Cyber Attacks Soar to 26 million a day

Cyber Attacks Soar to 26 million a day

These were the initial words of a recent national newspaper headline and it went on to say that ‘as hackers find new ways to wreak havoc’.

This newspaper article was based on an annual report by specialist Sonicwall which can be downloaded at https://www.sonicwall.com/resources/white-papers/2018-sonicwall-cyber-threat-report-2/.

In October 2018, the UK government said “98% of UK businesses now operate online in one way or another, with even the smallest of firms benefiting hugely from the use of websites, social media, staff email addresses, online banking and the ability for customers to shop online.  However, the latest Government statistics show over four in ten (43%) of all businesses and charities experienced a cyber breach or attack in the past year.”   This is a quote from https://companieshouse.blog.gov.uk/2018/10/08/why-cyber-security-is-important-for-your-business/.

For most SME the detail of the cyber arms race – whether it be hackers or malware – are too complex to deal with for themselves.   But it should be remembered that almost half of cyber attacks target small businesses.

TYPES OF CYBER ATTACK

The types of cyber attack relevant to small business are:

  • The Denial of Service Attack – Attackers send enough information and data all at once from multiple computers to overload your system so it shuts down.
  • The Inside Attack – Some of the most crippling breaches occur when past employees decide to misuse the access to data
  • Malware – The phrase covers a large swath of worms, viruses, Trojan Horses and other pests like Ransomware
  • Password Attacks:
    • Brute Force Attack
    • Dictionary Attack
    • Key Logger Attack

ACTON TO TAKE ON CYBER PROTECTION

The FSB (Federation of Small Business) has suggested that small businesses could and should take action on:

  • Passwords – use them, make them strong, change defaults
  • Two factor authentication – use when available. It adds an additional layer of security to accounts or transactions.
  • Backups – data loss can be caused without warning and the result is typically a massive disruption to you and your business. Preferably offsite and check regularly to make sure you can restore
  • Software – Despite manufacturers’ best efforts, it isn’t possible to create perfectly secure software and so it must be patched and maintained to ensure it remains protected as new flaws and vulnerabilities are found.
  • Vigilance – People can sometimes be the weakest link in the security chain, but they can become your strongest asset if they understand the risks. Train them on cyber security and best practice.

The full FSB article can be found at https://www.fsb.org.uk/resources/top-five-cyber-security-tips-for-small-businesses.

SME ADVICE ON CYBER PROTECTION FROM THE GOVERNMENT

The UK government also publishes helpful information for small businesses.  Two good sources are:

ACS Technologies take our clients security seriously.  We manage and maintain our clients network security and backups as part of our contract services.

If you would like advice or guidance on improving data and network security within your company, contact us today.

What is ‘The Cloud’?

Overall Concept of the Cloud

In essence, the ‘Cloud’ is the internet.  The cloud allows users to access applications, information, and data of all sorts without necessarily housing the actual hardware on which it is running and stored.

When the software that you’re using is accessed over the internet and runs on servers operated by the software company, it is said to be ‘cloud’ based.

Cloud storage is a service which lets you store data by transferring it over the Internet or another network to an offsite storage system maintained by a third party.  Examples include Dropbox, OneDrive and Microsoft’s Azure service.  Such systems provide the ability to share data with a controlled list of allowed users, each with configurable ‘rights’ to add, view or amend.

Businesses also put publicly accessible information into systems on the cloud.  Examples of this would be social networks like Facebook and LinkedIn, video sites like YouTube and Vimeo and music streaming sites like Spotify.

Similarly, when you access up to date flight arrival times from airlines, news from bbc.co.uk etc that information is on the ‘cloud’.

Advantages of Having your Software / Data on the Cloud

  • Access from anywhere you have Internet access – on the road
  • Resilience and backup should be better than SMB’s can afford inhouse
  • Cost competition due to economies of scale
  • Software kept up to date (saved maintenance cost)
  • No upfront hardware costs or maintenance

Disadvantages of Having your Software / Data on the Cloud

  • Security – Your data is held on someone else’s server with other people’s data
  • Compliance risks – is the server UK based? Does it meet industry standards?
  • Need to pay for a business service to get SLA’s
  • Can be more expensive than having your own server if used for a long time as it is a subscription service
  • Captive customers – difficult to move data and services away
  • Automatically updated software may offer incompatibility with internal systems

Models of Cloud Computing

There are several different methodologies for getting your systems ‘Cloud’ based.

Subscription based services

Subscribe to a fully hosted and maintained service such as Office 365, Quickbooks Oline, SalesForce online etc. Where the software and hardware is fully managed by the provider and you pay a monthly or annual fee to use the service.  You will have little ability to configure such software as much as the on-premise versions and software will generally be automatically upgraded to the current version, adding or removing features.

Hosted Hardware in a DataCentre

Build your own virtual servers and desktops which sit on datacentre server hardware managed by the provider.  You can specify CPU, RAM and storage requirements and then install the operating systems and applications you need (subject to licensing in a Virtual / Terminal Services environment).  Can work out expensive in an ongoing basis but useful for short term projects, testing or when staff numbers increase seasonally.

Your own Hardware hosted in a DataCentre

Buy, build and configure your own server hardware and software which is then hosted in a DataCentre, where you ‘rent’ rackspace.  You have full control over the hardware and software (so long as it meets the Data Centre’s terms and conditions.  You benefit from resilience and enterprise level networking and connectivity but have full control over your servers and software.

On Premise Servers with Remote Access Capability

You buy, configure and install your own server hardware and it is kept at your offices.  It is configured to allow users to work and connect remotely, either from home or remote offices.

You have full control over everything but are also responsible for all communications, hardware and software maintenance.  Reduces ongoing costs but you will have the upfront cost of the initial hardware and software purchases.

Hybrid Solutions

You buy, build and configure an in-house server but couple this with hosted services such as Office 365, online accounts or online CRM systems.

Your internal server manages your internal network security, stores files and possibly line of business applications but it links in with external hosted services.

The Future of Cloud Computing

There is no doubt that Cloud Computing is here to stay.  The increased requirement to work remotely and access data and applications from anywhere at anytime is not going to disappear in a hurry.

However, we have seen a change in attitude recently and instead of wishing to ditch all their own servers, Companies wish to retain their in house network security and data storage rather than subscribe to ongoing services.

We have also seen an increase in clients retaining in-house Exchange Servers as opposed to subscribing to Office 365 services as the TCO over 3 years works out more cost effective with on premise solutions even accounting for ongoing maintenance and support.

If you are considering migrating your systems to the Cloud or need to review your current Servers and infrastructure, contact us to discuss the options available and what would be best for your Company.

What is Office 365

Office 365 is a subscription service, sold with per year and per month options, that allows access to various Microsoft software products and services. With an Office 365 subscription, you get the latest Office apps – both the desktop and online versions – and updates when they’re released.  Plus, a professional hosted email service, online storage and various other app services, from online booking to form creation (dependant on subscription level).

You can still purchase Office in the original perpetual license method but Microsoft no longer provides upgrades.  Therefore, to keep up to date, you have to buy another full, current version of office.

Office 365 Subscription Options

Office 365 Personal

One solution for you across all your devices. Includes premium Office applications for PC or Mac for 1 user.  Not licensed for commercial use so don’t buy this if you need to use for your business.

Same as Office Home & Student 2019 plus:

Office Application: Outlook, Publisher (PC only), Access (PC only)
Services: OneDrive, Skype

Office 365 Home

One solution for you and your family across all your devices. Includes premium Office applications for up to 6 users on PC or Mac. Again, not licensed for commercial use so don’t buy this if you need to use for your business.

Same applications and services as Office 365 personal.

Office 365 Business

Best for businesses that need Office applications plus cloud file storage and sharing. Business email not included.  Good if you need online storage and want to keep your office apps up to date as well as using the collaboration features but have your email hosted elsewhere.

Office Application: Outlook, Word, Excel, PowerPoint, OneNote, Access (PC only)
Services: OneDrive

Office 365 Business Premium

Best for businesses that need business email, Office applications, and other business services.  The best solution for business users.  Everything included from email hosting and online storage to all your apps.

Same as Office 365 Business plus:
Services: Exchange, Sharepoint and Microsoft Teams

Office 365 Business Essentials

Best for businesses that need business email and other business services. Office applications not included.  Great if you already have Office on your devices but want a reliable and cost effective emails solution coupled with online file storage and collaboration.

Services: Exchange, OneDrive, Sharepoint and Microsoft Teams

Individual Applications & Services

Access – a database management system that combines the relational Microsoft Jet Database Engine with a graphical user interface and software-development tools

Excel – a spreadsheet featuring calculation, graphing tools, pivot tables, and a macro programming language called Visual Basic

Exchange – a collection of applications that enable digital messaging and collaboration in an enterprise IT environment

Microsoft Teams – a unified communications platform that combines persistent workplace chat, video meetings, file storage, and application integration.

OneDrive – a file hosting service and synchronization service

OneNote – a computer program for free-form information gathering and multi-user collaboration. It gathers users’ notes, drawings, screen clippings and audio commentaries

Outlook – a personal information manager. Although often used mainly as an email application, it also includes a calendar, task manager, contact manager, note taking, journal, and web browsing

PowerPoint – a presentation program

Publisher – a desktop publishing application, differing from Microsoft Word in that the emphasis is placed on page layout and design rather than text composition and proofing

Sharepoint – a web-based collaborative platform that is primarily sold as a document management and storage system

Skype – a telecommunications application software product that specializes in providing video chat and voice calls between computers, tablets, mobile devices.  Skype additionally provides instant messaging services.

Word – a word processor application including template and graphical options.

Would you like to find out more about Office 365 or set up a trial?  Have a look at our website for more information – http://www.acstech.co.uk/cloud-solutions/office-365/ and of course you can contact us for a demonstration or information on pricing and implementation.

It’s time to plan to replace your Windows Server 2008

Windows Server End of Life

Microsoft’s extended support for SQL Server and Windows Server 2008 and 2008 R2 comes to an on July 9, 2019 and January 14, 2020 respectively.

If you’re running Small Business Server, that includes you!

Some businesses may be tempted to continue with the non- supported software after these dates as long as their virus protection is up to date.  But in doing so, businesses with these servers expose themselves to security attacks and make themselves out of compliance with industry regulations such as GDPR.

Don’t let the end of support for Windows Server and SQL Server 2008 sneak up on you.   It is essential to plan now to avoid business disruptions as a result of leaving it too late.

What End of Support Means

No security updates

There will be no access to critical security updates, leaving your servers open to vulnerabilities and lack of compatibility as other software continues to update.

Compliance concerns

As support ends, your organization may fail to meet compliance standards and industry regulations by not maintaining supported and updated software.

Higher Maintenance Costs

Maintaining legacy servers, firewalls, intrusion systems, and other tools can get expensive quickly.  Plus, issues can take longer to resolve.

Support with Server Replacement Planning

More information on preparing for Windows Server 2018 end of life can be found at https://www.microsoft.com/en-us/cloud-platform/windows-server-2008.

As time goes by, upgrading software on the same hardware can prove to be a challenge – sometimes it’s impossible and nearly always it will be poor value for money.  To avoid unforeseen problems, the need for hardware change should be assessed as part of your Windows Server 2019 planning.  Disruptions to your business will be best minimised by changing hardware at the same time as you move to a new operating system.

The end of the year may seem a long way off and you may feel that planning for the move to Windows Server 2019 can be delay for some months, but major changes in your network need to be scheduled for appropriate times in the business year and leaving the planning of a change to the last minute may lead to major disruption of your business.

Contact us for an assessment of your needs and support in planning your upgrade.  ACS will work with you to determine the best hardware and software to see your business through the next 5 – 6 years.

Windows Server 2019

Microsoft’s customer research revealed that four themes were consistently in business’ views of future challenges: Hybrid, Security, Application Platform, and Hyper-converged infrastructure. 

Hybrid Security

There is much debate nowadays about the relative merits and disadvantages of cloud or on-premise servers.  Often a hybrid approach, combining on-premises and cloud environments working together, is what makes most sense.  Extending Active Directory, synchronizing file servers, and backup in the cloud are just a few examples of what customers are already doing today.

Project Honolulu is a flexible, lightweight browser-based locally-deployed platform.    Microsoft say that “With Windows Server 2019 and Project Honolulu, customers will be able to easily integrate Azure services such as Azure Backup, Azure File Sync, disaster recovery, and much more so they will be able to leverage these Azure services without disrupting their applications and infrastructure.”

Security

Security continues to be a top priority for businesses. The number of cyber-security incidents continue to grow, and the impact of these incidents is escalating quickly.

Attackers can stay in the penetrated environment – without being detected – for months if software is not up to date.  In Windows Server 2019, Microsoft have embedded Windows Defender Advanced Threat Protection (ATP) that provides preventative protection, detects attacks and zero-day exploits among other capabilities, into the operating system.

Application Platform

A key requirement of server software is meeting the requirements of developers.  Microsoft have already made it possible to run Linux containers side-by-side with Windows containers on a Windows Server, but in Windows Server 2019, they are improving Windows Sybsystem on Linux (WSL), to help Linux users bring their scripts to Windows while using industry standards like OpenSSH, Curl & Tar.

Hyper-converged Infrastructure (HCI)

The trend to HCI is primarily due to the value of using x86 servers with high performance local disks to run compute and storage needs at the same time.

Microsoft say that “In Windows Server 2019 we are building on this platform by adding scale, performance, and reliability. We are also adding the ability to manage HCI deployments in Project Honolulu, to simplify the management and day-to-day activities on HCI environments.”

For a further details on the benefits of upgrading to Windows Server 2019 see http://www.acstech.co.uk/hardware-software/servers/