CNC News Update 2019 Number 8
 
CNC News Update

CNC LogoCNC Nes Update

CNC

CNC Newsletter Issue 8 2019

Welcome to our autumn newsletter.

In this edition we share some really important information about the withdrawal of support for Windows 7, Windows Server 2008 and Exchange 2010. Please read on if you are still using these products. They have reached their sell-by date! And we share the latest information on cyber crime and how you can protect your business from it.

If you need help moving on from the software products mentioned above, or improving your systems security, do get in touch on 01273 384100 or email us at sales@cnc-ltd.co.uk.

CNC 
 

Final call for Windows 7

Operating System!

If your business is still using Windows 7, Windows Server 2008 or Exchange 2010, you need to take action now! These products will no longer be supported after January 14th 2020. So you need to have a plan in place to replace them.

When a software product goes out of support it means that:

  • The supplier will no longer help you resolve problems with it
  • Your business is vulnerable to cyber attack because the supplier has stopped making the regular security-related updates to the product which used to protect it
  • Applications may fail
  • Your business may no longer meet regulatory compliance requirements

Without the regular security-related updates your business is exposed to viruses, malware and other malicious attacks. Providers of application software which runs on Windows 7 will most probably cease offering support for their software after the cutoff date. This could leave you with systems which cannot be recovered should they fail.

If you continue to operate these systems beyond the termination of extended support you may no longer meet regulatory compliance requirements. Compliance requirements include:

  • PCI for financial transactions
  • Cyber insurance
  • ISO 27001
  • The government Cyber Essentials scheme

These products have been around for up to 12 years and have provided a sterling service for many years. But they are now tired and out of date.

All CNC clients have been made aware of this withdrawal of support at our regular account management meetings.

This is a final, formal reminder that support is being withdrawn from January 14th 2020.

What Action Do I Need to Take?

First of all, you need to identify if any of these ‘legacy’ applications are still operating in your current workplace, in remote offices or in home offices of employees based at home. It is very important that you undertake a thorough review to ensure that your business is fully compliant.

Then, find out if there are any operational reasons why a transition to a later operating system cannot take place. For example the vendor of software operating on it does NOT support a later operating system. If this is the case, you will need to assess the options available to you and if the risk is unavoidable, what its potential consequences are.

Since Windows 10 has been in operation since July 2015, software vendors have had over 3 years to prepare for this withdrawal of support and it is vital that you engage with them as soon as possible in order to see what the options are.

If you need help with the transition, do speak to us at CNC. We can help you identify what systems are at risk, what your options are and what the upgrade costs will be.

If you have any questions, please call us on 01273 384100 or email us at sales@cnc-ltd.co.uk.

It is VERY IMPORTANT that you take appropriate action NOW so that your business is not put at risk.

LATEST BLOG POSTS

OLD BUG COULD STILL BITE

Beware desk phones that enable hackers to listen in on your organisation – because there’s an old bug in many phones that could open doors to cyber criminals. Click here for more

HUGE BA FINE IS SCARY WARNING

The hefty £183m fine imposed on British Airways for losing half a million customers’ personal data shows Europe’s new data protection law has teeth. And if you don’t take care, it will bite you. Click here for more

CNC News Update

Cyber Threat Reports from SonicWall

The industry-leading cyber security firm SonicWall has released their latest cyber threat intelligence report. This explains the continuing battle to stay one step ahead of the cyber criminals.

Cyber-Report

The UK is still the second favourite country in the world to be attacked. The USA is in first place!

There was a 195% increase in ransomware attacks on the UK in the last year. These attacks continue to pay handsome dividends for cybercriminals.

Attacks through PDF’s and Office files remain a major threat

Traditional PDF’s and Microsoft Office files are still widely used by cyber criminals to deliver malicious code to business and personal computer users.

Please ensure that all your staff are aware of the dangers of opening pdf’s and Office files from unverified sources. If you are not sure who has sent it to you DO NOT CLICK ON IT OR OPEN IT!

In June for example, Microsoft Security reported that a remote access trojan was hidden in a Excel file. This deployed malware when the file was opened.

How To Protect Your Business

There are different types of cyber criminal. Some are interested in making money through fraud or from the sale of valuable information. Some are industrial competitors, or foreign intelligence services, interested in gaining an economic advantage for their companies or countries.

Others are pure “hackers” who simple enjoy the challenge of interfering with computer systems. There are also “Hacktivists” who attack companies for political or ideological motives.

Finally, closer to home, you have employees, or those who have legitimate access to your business systems. They may attack your systems through accidental or deliberate misuse.

Many companies have experienced security breaches with each one costing thousands of pounds.

Here is some general guidance to help keep your business secure:

1. Educate Your Users

Staff need to be educated about cyber risks, especially in respect of emails and browsing web sites.

Basic education should include how to create strong passwords and to beware of clicking on any links they are not sure of.

2. Keep Your Network Secure with a Firewall

Your firewall is your gateway to the internet and it protects you from outside attacks. It monitors and blocks unauthorised access and malicious content.

Even with a secure firewall in place it is still important to have regular security checks and controls.

3. Keep Anti-Virus and Malware Software Up-To-Date

Make sure your anti-virus and malware software is kept up to date. You should have a daily monitoring process.

4. Enforce a “Strong Password” Policy

Make sure users change their passwords regularly and prevent them from selecting ones that are easy to guess. Make sure that accounts are locked out after a low number of failed login attempts.

5. Put Controls on the Use of Removable Media Controls

Make sure you have a policy in place to control all access to removable media, such as memory sticks. Limit media types and their use. Scan all media for malware before connecting it to your network system.

6. Manage User Access and Privileges Carefully

Establish effective management processes and keep the number of privileged accounts to a minimum. Limit user privileges and monitor user activity. Control access to activity and audit logs.

7. Put a Disaster Recovery Plan in Place

It is essential to have a working Disaster Recovery Plan in place, and to test it regularly. Take regular backups of your servers and data and keep them securely off-site. Any criminal incidents must be reported to the police.

8. Monitor Systems and Networks

You should continuously monitor all systems and networks to make sure that the network is kept secure and that anti-virus software is kept up to date.

9. Implement a Clear Home and Mobile Working Policy

Mobile workers with laptops and tablets need to be extra vigilant when using their devices outside the office.

Make sure they use strong passwords and that all Company data stored on their device is encrypted, so that if the device is stolen your data is safe.

10. Install Recommended Software Patches FAST

Apply patches at the earliest opportunity in order to limit exposure to known software vulnerabilities. Ensure the secure configuration of all systems is maintained.

For help and advice on protecting your business from cyber crime please call us on 01273 384100 or email us at sales@cnc-ltd.co.uk.

CNC Logo

We hope you've enjoyed reading this newsletter and that you found the information useful.

Do get in touch with your feedback and any ideas for future articles. We love to hear from you!

You can call us on 01273 384100 or email us at sales@cnc-ltd.co.uk.

Computer & Network Consultants Ltd, CNC House, Lady Bee Enterprise Centre, Albion Street, Southwick, Brighton, BN42 4BW