Posts

Can’t wait to integrate ChatGPT into your business processes? …actually, here’s exactly why you should wait!

ChatGPT for business

You can’t escape it. It’s all over the news and social media about this sudden wave of improvements in LLM (Large Language Models) or as most people know them at the moment Chat-GPT! 

Every large tech firm is rushing to integrate these technologies into their products with Microsoft launching co-pilot and Bing with Chat-GPT integration. Google is launching AI lead improvements to Workspace and Facebook accidentally leaked the source code to their LLM. 🤦‍♂️

With all of this going on you would expect that these products are at least secure and pose no risk to the users, businesses or the general public. And while I am wholly in favour of improvement to AI and ML, we must consider the risks these LLM pose as they begin to become part of everyday life. 

What are you talking about?

I should start by covering what an LLM is. Well in the words of Nvidia “A large language model, or LLM, is a deep learning algorithm that can recognise, summarise, translate, predict and generate text and other content based on knowledge gained from massive datasets.” To most of us what this means is that a system can take input in human language, not machine code or programming language and can then complete these instructions. Now, this can be as simple as how do you bake a cake. Or you can ask it to write an application that will convert files to pdf and upload them to an FTP server based on the IP address x.x.x.x and write an output file for me to show completion, in C++. The LLM will then go away, compute the question against the information it has been “taught” and will then come back with an answer.

chatgpt plus

 There are a few things we should all be aware of with LLMs as they stand today, these limitations are present but not always obvious. 

  • LLMs are driven by the dataset they have and may have complete blind spots to events if they occur post the data set provided, i.e Chat GPT (GPT-3) is based on a data set from 2021. So if you ask it about the F1 teams for 2023, it will either throw an error or will simply give you information it “generates” from the information it has been fed.
  • LLMs can therefore “hallucinate” facts and give you a completely incorrect answer if it doesn’t know the facts or if the algorithm works itself into a situation where it believes it has the right information.
  • LLMs are power-hungry. They need huge amounts of computing power and data to train and operate the systems.
  • LLMs can be very biased and can often be tricked into providing answers by using leading questions making them unreliable.
  • The largest risk is that they can be coxed into creating toxic content and are prone to injections actions.

Therefore the biggest question remains what is the risk of introducing an LLM into your business workflow? 

With the way that LLMs work they learn from data sets. Therefore, the potential risk is that your business data inside applications like Outlook, Word, Teams or Google Workspace is being used to help develop the LLM and you don’t have direct control over where the data goes. Now, this is bound to be addressed over time but these companies will 100% need access to your data to move these models forward so limiting its scope will have an impact on how they develop and grow. Microsoft and Google will want to get as much data as possible. 

As such you need to be careful to read the Terms of Use and Privacy Policy of any LLM you use. 

Other Risks

This one is scary, and it increases as more organisations introduce LLMs into the core workflow, is that queries stored online may be hacked, leaked, stolen or more likely accidentally made publicly accessible. Because of this, there is a huge risk of exposing potentially user-identifiable information or business-related information. 

We should be aware of the misuses risk that also comes from LLM with the chance they will be used to generate more convincing phishing emails, or even teach attackers better ways to convince users to enter into risky behaviour. 

openai

The final risk that we should be aware of is that the operator of the LLM is later acquired by a company that may be a direct rival to yours, or by an organisation with a different approach to privacy than when you signed up for the platform and therefore puts your business at risk. 

As such the NCSC recommends

  • not to include sensitive information in queries to public LLMs
  • not to submit queries to public LLMs that would lead to issues were they made public

At this point, Planet IT’s recommendation is not to integrate the new features from Microsoft and Google into your business workflow. Certainly not until proper security and data controls have been implemented by these companies and the risk of your business data being used as sample material to teach the LLMs is fully understood. These are emerging technologies, and as we continue to see change at Planet IT we are monitoring everything very carefully to understand how it will affect the security and data compliance of your business. 

More information from the NCSC can be found here : https://www.ncsc.gov.uk/blog-post/chatgpt-and-large-language-models-whats-the-risk

If you want to talk to one of our experts about how we can help you with your security and understanding of LLM then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected]

IMPORTANT!!

This article was NOT written by ChatGPT. It was written by this ChapJPD (James Peter Dell)

Cloud Security Assessment Checklist: Protecting Your Business in the Cloud

cloud security checklist

Just because your data is in the cloud, that doesn’t mean it’s secure.
What???

I know many people believe that because they use Microsoft Azure, AWS or GCP, and big tech have their own security measures in place, that means you are safe, right? It doesn’t!!

In order to protect your sensitive information and comply with industry regulations, you need to perform a comprehensive security assessment of your cloud infrastructure.

Here is our recommended cloud security assessment checklist to help you ensure that your cloud environment is secure:

Access Management

Access management is one of the most critical components of cloud security. You need to ensure that only authorized users have access to sensitive information and systems. This can be achieved through the implementation of strong authentication methods such as multi-factor authentication, the use of secure password policies and even better, biometric authentication.
Additionally, it’s important to regularly review and audit your access logs to detect any unauthorised access attempts.

MFA

Directory Service

Directory services play a crucial role in cloud security by providing centralised authentication and authorisation for your cloud environment. A robust directory service will allow you to manage user accounts, passwords, and permissions in a secure and scalable manner. Ensure that your directory service is properly configured and that it integrates seamlessly with your access management solution.

Data Loss Prevention and Backup Policies

Data loss prevention is critical in protecting your sensitive information in the cloud. Implement a comprehensive data loss prevention strategy that includes the use of encryption, data backups, and disaster recovery solutions. Ensure that your data backup policies are regularly tested and updated to ensure that your data can be recovered in the event of an unexpected outage or disaster.

Rely on a Security Team

This is key. A dedicated security team is essential for ensuring the security of your cloud environment. This team should be responsible for the implementation and management of your cloud security solutions, as well as for performing regular security assessments and audits. Whether in-house or outsourced, make sure that your security team has the necessary skills and experience to keep your cloud environment secure.

Encryption

Encryption is an essential component of cloud security. Encryption can protect your sensitive information from unauthorised access, even if it falls into the wrong hands. Ensure that your data is encrypted both at rest and in transit, and that your encryption keys are properly managed and protected.

security updates

Security Updates

Often overlooked, updates are critical for keeping your cloud environment secure. Regularly update your cloud infrastructure and security solutions to ensure that you are protected against the latest threats. Stay up-to-date with the latest security news and vulnerabilities to ensure that you are prepared for any potential security incidents.

Monitoring

Regularly monitor your cloud environment to detect any security incidents or threats. Ensure that you have the necessary tools and processes in place to quickly respond to any security incidents, and that your security team is properly trained and equipped to handle them.

In conclusion, the cloud is an essential component of modern business, but it also presents a unique set of security challenges. By following this cloud security assessment checklist, you can ensure that your cloud environment is secure and that your sensitive information is protected. Keep this checklist handy and regularly assess your cloud security to ensure that you are always protected.

Ignorance is not bliss. Why Are Some Businesses So Reluctant To Embrace The Cloud?

Why are businesses so reluctant to adopt the cloud?

Cloud computing is the future of business. I argue that it is very much the present too. The cloud benefits organisations to become more agile, efficient, and cost-effective.

But why are some companies still hesitant to join the party?

Is it the cost? Is it a lack of understanding?

Ok, Let’s call out the elephant in the room: security and privacy concerns.

Yes, security breaches make headlines, but the truth is that cloud providers have heavily invested in security measures.

This includes encryption, firewalls, and multi-factor authentication. However, many businesses are still sceptical about the effectiveness of these measures and worry that their data could be vulnerable to cyberattacks.

So, I’m going to call the cloud providers out on this. Just because your data is stored on the cloud, and despite their valiant efforts, the reality is that you still need 3 party security solutions in place to safeguard your business data. But any responsible IT manager or business leader will appreciate this is a modern business need anyway.

Another reason for the reluctance to adopt cloud computing is privacy. Many businesses are concerned about the privacy of their data, particularly in light of recent privacy scandals. They worry that their confidential information could be accessed by unauthorised third parties, either by accident or through malicious intent.

But it’s not just security and privacy holding companies back. Many simply don’t understand the cloud. And that’s understandable. But ignorance is not bliss in the digital age. The businesses that seize the cloud advantage will leave their competition in the dust. Access to cutting-edge tech, scalability, and improved collaboration – the benefits of the cloud are too good to pass up.

So, to the companies still on the fence about cloud computing: don’t be left behind. Embrace the future and take your business to the next level.

Cloud computing is the answer to your digital needs – embrace it and thrive.

The future of Cyber Security for… BUSINESS LEADERS

the future of cybersecurity for business leaders

The future of cyber threats impacts both IT managers and business leaders, but with different priorities and approaches. While both groups recognise the importance of securing their organisation’s digital assets, they have different perspectives on the impact of these threats on their respective roles.

I have written 2 articles. Both on the topic of looking at the future of the cybersecurity landscape, but this post is from the BUSINESS LEADERS, OWNERS, MANAGING AND FINANCE DIRECTORS  point of view.

If you’d like to see my take on what IT MANAGER or IT DIRECTOR‘s need to be aware of, then CLICK HERE.

The Future of Cybersecurity.

Cyber threats are becoming increasingly sophisticated and persistent, posing a significant risk to businesses of all sizes. Business owners, managing directors, CEOs, and financial directors, be Aware! It is crucial to understand the future of cyber threats and take the necessary steps to protect their organisations from devastating cyber attacks.

  1. Cost of a Cyber Attack. A successful cyber attack can have devastating consequences for a business. This includes loss of sensitive information, damage to brand reputation, and financial losses. The cost of a cyber attack can run into hundreds of thousands or even millions of pounds. In many cases, even force a business to close its doors permanently.
  2. Targeted Attacks. Businesses are increasingly becoming targets of cyber criminals who are looking to exploit vulnerabilities in their systems for financial gain. These targeted attacks are becoming more sophisticated, and businesses must be proactive in their approach to cybersecurity to stay ahead of the threat. The naive days of “Why would they want to hack us?” are long gone. Any business is a target. 
  3. Cloud Computing. The widespread adoption of cloud computing is changing the way businesses operate. It also presents new challenges in terms of cybersecurity. Businesses must ensure that their cloud environments are secure, and that sensitive data is protected from cyber threats.
  4. Human Error. Now this is a big one! Human error is a leading cause of cyber attacks. Your people are and are always likely to be your weakest link. It is crucial for business owners to educate their employees about the importance of cybersecurity and best practices for keeping their systems and data safe.

In conclusion,

The future of cyber threats and cybersecurity is uncertain, and businesses must take proactive steps to protect themselves. From the cost of a cyber attack to the risks posed by cloud computing and human error, it is crucial for business owners to understand the potential consequences and take the necessary steps to secure their organisations. By implementing robust security measures and staying informed about the latest threats and trends, businesses can mitigate their risk and protect themselves from the devastating consequences of a cyber attack.

The future of Cyber Security for… IT MANAGERS

the future of cybersecurity for it managers

The future of cyber threats impacts both IT managers and business leaders, but with different priorities and approaches. While both groups recognise the importance of securing their organisation’s digital assets, they have different perspectives on the impact of these threats on their respective roles.

I have written 2 articles. Both on the topic of looking at the future of the cybersecurity landscape, but this post is from the IT MANAGER or IT DIRECTOR‘s point of view.

If you’d like to see my take on what BUSINESS LEADERS, OWNERS, MANAGING AND FINANCE DIRECTORS need to be aware of, then CLICK HERE.

The Future of Cyber Threats for IT Managers

Cybersecurity has become a critical issue for companies and organisations of all sizes. Obviously, it is essential for IT managers to stay informed about the latest threats and trends in the field. In the coming years, the landscape of cybersecurity will continue to evolve, and IT managers must prepare to face new and emerging challenges.

Here are some of the key trends and predictions IT Managers and Directors need to know for the future of cyber threats.

  1. Artificial Intelligence (AI) and Machine Learning (ML). AI and ML technologies are becoming increasingly popular, and these technologies will also be used by cybercriminals to carry out attacks. AI-powered malware and bots will become more sophisticated and difficult to detect, making it crucial for IT managers to implement advanced security measures and stay up-to-date with the latest developments in AI and ML security.
  2. The Internet of Things (IoT). The widespread adoption of IoT devices will continue to grow, but the security of these devices is a major concern. Cybercriminals will target IoT devices to gain access to networks and sensitive data, and IT managers must take steps to secure these devices and ensure they are not vulnerable to attack.
  3. Cloud Computing. Cloud computing is becoming more prevalent, we know that. And as a result, cloud security will become a top priority for IT managers. Cloud-based systems and data are vulnerable to attack, and it will be crucial for IT managers to implement robust security measures to protect their cloud environments.
  4. Ransomware. Ransomware will continue to be a major threat, and the number of ransomware attacks is expected to increase. IT managers must take steps to protect their systems and data from ransomware attacks, and also have a plan in place for responding to and recovering from an attack.

In conclusion,

The future of cyber threats is uncertain, but IT managers can prepare themselves by staying informed and implementing the latest security measures. The use of AI, IoT devices, cloud computing, and ransomware will continue to present new challenges for IT managers, and it is crucial that they stay ahead of the curve to protect their organisations and data.

Log4J Zero-Day Flaw – Are you are risk? And How Do you Protect Yourself?

Log4J cyber security

The Log4j vulnerability is effecting everything from development tools and games like Minecraft to cloud and security devices and even your car. Therefore the question is what do we look for?What is the latest information about keeping you and your business safe?

Firstly, what is Log4J?

Log4J is a flaw in a Java library.

For those reading this who are less technically included, Java is baked into many pre-made applications and used across a number of services. Therefore this vulnerability is prevalent across a number of attack vectors. Because of this it is currently the most talked about and high risk security vulnerability on the market at the moment with everyone scrabbling to patch out the risk.

The library is developed by the open-source Apache Software Foundation and is a key Java-logging framework. As detected in the vulnerability logged as CVE-2021-44228, a remote code execution flaw in Log4J, was already being exploited in the wild. Any system which has the same vulnerability is at serve risk. Warnings have been issued by the UK’s National Cyber Security Centre (NCSC).

 

What is at risk?

Basically any device which is exposed to the internet is at risk if it is running Apache Log4J versions 2.0 to 2.14.1. Now, the list of applications that have this would fill pages and pages – everything for Minecraft servers to Tesla’s car OS, with companies like Apple and Amazon also being pulled into the mix. Because of the way that Apache package software this vulnerability as per the NCSC notes, can also be found in anything running Apache Struts2, Solr, Druid, Flink, and Swift frameworks. With AWS having detected and working to patch the vulnerability currently, pushing mitigation protections via its CloudFront service.

Vendors with popular products known to be still vulnerable include Atlassian, Amazon, Microsoft Azure, Cisco, Commvault, ESRI, Exact, Fortinet, JetBrains, Nelson, Nutanix, OpenMRS, Oracle, Red Hat, Splunk, Soft, and VMware. And this list will continue to grow as product try to patch out the issue and make it known they have the vulnerability.

Log4J java

What can I do right now?

Because there is currently no direct patch for this, the best option is possible is to Airgap any system that is using or known to have Apache components or frameworks as part of its services from the internet. If you can’t do this then get a Web Application Firewall in place in front of any public facing system as it is very likely that these players will be able to provide WAF rule sets quicker than Apache can get a new version of Log4j tested and out into the wild.

As soon as a patch is available, get your Apache systems patched and up to date and ensure that you check all of your systems, as many IT administration tools install parts of the Apache framework for running web front ends or even systems of management and control for your devices.

The best action you can take as an IT system owner is to review anything you have that is publicly facing or publicly accessible. You need to take action now as this attack does allow the system to have complete control taken over by the attacker and it is not yet known how other defence tools are responding to this infiltration as the Java libraries are normally a trusted location and as such can leave a business open to attack.

If you are concerned about the security of your business then I implore you to call Planet IT today. One of our security specialists will be able to join you on a call and discuss the mitigation actions you can take and advise you of the best way to ensure your business is protected.

If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect you business, should that be with new technology, strategies or even better back ups you can reach us using the contact details below;

Contact me at – LinkedIn Message James Dell or Email : [email protected]

Call 01235 433900 or Email : [email protected]

Why Endpoint Protection is still a key line of defence

endpoint security

You won’t believe this. I tell a lot of business owners and IT Managers that they need to ensure they have a robust, well architected and industry leading anti-virus and anti-ransomware product at the core of any cyber security programme. I am shocked by how many businesses rebuff with “we have never had a virus, so why do we need these products”. Unfortunately this level of naivety is exactly what threat actors are betting on. They are leveraging your lack of belief or understanding in the value of protection to slip onto your system undetected and carry out whatever heinous activity they wish.

 

“We don’t need protection!”

First of all I must address the elephant in the room; “We have never had a virus“.

The simple question would be, how do you know? Gone is the age of pop-ups and loud annoying virus sent more to disrupt. Modern attacks focus to data extractions, data corruption/encryption or device harnessing. For all of these, bar corruption/encryption, the aim is to remain undetected. For the most part if you are trying to pull data from a device or harness the computer as a salve for your attack network then you don’t want the device owner knowing you are there. Therefore, the argument that you have never had a virus falls over. You should be saying “We have no idea if we have had or have a virus or suffered a cyber-attack as we don’t have the tools to detect such attacks” .

cyber attack

 

“I barely use that laptop”

Secondly, I need to address the obvious. Any device is at risk regardless of how little you use it, how infrequently it is turned on and how expensive it was when you bought it. This principal also applies to servers, virtual, physical and on cloud platforms. If it is running an operating system based on Windows, Linux, Unix or MacOS there will be an attack out there that is designed for that system. This even applies to appliances provided for dedicated applications like, phone voicemail systems, door access control and system controllers. Because of this, you need to ensure that your servers also have the protection in place and if they cannot have the protection directly installed that you have a product that can protect at network and hypervisor level against incoming attacks.

 

Therefore it is critical that your business protects itself with the minimum protection being put in place in the form of endpoint security. This said, while you can pick up these products for a few pounds from certain vendors, we would always recommend looking at a industry leading vendor. Choose one who specifically work within your business space and have the full suite of tools that can be used. This will help ensure that you reduce the risk your business faces from cyber threats.

endpoint security

If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect your business, should that be with new technology, strategies or even better backups you can reach us using the contact details below;

 

Contact me at – LinkedIn Message James Dell or Email : [email protected]

 

Call 01235 433900 or Email : [email protected]

 

Photo by Clint Patterson on Unsplash

Top 5 Cybersecurity Trends So Far This Year

Cybersecurity trends 2021

We are all too aware that the cybersecurity landscape is changing and will continue to change as the technology we use every day continues to adapt, develop, and alter our daily lives.

Put very simply, this trend is clear when you compare your 2010 Honda Civic to the latest release from Tesla; technology is embedded into every corner of our lives and it now even governs your driver safety.

Because of this, the drive to protect business and individuals from threat actors has never been more important. With an ever-shifting set of cybersecurity goalposts becomes the need to understand, adapt and overcome whatever threats may come your way.

As such in this article I am going to take you through five trends we are seeing when looking a cybersecurity and the defence of your IT infrastructure.

1. The Expanding Cyber-Attack Surface

According to cybersecurity ventures, the world will store 200 zettabytes of data by 2025. This data is coming from thousands upon thousands of different sources and a considerable amount of the data is now being driven by IOT and smart technologies.

As I mentioned in my introduction, think of all the data that every Tesla on the road today is generating, the pure volume of telemetry data, decisions, battery health and all the other statistics these mobile computers are generating is staggering. Now think about your smart home, with fridges that can be remotely controlled, lighting, cooling, heating and even garage doors that can triggered from anywhere across the globe, then add into the mix home security systems link Ring Doorbell. All of this sits outside the realm of what for many would have previously considered data that needed to be secured. However, it is easy to see how data like the time you leave your house, the speed you drive and direction you travel, could be of value to a threat actor and even worse could be data they leverage against you.

This however is just to the point, the fact that as businesses are having to daily adjust the scope of what is and is not part of the business attack surface, this leaves the threat actors room to move and the gaps they need to turn your secure system into Swiss cheese.

5 years ago, CCTV may or may not have been the responsibility of the IT department. Today, with digital cloud driven solutions, this firmly sits within a business IT attack surface and is a clear technological risk.

IT Hardware and software

Similarly, take the smart card reader that opens your office doors and your car parking barrier. This is a business attack surface which in the traditional IT model we would have simply been able to ignore. This is no longer the case. It sits on the list which will continue to grow of new areas where CISO, cyber security experts and IT teams in general need to protect.

This trend will of course continue. As IT professionals we must adjust our

security posture and consider how this effects the technologies we use to protect our data and our systems.

There is by no means a golden bullet but there are key markers for success in this area.

 

2. Ransomware as a Cyber Weapon of Choice

Ransomware has been around for almost two decades and has grown in popularity because it can more easily bring financial rewards to hackers. It is estimated that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code.

The reason is that ransomware became a weapon of choice for hackers in the last 18 months was drive by the COVID-19 pandemic. This instantly altered a digital landscape that for many businesses had been slowly changing. In fact, most were stuck to the traditional walled garden of onsite infrastructure and controlled working environments. Now, with the transformation of so many companies and how we operate as a mostly digital, this creates more targets for extortion. According to a research, ransomware increased by 435% in 2020 as compared with 2019.

In 202, the estimated cost of ransomware was £14.5 billion – a rise from £8 billion in 2019 and £5 billion in 2018. That trend will continue to grow.

The likely impact for the near-term future is that there will be more ransomware attacks against institutions and corporations who are less cyber secure and cannot afford to have operations impeded. This includes health care, local governments, and educational institutions. For these sectors the need to adapt and overcome the finical challenges of protecting their businesses has never been more paramount.

 

3. Increase in adoption of cloud services

Cloud vulnerability continues to be one of the biggest cyber security industry trends. Again, the rapid and widespread adoption of remote working following the pandemic increased the necessity for cloud-based services and infrastructure drastically, with huge security implications for organisations. For many, these implications where not understood or ignored as the business threw themselves into a cloud strategy in sheer panic in 2020.

work from homeDon’t get me wrong, cloud services have become essential and offer a range of benefits – scalability, efficiency, and cost savings – but they are also a prime target for attackers.

Misconfigured cloud settings are a significant cause of data breaches and unauthorised access, insecure interfaces, and account hijacking. All of these are avoidable but for many businesses they simply don’t know the vulnerabilities are there. During our webinar series, I often talk about the shared responsibility model. It is key to keeping the door closed to attack but is greatly misunderstood or even ignored by a lot of businesses.

 

4. Social engineering attacks getting smarter

Social engineering attacks, like phishing, are by no means new threats but have become more troubling amid the widespread remote workforce of the last 18 months. Attackers target individuals connecting to their employer’s network from home because they make easier targets. The attack looks to exploit the weak link in most businesses’ security posture, the end user.

As well as traditional phishing attacks on employees, there has also been an uptick in whaling attacks targeting executive organisational leadership. This trend sees CEO, CFO and other business managers being impersonated to other employees or customers to gain financial details or gain credentials.

SMS phishing – sometimes known as ‘smishing’ – is also gaining prominence, thanks to the popularity of messaging apps such as WhatsApp, Slack, Skype, Signal, WeChat, and others. Attackers use these platforms to try to trick users into downloading malware onto their phones, which for many are now heavily linked to the corporate network be that via email or shared file access. For many businesses, MDM or MAM are technologies they still haven’t invested in.

Organisations are increasing their protection against phishing, but criminals are always looking for new ways to stay ahead. This includes sophisticated phishing kits which target victims differently depending on their location. To stay ahead of these trends, businesses need to ensure their staff understand and can act as the human firewall against these attacks – social engineering is not something that technology alone can protect your business from.

 

Managed IT support Oxford

5. The Future, Privacy-enhancing computation techniques.

To change pace slightly now and look less at the trends around attack vectors and how the threat actors are getting in and more around how the cyber security industry is helping us all fight back.

Privacy-enhancing computation (PEC) techniques are emerging that protect data while it’s being used — as opposed to while it’s at rest or in motion.

This marks a dramatic shift in the level of protection we can leverage onto data and how we can continue to work to lock out the threat actors from data at all stages of its life cycle. This technology will also enable secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments.

This technology is rapidly transforming from academic research to real projects delivering real value, enabling new forms of computing, and sharing with reduced risk of data breaches.

I would expect to see these products in your security portfolio in the next 12 months.

 

With the landscape continuing to move beneath our feet daily, as IT professionals, we need to stay ahead of the trends and ensure that we are looking at what threats are just over the horizon.

No IT team can afford to rest on their laurels as the successes of yesterday will not protect you from the threats of tomorrow.

If any of this is of concern to you, whether you are an IT professional, a business leader or simply have cybersecurity fears, please reach out to me or one of my team and we will be more than happy to assess your situation. We are in this war together, and we can’t let the bad guys win!

email: [email protected]

call: 01235 433900

or connect with me on LinkedIn: https://www.linkedin.com/in/delljames/

 

 

 

What is Conditional Access, and why is it an essential part of your security posture?

Conditional Access

By now, you should be aware that the modern digital landscape is full of threat actors. That are always looking for any opportunity to find a weakness in a business’s security posture and then leverage this to gain unauthorised access to data for malicious reasons.

To protect against these attacks, we often look at antivirus and anti-ransomware technology and products like MFA or Two-factor authentication. The truth is that MFA is part of much larger protection that can be afforded a system through an approach known as Conditional Access.

How does Conditional Access work?

Conditional Access (CA) is the process of defining entry vectors and criteria; in its most simplistic form, consider CA to be a door that only opens if you are wearing the right clothes, have arrived in the right vehicle, and are holding your ID. In real terms, CA allows a business to define controls around what can be accessed by who, from where and under what circumstances.

I feel that conditional access is an underutilised part of any defence arsenal. This is partly due to a lack of understanding in the IT community about the technology and a misconception about its limitations. These beliefs and options come from a legacy of Software as a Service (SaaS) and on-premises infrastructure being integrated minimally, however with modern SaaS, IaaS, PaaS and on-prem working in a heavily integrated way. Conditional Access allows you to take advantage of the proper protection that can be afforded a system without comprise.

Is it widely used?

All the major SaaS, IaaS and PaaS vendors support conditional access, and an optimum way to deploy the technology is as such.

  • Limit access to login to Geo Locations that are trusted and used by the business
  • Allow internal networks or trusted networks to have fast passed authentication
  • Only allow data access from trusted and complaint enrolled devices
  • Require MFA in any location that is not inside a trusted network
  • Remove support for legacy authentication methods
  • Deploy true Single Sign-on across all platforms and devices
  • Limit access to the data and services a user needs based on the roles of that user
  • Only allow devices that have Antivirus and Anti-ransomware installed and up to date
  • Only enable devices that have the latest operating system updates
  • Integrate all systems into a single platform, use Conditional Access and MFA to protect the whole network, not just cloud services.

By undertaking this approach, you can reduce the attached surface of your infrastructure and protect data while not limiting your staff’s functionality by placing unwanted security barriers in place.

The diagram below shows how the conditional access approach works.

Conditional Access Explained

Conditional Access

Do you think your business could benefit from the technologies of conditional access? Do you want to know more? Then please reach out to a member of the Architecture team at Planet IT via [email protected] or call 01235 433900, and we can talk to you about the options available that work with your more comprehensive technologies.

4 Steps to the Perfect Backup Plan

World Backup Day

Today is World Backup Day, for many it’s a day to be celebrated, but for just as many, it’s a stark reminder of the dark omen that is an uncertain backup environment or plan.

We all know the basics of backup right? The things we all want to achieve

  • Retention
  • Redundancy
  • Recovery

I could happily go on for far longer than any of you would care to read on each of these topics!

Today however, I want to talk about the practical elements of making sure your backups and overall disaster recovery plan are the best they can be. Starting with some basic questions.

  • Are you backing up your whole environment?
  • Are you running your backups daily?
  • Are your backups retained for the right amount of time?
  • Do you take backups off-site?
  • Are your backup sets fully automated?
  • Are your backup jobs encrypted?
  • If you have cloud resources (Microsoft 365, Azure, AWS) are these backed up?
Back up servers

In an ideal world, you would want each of the above to be a confident and resounding YES! However, this is not always the case – we often hear the ill-fated “I don’t know”.

So, what can we do to be certain on the above and confidently rest knowing our backups will be there for us should the worst occur?

Step 1 – Check the List 

Firstly, I would start by checking your infrastructure or approach your IT Team to get the answers to the above questions. Understand that if the answer to any of them is no, in this first step, it’s less important to know why, just to understand the position you are currently in. Once you’ve established that, let’s move on to step 2.

Step 2 – Check the Kit 

Once you have a firm understanding of your overall backup integrity, it’s time to push past the smoke and mirrors and figure out exactly what you are working with. Check your storage, check your software and make sure it isn’t letting you down. There are so many options available in today’s market, but a quick search of your products and the competition should help you understand if you need to make any changes.

Step 3 – Make your Plan

At this point, you’re either happily relishing in confidence… or you’re not.

If you’re not… bear with me, I promise, we’ve just ripped off the worst of the band-aids and from here… the only way is up. When making your plan, it’s important to work out what you need first, what you want second and then figure out the cost implications (if any) your business will need to work towards. Everyone loves a good deal (or better, a free deal!) but sometimes investment is required to ensure you have the right infrastructure for your plan. When making your plan, make sure you are referencing the list from Step 1 and work out the following:

  • How long do I want to keep my backups?
  • What is my off-site storage plan?
  • Do I have Cloud Resources that need to be backed up?
  • How efficient do I want my backups to be?
  • How long can I afford to be offline in the event of a disaster?
  • How much data can I afford to lose in the event of a disaster?

The answers to these questions will help you to understand how much storage you need, whether you need a cloud or second-site storage plan, if you need high performance equipment and your Recovery Point/Time Objectives. Know that even if the plan is loose, it’s more than you had at Step 1 and it will help you enormously when collaborating with your teams, suppliers and peers to achieve the best outcome.

disaster recovery plan

Step 4 – Reach Out 

At this point, we’ve gone from scratching our heads, to having a clear understanding of the potential issues, a goal to aim for and a plan to get there. Now it’s time to reach out.

Speak to your team and your suppliers and get them on board with your plan. From this point forward, you’re taking control of your backup & disaster recovery plan. You’ve worked out what you want to achieve and you’re making it happen. That, or you were happy from Step 1 – either way, grab a coffee and your favourite lockdown biscuit, you’ve earned it!

Remember, if you ever have any questions, just ask. I, or one of the team here at Planet IT, are always happy to be used as a sounding board and can offer our expertise for your specific situation.

Feel free to reach out to me via LinkedIn or email me at [email protected].

Looking for a technology partner?
Let’s talk

  • This field is for validation purposes and should be left unchanged.