The latest in the ever-evolving world of technology

What is Conditional Access, and why is it an essential part of your security posture?

Conditional Access

By now, you should be aware that the modern digital landscape is full of threat actors. That are always looking for any opportunity to find a weakness in a business’s security posture and then leverage this to gain unauthorised access to data for malicious reasons.

To protect against these attacks, we often look at antivirus and anti-ransomware technology and products like MFA or Two-factor authentication. The truth is that MFA is part of much larger protection that can be afforded a system through an approach known as Conditional Access.

How does Conditional Access work?

Conditional Access (CA) is the process of defining entry vectors and criteria; in its most simplistic form, consider CA to be a door that only opens if you are wearing the right clothes, have arrived in the right vehicle, and are holding your ID. In real terms, CA allows a business to define controls around what can be accessed by who, from where and under what circumstances.

I feel that conditional access is an underutilised part of any defence arsenal. This is partly due to a lack of understanding in the IT community about the technology and a misconception about its limitations. These beliefs and options come from a legacy of Software as a Service (SaaS) and on-premises infrastructure being integrated minimally, however with modern SaaS, IaaS, PaaS and on-prem working in a heavily integrated way. Conditional Access allows you to take advantage of the proper protection that can be afforded a system without comprise.

Is it widely used?

All the major SaaS, IaaS and PaaS vendors support conditional access, and an optimum way to deploy the technology is as such.

  • Limit access to login to Geo Locations that are trusted and used by the business
  • Allow internal networks or trusted networks to have fast passed authentication
  • Only allow data access from trusted and complaint enrolled devices
  • Require MFA in any location that is not inside a trusted network
  • Remove support for legacy authentication methods
  • Deploy true Single Sign-on across all platforms and devices
  • Limit access to the data and services a user needs based on the roles of that user
  • Only allow devices that have Antivirus and Anti-ransomware installed and up to date
  • Only enable devices that have the latest operating system updates
  • Integrate all systems into a single platform, use Conditional Access and MFA to protect the whole network, not just cloud services.

By undertaking this approach, you can reduce the attached surface of your infrastructure and protect data while not limiting your staff’s functionality by placing unwanted security barriers in place.

The diagram below shows how the conditional access approach works.

Conditional Access Explained

Conditional Access

Do you think your business could benefit from the technologies of conditional access? Do you want to know more? Then please reach out to a member of the Architecture team at Planet IT via architecture@planet-it.net or call 01235 433900, and we can talk to you about the options available that work with your more comprehensive technologies.

4 Steps to the Perfect Backup Plan

World Backup Day

Today is World Backup Day, for many it’s a day to be celebrated, but for just as many, it’s a stark reminder of the dark omen that is an uncertain backup environment or plan.

We all know the basics of backup right? The things we all want to achieve

  • Retention
  • Redundancy
  • Recovery

I could happily go on for far longer than any of you would care to read on each of these topics!

Today however, I want to talk about the practical elements of making sure your backups and overall disaster recovery plan are the best they can be. Starting with some basic questions.

  • Are you backing up your whole environment?
  • Are you running your backups daily?
  • Are your backups retained for the right amount of time?
  • Do you take backups off-site?
  • Are your backup sets fully automated?
  • Are your backup jobs encrypted?
  • If you have cloud resources (Microsoft 365, Azure, AWS) are these backed up?
Back up servers

In an ideal world, you would want each of the above to be a confident and resounding YES! However, this is not always the case – we often hear the ill-fated “I don’t know”.

So, what can we do to be certain on the above and confidently rest knowing our backups will be there for us should the worst occur?

Step 1 – Check the List 

Firstly, I would start by checking your infrastructure or approach your IT Team to get the answers to the above questions. Understand that if the answer to any of them is no, in this first step, it’s less important to know why, just to understand the position you are currently in. Once you’ve established that, let’s move on to step 2.

Step 2 – Check the Kit 

Once you have a firm understanding of your overall backup integrity, it’s time to push past the smoke and mirrors and figure out exactly what you are working with. Check your storage, check your software and make sure it isn’t letting you down. There are so many options available in today’s market, but a quick search of your products and the competition should help you understand if you need to make any changes.

Step 3 – Make your Plan

At this point, you’re either happily relishing in confidence… or you’re not.

If you’re not… bear with me, I promise, we’ve just ripped off the worst of the band-aids and from here… the only way is up. When making your plan, it’s important to work out what you need first, what you want second and then figure out the cost implications (if any) your business will need to work towards. Everyone loves a good deal (or better, a free deal!) but sometimes investment is required to ensure you have the right infrastructure for your plan. When making your plan, make sure you are referencing the list from Step 1 and work out the following:

  • How long do I want to keep my backups?
  • What is my off-site storage plan?
  • Do I have Cloud Resources that need to be backed up?
  • How efficient do I want my backups to be?
  • How long can I afford to be offline in the event of a disaster?
  • How much data can I afford to lose in the event of a disaster?

The answers to these questions will help you to understand how much storage you need, whether you need a cloud or second-site storage plan, if you need high performance equipment and your Recovery Point/Time Objectives. Know that even if the plan is loose, it’s more than you had at Step 1 and it will help you enormously when collaborating with your teams, suppliers and peers to achieve the best outcome.

disaster recovery plan

Step 4 – Reach Out 

At this point, we’ve gone from scratching our heads, to having a clear understanding of the potential issues, a goal to aim for and a plan to get there. Now it’s time to reach out.

Speak to your team and your suppliers and get them on board with your plan. From this point forward, you’re taking control of your backup & disaster recovery plan. You’ve worked out what you want to achieve and you’re making it happen. That, or you were happy from Step 1 – either way, grab a coffee and your favourite lockdown biscuit, you’ve earned it!

Remember, if you ever have any questions, just ask. I, or one of the team here at Planet IT, are always happy to be used as a sounding board and can offer our expertise for your specific situation.

Feel free to reach out to me via LinkedIn or email me at michael.davey@planet-it.net.

HAFNIUM and Exchange Vulnerabilities – What To Do Now…

Hafnium Attack

There has been lots of noise in the press and on social media about the HAFNIUM threat actors and the current vulnerability that has been detected in all current versions of Exchange on premise.

If you haven’t read up on the attack and the risks you can do so here;

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2021-patch-tuesday-fixes-82-flaws-2-zero-days/

https://www.kaspersky.co.uk/blog/exchange-vulnerabilities/22385/

https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/

These articles have been leaving a lot of IT managers and CTO running around looking for solutions. They need a way to quickly patch up the servers and cover over a hole that has been there since at least last November, when as far as the first reported case of an attack using this vulnerability. However, what do you need to be doing next?

We all know that Microsoft issued patches on a non-standard update to Windows or a (out-of-band) update. For those out of the know, this means this Hafnium vulnerability is bad! Microsoft rarely break their patch cycle but when they do as with the SMB vulnerabilities with WannaCry. When they do it means you need to be act fast.

By the time these latest OoB updates where released, Microsoft made it clear that these attacks where already happening, which means for some of you who are readying this article thinking you are safe because you ran the patch, you may not be.

The four most dangerous vulnerabilities already being exploited allow attacks to pull off a three stage attack on compromised systems.

The attack chain is simple;
  1. First, access a compromised Exchange server (one missing the patch) this can even be an Exchange Management point for Office 365, it doesn’t need to be a full running system.
  2. Then they create a Web shell for remote server access
  3. They then use this to harvest data from the network and systems associated with this Exchange server, essential using it like an open front door.

So how do you protect against the Hafnium threat?

This is where you need to be looking at having a product in place as your antivirus/antimalware which uses EDR or XDR technology and has up to date behaviour and exploit prevention and detection.

Watch out for the following detections

  • Exploit.Win32.CVE-2021-26857.gen
  • HEUR:Exploit.Win32.CVE-2021-26857.a
  • HEUR:Trojan.ASP.Webshell.gen
  • HEUR:Backdoor.ASP.WebShell.gen
  • UDS:DangerousObject.Multi.Generic

So what should you do next?

As Microsoft has already released an update to fix all these vulnerabilities, we strongly recommend updating Exchange Servers as soon as possible, Microsoft have even gone as far as releasing a quick install roll up which should work for most Exchange servers. For more complex deployments like DAG’s, then Planet IT can support you with this process.

You then need to focus on your defence strategy on detection lateral movements and data exfiltration to the internet. For this we recommend that you pay special attention to outgoing traffic to detect cybercriminal connections.

As always you should ensure that you are backing-up regularly and make sure you can quickly access it in an emergency, if you have questions on this then Michael Davey – Michael.Davey@planet-it.net and his Back Up Services team will be more than happy to help.

Make sure you have an Endpoint Detection and Response product in place. If you don’t reach out to your Planet IT account manager who can provide you with details of what is available and works with your security landscape.

Finally make sure you are using a reliable endpoint security solution such as Kaspersky or Sophos that has included in it Exploit Prevention, Behaviour Detection, a Remediation engine. It would also be beneficial to ensure that your product has a Vulnerability and Patch Management capabilities.

If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect you business, should that be with new technology, strategies or even better back ups you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : james.dell@planet-it.net

Call 01235 433900 or Email : enquires@planet-it.net

Education in Focus: Cyber Attacks on the rise while protection remains behind other industries

Education Cyber Attack

2020 was far from an easy year for the education sector, with the strains of COVID-19, the forced move to remote learning and the constant moving goals of exams, assessments and certifications looming over the industry. IT improvements and IT budgets were shifted from infrastructure and enhancements to purchasing laptops and enabling learning over video. These changes have had a dramatic impact on all educational organisations. Unfortunately, we are starting to see the repercussions of this, with several educational organisations being hit by cyber-attacks.

Another Attack

This week we have seen the latest attack on the University of Northampton, this is unfortunately just another in a long line of victims of the last few years.

As many of you who have read my articles are aware, I have a long history in the education sector, working across schools, academies, and colleges. From this, I have a very first-hand experience of how budgeting works in education. I know its effect on the choices that we make when it comes to selecting solutions and ultimately protecting educational establishments.

When I read stories like the one about the University of Northampton, it churns my stomach. This is because I know that the ladies and gentlemen who work in the IT teams of these organisations will have been doing everything they could to protect the system. However, they are always constrained by the limits they have finically and with their current technology stack. Having personally experienced several attacks first-hand, the IT Team usually takes the brunt of the fallout from these events. In truth, it’s business management and senior management, who’s lack of understanding, allows these incidents to happen.

university cyber security

The real-world cost of an attack

When these kinds of cyber attacks in education occur, we all see the headlines and the public outcry about the fact these threat actors get into and disrupt educational organisations. What is very rarely discussed is the organisation’s cost.

The cost itself is not just that of recovering from the breach. Depending on what equipment has been affected and what can be recovered, the cost anywhere from £10,000 to £500,000!

However, on top of this, you have to add the cost of staff not working. The organisation not being able to deliver teaching and learning can easily cost an organisation over £50,000 a week.

We then have to consider the cost of the damage to the organisation’s reputation and any fines that may come in from the ICO if data has been lost. These costs can total into millions.

The worst part of all of this is that insurance will not always cover these costs if you have the wrong cover type. In a real-world example, we are aware of a case where an educational organisation had a total cost of an outbreak at £2.5 Million, this figure should be enough to make your senior management sit up and pay attention.

Where to start…

The question then is, how do we get our educational sector partners to a position where they can protect their data, deliver teaching and learning and ultimately avoid cyber attacks in education?

The answer is about prioritising spending and focusing on ensuring that a security landscape is in place that covers all bases and protects against all foreseeable attack vectors. We start this with solid anti-virus and anti-ransomware technology. Endpoint protection must be paired with a robust Endpoint Detection and Response product (EDR) or an Extended Detection and Response product (XDR). These technologies will give you a strong endpoint protection roster.

Then layered on top of this, you need to look at device encryption, which must be centrally managed. Then, on top of that, we need to pivot and look at the ingress points on your network, this being your email and your firewall. Both should be robust next-generation products that use both Unified threat management and a traditional stateful firewall approach.

school cyber security

And then there’s the human element

When we have tackled the technical delivery needed to secure the network, we need to look at your staff and the human firewall element of protection. From this regard, we should be looking at Phishing training, security awareness and data protection training.

When you have all these pieces in line and configured to best practice, then there is a good chance that you will mitigate most risks towards your organisation. Now, that doesn’t mean your senior management can wash their hands of cybersecurity. Proper cybersecurity protection is reviewed and maintained regularly, and this also means patching all your other IT systems; it’s a busy and full-on task to undertake. However, if you do it correctly, it’s advantageous knowing that you are keeping your learners, staff and visitors safe and protecting against the effects of a cyber-attack on the business, individuals and the wider community

If you would like to have a conversation about how we can review your security landscape and work with you to build a robust cybersecurity landscape for your organisation, then CLICK HERE to book a meeting with me, or you can email me at james.dell@planet-it.net and together we can work to align your organisation against the current and future risks.

Sophos MTR vs Security as a Service. What’s the difference?

sophos MTR vs Security

What is Sophos MTR?

Sophos MTR Standard or Managed Threat Response, provides 24/7 threat hunting, detection, and response capabilities delivered by an expert team as a fully managed service. What that means is a dedicated team at Sophos will monitor your environment and act on any threat detections using the EDR technology that we are a massive fan of here at Planet.

IT is offered as an optional service add-on with Sophos Intercept X Advanced with EDR.

Sophos MTR Advanced goes one step further and will actively go looking for potential threats. It proactively improves your security by recommending configuration changes and reporting on vulnerabilities.

How does Planet IT’s Security as a Service (SECaaS) compare with Sophos MTR?

Let me start off by saying that Sophos MTR is a fantastic service, there is no denying that. But you do have options should you want this protection but want to explore different avenues.

Here at Planet IT, we offer an alternative service that will give you the peace of mind of MTR, while being more aware of the fact that many of you will have technologies outside of the Sophos stack.

Alongside this we know that for many of our customers the biggest risk is always the recovery and with Sophos MTR there is quite rightly an end to where Sophos can provide services. With SECaaS we stick with you and can support you to the bitter end.

I have compared the offerings of Sophos MTR with Planet IT’s Security as a Service (SECaaS) in the table below:

 

Feature Sophos MTR Planet IT SECaaS
24/7 support Office Hours
Dedicated Account Manager
Direct Call-In Support
Asset Discovery via Endpoints X
Enhanced Telemetry via Endpoints X
Activity Reporting Sophos Only All Security Vendors
Periodical Health Checks Sophos Only All Security Vendors
Vulnerability Scanning Sophos Only All Security Vendors
Firewall Support Sophos Only All Security Vendors
Completely mitigate through to completion Sophos Only All Security Vendors
Penetration Testing X
Windows Updates X
Phishing Training & Testing X
Email Protection X
Cyber Essentials / Plus X

 

Verdict

Sophos MTR is a great service if you are a large organisation with the requirement for 24/7 support and have the resources to afford it. If you have an internal IT team in place to work in collaboration with Sophos to completely remediate any threats, it really is a top solution.

However, as you can see above Planet IT’s SECaaS offering is more than sufficient to give you the peace of mind you need. We will work with you to recommend and provide the solutions right for your business and support you until any threat is mitigated, no matter what security products you use.

Add in our other services such as Windows Updates as a Service, Vulnerability Scanning (not just for Sophos products) / Penetration Testing and Cyber Essentials as a Service, you can rest assured that SECaaS will keep you safe and updated as much as possible!

About Adam Harrison

My name is Adam, and I am a security-focused Technical Architect. It is my job to provide expert advice on security solutions and assist our customers with protecting their environment from viruses, ransomware, and other nasty attack vectors! My background is in Security as a Service, Infrastructure and Helpdesk Support; I keep myself up to date with the latest threats and security products, so you don’t have to!

If you want to talk to me about how Sophos Intercept X with EDR would fit into your business then please call 01235 433900 or you can reach out to me via DM or at architecture@planet-it.net

Microsoft Teams Webinar Recap: A record attendance & your questions answered

Microsoft Teams Demo

This week, we hosted a Live Demo Webinar based all around using Microsoft Teams as a Unified Communications Platform to replace your existing phone system. We have never had more interest in the build-up for one of our webinars, and the actual event did not disappoint!

We had well over 100 businesses join, many with multiple people to see the power of Direct Routing for Microsoft Teams.

Our experts, Farah Nazir-Chapman and James Dell demonstrated the platform to show just how powerful this tool it. Not only can it completely replace your existing phone system, but they also showed how it can save your business money too.

Did you miss it? Or would you like to watch it again? Well, the good news is that we recorded it and you can check it out here:

Your Questions, Answered.

A sign of a good webinar is the quality of the questions asked at the end. We had 65 questions before we had to call time, otherwise we would have been there all day! What’s more, sometimes on these webinars, you see a drop off towards the end. 98% of the attendees stayed until the last question was answered.

Did you miss some of the answers? Good news. We have compiled them all, merged a couple and got James & Farah to answer them again.

Remember, if you you would like to find out more about Microsoft Teams, or if your questions are not answered below, please visit our Direct Routing For Teams webpage. You can also reach out to your Planet IT account manager, call 01235 433900 or email enquiries@planet-it.net

 

If I get a call to my mobile from someone dialling my company number rather than my mobile direct is there a way of ID’ing this?

If I get a call to my mobile from someone dialling my company number rather than my mobile direct is there a way of ID’ing this?

 

We have a switchboard where we have on the 1st level with 9 option then on some of them we have another menu can the team PBX do this?

Yes, it can do two levels of an IVR/ Automated attendant

 

Voicemail – can you receive the voicemail on an email?  (So you can forward it to somebody else)

Yes, voicemails come in via the Teams app and you can set them to also be delivered to Email in the form of a WAV attachment. Which can be forwarded on.

 

Can you set up hunt groups on teams and can you setup timer so if one department don’t answer within 1 min it will auto call the next group

Yes, You can configure the call queues to fail over to another queue should the one they enter not be able to take the call.

 

Hello – thank you for this very helpful introduction! Do you have guidance available on a document? Looking for something that could be made available to our employees about all the features available. Thanks.

We do have documentation we can share, if you reach out to your Planet IT account manager, they will be able to assist you with getting access to our documentation.

 

Can we configure automatic message for Unknown or Hidden number to say we’re not answering call from them?

Yes we can route the call to a message.

 

Hi, is there feature parity between Teams on Windows and macOS? We are exclusively macOS, are there any caveats to note?

Between the desktop versions of Teams there is now very little in the way of feature difference, with most updates hitting both MacOS and Windows on the same day or same week. The major differences are between Windows and iOS and Android, however this game is also reducing.

 

Does the caller get notified that the call will be transcribed? Do you foresee any privacy issues with this feature?

The caller does not get notified when the call is being transcribed, however there is no legal obligation to do so as it does not fall under call recording as its purely a record of the call and not a live recording. If you wish to record a call a user would be notified.

 

I’m mainly interested in how this would integrate with our current DDI’s etc. is this something you are going to cover?

Planet IT work “port” your existing DDI numbers onto the direct routing for Teams platform.

 

Are Teams physical handsets available?

Yes you can get a range of physical devices that are Microsoft certified for Teams and your account manager can share additional information on these and which versions would suit your needs including the Teams Rooms equipment.

voip and microsoft experts

 

CLI – what options are there for the numbers I can present?  (Rarely in a call centre environment do you want to present the ddi of the agent.)

We activate SIP CLI flexibility, so during the set up we liaise with you and ask which telephone numbers you would like to be presented, this can be either the “bearer” (main number) or a DDI

 

Are you able to choose the data residency for data such as the transcribed calls (to be in the EU)?

Yes as with Microsoft 365 data residency is chosen at a tenant level as is set for the whole of your Microsoft 365 estate, adding Teams voice does not change this.

 

Can existing DDIs be moved over to the Teams phone system?

Yes, your existing numbers can be ported onto the direct routing for reams platform. This does depend on your contractual status and porting agreements being in place.

 

Can you transfer calls to people who exist in a different 365 tenant?  Plus, can you block premium rate, international and other expensive services?  Thank you.

Calls can be transferred out to any number however Teams to Teams tenant calls require both sides to have a valued voice licence.

 

Can the system cover hunt groups and overflow groups?

Yes, you can have hunt groups and these can overflow to additional groups or voicemails

 

Can you record calls?

Calls can be recorded via our call recording partner.

 

Hi all, are you recording the webinar?

Yes, you can view the recording HERE

 

Numbers – Are there any restrictions to numbers you can port into the teams PBX?  How many countries are there local numbers available in?

We can port in international numbers and we have the ability to offer new international DDI numbers. Due to the different porting process and some country restrictions please contact us to discuss this further to ensure that the porting agreements and number availability can be provided for the specific locations required.

 

Are there other additional costs? Call recording?  Office 365 add ons?

Call recording is sold as a separate system, we can provide you quotations for these systems based on your specific needs. In terms of the Microsoft 365 licences their is a single add on which can be added to any Business , E or F Plan.

 

Is the voice license on your system effectively a bolt-on to Microsoft 365 E3?

The system is an add on licence to Microsoft 365 subscription, there are several options for the bolt on depending on your use case and business type.

 

Are there any additional paid options for multi-tiered IVR

There are options available, please contact us to discuss this requirement further.

 

What if our organisation has the full MS 365 integration? Would we still be able to use Planet IT for this phone integration?

Planet IT’s Microsoft DRFT can be added to any existing Office 365 subscription

 

Are offices in different countries all covered under the same system and can we have different phone numbers for each different office location?

Yes

 

What is the teams mobile app version experience like?

The Mobile application of Teams has near feature parity with the desktop version and allows you to make a receive calls seamlessly while on the move.

Microsoft Teams Dial Screen

 

Mobile app – is there a separate Teams PBX app or is it built into the normal app?

The application used on the Mobile side of Teams is the same all that happens is the dial pad is added to the call screen.

 

Another way of asking that is what is required for your system by way of additional Microsoft licensing if we have MS 365 E3 licenses already?

If you already have a E/Business of F licence you need to add the Microsoft Voice licence, which is provided as part of the service this is then backed off by Gamma for the SBC and voice access

 

If I get a call to my mobile from someone dialling my company number rather than my mobile direct is there a way of ID’ing this?

The incoming call will be received via the Teams app and therefore will present as a “teams” call rather than a normal mobile call.

 

Can we configure automatic message for Unknown or Hidden number to say we’re not answering call from them?

Yes we can route the call to a message.

 

Does the caller get notified that the call will be transcribed? Do you foresee any privacy issues with this feature?

The caller does not get notified when the call is being transcribed, however there is no legal obligation to do so as it does not fall under call recording as its purely a record of the call and not a live recording. If you wish to record a call a user would be notified .

 

Are Microsoft Teams physical handsets available?

Yes you can get a range of physical devices that are Microsoft certified for Teams and your account manager can share additional information on these and which versions would suit your needs including the Teams Rooms equipment.

 

Are there published rates for international calls to landlines and mobiles?

A SIP international tariff is available, please contact your account manager.

 

Is it possible to pick up a call from a team members phone? When they are away from their desk?

Yes this is possible via either a quick pick up command or via delegation.

 

How do hardware desk phones integrate?

Microsoft Teams requires a Teams certified handset , we can provide you information of the ones currently on the market. Reach out to your Planet IT account manager for more information.

 

Can existing DDIs be moved over to the Teams phone system?

Yes, your existing numbers can be ported onto the direct routing for Teams platform. This does depend on your contractual status and porting agreements being in place. We require a customer letter of authority (CLoA)

 

Can you describe the process for arranging current numbers and DDI’s that are in use to be ported to Teams please?

Depending on your incumbent provider, we request that you complete a CLoA (customer letter of authority) and providing that a porting agreement is in place we simply port the numbers onto the direct routing endpoint.

 

Numbers – Are there any restrictions to numbers you can port into the teams PBX?  How many countries are there local numbers available in?

This is subject to the range required and the countries requested. Please contact your account manager to allow us to investigate this for you.

 

Are there other additional costs? Call recording?  Office 365 add-ons?

Please contact your account manager regarding call recording costs as this is costed based on the number of users required and whether you require just audio recordings or to capture screen sharing/meetings and chat

 

Are offices in different countries all covered under the same system and can we have different phone numbers for each different office location?

This is achievable, you can have one platform for all users and select different geographic telephone numbers.

 

Are there published rates for international calls to landlines and mobiles?

Yes, please contact your account manager for a SIP international rate card

 

Is it possible to pick up a call from a team members phone? When they are away from their desk?

Yes this is possible via either a quick pick up command or via delegation.

 

Is there a minimum requirement of broadband speed, as some users that live in rural or poor broadband areas might be affected?

2.5Mbps is the recommended minimum connection speed for a user on Microsoft Teams.

 

Can Teams be plugged into CRM systems for caller display?

Yes There are many API based integrations with CRM systems.

 

Is there an option for a reception console, like Mitel 5500, to have a real person filter/direct calls?

You can have an operator type handset if required, alternatively the receptionist can configure speed dials based on the users/ departments for ease of use and transferring

 

What are the benefits of Sophos Intercept X Advanced with EDR?

sophos edr

Over the last few months, you may have heard the word EDR (Endpoint Detection and Response) banded around when talking about security products, but what does EDR really mean for you and your business? In this article I am going to explore EDR and the tangible benefits that you would see from having this product in place.

What is EDR?

Sophos Intercept X Advanced with Endpoint Detection and Response (or EDR) is an award-winning security solution that is built upon the framework of the Sophos product that so many of you use and know.

One of the simplest ways to look at it is like a cake made up of three layers. You may already have two of these in place:

Endpoint Protection – traditional anti-virus that detects and blocks threats in real-time. This is the signature-based piece of the puzzle something that every business should already have even if it’s from another vendor. It is looking at what is happening and checking it off against a list of known attacks.

Intercept X – anti-ransomware protection. This comes in the form of AI and Machine Learning driven technology which knows what your device should look like if you are working as normal. When you’re not, it uses a technology called CryptoGuard and detects any encryption attempt, reversing any encryption that has already taken place. This is your backstop and a way to protect yourself from unwanted changes. This is a technology many of our customers have and saw the value in having after the WannaCry outbreak of 2015.

EDR (Endpoint Detection and Response) – This enhances the ability to analyse an attack and see what happened, whether the threat has spread to other devices and if any data has been lost. This is new and this is less about what is happening and stopping it and more about the validation of how safe you were following an attack. Now this may sound counter intuitive, if the product is protecting you, why would you need to know what happened in an attack? To answer that simply we need to look at GDPR and the requirement to report breaches.

These components combined provide you with the whole protection cake. You have the ability to protect your data (these are the sponge top and bottom made up of Endpoint Protection and Intercept X) and then you have the knowledge that if something happens you can clearly report on what took place (this is the jam filling that completes your cake). Protection like this is second to none when coming up against today’s attackers, in a threat landscape that is every changing.

Sophos Planet IT

How does it work?

Sophos Intercept X Advanced with EDR combines proven endpoint threat protection with the power of advanced machine learning to identify and block malicious processes. Intercept X uses AI that detects malware without relying on signatures and monitors system behaviour for any changes that could mean a malware attack. SophosLabs then provides the knowledge to back it up.

Take a targeted ransomware attack as an example. Bad actors will try to brute force their way into a externally facing RDP server. Once in they will drop an encryption package onto the system and start to encrypt files. Intercept X will detect the behaviour, CryptoGuard will stop the encryption and EDR will be able to fully report on the events chain (source, root cause, beacon, when it was detected and if it has been cleaned) providing complete analysis. Additionally, EDR customers will have access to a SophosLabs Threat Intelligence report that further aids you in your decision whether to allow the suspicious file or not.

How does this benefit you?

Sophos Intercept X Advanced with EDR will increase your security footprint without the need for additional resources to look after the solution. You can be safe in the knowledge that the solution you have chosen is the best in the business. With EDR you will have all the tools you need to make sure that any detected threat has been stopped in its tracks!

I’m sure you know that if there is a breach and data is compromised, the Information Commissioner’s Office (ICO) have to be informed. As a result of this, if your security solution is deemed to be inadequate you will be subject to a substantial fine! Throw GDPR into the mix and you have the potential to be in serious trouble. With Sophos Intercept X accompanied by EDR, not only will you have an industry-leading security product, but also EDR ensures all details are captured for reference later.

So, should you become a target you will be able to prove where exactly the threat has come from, where it has been and if it has been dealt with completely.

From a resourcing view, investigating all detected threats and tracing their actions to ensure nothing has been compromised is a full-time role; EDR does this automatically and comprehensively so you don’t have to. You can search through 90 days so even if you have only been made aware of a threat you can wind back the clock and quickly see how it was dealt with.

How good is Sophos compare to the competition?

As you can see, Sophos Intercept X with EDR is industry-leading when put up against the competition:

sophos comparison

Security as a Service (SECaaS)

Now sometimes it is all well and good having the tools yourself, but you may not have the inhouse skills or the time to make proper use of them, this is where our Security as a Service offering comes in – with SECaaS we will provide further peace of mind by monitoring your Sophos solution and remediating any alerts within an agreed timeframe. We will also provide you with periodical reports at an interval of your choosing showing the health status of your estate, complete with our recommendations to make sure you are as protected as you can be.

 

About Adam Harrison

My name is Adam, and I am a security-focused Technical Architect. It is my job to provide expert advice on security solutions and assist our customers with protecting their environment from viruses, ransomware, and other nasty attack vectors! My background is in Security as a Service, Infrastructure and Helpdesk Support; I keep myself up to date with the latest threats and security products, so you don’t have to!

If you want to talk to me about how Sophos Intercept X with EDR would fit into your business then please call 01235 433900 or you can reach out to me via DM or at architecture@planet-it.net

Why Microsoft Teams might be the right phone system for your modern business

Microsoft Teams as a phone system

The continued drive to work from home has increased the pressure on all areas of IT within business. This is clearly evident when we look at the situation in many businesses when it come to their existing telephony. Many are simply being reconfigured from the classic “on premise” approach to try and make them work for employees working from home. It may be as simple as diverting calls back out to a mobile phone resulting in tying up two trunks or trying to deploy a soft phone solution the business has never tested. 

We are seeing this across nearly every business who has had a phone system in place for a few years. Modern systems have some flexibility, but their older cousins struggle. They are inflexible and are so office centric that they are unable to function effectively.  In contrast, Microsoft Teams is the platform that many businesses have already adopted for video conferencing, instant messaging and group communication. In comparison the legacy on premise phone system struggles and appears outdated.

How does it work?

We have seen a mass shift in the market with many organisations transitioning their voice calls into Microsoft Teams. Now there are two clear approaches to this, the first is to use Microsoft Cloud PBX system. Microsoft Cloud PBX is technology that was built on the success of Skype For Business. It leverages local break out for calls across Microsoft global Azure network only transitioning to SIP and then traditional calling technology once it leaves the global infrastructure that Microsoft own.

Sounds good right?

work from homeIt does, but it is not without side effects. The key problem mainly being cost. Microsoft don’t do free calls and they don’t do unlimited business packages. Therefore, the second option is to use a 3rd party SIP provider approved by Microsoft to enable Direct Routing for Teams. Planet IT facilitate this through our partnership with Gamma, one of the U.K’s leading SIP providers. By integrating Gamma SIP into Microsoft Teams, it offers all the benefits of Gamma to Microsoft Teams customers, including the ability to access free calls on certain bundles. 

We already use it for messaging and internal calls, but why would I use Teams as my main phone system? 

Well, it’s simple! With staff adoption and understanding of Microsoft Teams up by 80% and into millions of end points, you gain the ability to not only reduce the number of systems you need to support as an IT administrator but, also reduce the number of systems your staff need to learn. Microsoft Teams with Voice enabled is simple and does not change the core function of the software, it simply enhances and extends what the users already have. To add to this, if another business is using Microsoft Teams Direct Routing and you call them, Teams will detect this and leverages point to point digital only calling, (providing public federation is enabled) this can further reduce your costs but, also offer a much greater user experience!

Microsoft Teams Dial Screen

 

But we use Zoom, not Teams?

There is only really one case where Teams is not the right solution for a business and that is where you don’t already use Microsoft Teams and utilise Zoom or Google as your main unified communications platform. When approaching this problem, having made a commitment to another vendor, Planet IT would recommend  looking at a cloud-based phone system which can either be integrated with what you have in place, or simply work alongside. Our dedicated Voice and Connectivity Team can help you find a solution that is right for you in this instance.

How do I find out more?

Microsoft Teams is already feature rich. Add Direct Routing for Teams and it only expands this to a position where not only do you get the best of the platform but empowers you to decommission and move away from systems which don’t support your business currently. The best way to understand Teams as a phone system is to see it in action. Planet IT we are holding a number of live events around Microsoft Teams and its use as a phone system. Sign up for our live event on the 25th February 2021 please click here.  

If you want to find out more about our Direct Routing for Teams Offering you can call 01235 433900 or you can email enquiries@planet-it.net

To see Microsoft Teams in action, with voice enabled, you can register for our Live Demo on the 25th February here

Alternatively, you can contact our architecture team directly via architecture@planet-it.net and one of our team to help you understand how we can fit technology into your business stack.

 

Digital Acceleration for businesses. Why 2020 was just the start

Digital Acceleration

We all saw the scenes in March 2020 as lockdown across the U.K and most of Europe was announced. At a moment’s notice, businesses across the globe scrabbled to build vital communication and digital strategies that could support their business operations.

This for many included the mass roll out of new digital devices, communication tools, work place and data management tools and virtual telephony. At the time many businesses made these changes as a knee jerk reaction, simply to combat the “in the moment” problem. However, this dynamic shift in our approach to working, the working environment and our forms of communication has enabled leaders in business to accelerate IT strategies in a way they never would have been able to if 2020 had been “a normal year”. For many CIO, CTO’s and Technical Directors 2020 marked the beginning of a new chapter and the start of a very different IT landscape moving forward. 2021 is already beginning very much where last year left off we are seeing this continued trend of digital acceleration across the business landscape.

digital transformation Breaking through the red tape

Some businesses when asked about the effect of 2020 on their digital strategies have said they jumped through two years of red tape, internal approvals and cost benefit analysis in two days. This shows the systemic shift we saw almost overnight. This change has seen many business jump from traditional technologies (desktops / servers and onsite telephone systems) to cutting edge technologies emerging across the IT landscape with the likes of Public Cloud, Mix Media Devices and cloud telephony with unified communication.

This trend can easily be reflected in the numbers published by Microsoft in relation to the usage of their communication platform Microsoft Teams which jumped from 900 Million meetings held on the system per day in March 16th 2020 to 2.7 Billion per day by the end of March. That number is yet to drop and if anything will continue to rise as the pandemic runs in course and staff continue to be offered the flexibility of work space.

The Importance Of Being Ready

digital acceleration It is worth mentioning at this point for the business which unfortunately saw their trade days come to an end in 2020. Many had failed to adapt, grow and change before 2020 and where therefore unable to adapt in a way that enabled them to be flexible around the pandemic. For these business, the lack of development of IT systems lead to a perfect storm of spending requirements, insufficient time and a lack of business commitment to IT and digital development.

The importance all business must learn from the events of 2020 is that digital transformation in the modern age is imperative. A business without IT cannot function and the drive of CIO, CTO and Technical Directors has and will always remain in the development, expansion and overall success of a business. They above all others know how critical those systems are.

Unfortunately for many businesses, IT is often considered to be a “cost with little reward” which from last year we can see is ultimately the wrong way to approach the topic. IT is a business enabler and when used as such it can allow all business to overcome situations and circumstances which is never would otherwise be able to.

The right focus

As we move in 2021 with earnest, I am working with all of our customers to enable this continued business growth with the aim of removing the stigma around IT spending. The focus is on the benefits vs the cost rather than the costs vs doing nothing as was so clearly the case for many business in the years leading up to 2020.

If any business wants to strive and succeed in 2021 then the goal must be to continue the path of digital acceleration and put IT as a business focus for all. Remember, don’t just look at the short-term pains. It’s all about how we develop and implement strategies that protect businesses for many years to come.

If you want to discuss your business IT strategy or how Planet IT can help you to accelerate your growth using IT then please call 01235 433900 or you can reach out to me via DM or at james.dell@planet-it.net.

 

2020 – The Technology Winners & Losers

Technology Winners

We all know that 2020 has been a challenging year for businesses and it is no surprise to anyone at this point late in the year that the digital landscape is very different to what it was 12 months ago.

So today, rather than a simple review of the year, I am going to look at some of the technology winners and losers of 2020.

Winners

 

Microsoft Teams and Zoom

Well obviously, right?

These two companies have enjoyed a dramatic rise to relevance as businesses moved (were forced) to an all-digital approach this year.

The reason these two thrived where others struggled is what makes them winners: both platforms offered the services for free for most of this year as part of their COVID support packages. Because of this they now have thousands, or even millions of new customers who won’t leave them in 2021. Teams and Zoom are now critical to many organisations and are part of their business models moving forward.

Not only was this smart marketing by the companies it has allowed both parties to learn at speed about what features we all want from these tools, I think this is clear when you see the number of changes that Microsoft have made to Teams this year, it’s certainly not the clunky product we were trying in 2017 anymore!

Microsoft Teams

AMD

AMD came out the gates swinging this year and they certainly had no intention of holding back. With the Ryzen 3000 series they have cemented their return to relevance making their CPU’s affordable and, in nearly all cases, faster than those coming from Team Blue (Intel).

However, this year they would go on to show why the 7nM process is so important and why Intel still pushing an 10nM process was going to cause them issues, this came in the form of Ryzen 5000 series, which wiped Intel off the top spot in nearly every scenario, and it did so a month after Intel announced their “best processor yet”.

This position was made even stronger when AMD managed to get both Dell and HPE to add their AMD EYPC processor to their server ranges giving customers the choice when looking to buy new servers. This is not only a win for AMD but also for consumers and businesses. We now have a better variety to choose from and can finally start to move away from Intel’s dominance, where the price point or performance does not make sense.

 

Apple Silicon

Continuing on the theme of CPU’s, Apple closed the year off by showing us all what can happen when you own an end-to-end process with the release of the M1 processor and the new range or M1 Apple devices.

This product, born from the legacy of the A Series mobile chip found in iPhone and iPad, is Apple’s first desktop processor since the days of PowerPC (Let’s not talk about it!). The important thing about M1 is not only is it built on the 5nM process but is also mind-blowingly powerful for a CPU which seems to simply sip on power rather than drain your battery in minutes. This, of course, is in part due to the fact that Apple own the eco system and can simply optimise every single instruction set to be smarter by working the CPU with the OS in the exact way they want, but they still have to be considered winners for this…

Also, who doesn’t want to run iPad apps on their Mac?

Apple Silicone

Public Cloud

Another rise to relevancy this year came in the public cloud drive, as customers seeking a solution to closing their offices and working across the country and the globe looked to the once distrusted Public Cloud as a saviour.

I have long believed the future was public cloud and 2020 was maybe the wrong way to prove a point, but we have seen a dramatic uptake in public cloud services. A huge number of large business are moving across and an even larger number of companies are planning through 2021 to close their datacenters and server rooms and put their workloads with Microsoft, Amazon or Google instead.

This move has co-existed with the drive by the big three to make the platforms more affordable and reduce the work to onboard to the platforms. This is only going to continue now as we slowly move away from onsite systems.

 

Losers

 

Intel

Now I already mentioned the bad year Intel is having in passing when coming up against AMD, but this year has been an all-round kicking for team blue.

This year also marks the beginning of the end of the Intel based Mac, which while only a small part of their revenue is sure to shake the foundations of what they are doing with other system integrators and device creators – not least Microsoft, who this year pushed AMD surface devices ard ARM based Surface Pro X devices.

Intel is not having a good year, but they need to learn from that their dominance in the CPU sector was on legacy born from innovation. Since the launch of the Broadwell generation of the i3-7 line up they have slowed down sticking until this year with 14nM for nearly all of its processors and simply looking for ways to push the clock speed on the devices. Now this year we reach the point where pushing clock speed is of less and less benefit and in 2021 we know Intel are going back to the drawing board to try and refine the 10nM and move to a smaller die process.

Good luck in 2021 Intel, otherwise it’s going to be another Team Red year!

Intel

Apple iPhone

Now the iPhone isn’t a looser in 2020 just because I left and moved over to the Android side!

This device is a looser because it lost to a phone half its price in a photo shoot-out between the iPhone 12 Pro Max and the OnePlus 8T in a blind test run by MKBHD . Now, the importance of this test is massive as it shows that you don’t get perceivably better images by using an iPhone as Apple would have you believe,. It also shows consumers in a very tight financial year that you can get a great camera for less than half the price.

Will this change people’s minds about buying a new iPhone? Maybe not. But it hopefully will make Apple sit up and think as both the iPhone SE and 12 didn’t make it through the first stage of the process, showing that the issue may be with the way Apple handles the images and less about the quality of the camera. Either way the iPhone (13) or whatever it’s called needs to make improvements on this and be a big step forward for Apple in 2021 as their dominance is slipping and the Android market is out for their crown.

 

Onsite Infrastructure

The office has taken a bit of a beating in 2020. It’s becoming, for many businesses, a way to spend money for space you are not using,. This has caused a number of businesses to decide now is the time to change the way they interact with office space we have seen a massive increase in businesses looking to either move to co-location or into public cloud.

This has meant that the days of the larger projects for onsite deployments have slowed, so I think it’s fair to say 2020 has been a bad year for on-premises solutions but a great year for anything cloud!

 

There have been many more winners and a lot more losers than I could cover in this article, however I think the major take away for 2021 is that the IT landscape has changed far more in 2020 than in any year prior to it, as an IT professional I don’t expect business to slide back into old habits and things to switch back as we slowly return to more normal times.

Whatever 2021 brings I am excited to be at the forefront of matching our customers to the latest and greatest technical solutions.

Looking for a technology partner?
Let’s talk