Top 5 Cybersecurity Trends So Far This Year

Cybersecurity trends 2021

We are all too aware that the cybersecurity landscape is changing and will continue to change as the technology we use every day continues to adapt, develop, and alter our daily lives.

Put very simply, this trend is clear when you compare your 2010 Honda Civic to the latest release from Tesla; technology is embedded into every corner of our lives and it now even governs your driver safety.

Because of this, the drive to protect business and individuals from threat actors has never been more important. With an ever-shifting set of cybersecurity goalposts becomes the need to understand, adapt and overcome whatever threats may come your way.

As such in this article I am going to take you through five trends we are seeing when looking a cybersecurity and the defence of your IT infrastructure.

1. The Expanding Cyber-Attack Surface

According to cybersecurity ventures, the world will store 200 zettabytes of data by 2025. This data is coming from thousands upon thousands of different sources and a considerable amount of the data is now being driven by IOT and smart technologies.

As I mentioned in my introduction, think of all the data that every Tesla on the road today is generating, the pure volume of telemetry data, decisions, battery health and all the other statistics these mobile computers are generating is staggering. Now think about your smart home, with fridges that can be remotely controlled, lighting, cooling, heating and even garage doors that can triggered from anywhere across the globe, then add into the mix home security systems link Ring Doorbell. All of this sits outside the realm of what for many would have previously considered data that needed to be secured. However, it is easy to see how data like the time you leave your house, the speed you drive and direction you travel, could be of value to a threat actor and even worse could be data they leverage against you.

This however is just to the point, the fact that as businesses are having to daily adjust the scope of what is and is not part of the business attack surface, this leaves the threat actors room to move and the gaps they need to turn your secure system into Swiss cheese.

5 years ago, CCTV may or may not have been the responsibility of the IT department. Today, with digital cloud driven solutions, this firmly sits within a business IT attack surface and is a clear technological risk.

IT Hardware and software

Similarly, take the smart card reader that opens your office doors and your car parking barrier. This is a business attack surface which in the traditional IT model we would have simply been able to ignore. This is no longer the case. It sits on the list which will continue to grow of new areas where CISO, cyber security experts and IT teams in general need to protect.

This trend will of course continue. As IT professionals we must adjust our

security posture and consider how this effects the technologies we use to protect our data and our systems.

There is by no means a golden bullet but there are key markers for success in this area.

 

2. Ransomware as a Cyber Weapon of Choice

Ransomware has been around for almost two decades and has grown in popularity because it can more easily bring financial rewards to hackers. It is estimated that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code.

The reason is that ransomware became a weapon of choice for hackers in the last 18 months was drive by the COVID-19 pandemic. This instantly altered a digital landscape that for many businesses had been slowly changing. In fact, most were stuck to the traditional walled garden of onsite infrastructure and controlled working environments. Now, with the transformation of so many companies and how we operate as a mostly digital, this creates more targets for extortion. According to a research, ransomware increased by 435% in 2020 as compared with 2019.

In 202, the estimated cost of ransomware was £14.5 billion – a rise from £8 billion in 2019 and £5 billion in 2018. That trend will continue to grow.

The likely impact for the near-term future is that there will be more ransomware attacks against institutions and corporations who are less cyber secure and cannot afford to have operations impeded. This includes health care, local governments, and educational institutions. For these sectors the need to adapt and overcome the finical challenges of protecting their businesses has never been more paramount.

 

3. Increase in adoption of cloud services

Cloud vulnerability continues to be one of the biggest cyber security industry trends. Again, the rapid and widespread adoption of remote working following the pandemic increased the necessity for cloud-based services and infrastructure drastically, with huge security implications for organisations. For many, these implications where not understood or ignored as the business threw themselves into a cloud strategy in sheer panic in 2020.

work from homeDon’t get me wrong, cloud services have become essential and offer a range of benefits – scalability, efficiency, and cost savings – but they are also a prime target for attackers.

Misconfigured cloud settings are a significant cause of data breaches and unauthorised access, insecure interfaces, and account hijacking. All of these are avoidable but for many businesses they simply don’t know the vulnerabilities are there. During our webinar series, I often talk about the shared responsibility model. It is key to keeping the door closed to attack but is greatly misunderstood or even ignored by a lot of businesses.

 

4. Social engineering attacks getting smarter

Social engineering attacks, like phishing, are by no means new threats but have become more troubling amid the widespread remote workforce of the last 18 months. Attackers target individuals connecting to their employer’s network from home because they make easier targets. The attack looks to exploit the weak link in most businesses’ security posture, the end user.

As well as traditional phishing attacks on employees, there has also been an uptick in whaling attacks targeting executive organisational leadership. This trend sees CEO, CFO and other business managers being impersonated to other employees or customers to gain financial details or gain credentials.

SMS phishing – sometimes known as ‘smishing’ – is also gaining prominence, thanks to the popularity of messaging apps such as WhatsApp, Slack, Skype, Signal, WeChat, and others. Attackers use these platforms to try to trick users into downloading malware onto their phones, which for many are now heavily linked to the corporate network be that via email or shared file access. For many businesses, MDM or MAM are technologies they still haven’t invested in.

Organisations are increasing their protection against phishing, but criminals are always looking for new ways to stay ahead. This includes sophisticated phishing kits which target victims differently depending on their location. To stay ahead of these trends, businesses need to ensure their staff understand and can act as the human firewall against these attacks – social engineering is not something that technology alone can protect your business from.

 

Managed IT support Oxford

5. The Future, Privacy-enhancing computation techniques.

To change pace slightly now and look less at the trends around attack vectors and how the threat actors are getting in and more around how the cyber security industry is helping us all fight back.

Privacy-enhancing computation (PEC) techniques are emerging that protect data while it’s being used — as opposed to while it’s at rest or in motion.

This marks a dramatic shift in the level of protection we can leverage onto data and how we can continue to work to lock out the threat actors from data at all stages of its life cycle. This technology will also enable secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments.

This technology is rapidly transforming from academic research to real projects delivering real value, enabling new forms of computing, and sharing with reduced risk of data breaches.

I would expect to see these products in your security portfolio in the next 12 months.

 

With the landscape continuing to move beneath our feet daily, as IT professionals, we need to stay ahead of the trends and ensure that we are looking at what threats are just over the horizon.

No IT team can afford to rest on their laurels as the successes of yesterday will not protect you from the threats of tomorrow.

If any of this is of concern to you, whether you are an IT professional, a business leader or simply have cybersecurity fears, please reach out to me or one of my team and we will be more than happy to assess your situation. We are in this war together, and we can’t let the bad guys win!

email: architecture@planet-it.net

call: 01235 433900

or connect with me on LinkedIn: https://www.linkedin.com/in/delljames/

 

 

 

It’s Time Your Business Adopted UEM, And This Is Why!

UEM Endpoint Device Management

The way in which we manage our workforces’ devices is changing. Gone are the days of large, overly complicated on-premise management solutions like Quest (Dell) KACE and Microsoft System Centre. With the continued drive of remote working, flexibility and ultimately employee separation our management tools need to change, now.

Luckily, Microsoft where ready for this move to remote management. They and have spent a long time and A LOT of investment in turning the 2011 product of Microsoft Intune into the 2021 product, which is now known as Microsoft Endpoint Manager, a now formidable UEM (Unified Endpoint Management) tool.

Evolution – just in the nick of time

The original Intune product was designed to answer the question of the time: How to we provide some form of management to the changing device landscape? With the launch of new form factors, and splitting operating systems at the time, this EMM (Endpoint Mobility Management) tool focused on delivering the same basic functional control across the spectrum of devices it supported.

Microsoft is not a company to miss a shift in the market. They released that as we moved into the late 2010’s and into 2020’s that business no longer wanted two products, one to manage devices onsite and one to manage them in the cloud. With this they began the process of taking the features from Microsoft’s System Centre Configuration Manager and merging them with the EMM tool, Microsoft Intune.

This process happened just in time to be ready for the world shifting events of Early 2020. The now mature product from Microsoft gave the best of Config Manager, Intune’s EMM and the fringe features of MDM and MAM that the suite had been dabbling with.

intune device management

So, the question then becomes, why are you not using it?

For nearly all business in 2021 Microsoft Endpoint Manager can play a huge part in ensuring:

1. All your devices controlled,

2. Windows is up to date,

3. patches and software are being deployed and managed.

This on its own takes away 3 key functions you may have existing systems in place to support. However, the largest success for Microsoft Endpoint Manager comes in the form of flexibility. Your users don’t need to be on your VPN, in your network or even in your country to get software updates or even new packages.

This is only then strengthened when we look at the white glove, of out of box experience which can be leveraged with Autopilot.

UEM Device managementImagine you never had to build a laptop again!!

Wouldn’t that just be great? Not only that, but imagine that if a device needed to be moved from user to user. Then you could remotely reset and deploy a fresh version of the operating system and all applications to the device, join it to the domain and have it ready to be reused.

Well with Endpoint Manager and Autopilot you can do just that! The core logic behind the approach is that you don’t need to touch a device to get it ready to use.

Now this can either be directly from the factory or on a previously managed device. This will reduce the time to resolution on support issues and ultimately free up you and your team to work on project that are more important.

With this process, gone are the days of creating a gold image having to run sysprep and then trying to configure the Out of Box Experience with an answer file. Microsoft has simplified this down to a steps-based process. This uses the latest image from Microsoft alongside an answer file based on the Microsoft Endpoint Manager interface, not on a text file. This combined gives you a great position to show business improvements from a system implementation.

Where can YOU make improvements?

The biggest question to ask yourself is where could you optimise your;

  • device management,
  • system imaging,
  • software deployments,
  • application installations and updates,
  • operating system updates
  • and device provisioning?

If the answer is that any of these could be improved, then Microsoft Endpoint Manager is the platform you need to be looking into.

These are just some examples of what Microsoft Endpoint Manager can do. I would be remised to say that the above is a fair representation of all that the suite has to offer. The product is massively impressive and continues to develop and grow as Microsoft as a company moves away from the legacy of its on premise-based solutions to a truly cloud driven SaaS approach.

I know taking this step might seem like a leap in certain circumstances. However, I am always available to discuss how you can leverage better device management for your business. As are the rest of the Technical Architecture team at Planet IT

Please feel free to reach out using the contact details below:

Contact me at – LinkedIn Message James Dell or Email : james.dell@planet-it.net

Call 01235 433900 or Email : architecture@planet-it.net

What is Conditional Access, and why is it an essential part of your security posture?

Conditional Access

By now, you should be aware that the modern digital landscape is full of threat actors. That are always looking for any opportunity to find a weakness in a business’s security posture and then leverage this to gain unauthorised access to data for malicious reasons.

To protect against these attacks, we often look at antivirus and anti-ransomware technology and products like MFA or Two-factor authentication. The truth is that MFA is part of much larger protection that can be afforded a system through an approach known as Conditional Access.

How does Conditional Access work?

Conditional Access (CA) is the process of defining entry vectors and criteria; in its most simplistic form, consider CA to be a door that only opens if you are wearing the right clothes, have arrived in the right vehicle, and are holding your ID. In real terms, CA allows a business to define controls around what can be accessed by who, from where and under what circumstances.

I feel that conditional access is an underutilised part of any defence arsenal. This is partly due to a lack of understanding in the IT community about the technology and a misconception about its limitations. These beliefs and options come from a legacy of Software as a Service (SaaS) and on-premises infrastructure being integrated minimally, however with modern SaaS, IaaS, PaaS and on-prem working in a heavily integrated way. Conditional Access allows you to take advantage of the proper protection that can be afforded a system without comprise.

Is it widely used?

All the major SaaS, IaaS and PaaS vendors support conditional access, and an optimum way to deploy the technology is as such.

  • Limit access to login to Geo Locations that are trusted and used by the business
  • Allow internal networks or trusted networks to have fast passed authentication
  • Only allow data access from trusted and complaint enrolled devices
  • Require MFA in any location that is not inside a trusted network
  • Remove support for legacy authentication methods
  • Deploy true Single Sign-on across all platforms and devices
  • Limit access to the data and services a user needs based on the roles of that user
  • Only allow devices that have Antivirus and Anti-ransomware installed and up to date
  • Only enable devices that have the latest operating system updates
  • Integrate all systems into a single platform, use Conditional Access and MFA to protect the whole network, not just cloud services.

By undertaking this approach, you can reduce the attached surface of your infrastructure and protect data while not limiting your staff’s functionality by placing unwanted security barriers in place.

The diagram below shows how the conditional access approach works.

Conditional Access Explained

Conditional Access

Do you think your business could benefit from the technologies of conditional access? Do you want to know more? Then please reach out to a member of the Architecture team at Planet IT via architecture@planet-it.net or call 01235 433900, and we can talk to you about the options available that work with your more comprehensive technologies.

Technology that SHOULD shape your business in 2021

Tech business trends

While the world continues to turn day to day life upside down and “normal” is more of a relative word than ever before, I wanted to take this opportunity at the start of the year to look at the technology trends your business should be looking into and adopting in order to ensure that whatever the global or national situation, your business is safe secure and up to date.

Cloud Services

If 2020 didn’t already do this for your business you should be looking at moving services to the cloud, now this is bigger than just moving your email to Office 365 or G Suite. When we talk about cloud services in 2021 this is about moving as much of the infrastructure, it’s management and the associated risks away from your physical business location.

If we take a traditional office where you have your servers, storage, back-ups and user data onsite close to where your users where working, in 2021 this approach is illogical with staff working from home and in the office suddenly you have a single point of failure in your office environment as well as needing the equipment maintained , monitored and managed in a location which may be shut due to local restrictions.

With the move to Cloud services the aim is to push as many of these services to diverse, secure and robust providers which removes the inherent risks and reduces any downtime you might face. If done in the right way you can do this with the same level of latency that you would get in your office environment but accessible quickly for your users working from home.

With businesses that implemented cloud services in 2020, they saw an decrease in running costs of up to 50% and an increase in uptime and productivity up to 99.99% which is beyond what any onsite system can deliver and this is due to the scale and depth of the product line of some of the cloud services on the market.

work from home

The Human Firewall

The trends we saw in 2020 made it very clear that we need to invest as much time into training our staff to be safe and secure as we do into finding the right technology to support them. That is why in 2021 one of the key areas of development we believe all business should be looking at is the human firewall. By this we mean training your staff to know what is safe and is not safe in the digital world and how to prevent risks to the business.

We saw the effect that phishing can have on business with an increase of 667% in March last year when COVID first became a major issue for the U.K. and scammers took in their waves to try and use peoples vulnerabilities against the businesses they work for. These attacks continue today following trends of presenting vaccination options and emails about furlough schemes all designed to capture business information and defraud businesses.

Now with this there is no one size fits all approach but there is a logical approach which will prevent your business being open to risks that exist on your doorstep. If we can teach our staff in 2021 to stop, deal with and report these problems then we increase the ability of a business to be robust and secure and remove the guess work from the technology we need to ensure a business is safe, for me 2021 is the year of the Human Firewall.

human firewall

Zero Trust Networking

As we move to a more dynamic way of working, both now and post COVID, we need to think about how the new fleet of devices we operate as businesses are managed, controlled and protected. The physical borders of your office space are no longer 4 brick walls but unlimited by the connectivity we have in place. Because of this we need to look at how we secure and control our devices, users and data across such a wide spectrum of use cases.

Now this can start with the simple steps of Mobile Device Management, Cloud based anti-virus technology but very quickly we need to be thinking about virtual connections to datacentres, home broadband and wireless security and cloud access control.

This is why in 2021 I believe all businesses need to review their approach and look to embed a zero-trust approach into all aspects, and while some people will see this approach as intrusive and over the top, it has been proven time and time again to not be. You only have to look at the speed in which a home wireless network can be broken into to realise that you are not safe trusting peoples home set ups.

In conclusion 2021, like 2020, is going to be a very different year, with the cyber criminals and the threat landscape changing everyday. However as business owners, technical professionals or employees we need to switch our approach and ensure we are using these changes to make our business ready for this continually changing landscape as we move forward.

 

If you want to talk to one of our experts about how we can help you in 2021 then please call 01235 433900 or you can email enquires@planet-it.net or if you would like to speak to me directly you can reach out to me via DM or at james.dell@planet-it.net.

2020 – The Technology Winners & Losers

Technology Winners

We all know that 2020 has been a challenging year for businesses and it is no surprise to anyone at this point late in the year that the digital landscape is very different to what it was 12 months ago.

So today, rather than a simple review of the year, I am going to look at some of the technology winners and losers of 2020.

Winners

 

Microsoft Teams and Zoom

Well obviously, right?

These two companies have enjoyed a dramatic rise to relevance as businesses moved (were forced) to an all-digital approach this year.

The reason these two thrived where others struggled is what makes them winners: both platforms offered the services for free for most of this year as part of their COVID support packages. Because of this they now have thousands, or even millions of new customers who won’t leave them in 2021. Teams and Zoom are now critical to many organisations and are part of their business models moving forward.

Not only was this smart marketing by the companies it has allowed both parties to learn at speed about what features we all want from these tools, I think this is clear when you see the number of changes that Microsoft have made to Teams this year, it’s certainly not the clunky product we were trying in 2017 anymore!

Microsoft Teams

AMD

AMD came out the gates swinging this year and they certainly had no intention of holding back. With the Ryzen 3000 series they have cemented their return to relevance making their CPU’s affordable and, in nearly all cases, faster than those coming from Team Blue (Intel).

However, this year they would go on to show why the 7nM process is so important and why Intel still pushing an 10nM process was going to cause them issues, this came in the form of Ryzen 5000 series, which wiped Intel off the top spot in nearly every scenario, and it did so a month after Intel announced their “best processor yet”.

This position was made even stronger when AMD managed to get both Dell and HPE to add their AMD EYPC processor to their server ranges giving customers the choice when looking to buy new servers. This is not only a win for AMD but also for consumers and businesses. We now have a better variety to choose from and can finally start to move away from Intel’s dominance, where the price point or performance does not make sense.

 

Apple Silicon

Continuing on the theme of CPU’s, Apple closed the year off by showing us all what can happen when you own an end-to-end process with the release of the M1 processor and the new range or M1 Apple devices.

This product, born from the legacy of the A Series mobile chip found in iPhone and iPad, is Apple’s first desktop processor since the days of PowerPC (Let’s not talk about it!). The important thing about M1 is not only is it built on the 5nM process but is also mind-blowingly powerful for a CPU which seems to simply sip on power rather than drain your battery in minutes. This, of course, is in part due to the fact that Apple own the eco system and can simply optimise every single instruction set to be smarter by working the CPU with the OS in the exact way they want, but they still have to be considered winners for this…

Also, who doesn’t want to run iPad apps on their Mac?

Apple Silicone

Public Cloud

Another rise to relevancy this year came in the public cloud drive, as customers seeking a solution to closing their offices and working across the country and the globe looked to the once distrusted Public Cloud as a saviour.

I have long believed the future was public cloud and 2020 was maybe the wrong way to prove a point, but we have seen a dramatic uptake in public cloud services. A huge number of large business are moving across and an even larger number of companies are planning through 2021 to close their datacenters and server rooms and put their workloads with Microsoft, Amazon or Google instead.

This move has co-existed with the drive by the big three to make the platforms more affordable and reduce the work to onboard to the platforms. This is only going to continue now as we slowly move away from onsite systems.

 

Losers

 

Intel

Now I already mentioned the bad year Intel is having in passing when coming up against AMD, but this year has been an all-round kicking for team blue.

This year also marks the beginning of the end of the Intel based Mac, which while only a small part of their revenue is sure to shake the foundations of what they are doing with other system integrators and device creators – not least Microsoft, who this year pushed AMD surface devices ard ARM based Surface Pro X devices.

Intel is not having a good year, but they need to learn from that their dominance in the CPU sector was on legacy born from innovation. Since the launch of the Broadwell generation of the i3-7 line up they have slowed down sticking until this year with 14nM for nearly all of its processors and simply looking for ways to push the clock speed on the devices. Now this year we reach the point where pushing clock speed is of less and less benefit and in 2021 we know Intel are going back to the drawing board to try and refine the 10nM and move to a smaller die process.

Good luck in 2021 Intel, otherwise it’s going to be another Team Red year!

Intel

Apple iPhone

Now the iPhone isn’t a looser in 2020 just because I left and moved over to the Android side!

This device is a looser because it lost to a phone half its price in a photo shoot-out between the iPhone 12 Pro Max and the OnePlus 8T in a blind test run by MKBHD . Now, the importance of this test is massive as it shows that you don’t get perceivably better images by using an iPhone as Apple would have you believe,. It also shows consumers in a very tight financial year that you can get a great camera for less than half the price.

Will this change people’s minds about buying a new iPhone? Maybe not. But it hopefully will make Apple sit up and think as both the iPhone SE and 12 didn’t make it through the first stage of the process, showing that the issue may be with the way Apple handles the images and less about the quality of the camera. Either way the iPhone (13) or whatever it’s called needs to make improvements on this and be a big step forward for Apple in 2021 as their dominance is slipping and the Android market is out for their crown.

 

Onsite Infrastructure

The office has taken a bit of a beating in 2020. It’s becoming, for many businesses, a way to spend money for space you are not using,. This has caused a number of businesses to decide now is the time to change the way they interact with office space we have seen a massive increase in businesses looking to either move to co-location or into public cloud.

This has meant that the days of the larger projects for onsite deployments have slowed, so I think it’s fair to say 2020 has been a bad year for on-premises solutions but a great year for anything cloud!

 

There have been many more winners and a lot more losers than I could cover in this article, however I think the major take away for 2021 is that the IT landscape has changed far more in 2020 than in any year prior to it, as an IT professional I don’t expect business to slide back into old habits and things to switch back as we slowly return to more normal times.

Whatever 2021 brings I am excited to be at the forefront of matching our customers to the latest and greatest technical solutions.

Can I get rid of my phone system and just use Microsoft Teams? Of Course!

Can I use Microsoft Teams as my phone system

Struggling with your phone system while your team works from home? Still using a system that struggles with the modern way of communicating, transferring calls and staying connected? Then Direct Routing for Microsoft Teams might just be the solution you are crying out for!

Could it be the right solution… ask yourself these short questions…

👉 Do you already have Microsoft Teams? If you use Microsoft 365, you will.

👉 Are you looking for a straightforward voice solution? The fact that you’re already this far down the article means you probably are!

👉 Do you have a basic requirement to make calls? Receive calls? Transfer calls? … yes to all, right?

👉 Are you still using traditional digital lines? (ISDN?). Are you aware this is being phased out completely over the next couple of years?

👉 Do you require flexibility to add users quickly and effectively?

If you have answered yes to the above, then Direct Routing for Teams is the ideal solution! To help you get a better feel for what this can do for your business, I’ve put together a FAQ to explain.

 

What does Microsoft Teams provide when Voice enabled?

When Planet IT add SIP (IP/internet) trunks to Microsoft Teams, it simply gives users the ability to make and receive calls via the Teams platform.

Your staff will be able to transfer calls, forward calls to voice mail and implement a basic automated attendant, all through Teams. Essentially, it’s a straightforward, cost effective telephony solution for businesses of all sizes, who need to have the flexibility to change the way they communicate and work more collaboratively!

microsoft teams

Will calls be expensive?

In a word, no! Depending on the bundle and the contract term selected, you can reduce your costs overall, as your calls are routed via the internet! So, you get resilience and the call savings!

What about users who require handsets?

All you require is a USB or Bluetooth headset, however, if you have users who prefer a traditional handset on the desk, Planet IT can supply a wide range of Teams enabled handsets for you to choose from.

What about mobile phones? We use them a lot.

It can still be used on mobile, of course! all you need is the Teams App, easy!

It does sound easy, what’s the catch?

No catch. all that changes for you to move to Direct Routing for Teams, is that Planet IT need to move your numbers into the cloud. Just check your contractual status on your existing numbers and we do the rest of the work for you.

Microsoft Teams Training

What about training?

Although Teams is intuitive, if users require training, we can perform this via…. Yes, you guessed it, via Microsoft Teams, or we have a range of easy-to-follow video tutorials for you and your staff to access anytime.

Will there be down time?

It will be minimal. When you move onto any new solution there will be some service disruption, however our experienced Voice & Connectivity team will keep this to a minimum and transition you, hand holding you every step of the way.

Sounds ideal! What do I need to do?

Call our Voice and Connectivity team on 01235 433 900 or speak to your Planet IT Account Manager to discuss this further!

If you want to know more about Planet IT’s voice & connectivity service, READ MORE HERE, or if you want to see the power of Microsoft Teams, check out our tutorial videos HERE

Again, big changes coming with macOS Big Sur – be careful for now

macos big sur

macOS Big Sur is about to release to the public and as we have highlighted across several of our blog posts in the last few months, this brings large scale changes.

If you are running any of the following on your macOS device;

  • Antivirus or Antimalware software
  • Encryption Management software (File Vault Management)
  • Virtualization Applications
  • Dual Booting / Boot Camp
  • Containerized Applications

The we strongly recommend you hold off updating when the update is released, this follows several press statements from major software vendors like this one from Sophos. In which they detail the challenges of the short time frame and moving to Apples new API approach.

If you have any concerns of about your business software or upgrading we recommend that you speak to your Planet IT account manager who will be able to assist you with compatibility guides and information from the vendors specific to your business. If you’re not already a Planet IT client, then feel free to reach out to me directly on james.dell@planet-it.net

The landscape and support for macOS Big Sur WILL improve. We do not expect this to happen in the next few weeks but do expect most vendors to have support by the end of 2020.

To read more on this story you can see our previous blog posts on the subject here:

This might sound controversial, but resist that big MacOS update, for now!

macOS the big change with Big Sur

We know this goes against the usual advice you might hear from us or other IT experts, so in the meantime if you would like to discuss with myself or any of the highly skilled team here at Planet IT about how to keep your business operating, secure and safe in the changing world of the Mac you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : james.dell@planet-it.net

Talk to the rest of the team – Call 01235 433900 or Email : enquires@planet-it.net

Email Security – The biggest scope for an attack

email protection

There is no bigger scope for attack on your organisation than e-mail.

We all use it. We all have stacks of it. And we have all fallen for some gimmick or promise. Or not even that, spoofing, where you thought Stuart in Product Development was genuinely asking you out for dinner and so needing you to send back you phone number! Only to then get inundated with phone calls as you’ve given your number out to the bad guys. (Yes, ready meal for one coming up).

Our very own dreamboat Adrian Sweeney was spoofed recently (thankfully, we’ve done our training!)”.

There is no off switch. I wish there was. It’s my most asked about security concern, and so it should be!

Even the Mimecasts or Barracudas of this world can’t catch everything, it’s a constant game of cat and mouse, and sometimes the mouse wins!

What WILL help against this constant barrage of spam, is Email protection. (It is scary how many companies out there still don’t have ANY). And in fact, if you don’t have it, you are either crazy or bonkers. There are SO many vendors out there. Ones I like, Mimecast, Barracuda and Censornet, (less known but works well).

And……..

So you’ve got the security guards checking the e-mails, if your names not down, you’re not coming in……Well what happens if it still gets in?

Yes – This big cost you have just forked out has still let spam in. As mentioned before the mouse won….

A solution – Simulated fishing campaigns… One company name that stands out for me on this one, market leader KnowBe4.

It’s easy to use and set-up, and you can safely send simulated email phishing attacks to your staff AND if they fail, they get sent the correct training to help them not do it again.

It’s easy to keep track of who is having issues, and it helps you tailor the campaigns to better suit the business you run. This only helps you get the best from the product.

Sorry, that one went a bit salesy. But only because it’s important and we can help you. If you would like a proof of concept at no charge, or discuss how Planet can just take care of all this for you contact: SecurityServices@Planet-IT.net

macOS the big change with Big Sur

macos big sur

About a month ago I wrote an article ” This might sound controversial, but resist that big MacOS update, for now!” In that article I warned about the changes that Apple where bringing to the operating system of macOS with the move from 10.15 to 11, one of the biggest of these is the removal of direct access to the system kernel.

While from a purely security centric point of view this sounds like a great idea, as you are restricting the ability of any software to jump onto the system and access machine changing instructions, it poses a serious implication to the world of vendor support for macOS.

At the time I warned of this impending change, however when writing that article, it was difficult to really clarify how big an impact Big Sur was going to have on 3rd Party software. However, in the last few days it is starting to become a lot clearer.

Since initially testing the Beta on a development machine, as we do every year at Planet IT to ensure we can successful support for our client’s businesses, we initially noticed that a number of software products stopped;

  • Antivirus
  • Encryption Management software
  • Virtualisation Applications
  • Container Applications
  • And the list goes on….

When this initially happened, as an Authorised Apple Reseller, we were already a few weeks into testing, ahead of the companies who make the software

Because of this, when writing my previous article warning of the risk, I wasn’t too harsh on any single software vendor, just in case they got their act together and updated the software to move from direct kernel access to the now Apple approved API access.

Late last week along with many customers I received the below from Sophos;

“Dear Sophos Customer/Partner,

Please note that the current version of Sophos SafeGuard is not compatible with the upcoming release of Apple macOS 11 (Big Sur) and will not function correctly. We strongly recommend that customers do not upgrade any macOS clients running Sophos SafeGuard to macOS 11 (Big Sur) at this point. Doing so may have undesirable effects including:

1.

Device Encryption – SafeGuard may in some cases not be able to retrieve FileVault recovery keys, meaning that machines might not be recovered if users forget their password

2.

File Encryption – SafeGuard may in some cases not be able to encrypt and decrypt files transparently. Please note that no data is at risk of being lost as manual encryption and decryption of files will still be available

We intend to issue a Service Release of Sophos SafeGuard that will resolve these incompatibilities. In the meantime, we recommend you do not upgrade the operating system and wait for this Service Release instead.

For the latest information, please see this article. This article will be regularly updated with the latest information.

Best Regards,

Your Sophos Team

This began to answer a question that had been burning in my mind, are these vendors ready?

The answer is no!

Sophos is not alone in having issues with macOS 11, but they are, to their credit, the first to publicly admit it. Their suggested action is to not upgrade to macOS 11 Big Sur when it becomes publicly available (expected in the next 10 days), however that is easier said than done as Apple will force you to update with-in a matter of weeks anyway.

We expect to see a number of issues with additional software as a wider group of user uptakes the new software and unfortunately this year more than ever software vendors are slow to resolve the issues and adjust to the new way of working.

So our advice remains simple, HOLD OFF! 

I know we usually recommend keeping all devices up to date, but please don’t rush to upgrade your device this time. If you use it for work in any way, you are going to want to stay on the latest secure update of 10.15 MacOS Catalina for a while.

As with this update we are going to continue to monitor the situation and we will let you know as soon as it’s safe to make the jump and we hope to publish a granular list of unsupported major applications as soon as the public release of Big Sur occurs.

We know this goes against the usual advice you might hear from us or other IT experts, so in the meantime if you would like to discuss with myself or any of the highly skilled team here at Planet IT about how to keep your business operating, secure and safe in the changing world of the Mac you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : james.dell@planet-it.net

Talk to the rest of the team – Call 01235 433900 or Email : enquires@planet-it.net

This might sound controversial, but resist that big MacOS update, for now!

macos big sur

MacOS is changing with BigSur. Not only does the OS X era really end at 10.15 as we are introduced to BigSur (11.0) around late September, but the fundamentals of the operating system will change too. But why is this important to me, you ask?

Well as your average Mac user, as soon as Apple press the big red “Go Live” button on BigSur, you will see little red icon appear on your system preferences, as well as a nice little banner on both your notifications and App Store telling you to upgrade now to the future with MacOS BigSur. Believe me, I understand the excitement of a new update! And with all of this the temptation, it will be really easy to simply press the button and see what the future holds.

However the reason for writing this article is to implore you to wait…. BigSur will be the start of what ushers in the ARM based Mac era. However, with this a number of your current business applications will have to be altered or may not even work at all, this is the big unknown with a change of this magnitude. While Apple and 3rd Parties can try their best to work together to ensure functionality there is an inherent risk that, at launch, a number of your key applications won’t work as expected.

This apprehension is born from initial findings and decisions by Apple to change the way that the OS functions, the biggest impact will be seen to 3rd Party Security software or Anti-viruses. As they will no longer be able to directly talk in the way they have previously to the Mac, this means for many vendors a rush to produce a whole new Antivirus solution that works on the new MacOS BigSur.

So our advice is simple, HOLD OFF! 

I know we usually recommend to keep all devices up to date, but please don’t rush to upgrade your device this time. If you use it for work in anyway you are going to want to stay on the latest secure update of 10.15 MacOS Catalina for a while. We intend to notify our customers and followers once we have been able to establish that it is in fact now a safe time to migrate. This will be in the form of another blog just like this so keep your eyes peeled.

I know this goes against the usual advice you might hear from us or other IT experts, so in the meantime if you would like to discuss with myself or any of the highly skilled team here at Planet IT about how to keep your business operating, secure and safe in the changing world of the Mac you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : james.dell@planet-it.net

Talk to the rest of the team – Call 01235 433900 or Email : enquires@planet-it.net

Looking for a technology partner?
Let’s talk