MODs help us define set criteria for each client to ensure that all users have the right IT (hardware and software) that they require to do their jobs.

One benefit of having a predefined MOD is that the new starter process becomes much quicker as the MOD document will contain information that lets us know what the new starter will need on day one. For example, which drives they need access to, printers, permissions etc.

3. Annual Re-Onboard

We allow a six-week period to onboard all customers. This gives us time to get to know the new client – their users, different departments, way of working and IT Infrastructure. Onboard is valuable in ensuring that we can support our new customers adequately, but we know that things don’t always stay the same and often change. Therefore, re-onboarding each year will help keep the information we collated initially during onboard up to date.

4. More Show& Tell Events

Our Cyber Security seminars were well received by clients, so we are looking at doing more of this type of event this year. Service Delivery are in the process of agreeing a subject area, so we will keep you posted.

5. Introducing Performance Tune Ups

We will be arranging performance tune ups for all customers on an annual basis. Performance Tune Ups are like servicing your car but for your IT equipment. These will be performed annually, and service delivery will be in touch to book yours. This is a complimentary service.

6. Include WPRS site as part of DR

A question we often get asked when people subscribe to our DR service is if we also provide a Work Place Recovery Site (WPRS). A WPRS is a site you can go to if for any reason you are unable to use your normal business site (because of fire, flooding, terrorist activity, etc.) Up until recently that answer has been no, however because having a WPRS is an essential aspect of Business Continuity, we have now partnered with several service office providers to ensure we can provide this as an additional service. Prices start from £50/month, please speak to your account manager for further information.

7. Sorry is not enough

The song goes that sorry is the hardest word but sometimes sorry is not enough! We want you to hold us to accountable if we fall to meet agreed SLAs so from 1st September 2018, we will refund you a percentage of your monthly support payment if we fail to meet agreed SLAs. We are in the process of defining the criteria for rebate, these will be outlined in the new reports we send out in September.

To HAAS or not to HAAS…

SMEs have one major advantage over big business. Their very nature means they can leverage technology for a competitive edge much faster than bigger business. Moore’s Law – a concept named after Intel co-founder Gordon Moore which is often used to refer to the quick pace of technology advances – states that computer chip processing power doubles every two years.

Today, about half a century since the creation of Moore’s Law, that time frame is usually quoted as only 18 months, and sometimes even less. This can be problematic for SMEs as they may not always have the resources or cash-flow necessary to keep up with technology changes. A great way to keep current with rapidly evolving IT innovations, while still controlling costs, is Hardware-as-a Service (HaaS).

The concept of Haas has been around for years. When your internet provider installs a new router to replace an outdated one, or your mobile provider sends you the latest mobile phone included in your monthly plan, they are essentially providing hardware along with the service.

Outdated IT equipment can be even more costly, especially to a small or midsized organization. It can lead to poor productivity, lower revenue and lost data. HaaS is essentially leasing IT equipment which your business would otherwise have purchased outright.

Some Benefits of HaaS:

1. REDUCED CAPITAL EXPENDITURE

By not having to spend a lot of money upfront for your next major IT upgrade, HaaS has the financial benefit of converting a large capital expense into a more manageable operating expense. This can free up your cash flow and provide more working capital, which is critical to many organizations.

A fixed monthly cost also makes technology expenses budgetable.  HaaS removes the unpredictability factor involved with maintenance and upkeep.

2. SAY GOODBYE TO OBSOLETE IT

A HaaS solution includes timely upgrades to state-of-the-art technology. This eliminates a great deal of buyer angst which so often accompanies IT purchases.

Remember Moore’s Law? You can’t expect to be successful in tomorrow’s business landscape using yesterday’s tools. HaaS is a great way to stay current with state-of-the-art technology specific to your industry and business goals and needs – from multifunction printers and copiers, to servers, computers, peripherals and more.

3. BETTER TROUBLESHOOTING AND MAINTENANCE

The proactive service model associated with HaaS delivers a high level of service integrity and operational reliability. Ongoing support and contact with an MSP is also a good way to ensure the best operating practices are used with your hardware.

Too often, new hardware is purchased and maintenance is neglected due to costs. With a HaaS solution, the equipment and service is included in the SLA. You can forget about the potential implications of equipment failure and system crashes right after a warranty expires. Just let your MSP resolve – or better yet, prevent – the problem.

4. SCALABILITY

HaaS has built in scalability. As your organization grows and changes, so does your technology needs. With HaaS you can integrate any number of new components, from one to many, all depending on your business needs.

5. BETTER SECURITY

When it comes to IT hardware and security, new is often better. Network security sometimes requires both hardware and software updates. With HaaS, it is easy upgrade to the latest hardware if it is necessary for security reasons.

There are many more benefits of HaaS than the list provided above. If you would like to find out more about our own HaaS solution speak to Julian on
0121 309 0126.