backup and recovery

Reducing cyber-risk through External Penetration Testing

Without PEN Testing, hackers can exploit unidentified weaknesses in your network security Today, maintaining network security is increasingly complex, with more organisations than ever being heavily reliant on a varied range of systems to operate. Gone are the days of a simple PC with a hard drive, amongst many businesses there is a move towards combining flexible and agile mobile devices and tablets with Cloud technologies for; network access, sharing, collaboration and storage. While these developments may transform how your business operates, they create a complicated mix of assets that can leave you susceptible to the ever-increasing risk of cyber-attack. With Vulnerability Monitoring, you can check how secure your network really is, and most importantly, you are enabled to keep your data safe. Why is the risk of cyber-threat increasing? The working landscape of a typical business has changed, and the threat of attack from cyber criminals is increasing as a result. Employees can now work from home, work on the move and work from hot desks for some or all the time. Work devices may be used, which have a level of security installed, but workers’ own devices with less security may also be used to access your network, send and receive emails and files, or search the Internet. The nature of your business may also mean guests have access to your network, and all of this creates the opportunity for hackers to attack in diverse ways. Unfortunately, too many businesses have focused on the benefits of the new technologies and have not paid as much attention to the security implications. Left unchecked weaknesses can be exploited, leaving critical data vulnerable to the spread of a paralysing virus that could result in it being irrevocably damaged or lost. What is the value of External Penetration Testing (PEN Testing)? Understanding how exposed your network is to attack, is key to reducing risk. External Penetration Testing can help to keep your network secure by making visible any of its problem areas and vulnerabilities. It does this by simulating an attack, which is then used to assess your weakest points and/or assess a specific area of interest to your business. PEN Testing offers: continuous network monitoring reports on exposure levels of different resources alerts as to where the most immediate risk is remedial approaches to secure the weaknesses. The value of PEN Testing is in its ability to demonstrate where your system is vulnerable, and whether any of your critical data can be accessed from an outside source. Weaknesses are revealed by attacking your infrastructure in the same way a cyber-criminal would, but without facing the same level of threat. Once any holes in your existing defences have been identified, you then have the opportunity to seal them to maintain the integrity and confidentiality of your data. Reducing your exposure with ASL’s Pen Testing services Trying to defend yourself from attack, when you don’t know when or where it is likely to come from or what form it will take, can lead a business to either ignore the problem altogether or spend much more money than necessary. Many take an uninformed approach and make the mistake of investing in a range of security tools they hope will solve the perceived problem. This may actually increase your exposure as the wise course of action would be to seek expert advice. At ASL, we are highly experienced in protecting businesses from all types of disasters. We offer PEN Testing services in partnership with Tenable.io, who are specialists in identifying and securing against cyber-exposure. Our service does more than address misconfigurations and bugs in your system – it also includes: hacking/virus detection and prevention footprinting and system fingerprinting port scanning service testing/probing password strength testing DNS analysis. In addition, we also offer advice on how to manage your IT security vulnerabilities moving forward. For further information on how ASL can help you to protect your network security from cyber-attacks, call our Sales team on 0345 862 0350.

Cyber-attack – why having no backup and continuity plan could be terminal for your business

Your small business is now the preferred target of the cyber-criminal UK businesses still have a lot to do regarding effective backup and continuity planning in the event of a cyber-attack. Despite the clear rise in documented cyber-crimes against UK Businesses, a worrying number remain ignorant to the severity of the risk. Many incorrectly conclude that it will never happen, choosing to believe that their size or niche would not be of any interest to the cyber-criminal. However, failure to take the appropriate steps to adequately protect yourself could result in costing you more than just money. What are the most common forms of cyber-attack? Your enterprise can be targeted in a number of ways; the most common being: hacking/spoofing phishing/spear phishing malware DoSA ransomware. Any network, large or small can be open to attack. But if it is not continually monitored, patched or updated, you are leaving yourself vulnerable to developing exploitable weaknesses. Consequently, you could face your data being encrypted, damaged, lost or stolen, which could have disastrous implications, particularly if sensitive personal information is involved. Prioritise acting now, and protect yourself from cyber-attack EU regulations implemented in 2018 govern the protection of personal data. Not taking cyber-security seriously could mean non-compliance with the General Data Protection Regulation (GDPR). This, in turn, could result in a fine for your business, which could be as much as 4% of your turnover. Obviously, this could be catastrophic for any business, which is why being proactive about cyber-security and planning for a cyber-attack is a must. The action you can take now includes: updating your passwords installing the latest versions of antivirus/malware software regularly updating software/patching training your staff to make them aware enlisting the help of a professional to effectively identify vulnerabilities, detect and stop attacks and planning for continuity in the event of the worst happening. ASL can help you protect your business from attack Data that has been researched and published by our partner, Symantec, identifies how small businesses are being targeted with spear phishing. More than 52.4% of all reported attacks, where an apparently trusted email is used to elicit personal information from the recipient, were against SMEs. The statistics clearly demonstrate that hackers are very aware that a smaller business is less likely to defend itself as vigorously as larger ones, and will take advantage wherever possible. However, by combining our expertise in cyber-security with that of Symantec, we can help you: plan for disaster and assist with continuity services advise on how Cloud technologies can help with security recommend tailored cyber security solutions in line with your specific needs and budget The main issue is lack of awareness of the threat as well as the consequences of doing nothing to mitigate it. As experts in systems monitoring and cyber-security, we can help you identify how your business is most likely to be targeted and where the weakest points are in your network that could be easily exploited. Ignoring the problem, and failing to take any action could prove terminal for your business. To discuss how best to protect your business from the increasing threat of cyber-attack, call us on 0345 862 0350 or email sales@aware-soft.com.

Why it is vital to have a first-class cloud-hosting services partner

The hidden pitfalls of transitioning to public cloud-hosting service environments Attracted by cost-saving opportunities at the same time as being able to improve the quality of resources, many UK businesses have transitioned from a privately hosted on-premises environment to a public cloud-hosting service. However, research by ‘415’ has revealed a range of issues that can arise from transitioning, and of the businesses surveyed, 21% advised they were considering a return to an on-premises based solution. A possible explanation for this could be that businesses often underestimate the complexities of switching to a cloud environment and find themselves dealing with issues of reliability and efficiency that are beyond their level of expertise. Working with a first-class cloud-hosting services partner can give you that depth of knowledge and technical skill that reduces risk and enables you to fully benefit from the transition. Public Cloud-Hosting– advantages vs. risks Advantages A public cloud service provider offers resources over the internet, such as software, data storage and applications. For a growing number of businesses, it makes sense to transition their on-premises environment to a public cloud-hosted environment for three main reasons: inexpensive – pay for what you use on an ongoing basis flexible – instant provisioning and on-demand access to high-quality services from any device scalable – easy to expand server base in line with business needs. Another appealing benefit is the ability to take advantage of these high-level services without facing the same set-up costs. Risks The reasons for transitioning your environment to the cloud are compelling, however, without the proper expertise to correctly configure and manage the environment, you run the risk of: uncontrolled escalation of ongoing costs confusion arising from increased complexity using the wrong tools leading to ineffectiveness inaccurate reporting and tracking of digital assets lack of proper support from the providers themselves. Choosing the right cloud-hosting services partner Working with a partner who has the right kind of knowledge and expertise can help you to develop, implement and deploy an effective plan for transitioning, as well as maintaining it properly afterwards. This would mean: costs being kept to a minimum and maintained at a predictable level solving issues of reliability and efficiency faster response times assessment of virtual machine use correct use of tools effective analysis of workloads. With over 20 years of experience in assisting UK businesses with their IT requirements, Awareness offers first-class expertise and technical skills in supporting your business migration to a cloud-hosted environment. We partner with you and your cloud service provider to maximise the advantages for your business while keeping costs at predictable levels. We can offer valuable insight into how your virtual machines are performing and help with aspects concerning efficiency, agility and flexibility. For further information on our cloud-hosting services, call us at ASL on 0345 862 0350.

The dangers of leaving disaster recovery out of your IT budget.

Why disaster recovery should be a necessity for your business, not an option. Many UK corporations take the view that investing in disaster recovery and business continuity is just not necessary and opt to apportion the company budget in different areas. If this is your view, it’s a very risky one and could result in the loss of more than a period of downtime. A significant number of businesses fail to fully recover from the impact of a disaster that they could have survived if only they had had the foresight to plan ahead. So, what stops businesses from planning for the consequences of what could go wrong? Why businesses don’t plan for DR. There are a number of reasons why SMEs fail to plan for how they will recover after a disaster and continue to operate. These include ignorance of the need and/or consequences, thinking it doesn’t apply to them due to size and/or reach of their operation or assuming that their IT infrastructure is secure. However, the three main reasons are: 1. Cost – it is widely assumed the costs associated with implementing a DR (Disaster Recovery) plan are going to be very high. Businesses weigh the perceived cost against what they assume to be a small probability of experiencing a disaster and draw the conclusion that it’s not worth the expense. A ‘we’ll cross that bridge’ attitude is adopted, only to find that trying to deal with the consequences of a disaster when one is actually happening, is too late and costs far more than the initial outlay of an effective DR solution. 2. Lack of outage awareness – many SMEs don’t realise how their business is being affected by small outages and this is likely due to a lack of reporting. Management may assume that their IT infrastructure is solid because they are unaware of any problems. This lack of awareness can accumulate over time to negatively impact running costs and reputation and result in lost business, customer loyalty and productivity. An effective DR solution with appropriate monitoring (see our PRTG product for details) would quickly identify areas in the infrastructure that require improvement and immediately have an impact on efficiency and security of data. 3. Small amounts of downtime are routinely accepted – as par for the course in business and, consequently, they are overlooked or viewed as unimportant. However, what may start as a small problem could exacerbate over time if left unchecked. Disaster could be as a result of human error, a natural event, software/hardware malfunction or cyber-crime but the fact is, the more businesses are relying on their IT environment to support the operation, the more need there is for a reliable disaster recovery solution. Why should you make DR a priority for your SME? Without a disaster recovery plan in place, your business risks: picking up the bill for new hardware/software that may have suffered catastrophic damage paying expensive ransoms as a consequence of cyber-crime (ASL would never advocate paying a ransom) losing income from production/sales losses paying salaries of employees unable to work because the business has ground to a halt security threat to own/client data loss of client confidence inability to recover altogether and facing business closure. How ASL can help with your DR planning and implementation. ASL have over 20 years of experience in helping small, medium and large corporations to plan for and avert the worst happening, keeping you up and running when they need it the most. Our experts can visit you on-site and offer a review of your IT environment and create a disaster recovery solution that is scalable to your business needs and tailored to your budgetary requirements. DR doesn’t necessarily mean having to invest in a secondary data centre. Other options exist, such as Cloud-based Disaster Recovery as a Service (DRaaS), which we will be more than happy to discuss with you to help you conclude which is the best recovery strategy for your business. To discuss your disaster recovery option in more detail, speak to an ASL expert on 0345 862 0350.

Advice on creating a successful disaster recovery plan.

Don’t wait for disaster to strike to decide how to recover from it A surprisingly large number of UK businesses never reopen after a disaster, simply because they did not prioritise the need for an effective disaster recovery plan. Planning now for how you will recover after a disaster is an essential part of ensuring business continuity and ASL have created a helpful guide to get you started. Don’t procrastinate – plan now The percentage of SMEs who have not yet considered how they will recover if disaster strikes could exceed a staggering 50%. However, if you don’t plan at all or leave it until it’s too late, it will take your business much longer to return to an operational state. In fact, the consequences of procrastination could mean not recovering at all and going out of business altogether. Effective planning with clearly defined data recovery strategies could avoid downtime altogether, ensuring your ability to stay up and running while others flounder. Prioritise data to be recovered after a disaster There is an enormous amount of data generated by businesses today and the challenge you face is deciding what data your business needs immediately and what can be left to be recovered later. Trying to recover it all in one go could needlessly increase the amount of downtime you experience and could escalate your costs. Prioritising the data simplifies the process, which increases your ability to bounce back quickly and for less expense. Consider more than one type of disaster Data disaster does not only come in the form of human error or ransomware. Your operation could experience hardware or software failure as well as natural types of disaster, such as fire or flood. Evaluating the impact on your business of each type of disaster will help you to assess the level of risk each one represents, which can then be built into your DR (disaster recovery) plan. Prepare for on-premise and Cloud infrastructure disasters With the rise in popularity of Cloud computing in recent years, there has been a corresponding increase in the need to plan to recover data from that environment. Regardless of whether your infrastructure is Cloud or on-premise based, it’s imperative you are able to recover the data you need when you need it and this should be accounted for in your planning. Define SLAs – Service Level Agreements Whether you have outsourced your DR or you have your own IT department, it is vitally important that data recovery expectations have been agreed by you and your team. If service levels are not defined in this way, misunderstandings could occur, which can negatively impact the level of business continuity that can be achieved. Have a Plan B Ensure your backup plan has a backup plan. Having more than one person who can make decisions and fully understand the nature of the SLA (Service Level Agreement) is extremely important if you want to avoid hindering the successful implementation of your Plan A. Having a Plan B means someone will always be available, regardless of the nature of the disaster or when it strikes. Test, test and test again Testing is a vital part of your planning process. It highlights any weaknesses in your plan and demonstrates where improvements can be made. It also creates a level of certainty that your recovery solution will actually work when you most need it. You should factor in a test at least once a year. A final thought on the importance of updating Updating is not only important for your systems to maintain resilience, but it is essential for your disaster recovery plan too. As your business evolves, your systems, including your hardware, software and how you host your infrastructure, may change. The evolutions in how your business operates must be reflected in your plan or it will fail. For further information on successful planning for a disaster recovery solution, call ASL on 0345 862 0350.

The human error factor in disaster recovery

Ensure business continuity and avoid data loss caused by an internal mistake A key part of any business continuity plan is having a disaster recovery strategy in place that ensures the protection of your most valuable asset: your data. While you may have already planned for threats posed by a potential cyber-attack or a natural event, the biggest threat to the security of your data may be the one right under your nose. The threat posed by the likelihood of mistakes made by your own staff which could result in the catastrophic loss of all your crucial data. This scenario may not only affect you but also the sensitive data you may be holding about your clients. If this happens, you must ask yourself what contingency you have in place to ensure your business survives. The underestimated threat posed by human error According to information received from the Information Commissioner’s Office in the UK, more than 60% of all recently reported data breaches came as a result of human error, compared to not even 10% coming from hacking and inadequate webpage security. If, therefore, the greatest risk to your critical data is an internal one, what can you do to mitigate it? Risk-reducing strategies There are a number of strategies to consider when you are planning for business continuity and disaster recovery; these include: off-site verification/restoration of data automation of data backups storage replication WAN Acceleration to max backup/replication efficiency encryption solutions backing up to Cloud. The off-site verification and restoration of data is regarded as one of the most effective methods of averting data loss caused by human error. This, together with having the right automatic backup solutions in place, significantly reduces the risk if someone pushes the wrong button or unplugs something they shouldn’t. The risks can be reduced even further by adhering to best practice. Recommended best practices for any UK Business The backup of data to an offsite data centre is critical to safeguarding the integrity of your information and is highly recommended as a best practice for any UK organisation. Making sure that your staff are as well trained as possible is another best practice, as they themselves have a deeper understanding of what’s at stake. However, even though your staff may be well-trained data is backed-up to an off-site location and you’ve automated and encrypted as much as possible, the risk posed by human error remains. So, what else can be done? Final considerations Include a strategy that addresses human error in your business continuity planning. If you are not sure how to go about this, our experts at ASL can help you to identify a solution that works for you. Adhering to defined processes is something else to address. ASL can also help define what these should be for your company and how they should be carried out in a way that reduces risk as much as possible. Having the right technology can do much to reduce the risk of data loss occurring due to human intervention. ASL can advise you on the most suitable hardware/software for your business, no matter what size, taking your specific objectives into account. To err may be an inevitable part of being human, but losing data that is critical to your business is avoidable with the right precautions in place. For further information and to discuss how ASL can help you with your DR and BC requirements, call us today on 0345 862 0350.

Provisioning for data backup and disaster recovery

Why is lethargy and ignorance as much of a threat to business continuity as disaster itself? An essential part of maintaining business continuity in the event of a disaster is backing up your data and keeping it secure, because, should disaster strike and your data prove unrecoverable, your business could be forced to close. Regardless of such dire consequences, the fact is, that over 50% of UK SMEs remain ignorant of the risk. Instead of planning for a disaster, they do nothing, risking both their own livelihoods and those of their workforce. Awareness of the dangers and implementing business continuity solutions gives you the opportunity to do something about it, helping to safeguard your business today – and tomorrow. But, what are the dangers and where do the threats come from? Disaster and recovery – obvious threats The more familiar threats to the integrity of your data come in the form of cyber-criminals, natural weather-related occurrences, and human error. Recent high-profile cases point to the rise in ransomware attacks but major disruption has also been caused to businesses by flooding, or people simply disconnecting a power supply. Without a proper disaster recovery plan in place, it could take you weeks to get back up and running. By consulting with an expert business continuity service provider, you can insure your business against such events. The continual automated backup of your systems means that any data lost can be quickly and easily restored in a very short period of time. Disaster and recovery – less obvious threats Moving to the Cloud – as your business evolves, a less obvious threat comes in the form of transitioning your environment to the Cloud. As your data grows in volume and your network expands to accommodate mobile users, adequate backup and recovery and network monitoring are essential to secure your files and alert you to any unusual activity. Lethargy and ignorance – according to market sources, more than half of all SMEs don’t perform a daily backup. The assumptions could be that backup is time-consuming and costly or that they don’t need to because they are ignorant of the consequences or maintain a ‘won’t happen to us’ attitude. The dangers of not having a disaster recovery strategy include: loss of data loss of revenue high cost of replacing costly hardware/software loss of client confidence inability to continue to operate. Reasons to use ASL’s disaster recovery services ASL are a specialist provider of disaster recovery services with 20 years of experience helping SMEs guard against the worst happening. Planning for a disaster means your systems and files are protected against human error, natural disaster or malicious attack, enabling you to continue to operate your business with minimal disruption. We consult with you to fully understand your business needs, and offer tailored backup and recovery solutions that match your requirements. To find out how to provision for data backup and disaster recovery, contact us at ASL on 0345 862 0350.

4 reasons to use Quest Rapid Recovery to restore your IT systems.

Recovering quickly from disaster with Quest Rapid Recovery. Until recently, recovering quickly from a disaster was out of reach for most SMEs. Getting back to a point where your IT systems and data were restored and you could resume ‘business as usual,’ would likely have meant days or even weeks of costly delays. Today, it’s a different story as reliable protection, backup and data recovery from an event that interrupts your normal business operation, can be achieved with Quest RR. Why use Quest Rapid Recovery? IT recovery in minutes – the Quest Rapid Recovery solution is designed to meet the demanding Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) required by businesses today. In the event of the worst happening, the last thing you want is for your business to be exposed while you strive to become fully operational again. With Quest RR, downtime is kept to a minimum. Instead of losing information, or experiencing a lengthy delay until systems are restored, your business-critical data can be available in minutes instead of days. Flexible yet simple Quest Rapid Recovery is easily deployed and scalable in line with your changing business needs. It performs simplified and reliable backups that can be kept for an unlimited period, which means your server infrastructure and data can be quickly restored as your files can be recovered from any point. Powerful protection The advanced replication features of Quest RR, allow you to powerfully protect the whole of your IT environment, whether that’s your data, business systems, or the applications you’re using. All your data can be archived and different recovery options set to fully restore your files. You have the option to restore a single email or file, a drive, data from physical hardware that has been added after the original replication image was created, or you can restore from one virtual environment to another. Peace of mind Protecting your business from disaster with Quest RR offers you peace of mind. The complete offsite replication of your data is backed up to ASL’s datacentre via a base image. Subsequent backups performed are incremental. These backups are then compressed, de-duplicated and replicated to reduce bandwidth and storage consumption. Keep your critical data safe and restore with minimum disruption With ASL and Quest Rapid Recovery, all your business-critical data is totally secure. There are no upgrade backup software license fees to contend with further down the line, plus the equipment we use at our datacentre is the latest Dell servers/hardware, designed specifically for disaster recovery purposes. With Quest RR, you can rest assured that your data is being backed-up at a schedule created to match your business requirements. To find out more about Quest Rapid Recovery, contact ASL on 0345 862 0350.

ASL industry leading IT support services across Manchester, Cheshire and the UK

Wide-ranging IT support available on your doorstep. As a Manchester based IT service support provider, we are perfectly positioned to deliver industry-leading, managed IT support services to businesses around the UK. We have years of experience helping small, medium and large corporations with their IT issues, and offer an extensive range of services that deliver flexibility and value, that can be easily scaled up or down according to your business needs. 6 reasons to choose ASL Fully trained locally based IT experts – we offer first-line IT support services to businesses based anywhere in the UK by phone and email. Wide-ranging IT experience – we deliver industry-leading IT support. We are specialists in Microsoft Technologies, Microsoft Dynamics, Cloud and High Availability Systems. We offer advanced support covering a wide range of hardware and software products – including SAN’s, printers, firewalls, PCs, and SQL servers. We can help you, whatever your requirements and deliver affordable IT support so that you don’t have to pay to hire, train and manage your own IT department. Easy access to disaster recovery – outsourcing your backup and disaster recovery to us ensures your business quickly gets back up and running after a disaster, whether that’s a malicious ransomware attack, human error, power outage or weather-related disruption. With our help, you can remain operational. Onsite Surveys – we provide onsite surveys to give you the opportunity to discuss your business IT support requirements. Cost control – recruiting and training your own in-house IT support team, and keeping them up to speed with every development, can be very expensive. We constantly update our skill set, provide training and keep up to date with developments in the marketplace, so you don’t have to. Stay competitive – because your resources are not being stretched by maintaining your own IT department, you can direct your finances and expertise towards developing your business. To discuss your IT support needs, call us at ASL on 0345 862 0350.

Business continuity and disaster recovery – understanding the difference.

Protecting your business in the event of a disaster. Whether you experience a man-made issue such as human error or cyber-attack, or a natural event such as a fire or flood; being aware that business continuity and disaster recovery are two different things. Can you ensure that you have the right plan in place to safely recover your systems and data in the event of a catastrophe. What is Business Continuity? Business Continuity refers to your ability to continue to do business in the event of a systems failure or disaster. The action you take to recover your data forms part of your continuity plan, but it’s not the only thing to be considered. Issues to do with staff, equipment used, as well as where your business is located, particularly if you operate from several sites, are also included in the risk assessment and subsequent planning. What is Disaster Recovery? Disaster recovery refers to the specific part of your business continuity plan that’s related to the recovery of your critical data in the event of a disaster. Unfortunately, disasters can happen at any time. There’s no telling when the next fire or storm will strike, or when human error, malicious attack or systems failure will occur. Should the worst happen and to avoid it being a fatal blow, you need to ensure your data is regularly backed up and securely stored to make it quick and easy to recover. Guarding against data loss in this way could not only reduce your financial loss, it could also save your reputation and enable you to maintain your customers’ loyalty. Awareness – planning for recovery after disaster At ASL, we have vast experience helping businesses across the UK to develop, design, plan and implement business continuity for disaster recovery solutions. We can: design a bespoke solution tailored to your business needs and budget recover all your networks, applications and business services across all your locations ensure business continuity at remote sites carry out frequent recovery testing for your critical applications define your recovery point objectives (RPOs) and recovery time objectives (RTOs). In addition, should your head office be affected, our disaster recovery solution can make sure your remote sites are not affected. Being able to bounce back with minimum disruption means being clear about what it is you need to do first, and this is where our extensive knowledge and expertise is invaluable. If you have any doubts about your ability to recover after an unplanned event, and want to explore how business continuity and disaster recovery can help safeguard your business, contact us at ASL. Call 0345 862 0350 to discuss developing and implementing a business continuity and data recovery plan.

Find out how our knowledge can grow your business.