Have you ever sent an email to the ‘wrong person’?

How often have you accidentally sent an email to the wrong person?  It’s so easy to do. You’re busy, and it’s urgent. It must go out immediately! You press the send button and instantly realise it’s gone to the wrong recipient, or multiple recipients.   999 times out of a 1,000 this isn’t going to be an issue.  You recall it, apologise to the recipient(s) and they delete it ~ no harm done!

What happens when that email contains sensitive data? Data that you are liable to protect under GDPR rules?   This can be classed as a data breach, and may be a reportable issue under GDPR legislation. It could mean that your organisation is fined, leading to all kinds of issues.

CASE ~ Gloucestershire Police were fined £80,000 by the Information Commissioner’s Office (ICO), relating to an email breach on sensitive data! An officer sent an update on a case to 56 recipients by email.  He used the TO field, rather than the BCC (blind copy) field.

ICO Head of Enforcement Steve Eckersley said:

“This was a serious breach of the data protection laws and one which was likely to cause substantial distress to vulnerable victims of abuse, many of whom were also legally entitled to lifelong anonymity.

“The risks relating to the sending of bulk emails are long established and well known, so there was no excuse for the force to break the law – especially when such sensitive and confidential information was involved.”

It’s easily done and mistakes happen, unfortunately this isn’t an excuse under GDPR rules!

TAKE STEPS TO PROTECT YOURSELF

  • USE ~ Email encryption or password protection for files where personal or sensitive data is being sent. Alternatively, look at sharing it by secure file sharing rather than email.
  • TRAINING ~ Staff awareness training is imperative.  Staff not only need to be aware of possible hacking/phishing, but also how important it is to be vigilant and precise at all times when handling personal data.

CT Business Solutions are IASME certified, and we can help with all areas of security including secure file sharing, email encryption and staff awareness training.

Don’t wait until this becomes a problem. Get in touch TODAY and allow us to put processes in place to ensure that you are doing everything possible to protect your business and the data you hold.

ERIC ARNOTT ~ Director

T. 0161 798 4336

GDPR Myth: You must get fresh consent from your clients to comply!

 

As an IASME Certified body we are ‘all things GDPR’. Having said this I know that it has become increasingly infuriating for a lot of small companies who get bombarded with information, which isn’t necessarily correct!  So, I thought I’d do a bit of myth busting for you.

GDPR Myth: You must get fresh consent from your clients to comply!

 

You do not need to automatically refresh all existing consents for the new law. GDPR sets the bar high for consent, so it’s important to check your processes and records to be sure existing consents meet the GDPR standard. If they do there is no need to obtain fresh consent.

What meets GDPR Standards?

Where you have an existing relationship with a customer who have purchased services or products, fresh consent may not be needed.

Remember, it may not be appropriate to seek fresh consent if you are unsure how the information was collected in the first place. This indicates that the consent wouldn’t have met the GDPR standard under our existing Data Protection Act. In all honesty you probably don’t have the right to keep, or use the data!

Some of the Myths we’ve heard are, ‘GDPR says I’ll need to get fresh consent for everything I do’ – categorically this is incorrect.

Think about whether you need fresh consent before requesting it. Don’t forgot to put in place terms and conditions for people who may wish to withdraw their consent. Ensure your unsubscribe option is fully operational.

Please be mindful that if information isn’t clear and easy to understand, organisations risk non-compliance as it isn’t clear what they are consenting too.

Being open and transparent is a key element of the GDPR – informing people how their data will be used. Before sending emails, you should consider the best point of contact for the customer. When emails are the best point of contact, consider embedding useful information and links on your company’s emails so customers are aware of how you use their data.

Some have said that they will lose customers by collecting fresh data and following GDPR guidelines, on the other hand customer engagement and trust are key. Is having a database of 8,000 unengaged clients better than a database with 500 who reply on a regular basis to your offers and promotions?  Quality is key.

Scaremongering about consent persists, but headlines still often lack context about the different lawful bases organisations could consider for processing personal information under the GDPR.

For processing to be lawful under the GDPR, you need to find a lawful basis before you get going. There are six lawful bases available, which you would choose depending on your purpose and relationship with the individual.

If your still on your journey to compliance you should continue with your efforts to comply. The 25th May deadline has been and gone but that doesn’t mean you can ignore it. Remember this date was the start rather than the end of GDPR Compliance. Organisations need to sustain this is the best way to take people with you on your business journey.

 

ERIC ARNOTT ~ Director
CT Business Solutions (N Mcr)

GDPR – Announcement from CT

 

GDPR Ready

CT Business Solutions (N Mcr) are pleased to announce they are now fully certified to both IASME Governance Standard and Cyber Essentials; both recognised standards regarding data handling and security for business.

Managing Director, Eric Arnott, states “as a provider of IT support it was imperative that we ensure that we are compliant with all the requirements necessary to ensure that we are ready for GDPR coming into force on 25th May 2018”.

Eric is also an IASME certified assessor, which means that CT Business Solutions are now able to advise and consult on all aspects of data governance, up to the IASME Governance standard and Cyber Essentials.

 

 

 

If your business isn’t prepared for GDPR then get in contact –

0161 798 4336

eric@ctsmanchester.co.uk

——————————————————————————————————————————————————————————–

Ransomware ~ Protect your business

WannaCry – Petya #Ransomware ~ Protect your business

Action not reaction : Prevention is always better than the cure!

Two very recent ransomware outbreaks “WannaCry and Petya” literally put every IT and security team around the globe into reaction mode! These new outbreaks aren’t going away and will continue to seek out vulnerabilities in business IT security. It’s time to take action – NOW.

Petya ransomware spread its way across 65 countries in a matter of hours! WannaCry and Petya are a new breed of ransomware, allowing explosive propagation throughout organisations worldwide.  It’s imperative that businesses understand the repercussions of these attacks, and more importantly how to protect themselves.

Petya is a prolific outbreak of ransomware that attacked computer servers all across Europe, particularly in Ukraine and Russia. The ransomware spread using vulnerabilities found in Microsoft Windows; vulnerabilities that Microsoft patched in March 2017 for the Eternal Blue exploit.

It begs the question if the Microsoft giants released a patch why were so many businesses hit? Basically they ignored the windows updates / patches!  Have you ever said “I’ll sort that later”.  Later can be too late.

What is Ransomware?

Ransomware is viruses that locate and attack vulnerable unprotected servers. They hijack computer data, infecting and encrypting all the user’s files and displaying messages demanding a Bitcoin ransom – literally demanding a payment to get your company information returned.

Any IT savvy and business will have backups, but not necessarily recent ones (backups should run every evening!). Any business without a solid backup are faced with the decision to pay up or lose their data.

How to Protect Against Ransomware

Luckily, there are various safeguards you can take to protect yourself and your clients from Ransomware. If it all seems too time consuming, or daunting – get in touch with the team at CT Business Solutions (0161 798 4336) or email info@ctsmanchester.co.uk.  It doesn’t have to be painful, or expensive to put procedures in place to put in place great protection and procedures. The expensive bit is NOT putting protection and procedures in place.  Here are a couple of easy ways to start getting your IT security in order.

Patch, Patch, Patch

It really can be that simple. The best way to protect is to stay up to date with Windows patches.  Also by educating users about what to look out for.

Antivirus –– Antimalware

Ensure that your entire network and PC’s are covered by reputed antivirus and antimalware products.  Free options out there aren’t necessarily doing the job YOU need them to do.  The paid versions are continuously researching, updating and adding patches to security as attacks occur. If you’re unsure about the best products to use give us a call.   In recent attacks the products used on CT clients’ IT infrastructure didn’t suffer a single breach worldwide!

Educate, Educate, Educate

For a business that didn’t keep up to date with patches, if they have basic security tools in place, such as antivirus, antimalware etc. they would be protected from any damage from these attacks.  The issues arise when the internal education of employees is lacking. Just investing in these tools isn’t enough. They need to be managed and supported, and more importantly employees need to be educated fully in what to look out for.

Do you have any questions regarding Petya or other ransomware? Are you interested in learning more about how CT Business Solutions can help protect your business against future attacks?
Telephone us today and our team will discuss how we can help. 0161 798 4336

Very best regards,

Eric Arnott

General Data Protection Regulations – What you need to know.

GDPR is the ‘General Data Protection Regulation’ which from 25th May 2018 will affect every single organisation that collects and even handles data relating to all EU residents.

The age of digital is upon us, and continues to gather pace. GDPR has been introduced to ensure that an individual’s data protection rights are regulated fully.

  • What is the purpose of GDPR?

To simplify the free flow of personal data in the EU by applying a consistent data protection framework across the member states.

  • Who does it apply to?

Every single organisation that collects or handles data relating to EU residents.

  • Why you need to start now.

You need to start preparing now. Ensure that you are fully compliant. GDPR requires organisations to develop clear policies and procedures to protect personal data. You will be required to adopt appropriate technical and organisational measures and ensure that all staff are fully aware of these procedures.

Failure to meet all the requirements could cost you 4% of annual global turnover, or Euro 20 million – whichever is greater! Unfortunately data breaches are commonplace, and increase in scale and severity almost on a daily basis.

  • I’ll do it later!

Don’t under-estimate the length of time if can take to put new policies in place. Consider how you will have to dismantle, recreate, adjust and amend your current data protection policies to ensure you comply! Fines of 4% could quite easily lead to business insolvency.

Brexit!

UK organisations handling personal data will still need to comply, regardless of Brexit! This has been confirmed by the Information Commissioner.

 

 

The GDPR will introduce a number of key changes, which you can read in full at – More information about the GDPR >>

If you want to discuss this with CT Business Solutions to start implementation procedures then get in touch with us on 0161 798 4336, or email eric@ctsmanchester.co.uk.

CT will help you understand GDPR in full

  • Assist in its implementation
  • What to do with international data transfers
  • Data subjects rights and consent
  • Ensuring your staff are aware of your procedures.

Best regards

Eric Arnott ~ Director ~ CT Business Solutions

T: 0161 798 4336

How to Maximise Cyber Security for Your Business

Cyber Security is BIG news, but many businesses are still unsure what it’s all about and the implications of a data-breach.  If that’s you then don’t bury your head in the sand. Just ask yourself “Would my business survive a data breach? Would my business survive a data breach fine”?  Probably not, and if it did how would it affect your long-term reputation?

In 2016 Yahoo uncovered one of the largest data breaches in history – to date!  According to IdentityForce.com, Yahoo discovered a breach from 2013 that may have put as many as one billion Yahoo accounts at risk.

With such big-league companies falling victim to cyber security attacks, it may seem daunting as to how you start to implement your own security. Security software is evolving all the time, and responds rapidly to the new ways that hackers find to infiltrate these systems. To the hackers, it’s almost a game of chess – tactical and strategic. So, we’ve provided the following tips which focus on ‘planning ahead’. They’re a great starting point for you and your business – start building up your defence now!

Boosting Cyber Security for Your Business

Computers hold some of your company’s most confidential and essential data. Make sure you’re taking the proper steps to safeguard your cyber information with these suggestions.

·         Install the best security software

First of all, you need to ensure you have security software installed.

Anti-Virus Software – Always purchase a reputable brand. At CT we use ESET because of the benefits and high success rate. Free versions don’t tend to be supported in the same way, or react to new viruses that are emerging almost daily. We can provide anti-virus from as little at £30 + VAT per year!

Anti-Spam Software – This helps prevent Phishing, which refers to the way hackers ‘fish’ for private information (bank log-in, company data, etc.).  Hackers try to steal confidential information by disguising themselves as a typical spam email, or even a trustworthy website. Anti-spam software will help narrow down these phishing attempts, as well as identify and block other types of spam.

·         Secure your network

Just as security software protects data on your computer, a Virtual Private Network (VPN) protects your data online. VPN’s are popular with corporations for many reasons. One of the biggest benefits of using VPN’s is that users have the ability to securely access a private network while in public settings. For example, when you connect to your company’s VPN, you appear to others as being in a different state or country than you truly are. This is a huge benefit for anyone who needs to access data remotely in a safe way.

Another perk of VPN’s is that everything within the network is encrypted. In short, even if a hacker tried to obtain some of the data within the VPN, none of it would be accessible due to the unique connections and fundamentals of the VPN. These are just a couple of the many benefits of securing your network.

·         Back up your data

If your data is stolen or lost, you should always prepare yourself with a backup copy of important files. Consider purchasing an external hard drive to hold essential files. To further secure your backed-up data, be sure to store the external hard drive in a disclosed location. Keep this location for your knowledge only, or consider trusting another individual with the location as well. It’s important to note that this strategy is only secure if the data’s location is protected, too.

Whilst external back-up is important you need to check that the external hard-drive is working. Cloud storage is the storage of data online in the cloud (a physical storage of information across multiple servers / locations) and is owned and managed by a hosting company. Your data is stored in a way that makes it accessible from multiple devices over a network, typically the internet. Check out our cloud solutions at:-

CT North Manchester – Cloud Services

·         Get cyber insurance

Investing in cyber insurance is a trend that is gaining popularity with the ever-growing world of technology. Though underwriting for cyber risks is still not entirely concrete due to the newness of the concept, acquiring insurance can’t hurt the security of your business. You should come up with a list of expenses you would want to be covered by insurance in the event of a cyber-attack. Then, you can research different options and providers to find a plan that is the most suitable. Though cyber insurance generally only covers first-party losses and third-party claims, having an insurance plan in place can majorly offset any future costs due to a cyber security breach.

If you would like assistance on how to secure your business in the best ways possible, contact the team at CT Business Solutions on 0161 798 4336, or via email at info@ctsmanchester.co.uk.  Our knowledgeable staff is equipped to assess your company and help find solutions to keep your business safe. Learn more about our data and network security services here.

Eric Arnott, Director

5 Ways Cloud Storage Can Help Your Business

It would appear that everything is now being stored in that thing they call ‘The Cloud’!  Digital cloud storage of everything from Apple’s iCloud for your music and photos, to Google Drive for your documents and spreadsheets.  It has revolutionised the way business is done today.

The data that exists on Company servers is growing faster than you can store it, and is causing serious headaches for many business owners.  The internal servers become sluggish due to being overloaded by large amounts of data, which in turn causes issues when it needs to be accessed.   Sound all too familiar?

At CT Business Solutions we’ve identified five ways in which moving to Cloud storage will help your business. Helping you to streamline processes, and get back on track just by moving to an efficient digital storage platform.  So no more misplacing of important documents, issues with inefficient file sharing, or lost time waiting for large files to load!

1. Save on the Cost of Technology Infrastructure

A significant portion of a business’ day to day work is done on computers. From editing documents and spreadsheets to creating reports, files are created and modified regularly. Each time another file is saved on your server, storage space decreases. Buying and maintaining new servers to grow the size of your digital storage costs money. With cloud storage, you eliminate the need for costly internal servers. Running out of digital space no longer results in a panicked order for another server, it is a quick call to your cloud manager to ask for a storage increase.

2. Reduce Your Company’s Energy Consumption

Becoming eco-friendly is one of the top items on many organizations’ to-do lists. Internal servers draw a lot of power as they operate. If you are looking for ways to be more environmentally conscious as a company, making the switch from servers to cloud storage can drastically cut down on the utility bill by saving energy.

 

3. Safeguard Against Data Loss

From server failures and employee mistakes to natural disasters, data loss is a major concern for companies. With the increased reliance on digital files, cloud storage can help protect your business against significant data loss. When your records and data are stored in the cloud, you don’t have to worry about a power failure or flood wiping out the digital lifeline of your company.

4. Data When and Where You Need It

Having access to files is one of the most important aspects of having a productive day. With internal servers, employees usually can’t access files stored on the server unless they are physically plugged into it. Cloud storage allows data to be accessed wherever you are, whether you need to open the budget spreadsheet from your hotel room or your Photoshop file from the comfort of your home office.

5. Data Stays Safe

One of the main concerns with cloud storage is security. Many incorrectly assume that cloud storage is not as secure as a physical server. Cloud storage technology has multiple security measures in place to protect your data. From file encryption to password protection, your data is safe when stored in the cloud.

If you still haven’t moved to digital cloud storage, then allow us to assess your current internal IT infrastructure and work with you to make your business more efficient and streamlined.

Christmas Online Shopping and Christmas Holidays at CT Business Solutions (N Mcr)

Santa Claus working on laptop computer. Isolated on white background

As much as we keep avoiding the elephant in the room, Christmas is fast approaching (How does time go so quickly?) We will be on urgent call-out most of Christmas but will be shutting the doors for some Christmas Festivities:

Our office will be closed from 6.00 p.m. on Friday the 23rd of December 2016.

We are on call for urgent breakdowns – Wednesday 28th, Thursday 29th and Friday 30th December from 8.00 a.m. until 6.00 p.m.

The office will reopen fully on Tuesday 3rd January 2017.

For all of you out there starting to panic about last minute shopping we thought we’d share these ‘stay safe’ tips!.  MERRY CHRISTMAS and a HAPPY NEW YEAR – 


Safe Online Shopping Tips for Christmas and the Bank Holiday sales!  Happy Shopping

The 12 days of Christmas countdown has commenced!  People start to hit ‘panic-shop’ mode – Not enough shopping days left! No annual leave!    Don’t get carried away.  As more and more people turn to online shopping to avoid the chaos that is Christmas, so do the on-line Grinches! Determined to ruin your Christmas.

So while you shop from your comfy armchair you still need to be vigilant! While online shopping takes away the threat of pick-pockets there is still the big threat that someone is stealing your personal information if you don’t take precautions for safe online Christmas shopping.

 

  1. Don’t let ‘Grinch through the door’ – The number one way to protect your devices and data is to install mobile anti-virus software and make sure it’s up to date.
  2. Ho-ho-hold on before you click on a link delivered to you in an email. If the offer seems too good to be true it probably is!   It could be a “phishing” scam, where shoppers who click through are led to a false site developed to steal their data. Good practise is to enter the website name by hand into your browser.
  3. Santa’s watching! And so are thieves unless you lock your device. Webroot found that a surprising 53% of respondents leave their devices unlocked, which can expose their personal information to prying eyes. Most devices request that you lock it with a password or code; take advantage of this feature to keep your information secure.
  4. ‘Appy holidays: For safe online shopping, make sure your apps are downloaded from a trusted source, such as the Android Market, Apple App Store or the Amazon App Store. When you download the app, it will ask for various “permissions.” Be sure to read through them and note whether they make sense.  For example, does a shopping app need access to your contact list? Another way to check on the safety of apps is to read through the feedback in the comments section of the market and choose apps with a high rating.
  5. There’s no place like home at Christmas … for safe online shopping. Remember, a secure network connection – (i.e. most homes or workplaces – is ideal). Public Wi-Fi can be hacked by someone with the right tools, exposing your passwords, billing information and other sensitive data. Therefore, if you’re using a public connection, it’s best to limit yourself to window-shopping and price comparing, rather than buying.
  6. Deck your halls: A security app is more than ornamental window dressing – it’s vital for online shopping. Webroot found that only 40% of respondents have a security app installed on their smartphones and tablets, putting their devices and personal information at risk. Take a hint from older surfers: While younger users more often use their devices for shopping – to place orders, compare prices and download coupons – the survey found that users aged 50 and older were more likely to have security on their device.

Above all, to stay healthy and wealthy, you’ve got to be wise. Just as you would exercise caution with your wallet and belongings in a crowded shopping centre, remember to be as vigilant online. Keep your cyber information secure.

Xmas-Snowman-pic

If you need any IT advice or support get in touch with the team at CT.  (T. 0161 798 4336).     In the meantime have a fantastic Christmas and New Year.

#WEBELIEVE

Best regards

Eric

 

Do you worry about your Company IT security?

Computer Security Switch Shows Laptop Internet SafetyCT Business Solutions (N Mcr) are a specialist IT Company based in Bury. We are constantly striving to enhance the security options available. So if you WORRY about any of the following questions, get in touch to discuss how CT can give you peace of mind over your Company IT network.

  1. How can I protect my network against external threats?
  2. How can I stop spyware and adware infecting PC’s?
  3. How can I monitor what is being accessed online?
  4. How can I restrict access to specific websites, and / or website categories?
  5. How can I restrict Facebook access to general staff, but allow it for the marketing and sales people?
  6. How can I set what is allowed on the desktop PC’s to be different to what can be accessed via a mobile phone?
  7. How do I protect laptops when being used out of the office?

All of the above are questions that should be being asked of your network.  We all use software, antivirus and malware removal, but these solutions only stop infections from spreading as they are removed as soon as they are seen.  What if it’s a new virus that’s never been seen?

Monitoring and restricting internet activity helps to avoid this, and helps with compliance of your Internet usage policy ~ enforcing a strong policy can also affect staff morale.  Recent studies have shown that a company with a more flexible internet usage policy has better staff retention rates.  Just because one device is restricted doesn’t mean that everything has to be. By using Cloud based security you can reduce the amount of harmful material from ever reaching your network and servers, without setting over the top internet usage policies. But everything in your network remains protected. If you have laptops in your company that are used outside of the building, then our new cloud security product will continue to protect them ~ no matter where in the world they are.

ALL THIS CAN BE AVALIABLE FOR AS LITTLE AS £3.25* per user per month.

*Initial 6 month trial price – increases to £4.50 per user per month.

Call Eric or Darren on ~ 0161 798 4336

Is Microsoft Office 365 Right for My Office?

office 365While Microsoft launched the cloud version of their popular applications and productivity products in June of 2011, most small businesses are still trying to figure out what this product means for their company.  Should they continue to pay for and use the premise based software as they have always done, or should they move to the subscription based cloud offering?  Unfortunately, the answer to that is not any clearer today than it was in 2011 and requires research and guidance.

There are many potential benefits to moving your small business to Microsoft Office 365, but there are many challenges to consider.  Each business needs to assess how the benefits and challenges will affect their needs, goals and work culture.

THE GOOD NEWS

Microsoft Office 365 may be the next generation of the business applications you have relied on for years, but offers benefits for todays’ more flexible and mobile work environment.  For example:

Security and Reliability – The biggest concern for businesses using the cloud is the feeling of losing control of your business critical data.  The Microsoft cloud-based products offer the highest level of security and boast of a 99.99% “financially guaranteed” uptime.  Also, your data is already on the cloud and therefore is automatically backed up.

Scalability – Unlike the premise based office products that you have bought in the past, Office 365 allows you to grow, or shrink, your investment in Office applications as your business requires. 

Mobility – As more employees work offsite, the majority of O365 plans allow users the ability to access their Office applications and data from their mobile devices through mobile apps for Windows phone, iOS and Android. 

Desktop Productivity – Each Office 365 subscription provides you with a fully installed version of the Office applications on all of your devices.  One subscription allows you to install Office on 5 devices, giving you a consistent experience across all of your technology.

Multiple Package Options – Currently there are three packages available for business that range from £3.10 per month per user to £7.80 per month per user.  This allows you to select the most appropriate solution and benefits for your business, but also each individual user in your office.  You can mix and match plans to truly fit your needs and budget.

microsoft

THE CHALLENGES

Privacy – All of your organizations private data will be housed on Microsoft’s servers, and for legal reasons, data housed outside of your organisation may not be an option. 

Subscription – Depending on the size of your organization, having more recurring fees may not be the goal to upgrading. If you recently upgraded or the current version of Microsoft is meeting your organisation’s needs, migrating at this time may not be in your best interest. For a complete break down on price to plans for Microsoft Office 365, click here.

Software Limitations – Hosted applications like SharePoint Online and Exchange do not have the ability to allow the same capacity limits that on-premise counterparts provide. A specific example is the recipient rate limitations, or the number of recipients inside or outside of your organisation that can receive an email in the span of a day. Subscription sizes vary and range from 1,500 to 10,000 users. Other software limitations include mailbox size and site collection quotas, make sure you aren’t going against limitations when deciding to upgrade is very important.

Network and Internet Access – If your internet or network goes down, you cannot access your data.  Microsoft does not control how you access the internet so they cannot be held accountable if there is an outage with your Internet Service Provider.

Soft Costs – The most obvious cost is the necessary subscriptions you would select for your business, but you also need to consider the costs of properly migrating your data, setting up of accounts and training on the new solution. 

WHAT SHOULD I DO?

Before moving your business to Microsoft Office 365, make sure you weigh all of the pros and cons against your organizations needs and goals.  The reality is that Microsoft Office 365 will at some point be your only option for accessing the Office applications you have come to rely on.  Today, the decision is still up to you.  For assistance with deciding if Microsoft Office 365 is a good fit for your business, consult with the technology experts at CT Business Solutions  today for a free site survey!    T. 0161 413 9390.