When should you use Windows 10 Pro for Workstations?

Windows 10 version 1903 is now in use on over 45 percent of all Windows 10 PCs out in the world, according to the latest AdDuplex usage. However, did you know there’s another flavor of Windows 10 ?

Windows 10 Pro for Workstations is an edition of windows released by Microsoft for high throughput calculations and high-performance CPU , Disk, Network, and Memory Hardware. Here are some list of features this version has compared to Windows 10 :

ReFS (Resilient file system)

By default Windows 10 PC’s run on NTFS File System. Microsoft created a new File System format ( ReFS ) to expand on the limitations that NTFS ( a 17 year old file system has )

  • Redundancy

  • Automatic Repair

  • Deduplication

  • Increase Capacity ( 16 Exabytes )

Persistent Memory

Allowing you to use (NVDIMM-N) hardware which gives you a much faster read and write rate for your computers Memory. It also protects your memory incase your computer switches off.

Samba Direct

If your network card hardware supports, Remote Direct Memory Access (RDMA) which gives you very low latency but very high throughput speeds , is now supported in this version of Windows 10. It also removes the load off your Computers CPU while transferring large datasets enabling this to be reserved for your application processing.

High-Performance hardware support

Running this operating system will allow you to be supported bu Microsoft to run 4 x Intel Xeon or 4 xAMD Opteron processors with 6TB of Memory

As above, the features give a Windows 10 desktop, server like capabilities and features some uses of this would be :

  • High Definition Rendering of Large 3D Video Files

  • High Spec Computer-Aided Design (CAD)Modification

  • Medical or Scientific Modeling Work

Could your network be the stopping point for your cloud migration?

Cloud data traffic is expected to quadruple from 2016 to 2020, and by this time it will count at 75 of all Datacenter traffic worldwide. This global transformation of moving data and services from On-Premise to the cloud will put more strain on existing networks. No matter how resilient and scalable the cloud services are you will need to have the Network to match.

Before looking at the most simplest cloud migration such as Office 365, a Network Readiness check is always needed. Instead of your Outlook clients connecting to a server on the same Lan with Low Latency and high-speed throughput, they will be doing this over the internet. If they are using other features such as Sharepoint for File Storage and Teams for Chat, each PC and Mobile device could be using Hundreds of TCP Connections to the internet compared to the tens of connections needed for web browsing.

The likelihood of needing to change and modify your network is high for the cloud migration to be successful. Organizations will see returns on investment into network upgrades in less a year depending on the technology and solution adopted.

Scaleable

Is it easy to add to your existing network vertically ( Increase the speed of existing units via licensing ) and horizontally (add more devices to share the load )? Are your Switches Stacked so the addition of more networking devices is just the plugin in and go when this needs to be done or will it need downtime and a network reconfiguration?

Speed

New technologies such as Fibre will mean internet connections to offices and homes are getting faster, can you existing infrastructure cope with an internet connection upgrade of around 10X ( e.g. 1 Gigabit ). The device might well have a 1GB WAN port but can it maintain this throughput while inspecting the traffic for malware and virus and also maintaining an intrusion prevention system? Check your current Model or router to see its Maximum throughput with Security Enabled. See below examples

Latency

The latency of LAN connections is usually under 1MS in a good environment. Depending on your Internet Service Provider and who they peer with , you will be looking at new 40-100MS Latency over the internet. The big question is, can the applications you how run in the cloud cope with this increase in latency? If they can , is this new latency going to dramatically slow down your workforce in their day to day jobs? There is monitoring you can setup with services such as SD WAN which detects real-time latency problems with your applications and notifies you before users do.

Services such as Azure’s ExpressRoute can be the solution to drop the latency of your cloud connections back to LAN like numbers.

Resilience

Does your existing Model of Router support additional devices to give you a high availability solution that will withstand a device failure and give you an ACTIVE\ACTIVE Solution? Do you have multiple internet connections with different providers so you are still connected in case of an ISP Failure? How are your multiple internet connections connected to your network so if a device or connection fails you will be still running in the fast possible setup?

Priority

Does your existing network support feature such as Quality of Service to prioritize real time traffic such as voice over your network and internet connection?

3 Months till Office 2013 clients will no longer be supported to access Office 365

Microsoft announced last year that it would be removing support for office version that are not on mainstream support accessing 365

it will be required to have Office 365 ProPlus or Office perpetual in mainstream support to connect to Office 365 services. Office 365 ProPlus will deliver the best experience, but for customers who aren’t ready to move to the cloud by 2020, we will also support connections from Office perpetual in mainstream support.

This means if you currently use Office 2013 to access 365 you should upgrade to 2016/2019 in the next 3 months

Could your network be the stopping point for your cloud migration?

Cloud data traffic is expected to quadruple from 2016 to 2020, and by this time it will count at 75 of all Datacenter traffic worldwide. This global transformation of moving data and services from On-Premise to the cloud will put more strain on existing networks. No matter how resilient and scalable the cloud services are you will need to have the Network to match.

Before looking at the most simplest cloud migration such as Office 365, a Network Readiness check is always needed. Instead of your Outlook clients connecting to a server on the same Lan with Low Latency and high-speed throughput, they will be doing this over the internet. If they are using other features such as Sharepoint for File Storage and Teams for Chat, each PC and Mobile device could be using Hundreds of TCP Connections to the internet compared to the tens of connections needed for web browsing.

The likelihood of needing to change and modify your network is high for the cloud migration to be successful. Organizations will see returns on investment into network upgrades in less a year depending on the technology and solution adopted.

Scaleable

Is it easy to add to your existing network vertically ( Increase the speed of existing units via licensing ) and horizontally (add more devices to share the load )? Are your Switches Stacked so the addition of more networking devices is just the plugin in and go when this needs to be done or will it need downtime and a network reconfiguration?

Speed

New technologies such as Fibre will mean internet connections to offices and homes are getting faster, can you existing infrastructure cope with an internet connection upgrade of around 10X ( e.g. 1 Gigabit ). The device might well have a 1GB WAN port but can it maintain this throughput while inspecting the traffic for malware and virus and also maintaining an intrusion prevention system? Check your current Model or router to see its Maximum throughput with Security Enabled. See below examples

Latency

The latency of LAN connections is usually under 1MS in a good environment. Depending on your Internet Service Provider and who they peer with , you will be looking at new 40-100MS Latency over the internet. The big question is, can the applications you how run in the cloud cope with this increase in latency? If they can , is this new latency going to dramatically slow down your workforce in their day to day jobs? There is monitoring you can setup with services such as SD WAN which detects real-time latency problems with your applications and notifies you before users do.

Services such as Azure’s ExpressRoute can be the solution to drop the latency of your cloud connections back to LAN like numbers.

Resilience

Does your existing Model of Router support additional devices to give you a high availability solution that will withstand a device failure and give you an ACTIVE\ACTIVE Solution? Do you have multiple internet connections with different providers so you are still connected in case of an ISP Failure? How are your multiple internet connections connected to your network so if a device or connection fails you will be still running in the fast possible setup?

Priority

Does your existing network support feature such as Quality of Service to prioritize real time traffic such as voice over your network and internet connection?

Should you Backup your Office 365 Infrastructure?

Office 365 has lots of redundancy built into their network , which covers you automatically from Hardware, Software, or Corruption, so you are somewhat automatically protected from failure.

Some companies don’t trust what they can’t see with the cloud so they like locally hosting their data.

Office 365 Retention Policies

You can add a “Forever” retention policy to your Office 365 tenant which means items can never be deleted for free. Officially this is part of the Office 365 Enterprise License ( E1-E5) However even on the Business Essential / Premium Products you can still enable this and lookup deleted emails.

Why Backup is different from Retention

Say for example you have a retention policy enabled. A user re-arranges a load of emails from one folder to another folder and so on , then down the line wants to revert all her changes. You cannot use the retention policy to restore these as they have never been deleted. This is where you need a backup of the previous day or hour when you have a snapshot of that folder to restore too.

Veam

If you are backing up Virtual machines you probably will be using Veeam to an offsite and onsite location.

Veeam offers a free Veeam Community Edition for 10 Users or Less ( No Support ) which will integrate into your existing infrastructure

Synology NAS

If you still have on-premise servers you are probably using an Onsite NAS to back these up to.

If you are using a Synology NAS , any 64-bit NAS with DSM6.1 or later with 2GB of RAM or more, supports “Active Backup for Office 365” package on Synology. This allows to backup drive, mail, contacts and calendar… items. For Free!

https://www.synology.com/en-global/knowledgebase/DSM/help/ActiveBackup-Office365/activebackup_office365portal

https://www.youtube.com/watch?v=pBK0pI7qF6A&feature=youtu.be

supported models: https://www.synology.com/en-us/dsm/packages/ActiveBackup-Office365

 

Just because you have a backup it is not saying there won’t be any downtime to your company if a service goes down or an error occurs that needs to be restored from. Backups usually have a Restore time of 4-24 hours depending how much data needs to be restored.

If you are looking for a Zero Company downtime solution you will want a service such as Mimecast Continuity

Windows 10 - Shared VS Kiosk Machine

Windows 10 Kiosk Mode

Windows 10, version 1703, introduces a mode called “kiosk mode”. What happens in Kiosk mode is Windows Signs in Automatically to a restricted local user account ( in case of a computer restart ) and runs in either a single Microsoft Store app full-screen mode inside (above the Lock screen) that prevents anyone from accessing the desktop, switch apps, or change settings, or it can run in multi-app kiosk mode ( Windows 10, version 1803) where only a certain number of apps can be run.

What would this be used for

  • Digital Signage - Small Intel NUC devices outputting a single webpage with company/school updates to a screen in a shared area

  • Kiosks inside of a Retail environment - Such as a Point of Sale device logging into Point of sale app e.g. Sassco Point of Sale

  • Computers providing internet access to Guests in Airports / Hotels or Events

Kiosk mode is not available on Windows 10 Home.

Windows 10 Shared Mode

Windows 10, Verison 1607, introduced Shared PC Mode

Windows 10 Shared PC Mode deletes old guest accounts automatically, because every time a guest logs in, it creates a new profile, which takes up disk space. This is useful for computers which have different people logging into the device every day and stops excess profiles building up using storage

What would this be used for?

  • University Computers

  • Internet Cafes

Both of these modes can be set up and managed through a domain controller or GPO or even better a cloud managed solution such as intune which means devices can be rolled out to different locaitons and all they need is an internet connection

When should you use Windows 10 Pro for Workstations?

Windows 10 version 1903 is now in use on over 45 percent of all Windows 10 PCs out in the world, according to the latest AdDuplex usage. However, did you know there’s another flavor of Windows 10 ?

Windows 10 Pro for Workstations is an edition of windows released by Microsoft for high throughput calculations and high-performance CPU , Disk, Network, and Memory Hardware. Here are some list of features this version has compared to Windows 10 :

ReFS (Resilient file system)

By default Windows 10 PC’s run on NTFS File System. Microsoft created a new File System format ( ReFS ) to expand on the limitations that NTFS ( a 17 year old file system has )

  • Redundancy

  • Automatic Repair

  • Deduplication

  • Increase Capacity ( 16 Exabytes )

Persistent Memory

Allowing you to use (NVDIMM-N) hardware which gives you a much faster read and write rate for your computers Memory. It also protects your memory incase your computer switches off.

Samba Direct

If your network card hardware supports, Remote Direct Memory Access (RDMA) which gives you very low latency but very high throughput speeds , is now supported in this version of Windows 10. It also removes the load off your Computers CPU while transferring large datasets enabling this to be reserved for your application processing.

High-Performance hardware support

Running this operating system will allow you to be supported bu Microsoft to run 4 x Intel Xeon or 4 xAMD Opteron processors with 6TB of Memory

As above, the features give a Windows 10 desktop, server like capabilities and features some uses of this would be :

  • High Definition Rendering of Large 3D Video Files

  • High Spec Computer-Aided Design (CAD)Modification

  • Medical or Scientific Modeling Work

How to protect company data on Users Personal Computers ( BYOD )?

Due to the Current Health issues, there has been alot of people using personal computers to access their company’s information. The best practice is always to use a company device, however due to the availability of the whole world needing laptops for home , this hasn’t been possible. Most of this access has been through a Terminal Server or Citrix which is a method to control company data as its streamed to the computer which is not controlled by a company. This means that if the local PC gets a Virus or Malware data cannot be accessed via this intruder, or the device stolen the company data is still secure.

Some applications might have been setup locally due to issues such as Teams being able to Stream Video and Audio and also email ( for people who want access to their email offline ) such as a plane. The question is how to secure these items?

The answer is Intune MAM. A policy can be defined in Microsoft Intune ( Users will need an Intune and Azure AD p1 License ) so users authenticating with Microsoft Apps direct or Apps that have been wrapped using the Intune Wrapping Tool can be Managed bu the intune App Protection Policy.

MAM can be applied to IoS( Apple ) , Android and Windows 10 build 15063 ( 1703 ) or greater.

MAM uses WIP (Windows Information Protection) on Windows 10 Devices in one of four modes:

  1. Hide overrides: Blocks enterprise data from leaving protected apps.

  2. Allow overrides: User is prompted when attempting to relocate data from a protected to a non-protected app. If they choose to override this promt, the action will be logged.

  3. Silent: User is free to reloacate data off protected apps. These actions are logged.

  4. Off: User is free to relocate data off protected apps. No action are logged.

Intune MAM policies can be added to a device after is has been enrolled , this doesn’t just need creating at the start.

Time Famine due to IT Support?

Time famine : “a term that first emerged in the scientific literature around 1999, refers to the universal feeling of having too much to do but not enough time to deal with those demands.”

Managing a company’s IT System can add a lot of things to the “To Do” list , here’s 10 points we do for our managed customers on a Monthly Basis:

  1. Deploy and Report on Windows Updates

  2. Check AntiVirus for the previous Alert History

  3. Check new Patches for Hardware, Drivers and Software Packages installed

  4. Check SLA’s on Tickets that have been breached and find out why to stop this reoccurring

  5. Check the Firewall and SOC Reports for any spurious Security activity

  6. Check a Backup Restore ( A Backup is only as good as a Restore ! ) and check Backup report for the previous history

  7. Renewals - Any Software Support or license renewals or Hardware coming out of Warranty

  8. Check over the monitoring system and find out any frequent issues that can be automated

  9. Check-in with Customer to make sure all is well and advice any new products which can help them streamline their workflow

  10. Run over our Internal Best Practices for systems such as Microsoft Office 365 and Microsoft Azure to make sure costs are minimized and security is Paramount

We also do much more!

So if you are an Office Manager currently balancing two jobs such as IT Support , or an InHouse IT Support Person who needs to get back on top of IT Support Analysis and Project work , drop us a line today to see how we can make your Time Famine disappear!

Example questions you should be able to answer to pass an External IT Audit

Email

  • You can prove through Firewall Logs and Connectors that mail flow is secured via a spam filter is locked down via IP Address

Backups

  • You can report the status of your backup jobs for the last year

  • You can prove backup notifications are monitored and acted on in case of failure

Disaster Recovery

  • You have performed a yearly DR test and have the findings from this test

Ticketing

  • You can list all request for change tickets ( RFC ) in the last year

  • You can list all tickets for the year

Security

  • You have had a penertraiton test and have proof of resolution of all the findings

Windows

  • Admin level privileges on Windows Server, confirm the appropriateness of membership these membership groups:

  1. Group Policy Creator Owners

  2. Schema Admins

  3. Administrators ( Local to Domain Controllers )

  4. Domain Admins

  5. Enterprise Admins

  6. Group Policy Creator Owners

Once confirmed , document Purpose, Who has Access and If it is a generic account, is the password stored in a tool/vault?

  • Check password expirty setting configuration in Active Directory and check if it is inherited from the Windows AD GPO (Group policy) settings

  • You can prove who has console access to servers in your enviroment

SQL

  • Confirm SQL Local account appropriateness i.e. the access privileges assigned to each account is appropriate for the user's job responsibilities. For generic accounts, please confirm the appropriateness by providing the purpose of the account and the business need to provide such access to the account.

  • SQL Users account does not have windows password policies or expiration policy set, can you please provide any suitable justification/ business rationale for that? (If it is a service account can you please provide an evidence that the password to the account is stored in a tool? Also provide the users that have access to the password. )

Are your Microsoft products End of Mainstream ( Bug \ Product Update ) Support?

As of today ( 30/4/2020) if you have Microsoft servers that are older then the list of below, then they are out of Mainstream Support

  • SharePoint 2016

  • Exchange 2016

  • SQL Server 2016 (SP1)

  • Windows Server 2016

What does that mean?

Mainstream support is the free warranty Microsoft puts on its software products ( usually around 3 years ) for any Security Issue or Bug or Product Changes found with it.

After this, the product switches to Extended Support

"Extended Support lasts for a minimum of 5 years and includes security updates at no cost, and paid non-security updates and support," says Microsoft.

Extended Security Updates for on-premises or hosted environments: Extended Security Updates will also be available for workloads running on-premises or in a hosting environment. Customers running SQL Server or Windows Server under licenses with active Software Assurance under an Enterprise Agreement (EA), Enterprise Subscription Agreement (EAS), or a Server & Cloud Enrollment (SCE), can purchase Extended Security Updates annually for three years after End of Support date. Customers can purchase Extended Security Updates only for the servers they need to cover. Extended Security Updates can be purchased directly from Microsoft or a Microsoft licensing partner.

What can you do ?

You can determine if not having product updates or bug fixes is an issue for your environment, auditing, and compliance. If only need Security updates, and these match your compliance and audit requirement then you just need to worry when extended support finishes!

If not then you need to purchase Extended Support From Microsoft , a cost of this for example with Windows 7 is 50$/Year or 25$ with a cloud license!

Or you can get it free for example SQL - Free and enabled by default when migrating on-premises servers to Azure Virtual Machines. You can then use the SQL Server registry service in the Azure portal to register your end-of-support SQL Server instance and download updates when they are made available.

Managing Devices without access local access to a Domain Controller

So your workforce has taken home their desktops and devices in a hurry due to the current Pandemic. How do you now manage these devices now they are in a disconnected state from the company network?

One of the first things you are going to have to make sure if you know the local credentials to the device. Hopefully, this has been set with something like LAPS , or a standard password that gets changed Via GPO. If the user does not have access to the domain there is no way to use Domain Admin credentials ( Unless they have been cached ) to install new software to connect back to the domain , catch 22!

RMM Tool

All computers managed by an Managed Service Provider e.g. US at Huon IT will be connected to a Remote Monitoring and Management tool. This enabled the MSP to connect to your computer and monitor and manage it. This is cloud based so it doesn’t matter were it is, it is countable and configurable.

VPN

For Enterprises that have their , If your users need to access data from the on-premise environment e.g. to connect to an App server or access files from a file server they will probably already have this setup.

If not, a solution to managing devices is getting them to connect back to your network. One of the easiest ways is to install a VPN on these machines, but you will need to set this up in your office, probably on the router as it usually is free and doesn’t require any license. You will need to protect this end point with 2fa factor authentication so if a password is compromised the attacker does not have access to the corporate network to further break into your system. Depending on your Router Make you may need to setup a Radius server and integrate into a service like Azure MFA using a P1 License.

VPN should be set to automatically connect so whenever they have an internet connection it connects into the office and checks in. By default VPN’s also put all traffic through , if this over loads your connect you should use something called “Split Tunneling”

Intune

Intune is the simplest and best option, your devices can check in to a cloud-managed monitoring and management system thats free with M365 License and can be configured to work in Hybrid mode meaning whether their in or out the office you can monitor them with the right tools!

Microsoft Azure hitting capacity constraints

Looks like Microsoft is having capacity issues in some of its world datacenters including the UK ( Especially UK West)

Microsoft’s statement was as follows

Due to a large spike in demand from customers responding to COVID-19 mitigation measures, Microsoft is managing capacity in some locations and will add new capacity as soon as possible. If your orders are failing, please select a different virtual machine size, or try provisioning in a different region. Microsoft has also paused sale of Reserved Instances, so is unable to process these orders at the current time. We will resume Reserved Instances orders once Microsoft also resumes them.

It is also now prioritizing extra resources for key customers

We are working closely with first responder organizations and critical government agencies to ensure we are prioritizing their unique needs and providing them our fullest support.

“We are also partnering with governments around the globe to ensure our local datacenters have on-site staffing and all functions are running properly,"

Specifically, we are providing the highest level of monitoring during this time for the following:

First Responders (fire, EMS, and police dispatch systems)
Emergency routing and reporting applications
Medical supply management and delivery systems
Applications to alert emergency response teams for accidents, fires, and other issues
Healthbots, health screening applications, and websites
Health management applications and record systems

If you are facing issue the recommendation if to find another region in their 54 Regions

For UK  Partners are advised to provision in UK South is UK West fails. 

For Australia: Partners are advised to provision in Australia South-East (Melbourne) if provisioning in Australia East (Sydney) fails. 

For Asia South-East: Partners facing provisioning failures in Asia SouthEast (Singapore) need to identify the best location for their customers in terms of latency. India South, Korea or Japan are suggested locations. 

For East Asia: Partners are advised to provision in Korea or Japan regions where provisioning fails for East Asia (Hong Kong).

Interestingly enough Google Cloud ( GCP ) which is the largest growing cloud provider in 2019 and Amazon’s AWS which still has the largest market share has had no growth or capacity issues

Microsoft services have been increased in demand by around 700%

This confirms why Hybrid Cloud or Multi Tenant Cloud solutions are used in some situations for extra redundancy!

What's the best communication app for remotely working team?

At Response IT, we are mainly a Microsoft shop, but that doesn’t mean we won’t look around to see what’s on the market and what could be better for our clients.

So you have a new remote workforce. They used to be able to go up to one another in the office to ask questions, how do they perform the same actions working for a different location? What tasks should the app be able to do?

  1. Chat functionality - Great to communicate with someone instantly instead of waiting for back and forth emails. Also great to leave people messages who are busy and checking their availability. Also group chats good for teamwork

  2. Audio and Video - Great for Stand up meetings at the start and during the working day so everyone knows who is doing what and answering any questions

  3. External Communication - Speaking with people outside your organization

Microsoft Teams

This is bundled into the Office 365 suit for free so that an immediate advantage. Team Chat/Audio and Video is a tiny part of Teams there is strong integration into Sharepoint for File Collaboration as well as Outlook for Meeting Functionality.

Another big one is Teams can be your Phone System as well means your Chat/Phone System/Video Conferencing unit is a single program on any of your devices.

Microsoft built this tool to match all its internal 365 compliance in regards to Archiving & Retention and Attendance Management

Zoom

Zoom have built their system from the ground up for useability. Ease of use was a big part of their design and it shows that anyone no matter what skillset can join a meeting. It Just Works!

Larger calls I think work better on Zoom than Teams. Any number over 4 and the quiet people of the meeting disappear from the group Dashboard, Zoom all attendees appear

The ability to integrate into old video conference units (sip/h.323 room systems) for SIP and IP with the CRC Connector is a massive plus. Means, unlike teams you don’t need to pay for a third party bridging service.

They also have heavy Integration with third parties like slack if you already use Slack internally as a messaging system it works well, they even have integrations to Microsoft Apps!

Webex

Unlike Microsoft Teams, where there is a single app to call external number, Webex has a separate app called WebEx calling for this which means there is more ground for error and usability. There is WebEx Meeting for meetings and WebEx Teams for Chat.

Webex is nearly double the price of Teams and does not have free service.

Webex has a strong range of Room Systems and Cisco created hardware that fully integrates into Webex Meetings offering a Seamless Solution. Webex Meeting also offers a bridge service to other devices and platforms.

Each product has its unique advantages depending on what you want to use it for. Enterprise would be utilizing WebEx due to its Cisco Device range of Phone HandSets and Video Conferencing units

A Company with Office 365 it would make sense to use Teams!

Other Companies who need to call people who have email hosted outside of Office 365 it would make sense to use Zoom , especially if they need to connect to a (sip/h.323 room system) via Software

Covid 19 - What should your company be doing differently?

With Covid 19 now a worldwide Pandemic, companies now need to use risk management to mobilize their workforce to incase of an outbreak at work. Companies are also using the “Split Shift” method where Teams are divided into two and one Team works from home one week, and the other team the next ( so the office can be fully cleaned).

Remote Access

The main methods of remote access back to the office if a customers applications, email and files are not already in the cloud will be to use a VPN to connect back into the Office Network or use of a Terminal Server where computers connect into a server and run applications just like they are in the office.

Terminal server usage is purchased through “Client Access Licenses” so these will need to be correctly purchased and added to the server so concurrent usage is correctly licensed.

Lots of Terminal servers are getting spun up and put on the internet without a second factor of authentication and hackers are using this to bruteforce new servers. Make sure your Terminal server has Two factor Authentication! Duo are giving people 90 days free!

Mobility

The fastest way to get mobile is the use of tablets or laptops that can access work applications and network through a VPN connection or terminal server. The issue now is a problem wit hsupply chain, as all small to medium businesses buy up all remaining stock for their workforce.

A solution to this is “BYOD” Bring Your Own Device , where people can bring their existing personal Laptop talbet from home. Terminal Server will be the easiest way to manage these devices to make sure no Company Data is stored on Personal Unmanaged Devices.

Internet Connections

Now most of the countries workforce will be working from their home, this will put a strain on not only the companies internet but also the whole countries Home ISP networks who will have an unprecedented surge of usage throughout the day.

Companies should be using this to increase the speed and redundancy of their networks and also the purchase of Mobile 4g Hot Spots as backup and mobile workforce use.

Team Communication

The whole companies communication will now have changed to a remote setup. Can your existing phone system support taking phones home , or will you have to switch to a new system which does, or use a mobile phone and free software such as Microsoft Teams for availability and Video / Audio Calls?

Security

Hackers watching the events unfold know this is the perfect time for the social engineering of companies and people as they are more vulnerable than ever. For example Finance people working from home, unable to quickly ask the CEO in person if they need to transfer funds they have received from this email. Again per mobility above , people will be having to use their personal devices which might have unknown virus’ or out of date software , so companies need to ensure all their security can handle a password being compromised by using technology such as two factor authenticaiton.

Extract from Law Society Cyber-Security Email Account Takeover

If you are a member of the law society , you would have got the below email from the society.

Lawyers are strong targets for hackers as they are usually trusted to hold large amounts of money e.g property conveyancing. This means hackers know they can infiltrate and use this knowledge to understand where and how money is sent , and at the right time use this to get money transferred to them.

How do we protect ourselves?

We recommend five immediate steps, whether you have spotted suspicious activity or not.

1. Change your password to something completely unique, strong (with numbers, symbols and capitals) and unrelated to anything that can be discovered about you on your social media accounts.

2. Switch on strong authentication (e.g. multi-factor authentication for Office 365, or two-step authentication for G Suite).

3. Get your email administrator to look at your historic ‘sign in’ logs and check for malicious behaviour (e.g. strange locations). You will be amazed how many times we do this and find a client has already been breached.

4. Review email alerts and forwarding rules. Be careful: these rules may need to be checked on your mail application and webmail.

5. Configure your email systems to become more defensive, including alert set-ups, switching audit logs on and reducing the number of administrators.

You must undertake a proper risk assessment of your data, systems, and the way you operate, and then put in place a risk management framework. It should cover your technology, people and governance. It is estimated that over 60% of cyber-attacks are caused by staff error. So, you must ensure that everyone in your firm has access to ongoing cybersecurity awareness training and test that it has been understood. You must put in place the right governance regime, with the right policies, that fit the way your firm operates, to keep the whole organisation safe. You should also regularly review and update your security arrangements to ensure continued safety and operational resilience.

All these are good tips that we use already for our customers , but would recommend anyone else to partake in these.

What Information should an Monthly Executive IT Report have in it?

Executive Summary

  • Brief overview of the other Headings

  • Projects Completed in the Month

  • Site Changes

  • Suggested Improvements

Monitoring

  • Any issues in current monitoring set up

  • Issues brought up in any maintenance tasks

Help desk Overview

  • Number of tickets with Priority

  • Summary of how many tickets were raised from previous month , and how they fared in regards to meeting assigned SLA for Priority

  • Current tickets closed for the month as well.

Security

  • How many Virus outbreaks and detections on your Antivirus software. All machines checking in getting latest AV definitions

  • How many threats ( Instrustion \ Websites \ Applications ) blocked on your firewall

  • How many spam messages stopped on your spam solution

  • Software and Hardware Updates

Backup

  • Have all Onsite and Offiste backups run successfully during the month

Renewals

  • Any renewals ( Domains \Hosting \ Support ) coming up

Certified Information Systems Auditor (CISA) as a Service

Small to Medium business sometimes need to gain accreditations to work with larger companies due to complance and this usually means being audited by external organizations. For a business to pass these Audits or gain these accreditations you need to have a subject matter export in Information Systems via auditing, control and security

The biggest issue in developing policies and procedures is getting access to the custome’’s key people to extract the necessary information. That is always the challenge so need customer to organise access.

Another consideration is that in defining the information to be source differs between entities and industry so work needs to happen prior to the actual engagement to develop the content.

Usually they will need an initial 2 week period to prepare, investigate and workshop with the key stakeholders for the policies:

Rule of thumb is each policy will take 3 days to complete.

We then need to undertake a customer review, make changes and present these back to the customer

Contact us today to speak to our CISA experts

Backup and Disaster Recovery Policies for ISO 27001

IT Policies and Auditing and testing companies will need to have written to obtain the ISO 27001 Certification

Backup and Recovery

Development of a policy and documentation that defines what a company backs up and how the backup is performed. It will also cover recovery and retention with appropriate service level agreements for critical data such as RPO and RTO.

Test backup and recovery process

A full test of all backups to ensure that they are valid and that the SLA's can be met.

Business Continuity Plan

Development of a business continuity plan to ensure operations continue in the event of a disaster or office closure.

Test business continuity plan with staff

A simulated test of the above business continuity plan across all staff to ensure the plan works and the goals can be achieved within the timeframes required.

Security Policies (Network, Platforms for ISO 27001 )

Security Policies needed for Security for ISO 27001 Standard

Cryptographic Controls and Key Management

Development of a policy to cover cryptographic controls and key management

Security Incident Management

Development of a security incident management policy and associated registers. Training for staff in how to use them.

Conduct testing of the security incident management policy

 

Network security solution (Managed SIEM & SOC)

A SIEM (Security Information and Event Management) is a specific kind of technology, providing network visibility in a security context (by indicating suspicious/illegitimate activity through set-up rules and correlation intelligence), and enabling security analysts to act on suspected threats.

A SOC (Security Operations Centre) encompasses the People, Processes, as well as Technology involved in protectively monitoring a network, responding to incidents, and researching/actively searching for known/unknown threats.