Lunch and Learn – VDI with TruStack and VMware

In the modern world of remote and flexible working, IT needs to be able to make them available to everyone, on any device, while still ensuring security.

VDI, or virtual desktop infrastructure, is appropriate when you need remote workers to access multiple applications typically on their work computers. VDI delivers virtualised desktops – which include the operating system, apps, and their documents – to remote devices with the same experience as a PC at the office. Workloads are processed at the on-premises virtualised server instead of your employees’ laptop, tablet or smartphone so your workers don’t experience lags and your data stays secure.

Learn in this webinar how VMware can help you solve device issues by virtualising desktops and applications for greater choice and flexibility.

For more information on our VDI solutions, please head to the Contact Us page.

TruStack Lunch and Learn – Datto SaaS Protection

In 2020, businesses everywhere pivoted to remote working styles. As a result, we saw an increase in the adoption of cloud software and services for increased efficiency and collaboration. What many businesses may not know, is that just because data is created or stored in the cloud, doesn’t mean it’s protected. Cloud migration is set to accelerate in 2021, which could put valuable data at risk to cyber attacks without solutions in place to keep it protected.

A big thank you to all those that joined us on the webinar last week, you can find a copy of the recording below.

For more information on Datto SaaS Protection, or backup, please follow this link to take you to our Contact Us page!

Updates from Microsoft Ignite!

Some of you may know that every year Microsoft holds its Ignite conference for developers and IT professionals. Fresh from the announcements last week, resident Pre-Sales Consultant, Ian Sanderson picks a few of his favourite new features for Teams meetings.

New Together mode scenes
Together mode re-imagines meeting experiences to help participants feel closer together even when you are apart. With new Together mode scenes coming this year, you can transport your team to a variety of settings that can help set the tone and create the experience for your meeting, whether it be an auditorium, a conference room, or a coffee shop.

Custom layouts
Coming later this year, custom layouts allow for a more dynamic content viewing experience and enable presenters to customize how content shows up for participants during a meeting. For example, when a presenter is showing a PowerPoint slide, participants will be able to see the presenter’s video feed transposed onto the foreground of the slide they’re showing.

Breakout rooms
Coming in October, breakout rooms will allow meeting organisers to split up meeting participants into smaller groups to facilitate brainstorming sessions or work group discussions. Presenters can choose to hop between breakout rooms, make announcements to all breakout rooms, and/or close the breakout rooms that then bring everybody back into the main meeting.

Meeting recap
Meeting recaps help teams stay on track and keep work moving forward after a meeting for both participants and for those who were unable to attend a meeting. Coming this year, a recap with the meeting recording, transcript, chat, shared files and more will be automatically shared in the meeting Chat tab and viewable in the Details tab for each meeting. The recap will also be available in the meeting event in your Outlook calendar.

Webinar registration and reporting
For more structured meetings, such as customer webinars, meeting organisers can use event registration with automated emails to make it easier to manage attendance. And after the meeting, view a detailed reporting dashboard that will help understand attendee engagement. These new features are expected to begin to roll out by end of year.

For more new features being released by Microsoft for Teams, you can read the full blog here

For help or advice on collaboration tools or unified communication, please email us on [email protected] or call 0191 2503000.

Blog Post – Are you getting the most value out of your Multi-Factor Authentication solution?

When choosing our multifactor authentication product, it is important to understand our thought process when evaluating the marketplace for a product and more importantly why we were looking.

In the last few years, we have seen a massive swing when it comes to business priorities in IT.

You will often find that IT directors and managers mark security as their number one focus on IT spending, and with good reason. Each day we create more and more data which is the lifeblood of many organisations.

What is Multi-Factor Authentication?

Multi-factor authentication and access management is an important part of a multi-layered approach to securing business assets. A common attack vector is credential theft. Think about what a malicious actor could do if they had access to a corporate Office 365 account or similar. Multi-factor authentication means that even if a user does fall victim to credential theft, it would be near impossible for the malicious actor to use those credentials as each login request would require a unique one-time passcode to login with. Similarly, with access management, having strong scenario-based policies in place around who is accessing what, when, and from where, ensures an extra layer of security in an ever-changing working environment.

With that in mind, we set out to find a solution that met a set of criteria. Something easy to use, has a rich set of features, is SaaS-based, and offers value for money.

We looked at offerings from Microsoft, DUO, and others which all have their good points, but none of them offered everything we wanted, apart from Thales.

Who is Thales and what is SafeNet Trusted Access (STA)?

SafeNet Trusted Access (STA) is a combined MFA and access management service that centrally manages and secures access to web based, on premises and cloud-based applications. STA simplifies user experience whilst also being simple enough for IT admins to implement and moderate. STA not only features flexible risk-based policies, but also single sign on portals, universal authentication policies and protection of all SAML-based applications.

If you have not heard of Thales before, part of their organisation is the business they acquired when they bought Gemalto in 2019. The name Gemalto may sound familiar, they specialise in products like Passports with the RFID chips, card readers for online banking systems, and importantly, they make their own physical One Time Passcode tokens.

STA allows business to scale as they move into the cloud, take more applications on premises, or a hybrid of the two whilst ensuring that the business meets compliance.

How can Thales and Microsoft complement each other?

When looking at Thales and Microsoft, the main differentiator between the two products is that Thales can protect all applications, whether they are in a Microsoft environment or not. Microsoft will only protect Microsoft applications being accessed, such as O365.

It is also good security practice to split your security provider from your virtual infrastructure provider. That’s why many companies prefer to select a 3rd party provider for their security solutions, rather than relying on just the one vendor.

The key differentiators between STA and DUO

When looking at MFA provider DUO, the Thales STA product also provides superior features. For example, STA provides a lower total cost of ownership.

Because Thales produce their own physical One Time Passcode tokens, these can be added to the MFA service, typically at no additional cost. With vendors like Duo, it is often an extra. It is important to understand why we think this is a differentiator. Many organisations that would like to roll out MFA may not want a software token installed on users’ personal devices, or indeed the user may not want any corporate software on their personal device. Having the option to hand out a physical token for those use cases, without incurring an additional charge represents excellent value.

Other superior features include, granular reporting, ease of deployment and more robust multi-factor authentication, all of which is all included the price of the license. There isn’t a “buffet-style” approach to their license model, the one license covers all features within the SafeNet Trusted Access consol.

Choosing your Multi-Factor Authentication product

This is not just about enabling MFA and access management policies, but about looking at the bigger cybersecurity picture. To do that we have to have robust conditional access policies that you can integrate with all applications, not matter where they live, be that in the cloud or on premises. It also must be delivered by a name that you can trust, such as Thales and with simplified operations for IT staff.

Are you getting the most value out of your Multi-Factor Authentication solution webinar can be found here.

For more information on STA or our security solutions, you can get in touch with us by emailing [email protected] or by calling 0191 250 3000.

Webinar Recording – Are you getting the most value out of your Multi-Factor Authentication solution?

More organisations are shifting to a remote working framework for the foreseeable future, therefore it is more important than ever to ensure your teams and business assets are safe from opportunistic hackers.

With nearly 60% of organisations sensitive data being stored in the cloud, and over 71% of deployments experiencing at least one compromised account each month; implementing access controls that evaluate risk profiles and implement strong authentication is crucial.

Watch our webinar to hear from Ian Sanderson, Presales Technical Consultant at Trustack and deep dive into the competitive advantages of using Thales STA (Safenet Trusted Access) for your multi-factor authentication security needs.

In the session you will hear about:

  • How Microsoft and Thales Access management solutions can complement each other and enhance your security strategy.
  • How Thales compares to Duo when meeting your access management needs.
  • Real-life use cases to demonstrate how Thales can simplify multi-factor authentication
  • Opportunity to ask those burning questions with Ian Sanderson, Trustack presales Technical Engineer.

For more information on anything you have seen in the webinar, or our security services and agile working solutions, please contact us here.

TruStack Focus On… Support Services

Businesses have enough to think about.

In these testing times, with Brexit, a global pandemic and recession to deal with, businesses have never been faced with such uncertainty.

At TruStack, however, we pride ourselves on being able to remove the burden that supporting IT systems can bring and add a level of our own IT expertise to help businesses through these times and prosper moving forward.

Support services are one of the many bespoke services we offer to clients. When it comes to IT infrastructure, we believe that a shared ownership model is the most efficient way to manage the delivery of applications to staff and customers, providing as little or as much as the client needs. We are essentially an extension of a client’s IT team.

After installing a client’s infrastructure, we are always on hand to manage and monitor operations, giving our clients peace of mind and enabling them to focus on the day-to-day running of their business.

As well as enabling constant monitoring and optimisation of their IT infrastructure, by having us on board it means clients are more prepared for future ‘bumps in the road’, with our team of experts there to forecast problems before they become a major issue that will negatively impact them.

Importantly, our dedicated team of analysts are available 24/7, 365 days a year, for high-priority incidents – a constant safety net in case things go wrong.

A lot of time has been spent over the past few months helping manage clients’ transition to agile working in the new world in which we find ourselves. Flexibility is going to be key moving forward, and as such will remain a key part of the support service we offer.

In turn, many businesses agile working transformations were brought forward by the impending lockdown caused by COVID-19.

One such company that we have supported in this transition is law firm Swinburne Maddison:

‘As I pack myself off from the office I would like to say a big “Thank you” to all the people on your support desk for the help they have been to me over the last few weeks in the run up to our evacuation. You have all, without exception, provided me with invaluable support and treated all my questions and requests with respect and professionalism.

‘Thanks once again – and hopefully reversing the process will prove to be somewhat less of a headache for us all! See you soon – and keep safe!’
William Dobson, Office Manager – Swinburne Maddison.

Elsewhere, CDS Security & Fire contacted TruStack for assistance in implementing a secure remote solution to allow staff members to work from home. Having previously had a limited capability for home working, it was essential that this was set up quickly, efficiently and securely.

We ensured that all of CDS Security & Fire’s devices were equipped with the correct technology needed to enable the end users to access all of their files and documents as if they were working in their normal office environment.

‘Without the support services from TruStack, we would not have been able to continue serving our customers during the pandemic. TruStack were on hand every step of the way to ensure that we had everything set up correctly so that our customers felt minimal, if any disruptions. We would not hesitate to call upon TruStack again as they responded to our requests with professionalism and speed during an unknown event.’ Rosie Abbott, CDS Security & Fire.

Ultimately, when a company invests in TruStack’s support service, they are not just buying IT support – they are investing in peace of mind. Our clients know they have that IT safety net in place, with some of the industry’s most knowledgeable experts there to help them with whatever they need.

To find out more about what TruStack can offer your business contact us on [email protected] or call us on 0191 250 3000.

You can also view our managed monitoring service by clicking here, and our data centre offerings by clicking here.

TruStack Focus On… Disaster Recovery and Backup

Over the last year, ransomware attacks have become more and more sophisticated in their approach. We have seen normalities such as deletion of backup files and encryption of all other files in an organisations systems.

This poses the question whether it is enough to have one back up and data protection vendor in your environment, or do you need to be looking at a more comprehensive data protection and disaster recovery strategy.

Data Protection

A well thought out data protection strategy relies upon multiple layers to help protect data at the core of a business’s infrastructure. As a business, you can no longer rely solely on a local back up that is always online and readily available. This could potentially lead to a complete loss of data.

There are however different methods that could help to better protect your data, or even other methods of duplicating said data. Each layer should have its own security and hardening in place to protect the data further.

As we know, your data is normally the ultimate target of any ransomware attack. If we start from the inside out, you can normally adjust some minor aspects to assist in protecting the data.

  • There should be appropriate permissions in place to ensure that only users that need access to the data, have the permissions to do so. This will then limit the attack surface, should a ransomware attack take place
  • Ensure that you avoid making all users a global admin
  • Follow principles such as, read-only groups, read and modify and full control

Netwrix for example is one of many products that could assist with all of the above.

Near-Line Storage/Back-Up

Near-line storage or back up is a target that is quick to recover from and is always online. This could range from a server, to a NAS or a purpose-built platform that offers benefits such as hardware compression or deduplication. The use case for near-line back up is typically used if someone deletes a file and needs to recover said data quickly.

Physically securing these devices is sensible, and like the data at the core, you should follow similar principles.

  • Access to the backup repository should always be configured
  • Do not use default admin accounts
  • Lock down firewalls
  • Avoid domain joining devices to limit the number of accounts that could log onto the device

Offsite Backup

Offsite backup targets could be considered as cloud-based object storage, for example another building hosting a backup target or rotated hard drives.

This offsite backup is classed as your insurance policy should anything happen to your data and the near-line backups mentioned previously.

Depending on where this data is stored, this can offer additional protection from ransomware and malicious attacks. If you find that someone has compromised your server and deletes the backups, what do you do?

You could use a third party back up target. These targets can help to protect your data, even from a ransomware attack, or internal threat. Many vendors offer this type or service which is normally shortened to BaaS, or backup as a service. Vendors that we use include Veeam and Datto.

Air-Gap Backups

Air-gapped back-ups are those that are completely off the network and not online, so there is no way that anyone could log onto the device and delete the data on it. Tape is the most common example of this and something that is still used frequently today.

However, with tape backups you still need to consider how these are going to be stored should the worst happen. At a minimum they should be stored in a fireproof safe, and preferably off-site.

Also remember that tape doesn’t last forever should you consider using it for archiving purposes, and each LTO generation is only compatible with the most two prior versions.


SAN snapshots are not back-ups; however, many SANS now offer the ability to create a snapshot of their volumes for a quick rollback. If the worst happens, and as the last resort, a SAN can roll back to a volume that is in a known good state and could be exactly what is needed. The volumes on a SAN where many servers run from are typically not exposed to a production environment where an attacker could manipulate them and delete data.

Securing access to the SAN should also still follow the same precautions as mentioned previously.

Remember, a backup is only as good as the last time it was tested, so make sure that this is done as often as necessary.

For more information on Data Protection and the services that TruStack can provide, please feel free to call us on 0191 250 3000 or email on [email protected]

You can also contact us by clicking here.

TruStack Focus On… Connectivity

In this blog we will be addressing the long-standing requirements and considerations for the use of Virtual Private Networks (VPN). We will focus on traditional VPN use from end user to corporate networks access, rather than VPN Mesh, VPN to cloud platforms such as Azure, or consumer style VPN provision for confidentiality and security.

So, what is VPN?
As many of you will know, Virtual Private Network connections (VPN) have been a long-time trusted connectivity option between networks since 1996 when Microsoft first published the Peer to Peer Tunnelling Protocol (PPTP).

Why has VPN been so popular?
Point to Point VPN Tunnels across customer networks and VPN between end user devices and company networks have enabled users to access business data, applications and security measures whilst working from anywhere in the world.

In turn this has allowed companies to become more agile, allowing end users to work from anywhere, whilst still delivering the businesses’ security needs with information normally stored behind an enterprise or business grade trusted firewall.

Over recent years the migrations to cloud based Software as a Service Solutions (SaaS) for business data and applications has in many cases reduced the use of VPN. End users are now able to connect directly to the cloud resources from local endpoints with less reliance on traditional on-premise systems.

However, many companies have key applications and large data sets that are unsuited to cloud SaaS. Businesses may also have to meet various compliance regulations or commercial model requirements which traditional on premises infrastructure still provides and therefore still require a VPN solution.

Why is March 2020 so important?
Across the globe the Covid-19 lockdown hit, many organisations who had never needed agile working and remote access now needed it fast. With no time for planned cloud migrations, businesses needed large scale VPN user rolls outs to enable working from home with access to data and applications for end users. Often this was done with limited considerations on how the VPN would deliver what was required or the security risks involved.

What are some of the common key business cases for customer VPN connections?

Remote access to files: VPN provides a great method of accessing small files on networks, often as part of a domain for work share group.  

Enabling remote access to applications: VPN may provide direct access to applications on the corporate network or can enable access to remote desktop services for remote users to access corporate network-based compute to run the required applications.  

Web security: Agile workers often don’t have the levels of security required on the end-point or network to enable secure access to any web services. There could be other devices on those networks which are malicious and pose a threat to your corporate data. If required, VPNs can pass all web traffic directly back to the main corporate network to run through your traditional on premises network security.  

What key considerations should a business check before jumping to VPN?

Level of encryption: Many companies needed to implement VPN quickly with access for remote working without the latest technology, running the risk with older less secure VPN methods such as PPTP vs more secure SSL VPN providing a better layer of security. Some older firewalls don’t support SSL VPN, so it may be an upgrade which is required, and some firewalls need licencing to enable SSL VPN on a per user basis.  

VPN performance: VPN provides a method for agile working; however, it can be limited in the performance it delivers.  For example, does the VPN provide the performance requirement to open or transfer the documents across your IT environment as end users expect?

Does VPN enable what you need?: VPN connections alone may not allow you to run the applications required, however, VPN may provide the secure the access to another layer of compute such as a remote desktop server or individual Endpoint.

The resiliency of your firewalls: If you are only running one firewall it may be worth considering a pair of high availability configured firewalls to reduce risk and a single point of failure.

Treat VPNS with the highest security: VPN passwords should be highly secure as they allow a device to connect to your network. VPN passwords should be complex, updated regularly and kept up to date to ensure no legacy users have access credentials.

Multi-Factor Authentication and Geo Blocking Controls: For best practice, implement a multi-factor authentication system to complement your VPN security. This can prevent unauthorised access in the event of password breach or brute force attack.

Firewalls limitations: Many firewalls are limited in the number of VPN connections available and the number it can handle concurrently. Ensure latest firmware updates are in place for your firewalls which may offer more stable connections.

And many, many more…

Ultimately VPN can still provide a great layer of security to ensure external users who are accessing the system need a further level of credentials to access the network, particularly when Multi-factor authentication is added to the VPN connection. However, it is important the company understands the required working practices and security risks that need to be fully considered.

If you would like to discuss any VPN requirements for your organisation or advice on your existing connectivity contact us on [email protected] or click here.

TruStack Focus On… Collaboration Tools

Unified Communications can mean many things to many people. Essentially it is the ability to communicate in a seamless manner wherever and whenever. Whether that includes video call, extension mobility, or instant messaging, this digital transformation can help to improve productivity in the workplace when working in an agile fashion.

One of the biggest roadblocks to collaboration is distance. With increasing availability and popularity of web-enabled collaborative tools, it is no longer necessary to make extensive plans for bringing busy colleagues to the same location. With new-age web conferencing tools, it is possible to have audio-video interactions with a range of features like desktop sharing, whiteboards, polls, webinars – to name just a few.

The greatest tangible benefit is monetary savings and travel costs that account for a large chunk of the training budget. Arranging for employees to travel, as well as arranging for training sessions can be a tedious and complicated process – especially when employees today have extremely busy schedules and deliverables within tight timelines. With conferring and other web-enabled collaborative tools, employees do not have to travel for training sessions. With recording and saving functions built in, training sessions can also be saved for future utilisation or for learners who cannot attend the session live.

Another big component in cost savings is that of communication costs incurred in phone calls, mail and other modes of one-to-one communication which, in the absence of collaboration tools, have to be made time and time again to reach out to a large or geographically spread out audience. With conferencing or collaboration tools, a lot of learners can log in to a single platform and attend sessions together. With facilities like two-way chat and direct calls, collaboration is real time – benefitting the learners by addressing their needs there and then.

For smaller organizations, it is a means to enable them to find a global reach and makes their business international. For bigger enterprises, it increases inter-organisational communication and builds knowledge within its structure.

Collaboration and conferencing tools also make a lot of resources readily available for staff and customers. Brainstorming sessions with peers encourage even the most introvert learners to contribute to discussions. The online platforms give them more comfort than a room full of unknown faces would.

From our agile working survey, it was easy to see that the most popular form of collaboration was via Microsoft Teams with 75% of those surveyed using the platform. No surprise with the ever-increasing adoption of O365 and the many great features it can bring for agile working. Of course, there are many platforms with similar functions such as Mitel Connect, Zoom etc, however our experts here at TruStack can guide you through that decision making process and the considerations that need to be made.

For more information please do not hesitate to contact us on [email protected]

You can also read our Agile Working report by clicking here.

TruStack Focus On… Cybersecurity

Working from home, or ‘agile working’ as we term it at TruStack, has become increasingly common over the past few months as companies adapt their working practices to cope with the impact of Covid-19. From the results of businesses we have surveyed (agile working report here), we believe agile working will only increase in future, and so businesses must be well-prepared to deal with the issues this will bring. Arguably the most important of these is security.

It is predicted globally that companies will spend in excess of $137 billion in 2020 to protect against cyber threats, with the highly regarded technology research company Gartner predicting the global cost of security attacks on businesses will be around $3.9 trillion!

Cyber-attacks are no longer conducted just by individuals sitting in bedrooms. State and political sponsored cyber-attacks shape global economies and political landscapes. The skills behind the attacks are increasing, the rewards for those committing the tasks are increasing, which means it is reasonable to predict more volume and more complexity of attacks in future. It is vital businesses protect themselves by ensuring their rolling out of agile working does not compromise their data, which many believe is the most valuable of global commodities.

Home networks tend to be far more open, with so many devices – e.g. smart speakers, internet enabled sound bars, games consoles, smart lights, smart phones, smart TVs – potentially sharing a network and broadband with multiple work devices. All of this increases the possibility of a piece of malware, or ransomware, finding a weakness and exploiting it, potentially allowing it to find and spread in the local network. Remote workers need strong security and those systems need stringent monitoring to protect the business data users operate with.

Businesses need layers of protection – no business can rely on a single product, platform or device to protect its data. There are, however, some key steps to take to give your business the best chance of protecting against cyber-attacks. These include having a quality firewall, implementing a quality antivirus platform for user devices like our Worry Free service, carrying out security patching, having a multi-factor authentication process such as Thales and investing in a robust backup and recovery solution whether that be Veeam, Datto or a service out of our Data Centre.

These are just some of the protection measures that TruStack consults around. Ultimately, businesses must have a security-first mindset, from bottom to top, where protection of data is an absolute priority, as we transition towards a largely agile workforce.

For any questions or queries please contact us on [email protected] or contact us here.