Most public spaces from coffee shops through to shopping malls now contain some form of public WiFi, but are these public networks 100% safe to use?

When your office based employees connect to the internet, they’re making this connection through your own network. And this means that you’re able to monitor all incoming and outgoing activity. Rather that monitoring which websites your employees are visiting, though, the main reason for monitoring these connections is to make sure that nothing malicious is entering your network. Remote workers, however, are likely to take advantage of public WiFi as a considerable amount of their work will be completed away from your work connection.

Due to the unique nature of each and every public WiFi network, it’s crucial that you understand the concerns surrounding these types of connections.

The Dangers of Public WiFi

Public WiFi may appear to be extremely convenient, but there are a number of security issues attached to connecting to public hotspots such as:

  • Lack of Details: When you connect to a public WiFi network there’s no way of knowing exactly what you’re connecting to. This, in itself, is a dangerous move and is one of the main reasons why public WiFi is frowned upon by security experts. 
  • WPA2 Vulnerability: Most public WiFi uses WPA2 encryption to protect data, but the security of WPA2 has been called into question over the last few years due to the discovery of a major vulnerability in its code. 
  • Malware Threat: Due to the lack of security surrounding public WiFi networks, it’s very easy for a hacker to position themselves in between the connection point and, for example, your laptop. This allows the hacker the opportunity to discreetly upload malware to your device and execute its malicious payload.

Should You Use Public WiFi?

Clearly, there are a number of risks involved in using public WiFi and the simplest way to avoid these dangers is by completely avoiding these connections. However, there are certain scenarios where it’s crucial that your remote employee needs to connect to whichever network is available. And in these cases you should follow these best practices:

  • Use a VPN: A virtual private network (VPN) is a service that creates an encrypted connection between your device and the remote server of your VPN. Any hacker who manages to intercept this connection will only be able to view a highly encrypted message which will be absolutely useless to them. 
  • Verify the Connection: One of the simplest ways to evaluate the connection on offer is to double check the legitimacy of the available connections with an employee at the location in question. At the very least they will be able to confirm whether the connection is genuine or fake. 
  • Use Anti-Malware Software: Protecting yourself with anti-malware software should be a given, but when people are using remote devices they fail to appreciate just how vulnerable these are. Even the simplest form of anti-malware software provides an effective defense, so make sure your device is protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Support for Windows 7 is coming to a close with Microsoft retiring the operating system in January 2020, so it’s finally time to upgrade to Windows 10.

Mainstream support for Windows 7 ended in January 2015, but extended support has continued and ensured that the OS remains popular with both business and personal users. The familiarity of Windows 7 and the various criticisms that were labeled at Windows 8 have also enhanced its popularity, but it will soon represent a nonviable option. Accordingly, mass migration to Windows 10 is currently taking place and, due to the disruption this can cause, it’s crucial this is completed sooner rather than later.

Why You Need to Upgrade to Windows 10

There are a number of reasons why it’s paramount that you upgrade to Windows 10, so let’s take a look at some of them:

  • Enhanced Security: Running Windows 7 past its retirement date represents a major security concern and it’s one that’s best avoided. At present, security patches are regularly issued by Microsoft to combat any security concerns. However, with support no longer available, Windows 7 will receive no such protection and will be wide open to attacks from hackers. 
  • Compatibility Issues: With Microsoft no longer supporting Windows 7, software and hardware manufacturers have little impetus to ensure their new products are compatible with it. After all, the security risk posed isn’t worth it and the numbers of Windows 7 users is set to plummet, so it’s not a good use of resources. If you do continue with Windows 7, though, you’ll gradually find that less and less new software/hardware will run on your system.
  • Increased Productivity: Windows 10 brings a number of performance enhancements to the table and this can significantly increase your organization’s productivity. The startup process is noticeably faster and users find that they can execute numerous tasks more quickly in Windows 10 than with its predecessors. This helps you to not only get more done throughout the day, but ensures that you can keep pace with your competitors.

How Do You Plan Your Upgrade?

Upgrading to a new OS is a major step, so it’s important that you plan carefully to minimize the disruption that this can cause:

  • Backup Your Data: Installing a new OS is a complex task and one that’s resource heavy on your PCs, so there’s every chance that something could go wrong. And this is why it’s important that your data is backed up to prevent any data loss from corrupted/failed installs.
  • Roll out the Upgrades: Upgrading every member of staff to Windows 10 at once is a risky move as, if your upgrade plan is even just slightly flawed, this will impact upon your entire workforce. Instead, work on a roll-out plan that upgrades Windows 7 on a user by user basis. This approach allows you to monitor any potential problems and rectify them before too many users are affected.
  • Train Your Staff: Windows 10 is packed full of new features and processes, but you need to make sure that your staff know how to use it and get the best out of it. Windows 10 is substantially different in its design to Windows 7 and, without the correct training, even the most experienced PC user will find they struggle.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Zero-day vulnerabilities are frequently referenced in regards to PC security, but it’s also a term which most PC users will be completely unaware of.

Any vulnerability that is present in your organization’s IT network poses a significant danger to the security of your data and equipment. Educating yourself and your staff on the dangers posed by these vulnerabilities is an important security practice, so understanding what zero-day vulnerabilities are is a crucial step in securing your PCs.

To help you get started, we’ve put together a quick guide to provide you with a zero day introduction.

What Happens on Zero-Day?

The definition of a zero-day vulnerability is very simple; it’s any exploit or security bug that is present in software or hardware that isn’t patched as the software vendor isn’t aware of its existence. To be considered a true zero-day vulnerability it must also be known to hackers. And this is where it becomes a huge security concern.

With hackers aware of such an exploit (known as a zero-day exploit), they’re essentially granted free rein to continually exploit this vulnerability in the face of little opposition. Therefore, malware can be installed, data can be stolen and whole networks taken down without software vendors and customers being aware of how it’s happening.

Once the zero-day vulnerability has been confirmed and the software vendor made aware, Day Zero is established. Naturally, any period before Day Zero is highly problematic, but even the commencement of Day Zero provides little comfort. And this is because developing fixes and patches isn’t an instant process. Instead, time and effort needs to be invested in creating these patches and ensuring that customers install them as soon as possible.

What are Some Examples of Zero-Day Vulnerabilities?

Now that you understand a little more about the makeup of zero-day vulnerabilities, it’s time to consolidate that knowledge with some real life examples:

  • Microsoft Windows Vulnerability: Even the seasoned professionals at Microsoft are capable of falling foul to zero-day vulnerabilities with one recently being discovered in the system file Win32k.sys. The exploit can be launched by a specific malware installer and, without the relevant patch, can be considered very dangerous.
  • Adobe Flash Malware: Adobe have suffered numerous zero-day attacks and, in 2016, their users experienced a zero-day vulnerability packaged within an Office document. Activating this vulnerability allowed hackers to download malware to the affected PCs and begin exploiting data until Adobe hastily issued a patch.
  • Internet Explorer Loses Control: Microsoft was, again, victim of a zero-day vulnerability in December 2018 when their Internet Explorer app experienced a severe security risk. It’s believed that the vulnerability is exploited by directing victims to an infected website where the hackers can then assume control of the PC from a remote location.

Final Thoughts

Zero-day vulnerabilities are troubling security flaws as their very definition means that there is no immediate protection available. Accordingly, it’s important that your organization takes the following steps:

  • Always install all updates to ensure zero-day vulnerabilities are treated as soon as possible
  • Backup all data and store it correctly in the case of a zero-day vulnerability disrupting your network and productivity
  • Educate your staff on the dangers of zero-day vulnerabilities and ensure they’re aware of the telltale signs of infection

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Most organizations are on board with reducing their carbon footprint, but when it comes to dealing with e-waste then there’s real proof this is an issue.

E-waste is, as the name suggests, any electronic product with a power lead or battery that needs disposing of. And, unfortunately, almost every example of e-waste poses a significant threat to the environment. Accordingly, e-waste should be treated and disposed of correctly, but the truth is that many business owners are failing to act responsibly in this area.

A recent report by PACE has revealed that e-waste is one of the world’s fastest growing waste streams with around 48.5 million tons of e-waste reported in 2018. IT equipment contributes significantly towards e-waste, so it’s important you understand a little more about the issue.

Why is E-Waste Such a Problem?

The age of the microchip has brought an exponential turnover in new technology. No sooner is a new electronic product released, it’s been superseded by faster and more powerful technology. Mobile devices are the perfect example of this and, when it comes to IT, these are crucial pieces of technology required to keep pace with the modern business landscape. As technology finds itself becoming redundant quicker than ever before, the amount of e-waste in the environment is building up.

The main problem with e-waste is the toxic chemicals and substances contained within electronic equipment. IT technology, for example, can easily contain a wide range of chemicals such as lead, chromium and beryllium. All three of these chemicals, which are only a handful of those found within a PC, can be dangerous to human health and equally devastating on the wider environment. Evidence of this health risk can easily be found, as PACE report, in the levels of toxic elements recorded in the blood streams of workers employed at waste disposal sites.

Combating the Problem of E-Waste

With levels of e-waste estimated to reach 120 million tons by 2050 without any affirmative action being taken, the time to act is now. And for organizations this is much simpler than you might think.

Naturally, the need to replace technology is vital to remain competitive, but this doesn’t mean you need to turn your old tech into waste. The simplest solution here is to sell the equipment as you can bet your bottom dollar that there’s someone out there who will find a use for it. And, of course, there’s also the option for donating your unwanted technology to charities or local organizations such as schools.

Faulty equipment is slightly different to redundant technology, but is also a significant contributor towards e-waste. However, rather than just leaving this equipment out with the trash and purchasing new equipment, the responsible approach is to repair the equipment. Not only does this bring a new lease of life to your equipment, but it also reduces the build-up of e-waste. Unfortunately, repairing electronic equipment isn’t always straightforward due to a reluctance on manufacturers’ parts to support repair and refurbishment, but it should always be considered.

Final Thoughts

In the fast-paced world of technology, e-waste is rapidly becoming a global problem. However, organizations can make a concerted effort to reverse this trend by facilitating the recycling and refurbishment of technology that would otherwise be disposed of. And if we make simple changes to our handling of e-waste now, the benefits in the future will be significant.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Cloud storage and infrastructure is the way forwards for organizations due to the massive range of benefits it offers, but how secure is your cloud?

Security is the single most important factor when it comes to an organization’s IT operations, so it’s essential that it’s treated with the utmost attention. However, cloud networks are a relatively new platform and, as a result, the level of security knowledge behind these platforms is lacking compared to more traditional networks. Hackers, of course, are keen to this fact and invest substantial time and effort in uncovering security vulnerabilities that they can exploit. Combating this threat, therefore, is paramount to your organization’s security.

As I’ve already stated, cloud networks are a new phenomenon and the wider community generally isn’t as clued up on them as they perhaps should be. And this leads to common mistakes that can cost dearly. However, by taking a look at the biggest cloud security mistakes you can make, you can hopefully avoid them.

Multi-factor Authentication is Vital

Administrative accounts on cloud networks have significantly more privileges than your standard employee’s privileges. Mostly, this is down to the amount of IT knowledge required to carry out these system admin tasks. A non-IT employee simply doesn’t need these privileges. Accordingly, an administrative account is much more attractive to a hacker, so security needs to be tightened. Any cloud platform that understands security risks should have an option for multi-factor authentication, so make sure this is rigorously enforced for all administrative accounts.

Limit the Use of your Admin Account

The root account is the first account you create when you sign up with a cloud provider. It’s a highly privileged account as it contains access to every aspect of your cloud network. If this account is compromised then your entire cloud network is at the mercy of hackers. And this is why you need to limit usage on this account to only the most necessary tasks e.g. do not use the root account for general day to day tasks that put you more at risk of being infected by malware etc.

Check the Encryption Methods

Security moves at a rapid pace and the level of encryption that is now available on cloud networks such as TLS-based encryption is fantastic. Unfortunately, there are also plenty of cloud networks that still operate with less security encryption methods such as the SSL protocol. To minimize the risk of your cloud account becoming compromised, you need to investigate the encryption method used on your network. If it’s even slightly outdated, then it’s time to upgrade.

Restrict the Availability of Sensitive Information

The beauty of cloud storage is that it can be accessed from anywhere, so this opens up your data to a much larger audience if you grant them access to it. While this allows you to collaborate with other organizations and remote employees much more easily than ever before, it also puts your data at risk. Your organization needs to bear this in mind and access controls need to be thoroughly thought through to prevent sensitive data being accessed outside of your organization. Ensure that your employees are aware of the open nature of cloud networks when saving data to such public drives.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More