Testing detail here carousel1
Hello world!
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!
3 Steps to avoid being targeted by phishing scams
Businesses are seeing an increase in the number of malicious emails being received on a daily basis, with it being estimated that nearly half of all emails received are now spam. Email is an effective method of cyber attackers reaching your end users and infecting your network with ransomware.
How do phishing scams work?
Phishing scams work by posing as legitim
ate emails from colleagues, clients or other “trusted” senders but often contain a link or attachment containing a virus. Once clicked, this can give the attackers access to your network, at which point they can do things like start to encrypt files before demanding a ransom to recover them. In fact, 93% of phishing emails contain encryption ransomware. This can be a huge issue, both in terms of security and data protection, and financially. So how can you protect your end users and internal infrastructure and help to avoid being targeted by phishing scams?
3 Steps to Phishing Freedom!!
1. Increased employee awareness
Education is one of the most important things that you can do to help avoid falling target to phishing scams. Describing the things to look out for in suspicious emails that may appear normal and unsuspicious could save your users from clicking on the links or attachments that would otherwise give access to the attackers.
2. Change employee behaviour
Increased awareness for your users will help them to check before clicking on attachments or links that they are not expecting. Changing this behaviour is one of the biggest ways to prevent cyber-attacks through phishing scams.
3. Utilise PhishMe with Systems Assurance Ltd
This is where the PhishMe Simulator comes in. By replicated real-life phishing scenarios, it can provide you with experience receiving this type of email and then you can educate them accordingly and help them to spot the emails… without the risk! Scenarios range from ransomware emails, to BEC (Business Email Compromise), spear phishing, social engineering, drive-by attacks, advanced conversational phishing attacks and malware and malicious attachments. This is an effective and unbiased way to address where there are weaknesses and deliver greater training where needed.
What could Phishing Mitigation Managed Services bring to your business?
Systems Assurance offers Phishing Mitigation Services to their customers to reduce their susceptibility to phishing attacks by over 95% through simulations and training. This can also highlight weaker areas that can then be addressed.
At the same time, Systems Assurance can provide any security, disaster recovery planning and backup strategies so that you can protect your users should they fall victim to a particularly convincing scam.
Get in touch with Systems Assurance today to find out more on 0114 292 2911 or consult@systemsassurance.com
Solid State Drives
I’ve recently been spending some time trying to speed up my PC. As usual over time, performance seemed to have become a bit sluggish, so a disk and registry clean-up, un-install session and a defrag was in order.
All done but I’m still not happy! This machine should be flying – so whats going wrong? So I set about some analysis of what my machine is actually doing. After some indepth monitoring of my performance monitor in the Windows Task Manager I realised the processor was hardly doing anything, the memory was only half used and the gigabit network card was practically on tick-over.
So why do I still sometimes have laggy performance when doing simple windows tasks. After a process of elimination my focus turned to the hard drive. I found out I had a Seagate 7200rpm SATA drive with 2MB cache. Seems reasonable to me for a year old desktop machine. But the more I monitored performance the more I realised this was now the weakest link in my machine. So on I moved to research the latest drives. Solid State Drives (SSD) and more importantly to see if I could justify the cost of an upgrade to save me a few, but an annoying few, seconds!
To my pleasant surprise I found the prices have come down to something very affordable and in terms of size I don’t really need huge capacity. Most of my data is stored centrally on our server so I really just need enough space for the Operating System and some of my key applications. So I turned to my trusty back issues of PC Pro magazine. Bingo! A labs section review of Solid State Drives in the June issue. After a quick read and a check on our site for prices I’d settled on the “PC Pro Recommended” Intel X25-M 80GB Drive (SSDSA2MH080G2R5) at £141.00ex VAT.
The tiny drive arrived in a small retail box and comes with a mounting bracket to allow it to fit neatly into a desktop machine. I swapped the SATA cable from the existing drive onto the SSD and attached my current hard drive to another SATA connection, then set about loading Windows from scratch. Immediately there is a significant speed difference as the obligatory reboots whilst installing and applying updates are noticeably faster. After a couple of hours of re-installing all my applications I was ready to go.
Wow! Now I’m really flying! Applications appear on screen as if they have just been minimised, not loaded from scratch. There’s no point trying to give you any time measurements – Everything is just the blink of an eye. It’s the best £141 I’ve spent in years. I think our standard PC configuration will be changed to incorporate these drives as standard since non of our users need large local drive space and when you offset the cost against a normal drive then you are only looking at around £100 premium. Admittedly I did pick a “PC Pro recommended” drive, and they did find some “dogs” that gave no noticable speed increase over a normal hard drive. So if you are thinking of trying this kind of upgrade then do your research or stick to this drive.
If you are still not convinced watch this amazing video from Intel comparing the speed of an SSD to a traditional hard drive. Good luck with your upgrade!
Windows 10 – First look and thoughts
It seems like Microsoft with Windows 10 are finally recognising that desktop computing is still alive and kicking; similarities to the Windows 7 desktop have been resurrected with some great improvements.
However users aren’t going to adopt the new operating system just because they’ve brought features back from 10 years ago!! They’re trying to appeal to everyone and really there are only two key types of buyers that lead the majority of Microsoft business customers; After all, win business over and the rest will follow…
Back in March 2014 Windows 8 & 8.1 had a combined market share of 10.7%, compared to Windows 7 with just over 47%. IT Managers decide which operating systems get deployed to their users, not users; something I think Microsoft sometimes forget. Great looking GUI’s with glorious store fronts and Apps aren’t going to attract an IT Manager that is responsible for hundreds of users. Likewise, Managing Directors and Finance Directors aren’t exactly impressed with the freedom of information being blasted straight to their employees desktops.
‘Windows 10 needs to get back to basics, doing the core stuff fast, securely and easily. ‘
Many of our customers were forced to Windows 7 from XP, customers are now being forced from 7 to 8.0 and 8.1. Don’t push us…if we feel the product is right (and trust me, every tech in the land is wanting their grubby little hands on it to see if it makes the grade) then we’ll push our companies towards it.
We want to know what the advantages are for two key types of people:
1. IT staff rolling out the deployments
2. Directors who want to improve the efficiency of their staff.
Everyone else can just get in line!
If you want a sneak preview and beta testing copies then visit the Microsoft Blog.
4 steps to preventing cyber security threats in your business
Cyber threats are a risk to SMEs on a daily basis, and in many cases, SMEs are targeted more frequently than larger enterprises. Cyber-attacks can be costly both financially and in terms of business reputation and legal standing. Awareness and preparation are key to looking out for security threats and preventing them from materialising into a genuine threat. So what are the main things for you to look out for?
Phishing is on the rise
One of the most recently increasing cybersecurity threats is phishing or spear phishing. This involves creating emails to appear as if they’re from a trusted source (like a colleague, boss or client who is in regular contact with the business) containing a link which they are encouraged to click on. This allows the cybercriminals to gain access to the network and encrypt data until the business pays a ransom to “unlock” their files and data. To prevent this, and other malware attacks, you should be aware of the risks, shown how to spot phishing emails, and encouraged to ask questions before opening any links you are not expecting to receive. At the same time, regular backups should be taken so that data is recoverable even if it is compromised.
Internal sabotage and data access
Of course, SMEs are not only at risk from external threats – there is a chance that internal employees could also pose cybersecurity risks. Disgruntled employees or past employees who are able to access highly confidential information have the ability to cause real damage to your business. It is important to keep track of employee access, removing accounts and users once people leave, and implementing restrictions at different levels to limit the volume of confidential data that employees have access to so that it is only those who are required to view specific information that can see it.
BYOD device and remote working threats
The chances are that many of your employees are not going to set out to sabotage their business and compromise data security maliciously; however, there are ways that employees also increase cybersecurity threats without realising. The most common of these threats is due to Bring Your Own Device (BYOD) schemes which allow employees to work remotely from their mobile devices. The problem is that data can then be accessed on-the-go and connect to unsecured networks, or devices can be stolen. To prevent data being compromised, you should ensure that passwords and access are restricted to allow only necessary access and that remote access is gained using a secure VPN – which is essential if employees are working linked to a public WiFi network.
Prevention through education
There are many cyber threats that SMEs face every day, but it is not impossible to reduce the risk of you falling victim to these attacks. Educating your users and delivering cybersecurity training is central to ensuring that they don’t make themselves likely to be targeted. If you’re looking to spend time training your users, or implementing new areas of cyber security but don’t have the in-house resources to do so, give Systems Assurance a call today on 0114 292 2911 to discuss our services.
Helping out the Oil Industry..
Shell Oil & Gas Emergency Control Room Deployment
We’re proud to be providing professional services to some big players in the Oil & Gas industry…
With the relocation to their new premises, AJS V.o.F. needed to upgrade their offices to state of the art automated emergency control rooms for their clients, Shell, AMEC, Jacobs and Stork Industry Services Netherlands B.V.
AJS V.o.F being a joint venture with several Oil companies, the remit was to turn normal office rooms in to fully automated emergency control rooms. The room needed to be managed with minimum user input, compatible with a wide array of new and legacy equipment and most importantly, reliable. As AJS V.o.F. represented several companies, differing company infrastructure would be applied once in the room. Varying group policies, access control methods and a multitude of devices all needed to be compatible.
Cloud battle catchup…slowly!
I’m a firm believer in Microsoft products! Not because they’re particularly good but they’re used (tested) by the masses so eventually catchup with whatever is out there! Interestingly, Google just announced they’re killing their free version of Google Apps for business; despite claims they would ‘never lose their roots’!! Well your roots are stunted…their offering was a good idea but like all good ideas, they get copied….better! And going back to my original point, Microsoft is great at ‘catching up’.
Their cloud storage product, Azure came down in price recently too, matching that of Google and Amazon. Like I say, they catch up! For price comparisons visit this Register article or to sign up to a free 90 days of Azure, click here.
Office 365 is gaining momentum within our customers. Google Apps has been instrumental in this environment but like I say. Mmm, lip bitten! Why not trial Office 365 here, any problems and our technical team will set the trial up for you, all for free!
New threat: Tab Napping
We’re always reminding people not to click on links inside emails as its a very insecure thing to do. The trouble is that’s what IT Managers everywhere are telling people to do and as such phishing attacks are declining. That’s the good news. The bad news is that hackers are as always one step ahead and there’s a new threat out in the wild. Its called ‘Tab Napping‘.
The basic gist of it is, you go to an online banking site and get to its login screen, then you suddenly think of something else you wanted and open a new tab to do a quick google search. Normally there’s nothing wrong with that, however if you hit a malicious site the original tab could change without you knowing about it. When you click back to it, you expect to see a login page and as far as you are aware you browsed to it yourself so its in a trusted zone in your mind. If you then submit your login details, you could be supplying fraudsters with your details.
These attacks are highly sophisticated but here’s how to protect yourself:
- Make sure you always check the URL in the browser address.
- If the URL looks suspicious in any way, close the tab and reopen it by entering the correct URL again.
- Avoid leaving tabs open which require you to type in secure login details.
Are you oblivious to cyber security risks?
Cyber security is talked about increasingly in the news, both worldwide and on a more local level. Although this has increased awareness of the threats that businesses can face, there is still a disconnect between SMEs who consider themselves to be strongly protected against cyber threats and the fact that many of them are still experiencing security breaches on occasion, if not regularly. So, why is this the case? Do you believe that you are better protected than you actually are, whilst being oblivious to the real cybersecurity risks?
False perceptions of cybersecurity
SMEs are confident that they are prepared in the event of any cybersecurity threat. In fact, 87% of SMEs believe they are fully prepared, with 59% believing that they have increased their security since the previous year, and 61% predicting that they’ll continue to grow in protection next year with greater budget allocation. Although this confidence is good, it can be based on a false perception where there is actually a lack of understanding of how to protect against cybersecurity threats.
Statistics suggest security must increase
Despite many businesses having a perception that their business is protected against breaches, over 70% of companies have had a data breach within the last year, and our customers are just as unlikely to be an exception to this. Therefore it is essential for you to ensure you are protected sufficiently against these threats, including DDoS fraud, malicious insider attacks and ransomware attacks.
Security policies and training are key
Inconsistency is one of the biggest problems that you might have and part of bringing this consistency is implementing a clear security policy across the organisation and ensuring that it is regularly reviewed and audited. You can also address negligence by training staff to be aware of the risks and not fall into traps set by ransomware attackers such as opening email attachments containing viruses.
User-responsibility and awareness
As the IT Manager, it’s your role to implement the greatest technologies to protect against cybersecurity threats, and educate users about these. At the same time, you are able to assess their systems in order to remain up-to-date at all times, especially paying attention to GDPR guidelines and other legislation that you may be unaware of. You can address security risks as they occur if required and implement prevention processes and technology.
Protecting your most valuable asset
Data breaches are costly, both legally and financially for your companies not to mention the disruption that they can cause. This means that cybersecurity is of the utmost importance. Whether you’re looking to implement specific new policies and set up to adhere to GDPR guidelines, or simply need extra resources to provide a new setup for your users. Systems Assurance can work with you to ensure that your users are both educated and up-to-date technologically.