Australian Democracy is Protected by New Cyber Security Service

Australian Democracy

Australian Democracy is Protected by New Cyber Security Service

Microsoft has opened up its new Defending Democracy Program to Australian entities in the security and political arena to help protect against cyber attacks.  

Australian Democracy

With the threats of cyber attacks during global elections, it’s a good time to think about how important democracy is to all Australians as well as taking stock of how good the security is when it comes to democratic rights and institutions. In 2018 in the United States, Microsoft launched AccountGuard, a special security service designed to offer additional critical cyber protection to users operating in a political sphere. This service is a key component in their initiative Defending Democracy.

AccountGuard Available to Australian Organisations and Individuals

In March 2019, Microsoft announced that its AccountGuard service was available to eligible individuals and organisations in Australia. In recent times, forces disruptive to democracy have used technology to game political systems. In February, Australians were reminded of this new threat to Australian institutions when the Australian Government revealed that a well-thought-out cyber attack had been launched against the people and systems in Parliament House. It was revealed further that the cyber attack was also directed at major political parties in the Australian Government by the same malicious entity.

Defending Democracy Initiative

Microsoft has developed AccountGuard as a part of a broader response under the Defending Democracy Initiative, a program to defend against growing threats of foreign interference in the country’s democratic processes in Australia and around the world. After the well-publicised allegations of foreign-sponsored interference in the United States 2016 Presidential elections, multiple additional reports have presented other attempts by nations, individuals and entities to damage, attack, and undermine the critical democratic infrastructure and institutions.

The Australian Government has responded by offering the AccountGuard service at no cost to political parties and candidates who use Microsoft Office 365. AccountGuard provides notifications about any cyber threats which include attacks by known foreign nations, personal accounts of the political organisations’ staff and leaders, and across email systems used by eligible organisations.

Microsoft AccountGuard is now available to all political candidates, campaign offices, and parties which operate on a state or national level. It is also being made available for eligible Think Tanks and other associated entities. If you or your organisation is eligible to install Microsoft AccountGuard, you can go to https://www.microsoft.com/accountguard to ask for an invitation to learn more or enroll. Australia now joins the United States, India, Canada, Ireland, the United Kingdom, and 12 more European countries in having access to this security service.

From Microsoft, “while AccountGuard does not replace existing security solutions and best practice, it is a useful tool in political parties’ kitbags to protect them and their candidates from unwanted interference.”

From Microsoft’s Website

Microsoft AccountGuard is a new security service offered at no additional cost to customers in the political space. The service is designed to help these highly targeted customers protect themselves from cybersecurity threats.

Specifically, the service provides:

  • Best practices and security guidance specific to those in the political space.
  • Access to cybersecurity webinars and workshops.
  • Notification in the event of a verifiable threat or compromise by a known nation-state actor against the participant’s O365 account.
  • Notification to both the organisation and, where possible, the impacted individual if a registered Hotmail.com or Outlook.com account associated with the organisation is verifiably threatened or compromised by a known nation-state actor.
  • Recommendations to the participating organisation for remediation, if a compromise is confirmed.
  • A direct line to Microsoft’s Defending Democracy Program team.

Australian Businesses Closed Due to Phishing Freight Scam

Australian Phishing Scam

Australian Businesses Closed Due to Phishing Freight Scam

Several Australian businesses have become the targets of a phishing freight scam losing an average of $30,000 to $100,000.  

Australian Phishing Scam

Phishing is on the rise as a method of online criminal activity focused on businesses. Victims are being scammed out of tens of thousands of dollars via this email phishing scheme. Right now, scammers are directing their fraudulent activity at IT and electrical businesses. Several Australian companies have shut down after becoming victim to a freight forwarding email according to the Australian Cyber Security Centre (ACSC). These victims are losing an average of $30,000 to $100,000 after sending their products to the scammers who request delayed payment credit terms from the victims.

How Does The Freight Scam Work?

The scammers trick victims into participating by spoofing internet emails, domains and signatures of executives of large Australian companies and universities to legitimise their communications. An example of how they work is they send their email from lendleases.com.au instead of the actual website lendlease.com.au. One of the fraudulent emails that the ACSC released is supposedly from a Chief Procurement Officer at the University of Sydney.

On each purchase order, the scammers request laptops, hard drives, cosmetics, defibrillators and environmental monitoring equipment, all items that can be easily resold. The targets are asked to ship the orders to a freight forwarding company which in turn, then sends them on to another fraudulent entity who acts as a middleman. Then the freight forwarding company becomes a second victim when their bill is paid using stolen credit cards or using an established credit line.

How are Fraudulent Orders Identified?

In this case, the scammers are requesting shipments to many locations including Singapore, Dubai, Dagenham, Kuala Lumpur, Malaysia and Deira according to the ACSC. Businesses should never automatically trust any unsolicited order of goods with credit without further investigation. However, it’s possible for these orders to slip through the cracks if you don’t have a strict policy for your approval process on every transaction. The ACSC requests that all organisations should do due diligence on any new customers or unusual orders, and investigate any customer before granting credit. They also suggest that businesses should check the domain of websites and emails that are referenced on a purchase order. A good follow up is to contact customers by phone to confirm that they are a legitimate company, and have placed the recent order. Lastly, it’s important to verify the shipping address over the phone.

What is Phishing?

Phishing is one of the most commonly-used cyber attacks in Australia. Statistics from the Office of the Australian Information Commissioner show that phishing accounts for 39 percent of all breaches reported. Therefore, it’s important to be aware of how to protect yourself at home and at work from phishing.

How Does Phishing Work?

The victim receives an email that is simple in format and generally personalised and potentially from a known sender. It may look like an official email from a known organisation or company, and it invites the victim to click on an embedded link. Wording varies, but it may say, “click to learn more” or “click to see the image.” After clicking, the victim is redirected to a web page and asked to enter their user name and password or for other personal information. Once the personal information is filled in the attacker then sends emails to everyone in the victim’s address book and the cycle repeats.

What are the Dangers?

While having spam email issued from your own email account is annoying and a problem, the larger issue is that the victim has given the attacker their user name and password. With an email and password, the attacker can easily hack into anything the victim uses that email and password for. Most people repeat email and password data for multiple accounts. In the world of cloud storage, this can be several accounts including email, CRM, file storage, banking, and proprietary applications.

NSW Police Shut Down Telecom Scam Preying on the Elderly

Telecom Scam Elderly

Telecom Scam Elderly

Australian police ended a telecom scam in NSW closing the door on millions of dollars in theft. 

The New South Wales Police has shut down a Sydney-based syndicate with members who posed as telecom technicians and persuaded victims to enable remote access on their home or business computers in order to “fix” a security flaw in their internet. NSW authorities arrested the alleged leader of the syndicate, a 25-year-old man originally from South Wentworthville, and closed the operation after receiving intelligence from the Fintel Alliance run by Australian Transaction Reports and Analysis Centre (AUSTRAC) which has the big four banks as members. The Fintel Alliance reported that it was able to provide the NSW Police Department with financial intelligence about an elderly customer who had $20,000 stolen from his bank account.

Banking Scam Syndicate

The syndicate “used a variety of methods to gain access to the financial accounts of victims and transferred the funds into accounts controlled by them” according to the NSW Police.

“The most common method involved members of the syndicate cold calling victims and asserting to be technicians from their telecommunication company,” AUSTRAC said in a statement. The syndicate convinced the victim there was a security flaw in their internet access and the victim allowed the syndicate to control their computer via remote access.”

National Australian Bank Security Assisted NSW Police

National Australia Bank had a role in this particular case. “We work hard to protect our customers, and by working closely together on issues like this we are able to deliver better outcomes for customers and the broader community” NAB enterprise security officer David Fairman said. “The threat landscape is constantly evolving and we continue to invest in both detection and prevention to protect our customers.”

NSW Police renewed calls to avoid providing any banking information to someone over the telephone unless you’ve taken steps to verify who the person calling and requesting is after the arrest and dismantling of the syndicate.

“Additionally, government agencies and most telephone and internet providers will not request you make payment via iTunes or Google Play or similar gift cards,” NSW police said.

Who is the Fintel Alliance?

The Fintel Alliance is a public-private partnership, launched in 2017, that brings together a wide range of organisations that are involved in the fight against terrorism financing, money laundering and other serious crimes. Remote-access scams like the one recently shut down are used to steal millions of dollars out of Australians. In May 2019, the Australian Cyber Security Centre reported that someone who was impersonating Australian Government cyber security personnel was trying to persuade individuals into revealing bank information and compromising their computers.

2019 Cybersecurity Trends: Preparation for a Cyberattack

Cyber Security Attack

Cyber Security Attack

How familiar are you with all of the types of cyber attacks your company can become a victim of? 

The list of companies who have faced a cyber attack recently is long and growing longer. Equifax, British Airways, Cathay Pacific to name just a few. In 2018 alone, the Ponemon Institute measured the costs of these data breaches at $3.86 million per incident globally. Recently, a cybersecurity trends discussion for 2019 with Check Point stated that it would be another year of hard-hitting cybersecurity attacks and breaches.

Security companies such as Check Point, a multinational provider of combined hardware and software products for security, is based in Israel. And they are searching for new ways to better secure IT. Their global chief of threat detection, Orli Gan, states that the solution will come from manufacturers, law enforcement and government, not from companies like Check Point. The cybersecurity company predicts that every company will become a victim of a cyber attack in 2019.

Gan stated to Verdict: “You can just choose whatever name you want, any company in the world and they either were, or are, or will be hit by a cyber attack.”

Fastest Growing Crime is Cyber Crime

When comparing cybercrime in 2019 to the popular heist film series Ocean’s 11, Gan stated that cybercrime is far more lucrative and less risky way to make money than a heist. Cyber attacks come in two formats:

  • Attacks that are to make money
  • Attacks to make a point (hacktivism)

When the cyber attacks are instigated by nation-states, they are morally ambiguous. It’s hard to know who is the good guy or bad guy.

Cyber Attacks by Nation-States

  • September 2018 – Check Point discovered an Iranian state-sponsored mobile surveillance operation against Iran’s own citizens called “Domestic Kitten.” Iran claimed that the attack was begun in 2016 and was using decoy content to get people to download mobile apps with embedded spyware. Those apps then collected sensitive information about targeted citizens including Kurdish, Turkish and ISIS supporters.
  • Lazarus, North Korean cyber hackers, are also politically motivated. In September 2018, a report showed that its worldwide attacks on U.S. and South Korean websites including Sony looked to be funded by the Kim Jong-Un regime.
  • 2016 Election hacking in the U.S. from Russia caused concerns for democracy in several countries.
  • In October 2018, the UK government reported that Russian military intelligence was the actor behind a string of cyberattacks.

As a result, cybercrime experts advised to strengthen cybersecurity capabilities instead of using political sanctions. Despite warnings, it looks as if Russia will attempt cyberattacks in 2019 and 2020 elections.

Cryptomining Overtaking Ransomware

Routine, day-to-day cyber attacks are designed to earn money for the cyber criminals. This is becoming more used than ransomware which was bigger in 2017. One virus, WannaCry ransomware virus, infected computers in businesses, hospitals and schools in 150 countries.

“We see a quite steady decline in 2018 in the use of ransomware. It’s definitely not gone but it’s slightly more targeted these days towards companies that are more likely to pay significant amounts of money for the data they stand to lose,” Gan reported.

Instead, cryptomining is on the rise into 2019. This malware allows cyber criminals to hijack the victim’s central processing unit (CPU) to mine crypto currency, using up to as much as 65 percent of the CPU’s power. This type of attack was the leading attack in 2018, with 42 percent of global organisations hit between January and September, over double the 20.5 percent hit in the second half of 2017. The opposite of a ransomware attack, cryptomining is a stealth crime as it’s perceived by victims. Criminals like it more than ransomware, because it’s easy to begin, hard to trace, and has a long-term earning potential.

Crypto Currency Monero

The top three most common malwares seen in 2018 were crypto miners mining the Monero currency, says Check Point. Monero is preferred over Bitcoin because unlike the more well-known cryptocurrency, Monero is effectively untraceable and can use typical computer hardware very effectively for mining, while Bitcoin requires custom-made and optimised chips.

The cryptocurrency Monero has privacy features that cloak its transactions. When someone sends you Monero, you can’t tell who sent it. If you send Monero the recipient will not know who it is from. Bitcoin isn’t anonymous; people can trace every Bitcoin block, address and transaction. Bitcoin is not truly anonymous, so people can search for and trace every Bitcoin block, transaction and address.

Phishing in 2019

Phishing, one of the most common online fraud tactics, can easily get ahold of private information including credit card details, usernames, and passwords through email. In the third quarter of 2018, RSA detected 38,196 fraud attacks worldwide including phishing scams. Even with an awareness of phishing, many people still fall for these fraudulent attacks to get personal information. These crimes increase during the holiday season when many people are online shopping, especially Black Friday (Friday after American Thanksgiving) and Cyber Monday (Monday after American Thanksgiving). Without the proper malware attachments, these phishing emails often slip through other cyber defences. In fact, cyber security company Agari found that 54 percent of email phishing attacks use a well-known brand’s name to deceive recipients including Amazon, Microsoft, and Bank of America.

How Can an Organisation Protect Itself?

If you own or work for a company looking to protect itself, there isn’t a single approach that will guarantee success.

“You have to understand the complexity of the problem, you have to address the different angles in different capacities, and you always have to have multiple advisories and engines that combined can give you that accuracy that you require from a product that you’re actually going to use. Accuracy is number one in order to be practical because when you’re not, the reality is that people in the organisation will start getting angry – ‘I needed that email but it was blocked by your security system,” according to Gan.

Can We Win the War Against Cyber Crime?

With the rapid development of technology, that question is difficult to answer. Check Point is skeptical that cyber security can eradicate cyber crime. Gan states that the solution should be a three-part defence that involves government regulation, law enforcement, and manufacturers. We must regulate manufacturers of electronic devices to require them to use operators that comply with security requirements. And law enforcement has to hunt down and punish cyber criminals.

myGov Outage Upsets Tax Return System Causing Mayhem

myGOV outage

myGov Outage Upsets Tax Return System Causing Mayhem

If you’ve experienced difficulties with the Australian Government’s myGov website, you aren’t alone. The myGov portal — the online system that Australians use to access their employer payment summaries for tax purposes and to access Medicare and Centrelink services — was down on Friday morning, July 12th. Later, a tweet went out announcing services had been restored, but there might be further issues logging in as the system booted back up.

myGOV outage

However, while Tax Office service through myGov were affected, the ATO stated that tax returns were still being processed and paid as usual. ABC News reported that the issue with myGov was “a technical issue with a communications switch,” unrelated to the Telstra outage. A spokeswoman for the ATO said that they were working to restore services as rapidly as possible and the shutdown would not have any impact on people who had already lodged their tax returns. In fact, the ATO had already processed more than one million tax returns with a value of $882 million paid into accounts that morning. In addition, 110,000 tax refunds worth $292 million would be paid to recipients that same afternoon amounting to a total of 500,000 refunds worth $1.2 billion into people’s bank accounts.

Another spokesman for the Minister for Government Services, Stuart Robert, also issued a statement that the system was down, causing problems with access and speed with myGov. Apologies were also issued.

Extended Reporting Deadline for Welfare Payments

The shutdown also caused problems for people who needed to report for welfare payments. One recipient stated the fear that all recipients might have. He was worried that he would be penalised for not reporting his job search efforts on time due to the myGov outage, causing a docked payment. This man, a 55-year-old living on the central coast of NSW, had been searching for a new job since January, but currently was relying on Newstart. When he called his employment services provider, they told him they didn’t control myGov, so he was out of luck. After that, he was worried that Centrelink would impose a penalty because he couldn’t log in. That assumption turned out to be false according to a statement from a Department of Human Services spokeswoman. She further related that “all services are now available, however a small amount of people may still experience intermittent issues logging in as we return to full capacity.”

An investigation is already underway to determine the cause of the shutdown, but it wasn’t due to a cyber attack. She also confirmed that all regular payments were dispersed overnight, and apologised for any inconvenience the outage caused for users. The deadline for reporting employment income was extended until 7:30 pm AEST, and it was suggested that only people with urgent business use the site until it was fully restored.

One user, Jeffrey, who lives on the south coast of NSW, complained that his pension payment didn’t appear in his bank account as stated. It normally appears every second Friday morning according to ABC News. He tried to call Centrelink, but wasn’t able to connect. He was worried about being late on his rent payment.

Telstra Apologises for Expensive Retail Outage

Telstra offered an apology to customers after a national outage Thursday, July 11, in the afternoon which was caused by an unusually large volume of traffic across the network in New South Wales.

Telstra has apologised to its customers following a national outage on Thursday afternoon, saying it was caused by “an unusually large volume of traffic across the network” in NSW. The outage took place from about 2:30 pm through late evening, and shut down electronic payments at several retailers including Caltex and Woolworths, and some banking services. In an interview with ABC News, Dominique Lamb from the National Retail Association said,

“Given both the time of day and the businesses affected, the Telstra outage certainly caused a large degree of inconvenience for both shoppers and retailers yesterday. As some shoppers would have paid with cash instead or simply delayed the purchase of essential items, such as groceries, it is still a little difficult to ascertain the exact cost to retail sales at this early stage. The amount in lost sales could be as high as $100 million for the day, however, hopefully much of it will be recouped by customers simply doing shopping today and tomorrow rather than yesterday.”

Telstra said it would consider compensating businesses, and that their account executives are discussing the impact on revenues with their customers. The Telecommunications Industry Ombudsman (TIO) urged customers to contact Telstra first, but contact the TIO if their issues were unresolved.

Cyber Attacks Ruled Out by Telstra

The ATO and Telstra have faced several outages and technical issues disrupting service to customers in recent years. Twitter also had a worldwide shutdown on Thursday, July 11, which affected their stock price. It’s unknown whether the Twitter outage was caused by Telstra. Telstra did rule out a cyber attack as a cause of their outage. It did affect Telstra’s IP services including EFTPOS, ATM and other payment platforms.

One Problem with Going Cashless

Telstra’s outage did bring to light potential issues for Australians relying on a cashless society. During the shutdown, consumers couldn’t make electronic purchases, and also couldn’t withdraw cash from ATMs.

Telstra’s outage on Thursday highlighted potential problems of Australians increasingly relying on a cashless world. In November 2018, Reserve Bank of Australia Governor Philip Lowe stated that cash will become a niche payment sooner than people may think. The RBA reported that Australians make an average of 500 electronic payments per year. There has been a decline in cash use, however, the value of banknotes on issue has increased relative to the size of the economy. In November 2016, a survey of consumer payments based on a number of 1500 people found that although the share of payments made in cash continued to fall, case was still used for more than 1/3 of consumer payments. Cash was primarily used in transactions less than $10, and older people were more likely to hold more cash.

What Are the Chief Benefits of Cloud Computing?

Cloud Computing

Cloud Computing

Chances are, you already use cloud computing in your personal life with applications such as Facebook, Gmail, and Dropbox. But what about your business?

According to a recent study, 31% of companies still don’t use cloud computing to organize and operate their business. Although some of these companies stated they plan to implement cloud computing at some point in the future, this still leaves a large margin of businesses who are, dare we say, living in the dark ages of information technology.

Numerous misconceptions about cloud computing are usually to blame for this. Ahead, we’ll dismantle these concerns by detailing the most potent benefits of using cloud computing in your business or organization.

Top Benefits of Cloud Computing

1. Access From Anywhere

One of the most useful benefits of the cloud is the ability to access your company’s data, software, applications, and more from anywhere in the world. As long as you have an Internet connection, you’ll be able to access the cloud.

For certain businesses, this provides the ability to hire remote workers. Employees, likewise, generally enjoy the ability to work from home or remotely at their leisure. On business trips, huge amounts of equipment aren’t necessary when all necessary data and services can be accessed via any WiFi connection.

2. Always-Up-to-Date Software

Many programs that your business may require will need occasional (or seemingly daily) software updates to continue to run properly. Instead of having to allow and wait for these updates every time you log on to your computer or an individual program, cloud-based software automatically updates and refreshes (unless you tell it not to).

For employees and your entire business, this means valuable time saved. Furthermore, as a result, fewer IT resources and in-house specialists are required to oversee updates and server maintenance.

3. Loss Prevention & Reliable Backup Protection

With cloud-based storage and computing, much less data will be lost from careless errors, computer glitches, or malicious software (malware). Furthermore, in the event of an emergency, cloud-based storage allows for immediate backups to be procured and implemented.

Formerly, backing up entire collections of data and programs would take an immense amount of time and take up valuable space. As a result, many companies did not perform routine data backups and were thusly in big trouble when problems would inevitably arrive.

4. Added Security

Security is a major issue when it comes to cloud-based storage and cloud computing as many company heads and managers falsely believe that the cloud is more susceptible to security problems than in-house data storage on servers.

Actually, cloud security is extremely effective and robust. That’s because maintaining adequate security is one of the most important responsibilities that a cloud host has. Likely no one is more efficient at security than the leading cloud hosts.

Furthermore, many security issues actually arise from internal theft. In these situations, off-site data storage is much more effective than on-site server storage.

5. Saved IT Costs

While it is true that switching from in-house data storage to a cloud-based data storage system does come with an initial price tag, the long-term cost benefits of this switch will surely be in your favor. In fact, cloud computing comes with a huge return on investment (ROI) across the board.

For example, starting any new project, backing up your data, and implementing new services and programs can all be completed much more easily with the cloud. Of course, in this way, easier means cheaper.

Instead of having to install important programs and applications on all of your employees’ computers, for instance, the cloud enables you to purchase one cloud subscription for everyone. Within reason, no matter the device, no matter the location, your employees (or clients, customers, etc.) will always be able to access the services of that program as well as up-to-date data.

Furthermore, you only have to pay for the cloud storage you actually need. If you’ll simply be backing up files and keeping inventory information on the cloud, for example, you won’t need to pay for the larger amount of space that might be required to store massive amounts of sensitive data. The price tag of your cloud services will always be catered to your unique needs.

If your company or organization hasn’t made the switch from in-house servers to the cloud yet, consider it a must for your 2019 to-do list. As the business world moves further and further toward complete cloud and Internet reliance, your business will certainly go the way of the dinosaur if you’re not on board.

Teams or Slack: Why Organisations Use One or Both

Slack or Teams

Slack or Teams

Microsoft Teams and Slack are both team collaboration applications with large percentages of the market. Both apps have their adherents, but what’s most interesting about them, is that many companies use both of them in tandem. Mio, an Austin, Texas-based startup that sells software to enable communication between different messaging tools, polled 200 IT decision-makers at organisations ranging in size from hundreds to hundreds of thousands of employees. What they found out was that 91 percent of businesses use at least two messaging apps; Slack and Microsoft Teams are present in 66 percent of the organisations surveyed.

Why Do Organisations Use Both Slack and Teams?

Mio found out that companies use team collaboration apps for different reasons. A business that acquires another company that uses Slack, may leave it in place. Another reason is that certain job roles prefer specific tools. In this case, Slack is more popular with tech-heavy roles.

IT decision-makers try to accommodate their engineering teams who love Slack, at the same time, standardising the majority of the company with usage of Microsoft Teams. This dynamic matches recent trends in enterprise messaging with specific tools used for varying needs. Developer teams often use Slack, but then select Teams for a company-wide rollout because it meshes with Office 365.

Sometimes messaging apps are adopted without any corporate input. A work group may adopt Slack without checking with their IT department. In fact, there are companies that have more than four team collaboration tools being used simultaneously.

Which App is Used the Most Often?

Slack is the most widely used app, according to the results of Mio’s survey. 65 percent of companies surveyed use it. Skype for Business comes in second place with 61 percent, and Microsoft Teams is in third place right behind with 59 percent. Slack, which just went public on the NYSE, has over 10 million daily active users and 85,000 paid customers. The survey’s respondents cited Slack as being the most user-friendly with 31 percent, while Microsoft Teams came in third behind Cisco’s Webex Teams, cited at 21 percent by respondents.

Results from the survey also indicate that Slack is doing very well with large business, usually Microsoft’s core market. 75% of companies with more than 10,000 employees said they use Slack.

Which Companies Use Microsoft Teams?

Microsoft Teams came out in 2017 and it’s been distributed widely within Office 365 subscriptions. Over 500,000 organisations use Teams, although the company doesn’t break out active user figures. Microsoft Teams has grown quickly, beyond the experimental stages. Large-scale deployments of Teams have occurred in Microsoft’s large enterprise customer base.

What Issues Crop Up with Multiple-App Usage?

One of the biggest issues with multiple application usage within the same company is interoperability challenges. So far, there aren’t a lot of choices to communicate between apps. One company, 8×8, lets users communicate with different apps through their X-Series team chat platform. However, at this point there is no way to communicate with external chat applications natively. Without this, often employees can’t talk to each other.

Without global communication within a company, decision-making gets slowed down, productivity decreases, and inefficiencies occur. It’s important for IT to be aware of potential problems. As long as different apps are used for different use cases, the system will work. However, if every team has a unique way of communicating, chaos can ensue. More than one team can be working on the same project without knowing about each other.

How Difficult is it to Migrate Users to a New Messaging App?

Moving users from one messaging app to another can be a huge project. Consolidating apps requires best practices regarding content, because there is no way to pull up content from one app to another.

What Is Managed IT Services & Who Provides Services

Managed IT Services

As managed IT services have grown in popularity, you’ve probably heard the concept touted often as the answer to your business’s IT woes. Still, there can be plenty of mystery on the topic. What is managed IT services, exactly? How do organizations integrate managed IT services into their existing business and workflows? Also, who provides these services? In today’s business blog we’ll answer these questions and more.

What Is Managed IT Services Exactly?

Managed IT services is a broad term describing any scenario in which a company (that’s you) partners with a vendor, called a managed service provider (or MSP), to handle some or all IT responsibilities for the company.

The exact services that MPSs offer range pretty widely. Companies, too, vary widely in terms of their IT infrastructure and needs, as well as exactly which IT responsibilities they choose to outsource to an MSP. Some firms may contract with an MSP to handle absolutely everything about their IT infrastructure. More commonly, companies will outsource only certain portions of their IT workload.

It’s a little easier to understand the concept of managed IT services by looking at some examples of how they are currently being used in several types of organizations.

How Do Organizations Utilize Managed IT Services?

Businesses implement managed IT services in a whole host of ways. Here are a few examples.

Some companies look to a managed service provider to handle all or nearly all its IT needs. Growing small businesses, for example, may not have much (or any) in-house IT presence. They need capabilities that they don’t have, and they find it simpler and more affordable to contract with an MSP than to build out their own in-house IT team.

On the other end of the spectrum, a medium or large business with an established in-house IT team might look to a managed service provider to alleviate some stress on that team. A larger firm might outsource helpdesk-level support, for example. In doing so, the company would empower its in-house team. Free from the distractions of troubleshooting workstations and managing software installs, the in-house IT specialists can focus their attention on the higher-level tasks they were hired to do.

Businesses of any size can also look to an MSP to fill a specialized need. Some areas of IT have unpredictable costs, and others are simply cost-prohibitive for many smaller businesses to build on their own. Some areas can be difficult to hire for, too. Examples of specialized needs that can be met through managed IT services include cyber security, information security and compliance, and cloud services.

What Are Reasons to Choose a Managed Service Provider (MSP)?

Businesses who have embraced the managed IT services model do so for a wide variety of reasons. Some are unique to specific industries, but many are universal. Here are a few reasons it likely makes sense for your business to choose a managed service provider for your managed IT services needs.

Scaling for Growth

Scaling your IT infrastructure has real costs when you do it in house. You need additional equipment, additional floor space to house the equipment, and additional personnel to install, run, and monitor the equipment. Managed service providers, on the other hand, already have the equipment. They’re running servers for dozens of businesses, so they have automatic capacity when you need more. They can leverage the economy of scale in a way you can’t.

Growth isn’t just measured in headcount, either. Device count continues to increase, too. Employees expect to be able to interact with systems using their work computer, laptop, tablet, and phone—both on site and off. Your in-house team doesn’t have the time to support all these device issues. A managed service provider does.

The Talent Gap Is Real

If you have an in-house team, are you having trouble keeping it fully staffed with well qualified people? You’re not alone. One reason is that the US has reached full employment, making domestic hiring more difficult than ever before.

Another more serious reason is the digital talent gap. In 2017 (that’s before we reached full employment), 54% of companies were having difficulty finding workers with the right digital skills. It’s not gotten better.

Fill your business’s talent gap by partnering with an MSP. The right MSP will have the specialties you’re missing and will be able to work in harmony with your in-house team.

IT Managed Services

Who Provides Managed IT Services?

If your business is looking into working with a managed service provider, you may be asking who provides managed IT services. The good news is you have plenty of options. There are quite a few local providers offering managed IT services in every metropolitan area, and there are a few global players as well. We’ll get to that distinction, but first, a word on services offered and specialization.

Services Offered and Specialization

The first question businesses should ask is whether an MSP offers the services they need. Not every MSP has exactly the same offerings or experience, so don’t be afraid to ask pointed questions. Don’t just ask whether they offer a given service; ask how many clients they’ve served with it.

Some industries, like healthcare or finance, have developed specialized IT needs. Accordingly, some MSPs specialize in specific industries or technologies. In short, look for niche players if you’re in a niche industry.

Local vs. Global MSPs

Choosing a local firm means getting local, boots-on-the-ground support. The best local firms offer a wide spectrum of services, including extended hours, and have the infrastructure and personnel depth you need. You’ll get individualized attention and you’ll support your local economy.

Choosing a global firm like Amazon’s AWS gives you access to more raw power and, often, innovative technology others can’t match. Customer service, on the other hand, can be a bit impersonal, and fixing on-site problems can take time.

Conclusion

If you’re looking for a quality local managed services provider, we’re here for you. Contact us today to get started.

What Is NDB Scheme?

NBD Scheme

NBD Scheme

The NDB scheme, or Notifiable Data Breach scheme, is a requirement that was developed by the Australian government for all agencies and organisations regulated under the Privacy Act 1988. These entities are required to notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a data breach is likely to result in serious harm to individuals whose personal information is involved in the breach. First commenced on 22 February 2018, the NDB scheme outlines exactly how an organisation should proceed when a breach occurs.

Available Guides

The Australian government has created two guides for action in the occurrence of a breach.

History and Overview

The NDB scheme was established by the passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017. The scheme applies from 22 February 2018 to all organisations and agencies with existing personal information security obligations under the Privacy Act. It obligates these entities to notify anyone whose personal information has been involved in a data breach that is likely to cause serious harm. The notification must include recommendations about the steps individuals should take in response to the data breach. The Australian Information Commissioner must also be notified.

In order to comply with the NDB scheme, agencies and organisations must prepare themselves for the possibility of a data breach, and how to respond quickly to reduce and contain the resulting harm. To notify the Commissioner, entities should use the Notifiable Data Breach form.

Section 6 of the Privacy Amendment (Notifiable Data Breaches) Act 2017 says that the scheme applies to incidents where personal information is subject to unauthorised access or disclosure, or is lost.

Who Must Comply?

Agencies and organisations that the Privacy Act requires to secure specific categories of information are required to comply to the NDB scheme. This list includes the Australian Government agencies, not-for-profit organisations and businesses with an annual turnover of $3 million or more, health service providers, credit reporting bodies, and TFN recipients.

When is Compliance Required?

A data breach occurs when personal information stored by an organisation is lost or subjected to unauthorised access or disclosure. Not every data breach requires compliance. Only those data breaches involving personal information that are likely to cause serious harm require NDB scheme compliance. The NDB scheme calls them “eligible data breaches.”

Examples of a qualifying data breach include:

  • A database with personal information is hacked
  • Personal information is provided to the wrong person by mistake
  • A device containing customers’ personal information is stolen or lost

There are a few exceptions that don’t require notification outlined in the Data breach preparation and response guide. If a data breach is suspected, agencies and organisations are required to assess quickly if it is likely to cause serious harm.

How to Notify

If an eligible data breach has occurred, individuals at risk of serious harm must be promptly notified. The Commissioner must also be notified as soon as practical. Notification must include the following information:

  • Name and contact details of the organisation
  • Description of the data breach
  • Types of information affected
  • Recommendation of steps that individuals should take in response to the data breach

The Commission is notified using the Notifiable Data Breach form.

Role of the OAIC

The Commissioner has several roles under the NDB scheme.

  • Receiving notifications of data breaches
  • Encouraging compliance through handling complaints, taking regulatory action and conducting investigations
  • Offering guidance to organisations, and information to the public about the scheme

Your Windows 7 Checklist

Windows 7 Checklist

Windows 7 Checklist

When you’re working hard to grow your business, you can get caught up in things that take your attention away from your technology. Before you know it, your IT system isn’t up to speed because you failed to update an operating system. We don’t want this to happen. This is why we’ve provided a checklist about Windows 7, its approaching End of Life (EOL), and what you should do.

It’s Time To Upgrade From Windows 7

Extended support for Windows 7 will end on January 14, 2020. This means that Microsoft won’t provide security updates for PCs running Windows 7. This could put your IT system at risk for security and reliability issues.

We recommend that you plan your upgrade now. And, if you run a business, we advise that you skip Windows 8 and upgrade to Windows 10 Pro.

Skip Windows 8 and Migrate To Windows 10 Pro

Windows 8 product enhancements (mainstream support) ended back on January 9, 2018. And reliability and security patches will end on January 10, 2023 (the end of extended support). This may seem like a long time from now, but if you’re upgrading anyway, shouldn’t you use the most current Windows program? Windows 10 Pro offers the very latest technology, and it’s built for business use.

Windows 10 Pro Will Benefit Your Business

  • Increased Security is incorporated with ongoing protections like Windows Defender Antivirus, BitLocker, a Firewall and more (at no extra cost to you).
  • Windows Remote Desktop ensures that you can access your files from any PC or tablet with an internet connection.
  • Automatic Cloud Storage will store and protect your Word, PowerPoint and Excel files from system crashes.
  • Sign In 3 Times Faster by using Windows Hello with Facial and Fingerprint Recognition.

Take Advantage of New Features In Windows 10 Pro

  • Windows Ink with Touch Screen & Digital Pen Capabilities
  • Windows 10 Pro pairs with Office Documents and Other Apps
  • Microsoft Edge with faster and safer web browsing, automatic form filling, type or write on webpage capabilities, and much more
  • Cortana voice-activated digital assistant integrates with your calendar and other Windows apps.

You Have Two Choices For Upgrading

1. Migrate your existing machines to Windows 10 Pro.

2. Replace your old computers with new Windows 10 devices.

Consider This Before You Migrate To Windows 10 Pro

Are your current apps compatible with Windows 10? (Check Microsoft’s App Directory to be sure.)

Do your existing computers meet these system requirements?

  • 1GHz processor or faster
  • 1GB RAM for 32-bit; 2GB for 64-bit
  • Up to 20GB available hard disk space
  • 800 x 600 screen resolution or higher
  • DirectX 9 graphics processor with WDDM driver

There are 2 Migration Tool Options

1. Windows Easy Transfer

  • For a small number of computers or a single customized deployment.
  • Transfer files and settings via a network share, USB flash drive, or Easy Transfer cable.
  • Can’t use a regular USB cable to transfer files and settings

2. User State Migration Tool (USMT) 10.0

  • Best for large-scale automated deployments.
  • Uses .xml files to control which user.
  • Accounts, files, and settings are migrated.
  • Use for side-by-side migrations for hardware replacements, and wipe-and-load migrations.

Test The Quality & Performance of Your New System

Use the Windows Assessment and Deployment Kit (ABK) to test the quality and performance of your system, and to customize Windows images for large-scale deployments.

Need Help Upgrading To Windows 10 Pro?

We’re always here to help and answer your questions