Posts

The Onion Approach to Cyber Security – Data Security Defence in Depth

Shrek image on the abstract onion background.

In Shrek’s words (Well, sort of), “Onions have layers. “Cyber Security” has layers… You get it? They both have layers.” He has a point!   

You may have heard of the term Defence-In-Depth. The principle is that the more “layers” of security, the better protected it will be from the threat actors who seek to affect your business, damage your workflow and disrupt your profitability. In the cyber security space, we often liken this approach to an onion, and I cannot liken anything to an Onion without seeing Donkey’s face as Shrek explains the principle of having layers! 

In this article, we’ll peel back the layers (pun intended) to understand why having multiple security measures is crucial for safeguarding our valuable data. Most importantly, how and why your business, regardless of size, needs to be taking the onion seriously and ensuring you’re not leaving yourself woefully underprepared.  

Having worked in the IT and Cyber Security space for over 15 years, I have seen first-hand the devastation, disruption and loss of business caused by a failure to take a layered approach to protection, so much so that I have even had the unfortunate pleasure of seeing well-established companies fold due to their lack of investment in cyber security.  

The “defence in depth” strategy emphasises creating multiple layers of security around various components in your IT environment. Let’s explore these layers and understand their significance. 

The Onion Approach To Cyber Security

Imagine an onion: it has concentric layers that wrap around its heart. Similarly, our data needs layers of protection. In this scenario, our data, our intellectual property, and our customers are the heart of our onion! However, we should consider the outside layers first, as they are the most vulnerable to the first attack. 

Planet IT and Sophos AI Cybersecurity event

People, The Human Layer (AKA The Human Firewall)  

In any business, the most significant risk to your data security is always your people. We are all human, we all make mistakes, and therefore, we all need the training to understand how to reduce the risk you pose to the business and how best to protect the system you use every day. I call this the Human Firewall, the largest surface and the easiest to harden and develop. However, this is usually the most underdeveloped across all the businesses you see that have suffered a cyber attack. To build this layer, you should; 

Implement strong Security Policies: Educate users about best practices, how the business expects them to interact with the systems and data and what could go wrong if they don’t. 

Have strong Business Conduct Guidelines: Promote security awareness by giving the staff all the training to correctly use the system and strong guidelines on what happens when you fail to adhere to the expectations. 

End User Training and Test: Test your users every month, train them every six months and don’t always use the same training and testing. You should have strong Phishing training, cyber security and data protection training in place that should involve regular assessments, training and re-evaluation. Don’t allow complacency. 

Comply with Local Regulations: Ensure that your staff know the regulations and expectations of your operational locations, be that EU, UK, US or any other regional regulation; now, knowing is not a justification! 

Physical Access: Locked Rooms and Restricted Areas  

It goes without saying that the physical protection afforded to any office, data centre, server room, or workspace is critical to the implementation of reasonable security standards. It is also critical when we think about how we stop the bad actors from gaining entry to well-digitally protected systems. This is often an area where IT teams pass off the reasonability to facilitate or disregard interest in site management, but this should never be the case. 

Secure physical spaces prevent unauthorised entry. You need to ensure that every server room door is locked, that all data centres have restricted access, and that access control mechanisms are deployed around your business with the correct level of entry and authority for all users, roles and responsibilities. This should be paired with CCTV and a valid security system. 

Pharma IT Support

Network Security: Fortifying the Digital Perimeter  

This usually is where most IT professionals and business owners think cyber security starts and ends. This is simply not true. This is a big part of the puzzle, but at this point, we have already broken through two layers of the onion, and we are dangerously close to risking it all.  

You need to consider the breadth of the solutions you choose when it comes to this layer, as we need to cover all points of ingress or lateral movement and not just consider the edge of the network. We will often see people think about the edge too much, forgetting the dissolving edge following the pandemic and moving to remote and hybrid work. 

Local Area Networks (LANs): Secure switches, routers, and firewalls; this is the physical network. I would expect to see a robust firewall or SASE solution tied into a single well-respected vendor for switching with your internet provider in most cases offering you a robust router which is secure and outside of your DMZ and the direct risk profile of your business. 

Wireless Networks: WIFI, it is all about Implementing strong encryption and access controls. You need to ensure that your WIFI does not allow access to business systems or devices that are not trusted. In this regard, you should use a well-known vendor, have at least user-based authentication, separate SSIDs for staff and guests, and have appropriate ACLs in place backed by your LAN. 

Intrusion Prevention Systems (IPS): In most cases, this will sit on your firewall and detect and block suspicious network activity. However, when you move into the medical, pharma or bio-medical space then, you need to consider that you may require IPS internally in your network also to prevent insider lateral spread. 

Remote Access Servers: There is always a case where someone needs to gain access to the system for legitimate reasons from outside your business. Implementing a tool like Azure Virtual Desktop or Windows 365 to provide secure and controlled access is critical. 

Network Operating Systems (OS): If you want to be protected, you need to keep them updated and hardened. It goes without saying that if you are an ISO 27001, Cyber Essentials or CE Plus certified business, then this should be second nature to you. Once a device loses support from a vendor, this is a risk and must be removed from the system. There is no excuse for running a legacy operation system in 2024; you can use tools to virtualise legacy platforms, isolate them from the network and remove the underlying OS risk. 

Voice Security: Protecting Communication Channels 

This is often forgotten about. IT professionals on legacy will have passed the phone system to a 3rd party or another team. However, with the integration into tools like Teams, this becomes a thing of the past. 

Private Branch Exchange (PBX), Voice Gateways and Voice Mail Services: Secure legacy phone systems by removing them from your core network and placing them on ACL-controlled VLANs with restricted access and locked-down ports. Using a solid network that uses Voice VLANS can go a long way to removing this risk. If your phone provider doesn’t know about this or how to do this, then they are stuck in the past. Security is key. All of this still applies if your phone system is hosted or running on someone else’s physical kit. 

Unified Communication: Secure real-time communication with relevant user controls, physical restrictions and tools like conditional access and multi-factor authentication (MFA/2FA). You do not want a bad actor making calls from your platform and tricking your customers into thinking it’s you. 

Endpoint Device Security: Covering All Devices  

One of the most significant devices you own will be lower risk. Most, if not all, will have a strong Anti-virus and Anti-malware product in place that contains a Zero Trust approach and offers real-time protection. But this goes beyond simply slapping anti-virus products onto your laptops. 

Printers, Scanners, Desktops, Laptops, Tablets, and Smartphones – each device needs protection; this should be two-fold. It should be enrolled into an MDM, restricted on the network in terms of its access and then protected by your AV tools and, if you can, protected by a 24/7 Managed Detection and Response service.  

Planet IT Cybersecurity Team

Server Security: Safeguarding the Heart of IT 

Then we get to the core of it, where your data sits and where the risk is highest. This applies if you are on-premise, in a data centre or in the cloud. You need to manage the risk and ensure that the core functions and protection and that you maintain good heart health! 

Operating Systems (OS): Regular patches and security configurations. As I said above, this goes without saying. You need to have the protection in place, and this starts with regular patching. Even a 24/7 business needs to have downtime windows to ensure systems and patches are up to date. If you can’t do this then the architecture of your environment is wrong, and you need to look at role load balancing and expanding your operational system to allow for proper updates and patching. 

Applications: You need to know not only what you are running but also who it is from, and when developing internally, use secure coding practices. Applications tend to be the weak link on a server and often are the gateways that threat actors use to enter a system. Having a regular patching cadence and reviewing who you are buying applications from is critical. 

Databases: If you are storing data, it should have encryption, access controls, and auditing as a minimum, with the protection that is afforded to the data being as high as it can be without implementing tooling that prevents data access. 

Why the Onion Approach Matters 

Hardening the Target: By forcing intruders to navigate multiple security controls, we make it harder for them to reach our data. This will prevent them from getting the easy win. The more we can build breadth and depth in our defence, the less risk you have. 

Risk Management: Balancing both security and performance is crucial. Too restrictive security affects flexibility, while leniency invites risks. However, no one has stood following a breach and said, “We had enough protection”, so look at the risk profile and really understand if you think you can accept a risk and how likely it is that a threat actor will see that risk as an open door. 

Acceptable Risk Level: Evaluate the impact of vulnerabilities and the probability of events. The onion approach helps find the right balance but is not the complete answer. You will need to review, access, develop and grow your business. 

In the complex realm of IT security, thinking of cyber security like an onion can guide you. Look to build layer by layer to develop a robust defence strategy and ensure your data remains safe. 

So, embrace the onion approach—because cybersecurity is complex, just like Ogres, and at the end of the day, it’s for protecting what matters most. 

Remember, security is a journey, not a destination, so keep building those layers! 

If you want to talk to one of our experts about how we can help your business secure itself and the benefits the Onion approach could have for you, please call 01235 433900 or email [email protected]. If you want to speak to me directly, you can contact me via DM or at [email protected]. 

The Cyber Observe Orient Decide OODA and Act Framework

Microsoft Copilot for Security: Empowering IT Teams with AI-Driven Insights

copilot for security

Organisations all face an uphill battle against sophisticated and ever-changing threats. As adversaries become more cunning and leverage AI and ML to deliver more complex attacks, defenders need innovative tools to stay ahead. This is where Microsoft Copilot for Security, a ground-breaking solution that combines the power of artificial intelligence (AI) with security expertise to enhance threat detection, response, and overall cybersecurity security posture, comes in. On the 1st of April Microsoft releases, to all Microsoft 365 customers, the ability to gain the intelligence of a threat analyst at the press of a button.

Understanding Microsoft Copilot for Security

What makes up Microsoft Copilot for Security? The product is built from Microsoft’s Copilot platform, leveraging their bespoke blend of the Open AI engine and the threat data they have from the world’s largest endpoint dataset, but it is so much more than that; here are some of the key components that makes Microsoft Copilot for Security different.

The Fusion of Language Models

At its core, Microsoft Copilot for Security is a fusion of two critical components: an advanced large language model (LLM) and a security-specific model. This unique blend allows it to understand and address security challenges effectively but without losing the human and natural level compute understanding gained via an LLM. By leveraging the vast amount of data generated daily (approximately 65 trillion signals) that Microsoft has access to because of its Defender, 365 and Windows platforms, Microsoft Copilot for Security distils relevant insights for you as a defender.

Guided Insights and Actionable Recommendations

Microsoft Copilot for Security acts as a trusted advisor, providing actionable guidance to security teams. Here’s how it works:

  • Signal Interpretation: The solution processes an array of signals, including threat intelligence feeds, network logs, and endpoint data. It identifies patterns, anomalies, and potential threats.
  • Contextual Summaries: Instead of drowning defenders in raw data, Microsoft Copilot for Security generates concise summaries. These summaries highlight critical events, vulnerabilities, and emerging risks.
  • Threat Prioritisation: Not all threats are equal. Microsoft Copilot for Security prioritises incidents based on severity, impact, and relevance. It ensures that defenders focus on what matters most.
  • Step-by-Step Playbooks: To empower junior staff, Microsoft Copilot for Security offers step-by-step playbooks. These guides simplify incident response, ensuring consistent and effective actions.
  • Reduced Response Time: With Microsoft Copilot for Security, response times shrink from hours to minutes. Defenders can swiftly investigate, contain, and remediate threats.

IT can save you money

Integration with Microsoft Security Solutions

Microsoft Copilot for Security seamlessly integrates with the vast array of Microsoft security products, which many of you will be using or will have access to:

  • Microsoft Defender XDR: Prevents and detects cross-domain cyberattacks using AI-driven insights.
  • Microsoft Defender for 365: Pulling threat data from Microsoft Graph and your 365 environments to provide AI-driven insights.
  • Microsoft Sentinel: Collects security data from diverse sources (cloud, on-premises, and hybrid environments) and correlates alerts.
  • Microsoft Intune: Protects devices, enforces compliance, and mitigates threats across endpoints.
  • Microsoft Defender Threat Intelligence: Exposes suspicious infrastructure and provides dynamic threat feeds.
  • Microsoft Entra: Safeguards identities and secures access to resources.
  • Microsoft Purview: Ensures governance, protection, and compliance for data.

Empowering Defenders at Scale

Microsoft Copilot for Security democratises security expertise and puts it in the hands of all, regardless of your experience of exposure to the threats your business is seeing:

  • Natural Language Interaction: Defenders can converse with Microsoft Copilot for Security using natural language. It feels like having an AI-powered security expert by your side. This gives you the quickest route to the information you need while using the language you know rather than throwing logs at you.
  • Efficiency and Consistency: Junior security analysts benefit from guided playbooks, while senior experts offload repetitive tasks. The result is a more efficient and consistent security team.
  • Cloud-Based AI: Microsoft Copilot for Security operates in the cloud, enabling real-time updates and scalability. There is no agent to install, and no extra tools to host. This is all delivered as SaaS.

Microsoft Copilot for Security isn’t just a tool; it’s a force multiplier for IT Teams. By harnessing AI, contextual insights, and expert guidance, organisations can proactively defend against threats. As the threat landscape evolves, Microsoft Copilot for Security remains a steadfast ally, empowering defenders to protect their digital assets and maintain cyber resilience.

Remember: In the battle against cyber adversaries, having a Copilot can make all the difference.

If you want to talk to one of our experts about how we can help your business secure itself and make the most of AI and Microsoft Copilot, please call 01235 433900 or email [email protected]. If you want to speak to me directly, you can contact me via DM or at [email protected].

 

Microsoft 365 Copilot What's New

 

HOW TO FIND YOUR 365’S DATA RESIDENCY AND WHY IT IS IMPORTANT

Data imagePlanet IT

As digital transformation continues to reshape every industry, it’s important to understand the often-overlooked concept of Data Residency as it has wide-ranging implications for any business.

Data Residency refers to the physical or geographic location where an organisation’s data is stored at rest. The location of an organisation’s data presents certain legal and compliance implications. For this reason, it is essential to have a clear understanding of the concept to ensure the privacy, compliance and security of personal and business data.

Businesses must comply with regulations and failing these regulations can cost hefty fines, a loss of reputation and customer trust.

What is Data Residency?

As mentioned, data residency is a physical and/or geographical location where an organisation’s data is stored. This includes on-premises, in the cloud or in a remote data centre which poses certain legal and compliance implications. Below is an explanation of Microsoft Cloud location storage.

Microsoft separates your Office 365 Data into seven categories, detailed below:

Separated Office 365 Data into seven categories,

Microsoft separates your Office 365 Data into seven categories.

When possible, Microsoft will store your Office 365 Data within the country of your business’s operation. If Microsoft does not operate in that country, it will be stored in the closest Microsoft data centre available.

Most Microsoft 365 customers will be eligible to purchase the “Advanced Data Residency(“ADR) add-on which allows greater control and flexibility of your DR. This will allow you to store data in set regional data centres such as UK West, Instead of UK South. The main feature of this add-on is the ability to control purview-controlled data and its data residency location. You can mark data through sensitive labels and determine the location of its storage. It is a great feature for businesses operating in the UK and the EU!

Where is your 365 Data stored?

To see your current DR you will need to access the Microsoft 365 Admin Portal (Admin.Microsoft.com). On the left-hand pane select “Show more” then drop down the “Settings” option. Select “Org Settings” and on the top row “Organization Profile” then select Data Location.

Where is your data stored?

Dashboard of Microsoft 365 Admin

Where is your Microsoft Exchange Mailbox Data Residency stored?

Different user Mailboxes can be stored on different exchange servers. For example, your Exchange DR might be in the United Kingdom, but your mailboxes will be spread between UK South and UK West Data centres. To view individual mailboxes you will need to use the PowerShell command:

Get-OrganizationConfig | Select -ExpandProperty AllowedMailboxRegions | Format-Table

This will return all mailboxes broken down by Mailbox Region which can be exported as a CSV.

 

If you’re looking for greater control of your Microsoft 365 Data Residency or are interested in the ADR license, please get in touch with Planet IT!

 

Book to meet with me

The Cyber OODA Loop Explained: Enhancing Cyber Defence with Rapid Decision-Making

The Cyber Observe Orient Decide OODA and Act Framework

If you follow the world of Jocko Willink or listen to his podcast, especially the one with Andrew Huberman, then you will have heard about the Observe, Orient, Decide and Act (OODA) loop.  

Willink used this model during his time in the Navy Seals to help him overcome challenges. This article explores how the OODA loop can be utilised in cyber response, especially in highly stressful situations, to enable you to see the woods from the trees. 

What is the OODA loop? 

Observe

The first step in the OODA loop is observation. In the context of cybersecurity, this involves actively monitoring our network, systems, and external threat intelligence sources. Key activities include: 

Security Bulletins and Advisories: Regularly track security bulletins and advisories from trusted sources. Stay informed about vulnerabilities and emerging threats. 

Threat Intelligence: Gather information on adversary tactics, techniques, and procedures (TTPs). Understand their modus operandi to anticipate their moves. 

Incident Detection: Implement robust detection mechanisms, including network intrusion detection systems (NIDS), firewall logs, and user behaviour analytics.

Orient

Orientation is about making sense of the observed data. Here’s how it applies to cyber defence: 

Assess Applicability: Evaluate how the observed threats align with your organisation’s assets and operations—Prioritise based on criticality. 

Operational Issues: Consider operational constraints, resource availability, and potential impact. What can realistically be addressed? 

Risk Assessment: Quantify the risk associated with each threat. Understand the potential consequences of inaction.

Decide

Decisiveness is crucial in the face of cyber threats. Make informed decisions: 

Prioritise Remediation: Decide which vulnerabilities or incidents require immediate attention based on your risk assessment. Create a remediation strategy. 

“Duelling” OODAs: Recognise that adversaries also operate within their own OODA loops. Act swiftly to disrupt their plans.

Act

Execution is where the rubber meets the road: 

Rollout and Monitor: Deploy patches, updates, and security controls. Continuously monitor for any “breakage” caused by changes. 

Active Defences: Implement active defences such as honeypots, sinkholes, and application whitelisting. Deceive, degrade, and disrupt adversary actions. 

Continuous Cyber Loop

Remember that the OODA loop is iterative. As you act, new observations emerge, leading to further orientation, decisions, and actions. Adaptability and agility are essential. 

Organisations face an ongoing battle to protect their digital assets in the volatile landscape of cyber threats. Initially developed by military strategist Colonel John Boyd, the OODA loop provides a robust framework for decision-making and response. Let’s explore how this loop can be applied to enhance our defences against cyber-attacks. 

In an outbreak or live cyber-attack, it can be challenging to remain calm whilst taking the first steps to deal with the situation and do the right thing. We recommend taking time to run an OODA loop model in your mind. In doing so, you can find a better, more effective way to tackle the challenges.  

Those of us who are often in a position where a decision needs to be made fast, risk missing alternative more effective ways due to time pressure. However, this model will give you the best chance to see a clearer picture, so you can make more informed decisions.  

Application Of the Loop in Cyber Security

The first step is to observe the incident and analyse your data:  

  1. What has happened?  
  2. Calmly analyse the facts and the unknown.
  3. Assess the worst possible scenario and the potential impact on your business.
  4. Think of your next steps.  

Once facts have been established, decide on the action and how you will proceed with the informed decision. Hopefully, the decision stemmed from the Observe and Orient model. 

The Act is the last step which puts the plan into action. At this point, you should also be planning to perform another OODA loop to cover the previous loop; sometimes, you may even be running multiple loops at once. The ability to place a cognitive weight on having time to make the right decision is key in a high-pressure scenario. 

If you are looking for further reading, then you can also look at the following: 

Mandiant APT1 Model: Map control implementations to the adversary model. Identify opportunities to detect, deny, and disrupt attacks. 

MITRE ATT&CK Matrix: Align techniques with tactics. Understand where defences are effective and where gaps exist. 

By embracing the Cyber OODA loop, organisations can transform reactive responses into proactive defences. Rapid decision-making, continuous adaptation, and a deep understanding of the threat landscape empower us to stay ahead of cyber adversaries. Remember: in cyberspace, surprise favours the prepared mind. 

If you want to talk to Planet IT experts about how we can help you with your cyber security, planning and innovation, then please call 01235 433900, or you can email [email protected], or if you would like to speak to me directly, you can reach out to me via DM or at [email protected]. 

 

Cloud Security Posture Management, Why you need it!

Cloud Security Posture Management

It’s time to discuss the importance of moving to an Opex model, the drive towards consumption-based usage and the impact on technologies like Microsoft Azure, as well as the importance of protecting Cloud resources and security when you move resources to the cloud. This article looks at how we put these principles into practice in Cloud Security Posture Management.

What is CSPM And Why Is It Important

Cloud security posture management (CSPM) is critical for any business moving its infrastructure to Microsoft Azure. CSPM helps organisations identify and remediate security risks in their cloud environments, to ensure their data and applications are protected. This rather preventative approach helps avoid any disasters!

When moving to the cloud, businesses must ensure that their security posture is robust and able to withstand the unique challenges of the cloud environment. Once you move to the cloud, you are placing only some, but not all, of the responsibility for the service provided.

In this shared responsibility model, the level of understanding of your risks is critical. This is why CSPM tools are so essential. They provide a comprehensive view of the security posture of an organisation’s cloud environment. It allows them to identify and address vulnerabilities and misconfigurations that could expose their data and applications.

Automation and Benefits Of CSPM

One of the greatest benefits of CSPM is the ability to automate the process of identifying and remediating security risks. Taking the human out of the equation often results in a better, faster, and more secure platform in the long term.

This is particularly important where the scale and complexity of the environment make it difficult for businesses to keep up with the constantly evolving threat landscape. CSPM tools can automatically scan the cloud environment for vulnerabilities and misconfigurations. This alerts security teams to potential risks and provides the information needed to take action.

CSPM also gives businesses greater visibility into their cloud environment, allowing them to monitor activity and detect unusual or suspicious behaviour. With the correct visibility, you can trust that the systems you have in place are configured and protected to the required standard.

The dynamic nature of the environment can make it difficult for businesses to keep track of changes and activities. CSPM tools provide real-time visibility into the cloud environment, allowing security teams to identify and respond to potential threats quickly. Being able to see who has made changes, what risks you have, and the overall nature of your cloud posture is invaluable.

Complying with Standards and Regulations

Many businesses are subject to strict regulatory requirements, and failure to comply can result in significant fines and reputational damage. CSPM tools can help businesses ensure that their cloud environment complies with relevant standards and regulations, reducing the risk of non-compliance. If your business needs to hit Cyber Essentials, ISO 27001 or PCI-DSS, then CSPM is the way to go

In summary, CSPM is essential for businesses moving their infrastructure to Microsoft Azure. It gives businesses the visibility, automation, and control they need to ensure their cloud environment is secure and compliant. By implementing a robust CSPM solution, businesses can protect their data and applications from threats, reduce the risk of non-compliance, and maintain the trust of their customers and stakeholders.

If you want to talk to one of our experts about how we can help your business secure its cloud environment and the benefits a CPSM could have for you, please call 01235 433900 or email [email protected]. If you want to speak to me directly, you can contact me via DM or at [email protected].

 

Microsoft 365 Copilot What’s New For 2024

Microsoft 365 Copilot What's Newhttps://www.planet-it.net/wp-content/uploads/2024/01/Copilot-post.jpeg

In today’s fast-paced business environment, staying on top of your workload can be challenging. That’s where Microsoft 365 comes in. This AI-powered productivity tool is designed to help businesses of all sizes work smarter, not harder.

With the removal of the 300-user gap in January, this tool is now available to businesses of all sizes and will allow SMEs/SMBs to engage in the world of generative AI.

What is Microsoft Copilot? 

At its core, Copilot 365 is a sophisticated processing and orchestration engine providing AI assistance. The software combines the power of large language models with data from your Microsoft Graph and the knowledge of the internet to help you work more efficiently. Something that no other tool can currently do. For instance, ChatGPT needs access to business data or the internet hence why the results are limited.

What is new in Copilot? 

Since there has been so much change in January alone for Microsoft 365 Copilot, we list the top 10 list of features which transform the way, you work.

1. Intelligent search

Copilot 365 can help quickly find the information you need, whether it’s in your emails, chats, or documents. With its advanced search capabilities, you can quickly locate the information you need, even if it’s buried deep within your files. You no longer need to be a search wizard to break down the barriers of document locations.

2. Summarisation

Copilot 365 can summarise long documents or emails, so you can quickly get the gist of the content without reading through everything. It saves so much time getting to the core of the text and avoiding all the white noise.

3. Email drafting

Copilot 365 can help you draft emails, saving time and effort. Its advanced natural language processing capabilities can generate well-written emails that convey your message effectively.

4. Document generation

Copilot 365 can help you create documents, such as reports or presentations, using data from your Microsoft Graph. This can save you time and effort, allowing you to focus on more critical tasks. This is so powerful if you are in any role where you often produce reports which require a presentation, Copilot takes the work out of doing it.

5. Task management

Copilot 365 can help keep track of your tasks and deadlines, so you never miss an important deadline. With its advanced task management capabilities, you can easily organise your workload and stay on top of your responsibilities.

6. Meeting Scheduling

Copilot 365 can help you schedule meetings with your colleagues, considering everyone’s availability. With its advanced scheduling capabilities, you can easily find a time that works for everyone without going back and forth with multiple emails. With options like Follow Meeting and Copilot-driven notes, you get so much more from meetings!

7. Language Translation

Copilot 365 can translate text from one language to another, making communicating with colleagues or clients who speak a different language easier. With its advanced translation capabilities, you can easily bridge language barriers and communicate effectively. This is great for working with international partners and clients.

8. Voice commands

Copilot 365 can be controlled using voice commands so that you can work hands-free. With its advanced voice recognition capabilities, you c

an easily interact with the tool using your voice, allowing you to work more efficiently.

9. Personalisation

Copilot 365 can be customised to suit your needs and preferences. With its advanced Personalisation capabilities, you can tailor the tool to your specific requirements, ensuring it works how you want it to.

10. Integration with Microsoft 365

Copilot 365 is fully integrated with Microsoft 365, so you can use it seamlessly with the other tools in your productivity suite. This allows you to work more efficiently, easily switching between different tools without wasting time. No other tool can do this; this is where the power exists

In conclusion, Copilot 365 is a powerful tool that can help businesses of all sizes work more efficiently and effectively. With its AI-powered capabilities and seamless integration with Microsoft 365, it’s a must-have for any business looking to stay ahead of the curve. Whether you’re a small business owner or the head of a large corporation, Copilot 365 can help you work smarter, not harder.

If you want to talk to one of our experts about how we can help you get Copilot Ready, please call 01235 433900 or email [email protected]. If you would like to speak to me directly, you can reach out to me via DM or at [email protected]

 

 

 

 

Unleashing The Power Of Microsoft 365 Copilot

Copilot for Microsoft Office 365

Microsoft Copilot for 365  is a chat-based tool that integrates into other 365 applications such as Microsoft Teams, Outlook, and SharePoint. It can learn and understand data from these locations, giving it the ability to answer questions, summarise documents, and more. Copilot is also integrated into the applications, allowing you to use it in real-time to draft emails, summarize emails or Teams chats.

 

Watch our webinar about unleashing the power of Copilot for your organisation

 

How will Copilot change the way we will work?

Microsoft Copilot for 365 won’t be coming after your job anytime soon.  Copilot 365 is there to help make your job more efficient and effective by cutting down the time you would have spent reading unimportant emails or messages, drafting base documents and emails and so on.  It will help you improve your time management skills, professionally write emails and recap your entire working days.

The security and compliance around Copilot

However, Microsoft Copilot 365 poses new security and compliance challenges for businesses as it has access to so much data.  Examples of risk can involve data leaking to the wrong user or a compromised user which could be could be devastating.

Currently, Copilot has inbuilt rules and compliance policies to stop certain actions such as users requesting sensitive data like payslips or contracts. It also has built-in security to only show data that the user would be able to access natively.

It is on Microsoft’s roadmap to integrate this policy into Purview to allow IT admins greater control over copilot security.

If you are eager to harness the full potential of Microsoft Copilot 365 to elevate your business through AI integration in your daily operations, then please call 01235 433900 or email our team of experts at [email protected]. As your trusted Microsoft Solution Partner, we seamlessly guide you through every step – from licensing to integration – ensuring that your investment not only meets but exceeds expectations.

Integrating Generative AI

Integrating Generative AI, Machine Learning and AI

In the dynamic landscape of technology, integrating Generative AI, Machine Learning (ML), and Artificial Intelligence (AI) has become imperative for businesses to stay competitive and innovative.

 

Not since the dot.com era have we seen such a dramatic shift in technology, which has become a part of our everyday lives. 

 

Businesses must adapt and integrate AI, ML and GenAI into their short and long-term IT strategies. To enable employees to access AI tools from their workstations, mobiles and any web-enabled device. 

 

More than ever, IT professionals ought to be committed to developing robust strategies that leverage these technologies to enhance operational efficiency, customer experiences and overall business outcomes. This article will explore key considerations and recommendations for incorporating Generative AI, Machine Learning, and AI into your IT strategies in 2024.

Understanding the Business Objectives:

 

As IT leaders, you must align the adoption of Generative AI, ML, and AI with the broader business objectives.

 

Due to a lack of consideration for your business’s strategic objectives, the improper use and implementation of these technologies may have little or no effect on achieving organisational objectives. In other words, these tools should be complementary and continuously aligned with the organisational strategy. For instance, some technologies may not necessarily support the direction of the business. The same principle applies to the implementation of strategic IT decisions.

 

Conversely, the judicious use of AI can elevate customer service satisfaction and increase operational efficiency, which can lead to gaining a competitive advantage in some shape or form.

 

Crafting an effective IT strategy based on individual business merits will help choose technologies tailored to individual needs that will support development and growth.

 

Talent Acquisition and Skill Development:

 

Investing in talent is crucial for successful implementation. IT leaders should assess the existing skill set within their teams and identify the gaps. This is crucially important as well as your current team’s skill including knowledge of working with IA set vs. AI delivery services.  

Hiring or upskilling employees in areas like data science, machine learning, and deep learning ensures that the organisation has the expertise to drive AI initiatives. Not only focusing on the team who will support it, but your IT strategy must also focus on how you train end users to understand, leverage and validate where AI is used.

 

Establishing a Data-Driven Culture:

 

Generative AI and ML rely heavily on data. IT leaders must foster a data-driven culture within the organisation, emphasising the importance of high-quality, relevant data. It has always been a challenge for businesses to hold data regardless of its quality, relevance, or ability to be reused, ingested, or understood by a system. With AI, both structured and unstructured data can be used, but the data still needs to be relevant if you implement a system to reduce the amount of time your business spends on answering customer queries based on previous fixes but don’t check the previous fixes for validity you are likely to suggest non-solutions and harbour distrust in the system. This involves implementing data governance practices, ensuring data security, and promoting collaboration between IT and business units to derive meaningful insights. Tools like Microsoft Purview are a great place to start when looking into your data and its governance.

 

Creating a Robust Infrastructure:

 

IT leaders need to invest in a robust and scalable infrastructure to support the increased computational demands of AI applications. For most, this will mean looking at a transparent Cloud and edge computing strategy, moving away from private and co-located data centres on dedicated hardware to pooled and shared, scalable solutions like Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). This becomes critical when you consider that for some AI workloads, you will need specialised hardware such as GPUs, which may be essential IT infrastructure components to ensure optimal performance or gain the results your business requires. For those who want to remain on-premises, then your strategy needs to directly reflect a hybrid cloud approach as you will not be able to run many of these tools in your environment and will instead need to run the toolset where it is best suited be that with the vendor or on a public cloud instance.

 

Implementing Explainable AI:

 

As your strategy reflects how your business increasingly relies on AI-driven decisions, you must ensure that your business, customers, and staff can maintain faith in the solution; therefore, transparency becomes critical. As IT leaders, you should prioritise adopting Explainable AI models that provide clear insights into how AI algorithms arrive at specific conclusions. This transparency builds trust both internally and externally. This is easier said than done with some of the current Generative AI toolings, and therefore, your IT Strategy should reflect how you will tackle this when selecting the tools you will work with.

 

Security and Compliance:

 

Ensuring the security of AI systems is paramount. As an IT leader, you must integrate AI technologies in compliance with industry regulations and standards. Now, most of these AI tools currently take little consideration for the regulations and standards your business might have to reach, be that HIPPA, PCI-DSS, or ISO. Therefore, it will fall to you and your strategic approach to ensure that safeguards are put in place and that you remain in control of your data, its sovereignty and how it is being used. Additionally, implementing robust cybersecurity measures is essential to protect sensitive data and maintain the integrity of AI applications; this does not stop with just placing anti-virus on a system; you will need to think beyond this and engage with the right security partners.

 

Continuous Monitoring and Improvement:

 

AI models require ongoing monitoring and refinement. IT leaders should establish mechanisms for continuous evaluation of AI systems, identifying areas for improvement and adapting strategies based on real-world performance. Regular updates and adjustments ensure that AI applications remain effective and aligned with evolving business goals. Remember that even though a model is good today, it will still be better in 6 months or a year. Also, the data set will age out on models, therefore, you need to ensure you understand how and when this will be updated to support your business. 

 

Collaboration and Communication:

 

Successful AI implementation requires effective collaboration between IT and all business units. IT leaders should facilitate communication, break down silos, and encourage cross-functional collaboration to ensure that AI initiatives align with the overall business strategy. No man is an island, and if you make your safe in this landscape, you will quickly fall behind. While implementing your IT strategy, you engage a cross-business group and work with them to support you in understanding how to engage the wider business and provide training, support, and guidance to maximise uptake and effectively communicate the changes coming.

 

In 2024, the strategic integration of Generative AI, Machine Learning, and AI into IT strategies is critical to business success. IT leaders must align these technologies with business objectives, invest in talent and infrastructure, foster a data-driven culture, prioritise security and compliance, and ensure continuous monitoring and improvement. By adopting a holistic approach, you, as an IT professional, can position your organisations at the forefront of technological innovation, driving sustainable growth and competitive advantage in the ever-evolving digital landscape.

 

If you want to talk to one of our experts about how we can help you with your IT strategy or implementing AI into your business, then please call 01235 433900, or you can email [email protected], or if you would like to speak to me directly, you can reach out to me via DM or at [email protected].

Technology and Cybersecurity; The Trends and Predications for 2024

technology trends in 2024

Time waits for no man and the last 12 months have truly shown that neither can technology or cybersecurity. Tech will not be held back. Governments, companies and individuals cannot stop the march of technological progress. Therefore as I sat down to pen this article for the third year in a row it was very clear to me that the last 12 months have seen such a huge advancement in technology that my predictions might need to be a bit bigger for technology in 2024!

You can read the previous year’s articles HERE and HERE.

Artificial Intelligence (AI) in Cybersecurity

Artificial Intelligence is set to play a pivotal role in cybersecurity. In 2024, we can expect AI to be more sophisticated in identifying and mitigating cyber threats. Machine learning algorithms will continuously adapt to new attack vectors, providing a dynamic defence mechanism. The integration of AI in security operations will enhance threat detection, response times, and overall resilience against cyber attacks. Because of this as business we need to be aware of how the providers of your technology are using AI and how the bad actors will also be using this. It is also going to be critical in 2024 to review where and what data is being held and used to train these AI models inside of your cybersecurity products.

AI & Cybersecurity in 2024

Zero Trust Architecture

The concept of Zero Trust Architecture is gaining momentum as organizations recognize the need to move beyond traditional perimeter-based security. In 2024, expect more widespread adoption of Zero Trust principles, where trust is never assumed, and every user, device, and network interaction is thoroughly authenticated and authorized. This approach ensures a more robust defence against insider threats and external attacks. What this will really mean in 2024 is that the traditional edge and VPN systems many businesses have come to rely on since the pandemic will start to be replaced with ZTNA solutions.

 

Quantum-Safe Cryptography

With the advent of quantum computing, the cryptographic landscape is under threat. To counter this, 2024 will witness a surge in the implementation of quantum-safe cryptographic algorithms. Organizations will prioritize updating their cryptographic protocols to ensure that sensitive data remains secure even in the face of quantum advancements. This is a space to watch and an area of huge growth for security.

 

5G Security Challenges

As 5G networks become more prevalent, so do the security challenges associated with this technology. In 2024, expect a heightened focus on addressing the unique cybersecurity risks posed by 5G, including increased attack surfaces, potential for IoT vulnerabilities, and the need for robust encryption to protect data transmitted over these high-speed networks. Businesses that rely heavily on remote working and mobile working will need to be very aware of this and keep a close key on the risks in the area.

Ransomware Resilience

Ransomware attacks have been on the rise, and 2024 will be no exception. Organisations will increasingly invest in developing and implementing robust ransomware resilience strategies. This includes regular data backups, employee training programs, and the use of advanced threat intelligence to proactively identify and neutralize ransomware threats. For me there is only one answer to this and that will be that every business will need a full MDR (Manage Detection and Response) product in place looked after by a dedicated security team.

 

Biometric Authentication Advances

Biometric authentication is evolving beyond fingerprint and facial recognition. In 2024, we can anticipate advancements in behavioural biometrics, voice recognition, and other innovative authentication methods. These technologies offer a more secure and user-friendly approach to identity verification, reducing reliance on traditional password-based systems. This wont change the world in 2024, but will start to see the shift away from the standard passwords systems we are use to.

Regulatory Compliance and Privacy

With the growing emphasis on data privacy and protection, regulatory frameworks are continually evolving. In 2024, organizations will prioritize compliance with stringent data protection regulations. The focus will be on ensuring transparent data practices, implementing robust security measures, and demonstrating accountability in handling sensitive information.

Generative AI fuelled Social Engineering Attacks

When looking at looking at the risk profile of 2024, it is clear that the trajectory started in 2023 will continue with generative AI being used by bad actors to generate more believable , more dynamic and ultimately harder to detect social engineering attacks. It has been well documented that in 2023 around 80% of all attacks started with compromised identities and as we all continue to invest in better MFA technologies and drive brute force attacks from success the more we will see a direct pivot to using social engineering attacks to compromise the security practices we have in place.

Businesses must strive to educate their employees about the common ways to recognise they are being deceived, this cannot just happen once a year as a tick box exercise you need to be driving change with-in your business and adopting a clear training plan into 2024. Because of this it makes identity protection the most critical protection that companies should look to strengthen or invest in for 2024. Otherwise, adversaries will continually target and successfully comprise this weak spot.

Cost of Living and Financial Impacts on IT and Security Budget

We have seen some unpredictable and unprecedented global impacts over the last 4 years, these have all taken an impact on the global finances which in turn are now starting to reflect in the budgets of businesses across the UK and EMEA. Because of this in 2024 a trend we are all going to need to be aware of is the tightening on IT and Security budgets as the ever tightening purse strings will mean that businesses need to make better choices about where and how they spend money. In these scenarios you need to focus on how to make the most of what you have but also there will be a need to be strong on conveying the value to the wider business on investing or maintaining your IT and Security products and services.

Conclusion

As we step into 2024, the intersection of technology and cybersecurity promises both challenges and opportunities. Embracing innovative solutions, staying informed about emerging threats, and fostering a cybersecurity-conscious culture will be essential for individuals and organizations alike. By proactively addressing these trends, we can collectively build a safer and more resilient digital future.

If you want to talk to one of our experts about how we can help you with your planning for 2024 then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

2023 – Technology Winners & Losers

Amid widespread technological innovation as well as failuresLewis Kitchen

As usual for this time of year, we always think it’s a bit of fun to look back at the last 12 months and see how technology in 2023 has shaped up – who were the winners and who fell flat of expectations over the year.

Winners

AI

AI has made a huge impact in the year 2023. ChatGPT was released by OpenAI on the 30th of November 2022 and quickly took over the internet, receiving the most user signups out of all applications.

ChatGPT is a predictive language model. Although these existed before, OpenAI was the first to make it commercially available. Unlike other chatbots that are designed to perform specific tasks, ChatGPT is a conversational model that can respond to any query from its large database.

This caused a chain reaction among the big companies to push out their AI and gain some of the market share. AI will change the way we work next year with Microsoft CoPilot coming out for enterprise companies.

Cloud Adoption

As always, Microsoft and Amazon have been pushing for more control over the Public Cloud space. As a result, more companies have migrated services to the cloud or running Hybrid setups with it. At Planet IT we have seen a huge increase in growth for customers wanting Microsoft Azure to run their infrastructure. This will continue into 2024 and from 2025 we will expect to see more than 90% of businesses being cloud only.

Losers

Microsoft Windows Operating Systems

2023 saw the end of life for Windows Server 2012, this forced a lot of companies to upgrade their server or utilise Microsoft’s offering for extended 2012 support in Microsoft Azure. This will become a common occurrence as Microsoft looks to end its support for its aging operating systems such as 2016 and 2019 in favour of moving you to the Azure Cloud.

Twitter / X

Twitter was brought out by Elon Musk on the 27th of October. And depending on what side of the fence you sit on this, is either bad or good. The acquisition has been a topic of debate in the media. Some examples include Elon’s hostile takeover of Twitter; renaming Twitter to X; promising an open-sourced algorithm; banning bots and hypocrisy about free speech.

X has been under pressure from watchdogs and civic organisations. This is due to its inability to combat propaganda. For instance, spreading misleading information on the Russia-Ukraine war, the Israel-Hamas war, and the upcoming presidential election.

Looking for a technology partner?
Let’s talk

  • This field is for validation purposes and should be left unchanged.