IT SUPPORT SERVICES

The importance of a comprehensive email security solution

Why you shouldn’t rely on generic cloud-based email security to protect your organisation An increasing number of internet-based threats are being deployed via email, which is why it is imperative for your business to have a comprehensive security service in place. It is much easier to stop threats before they become full-blown attacks on your network or infrastructure. Prevention, by means of the detection and blocking of threats, is preferable for the business continuity of any enterprise. Dealing with the fallout of the avoidable and damaging consequences of a lack of security can be extremely complex as well as costly. So, what steps can you take to ensure your email system is secure? Understand the threats Internet-based threats are constantly evolving and are a challenge to detect when sent under cover of an innocent-looking email. Sophisticated methods of camouflage are employed to mask the presence of malicious URLs; for instance, emails can be embedded with: spyware bait for the purposes of phishing DoSA (Denial of Service Attack) spam disguised URLs (containing redirects and/or time delays) zero-day attacks (exploiting undiscovered email security vulnerabilities). Any of these can result in damage to your operating system or applications and may also lead to the corruption or loss of sensitive data. Learn how email security works Internet-level defences identify and eliminate spam and viruses before they have an opportunity to enter your network, and web-borne viruses, phishing threats and spyware are detected and controlled with URL filtering. Email content and attachments, either sent or received, are scanned, monitored and managed according to your own defined policies, driven by your business requirements. Appreciate the risks of low-level protection A cloud-based email security service is provided at a basic level with Microsoft Office 365 and Google Apps, etc. However, your business should not be reliant on this limited level of protection as it is not sophisticated enough to neutralise more than the simplest form of malware. Ignoring the need to detect and block an ever-increasing number of complex internet-based threats could make your business vulnerable to exploitation. Having a service that provides a wide-ranging level of email security could mean the difference between you averting a cyber disaster or finding yourself recovering from one. How Awareness can help ASL can offer an all-inclusive level of security for your email system that: protects critical data from the threat of spam and virus blocks spear phishing campaigns restricts web access (customisable, according to your requirements) filters URLs assists administrator controls protects and supports roaming users. Our service also offers the central management of your security requirements without the need for additional hardware or software by providing a web-based console. For more than two decades, we have supported small to publicly-listed UK corporations with their growing needs for reliable email and an effective security solution that maintains network and infrastructure integrity. Our comprehensive email antivirus service detects and blocks threats before they become a serious issue. To discuss how to enhance your email security, call our Sales team on 0345 862 0345 and find out how we can help you and your business safe online.

Protecting your corporate WiFi

How secure is your network? Modern businesses that require different forms of connectivity and functionality, could be exposing their wireless network to unnecessary risk without proper firewall configuration. Firewalls protect your hardware and networks from unwanted data or viruses trying to get in, or unauthorised systems traffic trying to get out. A systems functionality and security are provided by configuring your firewall with VLAN’s so that network access can be controlled and risks eliminated. Defending your wireless network security with the correct firewall configuration Defending your network security successfully involves the proper configuration of your firewall. The firewall maintains your enterprise’s security by preventing access either to or from a specified network. This is done by implementing firewall rules that define the level of access authorised users have; for instance: corporate WiFi – an open rule to the local LAN and internet staff WiFi – a restricted rule to Remote Desktop and a rule to the internet guest WiFi – a restricted rule to the internet. Secure firewall configuration eliminates unauthorised access to your sensitive data. In turn, this prevents it from being corrupted or leaked, either accidentally or maliciously. This is vital if you have BYOD users who use different devices, including tablets and smartphones. The variation in devices used can make defining who has access to what data very complex. Correct firewall configuration allows for authorised BYOD users to remotely access your private networks securely, using logins and authentication certificates. This is essential to establish and uphold BYOD security and best practice for your enterprise, which maintains the integrity of your networks and data. The role of VLAN’s in network security A Virtual Local Area Network (VLAN) is a way of creating network groups and segregating them from each other. This is done without the need for additional hardware or rewiring of your building. Access is provided to groups, such as corporate users, staff and guests, without exposing your network to any unnecessary risks. VLAN’s are essential to achieve this and: are configured on enterprise-class devices such as switches and firewalls they simplify your network design and deployment allow different networks to share the same hardware whilst being completely segregated. The correct configuration of the switch means that wireless access points can be connected to any of its ports. As long as those ports are configured to the appropriate VLAN traffic, all networks can pass over the same switch without interfering with one another. This means that issues such as broadcast storms, which may arise due to the use of poor equipment or configuration, can be detected and isolated without the other networks being impacted. Why choose Awareness to secure your network? With more than 20 years’ of experience in the industry, ASL design infrastructure solutions for clients utilising enterprise-class hardware. The hardware we supply (switches, firewalls) are fully managed layer 3 devices, that gives us the ability to: define access levels segregate logical networks detect and control network issues such as broadcast storms fully meet your network security requirements. For further information on how ASL can help uphold your network security with Firewall and VLAN configuration, speak to us on 0345 862 0350.

Could your BYOD policy be risking your data security?

The implications for disaster recovery when staff use their own devices at work BYOD (Bring Your Own Device) is a popular trend among UK SMEs, which without a proper policy in place to govern its usage, might be harmful to your data security. When staff access sensitive business information using their own laptops, phones and tablets, there is a corresponding increase in the risk of a disaster happening. Typically, an individual’s own devices are set up with less security and virus protection. Why businesses like BYOD Savings can be made when employees use their own devices for work purposes. Their laptops, tablets and phones are often more up to date and advanced as well as being lighter, more portable, with bigger screens and wider capabilities than your existing company hardware. Productivity increases because of the level of familiarity with your own device. People work better and your business benefits as a result. However, it is important to consider how you could be impacted if you are employing BYOD. You could be making yourself more vulnerable to data breaches and loss and suffer legal consequences as a result. So, what risks should you consider? The associated risks of BYOD Lack of security Disaster is more likely in the form of accidental leakage and data loss, viruses and cyber-attacks when your staff use their own devices. Their device could be easily compromised, lost or stolen, which could give a third-party easy access to sensitive data. The consequence could be extremely serious or possibly fatal for your business. Management of different operating systems Devices are being updated and upgraded all the time, meaning the operating systems are too. The number of different versions make it very complex for a business to manage and support and this can lead to security breaches occurring. Your disaster recovery plan should include an effective solution that addresses this management issue. Having no BYOD policy Arguably the biggest risk of a disaster happening at all is failing to have a company BYOD policy. As well as weakened data security, there are also legal implications. BOYD legal implications and responsibilities Depending on the nature of your business, you may have to comply with legal requirements to do with the Data Protection Act, the Official Secrets Act or the Freedom of Information Act, etc. Your BYOD policy should address who is responsible for the protection of personal information and the implications of non-compliance with legal obligations. BYOD policy planning – what to include Apart from having a legal compliance strategy, other considerations are: network security data encryption local data storage prevention protection controls and limiting access tracking and deploying of applications establishing secure app-to-app workflows. Communicating your policy fully to your employees means they will be aware of what their responsibilities are when it comes to safeguarding your sensitive information. It will also help to reduce the risk of a disaster being caused internally. ASL can help you to successfully benefit from BYOD by performing a full assessment of the risk involved on all devices that access your company data. We can offer qualified advice on the security implications of jailbreaking and sandboxing, as well as assessing encryption methods and the use of passcodes to protect sensitive areas. For further details on creating a BYOD policy for your business that reduces the risk of a disaster, contact ASL on 0345 862 0350.

The dangers of leaving disaster recovery out of your IT budget.

Why disaster recovery should be a necessity for your business, not an option. Many UK corporations take the view that investing in disaster recovery and business continuity is just not necessary and opt to apportion the company budget in different areas. If this is your view, it’s a very risky one and could result in the loss of more than a period of downtime. A significant number of businesses fail to fully recover from the impact of a disaster that they could have survived if only they had had the foresight to plan ahead. So, what stops businesses from planning for the consequences of what could go wrong? Why businesses don’t plan for DR. There are a number of reasons why SMEs fail to plan for how they will recover after a disaster and continue to operate. These include ignorance of the need and/or consequences, thinking it doesn’t apply to them due to size and/or reach of their operation or assuming that their IT infrastructure is secure. However, the three main reasons are: 1. Cost – it is widely assumed the costs associated with implementing a DR (Disaster Recovery) plan are going to be very high. Businesses weigh the perceived cost against what they assume to be a small probability of experiencing a disaster and draw the conclusion that it’s not worth the expense. A ‘we’ll cross that bridge’ attitude is adopted, only to find that trying to deal with the consequences of a disaster when one is actually happening, is too late and costs far more than the initial outlay of an effective DR solution. 2. Lack of outage awareness – many SMEs don’t realise how their business is being affected by small outages and this is likely due to a lack of reporting. Management may assume that their IT infrastructure is solid because they are unaware of any problems. This lack of awareness can accumulate over time to negatively impact running costs and reputation and result in lost business, customer loyalty and productivity. An effective DR solution with appropriate monitoring (see our PRTG product for details) would quickly identify areas in the infrastructure that require improvement and immediately have an impact on efficiency and security of data. 3. Small amounts of downtime are routinely accepted – as par for the course in business and, consequently, they are overlooked or viewed as unimportant. However, what may start as a small problem could exacerbate over time if left unchecked. Disaster could be as a result of human error, a natural event, software/hardware malfunction or cyber-crime but the fact is, the more businesses are relying on their IT environment to support the operation, the more need there is for a reliable disaster recovery solution. Why should you make DR a priority for your SME? Without a disaster recovery plan in place, your business risks: picking up the bill for new hardware/software that may have suffered catastrophic damage paying expensive ransoms as a consequence of cyber-crime (ASL would never advocate paying a ransom) losing income from production/sales losses paying salaries of employees unable to work because the business has ground to a halt security threat to own/client data loss of client confidence inability to recover altogether and facing business closure. How ASL can help with your DR planning and implementation. ASL have over 20 years of experience in helping small, medium and large corporations to plan for and avert the worst happening, keeping you up and running when they need it the most. Our experts can visit you on-site and offer a review of your IT environment and create a disaster recovery solution that is scalable to your business needs and tailored to your budgetary requirements. DR doesn’t necessarily mean having to invest in a secondary data centre. Other options exist, such as Cloud-based Disaster Recovery as a Service (DRaaS), which we will be more than happy to discuss with you to help you conclude which is the best recovery strategy for your business. To discuss your disaster recovery option in more detail, speak to an ASL expert on 0345 862 0350.

Advice on creating a successful disaster recovery plan.

Don’t wait for disaster to strike to decide how to recover from it A surprisingly large number of UK businesses never reopen after a disaster, simply because they did not prioritise the need for an effective disaster recovery plan. Planning now for how you will recover after a disaster is an essential part of ensuring business continuity and ASL have created a helpful guide to get you started. Don’t procrastinate – plan now The percentage of SMEs who have not yet considered how they will recover if disaster strikes could exceed a staggering 50%. However, if you don’t plan at all or leave it until it’s too late, it will take your business much longer to return to an operational state. In fact, the consequences of procrastination could mean not recovering at all and going out of business altogether. Effective planning with clearly defined data recovery strategies could avoid downtime altogether, ensuring your ability to stay up and running while others flounder. Prioritise data to be recovered after a disaster There is an enormous amount of data generated by businesses today and the challenge you face is deciding what data your business needs immediately and what can be left to be recovered later. Trying to recover it all in one go could needlessly increase the amount of downtime you experience and could escalate your costs. Prioritising the data simplifies the process, which increases your ability to bounce back quickly and for less expense. Consider more than one type of disaster Data disaster does not only come in the form of human error or ransomware. Your operation could experience hardware or software failure as well as natural types of disaster, such as fire or flood. Evaluating the impact on your business of each type of disaster will help you to assess the level of risk each one represents, which can then be built into your DR (disaster recovery) plan. Prepare for on-premise and Cloud infrastructure disasters With the rise in popularity of Cloud computing in recent years, there has been a corresponding increase in the need to plan to recover data from that environment. Regardless of whether your infrastructure is Cloud or on-premise based, it’s imperative you are able to recover the data you need when you need it and this should be accounted for in your planning. Define SLAs – Service Level Agreements Whether you have outsourced your DR or you have your own IT department, it is vitally important that data recovery expectations have been agreed by you and your team. If service levels are not defined in this way, misunderstandings could occur, which can negatively impact the level of business continuity that can be achieved. Have a Plan B Ensure your backup plan has a backup plan. Having more than one person who can make decisions and fully understand the nature of the SLA (Service Level Agreement) is extremely important if you want to avoid hindering the successful implementation of your Plan A. Having a Plan B means someone will always be available, regardless of the nature of the disaster or when it strikes. Test, test and test again Testing is a vital part of your planning process. It highlights any weaknesses in your plan and demonstrates where improvements can be made. It also creates a level of certainty that your recovery solution will actually work when you most need it. You should factor in a test at least once a year. A final thought on the importance of updating Updating is not only important for your systems to maintain resilience, but it is essential for your disaster recovery plan too. As your business evolves, your systems, including your hardware, software and how you host your infrastructure, may change. The evolutions in how your business operates must be reflected in your plan or it will fail. For further information on successful planning for a disaster recovery solution, call ASL on 0345 862 0350.

The human error factor in disaster recovery

Ensure business continuity and avoid data loss caused by an internal mistake A key part of any business continuity plan is having a disaster recovery strategy in place that ensures the protection of your most valuable asset: your data. While you may have already planned for threats posed by a potential cyber-attack or a natural event, the biggest threat to the security of your data may be the one right under your nose. The threat posed by the likelihood of mistakes made by your own staff which could result in the catastrophic loss of all your crucial data. This scenario may not only affect you but also the sensitive data you may be holding about your clients. If this happens, you must ask yourself what contingency you have in place to ensure your business survives. The underestimated threat posed by human error According to information received from the Information Commissioner’s Office in the UK, more than 60% of all recently reported data breaches came as a result of human error, compared to not even 10% coming from hacking and inadequate webpage security. If, therefore, the greatest risk to your critical data is an internal one, what can you do to mitigate it? Risk-reducing strategies There are a number of strategies to consider when you are planning for business continuity and disaster recovery; these include: off-site verification/restoration of data automation of data backups storage replication WAN Acceleration to max backup/replication efficiency encryption solutions backing up to Cloud. The off-site verification and restoration of data is regarded as one of the most effective methods of averting data loss caused by human error. This, together with having the right automatic backup solutions in place, significantly reduces the risk if someone pushes the wrong button or unplugs something they shouldn’t. The risks can be reduced even further by adhering to best practice. Recommended best practices for any UK Business The backup of data to an offsite data centre is critical to safeguarding the integrity of your information and is highly recommended as a best practice for any UK organisation. Making sure that your staff are as well trained as possible is another best practice, as they themselves have a deeper understanding of what’s at stake. However, even though your staff may be well-trained data is backed-up to an off-site location and you’ve automated and encrypted as much as possible, the risk posed by human error remains. So, what else can be done? Final considerations Include a strategy that addresses human error in your business continuity planning. If you are not sure how to go about this, our experts at ASL can help you to identify a solution that works for you. Adhering to defined processes is something else to address. ASL can also help define what these should be for your company and how they should be carried out in a way that reduces risk as much as possible. Having the right technology can do much to reduce the risk of data loss occurring due to human intervention. ASL can advise you on the most suitable hardware/software for your business, no matter what size, taking your specific objectives into account. To err may be an inevitable part of being human, but losing data that is critical to your business is avoidable with the right precautions in place. For further information and to discuss how ASL can help you with your DR and BC requirements, call us today on 0345 862 0350.

Using network and systems monitoring to protect against UPS failure.

Ensuring your business doesn’t get caught out by UPS outage. The need for effective network and systems monitoring was recently highlighted by the May outage suffered by BA. Their systems failure not only caused days of travel chaos for customers, it also led to BA suffering significant financial loss and major damage to its reputation. The failure was blamed on a datacentre UPS system failure, however this is unlikely to be the whole story as the secondary disaster recovery facility was also affected by the outage. What really happened is still unclear, but the fact is, having the right monitoring solution in place can help you to avoid a similar catastrophe. Why is a UPS so important? Having your data replicated to a datacentre means your files will be protected against loss or corruption in the event of a disaster. To maintain the integrity of your data as well as ensuring your ability to access it, you must remain online. A continuous supply of power is essential for this to happen, which can be achieved with a UPS. If properly configured, a UPS can have two functions in the event of an outage. The primary function is to keep your systems running until mains power is resumed, eliminating any downtime that could interrupt the normal operation of your business. The secondary function is to smooth out any spikes in electrical current, which could cause a power source to blow. Smoothing out these surges helps protect your hardware and its components from damage. Having the correct monitoring software solution in place means that your UPS resilience can be ensured, and problems caused by power surges can be immediately identified, smoothed and reported. Safeguarding your data in the event of an outage. After making sure your system is fault-tolerant, there are three other things to consider when safe-guarding your critical data: SAN (Storage Area Network) Maintaining the integrity of your critical data can also be done by separating it from the server using a SAN (Storage Area Network). The intelligent controlling of dual power supplies should also be implemented to ensure continuous protection. Disaster Recovery With a good disaster recovery solution, a replication server is dedicated solely to the roles of backup and export. All servers that are in a DR mode can be exported out in a clean and consistent manner to ensure data integrity so that it cannot be influenced by a failure at the primary site. Disaster Recovery testing Constantly testing your DR solution means that you can be secure in the knowledge that should an unplanned event happen your contingency will work when you really need it to. Avoiding a high level of disruption to your business due to a UPS failure could save you and your customers days of frustration and hassle. Outsourcing your network monitoring to ASL makes sense. At ASL, we can provide you with effective network and systems monitoring that protects your critical data. This includes safeguarding the resilience of your UPS, and the implementation and testing of a comprehensive disaster recovery solution that’s tailored to your needs. To find out more about our networking and systems monitoring solutions, ask your Sales manager or call us on 0345 862 0350.

Provisioning for data backup and disaster recovery

Why is lethargy and ignorance as much of a threat to business continuity as disaster itself? An essential part of maintaining business continuity in the event of a disaster is backing up your data and keeping it secure, because, should disaster strike and your data prove unrecoverable, your business could be forced to close. Regardless of such dire consequences, the fact is, that over 50% of UK SMEs remain ignorant of the risk. Instead of planning for a disaster, they do nothing, risking both their own livelihoods and those of their workforce. Awareness of the dangers and implementing business continuity solutions gives you the opportunity to do something about it, helping to safeguard your business today – and tomorrow. But, what are the dangers and where do the threats come from? Disaster and recovery – obvious threats The more familiar threats to the integrity of your data come in the form of cyber-criminals, natural weather-related occurrences, and human error. Recent high-profile cases point to the rise in ransomware attacks but major disruption has also been caused to businesses by flooding, or people simply disconnecting a power supply. Without a proper disaster recovery plan in place, it could take you weeks to get back up and running. By consulting with an expert business continuity service provider, you can insure your business against such events. The continual automated backup of your systems means that any data lost can be quickly and easily restored in a very short period of time. Disaster and recovery – less obvious threats Moving to the Cloud – as your business evolves, a less obvious threat comes in the form of transitioning your environment to the Cloud. As your data grows in volume and your network expands to accommodate mobile users, adequate backup and recovery and network monitoring are essential to secure your files and alert you to any unusual activity. Lethargy and ignorance – according to market sources, more than half of all SMEs don’t perform a daily backup. The assumptions could be that backup is time-consuming and costly or that they don’t need to because they are ignorant of the consequences or maintain a ‘won’t happen to us’ attitude. The dangers of not having a disaster recovery strategy include: loss of data loss of revenue high cost of replacing costly hardware/software loss of client confidence inability to continue to operate. Reasons to use ASL’s disaster recovery services ASL are a specialist provider of disaster recovery services with 20 years of experience helping SMEs guard against the worst happening. Planning for a disaster means your systems and files are protected against human error, natural disaster or malicious attack, enabling you to continue to operate your business with minimal disruption. We consult with you to fully understand your business needs, and offer tailored backup and recovery solutions that match your requirements. To find out how to provision for data backup and disaster recovery, contact us at ASL on 0345 862 0350.

ASL industry leading IT support services across Manchester, Cheshire and the UK

Wide-ranging IT support available on your doorstep. As a Manchester based IT service support provider, we are perfectly positioned to deliver industry-leading, managed IT support services to businesses around the UK. We have years of experience helping small, medium and large corporations with their IT issues, and offer an extensive range of services that deliver flexibility and value, that can be easily scaled up or down according to your business needs. 6 reasons to choose ASL Fully trained locally based IT experts – we offer first-line IT support services to businesses based anywhere in the UK by phone and email. Wide-ranging IT experience – we deliver industry-leading IT support. We are specialists in Microsoft Technologies, Microsoft Dynamics, Cloud and High Availability Systems. We offer advanced support covering a wide range of hardware and software products – including SAN’s, printers, firewalls, PCs, and SQL servers. We can help you, whatever your requirements and deliver affordable IT support so that you don’t have to pay to hire, train and manage your own IT department. Easy access to disaster recovery – outsourcing your backup and disaster recovery to us ensures your business quickly gets back up and running after a disaster, whether that’s a malicious ransomware attack, human error, power outage or weather-related disruption. With our help, you can remain operational. Onsite Surveys – we provide onsite surveys to give you the opportunity to discuss your business IT support requirements. Cost control – recruiting and training your own in-house IT support team, and keeping them up to speed with every development, can be very expensive. We constantly update our skill set, provide training and keep up to date with developments in the marketplace, so you don’t have to. Stay competitive – because your resources are not being stretched by maintaining your own IT department, you can direct your finances and expertise towards developing your business. To discuss your IT support needs, call us at ASL on 0345 862 0350.

4 reasons to use Quest Rapid Recovery to restore your IT systems.

Recovering quickly from disaster with Quest Rapid Recovery. Until recently, recovering quickly from a disaster was out of reach for most SMEs. Getting back to a point where your IT systems and data were restored and you could resume ‘business as usual,’ would likely have meant days or even weeks of costly delays. Today, it’s a different story as reliable protection, backup and data recovery from an event that interrupts your normal business operation, can be achieved with Quest RR. Why use Quest Rapid Recovery? IT recovery in minutes – the Quest Rapid Recovery solution is designed to meet the demanding Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) required by businesses today. In the event of the worst happening, the last thing you want is for your business to be exposed while you strive to become fully operational again. With Quest RR, downtime is kept to a minimum. Instead of losing information, or experiencing a lengthy delay until systems are restored, your business-critical data can be available in minutes instead of days. Flexible yet simple Quest Rapid Recovery is easily deployed and scalable in line with your changing business needs. It performs simplified and reliable backups that can be kept for an unlimited period, which means your server infrastructure and data can be quickly restored as your files can be recovered from any point. Powerful protection The advanced replication features of Quest RR, allow you to powerfully protect the whole of your IT environment, whether that’s your data, business systems, or the applications you’re using. All your data can be archived and different recovery options set to fully restore your files. You have the option to restore a single email or file, a drive, data from physical hardware that has been added after the original replication image was created, or you can restore from one virtual environment to another. Peace of mind Protecting your business from disaster with Quest RR offers you peace of mind. The complete offsite replication of your data is backed up to ASL’s datacentre via a base image. Subsequent backups performed are incremental. These backups are then compressed, de-duplicated and replicated to reduce bandwidth and storage consumption. Keep your critical data safe and restore with minimum disruption With ASL and Quest Rapid Recovery, all your business-critical data is totally secure. There are no upgrade backup software license fees to contend with further down the line, plus the equipment we use at our datacentre is the latest Dell servers/hardware, designed specifically for disaster recovery purposes. With Quest RR, you can rest assured that your data is being backed-up at a schedule created to match your business requirements. To find out more about Quest Rapid Recovery, contact ASL on 0345 862 0350.

Find out how our knowledge can grow your business.