Cloud Security Posture Management, Why you need it!

Cloud Security Posture Management

It’s time to discuss the importance of moving to an Opex model, the drive towards consumption-based usage and the impact on technologies like Microsoft Azure, as well as the importance of protecting Cloud resources and security when you move resources to the cloud. This article looks at how we put these principles into practice in Cloud Security Posture Management.

What is CSPM And Why Is It Important

Cloud security posture management (CSPM) is critical for any business moving its infrastructure to Microsoft Azure. CSPM helps organisations identify and remediate security risks in their cloud environments, to ensure their data and applications are protected. This rather preventative approach helps avoid any disasters!

When moving to the cloud, businesses must ensure that their security posture is robust and able to withstand the unique challenges of the cloud environment. Once you move to the cloud, you are placing only some, but not all, of the responsibility for the service provided.

In this shared responsibility model, the level of understanding of your risks is critical. This is why CSPM tools are so essential. They provide a comprehensive view of the security posture of an organisation’s cloud environment. It allows them to identify and address vulnerabilities and misconfigurations that could expose their data and applications.

Automation and Benefits Of CSPM

One of the greatest benefits of CSPM is the ability to automate the process of identifying and remediating security risks. Taking the human out of the equation often results in a better, faster, and more secure platform in the long term.

This is particularly important where the scale and complexity of the environment make it difficult for businesses to keep up with the constantly evolving threat landscape. CSPM tools can automatically scan the cloud environment for vulnerabilities and misconfigurations. This alerts security teams to potential risks and provides the information needed to take action.

CSPM also gives businesses greater visibility into their cloud environment, allowing them to monitor activity and detect unusual or suspicious behaviour. With the correct visibility, you can trust that the systems you have in place are configured and protected to the required standard.

The dynamic nature of the environment can make it difficult for businesses to keep track of changes and activities. CSPM tools provide real-time visibility into the cloud environment, allowing security teams to identify and respond to potential threats quickly. Being able to see who has made changes, what risks you have, and the overall nature of your cloud posture is invaluable.

Complying with Standards and Regulations

Many businesses are subject to strict regulatory requirements, and failure to comply can result in significant fines and reputational damage. CSPM tools can help businesses ensure that their cloud environment complies with relevant standards and regulations, reducing the risk of non-compliance. If your business needs to hit Cyber Essentials, ISO 27001 or PCI-DSS, then CSPM is the way to go

In summary, CSPM is essential for businesses moving their infrastructure to Microsoft Azure. It gives businesses the visibility, automation, and control they need to ensure their cloud environment is secure and compliant. By implementing a robust CSPM solution, businesses can protect their data and applications from threats, reduce the risk of non-compliance, and maintain the trust of their customers and stakeholders.

If you want to talk to one of our experts about how we can help your business secure its cloud environment and the benefits a CPSM could have for you, please call 01235 433900 or email [email protected]. If you want to speak to me directly, you can contact me via DM or at [email protected].

 

Microsoft 365 Copilot What’s New For 2024

Microsoft 365 Copilot What's Newhttps://www.planet-it.net/wp-content/uploads/2024/01/Copilot-post.jpeg

In today’s fast-paced business environment, staying on top of your workload can be challenging. That’s where Microsoft 365 comes in. This AI-powered productivity tool is designed to help businesses of all sizes work smarter, not harder.

With the removal of the 300-user gap in January, this tool is now available to businesses of all sizes and will allow SMEs/SMBs to engage in the world of generative AI.

What is Microsoft Copilot? 

At its core, Copilot 365 is a sophisticated processing and orchestration engine providing AI assistance. The software combines the power of large language models with data from your Microsoft Graph and the knowledge of the internet to help you work more efficiently. Something that no other tool can currently do. For instance, ChatGPT needs access to business data or the internet hence why the results are limited.

What is new in Copilot? 

Since there has been so much change in January alone for Microsoft 365 Copilot, we list the top 10 list of features which transform the way, you work.

1. Intelligent search

Copilot 365 can help quickly find the information you need, whether it’s in your emails, chats, or documents. With its advanced search capabilities, you can quickly locate the information you need, even if it’s buried deep within your files. You no longer need to be a search wizard to break down the barriers of document locations.

2. Summarisation

Copilot 365 can summarise long documents or emails, so you can quickly get the gist of the content without reading through everything. It saves so much time getting to the core of the text and avoiding all the white noise.

3. Email drafting

Copilot 365 can help you draft emails, saving time and effort. Its advanced natural language processing capabilities can generate well-written emails that convey your message effectively.

4. Document generation

Copilot 365 can help you create documents, such as reports or presentations, using data from your Microsoft Graph. This can save you time and effort, allowing you to focus on more critical tasks. This is so powerful if you are in any role where you often produce reports which require a presentation, Copilot takes the work out of doing it.

5. Task management

Copilot 365 can help keep track of your tasks and deadlines, so you never miss an important deadline. With its advanced task management capabilities, you can easily organise your workload and stay on top of your responsibilities.

6. Meeting Scheduling

Copilot 365 can help you schedule meetings with your colleagues, considering everyone’s availability. With its advanced scheduling capabilities, you can easily find a time that works for everyone without going back and forth with multiple emails. With options like Follow Meeting and Copilot-driven notes, you get so much more from meetings!

7. Language Translation

Copilot 365 can translate text from one language to another, making communicating with colleagues or clients who speak a different language easier. With its advanced translation capabilities, you can easily bridge language barriers and communicate effectively. This is great for working with international partners and clients.

8. Voice commands

Copilot 365 can be controlled using voice commands so that you can work hands-free. With its advanced voice recognition capabilities, you c

an easily interact with the tool using your voice, allowing you to work more efficiently.

9. Personalisation

Copilot 365 can be customised to suit your needs and preferences. With its advanced Personalisation capabilities, you can tailor the tool to your specific requirements, ensuring it works how you want it to.

10. Integration with Microsoft 365

Copilot 365 is fully integrated with Microsoft 365, so you can use it seamlessly with the other tools in your productivity suite. This allows you to work more efficiently, easily switching between different tools without wasting time. No other tool can do this; this is where the power exists

In conclusion, Copilot 365 is a powerful tool that can help businesses of all sizes work more efficiently and effectively. With its AI-powered capabilities and seamless integration with Microsoft 365, it’s a must-have for any business looking to stay ahead of the curve. Whether you’re a small business owner or the head of a large corporation, Copilot 365 can help you work smarter, not harder.

If you want to talk to one of our experts about how we can help you get Copilot Ready, please call 01235 433900 or email [email protected]. If you would like to speak to me directly, you can reach out to me via DM or at [email protected]

 

 

 

 

Unleashing The Power Of Microsoft 365 Copilot

Copilot for Microsoft Office 365

Microsoft Copilot for 365  is a chat-based tool that integrates into other 365 applications such as Microsoft Teams, Outlook, and SharePoint. It can learn and understand data from these locations, giving it the ability to answer questions, summarise documents, and more. Copilot is also integrated into the applications, allowing you to use it in real-time to draft emails, summarize emails or Teams chats.

 

Watch our webinar about unleashing the power of Copilot for your organisation

 

How will Copilot change the way we will work?

Microsoft Copilot for 365 won’t be coming after your job anytime soon.  Copilot 365 is there to help make your job more efficient and effective by cutting down the time you would have spent reading unimportant emails or messages, drafting base documents and emails and so on.  It will help you improve your time management skills, professionally write emails and recap your entire working days.

The security and compliance around Copilot

However, Microsoft Copilot 365 poses new security and compliance challenges for businesses as it has access to so much data.  Examples of risk can involve data leaking to the wrong user or a compromised user which could be could be devastating.

Currently, Copilot has inbuilt rules and compliance policies to stop certain actions such as users requesting sensitive data like payslips or contracts. It also has built-in security to only show data that the user would be able to access natively.

It is on Microsoft’s roadmap to integrate this policy into Purview to allow IT admins greater control over copilot security.

If you are eager to harness the full potential of Microsoft Copilot 365 to elevate your business through AI integration in your daily operations, then please call 01235 433900 or email our team of experts at [email protected]. As your trusted Microsoft Solution Partner, we seamlessly guide you through every step – from licensing to integration – ensuring that your investment not only meets but exceeds expectations.

Integrating Generative AI

Integrating Generative AI, Machine Learning and AI

In the dynamic landscape of technology, integrating Generative AI, Machine Learning (ML), and Artificial Intelligence (AI) has become imperative for businesses to stay competitive and innovative.

 

Not since the dot.com era have we seen such a dramatic shift in technology, which has become a part of our everyday lives. 

 

Businesses must adapt and integrate AI, ML and GenAI into their short and long-term IT strategies. To enable employees to access AI tools from their workstations, mobiles and any web-enabled device. 

 

More than ever, IT professionals ought to be committed to developing robust strategies that leverage these technologies to enhance operational efficiency, customer experiences and overall business outcomes. This article will explore key considerations and recommendations for incorporating Generative AI, Machine Learning, and AI into your IT strategies in 2024.

Understanding the Business Objectives:

 

As IT leaders, you must align the adoption of Generative AI, ML, and AI with the broader business objectives.

 

Due to a lack of consideration for your business’s strategic objectives, the improper use and implementation of these technologies may have little or no effect on achieving organisational objectives. In other words, these tools should be complementary and continuously aligned with the organisational strategy. For instance, some technologies may not necessarily support the direction of the business. The same principle applies to the implementation of strategic IT decisions.

 

Conversely, the judicious use of AI can elevate customer service satisfaction and increase operational efficiency, which can lead to gaining a competitive advantage in some shape or form.

 

Crafting an effective IT strategy based on individual business merits will help choose technologies tailored to individual needs that will support development and growth.

 

Talent Acquisition and Skill Development:

 

Investing in talent is crucial for successful implementation. IT leaders should assess the existing skill set within their teams and identify the gaps. This is crucially important as well as your current team’s skill including knowledge of working with IA set vs. AI delivery services.  

Hiring or upskilling employees in areas like data science, machine learning, and deep learning ensures that the organisation has the expertise to drive AI initiatives. Not only focusing on the team who will support it, but your IT strategy must also focus on how you train end users to understand, leverage and validate where AI is used.

 

Establishing a Data-Driven Culture:

 

Generative AI and ML rely heavily on data. IT leaders must foster a data-driven culture within the organisation, emphasising the importance of high-quality, relevant data. It has always been a challenge for businesses to hold data regardless of its quality, relevance, or ability to be reused, ingested, or understood by a system. With AI, both structured and unstructured data can be used, but the data still needs to be relevant if you implement a system to reduce the amount of time your business spends on answering customer queries based on previous fixes but don’t check the previous fixes for validity you are likely to suggest non-solutions and harbour distrust in the system. This involves implementing data governance practices, ensuring data security, and promoting collaboration between IT and business units to derive meaningful insights. Tools like Microsoft Purview are a great place to start when looking into your data and its governance.

 

Creating a Robust Infrastructure:

 

IT leaders need to invest in a robust and scalable infrastructure to support the increased computational demands of AI applications. For most, this will mean looking at a transparent Cloud and edge computing strategy, moving away from private and co-located data centres on dedicated hardware to pooled and shared, scalable solutions like Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). This becomes critical when you consider that for some AI workloads, you will need specialised hardware such as GPUs, which may be essential IT infrastructure components to ensure optimal performance or gain the results your business requires. For those who want to remain on-premises, then your strategy needs to directly reflect a hybrid cloud approach as you will not be able to run many of these tools in your environment and will instead need to run the toolset where it is best suited be that with the vendor or on a public cloud instance.

 

Implementing Explainable AI:

 

As your strategy reflects how your business increasingly relies on AI-driven decisions, you must ensure that your business, customers, and staff can maintain faith in the solution; therefore, transparency becomes critical. As IT leaders, you should prioritise adopting Explainable AI models that provide clear insights into how AI algorithms arrive at specific conclusions. This transparency builds trust both internally and externally. This is easier said than done with some of the current Generative AI toolings, and therefore, your IT Strategy should reflect how you will tackle this when selecting the tools you will work with.

 

Security and Compliance:

 

Ensuring the security of AI systems is paramount. As an IT leader, you must integrate AI technologies in compliance with industry regulations and standards. Now, most of these AI tools currently take little consideration for the regulations and standards your business might have to reach, be that HIPPA, PCI-DSS, or ISO. Therefore, it will fall to you and your strategic approach to ensure that safeguards are put in place and that you remain in control of your data, its sovereignty and how it is being used. Additionally, implementing robust cybersecurity measures is essential to protect sensitive data and maintain the integrity of AI applications; this does not stop with just placing anti-virus on a system; you will need to think beyond this and engage with the right security partners.

 

Continuous Monitoring and Improvement:

 

AI models require ongoing monitoring and refinement. IT leaders should establish mechanisms for continuous evaluation of AI systems, identifying areas for improvement and adapting strategies based on real-world performance. Regular updates and adjustments ensure that AI applications remain effective and aligned with evolving business goals. Remember that even though a model is good today, it will still be better in 6 months or a year. Also, the data set will age out on models, therefore, you need to ensure you understand how and when this will be updated to support your business. 

 

Collaboration and Communication:

 

Successful AI implementation requires effective collaboration between IT and all business units. IT leaders should facilitate communication, break down silos, and encourage cross-functional collaboration to ensure that AI initiatives align with the overall business strategy. No man is an island, and if you make your safe in this landscape, you will quickly fall behind. While implementing your IT strategy, you engage a cross-business group and work with them to support you in understanding how to engage the wider business and provide training, support, and guidance to maximise uptake and effectively communicate the changes coming.

 

In 2024, the strategic integration of Generative AI, Machine Learning, and AI into IT strategies is critical to business success. IT leaders must align these technologies with business objectives, invest in talent and infrastructure, foster a data-driven culture, prioritise security and compliance, and ensure continuous monitoring and improvement. By adopting a holistic approach, you, as an IT professional, can position your organisations at the forefront of technological innovation, driving sustainable growth and competitive advantage in the ever-evolving digital landscape.

 

If you want to talk to one of our experts about how we can help you with your IT strategy or implementing AI into your business, then please call 01235 433900, or you can email [email protected], or if you would like to speak to me directly, you can reach out to me via DM or at [email protected].

Technology and Cybersecurity; The Trends and Predications for 2024

technology trends in 2024

Time waits for no man and the last 12 months have truly shown that neither can technology or cybersecurity. Tech will not be held back. Governments, companies and individuals cannot stop the march of technological progress. Therefore as I sat down to pen this article for the third year in a row it was very clear to me that the last 12 months have seen such a huge advancement in technology that my predictions might need to be a bit bigger for technology in 2024!

You can read the previous year’s articles HERE and HERE.

Artificial Intelligence (AI) in Cybersecurity

Artificial Intelligence is set to play a pivotal role in cybersecurity. In 2024, we can expect AI to be more sophisticated in identifying and mitigating cyber threats. Machine learning algorithms will continuously adapt to new attack vectors, providing a dynamic defence mechanism. The integration of AI in security operations will enhance threat detection, response times, and overall resilience against cyber attacks. Because of this as business we need to be aware of how the providers of your technology are using AI and how the bad actors will also be using this. It is also going to be critical in 2024 to review where and what data is being held and used to train these AI models inside of your cybersecurity products.

AI & Cybersecurity in 2024

Zero Trust Architecture

The concept of Zero Trust Architecture is gaining momentum as organizations recognize the need to move beyond traditional perimeter-based security. In 2024, expect more widespread adoption of Zero Trust principles, where trust is never assumed, and every user, device, and network interaction is thoroughly authenticated and authorized. This approach ensures a more robust defence against insider threats and external attacks. What this will really mean in 2024 is that the traditional edge and VPN systems many businesses have come to rely on since the pandemic will start to be replaced with ZTNA solutions.

 

Quantum-Safe Cryptography

With the advent of quantum computing, the cryptographic landscape is under threat. To counter this, 2024 will witness a surge in the implementation of quantum-safe cryptographic algorithms. Organizations will prioritize updating their cryptographic protocols to ensure that sensitive data remains secure even in the face of quantum advancements. This is a space to watch and an area of huge growth for security.

 

5G Security Challenges

As 5G networks become more prevalent, so do the security challenges associated with this technology. In 2024, expect a heightened focus on addressing the unique cybersecurity risks posed by 5G, including increased attack surfaces, potential for IoT vulnerabilities, and the need for robust encryption to protect data transmitted over these high-speed networks. Businesses that rely heavily on remote working and mobile working will need to be very aware of this and keep a close key on the risks in the area.

Ransomware Resilience

Ransomware attacks have been on the rise, and 2024 will be no exception. Organisations will increasingly invest in developing and implementing robust ransomware resilience strategies. This includes regular data backups, employee training programs, and the use of advanced threat intelligence to proactively identify and neutralize ransomware threats. For me there is only one answer to this and that will be that every business will need a full MDR (Manage Detection and Response) product in place looked after by a dedicated security team.

 

Biometric Authentication Advances

Biometric authentication is evolving beyond fingerprint and facial recognition. In 2024, we can anticipate advancements in behavioural biometrics, voice recognition, and other innovative authentication methods. These technologies offer a more secure and user-friendly approach to identity verification, reducing reliance on traditional password-based systems. This wont change the world in 2024, but will start to see the shift away from the standard passwords systems we are use to.

Regulatory Compliance and Privacy

With the growing emphasis on data privacy and protection, regulatory frameworks are continually evolving. In 2024, organizations will prioritize compliance with stringent data protection regulations. The focus will be on ensuring transparent data practices, implementing robust security measures, and demonstrating accountability in handling sensitive information.

Generative AI fuelled Social Engineering Attacks

When looking at looking at the risk profile of 2024, it is clear that the trajectory started in 2023 will continue with generative AI being used by bad actors to generate more believable , more dynamic and ultimately harder to detect social engineering attacks. It has been well documented that in 2023 around 80% of all attacks started with compromised identities and as we all continue to invest in better MFA technologies and drive brute force attacks from success the more we will see a direct pivot to using social engineering attacks to compromise the security practices we have in place.

Businesses must strive to educate their employees about the common ways to recognise they are being deceived, this cannot just happen once a year as a tick box exercise you need to be driving change with-in your business and adopting a clear training plan into 2024. Because of this it makes identity protection the most critical protection that companies should look to strengthen or invest in for 2024. Otherwise, adversaries will continually target and successfully comprise this weak spot.

Cost of Living and Financial Impacts on IT and Security Budget

We have seen some unpredictable and unprecedented global impacts over the last 4 years, these have all taken an impact on the global finances which in turn are now starting to reflect in the budgets of businesses across the UK and EMEA. Because of this in 2024 a trend we are all going to need to be aware of is the tightening on IT and Security budgets as the ever tightening purse strings will mean that businesses need to make better choices about where and how they spend money. In these scenarios you need to focus on how to make the most of what you have but also there will be a need to be strong on conveying the value to the wider business on investing or maintaining your IT and Security products and services.

Conclusion

As we step into 2024, the intersection of technology and cybersecurity promises both challenges and opportunities. Embracing innovative solutions, staying informed about emerging threats, and fostering a cybersecurity-conscious culture will be essential for individuals and organizations alike. By proactively addressing these trends, we can collectively build a safer and more resilient digital future.

If you want to talk to one of our experts about how we can help you with your planning for 2024 then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

2023 – Technology Winners & Losers

Amid widespread technological innovation as well as failuresLewis Kitchen

As usual for this time of year, we always think it’s a bit of fun to look back at the last 12 months and see how technology in 2023 has shaped up – who were the winners and who fell flat of expectations over the year.

Winners

AI

AI has made a huge impact in the year 2023. ChatGPT was released by OpenAI on the 30th of November 2022 and quickly took over the internet, receiving the most user signups out of all applications.

ChatGPT is a predictive language model. Although these existed before, OpenAI was the first to make it commercially available. Unlike other chatbots that are designed to perform specific tasks, ChatGPT is a conversational model that can respond to any query from its large database.

This caused a chain reaction among the big companies to push out their AI and gain some of the market share. AI will change the way we work next year with Microsoft CoPilot coming out for enterprise companies.

Cloud Adoption

As always, Microsoft and Amazon have been pushing for more control over the Public Cloud space. As a result, more companies have migrated services to the cloud or running Hybrid setups with it. At Planet IT we have seen a huge increase in growth for customers wanting Microsoft Azure to run their infrastructure. This will continue into 2024 and from 2025 we will expect to see more than 90% of businesses being cloud only.

Losers

Microsoft Windows Operating Systems

2023 saw the end of life for Windows Server 2012, this forced a lot of companies to upgrade their server or utilise Microsoft’s offering for extended 2012 support in Microsoft Azure. This will become a common occurrence as Microsoft looks to end its support for its aging operating systems such as 2016 and 2019 in favour of moving you to the Azure Cloud.

Twitter / X

Twitter was brought out by Elon Musk on the 27th of October. And depending on what side of the fence you sit on this, is either bad or good. The acquisition has been a topic of debate in the media. Some examples include Elon’s hostile takeover of Twitter; renaming Twitter to X; promising an open-sourced algorithm; banning bots and hypocrisy about free speech.

X has been under pressure from watchdogs and civic organisations. This is due to its inability to combat propaganda. For instance, spreading misleading information on the Russia-Ukraine war, the Israel-Hamas war, and the upcoming presidential election.

Azure AD is becoming Microsoft Entra ID

Microsoft Entra ID

You may not yet be too familiar with Microsoft Entra, but it’s about to become a much bigger part of your Microsoft environment.

Microsoft Azure AD, the cloud-based identity and access management solution that powers millions of organisations, is becoming Microsoft Entra ID.

This change reflects Microsoft’s vision to provide a unified and comprehensive identity platform that helps you secure your organization, empower your employees, and enable your digital transformation.

With Microsoft Entra ID, you can benefit from the latest innovations in identity protection, governance, and management, as well as seamless integration with Microsoft 365, Azure, and other cloud services.

ID Protection: Prevent account compromise with machine learning.

ID Protection helps you detect and stop identity attacks in real time. It uses advanced machine learning to identify sign-in anomalies and user behaviour that indicate a risk of compromise. For example, it can trigger a Conditional Access policy that requires strong authentication methods for accessing sensitive resources. This way, you can protect your accounts from phishing, malware, and other threats.

Azure AD is becoming Microsoft Entra ID

ID Dashboard: Monitor your identity security posture with insights and recommendations.

ID Dashboard shows you the impact of your identity protections, the most common attack patterns, and your organisation’s risk exposure. You can view metric cards and attack graphs that show risk origins, security posture over time, and types of current attacks. You can also get recommendations based on best practices and industry standards. With these insights, you can further investigate your security posture in other tools and applications.

ID Governance: Automate access governance with workflows and self-service.

ID Governance helps you ensure that only the right identities have the right access at the right time. It automates the employee identity lifecycle to reduce manual work for IT and increase employee productivity. It also provides machine learning-based insights about identities and app entitlements. You can use workflows and self-service to grant and revoke access to cloud and on-premises apps from any provider and custom-built apps hosted in the public cloud or on-premises. This way, you can comply with organizational and regulatory security requirements.

Apple Software – Critical WebKit Vulnerability: CVE-2023-37450

Apple Vulnerability

Apple has recently released a number of security advisories to address a zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura. An attacker could exploit this vulnerability (being tracked as CVE-2023-37450) to achieve remote code execution. It has been reported that this vulnerability is being actively exploited, which means that attackers are currently using this security flaw to gain unauthorised access to systems, potentially leading to data theft, system damage, or other malicious activities. It is therefore imperative that you check and apply these patches as soon as possible.

Apple Rapid Security Response

Apple has rolled out a new protocol, termed Rapid Security Responses, to expedite the release of critical security enhancements in between regular software updates for iOS, iPadOS, and macOS. This approach allows for a more immediate response to certain security issues such as this one. Upon the application of a Rapid Security Response, a letter is appended to the software version number, indicating that the update has been implemented.

Who and What is Affected?

The vulnerability affects all devices running: iOS, iPadOS, and macOS Ventura that have not been updated to the latest security patches. This includes iPhones, iPads, and Mac computers. The exploit could be triggered by a vulnerable browser processing specially crafted (malicious) web content, leading to remote code execution.

How Can Attackers Exploit This Vulnerability?

Attackers can exploit this vulnerability by creating a webpage or web content that includes malicious code designed to exploit the vulnerability in Apple WebKit. They then need to trick the victim into opening this malicious webpage. This could be done through a phishing email, a message, or by compromising a website that the victim trusts and visits often. Once the victim opens the malicious webpage on a vulnerable browser, the malicious code is executed.

 

What Could Happen If This Vulnerability Is Exploited?

With the ability to execute arbitrary code, an attacker could potentially gain control over the victim’s device. This could allow them to install malware, steal sensitive data, create backdoors for future access, and more. In essence, the attacker could gain the same access to the device as the user, leading to a significant breach of privacy and security.

How to Patch This Vulnerability?

Apple has addressed this issue with improved checks in their Rapid Security Response updates. The patches were initially released for macOS Ventura 13.4.1 (a), iOS 16.5.1 (a), iPadOS 16.5.1 (a), and Safari 16.5.2. However, due to a bug in Safari, some of the updates were pulled. Apple has since released new fixes to address this issue.

 

To patch this vulnerability, users should update their devices to the latest software versions:

iOS 16.5.1 (a) and iPadOS 16.5.1 (a), released on July 10, 2023.

iOS 16.5.1 (c) and iPadOS 16.5.1 (c), released on July 12, 2023.

macOS Ventura 13.4.1 (a), released on July 10, 2023.

To check for updates, go to the settings of your device, select ‘General’, and then ‘Software Update’. If an update is available, tap ‘Download and Install’.

Connect the Classroom: Funded Wi-Fi For Schools

Connect The Classroom, Government funding for schools

The Connect the Classroom scheme is a government-funded program that provides funding for schools in eligible areas to upgrade their wireless network infrastructure. This funding can be used to improve the speed, reliability, and coverage of a school’s Wi-Fi network.

Just some of the benefits of the Connect the Classroom scheme include:

Faster and more reliable internet access:

A faster and more reliable internet connection can help students to access online resources more quickly and easily, and can also help to reduce the number of dropped connections during online lessons.

Improved collaboration:

A better Wi-Fi network can make it easier for students to collaborate on projects, and can also help teachers to deliver lessons that require students to work together online.

Enhanced learning experiences:

A better Wi-Fi network can open up new possibilities for learning, such as the use of virtual reality and augmented reality.

Improved Security:

Install the latest, most robust Wi-Fi network allowing you to take advantage of the best security solutions.

How to use the Connect the Classroom scheme

A school must be located in an Education Investment Area to be eligible for the Connect the Classroom scheme. Schools can apply for funding by submitting a proposal to the Department for Education. The proposal should include information about the school’s current Wi-Fi network, planned improvements, and the benefits the school expects to achieve from the upgrade.

How do I know if my school is eligible?

You can talk to your Planet IT Account manager, and we will find out for you, but basically:

All state schools in Priority Education Investment Areas (EIAs) are eligible to apply for funding.

Priority EIAs are schools in:

Blackpool, Bradford, Derby, Doncaster, Fenlands and East Cambridgeshire, Halton, Hartlepool, Hastings, Ipswich, Knowsley, Liverpool, Middlesbrough, North Yorkshire Coast, Norwich, Nottingham, Oldham, Portsmouth, Rochdale, Salford, Sandwell, Stoke-on-Trent, Tameside, Walsall, West Somerset.

Schools in other EIAs with an Ofsted rating below ‘Good’ are also eligible to apply for funding.

Other EIAs are:

Bedford, Bolton, Bury, Cambridgeshire, Central Bedfordshire, Cornwall, County Durham, Coventry, Darlington, Derbyshire, Dorset, Dudley, East Sussex, Isle of Wight, Kirklees, Leeds, Lincolnshire, Luton, Manchester, Norfolk, North Northamptonshire, North Somerset, North Yorkshire, Nottinghamshire, Peterborough, Plymouth, Rotherham, Sefton, Somerset, South Gloucestershire, South Tyneside, St. Helens, Suffolk, Sunderland, Swindon, Wakefield, Wirral.

Priority Education Investment Areas (EIAs)

Map & detail source, click here.

So, what do you do now?

The Connect the Classroom scheme is a valuable resource for schools that are looking to improve their Wi-Fi network, as essential for modern learning. The Planet IT Education Specialists can walk you through the process.

Here are the steps you can take now.

  1. Talk to your Planet IT Account Manager to start the process and check if your school is eligible.
  2. Discuss the best Wi-fi solution for your school.
  3. Secure your quote to include with your proposal to the Department for Education.
  4. Once approved, install the upgrades.
  5. Enjoy the benefits of a faster, more reliable Wi-Fi network!

 

The Cloud: Your Ticket To Growth Or Your Ticket To Extinction?

The Cloud: Your Ticket To Growth Or Your Ticket To Extinction?

The cloud is no longer the future of IT. It is the now of IT. Businesses that don’t embrace cloud computing are putting themselves at a serious disadvantage.

Here are just a few of the reasons why your business will be left behind if you don’t embrace the cloud:

  • You’ll be less competitive. Cloud-based businesses can be more agile and responsive to change. They can also scale up or down their resources as needed, which gives them a significant advantage over businesses that are still using on-premise solutions.
  • You’ll lose customers. Customers are increasingly demanding cloud-based services. If your business doesn’t offer these services, you’ll lose out on potential customers.
  • You’ll be more vulnerable to security threats. Cloud providers have a team of security experts who are constantly monitoring their systems for threats. On-premise solutions, on the other hand, are often more vulnerable to security breaches.
  • You’ll spend more money. Cloud computing can be more cost-effective than on-premise solutions, especially over time. This is because you only pay for the resources you use.

If you’re still not convinced, consider this: a recent study by McKinsey found that businesses that adopt cloud computing are more likely to grow their revenue by 20% than businesses that don’t.

So, what are you waiting for? Embrace the cloud and start reaping the benefits today.

Here are some specific examples of how businesses in the UK are being left behind by not embracing the cloud:

  • A medium-sized business in Swindon is struggling to compete with larger businesses that are using cloud-based marketing and sales tools.
  • A manufacturing company in Reading is losing customers because it can’t offer cloud-based customer service.
  • A financial services company in Oxford is at risk of a security breach because it is still using on-premise servers.

These are just a few examples of the many businesses in the UK that are being left behind by not embracing the cloud. If you don’t want to be one of them, then it’s time to start planning your move to the cloud today.

Don’t miss out on the benefits of cloud computing. Embrace the cloud and start growing your business today. Contact me directly if you have any questions – [email protected] or DM me on LinkedIn

Microsoft Azure vs OnPrem

Looking for a technology partner?
Let’s talk

  • This field is for validation purposes and should be left unchanged.