Cybersecurity & Mobile Security Tip for Businesses!

Cybersecurity is becoming more and more of an issue for businesses, as security attacks are evolving at an alarming rate. Last year in particular saw a number of high profile security breaches, such as; Heartbleed and Shellshock, positioning cybersecurity as a major concern for businesses and individuals alike. So here are 10 tips on how to protect your business against cyber-attacks:

1.       Establish basic security practices and educate all of your employees in these practices. This will help ensure all of your employees understand how to handle and protect vital business and customer information.

2.       Make sure all computers and networks are protected, by making sure that anti-virus, anti-spyware and firewall software is installed and kept up to date on all corporate PCs. It is also in good practice to schedule regular anti-virus scans on all PCs.

3.       Protect your internet connection with firewall security and make sure that firewalls are maintained. It is also important to make sure that employees who work from home have a secure internet connection.

4.       It is vital to keep your operating system and all your software up to date, by installing the latest updates and security patches. Updates can be set to install automatically, saving time and ensuring they are installed as soon as they are available. (Cyber criminals will take advantage of vulnerabilities found in out of date or unpatched software)

5.       Employ some form of disaster recovery and backup strategy, to regularly backup all of your data. In the case that your computer does become infected, you will be able to restore all your files once the malware has been deleted.

6.       Don’t allow unauthorised individuals to use business computers and secure your Wi-Fi network with passwords (preferably not the password that the device came with).

7.       Ensure all employees use a strong password, one that uses a mix of numbers, upper and lower case letters and symbols. Also make sure passwords are changed regularly.

8.       Limit employee’s access and authority according to their roles. Only provide access to the specific data systems that are needed to carry out their roles.

9.       Make sure all employees know to avoid opening emails or email attachments from unknown sources or that don’t appear to be legit. It is often the case that email attachments carry malware so be cautious and one infected PC could put the whole network at risk.

10.   Enforce strict rules about installing new software and only install software from trusted sites. 

       The number of businesses allowing for BYOD is increasing, and so it is important for them to keep their data secure on all devices. Malware is not just a problem for PC’s, as cybercriminals have taken to hiding their malicious codes inside mobile apps. So we have some Security Tips to protect your Mobile Workforce.

7 Tips for a Secure Mobile Network:

1.       Don’t let mobile security be your blind spot; mobile devices need the same protection as your corporate PC’s, so implement security precautions on all mobile devices.

2.       Add security measures to your wireless network - a password or security key can keep unauthorised devices from accessing your wireless connection. Encryption technology can also help, by protecting the information transmitted through your network.

3.       Encourage employees who use mobile devices for business purposes, to password protect their devices and set them to lock within five minutes. Passwords act as a first line of defence should the device fall into the wrong hands.

4.       Educate your users about carefully examining app permissions before granting access. Most apps ask for access to many unnecessary features on your device.

5.       Develop a policy item to determine which apps can be downloaded or accessed via the corporate network. If an app has a weakness it is easier to hack, posing a threat to your corporate security.

6.       Lose it, Lock it, Wipe it - download an app on your mobile devices that allows you and your employees to lock and wipe the device in the event of theft or loss. Should your device be gone for good such apps will enable you to wipe all of your data including text messages, contacts, photos, email, browser history and user accounts.

7.      Update apps as soon as you are prompted to, as updates can include fixes to new vulnerabilities and exploited security gaps.

For any more information on how to keep your corporate date secure, contact one of the team on 01723 587240

Read More

Mobile Security - A Business Must Have!

Mobile security is becoming increasingly more important for businesses; due to the significant increase in bring your own device (BYOD) workforces. Companies put a lot of effort into building up their network defences for PCs, however most seem to overlook smartphone security, but there are now a great deal more mobile devices than PCs.

The BYOD policy has completely changed the way in which organisations need to approach their network security. Mobile devices have the ability of working inside and outside of the corporate network and can automatically connect to the corporate system, accessing sensitive data and then connect to other networks outside of the organisation. This is all done while bypassing the intense security measures built for PCs, potentially exposing your company data. 

Symantec’s 2013 Norton Report showed that nearly half of smartphone and tablet users don’t use basic precautions such as passwords and security software and that 57% were unaware that security solutions are available for mobile devices. Also according to a study from BT, 41% of UK organisations were hit by mobile security breaches. These are worrying statistics for organisations which allow for BYOD, and so it is important to make sure everyone in your organisation is aware of the importance of mobile security.

Loss and theft both pose a big threat to mobile security, as mobile devices are more vulnerable to loss and theft than PCs. Once lost or stolen any corporate data is at risk without proper security in place, such as passwords, encryption, multi-factor authentication app or apps that allow you to remotely wipe your device in the event that it is lost or stolen. 

Applications also pose one of the biggest threats to mobile security as the number of organisations building their own apps to fit their business needs is growing, with 48 % of businesses expecting to increase their mobile app budgets. Purpose built apps are useful for businesses, however they are also the weakest point of entry for cyber-criminals. Applications have to ask for access to many features on your device, however very few users examine these permissions, making it easier for malicious app developers to gain unnecessary permissions.

While applications, loss and theft pose some of the biggest threats to mobile security there are other threats that you need to protect yourself from. Lookout have suggested that mobile security threats usually fall into one of the following four key categories; application-based, web-based, network-based and physical. Each of these categories can be broken down into further threats, details of which can be found here.

Keep watching our blog for tips on how to keep your business protected from mobile and cybersecurity threats.

Read More

Cybersecurity set to be big issue for Businesses...

Last year saw a number of highly evolved cyber-attacks and data breaches across the globe, with server vulnerabilities such as Heartbleed and Shellshock taking center stage. As a result of the number of high profile security breaches and cyber-attacks, Cybersecurity has been positioned as a key priority for organisations in 2015.

Cyber-security attacks are evolving at an alarming rate, and so the cyber-security products available to businesses are rapidly evolving to keep ahead of cyber criminals.  Therefore it is more important than ever for businesses to keep up to date with the latest versions and updates of their firewalls, antivirus software, intrusion detection/protection systems, VPNs or any other security they may have in place. On top of this it is a good idea for businesses to reassess their cybersecurity practices periodically to ensure they have the best protection available to them.

Cyber security threats come in a wide range of shapes and sizes, such as; malware injection, phishing, social engineering, internal stealing of data among others. However ransomware has been one of the most common forms of malware used over the past few years, and Symantec’s 2014 Internet Security Threat Report noted that ransomware attacks grew by 500 percent in the latter part of 2013. Scammers also continued to run profitable ransomware scams last year, with Cryptolocker making up 55 percent of all ransomware in October 2014 alone.

With the wide range of security products available for businesses, such as; anti-viruses, firewalls, encryption software, intrusion detection/protection systems, it is easy to overlook the need for secure passwords. Passwords still provide the first level of defence against hackers and so it is still important to make your passwords as secure as possible. So why not make sure your password isn’t on SplashData’s worst passwords of 2014 list:

1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football

The full list can be found here… “Worst Passwords of 2014”

Read More

Step by step guide to set up email on your iPhone

Email set up is often the first step in setting up a new phone; however it is also one of the most common problems on our helpdesk. So here is a step by step guide to setting up your work email on an iPhone...

Firstly launch the settings app by selecting the settings icon on your home screen. (It usually looks something like the image below)

After selecting the settings icon, you need to select Mail, Contacts, Calendars from the list. Then you will need to select Add Account followed by Microsoft Exchange.

On the next screen you will need to enter the following information:

1. Email – enter your entire email address, using all lowercase letters
2. Domain – leave this field empty
3. Username – enter your entire email address again
4. Password – enter the password for your email account
5. Description – enter a descriptive name for your account (eg. Work)

Once complete tap the next button and your device will attempt to verify your account.

If you receive an “Unable to Verify Certificate” message tap the accept button, the device will then continue verifying the account. Once complete tap the Server field, and enter in connect.emailsrvr.com

Tap the next button and the device will then try to create a secure (SSL) connection to your Exchange server. When connected, you will see check marks along your settings to confirm that the account has been verified.

Finally tap the ON/OFF buttons to select which information to synchronize with the Exchange server and then tap Save to finish.

For more step by step guides like this follow us on LinkedIn 

Read More

Windows Server 2003 End of Life - Be Prepared!

Last year we saw Microsoft retire both Windows XP and Office 2003 and this year will see Microsoft retire yet another product. Windows Server 2003 is the latest Microsoft product nearing its end of life date of July 14, 2015.

What does End of Life mean for end users?

Every product we use is likely to have a lifecycle, and Microsoft products are no different. All that Microsoft mean by the end of life of any of their products, Windows Server 2003 included, is that Microsoft will no longer support the product. Ultimately this means that Microsoft will no longer provide automatic fixes, updates or online technical support for retired products. 

After July 14, 2015 Windows Server 2003 will no longer receive assisted technical support from Microsoft, software and content updates or the security patches that help provide protection from harmful viruses, spyware and other malicious software, thus resulting  in an unsecured and unstable infrastructure for your business. Not migrating away from Windows Server 2003 will expose you to an elevated risk of cybersecurity dangers or malicious attacks.  

Continuing to use an unsupported server operating system would not only leave you vulnerable to hackers and security attacks, but it could end up costing your business a small fortune in maintenance costs. After July 14, 2015 you will need intrusion detection systems, advanced firewalls and network segmentation  to protect the vulnerable Windows Server 2003 platform, and the cost for maintaining ageing hardware will continue increasing with time. Also you may find that using an unsupported server operating system will result in a failure to meet industry wide compliance standards, which could ultimately result in a loss of business.

Another reason to migrate away from Windows Server 2003 before the end of life date is the fact that new software and hardware devices will no longer be built to integrate with Windows Server 2003, thus resulting in compatibility issues when updating software or hardware.

Act Now – Discover your upgrade options

As we explored above it is highly unadvisable to continue using Windows Server 2003 after it reaches its end of life, and so the only remaining option is to upgrade.  It is important to start your upgrade early as it will take a lot of planning and executing, and leaving it until the last minute is a big risk to take.

Here are the four key steps for migrating away from Windows Server 2003 as; discover, access, target and migrate.  

 Step 1 – Discover:

It is highly recommended that you start by finding out and cataloging the applications and workloads you have running on Windows Server 2003. It is vital that you catolog everything that you have running on Windows Server 2003, as this will help insure that nothing is omitted from the migration.

Whether you use the Microsoft self-service toolkit or collaborate with a Microsoft Partner this process is a lengthy yet essential part of the migration planning.

Step 2 – Assess:

Once you have a complete catalog of applications and workloads, it is time to assess its contents. This means categorising and analysing your applications and workloads based on four key factors, type, importance, complexity and risk. This assessment will allow you to prioritise workloads and applications for migration, while also helping identify and issues.

Step 3 – Target:

In this step you need to determine a migration destination for each application and workload. The choice of destination will be driven by factors such as speed, ease of migration, cost and desired functionality, with the most common choice being Windows Server 2012 R2.

Step 4 – Migrate:

The final step is to execute the migration, however finding the right migration plan may require additional analysis and assistance. Such assistance is available from Practical Networks a trusted Microsoft Partner.

If you would like more information or any assistance with your migration, please do not hesitate to get in touch with either David Philps or Andy Potts on 01723 587240.

Read More

BYOD enable your business with VMware Horizon View

In our current device centric environment, end users expect to be able to stay connected to their professional networks via mobile devices and that’s where this quarter’s software pick comes in. This quarter we have chosen to introduce you to VMware Horizon View, a software that provides an agile and adaptive approach to computing, enabling IT to balance business requirements with the needs of end users.

What is Horizon View?

Horizon View is complete solution for desktop and application virtualisation, brought to us by VMware.  Horizon View offers organisations the flexibility to meet the needs of a mobile and global workforce, all while maintain extremely high levels of security and control. This is done by placing all of your organisation’s desktops into one centralised managed service, keeping all your desktops in one place where you can easily manage and customise desktops to fit the needs of your end-users.

Transforming your desktops into virtual machines with Horizon View will simplify tasks such as troubleshooting and provisioning and will also dramatically reduce the cost of managing each user desktop.  In addition, as all of your data will be stored on virtual desktops your users will be able to access their personal settings and data from any device, in any location, making for better user experience and increased productivity.

Horizon View is made up of numerous components, such as:

• VMware vSphere Desktop (including vShield Endpoint)
• VMware vCenter Server Desktop
•  Horizon View Manager
•  VMware ThinApp
•  Horizon View Persona Management
•  Horizon View Composer
•  Horizon View Client

This combination of components allows Horizon View to provide you with secure, compliant and easily manageable virtual desktops throughout your organisation.

The Benefits

Desktop virtualisation with Horizon View offers numerous benefits to organisations of all shapes and sizes. These benefits include:

Horizon View is the only end-to-end solution that simplifies IT management, increases security and increases control of end-user access while decreasing costs by centrally delivering desktop services from your cloud. For more information about VMware Horizon View you can download the datasheet here, alternatively contact Andy on 01723 587240.  

Read More

How to set up Email on an Android Phone...

Email set-up is often the first step in setting up a new phone; however it is also one of the most common problems on our helpdesk. So here is a step by step guide to setting up your work email on an Android phone...

Firstly launch the email app by selecting the email icon on your home screen. (It usually looks something like the image below)

On the next screen you will be prompted to enter your full email address and password, once you have done so press next.

On the next screen you will be prompted to select the type of account, select the Exchange account option.

Next you will be prompted to enter your full email address in the Domain/Username field (in some cases a backslash may automatically be added to the beginning of your email address). Make sure that the Use Secure Connection (SSL) option is selected before pressing next.

Once you click next you device will start Checking Incoming Server Settings, then on the next screen select OK to allow it to remotely control some security features on your phone.

On the next screen you will see the Accounts Options; all you need to do is select all that apply to you. 

On the final screen you give the account a descriptive name of your choice and then select Done.

Got an Iphone? Keep a look out for our blog on how to set up email on an Iphone. It's coming soon!

Read More