The Importance of a Business IT Continuity Plan

IT Continuity, IT Plan, Security, Services, , , , ,
07
Nov 2017

 

PDCA_Cycle.svg

A backup plan for your IT system in the case of a sudden disaster is crucial to ensure your business continues operating whilst that disaster is rectified.

Many businesses, however, don’t have a contingency plan in place that will allow their IT operations to continue in the case of an emergency. And this lack of preparation can lead to your business having to cease operations and, therefore, hit you hard financially. Naturally, no one can forecast an emergency or a disaster, so it’s important to get something established sooner rather than later.

To understand, in a little more detail, why a business IT continuity plan is so important, we’re going to take a closer look at what it can bring to your business and how to implement it.

The Main Benefits of Business IT Continuity

Say, for example, your business suffers a huge malware attack, this could seriously compromise all the PCs on your network and render them redundant. And how are you going to process orders or bring up customer records then? Exactly – you aren’t! However, with an IT continuity plan in place, you can put this into action whilst your IT team work at eradicating the malware attack – this allows you to continue serving your customers and helps your organization minimize the downtime.

It’s also quite possible that your business premises could be put out of action due to disasters such as fire or even natural disasters which could visit in the form of hurricanes. With your office, for example, out of bounds, it could appear that there’s no option but to down tools. If, though, you’ve planned for occasions such as this, you could execute remote working accessibility for your staff to work from home or alternate premises. Again, this helps to keep your organization afloat and operating.

IT Services are aligned to the customers needs. Dynamic Lifecycle approach to service. Interconnections between processes. Quality of Service. Reduced cost to serve because of use of standard process. ITIL is NOT… A methodology. A complete set of predefined low level processes – only the framework with which to build them.

Creating an Effective Plan

A good business IT continuity plan is one which has been carefully planned and designed by a team which incorporates all areas of your business. Whilst it may seem sensible to have an IT bias towards leading the project, they won’t necessarily understand which data and which applications are most important for different departments. And this is why we would always recommend a team comprising of individuals who can cover all aspects of the business’ needs.

Once this team is in place, you’ll find that the prioritization of IT resources allows you to get a better understanding of what’s required from your business IT continuity plan. Naturally, these plans are never perfect as they’re relying on a situation which hasn’t happened yet. Therefore, to get the best out of your IT continuity plans you need to put them in to practice to discover how effective they are for keeping your organization in business.

As we pointed out earlier, no one can predict when your business is going to be hit by a disaster be it through hacking, natural disasters or even just plain old equipment malfunction. However, what we can predict is that a business IT continuity plan is going to minimize the impact of such a disaster on your business and should be a prerequisite of any forward thinking organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Why Do You Need to Backup Your Data?

Backup and Recovery, Office Network, Security, , ,
31
Oct 2017

 

Backup_festival

A good business needs good data and they need even better access to it. However, not all businesses understand just how crucial access to their data is.

One of the best ways to protect your data is by carrying out regular backups of your data to ensure that copies are kept in secure storage. This ensures that no matter what happens on individual PCs or individual sets of data, there should still be a copy of the lost data ready to fill in the gap. This form of pre-emptive action can really help your organization run smoothly without the need for laborious data duplication.

So, we’re agreed that data loss is bad, but how can your data go missing? And what can the knock on effects be? Let’s take a look at why you need to backup your data.

Systems Can and Do Get Hacked

Due to a combination of human error and the devious tactics of hackers, PCs can easily fall victim to malicious software which compromises entire networks and all the data on them. And, in the case of ransomware, this data can be encrypted and only released once a ransom has been paid. However, if your organization completes regular backups then the amount of data which can’t be retrieved will be significantly reduced. This leaves you in the enviable position of not having to give in and pay an extortionate amount of money for your data to be decrypted.

PCs Are Prone to Failure

When you consider the huge number of components that make up a PC, it’s no surprise that they’re prone to failure. Sometimes this can be due to age, sometimes it can be down to someone spilling their cup of coffee over the hard drive. And when components fail or become damaged, they’re sometimes left beyond repair and all the data on that PC is unable to be salvaged. With a backup to hand, the threat of permanent data loss is minimized. Even with a backup to hand, though, we still recommend keeping coffee away from your hard drive!

Data Transfer Hard Drive Backup Connection

Your Business Needs Data

If you suffer a catastrophic data loss event then your business is going to seriously struggle. Just imagine that all your customers and providers details had been accidentally deleted or compromised – operating in this scenario would be an absolute nightmare. And if you want to get a feel for the financial damage this can cause, this report estimates that around $1.7 trillion is lost in downtime every year thanks to data loss. Hopefully this should underline exactly why a regular backup is in your organization’s best interest. 

Your Network Needs Data

While your business certainly needs data to operate, your PC network cannot operate without data. So, for example, if a network driver suddenly becomes corrupted or accidentally deleted then that can spell the end of any PC activity within your organization. And, due to our reliance on PCs in almost every imaginable industry, this is the last thing your organization needs. However, by backing up your data you’re providing a safety net that could serve to be crucial in keeping your business trading.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Facebook Messenger Can Now Spread Malware

Facebook Messenger, Hacking, Security, , ,
24
Oct 2017

facebook-messenger

Facebook has 2 billion users, so it’s more than likely that the majority of your employees use it. However, did you know that Facebook can spread malware?

Malicious links – which appear to be for video files – are now being sent to users by their friends, but these links are highly deceptive. The main aim seems to be to collect login credentials and it doesn’t appear to download any malicious software such as ransomware. So, it may not be the most dangerous piece of malware, but it’s certainly a nuisance and indicates that a major malware attack could easily spread through millions, if not billions of systems.

Social media is an important sector of the business world now, so we’re going to take a look at exactly what’s happened in Facebook messenger and the best practices to avoid falling victim.

Click This Link…

The malicious messages arrive in users’ inbox and start with the user’s first name and simply say ‘video’ followed by a link which uses either a bit.ly or t.cn address. The link will then take the user to a Google Docs document which mimics a landing page and appears to house a playable video.

What’s interesting about clicking the video in question is that the destination it takes the user to is dependent on their web browser. Chrome users are taken to a fake YouTube page which downloads a malicious Chrome extension and Firefox users are redirected to a page requesting a download of malware disguised as a Flash player install. The malware delivered to Firefox users appears to consist of adware, so this indicates a financial motive, but the Chrome extension’s objective isn’t entirely clear.

Although there doesn’t appear to be any major damage caused by this malware campaign, it’s still considered a massive threat as it’s believed the malicious links are being spread by hijacked accounts. And this ensures that more and more spam is spread across Facebook and more login credentials are harvested along the way.

Now-Hackers-Can-Hack-Facebook-Messenger-App-To-Read-Or-Alter-Messages

Avoiding Facebook Malware

While email still packs a major punch in the world of malware, hacking messenger software is a natural progression due to its shift in popularity for communicating. And the Facebook Messenger malware demonstrates that there’s a possibility it could evolve into something much more dangerous. Therefore, it’s important that you take the following precautions to protect your organization’s networks:

  • Social media – on a personal level – access should be restricted, if not entirely banned, as it’s considered a huge distraction to workers. And, with this latest malware campaign, it would appear that it will soon become a popular access point for hackers to exploit – in fact, this isn’t the first Facebook hack to make headlines.
  • Employees need to be educated about the danger of clicking random links even if they’re sent by close friends. It only takes one click of a link for a hacker to gain access to every PC on your network, so this danger needs to be emphasized to all employees as part of their IT induction.
  • The importance of good password security should regularly be communicated to your staff. Facebook, for example, contains a vast amount of personal information such as where users works and, coupled with stolen login credentials, this could give hackers a head start on infiltrating your organizations network; this risk is magnified if passwords are not personalized for different applications.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Dumbo: Hacking Microphones and Webcams

Dumbo project, Security, webcam hacking, , ,
17
Oct 2017

Webcam-Hacking-1-e1467574476370

Due to changes in the way we communicate, microphones and webcams are now important business tools, but did you know that they can be hacked?

And, in particular, did you know that the CIA is keen to utilize this type of hack for its own surveillance activities and to corrupt recordings? This news has recently been leaked by WikiLeaks and, although it’s not surprising that the CIA use such tools, it’s a real concern as we’ve seen in the past that security agencies hacking arsenals aren’t completely secure.

How do microphones and webcams get hacked though? Well, seeing as so many organizations use them for video conferencing these days, it’s probably best that we take a quick look.

What is Dumbo?

The main objective of Dumbo is to provide a route into a monitoring capability of a PC that home security systems are not capable of detecting. Now, what’s interesting about Dumbo is that it can’t, at present, be transmitted through email; instead, for a PC to be hacked with Dumbo, the hacker would need direct access to the PC to connect a USB drive. Once this is installed and activated, it begins searching for webcams and microphones and, once identified, Dumbo can disable or mute the devices.

Dumbo also identifies any files that these devices are currently writing to and gives Dumbo the opportunity to delete or corrupt these files. With capabilities such as this, Dumbo has the potential to delete audio-visual evidence or, if necessary, create fake evidence. For all of this to take place, however, the USB drive needs to remain plugged in at all times, so this creates a situation where a hacker would need to work very quickly and be directly at the system they’re hacking.

black-webcam

The Dark Side of Dumbo

The CIA, of course, have certain regulations that they have to adhere to and are only working in the interests of national security, so Dumbo isn’t something that the average organization shouldn’t have to worry about. However, as we saw with the NSA hacking tools leak, anything is possible in this day and age. And just imagine what would happen if this type of malicious software fell into the wrong hands.

Not only could the security of your communications become highly compromised, but even security of your physical building could be at risk as many organizations use webcams for security monitoring. The one limitation of Dumbo is that it needs to be actively executed in-situ, so this makes it a difficult hack to pull off. However, this doesn’t mean that the hacker has to step foot in your premises. As we’ve shown in the past, hackers have several ways that they can get a USB stick into an organization and it can often be down to a curious employee finding a USB stick in a car park.

Being aware of your employees’ activities doesn’t mean that you can completely extinguish the threat of a hack – such as Dumbo – taking place, so it’s always important that you regularly monitor hardware for any unusual activity. And it doesn’t have to be a webcam or microphone, it could easily be a printer. Therefore, if a piece of hardware starts acting suspiciously, then it’s highly recommended that you isolate it from your network before investigating it.

As we get deeper into the 21st century, it would appear that the digital landscape is becoming less and less secure, but the truth is that the best way to defeat hackers is by vigilance. If you can ensure that hackers attempts are thwarted and monitored then you should find your PCs are safer than ever.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

60,000 BSNL Modems Affected by Malware

modem security, Password Security, Security, , ,
10
Oct 2017

Morden-Security

Your modem provides a gateway to the internet, but this entry point is highly vulnerable to hackers as 60,000 customers of BSNL have discovered.

Bharat Sanchar Nigam Limited (BSNL) is an ISP based in New Delhi, India with around 93 million customers, but even with these customer numbers they have been struggling in recent years due to the increased competition in the Asia telecommunications sector. And they now have an embarrassing malware incident on their hands, so these are certainly tough times for BSNL.

The attack which has affected BSNL is almost ridiculous in its simplicity, but it has the potential to cause huge damage for BSNL and its customers. It also carries an important lesson that every PC user can benefit from, so let’s take a look.

Hacking BSNL Modems

Using botnet attacks, the hackers were able to breach the National Internet Backbone (essentially a huge network making up the backbone of the internet in India) of BSNL and gain access to their internal modems and recently installed customer modems. From BSNL’s end, this meant that their broadband service was severely compromised with around 45% of internet connections suffering disruption. For customers using the recently installed modems, however, matters got much worse.

The malware affecting BSNL was able to change the passwords of BSNL broadband customers who had made the fatal mistake of not changing the modem’s default password of “admin”. As a result, around 60,000 customers have found themselves at risk of having their broadband connection compromised as their modem would not be able to log into the BSNL system. Affected users have reported a lack of internet access and the modems ‘red error’ LED switching on to indicate a fault.

Whilst BSNL were able to manually change the password details for their internal modems and stop any further changes to their customers’ details, they were unable to reset passwords for customers who had fallen victim to the malware. Instead, these users have to manually reset their modems and enter a new password, a task which isn’t particularly simple for your average PC user.

password-866979_960_720

The Importance of Password Changes

BSNL are rightly embarrassed about the breach that their systems have experienced and there’s still no mention of the attack on their official website. And the fact that this attack stemmed from a simple password flaw is astonishing, but not completely surprising. Many, many organizations still use the age old login name/password of Admin/Admin for gaining access to the administration side of computer systems; it’s easy to remember and provides quick access, but the problem is that every hacker knows this and will always try these login details early on in an attack.

It’s absolutely crucial that you protect your networks (and even your modems) by practicing good password security. It only takes a few moments to think of a new password and just as long to change your old one, so there really shouldn’t be any excuse. And that’s why you should always change default system passwords as soon as you’re given the chance. Otherwise, you’re at risk from being hacked and will only have yourself to blame.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 28 29 30 31 32 48