It’s 14:12pm on 2nd March and the HCS offices in Dublin and Waterford are still closed. However our countrywide staff have all sent on their latest photo’s. One employee who lost internet connection tried to row their way to work in a home made wheel barrow boat and used two hurley’s as roar’s. She tried to protect her identity by wearing a motor cycle helmet but we know who she is!
Despite the office closures across the country our service desk team have dealt with 26 calls today so far. It been quite over the past two hours so we don’t expect many more calls today.
Being able to still service our customer base during this extreme weather event is of paramount importance to our business, failure to do so could be detrimental to all our businesses. Having the right technology is critical, we’d be happy to help you prepare your business for such extreme event’s which are now more common. Who would have thought that this winter we would have 2 weather events that would cripple our country and bring business to a halt, it’s time to get prepared. Never mind about getting ready for GDPR, get ready for DR (disaster recovery).
It’s 14:20 on 1st March 2018 and the HCS offices are closed since yesterday morning when the first of the snow hit, but that doesn’t mean our business was closed. Using the technology at our disposal all our staff have been working from home for the last two days as normal. Yesterday alone we dealt with over 100 calls into our service desk and so far today it’s been a bit quieter with only 45 calls logged since 8.30am this morning.
Using our Zultys phone system our service team are using the Zultys mobile app to receive, make and transfer calls in the exact same way as if they are in the office. Our remote access tools and the fact that the majority of our systems are in the cloud means we can function as normal but just in a different location.
Here’s a collage of the view from our countrywide office locations today, I wonder what it will look like tomorrow.
The IT industry has latched onto GDPR over the past 12 months and HCS have deliberated about it’s position in regard to this topic. We have finally found our niche. As Microsoft Gold Partners HCS have aligned to Microsoft’s thinking on how to approach GDPR i.e. Discover, Manage, Protect and Report. If you haven’t heard about GDPR then take a look at the website from the data commissioner here in Ireland. http://gdprandyou.ie/
Any data that helps you identify a person is deemed as personal data. Such as Name, Email address, Social media posts, Physical, physiological or genetic information, Medical information, Location, Bank details, Ip address, Cookies etc. This data may be stored in emails, documents, databases, removable media, metadata, log files or backups.
Once you have identified the data what policies are in place for data while it’s in transit or at rest. Storing data, recovery of data, retaining data, archiving and disposal of data. Is this data classified and labelled by sensitivity (public, company, confidential). Do restrictions apply to users and administrators of this data?
Protecting your data is where HCS can help you to become compliant for GDPR. GDPR raises the bar in terms of the efforts every company must take to protect data regardless of their size. Working with Microsoft and Fortinet primarily, HCS have a range of security solutions and services that will secure and protect your data. HCS’s first step is to appraise your current levels of security and protection with our TechSecure- GDPR Protect audit. This audit will appraise your current levels of data protection and will provide the necessary steps you need to take to become compliant.
The final phase of GDPR is reporting and proving that you have complied with the legislation. Records need to be kept and GDPR needs to be constantly reviewed to ensure you stay compliant.
HCS are working with a number of customers at the moment to achieve GDPR compliancy at the protect layer. In January 2018 HCS will be offering TechSecure GDPR Protect audits on a wider scale to help and advise customers on how to secure and protect their personal data. If you wish to start your GDPR compliance journey today call any of our team to discuss further on 051-595200/01 8734120. GDPR will not go away and the deadline is now less than 6 months away (May 25th 2018), don’t put off the inevitable.
We believe that there’s a huge positive to come from the recent global ransomware and cyber attacks. This may sound perverse, however the huge media attention given to cybercrime and its consequences has placed the topic of IT Security at the forefront of everyone’s minds and that has got to be a good thing. We’ve now passed the point of no return and IT Security has to be a major focus for business owners and managers going forward, we’ve had our warning! We really do hope the you give it the attention it deserves and trust us that the recommendations we are making are on the basis of protecting you and your business.
In our experience of dealing with Ransomware and cyber attacks on a weekly basis over the past 24 months, 99% of the time it’s initiated from an email that contains attachments or links and a user has to click on it to start an infection. Alternatively it comes from browsing the internet and clicking on a malicious link.
The following is a listing of ways you can help protect yourself and your business from such infections.
If you are on Office 365 for email and have the add on for Advanced Email Threat Protection then you have done as much as you can, if you have not then we would strongly recommend you implement it straight away. If your email is not in Office 365 then we are limited in the amount of protection we can provide hence why we believe moving to Office 365 for email is more secure. More information on Advanced Email Threat Protection is available here
If you have a Firewall with a UTM (unified threat management) subscription which limits your employees access to only sites in certain categories e.g. (education, health, general etc.) then you have limited your exposure significantly. To really protect yourself, we would recommend you also filter out unrated sites and adopt an approved list of sites that will build up over time. This does curtail internet access significantly but it will reduce your risk of getting a ransomware attack even further.
Should users require more open Internet access then let them connect via their smartphones only either on 4G or over the Wi-Fi.
If your internet is unfiltered then it’s only a case of when someone clicks on a link that they shouldn’t, you will be infected with some form of Ransomware.
Other ways of protecting your business against cyber attacks:
Use this opportunity to get the message out to staff to “Think Before You Click”. Call a staff meeting this week, send emails, talk to everyone individually and make them aware that they play a huge role in protecting your business. Your computer users are your last line of defense.
Windows XP PC’s:
If you have any PC’s in your network running anything other than Windows 7 or Windows 10, then get it isolated from the network immediately and disconnect it from the internet. NO EXCEPTIONS.
Windows Server 2003 or older servers.
If you have any servers in your network running anything other than Windows 2008, Windows 2012 or Windows 2016, then take if off the network immediately and disconnect it from the internet. NO EXCEPTIONS.
To Patch or not to Patch:
In an ideal world every server, PC and Laptop should be patched with the latest updates from Microsoft. However the impact of doing patch updates on your IT systems is generally not good especially if you are not up to date with the latest version of your business software (eg. Sage, Navision, Drive, Keyhouse, Opera etc). We would recommend that all PC’s/Laptop’s are patched with the latest updates and that a choice has to be made with servers. Our attitude on this re servers is patch what you can and limit your exposure. The impact of patching servers will mean downtime, but it’s got to be accepted within your business if you want to stay protected. For now, get windows updates on all PC’s and Laptop’s.
If you do get infected the backups are your only fail safe. Check you backups, know what’s been backed up, monitor it and test it regularly.
Finally, if you feel that you have done everything mentioned above, there’s probably no more you can do. The threat of cyber attacks are not going to go away and from what we see the attacks are getting more brutal.
IT Security has to be a topic of discussion regularly between your management team, employees and HCS. We have worked with a number of customers over the past 12 months who take IT security seriously and we have devised a security audit which focuses on securing and protecting your business against cyber attacks, malicious intent and disasters. The audit reviews every aspect of your business with regards to IT security and data protection. The output of the report is generally a listing of recommendations and policies that you need to put in place or action to become more secure and protected. The audit generally take about 2 to 3 days to complete depending on the size of your business. More information available at www.hcs.ie/hcs-techsecure
We hope you find this information of benefit to you. Please call HCS Business Solutions on 01 8734120 | 051 595200 or email firstname.lastname@example.org to ensure your business is protected against cyber crime today.
Be informed, be Secure and protect your business – Be TechSecure!
“Prevention is better than the cure” that’s why protecting your IT Systems against cybercrime, disasters, malicious intent is always better than having to face the pain of a cure when the damage is done.
While no one can guarantee 100% protection for your IT Systems, you can limit the risk by being prepared against the threats of cybercrime, disasters or malicious intent. If you fail to prepare the likelihood is you will be facing the cure, if prepare to fail then you have done yourself a big favour and the chances of facing the cure is far less likely.
TechSecure from HCS is a comprehensive practical approach to Securing and Protecting your business. HCS will carry out an independent audit of your business focusing on the following areas;
- User Accounts Security
- Company Policies (Internet, email, remote, BYOD)
- Workstations (desktops/laptops)
- Network equipment
- Vulnerability/Penetration testing
- Disaster Recovery and Business Continuity
- Remote Access
- Internet Access
- File shares
- Printing Security
- Application Security
The information gathered during this assessment will generate the information needed to identify the security weaknesses in your business. Armed with this information HCS will then work with your business to formalise a security strategy that will have you prepared and limit your risks to the threats of cybercrime, disasters or malicious intent.
The ex CEO of CISCO John Chambers once said, “There are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. In my opinion, there is a third type of company, “those that will be hacked in the very near future”. Don’t get hacked and have to face the cure, be prepared and get as secure as you possibly can, Be TechSecure.
For more information on TechSecure visit our website www.hcs.ie\techsecure or call us on 01 8734120/051 595200.