In the past we would take a dedicated camera on holiday to record those special moments. Since 2010 digital camera sales have fallen 84%, which is mainly due to quality improvement of smartphone cameras. These days, the majority of us carry a smartphone and tend to take a lot of quality still and video images. The problem is, that because we are taking so many higher resolution images, we are creating a lot of data that needs sorting (so you can find particular photos again) and protecting by backup. Most smartphones can be set up so that they will automatically back up the photos to the cloud when connected to a wireless network, however when you are travelling, a safe Wi-Fi connection is not always available. You can change the settings to override this, so it will backup regardless of the connection, but this uses roaming data, which could end up costing quite a bit extra. There are several issues that can cause roadblocks to taking a lot of photos The data storage capacity of the phone Data limit on free cloud storage Paying for cloud backup options can be inexpensive and this article - link here - covers some of the cloud backup options. If you rely on free cloud storage, please bear in mind that this is a storage only and does not meet the criteria of a backup solution. If, for example you back up to Dropbox, this syncs to all computers using that Dropbox account. If you accidentally delete the contents on that computer (or are hacked) the deletion is replicated to all devices with Dropbox. To reduce the possibility of this our advice would be to setup photo sync on your phone to your cloud storage (Dropbox, iCloud, Google Photos, OneDrive, etc. etc.), make sure those cloud storage accounts are secure, and consider downloading a copy of your cloud storage once a month or once a quarter and storing it “locally” (not in the cloud). Many cloud storage providers give you the option to download a .zip file of the entire contents of you cloud storage. Some have built-in fail-safes to allow you to recover deleted items from your cloud storage (sometimes this is only available for paid plans though).

Many new business ventures start off with little or no complexity and few staff. The business owner has a concept that they believe will work, dreams up a company name and gets excited about designing a logo and business card. Depending on the product or service, they may already have developed a website and thought about email addresses. Typically, they begin working from home or small premises with an internet connection, basic email account, a mobile phone and tons of enthusiasm. Their computer is often a laptop with free antivirus and no backup solution. Systems are generally simple with and as they move through stages of "excited", "reality check", "somewhat hopeful", then to “Hey, this might be working!” Companies change as they experience growth, adding staff, purchasing specialised software solutions and requiring more from their hardware and network. As the complexity increases the business develops systems, procedures & policies to provide a level of control and monitoring. What we find, is with the increase activity and demands on the business owners time (and resources) their network and cyber security is often overlooked. This is why Computer Culture strongly recommend getting your IT provider involved at an early stage so that they can provide IT solutions that are scalable and adaptable to the businesses changing needs. These solutions will cover: Network design, device patching and user management Protection from viruses, malware and hackers Remote accessibility and setting up others to work remotely Data storage, protection and backup User cyber awareness training and education Disaster Recovery Plan Addressing these requirements involves an array of solutions with customisation for each organisation. Having regular reviews and sticking to upgrade cycles are important to maintain the level of protection. Please contact our sales team if you would like to know more about this assessment process.

 The use of trusted cryptography to protect data is at an all-time high, according to the 2019 Global Encryption Trends Study from the Ponemon Institute. With corporate data breaches making the headlines on an almost daily basis, the deployment of an overall encryption strategy by organisations around the world has steadily increased. This year, 45% of respondents say their organisation has an overall encryption plan applied consistently across the entire enterprise with a further 42% having a limited encryption plan or strategy that is applied to certain applications and data types. Threats, drivers and priorities Employee mistakes continue to be the most significant threat to sensitive data (54%), more than external hackers (30%) and malicious insiders (21%) combined. In contrast, the least significant threats to the exposure of sensitive or confidential data include government eavesdropping (12%) and lawful data requests (11%). The main driver for encryption is the protection of an enterprise’s intellectual property and the personal information of customers – both 54% of respondents. With more data to encrypt and close to 2/3 of respondents deploying 6 or more separate products to encrypt it, policy enforcement (73%) was selected as the most important feature for encryption solutions. In previous years, performance consistently ranked as the most important feature. Cloud data protection requirements continue to drive encryption use, with encryption across both public and private cloud use cases growing over 2018 levels, and organisations prioritising solutions that operate across both enterprise and cloud environments (68%). Data discovery the number one challenge With the explosion and proliferation of data that comes from digital initiatives, cloud use, mobility and IoT devices, data discovery continues to be the biggest challenge in planning and executing a data encryption strategy with 69% of respondents citing this as their number one challenge. Trust, integrity, control The use of hardware security modules (HSMs) grew at a record year-over-year level from 41% in 2018 to 47%, indicating a requirement for a hardened, tamper-resistant environment with higher levels of trust, integrity and control for both data and applications. HSM usage is no longer limited to traditional use cases such as public key infrastructure (PKI), databases, application and network encryption (TLS/SSL); the demand for trusted encryption for new digital initiatives has driven significant HSM growth over 2018 for code signing (up 13%), big data encryption (up 12%), IoT root of trust (up 10%) and document signing (up 8%). Additionally, 53% of respondents report using on-premises HSMs to secure access to public cloud applications. Ponemon Institute chairman and founder Dr. Larry Ponemon says, “The use of encryption is at an all-time high, driven by the need to address compliance requirements such as the EU General Data Protection Regulation (GDPR), California Data Breach Notification Law and Australia Privacy Amendment Act 2017, and the need to protect sensitive information from both internal and external threats as well as accidental disclosure. “Encryption usage is a clear indicator of a strong security posture with organisations that deploy encryption being more aware of threats to sensitive and confidential information and making a greater investment in IT security.” nCipher Security, senior director of strategy and business development John Grimm says, “Organisations are under relentless pressure to protect their business critical information and applications and meet regulatory compliance, but the proliferation of data, concerns around data discovery and policy enforcement, together with lack of cybersecurity skills makes this a challenging environment.” Encryption Key-Trends The highest prevalence of an enterprise encryption strategy is reported in Germany (67%) followed by the United States (65%), Australia (51%), and the United Kingdom (50%). Payment-related data (55% of respondents) and financial records (54% of respondents) are most likely to be encrypted. Financial records had the largest increase on this list over last year, up 4%. The least likely data type to be encrypted is health-related information (24% of respondents), which is a surprising result given the sensitivity of health information and the recent high-profile healthcare data breaches. 61% of respondents classify key management as having a high level of associated “pain” (a rating of 7+ on a scale of 10). This figure is almost identical to the 63% of organisations that use six or more separate encryption products, suggesting there is a clear correlation between the two findings. Support for both cloud and on-premises deployment of encryption has risen in importance as organisations have increasingly embraced cloud computing and look for consistency across computing styles.

Seagate’s IronWolf and IronWolf Pro hard drives now come with a new 14TB top capacity leading the NAS storage market with the largest capacity options available. With IronWolf’s new unsurpassed 14TB capacity, your multi-drive NAS becomes exponentially more powerful. IronWolf and IronWolf Pro drives providing best-in-class reliability and performance for always-on environments and are trusted by the world’s top NAS vendors. IronWolf drives are built with multi-user environments in mind, delivering a workload rating up to 300TB/year. This can be used in connected home setups, small and medium offices, and larger businesses. The benefits of IronWolf drives are including RAID performance, dual-plane balance, rotational vibration (RV) sensors, advanced power management and error recovery control as well as Seagate’s unique IronWolf Health Management embedded analysis and recovery software and 2-year Seagate Rescue Data Recovery Services (included with IronWolf Pro, and optional with IronWolf). Business segments, government services and organiations will want to harness real-time data to deliver the absolute best product or service possible and nobody can afford a delay in processing information. The end-to-end use of data is disrupting every industry and segment in the world. Those that find a way to create value out of unstructured data, versus seeing data as a problem to deal with, will succeed. IronWolf also reliably makes larger workloads possible for creative professionals.

The Office of the Privacy Commissioner has inked a contract to store all applications and data on Microsoft Azure and Office 365 services. The deal was made, after a Privacy Impact Assessment found that Microsoft offered industry-leading data security, and better data security than the Privacy Commissioner can deliver for itself. "Our privacy impact assessment (PIA) explains the context for our move, the key privacy risks, and why we are satisfied that we can overcome those risks," a notice on the Commissioner's website said. Data will reside in Microsoft’s data centres in Sydney, with possible back-ups in Melbourne. "We are satisfied that the privacy laws in Australia provide an equivalent level of protection to New Zealand law," the Privacy Commissioner said. "Microsoft’s terms of service, along with local and overseas privacy regulations, will make sure that we have control over the data while we store it in Microsoft’s data centres. "Microsoft also undergoes regular independent audits of its compliance with international standards." The Privacy Commissioner said the deal provides access "state-of-the-art" support and security at a fraction of the cost of doing it in-house or through any onshore provider. "This means that our data is safer, and we have more resources to deploy for to other parts of our business," the Privacy Commissioner said. "Our move to an externally hosted environment is consistent with government policy to encourage the uptake of outsourced data storage and processing." 

The recent large quake up north was a timely reminder to all about being prepared. We all get constant reminders to ensure we have plans in place if the big one should hit. We have additional supplies of water, food, torch, etc and somewhere safe to go. What we also need to do is to make sure we are IT Quake Ready. This is in terms of Safety, Power, Communication & Backup. Safety: Your hardware is firmly mounted, so that it won’t topple and injure someone or damage the important hardware. Power: Protect critical hardware with UPSs (Uninterruptible Power Supplies). Have a Power Bank to recharge your phone. Communication: Have the modem/router on a UPS to continue Internet access.Know how to use your phone as a hotspot. Backup: Make sure you have in place a reliable, offsite backup system that is automated and monitored.

Protecting your customers from a Data Breach is a very real, very valid concern. With rapid implementation of the General Data Protection Regulation (GDPR) and Australia's new Notifiable Data Breach (NDB), companies across the world are having to react and adapt quickly, to secure their system from the risk of their customers data being exposed. New Zealanders are not immune from hefty fines, penalties and sanctions in failing to protect information of their customers and it is only a matter of time before New Zealand law follows suit, to enforce its own set of laws around the way data is handled. We will keep you updated as we learn more, however ensuring your systems and data are secure from hackers is an essential action with or without legislation.

Cover the cyber security basics - Patching, antivirus and a firewall Understand how security breach could affect your company - Data loss - Compromise sensitive customer information - Phishing and social engineering attacks - Denial of service - Blackmail - Identity theft Understand where the threats come from - Email, rogue sites, careless staff members Develop a Cyber Security Policy - identify risks related to cyber security - establish cyber security governance - develop policies, procedures and oversight processes - protect company networks and information - identify and address risks associated with remote access to client information and funds transfer requests - define and handle risks associated with vendors and other third parties - be able to detect unauthorised activity Reduce the risk from the Human Factor - Privilege abuse - Data mishandling - Unapproved hardware (devices, external drives) and software - Internet and email misuse Have a Recovery Plan - Develop a plan of what to do when there is a cyber attack Communication Plan - Understand what resources and actions you need to get the business productive again Keep your infrastructure up to date - Older hardware can be a significant risk as the support ends 

The name “WannaMine” is a coined term that refers to a malware family that uses the network spreading capabilities of WannaCry to deliver cryptomining malware rather than ransomware. Cryptomining is when crooks secretly get your computer to do the calculations needed to generate cryptocurrency, such as Bitcoin and then keep any cryptocoin proceeds for themselves. To make money with cryptomining it requires a lot of electricity to deliver the heavy processing power on lots of computers. By illegally installing cryptominers inside your network, the badguys steal your resources to do their work. If malware like WannaMine can penetrate your network, you are at serious risk of other malware at the same time, including ransomware. Don’t ignore WannaMine infections if they show up – where one crooks goes, others will surely follow.