BCN Group – ‘Best Performing Infrastructure Services Company’

BCN Group walked away with the the honour of being awarded ‘Best Performing Company’ in the infrastructure services category at the Megabuyte awards on Thursday evening.

The Megabuyte awards identify the Top 100 UK technology companies using their unique scoring methodology and focus on both mid-market and smaller, future mid-market leaders.

‘It is a great achievement to be recognised as one of the UK’s best performing technology companies for all the team at BCN’ says managing director, Simon Kelf.

‘We are very much focused on the continued growth of BCN and will relish the challenge of competing within the next tier of the Megabuyte awards as a £10m+ company next year!’

To view a full report of all the categories and winners, a softcopy of the report can be found here.

 

Processor Vulnerability – Meltdown and Spectre

As you may be aware there have been two processor vulnerabilities published. These vulnerabilities affect various vendor CPUs including Intel processors. These latest vulnerabilities are named Meltdown and Spectre.

Meltdown

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. Luckily this currently has patches available.

Spectre

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre

Actions

BCN Group is working to secure our environments from these vulnerabilities as the providers are rolling out patches, these vendors include VMware, Microsoft, Red Hat, CentOS, FreeBSD and others. For more information on what is available from our primary vendors please visit the links below.

VMware
Microsoft

Hosted Customers

BCN Group will be arranging maintenance windows where applicable to reboot the servers to enable the patching of Microsoft and Linux operating systems. The underlying infrastructure is currently being patched and will not affect any customers.

Managed Service Customers

BCN Group will be patching your servers and will contact you to arrange a maintenance window if required.

Desktop Users

Windows computers will be patched via windows updates if it is enabled.

Additional Information

Unfortunately, this patching may have an adverse effect on the CPU usage depending on applications. This increase in usage has been reported between 5% and 30%, but this is not predictable at the moment. For desktop users, this is likely not noticeable, but for server users we recommend monitoring your workloads.

If you have any worries or questions and would like assistance please contact you account manager on 0345 095 7000.

9 steps to protect against Ransomware

Security Best Practices

Ransomware attacks start in two main ways. A booby-trapped email with a malicious attachment or via a compromised website; which then work their way down to your endpoints and servers. To stop these attacks, it’s critical that you have advanced protection technology in place at each stage of the attack and combine this protection with good user security practices.

Nine best security practices to apply now

Good IT security practices including regular training for employees are essential components of every single security setup. Make sure you’re following these nine best practices:

Patch early, patch often

The sooner you patch the fewer holes there are for ransomware to exploit.

Backup regularly and keep a recent backup copy off-line and off-site

Offline and off-site means ransomware can’t get to it. With recent back-ups, data loss can be minimised.

Enable file extensions

Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.

Open JavaScript (.JS) files in Notepad

Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.

Don’t enable macros in document attachments received via email

A lot of infections rely on persuading you to turn macros on, so don’t do it!

Be cautious about unsolicited attachments

If you aren’t sure – don’t open it. Check with the sender if possible.

Don’t have more login power than you need

Admin rights could mean a local infection becomes a network disaster. Stay up-to-date with new security features in your business

Stay up-to-date with new security features in your business applications

For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet”.

Patch early, patch often!

Staying on top of patching is so important that we’ve called it out twice. Don’t let ransomware exploit a patched vulnerability.

 

If you’d like to learn more about how to protect your business against ransomware or any other malware, phishing or cyber-threat, get in touch with us today.

GDPR, Security & Office 365 Seminar

Getting to know Lindsey at BCN a bit better!

Each month we will be interviewing a member of the team to give you a little insight into the day-to-day running of the business and get to know our staff better!

To kick off the interviews, we have asked Lindsey, our Operations Manager to answer a few questions.

What is your role at BCN & how long have you worked here?

I am the operations manager here at BCN and have worked here coming up for 6 years now. I am incredibly lucky as my job here at BCN is so varied and I get to be involved in many parts of the business and with various projects. I manage our admin and accounts team, ensuring the smooth running of our processes. I am involved in our marketing and I lead our SEO team to improve our google rankings. As I am responsible for managing our ISO:9001 accreditation, I am always looking to improve our systems and processes, implement changes and ensure our customers get the absolute best out of BCN.

 

Take us through a typical day at work for you…

First thing in the morning, I will try and get small projects or issues that need resolving out of the way, I write up blogs and check my emails to plan the day ahead effectively. Depending on the day, I could be sat with our in-house developers working on new functionalities in our system, or sat with the admin and accounts team to help progress any orders and projects, or working on our website with the SEO team.

What is the best thing about being part of BCN Group?

The best thing about BCN is the culture – we are a very hardworking, driven team who are lead by inspiring but down-to-earth directors. BCN is a really fun company to work for which is reflected in our low staff turnover and I can honestly say that I enjoy coming to work 99.99% of the time 😉. Also seeing a company set aims and targets and being a part of achieving them is very motivating and satisfying.

What advice would you give to a new colleague on their first day working at BCN?

Don’t take yourself too seriously, work hard and be prepared to be a team player!

What are your aims outside of BCN?

A few people at BCN call me a hippy because one of my main aims in life is to grow enough fruit and veg in my garden to feed my small family for the year. My ideal weekends are spent planting, weeding and harvesting with the help of my 7 year old daughter.

 

 

Top 8 Reasons Your Business Needs a Disaster Recovery Plan

The importance of a disaster recovery plan cannot be overstated. Many business leaders may consider a disaster to be a hurricane, tornado, flood or earthquake. However, the truth is a disaster is any event that prevents a business from accessing the data and systems it requires to operate, including regional power outages, cyberattacks, human error, employee sabotage and hardware failure. Every company faces the risk of IT interruptions that can grind business to a halt, risking high financial costs, reputation loss or even greater risks for you and your customers.

Below are 8 reasons your business should consider a Disaster Recovery Plan.

1. Because your business cannot afford any downtime. 20% of businesses experience a failure (fire, flood, power outage, natural disaster, etc.) in any given year, and 80% of those businesses will go under in just over a year.

2. Because your customers and potential customers expect it. The average consumer now expects the information they want to access to be available whenever it is convenient for them. Downtime means a lack of availability to your customers and a loss of business in the immediate and possibly long term.

3. Because you have spent a significant amount of time and money building your reputation – you need to protect it. Downtime and lost data can ruin reputation, brand and ultimately diminish trust that can result in lost revenue.

4. Because nature is unpredictable. Businesses that don’t have a backup and disaster recovery plan in place can find it almost impossible to resume operations after a major disaster hits. An estimated 80% of all companies that experience a business interruption of greater than five days, without recovery plans, go out of business.

5. Because machines and hardware fail. While we’ve made huge strides in the reliance of our technology, it’s still not perfect and is bound to have issues here and there. You can buy the best equipment on the market but that does not safe guard you from malfunctions, lemons and breaks. Although it may be expensive for your company to eliminate any single point of failure in your IT infrastructure, it is really the only way you can be sure that a hardware failure will not interrupt your service or cause data loss. We recommend all our clients to back up their data regularly, ideally using our highly secure managed hosting services.  This will help to eliminate any interruptions in case of IT infrastructure failures.

6. Because we live in a 24/7 world that requires ‘always on’ capabilities. 72% of web users report abandoning a company website for a competitor’s due to frustrations with the website . If a website goes down, online shoppers are not willing to wait for the unknown time at which the site will be back online. If you aren’t protecting your internet and network you could end up sending your business straight over to your competitors.

7. Because you can’t predict what data might be lost and the value it had to the running of your company. 43% of companies were immediately put out of business by a “major loss” of computer records, and another 51% permanently closed their doors within two years — leaving a mere six percent “survival” rate.

8. Because humans make mistakes. While this is among some of the hardest mistakes to prevent and correct, ensuring your data is regularly backed up lets you restore it to an error-free state. 80% of unplanned outages are due to ill-planned changes made by administrators and 60% of availability and performance errors are the result of misconfiguration.

For help with your DR planning, call BCN Group on 0345 095 7000.

Beyond The Four Walls: Essential Mobile Security for Businesses

The internet has revolutionised the way we do business. Securing your company used to be all about keeping things within the four walls of your office. A firewall and antivirus software could keep threats at bay and this was widely accepted as sufficient for IT security. Then the mobile device came along and turned this four-walls theory on its head. With devices coming in and out all the time, accessing sensitive emails over coffee shop WiFi networks and falling between the cracks of internet security, the issue of mobile security doesn’t come up nearly as often as it should. Every company should have a mobile security policy in place to protect sensitive data from falling into the wrong hands.

Update your company mobile security policy

Every business should have a mobile policy that includes security provisions. This should outline what is and what isn’t acceptable on a company mobile device. This includes phones, tablets and laptops as they can all be taken away from the office and are therefore at higher risk. Your policy should also specify if users can access company data from their own devices.

Designate responsibility for mobile security

Things like keeping software and antivirus software up-to-date can often fall between the cracks, particularly for personal and mobile devices. Deciding who is responsible and making sure they are aware of this responsibility is essential. This can become part of the mobile security policy and should be checked frequently to ensure employees are compliant.

Switch to the cloud

The cloud provides unrivalled security for users on the go. If you want to keep your data secure, then storing all of your sensitive data on a cloud account is far safer than saving it on a mobile device. If your phone, laptop or tablet is ever stolen and you are using a cloud account you can simply revoke access and your data will remain secure.

Use data encryption

In 2012, a NASA employee’s laptop containing the details of 10,000 employees was stolen from their car. While the laptop did have password protection, it wasn’t encrypted, which meant the data was at risk. If it can happen to NASA, it can happen to you. Encrypting all devices is an essential step for mobile security but it is often overlooked as password protection is seen as sufficient.

Mobile security is an essential component of any company security plan if you want to keep your business your business. With more and more employees switching to mobile devices and working outside of the four walls of the business, it makes sense to put a mobile security plan in place to keep your data secure.

Cloud Computing Advantages for SMEs

The cloud offers flexibility, scalability and security. Which is convenient, because these are just some of the things small business owners are looking for. For those growing a business, there can be no better IT solution than one that grows with them. The world of business is fast changing, and the business owners leading the way are those switched on to cloud computing advantages.

While it might seem like a complex concept, anyone with an email account can grasp the idea of cloud computing and its advantages. For anyone who has ever logged into their email account from a computer that isn’t their own and found all of their emails and files accessible to them, the advantages of cloud computing are fairly easy to understand. The modern company isn’t confined to one location, and the rise of entrepreneurs starting businesses from their dining table means that cloud computing is the logical choice to enable collaboration without a traditional office environment.

Here are just some of the cloud computing advantages we can think of…

Increased Collaboration

One of the most obvious cloud computer advantages is the opportunity for collaboration. An office in a box solution allows the work from home entrepreneur to scale up their operations as an when required. This might mean collaborating with someone on the other side of the city, or the other side of the world. This solution travels with the business owner, meaning they are always ready for the next step in growing their enterprise. However, the only obstacle lies in company-wide adoption. Issues with compatibility can arise if one user is reluctant to adopt new technology. For cloud computing to work, everyone will have to be on board, which means educating all of the stakeholders and staff on how the cloud works.

Speed Up Processes

The cloud has no doubt streamlined many processes which we now take for granted. For businesses, the prospect of speeding up cumbersome processes can help to free up time for other tasks. Going paperless, for example, can free up time spent stuffing envelopes or scrambling through filing cabinets. Moving processes to the cloud also opens up the possibility of using big data to make better business decisions.

Improve Security

We couldn’t compile a list of cloud computing advantages without mentioning security. The threat of cyber attacks hasn’t been far from the headlines in the past couple of months, which is prompting some companies to review their security protocols. Unfortunately, SMEs often think they’re immune to such threats until it’s too late. With the right hosted cloud services provider, security can be greatly improved. Even steps as simple as keeping software up-to-date will help to improve IT security and reduce the risk of malware infection. And if something goes wrong, data recovery from the cloud can help to minimise disruption.