Huawei Enterprise Awards

Paul Hanson, Director of Birmingham IT consultancy eSpida, has been crowned Huawei’s presales person of the year at the IT and telecoms giant’s UK enterprise partner summit. The award commends Paul’s enterprise IT expertise and commitment to finding strategic uses for Huawei’s technology to provide value for mid-to-large size businesses across the UK.

Paul’s award win is an affirmation of eSpida’s position as a leading UK Huawei partner for enterprise, fending off competition from the 300+ Huawei partners across the country

The award was given in part due to the success of recent projects Paul has delivered with eSpida, for businesses including high street retailer The Works, building materials manufacturer Kingspan and the Birmingham Hippodrome.

In the case of The Works, eSpida modernised the company’s IT infrastructure to help the company’s website automate its warehouse operations, improving distribution to its network of over 400 physical stores and improve productivity by 60 per cent.

“Paul was nominated based on his contribution to several key projects in the UK,” explains Michael Rae, Channel Director at Huawei Enterprise. “Apart from the projects themselves, Paul has embraced Huawei’s end to end technology offering and has the proficiency to position Huawei as a key technology vendor. Paul’s expertise coupled with our huge focus on innovation authenticates eSpida’s position as a long term strategic Huawei partner.”

This focus on strategy is indicative of Paul’s view of modern enterprise computing, where he argues that IT is becoming an increasingly valuable resource for businesses rather than just a system to support operations. This philosophy is reflected in the work of eSpida.

“To be presented with the Huawei presales person of the year award is a humbling reflection of not only my work, but the achievements of the whole eSpida team,” explains Paul. “Huawei represents a comprehensive enterprise portfolio that I am proud to be connected with and to recommend to businesses.”

“For most companies, digital transformation is a key area of focus that many IT specialists are still struggling to address, which makes Huawei’s enterprise technologies invaluable to them. The first step to successful digital transformation is to have the right infrastructure in place. This lays the groundwork for technology that gives businesses the option of providing IT solutions as complementary services to existing products, adding value to the business.”

“While we are a Huawei partner, at eSpida we don’t set out strictly to sell the product or system. For us, success is delivering first class IT consultancy, giving our customers the tools to facilitate their growth and get where they ultimately want to be. It’s this ethos that underpins our work, and it’s with this ethic that we provide everything from Huawei blade servers to private cloud architecture to make businesses as agile and effective as they can be.”

eSpida is an authorised Huawei Enterprise partner, providing a range of networking, communications, cloud computing and infrastructure services from Huawei’s extensive enterprise portfolio. For more information on eSpida’s award-winning IT consultancy and IT infrastructure solutions, email info@espida.co.uk or call 0344 880 6145.

Laptop security

With GDPR now in place, what should businesses consider in order to set good policies around data at the different stages in the data journey, such as when it is at rest, in transit, in the cloud? And what will GDPR mean for this?

This blog, from Nigel Crockford, Business Development Manager at IT consultancy and data security specialist eSpida discusses data policies.

Data policies

A good data policy must clearly outline how data will be managed from collection through to storage, with an unambiguous set of procedures detailing how, why and by who. This is necessary for businesses to protect themselves under the new GDPR law. This includes a clear policy on the use of email as a method of storing and moving data.

The proliferation of email has meant that it is far too easy to embed malware into an email that will then sit in an inbox for weeks or even months. Organisations should start to adopt policies that take advantage of instant messaging for general peer to peer communications, to minimise the risk associated with over-reliance on email and email security.

The cloud

When multiple people have access to data, which is often the case with information stored in the cloud, there is a greater concern of loss, amendment or handling without necessary permissions. Businesses must have a procedure in place that not only ensures only authorised people directly handle data, but that every person who may process data in some way does so safely.

Data loss prevention (DLP) solutions help to form good policy to help identify, report and stop the movement of data in and out of your network.

IT security best practice

If a person’s device or computer has access to a system that holds data, any viruses that affect it or hackers that attack it can pose a potential risk to data security. It’s crucial that good IT security practice forms an integral part of business culture.

IT security best practice includes:

  • updating systems
  • upholding policies around patch management to ensure systems are kept up to date and protected against hacking
  • installing antivirus software
  • setting secure passwords
  • using more advanced security solutions such as two factor authentication

The introduction of GDPR has made such policies and best practice even more important.  If you feel your business is vulnerable, an IT consultancy offering IT security solutions and services such as eSpida can help.

Using SMS to prevent Cybercrime

2017 was the year ransomware hit the headlines hard and it seems the threat is also prevalent in 2018.

Security chiefs and CIOs need to be mindful of the risk surrounding their IT systems and data and take a proactive approach to IT security. While we consider today’s attacks, the cyber criminals are 10 steps ahead planning the attacks of the future.

So what are the security threats of 2019 that IT professionals should be paying particular attention to?

We’re only human

Ransomware exploits vulnerabilities and in today’s business environments, these vulnerabilities often occur as a result of human error. For many organisations, the risk of attack lies with a lack of education among employees about how to manage any information they receive and how this information is collected.

The widespread practice of using e-mail in our personal and work lives has made it the instrument of choice for malware attackers. This is because there is an attitude of complacency with regards to receiving e-mails; the sheer volume we receive and send can blind us to the threat of malicious embedded links or attachments that may come from a seemingly innocuous or familiar source.  The same is also true of malicious web pages in browsers, as we saw with the recent Coinhive attack.

Safer business communications

If businesses continue to use mature applications like e-mail to share information and data, then we can expect more businesses to be exploited by Ransomware in the future.

Since e-mails are a top target for malware attacks, we recommend that businesses employ instant messaging tools for business communication. SMS technologies like this are particularly effective against ransomware as they limit what your systems can be exposed to, reducing the risk of attack.

Rectifying a problem after it has struck in not an effective solution.  We must remain proactive and keep cyber crime at bay.

eSpida Limited partners with world leading technical brands such as ForcepointHuawei Enterprise and WatchGuard to provide best in class IT consultancy and IT security solutions.

Do you remember the WannaCry attack from May 2017?  How about the NotPetya attack in June 2017? While the WannaCry attack made national headlines, other attacks may have slipped your mind. But the $300 million lost by pharmaceutical giant Merck to NotPetya won’t be forgotten in a hurry.

It goes without saying that businesses of all sizes need to be cautious of ransomware, but what should they do when faced with an attack?

Featured on Digitalisation World, Nigel Crockford, Business Development Manager of Birmingham based IT consultancy eSpida, explains the steps to take.

The article is available in full here.

Retail outlet

TheWorks.co.uk is set to continue growth in its ecommerce business as well as the number of physical stores it operates. Following a successful transition to a new IT infrastructure with the help of IT consultancy eSpida, TheWorks.co.uk was able to move to a new head office in Warwickshire at the start of 2017. The success of the project can be viewed in a short film on the case studies page.

As part of the milestone move in 2017, eSpida helped TheWorks.co.uk automate its warehouse operations to improve distribution to its network of over 400 physical stores and ecommerce business. The move was managed using a phased transition, which involved all-round upgrades to virtual servers, storage and security, which has subsequently resulted in a 60 per cent improvement in productivity.

“Since the project was delivered by eSpida at the start of 2017, we’ve seen some drastic improvements to our business,” explains Tom Scott, IT Director at TheWorks.co.uk. “We’ve been opening one new store per week for the last three years and we needed a new platform to help us do this.

“Our ecommerce business is now handling 30 per cent more transactions like-for-like compared to the previous year. eSpida helped us to make crucial upgrades to our IT infrastructure to improve our capacity and our ability to deliver fast, accurate distribution and stock management to our network of 440 physical stores, up from 280 stores three years ago.

“We are now 60 per cent more productive with the same size of team. Where our IT infrastructure team was previously spending 80 per cent of its time on support activities and only 20 per cent on new business development, we’ve been able to flip this so that 80 per cent is now spent on new development projects.

“The increase in capacity means we can spend more time as a business thinking more strategically. It has given us better use of a new development environment for testing new software; we’ve been able to upgrade our email system and roll out better encryption in preparation for new general data protection regulations (GDPR).”

Better automation helped to free up much of this capacity. The warehouse, for example, uses an improved order-picking system where the WiFi controlled picking is better managed through handheld terminals.

“It’s not always easy for companies to instigate change in their organisation,” explains Nigel Crockford, Business Development Manager at eSpida. “Many companies find it difficult to go from their ‘as-is’ status-quo to their desired ‘to be’ status where they can offer valuable growth and improved efficiency to their bottom line.

“Peak seasonal events such as Black Friday can put any business under strain. However, we helped TheWorks.co.uk manage this easily by making key improvements to their communication network across their shops and back to the centralised data centre, as well as better disaster recovery and improved bandwidth.”

With the help of eSpida, TheWorks.co.uk has also been able to increase the amount of time available to the IT staff after the day to day running of IT is dealt with, giving them greater proactive management capacity.

“We can now log on in the morning and access up-to-date sales data that helps us to quickly and easily analyse the previous day’s performance,” explains Scott. “This not only improves stock management, it allows us to deliver customer orders faster and puts us in good stead for our growth plans for the next three to five years.”

eSpida has produced a short film about its project with TheWorks.co.uk, which can be viewed at http://www.espida.co.uk/2017/08/14/working-with-infrastructure-specialist/. This video will help anyone considering upgrading their ageing infrastructure and explain how a specialist such as eSpida can help to safely and securely manage this change.

Cybercrime prevention with Forcepoint

The General Data Protection Regulation (GDPR) is being dubbed as “the greatest change in data privacy regulation in over 20 years”. It will replace the Data Protection Act 1998 and comes into play on May 25th 2018.

With only a third of businesses said to be currently prepared for GDPR, many organisations are reportedly rushing to hire data protection officers. Whilst companies with more than 250 employees or public authorities are required to appoint a Data Protection Officer; those below the threshold are not obliged to do so.

However, all businesses are required by law to comply.

When the new regulations are enforced, businesses must have recorded consent before they can use personal data or risk severe penalties. A data breach can result in administrative fines of up to 4% of annual global turnover or €20 million – whichever is greater.

So how can technology be used in the quest to become GDPR compliant?

Data policies
Look at the way data flows through your business, review your data model and implement an end-to-end data protection strategy to meet GDPR regulations.

Data Classification
Consider the types of data flowing through your business:

• Is it freely available?
• Does it contain personal information?

Data should be protected by the authority in a data classification system.

Encryption
Encryption translates data into code, so that only people with access to a key or password can read it. At present it is one of the most widely used data security methods in the protection of data and its confidentiality across all devices.
By encrypting information, businesses can take control over their data by validating users and ensuring data authenticity when data is used and transferred.

Data Loss Prevention (DLP)
Data loss prevention software uses detection techniques to recognise sensitive data. It enables businesses to determine why and how information is being used and therefore identify any data breaches or misuse. It is highly recommended to protect businesses from insider threats.

Two-factor authentication (2FA)
Most standard online security procedures involve a username and password. With the ever increasing level of cybercrime, an extra layer of security is recommended to ensure data is adequately protected.

Two-factor authentication, also known as 2FA involves the use of a traditional username and password as well as a piece of information that only the user knows, such as a PIN or fingerprint.

Anti-virus/Anti-ransomware
With more than half of UK businesses already being affected by Ransomware, it is said to be a case of not IF, but WHEN an attack occurs. This is a scary prospect for any businesses, regardless of size which is why antivirus & anti-ransomware software are so important. By scanning systems, the software wipes out any identified ransomware attempts.

Device management
Device Management enables IT teams to control the security, monitoring, integration and management of devices such as laptops, mobile phones and tablets in the workplace to ensure the network and its data is fully secure and GPDR compliant on all devices throughout the business.

Access/identity management
Many businesses do not validate employees’ access rights and permissions to use data. To achieve GDPR compliance, businesses will need to take a much more controlled approach to minimise unauthorised access to critical information using stronger and more centralised access and identity management

Backup
With the increase in cybercrime coupled with the new laws, data backup has never been more important than it is now. Backups are vital in the event of information being destroyed, be it accidentally or maliciously.

Exploit prevention
An exploit attack is designed to slow down your computer, cause sudden application failure and/or expose your personal data to hackers.
Exploit prevention protects the applications and files that are prone to these attacks and cleverly mitigates the methods attackers use to exploit software vulnerabilities.

Patch Management
Patch management involves keeping software on computers and network devices up to date and capable of resisting low-level cyber-attacks. With older software versions, companies are far more vulnerable to cybercrime and leave obvious gaps for hackers to intercept.
It sounds basic, but the simplest technological solution in the fight against cybercrime is good patch management. By keeping software up to date and capable of resisting low-level threats, businesses are far less vulnerable to cybercrime.

For further details on GDPR I recommend visiting eSpida’s dedicated GDPR page where you can find information on preparing your business for GDPR, useful links as well as our ‘Preparing for GDPR’ whitepaper.

Our webinar brings you an update on IT security.

With cybercrime on the rise, keeping your security strategy up to date is imperative to the protection of your organisation. And with the General Data Protection Regulation (GDPR) May 2018 deadline looming, data security is now critical to legal compliance.

Watch our webinar with our resident IT security expert, Nigel Crockford to learn:

  • The changing landscape of IT security
  • The security challenges facing your organisation and its leadership team
  • GDPR and the practical implications for business
  • How to build robust security strategy to meet tomorrow’s threat

For more information about data security and how we can help you to protect your business, please get in touch on 0344 880 6145 or email info@espida.co.uk

 

DLP and CASB

With the introduction of Bring Your Own Device (BYOD) into the workplace, holes have appeared within many organisations’ security and compliance applications.  Holes which some IT users are blind to.

Software programs such as OneDrive, GoogleDrive and Dropbox that users install on their personal equipment to move files to work on outside of the workplace, are highly susceptible to such “holes”.  These transferable documents may contain sensitive data and can pose a threat to any organisation if compromised.

Cloud Access Security Broker (CASB) and Data Leakage Protection (DLP) software is designed to eliminate such issues.

What is CASB?

  • CASB stands for cloud access security broker.
  • It is an application that separates the company’s own on-premises infrastructure and an external cloud provider’s infrastructure.
  • CASBs identify active cloud applications and detect high-risk users and applications.
  • CASB extends organisational security policies beyond internal infrastructure.

What is DLP

  • DLP stands for data loss prevention.
  • DLP products enable network administrators to regulate the business data that users can transfer to ensure confidential or sensitive data is not sent outside the business network unless authorised.
  • DLP applications use predefined rules to categorise and protect confidential information to prevent users from sharing such data, be it accidentally or maliciously.

Forcepoint CASB and DLP

Forcepoint has developed its Cloud Access Security Broker (CASB) and Data Leakage Protection (DLP) applications to offer organisations an effective and efficient way to protect business-critical, sensitive data.

Forcepoint CASB along with its sister product Forcepoint DLP allows organisations to monitor who, what and when with regards the movement of information and data between the organisation and the cloud applications installed on user devices.

The software allows IT departments to discover and assess the risks of the unsanctioned cloud apps and will also enable tighter control of sanctioned cloud apps, facilitating a greater understanding of organisational data flow and the prevention of critical data loss.

These two Forcepoint products have been recognised as the market leaders in this area by analysts.  They provide industries with the most complete data protection platform, utilising its functionality in data discovery and data leakage prevention and as such provide a secure base for organisations to meet industry compliance requirements such as the General Data Protection Regulation (GDPR).

Never has an IT department’s role in the protection of data been as crucial as it is today.  Educating employees is a fundamental starting point. And to take care of the inevitable mishaps, having the right protection in place is imperative.

Take a look at the Forcepoint webpage to find out more.

As new technologies are developed, consumers have multiple devices and channels to interact via, allowing marketers to access more data than ever. However with the general data protection regulation (GDPR) deadline nearing, marketing departments must consider how they collect, store and process any data moving forward in order to meet the required level of GDPR compliance.

Featured in Digital Marketing Magazine, Nigel Crockford, Business Development Manager at IT security consultancy eSpida, explains the ways in which marketers must adapt within the thought provoking article ‘Have your customers given consent?’

The article can be read in full here

 

More than 1000 new words have been added to the Oxford English Dictionary (OED) for 2018. Words such as hangry and mansplaining! But a word you might not be surprised to see in the latest OED is ransomware, which the OED has described as:

A type of malicious software designed to block access to a computer system until a sum of money is paid.

Following incidents such as the 2017 WannaCry attack on the NHS, the British public now have a far greater awareness of cyber-attacks.  The publicity surrounding the attack almost undoubtedly contributed to ransomware being added to the dictionary.

It is interesting that the word ransomware has only now been announced by the OED, not only because it has been in use by IT professionals for some time, but also as two of its sister editions have contained this definition since at least July 2017, these being the Oxford Dictionary of English and the New Oxford American Dictionary.

A sign of the times

With nearly seven in ten large businesses identifying at least one breach or attack in the last 12 months, the statistics show that businesses across the UK are now being targeted more and more frequently by cyber criminals. The number of ransomware attacks is growing and businesses are becoming increasingly concerned with how to prevent such attacks.

Businesses which have identified attacks or breaches admit to suffering temporary loss of files, software and system corruption, third party system damage and websites sabotage.  Such incidents have frequently resulted in numerous counts of financial loss and damaged reputations.

The term ransomware has now become a word synonymous on every IT professional’s lips and rightly so should be recognised as a dictionary defined word.

Businesses of all sizes must continue to invest in cyber security and take a proactive approach to IT security in order to protect themselves from falling victim to ‘a type of malicious software designed to block access to a computer system until a sum of money is paid’.

And just in case you were wondering…

Hangry is being bad-tempered or irritable as a result of hunger and Mansplain is (For a man) to explain (something) to someone, typically a woman, in a manner regarded as condescending or patronising.

Visit www.espida.co.uk/it-security for more information or take a look at our Forcepoint partner page to see what cyber security solutions we can offer.