Skip to Content

Blog

Award Nomination

c53-awards

Vote for Cloud53

 

Cloud53 is lucky enough to have been shortlisted for the Talk of Manchester Business awards 2016 in the ‘Best IT Support Company’ category (award#22). We know some of the other companies going for this award and are aware we are in good company however we also know we are the BEST!

Cloud53 is a relative newcomer to the Talk of Manchester awards however that is not to say we are not worthy, we work very hard to ensure our customers support needs are not only met but exceeded on a daily basis and our customers agree! We are aware of at least 2 of them putting us forward for this award.

Please vote for us and help Cloud53 have its achievements recognised throughout Manchester.

0 Continue Reading →

Remote Access Warning

remote-access-laptop-hacker-security-300x300

About a month and a half ago, there were some reports surfacing of some TeamViewer users being hijacked. This mostly surfaced around 30-05-2016 to 02-06-2016, although there are some reports dating back to mid-June. The logs note that most of these computers were accessed through TeamViewer, with IP Addresses originating from a Chinese VPN, using a method known as “Custom Password”. TeamViewer has refused to explain what method is used for that to appear in the logs. The computers that were hijacked, had the saved passwords stolen, then they opened Chrome/Internet Explorer to attempt to send coupons or vouchers to China through Amazon, PayPal, or abusing any of the saved  passwords while logged into their machines.

Only a few of these computers were accessed by simple dictionary attacks due to the default 4-number password, which could be accessed in 23 hours of brute forcing. Due to the nature of TeamViewer, this password only resets when the application is restarted. Which isn’t that often…

A decent number of the intrusions also appear to coincide with the 01-06-2016 Denial of Service Attack on TeamViewer’s Authentication servers. TeamViewer declines any knowledge of a security issue, and has held their stance at it being the user’s fault for the issues that have been experienced. TeamViewer’s legal team has forced some article publishers to alter the statements about TeamViewer to cover up.

Most of these reports are unverified in a sense – as they are posted on a potentially anonymous forum, claims that cannot be verified. However, they are in such a high volume that some potential truth can be gleaned from the info.

0 Continue Reading →

This as a Service (TaaS), What as a Service (WaaS)???

It seems in IT everything is as a Service (aaS) yet given the amount of questions we at Cloud53 receive about this element of managed services, clearly it is a much misunderstood way of doing things to those non IT people.

The diagram below should hopefully make this much simpler to understand using something as a Service that we all understand.

car as a service2

 

If interested in any IT services as a Service (aaS) then please do give Cloud53 a call

0 Continue Reading →

Distributed Denial of Service (DDoS)

ddos

Recently it seems that every week we hear of a major website being unavailable due to a DDoS attack but what is it and why is it becoming so common?

A DDoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic.

It appears that along with these attacks becoming more common, they are also becoming more serious in the sheer bandwidth that is being used. Speaking to a recent victim they saw over 80Gbps being used against their IP’s, very few providers could sustain that bandwidth. To put this into perspective in Q4 of 2013 the average DDoS attack was using an average of 2.14 Gbps.

In recent months major names have been attacked such as the BBC (reportedly over 600Gbps), Sony PlayStation network, TalkTalk, Carphone warehouse and many more but why?

It would seem that essentially the groups doing this wish to extort money from their victims, using blackmail with the threat that if they do not pay then attacks will continue. However could you trust a black mailer not to do it again after payment? This is why it is generally reported that companies do not pay, however it seems reasonable to assume that some companies do pay as these sort of attacks cost money to implement and so they must be worthwhile to the criminals?

The type of payment is the issue in these ransom situations as payment is always instructed to be made in bitcoins and so is totally untraceable (if you know what you are doing). It is also thought that money gained in this way often finds its way to support worldwide illegal activity.

You don’t have to be a large company to suffer a DDoS attack but the attackers do go to where they believe ransom money is available, however if you do become a victim of a DDoS attack and subsequent blackmail it is best to treat it as an exercise to bolster your security and potentially test your DR strategy, it is not advised to meet the demands of the cyber criminals.

0 Continue Reading →

Hacking – why does it keep happening?

computer-hacker
Obviously this week the big story has been TalkTalk who it would appear have been hacked and potentially allowed details of 4 million customers into the wrong hands. This is the third large cyber-attack which TalkTalk have received and it is not at present clear why TalkTalk are targeted or who did it but it is far from being the only company that keeps being hit!
Most, if not all, large companies will receive cyber-attacks every day, it is unfortunately the norm. This is the reason why large companies invest in heavily in cyber security but being ahead of the cyber criminals isn’t easy. Around 1 million new malicious programs are created on a daily basis according to security firm Symantec.
It is extremely unlikely that any large company has not received cyber-attacks, it is also very unlikely that any of these large companies haven’t suffered a breach of security due to these attacks at some point. It is only the clever companies that are aware of these breaches and learn from them. It is likely that many companies will not know they have been breached which is much more dangerous than being aware!
Can it be stopped? Very unlikely, unfortunately it is just a case of staying one step ahead of the hackers which in reality is extremely difficult and expensive.

0 Continue Reading →

All White for Winter?

snowMAIN_1788610b

We know the weather predictions are always a tad dramatic with phrases such as ‘Arctic Freeze’ and ‘El Nino’ but it is worth paying attention to the fact that your business could suffer because of the winter. At present weather predictions for this winter are suggesting the El Nino (named Modiki) weather Phenomenon and reportedly maybe the strongest since 1950. In this year heavy snowfall brought chaos to much of the country with temperatures in some areas being as low as -22C with around 50cm of snowfall, certainly worse than the ‘big freeze’ which we remember in 2009/10.

The ‘El Nino’ happens when ocean temperatures in the eastern Pacific, near South America, rise due to a change in the normal wind direction, creating knock-on effects across the globe due to the amount of heat released into the atmosphere. The polar jet stream tends to move further south, and brings wetter weather across the Atlantic, which causes heavy rainfall in warmer months (we have certainly had this), but can bring snow in the winter.

So is your business ready in case we do have a bad winter? Typically in the UK a bad winter means the public transport system grinds to a halt or at best is a very poor service. The reason for this, apart from the weather affecting equipment and roads, is due to Staff not being able to get into work and so we get into a vicious cycle!

If your staff cannot get into work whether it be due to public transport or the highways what contingencies do you have in place to allow your business to continue? Should it just be for a single day most businesses will be fine, albeit probably lose some revenue, however if the weather spell lasts a week or more then it could be much more serious.

Points to consider:

  • Remote access – Do you provide remote access whether it be via Remote desktop, Citrix, Outlook web access. Is this setup for all staff? Are they aware of the details? Do you have enough licences? Does your internet connection give sufficient bandwidth for inbound connections?
  • Telephony – do staff have desk phones at home? Can staff access the telephone system through soft phones (PC or smartphone apps). Can diverts be put on remotely?
  • Backup – if using onsite backups who will change the tapes/disks? How will the data get offsite for safe storage?
  • Meetings – do you have video conference services available to take meetings internally and externally given that travel is limited?
  • Communication – are staff aware of the business continuity plan? How they will access systems? How will staff communicate?
  • Suppliers – depending on your business your supplier’s business continuity plans maybe extremely important if you cannot receive deliveries of vital goods and services – they should be asked the question.

 

Whilst we have seen predictions previously for heatwaves, bad winters and even the end of the world eventually predictions do happen so it’s always best to be prepared. Please get in touch should you be interested in any advice on the above (excluding weather forecasts).

0 Continue Reading →

SPAM – what is it?

spam

Whilst we would rather have this as a fritter (us northerners) how did this term ever get into email? SPAM in terms of meat stands for Specially Processed American Meat but in email terminology it simply means ‘unsolicited email’

Spam as an email term does not actually stand for anything but was just a name that started and continued purely by chance. This came about in 1994 as part of a lawsuit in the US. A company had advertised its product on the usenet newsgroups (one of the first mass forums) and were flooded with complaints. Complaints made due to the misuse of the then scarce internet resources. Disk space and bandwidth was massively consumed by this single action, given the storage costs and modem dial up solutions back then you can imagine the issues. After this the name Spam simply caught on and is still with us today.

It is currently estimated that 70% of all emails sent are actually Spam and of this figure 90% can be attributed to a core of 200 Spam outfits.

Spam unfortunately is an overwhelming fact of life. Filtering however is available relatively cheaply to keep 99.9% of it out of your inbox, please contact Cloud53 should you need advice.

0 Continue Reading →

Backup, Business Continuity, Disaster Recovery – are they the same??

Burning_keyboard_medium

Recently after talking with clients we have realised that these terms all appear to mean the same thing to some of the business market out there and this is a dangerous assumption. Typically people only understand the differences after an incident and when it’s too late. Therefore we thought it may be useful to summarise what each is and what it means:

Backup –this typically happens once per day and overnight so therefore it is technically possible to lose around 23 hours’ worth of data. In addition a backup simply backs up data and restore may involve building a new server and then restoring the data to this server which if from tape could mean 24-48 hours before the server is back up and running as was. Therefore in this case the Recovery Point objective (RPO) is 23 hours and Recovery Time Objective (RTO) is 48 hours. With tape this is always assuming each backup is successful and that you have a suitable tape drive to read from.

Business Continuity – This is essentially how your business (as a whole) will recover from an incident. This incident may not affect IT although most incidents do. It maybe related to the scenario that the office is inaccessible due to a gas leak and therefore how do your staff work from another location or it could be a gas explosion within the building which destroys the IT infrastructure. BC is about the capability of the organisation to continue its business following a disruptive incident. BC is the big plan of which IT Disaster Recovery is a subset.

IT Disaster Recovery – is how you plan to recover from a disaster and this isn’t simply restore from backup as let’s not forget you might not have any media to restore from, you might not have an internet link, you may not have servers or tape drives! DR is about how you recover from the worst possible disaster and as quickly as possible. In the business world the only way to guarantee your IT infrastructure to be always available is to host it outside your business in a datacentre (with redundancy / replication) or to host internally but replicate to a remote datacentre using real-time replication, therefore in the event of a disaster your RPO is less than one minute and your RTO is also just minutes. With auto fail-over and the correct replication software this is easily achievable.

0 Continue Reading →

Welcome to Summer!

airon failed

So it seems we are approaching the time of year when things warm up which is great news if you’re not at work or maybe work in state of the art offices with aircon (that works) however it’s not necessarily  good news for servers, network kit and the like in areas without dedicated air-conditioning.

Typically once we hit real summer there is a rise in server and network failures as this kit is still in the small room or cupboard that it is all year round but with an added 10°C or 15°C to work in. The kit still produces the same heat itself but the heat isn’t dispelled as well as it is in the cooler months. Often this means that a router or some other network kit fails first as often this is situated above the servers and of course heat rises. Without am ambient temperature being maintained then due to any additional heat, the servers have to work harder, spinning the cooling fans more to try and combat the heat being produced by the disks and the CPU’s. It’s a vicious circle until either the room cools or a component fails unfortunately

Remember in the summer months to keep an eye on temperatures in these areas and allow extra ventilation / aircon if you can.

  • An average server generates 1360btu/hour which is about the same as a small radiator.
  • It is recommended that server rooms maintain a temperature of between 18°C and 24°C.
  • Typically the server CPU’s will run at around 45°C however anything past 60°C for long periods can be dangerous and result in failures.
  • Disks are more likely to fail the older they are and as such temperature changes may contribute to these disks failing sooner.
  • Humidity is just as important to IT kit as temperature.

 

The obvious solution is to look at hosting your servers externally – why not get in touch with Cloud53 to discuss? Apart from taking the worry away it should also reduce your on-going costs!

0 Continue Reading →

Smartphones – is your data safe?

app-for-that-1024x989

Are you aware that a SINGLE data protection breach can result in a fine up to £500,000?

We’ve all heard the stories of laptops (even by Government people) being left on trains or being stolen that are not encrypted…. But of course these days all company laptops are fully encrypted…aren’t they?

One area often over looked are smartphones, which let’s face it we all use far more than laptops these days but, are they encrypted? I suspect not! The chances are all your company email is on your smartphone including contacts, attachments and other sensitive material. So why do we not place the same caution on the smartphone as we do the laptop?

Whilst you cannot necessarily encrypt all smartphones you can follow some easy steps to ensure that the data contained on it is safe.

Typically companies have 2 sets of smartphones, those provided by the company and so known about but also more worryingly those smartphones owned by staff who like to have the company email on their smartphone, these are the ones to be most concerned about!

Do you restrict staff who can access email on their smartphones? Do you have a company policy to cover this? If you answer ‘no’ to either of these questions then please give it some thought.

With mobile device management in place you can force all phones accessing company email to be protected by a 6, 8 or 10 digit password. In addition should the device be lost or stolen then a simple ‘phone call to Cloud53 can ensure that your smartphone is wiped clean of all data so whilst you may have lost the ‘phone, your data remains safe.
To find out more about this service please contact Cloud53.

0 Continue Reading →