The copper switch-off explained for London businesses and building operators | Book your free copper audit

Spam emails. Everyone hates them!

It’s not just the emotional pain of clearing spam from your inbox. Having to do that is a real productivity killer, too.

A recent report found that each one of your employees could be losing up to 80 hours each year, thanks to filtering and deleting spam emails.

That’s a LOT of lost productivity.

Anywhere between 45% and 85% of emails generated each day are spam emails. And worryingly, that also includes malicious emails and those hoping to infect you with malware.

Although we don’t all receive the same number of emails every day, the hours lost to filtering them out adds up.

If one of your employees gets 30 external emails a day, they’d get around 30 spam emails each week. That would work out to around 5 hours each year wasted in sorting through and deleting them.

For an employee who gets up to 60 emails a day, it would be an average of 11 hours a year wasted.

And for someone who gets more than 100 emails each day, you’re looking at around 80 hours of productivity lost to filtering emails each year.

Now add that up for each one of your team and you could be looking at a big number.

Not only that, but since a proportion of these emails will be phishing attempts (that’s where the sender wants you to take an action that will secretly give them access to sensitive data), it’s also a big risk to your data security too.

Of course, there are a few things you can do to cut down the time spent on dealing with spam emails. The first is to make use of the spam and junk email filters available from your email service.

You may also consider bringing in dedicated anti-spam and anti-phishing tools.

Finally, you can make your people aware of the risks of spam, how to spot spam emails, and the best way to deal with it to save time and minimise the risk of malware or a data breach.

If that kind of training is something you’d like some help with, get in touch.

It feels like every day we’re being warned about a new threat to our cyber security, doesn’t it?

That’s for good reason. Last year, ransomware attacks alone affected 73% of UK businesses.

And the cost of cyber-crime is estimated to hit $10.5 trillion by 2025, according to the ‘2022 Cybersecurity Almanac’.

But we’re still seeing far too many businesses that aren’t taking this threat seriously.

It’s not only your data that you could lose if your company falls victim to a cyber-attack. The cost of remediation or mitigation can run into tens of thousands of £££.

And at the same time you’ll suffer an average of 21 days downtime after a cyber-attack. Imagine… 21 days without being able to use all your business technology as normal. It doesn’t bear thinking about.

It’s really important that your business is taking appropriate steps to keep your data safe and secure.

That most likely means a layered approach to your security. This is where several solutions are used, which work together to give you a level of protection appropriate to your business.

This reduces your risk of being attacked. And makes recovery easier should you fall victim.

It’s worth pointing out that you will never be able to keep your business 100% protected from cyber-attacks. Not without totally locking down every system, to the point where it would be very difficult to do business (and your staff would constantly be looking for ways around the enhanced security!).

No, the key to excellent cyber security is striking the right balance between protection and usability.

There are three mistakes that are most commonly made by businesses – and they’re also some of the most dangerous mistakes to make.

Is your business making any of these?


Mistake 1) Not restricting access


Different employees will have different needs when accessing company files and applications. If you allow everyone access to everything it opens up your entire network to criminals.

You should also make sure to change access rights when someone changes roles, and revoke them when they leave.


Mistake 2) Allowing lateral movement


If cyber criminals gain access to a computer used by a member of your admin team, that in itself might not be a disaster.

But what if they could move from your admin system to your invoicing system… and from there to your CRM… and then into someone’s email account?

This is known as lateral movement. The criminals gain access to one system and work their way into more sensitive systems.

If they can get into the email of someone who has admin rights to other systems or even the company bank account, they can start resetting passwords and locking out other people.

Scary stuff.

One strategy against this is called air gapping. It means that there’s no direct access from one part of your network to another.


Mistake 3) Not planning and protecting


Businesses that work closely with their IT partner to prepare and protect are less likely to be attacked in the first place.

And will be back on their feet faster if the worst does happen.

You should also have an up-to-date plan in place that details what to do, should an attack happen.

This will significantly shorten the amount of time it takes to respond to an attack. That means you’ll limit your data loss and the cost of putting things right again.

If you know you’re making one (two, or even three) of these mistakes in your business, you need to act quickly. We can help.

Get in touch and we’ll review your current security arrangements.

It’s no secret that some applications are a little too interested in us and what we’re doing.

We’ve all had this experience. You might be talking to a friend about a new product that you’d like to try. Or perhaps you’ve discussed somewhere you’d like to visit.

Then the next time you go online you see adverts for the exact things you were talking about. It’s more than a coincidence, surely???

Until recently, we haven’t had a lot of control over what information our apps are gathering about us.

Android and iOS first stepped up to give us more power over our online privacy. We were given the ability to control which apps could access our data, and sensitive things like our camera and microphone.

But while it’s easy to think of this only being an issue with phones… laptops have the same problems.

So here’s some great news. Microsoft’s testing a new feature in Windows 11 to put the power back in our hands.

It’s currently testing a new feature – called Privacy Auditing – which allows you to see which applications have been accessing sensitive hardware, like your webcam and microphone.

You’ll also be able to see if your screenshots, messages, and even your contacts and location data have been accessed. And there’s a log of which apps accessed this info, and when.

When launched, the feature will be available in your Privacy & Security menu, under App Permissions.

There you’ll be able to see a full list of what’s been accessed, by which app, and when. It should become your first port of call if you suspect any suspicious activity is taking place on your device.

When the feature is released, it will be a great tool to check periodically to help you avoid malicious activity and to make sure your sensitive data remains in the right hands.

In the meantime, if you’d like someone to look over the data permissions on your business’s devices, get in touch.

Ransomware is one of the fastest growing cyber-crimes in the world.

Last year, 37% of businesses were victim to an attack.

In case you didn’t know, a ransomware attack is where cyber criminals infiltrate your network (or device) and steal your data by encrypting it. The data is still there, but you can’t access it.

Then they demand you pay a large ransom fee for the encryption key.

If you don’t pay the demand (which can be tens or even hundreds of thousands of pounds), they delete your data.It’s not just the cost of the ransom fee to worry about.

There’s the stress, reputational damage and downtime that goes with it.

In 2021, the average downtime suffered after a ransomware attack was 22 days.

Official advice is not to pay any ransomware demands. However, a new survey has shown that a massive 97% of business leaders who’ve experienced a ransomware attack in the past would pay up quickly if they were attacked again

A third of them would pay instantly. What does that tell you about what a nightmare the whole thing is for any business?

The other problem is, when you pay a ransomware demand, it’s not guaranteed that you’ll get your data back.

On average, only 65% of data is restored once a fee is paid

And by letting cyber criminals know that your business pays ransom fees, it’s likely that you’ll face subsequent attacks in the future.

So what’s the best way to deal with ransomware?

First, you should put in place the right security measures to try to prevent an attack:

• Educate your people on cyber security and best practice
• Implement multi-factor authorisation across all your applications
• Use a password manager
• Make sure all updates are installed quickly
• And you should always have a working backup in place – ideally one where older data is retained and cannot be changed

It’s also a great idea to have a response and recovery plan that details what you will do in the event of a ransomware attack.

Not only will it mean your business can respond faster, but it should reduce the amount of downtime suffered as you’ve already considered exactly what needs to happen.

This is what we do! We help businesses increase their cyber security to reduce their chances of being affected.

Get in touch to find out more

Remote and hybrid working is now the norm for a lot of people.

But a recent survey has found that, despite it being more than two years since many of us were forced to work from home, too many businesses still don’t have the right cyber security measures in place for those away from the office.

The survey was originally intended to learn about spending plans from now into next year. However, the results highlighted just how few businesses have the right cyber security protections.

And it’s a worry.

Since the beginning of the pandemic, cyber security incidents – like malware, ransomware, and data breaches – have risen sharply. Cyber criminals began by taking advantage of the panic, and have since developed increasingly sophisticated tactics.

It’s costing businesses around the world billions, plus causing excessive downtime.

While the survey did show that around two thirds of businesses have good web security measures in place, like malware filters, some of the results were more disappointing.

Just 50% of companies have cloud-based cyber security systems in place right now (although 15% are exploring their options).

Cloud security gives businesses multiple layers of protection across their network and infrastructure that helps to keep data better protected against breaches or attacks.

Not only is it a good defence, but it also identifies threats before they become an issue.

The survey also highlighted that 10% of businesses plan to implement access management, which ensures only the right people can access the right systems.

A further 9% intend to prioritise VPNs (Virtual Private Networks) to allow secure network access for remote workers.

They’re also looking at zero-trust solutions where your network assumes every device or connection is a threat, until proven otherwise.

Of course, our advice is that you should already have these security solutions in place – especially if you have remote or hybrid workers.

If not, this is something to take action on quickly.

All you need to do is pick up the phone or send us an email.

We can help!

It’s likely a lot of the applications and software tools you’re using now are different from the ones your business used before the pandemic.

That’s because we’ve all had to make big adjustments to the way we communicate and collaborate.

And to begin with, it may have been hit and miss. It’s possible in the first few weeks and months that your employees had to use whatever tools they had available to them.

Now that we’ve settled into permanent new ways of working, we can pick the software tools that best suit our businesses.

Unfortunately, your employees might not like your choice of which apps should be used within the company. And some of them may continue to use the ones they prefer, despite the security risk that comes with that.

A recent survey found a massive 92% of employees want more control over the software, collaboration tools, and applications they use. And 51% continue to use apps that have been banned by IT departments.

It’s putting business owners in a difficult position.

Blocking apps and software may lead to employees feeling untrusted. This can lead to frustration and lack of motivation. It can really have a negative impact on your business.

But ignoring the issue can be just as bad. Unvetted apps can be a big security risk, leaving your data open to theft and your systems vulnerable to malware.

So what’s the answer?

We’d always suggest having open conversations with your team. It’s a good idea to invite feedback on the software you want to use. After all, your team are the ones using it day-in, day-out.

Take their suggestions on alternatives if the consensus is you’re using the wrong solutions and commit to looking into their viability.

It’s also a very good idea to make sure your team fully understand the risks that come with using unapproved apps, and the impact that can have on a business. You can also enforce what Apps can be used through Machine Management

Even in cases where your team are all sticking to approved tools, keeping them educated on the latest cyber security initiatives is a smart move.

Can we help you find the most secure and suitable communication and productivity tools for your business?

We’ve helped lots of business owners do this. Get in touch.