Facebook-f Linkedin Instagram Twitter

2020 – The Year of the Remote Worker

Casares Costa, Spain – taken by my buddy Kelly 17/12/2020

Having worked remotely for many many years (to the envy of many friends who had to do the daily commute) I truly believe that remote working is better. The important thing is to ensure you manage it right and success will follow, personally and in business. In 2021, we will see the vast majority of the workforce (who are not customer-facing) working partially remotely if not totally.

Employers want their workforces to be productive, happy and loyal, but there are pros and cons for remote working – here are a few to consider:-

ProsCons
No Commute – Save on TravelDamage to Transport Industry Revenue
Flexible Working HoursWho is working when?
Less Office DistractionsIsolation
Apps and InnovationNeed to become own IT Support
Less HR IssuesFeedback and Support
Better ProductivityMonitoring Deadlines
My thoughts on Pros and Cons – What are yours?

Employers realise there are issues, such as communication, embracing cloud-based technologies and getting the right collaboration tools – but to achieve the business goals, this is the way forward. There is an element who will think they can abuse this trust and may stray from the jobs at hand – but let´s be honest, you do not have to be a remote worker to do that.

Our workforce at uUnify and our partners work remotely and across Europe – you just gotta look at the fab pic Kelly sent me from Spain – not jealous at all!! We are able to network and communicate globally like no other time in history and I love it!

With that in mind, uUnify works with Panduit and INS Group on networking projects across Europe as well as introducing the best of breed security products – Security Scorecard, Deep Instinct and Idax Software – a trio of technical delights to support businesses who are making these changes in the working environment. In 2021, we can help you come to love remote working too!

uUnify would like to take this opportunity to wish you a wonderful festive break and we look forward to speaking with you in the New Year. Bring on 2021!!

Challenges of Cloud Transformation – Digital Skills Gap

Many businesses who have started the transformation are faced with a major issue – the lack of internal knowledge and expertise.   A recent government report has found employers struggle to fill a third of vacancies last year due to lack of digital skills so the desire to outsource certainly allows companies to achieve a faster transformation. 

The Covid-19 pandemic has accelerated the pace of change and according to one recent study, 77% of UK businesses have taken the financial decision to increase budgets in this area.  The speed of these changes leads to the internal headache of additional training and recruitment.  Companies need to identify and pinpoint areas to work on.  In a recent report from Microsoft on this very subject they identify two distinct camps – the productive skills and the consumptive skills.  Those who fall into the productive are the engineering/technical teams, whilst the consumptive are the users/endpoints.   

All industries and most roles require various levels of digital skills and investing in up-skilling staff is paramount for future success in what is being called the 4th Industrial Revolution.  Did you know the House of Commons Science and Technology Committee released a report called simply Digital Skills Crisis – Digital skills crisis (parliament.uk).  This report was back in 2017 and very little has been done by employers or employees to improve their skills and knowledge.

With this year´s pandemic, the desire to learn and develop is encouraged with a plethora of on-line training. For those companies who are looking after cash flow at the moment there are plenty of FREE resources, sponsored by top Training Companies, University and Government organisations.  You just have to look at The Skills Toolkit | Find a course | National Careers Service.  I am looking at this myself – because everyday is a school day.

‘It is what we know already that often prevents us from learning.’ –Claude Bernard

Challenges of Cloud Transformation – Change the Mindset of the Workforce

Ah yes, the challenges of cloud/digital transformation are in every CIOs DNA and the challenges fall to them to find solutions.  Changing the mindset of the workforce to understand the need to embrace new technologies to keep ahead in their industry is the first hurdle. 

When you look at the investment people make personally or professionally in the technology they use, they are reluctant to change.  I am the biggest culprit for this – I prefer Samsung over the Apple iPhone, I favour Microsoft 365 over G-Suite, I prefer HP to Dell and this is just a few of my preferences. 

Imagine this in an enterprise environment with those who are reluctant to change as they are dependent/comfortable using their preferred technology to perform in their roles.  Adding to this, the IT Professionals are experts in supporting these technologies and have invested years of training to gain the relevant certifications to implement and support their users.

CIOs are already implementing different levels of Change Management to ensure the goal of customer satisfaction and safety, particularly in the financial sector.  The amount of information available on Change Management for on premises and cloud is vast, so I am not going to repeat what has already been written by experts in this area – but the gist of it from a cloud perspective is, change is inevitable.  People´s roles may change with the adoption of cloud technologies and could even result in not being needed anymore – so many are reluctant to even entertain the idea.

Once the CIOs have had many consultations with the various IT divisions and explained the objectives set out by the C-Suite and Board Members, they can support the teams by offering valuable training, communication to adapt and excel in the cloud transformation.  Some will welcome the challenges, and these are the easy buy-ins, but mediation and support are vital to those who need a bit more encouragement.

You have to take your hat off to CIOs as this is no easy step, but once you have the teams embracing the inevitable, then they can move on to the myriad of challenges ahead. We will look into more of these in the next few posts.

Increasing Employee Engagement with Security Policies

Photo by Thirdman on Pexels.com
Photo by fauxels on Pexels.com

Last week we touched on the importance of having a Cyber Hygiene Policy, but we wanted to explore this subject in a bit more detail. Many companies are unclear how to engage the workforce to understand everyone is responsible for protecting the corporate network.

Within all businesses there are those who are engaged, focussed, performance-driven and strive to perform to their full potential every day.  Unfortunately, there is a percentage within organisations of employees who lack enthusiasm and drive – but is this due to not caring or because they feel unsupported? 

So how do we engage the whole team to understand the importance of Security in the workplace? 

The aim of a Cyber Hygiene Policy is to improve the security overall from internal and external threats through effective collaboration and engagement.

Often the IT and Security Teams are looked on as areas of the business that hamper employees from performing in their roles,  Then you have the IT professionals who are called upon to solve a problem and go to their favourite mantra – User Error making individuals feel uncomfortable. 

Cyber Security Professionals must take a step back from the patching, discovering, and resolving attacks to advocate for their work.  If other departments feel the security division does not care or appreciate their IT needs in their respective roles – why should they care about having a sense of ownership about cyber security. 

According to Engaging for Success: enhancing performance through employee engagement (engageforsuccess.org)  there are 4 enablers to engage a workforce:-

Strategic narrative – Strong executives with a compelling, empowering story about the organization and its future.

Engaging managers – Managers that act like coaches, focusing on their people as individuals, giving them direction and objectives, and encouraging them to stretch themselves.

Employee voice – Employees who are respected as the solution, not the problem, and invited to give thoughts and opinions which are listened to and acted upon.

Integrity – An organization where values are reflected in how people actually behave, with no gap between what people say and what they do.

The UK study offers some particularly good insights for security engagement and click on the link above to see the full report. So, with that in mind, a valued workforce will be happier to change, adapt and grow – can only be good news for the future!

Mitigating Risk in a Pandemic – VPN & Cyber Hygiene

New collaborative tools have been implemented in record numbers this year, the main ones adopted are Zoom and MS Teams – but there are many more out there that may allow employees to perform and meet the expectations of clients/colleagues alike.  Companies do not want to hamper the creative abilities of their remote workforce but given the surge in coronavirus-related cyber attacks in the last few months, a more proactive investigation into how the remote teams access corporate platforms is required.

Many CISOs are in the process of auditing software applications alongside the various IT divisions for the digital transformation.  The pressures to meet the needs of the endpoint to perform their roles unfortunately came a priority and therein lies the dilemma with a heightened risk of attack or non-compliance.  It is imperative IT divisions assess the networks now and have a full understanding of the entire infrastructure – both on-site and remote.  Time to take back control now that we are coming to the end of 2020.  So, where do we start?

VPNs (Virtual Private Networks) usage has grown exponentially since March this year, but as great as VPNs are, they do unfortunately cause a bit of a headache to the security teams.  Consider standardising on a corporate VPN for the remote workers and limit this to work devices – it will certainly decrease the levels of unauthorised access attempts. 

Cyber Hygiene Practices in this world of Cloud Services is vital.  Regular maintenance and updates of all applications not only ensures the technology is performing to it´s full potential, but also protects from possible breaches and vulnerabilities.  At a corporate level, firewalls, anti-virus/malware applications is great, but with remote working, it is imperative to educate the workforce of the importance of Cyber Hygiene – a bit like making sure everyone washes their hands before dinner, or brushed their teeth before bed.  Yep, you gotta be the grown up 😊 When did you last run your anti-virus software?  Have you set up automatic updates? Why do you need access to this application?  The list goes on and on and on.  Create a Cyber Hygiene Policy and integrate this with all employees as part of their duties and responsibilities moving forward.

Putting these few little things into play will certainly help mitigate risks whilst maintaining a productive happy workforce and business continuity.  I do not think it matters the size of a business – a Cyber Hygiene Policy is something all companies should have.

Cybersecurity Threats this Year and Beyond

CIOs in 2020 continue to prioritise cybersecurity as the glue that allows organisations to take advantage of the amazing advancements in AI, 5G networks cloud computing, IOT, mobile devices etc.  Organisations empower their workforce to maximise on the technology options available to be create and innovate – but with every good, there appears to be bad.

What are the greatest threats for the coming years?

The amount of information and published papers on cyber threats past and present are freely available on-line – but after reading quite a few and seeing the focus of our partners, here are our top 4 to focus on:

Ransomeware

Ransomeware is a multi-billion-dollar industry and malware attacks target industries who cannot afford downtime – for example, the healthcare industry, government institutions and industrial organisations (like oil refineries).  They are not stopping there and cloud-base attacks are on the increase as more and more industries move their servers and data to the cloud.  If you do not have advanced malware protection, ask for advice on how to protect your assets now – we work with amazing partners who deliver fantastic solutions.

 AI-Enhanced Cyberthreats

Just as we start to reap the benefits of AI in our workplaces, lo and behold the hackers arrive!  These enhanced attack measures will not only defraud, steal money, cause downtime or shutdowns – it will cause harm emotionally, injure or even kill.  The human element is still heavily involved, mainly because of how AI interprets issues, but with the multiple entry points the focus is shifting amongst our clients and partners.

IOT (Internet of Things) and 5G

Okay, before we get started with the 5G conspiracy theories and the US/China dominance, there is no getting away from the human element – we love speedy connection, getting our information as quickly as possible and as easy as possible.  I must be the only person in my group of friends who does not have Alexa or use voice activated apps – I am a bit of a sceptic on that. It cannot go unnoticed the amount of wearable devices, home devices and devices we use at work.  The promise of more secure connections with 5G is fantastic but do not overlook the importance of regulation, focus on big data and of course regulatory bodies like GDPR etc. etc.

Machine Learning Poisoning

Machines perform tasks on a set of specific rules – those rules connect input data to an outcome and on many occasions can outperform us mere mortals.  With the advancements of AI, machines can start to identify certain algorithms/patterns or designs wrongly or rightly.  This is when the problems in machine learning models happen and the amount of researchers/developers working in the field of study called adversarial machine learning to evade machine learning malfunctions or attacks is immense and will certainly be a highly desirable skill set to have in-house.

If these topics are something you already know – you are well on your way to future-proofing your cyber security and we would love to hear from you on your experiences.

AI and Protecting the Endpoint

Do you remember the film War Games?  Released in 1983, this film starred Matthew Broderick as a high school kid who hacked into a super computer to play games and almost started world war III – but here comes the spoiler – a game of tic tac toe (noughts & crosses for us Europeans) helped the super computer learn and it decided to play chess instead of Global Thermonuclear War.  Matthew Broderick`s character just wanted to play games with the computer – but hey that´s Hollywood.  The reality is quite different with potential threats, breaches and cyber espionage being a top concern for businesses across all industries.

Attacks and those who are attacking are constantly evolving, changing, and developing new ways to breach secure networks, giving way to IT security professionals consistently monitoring, responding, and dealing with threats as close as they can to Real-Time.

Cybersecurity protections as discussed in previous blogs are the basics, but they follow rules created by the security teams and are manually updated/monitored.  AI applications goes further and is particularly effective in Spam filtering, Network Intrusion, Fraud, Credit Scoring & forecasting of incidences.

With more remote working, more mobile device usage Endpoint Security is at the forefront of CSOs & CISOs worldwide as well as those pesky hackers.  Our partner, Deep Instinct´s software is designed to protect mobile devices and services against known and unknown malicious attacks in real time.  It has an advanced subset of AI, they call “deep neural networks” and the more data received it intuitively understands and learns.  We would love to talk to you more about this amazing solution, so feel free to get in touch with us as we are “deep learning” every day too.

What Security Methods are right for Business?

Last week we focused on the remote working aspect of being cyber aware. so what more can businesses do to protect their intellectual property and corporate environment? Well, quite a few things – some may already be in place, but with the evolution of cyber-attacks/breaches growing exponentially, maybe a little recap is in order.

Firewall Firewalls are essential to combat malicious attacks on an organisations network filtering the traffic and allowing you to selectively block IP addresses.  More and more processes are becoming cloud-based and using a firewall to authorise/identify will protect that all important back-end database ensuring smoother running of the websites and applications.  As yourself this question – is your current Firewall working to its full potential?

Secure Browsers V Popular Browsers What browsers do you use?  Is there a company policy on preferences or do users choose to use whichever suits them?  We all work in different ways and some organisations enforce the use of secure browsers, but if you do not want to hamper creativity and personal preferences, make sure your employees use the safe mode feature.  If you are interested in looking at secure browsers, there are some different options out there, like: Epic Privacy Browser – Uses VPNs and the company says it blocks over 600 trackers in a typical session. Ecosia – I like this one as it doesn’t sell your search results to third parties or use trackers.  There are others to consider, but they all have their pros and cons, so choose wisely.

Antivirus Installation and Updates Oh yes, the joys of the antivirus updates – frustrating as they can be, it is a necessary task to perform at desktop and network level because outdated antivirus or the security tools leads to potential breaches and highly detrimental to the business.  Educate the importance across the whole business of ensuring regular updates and checks.

Virtual Private Network (VPN) Do you use a VPN?  There is a lot of chatter about the pros and cons of a VPN in business, but if you have remote users who are using online resources, then a VPN may ensure the security of a connection and in turn will not risk the network or cloud resources.   Some VPNs offer encryption features, and we suggest you look at reviews and comparisons to see which is right for your business.  I use ExpressVPN  and like it´s service, but there are many others out there worth looking at.  For those companies relying on cloud solutions, VPNs are still extremely important and recommended.

Proxy Servers & Segregation of the Network Proxy Servers are like a VPN adding a layer of protection to online business activities.  Having been around for many years, they can filter/monitor the traffic on the network and adherence to online policy.  Because if can balance the website´s traffic (preventing downtime and glitching) it can improve productivity.  Also, if you are a customer-focused organisation and want to offer WIFI facilities, create separate WIFI connections from your corporate environment – can you imagine the security implications if someone went rogue on your corporate WIFI. 

Passwords & Two-Factor Authentication My head is full of passwords, codes etc. like us all, but I am getting my head around using more and more two-factor authentication (2FA) and using a Password Manager tool is the way forward, both individually and company-wide,

Next week we will focus on AI Enabled Security Solutions, but if you wish to have a chat on any of these topics, feel free to drop us a line as we value your input.

What security methods are right for working remotely?

We all need to take a level of responsibility for our cyber security when working remotely and how to protect our homes, small office networks, and the organisations we work for.  It looks like for the foreseeable many of us will have to work from home, so I thought as we are still in Cyber Awareness Month, here is a reminder of best practices: –

  • Protect your data – Be mindful of what data you share and with who, watch those emails and keep IT informed when you need to delete or move any sensitive information/data.
  • Avoid pop-ups, unknown emails & links – Be aware of Phishing activity and ask about email authentication software/technology.
  • Connect to secure Wi-Fi and use a VPN: Try ExpressVPN or Norton VPN – I prefer Express VPN as they have a lot more virtual servers and locations to choose from.
  • Install security software updates and back up your files – Strong Antivirus & Malware Protection on all your devices.
  • Talk to your IT department – Ask about Firewall Software and watch for false tech support emails as scammers are very clever.
  • Employ third-party controls – Restrict Access to Certain Sensitive Data and follow your Company Rules to ensure no breaches.
  • Embrace education and training – Follow an Acceptable Electronic Use (AEU) policy or check if your IT equipment meets the requirements to access Company Data etc.

Just a little bit of knowledge and care will help you and your company to avoid breaches and remember – think before you click. If you have any concerns, reach out to your IT department – believe me they would want to prevent a breach, rather than have to cure it.

Structured Cabling – ANSI and TIA Standards

Cabling – ah yes, that gathering of wires under desks, behind TVs and games consoles.  Do you remember those fancy cable tidy things that we ordered from the stationery catalogue as we believed they would keep all our cables nice and tidy – god, they were awful and thankfully short-lived. Cabling in the modern workplace is so much more with the advancement of technology and connectivity. 

Structured cabling is the cabling and associated hardware needed to provide comprehensive infrastructure serving a wide range of uses within telecoms and data transmission throughout the computer networking environment. Industry standard installations of LAN, MANs and WANs, typically follow installations within certain areas: Entrance Facility, Backbone Cabling, Equipment Room, Horizontal Cabling, Telecoms Room & the Work Area. 

Facilities, IT & Infrastructure Teams work tirelessly to ensure us at the endpoint have the right support to access our tools/applications, but the investment, standards and accreditations within this area are vast and constantly changing.

We do take those little patch cables/RJ45 fly leads for granted, not realising the scrutiny they have been through to pass the standards globally.

I just wanted to highlight the backbone cabling standards adopted from North America in 1991 – ANSI (American National Standards Institute) and TIA (Telecommunications Industry Association) – ANSI/TIA-568 set of cabling standards.  Here are the standards for structured cabling:

ANSI/TIA-568-C.0 (2009) Generic Telecommunications Cabling for Customer Premises

ANSI/TIA-568-C.1 (2009) Commercial Building Telecommunications Standard

ANSI/TIA-568-C.2 (2009) Balanced Twisted-Pair Telecommunications Cabling and Component Standard

ANSI/TIA-568-C.3 (2009) Optical Fibre Cabling Components

I might be telling you something you already know, but for me when I read the plethora of technical specs on backbone cabling offered by Panduit and implemented by INS Group , I appreciate the complexity of providing world class cabling services.  Simply WOW!

If you are looking for some guidance on your point to point or structured cabling, come chat with us and the amazing global partners we deal with.   The wealth of knowledge is amazing!

References

ANSI – American National Standards Institute

TIA – Telecommunications Industry Association