Labyrinth IT Blog

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!

Labyrinth announces migration to new proactive management system

[fusion_text]Often when we take on new clients, they were previously paying another IT provider for “Maintenance & Support”. When we audit their infrastructures, we almost always find that their systems are out of date, not maintained or end of life. This leaves them extremely vulnerable and unstable.

Labyrinth believe proactive maintenance and monitoring is far more important than reactive support. Therefore we have always used systems and processes to ensure systems are maintained, monitored and well documented.

Earlier this year, Labyrinth began the task of looking for a new cloud based product for remote management, monitoring, support and security. We were specifically looking for:

  • A single unified solution to replace our existing products
  • A more comprehensive monitoring solution with SNMP to allow us to carry out more detailed checks and reports on devices
  • Increased automation to improve efficiency
  • A solution for handling patch and release management (Windows updates, 3rd party application updates)
  • Improved reporting
  • Boosted security
  • A new helpdesk that will integrate with this system, allowing us to link monitored assets to tickets and automatically generate tickets for assets when a problem is detected

We are pleased to confirm investment in a new all-in-one solution which meets these requirements. We are starting to roll this out to all of our Maintenance & Support Agreement customers. Key facts:

  • We monitor Windows services, disk space, event viewer, anti-virus and much more throughout the day
  • We run daily checks to check things like hard disk health
  • We apply automated tasks in response to alerts triggered by checks (e.g. Disk clean up is run when available disk space drops to a specified percentage)
  • We can view detailed information on hardware and software installed on devices
  • We can provide support via remote console without taking over the desktop remotely
  • Our new solution uses an integrated TeamViewer solution for remote desktop support
  • Our new solutions uses an integrated Bitdefender solution for anti-virus
  • We can carry out routine maintenance through the use of scripts
  • We can control and monitor all updates through the patch and release management module, allowing us to identify devices failing to apply updates and take action
  • We can run reports to show specific patches that are missing. This allows us to tell our clients with confidence that they are protected against specific threats, such as the recent ‘WannaCry’ ransomware attacks
  • We have a live wallboard on flat screen TVs in our offices showing us problematic devices
  • Tickets are generated instantly when issues are identified
  • We run vulnerability scans on devices, identifying vulnerable features enabled and missing patches
  • We use SNMP to monitor network devices

Can your IT partner demonstrate the same level of proactive management?[/fusion_text]

What Does GDPR Mean for Financial Services?

The General Data Protection Regulation (GDPR) comes into effect on the 25th May 2018, replacing the current Data Protection Directive. Given the transformation in the way that information is processed and the value that data now holds, many argue that stricter regulation is long overdue.

A vast amount of personal data is processed by financial organisations and third-party processors. Much of this information is confidential and sensitive. Thus, there are increased risks and there is a high probability that supervisory authorities will initially focus on this sector.

Supervisory authorities will be given new rights to audit and impose fines of up to €20m or 4 percent of the company’s global annual turnover (whichever is higher).

We have seen a lot of scaremongering around this topic and see it as our responsibility to help break down the requirements, understand the data your hold and ensure you have the infrastructure in place to comply.

Legitimate Processing

Firstly, you need legitimate grounds for processing all personal data, which can be anything from an email address to an individuals’ financial information.

Legitimate processing is defined in Article 6 of the GDPR as:

Processing carried out with consent from the data subject
Processing required for the performance of a contract with the data subject
Processing required due to legal obligations, or tasks carried out in the public interest
Processing which is necessary for the purposes of legitimate interests of the controller or another third party, providing they do not contradict the fundamental rights of the data subject
Financial organisations commonly process personal data to meet obligations of a contract or because of legal obligation. If the processing is required for this purpose, no further consent is necessary. All other processing will require legitimate grounds for processing, such as consent from the data subject. The data subject must be provided adequate information on the processing activities and will have the right to withdraw consent.

Consent must be given for each processing activity. This will see the end of broad terms and conditions or blanket consent declarations. In addition, services must not be made conditional to consent, unless the processing of the data is essential for the service.

As a financial organisation, you will need to evaluate the legitimate basis for your data processing activities. You will need to review existing terms and conditions, contracts and agreements. You will also need to determine whether consent will be required under the GDPR, even if consent has been given in the past.

Accountability

Data controllers are responsible for ensuring they are compliant and must be able to demonstrate this. Data controllers should maintain the following documentation as a minimum:

Data processing policies
Information asset registers
Data security policies
It is also vital to ensure information communicated under the GDPR within contracts, privacy policies and notices are clear.

Organisations must consider whether they need to appoint a data protection office (DPO), particularly those who undertake large scale processing activities. The role of the DPO is defined in the GDPR.

Data Subjects Now Hold More Power

Data subjects now have “the right to be forgotten”, which means they can request removal of their data from organisations who no longer have a legitimate reason for processing (e.g. due to withdrawal of consent). Data requests must also be responded to in an “adequate and timely fashion”.

Data Protection Impact Assessments

Data protection impact assessments will be essential to financial organisations due to the large volume of confidential data they process. The supervisory authority must be consulted prior to processing where processing is likely to result in a high risk.

Data Breach Notifications

The GDPR defines that data breaches must be reported to the ICO (information commissioner’s office) and effected individuals within 72 hours of discovery.

Organisations must have the appropriate processes in place for dealing with breaches.

Data transfers

The EU-US Privacy Shield does not cover financial organisations. Data transfers outside of the European Economic Area will largely remain forbidden in most cases.

Summary

The GDPR will have a big impact on the way that data is processed, not only by financial institutions but by all European businesses, it is not being taken lightly, this is reflected in the fines for non-compliance.

Whilst there may be some work & training required to become compliant, overall the new regulations should not have too much of an impact on the day to day running of your business.

Your IT infrastructure will have a large role to play in ensuring compliance and it is important to have an IT partner you feel you can trust.

About Labyrinth

Labyrinth believe that you shouldn’t have to be an IT expert to run your business. We provide an outsourced service that will help you save time and stay ahead of your competition.

We understand how disrupting IT problems can be. In our 16 years of experience we have worked with many SME clients as their trusted IT partner, providing ongoing support, advice and consultation.

Our promise to you:

Our service is a monthly rolling agreement, we will never make you sign a long contract
Our approachable staff will use plain English and not confuse you with technical jargon
We guarantee to respond within an agreed timeframe
We will never oversell and will always work on the principle of ‘best advice’
Get in touch:

We are always happy to have a chat about your IT infrastructure!

VoIP Installation London

We are RingCentral partners, which means we can offer you the latest, cutting edge cloud VoIP technology and help you take control of your costs. We are highly experienced designing, installing and supporting RingCentral systems.

We are RingCentral partners, which means we can offer you one of the most resilient cloud-based VoIP services in the world. RingCentral provides you with the ability to manage your entire phone system from the cloud without having to worry about complicated on premise systems which are expensive to maintain and difficult to configure. RingCentral’s user friendly cloud control panel allows simple configuration of everything from Users and Hunt Groups to IVRs and Call Queues.

With pricing from £16.99 (excl VAT) per line, per month including 1000 UK mobile, landline, fax and freephone minutes and support RingCentral allows you to take control of your costs, whilst using the latest cutting edge technology. Contact us today to find out how we can simplify your phone system, save you money and provide you with a cloud based phone system which can be accessed anywhere in the world with an internet connection!

Your all in-one communications system.

Modern working culture continues to shape business communications. Advanced cloud technology now allows you to be completely flexible and sets a new standard of responsiveness. RingCentral has harnessed the power of the cloud to provide business communications built for the way people work today, replacing existing disparate communications services with a single all-inclusive solution that delivers secure and reliable phone service, internet fax, conferencing, online meetings, and more.

Fully integrated with the applications your business relies on.

Your business runs on cloud applications like Salesforce®,Microsoft® Office 365™, Google, and Zoho™. RingCentral integrates with your existing apps and adds tremendous value to them by allowing you to capture critical consumer communications intelligence.

RingCentral integrations allow you to pull communications into the context in which you work every day—whether it’s email, CRM, or file sharing—so you can stay focused and productive. And because it’s the cloud, all updates and upgrades are made automatically, so users are always current. RingCentral creates an intuitive user experience. It’s easy to use, and even easier to manage.

Work the way you want to work.

With RingCentral, employees at multiple locations are linked through the same system for seamless collaboration and communication. Remote and mobile workers have access to the same secure tools and resources as employees on site.

One system allows you to hold online meetings and conference calls with attendees in multiple locations. Workers can attend from the road on the device of their choice.

With one business phone number, your professional identity follows you across devices. Company data and contacts are protected on private devices, providing a BYOD experience that really works premiere.

EPOS Installation, London

We have many years of experience supporting EPOS systems. We currently recommend the Epos Now cloud based system. We are Epos Now partners and can supply you with and help implement everything you need in your venture. Epos Now has a cloud based back-end, allowing you to access your back office from anywhere in the world. If your internet goes down, your tills will function as normal and sync changes once your connection comes back up.

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!

Protecting Systems from Security Vulnerabilities

Most people will be aware, due to the extensive media coverage, that many organisations have been affected by the ‘WannaCry’ Ransomware attacks.  Ransomware is a form of malware that encrypts data on your hard drive.  The criminals behind the Ransomware then attempt to collect a fee from you in exchange for decrypting the data.  Ransomware is often an untargeted attack.

In fact, several small businesses that signed up with Labyrinth in the recent past joined us after they had been affected by Ransomware attacks because they had not maintained their systems or implemented adequate security controls.

Whilst we feel it is necessary to ask our clients to be take precautions in response to the recent attacks, we must emphasise the need to maintain secure systems and staff awareness at all times.

Anti-Virus

It is crucial to install, update and monitor anti-virus on all computers and servers.  Labyrinth supply this as standard to all our clients.  Real time data feeds back to our cloud control panel which we monitor daily.  If an endpoint fails to update, or an infection is identified, Labyrinth will always take immediate action.

We can confirm that there are no pending anti-virus issues to be reported to any of our clients.

Windows Updates

It is crucial to use a supported operating system which is fully up to date.  Management of this will either be via a Windows Server (WSUS) or via automatic updates.  We recommend that all clients restart their computers regularly (at least once a week) to allow pending updates to install.

Phishing Awareness

Ensure staff are aware of Phishing practices (fraudulent emails appearing to be from legitimate companies).  If an email, particularly containing attachments or links, appears to be suspicious, contact the sender to verify the integrity of the email or report this to us.  Do not click any links, or download attachments from a suspicious email.  This is one of the key methods of infection from Ransomware.

Firmware Updates

 Key network devices should be kept up to date with the latest firmware.  This is not specific to the recent ‘WannaCry’ ransomware attacks but is important to protect against other vulnerabilities. Labyrinth routinely update firmware on Firewalls, Switches, Routers, Access Points and NAS devices for all our clients.  We employ robust systems and processes to keep track of this.

Microsoft releases emergency security fix

Microsoft has released an urgent security update to patch a bug which allows a hacker to take control of computers via email.

The bug is in Microsoft anti-malware products such as Windows defender and can be exploited without the recipient actually opening the message. This affects Windows 8, 8.1 and 10.

Labyrinth supplies anti-virus software to all of our Maintenance & Support Agreement clients and disable other products by default, however we recommend all businesses ensure they install any pending Windows updates and restart their computer.

 

Read more…

 

Labyrinth attends IP Expo Europe

[two_third last=”no” spacing=”yes” background_color=”” background_image=”” background_repeat=”no-repeat” background_position=”left top” border_size=”0px” border_color=”” border_style=”” padding=”” class=”” id=””][fusion_text]Matt Dunn (Business Support Manager) and Evison Thomas (Sales & Marketing Executive) made the annual Labyrinth IT visit to IP Expo Europe at London Excel on Wednesday. The team were in search of exciting new technology and partnerships that will allow us to continue to deliver the best IT solutions to our clients.

Matt and Evison were particularly looking for new, innovative SNMP solutions for monitoring the networks that we manage on behalf of our many business clients. As a result,  our engineers are in the Lab trialing a new solution that we believe will take our proactive management capabilities a step above a large number of our competitors.

Labyrinth were also searching for scalable cloud servers that can be rapidly deployed and affordable to all of our clients. We are currently in early discussions with two providers and hope to announce a partnership soon.[/fusion_text][/two_third][one_third last=”yes” spacing=”yes” background_color=”” background_image=”” background_repeat=”no-repeat” background_position=”left top” border_size=”0px” border_color=”” border_style=”” padding=”” class=”” id=””][imageframe lightbox=”no” style_type=”none” bordercolor=”” bordersize=”0px” borderradius=”0″ stylecolor=”” align=”none” link=”” linktarget=”_self” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ class=”” id=””] [/imageframe][/one_third]