Social media: The potentials and the pitfalls

By on June 1, 2013 in Blog, Security, Social networking

Social media offers businesses many opportunities in terms of marketing and networking, but it doesn’t come without threats. Used incorrectly, it could have a detrimental effect on the reputation and security of your business.

Whilst companies would do well to consider the benefits of embracing an element of social networking, it should be approached with due care. Not only are security threats posed by employees who, entrusted with maintaining a business’s social media sites, could unwittingly disclose sensitive information, but also by cyber criminals who prey on these sites, considering them a prime target for their unsavoury activities.

The Cisco 2013 Annual Security Report claims that mass audience sites, such as social networking ones, are most susceptible to online security threats, with online advertisements a staggering 182 times more likely to deliver malicious content than, say, pornography websites.

The danger posed to businesses by individuals who have the power to share information with millions is the challenge they face. Not only do they have the power to disclose sensitive company information, they have the ability to spread information that is not even true and could potentially damage a business’s reputation.

Striking the right balance

However, shying away from the use of social media is not the answer, since by avoiding the pitfalls, businesses may be denying themselves the benefits. The solution comes in recognising the dangers and enforcing steps to manage them, by means of a social networking policy. “There is no way organisations can hold back the flow of social media,” says David Cripps, information security officer at Investec. “So it is better to put policies and technologies in place to manage it.”

A balance can be struck by empowering staff to manage social media sites, but making them very aware of exactly what they can and can’t do. A cohesive policy should be put in place and issued to staff, with training undertaken and refresher sessions conducted on a regular basis.

It is important, also, for business to appreciate that an analysis of social conversations can offer intelligence to improve security processes along with performance. Andrew Wallis, an analyst at Gartner, says that “analysis of public conversations can identify imminent, credible threats of physical or logical attack.”

Read more

Congratulations to our Chris

By on May 25, 2013 in Blog, Company news

M2 to would like to congratulate our very own Chris Davies on the birth of his child. Chris and Natalie, welcomed baby boy, Oscar, into the world on Friday 24th May.

Mother and baby are both doing well, and here in the office we can’t wait to meet their bundle of joy!

 

Read more

Cyber attacks on SMEs: Prevention is cheaper than cure

By on May 22, 2013 in Blog, Security

According to the government department for Business, Innovation & Skills (BIS) small to medium enterprises are becoming increasingly susceptible to cyber attacks, putting their confidential information at risk.

In its 2013 Information Security Breaches Survey, the BIS reported that a startling 87% of all SMEs have been hit by a security breach of some description in the past year. Needlessly, this is costing those businesses affected up to 6 per cent of their annual turnover – a figure far higher than what it would cost to invest in preventative measures.

With most SMEs using the internet to do business, make purchases, sell their services and market themselves, all are vulnerable to attacks. So if you haven’t already you must instill basic security practices.

What’s at stake?

Failing to take sufficient precautions could pose a threat to your website, your in-house IT systems, your bank accounts, and sensitive company information.

This could have a disastrous impact on your finances in many ways – either through cyber criminals gaining access to your accounts and making purchases through it, through a financial loss due to a disruption to trading, or through the costs involved in remedying the damage of an attack. You could also incur fines should any personal data you have on record be compromised or lost.

Putting a security plan in place

Firstly, you need to run a risk assessment. Consider what sensitive information you have that is critical to your business and what threats it could be exposed to. What legal stipulations and compliance regulations must you adhere to? It may be worth investigating whether any businesses in your sector have been subjected to any attacks so that you can learn from their experiences.

Look at investing in security controls that can be implemented to increase your defences. Malware protection will minimise the threat of virus infection. Network security is paramount and can be enhanced through the use of firewalls, access lists and proxies.

Manage user privileges to restrict access to IT equipment, systems and information only to those for whom it is vital. Ensure that data is encrypted for mobile workers and those using their own devices. Liaising with us to put a disaster recovery solution in place will ensure you remain productive should the worst happen.

The message form the BIS is clear. Making that investment now may require time and money, but it will save you a fortune in the long run.

Read more

Help! My phone fell in the water!

By on May 16, 2013 in Blog, Mobile devices, Tips & tricks

Most of us have had a near miss and many have experienced the full horrors. Our beloved mobile phone has just fallen in the sink/bath/toilet (delete as appropriate). But don’t panic – act quickly and you may save it.

Those who have been there will know that it all seems to happen in slow motion…that moment when you realise what is happening. As your heart beats faster, you begin to consider the implications…

Is it because mobile phones are so small and portable these days or just because we can no longer bear to be apart from them? Either way, they tend to follow us everywhere – even into the bathroom – and mishaps involving water are increasingly common. Of course, nowadays we store documents, telephone numbers, email addresses, photos – all manner of information – on our phones, so the consequences of something going wrong can be pretty severe.

But having fished your phone out from the scene of its watery accident, don’t consign it to mobile heaven just yet. If you perform the following steps quickly enough, it could soon be making a full recovery.

4 quick steps when your phone gets wet  

1) First things first, remove the battery – fast! Do this before switching it off – messing around with the keys could let in more water and do more harm than good. Of course, if you have an iPhone, you won’t have this option. You’ll just have to switch it off and keep your fingers crossed.

Avoid switching it back at any stage until you’ve completed all the steps below. If you switch it on too soon, you risk causing more damage.

2) Gently wipe off all excess water. Remove the battery and SIM card – wipe these too, but only after attending to your phone – that’s the most important part you want to save. Avoid the temptation to use a hairdryer. Rather than getting rid of the excess moisture, it will only serve to push it deeper into the nooks and crannies.

3) Now you need to put your phone into something which will absorb the moisture. Some uncooked rice is a readily available option. Simply fill a seal tight bag with the rice, pop the phone in and leave it for a few days. Alternatively, there are special bags and kits on the market for drawing out the excess water.

4) After a few days, remove your phone. Give it a shake – if no water droplets fall from it, you should be safe to try switching it back on – and pray for a happy ending!

Read more

Windows Start button set for a comeback in Blue

By on May 15, 2013 in Blog, Microsoft

In the face of overwhelming demand, it has been reported that Microsoft may be set to reintroduce the Start button as part of the imminent Windows 8 update, hoping to satisfy its customers’ wishes.

The removal of the Start button, which became synonymous with desktop computing, was one of the most controversial changes introduced in Windows 8. Many reviews of the new operating system, which is focused on providing a touch friendly interface, have concluded that removing the button was a mistake.

A third party Start button replacement application called Pokki has received 1.5 million downloads, suggesting that there is a huge demand for some of the conventional OS features to return.

Users reverting to traditional desktop mode

Mary Jo Foley of zdnet.com originally reported that there were whispers in chatrooms regarding the possibility of the Start button making a triumphant return in Windows 8.1 – codenamed ‘Windows Blue’ – and also said that there may be the option of booting directly to the desktop.

As it stands, Windows 8 users are greeted by the Metro-style Start menu; however, many have complained that they barely use the Start menu and once booted, switch straight back to the desktop mode.

If these two features are included in Windows 8.1, it will be quite a drastic concession on the part of Microsoft, which took a very bold step in an effort to homogenise the mobile and desktop operating environments.

Microsoft officials have maintained that the new interface is straightforward to learn; however, many desktop and business users have argued it is simply not worth the hassle.

“I find the new [user interface] more of a curse on non-touch-screen machines. As a result, I am still running Windows 7 on two of my three Windows devices,” said Jo Foley of ZDnet.

Windows Blue is expected to be released around August 2013 with the preview coming out sometime around June. With Microsoft refusing to comment, the rumours cannot be confirmed, so anything could change in the coming months.

Read more
Google Apps

Postini Services Incident Report

By on May 10, 2013 in Blog, Incident Report

Postini Services Incident Report

Mail Delivery May 7, 2013

Prepared for Postini and Google Apps customers

The following is the incident report for the Postini services outage that occurred on May 7, 2013 (GMT). We understand this service issue has impacted our valued customers and users, and we apologize to everyone who was affected.

Issue Summary

From 10:15 GMT May 7 to 3:52 GMT May 8, users on Postini System 200 (which comprises 12.7% of all Postini users) experienced severe delays in inbound and outbound mail delivery. The delays were most severe from 12:00 until 21:00, after which time delivery rates began to improve.

During this incident, inbound messages (messages sent to users) were deferred. Outbound messages (messages sent from users) were queued on customers’ mail servers. Users who sent messages received a deferral notification with errors such as “421 Server busy, try again later psmtp”. Delivery of the deferred messages was retried based on the sending server’s retry interval (which can range from minutes to hours).

A small portion of traffic continued to be processed and delivered throughout the incident.

At no time were messages lost or deleted. The root cause of this service outage was a combination of load balancer failures in the primary data center and insufficient processing capacity in the continuation data center.

Actions and Root Cause Analysis

Background: Postini services run in pairs of data centers, the primary and continuation. Messages are normally processed, filtered, and archived in the primary data center. If there is an issue affecting the primary data center, message traffic may be temporarily switched to the continuation data center.

At 10:15 GMT, mail processing performance began to degrade in the System 200 primary data center, and as designed, the automated monitoring systems directed message traffic to the continuation data center. Google Engineering diagnosed the issue, and at 11:30 GMT, they identified severe instability in the load balancer software, which is provided by a third party, as the core issue in the primary data center. The Engineering team escalated the issue to the thirdparty vendor and continued investigating the cause and restoration options.

As mail flowed through the continuation center, the message processing systems did not have the sufficient capacity for this sustained volume of traffic. As resources became consumed, this low rate of processing caused delivery delays, and the queued messages and retry attempts led to further processing latency.

At 15:48 GMT, the vendor reported that they had narrowed the source of the problem and were determining the root cause and solution. Throughout the day, Google Engineering continued to provide information to the thirdparty vendor and conduct their own investigation, and took actions to help reduce user impact.

Engineering detected an suboptimal use of processing resources in the continuation data center and at 20:40 GMT, they implemented production configuration changes that increased delivery capacity and helped reduce deferrals. Additional performance tuning measures were implemented at 22:20 GMT and 23:20 GMT to provide incremental improvements to mail processing.

At 23:00 GMT, the vendor identified the root cause—a software defect in the load balancer that affected only certain operating system configurations—and began developing a fix. At 2:00 GMT, May 8, Google Engineering implemented the vendor provided remediation and returned message traffic to the primary data center, and by 3:52 GMT, mail processing returned to normal. Customers’ messages that were initially deferred were delivered according to the sending servers’ retry interval.

Corrective and Preventative Measures

We understand this was a severe service disruption that took a prolonged time to solve, which was frustrating for our users. The Google Engineering team conducted an internal review and analysis of the May 7 event. They are taking the following actions, a number of which are underway, to address the underlying causes of the issue and to help prevent recurrence:

  • Implement fixes and recommendations provided by the vendor to the load balancer systems across all data centers.
  • Assign additional storage capacity to the continuation data centers.
  • Ensure consistency in performance tuning and configurations between the primary and continuation production systems to optimize performance in the continuation data center.
  • Review the escalation response with the vendor to significantly improve the clarity and speed of resolution.
  • Improve the Apps Status Dashboard to provide greater visibility and relevant detail about issues in progress.

Google is committed to continually and quickly improving our technology and operational processes to prevent service disruptions. We appreciate your patience and again apologize for the impact to your organization. We thank you for your business and continued support.

Sincerely

The Google Apps Team

Read more

World Wide Web turns 20

By on May 8, 2013 in Blog, Internet

Scientists at the European Organisation for Nuclear Research (CERN) have paid tribute as Tim Berners-Lee’s brainchild, the World Wide Web (WWW), celebrates its 20th birthday.

WWW was launched by British computer scientist, Sir Tim Berners-Lee and his team at CERN, a Swiss physics laboratory. The scientist first proposed the web in 1989 saying: “The WWW project aims to allow all links to be made to any information anywhere.”

The WWW actually launched August 6, 1991 but it was April 30, 1993, that Sir Berners-Lee published a statement which announced that the web would be free to use and released a browser.

To celebrate the web’s 20th anniversary, CERN has released a mock up of the first website ever published. It reads: “The WorldWideWeb (W3) is a wide-area hypermedia information retrieval initiative aiming to give universal access to a large universe of documents.”

The recreated website was reported to be experiencing server issues soon after its launch due to its popularity.

Dan Noyles, a web manager at CERN, said: “When the first website was born, it was probably quite lonely. And with few people having access to browsers – or to web servers so that they could in turn publish their own content – it must have taken a visionary leap of faith at the time to see why it was so exciting.”

The first server to host a website was a NeXT computer, which was the company Steve Jobs created after being ousted from Apple in 1985. The researchers say they aim to restore the computer to its former glory.

“The fact that they called their technology the World Wide Web hints at the fact that they knew they had something special, something big,” Noyles concluded.

Read more

The urban myths surrounding malware

By on May 4, 2013 in Blog, Security

People need to wake up to the harsh realities of online security, says a visiting professor at the University of Surrey. A lack of understanding is leaving many susceptible.

Professor Alan Woodward, who advises the government and several FTSE 100 companies on security related matters, highlighted a collection of urban myths which need to be dispelled.

“I cannot be infected simply by visiting a website”

Woodward confirms one of the most common misconceptions – that a user cannot be infected simply by visiting a website. “As with many myths it contains a grain of truth. However, you may not recognise that you are giving your permission by default to certain types of download,” says Professor Woodward.

The professor points to the use of techniques called ‘drive-by’ attacks. These methods vary using everything from Java updates to IFrames to download and execute malicious script without the user consciously giving permission.

“Reputable sites present no threat”

Next he addressed the myth that reputable sites will not contain malicious code. Woodward explained that many sites which allow visitors to comment on news posts or review products leave themselves open to exploitation.

“With webpages often being an amalgamation of content drawn from various sources, it is very difficult for webmasters to close all the loopholes,” he explained on bbc.co.uk.

“My computer contains nothing of value”

Many users claim their computer contains nothing of of any real value but Woodward says this could not be further from the truth. Something as simple as an address book is manna from heaven to a cyber criminal looking for an effective way to spread infected code.

According to computerweekly.com, figures from Infosec 2013 found that the cost of cyber breaches had increased three-fold in the past year. Figures coming out of Symantec also reveal that there was a three-fold increase in the number of attacks on small businesses too.

Professor Woodward believes that society still has some way to go to fully understand computer security but he says the threat is very simple to understand.

“All computers, if connected to the internet, are vulnerable,” he concludes.

Read more

Out of the blue – smaller icons but still no start button

By on April 24, 2013 in Blog, Microsoft

Microsoft is thought to be planning an update to Windows 8 for release later this year. So what are the new features on the way we should be looking out for?

Following the launch of Windows 8 at the end of last year, Microsoft is working on the first major update. Depending who you listen to, the new build will be known either as Windows Blue or Windows 8.1. But what’s in a name? More important for Microsoft may be to demonstrate it has listened to feedback from users – especially those who may have found the touch-centric Windows 8 operating system difficult to begin with.

Details of what we can expect were leaked online last month with screenshots turning up on various file sharing sites. So what is predicted for the eventual release?

More choice on the face of things

There will be more choice on the user interface. Posted screenshots show that Microsoft looks to be bringing in smaller tile arrangements along with a larger desktop to its Start Screen, enabling more apps to be displayed together and reducing the need to scroll. Users will be offered more options to personalise how applications are displayed. But traditionalists will note there is still no start button in sight.

More Snap Views are there to be enjoyed, meaning users can place several apps side-by-side. Similar to desktop mode, snapping is the new 50/50 view, although the new release also allows you to place 4 snapped apps next to one another. There are also some improved apps such as a new alarm, sound recorder and calculator which the user can enjoy using these snap views.

Improved features

The update will include Internet Explorer 11 and the leaked version shows a new option called Synced Tabs. This feature will allow the user to access open tabs across devices.

Charms – the name coined by Windows 8 to refer to a core set of icons and demands within any application – have been given a bit of a makeover too. The Devices Charm has been updated to include a new “play” option and the Share Charm gives a screenshot option – a quick and easy way to share images with other applications.

Microsoft has also made adjustments to make the new release more touch friendly. New gestures are thought to be supported, for example swiping upwards on the Start Screen will now bring up a full list of apps.

It’s likely that Windows Blue or 8.1 (watch this space) will be made public within months, and consumers can look forward to a full release later in the year.

Read more

2.4 children gives way to 2.7 gadgets

By on April 22, 2013 in Blog, Mobile devices

A defining statistic from the 1980s was the UK average of 2.4 children per household. This figure may have dropped in recent years but will the new measure of our times be 2.7 gadgets per UK consumer?

Despite the homogenisation of mobile technology, the average global consumer still carries multiple gadgets around with them on a regular basis, says a new report.

The survey was conducted by security specialist Sophos.com, which asked more than 2,200 people around the world about the gadgets they carry with them on a regular basis. The devices ranged from laptops to mobiles, tablets, MP3 players and eReaders. Germans carried the most devices, with an average of 3.1. They were also the most likely to carry a laptop.

Conversely, the British carried an average of 2.7 devices and preferred a smartphone to a laptop. Globally, the smartphone was by far the most popular ‘must-have-at-all-times’ gadget, with 85 per cent of respondents saying that it was number one on their list.

The least popular device was the eReader, with only 29 per cent of respondents saying that they could not leave home without it.

Google’s Android Operating System was the most popular phone OS, beating iOS by a minuscule 0.4 per cent. While Android got 40.9 per cent of the smartphone share, Apple got 40.5 and at the opposite end of the spectrum, Windows got a rather dismal 3.4 per cent.

The survey found that Apple users tended to stick within the brand. 62 per cent of MacBook users also used an iPhone, while 45 per cent used an iPad too. Windows and Linux users tended to opt for the Android OS, with 44 per cent and 56 per cent respectively opting for Google’s open source OS.

The survey was inspired by an article on gizmodo.com, which went through the gadgets in Apple co-founder, Steve Wozniak’s suitcase. One of the survey respondents admitted to carrying 12 gadgets at any one time.

While technology providers are doing their very best to provide an all-singing, all-dancing device, the results seem to demonstrate that most users are still happiest carrying multiple devices that do their specific job well.

Read more