Does my business need a data recovery plan?

Despite how vital data recovery plans are, it’s no secret that they’re rarely a top priority for small businesses. Recent statistics have shown that 93% of companies without disaster recovery plans who suffer a major data disaster are out of business within one year. If you’ve never heard of a recovery plan, we’ll explain why they’re vital to your company and exactly how to put one in place.

 

If you’re not sure if a data recovery plan is right for you, there’s one question you need to ask; could your business survive a catastrophic loss of data? If the answer is no, it’s time to start seriously considering the implementation of one in your security plans.

 

What is a data recovery plan?

 

A data recovery plan is a structured step-by-step action guide to responding to unplanned incidents. The plan is created to ensure responses to incidents are as effective and efficient as they can be.

 

Do I really need disaster recovery?

 

A recovery plan will protect the important, and often sensitive, data on your computer system. Computers are vulnerable to theft, damage, cyber attacks and viruses, leaving your databases, financial documents, emails, documents and much more at risk. Ensure they stay safe in a moment of crisis with a thorough recovery plan.

 

The key benefits

 

  • Cost-efficiency
  • Testing responses for a variety of potential situations
  • Greater customer retention
  • Eliminate the loss of important data
  • We safeguard your information through encryption
  • Protect your company’s reputation
  • Control and customisation your recovery plan
  • Proactive, daily monitoring

 

A disaster can occur for a number of reasons such as a data breach, hard-drive failure or cyberattack. By implementing a good plan, you can significantly decrease downtime and can ultimately save you money, (as described in our IT support for SME’s blog).

 

What next?

If you’ve decided that you can’t risk not having a recovery plan in place, a recovery plan is included in most comprehensive IT support contracts. If you’d like to know more call us today on 0117 370 0050 to discuss your options or complete our contact form.

 

We offer different levels of IT support to suit your needs – visit our services page to find out which of our support packages are right for you, or read our blog on the benefits of remote IT support.

 

 

8 Benefits of Remote IT Support

Present-day businesses rely on technology more than ever to keep day-to-day operations intact.  As a result, IT issues need to be addressed swiftly to minimise the impact on businesses. Which is exactly why businesses are turning to remote IT support.

 

Remote support gives you all the benefits of having your own in-house IT team without any of the business burdens.

 

Our remote IT support gives customers access to an account manager and engineer, as well as our highly trained help desk team—helping us quickly fix and update your systems without needing to visit you on-site (in 90% of cases).

 

Remote security sounds great, right? But what are the real benefits?

 

1. Improved productivity

Remote IT support can help improve your productivity and operational efficiency as you reduce (or eradicate) downtime. You’ll be able to spend less time trying to manage issues. Handing over the responsibilities to someone that you can’t see in your office can sound daunting, but our remote engineers are only a phone-call or email away. With our Remote Plus Monitoring support package, over 90% of our support queries are fixed remotely by our IT support help desk, without the need for an on-site visit by one of our engineers. This lets you reclaim time wasted on IT issues, so you can focus on your driving your business towards its goals, with minimal interference.

 

2. Available after-hours

One of the biggest shared fears of businesses is that an IT issue will arise while the person responsible is out-of-office, issues with your website, data loss or crashed servers could leave potential customers (or even your own staff) in limbo as it’s left unresolved. Most remote services offer full-time cover so there’s no need to worry about issues cropping up while you’re away. Our 24/7 service desk prevents inconvenient downtime and allows for constant monitoring of your system—giving you peace of mind with the knowledge that technical issues will be handled in a way that saves valuable time and improves business productivity.

 

3. Access to IT professionals

Get a fast response from our team of experts. At CCCit our team have years of experience. Once you have access to these sources of expertise in IT, you’ll never have to Google an issue again.

 

4. Proactive management

A huge benefit of having remote IT support is the proactive management that can preemptively solve issues before they even arise. With this approach we don’t wait for problems to surface, we work towards preventing any potential conflict in the first place.

 

5. Cost efficiency

Outages and downtime can result in loss of time and money, as well as priceless damage to your reputation, which is why IT support can be such a valuable asset for any small to medium-sized businesses. With predictable monthly fees, it can be up to 70% cheaper to outsource.

 

6. Regular maintenance and optimisation

If your systems aren’t regularly updated they can become more susceptible to issues that slow you down. On the other hand, maintenance can be counterproductive, especially if it prevents you from working. We work with you to schedule maintenance that creates minimal disturbance. Our maintenance and optimisation can work to support your growth.

 

At CCCit we value scalability, we understand that companies are constantly evolving, so we give suggestions for you in line with new updates. We’ll analyse how your processes can be improved in order to optimise performance and reach your business goals. All our solutions are tailored to your business.

 

7. Reduced pressure on IT departments

It’s a common misconception that you don’t need to outsource IT support if you have an IT department. In reality, the two can work effectively together. We can help reduce the amount of maintenance and upkeep that’s keeping your in-house IT staff from other tasks.

 

8. Reduced risk & disaster recovery

Remote support can ensure protection from data loss with remote back-ups and all our staff are well equipped to deal with such situations. Our data recovery and disaster recovery plans, allow us to minimise damage if any emergencies take place. Data corruption can happen, don’t let it affect your business.

 

Whether you’re looking for a fully supported network, or just need occasional IT support, at CCCit we have a selection of IT support packages designed to fit your needs.

Contact us today if you’d like to know more!

 

Important information which affects some HP devices

We’ve received information from the manufacturer, HP, that some HP devices that have we have sold may be unsafe for use due to potential risk of overheating and fire.

Note: Not all batteries in all HP ProBook 64x, HP ProBook 65x, HP ProBook 4xx, HP x360 310 G2, HP ENVY, HP Pavilion x360, HP 11 notebooks, HP Thin Clients, and HP Zbook mobile workstations are affected by this recall.  If you believe that a device you are using may be affected please follow the link below and download the HP Battery Program Validation Utility.

More details on which units are affected and what you should do can be found in the following notification:

https://batteryprogram687.ext.hp.com/en-GB/Home/ProgramSummary

Please feel free to contact us if you would like any help with this information or are unsure of anything mentioned here. We’re sorry for the inconvenience caused and hope to see you again soon.
Kind regards,

CCCit Team

Service Announcement – KRACK Wi-Fi security weakness

We wanted to notify our clients about a recent hack that has been discovered that affects all Wi-Fi networks. This includes Wi-Fi networks that we manage, however we have taken every necessary step to resolve this issue by patching computers and installing firmware updates where available.

KRACK is an attack that currently threatens all Wi-Fi networks protected using the Wi-Fi Protected Access II (WPA2) security protocol. In full, KRACK means Key Re-installation AttaCK. KRACK Wi-Fi security weakness is a result of a network vulnerability that makes it possible for a hacker to break into a WPA2 protected network, inject, manipulate and steal data such as photos, passwords and chat messages. It is a vulnerability that exists on almost every platform including Apple, Windows, Android, Linux and OpenBSD.

Scary as it may sound, there are several factors that downplay the risk posed by KRACK.
First, the attack must be executed within the range of the wireless signal as opposed to being done remotely. An attacker would need to be between an access point and your device. This makes it relatively easier to deal with the attack, since work areas can be protected using advanced technology such as motion sensor cameras to detect the presence of people in restricted areas and fingerprint access to keep out unauthorized personnel.

Second, sensitive information such as financial data or emails that malicious people are usually after is normally already protected using Secure Sockets Layer (SSL). WPA2 only adds an additional layer of protection. As such, should such data get into the wrong hands, it would still be protected by an end-to-end encryption that is practically impossible to defeat.

To add a layer of protection to data, it is advisable to surf the internet using browsers with security add-ons such as HTTPS Everywhere. Such add-ons force connections to protect your data through encryption whether such encryption is the default for the website or not. So far, there has been no reported breach traced to this vulnerability. Wi-Fi Alliance chose to report this vulnerability merely to inform Wi-Fi users and also to encourage them to patch their systems as soon as updates were available. These updates are backed up by the fact that so far, new versions of Apple and Windows operating systems have not appeared to been vulnerable to this attack. However, experts say there is a very slim chance that in very specific circumstances, KRACK may be successful in penetration attempts.

Although many people enjoy the convenience a Wi-Fi network offers, we would not recommend using any form of Wi-Fi on a secure corporate network. Wi-Fi should only be enabled on separated networks giving access to the internet but not files and folders on the network. Here at CCCit we take network security very seriously and always endeavor to keep up to date with any changes or important information released about products and services we manage and support. If you have any questions regarding the information provided here please feel free to contact us. If you think the information here will be of benefit to someone you know please share it.

Kind regards,

CCCit Team

Service Announcement – Email scammers warning

Scam Warning

Here at CCCit we have been made aware of a number of businesses that have fallen for an email spoofing scam which could end up costing them a tremendous amount of money.

Scammers are doing their research and are finding out the key decision makers within a business. This includes finding out who the owners, managing directors and staff working in the finance/accounts departments are. When they know this information they spoof the email address of an owner or director to impersonate them, an email is then sent to key finance resources asking to transfer potentially thousands of pounds into a bank account owned by the scammers themselves.

As emails look to be coming from legitimate email addresses belonging to owners or directors of the business many people have been fooled and this, in turn, has left them considerably out of pocket. Companies caught out by this type of scam will find it tremendously difficult to recover the lost funds as many banks will have very little sympathy.

What is spoofing an email?

Spoofing an email is as simple as sending an email with a forged or fake sender address. This address might be owner@yourcompany.co.uk however when you respond, the reply address will belong to the scammer e.g. scammer@scamaddress.co.uk
Spoofing an email is a comparatively simple thing to do, as the main protocols that email use had originally been developed to be open and basic with only a small number of people enable the more advanced security features.

Protecting your business

Due to the nature of spoofed emails, even with the correct security features in place it can still be very difficult to prevent a scammer from setting up an email to look like it has come from an owner or managing director. Some technical prevention methods have been set-out below although one of the most important prevention methods is staff awareness training and implementing processes that limit the risk.

Staff training – It is important for staff to recognize a fake email or invoices and what to do if they receive one. It is essential to make your accounts payable personnel aware of possible scams and train them to follow policies on purchasing and processing of payments. These processes should be documented and available to all employees.

Obvious Indicators of fraud:

– An incorrect domain name used to send emails, invoices and fund transfers. Hovering over the email address may reveal the originator’s email address if different from that displayed.

– The delivery address is not a company address.

– Poorly written email with grammatical errors.

– Use of a false or unknown contact from the company. If requests for quotations, invoices, purchase orders or fund transfers are received from a new company contact or account that raises your suspicion then please contact the person directly to verify the validity of the request. Do not contact the name/number used on the email/invoice/purchase order.

– Phone numbers not associated with the Business.

– Unusually large amounts are requested.

Purchase Order Process – It is a good policy to implement a purchase order process which requires a purchase order for all payments made using company money. Most popular accounting software will include the ability to create purchase orders or incorporate a purchase order system to make sure any payments or transfers are correctly authorised and properly recorded. These authorisation systems do not rely on email making it extremely difficult for a fraudster to replicate and it will make spotting a genuine fund transfer much easier.
Some popular cloud based accounting software that support purchase orders are Xero and QuickBooks Online.

SPF and DKIM Email Vailidation – Authentication is a way to prove an email is not fake. Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) are both ways to implement email validation systems which detect email spoofing. SPF achieves this by allowing your email server to check the emails you receive are coming from a host that is authorised to send from that domain. When you receive an email that is not from an authorised server but seeming to appear to come from that servers sending domain, it will either be marked as SPAM or not delivered.
DKIM and DomainKeys embed information in the email, which makes it harder to copy (but they can also be more difficult to implement for senders and receivers).
Some scam emails you receive may not come from your companies exact domain name. For example, they may seem to come from someone within the business using a personal or slight variation on the company email not protected by SPF or DomainKeys. As there are many variations on the kind of emails you may receive the steps above should not be the only precautions taken and implementing these methods would be considered as an added security measure.

Protect yourself using services from CCCit

CCCit implementing SPF across domains and email servers we manage is something we carry out as standard. In some cases, we also recommend implementing DKIM along with SFP. Enabling spam filters as well as managing anti-virus and patching across a network are also very important in reducing the risk of being a victim of a scam, CCCit implement and manage all these areas for our support customers. We can also provide help in getting you setup using a secure online purchase order system allowing you to safely and reliably validate all purchases and transfers of company funds.

To find out more about please contact CCCit on 0117 3700 050 or send an email.

Review’s Google Search Placing Results In A Fine

A judge in France has decided to rule against Caroline Doudet, a French blogger whose negative restaurant review was reported due to being “too prominent” in it’s Google search ranking. The judge’s order was that the title of the blog post had to be changed and Ms Doudet had to pay damages to the owners of the restaurant.
The decision was incredibly controversial due to the fact that it’s suggesting a high search ranking is a crime. Many people have questioned the validity of the order, and bloggers across the globe have spoken out in anger.
The claim put forward by the owners said that the strong prominence of the article was an unfair harm to their business, seeing as it portrayed them in a negative light and cost them valued customers.
The blog post that was made by Ms Doudet was called “The Place To Avoid in Cap-Ferret”, followed by the name of the restaurant, II Giardino. It’s located in southwestern France’s Aquitaine region.
The court’s documents stated that the review had featured 4th in the results when you searched for the name of the restaurant. The decision that the judge came to was that the title had to be altered, so the “place to avoid” was not as prominent in the results of a search.
The harm put forward on the restaurant was pointed out by the judge sitting in Bordeaux, who said that it was exacerbated by the blogger’s 3,000 followers on her literature and fashion blog. A famous blogger from Bristol has spoken out in outrage to his 5000+/- followers on Twitter.
Her article, which has now been removed, stated that there was a generally poor service and negative attitude on behalf of the restaurant’s owner when she visited the shop in August 2013. The owner found the entire article to be an issue, but the judge decided to just rule that the title be changed and a fine was sent to Ms Doudet.

Microsoft Phases Out Android Nokia X smartphones

Microsoft has announced that the company is going to stop developing future Android smartphones, except for those that are already available on the market. Nokia X smartphones will become an important part of Lumia range, running the Windows Phone OS instead, although Android handsets will still be supported.
The move came as Microsoft announced about 18,000 job cuts across the company’s workforce. According to Microsoft’s executive in charge with mobile devices Stephen Elop, Microsoft plans to increase Windows Phone OS popularity by targeting the cheaper smartphone segments that are also the fastest-growing at this time. Beyond the portfolio they have already planned, Microsoft intends to deliver additional low-cost Lumia mobile devices by interchanging Nokia X designs to new Windows Phone devices.
Ben Wood of CCS Insight stated that the move was intended to increase sales of Microsoft’s Lumia range, as the decision has been made before Microsoft’s takeover of Nokia. It seems like everyone scratched their heads prior to the initial release of Android-powered Nokia smartphones in February, as Wood has declared for BBC. Mr. Wood has said that phasing out Android devices was more like a strategic move meant to take the developments the company has made on the hardware to drive Lumia price to lower levels.