Is your Small Business Cyber secure? And what can happen?

Even if you’re a small business you are still at risk…

Small businesses are 3 times more likely to be attacked by hackers than larger ones.

Barracuda Networks found that employees at small companies saw 350% more social engineering attacks than those at larger ones.

The main attack is Phishing causing over 80% of breaches.

A local example is in fact the Gloucestershire County Council.

What was the cyber-attack on Gloucester City Council?

The initial cyber-attack took place in December 2021

Benefit payments, planning applications and house sales were all delayed when Gloucester City Council was hit by hackers in 2021. A council report has now revealed the Museum of Gloucester is still being affected by the cyber incident.

In fact, in 2022 it was released that Gloucestershire is one of the least cyber-secure counties in the southwest.

Gloucestershire has been named as one of the least cyber-secure counties in the southwest, with over 24,000 cyber-attacks in the last 12 months.

Gloucestershire fell victim to 24,472 cyber-attacks in 2022 with 23,570 of those aimed at micro to small businesses and 903 aimed at medium to large businesses in the county.

The issues we often come across with Cyber security :

Small companies spend less on Cyber security as they juggle expenses. An antivirus programme isn’t enough to over your business. Even small businesses now store data on the cloud so the antivirus application on your computer is just one small layer. You need several more for adequate security measures.

“But it’s only me that runs the business why would they hack my company?”

If you have customers, you hold data such as Credit card numbers, SSNs, tax ID numbers, and email addresses are all valuable. Cybercriminals can sell these on the Dark Web. From there, other criminals use them for identity theft.

Some examples of data they are after are:

•             Customer records

•             Employee records

•             Bank account information

•             Emails and passwords

•             Payment card details

Small businesses can also be a way of access to larger businesses as we all have our wider connections in one way or another. Whether it is through digital marketing services they offer to larger companies, accounting services, or website management.

Often, we find that small businesses are just very unprepared for ransomware attacks. In 2022 about 63% of small business owners actually paid the ransom hoping they would get the key to decrypt the malware from the attackers. But this often either significantly and financially hits the business back or makes them bankrupt.

If you are a small business that is run by employees, you often won’t have time or money to train the employee in cybersecurity procedures. This is where phishing emails often catch out businesses as their employees open them without the correct training knowing what to spot.

Simple procedures such as not clicking links that aren’t trusted or password best practices are simple steps that are sometimes missed in training procedures.

We hope that we have outlined the threats that can arise for your business, and so that we can help you avoid these. We offer an all-in-one IT service consultancy to improve your business’ security to accompany your IT support and disaster prevention.

If you are concerned if your business is safe from cyber-attacks, get in touch and we can create a security and disaster prevention plan, ensuring all your hardware and data are safe. Call us on 01452 222 000 or email us at hello@pearceit.co.uk.

Passwords have been the traditional form of account security from around the early 90s, however having one singular method of protection on its own is often inadequate.

Many people still choose to use publicly available information about themselves in part of their password. Information like this can often be found on public social media pages or gathered through methods like innocuous looking online quizzes. Are you guilty of using a pet’s name or an old family name as your password?

Because we all increasingly live our lives online, many people have tens - or even hundreds - of accounts. With different combinations of security and password information, it can be difficult to keep track without dedicated software assistance. The daunting task of tracking all this information means people often resort to using one password for multiple accounts. If someone with bad intentions finds this information, they might have access to a greater and more damaging number of accounts than they would otherwise.

There are a few tried and tested methods of making a password more secure. Making them longer and substituting with special characters can lower the risk your password can be guessed by someone. No matter how secure your password is though, it does little to defend against data leaks or sophisticated cyber-attacks on the services that hold your information. Computer Weekly estimated there were approximately 878 million data records breached in January of 2021 alone.

A better failsafe option, that we like to advocate for, is implementing two-factor authentication, often abbreviated as 2FA. 2FA is being increasingly deployed by organisations that hold sensitive information to stop accounts being accessed in the event of a data breach.

In short, 2FA is an extra layer of protection used to confirm the identity of anyone attempting to access an online account. Most types of 2FA fall into one of three categories;

Information

• An extra question at time of login, usually regarding personal information or answers to secret questions

• A PIN number

An item

• A physical item the owner of the account has in their possession.

• A smartphone, to which a verification code is sent

• A fob, like those commonly used for online banking

You

• Biometric security, checking something physically about the person attempting access

• Fingerprints

• Iris scan

• Voice print

These methods can provide a much greater level of security for your accounts than using passwords alone. A growing number of organisations, especially those dealing directly with finances, like online banks or cryptocurrency traders, are implementing some form of two-factor authentication for the invaluable protection it can provide.

There are a variety of tools and methods for employing 2FA, like SMS text codes or software tokens via an app installed on your mobile or desktop. The security benefits mean it’s always worth talking through which options can be effectively implemented. If you want some help deciding the best method for you and your business, contact Pearce IT today, call 01452 222000.

Analogue signals and digital signals are both forms of communication that are used to transmit and receive data. Originally, most businesses used analogue signals, but in the modern age, digital signals were developed and became faster and more efficient in carrying information, mitigating data loss during transmission and ensuring transmitted data is accurate.

Before the end of 2025, the UK will switch off analogue services for phone lines. This is because analogue equipment is expensive, difficult to maintain and inaccessible compared to digital equipment. It's most likely that your business is using digital lines already for phone communication, but many other functions such as security systems, fire alarms, CCTV and card payment systems may be using an analogue line and could potentially stop working when the analogue services are retired in 2025.

If all this sounds confusing or you want to check that your services need to be switched over to digital before the analogue switch off, get in touch with Pearce IT today. Call us on 01452 222 000 or email us at hello@pearceit.co.uk. We are currently offering a free business telecoms review, so contact us to find out more.

On Wednesday 29th March, 3CX Phone System suffered a security incident where a third party exploited a vulnerability in 3CX products.

Since the attack, 3CX have declared that they will be open and transparent in sharing details of the attack and taking action to ensure this will not happen again.

You can read more about 3CX's statement here: https://www.3cx.com/blog/news/security-incident-updates/

In short, 3CX recommends several steps for its users to take to ensure the security of their data and devices:

1. Uninstall the 3CX Electron Desktop Application from all Windows or Mac OS systems.

2. Continue AV scans and EDR solutioning for malware in your organisation's networks.

3. Until further notice, use the PWA Web Client rather than the Desktop App.

4. Subscribe to 3CX's RSS feed where they will provide regular updates to this incident

5. Follow 3CX on social media for updates and security alerts in the future

6. Use 3CX's dedicated support forum if you have any queries or concerns relating to this incident.

In appreciation for their customers' and partners' support, 3CX are extending all customers' subscriptions by 3 months, free of charge. Details of this extension will be provided in an email to all customers.

If you are concerned about the security of your devices, get in touch with us for a review of your telecoms and security.

A recent emerging technology in the IT industry is the increasing use of artificial intelligence (AI). For the past few decades, competent, reliable AI has only been a figment of science fiction, but with the recent release of ChatGPT, a model launched by OpenAI in November of 2022, AI has suddenly become much more powerful and accessible to everyone.

The launch of ChatGPT has the potential to revolutionise a vast range of industries by improving productivity. One such example of a way in which ChatGPT can support a business is through customer support. Many companies including Nike and eBay have deployed AI-enabled chatbots to improve the customer experience by instantly answering frequently asked questions in easy-to-understand terms. Using AI in this way can help companies reduce costs and provide a more consistent customer experience especially in industries such as financial services and e-commerce.

However, many people are concerned about industries' increasing reliance on AI models such as ChatGPT. One such reason for this is that it may put many people out of jobs that can easily be allocated to ChatGPT and completed far more effectively and efficiently than a human ever could.

Another major point of concern in the IT industry particularly is how AI could be used in harmful ways. For example, programming them with bias to produce harmful, deceptive or misinformative content.

There are also significant concerns about potential cybersecurity threats that are posed by these technologies, as attackers could potentially exploit weaknesses in security systems using AI.

One of the biggest risks associated with ChatGPT is the exposure of sensitive information. ChatGPT is trained on vast amounts of data, including proprietary information, personal identifiable information (PII), and intellectual property. Once this information is inputted into the system, it becomes part of its knowledge bank and could potentially appear in other people’s answers.

To minimise these risks, companies must implement strong security protocols and guidelines for the use of ChatGPT at work. This includes clearly defining what types of information can and cannot be inputted into the system, ensuring that all data is encrypted both in transit and at rest, and limiting access to the technology to only those who need it.

As technologies such as ChatGPT continue to advance and improve in efficiency every day, it is important to consider the potential risks and take proactive steps such as extensive testing and guidelines to ensure that new technology is developed and used in a safe and ethical manner, to enable us to reap the benefits of AI, while staying wary of potential threats.

What do you think about the new emergence of Chat GPT and OpenAI?

If you have any concerns on this subject within your business don’t hesitate to contact us!

Call or Email us at 01452 222 000 | hello@pearceit.co.uk

Having flexible onsite support with remote access is such a valuable tool to have in your business. This reduces downtime and gets your business working with minimal disruption if the worst does happen!

Why is cloud backup so valuable to a company?

1.      Avoids accidental deletion – This is the most common issue that arises when it comes to data loss. Human error! If you delete a user by accident or a member of staff does so without realising it, a backup could restore that user either to an on-premises Exchange account or a 365 account.

2.      Data retention policy gaps and confusion – Policies are designed to help companies comply with regulations, laws and internal policies. Even if you do have a data retention policy, having it accessible makes sure it’s protected but easily accessed by employees who may need to see it.

3.      Internal security threats – It is more common than you realise to have internal security threats within a company. Internal threats originate within the organisation itself and usually are carried out by a current or former employee, a contractor or a business associate. For example, if you have an employee that has left the company but you haven’t changed user access to accounts or changed the passwords, then this can pose a threat to the company.  Having a high-grade recovery solution mitigates the risk of critical data being lost or destroyed.

4.      External security threats – Ransomware is becoming more and more of a threat each week. Criminals are finding more ways to infiltrate systems through unsuspecting users. It can be as easy as an employee clicking on a link and the entire organisation’s data being encrypted. Then a ransom will be asked for, in order to lift the encryption. Daily online backup systems can easily restore data to where it was before the attack.

5.      Legal and compliance requirements – Even though Microsoft has its own eDiscovery, having a third-party backup solution that is purpose-built to easily search within a backup is essential. It can quickly bring back data to meet any regulatory compliance needs.

6.      Managing hybrid email deployments and migrations to Microsoft 365 – Whether you are migrating to Microsoft 365 or have a blend of on-premises Exchange and Microsoft 365 users, the Exchange data should be managed and protected in the same way, which makes the source location irrelevant.

7.      Microsoft Teams data structure – Microsoft Teams is not a self-contained application. Data generated in Teams resides in other applications too, like Exchange Online, SharePoint and OneDrive. With this added layer of complexity, making sure all levels of this data are secured for the businesses is imperative!

Summary

The ever-changing environment of technology means that, as companies, we have to be constantly aware of the threats and how they can, in the worst-case scenario, affect our data backups.

Pearce IT has many years of experience in providing businesses with IT Solutions to a diverse variety of clients across a breadth of sectors. This ranges from a single PC setup to multiple site organisations. Your IT security should be at the top of your list, to protect all YOUR data as well as to protect all of your clients’ data.

If you would like to find out how we can resolve any IT data backup issues, then please get in touch for a quote today!

Call or Email us on 01452 222 000 | hello@pearceit.co.uk

Usually, when a customer first gets in touch with us, it’s with one service in mind, something that they need at that moment in time. However, we have so much more to offer, where we can collectively support you, protect you and guide you to safer technology and IT solutions for your business.

On our social media recently, I’m sure you have seen that we have been talking about consolidating your IT and creating a plan for the coming year. Well we would love to offer you a helping hand towards creating an IT plan for your business for 2023!

Did you know about the wide array of products we offer to consolidate all of your technology needs?

Here are some of the key services we can offer you:

Online daily backup

Up to 30 copies of your data are stored securely within the UK. You’ll gain 24/7 access to work on your files through any internet-enabled device such as a smartphone, tablet or PC/laptop. Business Grade Online Backup doesn’t need to be expensive with plans from as little as £12 per month.

Cloud-Based Desktop

Solutions to access your desktop from any internet-connected device.

Cloud Drive

Onsite IT Services connect all your technology together. Whether your business is a small home office or a multi-site organisation, Pearce IT can help store your data securely, with access from all your devices.

Bitdefender Antivirus and Security

Protect your data from viruses and malware. Our clients have a zero infection rate, thanks to our Antivirus and Malware protection.

VoIP Telephone Systems

With Voice over IP (VoIP), you can have your own number which belongs to your business with telephones in any location.  Whether you want a non-geographic number or a regional number for your satellite offices, VoIP technology can help you.

Internet Access

Internet and broadband for business – solid, secure and reliable connectivity on demand. This can range from 4G dongles to fibre broadband and leased lines.

Intelligent Email Signatures

Custom designed email signatures for your business that even work with smartphones and tablets. We can also create bespoke signatures for your business too.

Microsoft Office 365 Backup and Archiving service

Protect your business communications and files with an extra level of security.

IT Consultancy

Pearce IT are proud to be a Microsoft Silver Partner, which enables us to advise and implement Microsoft Office 365 into your business.

We can offer our expertise in GDPR compliance, Disaster Recovery and Strategic IT planning.

IT Hardware

The hardware we supply is not only up to the job now but will be sufficient for its lifetime of service.  We are often asked “how much RAM do I need?”, “What’s the difference in processors?” and “how much space do I need?”. Our knowledge of systems and requirements is second to none.

So why have all your IT managed by one company?

Outsourcing is great, but if you have lots of different suppliers, managing these effectively is time-consuming, so saving time by using a single company for all your IT needs makes sense. You’ll have a single company to contact for help and support and a single invoice to pay, giving you more time to run your business. Not only that, but by having everything under one roof, you get a seamless service too.

Pearce IT Limited has built up a strong local reputation as a leading IT services provider across Gloucestershire, and we have a long list of happy customers. We’d love to be your virtual IT team through the life of your business.

Do you need to consolidate all of your IT solutions? Email or call us at 01452 222 000 to see how we can help, or visit www.pearceit.co.uk.

What are the new trends in tech for 2023?

Threats are just as likely to emerge due to improperly secured networks leaving sensitive data accidentally exposed, or unwary or indiscreet employees using non-secured devices while working from home.

A shift to a culture of home and remote working that started during the Covid-19 pandemic and has persisted in many organizations, as well as the spread of the internet of things (IoT) into every area of business and society, means there has never been more opportunity for laid back security to cause headaches and expense.

Cyber security

The more devices we connect together the more potential back doors and windows exist. This is a way that attackers can make their way into secure data. With an increase of wearable devices and smart home technology, they are often not used to store sensitive data, but can be used as gateways for attackers. Having a secure cloud system is a governmental initiative that will be coming into effect, starting in 2023.

Recently, a cybersecurity priority for many organizations has been to secure the millions of devices worldwide that are being used for home and remote working since the start of the pandemic.

However, for companies, it is becoming increasingly apparent that personal devices are also being used for work that isn’t protected by their IT systems. Connecting to networks with non-secured devices can lead to phishing attacks through human error, such as tricking users into sharing passwords.

Addressing Ransomware and threats

Working remotely in large teams can mean that it is possible that the whole team won’t actually know each other. Accounts can be made to impersonate employees. It also increases the threat of ransomware. This is where software is injected into the network that can erase valuable data unless users pay out the ransom. This has caused havoc in lots of large companies losing lots of data. There is a big movement in 2023 that will increase Cyber security measures from all aspects of technology involved in businesses and avoid the worst happening and losing valuable data.

An Example of this was Acer computer design/manufacturer.

Using a Microsoft Exchange server vulnerability, Revil hackers gained access to Acer data and leaked images of personal spreadsheets and financial documents. A hefty ransom of $50 million was requested. However, Acer has never confirmed whether the ransom was paid or not.

MFA

With Cyber security increasing in 2023 we have grown to understand the term ‘2FA’ Two Factor Authentication. However, it is likely technology will be moving to ‘MFA’ Multi-factor authentication. This will be where there will be more than two levels of security to access data and personal accounts, etc.

GDPR & AI regulations

The UK is changing the GDPR regulations to its own British data protection system. This reshaping will be more business and consumer-friendly. This has come into effect as a result of Brexit and post- covid working changes.

The privacy field has been expanded in terms of what clients are interested in and where the trends are coming from.

Everyone is digitalising post-covid. Rapid digitalisation means the need for updates for the GDPR standards.

Transparency and consent are the main areas of update in GDPR. Transparency - more detailed and informative privacy notices are required; the purpose of, and legal basis for, processing must be explained. Consent - must be freely given, specific, informed, and unambiguous; consent must be provided by clear affirmative action.

Securing faster broadband

These days, fast internet services are massively important for businesses, with nearly every business having some externally facing presence, be that a website or a customer portal. More everyday than this though, is the constant traffic that connects your business operations to the outside world. Email, video messaging, conferencing, chat and VOIP telecoms all require a constant and steady internet connection to work effectively. More recently, we’ve seen the movement of entire suites of software to the cloud, removing the need for many businesses to spend much-needed capital on large equipment purchases. You can now use extremely powerful design-oriented or code-crunching computer hardware remotely, with the actual hardware located in a data centre anywhere in the world and allowing interface by the user over a browser or an app session. 

This is a revelation for many industries, and can allow businesses to grow well beyond the limitations of their physical assets, but with all these services and software systems needing bandwidth, how do you leverage the awesome power of modern cloud systems if your internet connection is terrible? 

Finding a solution to bad business broadband  

You can certainly look for the best deal in business broadband among the ISP’s out there that offer these packages, but normally the speeds you receive will be around the same as a standard consumer broadband deal. As many businesses sit on industrial or commercial parks or estates that are ageing, this isn’t ideal, as during business hours everyone in the locale is online using outdated copper-bearer lines from their local cabinet. 

Wouldn’t it be great if you could get a supplier that could install super-fast fibre to your premises, assuring you of fast speed and high bandwidth, all day every day? Well, you can, with a Fibre line from City Fibre. 

What’s the difference between that and my standard fibre broadband deal? 

CityFibre owns, operates and maintains Fibre to the Premises infrastructure in over 60 cities in the UK. As of 21 March 2022, 1.5 million premises have been connected to the CityFibre network. Getting Fibre to the Premises (or FttP) from CityFibre ensure much higher speeds and availability resulting in a solid and fast connection to the outside world, with no risk of contention from other broadband users on copper infrastructure in the surrounding area. 

If your business broadband is faster and more stable than standard broadband connections, this allows your businesses to use cloud resources to their full potential. Whereas it’s fair to say that installation of a fibre line to your premises does come at a cost, higher speeds and functionality for network-dependant services in your business will provide a great return on investment over time. 

How do I get the best internet connection for my business? 

Currently, depending on location and availability, Pearce IT can offer your business the ability to realise its full potential through a fast Fibre to the Premises connection through City Fibre at up to 1000 Megabits per second, for both Upload and Download.  

This will allow you to pass all your essential business services through a lightning-fast connection, with astoundingly high uptime and less contention. You may even be able to leverage this better connection to give your business a way to access resources that were unavailable before. 

City Fibre lines from Pearce IT can be particularly useful if your business has heavy cloud-resource users, or has large teams working collaboratively from remote sites, or on documents stored in cloud locations. As most businesses now use cloud resources of one type or another, a faster and more stable connection gives you the edge and ensures that your workflow doesn’t suffer during peak usage times. 

If you’re looking to get better speed and quality for your business broadband, then get in touch with us today via the site contact form, or by phone on 01452 222000, and ask us about our City Fibre packages. 

The Big Digital Switchover You Might Not Know About…

All over the UK there’s a focus from ISP’s and customers alike to get faster and faster network speeds and more bang for their buck on their fibre and standard broadband packages. With most UK households now having an array of internet connected devices, and the vast majority having more than one TV (we’ll omit the term ‘smart’ here, as it’s actually become very difficult to buy a TV that doesn’t run an operating system), as well as other entertainment devices, like games consoles, PC’s, and systems like Alexa or Google Dot, demand for network services is at an all-time high, and only looking to increase.

More devices being used at the same time mean those devices will be using more bandwidth, hence more total demand on the line, and the need for ‘faster’ or higher bandwidth broadband supply.

Supply, Demand, and Broadband

With demand ever-increasing, you’re eventually going to find an obstacle to supply, and in this case it’s the good ol’ laws of physics, as there is a limit to what can be done on the, now rather antiquated, copper bearer lines that have been the backbone of the UK’s telecommunications network for decades.

This means that two things need to happen. Firstly, it means investment in new infrastructure, and that comes in the form of full-fibre networking, to get the fastest speeds possible, as efficiently as possible. This rollout has been ongoing in the UK (albeit slowly) for many years and looks set to take a few more years yet before the project can be signed off by the UK government. Even then, there will be areas of the UK (streets, roads, and lanes too remote to access, or with too much groundwork to do to fully replace copper with fibre) where a physical change to fibre-optic lines will be impractical or too expensive to be covered under the plan, which means that, secondly, any older copper infrastructure that stays will need to be cleared of any unnecessary baggage to maximise its effectiveness.

This means that the Public Switched Telephone Network (PSTN) analogue signals, which have been directed along the copper infrastructure since the UK telephone exchange was invented, will stop.

Analogue vs Digital

Working with analogue signals is markedly different from digital signals. Transmitting and receiving data via analogue methods uses an electromagnetic signal (also known as a waveform) that varies in its wavelength (how far apart the peaks of the signal wave are) and amplitude (how high the peaks of the signal wave are). This is generally more variable, and more accurate than digital signals, which are just made up of a series of ones and zeroes, or on-off states. Digital signals can carry information faster though, and that’s more important in the modern age. It’s also significantly easier to encode and decode digital signals accurately, and ensure lossless delivery of information.

Switching analogue services to digital is nothing new in the UK; television went the same way, with all analogue signals being switched off on 24th October 2012, marking a switch to fully digital terrestrial television services. And so it will be with phone-lines, with a switch to digital lines being in place before the end of 2025.

Retiring the analogue service for phone lines means that those maintaining the analogue equipment don’t have to devote time and money to ensure ageing infrastructure carries both analogue and digital signals. Analogue equipment is rare, expensive, and hard to maintain when compared to digital equivalents, and all the innovation in electronic communications is taking place in the digital format.

What does an analogue shutoff mean for businesses owners?

It’s highly likely that you’re using digital lines for much of your business function, but in many cases, business owners are running more than just phones over their phone lines; Intruder and Fire Alarms, Point of Sale and Card Payment systems, CCTV, Access Control systems, secondary data lines for emergency internet access – the list of possible services being carried by your analogue line could be quite long. Obviously, if these services are not switched over to a digital subscriber line before the analogue shutdown, they will cease to work when that analogue line is switched off.

The good news is that all these services function much more effectively over a digital line, and if you are still using an analogue phone instead of digital VoIP services, you’re missing out on all of the great things that digital phones bring to the table.

In short, moving from analogue to digital will allow our national network infrastructure to work smarter, harder, and faster. If you need to check if you’re ready for the switchover, or you’d like to see about updating your network, telecoms equipment, or you’re interested in making your business more resilient or more effective, then get in touch with Pearce IT today. Call us on 01453 222 000 or use the contact form on this site.