Promote Computer & Web News

  • Home
  • Promote Computer & Web News

Promote Computer & Web News Promote News feed for computer & Web news.

28/03/2024

🌟 Dive into the world of Software Development with us! 💻 Discover our cutting-edge projects and embark on a journey towards tech transformation. At Nawal Global Systems, we craft success from concept to code! 🚀 Explore more at https://nglobals.com/ and let's build something extraordinary together! 📲

28/03/2024

What do SME owners and managers really care about in regard to Cyber Security? It's a really good question. There is a huge amount of advertising which is full of jargon expounding the technical merits of this or that product. You can almost here SMEs shuddering and pushing that off on their IT supplier or management company. That's perfectly understandable, it's not their core business and they've got a shed load of other stuff to deal with. Problem is, apart from supplying and maintaining some security related products, it's not the core business of their IT supplier either. So where does that leave the SME.

Many of them face unique challenges when it comes to cyber security. I've talked in the past about the problems they face and I would labour the issue here except to say it's a variety of factors, such as limited resources, lack of expertise, and reliance on third-party vendors. That is not to say that they aren't concerned with issues such as data breaches, phishing attacks or ransomware, and many face compliance issues, and third party risks (often the SME themselves are the 3rd party in a supply chain)

In order to stay safe, what they want to know, indeed need to know, is how to identify and prioritise key aspects of their operations that must be secured. If they focus on cyber security being a business issue and not an IT issue, and move it into their overall business strategy, they will have made a very good start. Don't concentrate on the technicalities, focus on the business issues, and what needs securing will jump off the page. How to secure it then becomes much easier.

If you feel you need further advice and guidance check out our website, www.hah2.co.uk and give us a call or book a chat online.

27/03/2024

A Company's Tale – From COVID to Hybrid
This is a tale that could be told regarding many organisations, especially since COVID hit. Names have been changed and certain other details have been omitted or masked.
Hawk Engineering Ltd is a company that provides high quality environmental engineering services to its clients, and began operations on 16 July 2019, not long before COVID hit. It’s a limited company owned and operated by Norman Jones and Rupert Smith. Mr. Jones and Mr. Smith both left their respective jobs to specialise in environmental engineering consulting to small and medium sized businesses.
The company was set up to target small to medium sized companies and government organisations within the UK. They have managed to secure several contracts and have grown from the original 2 man team to 8 consultants/engineers and 3 support staff, housed in a serviced building where they rent 4 rooms, one for the admin staff, one for the consultants, another for the 2 partners and a small conference room. The support staff cover finance, HR and general admin duties. The building shares a reception area and a cleaning contract. The cleaners operate out of hours, cleaning after everyone has left for the evening. The consultants are provided with laptops, tablets and smart phones whilst the admin staff use desk top PCs, and all are connected to a large printer.
Rather than ramp up its permanent staff too quickly, they use relevant qualified consultants when necessary. These consultants are given an email address and access to the data they need to work on projects.
The 2 partners are aware that they now hold a growing amount of personal and corporate data, not just about their own staff and systems but also about their clients. They are aware of the Data Protection Act 2018 and GDPR but are not sure about how much this will affect them. They have a local IT management company under contract and up to the start of COVID had an onsite server which stored their data and an email server providing mailboxes to the staff and contractors. At the outbreak of COVID, this caused an issue.
In terms of policies, they have very little that references the DPA 2018 and/or GDPR. Their website does not contain the necessary privacy statement or statements regarding the use of Cookies. They don’t have an overarching security policy or a cyber security strategy in place.
But everything in the garden was rosy, the company was doing well, it was in profit and had a relatively full order book, at least for the foreseeable future. And then along came COVID and everything changed.
At first it wasn’t a problem, we all remember how the UK ramped up relatively slowly, with lockdowns coming after those in other countries, but come along they did. The full implications of not being able to work in the office only started to become apparent after the office was out of bounds. They couldn’t claim any sort of immunity because they were simply not in an industry that required such immunity, so the office closed. The consultants used laptops and they could continue to work, but not securely. They didn’t have a remote access system in place as consultants worked on client site and tended to use client networks through which they could connect. Not optimum but cheap and cheerful and cash flow was everything to a small business. The real hit was on the admin staff as they used desktop PCs which they had left behind when they went home.
So initially the admin staff were the priority to find a solution for and the first issue was to be able to find machines they could use at home, and then connect them to the office file and mail servers, the latter applied to consultants as well.
I’m sure most reading this will remember the issues as many of you will have faced the same problems. So long story short, the problem was to establish as near to normal operations as possible and they ignored security as firstly, they didn’t grasp the implications, and secondly, they didn’t know what to do about it. Their IT management company wasn’t a lot of help in the latter regard simply because they were firefighting issues for all or most of their clients and didn’t have the time or resource, and frankly, didn’t really have the skill set either.
In many respects recovering an operational capability in that instance, wasn’t much different in recovering from any natural disaster and much of the planning required for a disaster recovery and business continuity situation, would have applied, with perhaps the difference that the office would continue to be out of bounds. So, plans could be adapted, assuming of course you had a plan in the first place, and they didn’t.
What they were able to do was to set up a contract with a cloud provider and as their IT support got some bandwidth, they migrated their data from the office based server to the cloud storage and at the same time migrated their email. Getting staff to connect to the cloud was an issue and some found it easier than others as that had to be done remotely and some were more IT savvy than others.
It didn’t solve the desktop PC problem though and staff continued to use home PCs, the same PCs their kids were gaming on, to connect to the company data. A recipe for disaster. Of course, this was solved by purchasing and shipping laptops which the IT support set up before shipping. But by then their data could easily have been compromised via the home PCs. There is no way of knowing whether or not they were compromised and if this is a problem which could come back to bite them.
Work-from-home employees are at much greater risk than those in offices. Since home connections are less secure, cybercriminals have an easier entry into the company network. Furthermore, the explosion of various online tools, solutions, and services for collaboration and productivity tend to have the bare minimum of security default setting, and updates from third-party vendors can change security preferences and be easily overlooked.

Phishing becomes an even greater threat to home workers, often because, in an office environment, they have access to colleagues and managers, who they can approach for advice and guidance. This is much harder to replicate with remote workers, especially those who may not be particularly tech savvy and who may not wish to become ‘burdensome’ to their co-workers.

Ransomware also enjoys an advantage in the work-from-home model. If their connection to the company is blocked, it is more difficult for workers to get assistance from the right experts and authorities. And since trust levels are lower when working from home, some workers will be concerned that they have “done something wrong” and so may be more reluctant to seek help. While this risk can be addressed by increased training, as well as messaging that vigilance and involving IT support will be rewarded, it can still be an uphill battle.

The company has now evolved further, and expanded a little, and has adopted the hybrid method of working, saving money on floor space, fuel and light etc. But this has come with problems of its own which we’ll look at next week.

Here at H2 we have spent a lot of time and energy researching solutions for the SME sector that will provide affordable and flexible one-off and ongoing data protection and cyber risk protection services.
To learn more about the services we provide please click here https://www.hah2.co.uk/
Please feel free to give us a call or email
Alternatively, you can book a slot using our Calendly link, https://calendly.com/kevin_hah2
T: 0845 5443742
M: 07702 019060
E: [email protected]
Trust H2 – Making sure your information is secure

27/03/2024

🚀 System Management at its finest! 🔧 We're committed to streamlining and enhancing your systems for peak performance. Your Systems, Our Expertise! 💼 Learn more at https://nglobals.com/ and let's revolutionise your operations together! 📈

27/03/2024

🚀 Ready to break the mould with your website? Look no further! 💻 Our team at NGlobals specialises in Web Design & Development that goes beyond boundaries. 🌟 From customised designs to powerful analytics, we're here to elevate your online presence. Your site is crafted with precision and purpose so let's think outside the box together! 💡 Discover more at https://nglobals.com/] 🌐✨

26/03/2024

AV is a much debated subject and opinions are not as clear cut as one might suppose. I've heard comments ranging from it's still a just have, to it's a bit of a waste of money, not that the AV vendors are worried as most are still going to buy it, even if only as belt and braces. So what's at the bottom of the argument from those that are bit skeptical of AVs effectiveness? I think that, in part at least, it comes from the market that I work in, ie the SME market, where I think most of us agree, that they are far more likely to fall victims of a scam, rather than a technical hack. Of course, AV can help out there, no doubt, but it plays catch up all the time. By that I mean it often struggles with zero day type signatures. So when an email arrive, for instance, that is a phishing attack, ransomware attack, or similar, focused on getting an employee to click on a link to trigger some sort of payload, it won't necessarily be picked up when clicked it it's new. I'll never let go of the argument that the best defence is often a well trained staff who have a good chance of spotting a scam. But it you want to automate your defence, then a system whereby unauthorised executable files are blocked before they can be run, is a great alternative to conventional AV.

How that works is quite simple. The system takes around 30 days to identify all executables that are necessary to the organisation to function, and builds a white list. Following that anything that attempts to run that isn't on the white list, gets blocked, therefore malware simply can't execute. Of course that white list can be amended at anytime, for instance if a program only runs quarterly and didn't get picked up by the 30 day discovery, or a new piece of software is added. And of course it needs to be cloud based so that it works regardless of where the end point is located.

Do you know of such a system? We do, you can book a call via our website, www.hah2.co.uk.

25/03/2024

Cyber Crime is often seen as a bit of a black art in that how it's done is poorly understood and many assume it's a highly technical skill. And of course, there are attacks, or hacks, that are highly technical, but it starts with a very non technical process. Cyber criminals generally start with profiling your organisation and its employees. There's a lot of information out there which can be obtained with little effort or cost. Check out Company's House. They hold lots of information on you company, its board members and latest filings, providing a criminal with the names of who to target, and if your company is financially worth targeting.

Social Media becomes an very important stop for the criminal. You maybe surprised at just how much information can be gained. Isn't it great when Jane from accounts payable puts up a post saying what a great company it is to work for, or perhaps puts up a selfie of her and her work mates in the accounts department, once again giving another layer of who to target for the next scam.

There's a whole lot more to this, but how much better if your staff understand the imoplications of how criminals approach this and asre aware of what to look out for. Simple procedures, at no or little cost, can save money, time and reputational damage, and perhaps, your business.

I never tire of saying that cyber awareness training is the most effective quick win you can take to safeguard your business from cyber crime. What to know more - try our website, www.hah2.co.uk.

25/03/2024

Check out our website today https://nglobals.com/ then get in touch for all your website, mobile APP & bespoke software needs!

24/03/2024

As we travel around and visits clients or potential clients, it is common to find that they have the view that adequate security is provided by technology. They rely on their IT provider to provide the guidance they need which tends to involve firewalls, anti-malware software and perhaps a back up regime. All well and dandy. A quote from Bruce Schneier, Fellow at the Berkman Center for Internet & Society at Harvard Law School, goes like this:

‘If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology’.

Your biggest business asset is your information. It is this that cyber criminals are after, be this financial information, personal information, or business sensitive information.
Unfortunately many businesses don’t understand the true value of their information, leading to a ‘one size fits all’ approach to cyber security which typically means some information is over protected whilst other data is under protected, both of which have a monetary and threat impact.
H2 has developed a risk assessment process, tailored to your specific needs, to remedy this, and ensure your information is effectively protected at the right cost. Called the Information Risk Assessment and Management (IRAM) process, it involves the following three phases:
Phase 1: Initial Assessment - H2 conducts an assessment reviewing your existing information security, data protection protocols, technical security controls, and processes and procedures to determine their effectiveness and appropriateness.
Phase 2: Implementation of recommendations - Working to your timescale and budget, H2 implements the recommended changes identified in the initial assessment. This could include introducing simple changes to your processes, all the way through to implementing technical solutions that provide effective protection from threats.
Phase 3: Education, ongoing security management, review and maintenance - People within a business come and go, and cyber threats and risks are continually evolving. Due to this, H2 works with you to develop an appropriate package of staff training and security system maintenance activities that keep you protected in the long term. Available on a retainer (as needed) or monthly subscription basis, this phase ensures your business is fully IRAM compliant.

24/03/2024

Struggling with managing your business across multiple platforms?
Maltix is here to help! We offer a seamless, all-in-one solution that lets you:

Promote your business
Share and receive customer details
Showcase and sell products and services ️
Take payments and subscriptions
Sell event tickets and webinars
Manage special offers
And the best part? You can do it all anytime, anywhere, on any device - from your smartphone to your laptop! Maltix is also super affordable.

No time to deal with the tech stuff? No problem! Our team of trained virtual assistants (VAs) can handle onboarding, troubleshoot any issues, and make day-to-day changes for you. This way, you can focus on what matters most - running your business!

Plus, Maltix includes a built-in chat facility and knowledge base for your business! Isn't that amazing?

Stop wasting time and money on complicated tech solutions. Maltix is the answer!

Stop your search, register on https://Maltix.co.uk

24/03/2024

With the demise of COVID lockdown measures, it is noticeable that the coffee shop keyboard warriors have returned in strength. I dropped into one reently for my caffeine infusion, and there were 4 people with their laptops open, working away on business issues. At least 2 had spreadsheets open (and easy to read if you were sitting behind them), and all had their email open.

Of course, this is nothing new, but is it a safe thing to be doing? A recent survey suggests that a high proportion of the connections to unsecured Wi-Fi networks result in hacking incidents, often from working in coffee shops, and other public places.

If you are among those Wi-Fi lovers, there’s bad news for you… your online privacy and security are at risk, as long as you rely on the weak to non-existent Wi-Fi security protocols at coffee shops. This means that you could be exposed to various threats such as data theft/breaches, introducing malware to your business network and that of your customers/suppliers. This list is not exhaustive.

Free or public Wi-Fi’s are hotspots for hackers and data snoopers who want to steal your data. You will be surprised to know the different ways hackers can compromise your device or your private information and why you shouldn’t rely on Wi-Fi security at coffee shops as they come with definite risks.

Coffee shops are the most popular spots for people to sit and relax, drink coffee or eat their preferred food items. Perhaps, their popularity is what makes them dangerous when it comes to mobile security. When you rely too much on the Wi-Fi security at coffee shops, you fall into the traps that criminals have laid out for you.

Coffee shops may be considered as dangerous venues when it comes to your online security. However, it doesn’t necessarily need to be! Security awareness amongst employees and individuals is of paramount importance, and there are a number of technical implementations that can be undertaken to allow for this practice to continue safely.

22/03/2024

The last few years have been strange, to say the least. But arguably the biggest effect it has had on the way we do business has been the necessity for working remotely. Many SMEs had very little experience of this and were bounced into it with very little time to prepare, or to understand many of the implications of what this actually meant.
Businesses of all sizes have been forced to transform their operations to support remote work and by and large have done pretty well, but not without many challenges—including video conferencing burn out, (along with wishing they’d taken out shares in Zoom!!), and a yearning to actually work together in person again, someday. We all realise that group working, face to face, is often necessary not just for efficiency, but because we are social animals. Experience has taught many businesses many things, but strangely, to my mind at least, many have simply not grasped the potentially dire consequences in terms of Cyber security and data protection.
A distributed work environment ie personnel spread around various locations home working, creates critical challenges and new security threats as a result. The speed with which this has happened has meant that many simply did not take this into account and if they did, thought, well, this is temporary and it won’t matter in the long run. Well perhaps, but as many are now finding, there have been advantages to home working, not least a lowering of costs in terms of how much office space is actually needed to carry out the business function. Many are now looking at Hybrid working ie from home with a day or two in the office during the week. There are pros and cons to this outside of the scope of this article, and businesses will have to make their own judgements, but one thing is clear and that is that businesses need to understand the risks now inherent in distributed work, and need to get better are cyber security and data protection, in those environments.
Employees working remotely, are at much greater risk than those in offices. Since remote connections are less secure, cybercriminals have an easier entry into the company network. Furthermore, the explosion of various online tools, solutions, and services for collaboration and productivity tend to have the bare minimum of security default setting, and updates from third-party vendors can change security preferences and be easily overlooked.
Here at H2 we specialise in working with SMEs, we understand their issues and their budgetary constraints. We provide them the advice, guidance and solutions they require and a price they can afford, using our experience and training, gained over many years in this arena, to come up with those solutions.

21/03/2024

✨ Hold the vision, trust the process ✨

We all have dreams and goals that we want to achieve in life. But sometimes, the journey towards our vision can be tough and challenging. That's when we need to remind ourselves to hold onto our vision and trust the process.

Because let's face it, the path to success is not always smooth and easy. There will be obstacles, setbacks, and failures along the way. But it's important to remember that these are all part of the process. They help us grow, learn, and become stronger.

So don't give up on your dreams, no matter how difficult the road may seem. Keep your vision in sight and continue working towards it. Believe in yourself, and trust that everything will fall into place at the right time.

It's not always easy, but it's essential. Resilience and persistence are key in this journey towards our dreams. So keep going, keep pushing, and never lose sight of your vision. Your hard work and determination will pay off, and your dream will become a reality.

💫

20/03/2024

Data Breaches – How bad could it be?

“Fujitsu Hacked - Attackers Stolen Personal Information”

Fujitsu confirmed a cyberattack that led hackers to steal personal data and customer information.

Now there’s a headline to put fear into their customers, both current and potential. Not a great look for one of our premier IT system integrators and manufacturers.

But what’s that got to do with me you say? I don’t have any Fujitsu kit and I’m way too small to feature on the radar of a hacker or team of hackers, that would target someone like this. OK, maybe true, maybe not so true.

Did you know that since 2005 the Information Commissioners Office (ICO) has ruled on 13,500 freedom of information and environmental information cases. Many of these would be classed as SMEs and small government departments, particularly local government. Last year alone, 86 enforcement actions were taken which included 37 reprimands, 24 enforcement notices, 23 monetary penalties and 2 prosecutions. Fines of around 80K are not uncommon, and a fine of that size would be a severe blow to an SME. The ICO has issued fines totalling ÂŁ590,000 to five companies for collectively making 1.9 million unwanted marketing calls which targeted the elderly and people with vulnerabilities.

Fines and enforcement notices cannot be hidden, they are published on the ICO website for all to see, which can have an impact on the reputations of companies, adding to the pain of any fine caused by a unwanted marketing calls or data breaches.

In practice though, the ICO is not there to put you out of business and the chances of a fine of anywhere near the maximum, being applied to an SME, is low but not impossible.

It is, for most SMEs, about doing what is reasonable to prevent a data breach. That will include having the right policies and procedures, known to all staff, and rolled out. Don’t play lip service to this, you will be found out. It is important to be aware of the threat and take the necessary actions to prevent breaches.

Lack of adequate data security is an important basis for imposing fines. Are you one of the SMEs who has swallowed the line that a firewall and some anti-virus, plus cloud storage, is all you need?

In addition to inadequate security, one of the frequent reasons for imposing a penalty is failure to report a violation despite the obligation under the law. Have you got that covered with an adequate policy and process in place and understood?

This can all be a real nightmare for many SMEs, particularly those with a large amount of personal data, much of which they can’t ditch. For example, financial data which under other legislation, they must keep for 7 years. I’m thinking about Estate Agents and financial advisors, even solicitors who I find are very good at telling others what they need to do to comply with the Act but aren’t so hot on how to do it.

One of the biggest issues I find with SMEs, is that they often think they know where all their data is but get quite a surprise when they discover multiple instances of the same data set. This has become a real issue since COVID, in that remote working is becoming normal and it’s a real temptation for an employee, working from home with possibly less than robust broadband, to copy data from cloud storage to their PC or laptop to ensure they can keep working on it. Then they upload it again when they’ve finished but forget to delete their copy. That’s just one instance but it is vital to understand where all this data is. What if for instance, you get what is known as a subject access request, where a client or other member of the public wants to know exactly what personal data you have on them, and why. I spoke to a financial advisor recently who told me that it took one of their partners off the road for 3 weeks, to discover where all the data was kept on just one person. But under the law, they had no choice but to bite the bullet.

We’ve been pondering these problems for some time, and they boil down to processing and storing the data securely and being able to quickly lay your hands on it. There are several systems on the market which will capture where your data is, and who has access to it, generally under the banner of Data Loss Prevention, or DLP. These systems are based on an event-driven approach and require extensive ongoing rules management built for LAN/WAN perimeters and are becoming much less effective working in an increasingly perimeter less environment.

Local and Wide area networks and the notion of a security perimeter are no longer valid with the transition to hybrid cloud, work-from-home, and zero-trust architecture. In such a setup, sensitive files are spread across on-premises repositories (File Server, NAS) and different cloud-based repositories. These cloud-based repositories are divided between the ones that you manage (managed cloud, such as organisational OneDrive), shadow IT (such as communication apps like slack or WhatsApp), and 3rd party portals. We needed an answer to this new data landscape with a cross-platform discovery functionality, coupled with the data flow monitoring capabilities.
We came across Actifile, which works very differently to a standard DLP, which in any case, often requires other tools to provide the security functionality needed. Actifile is based on analysing data risks and applying pre-emptive encryption that handles both external threats and insider carelessness, all in the world of no security perimeters. Moreover, Actifile’s set and forget method, requires little to no maintenance, and can be up and running securing data, in less than 3 working days providing a detailed breakdown of the data risk and leverages the data risk for data flow monitoring, auditing and remediation. This approach greatly simplifies the process.
Actifile is a cloud-based management platform coupled with a lean agent for workstations (both Windows and Mac), File Servers, NAS and Terminal Servers, and a sidecar docker instance for cloud-based file shares (. i.e., OneDrive).

Step 1: Data Risk Discovery and Quantification

Based on predefined privacy regulations and PII definitions, Actifile immediately starts scans for sensitive data using smart patterns. Actifile then quantifies data risk per PII type in local currencies.

Step 2: Data Risk Monitoring and Auditing

Tracks and audits data risk in real-time by continually monitoring incoming and outgoing sensitive data flows from and to the perimeter-less organization.

Step 3: Data Risk Remediation by Encryption

Our patented transparent encryption process automatically secures sensitive data across all endpoints, cloud apps, 3rd party portals, and shadow IT. The entire process, from initial deployment through data risk analysis to remediation by automatic encryption takes as little as 72 hours.

Finally, and importantly, it is very light on administration, quick to set up and we are offering a 30 day trial at no cost. If you don’t like it, we take it away.
H2 provides affordable and flexible one-off and ongoing data protection and cyber risk protection services.
To learn more about the services we provide please click here https://www.hah2.co.uk/
Alternatively, please feel free to give us a call, email or book a time slot for a chat:
T: 0845 5443742
M: 07702 019060
E: [email protected]
Trust H2 – Making sure your information is secure

Address


Telephone

+441746218290

Website

Alerts

Be the first to know and let us send you an email when Promote Computer & Web News posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Promote Computer & Web News:

Shortcuts

  • Address
  • Telephone
  • Alerts
  • Contact The Business
  • Claim ownership or report listing

  • Want your business to be the top-listed Media Company?

Share