Since GDPR came into law last year, people have been wondering should their laptops be encrypted, and if they are not encrypted would they be in breach of GDPR. Well, it turns out that there are no explicit encryption requirements in GDPR. But you are required to enforce security safeguards, and GDPR also mentions that encryption can be used with any personal data. 

So what is encryption?

Encryption is a method of data protection that converts data from a readable format to an encoded version. This can then only be decoded and read if the correct encryption key is used.

How does encryption work?

Encryption works by taking unencrypted data and then using an encryption algorithm and an encryption key to create ciphertext. Which can only be viewed in its original format when it is decrypted with the correct encryption key.  

Why should you consider encryption?

Since your data will be encrypted, you are ensuring that if your laptop is lost or stolen any data on it can’t be accessed. Under GDPR if you are affected by a data breach you have 72 hours to notify all your affected customer. This can be tricky if the data breach takes place on a bank holiday weekend. Because you have encrypted your data you have technically not suffered a data breach. As your data can’t be read you don’t have to notify your customers.

What do you do once you have installed encryption?

Once you have installed encryption on your laptop, you have to have regular check-up’s to ensure that encryption is still in place. Last year a laptop used by one of Eir’s staff got stolen, resulting in 37,000 customers having their data compromised. The laptop’s operating system Window’s 10 had recently installed an update which disabled the laptop’s encryption.

iPing provide managed services and IT services. We can help provide you with an overview of how you can go about encrypting your laptops or I.T. infrastructure. So, if you need some help with the above please contact us or give us a call on 01 5241350.

Just to let everyone know that after eight years providing IT Support to the greater Dublin area from Lad Lane we have now moved.

IT Services In Dublin

Our new location is still in Dublin 2 and we are excited to keep providing Managed IT Services to all our clients from our new office on Baggot Street.

Please update your records to reflect the new address 126 Lower Baggot Street, Dublin, D02 X934.

The end of Windows 7 - It seems like only yesterday that users of computers running Windows XP had to upgrade their operating system. And possibly their computers. As Microsoft was ending support for Windows XP. That scenario will soon come to pass again. When users of Windows 7 will be faced with Microsoft ending support in January 2020.

If you have Windows 7 Enterprise or Windows 7 Pro Microsoft will provide patches/updates until 2023. But if you are using Windows 7 Home edition then you are out of luck. As Microsoft won’t be providing any patches/updates and you will have to migrate to Windows 10. Microsoft has yet to announce the cost of the updates. And if you have to pay to update a lot of computers then it won’t be cheap.

What my Managed Service Provider Should Do

So what do you do if you have custom software and or hardware that only works with Windows 7?

You will have to replace your hardware and software as you prepare to move to Windows 10. But if you have Windows 7 Enterprise or Windows 7 Pro. You will have a bit longer to prepare for the move. The extra years you have to prepare for your move to Windows 10 will come in very handy. Especially if you have to replace your custom software. 

What happens if you dont migrate to Windows 10

Well, you can pay Microsoft for 3 years of patches/updates. If you can afford to and if your version of Windows 7 allows this. If you can’t do this because of the costs involved. Or because your Windows 7 is the Home edition version. You will be in breach of GDPR (General Data Protection Regulation )which came into law on May 25th2018. Requiring you to be using up to date computers that are fully patched.    

It’s not all bad news as there is something positive to come out of this. Once you migrate to Windows 10. All updates will be done via the cloud. As Windows 10 will never be replaced by Microsoft. 

More information on Windows

If you are looking for more information from Microsoft on Windows 7 End Of Life then here is a great place to start!

If you want to buy a copy of Windows 10 you can contact iPing and we can help or you can go direct to Microsoft here. We advise on the first option as we can help with the upgrade and migration!

iPing provide managed services and IT services. We can help provide you with an overview of how you can go about upgrading your computers or I.T. infrastructure to Windows 10. So, if you need some help with the above please contact us or give us a call on 01 5241350.

Secure Your Office 365 Email - Starting to see a few phishing messages coming from offlce.com (*Note the small L and not a small I*)

Please be so vigilant if you are ever verifying your email username and password. This is usually a scam just about to happen.

Also turn on your email 2 factor authentication. If you need help with securing your email give iPing a shout on 01 5241350.

If you have any questions about your companies managed services we can also help.

We thought we would take a little break from IT support and Managed Services and roll in on one of the most talked about technologies over the past few years, blockchain. When you mention blockchain it cryptocurrencies namely Bitcoin and Ethereum comes to mind. But blockchain is more than just Bitcoin and other cryptocurrencies as it will totally change the way that you do business.

So, what exactly is blockchain?

Well IBM state “A blockchain, as the name implies, is a chain of digital “blocks” that contain records of transactions. Each block is connected to all the blocks before and after it. This makes it difficult to tamper with a single record because a hacker would need to change the block containing that record as well as those linked to it to avoid detection. This alone might not seem like much of a deterrence, but blockchain has some other inherent characteristics that provide additional means of security.”

How can Blockchain change the way you do business?

Bitcoin was the first blockchain application that allows a network of users perform transactions without requiring the trust of anyone on the network or a third party. As everything is encrypted, if anyone tampers with the blockchain it will be immediately noticed. The encryption and trust parts of bitcoin are what make blockchain essential for your business as it offers you a secure way to store data or process payments.

Blockchain allows you to break up data into little pieces (like a jigsaw), and encrypt the data so that only you have access to it. These little pieces can be stored all over the world in a similar way to torrents, which means you are not relying on one storage space. You can also save a cryptographic signature of a document or file on a blockchain, which will allow you to ensure that any file has not been changed/edited and you won’t have to save the entire document or file on the blockchain.

If you want to make sure that certain transactions happen once certain conditions are met blockchain allows you to do this with smart contracts. For example, if you are sharing business contracts or accounts with a client, smart contracts will allow you to share documents that are read only and can only be viewed online, thus ensuring that no changes can be made to the documents and that they also can’t be leaked.

Blockchain is just starting to take off, and it will be a couple of years before its becomes as ubiquitous as the cloud. Every day more and more applications are being made for blockchain and more and more businesses are starting to use it. So isn’t it time you jumped on the band wagon?

iPing provides managed services and IT services and we can help provide you with an overview of what blockchain can do for you. So, if you need some help with the above please contact us or give us a call on 01 5241350.

My managed services provider helps me chose my new computer

One of the most important decisions that a business will make is buying new computers, and as this is a purchase that should last you 5-8 years, what should you be looking for?

Before you set out to buy any computers, you need to ask yourself the following 3 questions:

What work will your computer/computers be doing?

Are you going to go Mac or PC?

Will you need a desktop computer or a laptop?

What work will your computer/computers be doing?

This will help you decide what specs you need for your computer, the more power intensive work you are doing will require you having to use a more powerful CPU. If you are just going to be doing day to day office tasks such as using Microsoft Office, online research or using cloud-based software such as Salesforce then you won’t need a powerful CPU. But if you are doing web design, graphic design, editing audio/video or game development then you will need a pretty powerful machine. If you need help worknig this out a managed service company like iPing can help answer these questions.

Are you going to go Mac or PC?

This will depend on what work you are doing and it is worth noting that most corporates use PC’s, whilst quite a few startup’s use Mac ‘s and the majority of journalists and graphic designers use Mac’s too. If you go with a PC, they are easy to upgrade, so if you want to add more memory or a new hard disk it won’t take too long to do this. If you decide to go with a Mac, they are much harder to upgrade as the memory is soldered on to the motherboard and replacing the hard disk can be a very tricky job too. It is important to make sure yout IT support company can look after Mac

Will you need a desktop computer or a laptop?

A lot of people are now using laptops as they take up less room, can be taken anywhere which is handy if you have to give a presentation to a client, and they can also be taken home if you want to do work over the weekend. You can even get 2 in 1 laptops which can also act like a tablet which can be useful if you want to add some comments etc. to presentations. Some modern desktops have everything built into the monitor which means that you only need space for the monitor, keyboard, and mouse.

Once you have answered the above three questions you will know what specs your computer/computers will need. For day to day office tasks a computer with an Intel Core i3 will suffice but if you are doing anything more intensive a computer with an Intel Core i7 is recommended but you could get away with a computer with an Intel Core i5, depending on what work you will be doing. You should have at least 8 GB of RAM and maybe more depending on what your computer/computers will be doing. And you should always get an SSD hard disk as they are quicker to boot up and don’t’ have many physical parts meaning they won’t easily wear down.

iPing provides managed services and IT services and we can help provide you with an overview of your I.T. infrastructure and what computers you might need to buy now or in the future. So, if you need some help with the above please contact us or give us a call on 01 5241350.

At iPing we have done some research and the most important point we believe businesses need to consider when considering the introduction of GDPR is to consider how damaging a data breach would be to your business if personal data was made available to the public and therefore you need to consider what risk level your business has and take appropriate steps to secure your data.

You should consider what data is saved on your server – do you have personal customer or employee data saved? If you do not have personal data on your server then then your business has a very low threshold of compliance to meet the GDPR specifications but if for example you store thousands of customers’ home addresses, phone numbers, date of births or credit card information, then you need to protect that data to a very high level.

The definition of personal data is set out below for ease of reference and you will see that it is a wide reaching definition:

““’personal data’ means any information relating to an identified or identifiable natural person (‘data subject’)”

an ‘identifiable natural person’ is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location number, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Below is a list of technical and organisational measures your business should consider in order to meets its requirements under the GDPR:

Minimum technical measures under the GDPR

• Firewalls which are properly configured and using the latest software (no specific requirement for a valid subscription unless you have high risk data to secure)
• User access control management by, for example, the UAC functionality in Windows. Please note, that in order to comply with the law, there should be no one person in your organisation with full access to all files and even your network administrator should have restricted access. In fact, it is recommended that the network administrator’s normal user account and his/her account with administrator privileges should be separated and only used when appropriate. This makes auditing and control of administrator actions much simpler.
• Unique passwords of sufficient complexity and regular (but not too frequent) expiry on all devices (including mobile phones) to defend against dictionary and rainbow table attacks. The UK government’s National Technical Authority for Information Assurance (CESG) has recently advised against forcing users to change their ‘complex’ passwords because this may lead to the recycling of old passwords, which may be already known to attackers, the need to note passwords down often on an exposed medium left near the device and users forgetting their passwords and being locked out, which leads to a loss in productivity
• Regular software updates, if appropriate, by using patch management software
• Timely decommissioning and secure wiping (that renders data unrecoverable) of old software and hardware
• Real-time protection anti-virus, anti-malware and anti-spyware software i.e good Internet Security
• Encryption of all portable devices ensuring appropriate protection of the key
• Encryption of personal data in transit by using suitable encryption solutions. This may include SSL and IPsec VPN connections which are appropriate for machine-to-machine connections, or PGP which is generally used for messaging, such as, e-mail. PGP or “Pretty good privacy” (around since 1991) has long been part of state of the art security. Nevertheless, if your organisation processes minimal amounts of personal data, encryption will not strictly be a legal requirement and organisations may achieve appropriate levels of security and comply with the law by other means
• Implement secure configuration on all devices (including mobile phones)
• Put in place intrusion detection and prevention systems – This would imply active rather than passive firewalls with a subscription but it’s too vague to make a hard and fast rule
• Data backup

Minimal organisational measures under the GDPR

• Vet and train staff, contractors, vendors and suppliers on continuous basis, as individuals are often the weakest link
• Insist on non-disclosure agreements prior to entering into formalised agreements
• Provide training to staff on data processing obligations, identification of breaches and risks. Even with state of art security software you may not be able to prevent some breaches without having appropriately trained staff
• Restrict staff access to personal data to those who need to know
• Ensure physical security on premises including policy for staff to lock away their documents overnight in secure cabinets, and disposed of any sensitive printouts, which are no longer needed, by putting them in a confidential bin or through a document shredder
• Put in place a ‘Bring Your Own Device’ policy if you allow use of personal devices for work; and
• Implement a strict ban on the use of personal email for work purposes.

Other suggested commonly adopted security practices

• Consider multi-factor authentication, especially for remote access. Without putting a burden on the employee, nowadays, the second authentication can be a fob plugged into the device or through the presence of a corporate mobile phone
• Keep Wi-Fi passcode confidential and change it regularly to prevent creation of “evil twin” Wi-Fi access points. Generally, any WiFi access to the corporate network should use WPA-TKIP which is a centrally administered authentication method and grants access only to authenticated users, such as staff; and
• Implement delinquent web filtering to prevent access to hazardous URLs

We hope the above guide may be of help to you. If you have any questions or need help in considering how GDPR may affect your business, please contact us here at iPing.

Pondering your companies Internet Security? - On January 3^rd 2018, a date that will remain in the memory of I.T. managers and tech support staff, the Meltdown and Spectre vulnerabilities were publically announced. These two vulnerabilities affect all Intel chips made after 1995 and some Arm and AMD chips. So, what can you do to correct this and is it worth replacing your computer hardware?

What can Meltdown and Spectre do?

Meltdown and Spectre allows rogue programs to steal data which is processed and stored on your computer and this data can include passwords, photo’s, emails and office 365 documents. This data could be stored in your browser or in the cloud.

What should you do?

• Make sure that any antivirus software that you install is updated on a regular basis as there is a chance that any malware that is used by Meltdown and Spectre can be detected. It is important to have a good overview of your internet security.
• As these two exploits affect all Intel CPU’s and some Arm and AMD chips made after 1995, it is not known when redesigned chips will be released, but it is best to replace older computers with modern computers which will have patches available.
  If you have legacy computers running legacy software, make sure they are not connected to your network and see if it’s possible to move the legacy software to other computers.
  Install any patches that are available for your computer as soon as possible, and as already mentioned if there are none available replace your computer with a brand new modern one that will have a patch available.
• Do an inventory of all your hardware and software so that you know what computers and software will need to be replaced.
  In the meantime to get further information on Meltdown and Spectre and details of where you can download patches, please click here.

iPing provide managed services and IT services and we can help provide you with an overview of Meltdown and Spectre and what you can do to lessen its impact on your I.T. infrastructure. So, if you need some help with the above please contact us or give us a call on 01 5241350.

One of the most if not the most important piece of equipment that you should have in your I.T. infrastructure is antivirus software, as you don’t want data loss or data theft occurring. You might be thinking that once you have installed antivirus software, there is nothing else that you need to do, but you would be wrong, you must do the following:

Check compatibility

It is very important that you make sure that any antivirus software that you install is compatible with your hardware, OS and any software that you have installed.

Before you decide what antivirus software you will use, it is best to fully test each antivirus software that you are thinking of using so that you can see first-hand the pro’s and cons of each antivirus software that you are looking at using.

You must make sure that any antivirus software that you install does not slow down any of your hardware or software, as any downtime could be costly and if it causes any issues with your email setup or firewall you could find emails being blocked or not arriving or sending on time.

Regularly updating your antivirus software

Make sure that any antivirus software that you install is updated on a regular basis.

If you have various computers using antivirus software, make sure that they are all updated at the same time, as you don’t want one of your computers to be the weakest link.

When you need to renew your antivirus software licence/licences, don’t hesitate and do this right away as you don’t want to be using antivirus software that can’t be updated or doesn’t work with your OS.

iPing provide managed services and IT services and we can help provide you with an overview of your antivirus software setup and how you can improve it. So, if you need some help with the above please contact us or give us a call on 01 5241350.