With the end of the final TV debate of the 2016 US election, what is left that could change the results of the November vote? Analysts claim that Facebook’s "I Voted" button could have a potential influence over voter turnout. The so-called "Voter Megaphone" allows you to show that you have voted and see if your friends on Facebook have also voted. But by how much could it change the Presidential race in the US and its polls?

A recent study finds that one quarter of law enforcement websites based in the UK have a weak connection and could be prone to hacker interception.

Millions of people have recently found out that they not only have a Yahoo account but also that it has been hacked. Many large companies such as BT use Yahoo to base e-mail accounts for their customers. Anyone with an email address ending with "@btinternet.com", "@btopenworld.com" or "@talk21.com" could have been indirectly hacked and their details leaked.

"Without the superb help I recieved from Justin and Andrew at Bongoit, I would not have been able to regain ownership of my businesses online presence."

"6 months ago a contractor who worked at my family business attempted to steal it from me. By the time we caught him out and involved the police he had stolen our domain name, goode review account authority, controlled a website in my business name and was passing himself off online as the business owner. This had a devastating effect on my customer retention and the ability for prospective customers to even find my phone mumber.

Without the superb help I recieved from Justin and Andrew at Bongoit, I would not have been able to regain ownership of my businesses online presence. At every stage they were key in providing the help and support I needed. No matter how busy they were, what time of day or how little notice they recieved, they were there, on the phone and ready to talk my solicitors through aburdly complicated internet/legal jargon and provide expert testimony that without doubt was the deciding factor ond turned the tide.

5 stars is not enough.

Use BongoIT if you need help.

Thank you Bongo!"

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

In recent reports it has been found that the Chinese tech company Lenovo has made their most recent batch of laptops locked into Windows 10. Many have suspected that they had a deal with Microsoft but Lenovo has denied this. This, however, is not the first time Lenovo has tried to constrict what user are able to do on their hardware. 

The Supposed Deal With Microsoft.

A Lenovo spokesperson claimed the Chinese giant "does not intentionally block customers using other operating systems on its devices and is fully committed to providing Linux certifications and installation guidance on a wide range of products". The accusation originated from a Reddit thread. The thread accused Lenovo and Microsoft of locking the operating system onto the laptops at a firmware level. Lenovo stated that the lock was a storage driver compatability failure and not a feature."Unsupported models will rely on Linux operating system vendors releasing new kernel and drivers to support features such as RAID on SSD," the spokesperson staited. This meant that if you want to install Linux, you need a kernel with the required SSD driver. The issue could be simply that the latest kernel for Linux RAID has a small bug that creates a huge problem. The affected models include the "Yoga 900S" and the "Ideapad 710S". This does not bode well for Lenovo's already shaky record of unnecessary firmware additions.

BIOS Editing

In August Lenovo sold laptops with that came with free crapware already installed. This included free demos, unnecessary Microsoft programs and other things that clog up your storage space. The software itself was attached to a BIOS function which detected if any of the crapware is deleted and then reinstalls them for you on the next boot up of your system. The way that Lenovo had created their BIOS for the laptop range was with a WPBT that allowed manufaturers to add their own programs and drivers to your operating system.It was also designed to help prevent corruption by running executables on boot-up. This, however, gives companies like Microsoft a free backdoor to implant free, unremovable, demos and software. This idea of implanting information into the operating system was supposed to be used by anti-virus programs. The idea being that that protection programs could delete viruses that had placed code into the BIOS of your system. But the advertisement of major companies beat any hackers that could figure the vunerability out. But that's not all, Lenovo also sends a moderate chunk of statistics back to their databases in China.

Will Lenovo clean up their act? Or will they continue their scheming ways with Microsoft? We can only wait and see if history repeats itself once more with Lenovo.

Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Lenovo denies claims it plotted with Microsoft to block Linux installs

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

This handy piece of software allows you to block almost all ransomware - including the dreaded cryptolocker.

Ransomware Prevention, now for Free.

This invaluable piece of software, now given to the public for free, can clean up and prevent most malicious attacks that come in the form of ransomware. The "Cryptolocker Prevention Kit" was only given out to paying subscribers but now it's available to all. It is not something that can replace your anti-virus but it is a usefull addition to your PC's defences. The kit boasts an "article on cleaning up after infection but more importantly materials and instruction for deploying preventative block using software restriction policies". This means that if your computer gets infected by something that is trying to modify existing software it will be blocked from your machine and placed into quarantine.

The SMBKitchen Crew and Third Tier staff had origionally made this program only available to paying customers. But due to the rapid spread of the virus, the producers made it available to everyone. Click here for the download page.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

In the aftermath of Cryptolocker and Gameover Zeus, is the threat of ransomware still significant? How does ransomware work? How can ransomware be prevented or even removed form the internet completely?

The fight against ransomware and all viruses in general is always an uphill struggle. Your typical anti-virus programs can only prevent attacks from viruses and malware from programs it recognises as threats such as the famous Crytolocker.

In June last year the network provider and multi-million dollar company Ubiquiti was scammed out of $46.7 million and has since been only able to recover $8.1 million with prospects of another potentual $6.8 million. This one blunder will set them back at least $31.8 million. These crimes have inspried other CEOs and executives to fight back against the criminal hackers.

Florian Lukavsky Uses Hackers Own Techniques To Stop Them.

SEC Consult Singapore director Florian Lukavsky has turned predator into prey by creating a hack that sends scammer's Window's 10 credentials to the local police. Scammers like the ones that caught out Ubiquiti use a technique of e-mail spoofing to convince executives to wire large amounts of money into their own accounts. The victim doesn't usually find out that they have been scammed untill several hours later. Banks usually don't refund this type of fraud and it is usually written off as a buissness blunder. Florian Lukavsky's counter-hacking relies on the fraudsters making a blunder that could not only cost them their ill gotten gains but also jail time. After a executive has been scammed Florian Lukavsky sends an e-mail to the attacker which seems like it is a transaction comformation from the victims bank. This e-mail includes a pdf file which contains a virus that when the attacker (hopefully) opens will find as many credentials as it can from their linked Outlook or social media accounts account and then immediatly wires it to the police.

"Someone impersonated the CEO of an international company requesting urgent wire transfers and a couple of hours later they realise it was a scam … we worked together with law enforcement to trick the fraudsters," Lukavsky says. "We sent them a prepared PDF document pretending to be transaction confirmation and they opened it which led to Twitter handles, usernames, and identity information." Lukavsky says that he gets a "kick" out of convincing scammers to fall for their own trick. His efforts have led to many arrests and shut downs of many scammers and their bank accounts based in Africa.

Where does the Lost Money Go?

Ubiquiti, which lost $46.7m in June last year isn't alone in the losses. Belgian bank Crelan, which lost $78m in January, Accenture, Chanel, Hugo Boss, HSBC, and countless other smaller companies have also fallen victim to e-mail spoofing and phishing attacks. The FBI estimates some $2.2billion has been stolen from nearly 14,000 cases in seven months to May this year Some $800m in losses occurred in the 10 months to August 2015. Obviously the money can't go through the conventional route it was intended for, so where does it go? Most scammers that are impersonating another person send the money to a bank in China's Wenzhou region. The region itself has been known for money laundering for many international crimes and scams. After the money leaves that bank, any attempt at tracing it's path is practically impossible. After it leaves a chain of Chinese banks it would likely end up in the personal bank accounts of  scammers like the ones Florian Lukavsky stopped in Africa.

Donald McCarthy Prefers Prevention Over Counter-Attack

Vice President of Operations at myNetWatchman LLC Donald McCarthy has an alternate way of preventing his workers form falling for phishing scams. He belives that anti-phishing is more of a deterrent than counter hacking like Florian Lukavsky. Donald McCarthy has come up with a program that will allow his workers to recognise and report phishing e-mails. His idea includes sending out "mock" phishing mail to members of his workforce and reward them for reporting it or making sure they know what could have happened when they believe them. Over time, as the workers get a better sence of what is and isn't a phishing scam, McCarthy will increase the difficulty by making the e-mails that are pretending to be phishing scams less and less obvious. He says that he often rewards employees for the successful identification of a scam with gift cards and in-office snacks. 

"I think all organisations greater than one person should use anti-phishing," McCarthy says. "Even that one person should use it".

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Source Articles:

Anti-phishing most critical defence against rife CEO email fraud

Ubiquiti stung US$46.7 million in e-mail spoofing fraud

Hacker takes down CEO wire transfer scammers

The new cloud regions in the UK become part of one the world’s largest online storage infrastructures, supported by more than 100 data centres globally. Several large organisations have already signed a new contract with Microsoft to use these new data centres including the Ministry of Defence.

Microsoft has recently opened several data centers in the UK. For the First time ever UK users of Azure and office 365 will be able to connect to their data without it having to pass through another country to get here. This new investment makes Microsoft the first global service to provide data from a cloud based from UK data centers. Many large organisations such as Glasgow City Council, Marks & Spencer, Confused.com, Natural Resources Wales, Pizza Hut Restaurants and Virgin Atlantic already use Microsoft's cloud servises and the Ministry of Defence is soon to join them.

Better Security and Speed For the Ministry of Defence.

The Ministry of Defence has stated that it has signed a contract to make use of the new UK based data servers because of both value for money and security of data. The MoD not only has around 230,000 workers, many of which will use Microsoft cloud products like Azure but also spends around £3 billion each year to improve its data infastructure. This should give you an idea on how much Microsoft has invested into the capacity and security of these servers.

“Microsoft’s secure and transparent cloud service in the UK fits perfectly with the MoD’s digital transformation agenda,” said Mike Stone, Chief Digital and Information Officer at the MoD. “This agreement, which is based on Microsoft’s world-class reliability and performance, will allow us to deliver cost-effective, modern and flexible information capabilities. It will ensure we are better-placed in our ever-changing, digital-first world”. Mike Stone also stated in a BBC interview that this is a welcome change as many elements of the MoD's servers and software hasn't been updated for several years.

The New Investment is a Welcome Change.

"We were still on Windows XP, for instance, and all of the applications were from 2003 or prior to that," he said in a recent interview. "I took the view that the services we were providing were unfit for purpose. The idea is to provide a different capability that fully exploits the power of the cloud and mobility. We can now work on documents collaboratively and understand more about the ways we are working—we will be able to see how much time teams are spending in meetings, on email and on the phone.".

Before Microsoft had installed these local data centers our data was having to pass through several countries. The Neatherlands and Ireland had the largest amount of traffic within their Microsoft data centers due to it having to pass through them to get to UK users. Now UK users will be able to enjoy the global network of Microsoft products such as Azure and Office 365 with less latency and more capacity but with the bonus of added security due to local servers. 

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Source Articles:

MoD inks UK Azure data centre deal with Microsoft

Microsoft becomes first global provider to deliver complete cloud from UK data centres

Is The U.S. Bluffing About Their Cyber Security?

At the G20 summit in China yesterday, President Obama stated that: “We have had problems with cyber intrusions from Russia in the past, from other countries in the past.” and that now “we are moving into a new area where a number of countries have significant capacities. And frankly we have more capacity than any other country, both offensively and defensively.”.

Are Americans at Risk?

This would obviously be reassuring for any nervous American not wanting to be spied on by countries rival to the United States but a quick read of a report made on the 5th of August may make them worry once again. In a presentation at a "DEF CON" hacking conference Jason Healey, a senior researcher scholar at the University of Columbia, revealed his report on the number of zero-day vunerabilities that U.S security agencies have at their disposal. Healey expected that the U.S. would have useable bugs in the tens of thousands. After his research into released documents, Snowden leaks, interviews with intelligence staff, and presidential papers he concluded that there could not be more than fifty bugs in total. He was sure to state that the true number of bugs and stored vunerabilities that the U.S. intelligence has could still be a mystery but the evidence found to support a severe lack of cyber strength is compelling.

So does this mean Obama was bluffing at the G20 summit, perhaps in some way to disuade potentual international threats? Or has the U.S. been able to amass a massive proportion of new bugs and vunerabilities within a month?

What are "Zero-Day Vunerabilities" and Why Doesn't America Have Them?

Zero-Day vunerabilities are bugs or vunerabilites in systems that could allow organisations like the NSA or CIA to counter-attack in the event of a cyber war breaking out. However the bugs themselves pose a threat. For as long as the United States government keeps them there is the chance of a leak and hackers obtaining these secret system vunerabilities. This has divided American politics on the subject, as many would like to keep the bugs in case of a threat from China or Russia would arise, whereas others think more businesses would invest in the United States if they knew the threat of hackers obtaining these bugs were low or non-existant. So due to this division in opinion we end up with something like the results from Jason Healey's report staiting that the U.S. is not a major power in cyber world and also President Obama telling the U.S.'s main rivals that they will be the best on the cyber battlefields to come.

All the evidence suggests that the U.S. did not meet the same cyber power as expectations but could be working towards fufilling them in the near future after the G20 summit. 

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Source Article:

How many zero-day vulns is Uncle Sam sitting on?

Obama says USA has world's biggest and best cyber arsenal

Identity Theft Is On The Rise

Readers be advised, idetity theft is on the rise. In the UK alone there were 148,000 victims during 2015 according to the fraud prevention service Cifas. This is up by 57% from previous years. And as if we were not worried enough by Ransomware and Brexit!

Researchers looking at this growing issue have identified social media sites as the main culprits for publishing personal details. If you think about it you wouldnt give your date of birth to just anyone, but there it is on your Facebook wall. 

These personal details can be used to take out things such as loans and credit cards in your name, and could land you with a whole heap of debts, The advice is to be aware, and think carefully before you put any details online, and keep up to date with security/privacy settings for the sites where you have posted your details.

It could be something else that gives the game away for enterprising fraudsters though such as a photo that has your bank card it in somewhere, a picture with your passport in (perhaps if you are going on holiday), your phone number (Yes even that can be used as fraudsters may try to run a scam on you!).  

So remain vigilent and don't let the fraudsters catch you out...On the other hand I don't get a huge stream of Happy Birthdays on my Facebook wall, sad days indeed.

Have you just upgraded to the latest version of Office 365 and found that the way attachments work has completely changed?

Office 365 now sends links to documents instead of the file itself to save space.

Some of our clients have been calling in about this issue/change for a bit of IT Support. Microsoft will implement new features without making end users aware. This feature has been on the development roadmap for a while though and is designed to save storage space in Exchange online, and improve workflow. It also probably saves Microsoft a bit of electricity in their data centres, probably.

Where do I see this feature?

When you open a new email in Outlook 2016 and you want to attach a file most users will click the attach button in the email menu. Doing this now will present you with a list of the most recent documents you have used, and should the thing you are looking for not be there the option to browse for the file.

Once you select a file it will seemingly attach itself to the email.

The good news is that you can still easily attach documents. All you need do is click on the dropdown menu for the attachment and choose "Attach As Copy".

Why use the link sending feature at all?

Internally to your business it makes a lot of sense. Documents should be worked on through the system so they are always saved, and if versioning is turned on then versioned as well. We all spend a lot of time looking for things in our filing systems too, this should help users get to documents quicker, and ensure everyone is working on the same document version. Externally however it doesnt really work as a concept, yet.

Enjoy the blog post? Then you would love our newsletter! Signup here and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Saving Money and Increasing Efficiency in IT

With the uncertainty generated by BREXIT, the economy generally being a bit slow to pickup during the first half of 2016, and with the price of oil seeming to creep back up, the future seems uncertain and everyone is looking at how to save a bit of money. The question is can you save money and be more efficient at the same time?

The short answer is yes but you have to be willing to change, and those changes in the short term will cost money and/or time which is recouped in the medium to long term. Trying to be frugal on the following solutions and do it yourself can, unless very well managed, cost you a great deal more time. After all, you get what you pay for.

An example of change and efficiency working hand in hand to increase revenue: A UK technology provider is forging their own path to growth by diversifying their business and using their hard won efficiencies to nurture a new business arm. Fidelity-Group have traditionally been in the leased line and telecoms market but are now heavily promoting their energy savings arm. Their rationale is that the systems and processes needed to manage quoting and billing are very similar. In this way they are using their strengths to build a new market for far less upfront cost than say a new company would experience.

As we are from the IT world though we wanted to give you our top ten tips on saving money on IT whilst increasing efficiency, and none of them involve firing anyone.

1. Get rid of your server and its maintenance. Whilst this isn’t suited to a company doing in house software development there are still thousands of small companies out there running Microsoft Small Business Server for nothing but email, calendars, contacts and file sharing/backup. Often the way these have been setup is haphazard and leaves gaping security loopholes but that is another story. The point is if this sounds like you then you need to consider moving to Office 365. Let Microsoft look after ‘your’ server in their massive, purpose built server farms. Let them deal with updates and maintenance. Not only is it virtually guaranteed to save you money and time but with a correct implementation and the appropriate training you can become more efficient too.
2. Get a better hardware supplier. Do you ever find yourself walking in to PC World to pick up a new computer? Oh dear, not only are they expensive but the tendency is to, with the best intentions, buy something with all the bells and whistles that you just don’t need. The same goes for many small computer supply shops. The problem is being able to trust that what you will get is fit for purpose without trying it first. To be honest though, should you be making that decision? Your IT guys should know what applications you need and buy the PC that is fit for purpose. Get a standard workstation from an industry supplier, and have it delivered to site the next day. No need to think about it, no need to drive/walk anywhere.
3. For that matter get a better software supplier. Some hardware suppliers will also do software so long as it relates to the systems they sell. For example a large distributor of Dell will probably also do Kaspersky licenses for a fraction of the price you would pay from the Kaspersky site.
4. A minor point, but something you can implement right away. Did you know that ~85 per cent of UK landline phone numbers are registered with the Telephone Preference Service, but only 3 per cent of mobiles are signed up to the service (which is mostly free)? Whilst this won’t save you money directly it will save you time from answering those pesky sales calls. Just text “TPS” to 78070.
5. Hire an accounting expert, perhaps just as an advisor or on a temporary contract. They should be able to help you make cuts which don’t just get shifted on to another business unit. You may also be able to tap legal resources to review existing supplier contracts.
6. Take control of “unmanaged” costs such as power consumption, or printing. Ensure you can measure these costs accurately so you can see where you can make further savings.
7. Get rid of useless software. We all have that subscription somewhere that eats away at our bank account until we notice one day and wonder why we ever bought it in the first place, or in some cases IF we even bought it! It could be the anti-virus software you used to use, or even the current software which can often be bought cheaper through a different supplier. Is it strictly necessary? Does anyone use it? Isnt there an open source version you could use?
8. Switch to VoIP telephony. Typical savings are in the 40% region. You will need a good internet connection to do this but even the Virgin home broadband upwards of 100mbps is good enough for a dozen people (though not if you run a call centre).
9. An obvious one – review your marketing plans often. Are you getting a return on any of your expenditure? Are you spending enough in the right places or just throwing money at a marketing spread where its impossible to tell what is working and what isn’t? For example if sending a branded Filofax to a highly targeted prospect costs £200 but they become a high value customer for life is that not better than sending 10,000 emails to fairly random people?
10. Rationalise your systems. Emails, websites and failover services are high on the list for this. If youre a bit worried about touching it (using the “if it isn’t broken” rule!) get in a consultant to help make it more efficient moving forwards. So much can be done on the cloud today, and often it presents a much more economical option.

Conclusion

You are not expected to know everything. Equally though when was the last time your IT company came to you and said “hey, we have this great idea that will improve your business/an aspect of your business, and it is really easy to implement”? And then it happened, it was easy/cost effective, and it made a difference?

Do we practise what we preach? To some extent yes we do, we invest back in ourselves in new learning, certifications, and IT equipment and software to do our jobs better. We have embraced the cloud and learned to use the tools it gives us to be more efficient. We have also just refurbished our office which now looks respectable enough to not be embarrassed about bringing clients to. So why not come and visit us for a coffee if you are ever in Oxfordshire?

Enjoy the blog post? Then you would love our newsletter! Signup here and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

The internet has revolutionised how many businesses operate, and how we live our lives. With over 2 billion users it is also a battleground for cyber security experts and hackers. Protecting key information is often critical to the survivability and competitiveness of businesses today.

Cyber security is also a hot topic at the moment with the government pitching in with adverts to warn us about using stronger passwords; but there are also some very common mistakes we see IT technicians making all the time. Here’s our list of the top 10 security gotchas.....

1. Port forward 3389.

Are you able to remotely login to your server using this method? Restricting access at the Firewall by IP address is not good enough as IP addresses can be spoofed and your details could be “sniffed”. This is called a man in the middle attack. This is such a common issue seen all the time, poor practise creates loopholes!

2. Sharing passwords across clients.

The chances are that the companies which do this will also proudly list some of their clients on their website. Therefore an enterprising person could gain access to all or some of said companies’ clients. The worst culprits seem to be website "designers"

3. Installing 3rd party browsers (like Chrome or Firefox) on to a server, and/or disabling Internet Explorers’ protected mode.

Why would an admin do this? Because it’s difficult to browse from a server otherwise. IT technicians should instead connect to a workstation, browse from there and if needed download files to a shared folder.

4. Poor physical security.

If I can touch your server I can take everything you have. This is quite a remote possibility for most people, but for businesses in highly competitive markets and with valuable Intellectual Property it can be an all too easy mistake to make. For example we have noted that it is usually very easy to get in to a “secure” premises by saying “I’m here to fix the computers”, people tend to just trust you!

5. Creating/not noticing SQL injection vulnerabilities.

These are unfortunately all too common given that they can be easily avoided. One of the most notable cases was the SQL Slammer worm of 2003 which infected ~75,000 machines successfully within 10 minutes of deployment. An amusing yet simple example of SQL injection is the tale of Little Bobby Tables. His mother being the caring sort we all know and love decided to Christen her son “Robert’); DROP TABLE Students;” which when typed in to the school database (as part of standard data entry probably done by an unwitting intern) erased a years’ worth of student data. Obviously they should have sanitised their database inputs! XKCD.

Primary Defences:

1. Use of Prepared Statements (Parameterized Queries)
2. Use of Stored Procedures
3. Escaping all User Supplied Input – Probably the best method!

6. SSL Issues

SSL certificate expiry happens to the best of us, well not us, but some very big companies like Google in the case of their Gmail service. It can be very embarrassing when clients can’t access your website/their email, and potentially damaging to your reputation when they are told it is not a trusted domain. To ensure it doesn’t happen make sure you get the email reminders from your certificate issuer, and that these go to a shared inbox where designated people can action it.

7. Automated Patches

Windows Server Update Services (WSUS). If not configured properly the WSUS will use Http not the encrypted HTTPS delivery. Hackers could use low-privileged access rights to set up fake updates. These updates could download a Trojan or other kind of Malware allowing the hacker some access to your server.

8. Sensitive data exposure

A good developer should be very aware of security, sadly many developers are not. We had a situation like this when we took on a charity who had a lot of work done for them pro bono. We always say that you get what you pay for, and in this case that really rang true. The (very) sensitive data was not encrypted, nor was the access to the data. Anyone working at the web hosting company had access to the data, we had access to the data, the data could have been sniffed etc. and whilst we can be trusted we shouldn’t have access, and Joe Blogs is definitely a security threat.

9. Not applying fixes/updates

In a lot of SME’s they tend to look after their own IT until it becomes too complicated (out of necessity) for them to manage. I can’t count the amount of times I have gone in to scope out a system and found a bazillion updates needed doing. When asking why they have not applied the update the answer is usually “oh that’s what that thing is flashing at me for”. In larger companies updates should be scheduled and run from the server (to save on bandwidth mostly, and in some cases to be able to control which updates should be installed), remote devices should be able to be locked and wiped as a bare minimum requirement if they can’t be fully controlled. We have seen instances where this is not happening correctly and have suggested using a tool like Intune.

10. Poor practise

If it is not broken don’t go looking for issues, mentality. What with all of the above to deal with one would assume that an IT technician needs to keep on the lookout for vulnerabilities, but you know what they say about assumptions.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Bongo IT’s Top 10 Gotchas on Office 365

Of course you don’t want to make a hash of it, and you want a good ROI, but many businesses make a total mess of their migration to Office 365. It should be simple, and if you’ve only got a few users and a small volume of data it can be. But most migrations fail to deliver the promised benefits.

Independent research suggests that 72% of Office 365 migrations of over 200 users fail to deliver significant benefits whereas those “properly” migrated save significant cost and dramatically increase efficiency. With this background, here are 10 confusing pitfalls of Office 365 you should be aware of before migrating to the cloud:

1. Microsoft Account vs O365 Organisation Account

As you will know there are a lot of different versions of Office 365; for home, for Business, for Enterprises, for Not-for-Profit organisations...and even some free versions for consumers requiring a different MS account type not to be confused with your organisational account. If you have both account types (which could even use the same email address) Microsoft will be holding your credentials within two different databases...thing is they sometimes "cross streams", and as we all know you don't want to do that. I'll try to explain the two account types:

Organisational

I have This email address is being protected from spambots. You need JavaScript enabled to view it. as my Office 365 username. This is my organisational account (for Bongo IT) and allows me to access my organisations' apps and data when logged in to the portal. This account is used for logging in to all Office 365 features, for example:

• Office 365 Exchange mailbox
• Office 365 SharePoint
• Skype for Business

Microsoft Account

I also have This email address is being protected from spambots. You need JavaScript enabled to view it. which I have linked as a Microsoft Account (https://signup.live.com). I can use this account type to access the consumer version of OneDrive, and a few other apps. Anyone can have a Microsoft Account like This email address is being protected from spambots. You need JavaScript enabled to view it., or This email address is being protected from spambots. You need JavaScript enabled to view it. and if you want free personal email and storage it’s not a bad idea to get one. In my case as I already had Gmail and didn’t want another email address to remember I just linked that up as my MS account. This account is used for:

• Log in to Windows 8+
• Log in to Skype / Xbox
• Log in to OneDrive (onedrive.live.com)
• Log in to free MS Office (www.office.com)
• Log in to Windows Phone 8+
• My free MS Account apps

With Microsoft things are never simple when it comes to licensing but the key thing is to remember that these account types are stored in separate databases that are not aware of each other. Each allows you access to different things, for example Skype Vs Skype for Business. If using both systems at the same time it is useful to use 2 browsers (one for each) to avoid any logging in issues, and to avoid a great deal of confusion. A password manager won't go amiss either. You may also come a cropper to a few inconsistencies. For example you can link Office 365 Home, or Student, to Skype. You can’t link Office 365 for Business to Skype.

2. Sharing Documents Externally

This used to be quite tricky but Microsoft have worked out some of the bugs since 2013, which has made this a lot more user friendly. There are various ways to share documents/folders/sites with external users but you need to be aware that SharePoint has a different security setup to OneDrive (paid subscription). OneDrive is ready to go when it comes to sharing externally, SharePoint Online (SPO) may require some settings updating and security groups creating. If you decide to allow internal users to be able to share a Site in SharePoint be extremely cautious.

Before you start you will need to turn on External Sharing in your Admin Centre, from the SharePoint dropdown menu item. NB: You can only share documents etc. with a Microsoft Account or Organisational Account holder. These are the things to be aware of: Sharing by email address: if you opt for this and uncheck "Require sign-in" the user will be emailed a Guest link. They could email this on to anyone (with a MS Account) who would then be able to access the data. Make sure you set an expiry date to the link. Sharing by "Get a Link"; again you will see options where no sign in is required. Remember to set an expiry if that is an option you choose.

3. Failing to factor in the Cost of Add-ons

As a Microsoft cloud partner it’s almost easy to forget that we have access to almost everything as part of our partnership benefits. Gloating aside here are some of the Add-ons you might want; Dynamics CRM Online, Yammer for Enterprise, Project Pro for Office 365, Visio Pro for Office 365.

4. Using Exchange Server Deployment Assistant

The Exchange Server Deployment Assistant will help you build a step-by-step checklist that will greatly assist you in the deployment of Exchange Server for different scenarios. It is a web based tool, and can be found here. If you don’t use the tool, then you are risking looking like one.

5. Get the prerequisites right for Office 365 when going hybrid

If you have large files which need super fast access (e.g. architects, designers, engineers), or you have offices in multiple countries you are probably considering going for a hybrid deployment. Number one is to be aware that if you have older software you need to upgrade it to support Exchange 2007 and later. However if you are using 07 and 10 you still need a 2013 CAS&MB server. We would recommend upgrading your entire on premise organisation to 2013. With Exchange 2016 around the corner it makes a lot of sense to get on the upgrade path now before you get left woefully behind, lacking in various bit of new functionality.

6. OneDrive for Business 5000 limit…and why you shouldn’t use it, yet.

Whilst you may have carefully planned your libraries, data migration and access rights you may not know about the 5000 limit which will scupper your good intentions at the final stage. You can only sync 5000 items (files + folders) per library using the OneDrive for Business app for PC and Mac. It's only a limit of the app, not SharePoint Online. So the answer is either to not sync libraries, or to ensure they only have a limited number of items in them. You can cheat by using Zips but that's not desirable for eDiscovery, or generally for access. We will say this though: currently we do not recommend using OneDrive for Business as it can be (but not always) unstable.

There is a new next gen sync client based on the more reliable consumer version out now but it only works with OneDrive (business not consumer), not SharePoint which is what we need. A little bird a Microsoft has said that it will be released in July 2016 though. Currently OneDrive for Business is unreliable, and whilst “easy” to fix it can be a bit of a time waster. There is a way round it though that gives you just about the same functionality. You can view SharePoint Online via the Explorer window so long as you are using Internet Explorer and select that option in the library settings pane. You can eliminate issues with the local cached copies of files by going old school and mapping a drive to a folder or library.

7. Calculating time to upload - EWS 400GB limit, and bandwidth requirements.

An oft forgotten issue when you are bogged down with the technical details. If you have a slow upload rate then you need to think carefully about how you are going to move all your company data to the cloud. You might even consider moving some data to another site to increase the upload speed. Exchange Web Services (EWS) also has a 400Gb transfer limit per day set as well. If you are uploading this much data the chances are you will be doing the migration in stages over multiple days, but it is still something to be aware of.

8. Data Retention: 14 day retention limit for deleted items.

As an Administrator you will be able to reinstate files which the user may have accidentally (or deliberately!) deleted from their Exchange Online inbox or from SharePoint Online. However the default setting is that files will only be retained for 14 days which doesn’t give the business much time to react in the case where something has gone missing.

9. Being aware that Lync Online does not provide full VoIP telephony…yet

If you thought that Office 365 (in the UK) was a full Unified Communications platform you would be wrong. Yes you can host Skype for Business (Lync), or use a hosted service but this requires significant investment. In its virgin state you can't use Skype for Business to dial out, which is a shame. Microsoft look like they will be releasing full PTSN integration at some point in the near future though, this feature is available now on a trial basis depending on your location and account type. We are trialing it right now!

10. Spam filtering – do I hear a rewind!

You may have spent years tuning your spam filter so that you barely get any spam at all but, like unlike Viking Gold, you can't take it with you. You will need to learn about Exchange Online Protection (EOP). There is so much material out there on EOP that there is little I could add so try reading up on it here... more details NB: If you have a Hybrid deployment or just plain old Exchange or even a non-Microsoft email server (heaven forbid) you can still get EOP to protect your mailboxes!

• For both Exchange Online and SharePoint Online you need to be aware of the legal retention framework which your business operates under. Solicitors and accountants will have a completely different set of rules to play by than a builders. The general principal is the same though, retain data only for as long as you legally need to. This reduces your “legal risk”.
• For Exchange Online you can now edit this limit by creating a new MRM policy; here's how MS Blog You may also wish to use the Exchange Admin Centre or PowerShell Technet
• For information on how the SharePoint Online Documentation Deletion Policy Centre works try this very helpful article Technet

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Global Threats to I.T Security

Security Threats 2016 - - Defend Yourself Against Ransomware

Security is always a front runner in IT but new thinking from the fraudsters and hackers requires new, or at least updated, defences.

This year we have seen some really big stories in the news about hacking and security, and there have been some very nasty viruses released on to the internet. So, can we afford to continue in the same way as we always have? If we do it may cost us dearly. This is not scaremongering, these are the facts. Who's Been Hacked In The Past Two Years?

Experian, Premera Blue Cross, UCLA Health System, JP Morgan customers, Ashley Madison, US Government employees (including overseas spies!), Sony employees, Home Depot shoppers, EBay users... The list goes on but the above are the most notable. It's not just big companies that get hacked though, everyone is at risk and personally I have seen 3 instances of Ransomware attack in the past year (all data was recovered).

Most Notable Threats In The News:

Locky and other Ransomware - in our opinion the most prevalent and worrying viruses around at this time are those dubbed as "Ransomware". Have you or your staff received a slightly odd yet real looking email with a Word document attached? Or for that matter a PDF or Excel file? If you have and you opened it then your system is probably infected. Ransomware can come in all sorts of guises so it is difficult to pinpoint a tactical defense mechanism.

MazarBOT - A nasty virus affecting Android phone users that is capable of displaying false pages at the top of banking apps to try and trick you into handing over your financial credentials.

Linux Mint - if you happen to have downloaded this very popular version of Linux on or around February the 20th you may have been infected. Hackers had redirected the link to the ISO file to their own servers handing out an infected distro.

"Won't my Anti-Virus and Malware protection software stop Ransomware?" I hear you say...

The truth is that any very new virus won't be picked up by any AV software because it is not yet in their database.

Once infected Ransomware will start to encrypt your files so you can no longer access them. Then, at some point (and this could be several weeks later after all your backups are infected too) you will get a popup asking for a variable but not inconsiderable sum of money for the privilege of accessing your now hijacked data. Locky Ransomware is spreading at the rate of 4000 new infections per hour, which means ~100,000 new infections per day.

So are we all up the creek?

Well in a way, yes, we all have to be very careful. We all have to remain vigilant and be very aware that these attacks are out there, even to the point of training your staff so they know what to look for, and what NOT to do.

We wouldn't be surprised if cyber security even became part of the curriculum in the near future. There are some defences and practices we can adopt to minimise our risk though.

The Main Defenses

1. Use a modern browser that is updated consistently, for example Chrome.
2. Use a popup blocker extension with the browser, for example AdBlock Pro.
3. Make sure your Anti-Virus software is up to date, we recommend Kaspersky as it is Russian; the majority of hackers are Russian thus it should have the most up to date protection available.
4. Consider using Anti-Malware like MalwareBytes
5. Don't open "dodgy" looking emails.
6. Train your staff on what to look out for.
7. Protect your data! Create a backup system which is designed to resist this type of threat. Most are only designed with mechanical failure in mind.

Other Hacking Vulnerabilities For Your Delectation

Do you have a wireless mouse/keyboard? For example the signal between your mouse and the computers receiver (usually a USB dongle) may be unencrypted, thus the receiver will accept any seemingly correct command, this is known as Mousejacking. The same goes for some wireless keyboards.

"With the use of around $15-$30 long-range radio dongle and a few lines of code, the attack could allow a malicious hacker within 100 meters range of your computer to intercept the radio signal between the dongle plugged into your computer and your mouse". Ref: thehackernews.com

Poor Passwords: We see this all the time! An example of a poor password is Dave12 since it is too short and could be guessed fairly easily. Strong memorable passwords are difficult to generate so use a free web service like SafePassword.

They should include a mixture of numbers, letters and symbols and be at least 10 characters long. NB: An 11 character password is not able to be hacked by brute force by any computer in the world.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Testing Our New Mimosa B5 Lites in Chipping Norton

It was sunny day in the Cotswolds, looking back on it probably the last sunny (and warm) day of the summer, and we had a job to do… Make The Internet Work! This project all started when a local social media management business owner contacted me on Facebook. He is one of the crowd we have often met at various networking events, and lives in my home town of Chipping Norton.

“Hi mate I need your Bongo skills We've just taken over the old Post Office building as our new ECN HQ for the next 6 weeks and we need to sort out internet connectivity so we can get folks voting on the High St competition”

After a few questions about the location and the surrounding buildings I suggest that if he knows someone that has line of sight (LOS) to the post office we could look at using a radio to get the connection in. As it happens Shaun had just had a similar sort of conversation with the Deli opposite and knows that he has fast fibre there so with a bit of ringing around we organise a day to go and do a survey. Good thing I live down the road from this one! With the survey complete and a plan in place we book an installation day.

The install goes well and we get the cabling run in record time. We then get the brand new Mimosa B5 Lites up on the brackets high above the street traffic to ensure LOS is kept. Positioning these radio is very easy, there is a tool that allows you to scan for the best signal strength and we simply move them around until we get the best signal. After a bit of tuning the radios go live very happily. The whole install takes us about 4 hours and at the post office end we put in a switch to ensure that 3 laptops can connect to the internet to enable the voting for the #GBHighSt Awards.

If you would like Chipping Norton to win please vote now Vote Now

“Thank you to the incredible Bongo IT for setting up high speed internet connectivity in our HQ. And of course, thanks to Delicacy Deli & Coffee Shop for letting us share their connection in the first place. A perfect example of local businesses and organisations working together for the greater community benefit”. Experience Chipping Norton

What We Want is Unified Comms in Office 365, When Do We Want it?

Microsoft launched Skype for Business mid 2015. At that time there was a lot of talk about the new voice and meeting capabilities, and there was the chance to see a technical preview if you lived in the US. The new capabilities will enhance the current Skype for Business experience and allow IT Service, and Telecoms providers to offer a complete enterprise grade communications soultion as part of Office 365, or the unified comms solution of the future as we see it.

Update 07.02.2017 - Skype For Business outbound/inbound calling is now available to users. 

When we visited the UCEXPO in London during the summer "UCEXPO" this was the holy grail that everyone was reaching for. Unified communications isn't just about telecoms and conferencing it is about having all your data and colleagues connected in a way which is useful for your business, and being able to access the data from a central "control system" e.g. Outlook. As soon as someone invents an advanced algorithm for text to speech during meetings (that works well!) this type of system will be even more powerful. This company seems to be on the right track, CloudPipes however after requesting a demo I am #47,852 on the backlist...Well at least I don't feel like a Guinea pig

New Skype for Business Features Here and Coming...at Some Point

PSTN Conferencing - only available to preview in the U.S. This feature uses the traditional public switched telephone network to allow users who have been invited to a Skype for Business meeting set up in Office 365 to join the meeting by dialing in using a mobile or landline. This is a basic traditional dial-in capability one might expect of a conferencing system. It is in addition to, single touch join options on PC's, smartphones and browsers. So if your technical director is on holiday in Spain again and can't connect to the internet he can still join by phone, ah the joy of technology. Using PSTN Conferencing in Office 365 you will be able to dial out from the system to add other people to the call too, which is neat.

THE DADDY! Cloud PBX with PSTN Calling - only available for preview to Office 365 users in the U.S of A currently. This is the feature set we are most interested in. We want to use Skype for Business to make all our calls, and have the address book linked to Outlook. Everything finally would be in one place, integrated. Unified one could say! And don't worry, when this feature comes out you will still be able to use existing on-premises phone lines for outbound and inbound calls.

Skype Meeting Broadcast Preview (available to eligible Office 365 customers worldwide) - You can use this to publish your Skype for Business meetings on the public internet making it easy for "Joe Blogs" type users to join. The system claims to support up to 10,000 people though we have never had the privilage of testing that! This makes it very easy to host huge virtual meetings like that of a volunteers meeting, town hall, or even a demonstration. This preview includes the use of Bing Pulse, for real-time polling and sentiment tracking, and Yammer.

These previews are delivered by Microsoft strategic partners such as: BT, Level 3 Communications, Orange Business Services, Verizon and Vodafone.

Additionally Microsoft will be delivering a feature enabling direct connections to Office 365's Skype for Business customers using Azure ExpressRoute for Office 365. ExpressRoute helps customers easily create private connections between their premises and Microsoft enabled datacentres. This gives you more predictable network performance (predictable latency). This is a great resource for anyone looking for a manageable network with dedicated connectivity, reliability and additional data security. Then again seeing how easy it is to tap fibre we would still be concerned about how that is monitored.

Microsoft say they are "enabling people to connect with one another across all forms of human expression; verbal, written, visual and emotional".

Well fair enough, great if you can get on a trial but for us mere mortals we have been waiting patiently for the PTSN calling and cloud PBX for years. We want it now please, thank you!

OneDrive for Business Sync Improvements

Microsoft have announced that they are reviewing a new client for OneDrive for Business, your storage and sync medium to Office 365. There have been "a lot" of complaints (we complained at least 50 times, so god only knows how many complaints they actually received, 10's of 1000's we imagine).

What Is OneDrive for Business?

If you are not familiar with OneDrive for Business it is a very handy way to get your files in to the cloud, and to access those files quickly from your computer. It's a lot like Dropbox or Google Drive. The more clever side to it being that you can for example get on a flight/train/bus to a business meeting and access the files stored in OneDrive for Business locally on our computer without having to connect to the internet.

When you then reconnect to the internet the updates to the files are loaded to the cloud. If there are any changes made by colleagues during the time you were not connected to the cloud you will be notified and given a choice to merge, or keep a copy of your work. A very handy tool, especially for remote working.

So Where Does it Fall Down?

Reliability, in a word. The current client is based on Microsoft's Office Groove and has been for some time. It is prone to bugging out when you move files around, if for example you are having a bit of a "spring clean" of your old customer files and decide to drang and drop a lot of files in to a new "archive" folder. When I did this recently, my files were fine but my colleagues OneDrive for Business folders all had errors that could not be resloved.

So time to repair...but that didn't work...so time to clean the cache and start again (whilst noticing that 16gb of our harddrives' storage is taken up by the cache, aaaahhhh!!!). Frustratingly there is also a 5000 item limit which most people are unaware of (this is files + folders) for any one library, though you can have multiple libraries of course. Whilst generally all that is needed is some file structure planning it is a seemingly pointless limitation. Plus if you do accidentially go over that 5000 items limit...it can be a bit of a pain to sort out.

Our annoyance is that Dropbox can happily sync thousands of files without an issue, even OneDrive (the consumer version) is good as it uses a different technology, so why not Microsofts' business application?!

So whilst this does give us techies something to do and makes us look good when we fix it that's not really the sort of credit we are after. What we all want is a reliable sync system which flexes with the business needs. And preferably one that you don't need a degree in computer psychology to suss out.

What Are Microsoft Doing About IT?

Reuben Krippner, director, OneDrive for Business, introducing the new client in a video said:

“We heard your feedback on the sync experience loud and clear,” said “We’re delivering the next-gen sync client for both PC and Mac, and it’s based on the proven OneDrive consumer sync client.”

The new client is now in limited preview and adds OneDrive for Business Support to the existing (working) consumer client version. This should dramatically improve it's reliability. The new client will also support files of sizes up to 10Gb. Let's hope you have a fast upload to your broadband connection if you are thinking of storing those sizes of files in the cloud.

Mobile Clients

There are a number of OneDrive for Business mobile clients, many of which will be getting some new features. The Android app for example will allow individual files to not be kept from syncing. As for the rest we are unclear as to what features are going where.

The Crystal Ball

The only question is, will this be "rock solid" as promised? Well we expect a few bugs, but at least it looks like it is moving in the right direction. 

Update

07.02.2017 - We are now trialing the release candidate for the new next gen sync client. So far so good but still a way to go in our opinion. It has been pegged for release in March 2017 but we shall see.

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

MS Office 2016 New Features to Delight, and Beguile

Real Time Co-Authoring

Up until now the co-authoring functions have had a bit of a choppy time and Microsoft had settled on allowing co-authoring only in the browser IE when both users are logged in to the portal, which makes sense but was a bit disappointing given that we were allowed to see it in its full glory briefly.

However the 2016 update will allow for co-authoring when editing documents in OneDrive For Business which to be frank is the most likely place you would want to do it anyway, certainly for our clients (Network Managers/IT Directors) who are often in the office, at their desk working with colleagues. I have seen and "played" with the co-authoring function which seems to work well giving you real-time updates of what your colleague is doing to your document...and of course for a while we simply typed silly sentences at each other, marvelling at the misuse of technology. We did however speculate where this might be the most useful (other thanthe obvious use I have already mentioned) and we postulated this may be during meetings where a lot of notes need to be taken, seen by all and referred to. It could also be quite useful during scoping, and project management calls for projects too, providing everyone has the tech of course.

Link Sharing - Not Document Attachments

The default behaviour will be to share a link instead of attaching a document. Okay so this is a great idea and has been a long time coming, you can already get a link from SharePoint and share it but this is not the default behaviour for the system, or for most users. Exchange is already extremely clever about how it stores document attachments (heck it must be as I am awful at sending links!) but this new change will make email quicker, both to send and to search through, and ultimately save on disk space in Exchange. One possible problem that has been noted is that by default the link is set to "anyone can edit", however that is basically the same as sending the attached file without password protecting it, so not a biggy. What we are wondering is how this will affect older email, will the attachments still be available because I'm sure we have moved files/folders around in SharePoint a couple of times?!

Outlook Groups

Office 365 users will now be able to create a new type of group which will have a shared calendar, simple mailing list (group), library (document store) and some messaging tools via Skype for Business.

Clutter Update

Do you use clutter? This is a question I am asked daily. The answer is yes, but I also check it! Many users are not too keen to miss an important email so have turned clutter off straight away without testing it for a bit. Okay, fair enough, nobody likes change (or Microsoft "experiments") but if you are going to embrace the cloud, you might as well start using the apps that are built to make you more productive. The clutter function does hark back to the zero inbox method which I have come across. Basically this entails organising your email into several folders: Urgent, Important Not Urgent, Not Important...and thus cleaning up your very messy inbox. This allows you to concentrate on the most important things and potentially shift some of the other Not Important things on to another business function as you will probably find they are not super relevant to your job role. Streamlining is fun! So what is new? - You can manage it from within Outlook, not just online.

What Else?

That's basically it from us. Microsoft have just shown me their published changes which can be found at this URL here . Excel is going to have some new chart types but that's only of interest if you are a hardcore Excel user, most of us are not. So are you looking forward to 2016?

Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter