Planet IT Security Blog | The best Cybersecurity blog in Oxfordshire

The latest Cybersecurity news, tips and trends

Email Security – The biggest scope for an attack

October 21, 2020/in Education, IT Security, Software /by Barry OBrien

There is no bigger scope for attack on your organisation than e-mail.

We all use it. We all have stacks of it. And we have all fallen for some gimmick or promise. Or not even that, spoofing, where you thought Stuart in Product Development was genuinely asking you out for dinner and so needing you to send back you phone number! Only to then get inundated with phone calls as you’ve given your number out to the bad guys. (Yes, ready meal for one coming up).

Our very own dreamboat Adrian Sweeney was spoofed recently (thankfully, we’ve done our training!)”.

There is no off switch. I wish there was. It’s my most asked about security concern, and so it should be!

Even the Mimecasts or Barracudas of this world can’t catch everything, it’s a constant game of cat and mouse, and sometimes the mouse wins!

What WILL help against this constant barrage of spam, is Email protection. (It is scary how many companies out there still don’t have ANY). And in fact, if you don’t have it, you are either crazy or bonkers. There are SO many vendors out there. Ones I like, Mimecast, Barracuda and Censornet, (less known but works well).

And……..

So you’ve got the security guards checking the e-mails, if your names not down, you’re not coming in……Well what happens if it still gets in?

Yes – This big cost you have just forked out has still let spam in. As mentioned before the mouse won….

A solution – Simulated fishing campaigns… One company name that stands out for me on this one, market leader KnowBe4.

It’s easy to use and set-up, and you can safely send simulated email phishing attacks to your staff AND if they fail, they get sent the correct training to help them not do it again.

It’s easy to keep track of who is having issues, and it helps you tailor the campaigns to better suit the business you run. This only helps you get the best from the product.

Sorry, that one went a bit salesy. But only because it’s important and we can help you. If you would like a proof of concept at no charge, or discuss how Planet can just take care of all this for you contact: [email protected]

macOS the big change with Big Sur

October 8, 2020/in IT Security, Latest Tech, Software /by James Dell

About a month ago I wrote an article ” This might sound controversial, but resist that big MacOS update, for now!” In that article I warned about the changes that Apple where bringing to the operating system of macOS with the move from 10.15 to 11, one of the biggest of these is the removal of direct access to the system kernel.

While from a purely security centric point of view this sounds like a great idea, as you are restricting the ability of any software to jump onto the system and access machine changing instructions, it poses a serious implication to the world of vendor support for macOS.

At the time I warned of this impending change, however when writing that article, it was difficult to really clarify how big an impact Big Sur was going to have on 3rd Party software. However, in the last few days it is starting to become a lot clearer.

Since initially testing the Beta on a development machine, as we do every year at Planet IT to ensure we can successful support for our client’s businesses, we initially noticed that a number of software products stopped;

Antivirus
Encryption Management software
Virtualisation Applications
Container Applications
And the list goes on….

When this initially happened, as an Authorised Apple Reseller, we were already a few weeks into testing, ahead of the companies who make the software

Because of this, when writing my previous article warning of the risk, I wasn’t too harsh on any single software vendor, just in case they got their act together and updated the software to move from direct kernel access to the now Apple approved API access.

Late last week along with many customers I received the below from Sophos;

“Dear Sophos Customer/Partner,

Please note that the current version of Sophos SafeGuard is not compatible with the upcoming release of Apple macOS 11 (Big Sur) and will not function correctly. We strongly recommend that customers do not upgrade any macOS clients running Sophos SafeGuard to macOS 11 (Big Sur) at this point. Doing so may have undesirable effects including:

1.

Device Encryption – SafeGuard may in some cases not be able to retrieve FileVault recovery keys, meaning that machines might not be recovered if users forget their password

2.

File Encryption – SafeGuard may in some cases not be able to encrypt and decrypt files transparently. Please note that no data is at risk of being lost as manual encryption and decryption of files will still be available

We intend to issue a Service Release of Sophos SafeGuard that will resolve these incompatibilities. In the meantime, we recommend you do not upgrade the operating system and wait for this Service Release instead.

For the latest information, please see this article. This article will be regularly updated with the latest information.

Best Regards,

Your Sophos Team

This began to answer a question that had been burning in my mind, are these vendors ready?

The answer is no!

Sophos is not alone in having issues with macOS 11, but they are, to their credit, the first to publicly admit it. Their suggested action is to not upgrade to macOS 11 Big Sur when it becomes publicly available (expected in the next 10 days), however that is easier said than done as Apple will force you to update with-in a matter of weeks anyway.

We expect to see a number of issues with additional software as a wider group of user uptakes the new software and unfortunately this year more than ever software vendors are slow to resolve the issues and adjust to the new way of working.

So our advice remains simple, HOLD OFF!

I know we usually recommend keeping all devices up to date, but please don’t rush to upgrade your device this time. If you use it for work in any way, you are going to want to stay on the latest secure update of 10.15 MacOS Catalina for a while.

As with this update we are going to continue to monitor the situation and we will let you know as soon as it’s safe to make the jump and we hope to publish a granular list of unsupported major applications as soon as the public release of Big Sur occurs.

We know this goes against the usual advice you might hear from us or other IT experts, so in the meantime if you would like to discuss with myself or any of the highly skilled team here at Planet IT about how to keep your business operating, secure and safe in the changing world of the Mac you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : [email protected]

Talk to the rest of the team – Call 01235 433900 or Email : [email protected]

How to spot Phishing and prevent being a victim

July 14, 2020/in IT Security, Uncategorized /by Simon Williams

The Coronavirus pandemic and the resulting changes in the way we now work and live has lead to a feeding frenzy among Cybercriminals.

Phishing attacks have ramped-up by over 667% in March alone and scammers are finding more and more creative ways to prey on vulnerable victims.

In the UK, we have all received a text from the NHS or government, urging us to follow the guidelines, stay home and stay safe. Many of us have also received a very similar text or email, telling us exactly the same, but with a suspicious link promising a monetary rebate or extra tips on how to stay protected. If you’re reading this, you already know what I’m going to tell you – this is a scam and somewhere there’s a hacker attempting to steal from you.

But how do you spot these threats? How can you be sure what is genuine or what is a scam?

I’ve put together some pointers for you to help spot the warning signs.

1. If there is ANY uncertainty, don’t open.

If it’s that urgent, they will chase you. If it’s genuine, you will either be expecting the email or message to arrive. You’ll also get a reminder or a phone call from the real person or organisation when they don’t hear from you. If you don’t, and you still think it might be genuine. Go to their website, find their contact phone number and call to ask

2. Sounds too good to be true, it probably is.

Come on… be real… nobody wants to just give you free money. And you didn’t enter a competition to win a Ferrari, so why would you think that you’ve won one? Be sensible and think if it could be someone trying to take advantage you.

3. Looks legitimate? Check the details

Look at the senders name, their e-mail address and any links. It’s easy to change a letter to a number. My email address for example; [email protected] could be changed to [email protected] (1 instead of l).

Is the email addressed to you? e.g. “Dear Kelly”. Or is it addressed “Dear Client”. If you are a customer, they’ll know your name. If it’s a scam sent to thousands of people, they may use client or customer in place of your name.

Here’s a real world example that’s very relevant at the moment and one that has been received by thousands in the UK over the last few weeks. Many people have had their working circumstances change recently. People are on furlough, small business owners are due grants and many are unlucky enough to find themselves unemployed. There’s a lot of change and it’s confusing to know exactly what you might be due and when. A text like this might be exactly what you’re waiting for.

However, look at the link. Genuine texts from the government come from gov.uk. And their official website for the crisis is: https://www.gov.uk/coronavirus. This text tries to mimic that in some way with https://uk.covid-19.

However they are using this as a subdomain of webdirect.org – not an official website. If you clicked on the link, you would have been redirected to a website that even looks like an official gov.uk website asking for details. This is exactly the thing they do and what you need to look out for. As you become more vigilant, you will get better and better at spotting this.

In general terms, big organisations, banks or the government tend not to include links because they’re told that it’s exactly what hackers will do. They’re more likely to tell you to log into your account, encouraging you to separately go to their website, not linking form an email or text. so if you get an email from your back asking for details and not encouraging you to “Log-on to your online account”, it’s probably a phishing attack.

4. And if you still really want to click it, go directly to the web address instead.

If it’s a link that states it will take you to the WHO website, and you’re interested in seeing what the WHO are saying, go to it yourself by googling WHO, don’t use the link! If it’s important enough for them to email or text, then you’ll be able to find details on their website. Can’t find the details on their website and you still think it’s real – call them using the number on the website.

5. Ask

If all else fails, and you’re still not sure – just ask. My team and I are on the side of the good guys (Yeah I know the bad guys might say that too!). Our careers are based on fighting scammers and helping protect people from being tricked. So if you’re in doubt, or if you think you might already be a victim, give us a call and we’d be more than happy to guide you in the right direction – 01235 433 900 or email [email protected]

The 6 Tech Trends of COVID-19

June 30, 2020/in Backup, Cloud, IT Security, Latest Tech, Uncategorized /by James Dell

Since the start of lockdown in March, the business landscape has dramatically changed, the pull to virtual spaces, new technologies and accelerated upgrade plans. As an IT service provider we have been inundated with requests, projects and new developments, and it now seems the time to look at these changes and talk about the top trends that COVID-19 has brought upon the business world.

1) The office is dead. Long live the virtual space!

February this year feels like a long time ago and for most businesses it was unimaginable that less that 6 months later nearly all businesses would be working from home, with flexible working relying so much on virtual meeting technologies like Zoom, Microsoft Teams and Cisco WebEx – and not to only operate but to socialise, keep in touch and continue to build that company ethos. For some businesses this was a challenge. For others they have adapted and grown with the change. One thing is certain for many senior managers and business owners however: the future looks like one where less people visit the office and more are working from home.

2) Do I really want my servers in my office?

With the trend of moving over to virtual spaces another question that has seen itself thrust into the forefront of IT management is server locales. Previously IT managers and senior management would strive to keep their data close to them, with spaces from corners of offices, cupboards and full-blown data center rooms being constructed, powered and cooled with-in businesses existing spaces. However, when the tables turned and staff where out of the office connecting back to critical data via VPN technology, it became very clear that this set up may not be optimum. As such we have seen a huge increase in business interest for private cloud datacenters like our PlanetCloud service, or customers looking at public cloud or even a hybrid solution. The main driver being to remove that single point of failure and connectivity and drive performance and the ability to work anywhere.

3) The device refresh is here and we need it now.

Just as many businesses where not prepared for the move to virtual working, many where sitting on legacy IT equipment which was either due a refresh this year or the business was trying to extend into 2021, however with the need for equipment that can support your users while working at home it has become critical that they are working on fast, safe and secure devices. As such we have seen many business moving forward their device refreshes opting for Device as a Service offerings which allow them to spread the cost over the term of the product and turns CapEX into OpEX expenditure.

4) Cyber criminals don’t care about pandemics

One thing this pandemic has taught us is that cyber criminals have no morals and they will use any situation to manipulate and scam you. This has never been more apparent. During this crisis phishing attacks have gone up 400% and all of these attacks in some way link back to COVID-19, either posing as HMRC, the WHO or informing you that you have COVID-19 and to ring a premium rate number. The level of villainy and lack of humanity these criminals have never ceases to amaze me and my colleagues in the cyber security world.

This also raises the question of how we protect against these attacks and the honest answer is training. No product will be 100% perfect every time but if you invest in your human firewall then you can overcome the ever changing threat of these criminals and protect your business.

5) Broadband is key, but why is my home wifi so slow?

If like me you have been working from home while your family consume Netflix, Amazon Prime and Disney + . You will have no doubt been dealing with slow connections, overload and sometimes even calls dropping out on Teams, Zoom etc. Well this is for a good reason, aside from the fact the whole broadband infrastructure has been heavily loaded, home broadband circuits are not designed with the same level of protected overhead as business lines. This is in part due to the contention ratios that are allowed on home circuits vs the guaranteed head room on business lines. With this we have seen a number of business purchasing broadband for their staff and having them put into their homes as dedicated business lines, the cost is low and the service is guaranteed. This allowing your family to stream away without effecting your meetings.

6) Board room procrastination has to stop, and businesses need to upgrade, adapt and move forward now.

From experience I know that the boardroom is often where IT projects go to die. Long have the powers that be, procrastinated on an upgrade for it to never see the light of day. This was a common theme in businesses across the U.K with senior management favoring investments elsewhere to IT for their perceived value. In the last 4 months this has changed dramatically with the focus being more on IT now than ever before.

With companies choosing to invest now and heavily, knowing that it iss IT that has kept them operating over the last few months. Directors now realize that technology is critical to the business long term success. We have worked with a number of business who have revived, accelerated or even created IT projects that were previously on the long finger but now urgently brought into a 2020 timeframe on the request of the board.

With all of this said, it is important to remember the positives that we have gained from this experience and the level of transformation this has forced upon businesses, it is by no coincidence that many attribute COVID-19 as the biggest driver of change in their business over, IT managers, CTO and Technical Directors.

The reason for this is simple, businesses have been forced to adapt or disappear from the business world. The importance now is to ride the tsunami of change and not be washed away by it. If you continue to drive forward and innovate you won’t be left behind and you won’t be left vulnerable to cyber criminals and technology weakness that comes from standing still.

If you would like to discuss with myself or any of the 60 IT experts here at Planet IT about how you can better protect your business, should that be with new technology, strategies or even better backups, you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email: [email protected]

Call 01235 433900 or Email: [email protected]

4 Steps to the Perfect Backup Plan

March 31, 2020/in Backup, Cloud, IT Security, Latest Tech /by Michael Davey

Today is World Backup Day, for many it’s a day to be celebrated, but for just as many, it’s a stark reminder of the dark omen that is an uncertain backup environment or plan.

We all know the basics of backup right? The things we all want to achieve

Retention
Redundancy
Recovery

I could happily go on for far longer than any of you would care to read on each of these topics! Today however, I want to talk about the practical elements of making sure your backups and overall disaster recovery plan are the best they can be. Starting with some basic questions.

Are you backing up your whole environment?
Are you running your backups daily?
Are your backups retained for the right amount of time?
Do you take backups off-site?
Are your backup sets fully automated?
Are your backup jobs encrypted?
If you have cloud resources (Office 365, Azure, AWS) are these backed up?

In an ideal world, you would want each of the above to be a confident and resounding YES! However, this is not always the case – we often hear the ill-fated “I don’t know”.

So, what can we do to be certain on the above and confidently rest knowing our backups will be there for us should the worst occur?

Step 1 – Check the List

Firstly, I would start by checking your infrastructure or approach your IT Team to get the answers to the above questions. Understand that if the answer to any of them is no, in this first step, it’s less important to know why, just to understand the position you are currently in. Once you’ve established that, let’s move on to step 2.

Step 2 – Check the Kit

Once you have a firm understanding of your overall backup integrity, it’s time to push past the smoke and mirrors and figure out exactly what you are working with. Check your storage, check your software and make sure it isn’t letting you down. There are so many options available in today’s market, but a quick search of your products and the competition should help you understand if you need to make any changes.

Step 3 – Make your Plan

At this point, you’re either happily relishing in confidence… or you’re not.

If you’re not… bear with me, I promise, we’ve just ripped off the worst of the band-aids and from here… the only way is up. When making your plan, it’s important to work out what you need first, what you want second and then figure out the cost implications (if any) your business will need to work towards. Everyone loves a good deal (or better, a free deal!) but sometimes investment is required to ensure you have the right infrastructure for your plan. When making your plan, make sure you are referencing the list from Step 1 and work out the following:

How long do I want to keep my backups?
What is my off-site storage plan?
Do I have Cloud Resources that need to be backed up?
How efficient do I want my backups to be?
How long can I afford to be offline in the event of a disaster?
How much data can I afford to lose in the event of a disaster?

The answers to these questions will help you to understand how much storage you need, whether you need a cloud or second-site storage plan, if you need high performance equipment and your Recovery Point/Time Objectives. Know that even if the plan is loose, it’s more than you had at Step 1 and it will help you enormously when collaborating with your teams, suppliers and peers to achieve the best outcome.

Step 4 – Reach Out

At this point, we’ve gone from scratching our heads, to having a clear understanding of the potential issues, a goal to aim for and a plan to get there. Now it’s time to reach out.

Speak to your team and your suppliers and get them on board with your plan. From this point forward, you’re taking control of your backup & disaster recovery plan. You’ve worked out what you want to achieve and you’re making it happen. That, or you were happy from Step 1 – either way, grab a coffee and your favourite lockdown biscuit, you’ve earned it!

Remember, if you ever have any questions, just ask. I, or one of the team here at Planet IT, are always happy to be used as a sounding board and can offer our expertise for your specific situation.

Similarly, check out our BDRaaS page for more information

Feel free to reach out to me via LinkedIn or email me at [email protected].

Looking for a technology partner?Let’s talk

Looking for a technology partner?
Let’s talk