Are you getting the most value out of your Multi-Factor Authentication solution?

More organisations are shifting to a remote working framework for the foreseeable future, therefore it is more important than ever to ensure your teams and business assets are safe from opportunistic hackers.

With nearly 60% of organisations sensitive data being stored in the cloud, and over 71% of deployments experiencing at least one compromised account each month; implementing access controls that evaluate risk profiles and implement strong authentication is crucial.

Watch our webinar to hear from Ian Sanderson, Presales Technical Consultant at Trustack and deep dive into the competitive advantages of using Thales STA (Safenet Trusted Access) for your multi-factor authentication security needs.

In the session you will hear about:

  • How Microsoft and Thales Access management solutions can complement each other and enhance your security strategy.
  • How Thales compares to Duo when meeting your access management needs.
  • Real-life use cases to demonstrate how Thales can simplify multi-factor authentication
  • Opportunity to ask those burning questions with Ian Sanderson, Trustack presales Technical Engineer.

TruStack Focus On… Support Services

Businesses have enough to think about.

In these testing times, with Brexit, a global pandemic and recession to deal with, businesses have never been faced with such uncertainty.

At TruStack, however, we pride ourselves on being able to remove the burden that supporting IT systems can bring and add a level of our own IT expertise to help businesses through these times and prosper moving forward.

Support services are one of the many bespoke services we offer to clients. When it comes to IT infrastructure, we believe that a shared ownership model is the most efficient way to manage the delivery of applications to staff and customers, providing as little or as much as the client needs. We are essentially an extension of a client’s IT team.

After installing a client’s infrastructure, we are always on hand to manage and monitor operations, giving our clients peace of mind and enabling them to focus on the day-to-day running of their business.

As well as enabling constant monitoring and optimisation of their IT infrastructure, by having us on board it means clients are more prepared for future ‘bumps in the road’, with our team of experts there to forecast problems before they become a major issue that will negatively impact them.

Importantly, our dedicated team of analysts are available 24/7, 365 days a year, for high-priority incidents – a constant safety net in case things go wrong.

A lot of time has been spent over the past few months helping manage clients’ transition to agile working in the new world in which we find ourselves. Flexibility is going to be key moving forward, and as such will remain a key part of the support service we offer.

In turn, many businesses agile working transformations were brought forward by the impending lockdown caused by COVID-19.

One such company that we have supported in this transition is law firm Swinburne Maddison:

‘As I pack myself off from the office I would like to say a big “Thank you” to all the people on your support desk for the help they have been to me over the last few weeks in the run up to our evacuation. You have all, without exception, provided me with invaluable support and treated all my questions and requests with respect and professionalism.

‘Thanks once again – and hopefully reversing the process will prove to be somewhat less of a headache for us all! See you soon – and keep safe!’
William Dobson, Office Manager – Swinburne Maddison.

Elsewhere, CDS Security & Fire contacted TruStack for assistance in implementing a secure remote solution to allow staff members to work from home. Having previously had a limited capability for home working, it was essential that this was set up quickly, efficiently and securely.

We ensured that all of CDS Security & Fire’s devices were equipped with the correct technology needed to enable the end users to access all of their files and documents as if they were working in their normal office environment.

‘Without the support services from TruStack, we would not have been able to continue serving our customers during the pandemic. TruStack were on hand every step of the way to ensure that we had everything set up correctly so that our customers felt minimal, if any disruptions. We would not hesitate to call upon TruStack again as they responded to our requests with professionalism and speed during an unknown event.’ Rosie Abbott, CDS Security & Fire.

Ultimately, when a company invests in TruStack’s support service, they are not just buying IT support – they are investing in peace of mind. Our clients know they have that IT safety net in place, with some of the industry’s most knowledgeable experts there to help them with whatever they need.

To find out more about what TruStack can offer your business contact us on [email protected] or call us on 0191 250 3000.

You can also view our managed monitoring service by clicking here, and our data centre offerings by clicking here.

TruStack Focus On… End User Devices

End points and end user devices are any devices a staff member may use to carry out work, e.g. laptops, thin clients, tablets etc. This blog will address the importance of choosing the right end user devices, including adapting to the rise in agile working requirements.

Why are endpoints so important?

Many organisations invest heavily in the right staff, high performance infrastructure, networking, connectivity and applications to enable their business to deliver for its customers.  They then support this with the correct endpoints, assessing staff needs on a regular basis to ensure their equipment supports them to deliver in their role.

What are the endpoint challenges?

At TruStack we often see customers working on legacy or pre-used machines. However, these machines may not fit the end user’s role, their environment or the application stack the end user needs to access. This may be a commercial decision or have other justifications, but ultimately the wrong endpoint can affect employee productivity, engagement and business output.

We are sometimes asked to provide businesses with the same devices for all end users, who may all work in different ways and environments, with different applications. It’s like giving F1 champion Lewis Hamilton a Ford Focus, because it is the same car his Mechanic uses, and still expect him to win the next Grand Prix.

What about the agile working challenge?

Desktops have traditionally been the device of choice for businesses. However, as the UK lockdown hit, businesses needed endpoints that could enable agile working, often laptops or microform desktops with WIFI capabilities, with access to bespoke applications and files on the corporate network.

Stock disappeared overnight with long lead times on agile style devices. Some end users had no choice but to take large desktops home, with corporate monitors and long patch leads to reach from the home router to the desktop, which is ultimately not practical to do.

Agile working has since become the norm for many businesses, and now additional considerations need to be applied to any refresh.

What does agile working look like for your business and employees?

Agile working for every business and every individual user within that business will be different. Therefore, the types of user devices and peripherals each user requires will be different. There are several factors to consider, including:  

  • What does their agile environment look like? Trains, planes, cars, meetings rooms, environment etc should all be thought about.
  • What is available in that environment? Power, space, ergonomic set up, lighting, internet connectivity, business application access, security etc.
  • Does the environment change the technology needed for day-to-day working productivity and would any peripherals support in each location? For example, extra monitors, docking stations, WIFI and 4G/5G connectivity, anti-glare, privacy glass, webcams, 2-in-1 flexibility, noise cancelling headsets and many other options.
  • How much local compute power and resources do they need, processing cores and speed, RAM allocations, graphics capabilities and additional interface ports?

Does the Desktop still have its place?

It isn’t always about providing ‘a laptop’, it is about providing the equipment most suitable to that individual. As such, desktops can continue to be the right choice for many organisations; it could be a shared workstation, or a desktop which offers easy upgrades, hard drive flexibility, multiple connection availability, graphics capability or lower price points.

We fully understand it isn’t easy to undertake an endpoint refresh on any scale. At TruStack we offer free consultations to find out exactly what it is you require and often provide demonstrations and trial kit to customers.

You can get in touch with us to arrange this via your account manager, or call us on 0191 250 3000

TruStack Focus On… Remote Desktop Infrastructure

By Technical Pre-Sales Consultant, Ian Sanderson.

Is 2020 finally the year of VDI?
If you have been in the IT game for a while you may have heard the long-running joke that this year is finally the year of VDI. 2020 Could be when this becomes true.

What is VDI?
VDI or Virtual Desktop Infrastructure is a mechanism that allows a business to deliver corporate desktop images to any device, be that a thin client, a computer, tablet, or smartphone. All desktops are managed from a central location and can be delivered from public, private, or hybrid cloud. I heard a great analogy, imagine that the cables on your keyboard and mouse are just really long and they connect to a desktop somewhere else. Not the one in front of you.

What is it used for?
There are several use cases for VDI. The dominant one at the moment is to grant end-users access to their corporate desktops whilst working from anywhere during the global pandemic. It eliminates the use of a VPN and brings users closer to the data they need to access, making for a great end-user experience.
Did you know you can publish physical desktops and connect to them using the same infrastructure used to access a virtual desktop? Many organisations are adopting this approach to allow people to connect to their corporate devices in the office when they are working from home.

Why would you use it?
It is important now more than ever to secure access to data. A VDI solution can make this task easier as you are moving the entry point for an attack from the end-user device to the VDI estate. With appropriate policies and security in place, no data should be able to traverse the endpoint to the VDI session. From a management standpoint, IT only needs to worry about updating a handful of desktop computers rather than all desktop computers.

Who is it for?
Anyone can make use of VDI. Organisations with many desktops that are the same such as call centres, housing associations, or hospitals to name a few and businesses looking to offer additional flexibility for their users.
A VDI desktop can be accessed easily from anywhere in the world with an appropriate internet connection. If data gravity is a concern, a VDI solution can bring those users closer to the data they need to access.

If you would like anymore information on VDI or Remote Desktop Infrastructure, please do not hesitate to contact us by clicking here.

TruStack Focus On… Disaster Recovery and Backup

Over the last year, ransomware attacks have become more and more sophisticated in their approach. We have seen normalities such as deletion of backup files and encryption of all other files in an organisations systems.

This poses the question whether it is enough to have one back up and data protection vendor in your environment, or do you need to be looking at a more comprehensive data protection and disaster recovery strategy.

Data Protection

A well thought out data protection strategy relies upon multiple layers to help protect data at the core of a business’s infrastructure. As a business, you can no longer rely solely on a local back up that is always online and readily available. This could potentially lead to a complete loss of data.

There are however different methods that could help to better protect your data, or even other methods of duplicating said data. Each layer should have its own security and hardening in place to protect the data further.

As we know, your data is normally the ultimate target of any ransomware attack. If we start from the inside out, you can normally adjust some minor aspects to assist in protecting the data.

  • There should be appropriate permissions in place to ensure that only users that need access to the data, have the permissions to do so. This will then limit the attack surface, should a ransomware attack take place
  • Ensure that you avoid making all users a global admin
  • Follow principles such as, read-only groups, read and modify and full control

Netwrix for example is one of many products that could assist with all of the above.

Near-Line Storage/Back-Up

Near-line storage or back up is a target that is quick to recover from and is always online. This could range from a server, to a NAS or a purpose-built platform that offers benefits such as hardware compression or deduplication. The use case for near-line back up is typically used if someone deletes a file and needs to recover said data quickly.

Physically securing these devices is sensible, and like the data at the core, you should follow similar principles.

  • Access to the backup repository should always be configured
  • Do not use default admin accounts
  • Lock down firewalls
  • Avoid domain joining devices to limit the number of accounts that could log onto the device

Offsite Backup

Offsite backup targets could be considered as cloud-based object storage, for example another building hosting a backup target or rotated hard drives.

This offsite backup is classed as your insurance policy should anything happen to your data and the near-line backups mentioned previously.

Depending on where this data is stored, this can offer additional protection from ransomware and malicious attacks. If you find that someone has compromised your server and deletes the backups, what do you do?

You could use a third party back up target. These targets can help to protect your data, even from a ransomware attack, or internal threat. Many vendors offer this type or service which is normally shortened to BaaS, or backup as a service. Vendors that we use include Veeam and Datto.

Air-Gap Backups

Air-gapped back-ups are those that are completely off the network and not online, so there is no way that anyone could log onto the device and delete the data on it. Tape is the most common example of this and something that is still used frequently today.

However, with tape backups you still need to consider how these are going to be stored should the worst happen. At a minimum they should be stored in a fireproof safe, and preferably off-site.

Also remember that tape doesn’t last forever should you consider using it for archiving purposes, and each LTO generation is only compatible with the most two prior versions.

Snapshots

SAN snapshots are not back-ups; however, many SANS now offer the ability to create a snapshot of their volumes for a quick rollback. If the worst happens, and as the last resort, a SAN can roll back to a volume that is in a known good state and could be exactly what is needed. The volumes on a SAN where many servers run from are typically not exposed to a production environment where an attacker could manipulate them and delete data.

Securing access to the SAN should also still follow the same precautions as mentioned previously.

Remember, a backup is only as good as the last time it was tested, so make sure that this is done as often as necessary.

For more information on Data Protection and the services that TruStack can provide, please feel free to call us on 0191 250 3000 or email on [email protected]

TruStack Focus On… Connectivity

In this blog we will be addressing the long-standing requirements and considerations for the use of Virtual Private Networks (VPN). We will focus on traditional VPN use from end user to corporate networks access, rather than VPN Mesh, VPN to cloud platforms such as Azure, or consumer style VPN provision for confidentiality and security.


So, what is VPN?
As many of you will know, Virtual Private Network connections (VPN) have been a long-time trusted connectivity option between networks since 1996 when Microsoft first published the Peer to Peer Tunnelling Protocol (PPTP).


Why has VPN been so popular?
Point to Point VPN Tunnels across customer networks and VPN between end user devices and company networks have enabled users to access business data, applications and security measures whilst working from anywhere in the world.


In turn this has allowed companies to become more agile, allowing end users to work from anywhere, whilst still delivering the businesses’ security needs with information normally stored behind an enterprise or business grade trusted firewall.

Over recent years the migrations to cloud based Software as a Service Solutions (SaaS) for business data and applications has in many cases reduced the use of VPN. End users are now able to connect directly to the cloud resources from local endpoints with less reliance on traditional on-premise systems.


However, many companies have key applications and large data sets that are unsuited to cloud SaaS. Businesses may also have to meet various compliance regulations or commercial model requirements which traditional on premises infrastructure still provides and therefore still require a VPN solution.


Why is March 2020 so important?
Across the globe the Covid-19 lockdown hit, many organisations who had never needed agile working and remote access now needed it fast. With no time for planned cloud migrations, businesses needed large scale VPN user rolls outs to enable working from home with access to data and applications for end users. Often this was done with limited considerations on how the VPN would deliver what was required or the security risks involved.


What are some of the common key business cases for customer VPN connections?


Remote access to files: VPN provides a great method of accessing small files on networks, often as part of a domain for work share group.  


Enabling remote access to applications: VPN may provide direct access to applications on the corporate network or can enable access to remote desktop services for remote users to access corporate network-based compute to run the required applications.  


Web security: Agile workers often don’t have the levels of security required on the end-point or network to enable secure access to any web services. There could be other devices on those networks which are malicious and pose a threat to your corporate data. If required, VPNs can pass all web traffic directly back to the main corporate network to run through your traditional on premises network security.  


What key considerations should a business check before jumping to VPN?


Level of encryption: Many companies needed to implement VPN quickly with access for remote working without the latest technology, running the risk with older less secure VPN methods such as PPTP vs more secure SSL VPN providing a better layer of security. Some older firewalls don’t support SSL VPN, so it may be an upgrade which is required, and some firewalls need licencing to enable SSL VPN on a per user basis.  


VPN performance: VPN provides a method for agile working; however, it can be limited in the performance it delivers.  For example, does the VPN provide the performance requirement to open or transfer the documents across your IT environment as end users expect?


Does VPN enable what you need?: VPN connections alone may not allow you to run the applications required, however, VPN may provide the secure the access to another layer of compute such as a remote desktop server or individual Endpoint.


The resiliency of your firewalls: If you are only running one firewall it may be worth considering a pair of high availability configured firewalls to reduce risk and a single point of failure.


Treat VPNS with the highest security: VPN passwords should be highly secure as they allow a device to connect to your network. VPN passwords should be complex, updated regularly and kept up to date to ensure no legacy users have access credentials.


Multi-Factor Authentication and Geo Blocking Controls: For best practice, implement a multi-factor authentication system to complement your VPN security. This can prevent unauthorised access in the event of password breach or brute force attack.


Firewalls limitations: Many firewalls are limited in the number of VPN connections available and the number it can handle concurrently. Ensure latest firmware updates are in place for your firewalls which may offer more stable connections.


And many, many more…

Ultimately VPN can still provide a great layer of security to ensure external users who are accessing the system need a further level of credentials to access the network, particularly when Multi-factor authentication is added to the VPN connection. However, it is important the company understands the required working practices and security risks that need to be fully considered.


If you would like to discuss any VPN requirements for your organisation or advice on your existing systems contact us on [email protected]

Important Updates To Office Support

Office 2016 for Mac and Office 2010 will reach their end of support on October 13, 2020. After this date, Microsoft will no longer provide technical support, bug fixes, or security updates for Office 2016 for Mac and Office 2010. You will still be able to use these versions of Office, but over time, organisations will face an increase in security risks and compliance issues.

Running legacy platforms allows security exploits to be leveraged against businesses and so retaining Office 2010 which Microsoft will no longer patch or bug fix is a significant risk.

Therefore because of the changes listed above, we strongly advise that you move to a current agile platform such as Microsoft 365.

Those who have Cyber Essentials or Cyber Essentials Plus will not be able to maintain the accreditation as the Microsoft platforms will not be patched. To have these accreditation’s patches must be deployed within two weeks.

Why Move to Microsoft 365?

Businesses who adapted best to Covid-19 were those who were already using current technology and leveraging tools such as Teams, securely ahead of the lock down.

Those business were already benefiting from agile working practices which their staff and clients benefited from. Meanwhile, others were left unprepared and looking for last minute solutions to remote and agile working, this is now the opportunity for those businesses behind the curve to pull themselves into the present day with up to date technology.

Benefits Include

  • Reduction in on premises infrastructure to manage by moving to the cloud.
  • No long contracts. The ability to flex up or down depending on the size of your workforce. Removes uncertainty should there be a sudden increase or decrease in staff members.
  • Always entitled to the latest version of the software.
  • Easy license management. 
  • Experts on hand at TruStack to help guide you through your journey.

Contact us today to claim a FREE 30 minute consultation.

You can also read more on Agile Working by clicking here.

TruStack Focus On… Collaboration Tools

Unified Communications can mean many things to many people. Essentially it is the ability to communicate in a seamless manner wherever and whenever. Whether that includes video call, extension mobility, or instant messaging, this digital transformation can help to improve productivity in the workplace when working in an agile fashion.

One of the biggest roadblocks to collaboration is distance. With increasing availability and popularity of web-enabled collaborative tools, it is no longer necessary to make extensive plans for bringing busy colleagues to the same location. With new-age web conferencing tools, it is possible to have audio-video interactions with a range of features like desktop sharing, whiteboards, polls, webinars – to name just a few.

The greatest tangible benefit is monetary savings and travel costs that account for a large chunk of the training budget. Arranging for employees to travel, as well as arranging for training sessions can be a tedious and complicated process – especially when employees today have extremely busy schedules and deliverables within tight timelines. With conferring and other web-enabled collaborative tools, employees do not have to travel for training sessions. With recording and saving functions built in, training sessions can also be saved for future utilisation or for learners who cannot attend the session live.

Another big component in cost savings is that of communication costs incurred in phone calls, mail and other modes of one-to-one communication which, in the absence of collaboration tools, have to be made time and time again to reach out to a large or geographically spread out audience. With conferencing or collaboration tools, a lot of learners can log in to a single platform and attend sessions together. With facilities like two-way chat and direct calls, collaboration is real time – benefitting the learners by addressing their needs there and then.

For smaller organizations, it is a means to enable them to find a global reach and makes their business international. For bigger enterprises, it increases inter-organisational communication and builds knowledge within its structure.

Collaboration and conferencing tools also make a lot of resources readily available for staff and customers. Brainstorming sessions with peers encourage even the most introvert learners to contribute to discussions. The online platforms give them more comfort than a room full of unknown faces would.

From our agile working survey, it was easy to see that the most popular form of collaboration was via Microsoft Teams with 75% of those surveyed using the platform. No surprise with the ever-increasing adoption of O365 and the many great features it can bring for agile working. Of course, there are many platforms with similar functions such as Mitel Connect, Zoom etc, however our experts here at TruStack can guide you through that decision making process and the considerations that need to be made.

For more information please do not hesitate to contact us on [email protected]

You can also read our Agile Working report by clicking here.

TruStack Focus On… Cybersecurity

Working from home, or ‘agile working’ as we term it at TruStack, has become increasingly common over the past few months as companies adapt their working practices to cope with the impact of Covid-19. From the results of businesses we have surveyed (agile working report here), we believe agile working will only increase in future, and so businesses must be well-prepared to deal with the issues this will bring. Arguably the most important of these is security.

It is predicted globally that companies will spend in excess of $137 billion in 2020 to protect against cyber threats, with the highly regarded technology research company Gartner predicting the global cost of security attacks on businesses will be around $3.9 trillion!

Cyber-attacks are no longer conducted just by individuals sitting in bedrooms. State and political sponsored cyber-attacks shape global economies and political landscapes. The skills behind the attacks are increasing, the rewards for those committing the tasks are increasing, which means it is reasonable to predict more volume and more complexity of attacks in future. It is vital businesses protect themselves by ensuring their rolling out of agile working does not compromise their data, which many believe is the most valuable of global commodities.

Home networks tend to be far more open, with so many devices – e.g. smart speakers, internet enabled sound bars, games consoles, smart lights, smart phones, smart TVs – potentially sharing a network and broadband with multiple work devices. All of this increases the possibility of a piece of malware, or ransomware, finding a weakness and exploiting it, potentially allowing it to find and spread in the local network. Remote workers need strong security and those systems need stringent monitoring to protect the business data users operate with.

Businesses need layers of protection – no business can rely on a single product, platform or device to protect its data. There are, however, some key steps to take to give your business the best chance of protecting against cyber-attacks. These include having a quality firewall, implementing a quality antivirus platform for user devices like our Worry Free service, carrying out security patching, having a multi-factor authentication process such as Thales and investing in a robust backup and recovery solution whether that be Veeam, Datto or a service out of our Data Centre.

These are just some of the protection measures that TruStack consults around. Ultimately, businesses must have a security-first mindset, from bottom to top, where protection of data is an absolute priority, as we transition towards a largely agile workforce.

For any questions or queries please contact us on [email protected] or 0191 250 3011

We’re Hiring!

At TruStack our vision is to build a sustainable and socially responsible organisation that is trusted by our staff, our customers and our vendors to provide outstanding customer service and innovative solutions.

After a period of rapid growth, team TruStack are hiring for a number of roles!

Are you enthusiastic about telephony or networking and being part of an experienced team of industry specialists? If yes, we may be the perfect fit for each other!

If you are passionate about delivering exceptional customer service, solving complex problems and full of ideas then you might be the person we are looking for to join us at TruStack.

We have the following two roles available for immediate start;

  • Telecoms and UC Engineer
  • Systems and Networking Engineer

In return we will commit to a full on boarding schedule, a competitive remuneration package and access to ongoing personal development.

For more information and a full job specification, please email [email protected]

Please note we are not accepting applications from recruitment agencies at this time.