Archive for December 2016

Your Latest IT Newsletter

Biggest Data Breach in History For Yahoo

As if the data breach of 500 million users’ accounts in 2014 wasn’t bad enough, Yahoo has just discovered that it was the subject of the biggest data breach in history when back in 2013 more than one billion user accounts were compromised!

<More>

BT Broadband Christmas No.1 For Complaints Says Ofcom

BT Broadband has the dubious honour of making it to the Christmas no.1 spot…for customer complaints. Figures from Ofcom the 3rd quarter of 2016 make grim reading for BT and for other Broadband companies that it owns.

<More>

Blockchain’s Introduction in Dubai Could Help to Transform the Middle East

Dubai’s commitment to putting all its documents on Blockchain’s shared open database system by 2020 could help to cut through Middle Eastern bureaucracy, speed up civic transactions and processes, and could help bring positive transformation to the whole region.

<More>

Could Your Smart IoT Christmas Present Be a Future Trojan Horse?

With the massive amounts of household, leisure items and toys that have a ‘smart’ element to them, could any of the IoT presents that you receive or give this Christmas be taken over and used by hackers in 2017?

<More>

Tech Tip – Create PDFs Easily in Windows 10

Converting different types of documents to PDF format usually involves installing a third-party PDF tool to carry out these conversions. With Windows 10 however there is a built-in PDF creation feature as a print option.

<More>

Tech Tip – Create PDFs Easily in Windows 10

Converting different types of documents to PDF format usually involves installing a third-party PDF tool to carry out these conversions. With Windows 10 however there is a built-in PDF creation feature as a print option.

Including this feature as a print option means that any program or app in Windows 10 that allows you to print will also allow you to create or convert your files to PDF. For example, to save a web page as a PDF:

  • Click your browser’s menu button (top-right corner).
  • Select ‘Print’.
  • Choose ‘Microsoft Print to PDF’ from the list of available printers.
  • Change any other settings as needed.
  • Click ‘Print’.
  • Give a PDF file a name and choose a location to save it in.

Could Your Smart IoT Christmas Present Be a Future Trojan Horse?

With the massive amounts of household, leisure items and toys that have a ‘smart’ element to them, could any of the IoT presents that you receive or give this Christmas be taken over and used by hackers in 2017?

A Big DDoS With IoT.

Back in October this year cyber criminals were able to take over many thousands of household ‘Internet of Things’ (IoT) devices, and use them together as a botnet to launch an online distributed denial of service (DDoS) attack (Mirai) on the DNS service ‘Dyn’ with global consequences. The devices included things like white goods, CCTV cameras and printers, and the major platforms that were put out of action by the attack included Twitter, Spotify, and Reddit.

Only 2 months down the line many of us will be giving and receiving IoT devices as Christmas presents that are just as vulnerable to being taken over and used by hackers for attacks in the coming year.

Which Devices?

The kinds of smart devices that are part of the IoT, and could potentially be exploited include fridges, kettles, toasters, and systems used to heat and monitor your home remotely. While smart devices and the IoT have many great benefits and great potential, they also bring security risks that are not yet fully understood.

Why Are These Devices Vulnerable?

Technical experts and commentators believe that it is not easy for manufacturers to make internet-enable devices secure because:

• Adding security to household internet-enabled ‘commodity’ items costs money. This would have to be passed on to the customer in higher prices, but this would mean that the price would not be competitive. Therefore it may be that security is being sacrificed to keep costs down – sell now and worry about security later.

• Even if a security problem is located in a device, the firmware (the device’s software) is not always easy to update. There are also costs involved in doing so which manufacturers of lower-end devices may not be willing to incur.

• With devices which are typically infrequent and long lasting purchases e.g. white goods, we tend to keep them until they stop working, and we are unlikely to replace them because they have a security vulnerability that is not fully understood. As such these devices are likely to remain available to be used by cyber criminals for a long time

What Does This Mean For Your Business?

If your business manufactures or sells smart devices, be aware that if recent months are anything to go by consumers will begin to understand the value of security protection of their IoT devices, and it may become part of the purchase criteria in the near future.

For businesses and individuals, one simple step that we can all take to make sure that our ‘smart’ Christmas presents and other smart items are protected is to make sure that, if they have a default username and password, these need to be changed as soon as possible. Make sure that the new username and password are very secure and very unlikely to be discovered easily.

Blockchain’s Introduction in Dubai Could Help to Transform the Middle East

Dubai’s commitment to putting all its documents on Blockchain’s shared open database system by 2020 could help to cut through Middle Eastern bureaucracy, speed up civic transactions and processes, and could help bring a positive transformation to the whole region.

What is Blockchain?

Blockchain is an incorruptible peer-to-peer network (a kind of ledger) that allows multiple parties to transfer value in a secure and transparent way. Blockchain’s Co-Founder Nic Carey describes Blockchain as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”.

The developers of the Blockchain system say that the trust between participants is not necessary because trust is embedded in the system itself, and that access to all relevant information is available to participants.

How Can It Be Used?

Bockchain has multiple possible uses e.g. as global property rights / land registration system, as the basis of a not centralised (and therefore faster) payment system, and as a system for exchanging / buying / selling all kinds of collateral such as stocks, bonds, land titles and more.

What’s Happened in Dubai?

As well as Dubai’s commitment to putting all of its documents on Blockchain in the next few years, the emirate has also founded a public-private initiative called the Global Blockchain Council to foster the development and use of Blockchain technology in and between local government teams, local businesses and international start-ups.

How Blockchain Could Help in the Middle East.

It is thought that Blockchain could help the whole Middle East region in many ways including:

  1. Increasing transparency and liquidity in the real estate market. Since land registration in Middle East economies still relies on paper for registration and title transfers, the digitising of this process could speed everything up.
  2. Faster and cheaper transactions in key industries. In the oil industry for example, crude oil sales to international buyers still require traditional wire/cheque transfer or Swift payment methods, and cross-border payments can take between two and three days to complete. With Bockchain payments are almost instantaneous and take around 15 minutes to complete. The lack of centralisation i.e. no central banks means that the transactions could take place easily with customers in different time zones.
  3. Helping governments. This could be to collect taxes, deliver benefits, issue documents, and to assure the supply chain of goods and the integrity of governmental records.

What Does This Mean For Your Business?

For businesses in Dubai and across the Middle Eats this could make trade and development easier and faster. For UK businesses dealing with or wanting to deal with businesses in Dubai this could also be a very positive development that could facilitate trade and open up new opportunities.

The days when businesses can buy, sell and transfer funds quickly and easily anywhere in the globe are now not far off thanks to the development of the Blockchain technology. If the technological challenges of finding ways to make an all-purpose Blockchain can be met, businesses will be less reliant on big banks and will be able to use new financial systems that are flexible, interoperable, secure, and convenient.

BT Broadband Christmas No.1 For Complaints Says Ofcom

BT Broadband has the dubious honour of making it to the Christmas no.1 spot…for customer complaints. Figures from Ofcom the 3rd quarter of 2016 make grim reading for BT and for other Broadband companies that it owns.

How Many Complaints?

BT unfortunately tops Ofcom’s list with an eye-watering 36 complaints for every 100,000 customers. To put it in perspective that is nearly double the industry average figure of 20 per 100,000 customers.

Bad News For Plusnet and EE Too.

Second and third place in Ofcom’s list went to Plusnet and EE, both companies owned by BT.

What Went Wrong?

According to statements by Lindsey Fussell, Ofcom’s consumer group director BT’s customers experienced problems relating to both its broadband and landline services from July to September. There also appears to be an accusation of complacency by Ofcom relating to BT’s customer service during that period.

Vodafone Still Tops Mobile Complaints.

Offcom’s figures show that while BT has been stumbling with its broadband service at the end of the year, Vodafone has consistently topped the complaints list for pay-monthly mobile complaints since the 3rd quarter of last year. Numbers of complaints have however fallen 18 per 100,000 customers since reaching a high of 32 at the end of last year.

What Does BT Say?

BT’s Chairman Sir Michael Rake has publicly acknowledged that there were some exceptional broadband outages during the third quarter of this year. Sir Michael has apologised to customers and has promised that customers will see an improvement after he puts new measure into effect. These measures are reported to include a recruitment drive for more staff to handle queries / complaints, more cash being put into service improvements, and an overhaul for the software used by BT to handle the complaints.

Some critics have said that BT’s improvements should concentrate less on improving how complaints are handled and more on trying harder to eradicate the causes of those complaints.

Possible Fine.

Although no fine has been announced for BT, Ofcom can and has used some large fines against communications companies in recent times. Vodafone for example had a £4.6m fine from Ofcom in October this year relating to broken rules concerning complaint handling, and for misleading customers about aspects of pay-as-you-go services. Ofcom also fined EE £1 million for not handling parts of the complaints process properly.

Ofcom Moving To Separate BT and Openreach.

Ofcom has recently ruled that it will be formally asking the European Commission to start the process of separating BT from its network infrastructure arm, Openreach. There has long been and argument that investment is needed in the network, and that action needs to be taken to improve broadband and phone services across the UK. Critics have argued that Openreach needs to repair problems and install new lines more quickly, improve service performance and broadband coverage across the UK.

What Does This Mean For Your Business?

Many businesses and individuals use BT broadband services and it is good news therefore that the regulator is staying on top of things. The fact that BT and Openreach could be separated in the near future should mean greater investment in the infrastructure, higher quality and more effective services and customer services. This could of course bring service improvements for customers in the not-too-distant future.

Biggest Data Breach in History For Yahoo

As if the data breach of 500 million users’ accounts in 2014 wasn’t bad enough, Yahoo has just discovered that it was the subject of the biggest data breach in history when back in 2013 more than one billion user accounts were compromised!

What Happened?

According to a statement from Yahoo, hackers used a method known as ‘forged cookies’ to enable them to gain access to users’ accounts. These cookies were pieces of code which, when planted in a user’s browser cache, the yahoo website didn’t require a login every time it was accessed. This meant that the cyber criminals behind the scheme were then able to use this vulnerability to pose and be misidentified as a user, and get into their account without needing a password.

Email Account Breach.

In this case email accounts were breached and it is not thought that any stored payment card and bank account information were taken. One big problem is however that emails contain all kinds of sensitive and personal details such as bank details, family details, and even passwords.

Password Sharing.

Another danger of having your email password stolen by hackers is that many people use the same password for multiple purposes e.g. as their login to retailer accounts. Hackers are therefore known to compile databases of, and to test combinations of stolen login details on other websites e.g. Amazon in the hope that password sharing will enable them to gain entry.

State Sponsored Breach.

It has been reported that Yahoo believes that the one billion + user data breach is likely to have been ‘state sponsored’.

Letter From U.S. Senators.

Some security commentators have suggested in recent years that Yahoo had been falling behind its peers in terms of blocking spam and email-based attacks. It has also been reported that after Yahoo’s announcement in September about its huge data breach back in 2014, six US senators sent Yahoo a letter. The letter voiced their concerns, asked when Yahoo had actually found out about the breach, and stated that the long delay between the breach and its announcement was ‘unacceptable’.

What Does This Mean For Your Business?

If you are a Yahoo email account holder, the advice from the company is to change your passwords and security questions, and to change the answers for any other accounts on which you used the same or similar information. You are also advised to review your Yahoo account(s) for any suspicious activity. Yahoo also suggests that account holders should beware of unsolicited communications asking for personal information or referring them to web pages, and to avoid clicking links or downloading attachments from suspicious emails. Yahoo is also offering users the ‘Yahoo Account Key’ tool which gives authentication without the need a password.

For businesses and individuals alike this story emphasises the need to be vigilant online, to set very strong passwords and not to share passwords between different websites.

Your Latest IT Newsletter

Capita Replacing People With Robots

So-called economic ‘headwinds’ is one of the reasons why outsourcing company Capita is cutting 2,250 UK jobs but giving more than 2,000 jobs to robots. Capita has apparently responded to a profit warning by deciding to cut and re-direct human jobs (200 are going to India) while at the same time giving jobs to ‘robots’.

<More>

Barcode Tracking for Dementia Sufferers

The trial of a new barcode tagging system for tracking elderly dementia sufferers and those at risk of getting lost is under way in Tokyo.

<More>

Obama Orders Election Review After Cyber Attacks and Foreign Influence

After public accusations against Russia concerning cyber attacks against Democratic Party organisations in the recent U.S. presidential election, President Barack Obama has ordered a full intelligence agency review.Back in October, Russia was formally accused by the U.S. government of launching cyber attacks against Democratic Party organisations during the 2016 election campaign.

<More>

100% Renewable-Powered Data-Centres For Google by 2017

Google has announced that it’s still on target to meet a 2015 pledge that it will be able to offset all of the energy used at its data centres and offices with power that has been generated using renewable sources by next year.

<More>

Businesses Misusing Average IT Security Spending Figures

A recent report by Gartner warns that although businesses are spending on average just over 5% of their overall IT budgets on IT security, comparing your security spending to other firms in the same sector is no substitute for accurately assessing your own security posture and spending requirements.

<More>

Tech Tip – Replacing Bing in Windows 10 with Google via Chrome and Edge

If you’re used to and prefer to keep using Google instead of Bing as your search engine of choice, you may be wanting to remove or to sideline Bing, the default search engine for Windows 10, from the Windows 10 search bar. Here’s how to do it :

<More>

Tech Tip – Replacing Bing in Windows 10 with Google via Chrome and Edge

If you’re used to and prefer to keep using Google instead of Bing as your search engine of choice, you may be wanting to remove or to sideline Bing, the default search engine for Windows 10, from the Windows 10 search bar. Here’s how to do it :

1. Open Chrome.

2. Download “Bing2Google” from the Chrome App Store.

3. When you perform a Windows 10 search, Chrome will boot up and allow you to conduct your Google search. This method should also mean that you don’t lose standard Cortana or device search functions.

Removing Bing From Microsoft Edge:

1. Open Edge.

2. Go to Settings and then to Advanced Settings.

3. Under “Search in the address bar”, change the default to “Add New”.

4. Choose from the list of search engines. If there is an empty list, navigate to your browser of choice and repeat this process. This should add your search engine of choice to the list as an available provider.

Capita Replacing People With Robots

So-called economic ‘headwinds’ is one of the reasons why outsourcing company Capita is cutting 2,250 UK jobs but giving more than 2,000 jobs to robots!

Automation Job Threat.

One of the long-held worries about automation has been illustrated in a ‘futuristic’ way as Capita has apparently responded to a profit warning by deciding to cut and re-direct human jobs (200 are going to India) while at the same time giving jobs to ‘robots’.

Predictions from academics have centred on estimates of one-third of existing jobs being lost to robots in the coming years. It is also a cruel irony therefore that after a Capita report showed that 85% of employees believe workplace automation will create more jobs than it will replace, 2,000 Capita jobs will end up being lost to robots.

Workers did, however, express some of the fears that have now come to pass. For example, 72% of workers surveyed for the “Workplace More Human” report did admit to fears of possibly losing their jobs or of de-socialisation of the workplace with the introduction of robots.

Doing What?

Capita have not yet stated exactly what jobs will be replaced by the robots, rather it has issued a general statement that talks about trying to deliver a proprietary robotic solution to achieve scaled automation across its operations. Jobs undertaken by Capita cover many different areas for some high profile customers, including collecting the BBC licence fee and overseeing the London congestion charge.

Faster and Fewer.

Recent public comments by Capita CEO Andy Parker have indicated that robotic staff are attractive to the business because they will enable the pace of work to be increased and with robot help, less staff are required to do the same amount of work thus saving costs.

Technology commentators have also pointed out that robots don’t need breaks or holidays, they are available for work day and night 7 a days a week, and they don’t present the same risks or require the same rights as human workers.

Fall in Share Price.

These changes at Capita, which also include the sale of the asset services division have been accompanied by a fall in its share price to its lowest level in a decade.

What Does This Mean For Your Business?

Clearly there are strong economic, competition, and scale arguments for introducing the right kind of automation to the right areas of businesses. Some businesses are clearly more suitable than others to receive greater levels of automation in the form of what could be called robots.

There is an increasing trend towards robotic / automated aspects of services, manufacturing and retailing, and we are all becoming more used to encountering it, dealing with it and working with it.

In the IT industry for example, AI bots are being used, and in the transport industry there has been a move towards autonomous vehicles for public transport.

For businesses, more automation can bring many benefits e.g. in areas such as consistency, predictability, speed, capacity and cost savings. For employees, more automation may of course broadly mean fewer jobs, and more specialised jobs.

Businesses Misusing Average IT Security Spending Figures

A recent report by Gartner warns that although businesses are spending on average just over 5% of their overall IT budgets on IT security, comparing your security spending to other firms in the same sector is no substitute for accurately assessing your own security posture and spending requirements. Yes It Sounds Low, But…

According to Gartner’s report, the current IT security spend ranges from 1% to 13% of a firm’s IT budget, and the just over 5% average spend figure does seem low, especially considering the large number of reported hacks and security breaches.

The report however suggests that if companies use industry average figures, or even the amount of a company spend in the same sector to help them decide upon their own IT security budget, they may be putting themselves risk, and/or misusing that information.

Base It on Your Own Company’s Needs.

According to the Gartner Report, simply applying generic industry averages could mean that although your company is spending at the same level as peers, you may be spending it on the wrong things. Your company’s IT security needs may be more complex, and your risk appetite may be greater than those of companiesthat you may regard as being your peer.

The Gartner report therefore argues that simple spending statistics do not necessarily provide a measure IT effectiveness and are not a gauge of successful IT organisations.

Unaware.

Another complicating factor for arriving at accurate IT security budgets highlighted by the report is the fact that many organisations are unaware of their security budget, and due to inadequacies in company cost accounting systems the chief information security officer has restricted insight into security spending throughout the enterprise. For example, many security-relevant processes are in fact carried out by staff who are not devoted full-time to security, thus making it impossible to accurately account for security personnel.

What Does This Mean For Your Business?

In order to arrive at the right kind and level of IT Security budget for your specific organisation, it is risky to rely heavily upon industry average statistics. A better plan may be to clearly establish your own business IT security requirements and risk tolerances. To help identify a real budget it may be worth looking at areas such as networking equipment with embedded security functions, any desktop protection that may be included in your end-user support budget, your enterprise applications, any outsourced or managed security services, your business continuity or privacy programmes, and any security training that may be funded by your HR function.

Being able to accurately divide up your spending among hardware, software, services (including outsourcing and consulting), and personnel, may mean that you are more able to arrive at the optimum budget.

It may even be the case that by exercising due diligence in this way you end up spending less than the average amount while still staying secure.

Among the lowest-spending 20% of businesses are organisations that have implemented best practices for IT operations and security, and are actively working to reduce vulnerabilities.