CrowdStrike Issue Hits Windows Updates

Systems around the world have faced a major outage following an issue with CrowdStrike security software blocking recent Windows Updates.

Thousands of organisations including airports, hospitals, train networks and financial exchanges have experienced widespread system issues as of Friday 19th July 2024 – with international media reporting long travel delays and difficulties transacting payments.

The issue is currently believed to impact:

  • Windows environments running Crowdstrike cyber security software, which is blocking a recent Windows update, resulting in systems being unable to restart.
  • Certain Microsoft cloud-services with back-end dependencies on systems operating CrowdStrike.

Affected systems restart into the infamous ‘Blue Screen of Death’ (BSOD) upon unsuccessful update. Updating PCs via physical access is a major challenge for organisations with large scale sites or remote operations spread over a wide geographic area.

CrowdStrike / Windows Issue

Please note that Lineal Managed Services are not affected by the current worldwide CrowdStrike / Windows update issue affecting systems around the world. As of 0630hrs UTC, a manual workaround is available for Windows installations affected by this third-party software error, to manually remove the obstacle to a successful update.

If you or any part of your organisation has been affected by this issue, please contact our team via our [email protected] or 01271375999. If you know of anyone who may be affected, please ask them to get in touch for assistance.

A number of potential fixes are recommended, however some involve disabling the CrowdStrike agent, potentially leaving a further cyber security vulnerability:

  • Either booting Windows into Safe Mode or the Windows Recovery Environment, and manually deleting ‘C-00000291*.sys’ from the CrowdStrike Directory, rebooting the host normally.
  • OR Booting in Troubleshooting mode, and renaming CS.Agent.sys via Command Prompt.
  • OR For virtual machines – mounting discs elsewhere to change the file blocking successful update.
  • OR using Microsoft Intune / another patch management platform to block any updates likely to be faulty if not yet applied.

However, as already noted by a number of Lineal engineers – resolving the problem is likely to involve complications where organisations have Bitlocker encryption deployed to the Windows environment.

If you or any part of your organisation have been affected by this issue, please contact our team via our [email protected] or 01271375999. If you know of anyone who may be affected, please ask them to get in touch for help.


Apple Intelligence Announced

Confirming rumours circulating since April, Apple has unveiled Apple Intelligence, a groundbreaking personal intelligence system set to redefine user experiences on iPhone, iPad, and Mac.

However, unlike many well-known rivals, Apple Intelligence places much of the workload back on the user’s device in an effort to maximise trust. Ever privacy-focused, Apple’s innovative system integrates powerful generative models with personal context, providing highly relevant and useful intelligence without such a heavy reliance on data sharing with the cloud.

Apple Intelligence is anticipated to be seamlessly embedded into iOS 18, iPadOS 18, and macOS Sequoia, leveraging the power of Apple silicon to enhance language and image processing. It also introduces Private Cloud Compute, which dynamically balances computational loads between on-device processing and secure, server-based models, ensuring unmatched privacy and security.

– Advanced Writing Tools: Users can now rewrite, proofread, and summarize text across apps like Mail, Notes, and Pages. Features like Rewrite, Proofread, and Summarize help users craft perfect messages, emails, and documents with ease.
– Enhanced Mail and Notifications: Priority Messages and Smart Reply in Mail, along with Priority Notifications, keep users on top of important communications.
– Image Playground: This feature allows users to create fun and engaging images within apps like Messages, Notes, and more, using styles such as Animation, Illustration, or Sketch.
– Genmoji Creation: Users can generate unique Genmoji by typing descriptions, adding a new layer of expression to their communications.
– Enhanced Photos and Memorie: Improved search capabilities and the new Clean Up tool make managing photos and videos easier. Users can create personalized Memories with suggested music from Apple Music.

 

Apple’s longstanding Siri virtual assistant is to become more natural and contextually aware, now supports richer language understanding, on-device support, and new actions across Apple and third-party apps. ChatGPT is also being integrated into the Apple ecosystem, allowing users to leverage its expertise directly within iOS 18, iPadOS 18, and macOS Sequoia. Privacy protections ensure that user data remains secure, with ChatGPT’s capabilities enhancing Apple’s system-wide Writing Tools and image generation features.

Apple Intelligence will be available in beta with iOS 18, iPadOS 18, and macOS Sequoia this Autumn in U.S. English, expanding to more languages and features over the next year. It will be supported on devices with M1 chipsets, and newer.

 

For Apple advice and expertise, please contact our team today.


New iPads use 100% Recycled Aluminium

Apple’s have announced new iPads with some striking headline achievements, including lightning fast M4 processing and impressive environmental credentials.

In a ‘Let Loose’ event, the company debuted the new iPad Pro and iPad Air in different sizes, with some astonishing performance statistics and lower pricing for advanced features.

The new iPad models also boasts a significant environmental achievements – using 100% recycled aluminium, 100% recycled rare earth elements , tin and gold plating. Free of mercury and PVC, the packaging is also 100% fibre-based to minimise plastic waste.

 

 

We’ve written before about Apple’s ambitious plans for using recycled materials throughout its products – including heavy use of recycled cobalt, aluminium, tin, and gold across batteries, circuit boards and magnets by 2025.

The new M4 processor is thought to deliver up to 1.5x faster CPU performance over the M2 in previous generations, and supports an Ultra Retina XDR OLED display, which Apple claims is the world’s most advanced – aimed squarely at artists and other creatives in line with the release of a new Apple Pencil Pro model containing a gyroscope, that can even simulate the delicate twist of a paintbrush.

Each new iPad version will be available to purchase from the 15th May.

For Apple advice and expertise, please contact our team today.


Apple AI Rumours Spread

Rumours of an Apple AI product have spread rapidly following release of four small language models to developers.

Open source and free to use, ‘Open-source Efficient Language Models’ or ‘OpenELM’ are a set of efficient text generation models available for Apple developers to begin experimenting. So far, the low-key release online without major fanfare has prompted only a handful of downloads.

Unlike Microsoft, Google and Facebook, many believe Apple are working on ‘on-device AI’ models that would not involve sharing large quantities of data with cloud-based platforms – a major step for the future of more privacy-focused AI. With a 3-billion parameter option available, it’s possible Apple may be quietly preparing something every bit as capable as Google Gemini, albeit behind the scenes.

In February, Apple’s CEO Tim Cook revealed that AI features are planned for future mac releases, but did not give further details, and has so far not released general purpose models for commercial use.

This has led to intense speculation that Apple are considering heading in a slightly different direction to the rest of big tech – perhaps keen to differentiate themselves in key areas.

However, Apple have already launched machine learning frameworks that hint at AI models running on M-series chipsets, an image editing model, and a UI-based model that would allow an AI to navigate a smartphone or tablet.

All this leaves Apple fans waiting until at least the Apple Worldwide Developers Conference in June, or other annual announcements during September, to see what’s waiting behind the scenes.

 

For IT Support and expertise, please contact our team today.


Spring Clean Your Device!

As the season changes, it’s the perfect time to give your digital devices a much-needed spring cleaning. Follow these simple steps to declutter, optimise, and give your PC or Mac a new lease of life:

To help keep your physical hardware in good condition:

  • Dust and Clean the Exterior/Air vents: Start your device’s spring cleaning by gently wiping down the exterior surfaces with a soft, dry microfibre cloth. Pay attention to vents, ports, and fan openings, where dust tends to accumulate or impact electronic connections. Use a can of compressed air to blow out any stubborn dust particles from these areas. Inspect the air vents and fan openings on your device for dust buildup. Use a can of compressed air to blow out any dust or debris, taking care not to damage any internal components. Keeping these vents clear ensures proper airflow and prevents overheating.
  • Inspect Cables and Connections: Check all cables and connections for signs of wear or damage, such as fraying or exposed wires. Replace any damaged cables to prevent electrical hazards and ensure reliable connectivity.
  • Clean the Monitor or Screen: Use a microfibre cloth slightly dampened with water or a mild screen cleaner to gently wipe the monitor or screen. Avoid using harsh chemicals or abrasive materials, as they can damage the screen. For stubborn smudges or stains, use a screen-specific cleaning solution applied to the cloth, not directly on the screen.
  • Keyboard and Mouse Care: Remove any dust and debris from your keyboard and mouse using a can of compressed air or a soft brush. For deeper cleaning, consider removing the keycaps from your keyboard and using a damp cloth to wipe them down. Be sure to let them dry completely before reattaching.
  • Elevate and Ventilate: Consider placing your PC or Mac on a raised platform or stand to improve airflow and ventilation. This helps prevent overheating and can help prolong the lifespan of your device’s components.
  • Internal Cleaning (Advanced): If you’re comfortable with it, you can open up your desktop computer or Mac tower to clean out any dust or debris that may have accumulated inside. Use a can of compressed air to blow out dust from components such as the CPU fan, GPU, and power supply. Be sure to follow proper safety precautions and consult your device’s user manual or manufacturer’s guidelines – and if you’re unsure, please contact Lineal’s hardware Workshop.

It’s also a good idea to clean your computer’s operating system occasionally with some regular electronic tidying:

  • Declutter Your Desktop: Start by tidying up your desktop. Remove any unnecessary files, shortcuts, or folders that have accumulated over time. Consider organising the remaining items into folders to keep your desktop clean and clutter-free.
  • Clean Up Your Hard Drive: Take some time to clear out unnecessary files and free up space on your hard drive. Use a disk cleanup tool on Windows or the Storage Management tool on Mac to identify and delete large or unused files, temporary files, and system junk.
  • Uninstall Unused Programs: Go through your list of installed programs and uninstall any that you no longer use or need. This will not only free up storage space but also improve system performance by reducing the load on your computer’s resources, as well as act as a good security precaution.
  • Update Software and Drivers: Ensure that your operating system, software applications, and device drivers are up to date. Check for updates through the settings or preferences menu on your PC or Mac, and install any available updates to improve performance, security, and compatibility.
  • Organize Your Files and Folders: Take the time to organize your files and folders in a logical manner. Create separate folders for different types of files (e.g., documents, photos, music) and use descriptive file names to make it easier to find what you need later.
  • Clean Your Keyboard and Mouse: Dust and debris can accumulate on your keyboard and mouse over time, affecting their performance and longevity. Use a can of compressed air or a soft brush to gently remove dust and debris from between the keys and around the buttons.
  • Backup Your Data: Don’t forget to back up your important files and documents regularly. Use an external hard drive, cloud storage service, or backup software to create a copy of your data in case of unexpected hardware failures or data loss.

By following these physical care tips, you can ensure that your PC or Mac not only performs optimally but also looks and feels like new for years to come.

 


Cyber Lessons from the British Library

The British Library has published its lessons learned from the devastating cyber attack that struck in October 2023.

In an eighteen-page report which shows an impressive commitment to transparency, but makes for painful reading, the organisation details how it was compromised by the Rhysida ransomware group during a traumatic timeline of events. In a subsequent press release, the Library also states it hopes other institutions will learn from its findings in the wake of a ‘deeply damaging criminal attack.’

Unfortunately, the report makes clear that in response to tighter security standards, the organisation ceased to be Cyber Essentials Plus certified in 2022, pending replacement of some older systems. In section six, sixteen ‘lessons learned’ form the basis of its future plans and guidance to other organisations:

  • Enhance network monitoring capabilities
  • Retain on-call external security expertise
  • Fully implement multi-factor authentication: Multi-factor authentication needs to be in place on all internet-facing endpoints, regardless of any technical difficulties in doing so.
  • Enhance intrusion response processes
  • Implement network segmentation
  • Practice comprehensive business continuity plans
  • Maintain a holistic overview of cyber-risk
  • Manage systems lifecycles to eliminate legacy technology
  • Prioritise remediation of issues arising from legacy technology
  • Prioritise recovery alongside security
  • Cyber-risk awareness and expertise at senior level
  • Regularly train all staff in evolving risks
  • Proactively manage staff and user wellbeing
  • Review acceptable personal use of IT
  • Collaborate with sector peers
  • Implement Government standards, review and audit policies and processes regularly

The exact origin of the hack – which took Library systems offline for months – is unconfirmed, in part due to the scale of the destruction. However the Library’s independent security investigators believe the original breach was caused by either a spear-phishing, brute force or other credential compromise. This allowed hackers access to a remote session on a terminal server that was not yet subject to Multi-Factor Authentication for a user to login.

From there, around 600GB of data (or half a million documents) were exfiltrated, with searches for sensitively-named content such as ‘passport’ and ‘confidential’. Backup copies of twenty-two databases were also made, and removed from the network. Ransomware was also deployed, and the encrypted data used for attempted extortion.

At several points Rhysida are believed to have made their own actions difficult to track – deleting log files and destroying servers to prevent a swift recovery. In a classic ‘double-extortion’ the group also leaked employee and customer data for auction on the dark web in November, with a starting value of 20 Btc (then approximately £600,000). The British Library insists that in line with guidance given by the National Cyber Security Centre, no attempt was made to communicate with the attackers, nor any ransom paid.

The Rhysida ransomware group are also reported to, or have claimed responsibility for, hacks carried out in Chile, Portugal, Kuwait and the United States in the latter half of 2023. Cyber security professionals believe the hackers are Russian-speaking, although evidence is limited.

Lengthy and costly, the cleanup effort has clearly been difficult. The report details that the Library convened Gold and Silver level crisis-management committees, with both private sector and UK state cyber security assistance – although senior staff at the BL were at one point forced to communicate via an emergency WhatsApp call in the absence of official systems. The Library’s main catalogue, containing more than 36-million records, only returned online in ‘read-only’ format in January, and the report states ‘Many staff have been unable to perform significant parts of their roles’ (for more than 3 months.)

The Financial Times have speculated that the recovery costs may eventually total over £7m, which would represent around 40% of the institution’s known financial reserves, although the Library’s Chief Executive, Sir Roly Keating, told the BBC it was too early to calculate the true value.

 

For cyber security expertise and assistance, please contact our team today.


Lenovo Previews Transparent Laptop

Lenovo have teased a futuristic prototype of a laptop with a transparent display.

The Thinkbook Transparent Display is a 17.3-inch laptop with a MicroLED display that appears (almost) clear when unlit. This creates the effect of near-transparency when using dark mode apps, while a white, full-brightness display remains opaque.

In practice the display has no bezel, and is currently only 720p, which would now feel a little basic compared to most modern laptops. Like most devices, the top of the base contains most of the components, with the keyboard being a projection.

Lenovo has form for unusual laptop concepts – being among the first to experiment with rollable displays, touch keyboards, dual-displays and other unusual variants – as well as a prototype transparent smartphone.

While technologically impressive, it’s not entirely clear what practical applications transparent displays have for this form factor. Lenovo argue this is another kind of augmented reality, with the user able to look behind the screen or visually check design work against the real world, although laptops usually rest on a surface while being used.

The first transparent laptops appeared more than a decade ago from Samsung, and LG plan the release of an OLED transparent TV for 2024, although Lenovo’s attempt is one of the most impressive to date.

For now the transparent ThinkBook is a mostly just an advert for Lenovo’s more conventional laptops, but Lenovo acknowledges one major strength: a screen which “seamlessly blends and harmonises with its surroundings.” Or, to put it another way, perhaps one day all our giant screens will be a little less… in the way.


Lockbit Taken Offline By National Crime Agency

Ransomware provider LockBit has been taken offline by a joint operation involving law enforcement agencies from eleven countries.

As of the 20th February, a banner on LockBit’s website declares that the site is now under the control of the UK’s National Crime Agency, part of a coordinated operation to take down the group’s ‘command and control’ infrastructure.

Authorities from the NCA, the FBI, Europol and others from around the world swooped on a number of individuals believed to be involved with Lockbit – making arrests in Poland, Ukraine, and in the United States. Two further named individuals are believed to be Russian nationals.

The combined operation (‘Operation Cronos’) also froze more than two hundred cryptocurrency accounts, took down 34 servers and closed 14,000 rogue accounts.

operation cronos banner from lockbit's website

LockBit made headlines as one of the world’s most successful ‘Ransomware-as-a-service’ providers: offering a toolkit any would-be cyber criminal could use to launch their own cyber extortion operation, demanding more than $120m in ransoms for unlocking encrypted data.

The group behind LockBit, which first emerged on Russian forums in 2020, did not respond to Reuters following requests for comment, but published messages on an encrypted messaging app stating it has backup servers not yet ‘touched’ by law enforcement. Investigations by police in numerous countries also revealed copies of stolen data the group claimed to have deleted after negotiating ransom payments.

More than 1,700 organisations are believed to have been compromised by LockBit, many of which are now listed online – and include Royal Mail, the NHS, Boeing and ICBC, China’s largest bank, among many others.

Decryption tools have so far been released to victims of LockBit in 37 languages, as part of the ‘No More Ransom’ project, with UK authorities pledging to reach out to organisations affected by the ransomware.

 

For Cyber Security expertise and assistance, please contact our team today.


Lineal Launches Trust Centre

We’ve launched a new online Trust Centre aimed at demonstrating Lineal’s commitment to Cyber Security and data privacy.

We take our role as your trusted IT provider extremely seriously, and we hope the trust centre will show what we’re doing to maintain the highest of industry standards.

Available online to anyone at any time, our trust centre acts as a transparent dashboard showing our current compliance standards, risk profile and cyber security best practices. In addition to reviewing our key policies, we’ve detailed what we do to keep staff, data and systems safe – across numerous areas including endpoint protection, network security, backup, infrastructure, app and information control.

Our intention is that the trust centre gives our customers confidence in our dedication to good cyber hygiene, and acts as a useful reference resource when our clients are dealing with 3rd-party supply-chain assurances, industry frameworks and insurance providers.

Furthermore, we hope that a detailed overview of the cyber security strategy employed by Lineal acts as a model for others, and a useful template for the kind of organisational transition our own team can help your organisation pursue successfully.

Those measures are backed by important standards: Lineal is an ISO 9001 & 27001 accredited organisation, Cyber Essentials and Cyber Essentials Plus Certified – with reviews of our status undertaken by Cybersmart, Microsoft, Alcumus and Huntress.

 

For Cyber Security expertise and support, please contact our team today.


Google & Yahoo Tighten Email Rules: What to Expect

Major email providers including Google, Yahoo and AOL are set to tighten rules on incoming email – making accounts more secure against SPAM and demanding more of bulk senders who want to see their emails delivered.

Google and Yahoo alone represent more than two billion email accounts, many of them belonging to individual consumers for personal use. Estimates suggest around 70% of these have no protection against domain spoofing.

Until recently, even many basic security protocols such as SPF (checking whether email header and ‘sent from’ address match) were not enforced on major email platforms such as gmail – allowing fraudulent emails to unsuspecting users. This made phishing emails easier to circulate, harder to detect, and has been recognised as one of the biggest enablers for cyber security attacks.

DKIM – a protocol that signs both the real domain and email with a cryptographic signature that email clients can cross-reference for authenticity – is also often absent, with email providers increasingly looking to demand better standards from email senders.

From February 2024, bulk email senders must adhere to the following requirements outlined by Google and Yahoo:

 

New Sender Rules

SPF & DKIM Enforced – Business and organisations that need their emails to be delivered safely will have to add SPF & DKIM settings to their domains and mail servers that verify whether emails purporting to be from them are genuine, and have not been tampered with. Without checks in place, Gmail and Yahoo may reject those emails altogether.

Easy Unsubscription – bulk emails must offer ‘one-click’ unsubscribe options for recipients, making it easy for email recipients to opt-out of repeated unwanted messages, and keep clutter under control.

DMARC, the most challenging of the requirements, will be enforced for bulk email senders sending more than 5,000 emails per day, aimed at preventing rapid phishing scams and other mass attempts at fraudulent communications.

 

For those communicating with the public, the changes are likely to prove crucial, and IT managers need to prepare carefully to ensure their emails continue to be trusted.

 

For Cyber Security assistance and expertise, please contact our team today.


Supporting Digital Skills in the South West

Two of Lineal’s youngest team members recently featured in an exciting video project aimed at introducing young people to careers in technology.

The Digital Skills Series is a joint project by Devon County Council & the Heart of the South West LEP which interviews ‘Digital Pioneers’ among some of the South West’s most innovative tech companies, and aims to get Key Stage 3 students interested in the amazing opportunities that are available in the digital sector.

It is hoped that the scheme will help promote apprenticeships, degree apprenticeships, work experience and other kinds of placement that help promote much-needed technical skills in the sector.

 

One recent survey of tech companies in the South West suggested more than half of businesses struggle to find recruits for technical roles, and that the region needs to do more to work with schools, local and central government to overcome the skills shortage.

Lineal have supported apprenticeships for over a decade, and are featuring in this video project for the second time in recent years. The short video-interviews will be shown to school children across the area as part of a series, and we hope it will help inspire the next generation of digital pioneers.

Our thanks to Alex, Harry, and Ocean City Media for their hard work towards this fantastic educational project. You can learn more about the Digital Skills Series here: https://skillslaunchpad.org.uk/ks3digital/digital-pioneers/

 

For IT support and expertise, please contact our team here.


The Future of Windows?

Microsoft have previewed a new ‘Windows App’, designed to be a centralised hub for hosted Windows desktops.

Currently in preview, the new Windows app is compatible with iOS, macOS, iPadOS, and web browsers, and offers the streaming of multiple Microsoft services via Windows 365, Azure Virtual Desktop, Microsoft Dev Box, and other Remote Desktop Services.

The app also facilitates multiple monitors, custom display resolutions and scaling, as well as device redirection for peripherals such as webcams, storage devices, and printers.

Hinting at a future where Microsoft seeks out new customers independent of their hardware, more like Google’s ChromeOS, the Windows App indicates a push by Microsoft to establish the operating system as a standalone cloud-based service in its own right.

The team responsible – a new ‘Windows and Web Experiences’ Team – have also been tasked with a number of related cloud-centric features, including dynamic search interface, a widgets system, and of course, Copilot AI integration.

For now however, the Windows app exclusively caters to Microsoft’s business accounts, omitting consumer accounts. Despite this there are indications that this may change soon: the app includes a sign-in prompt for personal Microsoft accounts, although this feature remains non-functional.


Ransomware Case File 2023

Each year new cyber threats appear to circulate online, and 2023 has certainly been no exception. For cyber criminals, it’s business as usual… right?

Not quite. Over time certain new patterns emerge that are important for cyber security researchers to identify, and these can help protect businesses and organisations in the future. So what can we learn from this year’s crop of nasty ransomware strains?

 

Akira

akira ransomware

First spotted around April 2023, Akira ransomware appears to be one of the better-organised criminal efforts to extract payments from victims.

Suitable for multiple operating systems and sporting a green-and-black ransom note aesthetic Sophos describes as ‘Retro’, Akira is a professional effort that should give pause for thought.

Disabling many security settings to give itself more lateral movement on systems, the infection also tries to destroy backups to hinder the user, and has a ransom note written in (relatively) good quality English with a host of supporting infrastructure to help the hacker leverage a bigger payout.

The threat actor(s) behind Akira were known to exploit an existing VPN vulnerability to spread the ransomware, but had used stolen credentials purchased online from third-party data breaches to get started – in what has become a common pattern of low level breaches by third-parties supplying the more serious cyber crime via online black markets.

 

MedusaLocker

medusalocker ransomware

Originating back in 2019, this nasty ransomware has been through a string of variants with the most recent strain popping up in September 2023 to hit a major European health organisation.

MedusaLocker is an example of ‘Ransomware-as-a-Service’ – anybody can purchase and launch their own version, with a typical ransom being around $12,000. Like legal software companies, the developers behind Medusa even offer their customers a Support Helpdesk!

More recent variants have moved over to ‘double-extortion’ style attacks, where the hacker not only compromises the data, but threatens to leak a copy online, which is more likely to compel healthcare and public-sector organisations holding very private information on behalf of the public to pay the ransom demand.

 

Black Hunt

blackhunt ransomware

Targeting Windows environments, this ransomware looks relatively traditional, but may show the shape of things to come.

It can be spread both by email and via drive-by downloads on malicious websites that purport to give away free software or content, and for a special trick, immediately tries to terminate other processes on the user’s machine to speed up how quickly it can corrupt data – getting ahead of efforts to slow it down.

Curiously the ransomware searches for a specific text file called ‘Vaccine.txt’, which is likely a safety mechanism used by the original developers to protect their own systems against the dangerous infection.

The Group behind Black Hunt also use a tactic becoming increasingly popular among cyber criminals – publicly naming their victims in a perverse online ‘Hall of Fame’ – as a warning to others.

 

Our Verdict:

Keeping your data, staff and systems safe from ever-evolving ransomware infections means instilling good cyber-hygiene among your organisation, backed by a cyber security strategy that covers a range of areas including; endpoint protection, identify security, perimeter defence and user awareness training among others. Learn more here. 

 

For Cyber Security Expertise and Support, please contact our team today.


The Secure Email Standard

The NHS have updated their ‘secure email standard’ which other organisations are expected to follow.

First published in 2016, the minimum standards for email security are designed to protect NHS staff and systems against supply-chain attacks caused by weaknesses in the cyber security of third-parties.

The standard anticipates that one of the biggest risks to the NHS originates with the rest of us: outside organisations, who need to be trusted not to put the health service in danger via email compromise.

There are two ways to meet the NHS secure email standard:

1. Implement an existing compliant service such as NHSmail, Microsoft 365 or Google Workspace [and follow configuration guidelines for that service.]

2. Demonstrate your own [email] service is compliant with the secure email standard by following the NHS secure email accreditation process.

For those using the biggest platforms – NHSmail, Microsoft 365 or Google Workspace, the to-do list of requirements are simpler and include such steps as ensuring there is a process for notifying the NHS if you have been breached, policies and procedures for using mobile devices, risk assessment, documented policies and universal use within the organisation.

There are also a set of specific configuration settings which the NHS has documented for Microsoft 365 and Google Workspace, which you can learn more about here.

For organisations operating their own mail servers or other email systems, the requirements are more extensive, and require the organisation to manually achieve DCB1596 certification with documented evidence that their setup meets the NHS Secure Email Standard. This applies to organisations hosting their own Exchange, hybrid configurations, and other lesser-known business email platforms.

 

For cyber security assistance and support, please contact our team today.


Windows Server 2012 reaches End of Life: What It Means for Businesses

Windows Server 2012 and R2, will officially reach its end of life on Tuesday 10th October 2023.

Scary. End of life (EOL) means that Microsoft will no longer provide updates, patches, or security fixes for Windows Server 2012 R2. This termination of support poses several challenges and risks to businesses that continue to use this platform past the EOL date.

We explore the ramifications of this for your business and examine how Lineal can play a role in shaping the future of your server infrastructure.

So, what are the issues now facing clients?

Security Risks: Without regular security updates, Windows Server 2012 becomes vulnerable to new and evolving cyber threats. Hackers often target systems running on unsupported software, as they are more likely to find unpatched vulnerabilities to grant unauthorised access to company data. Using server hardware outside of its product lifecycle hinders the ability to detect and respond to security incidents in real-time, increasing the window of vulnerability to cyber threats.

Compliance Issues: Many industries and regulatory bodies require businesses to maintain up-to-date and secure systems. Using an unsupported operating system like Windows Server 2012 can lead to compliance violations under Cyber Essentials and ISO Accreditations. 

How can Lineal resolve them?

  1. Upgrade to a Supported Server: The most straightforward option is to upgrade to a newer and supported Windows Server operating system. Windows Server 2019 or the latest version 2023 offers enhanced security, performance improvements all supported by our technical expert team.
  2. Migrate to the Cloud: Many of our clients are adopting cloud solutions like Microsoft Azure. These offers scalable, secure, and managed server solutions that eliminate the need for on-premises hardware alongside reducing the burden of server maintenance costs through pay-as-you-go and reservations payment models.
  3. Virtualisation: If a full server upgrade is not feasible immediately, consider virtualisation solutions like VMware. These allow you to run Windows Server 2012 in a controlled and isolated environment while planning your migration strategy meaning each virtual server can run its own operating systems independently.

The end of life of Windows Server 2012 signifies the importance of staying current with technology to ensure security, compliance, and compatibility. Our team is ready to assist your business in transitioning away to a more appropriate solution for securing your company’s data.


Copilot is Here

Microsoft Copilot will release to users worldwide from 26th September 2023.

The flagship natural language AI tool that previewed back in March of this year brings ChatGPT functions to a whole range of Microsoft productions including your favourite Microsoft 365 apps, Azure, Bing and into Windows itself.

At a colourful launch event in New York, Microsoft CEO Satya Nadella debuted the official release of Copilot and demonstrated ways AI can revolutionise everyday tasks – whether that be writing emails, interpreting or generating images, transcribing handwriting into maths, or intelligently answering questions.

 

Copilot assistance aims to make Microsoft 365 apps including Teams, Word, Excel and more increasingly powerful – with users able to simply request complex data handling tasks rather than manipulating the data manually themselves. For more creative work, Copilot can also generate visual results within longstanding Microsoft apps like Paint.

This presents some fascinating opportunities for companies using the Microsoft 365 suite – common tasks such as ‘Re-write this email more professionally’, ‘Summarise this meeting’ and ‘Make me a set of PowerPoint slides based on this document’ would all be achievable within a few seconds.

Features from the Bing public preview have also made it into the release version – with users able to choose ‘More Creative’ ‘More Balanced’ and ‘More Precise’ language options to give the AI’s output a different tone, and draw on the wider web-based dataset that is previously unknown to the user.

For example, in another impressive example of Copilot using web and user data intelligently, an American user uploads a photo of a UK plug adaptor and asks ‘Will this work in London?’ Copilot is not only able to check based on an understanding of the image, but understands what the user means by ‘work’ and is able to confirm that the plug is the correct choice.

Some interesting guard rails have also been rolled in – Microsoft have previously stated that a firebreak exists between user data and the web dataset used to train the AI, but Copilot can use both to respond to prompts. Images created using the next version of DALL.E will also be crytographically signed as ‘Created by AI’, effectively signing the content as AI-generated.

 

Copilot will soon begin appearing to most users on the Windows toolbar – coinciding with the new upgrade of Windows 11 that is due on 26th September. Within Microsoft 365, Copilot Chat functions will begin appearing in app updates for Enterprise licence customers from 1st November 2023.

 

For Microsoft expertise and support, please contact our team today.


Farewell WordPad

Microsoft have announced the end of WordPad – declaring that the word-processing app will be removed from future versions of Windows.

The difficult middle-child of Microsoft’s three main word-processing apps was originally released for Windows 95, and always sat a little uncomfortably between Microsoft Word (which has remained a heavyweight of the word processing scene) and Notepad (a stripped back, plain-text editor.)

Able to edit rich text for free, but with many features missing, WordPad was beloved by students, techies and other irregular writers who either didn’t have, or couldn’t afford, a licence for Microsoft Word.

The app was offered for free with each new release of Windows as a kind of ‘teaser’ for Word itself – but didn’t support many important features such as footnotes, subscript, tables, numbered lists, indentation and other typesetting options needed for more formal work. For more than decade, it remained many people’s only way to open a Word document, and gave digital access on millions of lower-specification machines across the developing world.

But WordPad itself has not been updated since the ill-fated Windows 8, way back in 2012, and still looks somewhat reminiscent of Office 2007 a decade later. There are also more alternatives in 2023 – with Microsoft Word more affordable than ever as part of Microsoft 365 (both on the web and on the desktop), Google Docs chasing the education market, and free alternatives like Libre Office and Open Office winning over casual users.

Farewell WordPad!


GCHQ Tipping Off Ransomware Targets

British intelligence services are actively providing advance warnings to potential ransomware targets in order to thwart impending cyber attacks. On average, every seventy-two hours for the last three months, a team of cyber security experts within GCHQ has been identifying the initial stages of new ransomware attacks targeting British entities, alerting intended victims and preventing attacks from being carried out.

An innovative system known as ‘Early Warning’, overseen by the National Cyber Security Centre (NCSC), is already believed to have thwarted major attacks, and draws on a range of unknown information sources including exclusive intelligence community feeds, public data, commercial inputs, and proprietary resources not available to the public.

This proactive approach, disclosed by several unnamed sources who spoke to Recorded Future News on the condition of anonymity, demonstrates the potential to curtail a significant number of successful cyber breaches. However, it has been noted by insiders that broader participation from organisations is needed to fully capitalise on the benefits of this system.

Currently, the scheme still has its challenges. Only a small fraction of organisations receive alerts – and it is estimated only 2% of those alerted act on the potential threat.

Ironically, a spokesperson from NCSC acknowledged the difficulties faced, stating, “We often struggle to find the correct contact information, or the person believes they’re speaking to a scammer.” The agency has taken steps to provide guidance on distinguishing official communications from criminal attempts to extract money or sensitive data.

In some cases, the delay in notifying potential victims has been so substantial that by the time NCSC establishes contact with the relevant parties, the ransomware attack has already been unleashed.

However, GCHQ clearly has big plans for developing the scheme further, and is encouraging organisations to sign up for Early Warning. As of the close of 2022, a mere 7,819 organisations had registered for the original service, but the NCSC’s annual report reveals that the system alerted over 5,900 user organisations about threats, more than 2,200 about vulnerabilities on their networks, and 56 received early alerts about ransomware attacks.

 

Learn more about Early Warning here, or speak to our Cyber Security team today.


Vodafone and Three Announce Merger

Vodafone and the owner of Three UK have announced their intention to form the largest mobile phone operator in the UK. The companies intend to merge their operations based in the UK, resulting in a combined customer base of approximately 27 million.

However, the deal is still pending approval from regulators, and the Competition and Markets Authority will assess the advantages and disadvantages for consumers.

There is widespread expectation that the two companies would pool their available resources, with Three and Vodafone customers benefitting from wider coverage, particularly 5G availability.

With approval pending, both Vodafone and Three are promoting the idea that the merger helps, rather than reduces, competition – creating a third provider with big enough scale to complete with the UK’s two biggest providers, EE and O2.

vodafone and three merger microsite

The two providers have launched a joint micro-site supporting their bid.

 

Margherita Della Valle, Vodafone Group Chief Executive, said: “The merger is great for customers, great for the country and great for competition. It’s transformative as it will create a best-in-class – indeed best in Europe – 5G network, offering customers a superior experience.

Canning Fok, Group Co-Managing Director of CK Hutchison said: “Together, we will have the scale needed to deliver a best-in-class 5G network for the UK, transforming mobile services for our customers and opening up new opportunities for businesses across the length and breadth of the UK.

Upon completion of the Vodafone and Three merger, their combined market share will surpass that of EE and Virgin Media O2. While Virgin Media O2 currently serves around 24 million mobile customers, EE, which is owned by BT Group, has 20 million users. Vodafone and Three UK currently occupy the positions of the third and fourth largest mobile companies in the UK.

Under the terms of the merger, Vodafone will hold a 51% stake in the new company, with CK Hutchison, the owner of Three UK, retaining the remaining share. Vodafone and Three have assured customers that they can expect an enhanced network experience with improved coverage and reliability, without incurring any additional costs from the outset. Furthermore, the companies have committed to investing £11 billion in the development of 5G technology in the UK over the next decade.

Vodafone and CK Hutchison initially confirmed their merger discussions in the UK in October of last year. In May, Vodafone acknowledged the company’s underperformance and announced plans to reduce its workforce by 11,000 employees.

 


macOS Sonoma Announced

Apple has announced the next major operating system release – macOS Sonoma – at WWDC 2023.

Apple’s most advanced operating system yet brings new personalisation features via integrated desktop widgets, stunning screensavers, increased iPhone connectivity, improvements to Safari, smart video conferencing, enhanced accessibility features and a new focus on an optimised gaming experience.

 

The annual developer conference is Apple’s opportunity to pitch a plethora of new hardware – including M2 Ultra chipsets, new Mac Studio, MacBook and updated Mac Pro models – and feature-enhancements to flagship operating systems including MacOS Sonoma, iPadOS 17, and WatchOS 10.

However, there is also an announcement on end of support on legacy hardware dating earlier than 2017 – which given the remarkable longevity of many Apple devices, is likely to affect a large number of users:

The affected operating systems include:

– iOS 11 to iOS 11.2.6

– macOS High Sierra 10.13 to macOS 10.13.3

– watchOS 4 to watchOS 4.2.3

– tvOS 11 to tvOS 11.2.6

You can read more about the features of the newest system release here.


End of an Era for Windows Server 2012

Windows Server 2012 and Server 2012 R2 will be declared end of life (EOL) as of 10th October 2023, after which the operating system will receive no new security updates.

This leaves organisations using Server 2012 with several options:

– Re-license and migrate to a newer operating system if hardware supports it.
– Migrate those server workloads into a cloud platform like Microsoft Azure.
– Replace those server workloads with web-based applications.
– Purchase new server hardware with a supported operating system.
– Purchase specialist Extended Security Updates (ESUs) until 2026.

Which option to choose depends on where a business is their replacement/hardware lifecycle, budgets and changing workplace requirements. For some, a move to a newer version of Windows Server (2016, 2019 or 2022) is still possible, but this isn’t the only option. Don’t forget to check out Lineal’s handy flow chart on what to do when faced with the choice of replacing a server.

How and when to replace servers is a complex question, and businesses increasingly have far more cloud-based and software-as-a-service (SaS) choices available than a decade ago. Bundled services like Microsoft 365 have increasingly replaced the on-premises Exchange server, the file server and more for many small organisations – making the heavy capital investment for a server impractical. In the face of increasing hardware and energy costs, running on onsite server also looks increasingly expensive.

In some ways the end of Server 2012 represents the end of an era – in 2012, server sales were just beginning to recover from the financial crash. A decade on, both PC and small volume server sales look bumpy, while the largest server manufacturers appear to be focusing ever more sales attention on the data centre market – where there is growing appetite for enterprise hardware driven partly by the hosting and increasing consumption of those same cloud services.

For many small businesses in particular, a Server 2012 box may have turned out to be the last on-premises server they would ever purchase.

 

For Technical support and expertise, please contact our team today.


New Microsoft Teams Launches

Microsoft has announced a new Teams experience for Windows, replacing the existing version with a faster, cleaner Teams app.

The new version seeks to dramatically improve user experience, introduces powerful-AI based tools to more users, and addresses performance issues that have crept into Teams since the platform’s astonishing success during the Covid-19 pandemic – which saw rapid adoption by organisations around the world and an explosion of new features.

Microsoft estimates the new communication and collaboration app is now twice as fast, but uses approximately 50% less system memory, completing initial loading in under 10 seconds compared to over 20 seconds in ‘Classic’ Teams in independent benchmarked testing.

Part of that extra speed – in loading, scrolling and searching – has been achieved by tidying many of the extra controls that have been added to teams, simplifying the design for a ‘cleaner’ viewing window. Users who need access to multiple accounts will also find it easier to switch between work environments.

Microsoft are also highlighting the extensive integration of ChatGPT AI tools in the form of Copilot – which debuted for Microsoft 365 a few weeks ago. Within Teams, AI assistance will be able to summarise meetings, write chat or documents on your behalf, and answering questions mid-discussion flow.

new microsoft teams for windows

While we’re not quite convinced about 3D avatars (!) the new Teams can highlight when individuals were speaking, automatically break long meetings into key ‘chapters’ for video review, redesigns Teams channels to feel more like the gathering point they’re intended to be, and use AI mid-chat in a way that has untold potential.

Overall the new design is more visually impressive, with customisation options that are available in public preview now, and available to Microsoft 365 users later in 2023.

 

For Microsoft 365 Expertise and support, please contact our team today.

 


3CX Hit by SmoothOperator

3CX, one of the world’s best known telephony applications, has been rocked by a devastating supply-chain attack that is infecting end-users.

The breach, designated ‘SmoothOperator’ is believed to affect both the 3CX Desktop app and PMA, 3CX’s recommended replacement. Once the trojanised payload is delivered to the 3CX end-user, it interacts with popular web browsers such as Chrome, Edge, Firefox and Brave – likely in an attempt to steal user data, including browser history, down the line.

In a video released earlier today – SentinelOne demonstrated the forensic detection of SmoothOperator which has risen dramatically in recent days. A sample of how the powerful endpoint security software blocks the threat can be seen in the video below.

Security analysts are rumoured to have discovered links to Labyrinth Collima, a North Korean Lazarus Group offshoot from Bureau 121 of the DPRK’s ‘Reconnaissance General Bureau.’ 3CX is believed to be in use by more than 12 million daily users around the world, among more than 600,000 organisations.

Managed detection and response specialists Huntress have published a wide-ranging report on the breach with a difficult verdict for organisations using 3CX:

“We anticipate that 3CX will not complete a root cause analysis of this incident for some time, and users should look for alternative telephony mechanisms for the foreseeable future.”

 

Remediation: organisations using 3CX are advised to…

1. Enforce mandatory password resets for all users.
2. Reset passwords for any web-based accounts which might have suffered credential harvesting via the user’s browser, and have multi-factor authentication (MFA) enabled for those accounts.
3. Invalidate any persistence tokens used for Microsoft 365, Google Workspace and other accounts that might allow automatic login without MFA.
4. Enable high security risk conditional access if using Microsoft Azure.

 

For Cyber Security expertise and assistance, please contact our team today.


What is the 3-2-1 Backup Rule?

Backups are essential to ensure business continuity and protect against of data loss, system failures, or cyber attacks – and IT experts often reference the fabled ‘3-2-1’ rule when organising backups into an effective strategy.

The 3-2-1 backup rule states that businesses should have at least three copies of their data, stored on at least two different storage devices, with at least one copy being stored offsite:

 

1. Three Copies of Data
The first part of the 3-2-1 rule states that businesses should keep at least three copies of their data. This means that there should be two backup copies of the original data. Having multiple copies of data ensures that in case of data loss or corruption, and dramatically cuts the risk of complete data loss. As long as there’s at least one remaining backup copy, even giant corporations can always restore their data in a dire emergency.

 

2. Two Storage Mediums
The second part of the 3-2-1 rule states that the data should be stored on at least two different storage devices. This means that businesses should not rely on a single storage device, such as an external hard drive or a cloud server, for their backups. Storing backups on at least two different devices ensures that if one device fails, there is always a backup available from a separate source.

It’s worth noting that this principle also needs to extend to cloud-based environments: where organisations use Microsoft 365 or Google Workspace as their primary platform, secondary backups of that data needs to exist independent of that public cloud.

 

3. One Copy Offsite
The third and final part of the 3-2-1 rule states that businesses should keep at least one copy of their data offsite; ideally more! This means that the backup should not be stored in the same location as the original data or the other backup copies. This ensures that in case of a physical disaster, such as a fire, flood, or theft, the backup data is still safe and can be accessed from a different location.

 

While not perfect (cyber security experts argue modern backup solutions should probably specify immutability, for example) the 3-2-1 principle guards against each of the biggest threats to business data – destruction of the original data, failure of the device hardware holding that data, and a disaster at the site where that hardware exists – that most often causes financial losses, legal liability and repetitional damage.

By planning your backups with this rule in mind, you’ll know your business continuity is protected against common emergencies.

 

For IT Support & expertise, please contact our team today.


Dangerous New Outlook Exploit Triggers Automatically

Microsoft have acknowledged a critical new zero-day vulnerability with Outlook, that does not require any user interaction with an email to be triggered.

Reported by the Ukrainian Computer Emergency Response Team (CERT) to Microsoft and graded 9.8/10 on the severity scale according the NIST, the exploit is believed to have already been used by a “Russia-based threat actor” in attacks against European targets across government, transport, energy and military sectors.

The exploit (CVE-2023-23397) abuses the way Microsoft Outlook attempts to follow links in emails to retrieve remote content, even before they’re opened or viewed in the preview pane – allowing a remote attacker’s server to request authentication via an old technology known as NTLM, and automatically receive poorly encrypted username and password details from Outlook. NTLM was officially retired by Microsoft after Exchange 2003, but the technology remains available in current versions.

This is dangerous because with a username, password and corresponding email address, hackers have effectively completed a credential theft without any interaction from the end user. Many users use their email account as a single-sign on for other applications, putting numerous other services at risk.

CVE-2023-23397 is not yet fully documented however Microsoft believe the vulnerability occurs “when an attacker sends a message with an extended MAPI property with a UNC path to an SMB (TCP 445) share on a threat-actor controlled server. No interaction is required.” Once a connection is made, the server sends the user a new technology LAN manager (NTLM) negotiation message which is relayed for authentication – none of which requires the user to even view the email itself.

The exploit affects only the Microsoft Windows version of the Outlook Desktop client. Outlook for Mac, the Outlook Web & Mobile Apps (as well as Outlook.com) are not affected – since these do not support NTLM authentication. Estimates vary but Outlook is said to be used by over 400 million users worldwide, in its various forms.

System administrators are advised to urgently patch with the latest Outlook updates from Microsoft within 24 hours.

Where this is not possible, system administrators are advised to add users to the Protected Users Security Group (blocking NTLM), or Block TCP 445/SMB outbound from network firewalls or via VPN settings, cutting off any NTLM authentication messages at the perimeter of your network. In both cases, Microsoft warn this may affect other services from working correctly.

 

For Cyber Security expertise and support, please contact Lineal’s Cyber Security Team today.


Why you need Call Recording

No need to keep changing tapes or wheel in a giant in-house recording server in the 21st century! Call recording is an increasingly accessible technology for small businesses that can be optioned onto phone systems, opening up a wealth of possibilities for improving customer service, dispute avoidance and data protection.

There are some good reasons why fully-virtualised call recording is worth considering:

 

Training Fuel

Phone calls are not just for dispute avoidance, but the audio is useful for other purposes: highlighting good examples of calls with customers or demonstrating what NOT to say. These examples are really useful in call centres, but also for staff training in other customer-service environments.

The best call-recording options will let you hold your call recordings in the cloud, reviewing and ‘clipping’ sections of those recordings on the web – helping you to get the best out of the available audio, or download the content you need to keep, while dispensing with the rest to keep storage retention costs low.

 

Compliance-Ready

In certain industries – particularly in the financial and legal sectors – call recording is an important part of showing your business is acting in good faith and fully within the rules, as well as being an economical way to build trust among customers that your organisation is professional.

As the technology becomes ever-more affordable, it’s likely we’ll see more regulatory bodies, insurers and asking businesses to accept recorded audio as a minimum threshold.

 

Get on the record.

It’s very easy for somebody else’s interpretation of what was said on a call can vary from your own – which leads to all sorts of difficult situations.

Announcing that calls are recorded in advance not only provides evidence in the event of a dispute, but pre-emptively warns callers of that fact – helping to cool the temperature of the call before it begins. So next time, get that call on the record!

 

For telecoms advice and expertise, please contact our team today.


Home PC Hack Topples LastPass

LastPass have confirmed that a hack on a staff member’s home PC led to a massive cyber security breach on the company.

The second stage of the attack used data stolen in LastPass’s August breach, cross-referenced with other stolen information, to launch a targeted sting on one of their DevOps engineers – installing a key logger on the staff member’s home PC which resulted in the loss of yet more data.

LastPass confirmed the attacker was able to steal the user’s master password, gaining access to corporate vault resources and shared folders. In the process, encrypted notes and decryption keys needed to access LastPass production backups based in Amazon Web Services (AWS) – cloud-based storage and critical database backups were also compromised.

Since the August 2022 breach, when LastPass source code was stolen, the company has admitted the breach also saw the theft of account usernames, hashed passwords, and some Multi-Factor Authentication (MFA) settings belonging to end users.

Unfortunately LastPass also acknowledged that saved URL for each password entry was unencrypted, giving potential attackers an obvious clue to the purpose of each set of credentials.

The breach highlights the way remote working culture has introduced significant new digital risks – such as the danger of home users accessing work data, resources and applications on devices that sit ‘outside’ of company cyber security protections.

LastPass is believed to be used by over 85,000 businesses and 30 million end users.

 

For Cyber Security Expertise & Support, please contact our team today.

Managed Cyber Security


Your Official Briefing

We recently attended a special event about the danger of Russian cyber aggression against the UK: here’s the latest guidance from the UK National Cyber Security Centre.

 

Be prepared for changes to Russian strategy

A feared ‘firestorm’ of wholesale attacks on the digital infrastructure of the UK and Ukraine’s other Western allies hasn’t arrived, but the NCSC urges Russia remains extremely unpredictable.

Intelligence agencies are now concerned Russia may launch a new cyber attacks on the West this year, partly as compensation for Russian ground war failures.

Rates of cyber attacks on UK organisations remain ‘steady’, with some very serious incidents reported – and the NCSC has emphasised before how Russian cyber attacks on satellite networks and banking systems in Ukraine have spilled over into multiple countries.

We do know that behind the scenes a number of UK organisations have been carefully briefed to prepare for Russian cyber attacks over the past year – and a ‘handful’ of cyber incidents each year are serious enough to require COBRA meetings.

 

Yes, REALLY unpredictable

Russian strategic aims are often inconsistent. Boldness and risk-taking are known to be favoured in Russian high command – which itself encourages reckless cyber operations, experimental techniques and surprise attacks – but also corners-cut and operational errors.

Much like the Russian ground offensive, many of the most aggressive Russian cyber attacks – such as the widespread use of destructive Wiper malware – appear to have been ‘front-loaded’ during March/April, preparing for a quick victory which did not materialise even as Ukrainian systems have been hardened.

Far less technical attacks also appear to have crept into the mix – alongside a curious quality gap in the actual work of Russian operatives, as if threat actors are being supplemented by other personnel. Recent incidents have highlighted the names of known Russian intelligence officers visible within the code of malware, and fascinating research by Mandiant even suggests attempts by the GRU to recruit assistance from amateur hacktivist volunteers via covert pro-Russian Telegram channels.

However, the NCSC emphasises that ineptitude or failure is not a barrier to the further attacks by Russia – the individuals behind the attacks are shameless, and cyber attacks remain a convenient way to highlight weaknesses from policy makers in other countries.

Essentially ‘nothing is off-limits’ – an approach that is also exacerbated by the internal competition between Russian service branches, with the FSB, FDR, GRU and others often seeking to outdo each other.

 

Who is a target in the UK?

Past experience suggest Russian cyber operations often include a key psychological element – following infamous KGB tradition.

As a result, the Russian military likes to target ‘pressure points’ in particular: critical infrastructure, the energy sector, transport, media organisations, senior politicians and especially companies with visible public-facing operations – anything that might generate panic among the public, suggest democratic policy makers are weak, undermine the West’s resolve to support Ukraine, or provoke a widespread feeling of vulnerability.

Ukraine provides some clues as to Russian strategy, but the NCSC emphasises that espionage attacks can often involve gaining access for no specific purpose – and (for example: obtaining privileged administrator access to systems) are simply a contingency for the future.

 

Organisations that plan ahead suffer less pain

Official advice is clear: organisations that prepare even the most basic disaster-contingency plans recover more quickly and suffer much less financial pain in the event of a cyber attack.

Even very simple crisis management steps like agreeing ‘who is in charge’ in advance, confirming ‘where are the backups’, and keeping printed copies of essential preparations for an emergency, all help radically minimise the damage, disruption and time to recovery.

However, this too comes with an NCSC warning: five years of IT improvement won’t be squeezed into your crisis remediation – better to have a roadmap for improving your cybersecurity as part of your existing business plans.

 

EDR is a Must

Forensic engines included in modern Endpoint Detection & Response (EDR) software help provide rapid information about the scale of hacks during incident response – this provides essential time for first responders to mitigate further threats, limit damage, and give the NCSC information about the threat to others.

The NCSC argues that British resilience will rely not just on small organisations across the country remaining vigilant, but gathering a wider pool of information on the centre’s behalf – the grassroots feeds into the ‘bigger picture’ of national security, and defending the UK is a team effort.

Services like the Signpost Cyber Incident Service now allow smaller organisations to report cyber attacks centrally.

 

Ransomware is THE threat.

NCSC guidance, right from the top of the organisation’s CEO remains the same:

“Even with a war raging in Ukraine, the biggest global cyber threat we still face is ransomware” – Lindy Cameron, NCSC CEO, June 2022.

 

Useful Links:

  • NCSC Early Warning System – Early Warning helps organisation investigate cyber attacks on their network by notifying them of malicious activity that has been detected in information feeds
  • NCSC Exercise in a Box – A free online tool which helps organisation find out how resilience they are to cyber attacks & practice their response in a safe environment.
  • Incident Management – cyber incident response plan NCSC guidance to create your own cyber incident response plan
  • The UK National Cyber Strategy – setting out five key pillars in the UK’s Cyber Planning.

 

For cyber security and technical expertise, please contact our team today.


2023: New Rules for Cyber Essentials

Each year GCHQ’s National Cyber Security Centre issue stricter new rules for business and organisations looking to secure UK Cyber Essentials (CE) and Cyber Essentials Plus (CE+) Certification.

Continuing themes from last year, there are now tighter rules on account access, thin clients, device firmware, remote desktops, antivirus/EDR solutions and more. Despite the success of the Cyber Essentials scheme, the past year has seen some notable cyber attacks on British organisations, and renewed calls for cyber security vigilance.

We’ve compiled a summary to help organisations prepare for what revisions are coming down the line in April.

 

Multi-Factor or Else.

Even sooner than many expected, Cyber Essentials will now require not only Administrators to have Multi-Factor Authentication enabled – but all end-user accounts as well, across all platforms. Previously exemptions were granted for services without this option available, now that gap closes.

Instead, where a service doesn’t support MFA this will now be declared a non-conformity, bringing digital services fully into line with the rules enforced on UK online banking, and even applying to school children – right down to reception-age.

That’s likely to pose a challenge for companies (and particularly schools) using any software or web services which don’t yet offer MFA – so many organisations may need to look at augmenting their IT setups with 3rd-party MFA solutions like Cisco Duo.

 

Don’t forget the Firmware!

Software version controls now extend to hardware device firmware – with the definition clarified to specifying “firewall and router firmware” in particular – which was always essential, given the perimeter nature of these devices. In a rare step back, firmware on servers, PCs and other devices has been removed from the scope.

 

Device Clarifications

The NCSC has admitted third-party devices have been a point of confusion – and has published a revised table clarifying which devices are within the scope of Cyber Essentials. Updates will apply only to devices which are not domain-joined, or when unlocked have limited access to data (smartphones, handheld scanners etc.) If the a vendor does not allow configuration to see CE standards, the application may use the vendor defaults without incurring a non-conformity.

Given that the definition partly rests on who owns the device in question, we predict more changes in future years.

CE device rules for 2023

 

Not Just Any Anti-Malware

Antivirus solutions no-longer need to be ‘Signature-based’ – since the best EDR solutions don’t rely on signature-based detection of threats anyway. CE+ audits will include extra tests to verify that anti-malware software is effective (beyond simple EICAR tests) and application allow-listing is being encouraged.

 

Scoring Changes

Minor/Major non-conformities have been merged with a single Non-Conformity mark. Any applicant receiving three non-conformities will receive an instant failure. Corrective actions must now be completed within two days, despite some exceptions are available for larger organisations.

However, unsupported operating systems become an unfortunate immediate triple-word score: the presence of any unsupported operating system within the scope is an automatic fail.

 

For Cyber Security and Cyber Essentials expertise, please contact our team today.


How to Use Files On Demand

One of the best features available to Microsoft 365 users is a special setting in OneDrive called Files on Demand.

Where OneDrive normally synchronises a local copy of a file on your device to the copy saved in your account in the cloud, Files on Demand allows you to be more selective – only downloading local copies of files from OneDrive when you really need them.

This helps you conserve storage, and is especially useful on laptops with smaller hard-drives.

Each user can choose which files are also kept locally on their device – synchronising a local copy of essential files that will be available offline – while relinquishing larger files likely to take up space (such as videos) to only reside in your Microsoft 365 account in the cloud until you need them.

Users see a green tick where files are available both locally and synchronised in the cloud, and a blue cloud icon where files are saved in the cloud only.

When a file is accessed, the local copy is downloaded in the background, and made available locally for the future. The same control is available via a right-click option, by clicking on ‘Always keep on this device.’

Alternatively if you need to manage your local storage usage, you can right click and select “Free up space” to remove it from your device, knowing it still remains available in the cloud.

For Microsoft 365 expertise and support, please contact our team today.


The Big 3G Switch Off

By 2025 the UK’s analogue phone network is being switched-off, but that’s not the only major communications technology that is due to be retired imminently.

3G mobile networks are also due to be switched off, with Vodafone leading the charge to retire the older technology. 3G, launched in the UK in 2003, has been replaced in recent years by faster, more reliable 4G and 5G coverage.

According to guidance from Ofcom, the schedules of the UK’s major mobile providers are as follows:

Timescale Includes
Vodafone Begins switching off 3G in ‘early 2023’.

Lebara Mobile

Asda Mobile

Talk Mobile

Virgin Mobile

EE Begins switching off 3G in ‘early 2024’.

BT Mobile

Plusnet Mobile

Co-op Mobile

Utility Warehouse

Three

 

Begins switching off 3G ‘by the end of 2024’.

 

Gamma Mobile

ID Mobile

O2 Yet to announce any switch-off timetable.

Tesco Mobile

GiffGaff

Sky Mobile

LycaMobile

 

The disappearance of 3G will mostly only affect very rural areas but also those customers with older mobile devices that don’t support newer 4G or 5G. In addition, Ofcom advises businesses to check any other kinds of 3G-enabled devices – such as care alarms, payment terminals and security devices, to ensure these don’t become non-functional. Mobile providers are obligated to announce the change to their customers nearer the time.

Traditional 2G voice and text services are expected to remain in place on Vodafone, EE and O2 until at least the 2030s.

 

For business mobile expertise and support, please contact our team today.


Farewell to Windows 7/8

Extended Support for Windows 7 and Windows 8.1 officially ends as of January 2023.

The older operating systems will no longer receive any security patches or technical updates from Microsoft, which poses a compliance risk to businesses and organisations.

Mainstream support for Windows 7 originally ended in early 2020, although some Enterprise users could choose to purchase an ‘Extended Security Update’ (ESU) program for an additional three years.

Ever since then, Microsoft has regularly urged users to upgrade to Windows 10, and later Windows 11 on PCs with TPM security built into their chipset.

Windows 7 was originally released in 2009 and became an overnight success, selling over 100 million copies within six months. As of September 2022, a staggering 11% of traditional PCs are somehow still estimated to be running Windows 7 globally.

Windows 8 suffered a more checkered history: originally developed with a touchscreen-friendly tile display designed to be similar across PCs, tablets and the ill-fated Windows Mobile – many users found the new user interface confusing, continuing the mysterious curse of alternate-versions of Windows being a flop.

Microsoft Edge 109 will also be the last version of the web browser that will be considered supported for Windows 7 and 8, with a similar change expected from Google within Google Chrome.

Now the World officially waves goodbye to Windows 7/8.1, and any users still stuck on the old versions are faced with the choice of either purchasing a licensing upgrade for their old PC if their hardware permits it, or replacing their device entirely with a newer Windows 10/11-based model.

 

For Operating System expertise and support, please contact our team today.


Police swoop on ‘DDoS-for-Hire’ Operations

UK & Dutch police have helped lead an international operation with Europol to take down one of the World’s biggest DDoS-for-hire services, webstresser.org.

The UK’s National Crime Agency and their Dutch Police counterparts announced the success of ‘Operation Power Off’ – which saw the seizure of infrastructure believed to be linked with criminal activity based in the UK, Netherlands and Germany, and the arrest of individuals as far afield as the UK, Spain, Canada, Croatia, Italy, Australia and Hong Kong by at least a dozen different law enforcement agencies.

On the other side of the Atlantic, the Department of Justice announced an additional six arrests by the FBI, with a further 48 domains seized as part of a criminal investigation into DDoS-for-hire operations.

webstresser

According to Europol, Webstresser is estimated to have let over 136,000 customers launch more than four million Distributed Denial of Service (DDoS) attacks on targets for as little as £11, overwhelming websites and online services with traffic and knocking them offline. Although DDoS for hire services often pose as genuine ‘stress-test’ tools, users with very little technical knowledge were able to order attacks on unrelated targets – choosing between ‘Bronze’ ‘Silver’ and ‘Platinum’ packages.

The service was thought to be responsible for cyber attacks on at least seven major UK banks in November 2021, as well as numerous other businesses and government departments around the world. The BBC reports UK police have raided an address in Bradford, in connection with last year’s attacks on UK banks in particular.

Jaap van Oss, the Dutch Chair of the Joint Cybercrime Action Taskforce (J-CAT) praised the joint cooperation by law enforcement agencies to finally take Stresser offline.


Lineal Awarded Twin ISO Certifications

Lineal Software Solutions Ltd. has successfully been awarded two ISO Certifications – ISO 9001 and ISO 27001.

ISO is the world’s best known international standard for assuring business quality across a wide range of areas – including information security quality management, safety, sustainability and more. Highly prized among businesses, each ISO certification is extensively audited by an independent auditor to check compliance with the published standard.

iso badges

Each management system must be continually reviewed and improved. We benefitted from in-built advantages of our own SQLWorks ERP software – which included many of the controls necessary to implement a quality management system. In particular, auditors praised the way Lineal’s own software automatically logged a forensic record of the actions of Lineal staff, the efforts of the company to incorporate customer feedback, and the team’s work on safeguarding against errors.

Managing Director Mike Matthews praised staff for their efforts, explaining:

“In our industry, what matters most is trust in technical expertise. Everything looks impossible until you know how to do it! We are so proud of our team, who not only took on this intense challenge over many months but succeeded. Twice.”

ISO 9001:2015 (‘Quality Management’) checks that a business is carefully planning, following and monitoring all business processes, constantly reviewing results good or bad, and implementing improvements in an organised way.

ISO 27001 (‘Information Security’) requires businesses to maintain the highest standards of data security, privacy and information management throughout the organisation, and is especially important among businesses in the technology sector.

Our special thanks go to Balazs Bagi of Improved Ways Ltd, for his expert knowledge and vital assistance at every stage of our application, and to our external auditors from Alcumus.

Well done to our entire team for their hard work!

This project has received grant funding from Devon County Council via the Devon Elevation Fund & UK Community Renewal Fund.


 


What’s New in MacOS Ventura?

October sees the release of MacOS Ventura to the World – what can Mac users expect in the latest release?

As with previous MacOS releases, Apple clearly has one eye on the times, with the latest version of their operating system packed full of features for more flexible working patterns, mindfulness considerations and security additions. Read on to learn more.

 

DeskView

Top of the list from Apple is DeskView, which lets those with an iPhone 13 or 14 use the device as an external FaceTime camera. Ignore the promotional material about clipping your iPhone to the top of your MacBook for a better selfie – the real benefit here is as a portable camera that be used to show others on the call a view they can’t normally see – such as your keyboard, paperwork or objects behind the screen. Powerful stuff indeed.

 

Focus Filters & Stage Manager

An idea tested elsewhere but new to MacOS – focus filters allows you to group apps into types (‘Productivity’, ‘Communication’ etc.) and settings for those apps when that filter is applied. This helps cut out distraction and makes it easier to apply a kind of overarching ‘Work’ setting to your device when you need to concentrate.

Also new to MacOS is Stage Manager – a window control mechanism that parks apps stage left to make it easier to cycle through windows and control many interfaces at once.

 

 

Security enhancements

We’ve written about Lockdown Mode before – but the hyper-secure setting recently released for iOS users is now coming to MacOS as well: allowing those who are highly targeted or travelling in more dangerous parts of the world to set ultra-strict communication settings for their device to protect against surveillance malware.

Apple also makes good on its promise to support a passwordless future in line with the recommendations of the FIDO Alliance – introducing uniquely generated cryptographic passkey support for websites that links to biometrics.

 

Mail Improvements

Apple has quietly tidied up some of the gaps between Mail and other well-known email clients that are also available. Mail now includes a 10-second delay switch to stop an email being sent, automated reminders, and mercifully: scheduled sending, which will all appear in the newly released OS version.

 

Safari Updates

If you’re the kind of person who keeps hundreds of tabs open and lives through a browser – Safari tabs can now be grouped together to make organising your world easier – and shared with other users easily, helping you build and use collections of URLs easily. FaceTime calls will also now work within a browser, to save you returning to your iPhone.

 

For Apple Mac expertise and support, please contact our team today.


2022 Client Satisfaction Survey Results

Lineal have scored strong results in our Annual Client Satisfaction Survey this year, continuing a run of success.

For the third year in a row, over 70% of you said we understood your technical queries “Extremely Well” – our highest available grade – with no negative responses received for this question at all. More than 50% of you also told us we responded to problems either “quicker than expected” or “much quicker than expected” – a score bolstered by improvements we’ve made to our Client Support Portal.

This year we’ve seen a growing percentage of you (around 20%) using our Client Support Portal to raise and monitor new support tickets – although phone and email remain our busiest channels.

For the second year running, over 90% of you told us our customer support was either “Great” or “Good” – a score we’re working hard to perfect.

You also gave us honest feedback for areas we can improve – in particular some clients had suffered hardware shortages and supply chain delays recently, something we’re working hard to address: with more supplier choices, greater options for refurbished hardware, and more advance warning.

We review every comment, and particularly enjoyed the following:

“I have worked with many IT support organisations and in comparison, I have found Lineal’s customer service to be friendly, extremely efficient and very professional.”

“Always approachable, professional and friendly and swift in solving the problem.”

“Lineal website is full of information and easy to find what you are looking for. The regular newsletters and product information are informative and very helpful. The SQLWorks Procedures on the website are very helpful.”

“My questions and requests have always been answered speedily and professionally. I value the professional opinion of the sales team and the software support team.”

“Good Communication and helpful staff.”

 

Our thanks once again for all your kind feedback.


Macro Misadventure Minimised

Microsoft have altered how macros activate in Microsoft Office files, in an effort to improve users’ cyber security.

Macros, which allow office files to run sequences of commands, can be used to automate simple tasks – but also maliciously by hackers as a mechanism of attack.

Macro-based hacks have been around since the late 1990s, but remain surprisingly effective. Users are commonly asked to open unexpected email attachment and authorise the macro to see its mystery contents, allowing the macro to introduce malware onto the system. In effect, users authorise the hack themselves.

Instead of the old yellow ‘Security Warning’ labelled with an instant ‘Enable Content’ button users previously saw when using Microsoft Office applications, files will now prompt with a red ‘Learn More’ button, and users will be forced to see guidance on using macros securely, before being able to enable the content.

 

macro warning


macro warning

 

This small move – which was originally rolled out, rolled back, and then rolled out again – has been part of a slow clampdown on macros that has lasted more than two decades. Over the years macro functionality has steadily had more restrictions applied – in 2003 IT admins could require macros to have a trusted certificate (more like software applications) and as of 2013, could block macros by default.

But Microsoft hopes this simple firebreak will nudge us to think twice, and stop (potentially millions) of people from endangering themselves and their technology with a click.

Human nature continues to catch out many users curious about mystery documents – particularly since only a small fraction of Microsoft Office users are even aware of Microsoft 365’s powerful automation features.

 

For IT support and expertise, please contact our team today.


A Policy Change: Admin Rights

A Policy Change: Admin Rights

This year we’ve made a number of policy changes to how Lineal protects your technology, data and users – part of a programme of adjustments designed to help our clients keep their organisations secure.

One of these is a change to how we manage security permissions. In future, we’ll be stricter about how and when we allow administrator (‘admin’) privileges to be used.

 

What does this mean?

Put simply, we expect no end-user to use an administrator account for their routine work.

Where a user needs administration privileges as part of their official role, we expect a separate admin account to be created for this function, with some extra protections put in place.

All admin accounts should be named to indicate the owner, assigned to only one individual, authorised by management, and protected by Multi-Factor Authentication, where available.

 

Why are Lineal taking this step?

Admin accounts carry enhanced powers – often to install applications, access raw data or bypass safeguards – each of which represents a more significant cyber security threat where an admin account is misused or compromised.

In the event of a cyber security breach, it’s not uncommon for attackers to leverage admin accounts to attack other systems or users laterally, using heightened account privileges.

Reducing the number of administrator accounts, their use, and the risk of an account breach, all help to maintain strong cyber security within your organisation.

We’re also acting in line with the current requirements of the UK NCSC’s Cyber Essentials Scheme, as well as ISO 27001, CIS benchmarks and NIST 800-60.

 

Does my organisation need to budget for this?

No – this change will be a guiding principle for the assignment of existing/new admin privileges.

 

My organisation is subject to a compliance standard / framework, what do I do?

If you’re already subject to any specific controls over the distribution of administrator privileges, please contact us to discuss further, and we’ll do our best to explain how these changes support or enhance your existing controls.

 

What if I don’t want to do this, because of _________?

Where a client still allows a user to have local or domain administrative rights for standard duties, we’ll now require you to declare this to us in writing – as part of a disclaimer accepting liability for any adverse consequences of this decision.

We’ll also make clear that any remedial works required by us following an incident caused by this decision will be chargeable.

 

Who can I speak to about this?

Please contact our IT Support Teams via our Client Portal, via [email protected] or, 01271 375999, and one of our team will be happy to assist.


Exploring Teams Walkie Talkie Mode

Microsoft Teams has taken the world by storm, but it’s not just for office workers. Teams can also be deployed to powerful effect in many other working environments – including for field staff.

One of the lesser-known features is Teams Walkie Talkie Mode, whereby staff can transmit audio via special single-press mechanism that doesn’t require conventional dialling. This lets a frontline worker transmit either directly, or into a channel, in a similar fashion to when using a walkie talkie.

There’s a number of key advantages here – it means warehouse, shop-floor and field staff can carry fewer devices, and walkie-talkie mode’s ‘big button’ is also more glove-friendly than many touchscreen apps. Companies may also appreciate having to purchase less single-use hardware to begin with.

Because Teams already runs over data connections (usually Wi-Fi or 4G in the case of mobile devices) the range on Walkie Talkie Mode is also infinite, unlike their namesake devices.

If your field staff already have rugged Android devices, from providers such as Zebra or Samsung, these can even integrate single-press keys to drive Walkie Talkie Mode, even if the device screen is off.

Microsoft 365 ‘Field’ licensing is also available at lower cost, with a restricted toolset, allowing companies to safely and cost-effectively rollout Teams access to a wider pool of users. Walkie Talkie Mode itself is available as an additional app that can be enabled in your Teams Admin Centre, and controllable using security permissions administered by your administrator or Microsoft 365 Licensing Partner.

 

Lineal are a Microsoft 365 Gold Partner – for IT support and expertise, please contact our team today.


Apple Announces ‘Lockdown Mode’

Apple have unveiled a special ‘Lockdown Mode’ for individuals likely to face extremely targeted threats to their cybersecurity.

Lockdown Mode will be added to iOS 16, iPad OS16 and macOS Ventura, and is designed for a small number of users who are likely to be targets of high-end surveillance spyware, and require the digital attack ‘surface’ of their device to be drastically reduced.

The new functionality is partly a response to the work of organisations like NSO Group, who have faced repeated accusations that their counter-terrorism surveillance software has also been used by governments and various state-sponsored actors around the world to illegally target journalists, activists and other political opponents.

The new tool represents an extreme device-hardening posture, and imposes very strict controls – including:

 

* Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.

* Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.

* Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.

* Wired connections with a computer or accessory are blocked when iPhone is locked.

* Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

 

Apple is keen to point out that “while the vast majority of users will never be the victims of high targeted cyberattacks”, lockdown mode will become an option for those that may be, and reasserts Apple’s credentials in the high-end ‘secure-phone’ market previously dominated by Blackberry and other niche hardware players.

The tech giant’s will also offer up to $2m to anybody able to demonstrate a vulnerability in Lockdown Mode under their bug bounty programme – the largest such reward available in the industry.


Apple Showcase Newest Technology

Apple have previewed a range of futuristic new technologies at the Apple Worldwide Developer Conference 2022.

Among the latest releases were the upcoming new version of Apple’s flagship Mac operating system, macOS Ventura, iOS 16 for iPhone and iPad, new hardware and the new M2 Chipset.

Ventura brings a range of device-flexibility options to mac and macbook hardware – including ‘Continuity Camera’ – the impressive ability to use an attached iPhone’s special camera lenses via your laptop for some (truly next-generation) video-calling tricks.

A new productivity tool called ‘Stage Manager’ also helps users group windows into temporary groups – although perhaps the more useful feature is handoff support for facetime to iphone, allowing the user to leave their desk ‘mid-call’ without interrupting the conversation, in the style of more enterprise unified-communications apps.

2022’s powerful new MacBook Air will be the first to receive Apple’s own M2 silicon chipset, which somehow exceeds the staggering performance and power-efficiency traits of its M1 predecessor. To put those traits into perspective – Apple claim a new M2 chip can match 87% of the performance of a 12-core PC/laptop chip, while using only 25% of the power.

iOS 16 adds new abilities to iPhone – including the option to customise their lock-screens and notifications, circulate family photos in a shared album, and recall recently sent iMessages.

Apple also previewed a range of new services and Apple account features, including a new ‘Buy-Now-Pay-Later’ scheme (BNPL) in the style of popular fintech services like Klarna, passkey-based login support within Safari, and a safety feature called ‘Safety Check’ designed to help those who end up in abusive relationships.

For Apple IT support and expertise, please contact our team today


Lineal Seeking ISO Accreditation

Lineal Software Solutions Ltd. are currently seeking ISO 27001 and ISO 9001 accreditation as part of a UK business improvement scheme.

ISO is the world’s best known international standard for assuring business quality across a wide range of areas – including quality management, information security, safety, sustainability and more.

ISO 27001 specifically covers information security management, while ISO 9001 covers quality management. Working with Improved Ways Ltd., we hope to obtain both accreditations successfully by Autumn 2022.

This project has received grant funding from Devon County Council via the Devon Elevation Fund & UK Community Renewal Fund.


 

Seeking ISO accreditation requires the company in question to submit to a two-stage, independent external audit – reviewing both documented procedures, and how those procedures have been put into practice.

Watch this space!

 

For more information, please contact our team today.


Lineal’s Mike Wins Omnis Software Award

Lineal’s Managing Director Mike Matthews has won an Omnis Software award for Outstanding Community Support at the International Omnis Developer Conference in Dusseldorf.

Mike first began developing software nearly 40 years ago, – starting with stock control software for the family manufacturing business – which eventually evolved into the modern software products carried forwards by Lineal’s in-house software development team.

Over many years Mike and Lineal have helped organise the European Omnis Developers conference (‘EurOmnis’) – promoting a community of developers who support each other’s projects and skills development.

Omnis software now underpins a number of important Lineal-developed software applications – including our flagship SQLWorks platform for business manufacturing/MRP, CRM, accounting & stock control. Omnis allows us to develop mission-critical business applications more quickly, deploy cross-platform across Windows & Mac, and draw on expertise from a wider community of developers.

This year’s conference was entitled ‘The Future of App Development’ – joining other notable recipients from as far afield as Mexico, Switzerland and Australia, and Mike thanked the conference for the award.

Congratulations Mike!

 

For business software advice and expertise, please contact our team today.


Introducing Device Management

If your staff’s company-issued devices are now everywhere, how can you keep track – and what are the benefits?

Device Management technology has really come into its own in the last few years, particularly as companies have embraced hybrid working during Covid. 

Maintaining a large digital estate of company devices far beyond the reach of your travel distance or office network sounds like a logistical headache – but it simply requires a shift in approach. Here’s why your organisation should consider rolling out device management:

 

The Basics

First and foremost, device management means protecting access to data and your hardware investment.

Tracking a device’s specifications and physical location remotely have long been a cornerstone of device management – but modern hardware-loss protections go a step further by adding the ability for IT admins to remotely lock or even wipe a device in the event of a suspected theft. On the best solutions, MDM software can also look out for suspicious warning signs like a mobile device being jailbroken – and conditionally deny access to company apps or data.

In 2022 that safeguarding can now apply across desktop, mobile and tablet devices – right across Windows, Mac, iOS, Android & ChromeOS. Now that staff work anywhere from their homes to airports, that lockdown ability is a powerful tool.

 

 

Stress-Free Maintenance

With modern device management it’s easier for your IT administrators to manage devices, apps and the updates that apply to them.

In the old days (well, the early 2000s), remote administration meant a device had to be domain controlled, connected via VPN or similar, or within physical travelling distance of the technician.

No longer. Modern device management means device profiles, Windows updates, access to company-approved apps, patches, firewall rules and more can all be created and pushed out centrally via content-distribution ‘over the air’. Device management means even the hardware specifications of company devices can be remotely managed, potentially saving thousands of hours of IT support hours.

 

The ‘Out-of-the-Box’ Experience

Don’t forget the users! Device Management isn’t just to make life easier for the IT admins, but also helps make sure the end-user gets a great experience.

With remote device onboarding, the preparation of new or re-issued devices can be done in advance, allowing the user a complete profile of settings and apps to launch right ‘out of the box’. That flexibility allows organisations to enroll staff that never visit a central hub to collect the device, supporting distributed organisations with personnel (potentially) all over the world.

If your MDM solution also supports single-sign-on, that sign in can be the user’s passport to the full ecosystem of company apps and IT resources, right from day 1.

 

For IT support and systems expertise, please contact our team today.


Apple, Google and Microsoft Agree Passwordless Future

Three major tech providers have agreed to introduce support for passkey-based login, in line with recommendations of the FIDO Alliance.

Passkeys have been proposed as one of the possible futures for the death of passwords, and would be freshly generated with each biometric login to a registered device to help prevent password-theft.

In future Google Chrome, Microsoft Edge and Apple’s Safari will all facilitate passwordless login as an option – and major tech providers will offer passkey login for important online services including Active Directory and Azure.

Microsoft estimate that around 330,000 people have removed their password from their Microsoft Account in the last six months – with most using Microsoft Authenticator as a kind of passkey instead.

‘Hackers don’t break in, they log in’ is an often repeated mantra among cybersecurity professionals – reflecting the fact that most online accounts are breached via a normal login attempt, but with stolen credentials.

The FIDO alliance is the the online movement to replace password authentication entirely with single-use passkeys – although the organisation admits there are barriers to entry, including organisations’ cost to develop their own versions of the technology, an unfamiliar user experience, and the reluctance to ‘go first’.

It is hoped that with major tech providers building passkey support into their browsers, many more developers will be able to adopt the new standard to help keep users secure.

 

For Cybersecurity expertise and support, please contact our team today.


Client Portal – What have we learned?

It’s been almost a year since Lineal introduced our new Client Portal, which allows our customers to not only raise new IT Support tickets direct into our systems, but review ticket progress and respond as new information is discovered.

However, we can also use global ticket data to get extra insight into our IT support process, improve our services, and help customers enjoy a better experience. So what have we learned so far?

 

Faster Responses

We’ve noticed some real advantages to customers connecting with us via the client portal – since last year, our average first-response time has improved by approximately 8%.

Evidence also suggests that in-life ticket responses are actually quicker via the portal than when raised by phone (around 5% on average), reflecting the fact that tickets can be updated without both agent and customer being available to continue the conversation at exactly the same moment.

So what does the time saving look like? In practical terms, it takes around 4 minutes longer for a simple phone call to be received, spoken and generated into a new ticket, rather than for that ticket to be submitted directly to the portal by the customer.

If most of those calls became portal tickets, Lineal customers and staff would save as much as 300 hours of talk time each and every year.

client portal

 

Changing Times

In previous years we’ve noted that Monday is our busiest day of the week, however recent data suggest this has shifted to Tuesday – possibly reflecting new hybrid working trends catching on, as office workers choose to reacclimatise to work from home either side of a weekend.

9am-10am remains overwhelmingly our busiest time of the day – as well as the period when a portal ticket can be created with the biggest time saving, compared with calling our Helpdesk.

 

client portal faster response times graph

 

High Importance

We took a gamble giving customers the ability to grade the priority of support tickets via the portal – we weren’t sure whether this tool would be used the way it was intended.

Statistics suggest it’s been an overwhelmingly positive feature – our highest priority tickets raised via the Client Portal (rated High and Urgent) have significantly faster first response times than not just tickets on average, but corresponding priority tickets raised by other methods.

 

Positive Feedback

Instant feedback (‘smiley face’) buttons added to the bottom of each ticket help users tell us more broadly how we’ve been doing. Ticket feedback for our IT Support service has been overwhelmingly positive (95%) and less than (5%) negative.

This is important because the feedback is gathered at time of writing, and on a rolling basis – rather than at times we’ve chosen to measure. Our current target is to increase this to 98% positive or greater.

 

For IT Support help and expertise, please contact our team today.


Google Previews Little Signals

Google have previewed a design study of sensory notification devices designed for a less stressful digital life.

‘Little Signals’ demonstrates interesting ways the end-user might receive notifications in a calmer, more subtle way than via their smartphone screen – using ambient sound, changing shadows and discrete movements.

The friendly-looking set of six tabletop devices are a zen paradise of pastel shades and soft movements designed to be less anxiety-inducing than a constant blizzard of push notifications.

Little Signals is one of several Google ‘Digital Wellbeing’ experiments – with others including ‘digital detox’, a visual ‘anchor’ that prevents infinite doom scrolling, and a minimalist ‘paper phone’.

Some of the devices can be interacted with, or are intended to have minor affects on surrounding objects to get the user’s attention.

Each prototype hides an onboard Arduino micro-computer, but none of the devices use either display screens or artificial light, demonstrating how Internet-of-Things (IoT) devices might become better disguised as part of our physical environment.

 

For IT support and expertise, contact our team today.


Lineal Cybersecurity Briefing to UK Exporters

Members of Lineal’s cybersecurity team recently ran a special training event for over a hundred UK exporters, as part of the Department for International Trade’s ‘Export Academy’ initiative.

The UK Export Academy was formed to give UK companies vital know-how as they develop international trade opportunities, and to help them avoid common pitfalls.

Attendees were given a wide-ranging crash course on common threats, including a run-down of various vectors of cyber attack typical to companies trading internationally, and techniques to mitigate dangers.

Topics included best practice for password management & identity protection, email safety, device health, network safeguards and much much more.

We’ll be part of other UK Export Academy events in the near future – you can find more information about the academy here.

Learn more about Lineal Cybersecurity expertise here.


Lineal Engineers vs CyberDrain 2022

Several Lineal Engineers have entered the 2022 international CyberDrain ‘Capture-the-Flag’ competition.

Designed to sharpen the problem-solving and technical skills of IT administrators, CyberDrain challenges test proficiency across a range of common platforms (including Microsoft Azure, Hyper-V, 365 & Linux environments). To rise to the top of the 1000-person strong global league table, contestants must recover as many ‘flags’ as possible before 14th March.

2021 saw three Lineal engineers (Hugo, Martyn and Joe) score among the competition’s best – each ranking within the ‘Top 50’.

Contestants must be able to answer both beginner challenges that mimic typical support tickets raised by end-users, but also demonstrate advanced PowerShell scripting and system engineering skills.

This year’s competition adds an extra layer of challenge – with both harder and time-limited challenges that earn bonus points – and a wider range of prizes sponsored by Huntress and other notable IT vendors.

Good luck to all our competitors!

 

For IT Support and technical expertise – please contact us today.


Hermetic Wiper Malware Hits Ukraine

Endpoint security specialist SentinelOne have isolated and demonstrated an installed instance of HermeticWiper malware currently destroying PCs across Ukraine.

First spotted on February 23rd, the 114kb ‘Hermetic Wiper’ malware gets its name from the (likely fictitious) ‘Hermetic Digital Ltd’ – a Cypriot company allegedly named on its digital certificate. The malware appears to have been circulated among a number of Ukrainian organisations, and abuses a partition management driver to begin corrupting a device’s physical drives.

Watch below as SentinelOne test-detonate an instance of Hermetic Wiper, first on an undefended PC, then with powerful endpoint protections in place:

Video Credit: SentinelOne.

Once activated, the malware initiates a device shutdown, making the system irretrievable and booting only as far as Windows’ ‘Your PC/Device needs to be repaired’ screen.

The timing and nature of the attack (crippling PCs in the short term, until they can be replaced) suggests an effort that has been coordinated with Russian military operations.

 

For cybersecurity advice and expertise, please contact Lineal today.


2022: New Rules for Cyber Essentials

This year GCHQ’s National Cyber Security Centre have introduced stricter new rules for businesses and organisations hoping to achieve UK Cyber Essentials (CE) and Cyber Essentials Plus (CE+) Certification.

In addition to promoting the scheme’s key priorities, the new terms for successful assessment are widely believed to be partially a response to recent events – including more widespread remote and home-working via cloud-based web services during Covid-19, and a series of devastating ransomware attacks that disrupted major infrastructure in the US.

Need a taster of what’s to come? Here are our key take-aways:

 

Cloud Services under the spotlight

In previous years organisations could exclude many cloud-based platforms from the scope of their assessment – but with the wholesale move to the cloud only accelerating under working from home, and web-services containing ever more data, cloud-based systems such as Microsoft 365 and Google Workspace move squarely into the frame.

 

Multiplying multi-factor

Most critically this year, two-factor authentication will become compulsory for all administrator accounts registered to cloud-based services – as the NCSC tries to stop hackers obtaining credentials and then remote accessing their way to cyber-devastation. Expect user accounts to follow in 2023 – an exemption may be granted under certain circumstances, but it’s clear the days of the old ‘password-only’ login are numbered.

2022 also places new restrictions on passwords: organisations are encouraged to have password managers enforcing random 8-characters or more, or a 12-character pattern, at a minimum. Mobile devices and similar should have minimum 6-figure pin or biometric security – with a recommended lock-out for ten failed password attempts.

 

Sub-networks under scrutiny

Sub-networks may now only be excluded if they don’t have a connection to main networks or no internet-access – meaning many organisations will now have to detail their satellite and subordinate operations more fully.

Patching-discipline is said to be the most common reason for failing a Cyber Essentials assessment – the 14 day patch window remains, but automated updates should now be enabled if available. Thin client devices are to be included from next year, and unsupported software should be air-gapped on sub-networks that don’t have internet access.

 

A question of hats

All super-users are now meant to have distinct user and administrator accounts, with stronger security on the latter. This distinction extends to cloud-services, meaning administrators will have to swap between their day-to-day functions completed on user accounts, and their admin roles where they have elevated privileges.

In the wake of the Colonial Pipeline ransomware attack and others, it’s clear rules for admin accounts will only become more stringent.

 

Greater auditing

Cyber Essentials Plus Certification will increasingly require more in-depth auditing by independent inspectors – including sending malicious test-emails, validating software versions, testing file access, and confirmation of the all-important admin/MFA rules described above.

 

Lineal are a Cyber Essentials Plus certified organisation, and can help your team achieve certification. Contact our team today.


Microsoft calls time on Windows 7/8 OneDrive

Microsoft have announced that OneDrive Personal will cease to synchronise on Windows 7, 8 and 8.1 from 1st March 2022.

Beyond this date, data saved to the OneDrive desktop app will not be saved to the user’s online Microsoft 365 account. Instead the user must either upload files via their account on the web through their browser, or upgrade their hardware to Windows 10/11.

Business-licensed users will still be able to synchronise OneDrive files until Windows 7 extended support finally ends in January 2023, although time is clearly ticking for business users of the popular file storage app who remain on older operating systems.

The hugely successful Windows 7 reached ‘End of Life’ (the end of official support) as of January 2020, but remains in surprisingly widespread use. Despite the free release of Windows 10 and 11 over the past decade, Windows 7 alone still has millions of PC users remaining – approximately 14% of the global market.

Keen observers will note that with the business version still running (for now) there’s likely no overriding technical reason the Personal version must cease, but that OneDrive itself sits at the centre of Microsoft’s hugely popular suite of Office apps – and that announcements like this are one of the few remaining ways Microsoft can clearly signal the need to upgrade decade-old hardware that may have security vulnerabilities.

Lineal are a certified Microsoft Gold Partner. For IT support and expertise, please contact our team today.


Announcing: SentinelOne

For 2022 we’re announcing a series of changes to the way Lineal helps keep your IT safe and secure – including some new technologies that will allow us to better care for our customers’ cybersecurity.

One of these is the introduction of SentinelOne as an alternative to traditional antivirus options. We’ve formed this partnership to offer a more extensive set of tools to customers, and further modernise the way we keep your staff, systems and data safe.

You can learn more about SentinelOne, and why we’ve taken this step, below:

 

What is SentinelOne?

SentinelOne is a next-generation Endpoint Detection & Response (EDR) software that we’ll be recommending in future to protect PCs/Macs and more from cybersecurity threats, in place of more traditional antivirus options.

 

Why are Lineal making this change?

We’re responding to changing times – in recent years we’ve seen the threats to small businesses shift away from general malware towards more dangerous ransomware that encrypt data and seek to extort payment from victims.

 

Why have you re-focused on Ransomware?

The scale of the threat. While malware might endanger data, hit device performance or introduce other serious technical problems, ransomware can be totally devastating – bringing even major industries to a standstill.

The UK National Cyber Security Centre recently argued that “Ransomware represents the key cybersecurity threat facing Britain…” – following a series of high-profile and crushing ransomware breaches in the US, across industry, and against the NHS.

For a small business, a ransomware infection is potentially terminal, and as the methods used by cybercriminals change, our recommended cybersecurity precautions need to adjust to reflect this.

 

What’s wrong with traditional antivirus?

While a traditional antivirus software is a good defence, these typically work by comparing against a list of known threats that are regularly updated. This technique has its limits – particularly when it comes to never-before-seen ‘Zero Day’ threats.

With the spread of ‘ransomware kits’ on the dark web, it’s becoming easier and easier for cybercriminals to introduce brand new variants and strains, on an hourly basis. This necessitates a different kind of counter-measure: intelligent EDR software that understands how a threat to an endpoint ‘acts’ and can remediate more effectively.

 

 

OK, but why SentinelOne rather than [Product X?]

In addition to performing exceptionally well in independent testing, we’ve been impressed with SentinelOne’s cloud-based management and ‘storyline’ investigation tools, and their Ransomware Warranty pledge of $1,000 per computer (Up to $1m) for each machine with valid protection.

Even more impressively, the Singularity engine utilises some highly advanced fingerprinting technology to support cutting-edge rollback abilities – a powerful aid to incident response.

The company consistently ranks as a Leader in Gartner analysis, is the only vendor on record to achieve a 100% score in MitreEngenuity testing, and won both Gartner’s 2021 ‘Customer Choice’ highest ranked product, and CRN’s 2021 Product of the Year award for endpoint security.

 

What does this all mean for me?

In future cybersecurity discussions, one of the Lineal team may speak with you about EDR, and may quote SentinelOne as an alternative option to renewing your existing antivirus.

If you would like to discuss this with us, please contact [email protected] or simply speak to one of our team.

 

PC & Mac? And Servers too?

Yes!

 

Will I still be able to purchase other Antivirus products via Lineal?

Yes!


Have I Been Pwned publicises 225 million new breached passwords

UK’s National Crime Agency (NCA) has urged the public to check the security of their email addresses and passwords after they uploaded 225 million unique passwords to hack-checking service Have I Been Pwned (HIBP).

With this addition of 225 million passwords obtained from cyber criminals, the NCA are urgently encouraging people to search for their own passwords on the website to check if their details are in the hands of hackers.

The 225 million passwords that were found in a compromised cloud storage facility were an accumulation of datasets both known and unknown.

HIBP is a free online service allowing users to search the now updated 853 million strong Pwned Password service database to see if their email or password has been compromised and in which specific historic or current data breaches their data was listed in.

Troy Hunt, owner of Have I Been Pwned, received a statement from the NCA reporting:

“During recent NCA operational activity, the NCCU’s Mitigation@Scale team were able to identify a huge amount of potentially compromised credentials (emails and associated passwords) in a compromised cloud storage facility”

Hunt further revealed that Have I Been Pwned’s new data ingestion pipeline is now live. The service allows law enforcement agencies across the globe to upload compromised email addresses and passwords directly to the Pwned database and has already seen collaboration with the FBI. Hunt goes on to explain:

“During the course of their investigations, they come across a lot of compromised passwords, and if they were able to continuously feed those into HIBP, all the other services out there using Pwned passwords would be able to better protect their customers from account takeover attacks”

Compromised passwords present significant security vulnerabilities for UK businesses as identified in a National Cyber Security Centre study which revealed that UK businesses experienced 777 cyber incidents in 2021, up from 723 in 2020.

Protection of network login credentials and identification of breached passwords is essential to ensure companies’ data remains secure and to avoid ransomware attacks as exemplified in July’s devastating ransomware attack on Kaseya and the 500 million affected by data breaches on Facebook and LinkedIn In April.

Being Cyber Essentials Plus Certified, Lineal has identified the growing need for a managed cybersecurity solution for businesses of all sizes. Our cybersecurity package aims to safeguard your business’ data against a host of cyber threats across multiple platforms including password encryption keys.

For more information of how we can help secure your business, visit our Cybersecurity page


Log4j Exploit Sets Internet Ablaze

A massive cybersecurity vulnerability discovered in an Apache logging tool has caused chaos across the internet, as organisations rush to patch millions of web-based services around the world.

The Log4j weakness exploits a bug in Apache’s open-source Log4j v.2 logging Java library, allowing an outside user to insert their own code that Log4j will interpret as ‘real’ instructions, to devastating effect.

Log4j is highly common across huge numbers of web-based services, servers with web based front-ends, and countless devices that support some kind of web-based maintenance – such as routers, network switches and many more.

A horrifying compilation of screenshots gathered on GitHub shows how (at time of writing) hackers can already exploit the bug everywhere from the search fields of Linkedin, Amazon and Baidu, to the login pages of Apple and Cloudflare, across Webex meetings and even the chat boxes on online games such as Minecraft.

In each case hackers can use the vulnerability to have the device’s network-access ability either forward confidential information to another URL, or retrieve a payload from another website. According to reports by ARSTechnica, the trick has already been used in the wild, with researchers seeing new botnets, crypto-mining malware and more installed by hackers.

CVE-2021-44228 is graded ‘Critical’ by Apache, and SysAdmins are advised to patch services urgently.


An Important Change: MFA

Lineal’s IT Support Teams are rolling out an important security change to the way we secure your Microsoft 365 accounts – enabling Multi-Factor Authentication (MFA) for all users.

We’re taking this step in response to a marked increase in account-theft attempts that we’ve seen in recent months; where previously MFA was an optional extra for added security, we’re now strongly recommending this be enabled across the board.

We feel this is an appropriate measure – in addition to having become a standard security measure across many web-based services in recent years, the advantages of MFA are increasingly recognised as vastly outweighing the downsides.

 

Who is affected by this change?

Every person with a Microsoft 365, Exchange Online or Azure user account licensed with Lineal.

 

What are the advantages?

An extra ‘factor’ at login drastically helps improve the security of your user account – making it difficult for any attacker who manages to obtain your username & password from logging into Microsoft 365 using your identity.

If your credentials are stolen from another website, or tricked from you via phishing email, this is no longer enough information for a hacker to be able to access your account from another location. Multi-factor authentication is estimated to stop over 99% of this kind of automated (harvested credential-stuffing) attacks.

 

Why are Lineal enforcing this?

We’ve encountered a noticeable increase in account-takeover attempts in recent months, with individuals’ work emails then being used for the onward spread of supply-chain attacks and phishing emails to others.

Multi-factor authentication is already standard practice across online-banking in the UK, and we believe it should be standardised for all identity-based online services.

 

How does it work?

In addition to your username and password, each user registers a third factor – typically either a mobile phone number (for SMS), smartphone authenticator app, USB security key or password manager – any of which generates a temporary code for login. This extra ‘factor’ verifies your identity – making it hard for a third party to log into your accounts, since they won’t have access to the temporary passcode.

There’s a short video introduction to MFA here, and you can learn more via our Client Portal guide here.

 

Which MFA method should I be using?

For preference, we recommend free Authenticator-app based MFA via Microsoft Authenticator, Google Authenticator or similar apps for iOS/Android. These are generally considered to be a more secure method than single-use SMS (text-message) codes, which have their weaknesses, with Microsoft and others announcing this method will be phased out.

However, even SMS-based MFA will be more secure than a standalone password, so we’ll still implement this where necessary.

 

Does my organisation need to budget for this?

No – although paid options are available if you need your MFA backed by Conditional Access or other security settings.

 

What’s the timetable for this change?

We’re aiming to have this change fully deployed by 2022.

 

What do I need to do?

Nothing for now – a member of your Lineal IT Support team will be in touch to discuss implementing the change.

 

What if I experience issues getting started with MFA?

Please contact our IT Support Teams via [email protected], 01271375999 or via our Client Portal, and one of our team will be happy to assist.


Apple’s Self Service Repair Program announced

Apple has unveiled ‘Self Service Repair’ (SSP) giving hope to individual consumers to complete their own repairs with genuine Apple parts and tools.

With the introduction of ‘Self Service Repair’, individual customers will now join 2,800 Independent Repair Providers (IRPs) and 5,000 Apple Authorized Service Providers (AASPs) in receiving authorisation to fix their Apple devices using genuine parts, tools and documentation guides.

The move comes after growing pressure on tech providers to support a public ‘Right to Repair’ in the interests of environmental and consumer protection.

Over 200 Apple OEM parts and tools along with manual documentation will be made available for the iPhone battery, display and camera functions initially with additional repair opportunities being added during 2022. SSP will see first light in the United States with global expansion planned throughout 2022 facilitated via an online store for technical consumers with the knowledge and experience to fixing their own damaged devices.

Prices for these genuine parts are yet to be officially released, but the online store will be managed by an unnamed third party provider with repair manuals being made available through the Apple Support website.

This announcement now positions Apple as the central hub for consumers who desire to access genuine parts and how to manuals for out of warranty, damaged devices. However, the scheme is only aimed at new and future models of Apple products and will not help customers who own older generations of iPhones or Mac devices. SSP is initially being rolled out across the iPhone 12 and 13 line-ups with future plans to include Mac computers with M1 Chips.

Responsibility for fixing their own Apple devices has been shifted onto the consumer from IRPs permitting wide public access to the tightly guarded Apple ecosystem. Examples of the devolution of repairs to the masses include new software availability for ‘True Tone’ allowing for replacement display parts to be used on iPhone devices and customers who return their broken Apple ‘core’ device parts will receive credit towards their original purchase order.

The self-service repair program is just one pillar of a multi-pronged approach by Apple for increasing the longevity of their endpoints’ lifecycles including the introduction of a ceramic chassis shield and the replacement of plastic with steel on the iPhone 12 and 13 alongside crack resistant crystal for the Apple Watch 7’s display.

However, Apple and associated commentators warn of the dangers of consumer self service repair where DIY by Apple device owners can lead to further damage of the device through misrepair where tampering of the lithium-ion battery can cause serious bodily harm.

For the majority of Apple device owners, visiting a professional repair provider such as Lineal with our experienced technicians who use genuine Apple parts is the most reliable and safest way to ensure a successful repair:

 

For apple device expertise and IT support, please contact our team today.


Jurassic Fibre and Lineal Sign New Partnership

Lineal are delighted to announce our new partnership with Jurassic Fibre, bringing faster broadband to South West businesses.

Exeter-based Jurassic Fibre are a regional connectivity provider rolling out new ultrafast full-fibre infrastructure to thousands of addresses across the West Country.

At time of writing, Jurassic Fibre’s £250m investment in a new fibre network already includes numerous towns and rural communities such as Barnstaple, Bridgwater, Bude, Exmouth, Honiton, Okehampton, Sidmouth, Sowton, Taunton, Wellington and Yeovil.

Lineal Software Solutions Ltd. are a Barnstaple-based IT support and software development company assisting businesses and organisations across the UK and beyond.

Lineal’s Managing Director Mike Matthews said: “Thanks to Jurassic Fibre many businesses will finally have the option of true ultrafast, ‘pure’ fibre broadband at low cost, provided over cutting-edge infrastructure that simply hasn’t been available from any other provider.”

“We’ve been impressed by what Jurassic Fibre have built. Every day Lineal’s Technical Support teams encounter businesses depending on ever more cloud-based technology, and requiring faster connection speeds – together we’ll help deliver the connectivity options many so desperately need to run their businesses effectively.”

Jurassic Fibre said: “We are proud to be serving both business and residential customers across North Devon with our ultrafast full-fibre broadband services. Our partnership with Lineal enables businesses to take full advantage of their new bandwidths by providing the platform to utilise new technologies to serve their customers better.”

Jurassic Fibre is available in a range of speeds from 100Mbps down (20Mbps up) up to gigabit grade, and via private-fibre ‘leased line’ gigabit ethernet, for businesses needing exceptional quality connectivity.

 

For find out how faster connectivity options could help your business, please contact Lineal today.


REvil Ransomware Gang Arrested

Law enforcement agencies have announced the arrest of seven individuals linked to REvil ransomware which caused a series of high profile ransomware incidents earlier this year.

Europol and the US Department of Justice recently announced the success of ‘Operation GoldDust’ which included a joint-effort from 17 countries – with arrests spanning Romania, Poland, South Korea and Kuwait.

The group are accused of 7,000 individual ransomware attacks, and links to attacks which breached organisations using Kaseya remote-manageement software back in July – a supply chain attack described by security specialists SentinelOne as a ‘well orchestrated’ and ‘mass-scale’ ransomware campaign.

REvil was also used in the devastating attack on the Colonial Pipeline which caused fuel shortages across the US East Coast, and at the world’s largest meat supplier JBS Foods earlier in 2021. Authorities are believe to have recovered around $6.1m in ransom payments so far.

Europol thanked all the countries involved for a concerted effort, Eurojust and Interpol, and also praised the contribution of a number of private cybersecurity firms who assisted Operation GoldDust with technical support.

A previous investigation by Romanian police suggested the REvil group were an offshoot of those responsible for GandCrab ransomware released in 2018, and resulted in the release of three universal decryption tools by UK and US authorities which are believed to have prevented a further €60m of ransom payments from being extorted.

After originally claiming to be disbanding in September, it was revealed REvil’s infrastructure was itself hacked by a joint team from the FBI, US Cyber Command and the Secret Service – and forced offline. Key members of the group’s leadership, believed to be Russian, were thought to be on the run.

The issue of Russian reluctance to tackle cyber-crime syndicates also spilled over into warnings of US retaliation during in-person talks between US President Joe Biden and Russian President Vladimir Putin in June.

 


Apple U-Turns on MacBook Pro

Apple has released a staggeringly powerful new MacBook Pro model for 2021, bundling some important changes of direction.

Firstly, screen size: Apple will offer both 14-inch and 16-inch versions of the latest Pro, having presumably seen the light from both PC rivals (looking at you Dell), and it’s own Apple devotee fanbase, respectively – who for years have hoped for the larger 17” format to be re-released.

In a big U-turn, Apple has also re-introduced HDMI, SDXC and other ports, after famously removing all but USB-C from the Macbook’s chassis in 2016. That future didn’t quite work out – as Apple now acknowledges: the user-base of the Pro in particular have generally been power-users that need more options, not just more dongles.

Unlike its smaller cousins, the MacBook Pro 2021 isn’t burdened by quite the same portability obsession – favouring high performance for processor-intensive computing, photo, audio and video-editing – of the kind that makes Macs popular among creatives and software developers. The latest edition of the ‘power user’s’ MacBook incorporates the all-new M1 Pro and M1 Max chips, which boast some eye-watering performance statistics.

MagSafe also makes a welcome return, ensuring that a snagged power cable won’t pull your laptop off the table into oblivion. 2016’s Touch Bar, never quite beloved of the user-base, has been scrapped to enlarge the keyboard – returning the overall design in the direction that originally made the Pro so successful.

Prices begin at £1,899 inc VAT for the 14-inch model, and £2,399 inc VAT for the 16-inch. For those with no maximum budget, optional extras are available up to a blistering 64GB of memory and an 8TB (!) SSD, for those who need a laptop with all the stored-up potential of a nuclear reactor.


Kickstart Success at Lineal

Lineal’s Tom Williamson Cary has become one of North Devon’s first successful ‘Kickstart scheme graduates’.

During his six month Kickstart placement at Lineal, Tom has worked on numerous new business opportunities, helped promote Lineal, and even mentored younger students as part of Lineal’s work with the PETROC ‘Techknowledgy Transfer’ Project – funded by the Department for Business, Energy and Industrial Strategy working with Innovate UK under the Business Basics programme.

Having completed the Kickstart programme, Tom will now join Lineal’s Marketing Team as a full-time staff member, to work on business development, and is believed to be among only a handful of such ‘Kickstart graduates’ in North Devon.

Lineal’s Managing Director Mike Matthews explained: “Tom is one of the first wave of Kickstart placements – one of around sixteen thousand young people across the UK – who’ve already benefitted from this scheme. He shows real promise and enthusiasm, and we’re delighted he’ll now be joining our team longer-term.”

lineal's tom

Tom said: “I’ve learnt a lot over six months, and it’s been great to be welcomed to the team and get started on some exciting projects.”

The Kickstart scheme is a £2 billion Government programme dedicated to short-term work placements for those aged 16-24 who are eligible to claim Universal Credit – and aims to help bridge the gap between education and work, when many young people are at risk of longer-term unemployment.

Businesses can learn more about the Kickstart Scheme here.

Welcome Tom!


Microsoft Announces Licensing Changes

***Edited 1st February 2022 – To reflect updated information issued by Microsoft.***

Microsoft has officially announced 2022 pricing updates for UK customers of Microsoft 365, Office 365 and many related cloud services.

The hugely popular cloud-based collaboration software is used by millions of organisations around the globe, and assists around 300 million end-users to work more productively.

New pricing – the first mainstream increase for a decade – is set to go-live from March 2022, and will see increases of between 0% and 25%, depending on license type.

To help businesses know what to expect, we’ve assembled a short guide to the upcoming changes.

 

Which License Types are affected?

Although exact UK figures have not been published in full yet, indicative US pricing changes are expected to be as follows:

Old Expected %
Microsoft 365 Business Basic $5 $6 20%
Microsoft 365 Business Standard $12.50 $12.50
Microsoft 365 Business Premium $20 $22 10%
Office 365 E1 $8 $10 25%
Office 365 E3 $20 $23 15%
Office 365 E5 $35 $38 9%
Microsoft 365 E3 $32 $36 12.5%
Microsoft 365 E5 $57 $57
Microsoft 365 ‘F’ Plans No Change Expected
Microsoft 365 ‘A’ Plans No Change Expected
Microsoft 365 Personal Plans No Change Expected

 

Will anything stop working?

Unfortunately, yes – Microsoft 365 and Dynamics 365-based data and services will cease to be available to businesses using old subscriptions after 1st July. All users will need a new NCE license assigned to them by their Microsoft licensing provider before this date. Microsoft Partners will continue to provide, deploy, manage and administer licensing, exactly as before.

However the service itself will remain the same – all old license options will be available under new NCE license types and new pricing.

 

Why is Microsoft making this change?

This is the first such price rise for a decade, and reflects the huge leap forwards in the quality of technology, range of apps and business value of cloud-based services that have been added to Office 365 since the package originally launched in 2011.

 

Can I ‘lock in’ the old price in any way? / Any offers… on offer?

Organisations who replace their old licensing with new SKUs prior to the 1st February are able to ‘lock in’ some of the legacy-pricing, and avoid the upcoming price rise until February 2023.

Purchasing new licensing also reserves this price for additional users that the customers might add during the term – meaning that customers expecting to increase their staff/license count later this year may be incentivised to move themselves to new licensing now, before pricing changes take effect.

However, 2022’s new annual licensing prices also includes annual minimum terms that restart each year at renewal, so licenses do not ‘leave contract’ entirely after the first year as before. Please contact Lineal for more information.

 

So many license types – help!

Don’t panic – we’ve published a handy guide to what each license type contains, and this page will be regularly updated with the latest information. Alternatively, please contact our team and we’ll be happy to clarify your current or future licensing.

 

Where can I get more information?

Please contact our team via: [email protected] or 01271375999.


Lineal’s Lewis Graduates Degree Apprenticeship

Lineal’s Lewis Marrow has graduated from the University of Plymouth to become North Devon’s first cybersecurity ‘Degree Apprentice’.

Starting at Lineal in 2017 to pursue an apprenticeship in cybersecurity via PETROC, Lewis’s skills have gone from strength-to-strength to see him achieve a 2:1 BSc (Hons) from the University of Plymouth (Digital Technology Solutions: Cyber Security Analyst.)

‘Degree’ or ‘Higher’ Apprenticeships are an advanced category of apprenticeship organised by the National Apprenticeship Service that combine undergraduate-level academic work with specialist training in the workplace.

Apprentices are expected to ‘earn-and-learn’ in tandem, gaining both knowledge and industry skills that are greatly-valued by employers. Many, like Lewis, are quickly snapped up by their business sponsors full-time once their apprenticeship is completed.

Lewis said: “A Degree Apprenticeship has been a fantastic experience allowing me to gain the knowledge and training I require to become an IT professional, the team at Lineal have been very supportive along the journey and I would recommend to anyone.”

While working at Lineal, Lewis won a Petroc Outstanding Achievement Award, has appeared in a Department for Culture, Media and Sport ‘Real Ideas’ film project promoting STEM education in schools, and his cybersecurity work has improved the resilience of numerous organisations – including helping Lineal itself achieve Cyber Essentials Plus Certification.

Lewis also recently completed the Great North Run in a blisteringly quick time of just under 1 hour and 27 minutes!

Congratulations Lewis!


How to prepare for Windows 11

Windows 11 is due to be released officially on 5th October 2021 – the first major version upgrade since Windows 10 was released in 2015.

As with Windows 10, PC users will be able to begin downloading the new version from this date, and new PCs will begin shipping with Windows 11 pre-installed.

If the thought of your PC changing fills you with dread – never fear! Here’s how you prepare:

 

See a preview

The first thing most users will notice is the visual improvement – Windows 11 features a ‘new design’ which forms the backbone of the update in an effort to make PC screens feel more user-friendly, calming and interact better with natural light.

 

Check Minimum Specifications

The following list summarises the published minimum specifications required to install and operate the new upcoming version:

Processor: 1 gigahertz (GHz) or faster with 2 or more cores on a compatible 64-bit processor or System on a Chip (SoC)
RAM: 4 gigabyte (GB)
Storage: 64 GB or larger storage device
System firmware: UEFI, Secure Boot capable
TPM: Trusted Platform Module (TPM) version 2.0
Graphics card: Compatible with DirectX 12 or later with WDDM 2.0 driver
Display: High definition (720p) display that is greater than 9” diagonally, 8 bits per colour channel
Internet connection and Microsoft accounts: Windows 11 Home edition requires internet connectivity and a Microsoft account to complete device setup on first use.

Switching a device out of Windows 11 Home in S mode also requires internet connectivity. For all Windows 11 editions, internet access is required to perform updates and to download and take advantage of some features. A Microsoft account is required for some features.

Microsoft’s full specifications for Windows 11 can be found here.

 

Things to Expect

The following Windows 10 features are all due to disappear on the new version, in some cases being disabled, replaced by newer apps or available only via manual re-download from the Windows store on new installs:

– Internet Explorer
– Windows S Mode (Home Edition Only)
– Skype (Personal), 3D Viewer, Paint 3D and ‘OneNote for Windows 10’
– Start Menu Groups
– Taskbar Moving
– Tablet Mode
– Timeline

Cortana will also be relegated to the Start Menu – no longer used during setup and not automatically pinned to the taskbar.

 

Make a Backup / Create a Recovery Drive

Major (or even minor) Windows version upgrades are not without pitfalls as we’ve seen in recent years, so it’s worth checking that you have a full backup of your device prior to leaping into the unknown.

Synchronised copies of files in Microsoft OneDrive, Google Drive or Dropbox are always a plus, although for rapid restoration it’s also helpful to make a manual, local backup to a portable hard-drive that will be more quickly restorable if your subsequent upgrade doesn’t go to plan.

For the extra precaution of a route ‘back’ to Windows 10 if you discover a major compatibility issue, it’s important to make a recovery drive using a USB device.

 

Test the Beta

For power users, a beta version (Preview Build 22000.160) is available to test for those who register with the Microsoft Insider program.

 

For IT Support & Technical Expertise, please contact our team today.


Lineal Wins Big in International SysAdmin Challenge

Three Lineal IT engineers have scored among the ‘Top 50’ in the international CyberDrain ‘Capture-the-Flag’ SysAdmin Competition.

Hugo achieved a stunning 4th-place finish internationally – just narrowly missing out on a bronze medal for Team GB, but winning a PlayStation 5 in the process from competition cybersecurity-sponsor Huntress.

Martyn and Joe also scored very highly from among 1,000 competitors worldwide – finishing a record 17th and 32nd respectively.

Each passed significant milestones in their challenges – at 2000 points and 3000 points respectively – with Hugo becoming one of only four competitors worldwide to break the stratospheric 4000-point barrier.

Designed to test System Administration and IT engineering skills, the CyberDrain CTF challenge puts competitors through a series of forty investigative challenges across server and client-side, Microsoft Azure, Linux and Microsoft 365 environments. The competition ran throughout July, with bigger point bonuses awarded for more complex technical challenges.

Congratulations to all our competitors!

 

For IT Support and technical expertise – please contact us today.


Announcing: Client Portal

An Announcement

This July, Lineal we be launching our new online Client Portal for all our IT support and managed services clients.

We’ve been preparing this for some time, and we’re excited to see it go live!

Our new Client Portal will be available from week beginning Monday 19th July, and will provide a smart new way of raising IT support tickets with our IT Support Team.

 

How will it work?

The Client Portal button is accessible in the top right hand corner of our website (on both desktop and mobile devices) and can be used to raise a new IT support ticket directly with our IT Support Team by clicking ‘New Support Ticket’.

You’ll receive email updates whenever the status of your ticket changes.

Since the Client Portal also allows you to log in and check recent progress on your support tickets, you will be asked by email to create a username and personal password when accessing the portal for the first time.

 

What does this mean?

We’re introducing this extra tool to help resolve your IT queries (particularly routine queries) faster and even more efficiently.

For various reasons, many of our customers have told us they would benefit from the added convenience and transparency of this instant access, self-service tool. Behind the scenes, our IT support package remains the same great service you can rely on.

 

Can I still use email or phone?

Absolutely! Our full helpdesk IT support service will remain open as normal via [email protected] or 01271 375999. In addition, you’ll also be able to monitor these tickets via the portal.

We hope the new Client Portal will save you both time and effort – providing an easy and convenient new way to raise support tickets swiftly and track progress.

 

If you have any questions or queries, please contact us via [email protected] or 01271 375999 (or the client portal!)


Lineal Takes On Capture the Flag SysAdmin Challenge

An intrepid group of Lineal IT engineers are each competing in a capture the flag (CTF) event designed to sharpen the skills of Systems Administrators.

Points are awarded by completing a number of investigative technical challenges across Hyper-V, Microsoft Azure and 365 – capturing a ‘flag’, or important string of text, which credits the player’s score.

Designed to test System Administration and IT engineering skills, one thousand contestants are taking part in the ongoing July event, organised by CyberDrain, and supported by judges from Managed IT Service Provider association CyberGeek.

There are forty flag-capture challenges being attempted by (overwhelmingly) IT engineers around the world – spanning server and client, Azure, Linux and Microsoft 365 management.

Challenges must be completed independently, and the scoreboard is updated as individuals compete for first place. Contestants are encouraged to tackle more difficult challenges to win prizes, and find creative alternative solutions to capturing flags – although hacking is strictly prohibited!

The capture the flag competition is sponsored by a number of leading IT, communications and cybersecurity providers, including Microsoft, Datto and Huntress.

Good luck to all those taking part!

 

For IT Support and technical expertise – please contact us today.


Kaseya Clients Struck by Ransomware

More than a thousand organisations using Kaseya Remote Monitoring and Management (RMM) software are estimated to have been hit by ransomware over the weekend.

The supply chain attack, which was described as “colossal and devastating” by security research company Huntress, is believed to have been carried out by the same Russia-linked ‘REvil’ ransomware gang strongly-suspected of the recent ransomware attack on meat-packing corporation JBS.

Miami-based Kaseya’s ‘VSA’ product – which is used by Managed Service Providers to provide remote IT services to the systems of organisations worldwide, including endpoint and patch management – is believed to have been breached with an update that rolled-out ransomware to many of Kaseya’s own customers.

REvil themselves claim the total number of encrypted user endpoints around the world may be as high as one million, and have demanded an unprecedented ransom of $70m in Bitcoin (around £51m at current price.)

On Friday, Kaseya advised all customers to immediately shut down any on-premises Kaseya VSA servers, to prevent hackers shutting off administrative access for future fixes – and ignore any communication from hacking groups while an FBI investigation was ongoing. 

Access to Kaseya’s cloud-based SaaS services were initially shut down as a precaution, but has since been restored, and an endpoint detection tool has been published online here.

It is now believed that the exploit for Kaseya VSA had recently been highlighted by the Dutch Institute for Vulnerability disclosure, but early patches to rectify the problem had not yet been issued. In the 48 hours following the breach, more than 2,000 VSA severs were taken offline – suggesting that many organisations did heed warnings issued by the US Cybersecurity and Infrastructure Security Agency (CISA), the UK National Cyber Security Centre (NCSC) and others – although Swedish supermarkets, New Zealand schools and many others have had systems crashed by encrypted data.

Kaseya is published regular updates to its advisory page, here.

 

For Cyberscurity expertise and support, please contact our team today.


Updated: Phishing Email Examples

It’s 2021 but somehow the phishing email scams just keep coming.

You could almost miss the days when ‘Bill Gates’ would get in touch by email to offer you a shipment of diamonds. Modern email scams are much more sophisticated, the designs more convincing, and the payloads more dangerous – than ever.

Our advice remains the same:

  • Be wary of any unsolicited email or unknown contact.
  • Always look to see if an email is being sent from the correct domain.
  • Don’t open any unexpected or mystery attachment, or click links to unrecognised destinations.
  • If unsure, verify information with someone by asking via a communication method other than email (eg: by looking up a phone number separately from the email, and calling direct.)

Here’s our pick for some of the sneakiest our team have seen ‘in the wild’:

 

The Dodgy File Share (Deluxe Edition)

As useful as a crowbar in the arsenal of the burglar, cybercriminals have been using these ever since file sharing and collaboration apps took over the world – this one appeared even more persuasive for it’s nearly spot-on branding imitating a Microsoft 365 file share link.

But the Deluxe edition takes this scam to a whole new level – with just a mistaken click giving cybercriminals an automated account access, and even replying affirmatively to emails between users asking if these are genuine. Nasty.

fake file share email

 

The TV License

TV licensing is something many people buy once a year, often never receiving physical proof, and don’t think about much – making this a clever way to steal card details without arousing too much suspicion.

These often go the extra mile – making up fake customer numbers and renewal dates – to seem real, which can also identify the email as a scam if cross-referenced in your own records.

 

The Pandemic Phish

Cybercriminals don’t let little things like ethics get in the way of a good scam – with widespread public fear, and the NHS Covid vaccine roll-out in full swing, everything is an opportunity to hack accounts, steal information, or extort money.

Please be aware the real NHS will contact you via a combination of text message and/or post, and certainly won’t threaten you with the loss of your vaccine appointment if you don’t click a suspicious link.

fake nhs email

 

Divine Intervention

OK, perhaps not a threat to everyone – but it’s easy to imagine this inheritance scam prompting a click from someone more spiritually-minded. Technology aside, a compelling story is sometimes the most persuasive scam of all.

fake inheritance email

For Cybersecurity expertise and support, please contact our team today.


Fastly internet outages affecting Europe and North America

A number of retail, news and social media websites experienced internet downtime caused by an outage at the global website cloud hosting service, Fastly.

For an hour from 11am BST today, users of Fastly’s hosting service including gov.uk, PayPal, Amazon and a whole host of other major company websites were greeted with and “Error 503 Service Unavailable” detailing problems with the cache server.

By 12.09pm BST, Fastly released a statement saying that their global network was coming back online and that it had been “investigating potential impact to performance with our CDN [content delivery network] services”. However, users were still met with slow loading times and sporadic access to multiple companies’ websites.

Error 503 message that greeted those trying to access the affected websites

When functioning correctly, CDNs such as Fastly aim to improve website security from denial-of-service attacks and reduce loading time for images, videos and HTML pages whilst managing sudden web traffic clusters for their customers’ websites.

ESET commented on the outage and its implication going forward with “whether it be malicious or otherwise, this highlights the importance and significance of these vast hosting companies and what they represent” – adding weight to the growing responsibility that these CDN providers have over global Internet control and access.

The outage raises security concerns over the over-centralisation of the internet in the hands of a few major hosting providers and asks questions about its reliability in the future should a larger scale problem like this occur again – demonstrating that we have not learned our lesson from the past hosting service outages as exemplified by the Cloudfare crash of 2019.

Full list of all websites affected below:

AFR, Age, Amazon, Boots, BuzzFeed, CNN, Deliveroo, Etsy, Evening Standard, Financial Times, Giphy, Horse and Hound, IGN, Imgur, Independent, Kickstarter, Le Monde, New York Times, PayPal, Pinterest, Reddit, Royal Mail, SMH, Spotify, Taboola, The Guardian, The Verge, Twitch, Twitter, UK Government website (including HM Revenue and Customs), Vimeo and Weightwatchers

 


Helping Us Keep You Safe

As things re-open from Covid-19 lockdown measures, Lineal are taking some important steps to help keep everyone safe while we care for your technology.

 

Regular Staff Testing

This Spring we introduced regular Covid testing, with Lineal staff receiving Innova SARS-CoV-2 antigen rapid lateral flow self-testing kits.

All results are received within 30 minutes and are submitted twice weekly via the GOV.UK Covid-19 test reporting service.

 

Maintained Social Distancing

Although staff have returned to the office, we’ve maintained flexible remote and home-based working for many, with around three-quarters of staff working at least two-days per week remotely. Staff hot-desking is discouraged – a measure we’ll review over time.

Lineal’s front-of-house has been enrolled in the NHS venue QR code system since September 2020, for app-based track-and-trace.

We’re asking both staff and clients to maintain onsite social distancing & mask use during site visits, as a precaution.

 

Vaccination

We’re encouraging all our staff to book vaccination appointments as soon as their age group is eligible under the national NHS covid-19 vaccine roll-out.

At time of writing, this programme has now been extended to those in the 30-40 age bracket.

 

We’ll be reviewing recommended best practice regularly as NHS guidelines are reviewed. For more information, please contact Lineal today.


PhoneLine+ Launched for Micro Businesses

Gamma Communications have launched a new ‘PhoneLine+’ service to help micro-businesses prepare for the WLR switch-off due by 2025.

The new easy-subscription service allows micro-businesses, sole traders and other organisations with few lines to move to a low-cost and digital ‘virtual-landline’ style service that can even incorporate their existing analogue phone hardware.

However users can also leverage extra cloud-based features – including desktop PC/Mac softphone and mobile app access to their existing landline(s), call-redirection, number presentation, voicemail-to-email, automated open/close scheduling and other ‘business style’ features.

All existing analogue PSTN phone lines are due to be switched off by 2025, meaning businesses need to plan to either migrate their analogue phone services/numbering either to SIP-based technology or a cloud-hosted VOIP system that routes calls via the internet.

phoneline+

For the UK’s 6.5 million micro-businesses, many of whom rely on mobile re-directs or use a joint telephone number for broadband/voice calls, this presents a challenge, as Openreach is already upgrading the fibre network to FTTP – putting many small companies’ advertised numbering at impending risk.

Moving your phone service to PhoneLine+ is available via a simple email-signup process, with the option of porting across your existing number, and choosing between either a new VOIP handset or adopting your existing landline with an ATA adaptor.

Gamma Communications is both the UK’s largest SIP provider, and one of the most established VOIP telecoms providers: with around half a million phone users using its popular Gamma Horizon platform for business telecoms. PhoneLine+ is expected to prove equally popular, as the telecoms market extends to include smaller organisations, needing a more simple, flexible and cost-effective option.

 

For communications expertise and support, please contact us our team today.


macOS Gatekeeper Vulnerability Discovered

Apple has released important security updates under macOS 11.3, in response to a serious gatekeeper vulnerability discovered by security researcher Cedric Owens.

The weakness, found in Apple’s ‘Gatekeeper’ tool which normally blocks unrecognised apps from being installed by default, allows a dangerous file to be rigged so as to not trigger the operating system’s inbuilt safeguards.

Writing in a Medium Post entitled ‘Gatekeeper Bypass: 2021 Edition’, Owens demonstrates a terrifying method by which an attacker can ‘very easily craft a macOS payload that is not checked by Gatekeeper.’

Once launched, no warning prompts prevent the user from installing just about any dangerous application, which can also communicate with external servers without even triggering App Transport Security (ATS).

The simplicity of the hack, which leverages the fact that scripts placed in Contents / macOS / directory are not checked, has been described by Objective-See as ‘massively bad’ and ‘a doozy’ of a blog post.

GateKeeper itself was originally introduced in 2012 as part of an effort to stop the spread of malware in Mac OS X ‘Lion’ v10.7.5, and was followed by enforced application notarisation in 2020 under macOS 10.15 ‘Catalina’, as Apple required software developers to have apps officially cleared for authorised use.

In response to the discovery, Apple have released macOS Big Sur 11.3 update with ‘improved state management’ that prevents the ‘bypass’ of Gatekeeper checks, and are urging macOS users to install the upgrade.

 

For Cybersecurity expertise and support, please contact our team today.


Facebook & Linkedin breaches hit 500 million users

Facebook and LinkedIn have both suffered massive data breaches, exposing the details of more than 533 million and 500 million user accounts respectively, it has been revealed.

Extensive leaked data from Facebook was reportedly found online by security researcher Alon Gal – including the personal information of 11 million UK users such as phone numbers, locations, birth dates and many email addresses.

It’s believed that the ‘hack’ may relate to a bug in Facebook’s friend-adding ‘Contact Importer’ tool which was fixed in September 2019. Previous breaches in 2017 fell before the introduction of GDPR, which Facebook argues absolved it of responsibility to notify users.

Questions still hover over the LinkedIn breach in particular, with the company claiming much of their data appears to have been aggregated from other sources, or (like Facebook) were perhaps not technically ‘hacked’ at all – but scraped in bulk from publicly visible parts of the popular professional website.

The huge cache of Linkedin data was thought to be on sale, after security researches found a 2 million user ‘sample’ advertised online.

A Facebook spokesperson told Reuters the social media platform will not inform users if their accounts were part of the breach, and Linkedin are yet to issue a statement on this point – although given that LinkedIn has around 740 million accounts in total, a clear majority of its users are likely affected.

Users of both platforms can check if their email addresses (and now phone numbers) were likely breached via either platform over at: https://haveibeenpwned.com/ – and are advised to update passwords as a precaution.

 

For IT Support and cybersecurity expertise, please contact our team today.


Android users suffer random app crashes

Android users around the world have reported problems with apps crashing randomly, following a widespread fault with WebView.

In particular, the problem seems common to email clients including Google Gmail, Microsoft Outlook, Yahoo! Mail and more – with one early warning sign being the repeated display of messages warning that apps ‘keep closing’.

It’s as yet unclear how the bug found its way into the live build of so many users’ hardware. In a statement, Google acknowledged they are aware of the fault, and advised users looking to self-fix the problem to uninstall Android System WebView.

A further fix was issued to Android as of 11pm Pacific Time on Monday which updates WebView directly. Webview is a piece of software which helps load content from the web and receives regular updated alongside Google Chrome.

So far only Google and Samsung support have acknowledged the issue directly, although it’s likely to affect all recent Android phones not yet updated to Chrome version 89.0.4389.105.

 

For IT Support and expertise, contact our team today


Urgent Patches issued for Microsoft Exchange Server

Microsoft have urged the system admins of on-premise Exchange email servers to upgrade in response to new breaches from state-sponsored hackers.

The Chinese group, known as ‘HAFNIUM’, are believed to have exploited previously undiscovered zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016 and 2019 via compromised US-based servers. Microsoft Exchange Online or related services (such as Microsoft 365) are not affected.

All four breaches were announced on Wednesday under the Microsoft Security Response Centre (MSRC) and graded ‘Critical’ – requiring urgent patching.

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 create a ‘perfect storm’ under which the attacker makes an untrusted connection to the targeted Exchange Server on port 443, and connects appearing to be someone with authorised access to add a web shell that grants a backdoor for future access.

HAFNIUM has previously been accused of industrial espionage and attempts to breach the technology of important private, public and national security organisations, including defence contractors.

As of 4th March, the Department of Homeland Security has also issued an emergency directive to all US federal agencies to urgently patch any on-premises Exchange servers by midday on 5th March.

 

For Cybersecurity advice and expertise, please contact our team today.


Cyber Aware Launch new Action Plan tool for Small Businesses

The UK National Cyber Security Centre have launched a new online Cyber Aware ‘Cyber Security Self-Assessment Tool’ to help small businesses.

Free to use, and aimed at organisations with fewer than ten staff, the short online questionnaire generates a handy to-do list of actionable cybersecurity recommendations and points to check, with guidance for each – depending on the answers submitted.

Questions are branching depending on the circumstances of each small business, but covers topics including backups, passwords, technology lifecycle management and more. Small business owners are also directed to useful plain-English resources to address each point highlighted.

Cyber Aware is a campaign launched by the UK National Cyber Security Centre (the public-facing arm of GCHQ) designed to provide simple guidance for individuals and small businesses to use technology more safely.

You can learn more about Cyber Aware, the NCSC, and get your own Action Plan here.

 

For IT Support and cybersecurity expertise: please contact our team today.


Final Month for Edge Legacy Browser

Support for Microsoft Edge Legacy will officially end on 9th March 2021, and the web browser will not receive any further security updates, Microsoft have announced.

The next Windows 10 monthly update, due 13th April, will automatically include the new (Chromium-based) Microsoft Edge and replace the legacy version automatically.

Edge was originally released in 2015 as a direct replacement and refresh for Internet Explorer, which was rapidly losing market share among the world’s most popular web browsers. Edge Legacy, which used EdgeHTML, was a programming fork of Microsoft’s ‘Trident’ engine that had been used in Internet Explorer 11.

The new Edge, released in 2020 and based on the same Chromium ‘Blink’ browser engine as Google Chrome, has proved more popular – and as of January 2021 looks set to overtake Firefox as the world’s third biggest web browser.

Enterprise organisations still provisioning the legacy version as standard are advised to plan their deployment of the new Microsoft Edge with the following set of steps.

 

Lineal are Microsoft Gold Partner – for IT expertise and support, please contact us today.


Xiaomi debuts wireless air charging

Chinese tech giant Xiaomi have debuted a new, longer-range, wireless ‘air charging’ technology.

Mi Air Charge allows a special charging beacon in the home to detect a device, such as a smartphone, and directionally provide up to 5W of wireless charging at a distance.

The company claims this is the first ‘truly’ wireless charging technology that doesn’t require a device to be physically placed at a base station for induction charging.

144 antennas comprising a phase control array allows the beacon to direct millimetre-wide charging waves via beamforming to a special rectifier circuit on a Xiaomi smartphone handset that recharges the device battery. The company believes similar technology will eventually be available for smartwatches, smart speakers and other home devices.

It’s not yet clear how far a user will be able to roam from the beacon, although Xiaomi claim the charging will work at ‘several meters’ distance.

Although the device is largely a marketing prototype at this stage, Xiaomi are expected develop it into a viable consumer product. The corporation has been officially listed on the Hong Kong Stock Exchange since 2018, and is focusing on ‘Internet-of-Things’ (IoT) devices and supporting technology.

 

For IT support and expertise, contact our team today.


81,000 .eu Domains Frozen

Approximately 50,000 UK customers have had .eu domains suspended, following Brexit.

The .eu domain registrar EURid has formally suspended 81,000 such domains as of 1st January 2021, following the decision that .eu ownership requires the owner to be resident in a country that holds membership of the European Union.

Many internationally trading UK companies hold foreign domain versions of their websites to assist trading overseas, support multiple languages, improve web performance in other territories and develop export markets.

Numerous IT services, including email, websites, directories and more are often also tied to domains which represent a key pillar of many companies’ authentication technology.

Many British domain holders cancelled their domains as the transition period approached – over 200,000 .eu domains held by UK customers were cancelled between 2018 and 2021, with registrars contacting customers multiple times to alert them to the changes.

Although the remaining 81,000 have not been not cancelled outright, UK customers have no way to recover these domains without being able to prove the owner holds citizenship of an EU member state, and provide a suitable registered address.

Britain’s exit from the EU also begins a countdown for these customers – who must either have an EU company representative to renew on their behalf, or face their domains put back up for sale again by 2022.

 

Need IT Support expertise? Contact Lineal today.


Internet Providers Announce 2021 Broadband Price Rises

A number of major UK internet service providers (ISPs) have announced above-inflation broadband price rises for 2021.

Virgin Media says an average customer will face a 4% rise this year – announcing that the increase is part of a plan to invest £1 billion in its network infrastructure.

BT, EE and Plusnet have also amended their terms of service, and are expected to publish above-inflation price rises over 4% shortly. Sky have already raised prices, with some customers seeing increases of up to 10%.

Ofcom figures suggest market rates for broadband have remained broadly consistent over the course of the last decade prior to 2020 – driven in part by more of the UK being brought on-stream under Openreach’s superfast fibre roll-out.

broadband price rise

Although network investment is likely to be welcomed, many customers will no doubt suspect ISPs are raising profits at a time that the UK is particularly dependent on home use of connectivity.

Where investment also supports fibre-to-the-premises (FTTP) rollouts, the increase may also represent a regressive step – charging customers in less well-connected parts of the country with slower broadband to fund upgrades in already better-connected areas.

Approximately 41% of broadband customers are not in contract, and the best deals are gained by those who look for options rather than renewing automatically. New Ofcom rules mean that price rises from an ISP allow escape from contract terms, giving customers other options.

Contact Lineal – Placing your connectivity with a trusted IT provider can be both more organised, and sometimes better value. Contact us today!


Microsoft cautions against SMS 2FA

Microsoft have announced they will direct users away from SMS 2FA (‘text-based’ two-factor authentication) for security reasons.

Instead, the company will promote multi-factor authentication methods they consider to be more secure – including biometrics and secure authentication apps such as Microsoft Authenticator – for logging into Microsoft services such as Microsoft 365 and Azure.

SMS-based two-factor authentication, where the user typically receives a passcode text message to their smartphone that acts as a secondary confirmation of who they are, has been a staple of online banking and many other secure online services needing two-factor authentication (2FA) for over a decade.

However many now believes even SMS can be intercepted, and would rather sign users onto authenticator apps or issue secure keys with encoded passcode generation.

Official Microsoft statistics state that users who enable Multi-Factor Authentication (MFA) on their accounts to verify identity block 99.9% of all automated account breaches. Using SMS-based two-factor authentication should not ‘stop’ doing so (despite the flaws of SMS, any 2FA is better than none) but users should consider swapping to other methods.

We’ve talked before about the often-predicted ‘death of passwords’ – and possible scenarios for their phasing out, but in recent years a number of big tech firms, including Apple, Google and Microsoft have all suggested their long-term plans that seek to replace passwords with biometric or other forms of login.

However this modification to Microsoft’s advice will see more of a driving force behind MFA as specifically biometric, authenticator app or secure-key based, rather than relying on mobile networks for one-time passcodes.

 

For cybersecurity expertise and support, please contact out IT team today.


Apple M1 Silicon Chips in New Macs

Apple have announced a new range of Mac devices with Apple M1 Silicon Chips. iPad and iPhone devices have used Apple’s own ‘A’ chips for some time, but M1 will be the first Apple chipset in macOS devices – which previously used Intel chips under license.

M1 is expected to show exceptional performance – with the 8-core CPU matching comparable PC laptop performance while using only 25% of the power, and able to deliver over twice the speed of comparable PC laptop CPU performance at maximum power levels.

new macos devices

Apple claim this makes the newest generation of devices – the new MacBook Air, MacBook Pro and Mac mini – faster than 90% of PCs sold in the last year.

Autumn 2020 sees the release of macOS Big Sur, the latest update to Apple’s Mac operating system, which has been optimised for the M1 chipset and its integrated graphics – as well as offering new app features such as universality for all Mac apps across all M1 devices, and offering iOS/iPadOS apps vis macOS.

 

For Apple expertise and support, please contact our team today.

 


Petroc Techknowledgey Transfer Launches

Lineal are delighted to be taking part in the new Petroc Techknowledgey Transfer project – aimed at teaching students to support businesses with special technology masterclasses.

The project will involve some of North Devon’s best known technology firm, and cover a range of different topics, including modern accounting, digital marketing, procurement, cybersecurity and other important business processes.

“Petroc’s Techknowledgey Transfer​ project is excited to be supporting local businesses alongside local business experts Applegate Marketplace, Maynard Johns Chartered Accountants, Lineal, LimeCloud and Barr Media to deliver an exciting new project.

We are inviting small and medium sized businesses to access support on business admin technologies. Our business partners will be delivering fully funded virtual masterclasses to eligible businesses. We also have student work placements available for some businesses. For more information, please contact- [email protected]

One hundred small businesses will be selected to take-part in the student-led part of the Petroc Techknowledgey Transfer, which will also be a studied project to measure the benefits of technical expertise being applied to businesses.

More information is available on Petroc’s website here.

 

For IT expertise and support, please contact our team today.


October 2020 Windows Update – What’s New?

Microsoft have previewed the Windows 10 October 2020 update with a partial re-design aimed at making the display clearer and enhancing security options.

Windows 10 updates are free of charge and are now issued to over a billion devices on a twice yearly update cycle.

Among the changes recently revealed on the Windows Experience Blog were:

  • “A refreshing Start. The Start menu has a more streamlined design. A uniform, partially transparent background to the tiles creates a beautiful stage for the redesigned app icons like Calculator, Mail and Calendar. This refined Start design looks great in both dark and light themes, but if you’re looking for a splash of color, first make sure to turn on Windows dark theme and then toggle “Show accent color on the following surfaces” for “Start, taskbar, and action center” under Settings > Personalization > Color to elegantly apply your accent color to the Start frame and tiles.”

Ease of use has also driven other improvements, such as more natural support for Windows 10 on convertible devices:

  • “2 in 1 toast elimination. 2-in-1 devices now naturally switch by default to the new tablet experience without the notification toast asking you to switch into the tablet mode when you detach the keyboard, helping to keep you in your flow.”
  • “A Taskbar tuned to your liking. Getting a new Windows PC? You will enjoy a cleaner, more personalized, out-of-box experience featuring a taskbar specifically curated for you—less clutter and more content that you’ll love. (This experience is limited to new account creation or first logon scenarios.)”

In addition the new version includes security enhancements – including an updated version of Windows Hello3 single-sign-on & multi-factor authentication technology:

  • “Simpler device management. Mobile Device Management (MDM)1 now includes a Local Users and Groups policy that gives administrators the same options as on-premises Group Policy.”
  • “More secure biometric sign on. With enhanced sign-in security2, Windows Hello3 now offers added support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates and secures a user’s biometric authentication data.”
  • “Stronger app protection. Windows Defender Application Guard (WDAG)4 now helps protect Microsoft 3655 as well as Microsoft Edge with a unique hardware isolation strategy. WDAG keeps enterprise data protected by opening sites and Office files from untrusted sources in a virtualized container.”

 

Lineal are a Microsoft Gold Partner – for IT support and solution expertise, please contact our team today.


Lineal Becomes Keeper Partner

Lineal Software Solutions has become a managed servicer provider for Keeper Password Management.

We tested a number of different Password Management providers, including 1Password and LastPass, but were particularly impressed with Keeper.

Password management is increasingly recognised as a key pillar of cybersecurity: the UK National Cyber Security Centre admits it is ‘virtually impossible’ for users to use unique passwords for all their accounts without software assistance.

Password managers help users remember all their passwords – but can be a much more powerful tool for dramatically limiting the damage in the event of a single account being compromised.

Criminals increasingly use credential-stuffing attacks where automated tools use previously-breached account details to gain access to the user’s other accounts.

A good password manager ensures you can use a strong, randomly generated and distinct password across each of your accounts to prevent any single breach putting other data at risk.

Keeper can also notify users when breached passwords are identified online, integrate with single sign on tools such as Active Directory, and enforce multi-factor authentication – all important considerations for organisations needing to maintain cybersecurity standards across large teams.

For added convenience, Keeper is available via the web, Windows/MacOS desktop clients, browser extension and Android/iOS mobile app.

 

For Cybersecurity advice and expertise, please contact our team today.

 


Network-locked phone sales banned

From December 2021 UK mobile networks will be forbidden from selling network locked mobile handsets.

Communications industry regulator Ofcom believe locked-handsets is anticompetitive, and prevents customers switching mobile providers easily.

Network providers have claimed locked handsets are a deterrent to phone theft, although Three mobile, O2, Sky mobile and Virgin mobile have already ended the practice.

Mobile providers also argue locked handsets help justify better promotional rates (blocking customers exploiting the cheapest handsets deals and then swapping networks) although consumers often claim it is an attempt to hold onto customers who would otherwise have switched provider anyway, such as after the end of their contract.

Unlocking a phone typically costs around £10, but customers must normally find a third-party provider to assist, and face a delay or technical problem during switching – which Ofcom believes is unfairly difficult.

The change to consumer law brings the UK into line with the rest of the EU, although the UK changes have been under consideration since before recent EU rulings on the mobile market.

In addition a number of other changes are planned or June 2022, including more accessibility provisions for disabled customers and greater exit-rights where contract terms change unexpectedly.

 

For Business mobile advice and expertise, please contact our team today.


Bletchley Park Rescued by £1m Facebook Donation

Bletchley Park, the historic home of Britain’s WW2 codebreakers, will receive a £1m donation from Facebook to help it survive financial difficulties.

The Buckinghamshire country house and grounds, now a museum, was the secret home of allied cryptographers who famously cracked the Enigma and Lorenz ciphers during the Second World War.

Facing an income shortfall of around £2m due to falling visitor numbers during lockdown, the Bletchley Park Trust, which is a registered charity, was facing extensive redundancies – some of which will now be avoided.

In a statement, Facebook said the heritage site was a ‘birthplace of modern computing’, and acknowledged the important strategic role the wartime location played in shortening the war.

Bletchley was home to a number of famous mathematicians, linguists and other intellectuals working in secret on behalf of the war effort, including Alan Turing – now considered the father of modern computing – Gordon Welchman, Hugh Alexander and others. At its peak, almost 10,000 personnel, around 75% of which were women, worked as part of Bletchley’s operation, who remained bound by the Official Secrets Act until at least the 1970s.

The National Computing Museum, based at Bletchley, is also home to a replica of the Colossus Mark 2, lovingly rebuilt by volunteers: the world’s first ‘programmable’ electronic, digital computer.

 

You can learn more about Bletchley Park, and support the trust here.


GSuite Rebrands as Google Workspace

Google have re-branded GSuite as Google Workspace, in an effort to consolidate the Google software brand for business users.

The re-designed platform brings Gmail, Google Drive, Google Docs apps, Google Meet and more all under one banner more officially, and follows other recently announced updates to the platform including new file deletion rules for Google Drive.

New collaboration tools for the post-lockdown world have been added – including simpler sharing of co-authored documents, previewing documents before opening them, and introducing popout video calling during co-authoring.

collaboration


“…We’re bringing Meet picture-in-picture to Gmail and Chat, so you can actually see and hear the people you’re working with, while you’re collaborating.”

Google Workspace Blog


More eagle-eyed customers will notice that Google’s GSuite license types have also been adjusted: although UK users may see a price cut in the overall monthly cost, the corresponding apps and services available to each user have also been limited to reflect this.

Existing Gsuite customers will not face contract changes for at least 12 months, although redesigned app icons and extra features will begin appearing during October 2020, and new Google Workspace customers will be expected to choose from the new licensing packages immediately.

More information for both existing and new customers is available on the officially rebranded Google Workspaces Blog here.

 

For knowledge of cloud services and excellent IT expertise, please contact our team today.


Google Drive Trash will soon auto-delete your old files

Google Drive trash will soon impose a new 30-day automatic deletion deadline on trashed files.

At present users may delete files, but these are retained indefinitely in their Google Drive trash until deleted manually – causing a loss of storage space, encouraging hoarding of files, and convincing users that they need not worry about file retention limits.

The change, which begins on October 13th, brings Google Drive more into line with Gmail and other free Google Services – as well as rivals such as Microsoft OneDrive and Dropox – which also auto-empty trashed files after set periods. New warnings inside Google Drive will notify all users.

You can learn more on the GSuite updates blog, published here. As before, G-Suite admins will have the ability to recover post-trash deletion for a further 25 days, although this is a hard limit and only available for active users.

We’ve written before about the need for businesses to think carefully about cloud-retention. Post-trash files are not held indefinitely, such that organisations need a plan for accidental and malicious deletion – such as 3rd-party automated backup of their cloud accounts.

 

For Cloud IT services and expertise, contact our team today.


AI saves the day

AI lent a helping hand to one of our technical support teams last week to help Lineal save a local business from an email hack.

At 07:40 GMT on a seemingly normal week day, Barracuda Sentinel issued an alert to Lineal to say an account had been accessed from a suspicious location.  It seemed a malicious actor, appearing to be from Nigeria, compromised one of a client’s finance department email accounts, and created a forwarding/delete rule in the inbox.

Barracuda Sentinel’s AI email protection caught the account takeover attempt, and as a result, we were able to mitigate and resolve a significant threat to one of our customers. Barracuda Sentinel detects both account takeover attempts and attacks launched from compromised accounts.

Corporate account takeover presents a significant new threat to business. Hackers gain access to email accounts and use them as tools to launch subsequent targeted attacks, internally and against external targets – who themselves fall victim.

Account takeover or attacks that originate from these accounts are almost impossible to detect as they don’t use the usual impersonation techniques—they come from a legitimate account and appear to be from a trusted source, allowing the attacker to initiate sophisticated financial scams.

Lineal automatically picked up the alert & create an incident in Barracuda Sentinel.  Sentinel remediated the issue with an immediate password reset, disconnecting all active logon sessions for the user and deletion of any rules created during the incident time.  Within 40 minutes this potentially disastrous event was avoided.

Barracuda’s worldwide threat protection network automatically gathers intelligence from inboxes around the world to deliver award-winning security, checking both inbound and outbound email to stop the spread of cyber-threats and malicious communications.  To find out more visit our Barracuda Email Security page on our website.

This risk could have easily been mitigated by using any of Lineal’s services, such as:

  1. Using Multi-Factor Authentication (MFA) on the account,
  2. Barracuda Sentinel-type tools to alert/remediate on compromise,
  3. Having Azure P1/P2 licensing to allow the use of conditional access to prevent sign-ins from risky locations, untrusted countries, etc.

If you would like to find out more about Cybersecurity and how Lineal can help protect your business please contact us.


Top Marks in Lineal Satisfaction Survey 2020

This year’s Lineal Client Survey 2020 saw hugely positive feedback, and record customer satisfaction results for our staff – thank you to all who took part.

2020 has been a turbulent year so far, but our positive improvement in the quality of our technical services continues from similar results during recent years. (Past Client Survey Results: 2019, 2018, 2017, 2016)

A record high number of you (76%) felt we “understand your questions and/or problems” “Extremely Well”. This is the most people who have ever awarded us the top grade, and represents long-term progress: over double the quality score we received back in 2015.

We asked an important supplementary question this year: how did you feel our IT Teams supported you during the Covid-19 lockdown specifically? Respondents graded us strongly, with a mean average of 4.45 stars out of 5.

covid-19 it support score

For the first time, more than 70% of respondents considered our overall customer support “Great” – also the highest grade available, and twice our score from five years ago.

We also continued to make steady progress on our speed of responsiveness: more than 50% of you now feel we respond ‘Quicker’ than expected, and for the first time more than 20% of you considered us to be “Much Quicker” than expected – again: a rating we’ve doubled in recent years.

Lineal’s Net Promoter Score – an industry wide metric for good customer service which asks whether respondents with consider referring our services to a friend or colleague, rose to +56 this year, our best score to date.

Your feedback helps us identify areas of weakness where we still have room to improve: and to focus training and other resources on ensuring our clients receive the best service possible. In this coming year, we’ll be looking at ways to track our progress more steadily over time.

  • “Staff show an understanding of the issues and are dedicated to resolving them and formulating a constructive outcome cost effectively. It is not so much about a quick response and service, it’s more the fact that the staff take ownership of the problems.’
  • “We love Lineal.  So helpful and understanding of our needs.  No other company matches up to the efficiency of them.  Big thanks to Paul and Hugo!”
  • “When we moved from Outlook 365 Home to Business we could not have had more support.”
  • “Fantastic service! They helped me find a replacement iMac when mine died, and the service they give is exemplary! Highly recommended! 10/10.”

 

For expert IT Support and technical services, please contact us today.


Adobe Lightroom Users Suffer Data Loss

Many Adobe Lightroom users on iOS have suffered a crippling data loss after a faulty routine update.

Users who updated to Adobe Lightroom Mobile 5.4.0 on iPhone or iPad had their photos and software presets deleted unexpectedly.

Adobe, which develops a large suite of creative apps for the media and design-sectors, has apologised and issued an update for the fault, but made clear that the lost data is irretrievable to those without backups.

The software company’s statement clarify it is only a subset of Lightroom users who have been affected – specifically those:

  • Using Lightroom Mobile 5.4.0 on an iOS device (iPhone/iPad)
  • Without an Adobe Cloud Subscription, or with cloud sync disabled
  • Without a separate device or cloud backup (such as iCloud) in operation, independent of Lightroom itself.

This includes many free version users who would have trialled Lightroom without a full Adobe Creative Cloud subscription.

Hundreds of unlucky users took to Adobe’s Support Forums, social media and Reddit to complain that years of photos had been lost as part of the routine update. Others flagged that restoring from local device backups deleted the restore once the app was re-opened.

As noted by The Register, Adobe’s problem is especially acute given Lightroom’s specialist popularity among professional photographers, and others who have significant time or money invested in valued images.

Users are advised to update to 5.4.1 to avoid the issue, although this will not restore lost photos. As always: please, please, please maintain an independent backup of all data you can’t afford to lose.

 

For IT Support and business continuity assistance, please contact our team today.


Lineal on Tech South West Podcast!

Lineal’s Mike Matthews and Huma Mahmood-Khan recently featured on the Tech South West Podcast (‘Tribe Tech’) – to discuss the post-lockdown recovery, women in tech, and Lineal’s new SQLWorks MRP software.

It’s nearly a year since Lineal was shortlisted for Tech Company of the Year, and won a 2019 Tech South West Award (North Devon Cluster). Members of our team were invited to discuss recent developments, including Covid-19 and other issues facing the technical sector, alongside other award-winning tech businesses from across the region.

Listen now for the story behind our response to the C-19 crisis, the importance of more women exploring a career in tech, and the latest developments for our hotly-anticipated new SQLWorks software release.

Tech South West exists to champion the area’s growing number of technology businesses, showcase innovation and suport STEM skills across the wider South West region – partnering with a number of more local Tech Business Groups to advocate for the sector.

You can learn more about their mission on their website here: https://www.techsouthwest.co.uk/

 

For IT expertise and support, please contact our team today.


DNS Vulnerability: Your IT Team to the Rescue

July 14th: as Microsoft flag a ‘Critical’ Level-10 DNS vulnerability on Domain Name System (DNS) servers worldwide, Lineal engineers rush to patch the infrastructure of dozens of organisations overnight.

The Microsoft Security Response Center recently released details of CVE-2020-135, a ‘Critical Remote Code Execution’ weakness deemed ‘wormable’ (potentially spreading between devices automatically) affecting all Windows Server versions.

A grade of 10.0 is the highest possible severity level that can be assigned under the Common Vulnerability Scoring System Calculator. For comparison the WannaCry attack, which temporarily crippled the NHS in 2017, had a CVSS rating of 8.5.

Lineal staff use remote monitoring software to administer large numbers of client servers and devices, monitor hardware health and deploy patches more rapidly – and were quickly on the case overnight to patch the vulnerability as a special emergency.

dns vulnerability conversation

Within 8 hours we’d patched a large number of DNS servers – applying both an initial fix and further scheduled updates.

DNS is a naming technology which translates the identities of computers, servers and other networked devices into the IP addresses used for connecting on private and public IT networks.

dns how stuff works diagram

For this reason, DNS servers often have massive reach, and must be carefully protected to mitigate the risk of compromising an organisation’s technology on a huge scale – even across the globe.

Israeli IT security firm Checkpoint Software Technologies, who discovered the 17-year old hidden bug and reported it to Microsoft, argue ‘this is not just another vulnerability’ and risks handing an attacker ‘complete control of your IT’ if IT admins fail to address the issue urgently.

 

For IT expertise and support, please contact our team today.


UK Government rules against Huawei 5G

UK mobile networks have been instructed not to buy Huawei 5G equipment for their infrastructure by the Government, and must remove all existing Huawei equipment by 2027.

The landmark ruling came following an overturning of last year’s half-way decision to ban Huawei from the ‘Core’ UK network only – decided as a result of the UK National Cyber Security Centre’s 2019 findings that due to US sanctions affecting Google Android products, any Huawei chip manufacture removed from (Japanese-owned and UK-based) ARM could ‘increase the risk’ to the UK.

But Government MPs, the US and Australian Governments, and even some China-critical Human Rights Groups, argued the ruling did not go far enough – resulting in today’s announcement of a complete ban.

Huawei itself argues the criticism is a politically-motivated attack by Washington to hit the Chinese economy. The tech company is the World’s biggest provider of this kind of technology, as well as one of China’s most successful exporters.

China itself has undoubtedly faced more scrutiny from the international community in recent months, following news stories about the Chinese Government’s handling of Coronavirus, Hong Kong protests, the detention of Uighur Muslims in ‘reeducation’ camps, and the close connections between Huawei and the Chinese Communist Party.

All four of the UK’s big mobile providers (BT EE, Vodafone, Three and O2) all use Huawei equipment in their core networks, albeit to different extents. The decision also affects major broadband infrastructure providers, such as BT Openreach, and related ISPs.

In practice, this means 5G providers will be forced to look at alternatives from either Finnish-provider Nokia or Swedish provider Ericsson.

 

 

For IT expertise and support, please contact our team today.


June 2020 – What’s New in Microsoft Teams?

Microsoft have previewed an exciting new set of Teams collaboration features in the June 2020 update.

Those on the more experimental Preview Build will be the first to receive the option for large Gallery View – expanding the video meeting grid to 7×7 for a maximum of 49 participants in a meeting. The maximum possible meeting attendance is also set to be increased to 300 participants.

With Schools around the world attempting to push ahead with e-learning, there’s also a new ‘Class Insights’ dashboard designed to monitor pupils’ engagement. Microsoft is promising ‘virtual breakout rooms’ – with centralised control via an organiser who can direct smaller groups to their own meetings and recall them to the main meeting when ready.

teams external window

Multi Window support will allow users to create satellite calls, chats and more in external windows for better productivity – likely to be especially welcomed by those who use more than one display.

For those speaking English, live captions in meetings will be available in Preview Build to support extra accessibility.

Assigning Priority status to certain chats will allow users to receive custom notifications on important or urgent items. On the security side, external the PSTN numbers of dial-in users will now be masked to guest-attendees, and ‘screen-lock’ is compatible between Teams phones and the desktop app.

teams urgency

Teams phone hardware is receiving a host of new UI features, and for those interacting with more personal users, Teams calling has become inter-operable with the Skype app. This will allow more public facing communication between business Office 365 tenants, and those with Outlook.com acounts, Microsoft 365 consumer/student plans and similar.

The Free Teams Trial will also have one of its key limitations, the ability to schedule meetings, removed in a bid to encourage users to get the most out of one of the platform’s strongest features.

Microsoft have increased the pace of the Teams development cycle, as millions of users around the world need greater functionality for remote working.

 

Lineal are a Microsoft Gold Partner – for Microsoft 365 expertise and support, please contact our team today.


New macOS ransomware warning

Cybersecurity experts are warning against a prevalent new strain of macOS ransomware for Apple devices dubbed ‘EvilQuest’ – packaged alongside pirated versions of popular apps.

Like most ransomware, EvilQuest encrypts all the Apple user’s files and demands a $50 ransom for decryption within 72 hours.

While many Mac users believe malware for Apple devices does not exist – this is simply untrue. The newest strain comes after similar infections spreading between Mac users in recent years, including KeRanger and Patcher.

EvilQuest is also a more sophisticated effort than most attempts by cybercriminals: the app is correctly code signed, with a very convincing installer, and even overpowers the Mac versions of common antivirus softwares such as Norton, Kaspersky, Avast, McAffee and Bullguard.

The trojanised software known to be used to deliver EvilQuest to unsuspecting victims are torrent download versions of popular Apple macOS apps, examples of which include Little Snitch, Ableton Live and Mixed in Key 8 – a popular DJ software.

Among the important steps Mac users should take to reduce the risk of macOS ransomware are:

  • Keep a regular, organised regime of backups, offline and air-gapped from the device itself.
  • Only download Apps from reputable sources.
  • Consider whether utilities like Malwarebytes and RansomWhere are needed as extra precautions.

 

For IT Support and cybersecurity expertise, please contact our team today.


Apple introduces macOS Big Sur with a beautiful new design

macOS 11.0 Big Sur, unveiled in June 2020 at WWDC, is the newest version of macOS, set to be released this Autumn.

macOS Big Sur elevates the most advanced desktop operating system in the world to a new level of power and beauty.   Delivering their biggest design upgrade since the introduction of Mac OS X. Experience and enjoy Mac to the fullest, with a refined new design and the biggest Safari update ever.  Discover new features for Maps and Messages and get even more transparent around your privacy.

Mac OS X is finally finished, with Apple confirming that it’s officially moving to macOS 11 after almost 20 years of OS X (or macOS 10).  This fall, users will finally be upgrading from the 10.X versions that Apple has been using for nearly two decades to version 11.0.  It’s ‘MacOS’ from now on, much like ‘iOS’ and ‘iPadOS’.

Safari Updates

Safari is packed with new features, including a customisable start page, elegantly designed and more powerful tabs, quick and easy translation, and a new Privacy Report.  A new weekly Privacy Report on your start page shows how Safari protects your browsing across all the websites you visit.  Users can choose when and which websites a Safari extension can work with, and tools like data breach password monitoring never reveal your password information — not even to Apple.

In the biggest update to Safari since its original launch in 2003, the world’s fastest browser is even faster, providing industry-leading speed and battery life.  Tabs have been entirely redesigned to make navigating with Safari faster and more powerful by showing more tabs onscreen.  Displaying favicons by default to easily identify open tabs, and giving users a quick preview of a page by simply hovering over the tab.

Other newly Updated features

The updated Messages app lets Mac users send and receive more personal and expressive messages, and easily keep track of and interact within group messages. Maps also offers an all-new experience with immersive features for exploring and navigating the world.

macOS Big Sur delivers a spacious new design that makes navigation easier, while putting more controls at users’ fingertips.  Overhauling everything from the curvature of window corners to colours and dock icon designs.   A refreshed Dock displays thoughtfully designed icons that are both uniform and consistent in shape to match others in the Apple ecosystem.  Buttons and controls for apps appear when needed, and disappear when not in use.  The entire experience feels more focused, fresh, and familiar, reducing visual complexity and bringing users’ content front and centre.

The customisable menu bar features a new Control Centre, delivering instant access to the controls used most, from the desktop.  And a new design for core apps brings more organisation to multiple open windows and makes interacting with apps even easier.

macOS Big Sur is available to developers, with Apple planning to make a public beta available to public beta testers next month. When it launches in the fall, macOS Big Sur will be a free update for all compatible Mac models.

 

For Apple device expertise and IT Support, please contact our team today.


Lockdown Articles We Wish We’d Written

This defining moment of the 21st century has provided ample inspiration for the world’s writers, bloggers and journalists – so far, 2020 has been a big year for tech.

Here’s some of our favourite technology articles from across the internet in recent weeks:

 


1. “… By now the silence from the UK government about the NHS app was deafening. What was going on?”

Due for release in June, but then suddenly scuppered, the story of how the Government’s £11.8m promised Covid app sank without trace.

What went wrong with the UK’s Contact Tracing App? – BBC News


2. “… the crooks behind the attack brought along a 280 MB Windows XP virtual machine to run it in (and a copy of Oracle VirtualBox to run that).”

A terrifying new ransomware that fires up its own anti-virus free virtual machine to infect the host – Sophos shines a spotlight on Ragnar Locker.

The Ransomware that Attacks your from inside a Virtual Machine – Sophos


3. “… In the rest of the building, only three people tested positive out of 927”

A fascinating diagrammatic look at how Covid spread through a single floor of a 19-story office building; researchers conclude duration of interaction is the critical danger to workplace safety.

An Analysis of three Covid-19 outbreaks, how they happened, and how they can be avoided – El Pais


4. “… In fact, Zoom is using its own definition of the term.”

Forced to hurriedly address security promises in recent updates: how Zoom’s original claims about call encryption in March turned out to be less than true.

Zoom meetings aren’t end-to-end encrypted, despite misleading marketing – The Intercept


5. “… My screen hours now actually exceed my waking hours.”

Is it possible to live a fulfilled ‘real-life’ entirely online? Many of us have been trying it without realising.

The Internet, mon amour – Economist, 1843 Magazine


 

 

For IT Support and technical expertise, contact our team today.


How to get value from offering public WiFi

Free public Wi-Fi is a popular service for retail, events and hospitality providers to offer, and increasingly becoming an expected service among the public.

This needs careful thought: not least technical considerations like how to keep public networks isolated from work networks, and providing strong enough connectivity to support the user environment.

But most importantly: how should a businesses or organisation to gain value back from providing free Wi-Fi? We take a closer look at some of the best techniques.

 

Authentication & Audience Participation

Most public Wi-Fi networks expect connecting users to ‘authenticate’ by providing details such as their email address or name, and often accepting some terms and conditions of use.

This can be a fantastic marketing opportunity to gather email subscribers, demographic data, survey product popularity, or simply count customers.

Alternatively, commercial quality systems like Cisco Meraki also offer hidden gems like Facebook Authentication – in which the user has to ‘Like’ the business brand or page to gain access. This kind of authentication is superb way of increasing your visibility online by leveraging value from public Wi-Fi – effectively asking the public to become your marketeers via social media.

Physical signage and other real-world marketing can also encourage visitors to share their experience of your venue or event online while their complimentary connectivity is available.

Targeted Advertising

‘Splash’ Pages loaded on the User’s device when they first connect are customisable on many business Wi-Fi platforms, and this creates a perfect opportunity to brand the experience.

Treating this like a regular webpage offers the chance to advertise offers that are time-sensitive, updated seasonally, or promoting key products.

Alternatively, if your audience is large or targeted enough, then this space can be treated like digital real-estate, and sold on as advertising space to others looking to reach an audience.

Footfall Mapping

By combining signal strengths from different access points and triangulating the direction, enterprise systems like Meraki are able to produce animated ‘heatmaps’ of footfall around a site or venue over time.

This is valuable information it itself for public-spaces and retail centres – who rely on being able to control or exploit human travel to maximise sales, minimise costs or optimise the flow of people.

Prompt for Reviews

You’ll never get a more geographically targeted audience than this – so why not ask the key question when it counts?

To online brands in particular, digital reviews are worth serious investment, and smartphone connections direct with the customer is a perfect opportunity to prompt via the web for useful feedback or survey customer satisfaction.

Alternatively ask publicly: and gather Google Reviews, Facebook Ratings, Trustpilot Stars, or any other feedback that is of value to your organisation en masse.

 

For Wi-Fi guidance and networking expertise, please contact our team today


ASUS gambles on dual-screen laptop

Two years ago ASUS first previewed an experimental dual-screen laptop. Dubbed ‘ProjectPrCog’, the unusual concept creation effectively doubled the available screen size to both the top and bottom case of the laptop.

In 2020, ASUS have (sort-of) finally taken the plunge with the ZenBook Duo. An intriguing new design, this ‘one-and-a-half-screen’, $1499 version includes a secondary rectangular monitor in the lower half of the case for extra display room.

Among the theoretical advantages of a dual-screen laptop are the ability to hold communications apps like email or instant messaging on the lower screen while working on the upper, and the ability to stream video from the top while controlling the stream itself lower down. A powerful Intel i7 processor included as standard ensures the extra screen space isn’t wasted, and it’s easy to imagine the Duo becoming a cult-hit with graphic designers and similar.

The overall design is not quite as futuristic as ProjectPrCog – ASUS have shied away from a full touchscreen keyboard, favouring a cut-down version of conventional laptop keys, and a touchpad mouse/numberpad combination.

The ZenBook Duo is also thankfully less wacky than previously failed attempts at the same thing, such as Lenovo’s odd Thinkpad W700ds.

Conceptually though a dual-screen laptop still poses some challenges: a cramped keyboard close to the edge makes it quite difficult to type on top of er… one’s lap.  At 1.5kg the model sits around average for laptop weight, but dual displays is likely to impact the battery life considerably compared with single-screen models.

A highly commendable effort from ASUS and undoubtedly interesting. World-changing? Probably not yet.

 

For IT Support and expertise, please contact out team today.


easyJet Hit by Cyber Attack

Popular short-haul airline easyJet has been hit by a cyber attack, affecting around nine million customers.

In a statement, easyJet says that a “highly sophisticated cyber-attack” discovered in January 2020 compromised email addresses and travel details of roughly nine million travellers. For 2,208 customers, credit card information was also accessed.

No further detail has yet been publicised as to the nature of the breach, although the company stated that it had “closed off unauthorised access”.

The bad news comes at a difficult time for airlines, as air-travel has declined dramatically in the wake of Covid-19 restrictions. When faced with a similar situation in 2018, British Airways received a large financial penalty of £183m from the Information Commissioner’s Office.

The airline are making contact with all affected customers warning extra vigilance towards ‘unsolicited communications’, due to the heightened risk of phishing attempts from criminals masquerading as easyJet who may have gained access to customers’ personal details.

Under new GDPR guidelines introduced in 2019, it is mandatory that breached organisations report to the UK Information Commissioner’s Office (ICO), who are currently investigating.

 

For cybersecurity and IT Support expertise, please contact Lineal today.


Make Microsoft Teams your Phone System

Gamma Communications have officially launched Teams Direct Routing, allowing organisations which use Microsoft 365 to make Microsoft Teams your phone system.

Teams Direct Routing is a simple monthly bolt-on to Teams-enabled Microsoft 365 licenses, that allows the user to make or accept normal voice calls via the UK phone network.

But what about the actual… phone? Yes, end users can use either the Teams mobile app for their smartphone on iOS/Android, or their PC/Mac – however hardware manufacturers are surprisingly close behind: with Poly and others announcing hardware officially approved to operate a Microsoft Teams based phone system.

teams phones

Poly CCX Series Teams Phone Handsets

This makes Microsoft Teams a compelling choice as a full-business phone system, with call-routing, voicemail and many the other features commonly associated with work phones – available ‘through’ Teams.

Each user’s overall license package comprises three parts: two Microsoft elements including the user’s Microsoft 365 license that includes Teams, the ‘Phone system’ (PBX) bolt-on, and one from Gamma – the Teams Direct Routing Bolt-on itself.

teams phone system licensing

All this is backed by the remote-working flexibility of Microsoft 365’s cloud infrastructure and Trust Centre – better yet, the monthly cost of extending Teams in this way is a tiny fraction of the upfront cost of buying a traditional business phone system and unifies the user’s other key work communication tool (email) under a single account, calendar, and set of security permissions.

With a user-base of over 70 million daily active Teams users, Teams itself is a workplace juggernaut given extra momentum by the important need for home-working driven by Covid-19. Although Microsoft themselves also offer direct routing call plans that integrate with Microsoft Teams, these do not include the numerous extra functions extensively supported by telecommunications suppliers, such as flexible number porting, extra control over redundancy and business continuity plans, and other related considerations needed to better ‘manage’ an organisation’s communications.

Gamma, whose popular Horizon system operates nearly half a million UK business phone seats, are also giving every sign that Teams Direct Routing will also be the more cost-effective choice when compared to Microsoft’s own call plans.

Teams Direct Routing is likely to prove an extremely popular choice for companies seeking to modernise, and ‘get the most’ out of Teams. Take our advice: this one is going to be big.

 

For more information on Microsoft 365 and Teams, click here.

For more information on Microsoft 365 licensing, click here.

For more information on how Microsoft Teams can be deployed as a full phone system, please contact our team today.


NCSC Whitelist & Blacklist Terms Replaced

The UK National Cyber Security Centre (NCSC) are officially removing the technical terms ‘Whitelist’ and ‘Blacklist’ from their organisation in an effort to be more inclusive.

The terms ‘Whitelist’ and ‘Blacklist’, which refer to lists of permitted and not-permitted things in the cybersecurity world, will be replaced with the more literal and accurate ‘Allow List’ and ‘Deny List’.

Prolific spam email domains for example are often ‘Blacklisted’ by system administrators – a negative association the NCSC feels should not, even inadvertently, imply a connection to skin colour.

The organisation, a more public extension of GCHQ, acknowledged in a statement on their website that whilst “…it’s not the biggest issue in the world…”, the organisation is acting positively in response to requests from the public, is making an effort to be more inclusive, and that using such terms might otherwise have impaired the recruitment of valued “future colleagues.”

‘Blacklisting’ also has an unfortunate connotation with an illegal practice of barring whistle-blowing employees and trade union members from working across certain sectors, which has a history within the construction industry among others.

Google Chrome, Microsoft Edge and others have made similar terminology decisions – deciding that pejorative references to colour should not be used in cybersecurity terminology.

 

For IT Support and cybersecurity expertise, please contact Lineal today.


Microsoft launching new Teams features

Microsoft Teams will soon gain the ability to display video-call participants in a 3×3 (9-person) grid, among other new Teams features.

The new teams features improve on the current limit of a 2×2 (4-person) grid – one notable limitation when compared with popular rivals such as Zoom.

Other features being added include custom-backgrounds, a ‘raise-hand’ feature similar to that used in Citrix GoToMeeting webinars, audio-sharing and call recording for 1-1 direct calls. The iOS version on mobile/tablet will also gain Teams’ background blur feature used to obscure the caller’s surroundings.

Recognising perhaps that Teams is still new to many workplace settings there has been a revised focus on hardware for new teams features: ‘Teams Certified’ audio/conferencing devices are now available, and the new Teams push-to-talk ‘walkie-talkie’ mode designed for field workers is currently in preview.

teams dashboard preview

Playing catchup with Teams’ dramatic surge in popularity – to over 44m daily users and 1000% more calls during lockdown across the globe – Microsoft are also overhauling the Teams Admin centre to give admin users more visibility and control over meetings, usage and group policies.

 

Lineal are a certified Microsoft Gold Partner. Learn more about Microsoft Teams, or contact us today.


Number of Covid-19 Scams Explodes

The volume of Covid-19 scams and phishing emails has increased dramatically in recent weeks according to cybersecurity authorities.

Email security software and cybersecurity provider Barracuda Networks has reported a 667% increase in phishing emails throughout the pandemic.

Common scams include pretending to represent Government, law enforcement or medical authorities to obtain information or financial payment, blackmailing users with threat of infection, donation requests for fake organisations, and malware distribution – including one new ransomware even dubbed ‘Coronavirus.’

Barracuda Covid-19 email scams graph

Via Barracuda: Source 

In a joint statement published in April, the UK National Crime Cyber Security Centre and US CISA (Dept. of Homeland Security) notes the sudden rise in Covid-19 scams, and even highlight instances of SMS text-messaging phishing attempts mimicking UK Government text alerts.

In the example cited, a fake compensation payment is offered to entice the user to hand over details via an imitation UK Government website.

covid-19 scam sms phishing example

There has also been a growth in online hackers and trolls targeting Zoom and other video conferencing platforms. Users unfamiliar with this kind of software in particular may prove an easy target for cyber criminals.

Phishing scams are part of a larger trend of online Covid-19 themed fraud. In March, the NCSC removed around 500 fake online shops claiming to be selling fraudulent virus-related items over the internet.

Google currently estimate that Gmail filtering is blocking over 100 million phishing emails each day, and that almost 20% of online email scams now refer to Coronavirus (around 18 million) – likely to be the largest phishing ‘theme’ in history.

 

For cybersecurity expertise and assistance, please contact Lineal today.


Mid-market iPhone SE relaunched by Apple

Apple have launched a new mid-market iPhone, the iPhone SE, to popular aclaim.

Similar to the iPhone 7 in appearance, this more baseline model of iPhone is designed to broaden the user-base of Apple’s popular iPhone range into the territory of more budget Android smartphone alternatives.

Not that Apple have scrimped on the technology – even the more basic SE includes an A13 Chip, 4.7-inch Retina HD display, and the ‘best single camera’ system on an iPhone ever (as opposed to the multi-lens affairs on more premium iPhones.)

In a nod to the World’s current Coronavirus difficulties, the SE also contains the original TouchID fingerprint sensor, so that users can still unlock the screen without removing facemasks.

Like it’s experimental predecessor, the 2nd-generation SE will also be available at more affordable prices: including £10.99 a month, or £279 upfront via Apple trade-in, suggesting there will soon be some very cost-effective deals reaching customers on the high street. To thin Apple’s extensive iPhone range, the iPhone 8 will also be discontinued.

Apple’s physical high-street stores remain closed due to Covid-19 lockdown – however online preorder begins from Friday 17th April, starting at £419.

For technical expertise and business mobile, please contact Lineal today.


Keeping Things Moving

As businesses and their staff begin to adapt to the UK’s Covid-19 lockdown, we take a closer look at how IT Support requirements have shifted.

After two weeks of IT Support call volumes to Lineal rising significantly, queries have begun stabilising as the organisations and companies we support, and their employees, become more accustomed to working from home.

You can find answers to Frequently Asked Questions in our lockdown FAQs article here.

In parallel, the nature of IT tickets we commonly address has also altered, with a majority of support queries involving either virtual private network (VPN) or remote access assistance – even overtaking email in the short term.

We’ve seen renewed interest in cloud-based services, including Microsoft Office 365 tools, Gamma Horizon hosted telephony, and Azure-based computing, as well as portable hardware shortages – with major distributors keeping things moving but reporting limited availability of new laptops, headsets and power cables.

In-house, Lineal’s own use of Microsoft Teams has increased noticeably as staff work remotely. Following an initial lockdown practice drill in early March,  activity graphs show three weeks of increased Teams collaboration between staff – including audio/video conference calls, chats and screen-sharing.

lineal teams usage graph

We’re keeping things moving and continuing to support all our clients fully throughout the the Covid-19 lockdown; if you have any feedback or ways we can improve our service, please let us know.

 

For IT Support and technical expertise, please contact Lineal today.


Good News Stories You Might Have Missed

The world is on lockdown, but not all is doom and gloom – as people unite during a period that can only be described as one of the most challenging times we have faced in decades. Our ways of life have been put on pause, travel and holidays are no more; our freedom of movement halted.

But this is only temporary and there will be an end to this crisis. There is a global rise of togetherness and tough times don’t last – but tough companies do.

What good can come out of this chaos and uncertainty? There is hope: here’s some good news stories you might have missed:

Time is the greatest healer and as we have the time to reflect, appreciate the smaller things in life. Spend time with your children, your pets, your significant other – you may be with just them, for a little while. Take some time out to look out the window, if you go for a walk notice how spring is arriving.

One thing we don’t know is how long this will all last, all we do know is there will be an end – we’ll get through this and Lineal’s team are here for you when you need us.


Uh Oh, Time to Patch Firefox Again

Mozilla have released an urgent patch to version 74.0 of Firefox, notifying browser users around the world that it’s time to patch Firefox again.

The timing of the new patch, which also affects the ‘Extended Support Release’ (version 68.6) suggests that the latest update fixes a vulnerability which (at worst) may have been live in the browser since July 2019.

Mozilla’s official announcement from 3rd April categorises the impact as ‘Critical’, and states that ‘we are are of targeted attacks in the wild abusing this flaw’.

The precise details of the security flaw have not yet been published, although we know that the issue refers to a ‘use-after-free’ function by which the browser frees up previously occupied memory back to the device – with online cybersecurity blogs speculating that any new contents of the relinquished memory may still have some level of access to the browser.

Community-led Mozilla, whose popular Firefox browser is still the World’s second-most popular desktop browser, suffered other critical security flaws as recently as January – when the US Department of Homeland security took the unusual step of instructing users to urgently update their browsers following the discovery of a vulnerability which granted potential access to the operating system.

Not that Mozzilla are unique in such issues: Google also faced embarrassment in recent months after rolling out an experimental change to Chrome which left millions of users unable to load new tabs.

Patch your browser regularly: Firefox users can update to version 74.0.1 via:

  • To upgrade on PC, open Firefox and click ‘About’ and select ‘Restart and Update Firefox.’
  • To upgrade on Mac, open Firefox and click ‘Options’, ‘Firefox Updates or Options’, ‘Advanced’, ‘Update to update Firefox.’

Zoombombing Trolling Spreads

Zoom’s video-conferencing software has seen a surge in hacked video calls around the world, with a new phenomenon, ‘Zoombombing’, disrupting unsecured conference calls.

As large numbers of people work from home due to Covid-19, online trolls have begun searching for Zoom calls where meeting hosts have not passworded access or credentials are easily obtainable, and disrupting meetings with either audio or un-expected screensharing of inappropriate material to other attendees.

Zoom’s ease-of-use for beginners and freemium download option have proved popular in recent weeks with the platform surging to over 200 million users – a pattern also seen among similar conferencing platforms from Microsoft, Cisco, Google and others.

Cyber security experts have also highlighted the availability of automated Zoom-call hacking tools in the darker corners of the web – able to seek out conference calls without passwords for trolls to exploit.

Most experts believe Zoombombing intruders can be avoided with routine security precautions which should be taken by the host (and co-hosts) of any Zoom meeting.

In particular Zoom meeting hosts have been cautioned to:


  1. Set a unique, complex password for every Zoom meeting
  2. Generate a random ID for each meeting, try to avoid using your personal one. Zoom have published a helpful article on how to do this. 
  3. Not share screenshots of their meetings. (Even UK Government Cabinet Ministers’ accidentally publishing shared calls with visible meeting IDs recently. Don’t do it!)
  4. Avoid sharing meeting IDs on publicly visible social media or websites.
  5. Disabling screen-sharing rights unless needed via Screen Share > Advanced Sharing Options > Who Can Share?
  6. Enforcing Waiting Room prior to new attendees being permitted to join the meeting
  7. Lock Meetings once all attendees are present via Participants List > More > Lock Meeting

For Cybersecurity expertise & IT Support, please contact Lineal today


Your Google GPS Data shows a UK in Lockdown

Google have released aggregated smartphone location data which shows the UK under lockdown.

According to the newly published ‘Community Mobility Report’, in which Google GPS data from the location settings of Android phones is broken down by country, the UK has seen a dramatic drop in those going outside during March, as people stay in lockdown for the duration of the Covid-19 crisis.

google gps data summary

‘Retail and Recreation’ visits, which includes restaurants, cafes, shopping centres, theme parks, museums, libraries and cinemas are down 85% against normal rates, and ‘Parks’ show a 53% decrease.

‘Transit Stations’ including public transport hubs are down an astonishing 75% as people remain at home rather than travelling.

‘Grocery & Pharmacy’ visits show a smaller decrease, at 46%, as people continue to shop sparingly for essentials.

google gps data devon

However, Google GPS data varies across the UK – with Google warning readers not to compare rural and urban areas. Remoter parts of Scotland and Wales are less consistent both in lockdown severity but also available data to measure.

This measurement difficulty is something also noted by the Kings College Covid-19 sympton tracker app, which gathers self-reported data from across the UK and has risen rapidly up the Google Play and Apple App Store app charts in recent days.

Data for Devon suggests the lockdown is being observed slightly more strictly, with even lower rates of shopping and leisure trips being made compared to the UK average, but marginally higher attendance at workplaces and at public transport hubs.

You can find the Google’s COVID-19 Community Mobility Report for the UK and other countries here.

 

For IT Support and technical expertise, please contact Lineal today.


ISPs Lift Data Caps on Home Broadband

The UK’s biggest telecoms providers have agreed to remove data caps from Home broadband packages during the Coronavirus lockdown.

Although most UK home broadband packages now come with an ‘unlimited’ data allowance (subject to fair usage), many legacy products still enforce a data limit which may incur financial penalties if exceeded. Much like mobile data contracts, historically these were usually set at a specific monthly data usage, eg: 200GB.

The move follows discussions with the Government and telecoms regulator Ofcom, who are seeking to support vulnerable customers during the Coronavirus lockdown.

The Department for Culture, Media and Sport has also stated that the measure will be ‘effective immediately’ and help ‘people to stay connected whilst they stay at home.’

In particular, the BBC notes that many ISPs offer cut-price, limited broadband packages for those receiving benefits – although some limits on gaming, streaming and other high data-usage activities may remain in place for these packages.

Providers lifting data caps include BT (EE & Openreach), Virgin Media, Sky, TalkTalk, O2, Vodafone, Three, Hyperoptic, Gigaclear and KCOM.

 

For technology expertise and support, please contact Lineal today.


Keep calm and carry on

As more and more of us are starting to accept remote working as the new norm, it may still feel unnatural and difficult for those who have not experienced this before. Keep calm and carry on – Lineal are here to help.

Remote working out of the office or from home has increased by nearly a quarter of a million over a decade, according to the office of National Statistics.

We may have lost the face-to-face daily contact with our colleagues and friends, but this does not mean we cannot stay in touch easily and efficiently;

  • Through phone calls
  • Messaging
  • Video calls
  • Business platforms such as Teams

With the current global crisis, for most of us we may feel like we are in uncharted waters.   A lot of people have had to adapt to working from home, with no planning and little time to prepare for the change. There are many questions:

  • How do you set up a space where you can focus?
  • How do you stay connected when you can’t meet face-to-face?
  • Why does it feel like it’s never the right moment to take a break?

It’s inevitable that some employees will have questions and may struggle adapt.

 

So what have we learnt so far?  

Microsoft’s article – Making the switch to remote work – is an interesting read, with 5 lessons on how they have approached working from home, and ideas of how best to overcome common hurdles.  The current situation has compelled Microsoft to take a new look at everything from scheduling meetings to the way teams are managed.

In particular, protecting your employers and employees mental health is very important:

  • Check in regularly with your team members
  • Colleagues
  • Customers
  • Suppliers

Also check out: https://www.forbes.com/sites/onemind/2020/03/17/when-home-becomes-the-workplace-mental-health-and-remote-work/ to see what some of the experts in the industry highlight could be the key concerns and how to manage them.

 

So how do we make the most of working from home?

Routine is Key:

  • Wake up at your normal time, but enjoy a little longer to get ready.
  • Have some breakfast an extra cup of coffee, as you don’t have to face the stress of the daily commute – No traffic jams, public transport or queuing, bonus!
  • Then structure your day like you would if you were in the office.
  • Organise meetings, speak to your colleagues, call your customers and suppliers, adapt your ways of working.

Be productive and proactive, there are many solutions available to you, and Lineal are here to help, if you need us.

There are also various positives for remote working, both for the employee and the employer:

  • Increased productivity – working remotely increases productivity work that needs focus by 16 per cent
  • Higher morale – a study showed that those who work from home love their job more than those who work in an office.
  • Higher employee retention
  • Less stress – one in five employees say that juggling their work and personal lives is the main cause of stress
  • Some of us may be lucky enough to have some four-legged furry colleagues keeping us company instead on a day to day basis.

Keep calm and carry on, and if you have any IT concerns please contact the Team here at Lineal Software Solutions Ltd.


We’re with you

At a challenging time for many businesses and organisations, Lineal’s top priority is your business continuity.

We’re supporting a wide range of clients with some very similar queries – here’s what that looks like:

 

  • Will our staff still be supported?

Yes – all Lineal’s remote support will continue as normal, and on-site engineer visits to workplaces as scheduled, pending further guidance by the UK Government. We’ve successfully completed practice drills of our business continuity plan, and you can learn more about our preparations here.

As always, please contact [email protected] and 01271 375999.

 

  • Help! We need to work from home!

OK – don’t panic: try and make a quick list of everything you commonly need to work in the office. Then contact our IT support teams via [email protected] and 01271 375999

Cloud-based services such as Microsoft Office 365, G-suite and Dropbox should still work via your web browser as normal (but please ask if you run into difficulties.) However, if you have systems that are based at your workplace, you might need to ask Lineal for a VPN in order to gain remote access (see below.)

Check out our tips for happy remote-working here, and some great deals for remote workers here.

If you have a Gamma Horizon phone system, we’re offering several months of free Gamma Collaborate licensing to extend your phone system to mobile/desktop devices – to support remote working. Please let us know here.

 

  • Can you help me set up a VPN?

Yes – as you might expect, this is currently our most requested support ticket type! Please speak to your support team via [email protected] or 01271375999.

 

  • How do I access ___[system]___ or line-of-business applications.

The answer to this will vary depending on the system, the security permissions at your company, and where it’s hosted – please speak to your support team via [email protected] or 01271375999.

 

  • Are Lineal extra busy?

Yes – our call and support ticket volumes have increased around 30% over the past two weeks, however these are still at perfectly manageable levels.

 

  • How do I set up my desktop PC at home?

We can walk you through ‘which-cable-goes-where’ if you’re unsure, but if your work-now-home-PC isn’t configured how it normally is in the office, please just speak to our support teams for remote assistance: [email protected] or 01271 375999.

 

  • Why might I need a ‘VPN’?

A Virtual Private Network gives direct access to your workplace network from home. If you have technology which is only available in the office (eg: an accounting database or CRM system based on your own server) these won’t be accessible outside without first connecting via a VPN.

If you have cloud-based services such as Microsoft Office 365, Dropbox, G-suite, webmail, Salesforce or other online services, these should be available through your browser as normal.

 

  • Help! I can’t buy ___[hardware item]___ anywhere!

You’re not alone: we’ve seen stocks of laptops, convertibles, power cables and others run low from many UK suppliers. If you’re having trouble sourcing something, please contact us via [email protected] for a quote, and we’ll do our best to find your request direct via distributors.

 

  • I think ____[service]____ is down, but maybe I’m just confused. How do I tell?

It’s first worth heading over to DownDetector.com to see if there are issues reported with major UK providers, such as mobile networks, cloud services and broadband ISPs. If you’re unsure, please speak to our support teams.

 

  • Will the internet/service_x fail due to high demand?

No, but we do all need to act responsibly. Much like with supply chains and emergency hotlines, capacity needs to be used sensibly by everyone.

Please don’t stream 4K or High Definition video unless it’s really necessary, and expect some of the bigger cloud computing providers, like Microsoft and Google, to dial down the responsiveness of some connectivity-intensive bonus features to help accommodate the extra computing demand around the world.

 

  • How do I use my work phone system remotely/from home?

Depending on who maintains your phone system, you might need to speak with your provider for either remote access or call re-directs.

If you have a Gamma Horizon phone system provided by Lineal, we’re offering several months of free Gamma Collaborate licensing to extend your phone system to mobile/desktop devices – to support remote working. Please let us know here

 

For IT Support & technical expertise, please contact our team today.


The Ultimate Guide to Microsoft Teams

This week Microsoft Teams gained 12 million daily users, bringing the total to 44 million globally. During the past few days, Microsoft have raised cloud computing capacity by 600% to support this surge in demand for remote-working tools.  

If its all new to you, or you’re working from home for the first time – never fear! Lineal have assembled some of the best online Microsoft Teams resources to help users of all levels. 

We’ll update this ultimate guide to Microsoft Teams to include valuable new videos, examples and training materials as we discover them. 

 

The Basics 

teams quickstart

Intermediate 

teams training

Experienced 

 

Lineal are a Microsoft Gold Partner – for expertise and support, please contact our team today.


Lineal join Omnis for Web Engineering Day

Members of Lineal’s Software Development Team were recently invited to join the Omnis Software Engineering Team for a special 2-day visit focusing on development work regarding web features within SQLWorks.

Software engineers from both companies focused the dedicated day on the implementation and deployment of Lineal’s recent online work including business-to-business (B2B) trade ordering portals and online user survey systems.

The SQLWorks Team at Lineal wanted to thank the staff at Omnis for being excellent hosts and helping to craft an extremely useful and informative visit.

Omnis Software recently celebrated 40 Years in the industry, having been founded in 1979 by Blyth Computers Ltd. Co-founder Paul Wright.

Omnis technology has underpinned Lineal’s SQLWorks Business Management Software (integrating accounting, stock control, CRM and manufacturing) since the early 1980s. Lineal’s Managing Director Mike Matthews is a part of the international Omnis Technical Committee, and Lineal staff regularly help coordinate and take part in EurOmnis, the international Omnis software developer conference.

 

For Software development advice and expertise today, please contact our team today.


Gamma Roadshow 2020

We recently attended the 2020 Gamma Communications Roadshow at Stamford Bridge – hearing the latest business telecoms and technology trends from across the UK. But what do businesses need to be aware of?

 

Clock Ticking for ISDN

BT will officially turn off all ISDN services by 2025, with the ‘stop-sell’ order coming as early as 2023.

With UK businesses just getting used to putting ‘2020’ on paperwork, this is no longer a drill – if your phone system uses ISDN, your business needs to begin preparing to switch to a digital services such as SIP or better still, a hosted VOIP platform.

There are perhaps as many as 1.5 million ISDN channels still in use by businesses across the UK. Gulp.

 

Ultrafast Fibre Rollout Gathers Pace

Superfast broadband (‘Fibre to the Cabinet’ or FTTC) prices are falling all the time, but the big story of the decade is likely to be the steady roll-out of ultrafast ‘Fibre to the Premise’ to many more businesses – to around 40% availability over the next few years.

Salisbury is the first single-year rollout ‘test’ area trialling complete fibre infrastructure (booking a new copper line in the Salisbury area is likely to be rejected).

Interested in fibre for your area? Perhaps you should speak to your friendly neighbourhood IT provider…

 

Not all 5G is born equal

We’ve known for a while how the smallest of the UK’s four mobile networks (Three Mobile) is arguably in the best position to deliver data, although it’s now becoming clear Three has an enviable technical advantage over some of the other major providers – and is even using the cheeky marketing slogan: ‘If it’s Not Three, It’s Not Real 5G’.

The reserved spectrum range favours Three to such an extent that EE/BT, O2 and Vodafone have all submitted strongly worded complaints over preferential access. Gulp.

 

Microsoft Teams Telecoms Emerges

Among Gamma’s most exciting news was the announcement of a Direct Call Routing service for Microsoft Teams – which effectively plugs into the back of Teams and Microsoft’s ‘Phone System’ PBX add-on, to turn your Microsoft Teams software into a fully fledged business phone system.

teams phone

Until now Microsoft’s Teams platform has been a strong option for video/audio conferencing, screenshare, instant messaging and collaboration – but have always lacked the more robust business call-handling feature-set of true phone systems, or suffered from a shortage of physical handsets. With both of those challenges solved by Gamma and the Teams app available on a variety of devices, it’s easy to imagine Teams phones appearing on desks.

Direct Routing for Teams is expected from April 2020. The final pricing is likely to be somewhere in the region of between £15-25 a month per user (including Microsoft Office licensing) – finally unifying telecoms under the same single user account as Microsoft Office 365 hosted email, files storage, office apps and collaboration software. Watch this space.

 

For communications services and expertise, please contact our team today.


Lockdown: How Lineal ran a full 24hr Quarantine Drill in Secret.

Edit: This article was originally published a few weeks before the first national UK COVID lockdown, 2020 – and has been left in its original form.

 

“All Staff Meeting” it said in the diary, and that was unusual. While both Lineal’s technical and non-technical teams meet regularly, it is rare that they are all required to gather at once on a Monday. Something was up.

“Tomorrow…” announced Mike, “… you’re all going to work from home. Lockdown: you have two hours to prepare.”

Tuesday 10th March would be a complete quarantine drill day. Staff would attempt to replicate everything Lineal does while working remotely – from home in most cases, but in physical isolation from each other. The scenario would be a practice run for either a coronavirus isolation scenario, or a catastrophic on-site evacuation incident such as severe flooding.

We would be permitted to visit clients if required, make preparations for home working, and to remove any equipment we might need from Commercial House in advance – providing we did so within the 2 hour advance warning period.

The business operations of our clients would remain critical throughout, so everything would need to operate as normal, with the quarantine remaining effectively ‘secret’.

lockdown meeting

(Lineal staff first begin finding out about the quarantine drill. Approx. 1430hrs Monday.)

The problem with working in a technology business is that you rely on a lot of technology. Two hours isn’t a long time to coordinate twenty-six people, so putting Lineal’s Business Continuity Plan into practice isn’t as easy as asking if everyone has memorised the document.

First: untether from the desk. Staff without laptops would need to be issued them quickly, and everyone remove their device from the building. Fears of a burgeoning black market in charging cables proved unfounded, and by late afternoon everybody had what they needed.

 

“.. those who have had close contact will be asked to self-isolate at home for 14 days from the last time they had contact with the confirmed case ..”

(Gov.uk, “COVID-19 Guidance for Employers and Businesses”)

 

Web-based and other cloud services such as Microsoft Office 365 would be accessed over home broadband connections, with the same security controls as staff normally use while remote working.

lockdown

Good luck everyone!

As always, IT Support engineers would depend on remote assistance software to help end-users, and need to ensure good communication at all times. Throughout the process, staff were encouraged to note their experience of the experiment and highlight issues for review.

Secure access to Lineal’s internal networks, and all the systems that sit behind it, would be granted to our team via a secure Virtual Private Network (VPN).


Top tip #1: Familiarise yourself with the mobile hotspot on your smartphone, because the 4G connection is a useful way to test that your VPN will connect successfully, before actually leaving your place of work.

 

Tuesday Morning


Everyone was connected remotely to all our business continuity systems, which granted access to Lineal’s in-house telephony, shared workspaces in Microsoft Teams, and SQLWorks business management software.

Without a physical desk phone at home, staff would instead use a desktop softphone on their PC, continuing to handle and transfer calls exactly as before – relying on status indicators to gauge each other’s availability, similar to how they would with their existing desk phone.

lockdown softphone

Microsoft Teams would permit instant message and document sharing – and facilitate video conference calls and screen-sharing with clients who were often otherwise unaware that Lineal’s offices had gone dark for the day. Teams rapidly became the preferred method of quick communication between individuals or small groups – with a rapid problem-solving chatter sitting below the level of email.

Incoming and outbound call volumes were actually slightly higher than usual, as staff continued not just taking customer calls, but calling each other more regularly due to the lack of physical proximity. The relative ease through which individuals would usually interact was replaced through Teams, and more conference calls, later reflected in higher Teams user activity.

lockdown microsoft teams user activity graph

Lineal Microsoft Teams User Activity: 3rd – 10th March

 

Top Tip #2: To enable full home-working, you need not just a unified communications tool, but more call volume ‘capacity’ than normal.

 

Full remote-working is an interesting exercise because it forces your team to reconsider elements of the operation everyone takes for granted. For example, our teams regularly make use of meeting rooms and spaces at the Lineal office in order to work on projects and meet with customers.

In a geographically distributed “virtual” world, these meetings need to take place in different ways. Generally, tools like Teams make an excellent substitute and the result is a far more focussed experience which achieves the shared aims of the meeting, but with slightly less social interaction than you would expect when meeting face to face.

lockdown call volumes graph

(Business as usual, with rising call volumes)

Although the practice of full home-working is dramatically easier than it once was, and potentially hugely cost-saving, several staff reported feeling a little isolated. We’ll be incorporating all our staff’s feedback into our Business Continuity planning, and continue to make improvements.

 

How to Plan:


Have a Plan Saved in your email drafts – detailing what needs to happen in the event that a significant number of staff need to be sent home. Worry about things in this order:

 

1. Basic Connectivity & Communication

How will your staff connect to your IT remotely, and how will they communicate with each other. The checklist runs as follows: hardware, cables, broadband and communications tools. These are the most fundamental tools for both work, and circumventing any other problems your team encounters.

 

2. Access to Work Files

In the short term, staff otherwise isolated from systems can still process documents productively – If you’ve moved to Office 365, G-suite or cloud-storage platforms like OneDrive or Dropbox, this should be easiest workplace task to provide access for.

 

3. Access to Databases

Operating cloud-based? That will help. However, remotely connecting to non-cloud, ‘on-site’ systems such as accounting, stock control and other vital software will rely on external access to your network – for example via VPN.

This is likely to be unfamiliar to many end users used to working from the office – start with the users that most need it for the continued operation of the business, such as mission-critical staff or more senior accounting managers.

 

4. External Permissions

What systems do you need access to that are operated by third-parties. Remote equipment? Agency resources? Supplier portals? If these are web-based they may be accessible from anywhere, but make sure this is the case. To dramatically simplify this one, don’t run an IT company!

 

5. Support Structure

If you’ve never worked entirely from home before, it can feel strangely isolating. Guidance from NHS England currently states coronavirus self-isolation should last as long as two weeks, so check regularly that your team are coping OK. Encouraging emails, chat channels, funny gifs, team calls and the like are more important than you might think.

 

***This page will be updated with links to new guidance, as required.***

 

For business continuity technology and expertise, please contact Lineal today.


Hands on with the new Office Mobile App

Microsoft have combined the mobile versions of its Office programs into a single new Office app, uniting Word, Excel and Powerpoint under a single banner.

It’s true that Microsoft would prefer you use their whole Office 365 suite of apps, but the combination isn’t just strategic – the new mobile Office includes a whole toolkit of new abilities better optimised for mobile.

A number of typical tasks people might tackle when using a smartphone, such as PDF signing, reading QR codes, photo-to-document conversion or scanning PDFs with Microsoft Lens, are all ‘baked in’ to the new mobile Office version, with Microsoft clearly trying to maximise awareness of these lesser-known extras.

Such tools are activated from a new ‘Actions’ menu aimed at simplifying the controls users have to input to complete common tasks, as part of Microsoft’s Fluent design scheme.

Microsoft Word comes with a new dictation ability (which may be familiar to those using the desktop app) that supports speech to text. It’s hard to imagine users writing lengthy documents this way unless forced not to type, although assembling plain text into a OneDrive file for others to collate, or editing changes into an existing project might be more practical.

Excel is, of course, not a natural fit on mobile – where individual cells remain a bit fiddly on a touchscreen. Even so, there are improvements here too: Excel ‘cards’ simplify wide Excel rows into a simple summary, which ensures the user doesn’t have to open an unwieldy spreadsheet to find information.

 

Again, there’s an awareness here – that very few users will seriously attempt heavy editing via mobile, but access and convenience is critical for a workforce that increasingly operates on the move. Powerpoint presentations can also be created from a bullet-point list: not a work-of-art perhaps, but potentially a lifesaver at short notice.

Outlook, Teams, OneNote and the other Office 365 apps remain independent (for now) although it’s easy to imagine some of these also being merged into the combined app in future, as Microsoft seeks to build a seamless experience between the different productivity apps of the popular Office package.

In a diplomatic move, Office also includes support for popular third-party storage apps including Google Drive, Dropbox, iCloud and Box.

Microsoft Office is available for iOS via the App Store here: (https://apps.apple.com/app/id541164041) and for Android via Google Play here: (https://play.google.com/store/apps/details?id=com.microsoft.office.officehubrow)

Try it today!

 

Lineal are a Microsoft Gold Partner – for IT support and expertise, please contact us today.


Android 11 Previews 5G VR Overlay

Google have released the new developer preview of Android 11, with technology ready for 5G and support for virtual-reality overlay options within apps.

Developer previews are designed to encourage 3rd-party app developers to stay ahead of the curve, and test the compatibility of new features, prior to the release of Android 11 during the Summer.

This time around, the much-hyped release of 5G requires Android handsets and app developers to adapt to the new technology: including operating-system to assess whether connections are metered or unmetered, and unlock boosted computing options if data speeds are sufficiently high.

android 11 vr

Some of the improvements are also being driven by hardware trends among the big manufacturers – including new support for folding-screens and the ‘pin-hole’ style cameras that sit within the screen extent of the phone.

An ‘Only this time’ choice will be added to security preferences which allows for a one-time exemption to default security options. This is already the case with standard apps (such as your default browser) but will now apply to system tools such as the phone’s GPS, microphone or camera.

On the flip side of this, more of the phone’s intrinsic features (such as phone/messaging apps) will begin behaving more like their popular 3rd-party app counterparts – allowing persistent notification ‘bubbles’ that can be re-positioned on screen for a more fluid experience.

At present Android 11 will only operate on Google’s own flagship ‘Pixel’ range of smartphones, but expect the OS to begin appearing on other handsets from June 2020.

 

For Business Mobile expertise, please contact our team today.


Green IT Tips to Help Save the Planet

Getting your technology right can help reduce energy use, cut CO2 emissions, and limit the amount of waste going to landfill.

Not that saving the planet is as easy as it sounds: Google famously changed its homepage dark for Earth Hour in 2008, saving no electricity whatsoever.

You can do better.

 

  • Try out Ecosia.org

Ecosia is a German not-for-profit search engine that plants trees with the advertising revenue it generates from search results.

For transparency, the carbon-negative organisation publishes a regular easy-to-follow report into its environmental activity and finances on the Ecosia blog.

At time of writing, around 83 million trees have been planted worldwide across at least 16 countries – and assuming you don’t clear your browser settings, Ecosia also keeps a total count of your personal searches. Supported by Microsoft Bing, Ecosia’s searching is encrypted, results are not stored, and data is not sold to any third-party advertisers.

Around 45 searches equates to one new tree – so get searching!

ecosia

 

  • Video Conference, Don’t Travel

Business travel, especially air travel, isn’t as necessary as it used to be, and it’s increasingly difficult to justify time spent sat in traffic.

Clever video-conferencing software that includes screen-share, meeting record and web-based guest access – such as Microsoft Teams or Gamma Collaborate – make it easier to hold meetings remotely, at a tiny fraction of the CO2 output.

microsoft teams

Video conferencing was once a bit of a standing joke, but with responsive video quality, devices with in-built microphones/cameras/speakers, and better internet connectivity, the technology is much more practical than was once the case.

For an easy way to gauge the costs involved, add up mileage expenses for a week, month or year, and ask which meetings really had to be conducted by travelling. If that expense could be saved, so could the planet.

 

  • Use an Eco Button (Or Don’t)

There are a number of gadgets available that prompt office workers to turn off their screens, most famously the ‘Eco-button’ – a bright green light-up USB button which you hit to switch your PC into sleep mode. On startup, a small application praises your efforts by displaying your CO2 and cost saving to date.

ecobutton

Unfortunately this is arguably an example of greenwashing. The plastic device (probably shipped from China) isn’t actually necessary to enable device sleep settings – Windows 10 already has handy power-saving options available, so aside from the software recording your savings, the button mainly serves only to raise awareness and act as a fun reminder.

Hopefully each eco-button might one day have saved enough CO2 to justify its own manufacture… maybe. But with a little vigilance, this ought to be achievable without quite so much plastic.

 

  • Return your old Router

Switching broadband services often means a new router, which isn’t ideal for cutting plastic waste.

Some ISP’s allow users to voluntarily return a redundant router for recycling, in an effort to cut down on routers being piled up in cupboards, and ensure fewer of their devices ultimately end up in landfill.

BT recently announced this scheme will soon be compulsory, and new customers who fail to return their BT router for recycling at the end of the contract using a pre-paid return envelope will face an extra charge of up to £50.

Alternatively, many local councils now allow the recycling small electrical items with household recycling, so there’s little excuse for throwing out this kind of equipment.


Review: Microsoft Edge 2020

‘It’s time to expect more’ declares Microsoft upon the release of Microsoft Edge – a double-edged tagline if there ever was one.

Pity poor Edge. Since Internet Explorer was re-branded in 2015, take-up has not been enthusiastic. Like Internet Explorer, Edge suffered from the image of being the beige option among more exciting browsers, and never regained the kind of 95% market domination IE enjoyed in the early 2000s, before Microsoft was required by US anti-trust law to offer Windows users their choice of default browser.

Now it’s 2020, and in a world dominated by Google Chrome and mobile web browsing, Microsoft is trying again. Edge was re-launched this month, having been completely re-structured on Google’s open-source Chromium source-code.

Possibly the most frustrating thing for Microsoft is that there’s actually little wrong with Edge – at least as far as most users will recognise. But, beyond the snazzy new logo, is 2020’s new Edge worth your attention?

 

edge on different devices

Some of Edge feels painfully similar – upon downloading, you’ll be immediately (and repeatedly) prompted to import favourites from your other browser (just in case your current browser is an organised place you inexplicably wanted to move away from to win a bet/to fulfil an ancient prophecy/because you work for Microsoft.)

However, Microsoft has clearly learnt some lessons – the choice of layouts (‘Focused’, ‘Inspirational’ or ‘Informational’) are worth investigating to dodge the msn.com-style assault on the senses, and make Edge feel more like a clean, distraction-free tool for daily use. The toolbar design also feels much closer to rivals like Chrome and Firefox: simple and easy to use.

Edge is quick too – performing well in tests and supposedly ‘optimised for Windows 10.’ Although hard to verify in true laboratory conditions, it’s easy to picture Edge delivering Office 365, Outlook.com and other Microsoft web-based services in an efficient manner, and it feels smooth.  More importantly, by adopting Chromium, Microsoft have banished one of 2015 Edge’s demons: the lack of available app extensions that eventually finished Windows phone.

‘Immersive Reader’ Mode (similar to that in Office 365) can now be activated from the address bar and strips out on-page distractions, adverts and on-screen formatting for enabled web-pages. This is a simply brilliant and calming addition for reading through articles, and is sure to win plaudits from those concerned about accessibility.

edge immersive reader

Microsoft also appear to have given a little extra attention to business users – perhaps aware that although Google Chrome dominates Android’s mobile world, workplace computing remains a key area where people still use conventional Windows 10 devices in overwhelming numbers. Sharing preferences between devices is a repeated boast by rival browsers like Safari and Firefox, but Edge can now do this too.

Edge uses Bing search by default, but once signed into your Microsoft account can do some clever extras, such as amend your search results to define acronyms according to your organisation or industry. ‘Inking’ abilities that exist in Office 365 (eg: for taking notes in OneNote) are also extended to Edge for overwriting PDFs in-browser – allowing some simple tasks like signing a contract or filling in a form in legible handwriting.

edge browser

If your system admin tinkers with Group Policy, it’s possible to turn on an ‘Internet Explorer Mode’ that renders legacy web-pages more accurately, without the pesky security holes that plagued Internet Explorer installations years beyond their supported date.

Sharing a code-base with Chromium allows Edge to borrow some of Chrome’s best media features – including screen-casting to Chromecast devices on display screens and similar. Edge is also allegedly the only browser on Windows 10 to support 4k Netflix – the kind of popular feature it’s hard to imagine Internet Explorer’s developers ever even considering.

In market share terms, Edge languishes with Firefox around 10%, hugely outgunned by the behemoth of Google Chrome at around 70% of all internet usage globally. Will that change? The next few months may reveal whether Edge can establish itself as something with more appeal.

Microsoft Edge (2020) stable-version is now available for PC, macOS, Android and iOS online here.

 

For IT Support and technical expertise, please contact Lineal’s IT Support Team today.


Lineal Wins Tech SW Award

Lineal Software Solutions Ltd recently won a Tech SW award at the 2019 Tech South West Awards.

Held at the Exeter Mercure Rougemont Hotel, the Tech South West Awards recognise technology excellence across the wider South West region of Bath, Bristol, Cornwall and the Isles of Scilly, Devon, Dorset, Gloucestershire, Somerset and Wiltshire. Awards celebrate talent, creativity, business success, education, leadership, diversity and more.

Each ‘Cluster’ Award celebrates fantastic organisations and technical initiatives across different parts of the South West. This could be a company achieving fantastic growth, an organisation or partnership delivering a big positive difference to their community, a learning initiative, innovative programmes, novel ways of encouraging and celebrating tech heroes, diversity, best practice or local tech successes.

This year Lineal won North Devon’s Cluster Award, and also narrowly missed out on winning ‘Tech Company of the Year (Revenue under £5m)’.

Managing Director Mike Matthews and Naomi Williams (Business Development) were proud to collect our Tech SW award, and our glass trophy now enjoys pride of place in our office!

“We were honoured to be the recipient of one of the first Tech SW awards” explained Mike: “It’s a real endorsement of our team’s hard work and our commitment to delivering brilliant technology solutions for businesses and organisations across the South West.”

Lineal will continue to grow and develop – we look forward to next year’s Tech SW awards, which you can learn more about here: https://www.techsouthwestawards.co.uk/


Google Apologises for Chrome Experiment Gone Wrong

Thousands of devices were left with broken browsers this week, after a Google Chrome experiment rolled out a hidden change to the world’s most-used browser.

Launched exclusively on ‘stable’ versions, the update left IT admins around the world puzzled at blank tabs that refused to load.

The test initiated a new WebContents Occlusion feature, designed to reduce Chrome’s device resource use for tabs while not currently being viewed – no doubt part of Google’s effort to address Chrome’s reputation for heavy resource usage and the ever-increasing pattern of users deploying more and more tabs during the shift to cloud services.

Online forums were suddenly filled with complaints from system admins fielding complaints from users and businesses all over the world – including US wholesaling giant Costco, who claimed their entire call centre environment was unavailable.

Larger organisations typically use device control to specify applications such as which browser an employer uses – which left System Admins at large enterprise businesses unable to simply direct users to an alternative browser, and furious that Google can roll-out unexpected changes to the platform.

 

Google has now issued an apology:

“After the rollout, we received reports that in some virtual environments, Chrome on Windows displays a blank page, which may be because Chrome mistakenly believes it’s covered by another window. As soon as we confirmed the reports, the feature was disabled.

“If Chrome on Windows is displaying blank pages, restart Chrome. On the next start, this feature will be disabled.

We also want to provide an explanation of how this change was rolled out. For some features, Chrome uses a gradual rollout process that happens more slowly than the main rollout. This allows us to quickly revert a change if we discover a bug that wasn’t uncovered in prior testing.

Once we received reports of the problem, we were able to revert it immediately. We sincerely apologize for the disruption this caused.”

 

For IT Support and expertise, contact Lineal today.


Crowdfunding Launched to Pay Eagles’ Roaming Bill

An online crowdfunding campaign has been launched to pay the mobile roaming bill of migrating eagles being tracked the Russian Wild Animal Rehabilitation Team at the Siberian Environmental Centre.

The thirteen tagged Steppe Eagles, being tracked via bi-hourly SMS messages containing GPS coordinates, ran up a hefty data roaming bill after migrating across countries as far afield as Egypt, Georgia and India.

One eagle, named ‘Min’ by researchers, unexpectedly flew from Kazakhstan via Iran, initially losing signal but then sending a backlog of messages at high rates, before crossing into Saudi Arabia and reaching as far South as the Yemen.

At a cost of 7,000 roubles (£85 per day), Min quickly used up the programme’s entire budget for tracking all 13 Eagles, forcing the Russian team of environmentalists to turn to social media for financial support.

Considered endangered by the IUCN, the Steppe Eagle once commonly reached as far afield the Ukraine, but researchers were unprepared for expensive data charges across the Middle East, which can be three-times higher than those in the Russian Federation.

The centre’s crowdfunding campaign has raised more than 250,000 roubles (roughly £3,000), although Russian telecoms provider MegaFon has since agreed to write-off the wayward Eagles’ data roaming bill debt as a gesture of goodwill.

Modern business mobile packages offer in-built policies to support data roaming limits across multiple countries worldwide, and to allow data ‘pooling’ across an entire organisation to offer some protection against any one individual breaking their data limit. Even if you migrate South for the Winter.

 

For Business Mobile expertise, please contact our team today.


How secure is your password?

How secure is your password?… One of the biggest reasons for security breaches is weak passwords.  People often choose passwords that are too short.  Regardless of how tedious it seems, make it a point to update your passwords regularly; use upper and lower case letters along with symbols and numbers.

The key measurement of password security is entropy. This, in computer science terms, is a measurement of how unpredictable a password is, based on how long it would take an attacker to work it out by making a guess at each character.  As a standard, longer passwords are by definition more secure and harder to crack.  In the table below you can see how shorter/easier passwords, are quicker to crack.

Password strength

What should a password look like

Strong, secure passwords have a lot in common; they are usually long, unique, random and involve a mixture of lowercase and uppercase letters as well as special characters and numbers.  Trying to create passwords that comprised of all of these aspects, can sometimes be challenging.

Most insecure passwords are the result of our human behaviour. People do a lot of very predictable things and in general find it difficult to be random, especially when they are actively trying to be.  For instance putting special characters only at the beginning or end rather than mixing them up in the middle, or using common phrases and keyboard patterns.  So that we can remember we often try to use memorable pieces of information but we should always, where possible, avoid clues and references to our personal lives.

Where can I go for advice

There are many articles online to help assist with what a strong password looks like.  At a recent event Lineal ran with the South West Police Regional Cyber Crime Unit, which focused on cyber security, password strength was highlighted as a high risk for many businesses and individuals.

To find out more, or if you require any help with ways to help protect your business, please contact the IT support team at Lineal.


Lineal Hosts SW Police Cybersecurity Workshop

Local businesses recently gathered at Barnstaple Library for a special cybersecurity workshop organised by the South West Police Regional Cyber Crime Unit and Lineal Software Solutions Ltd.

Thirty participants from firms across the South West took part in a series of lego-based group exercises highlighting key concepts in cybersecurity, as they sought to protect a fictional utilities company from attack by common real-world cyber crime.

The winning team defended their company by spending their budget on the correct countermeasures at each stage of the exercise, and strategically limiting the damage from any breaches in security.

The South West Regional Organised Crime Unit (SW ROCU) is one of nine regional units across England and Wales that delivers specialist capabilities to target and disrupt serious and organised crime. Designed to raise awareness of coordinated digital threats, the cybersecurity workshop session is part of a new educational initiative being run by the Police right across the region.

Group exercises were followed by a short Q&A including advice for businesses on related topics including network best-practice, password policy, physical security, and the Government’s new Cyber Essentials certification.

Lineal’s Head of Technical Services, Matt Norris, explained: “We were to delighted to be able to organise the Cyber Crime Unit to run this very special workshop for local companies: we see cyber attacks becoming ever more sophisticated, and the SWRCCU takes a really positive and constructive approach to educating business owners about how to protect their organisations and employees.”

“Many businesses struggle to grapple with cybersecurity, but help and expertise is accessible.”

 

You can learn more about the South West Police Regional Cyber Crime Unit’s and their educational work across the South West online here.

For IT support and cybersecurity expertise, please contact Lineal today.


4 Ways Email Filtering Rescues Your Inbox

Email remains a, if not the, key threat vector for protecting organisations from cyber crime – with around 90% of cyber attacks beginning by compromising an unsuspecting user via email.

Today we take a closer look at some of the clever tricks of Barracuda’s email filtering & security service, and why the small investment to protect your inbox  is worth it:

 

Attachment Scanning

In addition to profiling every email which passes through its live email filtering service in seconds, Barracuda scans each email attachment for signs that the contents might be malicious.

As cyber criminals begin to use more sophisticated means, it’s worth implementing this to prevent macro-enabled office documents, infected PDFs and similar file download tricks from catching out users who might be curious to open a dangerous attachment.

 

Outbound

Barracuda email filtering scans not just incoming, but outgoing emails from your hosted mail service or mail server, ensuring not only that your clients are protected from suspect emails, but that staff cannot circulate threats further within your organisation.

Anybody familiar with being caught in a reply-all ’email storm’ knows how quickly bad email can spread internally – be part of the solution yourself, not the problem.

Email Spooling

In the event that your email service falters, clients quickly begin receiving bounce-backs, which leave a poor impression of customer service.

This is avoidable – routing via Barracuda’s email servers, emails will temporarily ‘spool’ like planes stacking over an airport, ensuring onward delivery later when the service comes back online. This ensures any unfortunate interruption to communications is not immediately visible to your clients.

 

Long Term Recovery

Hosting your email in the cloud with Microsoft Office 365? Everything is backed up in the cloud, correct? Not quite – even Office 365 has a 30-day recovery period on deleted email, and emails can ultimately only be restored individually.

This retention period can be longer, or even unlimited, with Barracuda email backups, making sure that emails can be recovered long after staff have deleted them, accidentally or otherwise.

This extra silo of automated email backup protects not just against employee negligence or malpractice, but also common digital breaches such as compromised accounts.

 

For cyber-security and IT expertise – please contact our team today.


macOS Catalina Released

Apple have released MacOS Catalina, 2019’s update to the Mac’s leading operating system.

Catalina introduces a number of new features, including ’Sidecar’ dual display, new media systems, Mac Catalyst for developers and Screen Time activity monitoring.

Although we say it every year, the endless march towards a unified Mac/iPad operating system feels another step closer: macOS Catalina introduces ‘Sidecar’ – which allows an iPad to be the secondary monitor for your MacBook. In addition to being a smart productivity trick for those needing extra screen space, the iPad is able to perform new functions such as an extra high-resolution display for those with impaired vision.

MacOS Catalyst, released in the latest version, also makes it easier for app developers to publish their apps across both MacOS and iPadOS operating systems, with the implication being that Apple see the devices as very much part of the same software universe.

Apple have shuffled their media services options around this year – replacing iTunes with new services named Apple Music, Apple Podcasts and Apple TV. In addition, the new Apple Arcade gaming subscription service has been launched, with a fixed-subscription service for an unlimited package of games.

Screen Time introduces activity monitoring, with either productivity or parental control clearly in Apple’s sights. Downtime allows users to share time away from the screen, categories or individual apps, and includes shared visibility across multiple apple devices.

As always, it’s worth waiting a short time for others to discover any early release-bugs in the new operating system update, before updating promptly.

 

For Apple device expertise and IT Support, please contact our team today.


Free Charity Microsoft 365 for Nonprofits

Microsoft are offering an initial ten free Charity Microsoft 365 licenses for Nonprofit organisations.

Microsoft 365 allows users across an organisation to work more flexibly, collaborate on shared work and maintain an ‘always-up-to-date’ software base across a charitable organisation.

The flagship ‘Microsoft 365 Business’ cloud IT bundle, which normally retails at £15.10+VAT per user per month (Or £3.80+VAT per month for NonProfits) includes everyone’s favourite Microsoft Office 365 apps such as Word, Excel, Powerpoint, Outlook and more. 50GB of Exchange Online email hosting per user is also included as standard, with 1TB of cloud OneDrive storage, and Windows 10 Pro licensing for each user’s device, packaged with a host of organisational security features.

Lineal’s Head of Technical Services Matt Norris explained: “This is a super offer which we’re expecting to do some real good in the Charitable sector especially – and hopefully nonprofits will snap up their free Charity Microsoft 365 licensing while it’s available. Office 365 makes flexible working and collaborative projects much easier, advantages that we know are a key concern for many in the voluntary sector.”

Interested in this offer for your organisation? Please click here.

 

Lineal are a trusted Microsoft Gold Partner, click here to learn more about Microsoft Office 365 cloud working.


Lineal Shortlisted for Tech Company of the Year

Lineal Software Solutions Ltd. have been shortlisted for Tech Company of the Year (Revenue under £5m category) in the Tech South West Awards 2019.

The Tech SW Awards recognise the work of the region’s best technology firms, from Bristol to Land’s End and beyond, in making the Westcountry the home of a vibrant, skilled and thriving tech sector.

Mike Matthews, Lineal’s Managing Director explained: “We’re delighted to be shortlisted for the Tech South West awards – it’s a real recognition of our team’s hard work, creativity and dedication to be ranked among the best in the region.”

“2018-19 has been really quite something for Lineal. We’ve opened new premises, taken on bigger projects than ever before, expanded our product offering to new areas, and signed a diverse range of new clients.”

“It’s fantastic to make it through to the final round of this prestigious award.”

Tech South West exists to champion excellence among tech companies, and make the South West a hub for technology and innovation.

The awards will be presented in a special ceremony at Exeter Castle on Wednesday 27th November – a full shortlist of nominees and categories has been published on Tech South West’s website, here.

 

awards


Record satisfaction in Lineal Client Survey 2019

Every year we ask you, our valued clients, to give us feedback on how Lineal has been doing recently, and how we might be able improve.

This year, Lineal posted some of our best customer satisfaction results to date: our client survey 2019 posted a stunning 92% of you rating our overall customer service either ‘Great’ or ‘Good’ – a record high, and a similar 92% felt we met out mission statement as a company, a further small increase on 2018.

We’ve worked hard to develop team structures and training programmes in the past year, with some promising results. You rated the extent to which we understood your technical queries strongly – 95% of you believing our support teams understand your queries either ‘Extremely Well’ or ‘Very Well.’

client feedback 2019

Our speed of response also continues to develop. More than a third believe Lineal acts ‘Quicker’ or ‘Much Quicker’ on IT support tickets than expected, with just 3% of respondents believing we responded slower than expected. This is our best responsiveness score in five years.

The trend towards a more diverse range of IT services was shown again in client survey 2019: more than 15% of you now recognise Lineal’s ability to deliver specialist consultancy, networking & cybersecurity expertise, and more than 55% recognise us as a provider of managed cloud IT services.

We’re not perfect: among the constructive suggestions raised this year were that we perform routine website security updates out-of-hours to maximise availability, and that we help to provide more training material for newer products.

Your feedback help us highlight potential areas of improvement for our staff, and define our focus for the coming year. Among our favourite comments from this year were:

  • “Keep up the great work guys! Exciting times ahead…”
  • “I have had a pretty good service. Your staff are always polite and do not get too technical with me.”
  • “It is great to see a friendly face at our front door – you just know that your problem will be solved.”
  • “I’ve been very impressed with the level of service I have received from Lineal over the last 2.5 years at [Client] and would have no hesitation in recommending you guys”

iPhone 11 Refocuses on Photography

Apple have made headlines this week with the release of new iPhone 11 models at their annual Autumn hardware release event.

New models include the mid-range iPhone 11 ($699), and flagship iPhone 11 ‘Pro’ ($999) and ‘Pro Max’ (6.5” larger form factor) options.

The latest design has divided opinion – with the irregular hole design of the extremely powerful triple-camera on the iPhone 11 Pro and Pro Max models in particular unsettling those with trypophobia.

On paper however, some truly impressive camera features have been included as a result: including wide-angle and night-mode photography that is finely optimised for low light levels, as well as 4K and even 120fps slow-motion video recording.

Apple have heavily doubled-down on photography and videography for the selfie-generation this year. The cluster of three telephoto lenses even theoretically allow the user to shoot different shots simultaneously from the same iPhone, although it’s hard to imagine anyone but the keenest of photography nerds making use of such a feature.

 

iphone 11

At $50, the standard dual-camera iPhone 11 more affordable than last year’s iPhone XR, and there’s a hint that Apple are calibrating for the sweet-spot of what consumers will accept at a time when Apple’s critical new hardware sales are actually declining. However, as numerous publications have noticed, the lower value of the pound is likely to make the current generation of iPhones still feel more expensive for UK customers.

Other headlines are as expected: Apple have extended battery life once again, offered a new range of colours, the ‘toughest glass ever‘ and stated a revised focus on device privacy, one of the remaining key strengths of Apple devices over Google Android rivals.

In a throwaway line, it was also confirmed that iPhone 11 will be ready for Wi-Fi 6, but not 5G – a subtle suggestion perhaps that Apple believes 5G may be an innovation still slightly over-hyped by the tech industry. Perish the thought.


iPhone 11 Set to Launch

Apple have officially announced their expected launch event for the iPhone 11, for Tuesday 10th September 2019.

The invite, issued ‘By Innovation Only’ doesn’t give much away about what we can expect to see, although Apple devotees have noted the similarity between the glassy colouring of the teased Apple logo and the original Apple Emac’s famous colourful style from the early 2000s.

Rumours circulating online suggest Apple may be planning multiple iPhone 11 models – with square multi-lens camera clusters and glassy coloured casings, photos of the materials or which were leaked online in May.

Remaining releases are likely to be mainly iterative, including iOS 13 for iPhone, iPadOS and even WatchOS 6. MacOS 10.15 Catalina is also expected to be a key part of Apple’s showcase.

The tech giant is likely to see the iPhone 11 announcement as a chance to help reverse hardware sales trends – which Apple now curiously no longer publishes in full, asserting that devices sold is ‘less relevant today than it was in the past’ a likely marker of the iPhone market slowing down as consumers hang on to their devices for a longer replacement cycle.

Apple is also expected to launch it’s own gaming service, dubbed Apple Arcade, as an online subscription service akin to an iTunes for gaming – just one example of how the company is increasingly re-focusing its efforts on premium service offerings, rather than luxury hardware.

 

For Apple hardware, expertise, accessories and support – please contact our team today.


Are passwords doomed?

Reports of the death of the password may have been greatly exaggerated in the media: from the suggestion that passwords are the ‘weakest link’ in the cybersecurity chain, to the notion that humans are so bad at using them, that it’s time the technology industry saved us from ourselves.

But is it true; are passwords doomed? Enter the FIDO2 Project – a fascinating effort to ‘Move the World Beyond Passwords’ led by the FIDO Alliance industry association and World Wide Web Consortium.

Headlines aside, FIDO2’s aims are ambitious: to replace passwords with a flexible device-based authentication standard that allows users to log in via biometrics or temporary security keys.

Unique to each website, not stored centrally and not transmitted, FIDO2 argue this standard naturally scuppers phishing, password theft and replay attacks – and introduces some privacy advantages sure to woo even ardent digital rights activists: such as the inability to track users between sites.

While still technically possible, cheating biometrics requires the kind of preparation not common to everyday opportunistic cyber-criminals.

The big players are taking note: Google plans to ‘begin’ retiring passwords for Google services accessed via biometric enabled smartphones (such as those with fingerprint scanners) and Microsoft is planning similar changes to apps in Windows 10; even talking of a ‘passwordless world‘ via Windows Hello that extends facial recognition. Apple have been publicly heading down this road for a while now – with ‘FaceID’ facial recognition introduced for recent generations of iPhone and iPad, as well as Apple Watch device-led unlocking for your Mac.

Apple’s efforts to prove that the iPhone stores only a ‘mathematical representation’ of the user’s face also suggests that they’re preparing to defend a policy of extending FaceID further at the expense of passwords, even in an increasingly privacy-conscious World.

Users may of course find the a world without passwords a little disorientating to begin with – although not forever, if the replacement technology proves more convenient.

Password keeper apps (such as the excellent 1Password) have become an interesting half-way house to a more secure password future – where the password manager retains a set of passwords behind a strong keycode, in an encrypted form. The password manager may also perform other useful functions, such as warning the user where passwords overlap, allocating different password access permissions to different people within a business or organisation, or auto-filling in common web browsers.

The adoption of password managers may reflect a coming time where users continue to ‘use’ passwords, but without engaging in the process of recalling or typing the password. It may not be passwords that are doomed, but the user’s traditional interaction with passwords.

Are passwords doomed? A few potential futures emerge: one where passwords exist but are used less directly by users, where passwords are relegated to a secondary security measure of questionable usefulness, or most radically, where passwords are replaced entirely.

 

For cybersecurity and IT expertise, please contact our team today.


5 Cool Tricks for Microsoft Teams

Office 365’s Microsoft Teams has grown and grown to become far more than a simple work chat or video conferencing app.

As new features are added to the collaboration suite all the time, you could easily miss the best of the new updates – so we’ve collated some of the most interesting cool tricks for Teams:

 

Blur background

Homeworking? Taking an important video call with a less than formal background? Unless you want to end up in a viral video clip like BBC commentator Professor Robert Kelly, Teams has got you covered with simple controls to mask your immediate surroundings from a video call.

With a simple toggle, Microsoft Teams will detect your face in the foreground and blur the remainder of the screen, to spare everyone the embarrassment of your favourite coffee shop or messy home office.

Teams background blur

 

Screenshare to Mobile

Teams has had the ability to optionally share your screen with other attendees in the same meeting for some time, choosing to show either the whole Windows desktop or restricted to a single window (such as a presentation.)

However, Microsoft have also recently added this feature for iOS/Android, allowing attendees to enjoy the full Teams experience on the move.

Teams Screen Share Android

Viewing a desktop on a mobile can be an eyesight challenge, although it’s especially handy to be able to view a shared Powerpoint presentation in Private mode – and skip back through slides without interrupting everyone else’s flow.

 

Join by proximity

Join by proximity allows Teams to detect meeting that’s physically located nearby. This seems like a peculiar idea to begin with, but is actually designed for more open ‘meeting’ situations – such as conference venues or hotdesking environments: making individuals’ screen space as collaborative as the room itself, or extending a spontaneous group meeting into a virtual one.

Teams Join by Proximity

Teams will prompt within the meeting room lobby if any existing rooms are available nearby via Bluetooth, allowing the user to apply to join the meeting with audio muted, and without an original Teams invite. The meeting room organiser must accept via a Meeting Room control unit for security reasons, to ensure only welcome attendees join the meeting room.

Proximity join is available from May 2019, including on mobile versions of Teams.

 

Integrate Interactive Tabs

One of the best untapped features of teams is the ability to add custom tabs (click ‘+’) into each chat channel which allows for the creation of something entirely custom.

Among our favourites are embedded maps, OneNote notebooks, diary, Sharepoint files, and Microsoft Power BI’s impressive data visualisations.

Of course, Channel admins can also add from a category simply marked ‘website’ – via which any responsive web service with a valid SSL certificate can be deployed neatly through teams for the look-and-feel of a more integrated desktop.

Teams Add Tabs

 

Get Notified of Availability

Status indicators mean its easy to tell if a contact is unavailable to chat, but right-clicking on a contact now offers a handy ‘Notify When Available’ option which performs the basic requirement of call back – allowing Teams to prompt you of contact availability the best time.

Teams Notify Me

Microsoft Teams is available with Microsoft Office 365 Business Essentials licensing and above.

 

Lineal are a Gold Microsoft Partner – for Microsoft Office 365 support, licensing and expertise, please contact our team today.


Huawei Announces Harmony OS to rival Android

Chinese technology giant Huawei have announced the development of Harmony OS, a smartphone operating system designed to replace its reliance on Google’s Android platform.

The news, which was announced at the 2019 Huawei Developer Conference, is the latest twist in a series of events which saw Google’s official suspension of Huawei’s Android license in May 2019, in response to a security warning from the US Government.

Much like its rivals, Harmony OS is designed to run across a wide range of devices beyond smartphones, including tablets, wearables and smart screens. Built from scratch, Huawei also claims developers will be able to develop and deploy new apps across multiple device-types and screen sizes much more easily.

Huawei’s focus on developers may seem a little niche, but may be shrewder than first thought – in light of the difficulty Microsoft experienced seeking to establish Windows Mobile as a rival to Android and iOS, and the declining spiral of app availability, hardware sales and popularity.

Harmony OS may be at an early stage (concept images were noticeably absent from Huawei’s media release) although the move may signal a realignment of the smartphone world into the 2020s – with three operating systems: Apple’s iOS, Google’s Android, and Huawei’s Harmony going head to head.

 

For Business Mobile expertise and support, please contact our team today.


Lineal Business Mobile Launches at North Devon Show 2019

Lineal have launched Lineal Business Mobile at the 2019 North Devon Show.

The annual North Devon Show, for which Lineal is a proud Sponsor, receives around 20,000 visitors each year. In addition to all the agricultural, culinary, craft, entertainment and community highlights of North Devon, visitors to the show might also have spotted Moby, Lineal’s Business Mobile Mascot.

Mike Matthews, Lineal’s Managing Director explained: “We’ve provided fixed-line business telecoms for a wide variety of local firms, but increasingly customers have asked us to deliver business mobile services too. We felt that the time was right, and we’re delighted to be able to add this to our extensive range of IT, software and communications services.”

“With attractive packages for unlimited business mobile voice minutes, unlimited SMS and Data bundles, – and even UK network-hopping SIM technology – we’re certain Lineal Business Mobile will be a popular option for businesses across the South West.”

powerbi scoreboard

Visitors to the show also undertook our retro Space-Invaders Challenge for the second year running, with a live Microsoft PowerBI ‘Highscore’ dashboard visualising the best arcade skills on display at the show! Congratulations to Martin P. from Barnstaple, who achieved the best highscore (1390) of this year’s challenge.

Despite uncertain weather at first, North Devon Show 2019 was a great success – see you next year!

 

For Devon IT Support and expertise – contact our team today!


Zoom in hot water over Mac webcam exploit

Apple have issued a silent update for video conferencing software Zoom, following discovery of a major webcam security vulnerability affecting Mac users.

Zoom issued an emergency patch for the problem two days ago – in a rapid response Apple was still concerned might not reach enough users.

The controversial web server installation – originally designed to save Mac-based Safari web browser users from additional clicks and make video conferencing easier to use, was shown to create a potentially serious vulnerability whereby Zoom calls could be launched from any website with the camera turned on.

In bizarre scenes, technology journalists researching the problem were even paired up in video conferences with other unknown individuals doing the same.

Believed to put at risk more than 4 million webcams globally, the zero-day exploit was discovered by security researcher Jonathan Leitschuh – who originally gave Zoom 90-days to resolve the issue prior to publication.

zoom tweet

Leitschuh has since praised Zoom’s willingness to do a public ‘about face’ with the emergency patch, and Zoom’s CEO taking direct video calls to discuss the problem.

Nevertheless, Apple’s decision to step in to protect Mac users remains an embarrassment for the previously very successful video conferencing solution.

Additional problems include Mac versions of video conferencing software which use Zoom’s underlying services for white-labeled video calling – such as Ringcentral.

Instead of patching the problem, Zoom’s permission to turn on the webcam can also be disabled manually, via Settings > Video > ‘Turn Off My Video When Joining a Meeting.’

 

For software expertise and support, please contact Lineal today.


The power of mac taken further with macOS Catalina

Due out this Autumn (2019) is macOS Catalina – Apple’s latest new operating system for the Mac range.

MacOS Catalina is currently in Beta, so it’s unclear exactly how the final update will look. However it appears once again that Apple are increasingly blurring the boundary between Mac and iPad, as well as doubling-down on a rich media experience:

…MacOS Catalina gives you more of everything you love about Mac. Experience music, TV and podcasts in three all-new Mac apps. Enjoy your favourite iPad apps now on your Mac. Extend your workspace and expand your creativity with iPad and Apple Pencil.  Discover smart new features in the apps you use every day.  You can now take everything you do above and beyond.  With macOS Catalina, the apps you love are now more beautiful and intelligent making your everyday tasks easier than ever.”

Apple’s decision to replace iTunes also receives its own sales pitch as part of the new operating system’s roll-out:

… iTunes forever changed the way people experienced music, films, TV programmes and podcasts. It all changes again with three all-new, dedicated apps — Music, Apple TV and Apple Podcasts — each designed from the ground up to be the best way to enjoy entertainment on your Mac. And rest assured: everything you had in your iTunes library is still accessible in each app. iCloud seamlessly syncs everything across your devices — or you can back up, restore and sync by connecting the device directly to your Mac.”

In addition, some of macOS Mojave’s ‘focus’ tools are being extended, in the hope of making your Mac use more productive – in addition to advanced voice control.

… macOS Catalina brings all your favourite Screen Time features to Mac, giving you greater insight into how you’re spending your time. Monitor usage, schedule downtime, and set limits for both apps and websites across all your devices. Enhanced security features better protect macOS against tampering, helping to ensure that the apps you use are safe, giving you greater control over access to your data, and it’s even easier to find your Mac if it’s lost or stolen.”

Apple is expected to release macOS Catalina free of charge to all users, and is currently in a testing phase. We do not recommend Apple users seek to move to Catalina just yet, as final version bugs may still be identified during the public beta.

 

For Apple hardware, expertise and support, contact Lineal today


First Look: New Polycom VVX450

Communications giant Poly (nee ‘Polycom’) have launched their new VVX450 series phone handsets – and our team at Lineal have taken it for a test drive.

On first impression, the new handset is exceptionally eye-catching – the square design certainly feels modern and cutting-edge, if a little serious. All the controls will feel very familiar to users of the very successful VVX410 and VVX411 handsets, but the phone’s 4.3″ full colour screen is the most dramatic improvement – with a wider display and higher definition that appear much sharper.

Much like the VVX411, the menus and buttons are simple and intuitive – continuing the same focus on ease-of-use that has seen Poly sell VVX phones in the hundreds of thousands across the UK, into a very diverse array of business sectors.

We were particularly impressed by the speakerphone. Polycom have cranked the in-built speaker up to eleven, and the Polycom VVX450 could easily be used as a capable conference phone for a typical meeting room.

polycom vvx450

Someone may have been slightly over-ambitious with the phone’s size: desks may include less paper these days, but the handset feels large and space might be an issue in more traditional working environments. As before, the VVX450 supports single-cable (‘POE’) network and power, PC pass-through, headsets and more, but is noticeably larger than the VVX411 predecessor, itself a substantial handset. Overall, the impression is that the new model may look more naturally at-home on the desk of an executive, rather than an occasional phone user.

For power users, the new handset also boast some new extras, including two USB ports for media and/or storage applications. VVX450 handsets will be available to Lineal cloud-hosted business phone system customers from July 2019.

 

For Communications and connectivity expertise and support, please contact Lineal today.

 


GandCrab ransomware defeated by Bitdefender decryption

Bitdefender have released a free decryption tool rescuing those affected by recent versions of GandCrab ransomware.

The free tool enables stricken users to recover data encrypted by various versions of GandCrab without paying a ransom to cybercriminals.

In a joint announcement with Europol, Romanian Police and other law-enforcement agencies, the cybersecurity provider detailed how a team of experts were recently able to gain access to the GandCrab control server, and access decryption keys for the ransomware that would allow safe recovery of data.

Blackhat developers behind GandCrab have claimed to have exploited more than $2 billion in ransom payments worldwide, and appeared to have enjoyed mocking the cybersecurity industry’s attempts to bring them to justice.

GandCrab became the latest nasty ransomware threat in January 2018 – following a disturbing trend of businesses and organisations worldwide struck by malicious encryption software.

Bitdefender’s previous attempts to quash the ransomware resulted in new versions being released by cyber criminals, but the latest recovery of private keys resulted in GandCrab’s developers announcing their ‘retirement’ – allegedly having exploited more than $150m in personal profit over five major versions of the ransomware.

Bitdefender’s recovery tool and instructions for use is available for download from the Bitdefender Labs here. In order to use the tool successfully, affected users must have a working internet connection and at least one copy of the ‘ransom note’ file present on the affected device.

 

For cybersecurity expertise and support, contact our team today.


Lineal raises £500 for Pitch-in-a-Pound 2019

Staff and volunteers from Lineal Software Solutions Ltd. and TM Fitness have raised £500 for North Devon Hospice’s Pitch-in-a-Pound day.

The annual Pitch-in-a-Pound Day, supported by businesses and fundraisers across North Devon, raises funds for the vital work of the former Charity of the Year, which cares for more than 3,000 people affected by life-limiting illnesses each year.

With help from TM Fitness gym in Barnstaple, Lineal staff ran, walked and rowed a total of 100 miles in relay, and raffled-off healthy fruit basket prizes to raise funds.

Lineal’s Managing Director Mike Matthews thanked all those who donated, volunteered or helped:

“This important charity has cared for somebody from so many local families, across more than 800 square miles. The organisation and its staff rightly hold a special place in the heart of the local community for its good work.”

“That’s why, for the second year running, we decided to match whatever Lineal staff raised on the day, bringing the total tom £500. Well done team!”

Thank you to everyone who volunteered, donated or helped with pitch-in-a-pound this year! You can still sponsor our appeal via our JustGiving by clicking here or learn more about North Devon Hospice by clicking here.


Samsung unveils folding smartphone

Samsung have unveiled Galaxy Fold – a folding smartphone with a large (7.3” 2152×1536) internal display.

Designing a folding phone presents challenges, not least how close to exact the fold can run without breaking the internal display.

The benefits? A larger screen inside looks a smart choice for certain app formats – such as Google Maps, or split-screen use between apps. Samsung have cleverly ensured the display switches as the hinge is opened, seamlessly connecting the ‘outside’ display to the ‘inside’ without a delay that might interrupt use of the phone.

But there are some quirks too – the impressive internal screen is 6% less bright than the external, and drains the battery significant faster than the external 4.58 inch display that acts as the more traditional phone keypad.

The South Korean electronics conglomerate is not the first to trial a folding smartphone, nor even the first to announce – with Chinese rivals Huawei and Xiaomi both previewing rival models with different folding styles.

The Galaxy Fold will cost a wallet-emptying $2000 – but does at least demonstrate a level of innovation that has been sorely lacking in the smartphone market in recent years. Studies suggest gadget-lovers are increasingly holding on to their devices for longer, with risk-averse manufacturers adding only incremental changes.

Folding smartphones have disrupted the market before, so perhaps if the design can be perfected, there may be new use cases that soon demand folding technology.

 

For IT support and expertise, contact Lineal today.


Zero-Day Patch Released for Adobe Reader DC

Adobe have released an urgent update for Adobe Reader DC, patching newly discovered security vulnerabilities.

The highly popular PDF app, often pre-installed on Windows PCs, has been shown to contain a loophole that allows an attacker to remotely run Javascript code within an opened PDF to cause memory corruption.

Currently rated ‘Critical’ by Adobe’s Severity Rating System, the bug is believed to have originated from entirely legitimate functionality: Adobe Reader allows PDFs to contain embedded JavaScript to support interactions with the web.

Adobe have responded quickly – publishing the fix to Adobe Security Bulletin alongside patching for 42 other vulnerabilities as of Wednesday 12th February, including one which allowed PDF documents to access hashed passwords.

Adobe Reader is officially 25 years old this year, and although official figures are hard to source, is popularly believed to dominate more than 75% of the PDF software market.

Users can either auto-update their installation or prompt this manually by clicking ‘Help’ > ‘Check for Updates’ within the software itself.

 

For software and security expertise, contact Lineal today.


Phishing emails – how to teach others to avoid being hooked

Phishing emails that attempt to steal sensitive information or defraud funds are a growing threat to small businesses – and the root cause of roughly 90% of business cyber attacks.

Educating your staff to be wary of clicking on a suspicious email is arguably one of the simplest and most effective cyber-security practices for small businesses. But how should you approach this?

 

Nobody is Immune

There’s no telling when or where a phishing email will arrive at your business, and any single compromised computer might be a cyber-criminals ‘way-in’ to the company – so a good place to start is the idea that it is everyone’s responsibility to watch out for suspicious emails.

Phishing email traffic is estimated to have increased by around 65% last year, and approximately 30% of those phishing emails get opened by IT users.

You’re the CEO of a global multi-national conglomerate? Then you’re MORE, not less likely to be targeted. Such ’Spear Phishing’ attacks are often highly specific to key individuals, aiming squarely at users with privileged information, responsibility over finances or higher levels of access.

Email awareness applies to anyone and everyone with access to email, so training efforts to make your company secure need to apply up and down the hierarchy.

 

Use Examples

Getting hands-on with real examples of phishing emails is the single best way to immunise your team against being caught out. Cybersecurity companies increasingly recognise the ‘human’ factor as the most critical ’threat vector’ – put simply, there’s (ultimately) no substitute for human intuition about what might be suspicious.

Show your team key warning signs to look out for – suspicious email addresses in the email header, bad grammar, or links to dodgy URLs that display when you hover your mouse pointer over them.Fortunately ‘Fake bank’ or ’Nigerian Oil Minister’ type scams have become quite notorious over the last decade, so even the least tech-savvy user will soon catch on to the idea that if an email seems odd, it’s worth checking before clicking or typing-in any sensitive details.

Lineal have published examples of some particularly dangerous phishing emails we’ve encountered, here.

 

Defeatism is Expensive

Studies suggest many IT users increasingly feel that cyber-security breaches are inevitable, and that there’s ‘nothing they can do.’ This security ‘fatigue’ is partly the fault of cybersecurity providers, who have bombarded companies with this idea.

Avoid this mindset. Yes, 76% of companies reported being the victim of a phishing attack in 2017, but 24% did not. Those exemplary organisations will (at least partly) be making their own luck with good working practices, cybersecurity training for users, and strong IT security.

Defeatism also ignores that not all cybersecurity breaches are created equal – a breach could result in a negligible cost to recover a single PC, or cripple a major organisation worldwide, as NotPetya ransomware did to Maersk Shipping in 2017. Under GDPR, the scale of the fines issued by the Information Commissioner’s Office are directly related to the severity of the breach.

The lesson is clear: limiting your organisation’s exposure to attack also limits the potential ‘scale’ of the damage. Never surrender!

 

Do Your Part

It’s helpful to be able to show you’re also investing in your users’ safety at work – that you’re leading by example. Fortunately, there are many ways to reinforce end-user security when using email:

Cloud-based email hosting services (such as Microsoft Office 365) include multiple layers of spam filter as standard, which prevents the end-user ever coming into contact with a considerable volume of suspicious communication, and usually represents greater security than would be typical for your own on-site Exchange Server.

More secure antivirus providers (such as ESET) maintain their own lists of suspicious websites likely to be imitations used for phishing important credentials (such as bank details) and blocking these when encountered.

Email filtering services, such as the excellent Barracuda, are an inexpensive security bolt-on to work email that can dramatically cut down on each person’s day-to-day exposure to dodgy emails. Barracuda Phishline is also available as an automated training service – building a program of dummy phishing emails that can be used to raise awareness among your staff. Clever!

 

 


Whatsapp, Messenger and Instagram to Merge Messaging

Facebook has announced plans to merge WhatsApp, Messenger and Instagram’s messaging capabilities.

The social media technology giant plans for interoperable communication between each platform, although the development is stated to be the start of a “long process” and the apps will remain independent.

The consolidation may be good news for consumer-facing businesses, as dramatically more of the world’s smartphone chat users are centralised under a common standard for instant messaging.

WhatsApp released a Business version in 2018, suggesting that the chat software provider believes the public will increasingly seek to engage with businesses directly via such chat apps in preference to traditional methods such as email or phone call.

Whatsapp (over 1.5 billion active users globally), Facebook Messenger (1.3 billion) and Instagram (1 billion) will easily represent the largest collective chat application user base in the world, and the most popular across Europe, Africa, North America and South America.

The coagulated mass of (WhatsMessengerGram?) will also allow Facebook to better compete with Google’s unified Messenger App, and Apple’s iMessage platforms, as well as further challenge regionally strong chat applications with tertiary functions – such as payment transferring WeChat, preeminent among Chinese smartphone users.

Facebook’s project is set to be completed later during 2019.

For IT and communications expertise, contact Lineal today.


4 Brexit Considerations for your IT

With the Government publishing official Brexit guidance, we take a closer look at 4 items likely to be important for the technology of UK businesses:


 

  • .eu Domains

For UK businesses using .eu registered domains, it’s expected that these will not be available for purchase or renewal after April 2019.

Official Government guidance is for businesses to purchase .co.uk, .com and/or .uk versions of important domains, and re-direct traffic in case of a ’No Deal’. Such action is likely to be more challenging for domain-linked services such as email.

This is also a difficult prospect for the unprepared: .com domains alone outnumber their .eu counterparts almost 40-1, so UK businesses may find themselves in a race to grab vital digital real-estate. Web developers and marketing teams might also have built significant reputational presence for the .EU versions of their company websites, and won’t relish the prospect of having to start over.

 

  • Mobile Roaming

UK Mobile users abroad currently benefit from EU roaming regulations that limit mobile operators to a default data usage cost of €50, with alerts generated as the mobile user approaches the roaming limit.

Official Government guidance states that in the event of a Deal this limit would continue during the ‘implementation period’ so mobile workers abroad would temporarily be protected against high roaming costs after 1st April.

roaming after brexit

In the event of ’No Deal’ outcome, EU roaming regulations would no longer applies to UK mobile users abroad, and restrictions on how much European mobile operators could charge roaming UK mobile users would be removed.

The Government states UK networks will soon be bound by new UK laws upholding the same financial penalties for their roamers abroad – although these UK-based networks are ultimately responsible for whether roaming services are available via foreign networks. Mobile users working internationally need to be wary when consuming mobile data abroad after 1st April 2019.

 

  • Data Sharing

Whether UK businesses can access customers’ (or any) personal data from the EU will be determined by an ‘Adequacy Decision’ taken by the European Commission; deciding whether UK data protection rules are sufficiently close to those of the EU for data transfers to be permitted.

The UK formally adopted the EU’s ‘General Data Protection Regulation’ (GDPR) during 2018 and will retain this beyond April 2019, suggesting that a common framework for a company’s ‘Legal Basis’ to process personal data is likely. However, the EC have stated this decision will not be taken until the UK leaves the EU.

Government guidance suggests companies dealing with any personal data from the EU, or with operations abroad, proactively seek legal advice to ensure they continue to be legally watertight when transferring data internationally after 1st April.

 

  • Geo-Blocking

‘Geo-blocking’ certain customers online based on their location is currently not permitted, but this restriction will effectively be lifted after 1st April – for UK trading businesses.

This affects many online retailers: for example those who deliver goods ordered online, online services (such as streaming or cloud hosting) or take bookings for services at physical locations (such as ticketing.)

UK businesses trading to the EU will still be expected to uphold EU rules – for example offering the same service to both French or German customers.

However, the lifting of Geo-blocking restrictions effectively opens the door for UK-based online retailers to offer different services to different UK customers, or UK customers when compared to EU customers. Businesses are still advised to seek independent legal guidance for any variations to their service.

 

Businesses can access GOV.uk’s recommended Brexit guidance specific to their business sector here: https://www.gov.uk/prepare-business-uk-leaving-eu


773 Million Email Addresses Breached Online

Online Security breach website HaveIBeenPwned.com has detected the largest online breach of email addresses to date – nearly 773 million unique emails.

The 87GB of breached personal data, publicised by Microsoft Regional Director and cybersecurity expert Troy Hunt, was spotted last week via online file-hosting website MEGA under the ominous name “Collection #1”, and has now been removed.

The data itself, believed to be a terrifying aggregation of a large number of previous smaller data breaches, also contained more than 21 million identifiable plain-text passwords.

More than 140 million of the email addresses identified have never been seen before by HaveIBeenPwned.com, suggesting some of the personal data may originate from as yet undiscovered breaches.

Those affected by the breach are advised to change their passwords immediately, to prevent criminals potentially exploiting the data to access other online services where the user has registered with identical login credentials.

You can check if your email(s) (and potentially passwords) have been breached among the 773 million by clicking here.

For IT support and cybersecurity expertise, contact Lineal about your requirements today.


New Mac Mini and MacBook Air announced by Apple

Apple have announced three new Apple products in their Autumn Keynote product release – including a new Mac Mini, MacBook Air and iPad Pro.

The new devices eliminate creeping gaps in the Apple product range, finally replacing legacy devices long overdue a refresh. The Air (released in 2011) and Mac Mini (2013) both receive a significant upgrade in design and more powerful technical specifications.

The new Mac Mini has been upgraded to to 3.6Ghz processor, 8GB of memory and 128gb all-flash storage. For power users, the specifications inside the new Space Grey casing can be pushed higher – up to 4.6Ghz 6-core i7, 2TB SSD and a staggering 64GB of memory likely to please even the most demanding of photo-editors.

Speaking from New York, Apple CEO Tim Cook confirmed rumours from earlier this year, and pitched the releases as a move to assist ‘creatives’, acknowledging that customers from Apple’s most loyal business sector would be anticipating convenience and more powerful hardware from the upgraded models to support their creative work.

Macbook Air 2018

The new MacBook air is an astonishing work of portability, at just 15.6mm thick (around 10% thinner even than the 2011 version) and incorporates a retina screen, Thunderbolt 3 Ports, Touch Sensor and many other recent staples of the current MacBook and MacBook Pro range.

A 100% recycled aluminium shell on both devices also demonstrates Apple’s increasing environmental awareness, and serious efforts have been made to decrease plastic consumption to manufacture the inner workings of the device.

iPad Pro receives updates handed down from the more successful iPhone range, including FaceID, edge-to-edge screens and a thinner shell (equating to 25% less volume than previous models) charged by USB-C and including the A12X chip.

Apple claim the increase in core-count equates to a huge jump in processing speed – making the Pro technically faster than 92% of all portable PCs, and even able to generate complex Autodesk objects or run games at 120 frames per second. If true, this represents an enormous leap in capability, positioning the iPad Pro as a true competitor to performance laptops.

2018’s Macbook Air will be priced from around $1,199, and Mac Mini/iPad Pro from around $799, at time of writing, and will be available almost immediately.

 

For Apple hardware and expertise, contact Lineal today.


Ultra Ultrawide Monitor launched by Dell

Dell have released details of a new ultrawide monitor format: the super-sized Ultrasharp U49 – a curved mega-monitor that measures a desk dominating 49-inches, corner to corner.

Monitor sizes have escalated steadily over the years, with evidence that greater on-screen real estate improves worker productivity; as users can multitask and cross-reference information on screen more easily on a larger desktop space. Accordingly, all the major operating systems have also added support for easier double-app screen sharing, if multi-taskers know where to look.

At ultrawide sizes however, monitors include content outside the user’s peripheral vision (and desk-space) forcing manufacturers to look at a curved chassis design instead. In practice, a curved monitor screen makes significantly more sense than a curved television – since the viewing distance of the observer can be more accurately estimated.

Increasingly popular for financial services and the creative sector, curved ultrawide formats can sometimes feel a little silly: able to open a Microsoft Excel Spreadsheet into the B(A-Z) columns without any user scrolling.

Dell U49

Don’t expect to see U49s very often – Dell will be selling the prestige ultrawide monitor in the US for (a bank-account punishing) $1,700 from the end of October.

The smarter development may be the less publicised: Dell also announced smaller Ultrasharp models with USB-C single cable input – allowing users to incorporate all the traditional device charging and compatibility features of a laptop dock neatly into the back of their screen.

This allows users to instantly connect a portable device (laptop, tablet or convertible) to their desktop monitor with only a single cable, and simply walk away from the desk with their device when needing to work elsewhere.

Take note: this kind of flexible working is coming sooner than you think.

 

For IT assistance and expertise, please contact Lineal today.


Preview: macOS Mojave

Due out this Autumn (2018) is macOS Mojave – Apple’s latest new operating system for the Mac range.

Named after the arid desert in the Western United States made famous by movies of the same genre, macOS Mojave has been widely pitched as a usability update with a range of new features designed to make it easier for users to stay ‘focused’.

Headlining Mojave will be the new system-wide ‘dark mode’, allowing users to swap between lighter or darker macOS theme to make their Mac less sleep-disruptive and easier on the eye, particularly at night-time.

Far from just being a black background however, Mojave rather artfully adjusts the entire theme and default background through a gentle ‘morning/day/evening/night’ cycle.

There are plenty of new tools too: the desktop can now sort files by type using ‘stakcs’, search by image, and quick edit PDFs and screenshots via Preview.

The tech giant, which recently became the world’s first trillion-dollar company, has also been rumored to be planning new MacBook Air, and Mac Mini devices for release later this year, both of which would coincide neatly with a fresh operating system with the theme of keeping macOS a highly ‘convenient’ system for all settings.

The MacBook Air hasn’t been fully refreshed since its launch in 2010, and the Mac Mini since 2014. While the former occupies a crowded space of various other MacBook and iPad sizes, the latter is long overdue for a replacement.

In a possible nod to the limited physical space where such devices might be used, Mojave can also detect photos automatically from your iPhone and insert the image on your desktop app, into a document or file.

However, an additional update, which Apple initially suggested would allow FaceTime video conversations expand to include up to 32 participants, has been bumped back to a later release.

Apple’s ninth Mojave beta was recently released for public testing, indicating that the full autumn release to the wider public is now not far away.

 

For Apple hardware, expertise and support, contact Lineal today

 


Results of Lineal Client Feedback Survey 2018

Yes, it’s that time of year again – the time when we ask our clients how our team has been doing, and what we can do to raise our quality of service even further.

In 2018, a record 96% of you feel we understand your IT needs either ‘Extremely Well’ or ‘Very Well’, and 90% of you felt we met Lineal’s IT support mission statement either ‘Very Well’ or ‘Well’.

In three years, the percentage of you who feel we resolve queries ‘Much Quicker’ than expected has doubled, and a high 82% feel we’ve either met or exceeded their expectations for time taken to resolve technical queries.

Your Client Survey 2018 feedback also suggests Lineal is being used for a wider range of IT expertise than ever before – with more of respondents recognising our capacity to deliver phone systems, broadband, leased lines, Wi-Fi networks, SQLWorks business software and a whole range of Cloud IT services.

There were also areas for improvement: a small minority of you (14%) still felt our customer service had been ‘OK’ – a rating we’ll be working hard to exceed with some new processes for sharper communication, monitoring task completion, and ensuring timely confirmation.

Lineal moved into new offices in central Barnstaple this year, and we want this to help deliver a better service for our customers.

As always, thank you to everyone who responded to our Client Survey 2018 – a wide variety of constructive feedback helps us immensely to focus on key areas of improvement.

Kind and constructive comments are always helpful – here were some of our favourites.

– Always helpful, would recommend the Company to others. Thank You.

– Good team of people and we now use Lineal for most if not all our IT, software, phones and support. It’s good to have in one place and generally we are very happy with the overall service.

– All seems OK, call outs prompt and service great.

– Generally resolve issue promptly and friendly team.

 

For Lineal IT Support expertise and advice, please contact our team today.


Lineal Space Invaders stall lands at North Devon Show!

This year Lineal Software Solutions Ltd. was an official Sponsor of the 51st North Devon Show, and launched (maybe) the show’s first ever Space Invaders Championship.

The retro arcade pub-classic, in which the player holds out against descending ranks of tiny pixelated aliens was first released in 1978, making the game 40 years old this year (yes, really.)

Mike Matthews, Lineal’s managing director explained: “We wanted to make this year’s show fun with something both young people (and the young at heart) would recognise instantly and enjoy.”

“For those of us er… more advanced in years… the memories flooding back!  Lineal was first founded in the 1980s, and it’s astonishing to think how far technology has developed.”

Fortunately so has Lineal, and visitors to our stall could learn more about Lineal IT support, cybersecurity, business software, cloud services, phone systems and much, much more.”

Lineal, which recently moved to new premises in central Barnstaple, was also an official Sponsor for this year’s North Devon Show, and presented the prizes to winners of the ‘Hacks and Riding Horses’ class.

North Devon Show Lineal Prize Giving

However, much like IT support, battling aliens also seems to be a matter of experience – with parents often achieving much higher scores than children on our Space Invaders High Scores board.

Space Invaders High Scores

After 2017’s Show was unfortunately cancelled due to poor weather, 2018 was a huge success and a fantastic day out for locals and visitors alike. Next year? We’ll be planning something even bigger…

Mike explained: “The North Devon Show is always a highlight of the calendar, and the array of businesses, charities, livestock, rural groups, crafts and all-round entertainment is a showcase for the community in this part of the world. We’re always proud to be able to support it.”

See you next year!

 

For IT Support and expertise, contact Lineal today.


VIPs Officially Open New Lineal

Lineal Software Solutions Ltd. has welcomed VIPs to officially open our new offices in central Barnstaple, celebrating our 30th year anniversary in business.

We’ve expanded our operation, moving into Commercial House on Barnstaple’s Strand. The building will be home to Lineal’s team of over twenty IT support and software development staff, including three apprentices from PETROC.

Lineal’s new offices were officially opened in a short ceremony by North Devon’s MP, Peter Heaton-Jones, Vice President of PETROC, Bill Blythe and Marise Mackie of Pluss.

Mike Matthews, Lineal’s Managing Director, explained: “We’ve grown steadily in recent years, and for the businesses and organisations whose technology we support every day, the additional space will help us deliver improved connectivity and an even stronger service.”

Click for a Virtual Tour of Commercial House, now officially open:

virtual tour

“We’ve invested in infrastructure that will help future-proof Lineal’s new home for the 2020s: including high speed gigabit fibre-optic cabling throughout, solar panels, new training facilities, conference rooms and an enlarged hardware workshop.”

“The next generation of Lineal’s own SQLWorks accounting and stock control software for cloud and mobile platforms, designed to give businesses a competitive edge, will be built right here in North Devon.”

“This was a year in planning, and I want to thank all our staff, who worked tirelessly around the clock to make the move a reality.”

Peter Heaton-Jones MP congratulated Lineal: “I was delighted to be asked to cut the ribbon on Lineal’s impressive new offices. I first met Lineal’s founder, Mike Matthews, four years ago when he was operating from a converted barn in his back garden. The expansion since then has been incredible. The fact that this growing business is moving into the centre of Barnstaple is excellent news for the town, and shows how robust our local economy really is. Their close ties with Petroc, allowing young people to get their first taste of the world of work, is something I particularly support. I wish Lineal many more years of success and growth in their excellent new home.”

 

For IT support and expertise, please contact our team today.


Google hit with €4bn Android anti-competition fine

The European Commission has issued Google with a €4.34 billion fine for Android anti-competition practices, after ruling the popular operating system unfairly cemented the dominance of Google Search.

The EC found Google had, via ’significant’ payments to smartphone manufacturers, ensured exclusive installation of Google’s own search application, and bundled Google apps such that selectively omitting services was impossible on the mobile platform prior to release.

More than 95% of all searches on European Android devices are made via Google search, testifying to the search giant’s unprecedented reach via pre-installation.

Many users (as Microsoft’s Bing search engine can surely attest) never change their system defaults, and although many rival search and browser providers are available for Android, these must be installed separately, often via Google Play.

Many will remember similar court battles fought between the US Government and Microsoft, resulting in the former’s eventual ruling that the latter had unfairly influenced the market via pre-installation of Internet Explorer, and creating the convention of an initial default browser choice on all new Windows PCs.

Microsoft eventually paid $561 million, but also continued losing ground to rival web browsers, including Google Chrome, among those using the internet on their operating system. Since 2013, the number of affected devices (particularly handhelds operating various versions of Android) has increased hugely. In future, new Android devices may be forced to include a similar initial search/browser selection, to help maintain consumer choice.

Google has defended its actions throughout, and has already announced it will appeal the decision, with the case expected to continue for some years.

 

For technology expertise and support, contact Lineal today.


Microsoft announce end of support for Windows Server 2008

Support and security updates for Microsoft’s Windows Server 2008 and 2008 R2 operating systems will end in January 2020.

Customers operating Windows Server 2008 will then cease to receive security patches and other important system updates.

Around 70% of the world’s server operating systems are Windows based, with Server 2008 one of the most successful versions, still representing more than half of these installations as recently as 2016.

Users of Server 2008 and 2008 R2 have just over 6 months to decide whether to upgrade to a newer version of Windows Server (such as the long-awaited Server 2019, hardware permitting), replace servers with newer models, or migrate those server-based processes to a cloud-based platform, such as Microsoft Azure.

‘Mainstream’ Support for Server 2008 is unlikely to be extended – having already been granted temporary extensions, once from July 2013 to January 2015, and again to the final deadline next year.

As with previous operating systems, enterprise customers will have the option of purchasing ‘Premium Assurance’ support packages of different levels, to extend support as late as 2026 – but as with other legacy Windows products, for increasingly high associated costs.

Businesses will need to weigh up for how long they can afford to delay upgrading, or depending on the physical server hardware, whether it makes more sense to spurn the licensing costs of upgrading the Windows Server version and go directly to either the cloud, or a new server.

 

For IT infrastructure support and expertise, please contact our team today.


New Surface Go launched by Microsoft

Microsoft has announced the release of a new Surface Go tablet, adding to it’s acclaimed Surface lineup.

The new addition to the touchscreen range is designed to be an entry-level offering, offering more basic specifications but far greater portability at just 1.15 lbs and 8.3mm thin.

At around $399, it’s difficult to say exactly what Microsoft is trying to achieve: the new model is less consistent with Surface’s more ‘premium’ brand, and doesn’t stack up particularly well on price against Apple’s entry-level iPad, or against cheaper Windows laptops on technical specification. Limited to Windows 10 S and an Intel Pentium Gold processor, the additional elements which makes the Surface range more interesting, like the keyboard and stylus controls for touchscreen artwork, are also optional extras.

Instead it’s widely believed the tech giant is attempting to win over customers in the education sector, where a budget offering from a reputable manufacturer is likely to appeal to departments looking to provision sets of devices.

As always, Microsoft may also be hoping that the Surface Go owners of today will be the Surface ‘Pro’ owners of tomorrow.

While a 9 hour maximum battery life and a 10-inch screen is likely to prove limiting for business use, Chief Product Officer Panos Panay noted it was the ‘perfect device’ for his youngest daughters – and the internet seems to agree, noting the release timing is suspiciously good for the new term.

Lineal are a Microsoft Gold Partner – IT assistance and expertise, contact us today.


Lineal Reviews: Plantronics Calisto 7200

Conference phones have traditionally had image problem. Costly, serious pieces of equipment, which often retail north of £350 for even a basic model, they feel inconvenient. Used infrequently, they’re sometimes more complicated than a telephone should be.

Worst of all, for all but the most established of businesses, a conference phone is a little… heavy-duty. Wired-in, with a large footprint, tangle of cables and strange satellite microphones – conference phones are an invasive species in the meeting room.

Enter Plantronics’ Calisto series – a curious pocket-sized invention (pictured) designed to bridge the gap between speakerphone and a true conference phone setup.

Four directional microphones (which can focus on sound from whomever is speaking) give 360 degree meeting-room coverage and efficient noise-cancellation to the Calisto range, which in a novel twist: is battery powered.

Plantronics, whose reputation for high build-quality audio equipment (particularly headsets) has been well-earned in the air-traffic control sector and moon landings, are increasingly reaching out with more accessible desktop telecoms hardware – even acquiring another successful Lineal communications partner: Polycom, back in March.

There’s a pleasing practicality to the Plantronics Calisto range: both USB wired and bluetooth connections are available to connect to either laptop, PC, tablet or your smartphone (in addition to USB wireless on other models.)

At only 270g, and just 11cm square, it’s small enough to be truly portable – tidied away into a desk drawer or moved to ‘create’ new meeting room spaces whenever needed. In the real world, where meeting rooms need to be swapped at a moment’s notice, why not just pick your conference phone up and carry it down the corridor?

For smaller and medium sized businesses where workspace might be limited, the Calisto’s ease-of-use helps present both a professional image, and finally makes conference calling into something within reach of everyone.

Previous models of Plantronics Calisto (including the 600 series) have been well received, and Plantronics has judged the small business market well. Expect great things.

 

For communications and IT expertise, contact Lineal today.


Microsoft Submerge Underwater Datacentre

Microsoft have successfully submerged their first underwater datacentre, in a test expected to trial the viability of the technology.

The shipping-container sized server array was lowered to the sea bed near the Scottish Islands, as part of a flagship test for the concept of underwater IT infrastructure.

Project Natick, which is powered entirely by renewable energy via the European Marine Energy Centre’s wave and tidal power generators, will test whether largely autonomous data centres might be deployable in areas where sea-water cooling can be used to manage excess heat.

This kind of cutting edge research and development (described by one Microsoft Vice-President as ‘Crazy’) represents a significant engineering challenge: in addition to surviving water pressure, the datacentre’s server arrays must connect via undersea cable and function for five years without physical maintenance before the capsule is recovered.

Undersea communications cables have been in use since the 1850s, although maintaining complex fixed underwater infrastructure is a feat so far only managed by the oil & gas sector.

Conventional land-based datacentres (such as those used to deliver Microsoft’s Office 365 and Azure services) require high electricity usage and infrastructure to spin fans for air-cooling. Without efforts at carbon off-setting currently used by Microsoft, this would carry significant environmental cost – creating an incentive to ‘heat sink’ the technology underwater.

Microsoft also notes that almost half the world’s population lives near large bodies of water (a legacy of a previous millennium), and that in future the underwater datacentre may prove a solution to the issue of secure delivery of cloud services closer to point of use.

Lineal are a Microsoft Gold Partner – for expertise and support: contact us today.


Adobe discount slashes pricing for education sector

Adobe has announced a large discount for its Creative Cloud suite of apps, in a special Adobe discount scheme designed to win over the education sector.

The leading creative software package will now cost only $5 per user/month in the US, or around £4 in the UK – a large discount on the original $25/£18 per user/month price – although this Adobe discount price will currently only be available to academic institutions purchasing a minimum of 500 licenses.

Many of the big names in software, including Microsoft’s Office 365, Google’s G-Suite and other popular products such as ESET’s antivirus range, have been offered with significant discounts for the education sector through partner resellers, in the hope of capturing the next generation of technology users early, and contributing to wider learning.

In each case, the gesture is undoubtedly a worthy public relations boost, with Adobe also pledging to support workshop schemes to show educators how to teach with Adobe’s suite of creative apps in the classroom.

In both cases early access is especially important for Adobe Creative Cloud, which includes Photoshop, Lightroom, InDesign and many other leading creative apps, because of the very high high barrier to entry: both creatively and by cost – despite the software brand being simply unrivaled across the creative sector.

Adobe clearly hopes the dramatically reduced Adobe discount pricing will wet the appetite of larger organisations, and introduce high quality design apps to a much wider audience at an earlier age.


Top Picks: Best GDPR Resources

Be honest, you’ve read some truly useless things online about GDPR. We all have.

The problem isn’t one of enthusiasm: more and more companies are recognising the impending deadline of the new data protection regulations and acting to implement best practice.

There is, of course, a growing industry of consulting firms and data protection advisers trading on businesses’ lack of expertise and frequently, fear of being left behind. Most organisations begin preparing with a spot of Googling, some light reading, and a bit of browsing online GDPR help articles written by experts.

However, the real experts can’t divulge too much free advice (otherwise why contract their services?) thus much of the available articles and blog posts are deliberately vague. The conundrum has already spawned some unfortunate attempts at humour, but doesn’t really help companies attempting to put in place GDPR compliant policy.

All is not lost: there really is some genuinely useful  guidance out there – here are our pick for some of the best GDPR resources:

 

ICO: Eight Practical Steps

ico eight practical GDPR steps

The Information Commissioner’s Office original ‘eight practical steps’ presentation is a series of slides that are exceptionally clear, and can be worked through in stages. A more recent, formal ’12-step’ version also exists, for a more conceptual understanding of the new regulations.

 

GDPR Readiness Assessment from Microsoft

Microsoft GDPR quiz

A little technical at times, this quick quiz is a useful way of thinking further about protection policy, particularly around access control. For further information on how Microsoft can assist with GDPR in the cloud, look for the blue button in the top right hand corner.

 

ICO Helpline

ICO GDPR helpline

The ICO has a little known helpline via which small businesses and charities can consult a member of ICO staff for extra advice – details of which can be found above.

 

IT Governance Compliance Gap Assessment Tool

IT governance GDPR compliance gap assessment tool

Always a strong source of IT expertise and policy, IT Governance have developed a range of ‘Toolkits’ to assist data protection officers and those implementing GDPR within their organisations. These range from the simple £60 compliance gap assessment tool (a handy Excel Spreadsheet you can work through) to more expensive implementation packs and data flow mapping tools.


Lineal ‘Pitch in a Pound’ for North Devon Hospice

Team Lineal have raised £250 for North Devon Hospice, after hosting a fundraising buffet for staff and visitors.

The donations were collected by the IT Support firm as part of the local charity’s ‘Pitch in a Pound’ day, held each year in support of the hospice by North Devon businesses, schools and community groups.

Managing Director Mike Matthews explained: “It’s hard to find anyone in North Devon who doesn’t have a friend or family member who has been cared for by this terrific local charity, and it’s important every business does its bit for worthy causes.”

“That’s why I agreed I would match whatever my team raised on the day. Well done to all involved!”

North Devon hospice, which covers more than 800 sq. miles of Northern Devon, supports and cares for more than 3000 patients with life-limiting illness each year.

Lineal staff cooked, baked and sold a variety of sweet and savory food, including curry, pastries, chilli, samosas, dips, and a whole variety of different cakes and sweet treats.

Learn more about ‘Pitch in a Pound’ day on North Devon Hospice’s website by clicking here.


Lineal officially turns 30 Years Young

North Devon IT support and software company, Lineal Software Solutions Ltd, has celebrated 30 years’ success in business.

First founded in 1988, our company, which supports businesses and organisations across the UK and beyond with a range of IT services, are preparing to move to larger offices in central Barnstaple in the Spring.

Managing Director Mike Matthews thanked staff past and present for all their hard work over the last 30 years:

“Technology (and hairstyles) have changed considerably since 1988, but for us the best is yet to come. I’m proud that during that time, we’ve played a role in the success of some of North Devon’s best-known companies.”

We have doubled in size in the last two years, now employing over 20 locally-based staff who work in IT support and software development on behalf of other businesses and organisations across the UK and, increasingly, overseas.

Lineal also now includes staff from disability social enterprise Pluss, apprentices and degree apprentices, training in cooperation with Petroc.

The company has been recognised as one of the South West’s few Microsoft Gold Partners, helped to launch the Barnstaple Town Centre Wi-Fi project, and is part of DigitalND – a new group designed to promote digital connectivity and skills in North Devon.

Mike added: “The South West still has important connectivity and IT skills challenges to address, but public internet access didn’t even exist thirty years ago. Now the small company we originally started in my back room supports trusted clients as far afield as Australia. Ten Years from now? Watch this space.”

 

For IT Support and expertise, get in touch with our team today.


End Net Neutrality, rules FCC

Net Neutrality looks set to end in the USA, following a landmark 3-2 decision by the Federal Communications Commission (FCC.)

The ruling will permit American internet providers to cease treating all internet traffic equally, and permit the blocking or throttling of certain types of internet traffic or charging for access non-uniformly – providing the restrictions are released publicly.

Opponents of Net Neutrality fear the lifting of restrictions will pave the way for anti-competitive behavior in the US and ultimately around the world – with internet service providers (ISPs) deliberately impairing services provided by competitors to make their own offering appear superior. Imagine ISPs degrading each other’s parent-company video streaming services, and you get the picture.

This latest ruling u-turns on the 2015 decision to guard against anti-competitive practices, and will be politically controversial – passed strictly down party lines with the committee’s three Republicans, including Trump-appointed Chairman and former Verizon lawyer Ajit Pai voting in favour, and two Democrats voting against.

Consumer protection has, if anything, become slightly stricter in the UK following recent Ofcom decisions, whilst across the pond, 2017 is expected to go down in internet history as a year of dramatic internet deregulation. Internet usage crosses national borders of course, with the international affect of the FCC’s decision being ours to speculate on.

The end of Net Neutrality won’t kill the internet, but it’s likely some intelligent individuals will be developing discretely advantageous ways for their own business interests to benefit financially from preferential treatment online, or profit from those who wish to do so.

Long term, any introduction of ‘toll-road’ style access is likely to act as a barrier to entry to newer technology companies, to the benefit of more established providers.


Team SQLWorks at EurOmnis 2017

This year Lineal’s SQLWorks Team traveled to Arnhem, The Netherlands, for the 4-day European Omnis Developers Conference – EurOmnis 2017.

Conference workshops offer the opportunity for developers from more than a dozen countries to exhibit their latest work, seek advice from other programmers and share best practice. A primarily educational event, EurOmnis brings together the brightest and best to further develop software projects and draw on a wider pool of knowledge.

EurOmnis workshop

Members of the Omnis Executive Team also attended to discuss the very latest developments of the platform, explain new features (such as remote debugging technology working live from the developer console) and gather valuable feedback from the wider Omnis developer community.

Managing Director of Lineal Software Solutions, Mike Matthews explained: “Over the many years during which we’ve helped organise EurOmnis, both the software itself and the Omnis Developers Group (ODEV) have gone from strength the strength.”

omnis developers

“This year’s conference studied some exciting breakthroughs in web development, mobile/tablet-friendly user interfaces, internet-of-things (IOT) examples, future API technology, and much, much more.”

“SQLWorks is designed to be a highly flexible business management software, and we greatly value contributions from the extraordinarily diverse range of industry sectors, creative skills and technical knowledge represented each year at EurOmnis.”

In addition to coding, EurOmnis 2017 attendees had the chance to visit and dine at the Kasteel Doorwerth, a medieval chateaux dating from before the 13th Century, and literary home of the Beaulieu restaurant, where Erik Hazelhoff Roelfzema wrote Soldier of Orange.

See you next year!

 

Lineal are Omnis and business software development specialists – learn more here.

Euromnis venue


Technology firms rush to fix WPA2 KRACK

Technology firms are urgently issuing fixes for the WPA2 KRACK (Key Reinstallation Attack) thought to compromise the WPA2 encryption used in most WiFi routers and other wirelessly enabled devices.

The exploit, discovered and published by Mathy Vanhoef, a Belgian security expert for Imec-Distrinet, Ku Leuven, has caused serious alarm amongst cybersecurity professionals due to the widespread use of WPA2 across millions of items of networked hardware around the World.

Vanhoef’s website, detailing how the the WPA2 KRACK works, demonstrates on video how an unfortunate Android smartphone can be tricked into re-installing an all-zero encryption key, which makes de-crypting data transmitted from the device possible. 

Security guidance remains to continue using WPA2 (rather than reverting to an older encryption standard) and to install the latest WPA2 KRACK security updates from manufacturers as soon as they are available.

A number of key technology vendors were notified in August, giving them some time to prepare. Microsoft are reported to have adjusted “how Windows verifies windows group key handshakes” to fix the issue. Apple and Android are yet to specify exactly when patches will be available, although both are understood to be working on a secure fix to be made available in coming weeks. The more responsive hardware developers, including Cisco and Ubiquiti, yesterday began issuing guidance and new firmware for their wireless equipment.

The Wi-Fi Alliance, the international organisation dedicated to developing Wi-Fi technology, have essentially argued that there is no need to panic. There is no evidence of the extremely serious hack being deployed outside test conditions (yet) – although it’s probably only a matter of time before someone attempts to do so. Because Wi-Fi relies on physical range, it’s likely this could target public Wi-Fi and other easily accessible networks. For this reason, users are (as always) reminded not to use public networks for sensitive tasks, such as online banking.

It’s clear from the increased publicity surrounding the discovery that major vendors of network equipment will be under pressure to issue the required WPA2 KRACK security patches.

However, the underlying vulnerability also threatens a wide range of wirelessly connected internet-of-things (IOT) devices – including everything from CCTV to smart-fridges – such that it’s unclear just how widespread this latest security flaw will actually prove.

For IT support and cybersecurity expertise: get in touch with Lineal today.


Broadband speed advertising reviewed by Ofcom

A public consultation on broadband speed and delivery is being conducted by Ofcom until 10th November, as the regulator seeks to hold Internet Service Providers (ISPs) to account.

Ofcom currently requires ISPs to provide an estimated download speed the end user will receive in product advertising.

Providers typically advertise possible broadband speed with the phase ‘up to’, rather than guarantee a deliverable lesser service level (very difficult) although under new rules may be asked to express this as a form of average to more accurately reflect the broadband speeds experienced by the majority of customers.

The consultation is part of a trend in recent years for regulators to tighten up broadband speed advertising rules, and eliminate the more misleading claims sometimes used by ISPs to imply a better quality internet service – as Virgin Media found out to its cost, when a series of adverts featuring Jamaican Sprinter Usain Bolt and several unsubstantiated phrases such as “bye-bye to buffering” were blocked by the Advertising Standards Authority.

Subject to the findings of the consultation, new rules are expected to give consumers the right to terminate their broadband contracts without penalty should their provider not be able to guarantee the minimum standard of service on which the contract was sold.

Exactly what that ‘minimum standard’ should be in future hasn’t yet been made clear. Very few users will receive the perfect 80Mbps download speed theoretically granted to them from super-fast fibre in 80:20 enabled-areas, but to what extent the service will be degraded largely depends on copper-wired distance from the nearest fibre-enabled BT cabinet to each customer’s router.

Businesses seeking a required level of connectivity may opt for a dedicated leased line with higher data allowances – although these carry waiting periods for installation, and are not a cost-effective option for an individual domestic consumer.

Although device recorded internet speeds may indeed depend on a number of factors, users can perform a like-for-like test of both their upload and download speeds using Ookla’s internet speed-test app on Lineal’s website.

 

For connectivity advice and communications expertise: speak to Lineal today.


What is Microsoft Azure? A Beginner’s Guide

Microsoft’s Azure Cloud platform has taken the business world by storm, adding a record 120 thousand customers every month last year, 6 million total users, and holding an estimated 1.4 million SQL databases.

If you’re not technical, you could be forgiven for being unsure of what it actually is or how it works. We can’t hope to cover the over six hundred potential applications, but here’s a crash course guide to understanding Azure.

 

What is it?

Microsoft Azure is a business ‘cloud computing’ service created by Microsoft for operating IT applications and services from the cloud.

Everything run, tested, built, shared, stored (and more) from Azure exists in one or more of a number of secure Microsoft data centres around the World (or via a local service if you prefer.)

azure datacentre map

 

OK, but what is it actually?

Think servers. Lots and lots of servers. Locked down, climate controlled warehouses full of servers humming away running every computing process imaginable from email to databases, virtual desktops to machine learning, file storage to phone apps.

Customers who purchase Microsoft Azure services get access, via the internet, to a tiny fraction of this worldwide supercomputing infrastructure, with the option to run a huge variety of potential services in the cloud.

Azure itself has no-upfront charges, and is instead billed by the minute based on usage and the computing demands of the service purchased.

 

Why is that good?

This is instant access computing. Need 50 extra virtual servers by this afternoon? Tap a few buttons and they’re available.

The staggering economies of scale means Microsoft always has practically unlimited scalable computing power available, on demand, at subscription pricing.

The ability to spin up temporary services (impossibly impractical if you tried to resort to urgently buying physical hardware) and remove them again, allows businesses to react instantly and cost-effectively to even the most wildly fluctuating IT demands.

Even more mundane computing processes – such as large numbers of hosted desktop sessions can be delivered from Azure, without being such a logistical challenge.

 

OK, but what if it goes wrong?

Azure is reliable. Crazily reliable. Microsoft’s uptime statistics are as dependable as you would expect from their leading enterprise cloud service – in 2015 achieving a remarkable 99.9936% of annual uptime.

Much as with other Microsoft Cloud services (like Office 365’s OneDrive) an array of backup procedures ensures copies of data stored are protected and duplicates available for recovery. Virtualisation, where everything runs in an isolated software environment kept independent of the physical hardware, means individual drives and servers are expendable – your IT lives on, supported by the rest of the hundreds of remaining server racks.

Microsoft are discrete about their security, but in a data centre empire where every email is tested through a minimum of 3 independent antivirus services, it’s safe to say both physical and digital security is extremely tight. Centralised infrastructure also gives Azure (and every Azure customer) the kind of specialist professional and cybersecurity defences unavailable to all but the very largest enterprise corporations.

Users can check the live status of every process on 29 data centres globally via an online dashboard, which refreshes its table of successfully ‘available’ uptime ticks every minute.

Need access to the remaining 0.0064% of the year? Remember that for at least half of the World’s inhabitants, it’s likely these 29 minutes of annual downtime will fall whilst you’re asleep.

 

Do I need a computing PHD to use it?

Yes and no. Anyone can, in theory, get started with a free account (and $150 of free credits) today from Azure’s website, and test out the service.

The interface is relatively intuitive and, like all Microsoft’s cloud services, works consistently across tablet and mobile devices if you wish to play about with Microsoft’s cloud until your free credits have expired.

However, in reality what you demand of the infrastructure is likely to require a more complex setup. Unless you’re a true enthusiast with some special requirements, Azure’s cloud infrastructure is like a private helicopter: not really optimal for personal use (and there are far more sensible options available)

Cost by the minute also means that, when choosing from the bewildering array of virtual machine specs and other services available, it would be easy to overspend if you’re not careful. Indeed part of Azure’s business model is based on ambitious, technology-hungry companies biting off slightly more than they can chew.

To make sure your Azure deployment is both effective and proportional to your budget, call the experts.

 

Lineal are a Gold Microsoft Partner – contact us today: 01271 375999


Could your PC be the last you ever buy?

Several major PC manufacturers have disclosed a new rental PC payment model to dramatically slash the cost of upgrading your PC.

Dell, HP, Lenovo and Microsoft have all recently announced new ‘PC-as-a-service’ schemes whereby rental PCs will be available to businesses entirely under a pay-monthly model rather than an upfront purchase.

Software services, particularly popular cloud-based offerings like Microsoft’s Office 365, have been increasingly moving to a subscription model for some time, offering both consistent cash flow for software developers and all the advantages of low-entry costs to their user base.

Hardware developers are finally catching up with this trend, offering PC hardware to the business sector on a rental basis – with the formerly high up-front cost of upgrading hardware spread over a longer period, more akin to credit-backed contract markets for mobile phones or cars.

A rental PC arrangement obviously poses a risk to the technology giants – accepting that the dominant future model for sales may be one where they still carry significant financial risk for devices already ‘in-use’ across the business market.

Microsoft in particular took a big step in this direction with their ‘Surface-as-a-Service’ last year –  offering subscription based premium touchscreen devices to business customers in the US (although these are subject to credit checks and other lending precautions.)

For Dell, HP and Lenovo, by far the world’s three biggest PC manufacturers, to take the same step represents a huge volume increase in this kind of approach, significantly cutting upfront costs for businesses investing in physical hardware.

Your PC won’t be the last you pay for, but it could be the last you ever ‘buy’ in the sense we now understand it.

For PC support and expertise: contact Lineal today.


EU roaming charges end – what you need to know

Mobile phone charges for travellers within the EU officially end from today under a new EU Law.

Additional fees levied by mobile providers for cross-border calls (‘roaming’ charges) had been significantly higher – often catching out unsuspecting holidaymakers.

The end of costly EU roaming charges is widely credited as one of the EU’s most popular achievements, ending fees that the commission felt represented one additional cost barrier to cross-border communication. The agreement has not been without difficulties however, and the new regulation has taken 10 years to come into force.

However, as always with the EU, this welcome news for travellers comes with some specific caveats:

  • Users will still be charged high fees for data use (at around £8.30/GB, falling incrementally in future years), whilst standard calls and texts will remain at typical network pricing. 
  • EU roaming phones will be monitored for time spent on ‘home’ networks and ‘roaming’ networks to discourage phone users taking out a contract in a cheaper country and using it permanently in a more expensive country. If found not to be truly ‘roaming’, extra charges may still apply.
  • Call fees will still be higher for international calls made from the customer’s home country.
  • Countries in ‘Europe’ but not in the European Economic Area (EEA) will not be included in the agreement (including Switzerland, Serbia and the Channel Islands among others) nor will calls from cross-channel ferries and other satellite-linked areas.
  • It’s as yet unclear what will happen after Brexit.

 

For communications expertise and support, contact Lineal today: 01271 375999


New Faces on our Team

Lineal’s been growing recently, and we’re pleased to be able to welcome some new faces onto our team to help better support our customers:

 

Lineal's Sarah  Sarah Allsobrook

Sarah joined Lineal earlier this year from a well-known North Devon electronic engineering company, and has quickly become an invaluable member of our team.

Her responsibilities include managing communication with our customers, coordinating our engineers’ busy schedules, and ensuring that Lineal’s offices run smoothly.  

lineal's kieran  Kieran Tennant

Kieran became part of Lineal’s SQLWorks team a few weeks ago for work experience. So far, he has been assisting with more complex data tasks, and helps maintain our IT Support Team’s Lineal Active Monitoring Process (LAMP): a proactive series of hardware maintenance checks performed every day on our clients servers- a job that favours a methodical approach and a keen eye for the early warning signs of server problems.

Check back for more soon…


Lineal’s Reuben Wins Pluss Award

Pluss –

A Lineal staff member has won North Devon’s Pluss Achiever of the Year award for 2016.

Reuben Winsor, from Barnstaple, was awarded the prize in recognition of his success since becoming a trainee software developer with local IT support and software firm Lineal Software Solutions Ltd. in June.

Pluss, which helps support thousands of people with disabilities to enter employment, presented the award at a business networking event at the Royal Hotel, Bideford, as a part of the Disability Confident Campaign.

Speaking at the ceremony, Managing Director of Lineal Mike Matthews explained: “Reuben’s diligence and attention to detail are vital skills for a software developer, and have been indispensable in helping us develop the next generation of our business software. He has become a confident and valued member of our team.”

“Pluss’ work has been exemplary, and we’re absolutely delighted that Reuben will remain at Lineal as a full-time member of staff.”

In addition to developing his skills contributing to bigger software projects, Reuben has helped adapt Lineal’s SQLWorks accounting and stock control software for use on smartphones and tablets.

Congratulations to Reuben on his success and we look forward to his future development at Lineal.

 

You can learn more about Pluss and their work by clicking here.


Microsoft opens new UK Data Centres

UK data centres –

Microsoft’s Office 365 Team have announced the availability of multiple UK data centres for customer data.

The move follows increasingly strict rules on data compliance in the financial, security, health and public sectors – with more cloud IT users looking to ensure their data remains safely located in the UK.

Prospective customers considering the implications of Office 365 are able to view the locations of Microsoft’s uk data centres with this online ‘Where Is My Data?’ map, which now displays both the additional data centres and the Microsoft cloud services they support, in both London and Durham, with a third site anticipated for Cardiff.

Office365 and Azure Users will also have the ability to ‘re-locate’ their data from regional data centres (in most cases based within mainland Europe) to the new UK service.

In addition to the security and legal advantages for protecting sensitive data, cloud users of Office 365 are likely to benefit from lower costs, online backups and collaborative, remote access to files.

For now, the ability to re-locate Office365 or Azure data to the UK is likely to be restricted, with priority expected to be given to high-profile UK public sector customers including NHS Trusts and the Ministry of Defence – the latter mirroring many customers belated move to the cloud, upgrading legacy on-site systems in use since 2005.

The new infrastructure has been widely praised, with Microsoft clearly investing heavily in addressing the doubts many have about moving their IT to the cloud; reducing Office365 downtime to just 4 hours per year, and now re-locating data within country of origin for compliance with a high standard of data protection.

 

Contact Lineal for advice on moving to the cloud, or for a free trial of Microsoft Office 365 Business Premium, click here.

 


4 Smartphone security threats you need to avoid:

smartphone security

We increasingly live in a mobile dominated world in which Smartphone sales have skyrocketed whilst traditional PC sales have stalled. With portable devices likely to be the future of many people’s IT use – we’ve put together a few of the main smartphone security threats you need to be aware of.

 

  • Mobile Phishing & Fake Apps

Phishing websites which pretend to be your bank in order to get your personal or financial details have been around for many years, but for few people imagine that this is also a big risk on their smartphone.

Fake apps are the most obvious modern incarnation of this scam. IT security specialist ESET recently showed that a popular app like Prisma spawns multiple fakes online, downloaded unwittingly over 1.5 million times before being pulled from Google Play, with many containing harmful malware which attempt to steal personal information.

Don’t attempt to download an anticipated app before it’s official release date, as it’s likely you’ll be downloading a fake. Avoid downloading apps from unknown third-party websites, check the comments for warnings from other users, and invest in mobile antivirus to intercept downloaded threats to your smartphone security.

 

  • Old-fashioned Theft

In addition to fitting in your pocket, your phone contains a staggering amount of personal information about you which makes theft a real danger – everything including your personal details and those of friends/family, your emails, GPS coordinates of places you regularly visit and more: all stored on the device.

Home Office research suggests iPhones are the device most likely to be stolen – perhaps reflecting the Apple smartphone’s high value, quality and distinctive branding.

In addition to setting numeric pin codes on every device to prevent the danger of theft, tracking and lifesaving wiping tools like are strongly advised.

 

  • Public Wi-Fi Networks

With the proliferation of portable devices, many businesses, particularly in retail, offer public Wi-Fi hotspots to customers.

The problem with this is that you’re sharing a network with… whom? Terrifying free tools like [Redacted – obviously] and [Redacted] allow anyone on a shared public network to view insecure websites you visit, and snoop on any keystroke you type.

Not every public Wi-Fi network is a security nightmare, but it’s sensible to avoid using public Wi-Fi to do anything sensitive, such as online banking. A 4G data connection or simple telephone banking is the easiest alternative if you’re on a mobile phone, and likely to be more secure than a public Wi-Fi Network.

It should probably go without saying that you shouldn’t connect to entirely unrecognised, unsecured or unknown Wi-Fi networks either. For obvious reasons.

 

  • Being Personally Targeted

The problem with the wider shift to portable devices is that we carry our workplace into the outside world. Many of us expect complete access to our business data on our smartphone (as we would on our PC) wherever we are.

But carrying your work phone outside work means you’re also outside the protection of in-house IT security software and firewalls.

A simple phishing email can easily be targeted to you outside working hours when you’re ‘off-guard’, and the potential loss of confidential company data could be devastating.

Of course, many of the best IT security software providers now offer Android & iOS smartphone versions of their antivirus software – so why not extend your business’ IT security to your smartphone?

 

For IT support and security guidance – contact Lineal today.


Lineal at 50th North Devon Show 2016

North Devon Show

Team Lineal recently attended the 50th annual North Devon Show, setting up alongside a range of local businesses in the show’s ‘Arcade’ tent at the Umberleigh show ground.

Visitors to our stall at the largest one day event in North Devon received free 30-day trials of Microsoft Office 365 (along with many free sweets!) to celebrate Lineal recently becoming a Microsoft Gold Partner. We also took the opportunity to showcase our SQLWorks business software, ShoreTel Unified Communications systems, ESET security software, and much much more.

“As a local business, Lineal are always pleased to be able to attend the North Devon Show” explained Lineal’s managing director Mike Matthews: “the huge variety of enthusiastic local firms and organisations exhibiting here always make the day a success, and there’s always something new to see.”

Two days of rain beforehand didn’t dampen spirits, and the show itself was sunny and well attended by thousands of both North Devon locals and tourists to the area.

We’ll see you next year!

For IT Support, systems and software expertise – contact Lineal today.


You spoke, we listened – Results of the Lineal Client Feedback Survey 2016

customer support

It’s that time of year again – when we ask you how we’ve been doing, and what Lineal can do to improve the quality of our technical support.

Firstly, a big thank you to those of you with kind words to say about members of our IT help desk. Our team found your kind comments to be enormously supportive and it’s good to know that so many of our customers value the contribution of their account manager so highly.

83% of you felt we met the technology needs of small to medium size businesses ‘Well’ or ‘Very Well’, and 89% felt we understood your IT queries ‘Very Well’ or ‘Extremely Well.’ Overall, 85% of you rated our customer support ‘Good’ or ‘Great.’

We weren’t perfect however – some of you felt we’d been slower to respond to certain emails and call-backs recently, and we’re putting in place new measures to address this: we’ll be adding to our team in coming weeks to help manage our responsibilities to our ever-growing number of IT support clients, and to ensure clearer communication between our team and customers during ongoing project work.

Your comments included an insightful mix of both praise and constructive criticism which we’re reviewing carefully – but here were a few of our favourites:

  • “A good “local” company. Always on hand.”
  • “As a small organisation of mainly non IT literate users Lineal staff always respond to queries in language we understand and without making us feel stupid!”
  • “Would like to thank Martyn especially, and dealing with mostly one person simplifies things.”

Thank you to everyone who gave us their feedback, it will inform our future decision making and help us provide a high quality of customer support.


Windows Server 2003 vulnerability for 1 in 5 businesses

Windows Server 2003

Nearly 1 in 5 Windows Server users are still running Windows Server 2003 at great risk, more than a year after Microsoft announced end of security support for the product, new findings have shown.

Research by Spiceworks and Cloudphysics both found that 18% of Windows Server licensing market share is still taken up by Windows Server 2003, based on data recorded in June 2016. More than 53% of those surveyed also still ran one or more instances of Windows Server 2003 somewhere in their organisation.

Anyone still using the old software risks becoming vulnerable to security threats, which Microsoft will no longer address, with many organisations potentially being in violation of their compliance, insurance or regulatory obligations for data protection.

The continuation of Windows Server 2003 (which Tech Radar last year touted as potentially “the biggest security threat of 2015”) has been left unresolved within many companies, many of whom believe they lack a clear decision, expertise, or funds to replace the now unsupported operating system.

In the short term the best measure is risk mitigation: isolate any Windows Server 2003 systems as much as possible to prevent access by outside security threats.

But sooner or later, all companies will need to upgrade important systems, and those that do make the move are less likely to invest in the capital expense of physical hardware as they were over a decade ago – with increasing numbers likely to utilise an outside IT provider to migrate to a managed virtualised solution, for example business cloud services.

For Windows licensing support or guidance, please contact Lineal today – 01271 375999 or click here.


Zepto Cryptolocker Alert: Lineal intercepts dangerous zero-day threat with ESET Antivirus

Zepto

Yesterday Lineal’s team successfully rescued a client from a new ‘zero-day’ Cryptolocker Virus which nearly destroyed many of their files.

The dangerous variation of the ‘Zepto’ cryptolocker, only identified online during the last 24 hours, is believed to be a brand new threat originally derived from ‘Locky’ ransomware.

An employee at one of Lineal’s IT support clients recently opened an email containing an infected file – a malicious piece of obfuscated code written in Visual Basic scripting language. The installed Zepto cryptolocker began encrypting the company’s files, readying to demand a heavy ransom.

In a coordinated attack, an outside user also forced access to our client’s server, instructing it to begin sending fake Barclays ‘phishing’ emails, attempting to criminally capture banking details.

Our team caught both threats early, forcefully locking out the intruder in mid-session, identifying the employee who introduced the threat, and quarantining the infection with ESET’s business endpoint security. 

Lineal then notified ESET about Zepto to help with future identification, having avoided the need to restore all the clients files from backup at great disruption.

The landscape of online security threats is rapidly changing, and Cryptolocker variants have spread quickly in recent months.

In this case Lineal’s rapidly responding team and professional security software helped our client dodge the huge potential losses from the security breach – and highlighted how vital it is that organisations of all sizes take proactive steps to protect their IT from hostile intrusion.

 

For IT security advice and support, contact Lineal today.


Cryptolocker Warning from Lineal

 

Cryptolocker Warning: in the past fortnight we’ve seen an increasing number of companies hit by sophisticated cryptolocker viruses.

These dangerous programs, often installed by accident, lock your files over time, encrypting data and eventually demanding victims pay a ransom to retrieve their irreplaceable data.

In all of these cases, security products were installed but they did not protect against the threat. In our experience the only product that is reliably detecting these new threats and offering sufficient protection at this time is ESET. Older, less effective or out of date security products are offering little or no protection against these new cryptolocker variants.

Once affected by a cryptolocker, there is no way to de-encrypt scrambled files without paying the ransom, and users must remove the trojan before recovering recent versions of a file from their backups – highlighting the importance of a regular backup plan for data.

Please don’t be the next one to get caught out – talk to Lineal today about IT security options to ensure your valuable data is protected.

 


Dodgy USB-C cables removed by Amazon

 

Poor quality USB-C cables which can destroy a smartphone or laptop in spectacular (and dangerous) fashion have been blocked from sale by Amazon.

The online retailer has faced criticism in recent months for permitting third-party dealers to sell cut-priced USB-C cables, with often faulty power distribution, to early adopters of the technology.

The latest version of the USB standard is both reversible and can deliver large quantities of both power and data to a wide range of devices. This introduces a new danger, as a substandards cables can draw too much power from a laptop when charging another device, doing serious damage to circuitry.

The move comes as more and more laptop manufacturers introduce USB-C to reduce device size, ports and weight – for example Apple’s latest MacBook, which includes virtually no other physical ports.

USB-C cables have been added to Amazon’s prohibited products list (along side GPS jammers, laser pointers and radar shifters) and can not be sold unless compliant with standards set by the USB Implementers Forum.

 

Find out more about IT hardware supplies, support, and expertise from Lineal.

 


Apple invests in LearnSprout for Education

 

Education tracking software LearnSprout has been bought by Apple, in a purchase expected to extend the computing giant’s reach into the education sector.

American software platform LearnSprout, already used across 42 states in over 2500 schools, is an analytics dashboard that allows teachers to monitor pupil’s performance and results, attendance, student health and more.

LearnSprout’s developers argue that by aggregating data, schools can help study trends for promoting better teaching, improving readiness for higher education and ensure a more efficient use of resources.

This is the second announcement in recent weeks about Apple investing heavily in technology for the education sector, following the January launch of Apple’s Education package and iPad modifications designed for classroom use. It’s unlikely to be the last.

 

For education sector IT support – talk to Lineal today: 01271 375999


Touchpad draw ‘Ink’ added to Office 365

 

Ever wish you could add handwritten notes to documents in Microsoft Office? Now you can – as Microsoft have unlocked the ‘Draw’ tab for Office 365.

The new tools come with a range of pen shapes and bright colours, and have been designed particularly with touchscreens and tablets in mind. Accessible across all Office 2016 documents, spreadsheets, presentations and notes, the ‘Draw’ tab follows the recent releases of Microsoft Surface Pro 4 and the iPad Pro. Those with clumsy fingers may prefer to use a stylus.

It’s undoubtedly a pretty and relevant addition to Microsoft’s historically bland Microsoft Office – the simple colour wheel can be used for highlighting text or adding freeform annotations in various ‘ink’ colours.

Behind the new sketchpad fun is some intelligent software, which includes shape recognition that allows users to ‘rough’ draw polygons for conversion to regular shapes for use in diagrams or flowcharts .

The possibilities for working collaboratively, marking homework, sketching designs, reviewing reports or simply saving paper are endless and enjoyable – and show just how practical Office 365 has already become.

 

Explore Office 365 with Lineal today: click here or call 01271 375999


Number Keypad Not Working on a Mac Keyboard? It’s a Simple Fix!

If you choose a full-size magic keyboard for your mac you have the advantage of a PC-style number keypad, alignment and full-size arrow keys – but no PC-style ‘Num Lock’ key.

So if you discover your number keypad isn’t working, it can be hard to tell if this is due to a hardware failure or a setting to disable the numberpad in software. Never fear – here’s the answer:

Before you begin testing the settings as you go, it’s worth opening your favourite text app and the onscreen keyboard – via the ‘Show Keyboard Viewer’ option on the menu bar of modern macOS versions.




 

Where is ‘Num Lock’ on a Mac Keyboard?

Without the Num Lock key, you’ll need to tap either Clear or Shift + Clear on your hardware keyboard (depending on the version), and then test your numpad number keys again in your text app.

number keypad not working on a mac keyboard

However, it’s also worth checking you don’t have a setting called ‘Mouse Keys’ enabled. This setting allows a user to move their mouse using the number pad as direction keys, and is intended as an accessibility option for those who find it difficult to use a mouse or trackpad.

If this is turned on, you may notice your mouse cursor move slightly when you tap one of the number keys on your number keypad.

You can check for Mouse Keys via the Apple Menu, choosing ‘System Preferences’ and clicking on ‘Accessibility’. Select ‘Pointer Control’ from the left hand menu and ‘Alternative Control Methods’. Here you can untick ‘Enable Mouse Keys’, and hopefully return your number pad to its expected function.