eStorm are pleased to announce our support for local AFL team, the Brisbane Lions, as we come on board as an official supplier.
eStorm are pleased to announce our support for local AFL team, the Brisbane Lions, as we come on board as an official supplier.
Put simply, two-factor authentication (2FA) or multi-factor authentication (MFA) is an additional layer of security that aims to address the vulnerabilities that a standard single password system can have.
With a standard username and password only system, it’s relatively easy to fall prey to cyber criminals and other nefarious parties. Think of the rudimentary username and password combination as having only a single line of defense.
Two-factor Authentication or Multi-factor Authentication adds a second line of defence by introducing an additional step to verify who you are. Instead of immediately gaining access to an account or information after entering a username and password, an MFA requires an additional piece of information.
This second layer of protection comes from one of the following categories:
This second layer makes gaining access to accounts and information incredibly difficult as a compromise of one of the factors won’t be enough to unlock an account.
With more of our business happening online, through mobile devices and computers, it’s easy to see why our digital accounts and information have become a target for criminals and other parties.
Malicious attacks, data breaches, hacks and other cybercrimes are becoming more common with massive increases in the number of sites and organisations losing the personal data of their users.
As cybercriminals develop more sophisticated and advanced ways for gaining access to information and data, it’s clear to see that old security systems are simply no match.
These issues aren’t reserved for the Facebooks and Googles of the business landscape, but for global companies, start-ups, small businesses, nonprofits and organisations of all sizes. Data breaches, often times even caused by simple human error, result in severe reputational and financial losses.
A recent study revealed that in 2016 over $16 billion was taken from 15.4 million U.S. consumers as a result of data breaches and an additional $107 billion from identity theft.
One of the most common users of two-factor authentication are businesses of all sizes. Organisations are able to significantly reduce the likelihood of phishing scams, as criminals are unable to gain access to login information and other secure data with usernames and passwords alone.
Likewise, we see organisations who aim to keep their own data and information confidential and secure, as well as that of their customers and clients, use MFA to reduce their risk of data breaches and as a form of value add for their clients.
Attempts to steal legitimate user or administrative credentials happens frequently when a party is able to compromise a network. These credentials allow them to easily propagate on a network and conduct malicious activities without the need for additional exploits, which significantly reduces the likelihood of them being detected.
When two-factor or multi-factor authentication is properly implemented throughout an organisation, the ability to steal a complete set of credentials becomes much more difficult. The user has to prove they are allowed access using something they have (physical token), something they know (PIN) or something they are (fingerprint scan).
It is vitally important that multi-factor authentication be implemented correctly in order to actually reduce security vulnerabilities and not simply create a false sense of network security.
An example of this would be when MFA is used for remote access solutions within an organisation, but not for corporate workstations. An unknown party could compromise the username and password from a device used for remote access and then use it to authenticate locally to a workstation or to propagate within a network after compromising the initial workstation on the network. In this case, multi-factor authentication for remote access is better than just a username and password, but doesn’t negate the requirement for properly defended devices to be used as part of a comprehensive remote access solution.
If you’d like to learn more about how we can help you with two-factor authentication / multi-factor authentication, please call us at any time on 07 3120 0640 or email us at [email protected]
Trying to remember your password for every website, portal, tool and piece of software is borderline impossible. Some organisations like to solve this problem by using a very simple and memorable password, variations of the same password, or worse – the exact same password for everything! That’s just asking for trouble.
Simple and memorable passwords are very easy for hackers to gain access to with a staggering 81% of breaches caused by weak or reused passwords. Even using a very strong password, but used across many sites and logins, means a single breach on one site or platform can compromise your information everywhere else. That’s where a password manager comes in.
The average enterprise uses 91 services! Skype, Slack, OneDrive, Dropbox, Social media channels, CRM, marketing software, sales automation, online store, website, mail client – the list goes on and on. With more accounts than you can possibly recall, how are you supposed to remember strong, unique passwords for all of them? The simple answer is you can’t – but a password manager can.
A password manager is an application that creates, remembers and automatically fills in your passwords for you. Log in to an account one time, or manually add log in information to your password manager, and it will automatically store your username and password. All your passwords are stored in an encrypted format, which means they’re safe and protected. A password manager provides fast, secure and easy access to all your stored passwords with the help of a single master password.
A password manager can be incredibly beneficial for any business that wants to boost security, simplify the onboarding and offboarding process, as well as help employees manager their passwords more effectively.
No one needs to be told that passwords are important – we all know this. But it’s important to remember that your password is your first line of defence. Put simply, no matter what service it is that you’re using, the security is often times only as good as the password that you’ve set.
Making a very strong password is often complicated. A password manager really takes a lot of the pain out of the process and makes an often complicated and time consuming process simple and easy. A password manager does this by creating and remembering a new, strong and complex password for you that is much stronger than anyone could come up with.
Creating a solid, complex and secure password is great – but if it’s not unique it’s pointless, which is so often overlooked.
A site or application’s security is only as good as the password you use, which means a site’s security could be worse than your password! If you’re using the same strong password across multiple sites, accounts and applications, then those sites and services with inadequate security could endanger your information in places that are serious about security.
Lets face it – you have more accounts than your team can handle, we all do. The average organisation uses 91 services, which means that even if you created unique passwords for all of them, you’d never be able to remember them all.
One study found that people had an average of 37 password reset emails in their inboxes. 37 times someone forgot their password. 37 times someone had to undergo the tedious reset password process and create a brand new unique password.
With an enterprise level password manager, the need to reset passwords is completely removed. Likewise, when one person forgets the password, they aren’t resetting an account password that everyone else then needs to update.
Password managers significantly increase your security while also simplifying your life… how often does that happen!?
A password manager requires you to remember a single password – that’s it – then it does the rest. No more trying to remember if it was a capital letter in this password, or a 3 instead of a capital E – and best of all, no more password resets!
A password manager, particularly in a business context, isn’t effective if no one is using it. In order to ensure employees adopt the use of a password manager, it must be intuitive and easy to use.
A great password manager is:
Efficient: must be able to be used to complete tasks quickly and easily
Effective: should help users achieve specific goals
Engaging: the UI (User Interface) and UX (User Experience) should be pleasant and satisfying to use
Easy to learn: simple enough to be picked up and easily understood without deliberate effort
Error tolerant: should be designed to prevent errors and help users recover from errors that do occur\
Likewise, a password manager in a business environment must be usable cross platform and compatible with different operating systems and devices.
A simple onboarding and offboarding process helps your organisation save time and money.
Likewise, when an employee leaves your company, it is important that your password manager has the ability to revoke their access to work related passwords and data. According to a SailPoint Market Report, more than 2 in 5 employees reported have access to a variety of corporate accounts after leaving their last job.
The report concluded that an efficient onboarding and offboarding process helps prevent some of the internal security risks with provisioning and application usage.
Your password manager should offer tools that enable you to oversee your employees’ use of the program. This means monitoring features such as dashboards, delegated administration, team sharing, role-based permissions, analytics and auditing.
These tools should enable you to enforce all organisational password policies and aid in regulatory compliance. It is however important to note that your password manager’s monitoring tools should not compromise the privacy of your employees.
Password sharing is a very standard office operation. However, the methods via which employees use to share those passwords, such as email and internal chat programs, are not safe from hackers.
An enterprise level password manager enables employees to share passwords in a secure, convenient and efficient way. Administrative tools should allow you to share passwords on a temporary basis or with full access.
Likewise, these shared credentials should update automatically so that all other team members continue their access.
Arguably the most important aspect of your password manager. The current recommended method of encryption for password protection is Advanced Encryption Standard (AES) with a 256-bit key length. This method has been deemed secure enough to protect the United States Government’s most highly classified data.
Be sure to utilise a password manager which uses a zero-knowledge protocol in its security architecture. This allows the employee full, exclusive control over the encryption and decryption of their data via a Master Password. This Master Password should never be stored on the password manager’s server or anywhere in the company’s network.
Additionally, your password manager should alert you and all employees in the event a data breach occurs.
For over 15 years eStorm Australia has been partnering with business, education and government as their trusted Managed IT Services provider and single source supplier. Our team of specialists deliver superior on-site and remote services tailored to suit your specific requirements.
As a proud member of the Apple Consultant Network, as well as being one of the most accomplished Apple IT Services firms in Australia, a great deal of our time is spent helping organisations integrate Apple Services into their business IT solutions. Here you can learn more about how we introduce Apple into businesses in a strategic and cost-effective way.
We want you to get the most out of your hardware and software, so we put together 5 interesting Mac features you might not know about that could be improving your Mac use.
eStorm Australia is an IT managed service provider headquartered in Brisbane. We partner with your business and provide IT solutions and services that suit your specific requirements. Our solutions include a variety of services that are critical to overall business success and competitive advantage.
If you need any information, or to find out exactly how we can help your business – contact us anytime on (07) 3120 0640 or email us at [email protected]. If you are located outside of Brisbane: Sydney: (02) 9188 5148 – Melbourne: (03) 9088 6431.
In need of our other IT support and managed services? We specialise in Managed Cloud Services, IT Support Services, Managed Network Services, Business Telephony, Hardware and Software Procurement and Education Services.
CeBIT Australia is the focal point for the Asia Pacific business and technology industry comprised of both an exhibition – for organisations to showcase their solutions and capabilities to a domestic and international audience of decisions makers for enterprise, SMEs and government – and conference – where attendees are able to maximise their learning and networking opportunities with captains of industry, who cover cloud computing, big data and analytics, cyber security and eGovernment.
CeBIT Australia 2018 provides a wealth of knowledge from many highly regarded representatives in tech and business, such as the Country Director for Google Cloud Aus and NZ, Global Senior Director of Social Media for Lego, CEO and Managing Director of Yamaha, CTO of TOLL, the Head of Aus and NZ from Stripe, Executive Director and Head of Emerging Tech of CommBank, CEO of Airtasker, CEO of Yahoo, Google’s Managing Director for Aus and NZ, BHP Global Information Security Officer, AGL’s CTO and the COO of Telstra just to name a few, as well as many other highly regarded representatives of tech and communications companies, banks and government departments.
Coupled with the 250+ exhibitions, which include organisations of all sizes and disciplines, from startups, to big data, communications, software, hardware, education, security and cloud, CeBIT Australia 2018 really showcases the best of business and tech in the Asia Pacific region.
This is the kind of thing we get really excited about – events like CeBIT Australia provides us with even more learning opportunities, as well as a wealth of information and solutions that we’re able to take directly to our clients in order to help them grow, remain competitive and solve their industries most difficult problems. We love to keep our finger on the pulse and immerse ourselves in the exciting current and future developments in tech so we are able to better serve our clients and help improve their businesses.
According to NetMarketShare’s January 2018 data, 42.39% of users are still using Windows 7, even though on January 13, 2015 Microsoft discontinued mainstream support for Windows 7. This meant that they no longer provided non-critical security updates, design changes or complimentary support for the operating system to end users.
Now the discontinuation of extended support also draws near. On January 14 2020, Microsoft will discontinue extended support for Windows 7, which means they will no longer provide updates, bug fixes or paid support for businesses using the operating system. This date announcement is important as it gives businesses that are still running Windows 7 the opportunity to upgrade to Windows 8.1 or Windows 10 (Windows 10 is the recommended upgrade as it is Microsoft’s latest OS and is still within the 5 year mainstream support period).
There are several risks in not upgrading your OS once the extended support ends.
Malware, which is software that is specifically designed to disrupt, damage, or gain authorized access to a computer system, is particularly pernicious. When Microsoft discontinues extended support, systems running Windows 7 will become significantly vulnerable to un-patched security risks within the OS and applications it runs. This means that upgrading will become essential to remain protected against the massive amount of malware samples that hit the web each day, not to mention the billions of malware samples that already exist.
Ransomware, a type of malicious software designed to block access to a computer system until a sum of money is paid, is another significant concern – particularly following 2017’s WannaCry attack and the various ransomware attacks that followed.
The WannaCry ransomware attack was a May 2017 worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin. It propagated through EternalBlue, an exploit in older Windows systems. While Microsoft had released patches previously to close the exploit, much of WannaCry’s spread was from organizations that had not applied these, or were using older Windows systems that were past their end-of-life.
Thankfully the attack was stopped within a few days of its discovery due to emergency patches released by Microsoft, and the discovery of a kill switch that prevented infected computers from spreading WannaCry further. However, the attack was estimated to have affected more than 200,000 computers across 150 countries, including businesses, universities, hospitals, banks and police with total damages ranging from hundreds of millions to billions of dollars.
While it is important to note that upgrading your OS to the latest versions and keeping patches up-to-date does not make you invulnerable, it is always best to maximise your defences as unpatched systems are vulnerable.
If you’d like to find out how we can help your business, or if you require any further information, assistance with your IT needs or you simply don’t know where to start – please feel free to call us on (07) 3120 0640 or email us at [email protected]
With more industries and business operations becoming increasingly computerised, the need to keep information safe and secure from an ever increasing variety of sophisticated threats and potential liabilities is now more important than ever before.
An unidentified IT issue has brought Sydney Airport to a standstill this morning as the airport was forced to halt the processing of outbound passengers to deal with the issue.
The IT issue came to light early Friday morning and affected passengers being processed through the T1 international and T2 domestic terminals, during which time the Sydney Airport instructed travellers to avoid the terminals until further notice.
As a result of the IT issue, queues began to form inside and outside the terminals with many travellers taking to social media to voice their frustration.
— Stephen Smiley (@StephenSmiley) March 8, 2018
While IT audits help you to ensure that your systems optimally support your organisation’s strategic vision, not all IT audits are the same. This is why at eStorm we conduct a variety of technological audits that are customised to your business that address security, compliance, performance and risk. Concurrently, our IT audit consultants contribute to your organisation’s risk assessment process.
Every organisation needs to balance its technological needs- including speed, ease of use and convenience, against their critical need to keep information safe and secure from an increasing variety of sophisticated threats and potential liabilities.
The primary objectives of an effective IT audit include:
Apple’s newly released iOS 9.3 software update is one of the best new advancements for the education sector as it changes the way iPads are used in the classroom.
As the name suggests, the ‘Shared iPad’ feature lets students share iPads. It is designed for schools where cost or policy concerns prevent the implementation of a one-iPad-per-student program. With the new update, students are able to login to an iPad, similar to logging onto their user account on a laptop or desktop. The result is that a student’s apps, content and progress through various tasks will be available, regardless of which iPad they actually use.
There is also a Photo ID feature that allows teachers to see which student most recently used a particular iPad, which should avoid delays related to downloading content and could help optimise on-device storage.
Students will have a four-digit login, similar to an iPhone passcode to login to their account, making it easier for younger students to remember.
As well as this, the iOS 9.3 update also features a new Classroom App that allows teachers to see what students are doing on iPads in the classroom. Teachers can also remotely launch and lock apps, and share student work on a classroom display connected to an Apple TV.
This is the first time Apple have shown an interest in allowing iOS devices to be shared and could be a big step in the right direction for them.
This new update is a breakthrough for digital learning and we look forward to putting it into practice.
If you would like to know more about this, or want to having it implemented in your classroom, please contact the eStorm office today.
In today’s classrooms digital learning is a tool being used more and more by teachers to enhance the learning of their students. Digital Learning can be described as learning facilitated by technology that gives students some element of control over time, place, path and/or pace.
Working in the IT industry and working with educational institutions, we are seeing very positive results in schools that have implemented a digital learning strategy to their classrooms. We want to share these benefits with our readers to help you decide whether digital learning is right for your learning facility.
Learning is no longer restricted to the school day or the school year. The internet and a growing number of internet access devices have given students the ability to learn anytime.
Learning is no longer restricted within the walls of a classroom. The internet and technology devices have given students the ability to continue their learning anywhere; whether that be at home, with a tutor, or on a family vacation.
Learning is no longer restricted to the methods used by the teacher. Interactive and adaptive software allows students to learn in their own style, making learning personal and engaging. New learning technologies provide realtime data that gives teachers the information they need to adjust instruction to meet the unique needs of each student.
Learning is no longer restricted to the pace of an entire classroom of students. Interactive and adaptive software allows students to learn at their own pace, spending more or less time on lessons or subjects to achieve the same level of learning.
We are continually seeing how digital learning is enhancing the classroom experience. Our most successful school, Redlands College, have been awarded for their commitment to enhancing their classrooms with technology devices.
For more information on how you can implement digital learning in your school, contact the eStorm office today.
In order to continue to drive profitability for your business, you need to make sure your IT systems are up to date and running smoothly. IT is no longer just a way to improve your competitive advantage; staying connected and keeping your business applications running smoothly is an essential part of every successful business operation. Whether your primary work involves service-based activity or consumer retail, your customers, suppliers, and employees depend on your IT performance. Downtime not only costs you money, it harms your business’s reputation.
However, the right IT support provider can help you overcome IT challenges and drive profitability in your company by empowering your users, optimising your application delivery and by customising your IT systems to your specific needs. This allows you to ensure your business’ responsiveness now, in preparation for future growth.
On-demand expectations have changed the way businesses operate. Your employees, customers and suppliers rely on the critical data and operating systems you use. Building true business continuity isn’t a matter of just having the ability to recover your files from an isolated date or time; you need to be able to continue working, regardless of interruptions.
IT providers can offer cloud-based recovery and back-up solutions that ensure business continuity. They will manage the integration of services that benefit your users. By offering the right software and the right service level cloud solutions, IT providers offer new opportunities and possibilities that benefit your users and improve your profitability.
In today’s economy, IT services are a core part of nearly every business. A large majority of employees will be using your company’s IT services daily. The more time employees are spending using IT, the more it affects their productivity and thus the business’ profitability. Providing your employees with the right IT tools to do their job is essential, as well as making sure those IT tools work quickly and reliably.
Some important considerations are:
Performance – Uptime and business continuity have already been covered, but it’s also important to ensure that the IT systems are responsive and reliable all of the time. Constant delays such as, applications and crashing computers, waste employees’ time and reduce productivity, even if they aren’t officially counted as “downtime”.
Accessibility – Are your employees able to access all of the IT services from wherever they need them? If they are at a different office for the day, or using a different computer can they still work as normal? Remote working solutions not only let people continue to work when they can’t work from the office, but can also provide flexibility within the office too.
The right IT provider should have a good understanding of your business and industry sector, so they can appreciate the challenges your employees face and suggest improvements where appropriate. Regular engagement between your IT provider’s team and both your management and floor level users is essential to this process, a purely reactive and faceless help desk only service will not achieve this.
Many small businesses rely on the combined IT knowledge of their current staff members to handle any IT problems. But, the fact remains that in today’s economic environment if you experience problems such as downtime, you can experience serious, long-term impacts on your business. Your customers will go elsewhere, and the loss can be irreparable.
Outsourcing IT support with the right IT provider removes IT burdens from your existing staff. It allows you to access the resources that large companies enjoy, without incurring the same costs. Moreover, instead of having to upgrade, replace, and purchase hardware, your provider can offer linear grow options that tailor your IT performance capabilities to your needs.
Like any outsource strategy, it allows your team of professionals to concentrate on doing what they do best, rather than be distracted and importuned by IT necessities.
To find out more about outsourcing your IT to drive profitability in your business, speak to one of our IT technicians today on 1300 378 678 or email us.