BCN Group open new Burnley office

BCN Group are delighted to announce the opening of its new Burnley office.

The announcement comes after continued growth over recent years and the acquisition of Leeds-based IT managed service provider, Blue Logic, in May.

Simon Kelf, CEO of BCN Group, commented:

The aim of BCN Group is to provide market leading IT and cloud support to local businesses from a local centre. The opening of our new office enables BCN Group to provide cutting edge and leading technology to the businesses across the M65 corridor. With offices in Manchester, Burnley & Leeds, we’re able to cement ourselves as the Northern IT Powerhouse for managed services.

Situated at Shuttleworth Mead, Burnley, the new office will allow businesses across Lancashire direct access to highly skilled IT engineers delivering exceptional IT services & support including BCN Cloud, Azure, Office 365, Microsoft Teams and Sage.

For more information please contact us on 0345 095 7000.

Processor Vulnerability – Meltdown and Spectre

As you may be aware there have been two processor vulnerabilities published. These vulnerabilities affect various vendor CPUs including Intel processors. These latest vulnerabilities are named Meltdown and Spectre.

Meltdown

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. Luckily this currently has patches available.

Spectre

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre

Actions

BCN Group is working to secure our environments from these vulnerabilities as the providers are rolling out patches, these vendors include VMware, Microsoft, Red Hat, CentOS, FreeBSD and others. For more information on what is available from our primary vendors please visit the links below.

VMware
Microsoft

Hosted Customers

BCN Group will be arranging maintenance windows where applicable to reboot the servers to enable the patching of Microsoft and Linux operating systems. The underlying infrastructure is currently being patched and will not affect any customers.

Managed Service Customers

BCN Group will be patching your servers and will contact you to arrange a maintenance window if required.

Desktop Users

Windows computers will be patched via windows updates if it is enabled.

Additional Information

Unfortunately, this patching may have an adverse effect on the CPU usage depending on applications. This increase in usage has been reported between 5% and 30%, but this is not predictable at the moment. For desktop users, this is likely not noticeable, but for server users we recommend monitoring your workloads.

If you have any worries or questions and would like assistance please contact you account manager on 0345 095 7000.

7 takeaways from Cisco Meraki’s latest cloud wi-fi solution

 

 

Mobile connectivity has grown exponentially over the past few years, so much so that today, 71% of all mobile communications now flow over wireless (source: Wi-Fi Alliance). Whether you are working at home, or using a device at the office, mobility has become a necessary part of modern businesses.

Not surprisingly, managing such a widespread multi-site, multi-mobile entity can be daunting for even the hardiest of administrators. Enter cloud networking. Cisco Meraki have developed a cloud networking, switching, security and wireless management solution that seeks to accommodate and enhance this step change. Here we take a look at key aspects of their platform and how it can help you, your users and your organisation.

So what is it?

In short, Cisco Meraki is a powerful multi-site wireless management tool which removes the need for complex traditional onsite wireless controllers, using just a single cloud-based control interface using real-time communication protocols that enable network administrators to manage their networks from the cloud, without sacrificing control and responsiveness. Whilst this explanation may not sound very compelling, the benefits can be significant.

Always at the ready

Cisco Meraki comes with a robust management dashboard which is accessible at any time, from anywhere. Requiring only an internet connection on your preferred device, accessibility is what the Cloud Meraki Dashboard does best – even in the event of a power outage or poor weather. Using a combination of traffic rerouting and geographical data priority, the dashboard will always remain readily available to anyone who needs to use it, no matter the circumstances.

Safe and sound

Where there’s mention of wireless or the cloud, there quickly follows security concerns. And rightly so. Almost daily we hear or read about major network intrusions, compromises and computer misuse. To combat this, Cisco Meraki puts its security stance front and centre, using an out of band location and an encrypted layer to communicate to and from the management interface. Unlike most traditional wireless and switch arrangements, management traffic is also segregated from the normal network, making unsolicited and malicious intrusion all but impossible.

On a more general footing, it incorporates a variety of advanced features within its firewall solution to stop unauthorised access to your user network. Of these, the firewall allows for:

  • content filtering
  • geographical firewall rules
  • anti-virus and anti-phishing
  • intrusion prevention and intrusion detection services.

Centre stage

The Meraki Cloud Dashboard can be accessed from a wide range of popular web browsers and is also accessible on Apple and Android devices. Through this dashboard, users can identify bandwidth usage from devices or specific applications, as well as the ability to troubleshoot networking issues and test features within the system. The dashboard is simple and easy to navigate – and no other application or program is needed.

Self-sufficient

Any device accessible through the Meraki Cloud Dashboard can be automatically updated to ensure optimal performance and security from the network. Additionally, updates can be scheduled for any time to avoid disruption during periods of heavy internet usage. Should there be a failed update, any incompatible hardware is automatically rolled back to keep your network running without hassle.

Reach for the sky

There’s nothing worse than finding a quiet spot to work from your laptop or tablet, only to discover that internet access is unavailable or appallingly slow. Cisco Meraki solves this by providing enterprise-class 802.11ac access points which deliver the strongest signal strength possible, letting you work happily wherever you want. Furthermore, outdoors access points can also be added throughout the workplace, extending Wi-Fi coverage of your site/campus.

Setting an impression

We expect access to the internet – it’s a staple for much of our everyday lives – and it’s clear we’re getting more fastidious about its absence. According to Hotel Chatter, 38% of people will no longer book a hotel solely on the basis that it does not offer Wi-Fi.

With so much data moving across wireless infrastructure, businesses have few options but to utilise it. How you control, secure and manage it is the new challenge.

Benefits street

Network managers can gain some big advantages from cloud networking over the traditional solutions. Of these are:

  • Faster implementation and easier management
  • Unified view of the entire network regardless of the location of end devices
  • Rapid detection of troubled devices and easy replacement
  • Reduced costs on IT staff and training
  • Reduced costs of upgrades to network operating systems and devices
  • Anytime, anywhere network access
  • Stronger security posture and network control

To summarise, no Wi-Fi is becoming a business showstopper. It’s little surprise that 75% of people recently said that they would be grumpier without internet for a week than without coffee.

At BCN Group, we work closely with customers to ensure that their networks are managed efficiently and safely. Cisco Meraki is just one solution we apply to ensure your business can grow further and exceed expectations. If something has caught your eye, get in touch with us at info@bcn.co.uk, or visit us at www.bcn.co.uk.

Millennials are Top IT Security Risk for Businesses

 

Millennials are a generation defined by technology. After all, this is the first generation to grow up surrounded by technology. Despite this, it’s the older generations who are savvier when it comes to internet security. According to research by FirstData, millennials are less concerned with cybersecurity than older generations. The biggest problems faced are with reusing the same password and with over sharing sensitive information on social media and over email.

 

Older generations might be more concerned with their individual computers and devices being infected, which is why they are cautious about internet usage and sharing information. However, younger generations don’t share these concerns. Although device-level security might be sufficient, there is always the worry that third-party sites could be compromised. If a user has the same password for every platform, then this could present a serious problem.

 

According to the research, 82% of millennials reuse the same password across websites and apps and 42% will only change their password if they are forced to. The main reason cited for this reluctance to change passwords is that they are simply too difficult to remember. For company owners, this presents a unique challenge when it comes to policing their company password policy.

 

When it comes to oversharing on social networks, millennials are less concerned about the risks associated with this. Only 43% of millennials are concerned about transmitting private information over social media sites, compared to 63% of boomers. Even something as small as sharing your date of birth on social media can allow fraudsters to piece together your identity and open credit cards in your name.

 

For companies, this presents a unique challenge, as millennial workers might use the same password for their work email as they would for their social media accounts. Although there is a lot of attention to cybersecurity threats such as ransomware, millennials aren’t as concerned about the risks associated with identity theft. While social networks might be secure, many people allow third-party apps to access their information without a second thought, and this is where more education is needed. Although millennials may be very savvy when it comes to technology, there are clearly gaps in awareness where security is concerned.

5 Reasons Tech Startups Should Invest in IT Support

The image of the modern tech entrepreneur is someone who can miraculously manage everything at once. Although startups might feel that they have to pull themselves up by their bootstraps and manage everything in-house, there are a lot of benefits to be enjoyed when it comes to outsourcing critical tasks. IT support is one area where tech startups, in particular, can benefit from outsourcing their needs. Here are 5 reasons tech startups should consider outsourcing their IT support…

Reduce Costs

Running a successful startup is all about making sound financial decisions. While many startups may subscribe to the agile mindset, they are often guilty of making bulky and costly mistakes. Hiring an in-house IT department is one such costly mistake. Managing your IT in-house means hiring an entire team, not to mention the added costs of servers, software and hardware. By outsourcing this to a third party company, the startup is able to take an agile approach to growth as the IT support they need can grow with them.

Leverage Expertise

It can be tempting to try to operate as a jack of all trades, but there comes a time when it pays to refer to the experts. Although there is a lot of satisfaction to be gained from managing everything in-house, leveraging the expertise of an IT support company can help to keep the focus on the task at hand: building your startup.

Improve Customer Retention

In the early days of managing a customer-facing startup, public perception is everything. If you’re out of action for half a day because you decided to manage your IT in-house and can’t access your CRM database for a few hours, this will likely leave your customers with a bad impression. By outsourcing your IT, you can rest assured that someone else will be keeping an eye on things, so you can move your attention to more important matters.

Increased Security

Small businesses and startups are particularly vulnerable to hacks and ransomware. By outsourcing your IT services, you can rest assured that someone in the know is monitoring your IT systems for anything out of the ordinary. This could range from unusual attachments in emails to brute force attacks on your network.

Scalability

The best IT support companies will provide scalable services that grow with your business. If you have to tighten your belt one month, you should be able to reduce costs, whereas if you are going through a period of rapid expansion, your IT provider should be able to keep up. Leveraging the scalability of outsourcing your IT is one of the best reasons to consider hosted cloud services for your tech startup.

United States Considers Making Revenge Hacking Legal

For the companies in the midst of high-profile data security breaches, revenge hacking is likely low on their list of priorities. As an activity, hacking isn’t inherently illegal, but there are limits on what is and what isn’t permissible. If you forget the password to your own laptop and exploit security vulnerabilities to gain access to it, this is fine. However, if you do the same to your boss’s laptop and steal information from it, this is illegal. While large companies might hire white hat hackers to test their network vulnerabilities and monitor for unusual activity, these hackers have been largely limited in what they can get away with. Until now.

Under the proposed legislation, the victims of hacking would be legally allowed to take revenge against those who breached their security systems. Revenge could involve anything from hacking their systems back, finding out who they are and even destroying any stolen data and information. The rules would also allow victim companies to deploy beaconing technology that would allow them to find the geographical location of the hacker. This would aid law enforcement in bringing these individuals to justice.

There are some limitations to the bill, and companies that choose to carry out revenge hacks wouldn’t be without liability. Most importantly, revenge hacks would only be allowed to be carried out on US computers, which already limits the reach. Many cybercriminals will route their attacks through systems around the world, which would protect them from revenge hacks. Companies would also have to fill out paperwork and submit this to the FBI’s National Cyber Investigative Joint Task Force. This will help to ensure national boundaries are respected and that any activity wouldn’t infringe on a known investigation. The legislation has also been proposed with a time limit attached. The bill would expire after two years and the United States Department of Justice would have to report to Congress to keep them up to date how the legislation has been utilised.

Liability is also a key issue. If damage was done to a third party system as the result of a revenge hack, the company behind it would be liable, provided there is a trail pointing to the company behind the hack. It is not yet clear how transparent the hacking departments will need to be about their activities.

In the UK, there are currently no plans to work revenge hacking into law, but with ransomware and security breaches on the rise, MPs are under pressure to find a satisfactory solution that will protect businesses, infrastructure and public services from cybercriminals.

9 steps to protect against Ransomware

Security Best Practices

Ransomware attacks start in two main ways. A booby-trapped email with a malicious attachment or via a compromised website; which then work their way down to your endpoints and servers. To stop these attacks, it’s critical that you have advanced protection technology in place at each stage of the attack and combine this protection with good user security practices.

Nine best security practices to apply now

Good IT security practices including regular training for employees are essential components of every single security setup. Make sure you’re following these nine best practices:

Patch early, patch often

The sooner you patch the fewer holes there are for ransomware to exploit.

Backup regularly and keep a recent backup copy off-line and off-site

Offline and off-site means ransomware can’t get to it. With recent back-ups, data loss can be minimised.

Enable file extensions

Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.

Open JavaScript (.JS) files in Notepad

Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.

Don’t enable macros in document attachments received via email

A lot of infections rely on persuading you to turn macros on, so don’t do it!

Be cautious about unsolicited attachments

If you aren’t sure – don’t open it. Check with the sender if possible.

Don’t have more login power than you need

Admin rights could mean a local infection becomes a network disaster. Stay up-to-date with new security features in your business

Stay up-to-date with new security features in your business applications

For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet”.

Patch early, patch often!

Staying on top of patching is so important that we’ve called it out twice. Don’t let ransomware exploit a patched vulnerability.

 

If you’d like to learn more about how to protect your business against ransomware or any other malware, phishing or cyber-threat, get in touch with us today.