Successful security audit

How can your business manage a successful security audit? IT audits—no one enjoys them, but they are a critical part of today’s IT security solutions. Audits are necessary to keep your company’s network and assets safe and secure.

While it is true audits are necessary, dealing with outside auditors can be a less than pleasant experience. What happens if they make a mistake? What if they don’t do their work properly? Then as the leader of the IT department, you’ll bear the responsibility, especially if an intruder subsequently makes their way into your systems.

Is there a way to have a successful audit, even when bringing in outside auditors? The answer is yes, when the audit is done in the right way and with the right auditor.  In a recent article by Mark Weir from from Techrader, he asks how much security is enough?

Successful security audit

Cybersecurity is a major concern for businesses, especially since hackers are getting smarter and bolder.
To protect your company, a robust cybersecurity strategy is vital.

Establish security through annual audits

While security audits are important, many companies fail to conduct annual audits on their networks. The reasons for this are many. Some view this as unnecessary—if they’ve not suffered an incident, then they must have strong enough security. Another reason could be the expense of having an audit each year.

While these reasons may seem understandable, the fact is that businesses are facing more security breeches than ever before. This is true for businesses of all sizes—from corporations down to small businesses. Now is the right time to ensure your network is secure, rather than waiting to be hacked.

If your company has never conducted a security audit, then it’s time to implement annual audits. You might think of an annual security audit as being similar to having a physical each year. The doctor does a first physical exam and uses this as a comparison for future physicals. When something is different in a subsequent physical exam, then it must be investigated.

Spell Out Your Objectives

When it comes to finding the right auditor, it’s a good idea to develop your audit objectives in advance. These may include:

  1. Writing down a list of all company assets (including data, computer equipment, and more)
  2. Define the security perimeter: things that will be included and those that will not be included in the audit.
  3. Define threats
  4. Prioritise Risks
  5. Make a list of security improvements and best practices to eliminate threats

Now you have a list of objectives for the audit, meaning these are the areas that the auditor needs to focus on.

Choose auditors with experience

What you’re looking for is an auditor (or a team) that has real-world experience with security technology. This way they’ll have the ability to even the most elusive and serious security issues. You might also ask to see any published works they’ve written. This is another way to see if the auditor has the experience and the knowledge to conduct a proper security audit.

Instead, contact business connections and see if they can recommend some experienced security audit firms. In addition, ask each audit firm for a list of references to past clients, and then contact these firms and ask about their own experience with the audit firm. Once you’ve created a list of auditing firms, ask them for details on how they conduct an audit.

Prepare for the Audit

Now that you’ve found the right auditing firm, you’ll need to make sure they’re onboard with your objectives and the type of data they’ll have access to. This is where many companies and auditors have their first problem. Everyone assumes the other side knows what data will be accessed during the audit. The auditor may have their own ideas on the subject, and your company may have its own view on the matter. Never make the assumption that you and your auditor are on the same page about access to data. This is something that should be agreed to by you and your auditor before the audit begins.

In addition, it’s necessary to keep those people and departments involved in the process. You’ll want to involve the department managers who will be affected by the audit. This way, they won’t face sudden, unpleasant surprises in the course of the audit. For this reason, it’s a good idea to create some audit rules in advance:

  1. Managers will need to determine any specifics to limit impact on their systems. They may specify the day and time when testing will be optimal for their processes.
  2. Auditors will need an “indemnification statement” that gives them authorisation to conduct the audit. This should also be sent over to your ISP, so they aren’t alarmed by the large volume of port scans on their address space.
  3. Auditors generally expect access to certain data and documentation to analyse your network. These may include:
    • Copies of all policies and procedures (may include passwords, virus scanning, acceptable use info for employees), privacy guaranteed (to keep company users and client data secure), privileged access and incident handling.
    • Information about your network, and specification of target IP ranges
    • List of security devices (firewall, IDS)
    • List of software used on the network
  4. Ensure the auditor has a plan, and that they provide you with the details.
  5. When the audit’s completed, you can review the results to plan your future strategy. The audit report should cover:
    • Threat sources (internal and/or external)
    • Probability of an attack on the network
    • Impact of the attack (should outline how much money the company could use, would this affect the company’s reputation, and more)
    • Recommend actions to fix any problems

In conclusion

Whilst security audits aren’t fun, they are essential. Especially when you see trends that change overtime. The audit provides essential information on the health of your network. As well as vulnerabilities that could put your company in danger.

Contact the LIS Help Desk to conduct a security audit with confidence, knowing your network will be more secure as a result. Our experienced team are always on hand to answer your questions and keep your business secure.

LIS – SECURING YOUR DIGITAL WORLD

#Security #Audit #ITSupport

Work from anywhere

Technology started allowing us to work from anywhere remotely in the early 2000s. Laptops, VPN and increased Internet bandwidth set this trend in motion, allowing people to connect to corporate networks from home to access email, servers or other systems. Employees depended on this way of working to perform their daily duties.

What it didn’t address at the time was the human element. People’s desire to work on their own terms, anytime, anywhere and on any device. In the early 2000’s technology didn’t readily support this paradigm of “remote work”. Most workers didn’t even know what they were missing in terms of flexibility or convenience.

Work from anywhere, any device and any time

More and more large companies are realizing the benefits about working from home. Why stress your employees out with the expense and commute in to the office. Business Insider explores some of out largest companies working from home.

We’ve put together a brand new guide to show you the most important things to consider with a permanent flexible working arrangement for your people.

Work From Anywhere

The future is now… YOUR desktop, anytime, anywhere, any device! IT does not need to be complicated. Business owners need to concentrate on what they do best, running their business.

Top technical desires

Working 0nline or offline: Back in the late 90’s, for those old enough to remember, Lotus Notes pioneered this concept. Notes had the ability to replicate databases locally between servers and users’ local desktops. Today many technologies do this seamlessly to access emails, files or other corporate systems.

Instant gratification: Today users want access to information immediately and from any device. A mere 15 years ago expectations were very different. Employees had to be logged into a PC at the office to gain access to data. Expectations have taken a monumental shift thanks to new technology. Now smartphones, tablets, broadband, WiFi, and 4/5G all make information accessible at our fingertips.

Advanced communication: Recent advances in infrastructure and hardware have enabled new ways to communicate and collaborate. The use of these new platforms differs based on age, culture and social boundaries. There are so many choices available that employees can communicate via more channels than ever before. Document sharing, enterprise social media, gamification, instant messaging, phone, text, email, video, video or voice chat, screen sharing.

The new normal

Work anywhere you have an internet connection and often where you do not. There are many closed based back up solutions. We would recommend OneDrive.

With the ability to synchronise your OneDrive and your machine, you can now save your documents to a local folder. They will synchronise to the cloud in the background! Start a document at work and save it. The file will fly off gently to the cloud without human intervention. You can then pick up where you left off in a coffee shop or at home, working locally or in your browser. It does not matter which browser either, it works in Edge, IE11, Safari, Chrome or Firefox.

Work anytime

Well you can work anywhere, on any device so it follows that you can also work at any time. Now you may see this as a blessing or a curse. A blessing because you are not tied to your office and the opening times of the building. Which means you can get that report finished no matter where you are or what time it is. However, that is also a curse because you could work all night if you wanted to or even if you do not. Great for night owls!

As we adopt a more mobile workforce and many professions now run their business from a home, the office or even a coffee shop. We would recommend using Office 365 and take advantage of our Office 365 Security Package. It is easy to use and collaboration with clients and colleagues is now much easier.

Review your IT infrastructure. Enable your team to work from anywhere

Moving to Office 365 has huge benefits for productivity and collaboration. Because Office 365 has many security features built in it can be achieved safely. The extensive compliance manager gives controlled access to your data. You can remain in control and as an added benefit you quickly achieve full GDPR compliance. Have you moved to Office 365 yet and has it transformed your working life? Is your IT system set up and ready for your workforce to work from anywhere, any device and any time?

Contact the LIS Help Desk to speak to one of our experienced IT technicians. We carry out an IT audit to enable us to what recommend the best hardware and software solutions. Find out how we can make your workplace mor efficient and productive.

LIS – SECURING YOUR DIGITAL WORLD

#FreeGuide #NewWorkingPatterns #PreparedForTheNewNormal

Mobile users feel ripped off

Overpayments ‘rip-off’ on phone contracts could cost you more than £400 a year, Which? says The regulator has asked providers to reduce monthly costs after customers have paid off the price of their phones. Mobile users feel ripped off, as high-end handsets tend to only be sold with expensive tariffs. They come packaged up with a generous inclusive allowance. This means shoppers often buy tariffs that significantly exceed their needs.

Which reveal mobile users feel ripped off

A third of mobile phone customers are still being charged the full price of their contract – even after paying off the cost of their handset, Which? has warned. The BBC reported the news story and listed some of the worst offenders.

A third of mobile phone customers are still being charged the full price of their contract – even after paying off the cost of their handset, Which? has warned.

The consumer rights group is calling for networks to end the “overpayments rip-off”, which costs an estimated £182m a year. It estimates some Britons could be out of pocket to the tune of more than £400 annually.

Mobile users feel ripped off

Your phone company could have overcharged you by £400. Customers are still overpaying when contracts end.

Which? found that 36% of people whose contract ended in the past two months are still paying off the price of their smartphone.

This is despite providers promising Ofcom that, from February 2020, customers would get a reduced tariff after their contracts end – reflecting the fact that the device had been fully paid for.

Three was the worst offender, Which? claims, with 43% of customers whose contracts ended in the past six months seeing no drop in the price of their monthly bill.

This meant that someone with a “bundle” contract on a Samsung S20 5G – which came out at £37 a month – would be overpaying their bill by as much as £444 a year after it ended.

About 40% of EE customers saw no price drop at the end of their contract – with 31% of Vodafone customers seeing no change either.

Are you due for an upgrade?

Here at LIS, we offer everything your business needs to keep talking. Specialising in business telephone systems, lines & calls, broadband, business mobiles and IT services, we’ve got you covered. From our first conversations, our in-house team of experts will ask the right questions so that we can recommend a solution that will both perform and deliver a return.

Contact the LIS Help Desk to make sure you not overpaying. Are your handsets out of date? Are you fed up with slow Internet speeds? We offer every telecoms service to get you connected. We supply sim only connections with no hardware so there is complete clarity over how much you pay. You don’t need to change your phone unless it suits you. We may not be the cheapest but we don’t rip you off!

LIS – SECURING YOUR DIGITAL WORLD

#Telecoms #Broadband #Business #ITSupport

Bored of virtual meetings?

Do you use Zoom or Teams for meetings? Are you bored of virtual meetings and how can you add the wow factor to your next one? USA Today have written a blog with some fantastic tips.

Don’t get bored at your next virtual meeting

First, make sure you actually need to hold a virtual meeting. Attendees should interact, ensure their voices and opinions are actually being solicited. This means: cut the monologues. If you’re making an announcement or sharing information that only requires your audience to listen, consider simply sending out an email.

Once a virtual meeting has been deemed necessary, try implementing these realistic tips to banish boredom, keep things interactive, and encourage participation.

Bored of virtual meetings

Another virtual meeting? Make your next meeting more interesting with filters, polls and live animals. The important point to remember is make it interesting.

Set expectations

Before the meeting even starts, allow attendees to get into the right mindset by setting expectations for their participation. This will make sure participants will not be bored of virtual meetings.

Present a problem in the agenda and ask everyone prepare and present ideas for solutions. Request that all attendees be on video mode and in a quiet (or at least a private) space during the meeting. Set ground rules for conduct, such as “thou shalt put away phones and not work on other tasks”.

Dedicate time to checking in

Remote work can get lonely and isolating, so take some time before the meeting proper to let everyone share what they’ve been up to. Ask them about the highlights of their week or what challenges they’re currently facing. Better yet, get everyone to show appreciation to their fellow colleagues. Bored of virtual meetings will be a thing of the past with this type of communication.

Social bonding keeps team members engaged and encourages creativity, teamwork, and collaboration, so be sure to cultivate it even when on virtual platforms.

Let people take ownership

Assign people with tasks like time keeping, facilitating, and note taking. If you’re running an ice breaker or conducting a warm up (see below), you can assign one of the attendees to be in charge.

Also, ensuring that every attendee has a role – whether it’s decision maker, adviser, recommender or executor. This helps you keep meetings small, which is great because the more people at a meeting, the less engaged each person will be.

Start with an ice breaker

Jumpstart communication and break through awkwardness with ice breakers! Conducting a fun ice breaker will help activate the right brain. Set the stage for creativity and participation and get your attendees comfortable with speaking and interacting with each other. These are the perfect conditions for an effective virtual meeting.

Jazz up your material

Did you know that visuals increase engagement by as much as 94%? They also help increase audience attention and memory, boost feelings of inclusiveness, and encourage interaction. Try using visuals throughout your meeting to give context, illustrate a point, or provide levity.

Virtual IT Business Support

We understand the challenges we are currently facing in the business world. As well all know, there is nothing better than a face to face meeting. However, businesses need to be able to support their staff, clients and suppliers needs. Contact the LIS Help Desk to discuss your requirements.

Here at LIS we understand the challenges business are currently facing in this changing world. We all know there is nothing better than a face to face meeting, and all our clients get regular in-person contact from us, at least in normal times. However, most of our work (95%) is done remotely, often without our clients even knowing there was problem, let alone that we are fixing it! It’s second nature to our team because we have worked like that since we started nearly 25 years ago! So, if you have a bored technician who is making you sit through boring chat rather than just getting on with fixing your problem, call us. Our new clients tell us it is a refreshing change to enjoy calling tech support… it seems we fix people as well as systems. Who knew?

LIS – SECURING YOUR DIGITAL WORLD

#technews #zoom #teams #MakeVideoCallsExciting

IT issues affect productivity

Companies are experiencing several challenges at the moment. IT issues affect productivity within the workplace. We are all working  in strange times. Prioritising productivity will help your business succeed during these challenging times.

You’ve spent a significant amount of money providing your employees with the latest and greatest that modern IT has to offer, yet your general productivity levels have stalled out. Obviously, this is a problem with the person using the tool as opposed to the tool itself, right?

So, to help you, we’ve compiled a list of the biggest IT issues that could be affecting the productivity of your business. As well as suggesting some tips on how to fix them.

IT issues affect productivity for remote workers

Computer Weekly wrote an article about how remote workers air long-term productivity concerns. More than a third of the UK’s remote workers claim their home setup needs to be urgently revamped. As they need to ensure they can remain productive throughout the duration of the Covid-19 coronavirus outbreak. This pandemic has caused problems as IT issues effect productivity. Due to the amount of home workers not being able to access the same technology as in the office.

IT issues affect productivity

One of the biggest mistakes that business owners make usually involves assuming that any tech-related issues are actually people-related issues.

Q: I’m struggling to communicate with my colleagues

A: With most people still working remotely, communication and collaboration need to be front of mind. You can no longer lean over to ask someone a question. Nor can you easily meet a colleague for a coffee or meeting. Instead, all communication relies on technology. If you don’t have the right tech in place to facilitate effective communication, your business will suffer. Group projects will take longer, errors will occur, training will become less effective and important tasks may get overlooked.

Invest in effective communication tools. Applications like Microsoft Teams allows colleagues to connect with each other (and external professionals) via chat, audio and video functions. Colleagues can also collaborate on group projects together and the platform will automatically link to Microsoft Outlook, meaning calendars can be synced.

Q: I keep experiencing the same IT issues and there’s no one there to help!

A: Reoccurring IT issues will stunt the productivity of your business. Moreover, if your IT support provider is unreliable and unresponsive, it will take unnecessary amounts of valuable time to solve these issues. IT downtime will cause frustration and prevent employees from completing important tasks, which, overall, will be a significant and unnecessary cost to your business. IT issues affect productivity not just for colleagues working from home but the whole team.

Partner with an IT support provider that you trust and don’t just settle for the cheapest option. In the tech industry, cheaper rarely means better. Technology underpins every aspect of your business, so you need to make sure that your IT support partner is delivering genuine value for money. We’d also recommend an IT support partner who can suggest and implement effective cyber security. This will make sure your business is safe and secure.

Q: I’m stressed at work! I have lots to get done and don’t have the right tools to do it

Employees aren’t satisfied with the systems, platforms and technologies that are in place to help them do their job. During such challenging times, you need to ensure that working life is as stress-free as possible for your employees. For optimum productivity, your staff need to be happy and satisfied with the tools available to them. The happier the employees, the better the customer experience. This ensures a more productive business with greater the profits.

A: Use employee feedback software to gain anonymous employee insights and identify issues within your business. Employee feedback software provides your employees with a platform to raise their concerns in confidence. As such, you can discover what is or isn’t working about the tools and systems that you have in place.

Q: I can’t access my work and now I have to start again!

If data is not backed up or stored effectively it can be extremely difficult to recover. Staff will be required to re-do tasks. Wasting valuable money, time and effort.

A: Cloud computing will transform the security and accessibility of your data. Storing data in the cloud allows you to access it from any device, at any time, provided you have a strong internet connection. With a cloud based system all your data will be back up securely. Employees can access their documents using a separate device and secure login. This is especially useful when working remotely.

Q: Our tools and technology aren’t suited to the needs of our business

Ask yourself, are the tools, technology, systems and applications in place really best suited to the needs of your business? Slow PCs, broken servers and reoccurring IT issues will inevitably lead to IT downtime and reduced productivity. Are you fully utilising your CRM systems? Or are there areas where they fail? Are your staff having to complete things manually, because technology is failing to do so? Could you automate a process?

A: Speak to your IT support partner, as you will undoubtedly benefit from professional technology consulting. Implementing the right technology and automating processes will improve the overall productivity, efficiency and success of your business.

Q: Our technology works for us now but won’t be able to cope in the future

Outdated technology can be a major IT issue. Relying on technology because it ‘does the job now’ and overlooking its weakness will stunt your business’ growth in the future. You need to align your IT strategy with your business goals, so that technology will facilitate success, not limit it. Whilst business growth may not be at the forefront of your mind during these challenging times, you still need to plan and prepare for success in the aftermath of the pandemic. Don’t let technology and an ineffective IT strategy be the thing that holds your business back and leads to productivity loss in the future.

A: If you’re unsure of whether your current IT strategy is limiting business growth, contact the LIS Help Desk. At LIS, we’re passionate about digitally transforming businesses, so that they can use technology to thrive. We can make sure your IT issues affect productivity are fixed as quickly as possible.

Our experienced team will regularly review your systems. Make sure your  security is up to date. As well as suggesting upgrades to your software and hardware. We look after your IT systems, making sure your team are more productive.

LIS – SECURING YOUR DIGITAL WORLD

#ITSupport #Networking #Business #Telecomms