Cyber attacks and airline DR fiasco create rude wake up call signalling the end of Summer 2016


Two cyber attacks and a Disaster Recovery nightmare for a major international airline have caught our eye in recent weeks, reflecting the urgent need for business to pay attention to the smaller details as well as what lies in front of you.

Firstly, the matter of the Delta airlines DR fiasco in early August 2016.  What started as a small fire and power outage created a painful chain reaction, leading to 2,000 flight cancellations, millions of dollars of lost income and significant reputational damage.  At the technical heart of the story, 300 of the airline’s 7,000 servers were not connected to the backup power system. Remarkably, despite spending “hundreds of millions of dollars in technology infrastructure upgrades and systems, including backup systems”, Delta CEO Ed Bastian advised they were not aware of the vulnerability.  Huge comfort for Delta customers.  From a backup point of view, this omission is a basic error which belies lack of preparedness by Delta for business continuity and disaster recovery planning and testing.  Gartner’s data centre recovery and continuity analyst Mark Jaggers commented:  “A lot of people do disaster recovery testing around moving a workload between different sites, but once they have done that, do they go back and look for defects in the design of the systems that are there? I don’t know that many companies are doing that sort of testing after the fact or as part of a disaster recovery test”.  Added to this, the complexity of IT environments creates intricate interdependencies and it only takes one fault or human error to trip up.

Secondly, mid August produced the news that FTSE 100 accounting software firm Sage had suffered a data breach following unauthorised access of a login. Whilst unknown as to whether the source was internal and external, the result caused exposure of personal details and bank accounts relating to around 300 UK companies. The cost:  Sage’s share price tumbled in the early days by 4.3%.  The remedy – due diligence around access privileges to logins if an internal attack, or more complex credentials across different sites and systems used if a ‘reluctant insider (ie. a user whose individual user username and password(s) have been breached unwittingly).

Finally, the end of August 2016 drove a chill through the spine of the cloud storage market with news of the true extent of a breach by hackers believed to have originated in 2012, where account details of over 60 million Dropbox users was reported.  Dropbox’s remedy of forced password resets has now completed.  However, whilst the data dump did not appear to be listed in the main dark web marketplace where the data would be traded, reports are being made that the data is already in the possession of 3rd parties.  The remedy secure complex passwords which are changed regularly.

Assurance derives from MSPs with connected thinking on data security services.  Amicus ITS MD, Steve Jackson commented: “Organisations should review their mission critical business areas and processes to ensure they have up to date and tested security policies, procedures, staff education and strategy.  Annexing cyber security services like FoxcatcherTM and Amicus ViperTM with our Data Backup & Replication service and an analytics driven approach, creates Cyber DRaaS. This will be the future direction for companies to consider and a service which we are currently developing”.  Failure to take such positive steps mean that companies which might have sought to rely on remediation and recovery alone, will realise that the fallout from capital value from loss of brand confidence, trust, plus financial penalty is just too heavy a burden.

This week’s technology news – 2nd May 2014

Out of the Box
With the arrival of Microsoft Office on iPad, Microsoft has joined Apple and Google to become the latest giant to not include access to their competitors cloud storage on their mobile office apps. Instead users are forced to use their own cloud environments to store documents. If mobile users are restricted to OneDrive and SharePoint, Google Drive and iCloud respectively, why bother with cloud storage companies like Dropbox, Box or SugarSync on the desktop? Whilst it may be their way of pushing their ecosystems, versus purposefully edging out the competition, the commercial results could be the same.

Smartphone evolution – we saw it coming!
Human Media Lab in Canada’s Queen’s University has created a fully functional multi-screen foldable smartphone prototype, Paperfold. It has three snap-together display screens which have a clever use of linkable maps and can be used to create 3-D prints.

This shows greater potential than other previous versions seen such as Kyrocera. Notably in 2010, Microsoft developed and then killed its book-like tablet, Courier, whilst Sony released a costly digital paper tablet earlier this year. With an increasingly mobile workforce, the potential for Paperfold is greater as a transformable, flexible device. With the evolution of digital displays and e-ink technology, this is definitely something to watch out for in future.


This week’s technology news – 11th April 2014

Heartbleed attack
This week the news of the Heartbleed bug has been causing a panic amongst internet users and website owners. The bug, discovered by Google Security and Codenomicon just this week has been in place since 2011. Sites running OpenSSL are affected, with hackers being able to eavesdrop on secure connections without leaving a footprint. The bigger services that was affected were; facebook, Instagram, google, Dropbox and yahoo! These have now been patched, however we recommend a password reset for users of these accounts. Site’s not using OpenSSL were not affected including Microsoft and Apple. The culprit of the accidental bug has since been identified as one of the contributors to the open-source project, however the bug was not discovered during review and before being cleared for final release. The immediate issue would seem the mass reliance on open source code for our web safety, but the real issue, whether you use open source or an in house development team comes down to code being reviewed thoroughly before being added to the live code pool.

Unfortunate timing Dropbox unveils corporate plans during Heartbleed
One of the biggest Cloud file sharing services is Dropbox however it’s not a name often recommend for corporate use. Dropbox is attempting to change this perception by giving everyone ‘two dropboxes’ one for personal use the other for business, which is managed by your company. Organisations incorporating this will be able to wipe or move all data in this container without access to the user’s personal documents. The irony of this announcement is although Dropbox is going out of their way to show how businesses can trust them with their data it comes in the same week Dropbox admitted it was vulnerable to the Heartbleed attack, potentially putting users passwords and documents at risk.

Microsoft Office for iPad is a hit with over 12 million downloads so far
It was a long time coming – but many think it was worth the wait. Microsoft has announced its official Office Apps for iPad have been downloaded over 12 million times. The apps are well positioned for both home and business use, keeping the fonts and formatting your used too, but portable, on the device most people own. Although 12 million free downloads is impressive, the more interesting number would be to how many Office 365 subscriptions Microsoft has sold to new iPad users during this time. Microsoft has yet to release this information but the subscription is required to go beyond read-only and to actually edit documents. Many questioned if keeping Office initially exclusive to Microsoft tablets was a strategic move and it may have well been. If so it seem Microsoft has had a change of heart or simply seeing a bigger opportunity in getting subscribers into Office 365.

This Week’s technology news – 15th November 2013

Bringing data to the heart of business
Traditional automated network monitoring is no longer sufficient for modern business. Instead the data itself needs to be the prime focus. IT operations analytics software can be used to track, interpret and identify potential problems. The 2012 RBS calamity, which cost £175m, when a fault froze 12 million customer accounts, highlighting the importance of monitoring, which could have saved time, money and trust. Gartner analyst Will Cappelli said the IT operations analytics market will be worth $800m in 2013, up from $300m in 2012. Gartner expects this growth rate to be repeated next year. With stricter regulations now in place to protect the public, understanding what is happening with your data, will become even more important as companies get to grips with big data.

Dropping the box?
Big brand consumer file synching and file sharing name, Dropbox, is seeking to simplify and align security for its 200 million personal customers, to merge logins with those customers’ 4 million business accounts. The current duality might be “silly” to Dropbox’s CEO, however, UK enterprise and MSPs are likely to be encouraged to say with more commercially secure options like Box, which uses storage encryption on its servers – and unlike Google Drive and Sky Drive – would not fall foul of safe harbour governance policies, by virtue of its ability to control the geographical location of its data.

Can Samsung Knox out the competition?
Samsung, which has managed to take the lion’s share (60%) of the Android market has recently been making big strides in tackling the platform’s Achilles heel; corporate security. Many corporations have gravitated towards iOS because of its high level of security, thanks to its walled-garden approach. With Samsung’s latest version of their security platform Knox, it is looking like they have closed the gap, adding an application layer where work content can exist securely. Currently Knox is only compatible with high-end Samsung devices, but this still gives corporate users a much wider range of devices than Apple. With Android recently breaking past 80% market share worldwide, Samsung is in a very strong position to start to dominate the corporate marketplace, leaving other Android OEMs and Apple behind.

Intelligent Energy fires Upp hope for alternative power source
Intelligent Energy, the UK’s 15th fastest growing technology company (according to Deloitte), have showcased a new power source called “Upp”, at AfricaCom in Capetown. Made with a compact fuel cell and fuel to charge mobile devices including mobile phones and tablets, the cartridge can be easily returned and replaced. Using world telecomms partners and their distribution channels, down to street level; the costs are anticipated to fall lower than the initial $199 quoted. IE view this as a transformative platform for the third world which has positive implications for the mobile workforce and consumers -and marks the welcome roll out of alternatives to an over-reliance on electricity as a power source.


A managed service providers guide to this weeks news

iPhone 5 set to boost BYOD trend

iPhone 5 tops over 2 million pre orders in the first 24 hours, more than double its iPhone 4s predecessor.  With Apples upgraded features and increased popularity it’s no wonder the forecast predicts a growing number of devices will soon be flooding through company doors and connecting to organisations IT infrastructures. Is your company ready to support this generation of smart devices?

Windows 8 predicted to increase sales of tablets by over 10 million in coming quarter

With the release date of Windows 8 looming, predictions are already being made as to the impact Microsoft’s latest update is going to have on the world.  A survey by IDC states how tablet sales are likely to increase by 10 million this year.  Windows 8 will be partially responsible for this increase; however Apple and Android devices will remain the top players impacting this climb in sales.

Security breaches hit high profile companies – could yours be next?

With a number of high profile organisations becoming the subject of recent IT security breaches (Dropbox, Sony, E-Harmony), it’s clear that organisations need to step up their game to ensure their companies IT infrastructure is secure. According to recent findings from Florida Tech University, cyber-crime is on the increase, with around 14 crimes being committed every second at a cost of around $411 billion.

Microsoft wins battle over infringement laws against Google

Last week Microsoft saw themselves win their third legal battle against Google in the recent months.  A court in Germany heard how Google’s Motorola had been accused of infringing a Microsoft patent.

Office 365 offers greater opportunities for MSP’s

Microsoft has now released their ever anticipated preview of Office 2013 and Office 365.  Many of the changes that have been made are unsurprisingly in correlation with the imminent release of Windows 8.  One particular new feature that stands out is Microsoft’s deeper integration of Office 2013 with their cloud service SkyDrive.  With the BYOD generation growing bigger than ever it is no wonder that Microsoft have ensured a much more mobile and tablet friendly software, and with a much cleaner, less cluttered look the new Office is bound to be a hit.