Archive for IT Infrastructure

Superfast Broadband Boosts Business and Jobs

Among the findings of a recent government report about superfast broadband in the UK are claims that superfast broadband rollout so far has led to job creation and a £12.28 benefit for firms for every £1 invested by central and local authorities.

Measurable Benefits

The Evaluation of the Economic Impact and Public Value of the Superfast Broadband Programme report, by The Department for Culture, Media and Sport (DCMS), covering 2012 to 2016, claims that the fact that superfast broadband has now reached almost five million homes and businesses (Openeach puts the figure at 10 million) has provided noticeable, measurable and business and economic benefits.

Fewer Jobseekers, More Jobs

For example, according to the report, superfast broadband has driven a reduction of almost 9,000 jobseekers allowance claims, and the creation of 49,000 local jobs.

What Is Superfast Broadband?

Superfast broadband refers to connections with broadband speeds of 24 megabits per second and above.

Where?

Superfast broadband is more available in some parts of the UK than others. For example, the highest rate of superfast broadband availability is in North East England (97.19%). Also offering high rates of superfast broadband availability are South East England (97.07%) and the West Midlands (96.56%).

Unfortunately, those who live and work in Northern Ireland are currently treated to the lowest rates of availability in the UK at 87.74%.

Boost

The growth in the levels of superfast broadband availability has been given a boost by factors such as Openreach, the firm that runs the vast majority of the UK’s telecoms infrastructure, reducing the wholesale price of broadband.

This is thought to have helped take-up for superfast and fibre broadband services by homes and businesses, and given competitors e.g. Sky and TalkTalk the opportunity to reduce the cost of using the network, provided that they can get enough sign-ups.

Back in March last year, Ofcom (the telecoms regulator) announced that BT has agreed to legally separate from Openreach, which owns and operates the UK’s broadband infrastructure. This move was intended to enable greater competition among broadband providers and greater investment in the network infrastructure.

Fibre

Fibre has offered greater broadband speeds and reliability, but at the moment, most connections have fibre-optic lines up to the local street cabinet, but then copper phone lines from the cabinet to the house.

The government says that its aim is to give all of the UK full-fibre broadband (fibre to and from the cabinet) – rather than rely on broadband delivered over copper networks, by 2033.

What Does This Mean For Your Business?

Broadband is now an essential service for business, and businesses would obviously welcome any improvement in broadband speeds in the UK as it would undoubtedly help UK companies to become more competitive, and would boost the economy.
Unfortunately, while those who are able to benefit from superfast and (full) fibre broadband are clearly reaping the benefits, this is not the case in many areas of the UK. For example, in April this year, a survey by consumer watchdog ‘Which?’ has revealed that more than half of UK customers across 12 providers, are having problems with their broadband service or price.

Although this latest government announcement paints a positive picture of superfast broadband in the UK, the UK is now only at 35th place in the global average broadband speed league tables. This is because it has been too late in embracing a full-fibre solution – FTTP (fibre to the premises). Many critics have pointed to UK infrastructure provider Openreach shying away from FTTP because of the perceived costs and level of difficulty of large-scale rollouts.

For the time being then, UK businesses have to rely on the slower FTTC (fibre to the cabinet), and this has put UK businesses at a competitive disadvantage with businesses in many other European countries.

Major improvements to broadband speeds for UK businesses in most areas are still a long way off as the UK may only actually have 7% full fibre coverage by 2020, with full coverage unlikely for another 15+ years.

Microsoft Launches Free Version of Collaborative Chat App ‘Teams’

Microsoft has announced the launch of a free version of its collaborative chat app ‘Teams’ which doesn’t require an Office 365 subscription.

What Is Teams?

Introduced back in November 2016, ‘Teams’ (as the name suggests) is a platform designed to help collaborative working, and combines features such as workplace chat, meetings, notes, and attachments. Described by Microsoft as a “complete chat and online meetings solution”, it normally integrates with the company’s Office 365 subscription office productivity suite, and Teams is widely considered to be Microsoft’s answer to ‘Slack’.

Slack is a popular, multi-channel collaborative working hub that offers chat channels with companies and businesses you regularly work with, direct voice or video calls and screen-sharing, integrated drag-and-drop file sharing, and an App Directory with over 1,500 apps that can be integrated into Slack.

Teams is now believed to be used by around 200,000 organizations.

Free Version

The free version of Teams, which does not require an Office 365 account, offers the same basic features as regular Teams to anyone who wants to try it out. The hope is, of course, that this will increase user numbers, and tempt users away from Slack. Microsoft is also extending 365 cloud suite with the free version of Teams to try and bridge Microsoft 365 with Office 365.

Space and Features

The free version of Teams offers 10GB of team storage plus an additional 2GB for each user, with up to 300 people supported. Also, users have unlimited messages and search, there is guest access, as well as audio and video calls and screen sharing.

Within the Teams app, users can collaborate with colleagues on Word, Excel and PowerPoint documents.

What’s Missing?

Even though the free version offers quite a lot of storage space, the full version would offer users a massive 1TB. Also, unlike the full version, the free version doesn’t come with Yammer, Planner, SharePoint and OneDrive, plus the free version lacks some of the security features of the full version. This could make it less attractive to enterprises that are also looking to maximise compliance.

Warning To Help With Team Etiquette

One interesting aspect of Microsoft’s approach to the collaborative working platform is to build-on features that warn a user when they are doing something that goes against good practice and etiquette within teams. One key example of this is, with MyAnalytics, which works as an intelligent collaboration assistant in Outlook, is where users are warned / alerted if they are sending emails to co-workers outside their normal working hours.

What Does This Mean For Your Business?

One good way to increase user numbers quickly, gain some ground in a battle with competitors, and to entice people to try and perhaps switch to a new service is to offer a good, usable, value-adding version of that service for free. That’s exactly what Microsoft is doing with its version of Teams.

Although larger enterprises may already be a long way down the road with their chosen collaborative working platform, and might be a bit put off by the idea of using a free version of a platform that is not quite on a par with the full version in terms of security features, a free version of Teams may be very attractive to SMEs looking to move into collaborative working with a low risk, trusted, scalable solution.

UK Slips To 35th Place In Global Broadband Speed Table

A recent comparison of 163 million broadband speed tests across 200 countries shows that the UK has slipped from 31st to 35th place in the global average broadband speed league tables.

Lagging In Europe

This latest result means that, even though average speeds in the UK have risen in the past year and, at 18.5Mbps, are above the global average, the UK is now lagging behind 25 other European countries.

Although the UK’s ranking is now actually above 165 other countries, it is still in the bottom third of EU member states.

Top Speeds

Globally, Singapore tops the average broadband speed table with 60 Mbps. In Europe, the Scandinavian countries are top of the league with Sweden at 46Mbps, Denmark at 43.9Mbps, and Norway at 40.1Mbps.

To give some idea of the gulf between broadband speeds at the top and bottom of the table, the lowest average broadband speeds can be found in Yemen (0.3Mbps), East Timor (0.49Mbps), and Turkmenistan (0.56Mbps).

Why The UK Fall In The Rankings?

It is widely believed that the UK is starting to drop further behind many of its European neighbours in average broadband speeds because it has been too late in embracing a full-fibre solution – FTTP (fibre to the premises). Many critics have pointed to UK infrastructure provider Openreach shying away from FTTP because of the perceived costs and level of difficulty of large-scale rollouts.

At present, many UK homes and businesses, therefore, have to rely on the slower FTTC (fibre to the cabinet) alternative, which uses copper wires to carry broadband from street cabinets to homes.

Openreach

Back in November 2016, partly because of its slowness to move to super-fast broadband but mainly because of a perceived monopoly, BT-owned Openreach was ordered by Ofcom to become a legally separate entity.

Hope

As well as Openreach’s competitors such as Hyperoptic moving forward with plans to offer FTTP to 2 million urban premises by 2022, the UK government has also recently updated its plans to bring FTTC to the UK. For example, the UK government’s National Infrastructure Commission (Nic) is now pushing for FTTC to be deployed around the UK by 2033, and hopefully, to be available to 15 million homes by 2025.

At the end of last year, the UK government announced that six regions of the UK would host trials of full fibre broadband for businesses, schools and hospitals as part of a £200m scheme by the Department for Digital, Culture, Media & Sport (DCMS). The regions are Aberdeen and Aberdeenshire, West Sussex, Coventry and Warwickshire, Bristol and Bath & North East Somerset, West Yorkshire and Greater Manchester.

What Does This Mean For Your Business?

This latest drop down the table of average broadband speeds is bad news, but not a surprise for UK businesses. Broadband is now an essential service for business, and businesses know from their own experience that broadband services in the UK can sometimes be slow, patchy, and often expensive. A recent survey by watchdog ‘Which?’, for example, revealed that more than half of UK customers across 12 providers, are having problems with their broadband service or price.

At the moment, better broadband services, particularly for businesses in rural locations, still seem a very long way off as the reality is that the UK ranks only 35th in the world for average broadband speeds, and we may only actually have 7% full fibre coverage by 2020, with full coverage unlikely for another 15 years. This could affect the competitiveness of UK companies compared to their European neighbours and other global competitors for a long time to come.

NHS Booking App and Doc Bot

In the NHS’s 70th year, and as part of the push for digitisation, the introduction of an appointment-booking app has been praised, while a GP chatbot has been given the thumbs-down by The Royal College of General Practitioners (RCGP).

Book Appointments With A Free NHS App

A free app, due to be launched at the end of this year, will enable NHS patients to make GP appointments, order repeat prescriptions, and access the 111 helpline for urgent medical needs.

The app, which is being jointly developed by NHS Digital and NHS England, and is part of NHS England’s wider strategy to digitise the health service, will be made available through the App Store or Google.

Other Options

As well as booking appointments and ordering prescriptions, the app will also give patients other options such as allowing them to opt-out of sharing their personal information for research and planning purposes across the health service, mark their preferences on organ donation, and register their choices for end-of-life care.

Helpful

Many commentators have praised the idea of the app as something that could provide extra convenience to patients e.g. reducing the 8am scramble for GP appointments, and take some of the increasing load off some areas of the NHS.

Security Caution

Some commentators have stressed the need to ensure that the security, reliability, and the identity verification processes of the app are of the highest international security standards in order to protect the personal details and medical history of patients.

Big No for Doc App

While the NHS appointment-booking app has been receiving cautious praise, the new Babylon AI chatbot that can diagnose medical conditions (and offer health advice based on what users tell it) got the thumbs-down at an event held by The Royal College of General Practitioners (RCGP).

Accuracy?

One of the main aspects of the bot that upset physicians were claims by Babylon that the bot has achieved medical exam scores of the same level as or higher than a human doctor. The company says that according to its robust testing program, which includes relevant sections of the MRCGP exam, which is the final test for a trainee GP, Babylon’s AI bot’s average pass mark was 81%. This mark is higher than the 72% average pass mark achieved by real doctors over the past five years.

These claims have been disputed by RCGP, which has stressed the point that no app or algorithm is able to do what a GP does.

What Does This Mean For Your Business?

Apps are being used in useful and value-adding ways in so many other sectors, it is no surprise that they are being developed for healthcare, and with the purpose of taking some of the burden off the NHS. For most people, the NHS is s trusted organisation anyway, and an app that can essentially perform administrative functions, such as booking appointments, sounds as though it could be very useful. The trust that many have in the NHS may also be enough to minimise security concerns. One criticism may be, however, that it may exclude the older members of society, many of whom are regular users of NHS services.

Even though an AI app may be able to pass theoretical exams (such as the Babylon AI app) getting people to trust it to make a diagnosis and then health suggestions, particularly when it has been criticised by real doctors, may be a step too far at the current time. That particular app company, however, has faced criticism in the past over its ‘GP at Hand’ app for the NHS, which allows patients at five London clinics to consult with their GP via a video call. The RCGP criticised it for cherry-picking patients, and leaving GPs to deal with the most complex patients without sufficient resources.

Either way, the NHS is committed to digitising some aspects of its services, and in introducing technology, a balance needs to be struck between adding real value in a fair way to all, while not being to the detriment of any NHS users and practitioners.

Visa Crash In Europe Causes ‘Cash Only’ Chaos

On Friday 1st from 2.30pm, a Europe-wide system failure at Visa that left shoppers embarrassed as their card payments were declined and stores switched to ‘cash only’.

Not Just Visa Customers

To make matters worse, because a range of different banks and other financial institutions use Visa’s payment system, even those making transactions using non-Visa branded cards were affected and were unable to make purchases.

The problem was compounded by the fact that it happened at a time when many people were leaving work on a Friday. There have also been reports circulating that even if some card purchases were declined, the money may still have been taken from accounts, and customers have been urged to check.

What Happened?

There are no precise details as to the reason for the system crash other than Visa’s explanation as a “hardware failure”.
Visa has also been quick to announce that it has no reason to believe that the system crash was associated with any unauthorised access or malicious events.

ATMs Still Working in UK

In the UK, although many customers found themselves in extremely awkward situations e.g. unable to pay for meals or petrol, customers were still able to take cash out of ATMs (if there was one nearby). This led to large queues forming at ATMs in towns and cities across the country.

Queues

Whereas many customers faced the embarrassment and inconvenience of having their cards declined in shops across Europe, others found themselves being forced to wait in queues because of the disruption. For example, in Berlin’s Alexanderplatz, it was reported that Primark customers had to queue for 20 minutes to pay, and staff were unable to note the reasons why transactions were failing. Also, it was reported that the Visa system failure caused a 45 minute wait for those trying to use the Severn Bridge as drivers were unable to pay the toll by card.

Anger

Not surprisingly, many people took to social media to vent their anger at Visa for the embarrassment and inconvenience caused. In Spain, the Guardia Civil tried to calm and re-assure people by sending a tweet urging everyone to stay calm, and used a picture of Captain Jack Sparrow to help explain that if they couldn’t pay, it wasn’t because they had been robbed or hacked.
Visa has apologised, and has stated that its payment system is operating at “full capacity”.

What Does This Mean For Your Business?

Even though the problems only lasted a day, it is only a matter of weeks since TSB’s catastrophic computer meltdown caused misery to customers after the bank tried to migrate its computer systems from its old Lloyds Bank systems to its new core banking system, Proteo4UK.

We are now a society that is moving away from cash, in favour of cards and particularly contactless payments. Also, this move away from cash has meant the closing of many ATMs. Both of these factors mean that system failures of this kind can be particularly disruptive.

For businesses, customers not being able to pay meant that profits were hit, their premises experienced disruption with some staff being left to face angry customers, and unable to offer a clear explanation.

The incident has, no doubt, also illustrated to any potential hackers how interconnected payment systems are across Europe and how many countries could be brought to a virtual standstill if they were able to breach the systems of major payment processing companies such as Visa.

7-Fold Rise in Mobile Fraud

It seems that as we spend more time using mobile devices, the fraudsters are following us as a new RSA Security report shows a massive rise in mobile fraud over the last 3 years.

Up Nearly 700%!

The latest quarterly report by fraud and risk intelligence experts at RSA Security shows that as the volume of mobile app transactions has risen by 200% since 2015, accordingly the growth rate for fraudulent transactions has increased to a massive 680%.

New Accounts and ‘Burner Phones’

One of the key trends at the heart of the rise in mobile fraud is the apparent rise of the use of fake new accounts and ‘burner / burn phones’ to commit fraud.

A burner / burn phone is a mobile phone handset that is acquired for temporary use, is usually prepaid / without a contract in order to retain the user’s anonymity, and can be discarded if necessary.

Alongside the burner phone, fraudsters are also known to use stolen identities to set up fake ‘money mule’ accounts, purely for the purpose of collecting the cash from their fraudulent activities.

The RSA report shows that new accounts and new devices have been used in this way in 32% of all the fraudulent transactions in the last quarter.

Phishing Still Top

The report shows that phishing is still the top fraudulent activity accounting for 48% of all fraud attacks in Q1 of 2018.

Trojan Malware & Payment Card Compromise

Other popular frauds involve the use of Trojan malware to steal financial credentials. This method was used in one in four fraud attacks in Q1 2018.

Also, using details from compromised cards is still a very common activity among fraudsters, and the RSA researchers who compiled the report claim to have recovered more than 3.1 million unique compromised cards and card details (which included verification numbers) on offer from online sources in Q1.

Mobile App Security

It is believed that poor security in mobile apps is allowing many criminals to hijack mobile applications and siphon off credentials and funds from many unwitting users.

What Does This Mean For Your Business?

These figures show that our increasing use of mobile devices and apps has opened the door to even more channels for fraudsters. There is clearly a responsibility among mobile app developers and those commissioning mobile apps to deliver their services to ensure that security is built-in from the ground up. This should mean making sure that all source code is secure and known bug-free, all data exchanged over app should be encrypted, caution should be exercised when using third-party libraries for code, and only authorised APIs should be used. Also, developers should be building-in high levels of authentication, using tamper-detection technologies, using tokens instead of device identifiers to identify a session, using the best cryptography practices e.g. store keys in secure containers, and conducting regular, thorough testing.

As users of mobile devices and apps, we also need to pay attention to our own levels of security. For example, we can take precautions to stop ourselves from falling victim to mobile fraud by using mobile security and antivirus scan apps, only using trusted apps / trusted app sources, uninstalling old apps and turning off connections when not using them, locking our phones when not in use, using 2-factor authentication, and using a VPN rather than just the free Wi-Fi when out and about.

Facial Recognition In The Classroom

A school in Hangzhou, capital of the eastern province of Zhejiang, is reportedly using facial recognition software to monitor pupils and teachers.

Intelligent Classroom Behaviour Management System

The facial recognition software is part of what has been dubbed The “intelligent classroom behaviour management system”. The reason for the use of the system is reported to be to supervise both the students’ learning, and the teachers’ teaching.

How?

The system uses cameras to scan classrooms every 30 seconds. These cameras are part of a facial recognition system that is reported to be able to record students’ facial expressions, and categorize them into happy, angry, fearful, confused, or upset.

The system, which acts as a kind of ‘virtual teaching assistant’, is also believed to be able to record students’ actions such as writing, reading, raising a hand, and even sleeping at a desk.

The system also measures levels of attendance by using a database of pupils’ faces and names to check who is in the classroom.

As well as providing the school with added value monitoring of pupils, it may also prove to be a motivator for pupils to modify their behaviour to suit the rules of the school and the expectations of staff.

Teachers Watched Too

In addition to monitoring pupils, the system has also been designed to monitor the performance of teachers in order to provide pointers on how they could improve their classroom technique.

Safety, Security and Privacy

One other reason why these systems are reported to be increasing in popularity in China is to provide greater safety for pupils by recording and deterring violence and questionable practices at Chinese kindergartens.

In terms of privacy and security, the vice principal of the Hangzhou No.11 High School is reported to have said that the privacy of students is protected because the technology doesn’t save images from the classroom, and stores data on a local server rather than on the cloud. Some critics have, however, said that storing images on a local server does not necessarily make them more secure.

Inaccurate?

If the experiences of the facial recognition software that has been used by UK police forces is anything to go by, there may be questions about the accuracy of what the Chinese system records. For example, an investigation by campaign group Big Brother Watch, the UK’s information Information Commissioner, Elizabeth Denham, has recently said that the Police could face legal action if concerns over accuracy and privacy with facial recognition systems are not addressed.

What Does This Mean For Your Business?

There are several important aspects to this story. Many UK businesses already use their own internal CCTV systems as a softer way of monitoring and recording staff behaviour, and as a way to modify their behaviour i.e. simply by knowing their being watched. Employees could argue that this is intrusive to an extent, and that a more positive way of getting the right kind of behaviour should (also) have a system that rewards positive / good behaviour and good results.

Using intelligent facial recognition software could clearly have a place in many businesses for monitoring customers / service users e.g. in shops and venues. It could be used to enhance security. It could also, as in the school example, be used to monitor staff in any number of situations, particularly those where concentration is required and where positive signals need to be displayed to customers. These systems could arguably increase productivity, improve behaviour and reduce hostility / violence in the workplace, and provide a whole new level of information to management that could be used to add value.

However, it could be argued that using these kinds of systems in the workplace could make people feel as though ‘big brother’ is watching them, could lead to underlying stress, and could have big implications where privacy and security rights are concerned. It remains to be seen how these systems are justified, regulated and deployed in future, and how concerns over accuracy, cost-effectiveness, and personal privacy and security are dealt with.

TalkTalk Super Router Security Fears Persist

An advisory notice from software and VR Company IndigoFuzz has highlighted the continued potential security risk posed by a vulnerability in the WPS feature in TalkTalk’s Super Router.

What Vulnerability?

According to IndigoFuzz, the WPS connection is insecure and the WPS pairing option is always turned on i.e. the WPS feature in the router is always switched on, even if the WPS pairing button is not used.

This could mean that an attacker within range could potentially hack into the router and steal the router’s Wi-Fi password.

Tested

It has been reported that in tests involving consenting parties, IndigoFuzz found a method of probing the router to steal the passwords to be successful on multiple TalkTalk Super Routers.

The test involved using a Windows-based computer, wireless network adapter, a TalkTalk router within wireless network adapter range, and the software ‘Dumpper’ available on Sourceforge. Using this method, the Wi-Fi access key to a network could be uncovered in a matter of seconds.

Scale

The ease with which the Wi-Fi access key could be obtained in the IndigoFuzz tests has prompted speculation that the vulnerability could be on a larger scale than was first thought, and a large number of TalkTalk routers could potentially be affected.

No Courtesy Period Before Announcement

When a vulnerability has been discovered and reported to a vendor, it is normal protocol to allow the vendor 30 days to address the problem before the vulnerability is announced publicly by those who have discovered / reported the vulnerability.

In this case, the vulnerability was first reported to TalkTalk back in 2014, so IndigoFuzz chose to issue the advisory as soon as possible.

Looks Bad After Last October

News that a vulnerability has remained unpatched after it was reported 4 years ago to TalkTalk looks bad on top of major cyber attack and security breach there back in October 2017. You may remember that the much publicised cyber-attack on the company resulted in an estimated loss of 101,000 customers (some have suggested that the number of lost customers was twice as much as this figure). The attack saw the personal details of between 155,000 and 157,000 customers (reports vary) hacked, with approximately 10% of these customers having their bank account number and sort code stolen.

The trading impact of the security breach in monetary terms was estimated to be £15M with exceptional costs of £40-45M.

What Does This Mean For Your Business?

It seems inconceivable that a widely reported vulnerability that could potentially affect a large number of users may still not have been addressed after 4 years. Many commentators are calling for a patch to be issued immediately in order to protect TalkTalk customers. This could mean that many home and business customers are still facing an ongoing security risk, and TalkTalk could be leaving itself open to another potentially damaging security problem that could impact its reputation and profits.

Back in August last year, the Fortinet Global Threat Landscape Report highlighted the fact that 9 out of 10 businesses are being hacked through un-patched vulnerabilities, and that many of these vulnerabilities are 3 or more years old, and many even have patches available for them. This should remind businesses to stay up to date with their own patching routines as a basic security measure.

Last year, researchers revealed how the ‘Krack’ method could take advantage of the WPA2 standard used across almost all Wi-Fi devices to potentially read messages, banking information and intercept sensitive files (if a hacker was close to a wireless connection point and the website doesn’t properly encrypt user data). This prompted fears that hackers could turning their attention to what may be fundamentally insecure public Wi-Fi points in e.g. shopping centres / shops, airports, hotels, public transport and coffee shops. This could in turn generate problems for businesses offering WiFi.

BYODs Linked To Security Incidents

A study by SME card payment services firm Paymentsense has shown a positive correlation between bring your own device (BYOD) schemes and increased cyber -security risk in SMEs.

BYOD

Bring your own device (BYOD) schemes / policies have now become commonplace in many businesses, with the BYOD and enterprise mobility market size growing from USD $35.10 Billion in 2016 to USD $73.30 Billion by 2021 (marketsandmarkets.com).

BYOD policies allow employees to bring in their personally owned laptops, tablets, and smart-phones and use them to access company information and applications, and solve work problems. This type of policy has also fuelled a rise in ‘stealth IT’ where employees go outside of IT and set up their own infrastructure, without organizational approval or oversight, and can, therefore, unintentionally put corporate data and service continuity at risk.

Positive Correlation Between BYOD and Security Incidents

The Paymentsense study, involving more than 500 SMEs polled in the UK found a positive correlation between the introduction of a BYOD policy and cyber-security incidents. For example, 61% of the SME’s said that they had experienced a cyber-security incident since introducing a BYOD policy.

According to the study, although only 14% of micro-businesses (up to 10 staff) reported a cyber-security incident since implementing BYOD, the figure rises to 70% for businesses of 11 to 50 people, and to 94% for SMEs with 101 to 250 employees.

Most Popular Security Incidents

The study showed that the most popular types of security incidents in the last 12 months were malware, which affected two-thirds (65%) of SMEs, viruses (42%), DDoS distributed denial of service (26%), data theft (24%), and phishing (23%).

Positive Side

The focus of the report was essentially the security risks posed by BYOD. There are, however, some very positive reasons for introducing a BYOD policy in the workplace. These include convenience, cost saving (company devices and training), harnessing the skills of tech-savvy employees, perhaps finding new, better and faster ways of getting work done, improved morale and employee satisfaction, and productivity gains.

Many of these benefits are, however, inward-focused i.e. on the company and its staff, rather than the wider damage that could be caused to the lives of data breach victims or to the company’s reputation and profits if a serious security incident occurred.

What Does This Mean For Your Business?

This is a reminder that, as well as the benefits of BYOD to the business, if you allow employees or other users to connect their own devices to your network, you will be increasing the range of security risks that you face. This is particularly relevant with the introduction of GDPR on Friday.

For example, devices belonging to employees but containing personal data could be stolen in a break-in or lost while away from the office. This could lead to a costly and public data breach. Also, allowing untrusted personal devices to connect to SME networks or using work devices on untrusted networks outside the office can put personal data at risk.
Ideally, businesses should ensure that ensure that personal data is either not on the device in the first place, or has been appropriately secured so that it cannot be accessed in the event of loss or theft e.g. by using good access control systems and encryption.

Businesses owners could reduce the BYOD risk by creating and communicating clear guidelines to staff about best security practices in their daily activities, in and out of the office. Also, it is important to have regular communication with staff at all levels about security, and having an incident response plan / disaster recovery plan in place can help to clarify responsibilities and ensure that timely action is taken to deal with situations correctly if mistakes are made.

Slack ‘Actions’

Chat App ‘Slack’ has announced the introduction of a new ‘Actions’ feature that makes it easier for users to create and finish tasks without leaving by having access to more 3rd party tools.

What Is Slack?

Slack, launched way back in 2013, is a Silicon Valley-produced, cloud-based set of proprietary team collaboration tools and services. It provides mobile apps for iOS, Android, Windows Phone, and is available for the Apple Watch, enabling users to send direct messages, see mentions, and send replies.

Slack teams enable users (communities, groups, or teams) to join through a URL or invitation sent by a team admin or owner. It was intended as an organisational communication tool, but it has gradually been morphing into a community platform i.e. it is a business technology that has crossed-over into personal use.

In March 2018, Slack and financial and human capital management firm Workday formed a partnership that allowed Workday customers to access features from directly within the Slack interface. Slack is believed to have 8 million daily active users.

What Is ‘Actions’ and How Does It Help?

The new tool / feature dubbed ‘Actions’ will bring enterprise developers deeper into Slack, because it allows for better / more integration with enterprise software from third-party software providers e.g. Jira, HubSpot, and Asana.

Slack knows that many users now like to choose what software they use to get their job done, and the Actions feature will, therefore, be of extra value to the 90% Slack’s 3 million paid users who regularly use apps and integrations.

Actions can be accessed using a click or tap of any Slack message, require no slash commands, and are being made available to all developers using the platform to deploy bots and integrations. To begin with, Actions will be displayed based on what individuals use most frequently.

What Does This Mean For Your Business?

If you use / your business uses Slack, the interoperability of these systems resulting from integration between software from third-parties means that you have greater choice in what software you use to complete your tasks without having to leave Slack. This offers time and cost saving benefits, as well as a considerable boost in convenience.

Slack knows that there are open source and other alternatives out there, and the addition of Actions will help Slack to provide more valuable tools to users, thereby helping it to retain loyalty and compete in a rapidly evolving market.