Disaster Recovery

Blog, Cloud, Cloud Hosting, Continuum, Security, Technology, Uncategorized

World Backup Day 2019: Losing Data in the Cloud


No Comments

Happy World Backup Day 2019 everyone! Or, as we call it here at Cetus, World ‘Your Systems Shouldn’t Have Gone Down In The First Place’ Day. We say that, because backups are probably one of the most important things you can do your organisation. You know how you feel when you’re strapped for cash and you’d forgotten that you’d popped a £20 into the little zip-up pocket in your bag ages ago? It’s like a little present to future you from past you. Those kinds of presents are important to show yourself how much you care about you. It’s the ultimate love, really. And trust me, you’ll get that same fuzzy feeling- and a whole tonne of relief- when disaster strikes and you’re the one who planned for it. It’s nice to be the hero of the office every once in a while. So, now that you’ve received the obligatory Public Service Announcement (backup today so that you won’t be the April’s Fool tomorrow), lets get into the gritty stuff; losing your data in the cloud.

“What?!” you mutter at me. I’m not crazy, stick with me on this. Trust me, I’m as horrified as you are. Surely, surely, the whole point of the cloud is to pop important stuff in there and sit back and relax as your office/laptop/briefcase burns, knowing that all you have to do is get your hands on another device, log in, and forget about the flames behind you. Ah, you’d be mistaken. Losing your data- even when it’s stored in the cloud- is entirely possible, and it happens more often that you think. And it’s not just Google Drive or Dropbox, it’s your favourite, and critical, SaaS apps.

It happens to all of us; you’re looking through a cluttered folder of documents trying to find something specific and it just gets a bit too much. There are some really useless files in there, clogging up your workspace. Half of the useless ones haven’t been edited or opened in the last five years. Why keep them? There, all deleted. You’re feeling more zen already. If deleting useless files feels this good, maybe it’s time to turn to the minimalist life. Who needs forty different suits? Two will do. Same with shoes. Donate all those old books, DVDs, CDs, the box of unwanted presents from your evil mother in law. You feel the calm setting in, life is that much brighter. Until your manager/supervisor/boss asks you for a particularly important file that you realise, in sudden horror, you deleted in a moment of deranged thinking. Oops. Maybe you need that clutter after all. Other times, you might be collaborating on a project in Sharefile and someone doesn’t pay attention and clicks ‘trash’. Or, that project that you started 12 months ago and was scrapped? Well it turns out it’s received another green light. Too bad you deleted all the work in a moment of frustration and defiance.

But sometimes it’s not you, it’s the SaaS app itself. No, it doesn’t have an agenda against you. They hold large amounts of data that are bombarded with edits and additions. Overwriting is a pretty common issue for SaaS applications, especially when large data sets are imported into the app via a bulk upload. There can also be an issue or two when third-party applications are used to manage the data inside the base SaaS app. A bit like having two opposing football teams. They’re there to do a job, but they’ll slide tackle each other every so often to show dominance.

And then there’s always that absolute twit in the corner who’s always up to something. You know the one; comes in late, the first one out, takes an extra twenty minutes on their break. Does the absolute minimum just to keep the Powers That Be happy. Well, this very person could also delete their own files. Why? Maybe they quit. Or maybe they think that they’re going to get kicked out. Or maybe the feud between them and your manager (the basis of all the office gossip) has reached the point where they just delete important documents out of spite. Whatever it is, those files are unrecoverable, they’re going to hop on over to the next job, and you’re the one who will have to run around picking up the pieces and trying to fit them all together again, before the customer/your scary boss finds out. Not all ‘accidental deletion’ is accidental.

Organisations like yours are so reliant on your IT infrastructure and you depend on seamless access to it anytime. If it all went down you’d probably end up with an office full of expensive, and sleek-looking, paperweights. And the amount of business data your organisation will realistically produce in the next ten years will grow exponentially. With every file created in your business, the more complex and important your infrastructure becomes. And it’s the very same instance for cloud. As I wrote before, at Cetus we take backup and Disaster Recovery very seriously. So much so that we actually have a whole branch to our organisation, Continuum, which is devoted to DRaaS and backups. Traditional disaster recovery methods are basically a series of fallible, interconnected steps. Think about tapes; they don’t exactly stand up over time. Increasing backup windows prevent complete backups being produced. The availability of sufficient compute and storage resource to provide a complete recovery target. Skilled resources not available to enact a recovery or conduct regular tests of the disaster recovery plan. It’s a domino effect of time delays and uncertainty in the case of a disaster. With Continuum, you can tick off several key functions that your organisation needs. We provide a fully-managed failover, regardless of whatever level of backup, archiving and disaster recovery you require. Testing is important, no matter where your data is stored. Continuum completes tests on whatever regularity you require, using a combination of automation and specialist knowledge of your environment. It’s also scalable (what isn’t in the ideal cloud world?), so Continuum will grow with you as your organisation grows over time. By providing business continuity and disaster recovery, you know that, even in the cloud, your data is safe.

Now that I’ve set the panic in you, (and hopefully given you the magic antidote), have a chat with our Continuum backup specialists, tell them that I sent you, and know that you’ll never be an April’s Fool again!

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cloud, Cloud Hosting, IT Solutions, Security, Technology, Uncategorized

How to Prevent Cloud Security Threats


No Comments

The end of winter is always a little grim, especially around the UK. The trees are bare, it gets dark way too early, the two-minute dash to the car threatens a soaking and the prospect of sitting outside with a cold beer/cocktail after a long day of work is surprisingly not tempting at all. I hate to be the harbinger of bad news, but it could get worse. Imagine coming in one morning, wind-swept and dripping, to the news that overnight your cloud was victim to a cyber-crime? At that point a cold beer in the snow seems like the best remedy for the situation. Despite everything, the internet isn’t as safe as you’d think, with devious no-gooders lurking around every corner, eager to take advantage of any vulnerability to make a quick buck. It’s especially important when your organisation is connected to the cloud, where your data is internet-facing instead of nicely locked up in an on-prem data centre. It doesn’t mean you should go out and raid Curry’s PC World for enough data storage to build a makeshift data closet though. Here are a few tips to keep your cloud secure, while enabling the innovation, data access and flexibility that you wanted in the first place.

We’re all in this together
The beauty of the network is that it’s all inter-linked. That’s how you can collaborate so easily, and throw your data and apps onto the cloud to access them whenever, wherever. Just remember, every ‘point of entry’ can be the weakest link, so it’s important to educate everyone in your organisation on how to protect themselves to protect the wider network community. It’s important to involve your entire organisation, making them aware that cyber security is just as much their responsibility as it is yours. Unfortunately, the biggest percentage of criminal infiltration comes down to users accidentally letting the cyber criminal in, usually through phishing or malware attempts. Phishing is a bigger threat to your organisation than ransomware is, and it all comes through malicious emails that get acted on. In this super quick blog post, I’ve already covered how to reduce the risk of getting on the phisherman’s hook. Also, it’s important to set up a (non-judgemental) plan for any user who feels that they might have been compromised, without them having to resort to throwing their laptop out of the window. Then you can be sure that they won’t be throwing out hardware willy-nilly, or sweeping incidents under the rug that could cause you harm in the long run.

Secure your data backup plan (just in case)
Data loss is a serious worry, always. Thankfully, in the case of cloud, this worry is slightly less. By storing your data in the cloud, it’s super simple to link your network to a backup storage solution to make sure that whatever happens you’ll be secure. We think that backups are so important that we’ve created a whole extra branch to Cetus; the Continuum Service. I’ve already touched on the 21st century’s answer to tape backup (it’s replication, by the way), and that’s what we offer with Continuum. It’s a full infrastructure recovery, and not just your data- making sure that your underlying server and desktop infrastructure is a-ok to get your business back on its feet in record time. It’s testing, on a regular basis, automatically verifying the integrity of each virtual backup server on its way to cloud, so that you know if something happens there’ll be minimal disruption. It’s a fully-managed service that allows your peace of mind knowing that we have a whole team on the situation, 24 hours a day. It’s a holistic backup and recovery solution that provides local file and VM restoration.

Who has access?
You can build the strongest walls around your building, adopt the most up-to-date firewall and screen every little thing that enters your network, but sometimes it’s important to be weary of the trojan horse plodding through your hallways every day. And by trojan horse, I mean an employee that could be stealing, irresponsibly sharing, or compromising your data. As an IT department, it’s important to assess who has access to what. There is absolutely no reason for Sharon in HR to be able to view or edit financial records, and what on earth could she be doing popping in twice a week at 3am? Establish access controls so that you can manage risk, tying user identities- even external ones- to back-end directories.

It’s important to put security measures in place that will ensure that your data and apps are protected. Why not embrace the latest technologies and adopt a smartphone access control system that will allow you to manage users and assign door access from anywhere?

Encryption and passwords are key
Your cloud can be quite vulnerable. Sitting up there, without the safety of your watchful eye, anything could be happening. It’s a bit like a spaceman floating in the big black expanse that is space, tethered to the International Space Station. He is protected by nothing more than his spacesuit, which shields him from the general elements, but there’s only so much you can do if he gets hit by a meteor. What he needs is an extra layer of bubble wrap and diamond outer shell. In the case of your cloud, this would look less rigidly cosy and more like good passwords and encryption.

In this example, we’re going to look at your spaceman’s bubble wrap; your password. Files in your cloud are zipped and protected with passwords, so it’s important that you choose a strong one. Having a unique password for your cloud is a must- if a hacker gains entry, they would have access to a huge amount of your data so it’s crucial that you keep it as safe as possible. Look into multi-factor authentication (which I’ve already discussed in detail in this post), adding an extra level of protection that you can control with fingerprint and retina biometrics.

If passwords are your spaceman’s bubble wrap, then encryption is his diamond shell, and it’s crucial. Cloud encryption allows your data and apps to be transformed by encryption, shooting up to the cloud securely before being stored. Encrypt at your network’s edge, ensuring that the data gets protected before it even leaves your network. But make sure to keep the encryption and deciphering keys stored away from where you store your data!

So, before you cobble together a makeshift data centre in a panic to protect your information, take a look at the level of security your cloud solution allows. The integrity of your cloud is vital for the health of your business; protecting your data and the access to it should be a priority for IT teams. Contact our Cetus experts to see how we can provide the ultimate protection for your cloud environment.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Citrix, Cloud, Cloud Hosting, IT Solutions, Our Upcoming Events, Security, Technology, Uncategorized

Five Signs You’re Ready to Embrace Cloud


No Comments

Unless you’ve been spending the best part of the last decade on a remote island devoid of human contact, chances are that you’ve heard a lot about this ‘cloud’ malarkey. And it’s a difficult one; there is just so much information out there, and it doesn’t always overlap. Even in your organisation, there can be significantly polar opinions on what’s best for your situation. In one ear, you have an IT specialist whispering “It’s the best thing since the Nokia 3310” and another one in your other ear muttering “It’ll take years to adopt, if we can even afford it”.

And both angel and devil in this scenario (decide which is which yourself) are right. Cloud is the best thing since the introduction of the Nokia 3310 redefined the use of the word ‘brick’, catapulting the world of on-the-go tech into a whole new revolution (even if that was just being able to play Snake at the bus stop). Sadly, we are constantly sold the idea of a plug-n-play service that will make a significant difference to your workforce. The thing is, it’s not the rainbows, unicorns and fluffy bunnies that we were promised. When it comes to cloud adoption, the focus is usually on going fully-SaaS almost overnight, which just isn’t really possible for long-established organisations. But it’s not all doom and gloom; if you pick the right IT solutions provider your dreams can become a reality, and deliver everything you expect. Still not sure if it’s for you? Here are five signs that you are ready to embrace cloud;

You’re adopting the new ‘mobile workforce’
Your business is growing and you’re employing more than ever. The millennial workforce has grown up with a significant experience in emerging tech, and they don’t know what life is like without it. The brightest graduates just out of uni are used to having their mobiles, tablets and laptops on the go. Let’s face it, they’re the generation that have mastered paying attention to multiple screens at once, all while walking, eating and doing whatever.

The problem is, they don’t want to be in an office all day. While the older generation are stuck in traffic three miles from the office, your mobile employees are already on their second coffee of the day, just finished replying to their emails and ready to get some real work done. Likewise, they’re more than happy to jump in the car, train or plane and join a conference, exhibition, workshop or a customer’s site and make sure they get all their work done on the spot. Gone are the days when your workforce would have to sacrifice a day to get the train to the other part of the country for an event, completely unavailable for anything else.

Work is no longer the be-all and end-all of a person’s life- living is. The modern workforce is picky. They no longer have the loyalty of generations before, sticking with one company until they retire. They want the best, and that includes the possibility of a more flexible work-life balance. So being able to work from anywhere, anytime makes far better sense. And that’s where the cloud comes in, allowing your employees to log in to their corporate virtual desktops from whatever device they happen to have on hand, regardless of where they are.

It’s time for a refresh
All tech, no matter how advanced it might seem, has it’s sell-by date. It’s a fact that a lot of organisations are quickly coming to realise. Chances are, this is the first time you’re looking at putting your servers in the cloud. Why not just replace your whole infrastructure like for like and be done with it? You’d forget how many bits of hardware makes up your IT closet, and how much of an investment it is just to keep the lights on in your data centre.

Now, it’s not as easy as clicking your fingers and just connecting everything to the cloud. There are plenty of reasons why it’s not feasible immediately; being chained to your legacy system, not having the internet connection to safely rely on cloud…. But don’t despair, there is a way to create an infrastructure so that it grows and evolves with your organisation and the latest trends in technology. Say goodbye to aging infrastructure, out-of-date applications and those constant reminders to get the latest version of your software. Poof! All of a sudden it’s a thing of the past.

It’s time to think about disaster recovery
Your organisation is built on a foundation of data. Whether that be customer lists, orders, customer data, the random PowerPoint presentation for the upcoming Directors’ meeting- you get the idea. If you couldn’t power up your laptop in the morning every employee in the company would essentially be a very expensive seat warmer. Disasters do happen, and if you can scoff that you haven’t experienced any yet, then you’re living on borrowed time. A single server fault could erase years of vital information in less than a second.

It’s even more scary when the facts state that the cost of an hour of downtime can cost from £6,100 to £534,000- and that includes small businesses too. Multiply that by the average time it takes to recover; 18 and a half hours. Could your business survive such a dramatic loss of productivity and reputation? 

By adopting the cloud and moving your data across, the majority of your disaster recovery planning is done. You can be safe knowing that your good solution provider will ensure that your data is being continuously backed up, testing the virtual backup server daily. When you do face your disaster, it’s reassuring to know that it’s simply a case of downloading the latest backups of your files and getting back down to business.

You’re growing, but you don’t know how to deal with it
Every organisation wants to expand. It’s the sign of success, of how a moment of entrepreneurship can turn into an achievement, and with every new person starting with you is an extra person who believes in your company and your message. But with every rapid expansion brings its own unique growing pains, and your organisation is no different. It’s only so easy to outgrow your physical infrastructure and network, leading to a loss of productivity. Which is exactly what you were trying to avoid in the first place, right?

Here’s another great way that cloud can make a difference. You obviously see a bright future for your organisation; full of targets being met, goals being blown right out of the water, the need for bigger offices, glittering awards nights and interviews from business newspapers on how you made it (may as well think as big as you can get, right?).

With your data, virtual servers and all of your storage in the cloud, it’s an easy fix to make your infrastructure flex with your needs. Instead of having to buy more servers and bandwidth, it’s a straightforward case of just renting a bit more of the cloud. And if you don’t need it later on, it’s quick and painless to reduce the size of what you need. As a certain meercat likes to say; “Seeemples!”

You want to beef up your data security
There are so many threats to your organisation. You always have to take care that your customer data collection and storage meets GDPR regulations, stay vigilant of potential Gen V cyberattacks, make sure that your ex-employee didn’t walk out with your company projects, there are plenty of things that could possibly go wrong. Not only do these really mess up your day, in only the politest of terms, but they could really cause you harm in the long run, too.

By running your organisation in the cloud, a significant portion of the manual processes that can lead to issues can be avoided. With automated backups, you can be sure that you’ll never have to run around patching up forgotten vulnerabilities and bugs. Having your data on the cloud makes it easier to see what your users are accessing, effectively abolishing the possibility of a user with a nefarious agenda sneaking around behind your back.

Every so often, you’ll change the door code to the office. That’s to secure your building from ex-employees who, let’s face it, have no business popping in anymore. It’s the same principle with your data. Chances are, you haven’t done anything to give them a reason to want revenge, but since they have no business rummaging around your secure files you want to make sure that they can’t. And that’s a simple thing to do with cloud, giving you the over-arching control over your users, without impeaching their self-governance.

Looking at a cloud adoption from afar can make the whole thing seem like an impossible task. When it comes to moving everything from on-premises to the cloud smoothly, while also keeping your business up and running with no disruptions, it’s akin to having your cake and eating it. At Cetus, we’ve been doing this for a while, and we’ve built a team of experts that has coordinated many a cloud project from start to finish. We’ve partnered up with Citrix and Microsoft Azure, the experts in cloud, to design, build and manage your cloud deployments. Speaking of Citrix, our Cetus experts will be attending the partner-only Summit event. We’re expecting to hear plenty about cloud migration and reducing IT costs, and we’ll be talking about it for the rest of the year so make sure to keep an eye out on our events page to hear all about our upcoming Citrix events! In the meantime, our experts are always on-hand to answer any question you might have (especially if it’s cloud-based!)

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Check Point, IT Solutions, Security, Technology, Uncategorized

Here Phishy, Phishy, Phishy….


3 Comments

A couple of weeks ago, there was a mandatory ‘here’s how to help keep the company from falling prey to cyber attacks’ lecture at Cetus. We all trooped downstairs, cramming into one of our board rooms, mugs clinking and teas sloshing. One of the lovely ladies from Barclays came in to give us a word of warning- or forty- on how to spot nefarious activity and not fall prey to a scam. By the end of it we were all ready to delete our Facebook, Twitter and Instagram accounts, never use an ATM, and I seriously started questioning my role within social media. It was quite the terrifying afternoon. Between social engineering, ransomware and phishing, it’s a miracle we all aren’t in debt from scammers. But the most terrifying aspect was learning just how prevalent phishing attacks are.

Big ransomware scams make the news constantly- splashed across the news, Sharon from HR standing at the water cooler to share the details in whispers to anyone who passes by- but phishing is the bigger threat here. In reality, a ransomware attack usually only demands several hundreds of pounds from the organisation it invades, while a phishing scam generally scams thousands of pounds from the victim. Not only that, but it’s easier for the cyber criminal to carry out a phishing attack. Now that I’ve given you something short of a heart attack (sorry), let’s turn this around shall we? Here are a few key ways of keeping you off the phisherman’s hook.

Beware of the sender
It doesn’t really matter whether it’s personal or corporate, receiving an email either makes you want to go on an extended holiday or celebrate. At work you’re usually too busy opening and replying in record time to get on with the mountain of tasks that grows with every email. It’s fair to say that you don’t always check who the sender is. I mean, we’re all weary of any Arabian Prince trying to get into contact, but aside from that we’re pretty chill for the most part. If they’ve gone to the trouble of finding your email address (I still can’t figure out how people manage to find me) then chances are they really need to chat, right?

Depending on how much of a nightmare you are in life, you probably won’t know the hacker. So before you jump into your emerging pile of unopened emails, take a quick look. If you suddenly get an email from someone you don’t speak to regularly on the topic of something that you don’t normally think about, be slightly weary. Check the sender’s address- does it look a bit weird? Is there a random ‘0’ instead of an ‘O’? Could that ‘i’ actually be Vietnamese character ‘ỉ’? Is there an extra letter or number in the address that shouldn’t be there? If you see one of these little tricks, bonus points for your great eyesight, and definitely get the email checked out.

‘I get scammed with a little help from my friends’
Did the email check out, but you’re still not 100% sure if you need to detonate your computer immediately to avoid any viruses escaping through the network? Take a quick look at the list of people that received the email. Do you know them? Is it a strange group, ie the sales group being added one name at a time instead of the group link? The cyber criminal might be targeting a large number of people in your organisation, so if you see people on the list that you wouldn’t normally be in contact with, or from a department that has nothing to do with yours, be extra careful.

Bit of a dodgy subject line
Aside from Sharon’s bi-monthly suggestion for drinks in the pub across the way after work on a Monday night, you should really only be getting emails that directly relate to your job function. That is, unless you’re in marketing- we seem to get our noses into plenty of unrelated jobs. If you’re getting emails about things that you know you’re not privy to or they make absolutely no sense to you, don’t open it. If it’s not spam, it’ll be malware. If you do happen to open it (oopsie), check if the email is a reply to one that you didn’t send. Does the message match the subject line? A misalignment of the two should send up an army of red flags. Also, while we all have the office oddball that likes to reply to emails at 3am, is it normal to be receiving this email from this sender at this particular hour?

Attachments and hyperlinks of doom
We’ve all opened random attachments or clicked on hyperlinks that we weren’t quite sure about and sighed with relief when it was just a video of cats acting strangely. We know we shouldn’t, but that curiosity can’t be helped. Besides, it could be important, or cats, after all. A few things to check before you right click; did you expect the attachment? Is it a common file type that you would normally receive? Does it have a weird name, or strange symbols in the file name? If you answer yes to these, maybe don’t open it. It’s quite likely to be malicious.

Not quite what you were expecting?
If you receive an email that contains unsettling, startling or urgent content that requires immediate action on your part, it’s most likely a phishing attack. There have been so many of these popping up recently, panicking the nation. At the moment, a common scam is an email from your bank claiming that your account has been hacked and you need to login straightaway, or even move the rest of your funds to another account. For the Netflix lovers among you, there have also been emails being received saying that billing information needs to be updated. Don’t fall for it. If the email includes a link to login or change account details, be extra weary. Don’t use links, web addresses or phone numbers.

Keeping yourself protected from any cyber crime can be a scary business, but even more so when it’s something you could very well unwillingly stumble into. It takes more than trusting your spam filter to keep yourself safe, having a strong cyber security solution is crucial. We work very closely with Check Point to craft solutions that stand tall against phishing, ransomware bots and all kind of nasties, using their SandBlast advanced endpoint threat prevention. Have a chat with our experts to see how we can whisk some cyber security into your perfect infrastructure solution so that it’s one less thing you need to worry about.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Check Point, IT Solutions, Security, Technology, Uncategorized

Skyscraper: When Cyber Security Goes Wrong


No Comments

It was one of the biggest blockbusters of the summer. Dwayne Johnson’s Skyscraper thriller grossed $304.1 million during the hottest summer in living memory. Honestly, it probably would have made more, but for the fact that half of the UK population was sitting in any available patch of sun with a beer in their hands. I was one of those people, although with fruity cocktails instead. That was when I wasn’t in the office writing witty blog posts on Citrix Workspace, of course. Alas, while I had every intention on going to see the film, I never got around to it. So it was my pleasure, two Saturdays before Christmas, to snuggle in my pjs and pop it on (I lead the most exciting life when I’m not in the office). Well. While it’s action-packed with an interesting futuristic spin, I couldn’t help but spend the whole movie pointing out, sadly to no one in particular (I’m going to have to get a cat), all the various cyber security blunders that Johnson’s character made. Not one to waste my breath, or a good writing idea, I’m going to lay it all out in this blog post so that you can giggle along with me. Before we go any further though, there may be a spoiler or two, you have been warned.

In a nutshell, Johnson plays ex-FBI hostage-negotiator-turned-private-security-expert Will Sawyer, who gets called to Hong Kong in order to assess the security of the world’s tallest skyscraper. The Pearl, 225 stories and a whopping 1,100 metres tall, needs an inspection of the upper residential half before it can be opened to tenants. Since we are, after all, living through the ‘IOT for all of the things!’ revolution, no matter how mundane the appliance, it’s no surprise that the Pearl was built with tech in mind. It’s basically a giant computer, full of safety features and automations that make living and working there slightly more exciting than your average building. We saw absolutely zero evidence of it, but I’m still sure the lights turn on and off by clapping your hands. Anywho, we see Sawyer being given a tablet that controls the entirety of the 225 floors and shooed out of the door to go inspect the offsite security centre that controls the skyscraper. The tablet, obviously, isn’t in his possession for long, as it gets robbed by a group of terrorists who succeed in burning down the $200 billion structure with it. The sad part is, if the IT department had deployed a better cyber security solution, it could all have been avoided. Typical.

Who needs an effective authentication method, am I right?! This was mistake number one. For some incomprehensible reason, the only way of unlocking the tablet that controls the entirety of the building is via facial recognition. That’s it. Sure, in cinematographical terms this looks the best. It’s impressive and futuristic, suave and savvy. It’s every nerd’s dream. And facial recognition as part of multi-factor authentication is really effective. In the blink of an eye, it can analyse billions of tiny little markers on your face to unlock your device. But who on earth would think that it would be enough? For god’s sake, just signing into my Facebook requires my password, mother’s maiden name, list of my three favourite chocolate bars (in order) and the promise of my firstborn. Truth be told, facial recognition alone was irresponsible, and about as effective of protecting all that important data as using ‘1234567’ as a password. Hell, put a photo of Sawyer in front of the camera and that would probably fool it. There are so many effective ways to authenticate identity (I wrote an entire post on it). Why not have a secondary form of authentication, like having a password activate on Sawyer’s smartphone? That would have been clever.

Mistake number two; not informing the IT department of the breach. Err, this should have been the first point of call when Sawyer’s tablet got robbed. Instead, being the idiot that he is, he threw caution to the wind and went running off to save his family. Just one minute on the phone to IT and they could have stopped the disaster that was about to unfold. A good cyber security solution would have removed access to the tablet in a couple of clicks, rendering the terrorists’ efforts moot. In fact, it would have taken no time at all to wipe the data clean from the device, essentially turning it into an expensive, albeit sleek-looking, paperweight. It does echo a current issue facing organisations in terms of cyber security; the majority of security breaches come from employees who, inadvertently or not, allow the threat to infiltrate the network. This can happen from clicking on a dodgy link in an email (it’s sadly not a video of cats acting strangely)- in fact, phishing attacks are more prevalent and more likely to scam large sums of money from an organisation. Realistically, in this situation, Sawyer seriously neglected his responsibility to inform the IT department. While he undoubtedly performed some incredible gymnastics and it was thoroughly enjoyable to watch, I would have loved to hear his rationale when all was said and done. I doubt he’d be hired to assess the security of a paper bag after that!

The moral of this story is, and I’m sure it’s what director Rawson Marshall Thurber wanted to portray; don’t let your organisation become the Pearl and burn down to the ground- make sure your cyber security solution ticks all the boxes. We work closely with Check Point to incorporate secure technology into our solutions, effectively avoiding the risks that we saw Sawyer facing in the film, and many more besides. Have a chat with our cyber security solution experts here at Cetus, and in the meantime book yourself in for one of our complimentary security posture reviews!

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Citrix, Cloud, IT Solutions, Technology, Uncategorized

The Citrix ‘Virtual Workspace’ Vision: What Have We Achieved?


No Comments

I don’t remember ever not having a computer at home. When my brother and I were little, somewhere in the rolling Irish countryside, that was technology; messing around in Paint for hours, until we were old enough to graduate to Tomb Raider (on keyboard) and whatever game demos my Dad got with his monthly PC Live subscription. If we were allowed to use the printer (that was a rare treat), we’d spend hours in Word making posters for our room, trying out every single option in WordArt and agonising over what colours we’d use- which would have absolutely no significance whatsoever since it printed in black and white exclusively. Then, as early teens, we got second-hand laptops to mess around in PowerPoint (I once did an amazing presentation on the benefits of having an allowance for my rabbit Poppy, graphics and all), and flex our creative writing muscles in Word. Back then, floppy disks were king (I still have some knocking about, storing god only knows what). Hell, I remember being 16 when my Mum bought my Dad a brand-new printer for his birthday; a super cool one that printed in colour and scanned documents and photocopied and printed wirelessly. It was amazing to have all of those features in one small device that was affordable for a modest family. And that was only in 2010!

For most of us, that was the reality until quite recently. Technology was just a cool little add-on, the ability to type out a document instead of writing it by hand, playing two-player videogames using only a single keyboard and mouse, being able to email Granny across the country- regardless of whether she’d remember how to access it or not. It was fun, but it wasn’t particularly useful. The workplace was the exact same (so I’m told); visiting the dusty clock-in machine at 9am, tapping away at an even dustier computer half the size of the desk, emailing people sitting just across from you, and finally kissing the clock-in machine goodbye at 5pm.

Last month was our Cetus Summit, a day of celebrating the achievements of the year just gone and anticipating how we can be even bigger and better in the year ahead. As part of the morning presentations, we had several vendors come and talk to us. One of those vendors was Citrix. For half an hour, they analysed a Citrix video from way back in 2001 that predicted the power and capabilities of a future workspace (if you want, you can find it here). It’s crazy to think that in 2001 we were still so behind on lots of techie features and gadgets that we couldn’t possibly imagine working without now. Anyway, since I’m betting you weren’t at that presentation, I’ve decided to do a bit of an analysis myself of Citrix Workspaces 2001 vs 2018 this week.

In the current future that Citrix had imagined (does that even make sense?), things are very 90s. Someone clearly didn’t get the memo about the segways, ripped jeans and I’d say fannypacks are the only thing from the 90s that we’d still see today (and they’re still a crime against fashion). Honestly, of all the changes since 2001, not wearing those god-awful suits is probably the best advancement. That and the awful Mercedes he drives- I swear, it’s the kind of car a drug kingpin would drive in the mid-90s. The scene is set; our protagonist, Jim, is evidently a high-flying business man, with a fancy office and no doubt an assistant. It’s the end of a workday and he’s particularly chirpy, but it’s not a Friday, so it must be a relaxed week at the office. Apparently it’s his anniversary as well, so that could be a contributing factor.

Telling no one in particular that he’s leaving work early (probably that assistant), he grabs his fancy PalmPilot-looking device and walks away, while his workspace gets transferred from his PC. Accessing your desktop via whatever device you choose is something that almost comes automatically in a virtual workspace in 2018. Indeed, Citrix Workspace makes it incredibly easy to access all of your apps, data and desktop, regardless of what kind of device. Move between your PC, home laptop, mobile or tablet, all thanks to your workspace. Getting into that God-awful Mercedes, our chirpy Jim is safety-first and pops his PalmPilot-mobile hybrid into its hands-free holder. Ever security-conscious, he accesses his device by using a fingerprint scanner. I’ve already covered multi-factor authentication (and how I feel about fingerprint scanners), and it’s no surprise that the Citrix vision of the future included biometric sign-on.

In any organisation, the ability for secure content collaboration is crucial. Jim clearly works for a huge multi-national company. On his way home, he gets a call from a colleague on the other side of the country. Some hiccup in a big deal means that he needs to try and make things happen before he can go for dinner. To fix the issue and speed the deal along, he needs to organise a conference call with colleagues in Seattle and Tokyo. Using his Citrix Workspace, he can securely call these different locations, while presenting and collaborating on documents in real time. It’s easy enough to transfer the conference call from Jim’s phone to his huge monitor- just the case of pointing his PalmPilot-thing at the screen and hey presto. I’m sure in 2001, this would have been a bizarre concept. Who would be too lazy to just turn the thing on? Nowadays, we don’t have the time to faff around with logins and transferring conference calls. With Citrix Workspace, this is a nifty little feature that’s sure to wow any newbies starting out, or even the CIO of a high-stakes partner. Honestly, try it out, you’d look terribly high-tech. Eventually Sharon, in Denver, fizzles in to add her expertise. Apparently she doesn’t have the same security clearances as the other three (is it the accent?), so Jim sets her a more limited visibility she has of the documents being collaborated on. This is also a pretty common feature of Citrix Workspace, but it covers far more than just a conference call. From a single network point, your IT department has access to, and can manage, every one of your users. That gives them the flexibility to automatically grant every user with unique levels of clearance depending on their job necessities. Sharon in HR doesn’t really need to know what’s going on in boardroom meetings, now does she?

During the conference call, they get interrupted by a failure. Now, here’s where Citrix were a tad bit off in their predictions for today’s technology. In the video, Jim can hear his colleagues as they question the foreboding ‘Switching to backup data centre’ flickering on the screen for a moment or two, before the rather more cheerful ‘Backup now active’ signals the return of the call. It’s not the case now that a failure would cut the call instantly until the WAN came back to life- thanks to SD-WAN, a failure of any kind would not even be noticed, simply switching to the secondary system component. In today’s workspace, Jim and his colleagues wouldn’t be the wiser, with zero stalling, pausing or loss of quality to signal the switch.

A lot was covered in that short seven-minute video. But it’s clear that in 2001 Citrix had a vision. It was a vision of revolutionising the workspace to make it bigger and better than ever before (and keep ill-fitting suits in fashion). And it’s a vision that continues to look to the future in order to start making advances towards it now. Here at Cetus, we’re big believers in the Citrix vision. So much so that we’re one of the few Citrix Platinum Partners in the UK. We believe that Citrix is the future of the workplace, and we want to work with you to unlock those possibilities. Our experts are Citrix-centric, so click over here to have a chat and see what Citrix Workspace can do for you.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Check Point, Cloud, IT Solutions, Security, Technology, Uncategorized

The Cyber Security Threats You Need to Plan for in 2019


No Comments

It’s that time of year again; time to be weary of scary things jumping out on your screen when you’re least expecting it, of monsters following you into your dreams and escaping from your [data] closet. I’m referring, of course, to National Cyber Security Month, the month to take extra care when it comes to protecting your organisation from cyber-gremlins. And I’m sure you’ve been hearing about it non-stop for the last three weeks; participating in the office games, including ‘bobbing for malware’, ‘pin the data on the phishing attempt’ and ‘pass the ransomware’. All party classics. Regardless, it’s an important issue that gets pushed to the side all too often throughout the year. So now is the time to make that extra bit of effort to make sure that you’re protected should the Big Bad Cyber-attack knock on your door (or make you realise just how badly your straw house was lacking).

To switch things up a bit, I thought it would be clever to start thinking about what lies ahead, when the dark, cold nights and endless Christmas parties make way for snow in April. Now is a good time to start planning for 2019, and what the cyber landscape might look like next year. I’ve dusted off my crystal ball and called upon the spirit of Google to tell me exactly what cyber security threats we’re most likely to hear about next year. So buckle up, take notes, and be prepared to impress your boss with your savvy goal-setting ambitions. You’re welcome in advance.

It seems like the world spent the entirety of 2018 running around trying to put out phishing fires. Unless you live under a rock, or are lucky enough to spend your days on a wifi-less beach, you can’t have missed the crazy number of phishing attacks that were publicised. Every second cyber security article had details of attacks and startling statistics (76% of businesses reported being a victim of an attack in 2018 so far). Alas, while phishing has been around since 1980, it has just been ramping up in popularity and severity over the last year or so. When it comes to internal threats, it’s by far the easiest way to get access to sensitive information. According to a Verizon report, 30% of phishing attacks get opened by American users, with 12% of those targeted by the emails clicking on the infected links or attachments. The element of human error makes it that much more appealing. Unfortunately, the only solution to phishing (for the time being anyway) is to train your users to be extra vigilant when opening emails from external sources, and make sure your spam filters are extra strong.

Here’s an interesting (albeit worrying) one; your new smartphone being compromised before it even gets in your hands. Malware is another one of those evil little buggers that can really cause trouble if you’re not very careful. Like phishing, it’s becoming a prevalent part of the internet landscape that users have to be wary about, kind of like not playing in traffic and eating your vegetables. In a society where being always-on is a necessity, mobile phones have become replacements for desktop computers. Think about it, what do you store or have access to on your laptop that you don’t on your phone? The data your phone collects on a daily basis is a very attractive target for cybercriminals. But the modern cybercriminal doesn’t have to stand on a street corner and ‘accidentally’ bump against you to steal your mobile, and ergo your data. Apps are an easy hands-free way to bypass security measures and cause trouble without even clicking on a malicious link. There have even been reports of smartphones leaving the factory floor with malware built in! This malware, called Cosiloon, can send users to download dodgy apps that they didn’t intend on accessing. The app is passive, only visible to the user in the settings section, but then connects with a website to grab the payloads that hackers want to install on the phone.

Speaking of phones, surprise, surprise; cryptocurrency is going to continue to be a massive deal in 2019. And since it is, the dollar signs in the eyes of hackers are getting even bigger. Cryptomining was a new trend for 2018, but without a doubt will gain traction during the next year. Uber-clever cybercriminals infect machines to commandeer their CPU power and steal Bitcoin. What we will most likely see in 2019 is the rise of cryptomining through mobile devices. Since cybercriminals need the infected device to be running to access the processing power, it only makes sense for them to move onto always-on mobile devices. Clever, huh? Many hackers simply create useful and legitimate apps, such as calculators, music videos or voice recording technology, and then embed a script that allows the cryptomining plugin to work silently in the background (don’t start getting any ideas). Since the nature of mobile is to simply make everything so damn complicated and finicky, you probably wouldn’t even notice the extra tab on your browser. The only thing that would indicate that you were a potential victim would be the quick-draining battery. But let’s face it, how often would you attribute awful battery life to a hacker, rather than just having an older phone? “You’d need terrible mobile security!” you might guffaw, pitying the idiot commoner that wouldn’t think of protecting their mobile devices (oops, that would be me). Alas, cryptomining doesn’t technically compromise the security of the device, as it doesn’t bypass security systems or install any rogue software. If you think you’re being clever by installing app-only or endpoint-based security solutions, you won’t be the one laughing (I don’t feel so bad then).

CheckPoint’s SandBlast Mobile is one fabulous piece of software that can and will protect your mobile devices. It protects users from threats to the OS, apps and network, and boasts the industry’s highest threat catch rate. Zero-day malware, using a software vulnerability for which there isn’t any available fix or defence at the moment, is being created and released onto unsuspecting victims every day. SandBlast Mobile blocks zero-day malware (I think it’s magic, actually), and prevents phishing on your apps. If you’re worried about infected devices accessing corporate data, it will intuitively block the device, while also blocking infected devices from sending on sensitive data to botnets. Possibly the most innovative feature of SandBlast Mobile is how it mitigates threats without having to rely on a management platform, which means that you’re protected even when you might not be on the ball (mobile attacks can also happen after late nights- you can’t have Spidey senses all the time!). Regardless of what you do or access on your mobile, if you work from your phone- even if it’s just to reply to emails- SandBlast Mobile is the all-encompassing solution for you. Well then, we can pretty much strike off two of those potential 2019 issues with just one technology!

We’re all for embracing the future here at Cetus. There is so much to look forward to, and so many awesome new technologies- both malicious and not- that will come about, regardless of how well you try to prepare. Working with CheckPoint, we feel reassured that our cyber security is covered, regardless of time, place or device. If you’re interested in what our experts have to say about all the cool things that CheckPoint offer, you can have a chat with them with here. And don’t forget to tell us what you think; what will 2019 have to offer by way of cyber security threats?

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, IT Solutions, Security, Technology, Uncategorized

Improving your Network Security; it Doesn’t Have to be a Scary Business


No Comments

It’s finally October! Time for the quintessential Pumpkin Spice Latté from Starbucks, complaining about the sudden early evenings and frantic last-minute costume shopping for the office Halloween party. It also happens to be International Cyber Security Month; a friendly reminder to take extra care when it comes to your cyber security, lest a cyber-Dracula should invade and exsanguinate you of all of your rich, iron-filled data. Here at Cetus, we’re always up for a bit of spooky fun, but when it comes to security we’re serious. This week, in honour of Anti-Malware,-Ransomware,-Phishing,-And-All-Things-Evil Month (it’s original title wasn’t quite catchy enough), I’m going to try and make improving your network security a little bit more fun. I’m only 125 words in, so there can be no promises.

Along with an effective cyber security policy, creating a plan in the case of a cyber-attack, using micro-segmentation to minimise the damage of said cyber-attack, making sure that you have ample backups in place to maintain your business after a cyber-attack, and many, many more stress-inducing topics for you to worry about, making sure your network security is up to scratch is also crucial for your business. (If you’re looking at that list and wondering what on earth you’ve been missing, they all link to delightfully hilarious posts that will alleviate all of your fears.) Your network is the glue that holds the entirety of your organisation together. Or, in this instance, it’s the stitching that holds the body parts of your Frankenstein Monster of an organisation in place. Ever try sharing a digital document with Stacy from HR in the next building without a network? It would be faster to train a carrier pigeon to knock on her window- but that wouldn’t be without the risk of interception. Or practise morse code- unless Stacy is on the other side of the building. If you’re lucky enough to be by a window directly across from her, there’s always the option of folding up a paper airplane or, my favourite, using a tin can telephone. And those are all well and good, but what about if Stacy’s office is in another country- or continent? An ultra-sophisticated, time-locked carrier pigeon is the only way to go. Unless you have a secure network, that is.

But ‘pub tonight?’ emails aren’t the only things your network adds to your business (though it might be one of the most important ones). Think of all of the many files that are stored on your organisation’s shared network drive, and all of the instances you need to access one. Last-minute edits to the document that your sleepy, unsupervised intern prepared for your board meeting? Holiday request form? I guarantee you, you pop in there at least once a day to spend half an hour looking for a document someone else created. Without your network, you’d be a building of USBs wandering around the office. Your extremely helpful Outlook calendar that allows you to own the time of your colleagues (but also allows them to rule over yours) is thanks to your secure network, too. Want to work in a café/building site/park bench (near a Wi-Fi source; it’s not that magical)/car park? Feel free to use whatever open Wi-Fi network you want without the worry of a cyber-creep stealing all of your organisation’s secrets. And a lack of network security cost UK small businesses a collective, but nevertheless horrific, £11bn in 2016. So, how do you take care of your Frankenstein Monster?

If your network is Frankenstein Monster’s stitching, then a healthy network security policy is the age-defying, pollution-barrier moisturiser that keeps everything supple. A clear, simple and comprehensive network policy makes everything work smoothly. All it takes is a written document that outlines user policies; who is allowed to access the network, what privileges and limitations do they have, etc. There’s no point letting just anyone who happens to be working for the organisation into every file; unless you’re sending her paper airplanes, Stacy from HR shouldn’t be included in the notes of the main board meeting. A good risk assessment test, identifying important data sets and creating a disaster recovery plan is all that is needed to make sure your network security policy is ready to go! It’s also a good idea to organise drills within your IT department to make sure that the new implementations have been well received by your users, and to identify if they need further training.

A lot of organisations do well to make sure that their network is safe, by investing in the most expensive, most sophisticated and most snazzy infrastructure to keep the outside out. However, where they fail is usually keeping the ‘snazzy’ up to date. We already know that loopholes from unpatched networks can cause some serious security breaches (WannaCry, anyone?), so it’s crucial that your IT department acts on whatever updates may come about. If, for example, Frankenstein’s Monster were to lose a finger or nose, you wouldn’t leave it be, right? So, patch, patch, patch. Speaking of, bad passwords are like skin erosion. Let that fester and it won’t take long until the bad outside germs (cyber threats, in this example) pierce through and infect the entire body. In the age of Gen-V cyber-attacks, it’s important that your password policy is up to the security demands of your organisation. Maybe think about multi-factor authentication? I’ve already written loads on that, but to make it brief, think about making passwords expire every 60 to 90 days, just to be safe.

It’s time to don your favourite lab coat and get into your Dr Frankenstein head space, because now we’re talking about auditing and mapping. Place your monster on the slab and open him up! Know everything about your entire network’s infrastructure; what servers, printers, computers, devices and users are connected? How to they connect, and how do they maintain their connectivity throughout the network? Look for vulnerabilities that could end up causing you trouble in the long run. Keep an eye out for ways you could improve security, performance and reliability. Basically, see if you can replace a few weakened patches of skin with some robust tin and give it a zap to bring it to life.

Last but not least, Dr Frankenstein would hardly have created his monster without making sure he had plenty of backup arms and legs, just in case. And neither should you. Chances are, a hacker will find their way into your system. Which sounds a whole lot less scary if you’ve already read all about micro-segmentation and you’re compartmentalising your network. Regardless, it would be best to make sure you’ll never be caught out if it were to happen. As always, we’ve got you sorted, since we always take backup seriously.

IT’S ALIVE! Now that we have all of that sorted (that wasn’t as torturous as you’d thought, was it?), we’d love to hear what you think. Is Frankenstein’s Monster the best monster comparison of your network? Have you suddenly realised that maybe you need to take another quick look into your security? Have a Halloweeny chat with our experts to see what we can do for you, and decide what you’re going to dress up as this year.

Speak to an expert

Speaking of, I’ve finally decided on my costume for the office party; Cyber-Dracula. Sorted.

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, IT Solutions, News, Technology, Uncategorized

instrato or Lexus?


1 Comment

Toyota is the world’s second largest automotive manufacturer, and in 2017 was standing as the fifth largest global company by revenue. So why did such a successful company create another totally new brand – Lexus, in a highly saturated and ultra-competitive marketplace?

Lexus was an idea from the Japanese car manufacturer, not to enter a new diverse market sector, but to show the world just how good they are at manufacturing high-quality vehicles, appealing to both existing and new customers alike. They believed they needed a fresh, more relevant brand which was built on their already trusted and proven heritage, a brand which appealed to a wider audience with perhaps a different use case. Strangely, many didn’t regard Toyota as a world-leading brand, so this perception had to change.

Toyota responded to their customers, bringing together many years of success, quality, experience and proven customer satisfaction in an exciting, new, forward-thinking premium brand.

We live in the Cloud-era; not a day goes by without the word Cloud in whatever context. We see large multi-national vendors placing their ‘cloud-bets’ with their entire reputation. I guess if they are, well it must be good, right?! I’d rather test such a theory, so we did and have been for several years… We’ve also seen a flurry of the new kids on the block, ‘born in the cloud’ they say! Such organisations claiming to harness the power of the public cloud, yet with limited experience and actual solution design heritage. Why would an organisation place all their commercial eggs in a basket of hope?!

Here at Cetus, we have been designing, building, implementing and supporting infrastructure solutions for almost twenty years and haven’t times changed eh, especially in our industry?! Cetus adopted Cloud strategies many years ago and have successfully built and run our own private cloud platform – Continuum C3 for over six years now for our customers; the public cloud providers were not the appropriate choice for this, not back then anyway, but watch this space…

Microsoft Azure, Amazon AWS and Google Cloud are the alleged leaders today, the weapons of choice one may say.

As a true Solutions-House, Cetus actively respond to customers challenges and market forces, and we too must place our bets! Our solution stack is so, by design, a well-developed and focused set of products and solutions to drive business outcomes and address real business challenges. Enter stage right, the Public Cloud to our strategic catalogue and its time to refresh our thoughts!

Instrato is Cetus’s new fresh and relevant approach in the journey to the Cloud, ‘on-point’ and developed with a focused set of technologies, capitalising and leveraging Cloud Infrastructure combined with Cetus’s experienced 17-year heritage in delivering successful customer solutions. Cetus have delivered successful public cloud projects which, combined with the Cetus Team’s knowledge and experience, set us apart from many ‘new to the cloud’ organisations. “Real, proven and trusted experience is hard to find…” states a valued Cetus customer.

Instrato redefines Cetus’s approach to your journey to the cloud and the ultimate goal of SaaS. Instrato is a compelling set of technologies and solutions which, akin to Cetus, deliver on our proven experience and knowledge to assist customers into the world of the cloud. “We’re proudly letting the market know we have deep and unparalleled experience in the world of cloud computing, combining our years of infrastructure solution success to deliver to our customers” says Colleen O’Brien, Head of Marketing at Cetus.

So here we have it!
Instrato builds on our heritage and experience of listening to customers, designing successful solutions and delivering business outcomes by adopting and integrating Cloud and SaaS technologies! Experience counts…

This is a strange blog for me, this time I am discussing and marketing a fresh, new and exciting brand, Instrato, but just think about that should you step into a Lexus; it may be new but its built-on years of experience and proven success, wouldn’t you want that underpinning your business decisions in such a competitive world?
C’mon in instrato!
Find out more at hello@instrato.co.uk and visit www.instrato.co.uk

Mike.pngMike English – Managing Director
Since forming Cetus in 2001, Mike drives change and development to ensure Cetus empower and deliver real value to our customers, enabling successful business outcomes.

 

Blog, GDPR, Security, Technology, Uncategorized

Is The Password Dead?


2 Comments

My boyfriend was amazing me last weekend when he showed me how he could unlock his brand-new Google Pixel 2 using just his voice. I was seriously impressed until he laughed and showed me the index scanner on the back that actually unlocked it. To be honest, it’s a perfectly useless piece of hardware since I know his pin code anyway. Which isn’t much of a win- I just get full access to the albums upon albums of stupid memes that he stores for later consumption.

These days, it seems as though you’d need to live and work in the Pentagon to keep your data safe. And even then, you’d probably be safer by having a photographic memory and never writing or typing anything. Ever. For the entirety of your life- and chances are, you’ve ballsed that one up already, right? If not, there you go, cyber security problem solved. You can tell that annoying antivirus update pop-up reminder where to stick it because you JUST DON’T NEED IT. However, if you don’t have the privilege of a) living in the Pentagon or b) having a photographic memory, then keeping your data safe can be a smidge harder (and I’m betting that’s most of us). Back in the old days of computers and the internet, simple passwords were enough to keep sensitive data safe. Nowadays, the opportunities for cyber criminals to exploit this information are too good for these less-than-moral people to miss out on.

But, as with the Google Pixel 2, we’re quickly catching on to the fact that a simple password or pin number isn’t enough, especially when it comes to our accounts online. According to password management company Dashlane, a single email address can be registered to a whopping 130 passwords. This tells us that some people either have too much time on their hands or a terrible memory, or both. Let’s be honest, when we have a password that we can remember, has a capital letter, a special character AND contains more than eight letters, we all use the same one for the random things around the web. Deliveroo, Amazon, Tesco Delivery; so many things are online now and they all require an account. And it’s not much better in the workplace. ‘For security purposes’, passwords get changed every three months or so at work, but it’s just a case of using a particular word and going up the number line each time we get that annoying notification. I am definitely guilty of this (I wait until the absolute last minute to message around to all of our IT support techies to get it changed. So they all end up knowing my new password. I like to call it ‘herd immunity’). And 42% of workers admit to sharing their passwords with co-workers. So, in the age of GRPR and a heightened awareness of cybercrime, we have to ask ourselves; is the password dead?

A recent Verizon report states that two thirds of data breaches are caused by stolen passwords or misused credentials. So basically human error. And it’s not like we can remove that problem until AI progresses enough to create robots that can do the work for us- wouldn’t that be convenient? Maybe robots are the answer, but not in the short term.

Passwords are a lot like mayonnaise. You wouldn’t consume it on its own (or at least not more than a tablespoonful or two straight from the jar at a time), but it’s a nice little addition to a dish. So what would be the ‘piece de resistance’? We have biometrics that are starting to become popular. Even I managed to fall into the ‘high tech’ phenomenon of having a thumb scanner on my ancient iPhone. And how many times has NatWest bothered me about getting their banking app? “It’s so much safer!” they say. “I don’t trust mobile devices!” I scream back. “WE’VE NEVER HAD A SECURITY BREACH!” they holler. “I WILL NOT BELIEVE IT!” I finish. I’m paraphrasing, of course, the conversation I had with my, considerably older, banking agent. Shocked that a twenty-something would have so little faith in technology, he took out his fancy phone to show me. Needless to say, I won that argument. As it was, it took me a while to get into the idea of biometrics. Realistically, all it takes is some criminal genius to sever your finger to access your bank account. I don’t know about you, but having someone steal my money after stealing my thumb is, quite literally, adding insult to injury.

So what about removing the password altogether? I’m not suggesting we scrap the whole thing, of course. But multi-factor authentication has become something of interest recently. Microsoft shocked the world in May when they announced in a blog post that they were trying to rid the world of passwords for good. Promising a future where end users will never have to deal with passwords while also vowing that user credentials will never be ‘cracked, breached or phished’ seems too good to be true. But apparently, with 47 million users worldwide, Windows Hello is very much a thing. And it only needs one authentication method; facial recognition (luckily, you’re slightly less likely of having your face severed), fingerprint or retina scan. If you are absolutely adamant that fingerprint scan is the way you want to go, you can buy a tiny little USB device to plug into your laptop, a bit like the connection bit of a wireless keyboard. I’ve said it before, but starting my day like Tom Cruise in Minority Report sounds pretty cool. I might just start getting out of bed at the first alarm every morning. My ultimate favourite feature of Windows Hello is Dynamic Lock. It’s a fancy name for something pretty simple; essentially, your computer detects when you’re out of reach and automatically locks itself. And by ‘you’, I mean your phone. So you’ll never have to worry about fire drills, emergency pee breaks, or having your laptop stolen out of the window by sleuths with fishing rods. True peace of mind.

What makes Windows Hello so secure? If you use facial or fingerprint recognition, Microsoft does not transfer the raw data over the internet. So that’s already a huge chunk of potential Mission Impossible criminals who won’t be able to make latex copies to break in. Apparently, Microsoft doesn’t even store the raw data, creating a digital abstraction instead that can only be interpreted with a machine. And what user information does get transferred across the internet gets encrypted to almost-Pentagon standards. And all you need is the Windows 10 Anniversary Update- easy!

So, what do you think? Will you be chucking that little black notebook full of usernames and passwords? (Maybe burn it instead) Or will you insist on keeping the same password you’ve used since you had to put your social media profiles on private? Either way, you might be interested in hearing what our experts can do for you.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.