Windows 11 Update: Smoother, Smarter, Safer! 

With its latest update, Windows 11 is evolving to meet the needs of today’s users—whether you’re working from home, in the office, or gaming after hours. By updating to the latest version (version 24H2), you can enjoy a smoother, faster, and more secure operating system. 

Originally launched back in 2021, Windows 11 offers a refreshed design, faster performance, and improved security. It includes many notable upgrades from Windows 10, most importantly with stronger security, built-in protection against malware, encryption, and hardware-based isolation. 

It also includes helpful features like  Snap Layouts  for easier multitasking and enhanced gaming performance with DirectStorage

Windows 11 Snap Layouts in action

See here Snap Layouts in action, W11 

What’s New in the Latest Windows 11 Update? 

The new update, version 24H2, brings a range of features to improve productivity, enhance user experience, and tighten security. Whether you’re a casual user or a professional, here’s what you can expect from this latest update: 

1. Enhanced AI Capabilities with Microsoft Copilot 

Windows 11 now integrates with Copilot, an AI-powered assistant designed to help users accomplish tasks faster and more efficiently. From summarising documents to generating responses and managing your calendar, Copilot is embedded across apps, giving you an intuitive, AI-enhanced work experience. 

Interested in learning more about Copilot? To book a call with us today contact us via our Client Portal, 01271 375999 or Web enquiry.

2. Streamlined Design and Widgets 

Microsoft has continued to refine the look and feel of Windows 11. The latest update introduces more customisation options for the Start Menu and Taskbar, with improved widget support. Now, you can easily drag and drop widgets and enjoy a smoother interface that feels more personalised to your workflow. 

3. Native Support for RAR and 7-Zip 

Good news for users handling compressed files: Windows 11 now natively supports RAR and 7-Zip files. No need for third-party apps—this makes it easier to open and extract a wider range of compressed file formats directly in File Explorer. 

4. Improved File Explorer 

File Explorer has received a significant upgrade, with a modernised design and better organisation tools. It now supports a Gallery View for easier photo management and offers a more intuitive way to manage and navigate files. The update also brings enhanced cloud integration, making it seamless to access files stored in OneDrive. 

5. Better Accessibility Features 

With inclusivity in mind, Windows 11 has introduced new accessibility options, including enhanced voice access features and better live captions for media. These updates ensure that Windows 11 is usable by people of all abilities, further reinforcing Microsoft’s commitment to making technology accessible to everyone. 

6. Expanded Gaming Features 

Gamers are in for a treat as Windows 11 continues to focus on delivering a premium gaming experience. The update optimises DirectStorage, reducing game load times and enhancing performance while also supporting a growing list of Auto HDR titles for richer, more immersive gameplay. 

7. Tighter Security 

Security remains a top priority in this update. Enhanced multi-factor authentication, better encryption protocols, and advanced malware protection ensure that users’ data is safer than ever. The update also brings Pluton Security Processor integration, providing an additional hardware-level security feature for supported devices. 

Windows 11 version 24H2 is currently being actioned as a staged rollout, but Windows users can prioritise their access to the update by adjusting Windows ‘update’ settings. 

Windows 10 Support is Ending Soon – Time to Upgrade to Windows 11 

The end of support for Windows 10 is just around the corner, with Microsoft officially stopping updates on 14 October 2025. This means no more security updates or support, leaving your devices vulnerable to attacks. If your organisation is still using Windows 10 devices, now is the time to think about upgrading to Windows 11. At Lineal, we strongly recommend businesses plan for this change. As Windows 10 reaches its end, systems will become much more vulnerable without security updates, putting your business and data at serious risk. Upgrading to Windows 11 ensures you stay secure and get access to new features that help your team work smarter. 

Need help with the upgrade?  

Lineal is here to support businesses through the transition, ensuring minimal disruption and maximum security. Get in touch with us today to make sure your business is ready for the future! 


2024 Client Feedback Survey Insights

Lineal’s Client Feedback Survey 2024: Results and Insights

We have an unwavering focus on delivering services of the highest quality at Lineal. Every year we conduct an annual Client Feedback Survey to see how we are doing, and to ensure our clients continue to feel heard, valued, and well-supported. Our 2024 survey results highlight our strengths and our ongoing commitment to delivering first-class, dependable Managed IT Services. Here’s a summary of this year’s key findings:


1. Understanding Client Queries and Requests

Our team’s goal is to ensure every client feels understood and supported. Here’s how clients rated us in this area:

An impressive 93% of clients rated our understanding of their queries and requests as either “Very Well” or “Extremely Well.” This positive response mirrors last year’s feedback, affirming our efforts to be attentive and thorough in our approach.


2. Response Speed to Client Queries and Requests

Timely support is crucial in IT services, where quick responses make a significant difference. Here’s how clients rated the speed of our responses:

Overall, 66% of clients felt their concerns were addressed faster than anticipated, which speaks to our team’s dedication to prompt and efficient service. These results are encouraging, reflecting the value we place on timely assistance.


3. Overall Quality of Customer Support Experience

Clients’ satisfaction with the overall quality of their experience is essential, and we are delighted by this year’s feedback:

A large majority of clients rated their support experience as “Great” or “Good,” highlighting our team’s commitment to delivering consistent, high-quality service that leaves clients feeling confident and valued.


Summary and Next Steps

Our 2024 survey reflects our dedication to understanding clients, responding promptly, and maintaining high standards of service quality. Moving forward, our focus will be to continue improving our support processes, aiming to exceed expectations and deliver an exceptional experience to every client. We’ve also introduced several enhancements to our working practices, including: 1. Quarterly Reporting for customers | 2. Introducing a new Service Desk Co-ordinator at Lineal | 3. Refining our support ticket system.

With these adjustments to our internal processes and even better customer communication, we expect to score even higher on our customer satisfaction survey next year!

Thank you to everyone who provided feedback. Your insights are invaluable as we strive to elevate our support and service in 2025 and beyond.


Cybersecurity Awareness Month 2024

October is Cybersecurity Awareness Month, a time for businesses to focus on enhancing their defences against the growing threat of cyberattacks. In a time where data breaches and ransomware are unfortunately becoming more sophisticated, it’s essential to adopt strong security practices both at work and at home. 

Here are some essential cybersecurity steps your business should implement:

1️. Use Strong Passwords – Weak passwords are one of the easiest ways for hackers to break into your system. Use long, complex passwords that combine letters, numbers, and symbols, and consider using a password manager to keep track of them securely.

2️ Enable Multi-Factor Authentication (MFA) – MFA adds an extra layer of protection by requiring a second form of verification, like a phone app or fingerprint, before granting access to your accounts.

3️. Phishing Awareness – Email scams are a common entry point for hackers. Train your employees to recognise suspicious emails and avoid clicking on malicious links with uSecure, a security awareness training platform that helps reduce human error.

4️. Update Software Regularly – Ensure all your systems, apps, and software are up to date to patch any security vulnerabilities. Outdated software is an open door for cybercriminals.

As well as taking these steps, there are some helpful pieces of software out there that you can install to keep you safe. At Lineal, we always recommend SentinelOne, a next-generation cybersecurity platform that provides endpoint protection using AI to detect and stop threats in real-time before they can cause damage. Other measures you can take, such as advanced email filtering, further protect your team by blocking phishing attempts and malware at the source.

Our NCSC-accredited team of cybersecurity experts have many tricks up their sleeves to help you stay safe. 

Click here: https://forms.office.com/e/ZQFQsPdvPP to register for a FREE cybersecurity service today!


CrowdStrike Issue Hits Windows Updates

Systems around the world have faced a major outage following an issue with CrowdStrike security software blocking recent Windows Updates.

Thousands of organisations including airports, hospitals, train networks and financial exchanges have experienced widespread system issues as of Friday 19th July 2024 – with international media reporting long travel delays and difficulties transacting payments.

The issue is currently believed to impact:

  • Windows environments running Crowdstrike cyber security software, which is blocking a recent Windows update, resulting in systems being unable to restart.
  • Certain Microsoft cloud-services with back-end dependencies on systems operating CrowdStrike.

Affected systems restart into the infamous ‘Blue Screen of Death’ (BSOD) upon unsuccessful update. Updating PCs via physical access is a major challenge for organisations with large scale sites or remote operations spread over a wide geographic area.

CrowdStrike / Windows Issue

Please note that Lineal Managed Services are not affected by the current worldwide CrowdStrike / Windows update issue affecting systems around the world. As of 0630hrs UTC, a manual workaround is available for Windows installations affected by this third-party software error, to manually remove the obstacle to a successful update.

If you or any part of your organisation has been affected by this issue, please contact our team via our [email protected] or 01271375999. If you know of anyone who may be affected, please ask them to get in touch for assistance.

A number of potential fixes are recommended, however some involve disabling the CrowdStrike agent, potentially leaving a further cyber security vulnerability:

  • Either booting Windows into Safe Mode or the Windows Recovery Environment, and manually deleting ‘C-00000291*.sys’ from the CrowdStrike Directory, rebooting the host normally.
  • OR Booting in Troubleshooting mode, and renaming CS.Agent.sys via Command Prompt.
  • OR For virtual machines – mounting discs elsewhere to change the file blocking successful update.
  • OR using Microsoft Intune / another patch management platform to block any updates likely to be faulty if not yet applied.

However, as already noted by a number of Lineal engineers – resolving the problem is likely to involve complications where organisations have Bitlocker encryption deployed to the Windows environment.

If you or any part of your organisation have been affected by this issue, please contact our team via our [email protected] or 01271375999. If you know of anyone who may be affected, please ask them to get in touch for help.


Lineal Awarded Cyber Advisor Status

Lineal has been awarded Cyber Advisor status by the UK National Cyber Security Centre – in recognition of our ongoing work in support of the UK Cyber Essentials scheme.

As the public facing arm of GCHQ, the National Cyber Security Centre is responsible for engaging with businesses, the public sector and general public to improve the cyber security of the UK. The NCSC provides a single point of contact that helps law enforcement, defence, intelligence and security agencies coordinate and raise awareness of the importance of digital resilience.

Lineal are among a small handful of official recognised Cyber Advisors based in the South West, recognised for our ability to guide businesses and organisations through the process of obtaining UK Cyber Essentials (and Cyber Essentials Plus) Certification.

Cyber Essentials requires businesses to meet or exceed an assured set of security requirements each year, to protect against common forms of online crime, technology dangers and digital threats. Certified by the UK Government’s National Cyber Security Centre (NCSC), Essentials has become a standard good-practice requirement for all businesses looking to trade with public-sector organisations, helps build trust among customers, and helps demonstrate that an organisation is working hard to keep systems, staff and data safe.

Not dependent on specific technology or solutions, CE relies on demonstrating basic underlying controls and fundamental cyber hygiene, and organisations who obtain certification see both fewer instances of cyber breaches and the ability to recover faster in the event of an incident. A more advanced certification, Cyber Essentials Plus, is independently audited to build a more comprehensive security posture.

In addition, Lineal offer a wide range of key cyber security solutions both individually and as part of Managed Cyber Security packages.

We’ve helped numerous business successfully obtain Cyber Essentials for the first time – speak to us about how we can help your team do the same.


Lineal at Barracuda Discover24

Lineal staff recently attended Barracuda Networks’ Discover24 event in Vilamoura, Portugal, to take part in the security provider’s annual conference.

In front of a capacity crowd of cyber security partners from more than thirty countries across Europe, the Middle East and Africa, the award-winning US security giant revealed its latest platform developments and insights into anti-cybercrime efforts around the globe.

Barracuda email security solutions protect more than eight million email inboxes worldwide, and screen a staggering 280m malicious email threats per week. For countless organisations, email remains the single-biggest attack vector for everything from credential phishing to impersonation scams, and Lineal has used Barracuda solutions to protect our clients for more than ten years.

Barracuda Discover24 Main Stage

However, in the past decade the provider’s unrivalled platform has expanded its solutions across the technology space dramatically – and now has an impressive array of specialised security solutions for everything from backup and firewalls to application security and highly-advanced security operations centres offering Extended Detection & Response (XDR).

Among the new technology demonstrated was cutting-edge AI assistance that uses machine learning to help detect malicious emails containing little actual text, and impressive statistics for catching emerging threats, ransomware incidents, attacks on APIs and even SaaS applications.

Barracuda also announced a range of planned upgrades and standardisations to their own platforms to help end-customer organisations deploy solutions faster and more effectively.

 

For Cyber Security support and expertise, please contact our team today.


Cyber Lessons from the British Library

The British Library has published its lessons learned from the devastating cyber attack that struck in October 2023.

In an eighteen-page report which shows an impressive commitment to transparency, but makes for painful reading, the organisation details how it was compromised by the Rhysida ransomware group during a traumatic timeline of events. In a subsequent press release, the Library also states it hopes other institutions will learn from its findings in the wake of a ‘deeply damaging criminal attack.’

Unfortunately, the report makes clear that in response to tighter security standards, the organisation ceased to be Cyber Essentials Plus certified in 2022, pending replacement of some older systems. In section six, sixteen ‘lessons learned’ form the basis of its future plans and guidance to other organisations:

  • Enhance network monitoring capabilities
  • Retain on-call external security expertise
  • Fully implement multi-factor authentication: Multi-factor authentication needs to be in place on all internet-facing endpoints, regardless of any technical difficulties in doing so.
  • Enhance intrusion response processes
  • Implement network segmentation
  • Practice comprehensive business continuity plans
  • Maintain a holistic overview of cyber-risk
  • Manage systems lifecycles to eliminate legacy technology
  • Prioritise remediation of issues arising from legacy technology
  • Prioritise recovery alongside security
  • Cyber-risk awareness and expertise at senior level
  • Regularly train all staff in evolving risks
  • Proactively manage staff and user wellbeing
  • Review acceptable personal use of IT
  • Collaborate with sector peers
  • Implement Government standards, review and audit policies and processes regularly

The exact origin of the hack – which took Library systems offline for months – is unconfirmed, in part due to the scale of the destruction. However the Library’s independent security investigators believe the original breach was caused by either a spear-phishing, brute force or other credential compromise. This allowed hackers access to a remote session on a terminal server that was not yet subject to Multi-Factor Authentication for a user to login.

From there, around 600GB of data (or half a million documents) were exfiltrated, with searches for sensitively-named content such as ‘passport’ and ‘confidential’. Backup copies of twenty-two databases were also made, and removed from the network. Ransomware was also deployed, and the encrypted data used for attempted extortion.

At several points Rhysida are believed to have made their own actions difficult to track – deleting log files and destroying servers to prevent a swift recovery. In a classic ‘double-extortion’ the group also leaked employee and customer data for auction on the dark web in November, with a starting value of 20 Btc (then approximately £600,000). The British Library insists that in line with guidance given by the National Cyber Security Centre, no attempt was made to communicate with the attackers, nor any ransom paid.

The Rhysida ransomware group are also reported to, or have claimed responsibility for, hacks carried out in Chile, Portugal, Kuwait and the United States in the latter half of 2023. Cyber security professionals believe the hackers are Russian-speaking, although evidence is limited.

Lengthy and costly, the cleanup effort has clearly been difficult. The report details that the Library convened Gold and Silver level crisis-management committees, with both private sector and UK state cyber security assistance – although senior staff at the BL were at one point forced to communicate via an emergency WhatsApp call in the absence of official systems. The Library’s main catalogue, containing more than 36-million records, only returned online in ‘read-only’ format in January, and the report states ‘Many staff have been unable to perform significant parts of their roles’ (for more than 3 months.)

The Financial Times have speculated that the recovery costs may eventually total over £7m, which would represent around 40% of the institution’s known financial reserves, although the Library’s Chief Executive, Sir Roly Keating, told the BBC it was too early to calculate the true value.

 

For cyber security expertise and assistance, please contact our team today.


Lockbit Taken Offline By National Crime Agency

Ransomware provider LockBit has been taken offline by a joint operation involving law enforcement agencies from eleven countries.

As of the 20th February, a banner on LockBit’s website declares that the site is now under the control of the UK’s National Crime Agency, part of a coordinated operation to take down the group’s ‘command and control’ infrastructure.

Authorities from the NCA, the FBI, Europol and others from around the world swooped on a number of individuals believed to be involved with Lockbit – making arrests in Poland, Ukraine, and in the United States. Two further named individuals are believed to be Russian nationals.

The combined operation (‘Operation Cronos’) also froze more than two hundred cryptocurrency accounts, took down 34 servers and closed 14,000 rogue accounts.

operation cronos banner from lockbit's website

LockBit made headlines as one of the world’s most successful ‘Ransomware-as-a-service’ providers: offering a toolkit any would-be cyber criminal could use to launch their own cyber extortion operation, demanding more than $120m in ransoms for unlocking encrypted data.

The group behind LockBit, which first emerged on Russian forums in 2020, did not respond to Reuters following requests for comment, but published messages on an encrypted messaging app stating it has backup servers not yet ‘touched’ by law enforcement. Investigations by police in numerous countries also revealed copies of stolen data the group claimed to have deleted after negotiating ransom payments.

More than 1,700 organisations are believed to have been compromised by LockBit, many of which are now listed online – and include Royal Mail, the NHS, Boeing and ICBC, China’s largest bank, among many others.

Decryption tools have so far been released to victims of LockBit in 37 languages, as part of the ‘No More Ransom’ project, with UK authorities pledging to reach out to organisations affected by the ransomware.

 

For Cyber Security expertise and assistance, please contact our team today.


Lineal Launches Trust Centre

We’ve launched a new online Trust Centre aimed at demonstrating Lineal’s commitment to Cyber Security and data privacy.

We take our role as your trusted IT provider extremely seriously, and we hope the trust centre will show what we’re doing to maintain the highest of industry standards.

Available online to anyone at any time, our trust centre acts as a transparent dashboard showing our current compliance standards, risk profile and cyber security best practices. In addition to reviewing our key policies, we’ve detailed what we do to keep staff, data and systems safe – across numerous areas including endpoint protection, network security, backup, infrastructure, app and information control.

Our intention is that the trust centre gives our customers confidence in our dedication to good cyber hygiene, and acts as a useful reference resource when our clients are dealing with 3rd-party supply-chain assurances, industry frameworks and insurance providers.

Furthermore, we hope that a detailed overview of the cyber security strategy employed by Lineal acts as a model for others, and a useful template for the kind of organisational transition our own team can help your organisation pursue successfully.

Those measures are backed by important standards: Lineal is an ISO 9001 & 27001 accredited organisation, Cyber Essentials and Cyber Essentials Plus Certified – with reviews of our status undertaken by Cybersmart, Microsoft, Alcumus and Huntress.

 

For Cyber Security expertise and support, please contact our team today.


Google & Yahoo Tighten Email Rules: What to Expect

Major email providers including Google, Yahoo and AOL are set to tighten rules on incoming email – making accounts more secure against SPAM and demanding more of bulk senders who want to see their emails delivered.

Google and Yahoo alone represent more than two billion email accounts, many of them belonging to individual consumers for personal use. Estimates suggest around 70% of these have no protection against domain spoofing.

Until recently, even many basic security protocols such as SPF (checking whether email header and ‘sent from’ address match) were not enforced on major email platforms such as gmail – allowing fraudulent emails to unsuspecting users. This made phishing emails easier to circulate, harder to detect, and has been recognised as one of the biggest enablers for cyber security attacks.

DKIM – a protocol that signs both the real domain and email with a cryptographic signature that email clients can cross-reference for authenticity – is also often absent, with email providers increasingly looking to demand better standards from email senders.

From February 2024, bulk email senders must adhere to the following requirements outlined by Google and Yahoo:

 

New Sender Rules

SPF & DKIM Enforced – Business and organisations that need their emails to be delivered safely will have to add SPF & DKIM settings to their domains and mail servers that verify whether emails purporting to be from them are genuine, and have not been tampered with. Without checks in place, Gmail and Yahoo may reject those emails altogether.

Easy Unsubscription – bulk emails must offer ‘one-click’ unsubscribe options for recipients, making it easy for email recipients to opt-out of repeated unwanted messages, and keep clutter under control.

DMARC, the most challenging of the requirements, will be enforced for bulk email senders sending more than 5,000 emails per day, aimed at preventing rapid phishing scams and other mass attempts at fraudulent communications.

 

For those communicating with the public, the changes are likely to prove crucial, and IT managers need to prepare carefully to ensure their emails continue to be trusted.

 

For Cyber Security assistance and expertise, please contact our team today.


Supporting Digital Skills in the South West

Two of Lineal’s youngest team members recently featured in an exciting video project aimed at introducing young people to careers in technology.

The Digital Skills Series is a joint project by Devon County Council & the Heart of the South West LEP which interviews ‘Digital Pioneers’ among some of the South West’s most innovative tech companies, and aims to get Key Stage 3 students interested in the amazing opportunities that are available in the digital sector.

It is hoped that the scheme will help promote apprenticeships, degree apprenticeships, work experience and other kinds of placement that help promote much-needed technical skills in the sector.

 

One recent survey of tech companies in the South West suggested more than half of businesses struggle to find recruits for technical roles, and that the region needs to do more to work with schools, local and central government to overcome the skills shortage.

Lineal have supported apprenticeships for over a decade, and are featuring in this video project for the second time in recent years. The short video-interviews will be shown to school children across the area as part of a series, and we hope it will help inspire the next generation of digital pioneers.

Our thanks to Alex, Harry, and Ocean City Media for their hard work towards this fantastic educational project. You can learn more about the Digital Skills Series here: https://skillslaunchpad.org.uk/ks3digital/digital-pioneers/

 

For IT support and expertise, please contact our team here.


Client Feedback Survey Results 2023

Lineal has maintained strong scores in this year’s client feedback survey, continuing a long-term trend of positive improvement to our IT support services.

Once again, our team’s expertise drew much praise – with over 96% of respondents saying we understand customer problems either ‘Extremely Well’ or ‘Very Well.’ Fewer than 1% of respondents have now given us a negative response to this question within the past three years.

This verdict tallies with instant feedback from our ticketing portal, gathered throughout the year – with more than 97% of respondents rating their Lineal IT support engineer’s ability to resolve their technical support ticket positively.

instant feedback

Response times remain good – fewer than 4% of respondents felt we responded ‘Slower than expected’ when asked. However, we’ve also noticed an slight increase in ‘average’ speed ticket share (from 38% to 48%), something we’ll be working hard to improve.

A record 77% of respondents graded the quality of our IT support experience ‘Great!’ (the best option available) – our highest customer service score ever recorded.

Among our favourite comments were:

“Responsive, cooperative, professional, someone always answers the telephone.”

“Always prompt & helpful, nothing is too much trouble.”

“I found the front desk helpful and polite the back room staff knowledgeable and caring and provided me with a quick service and useful information. I would use them again for IT problems.”

“Did what you said you’d do, can’t ask for more really.”

“We have always found Lineal to come up with the right level of knowledge on any issues or products we require as and when we need something. Lineal service is second to none, absolutely outstanding.”

 

Our thanks once again for all your feedback.


Ransomware Case File 2023

Each year new cyber threats appear to circulate online, and 2023 has certainly been no exception. For cyber criminals, it’s business as usual… right?

Not quite. Over time certain new patterns emerge that are important for cyber security researchers to identify, and these can help protect businesses and organisations in the future. So what can we learn from this year’s crop of nasty ransomware strains?

 

Akira

akira ransomware

First spotted around April 2023, Akira ransomware appears to be one of the better-organised criminal efforts to extract payments from victims.

Suitable for multiple operating systems and sporting a green-and-black ransom note aesthetic Sophos describes as ‘Retro’, Akira is a professional effort that should give pause for thought.

Disabling many security settings to give itself more lateral movement on systems, the infection also tries to destroy backups to hinder the user, and has a ransom note written in (relatively) good quality English with a host of supporting infrastructure to help the hacker leverage a bigger payout.

The threat actor(s) behind Akira were known to exploit an existing VPN vulnerability to spread the ransomware, but had used stolen credentials purchased online from third-party data breaches to get started – in what has become a common pattern of low level breaches by third-parties supplying the more serious cyber crime via online black markets.

 

MedusaLocker

medusalocker ransomware

Originating back in 2019, this nasty ransomware has been through a string of variants with the most recent strain popping up in September 2023 to hit a major European health organisation.

MedusaLocker is an example of ‘Ransomware-as-a-Service’ – anybody can purchase and launch their own version, with a typical ransom being around $12,000. Like legal software companies, the developers behind Medusa even offer their customers a Support Helpdesk!

More recent variants have moved over to ‘double-extortion’ style attacks, where the hacker not only compromises the data, but threatens to leak a copy online, which is more likely to compel healthcare and public-sector organisations holding very private information on behalf of the public to pay the ransom demand.

 

Black Hunt

blackhunt ransomware

Targeting Windows environments, this ransomware looks relatively traditional, but may show the shape of things to come.

It can be spread both by email and via drive-by downloads on malicious websites that purport to give away free software or content, and for a special trick, immediately tries to terminate other processes on the user’s machine to speed up how quickly it can corrupt data – getting ahead of efforts to slow it down.

Curiously the ransomware searches for a specific text file called ‘Vaccine.txt’, which is likely a safety mechanism used by the original developers to protect their own systems against the dangerous infection.

The Group behind Black Hunt also use a tactic becoming increasingly popular among cyber criminals – publicly naming their victims in a perverse online ‘Hall of Fame’ – as a warning to others.

 

Our Verdict:

Keeping your data, staff and systems safe from ever-evolving ransomware infections means instilling good cyber-hygiene among your organisation, backed by a cyber security strategy that covers a range of areas including; endpoint protection, identify security, perimeter defence and user awareness training among others. Learn more here. 

 

For Cyber Security Expertise and Support, please contact our team today.


FAQ: UK Analogue Stop Sell

As Openreach continues a massive upgrade of the UK’s telecommunications infrastructure from analogue copper to digital fiber-optic, a record 10 million homes and businesses are now switched over.

However, September marks another key milestone – the official ‘Stop Sell’ of older analogue services to the market. From this month, no new copper telephone lines may be ordered*, as Openreach seeks to retire the old-style copper service that goes back to the early 1900s. The stop sell affects a wide range of services – including landlines, traditional broadband, alarms lines and many more.

The £15bn investment represents a great leap forward for the UK – but what does it mean for businesses with existing copper?

 

Will my existing copper line be turned off?

Not yet! Existing analogue services are expected to be allowed to continue into 2025. However, the lifespan of these is now rapidly reaching its end, and Openreach advises businesses should be preparing to replace these to avoid any risk of loss of service.

 

What should I be replacing my old copper line with?

If full-fibre is already available in your area, take full advantage of the increased speed and reliability.

For those still on the schedule to be completed, SoGEA broadband options which eliminate the existing line rental in preparation for the fibre switchover are already available for millions of properties. These may remove your old line number, so bear this in mind before you make the important jump to the new service.

 

What if nothing else is available in my area?

If you’re one of a small proportion of exemptions (sites where no Fibre or SoGEA services are available) ordering a reactivated copper line may still be permitted, at an increased cost.

Alternatively, customers may consider 4G or satellite broadband as an alternative. A new SOTAP (fixed line) option is expected to be available from March 2024, eliminating virtually all new copper service orders nationwide.

 

What do I do about Service (X) that my business needs?

If you’re unsure about any aspect of your telecoms or connectivity provision, and how it is affected by the stop sell, please contact our team for assistance.

Alternatively, check out Lineal’s recent webinar on the ‘Big Switch Off’:

 

More details on Openreach’s build plans for 25 million properties across the UK by December 2026 can be found online here: https://www.openreach.com/fibre-broadband/where-when-building-ultrafast-full-fibre-broadband


GCHQ Tipping Off Ransomware Targets

British intelligence services are actively providing advance warnings to potential ransomware targets in order to thwart impending cyber attacks. On average, every seventy-two hours for the last three months, a team of cyber security experts within GCHQ has been identifying the initial stages of new ransomware attacks targeting British entities, alerting intended victims and preventing attacks from being carried out.

An innovative system known as ‘Early Warning’, overseen by the National Cyber Security Centre (NCSC), is already believed to have thwarted major attacks, and draws on a range of unknown information sources including exclusive intelligence community feeds, public data, commercial inputs, and proprietary resources not available to the public.

This proactive approach, disclosed by several unnamed sources who spoke to Recorded Future News on the condition of anonymity, demonstrates the potential to curtail a significant number of successful cyber breaches. However, it has been noted by insiders that broader participation from organisations is needed to fully capitalise on the benefits of this system.

Currently, the scheme still has its challenges. Only a small fraction of organisations receive alerts – and it is estimated only 2% of those alerted act on the potential threat.

Ironically, a spokesperson from NCSC acknowledged the difficulties faced, stating, “We often struggle to find the correct contact information, or the person believes they’re speaking to a scammer.” The agency has taken steps to provide guidance on distinguishing official communications from criminal attempts to extract money or sensitive data.

In some cases, the delay in notifying potential victims has been so substantial that by the time NCSC establishes contact with the relevant parties, the ransomware attack has already been unleashed.

However, GCHQ clearly has big plans for developing the scheme further, and is encouraging organisations to sign up for Early Warning. As of the close of 2022, a mere 7,819 organisations had registered for the original service, but the NCSC’s annual report reveals that the system alerted over 5,900 user organisations about threats, more than 2,200 about vulnerabilities on their networks, and 56 received early alerts about ransomware attacks.

 

Learn more about Early Warning here, or speak to our Cyber Security team today.


Thumbs-Up Emoji Legally Binding says Canadian Court

A farmer in Canada has been ordered by a judge to pay C$82,000 ($61,442) for failing to fulfill a contract, with the judge ruling that the “thumbs-up” emoji is just as legally binding as a signature. The ruling reflects the need for courts to adapt to new technology and the changing ways in which people communicate.

The case, which took place in the Court of King’s Bench in the province of Saskatchewan, involved a grain buyer named Kent Mickleborough who sent a text message to clients in March 2021, advertising the purchase of 86 tonnes of flax at a price of C$17 ($12.73) per bushel.

Mickleborough communicated with farmer Chris Achter over the phone and sent a picture of a contract via text message, requesting Achter to confirm the flax contract. In response, Achter simply replied with a thumbs-up emoji. However, when November came around, Achter had not delivered the flax as agreed, and by then, the crop prices had risen.

The interpretation of the thumbs-up emoji became a point of contention between Mickleborough and Achter. Mickleborough argued that the previous contracts confirmed by text message indicated that the emoji signified Achter’s acceptance of the contract’s terms. On the other hand, Achter maintained that the emoji only indicated that he had received the contract.
During the legal proceedings, Achter’s lawyer objected to his client being cross-examined on the meaning of the thumbs-up emoji, arguing that Achter was not an expert in emojis.

Justice Timothy Keene, presiding over the case, even referenced a definition of the symbol from dictionary.com at one point. Keene acknowledged the extensive search for similar cases involving emojis from different jurisdictions, expressing his frustration over the need for such an exploration to determine the meaning of a 👍 emoji.

While recognising that a 👍 emoji is an unconventional method of “signing” a document, Keene concluded that, under the circumstances of this case, it was a valid way to indicate acceptance, fulfilling the purposes of a “signature.” He dismissed concerns that allowing the thumbs-up emoji to signify acceptance would lead to broader interpretations of other emojis like the ‘fist bump’ or ‘handshake,’ stating that the court should not attempt to hinder the advancements in technology and the common usage of emojis.

In his ruling, Keene emphasized that Canadian society is entering a new reality where emojis and similar forms of communication are prevalent. He also acknowledged that courts must be prepared to face the challenges that may arise from the use of emojis.


2023 Cyber Breaches Survey

The 2023 Cyber Breaches Survey has been released, highlighting key findings about the state of the UK’s cyber health.

This year’s study found that cyber security breaches and attacks remain a common threat, with 32% of businesses and 24% of charities recalling any breaches or attacks within the last 12 months – but with cyber security taking a back seat in the minds of many, falling behind economic issues like inflation.

In more positive news, a majority of businesses and charities have a broad range of measures in place, with the most common being endpoint security software (75%), cloud backups (70%), restricted admin rights (67%) and network firewalls (66%).

However general cyber hygiene may actually be getting worse. The report also highlights that the routine avoidance of relatively unsophisticated threats needs greater attention over more advanced hacking, with smaller businesses in particular losing ground in some very fundamental areas, including:

Use of password policies (79% in 2021, vs. 70% in 2023)
Use of network firewalls (78% in 2021 vs. 66% in 2023)
Restricting admin rights (75% in 2021, vs. 67% in 2023)
Security updates within 14 days (43% in 2021, vs. 31% in 2023).

A mere three-in-ten businesses have undertaken any kind of cyber security risk assessment – again showing low scores among smaller firms and driven in most cases by either changes at board level or the demands of customers – corresponding to an increase in businesses reporting checks on their own suppliers.

“Taken together, these findings highlight an increasing cyber hygiene challenge among small to medium enterprises (SMEs) in the post-pandemic era.”

Fewer than four-in-ten businesses have cyber security insurance, just 21% have an incident response plan, and only 14% of businesses are even aware of the NCSC’s important Cyber Essentials Scheme. A mere 9% successfully adhere to ISO 27001 standards.

In particular, the survey highlighted the food and hospitality sectors, entertainment and the construction sectors for reporting low take-up of cyber security measures. The UK’s largest businesses generally report higher scores across all areas, with the exception of patch management (44%) and restricting access to organisation-owned devices (31%).

Among the 11% of businesses that have suffered cyber crime in the last 12 months, the annual (mean) cost of an incident is now estimated to be approximately £15,300 per victim.

 

For Cyber Security advice and expertise, please contact our team today.


End of an Era for Windows Server 2012

Windows Server 2012 and Server 2012 R2 will be declared end of life (EOL) as of 10th October 2023, after which the operating system will receive no new security updates.

This leaves organisations using Server 2012 with several options:

– Re-license and migrate to a newer operating system if hardware supports it.
– Migrate those server workloads into a cloud platform like Microsoft Azure.
– Replace those server workloads with web-based applications.
– Purchase new server hardware with a supported operating system.
– Purchase specialist Extended Security Updates (ESUs) until 2026.

Which option to choose depends on where a business is their replacement/hardware lifecycle, budgets and changing workplace requirements. For some, a move to a newer version of Windows Server (2016, 2019 or 2022) is still possible, but this isn’t the only option. Don’t forget to check out Lineal’s handy flow chart on what to do when faced with the choice of replacing a server.

How and when to replace servers is a complex question, and businesses increasingly have far more cloud-based and software-as-a-service (SaS) choices available than a decade ago. Bundled services like Microsoft 365 have increasingly replaced the on-premises Exchange server, the file server and more for many small organisations – making the heavy capital investment for a server impractical. In the face of increasing hardware and energy costs, running on onsite server also looks increasingly expensive.

In some ways the end of Server 2012 represents the end of an era – in 2012, server sales were just beginning to recover from the financial crash. A decade on, both PC and small volume server sales look bumpy, while the largest server manufacturers appear to be focusing ever more sales attention on the data centre market – where there is growing appetite for enterprise hardware driven partly by the hosting and increasing consumption of those same cloud services.

For many small businesses in particular, a Server 2012 box may have turned out to be the last on-premises server they would ever purchase.

 

For Technical support and expertise, please contact our team today.


UK to Test Emergency Alert System

The UK government has announced plans to test the UK emergency alert system that will send a siren-like notification to all mobile phones on 23rd April.

The new system is being trialled for use in the event of an immediate risk to life and enables emergency services to send messages directly to mobile phones when there is a threat to people’s safety. The siren-like notification can only be sent by an authorised government source: phones will vibrate and play a loud sound for up to 10 seconds, accompanied by guidance on how to respond sent from emergency services within a notification on the device’s home screen.

People’s privacy will not be affected as the alerts do not reveal their location or collect personal data. The system will go live on Sunday 23 April and should reach nearly 90% of mobile phones within a defined area.

People can opt-out of the emergency alerts by changing their device settings, but a survey conducted after the tests found that 88% of people wished to receive the alerts in the future. Emergency alerts will be used very rarely and will focus on the most severe weather-related incidents, such as flooding and possible wildfires. The system has already been successfully tested in East Suffolk and Reading.

The UK is following in the footsteps of other countries, such as the US, Canada, the Netherlands, and Japan, that have successfully rolled out similar emergency alert systems credited with saving lives. However, the US state of Hawaii caused panic when it accidentally sent out an alert warning of an incoming ballistic missile to televisions, radios, and mobile phones. Officials blamed miscommunication during a drill at the Hawaii Emergency Management Agency, which caused more than 30 minutes of panic. The UK government aims to strengthen national resilience with the new emergency alert system, which will help to warn and inform people in immediate danger and keep them safe.


Exchange Emails Face Blocking

Microsoft have announced plans to throttle, and eventually block, emails sent from on-premises and hybrid Microsoft Exchange Servers that remain unpatched.

“Persistently vulnerable” servers will receive incrementally stricter controls, beginning with throttling (delayed delivery) up to and including a complete block beyond 90-days, preventing onward delivery to other Microsoft-based email accounts such as those in Microsoft 365/Exchange Online and Outlook.com.

The dramatic move puts yet another large question mark over organisations relying on on-premises Exchange server hardware. While Exchange 2003, 2007, and 2010 are now rare, Exchange 2016 still remains in surprisingly widespread use, and many copies of Exchange 2019 are not regularly patched against known vulnerabilities.

Extra controls will apply to servers that run on outdated or unsupported software or haven’t been patched against known security bugs – to help Exchange admins identify unpatched or unsupported on-premises Exchange servers, and allowing them a chance to upgrade or patch before they become security risks.

Recent times have seen a string of major vulnerabilities against Exchange server – including by the Chinese hacking group Hafnium.

Even in 2023, A simple Shodan search still shows thousands of Internet-exposed Exchange servers, with many still waiting to be secured against attacks targeting them with ProxyLogon and ProxyShell exploits, two of the most exploited vulnerabilities from 2021.

 

For cyber security advice and expertise, please contact our team today.


What is the 3-2-1 Backup Rule?

Backups are essential to ensure business continuity and protect against of data loss, system failures, or cyber attacks – and IT experts often reference the fabled ‘3-2-1’ rule when organising backups into an effective strategy.

The 3-2-1 backup rule states that businesses should have at least three copies of their data, stored on at least two different storage devices, with at least one copy being stored offsite:

 

1. Three Copies of Data
The first part of the 3-2-1 rule states that businesses should keep at least three copies of their data. This means that there should be two backup copies of the original data. Having multiple copies of data ensures that in case of data loss or corruption, and dramatically cuts the risk of complete data loss. As long as there’s at least one remaining backup copy, even giant corporations can always restore their data in a dire emergency.

 

2. Two Storage Mediums
The second part of the 3-2-1 rule states that the data should be stored on at least two different storage devices. This means that businesses should not rely on a single storage device, such as an external hard drive or a cloud server, for their backups. Storing backups on at least two different devices ensures that if one device fails, there is always a backup available from a separate source.

It’s worth noting that this principle also needs to extend to cloud-based environments: where organisations use Microsoft 365 or Google Workspace as their primary platform, secondary backups of that data needs to exist independent of that public cloud.

 

3. One Copy Offsite
The third and final part of the 3-2-1 rule states that businesses should keep at least one copy of their data offsite; ideally more! This means that the backup should not be stored in the same location as the original data or the other backup copies. This ensures that in case of a physical disaster, such as a fire, flood, or theft, the backup data is still safe and can be accessed from a different location.

 

While not perfect (cyber security experts argue modern backup solutions should probably specify immutability, for example) the 3-2-1 principle guards against each of the biggest threats to business data – destruction of the original data, failure of the device hardware holding that data, and a disaster at the site where that hardware exists – that most often causes financial losses, legal liability and repetitional damage.

By planning your backups with this rule in mind, you’ll know your business continuity is protected against common emergencies.

 

For IT Support & expertise, please contact our team today.


Move Over Clippy: Microsoft Previews Copilot

Microsoft has announced a GPT-4 powered AI assistant for the Microsoft 365 Office apps named ‘Copilot’, in an impressive array of preview videos.

Copilot promises to bring OpenAI’s groundbreaking natural language assistant into Word, Excel, Outlook, Powerpoint, Teams and more – helping users to write documents automatically with prompts, analyse spreadsheets and more.

Copilot can also use other Office documents as its source material, allowing powerful cross referencing commands such as ‘Make a Presentation based on my notes in Document.docx’, or copy styles based on examples of your other work.

The new tool, announced at Microsoft’s ‘Future of Work’ event in March, follows a string of recent Chat GPT related developments for the tech giant – which Microsoft promises to dramatically cut the time required to produce first-drafts, as well as rapidly cross-reference with data the user doesn’t have to hand.

Within Microsoft Teams, Copilot promises to summarise meetings based on text analysis of the transcript, or even recap for late attendees based on what they have missed.

Unlike the original ChatGPT version 3 preview, Copilot promises to implement some of the advances used in the trial version of Bing – with references and links embedded inside the AI’s responses demonstrating why it chose that answer.

Don’t expect to see Chat GPT 4 doing all your work for you quite yet though – Copilot remains in a trial phase with twenty select Microsoft customers, with the preview set to expand in coming months. (No Clippy, I wasn’t trying to write a letter – Copilot will do it for me.)

 

For Microsoft 365 expertise and support, please contact our team today.


Why you need Call Recording

No need to keep changing tapes or wheel in a giant in-house recording server in the 21st century! Call recording is an increasingly accessible technology for small businesses that can be optioned onto phone systems, opening up a wealth of possibilities for improving customer service, dispute avoidance and data protection.

There are some good reasons why fully-virtualised call recording is worth considering:

 

Training Fuel

Phone calls are not just for dispute avoidance, but the audio is useful for other purposes: highlighting good examples of calls with customers or demonstrating what NOT to say. These examples are really useful in call centres, but also for staff training in other customer-service environments.

The best call-recording options will let you hold your call recordings in the cloud, reviewing and ‘clipping’ sections of those recordings on the web – helping you to get the best out of the available audio, or download the content you need to keep, while dispensing with the rest to keep storage retention costs low.

 

Compliance-Ready

In certain industries – particularly in the financial and legal sectors – call recording is an important part of showing your business is acting in good faith and fully within the rules, as well as being an economical way to build trust among customers that your organisation is professional.

As the technology becomes ever-more affordable, it’s likely we’ll see more regulatory bodies, insurers and asking businesses to accept recorded audio as a minimum threshold.

 

Get on the record.

It’s very easy for somebody else’s interpretation of what was said on a call can vary from your own – which leads to all sorts of difficult situations.

Announcing that calls are recorded in advance not only provides evidence in the event of a dispute, but pre-emptively warns callers of that fact – helping to cool the temperature of the call before it begins. So next time, get that call on the record!

 

For telecoms advice and expertise, please contact our team today.


Home PC Hack Topples LastPass

LastPass have confirmed that a hack on a staff member’s home PC led to a massive cyber security breach on the company.

The second stage of the attack used data stolen in LastPass’s August breach, cross-referenced with other stolen information, to launch a targeted sting on one of their DevOps engineers – installing a key logger on the staff member’s home PC which resulted in the loss of yet more data.

LastPass confirmed the attacker was able to steal the user’s master password, gaining access to corporate vault resources and shared folders. In the process, encrypted notes and decryption keys needed to access LastPass production backups based in Amazon Web Services (AWS) – cloud-based storage and critical database backups were also compromised.

Since the August 2022 breach, when LastPass source code was stolen, the company has admitted the breach also saw the theft of account usernames, hashed passwords, and some Multi-Factor Authentication (MFA) settings belonging to end users.

Unfortunately LastPass also acknowledged that saved URL for each password entry was unencrypted, giving potential attackers an obvious clue to the purpose of each set of credentials.

The breach highlights the way remote working culture has introduced significant new digital risks – such as the danger of home users accessing work data, resources and applications on devices that sit ‘outside’ of company cyber security protections.

LastPass is believed to be used by over 85,000 businesses and 30 million end users.

 

For Cyber Security Expertise & Support, please contact our team today.

Managed Cyber Security


Team Lineal Take On CyberDrain 2023

For the first time, a group of Lineal’s IT Support Technicians are taking on the international CyberDrain Tournament as a team.

Each year multiple engineers from Lineal take part in the Cyber Drain CTF tournament. Designed to test System Administration and IT engineering skills, the challenge puts competitors through a series of investigative challenges across server and client-side, Microsoft Azure, Linux and Microsoft 365 environments.

The competition runs throughout February and March, with bigger point bonuses awarded for more complex technical challenges, and prizes sponsored by a number of major technology companies. Lineal engineers have scored highly in previous years – placing within the top fifty, and even within the top ten competitors worldwide.

However this year the CyberDrain competition is also a team event, allowing Managed Service Providers to test themselves against the world’s best.

cyberdrain ranking

At time of writing, Lineal is currently ranked amongst the top twenty teams on the Showdown Scoreboard. Stay tuned to see how we get on!

 

For IT Support and cyber security expertise, please contact our team today.


Bing Previews Groundbreaking AI Search

Microsoft have released an early preview of AI-powered search integrated into Bing.

Available via Bing.com, the new tool is the first sign of Microsoft’s multibillion dollar investment in artificial intelligence company OpenAI – and uses the same technology first seen in the open preview of ChatGPT 3.5. AI ‘Copilot’ now not only delivers search results, but can generates longer text-based responses to questions, and form responses to more abstract queries that don’t have an obvious web destination.

The move comes just 48 hours after Google’s rival AI chatbot, Bard, generated a factual error in a promotional video, wiping an estimated $100bn off Google’s total market value.

ChatGPT’s ‘chat prompt’ format also allows the user to respond to Bing in turn, and continue the conversation to get a refined response without having to restart their search from scratch.

In each case Bing’s responses contain automatically embedded links that allow the user to follow-up the origins of each recommendation, even where the citations originate from a wide range of sources.

A new sidebar in Microsoft Edge takes this one step further by allowing Bing to ‘read’ each web page you visit, and intelligently re-format the results – picking out key details or presenting data back in a new format.

Sample queries and a waiting list are already available via Bing.com, but the preview is expected to be made widely available to millions of end users within weeks as Microsoft bets big on the future of search.

 

For IT support and technical expertise, please contact our team today.


Your Official Briefing

We recently attended a special event about the danger of Russian cyber aggression against the UK: here’s the latest guidance from the UK National Cyber Security Centre.

 

Be prepared for changes to Russian strategy

A feared ‘firestorm’ of wholesale attacks on the digital infrastructure of the UK and Ukraine’s other Western allies hasn’t arrived, but the NCSC urges Russia remains extremely unpredictable.

Intelligence agencies are now concerned Russia may launch a new cyber attacks on the West this year, partly as compensation for Russian ground war failures.

Rates of cyber attacks on UK organisations remain ‘steady’, with some very serious incidents reported – and the NCSC has emphasised before how Russian cyber attacks on satellite networks and banking systems in Ukraine have spilled over into multiple countries.

We do know that behind the scenes a number of UK organisations have been carefully briefed to prepare for Russian cyber attacks over the past year – and a ‘handful’ of cyber incidents each year are serious enough to require COBRA meetings.

 

Yes, REALLY unpredictable

Russian strategic aims are often inconsistent. Boldness and risk-taking are known to be favoured in Russian high command – which itself encourages reckless cyber operations, experimental techniques and surprise attacks – but also corners-cut and operational errors.

Much like the Russian ground offensive, many of the most aggressive Russian cyber attacks – such as the widespread use of destructive Wiper malware – appear to have been ‘front-loaded’ during March/April, preparing for a quick victory which did not materialise even as Ukrainian systems have been hardened.

Far less technical attacks also appear to have crept into the mix – alongside a curious quality gap in the actual work of Russian operatives, as if threat actors are being supplemented by other personnel. Recent incidents have highlighted the names of known Russian intelligence officers visible within the code of malware, and fascinating research by Mandiant even suggests attempts by the GRU to recruit assistance from amateur hacktivist volunteers via covert pro-Russian Telegram channels.

However, the NCSC emphasises that ineptitude or failure is not a barrier to the further attacks by Russia – the individuals behind the attacks are shameless, and cyber attacks remain a convenient way to highlight weaknesses from policy makers in other countries.

Essentially ‘nothing is off-limits’ – an approach that is also exacerbated by the internal competition between Russian service branches, with the FSB, FDR, GRU and others often seeking to outdo each other.

 

Who is a target in the UK?

Past experience suggest Russian cyber operations often include a key psychological element – following infamous KGB tradition.

As a result, the Russian military likes to target ‘pressure points’ in particular: critical infrastructure, the energy sector, transport, media organisations, senior politicians and especially companies with visible public-facing operations – anything that might generate panic among the public, suggest democratic policy makers are weak, undermine the West’s resolve to support Ukraine, or provoke a widespread feeling of vulnerability.

Ukraine provides some clues as to Russian strategy, but the NCSC emphasises that espionage attacks can often involve gaining access for no specific purpose – and (for example: obtaining privileged administrator access to systems) are simply a contingency for the future.

 

Organisations that plan ahead suffer less pain

Official advice is clear: organisations that prepare even the most basic disaster-contingency plans recover more quickly and suffer much less financial pain in the event of a cyber attack.

Even very simple crisis management steps like agreeing ‘who is in charge’ in advance, confirming ‘where are the backups’, and keeping printed copies of essential preparations for an emergency, all help radically minimise the damage, disruption and time to recovery.

However, this too comes with an NCSC warning: five years of IT improvement won’t be squeezed into your crisis remediation – better to have a roadmap for improving your cybersecurity as part of your existing business plans.

 

EDR is a Must

Forensic engines included in modern Endpoint Detection & Response (EDR) software help provide rapid information about the scale of hacks during incident response – this provides essential time for first responders to mitigate further threats, limit damage, and give the NCSC information about the threat to others.

The NCSC argues that British resilience will rely not just on small organisations across the country remaining vigilant, but gathering a wider pool of information on the centre’s behalf – the grassroots feeds into the ‘bigger picture’ of national security, and defending the UK is a team effort.

Services like the Signpost Cyber Incident Service now allow smaller organisations to report cyber attacks centrally.

 

Ransomware is THE threat.

NCSC guidance, right from the top of the organisation’s CEO remains the same:

“Even with a war raging in Ukraine, the biggest global cyber threat we still face is ransomware” – Lindy Cameron, NCSC CEO, June 2022.

 

Useful Links:

  • NCSC Early Warning System – Early Warning helps organisation investigate cyber attacks on their network by notifying them of malicious activity that has been detected in information feeds
  • NCSC Exercise in a Box – A free online tool which helps organisation find out how resilience they are to cyber attacks & practice their response in a safe environment.
  • Incident Management – cyber incident response plan NCSC guidance to create your own cyber incident response plan
  • The UK National Cyber Strategy – setting out five key pillars in the UK’s Cyber Planning.

 

For cyber security and technical expertise, please contact our team today.


2023: New Rules for Cyber Essentials

Each year GCHQ’s National Cyber Security Centre issue stricter new rules for business and organisations looking to secure UK Cyber Essentials (CE) and Cyber Essentials Plus (CE+) Certification.

Continuing themes from last year, there are now tighter rules on account access, thin clients, device firmware, remote desktops, antivirus/EDR solutions and more. Despite the success of the Cyber Essentials scheme, the past year has seen some notable cyber attacks on British organisations, and renewed calls for cyber security vigilance.

We’ve compiled a summary to help organisations prepare for what revisions are coming down the line in April.

 

Multi-Factor or Else.

Even sooner than many expected, Cyber Essentials will now require not only Administrators to have Multi-Factor Authentication enabled – but all end-user accounts as well, across all platforms. Previously exemptions were granted for services without this option available, now that gap closes.

Instead, where a service doesn’t support MFA this will now be declared a non-conformity, bringing digital services fully into line with the rules enforced on UK online banking, and even applying to school children – right down to reception-age.

That’s likely to pose a challenge for companies (and particularly schools) using any software or web services which don’t yet offer MFA – so many organisations may need to look at augmenting their IT setups with 3rd-party MFA solutions like Cisco Duo.

 

Don’t forget the Firmware!

Software version controls now extend to hardware device firmware – with the definition clarified to specifying “firewall and router firmware” in particular – which was always essential, given the perimeter nature of these devices. In a rare step back, firmware on servers, PCs and other devices has been removed from the scope.

 

Device Clarifications

The NCSC has admitted third-party devices have been a point of confusion – and has published a revised table clarifying which devices are within the scope of Cyber Essentials. Updates will apply only to devices which are not domain-joined, or when unlocked have limited access to data (smartphones, handheld scanners etc.) If the a vendor does not allow configuration to see CE standards, the application may use the vendor defaults without incurring a non-conformity.

Given that the definition partly rests on who owns the device in question, we predict more changes in future years.

CE device rules for 2023

 

Not Just Any Anti-Malware

Antivirus solutions no-longer need to be ‘Signature-based’ – since the best EDR solutions don’t rely on signature-based detection of threats anyway. CE+ audits will include extra tests to verify that anti-malware software is effective (beyond simple EICAR tests) and application allow-listing is being encouraged.

 

Scoring Changes

Minor/Major non-conformities have been merged with a single Non-Conformity mark. Any applicant receiving three non-conformities will receive an instant failure. Corrective actions must now be completed within two days, despite some exceptions are available for larger organisations.

However, unsupported operating systems become an unfortunate immediate triple-word score: the presence of any unsupported operating system within the scope is an automatic fail.

 

For Cyber Security and Cyber Essentials expertise, please contact our team today.


How to Use Files On Demand

One of the best features available to Microsoft 365 users is a special setting in OneDrive called Files on Demand.

Where OneDrive normally synchronises a local copy of a file on your device to the copy saved in your account in the cloud, Files on Demand allows you to be more selective – only downloading local copies of files from OneDrive when you really need them.

This helps you conserve storage, and is especially useful on laptops with smaller hard-drives.

Each user can choose which files are also kept locally on their device – synchronising a local copy of essential files that will be available offline – while relinquishing larger files likely to take up space (such as videos) to only reside in your Microsoft 365 account in the cloud until you need them.

Users see a green tick where files are available both locally and synchronised in the cloud, and a blue cloud icon where files are saved in the cloud only.

When a file is accessed, the local copy is downloaded in the background, and made available locally for the future. The same control is available via a right-click option, by clicking on ‘Always keep on this device.’

Alternatively if you need to manage your local storage usage, you can right click and select “Free up space” to remove it from your device, knowing it still remains available in the cloud.

For Microsoft 365 expertise and support, please contact our team today.


The Big 3G Switch Off

By 2025 the UK’s analogue phone network is being switched-off, but that’s not the only major communications technology that is due to be retired imminently.

3G mobile networks are also due to be switched off, with Vodafone leading the charge to retire the older technology. 3G, launched in the UK in 2003, has been replaced in recent years by faster, more reliable 4G and 5G coverage.

According to guidance from Ofcom, the schedules of the UK’s major mobile providers are as follows:

Timescale Includes
Vodafone Begins switching off 3G in ‘early 2023’.

Lebara Mobile

Asda Mobile

Talk Mobile

Virgin Mobile

EE Begins switching off 3G in ‘early 2024’.

BT Mobile

Plusnet Mobile

Co-op Mobile

Utility Warehouse

Three

 

Begins switching off 3G ‘by the end of 2024’.

 

Gamma Mobile

ID Mobile

O2 Yet to announce any switch-off timetable.

Tesco Mobile

GiffGaff

Sky Mobile

LycaMobile

 

The disappearance of 3G will mostly only affect very rural areas but also those customers with older mobile devices that don’t support newer 4G or 5G. In addition, Ofcom advises businesses to check any other kinds of 3G-enabled devices – such as care alarms, payment terminals and security devices, to ensure these don’t become non-functional. Mobile providers are obligated to announce the change to their customers nearer the time.

Traditional 2G voice and text services are expected to remain in place on Vodafone, EE and O2 until at least the 2030s.

 

For business mobile expertise and support, please contact our team today.


Ilfracombe U13s Secure 9-1 Victory!

Ilfracombe Academy Girls U13s recently won an incredible 9-1 victory over Kingsley School.

An early goal was just the beginning, as the team kept their cool and formation on the pitch, leading to a runaway win.

Lineal have been the official sponsor of Ilfracombe U13s Girls Football Team since 2016.

Goal scorers included ‘lucky charm’ Brooklyn (scoring five, fresh from her recent selection for Devon), Georgia D (two), Emily H (one) and Issy (one). Georgia D was nominated as player of the match by the opposition.

Lisa Norris of Ilfracombe Academy praised the girls for their teamwork, for an ‘exceptional performance’, and for ‘playing amazingly well at all times, doing so with grace, compassion and not even an ounce of arrogance.’

Well done to the whole team on a terrific win – we look forward to seeing your next result!


Emergency SOS comes to UK iPhones

Apple have announced a new satellite-based emergency feature for iPhone 14 models across the UK, Ireland, France and Germany.

‘Emergency SOS’ uses satellite communications to send emergency alerts to a special Apple relay-centre from users who get into danger in areas outside of mobile coverage.

The European Emergency Number Association believes the move ‘will save lives and offer significant help to emergency services.’

When activated, a special easy-to-use emergency questions interface appears on the iPhone display helping the user to send key information to emergency dispatchers. In remote areas, text-based messages (such as SMS) can often be transmitted easier than voice calls.

emergency sos iphone 14

Each emergency satellite message automatically incorporates the user’s location, altitude, battery level, Crash/Fall Detection status, and Medical ID if their iPhone has this enabled. Apple have also developed a special text compression algorithm to reduce the size of each message, reducing the transmission time between the Earth and Space to around 15 seconds.

iPhone 14 also comes loaded with a special Emergency SOS demo, allowing users to familiarise themselves with the new feature safely without alerting emergency services.

The service is now available for iOS 16.1, and is free for two years with the activation of a new iPhone 14, iPhone 14 Plus, iPhone 14 Pro and iPhone 14 Pro Max.

 

For technical expertise and support, please contact our team today.


What’s New in Microsoft Teams?

As a New Year dawns, we check out some of the best new features that have been quietly added to recent Microsoft Teams updates ready for 2023.

 

Scheduled Send

One of the very best features of Microsoft Outlook now comes to Teams, with the addition of ‘Scheduled Send’ on messages – allowing a participant to drop a message into a chat or channel at a later time if they choose – perfect for coordinating across time zones or just getting ahead of the curve.

Teams also now supports quick-send video/audio note messaging much like many popular personal messaging apps, with audio note already available to send from the Teams mobile app.

teams schedule sending

 

Live Translation of Captions

This one has to be seen to be believed, but Microsoft Teams can now filter auto-generated captions through Azure Cognitive Services and translate these live on screen while the end user is speaking – a fantastic feature for organisations and businesses working internationally.

Real-time translation is currently available to trial across 40 spoken languages, although Microsoft have confirmed this will require Teams Premium licensing in the near future.

 

Instant Polls

Unlike most 3rd-party poll question apps, 1-click Instant polls can now be created and launched within a Teams meeting – allowing your attendees to respond to a simple binary choice easily.

The poll creator can also choose whether or not each vote is anonymous, and whether the results are shared with other attendees within the meeting.

teams instant poll

 

Video goes 7×7

Teams Meetings previously supported a maximum of 9 video displays (3×3) on one screen, with users forced to choose a ‘Large Gallery View’ to access more. Now that limit has been raised to 49 (!) videos (7×7), allowing for some truly massive meetings!

 

Search Conversation History

A particular favourite of ours: Teams Search now returns the user to part of an entire conversation, not just the searched-for message itself.

This helps you revisit old conversations much more easily, without endless scrolling or loading, and finally means Chats can be a valid replacement for mountains of internal email.

 

Popout Shared Content

With an additional button, shared content in meetings can now be moved to a satellite pop-out window (much like chats) that can be moved freely like another window.

This handy addition becomes especially useful where you have secondary or tertiary displays in a conference room, and need to place certain windows on specific screens.

 

Emoji’s Go Wild!

Reactions were always a useful way to acknowledge or respond to a message from a colleague, but the reaction function has been expanded beyond the Facebook-style menu of emotions to incorporate all available emojis. Users can now effectively save their favourites, for a handy go-to reaction that fits their personality.

emoji reactions teams

 

Suggested Replies

Microsoft Teams now also uses AI to take a stab at what your likely reply is going to be, and offers it up as a quick-response button.

Not entirely accurate but certainly interesting, this becomes more useful where simple responses like ‘Yes’ or ’No’ are needed from a mobile Teams user, for whom typing might be inconvenient.

 

@dditional People

Using the @function now adds people into Chat’s directly (with a prompt for sharing conversation history), saving the need to add people manually. Handy!

 

More to come….

Microsoft have also teased a refresh of Teams Channels, including a new ‘top-down’ format and increased branding, which brings them closer into line with both SharePoint Online and a number of popular social media apps such as Facebook and LinkedIn. Check it out below!

 

 

For Microsoft 365 expertise and support, please contact our team today.


Police swoop on ‘DDoS-for-Hire’ Operations

UK & Dutch police have helped lead an international operation with Europol to take down one of the World’s biggest DDoS-for-hire services, webstresser.org.

The UK’s National Crime Agency and their Dutch Police counterparts announced the success of ‘Operation Power Off’ – which saw the seizure of infrastructure believed to be linked with criminal activity based in the UK, Netherlands and Germany, and the arrest of individuals as far afield as the UK, Spain, Canada, Croatia, Italy, Australia and Hong Kong by at least a dozen different law enforcement agencies.

On the other side of the Atlantic, the Department of Justice announced an additional six arrests by the FBI, with a further 48 domains seized as part of a criminal investigation into DDoS-for-hire operations.

webstresser

According to Europol, Webstresser is estimated to have let over 136,000 customers launch more than four million Distributed Denial of Service (DDoS) attacks on targets for as little as £11, overwhelming websites and online services with traffic and knocking them offline. Although DDoS for hire services often pose as genuine ‘stress-test’ tools, users with very little technical knowledge were able to order attacks on unrelated targets – choosing between ‘Bronze’ ‘Silver’ and ‘Platinum’ packages.

The service was thought to be responsible for cyber attacks on at least seven major UK banks in November 2021, as well as numerous other businesses and government departments around the world. The BBC reports UK police have raided an address in Bradford, in connection with last year’s attacks on UK banks in particular.

Jaap van Oss, the Dutch Chair of the Joint Cybercrime Action Taskforce (J-CAT) praised the joint cooperation by law enforcement agencies to finally take Stresser offline.


We didn’t write this article.

– The following article was written by the ChatGPT 3.5 Preview AI in December 2022, with our own website used as input. Our Team’s commentary is shown in Blue.

 

[Start]

Cyber security is a hot topic in today’s world. With the increasing amount of personal and sensitive information being shared online, it’s more important than ever to ensure that our data is protected from potential breaches and cyber attacks.

One of the biggest challenges in the realm of cyber security is the ever-evolving nature of technology. As new innovations are developed and introduced, cyber criminals are constantly finding new ways to exploit vulnerabilities and gain access to sensitive information. This means that companies and individuals alike must remain vigilant and proactive in their efforts to protect their data from cyber threats.

Jevon – Impressive how the chatbot can construct complex sentences beyond the usual ‘here is a link for X’. It struggles with brevity and is often not saying anything profound, but hey, the internet has plenty of demand for filler text and simple news articles.

One of the key ways to improve cyber security is through the use of encryption. Encrypting data ensures that even if it is accessed by an unauthorized party, it will be difficult for them to decipher and make use of the information. This is particularly important for businesses, as they often handle large amounts of sensitive customer information that could be valuable to cyber criminals.

Another important aspect of cyber security is the use of strong passwords. Many people underestimate the importance of having a strong password, but it can be the difference between a secure account and one that is easily hacked. Strong passwords should be at least 8 characters long and should contain a mix of letters, numbers, and special characters. It’s also important to avoid using the same password for multiple accounts, as this makes it easier for hackers to gain access to multiple accounts if they manage to crack one password.

Joe – The chatbot has hit the nail on the head here; the greatest improvements in security come from the simplest changes. Strong, unique passwords are critical (although we at Lineal advise passwords be 14 characters or more, and passphrases are even better still!). However, it hasn’t recommended using a password manager to help actually manage all those unique passwords, or explained why a human you would need to use multi-factor authentication (MFA).

In addition to strong passwords and encryption, there are other measures that individuals and businesses can take to improve their cyber security. These include regularly updating software and applications to ensure that they are protected against the latest threats, avoiding suspicious links and emails, and investing in reliable security software.

While no system is completely foolproof, taking these steps can greatly reduce the risk of a cyber attack and help protect sensitive information from falling into the wrong hands. It’s important to stay informed and vigilant in the ever-changing world of cyber security.

[END]

 

Our Verdict: all of the Chatbot’s recommendations and more are contained within the National Cyber Security Centre’s Cyber Essentials framework which is evolving each year to provide a baseline of protective controls for cyber and data security. All in all, a good effort chatbot! B+


Lineal Awarded Twin ISO Certifications

Lineal Software Solutions Ltd. has successfully been awarded two ISO Certifications – ISO 9001 and ISO 27001.

ISO is the world’s best known international standard for assuring business quality across a wide range of areas – including information security quality management, safety, sustainability and more. Highly prized among businesses, each ISO certification is extensively audited by an independent auditor to check compliance with the published standard.

iso badges

Each management system must be continually reviewed and improved. We benefitted from in-built advantages of our own SQLWorks ERP software – which included many of the controls necessary to implement a quality management system. In particular, auditors praised the way Lineal’s own software automatically logged a forensic record of the actions of Lineal staff, the efforts of the company to incorporate customer feedback, and the team’s work on safeguarding against errors.

Managing Director Mike Matthews praised staff for their efforts, explaining:

“In our industry, what matters most is trust in technical expertise. Everything looks impossible until you know how to do it! We are so proud of our team, who not only took on this intense challenge over many months but succeeded. Twice.”

ISO 9001:2015 (‘Quality Management’) checks that a business is carefully planning, following and monitoring all business processes, constantly reviewing results good or bad, and implementing improvements in an organised way.

ISO 27001 (‘Information Security’) requires businesses to maintain the highest standards of data security, privacy and information management throughout the organisation, and is especially important among businesses in the technology sector.

Our special thanks go to Balazs Bagi of Improved Ways Ltd, for his expert knowledge and vital assistance at every stage of our application, and to our external auditors from Alcumus.

Well done to our entire team for their hard work!

This project has received grant funding from Devon County Council via the Devon Elevation Fund & UK Community Renewal Fund.


 


2022 Client Satisfaction Survey Results

Lineal have scored strong results in our Annual Client Satisfaction Survey this year, continuing a run of success.

For the third year in a row, over 70% of you said we understood your technical queries “Extremely Well” – our highest available grade – with no negative responses received for this question at all. More than 50% of you also told us we responded to problems either “quicker than expected” or “much quicker than expected” – a score bolstered by improvements we’ve made to our Client Support Portal.

This year we’ve seen a growing percentage of you (around 20%) using our Client Support Portal to raise and monitor new support tickets – although phone and email remain our busiest channels.

For the second year running, over 90% of you told us our customer support was either “Great” or “Good” – a score we’re working hard to perfect.

You also gave us honest feedback for areas we can improve – in particular some clients had suffered hardware shortages and supply chain delays recently, something we’re working hard to address: with more supplier choices, greater options for refurbished hardware, and more advance warning.

We review every comment, and particularly enjoyed the following:

“I have worked with many IT support organisations and in comparison, I have found Lineal’s customer service to be friendly, extremely efficient and very professional.”

“Always approachable, professional and friendly and swift in solving the problem.”

“Lineal website is full of information and easy to find what you are looking for. The regular newsletters and product information are informative and very helpful. The SQLWorks Procedures on the website are very helpful.”

“My questions and requests have always been answered speedily and professionally. I value the professional opinion of the sales team and the software support team.”

“Good Communication and helpful staff.”

 

Our thanks once again for all your kind feedback.


Big Switch-Off Update

There’s now just twelve-months until the UK reaches the first major ‘Stop Sell’ – after which new analogue telephone line services will no longer be available to purchase.

The clock is also ticking for businesses with analogue services still in use: by 2025, all telecoms services in the UK that rely on traditional analogue (PSTN) copper phones lines will be declared ‘End-of-Life’ and will be officially ceased.

Analogue phone lines
ADSL & FTTC (‘superfast’) broadband connections
ISDN phone lines
Other – e.g: analogue fax & alarms lines

What should your organisation do to prepare for the big switch-off? First, check out our handy guide, but to summarise, businesses have a few options:

 

pstn switch offClick Here

 

Move to a cloud-hosted system

Most businesses (and homes) will likely choose to migrate their phone system to a similar setup that is cloud hosted, in future relying on VOIP technology to route calls over their internet connection instead, and taking their old analogue number(s) with them. This is also the option most of the UK’s major telecoms companies will be pushing as major improvements to UK broadband infrastructure are rolled-out.

Your new phone system could be a dedicated hosted telecoms platform, or even telephony functionality enabled in another communications platform, such as via Microsoft Teams.

 

Upgrade to SIP

For many of those already committed to a traditional onsite PBX, moving to a SIP service is also a viable alternative – replacing outdated ISDN lines with digitally-registered SIP channels for cost effectiveness.

This a better option for those operating at large scale, or with extremely specialised telecoms hardware functions that don’t have cloud-based alternatives available.

 

Go Fully-Mobile

If your organisation is heavily distributed to the extent that it has no centralised inbound call handling, there’s always the option of moving entirely to mobiles – although numbering challenges mean this won’t suit everyone.

Alternatively, you can combine this with Option #1, and deploy work soft phones to staff mobiles for a super-flexible work phone system without all the extra plastic.

 

For communications support and expertise, please contact our team today.


Urgent Apple Security Updates

Apple has released two urgent security warnings for iOS, iPadOS and macOS in response to two new zero-day vulnerabilities.

The company believes both weaknesses – found in WebKit, the engine which underpins Safari, Apple device kernels, and many other apps – are being actively exploited by hackers.

A vulnerable device that accesses “maliciously crafted web content” would allow hackers to execute code, and even to “execute arbitrary code with kernel privileges” – essentially full access to the device.

Affected Software Versions Include:

  • iOS prior to 15.6.1
  • iPadOS prior to 15.6.1
  • macOS Monterey 12 Prior to 12.5.1

Users are advised to check their OS version and update immediately. To do this, please navigate to:

  • On iPhone or iPad: Settings > General > Software Update
  • On Mac: Apple Menu > About this Mac > Software Update

 

For Apple Support and Expertise, please contact our team today.


Macro Misadventure Minimised

Microsoft have altered how macros activate in Microsoft Office files, in an effort to improve users’ cyber security.

Macros, which allow office files to run sequences of commands, can be used to automate simple tasks – but also maliciously by hackers as a mechanism of attack.

Macro-based hacks have been around since the late 1990s, but remain surprisingly effective. Users are commonly asked to open unexpected email attachment and authorise the macro to see its mystery contents, allowing the macro to introduce malware onto the system. In effect, users authorise the hack themselves.

Instead of the old yellow ‘Security Warning’ labelled with an instant ‘Enable Content’ button users previously saw when using Microsoft Office applications, files will now prompt with a red ‘Learn More’ button, and users will be forced to see guidance on using macros securely, before being able to enable the content.

 

macro warning


macro warning

 

This small move – which was originally rolled out, rolled back, and then rolled out again – has been part of a slow clampdown on macros that has lasted more than two decades. Over the years macro functionality has steadily had more restrictions applied – in 2003 IT admins could require macros to have a trusted certificate (more like software applications) and as of 2013, could block macros by default.

But Microsoft hopes this simple firebreak will nudge us to think twice, and stop (potentially millions) of people from endangering themselves and their technology with a click.

Human nature continues to catch out many users curious about mystery documents – particularly since only a small fraction of Microsoft Office users are even aware of Microsoft 365’s powerful automation features.

 

For IT support and expertise, please contact our team today.


A Policy Change: Admin Rights

A Policy Change: Admin Rights

This year we’ve made a number of policy changes to how Lineal protects your technology, data and users – part of a programme of adjustments designed to help our clients keep their organisations secure.

One of these is a change to how we manage security permissions. In future, we’ll be stricter about how and when we allow administrator (‘admin’) privileges to be used.

 

What does this mean?

Put simply, we expect no end-user to use an administrator account for their routine work.

Where a user needs administration privileges as part of their official role, we expect a separate admin account to be created for this function, with some extra protections put in place.

All admin accounts should be named to indicate the owner, assigned to only one individual, authorised by management, and protected by Multi-Factor Authentication, where available.

 

Why are Lineal taking this step?

Admin accounts carry enhanced powers – often to install applications, access raw data or bypass safeguards – each of which represents a more significant cyber security threat where an admin account is misused or compromised.

In the event of a cyber security breach, it’s not uncommon for attackers to leverage admin accounts to attack other systems or users laterally, using heightened account privileges.

Reducing the number of administrator accounts, their use, and the risk of an account breach, all help to maintain strong cyber security within your organisation.

We’re also acting in line with the current requirements of the UK NCSC’s Cyber Essentials Scheme, as well as ISO 27001, CIS benchmarks and NIST 800-60.

 

Does my organisation need to budget for this?

No – this change will be a guiding principle for the assignment of existing/new admin privileges.

 

My organisation is subject to a compliance standard / framework, what do I do?

If you’re already subject to any specific controls over the distribution of administrator privileges, please contact us to discuss further, and we’ll do our best to explain how these changes support or enhance your existing controls.

 

What if I don’t want to do this, because of _________?

Where a client still allows a user to have local or domain administrative rights for standard duties, we’ll now require you to declare this to us in writing – as part of a disclaimer accepting liability for any adverse consequences of this decision.

We’ll also make clear that any remedial works required by us following an incident caused by this decision will be chargeable.

 

Who can I speak to about this?

Please contact our IT Support Teams via our Client Portal, via [email protected] or, 01271 375999, and one of our team will be happy to assist.


Exploring Teams Walkie Talkie Mode

Microsoft Teams has taken the world by storm, but it’s not just for office workers. Teams can also be deployed to powerful effect in many other working environments – including for field staff.

One of the lesser-known features is Teams Walkie Talkie Mode, whereby staff can transmit audio via special single-press mechanism that doesn’t require conventional dialling. This lets a frontline worker transmit either directly, or into a channel, in a similar fashion to when using a walkie talkie.

There’s a number of key advantages here – it means warehouse, shop-floor and field staff can carry fewer devices, and walkie-talkie mode’s ‘big button’ is also more glove-friendly than many touchscreen apps. Companies may also appreciate having to purchase less single-use hardware to begin with.

Because Teams already runs over data connections (usually Wi-Fi or 4G in the case of mobile devices) the range on Walkie Talkie Mode is also infinite, unlike their namesake devices.

If your field staff already have rugged Android devices, from providers such as Zebra or Samsung, these can even integrate single-press keys to drive Walkie Talkie Mode, even if the device screen is off.

Microsoft 365 ‘Field’ licensing is also available at lower cost, with a restricted toolset, allowing companies to safely and cost-effectively rollout Teams access to a wider pool of users. Walkie Talkie Mode itself is available as an additional app that can be enabled in your Teams Admin Centre, and controllable using security permissions administered by your administrator or Microsoft 365 Licensing Partner.

 

Lineal are a Microsoft 365 Gold Partner – for IT support and expertise, please contact our team today.


Apple Announces ‘Lockdown Mode’

Apple have unveiled a special ‘Lockdown Mode’ for individuals likely to face extremely targeted threats to their cybersecurity.

Lockdown Mode will be added to iOS 16, iPad OS16 and macOS Ventura, and is designed for a small number of users who are likely to be targets of high-end surveillance spyware, and require the digital attack ‘surface’ of their device to be drastically reduced.

The new functionality is partly a response to the work of organisations like NSO Group, who have faced repeated accusations that their counter-terrorism surveillance software has also been used by governments and various state-sponsored actors around the world to illegally target journalists, activists and other political opponents.

The new tool represents an extreme device-hardening posture, and imposes very strict controls – including:

 

* Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.

* Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.

* Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.

* Wired connections with a computer or accessory are blocked when iPhone is locked.

* Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

 

Apple is keen to point out that “while the vast majority of users will never be the victims of high targeted cyberattacks”, lockdown mode will become an option for those that may be, and reasserts Apple’s credentials in the high-end ‘secure-phone’ market previously dominated by Blackberry and other niche hardware players.

The tech giant’s will also offer up to $2m to anybody able to demonstrate a vulnerability in Lockdown Mode under their bug bounty programme – the largest such reward available in the industry.


Apple Showcase Newest Technology

Apple have previewed a range of futuristic new technologies at the Apple Worldwide Developer Conference 2022.

Among the latest releases were the upcoming new version of Apple’s flagship Mac operating system, macOS Ventura, iOS 16 for iPhone and iPad, new hardware and the new M2 Chipset.

Ventura brings a range of device-flexibility options to mac and macbook hardware – including ‘Continuity Camera’ – the impressive ability to use an attached iPhone’s special camera lenses via your laptop for some (truly next-generation) video-calling tricks.

A new productivity tool called ‘Stage Manager’ also helps users group windows into temporary groups – although perhaps the more useful feature is handoff support for facetime to iphone, allowing the user to leave their desk ‘mid-call’ without interrupting the conversation, in the style of more enterprise unified-communications apps.

2022’s powerful new MacBook Air will be the first to receive Apple’s own M2 silicon chipset, which somehow exceeds the staggering performance and power-efficiency traits of its M1 predecessor. To put those traits into perspective – Apple claim a new M2 chip can match 87% of the performance of a 12-core PC/laptop chip, while using only 25% of the power.

iOS 16 adds new abilities to iPhone – including the option to customise their lock-screens and notifications, circulate family photos in a shared album, and recall recently sent iMessages.

Apple also previewed a range of new services and Apple account features, including a new ‘Buy-Now-Pay-Later’ scheme (BNPL) in the style of popular fintech services like Klarna, passkey-based login support within Safari, and a safety feature called ‘Safety Check’ designed to help those who end up in abusive relationships.

For Apple IT support and expertise, please contact our team today


Lineal Seeking ISO Accreditation

Lineal Software Solutions Ltd. are currently seeking ISO 27001 and ISO 9001 accreditation as part of a UK business improvement scheme.

ISO is the world’s best known international standard for assuring business quality across a wide range of areas – including quality management, information security, safety, sustainability and more.

ISO 27001 specifically covers information security management, while ISO 9001 covers quality management. Working with Improved Ways Ltd., we hope to obtain both accreditations successfully by Autumn 2022.

This project has received grant funding from Devon County Council via the Devon Elevation Fund & UK Community Renewal Fund.


 

Seeking ISO accreditation requires the company in question to submit to a two-stage, independent external audit – reviewing both documented procedures, and how those procedures have been put into practice.

Watch this space!

 

For more information, please contact our team today.


Apple, Google and Microsoft Agree Passwordless Future

Three major tech providers have agreed to introduce support for passkey-based login, in line with recommendations of the FIDO Alliance.

Passkeys have been proposed as one of the possible futures for the death of passwords, and would be freshly generated with each biometric login to a registered device to help prevent password-theft.

In future Google Chrome, Microsoft Edge and Apple’s Safari will all facilitate passwordless login as an option – and major tech providers will offer passkey login for important online services including Active Directory and Azure.

Microsoft estimate that around 330,000 people have removed their password from their Microsoft Account in the last six months – with most using Microsoft Authenticator as a kind of passkey instead.

‘Hackers don’t break in, they log in’ is an often repeated mantra among cybersecurity professionals – reflecting the fact that most online accounts are breached via a normal login attempt, but with stolen credentials.

The FIDO alliance is the the online movement to replace password authentication entirely with single-use passkeys – although the organisation admits there are barriers to entry, including organisations’ cost to develop their own versions of the technology, an unfamiliar user experience, and the reluctance to ‘go first’.

It is hoped that with major tech providers building passkey support into their browsers, many more developers will be able to adopt the new standard to help keep users secure.

 

For Cybersecurity expertise and support, please contact our team today.


Client Portal – What have we learned?

It’s been almost a year since Lineal introduced our new Client Portal, which allows our customers to not only raise new IT Support tickets direct into our systems, but review ticket progress and respond as new information is discovered.

However, we can also use global ticket data to get extra insight into our IT support process, improve our services, and help customers enjoy a better experience. So what have we learned so far?

 

Faster Responses

We’ve noticed some real advantages to customers connecting with us via the client portal – since last year, our average first-response time has improved by approximately 8%.

Evidence also suggests that in-life ticket responses are actually quicker via the portal than when raised by phone (around 5% on average), reflecting the fact that tickets can be updated without both agent and customer being available to continue the conversation at exactly the same moment.

So what does the time saving look like? In practical terms, it takes around 4 minutes longer for a simple phone call to be received, spoken and generated into a new ticket, rather than for that ticket to be submitted directly to the portal by the customer.

If most of those calls became portal tickets, Lineal customers and staff would save as much as 300 hours of talk time each and every year.

client portal

 

Changing Times

In previous years we’ve noted that Monday is our busiest day of the week, however recent data suggest this has shifted to Tuesday – possibly reflecting new hybrid working trends catching on, as office workers choose to reacclimatise to work from home either side of a weekend.

9am-10am remains overwhelmingly our busiest time of the day – as well as the period when a portal ticket can be created with the biggest time saving, compared with calling our Helpdesk.

 

client portal faster response times graph

 

High Importance

We took a gamble giving customers the ability to grade the priority of support tickets via the portal – we weren’t sure whether this tool would be used the way it was intended.

Statistics suggest it’s been an overwhelmingly positive feature – our highest priority tickets raised via the Client Portal (rated High and Urgent) have significantly faster first response times than not just tickets on average, but corresponding priority tickets raised by other methods.

 

Positive Feedback

Instant feedback (‘smiley face’) buttons added to the bottom of each ticket help users tell us more broadly how we’ve been doing. Ticket feedback for our IT Support service has been overwhelmingly positive (95%) and less than (5%) negative.

This is important because the feedback is gathered at time of writing, and on a rolling basis – rather than at times we’ve chosen to measure. Our current target is to increase this to 98% positive or greater.

 

For IT Support help and expertise, please contact our team today.


Google Previews Little Signals

Google have previewed a design study of sensory notification devices designed for a less stressful digital life.

‘Little Signals’ demonstrates interesting ways the end-user might receive notifications in a calmer, more subtle way than via their smartphone screen – using ambient sound, changing shadows and discrete movements.

The friendly-looking set of six tabletop devices are a zen paradise of pastel shades and soft movements designed to be less anxiety-inducing than a constant blizzard of push notifications.

Little Signals is one of several Google ‘Digital Wellbeing’ experiments – with others including ‘digital detox’, a visual ‘anchor’ that prevents infinite doom scrolling, and a minimalist ‘paper phone’.

Some of the devices can be interacted with, or are intended to have minor affects on surrounding objects to get the user’s attention.

Each prototype hides an onboard Arduino micro-computer, but none of the devices use either display screens or artificial light, demonstrating how Internet-of-Things (IoT) devices might become better disguised as part of our physical environment.

 

For IT support and expertise, contact our team today.


Lineal Cybersecurity Briefing to UK Exporters

Members of Lineal’s cybersecurity team recently ran a special training event for over a hundred UK exporters, as part of the Department for International Trade’s ‘Export Academy’ initiative.

The UK Export Academy was formed to give UK companies vital know-how as they develop international trade opportunities, and to help them avoid common pitfalls.

Attendees were given a wide-ranging crash course on common threats, including a run-down of various vectors of cyber attack typical to companies trading internationally, and techniques to mitigate dangers.

Topics included best practice for password management & identity protection, email safety, device health, network safeguards and much much more.

We’ll be part of other UK Export Academy events in the near future – you can find more information about the academy here.

Learn more about Lineal Cybersecurity expertise here.


Horizon Collaborate v2 is here!

Gamma Communications have officially released a new version of their flagship ‘Collaborate’ softphone app for desktop and mobile.

Collaborate extends your work phone functionality to a convenient app that runs across many device types, allowing phone system users to escape their desk phone, and communicate from a far wider range of workplace environments – as well as route calls intelligently in the cloud, regardless of the physical layout of the organisation.

With nearly three-quarters of a million Horizon end-users across the UK, Gamma Horizon’s cloud-hosted phone systems are already a technology titan of the British workplace.

But that workplace is ever-changing – with huge numbers of knowledge-workers operating either remotely from home, via co-working spaces, while travelling or across multiple sites, phone users are no longer anchored to a plastic deskphone.

Openreach are also scheduled to completely turn off the traditional analogue PSTN network (including ISDN) by 2025, forcing businesses to choose the future of their telecoms.

Version 2 introduces a significant visual refresh to the platform, and already appears more reliable in typical marginal call scenarios (such as when transferring external calls with mobiles.) In addition to immense bolt-on phone flexibility, Collaborate also adds Instant Message, Video/Conference Calling, Status Notification and more under one roof, for a convenient unified communications solution that is perfect for small to medium-sized organisations.

Collaborate Version 1 users will receive prompts to update from the legacy version from April 11th, which is expected to be moved to end-of-life in the near future.

For telecoms expertise and support, please contact our team today.

 


New Security Features in Windows 11

Microsoft have announced a raft of new security features for Windows 11 – aimed squarely at the new trend of hybrid working.

With millions of users working remotely post-Covid, the enhancements largely focus on hardware security and identity protection, as end-user devices access ever more cloud-resources from a broader range of working environments.

 

Microsoft Pluton

‘Microsoft Pluton’ is the name of a new security processor integrated into CPUs on devices shipping with the new operating system – an App Control feature designed to prevent untrusted apps from running, block the theft of user credentials, and counter dangers from outdated drivers.

As we’ve noted before, Pluton (like Windows 11 itself) also relies upon Trusted Platform Module (TPM) technology to fire up a PC securely – but some TPM chips remain vulnerable to encryption keys being intercepted between components. Pluton devices are expected to close off that weakness, preventing this kind of hardware attack.

 

Smart App Control

As many predicted, Application Management begins taking centre-stage in 2022, as bigger organisations seek to prevent users introducing rogue software into their IT infrastructure (or worse, introducing it back into the company network themselves.)

Smart App Control blocks unsigned or suspicious apps at the OS level, and will receive regular updates daily.

However – it’s worth noting this core feature only applies to newly shipped devices – so even those who adopted Windows 11 early would have to complete a full operating system reinstall to ensure Smart App is live.

 

Microsoft Defender SmartScreen

SmartScreen helps protect identity by alerting the user if they’ve begun interacting with a known malicious application, fake or hacked website – with the added advantage that the safeguard is pre-installed for all users.

Microsoft are keen to demonstrate SmartScreen’s record of success elsewhere – blocking nearly 26 billion brute force attacks on Microsoft Azure Active Directory, and nearly 36 billion phishing emails that were intercepted by Microsoft 365, last year alone.

 

Credential Guard

Another ‘by default’ upgrade – Credential Guard isolates really important system secrets in a way that is designed to stop ‘pass the hash’ style attacks where a hacker is able to use the encrypted version of a password to gain entry, and (Microsoft claim) can even prevent malicious applications that have somehow obtained Admin-user privileges on their device from accessing those secrets.

 

You can discover the full list of the security enhancements coming to Windows 11 here.


NCSC releases 2022 Cyber Security Breaches Survey

The National Cyber Security Centre (NCSC) has released its annual ‘Cyber Security Breaches Survey’.

The survey is used to inform government policy on digital security, educate British businesses, and ensure UK cyber space remains safe.

Data collected across over 2,400 business and 850 charities produced some startling statistics concerning the ever-looming threat of cyber-attacks infiltrating UK businesses’ digital footprint.

The report discovered that 39% of UK businesses detected an incoming cyber-attack during 2021. Phishing attacks made up a fifth of all threats identified – the most frequent type of malicious attack.

Organisations also revealed that ransomware was being recognised as a serious digital threat with 56% of businesses stating they have installed or will be introducing a company policy to not pay ransoms to cyber criminals.

Whilst 58% of small and medium businesses disclosed to outsourcing their IT Support service, only 23% of surveyed businesses had a cybersecurity incident management strategy in place that is more advanced than a basic endpoint antivirus.

NCSC promote a blend of regular cyber security learning and training processes within your business to better inform the deployment of traditional cybersecurity software measures across all the organisation’s IT systems.

This multi-layered approach aims to counteract the report’s discovery that a lack of cyber technical expertise amongst UK businesses is to blame for threats going undetected.

Similarly, a company-wide policy of digital hygiene erodes the false assumption that managed cybersecurity strategies are a cost to the business rather than a strategic, protective investment.

31% of business admitted being attacked at least once a week showing that any weak link in an organisation’s cyber defence can have grievous financial implications.

To mitigate this, we recommend organisations follow the NCSC’s guidance and adopt Cyber Essentials and Cyber Essentials +. The scheme requires businesses to meet or exceed an assured set of security requirements each year to protect against common forms of online crime, technology dangers and digital threats.

It is estimated that a Cyber Essentials certification can reduce your organisation’s risk of a cyberattack by 98.5% – contact Lineal to assist with your organisation’s application and to help you meet the requirements for a successful certification or re-certification today.


Hermetic Wiper Malware Hits Ukraine

Endpoint security specialist SentinelOne have isolated and demonstrated an installed instance of HermeticWiper malware currently destroying PCs across Ukraine.

First spotted on February 23rd, the 114kb ‘Hermetic Wiper’ malware gets its name from the (likely fictitious) ‘Hermetic Digital Ltd’ – a Cypriot company allegedly named on its digital certificate. The malware appears to have been circulated among a number of Ukrainian organisations, and abuses a partition management driver to begin corrupting a device’s physical drives.

Watch below as SentinelOne test-detonate an instance of Hermetic Wiper, first on an undefended PC, then with powerful endpoint protections in place:

Video Credit: SentinelOne.

Once activated, the malware initiates a device shutdown, making the system irretrievable and booting only as far as Windows’ ‘Your PC/Device needs to be repaired’ screen.

The timing and nature of the attack (crippling PCs in the short term, until they can be replaced) suggests an effort that has been coordinated with Russian military operations.

 

For cybersecurity advice and expertise, please contact Lineal today.


The Problem with QR Codes

QR codes have become an easy way for companies to promote themselves – now that everyone carries a barcode scanner in their pocket (their smartphone) why not take advantage of this to better connect with customers?

Well…. because it can also be a cybersecurity nightmare.

Cryptocurrency platform Coinbase recently made headlines by using their Super Bowl half-time advert to advertise themselves with a bouncing QR code that users could scan live from their sofas. As many pointed out, this is literally the equivalent of clicking a blind link in an email from an unknown sender – with users unlikely to have checked where the link will take them, or what information they’re handing over when they get there.

Worse still, even if a company’s own QR codes are harmless, it’s very easy to generate imitations online that are not – leveraging a larger company’s advertising as a way to scam users.

QR codes can all too easily be planted by third-parties as a way of tricking the unsuspecting – in particular, you need to be wary of the following scams:

 

Parking Meters
– A fake parking meter QR code, stuck as a label, acts in a similar fashion to phishing emails and the carding-devices cybercriminals have famously used on ATMs to steal card details. By re-directing the user to a fake payment portal to pay their parking, this catches those who might otherwise be a rush. See also: fake parking penalty tickets.

 

qr code phone call

SMS/Phone Codes
– QR codes are generally used from smartphones with calling and SMS sending abilities, so it’s possible to prompt the user to send a text message to a number. Handy for business, certainly, but risky if the user doesn’t realise they’re calling or texting a premium number.

 

qr code tweet

Social Media Share
– Scan here to automatically tweet a link from @Lineal! Unfortunately that link is easily manipulated, causing the scanner to potentially become part of further phishing attempts on their own twitter followers.

 

Connecting to Wi-Fi
– In public spaces, many businesses will prompt users to join their free Wi-Fi via QR code. Clever and convenient, but obviously easy to use as a mechanism for a man-in-the-middle attack by those whose fake Wi-Fi network is simply a trap set for the unsuspecting user who’s just trying to access their email in a coffee shop, airport or hotel.

 

Guidance:

Think before you click – does the QR code match the rest of their branding? Where does the link preview point to? Is there anybody/anywhere you can double-check?

Use a Password Manager – although you might not spot a fake website URL, a password manager that normally autofills only a password on specific sites will recognise the fake immediately.

Assuming the device doesn’t sit within the container of a firewall that’s likely to detect threats as you browse the web, companies issuing work mobiles & tablets need to also extend endpoint security software to those devices – the same way you might a work laptop for those working on the move.

Most importantly, users need to be regularly educated on the importance of recognising phishing scams with organised training – to build personal resilience that extends to whatever device they happen to be using.

 

For Cybersecurity expertise and support, contact Lineal today.


7 IT Myths Debunked

In the era of fake news and disinformation, Lineal wields the sword of truth against the dragon of lies. Or something. Don’t Write in.

 

“Have you tried turning it off and on again”

Not strictly a myth – since the line made famous by Channel 4’s ‘The IT Crowd’ is still often a valuable test for electronic hardware – but admittedly since 2006 some extra complications have crept in.

For example in 2012 Microsoft added a feature called ‘Fast Boot’ – later becoming ‘Fast Startup’ in Windows 10 – whereby a PC does a kind of restart-lite, retaining its system state to speed things up, introducing a risk that the problem may not be reset by the user ‘turning it off and on again.’ To keep Roy’s tape-answer-machine truly happy, you’d now probably have to do a full shutdown.

 

“The Millennium Bug Wasn’t Real”

Although widespread disaster was avoided while we all partied like it was 1999, this was in large part due to millions of pounds worth of work by countless unseen software developers and IT engineers patching various systems in the run up to the millennium.

Twenty years on we’re more aware of the vulnerabilities of IT systems – but from power cuts in Istanbul and Hawaii, to dodgy medical results, ‘unsafe’ tinned meat and bizarre VHS rental fines, there were numerous cases of the millennium bug that were entirely real.

 

“Macs don’t get viruses”

Even though Apple has clearly enjoyed a reputation for Macs being less virus-prone than Microsoft Windows PCs, it should be obvious that this is untrue, and Mac users shouldn’t think they’ll never need security software. Although Apple do insist on strict technical conditions for running macOS apps, this doesn’t make them immune. 2020 research by Malwarebytes suggests (proportionally) Macs may even now outpace Windows endpoints for relative threat exposure.

In reality, Mac viruses are only considered ‘rarer’ largely because Macs are rarer – with hackers pursuing their targets based on the size of the payday they can expect. Non-operating-system-based cybersecurity threats (eg: phishing emails, credential stuffing, impersonation fraud etc.) are also every bit as dangerous, regardless of the device you use.

 

“Charging your phone overnight destroys the battery”

Lithium ion batteries used in laptops and smartphones don’t suffer nearly such a pronounced memory-effect as degrades nickel-cadmium and nickel-metal hybrid batteries. More importantly, modern smartphones contain circuitry that bypasses the battery once it is fully recharged, so we can all safely ignore suspect clickbait stories about self-crystallising batteries or exploding smartphones.

In some ways this one is a bit like believing free-wheeling your car in neutral downhill will save extra fuel – the technology has moved on.

 

“More bars equals a faster network”

The bar icons on mobile phones are an indication of signal strength, rather than speed as such – and don’t allow for numerous other factors like the number of other users trying to signal from that tower or how networks choose to ‘label’ their service. In many cases the indicator itself only updates every few minutes, making the icon deceptive.

Worse still there’s no parity of scale between handset models, manufacturers, or even networks – meaning your ‘four bars’ are not directly comparable to somebody else’s.

 

“Refreshing browser windows makes it faster”

When you load a web-page you send a request to the web server that sends you back a handful of code to your browser, which displays it. Each time you hit refresh you start the process again, so far from ‘refreshing’ your browser tab to speed it up, you’re asking it to do more – probably slowing you down.

 

“You can hear the phone ringing at the other end.”

Your phone plays a ringing tone so that you’re not listening in silence while it tries to connect your call. The sound you hear doesn’t match the ringing at the other end, either in start/end time or ring frequency. Put simply, you’re listening to your own phone ringing, not theirs.

Either way, you can easily debunk this with two smartphones. If you feel your own mobile ringing even when it isn’t, you may be experiencing Phantom Vibration Syndrome!

 

For IT support and expertise, please contact our team today.


REvil Ransomware Gang Arrested

Law enforcement agencies have announced the arrest of seven individuals linked to REvil ransomware which caused a series of high profile ransomware incidents earlier this year.

Europol and the US Department of Justice recently announced the success of ‘Operation GoldDust’ which included a joint-effort from 17 countries – with arrests spanning Romania, Poland, South Korea and Kuwait.

The group are accused of 7,000 individual ransomware attacks, and links to attacks which breached organisations using Kaseya remote-manageement software back in July – a supply chain attack described by security specialists SentinelOne as a ‘well orchestrated’ and ‘mass-scale’ ransomware campaign.

REvil was also used in the devastating attack on the Colonial Pipeline which caused fuel shortages across the US East Coast, and at the world’s largest meat supplier JBS Foods earlier in 2021. Authorities are believe to have recovered around $6.1m in ransom payments so far.

Europol thanked all the countries involved for a concerted effort, Eurojust and Interpol, and also praised the contribution of a number of private cybersecurity firms who assisted Operation GoldDust with technical support.

A previous investigation by Romanian police suggested the REvil group were an offshoot of those responsible for GandCrab ransomware released in 2018, and resulted in the release of three universal decryption tools by UK and US authorities which are believed to have prevented a further €60m of ransom payments from being extorted.

After originally claiming to be disbanding in September, it was revealed REvil’s infrastructure was itself hacked by a joint team from the FBI, US Cyber Command and the Secret Service – and forced offline. Key members of the group’s leadership, believed to be Russian, were thought to be on the run.

The issue of Russian reluctance to tackle cyber-crime syndicates also spilled over into warnings of US retaliation during in-person talks between US President Joe Biden and Russian President Vladimir Putin in June.

 


Kickstart Success at Lineal

Lineal’s Tom Williamson Cary has become one of North Devon’s first successful ‘Kickstart scheme graduates’.

During his six month Kickstart placement at Lineal, Tom has worked on numerous new business opportunities, helped promote Lineal, and even mentored younger students as part of Lineal’s work with the PETROC ‘Techknowledgy Transfer’ Project – funded by the Department for Business, Energy and Industrial Strategy working with Innovate UK under the Business Basics programme.

Having completed the Kickstart programme, Tom will now join Lineal’s Marketing Team as a full-time staff member, to work on business development, and is believed to be among only a handful of such ‘Kickstart graduates’ in North Devon.

Lineal’s Managing Director Mike Matthews explained: “Tom is one of the first wave of Kickstart placements – one of around sixteen thousand young people across the UK – who’ve already benefitted from this scheme. He shows real promise and enthusiasm, and we’re delighted he’ll now be joining our team longer-term.”

lineal's tom

Tom said: “I’ve learnt a lot over six months, and it’s been great to be welcomed to the team and get started on some exciting projects.”

The Kickstart scheme is a £2 billion Government programme dedicated to short-term work placements for those aged 16-24 who are eligible to claim Universal Credit – and aims to help bridge the gap between education and work, when many young people are at risk of longer-term unemployment.

Businesses can learn more about the Kickstart Scheme here.

Welcome Tom!


Microsoft Announces Licensing Changes

***Edited 1st February 2022 – To reflect updated information issued by Microsoft.***

Microsoft has officially announced 2022 pricing updates for UK customers of Microsoft 365, Office 365 and many related cloud services.

The hugely popular cloud-based collaboration software is used by millions of organisations around the globe, and assists around 300 million end-users to work more productively.

New pricing – the first mainstream increase for a decade – is set to go-live from March 2022, and will see increases of between 0% and 25%, depending on license type.

To help businesses know what to expect, we’ve assembled a short guide to the upcoming changes.

 

Which License Types are affected?

Although exact UK figures have not been published in full yet, indicative US pricing changes are expected to be as follows:

Old Expected %
Microsoft 365 Business Basic $5 $6 20%
Microsoft 365 Business Standard $12.50 $12.50
Microsoft 365 Business Premium $20 $22 10%
Office 365 E1 $8 $10 25%
Office 365 E3 $20 $23 15%
Office 365 E5 $35 $38 9%
Microsoft 365 E3 $32 $36 12.5%
Microsoft 365 E5 $57 $57
Microsoft 365 ‘F’ Plans No Change Expected
Microsoft 365 ‘A’ Plans No Change Expected
Microsoft 365 Personal Plans No Change Expected

 

Will anything stop working?

Unfortunately, yes – Microsoft 365 and Dynamics 365-based data and services will cease to be available to businesses using old subscriptions after 1st July. All users will need a new NCE license assigned to them by their Microsoft licensing provider before this date. Microsoft Partners will continue to provide, deploy, manage and administer licensing, exactly as before.

However the service itself will remain the same – all old license options will be available under new NCE license types and new pricing.

 

Why is Microsoft making this change?

This is the first such price rise for a decade, and reflects the huge leap forwards in the quality of technology, range of apps and business value of cloud-based services that have been added to Office 365 since the package originally launched in 2011.

 

Can I ‘lock in’ the old price in any way? / Any offers… on offer?

Organisations who replace their old licensing with new SKUs prior to the 1st February are able to ‘lock in’ some of the legacy-pricing, and avoid the upcoming price rise until February 2023.

Purchasing new licensing also reserves this price for additional users that the customers might add during the term – meaning that customers expecting to increase their staff/license count later this year may be incentivised to move themselves to new licensing now, before pricing changes take effect.

However, 2022’s new annual licensing prices also includes annual minimum terms that restart each year at renewal, so licenses do not ‘leave contract’ entirely after the first year as before. Please contact Lineal for more information.

 

So many license types – help!

Don’t panic – we’ve published a handy guide to what each license type contains, and this page will be regularly updated with the latest information. Alternatively, please contact our team and we’ll be happy to clarify your current or future licensing.

 

Where can I get more information?

Please contact our team via: [email protected] or 01271375999.


Lineal’s Lewis Graduates Degree Apprenticeship

Lineal’s Lewis Marrow has graduated from the University of Plymouth to become North Devon’s first cybersecurity ‘Degree Apprentice’.

Starting at Lineal in 2017 to pursue an apprenticeship in cybersecurity via PETROC, Lewis’s skills have gone from strength-to-strength to see him achieve a 2:1 BSc (Hons) from the University of Plymouth (Digital Technology Solutions: Cyber Security Analyst.)

‘Degree’ or ‘Higher’ Apprenticeships are an advanced category of apprenticeship organised by the National Apprenticeship Service that combine undergraduate-level academic work with specialist training in the workplace.

Apprentices are expected to ‘earn-and-learn’ in tandem, gaining both knowledge and industry skills that are greatly-valued by employers. Many, like Lewis, are quickly snapped up by their business sponsors full-time once their apprenticeship is completed.

Lewis said: “A Degree Apprenticeship has been a fantastic experience allowing me to gain the knowledge and training I require to become an IT professional, the team at Lineal have been very supportive along the journey and I would recommend to anyone.”

While working at Lineal, Lewis won a Petroc Outstanding Achievement Award, has appeared in a Department for Culture, Media and Sport ‘Real Ideas’ film project promoting STEM education in schools, and his cybersecurity work has improved the resilience of numerous organisations – including helping Lineal itself achieve Cyber Essentials Plus Certification.

Lewis also recently completed the Great North Run in a blisteringly quick time of just under 1 hour and 27 minutes!

Congratulations Lewis!


How to prepare for Windows 11

Windows 11 is due to be released officially on 5th October 2021 – the first major version upgrade since Windows 10 was released in 2015.

As with Windows 10, PC users will be able to begin downloading the new version from this date, and new PCs will begin shipping with Windows 11 pre-installed.

If the thought of your PC changing fills you with dread – never fear! Here’s how you prepare:

 

See a preview

The first thing most users will notice is the visual improvement – Windows 11 features a ‘new design’ which forms the backbone of the update in an effort to make PC screens feel more user-friendly, calming and interact better with natural light.

 

Check Minimum Specifications

The following list summarises the published minimum specifications required to install and operate the new upcoming version:

Processor: 1 gigahertz (GHz) or faster with 2 or more cores on a compatible 64-bit processor or System on a Chip (SoC)
RAM: 4 gigabyte (GB)
Storage: 64 GB or larger storage device
System firmware: UEFI, Secure Boot capable
TPM: Trusted Platform Module (TPM) version 2.0
Graphics card: Compatible with DirectX 12 or later with WDDM 2.0 driver
Display: High definition (720p) display that is greater than 9” diagonally, 8 bits per colour channel
Internet connection and Microsoft accounts: Windows 11 Home edition requires internet connectivity and a Microsoft account to complete device setup on first use.

Switching a device out of Windows 11 Home in S mode also requires internet connectivity. For all Windows 11 editions, internet access is required to perform updates and to download and take advantage of some features. A Microsoft account is required for some features.

Microsoft’s full specifications for Windows 11 can be found here.

 

Things to Expect

The following Windows 10 features are all due to disappear on the new version, in some cases being disabled, replaced by newer apps or available only via manual re-download from the Windows store on new installs:

– Internet Explorer
– Windows S Mode (Home Edition Only)
– Skype (Personal), 3D Viewer, Paint 3D and ‘OneNote for Windows 10’
– Start Menu Groups
– Taskbar Moving
– Tablet Mode
– Timeline

Cortana will also be relegated to the Start Menu – no longer used during setup and not automatically pinned to the taskbar.

 

Make a Backup / Create a Recovery Drive

Major (or even minor) Windows version upgrades are not without pitfalls as we’ve seen in recent years, so it’s worth checking that you have a full backup of your device prior to leaping into the unknown.

Synchronised copies of files in Microsoft OneDrive, Google Drive or Dropbox are always a plus, although for rapid restoration it’s also helpful to make a manual, local backup to a portable hard-drive that will be more quickly restorable if your subsequent upgrade doesn’t go to plan.

For the extra precaution of a route ‘back’ to Windows 10 if you discover a major compatibility issue, it’s important to make a recovery drive using a USB device.

 

Test the Beta

For power users, a beta version (Preview Build 22000.160) is available to test for those who register with the Microsoft Insider program.

 

For IT Support & Technical Expertise, please contact our team today.


Lineal Wins Big in International SysAdmin Challenge

Three Lineal IT engineers have scored among the ‘Top 50’ in the international CyberDrain ‘Capture-the-Flag’ SysAdmin Competition.

Hugo achieved a stunning 4th-place finish internationally – just narrowly missing out on a bronze medal for Team GB, but winning a PlayStation 5 in the process from competition cybersecurity-sponsor Huntress.

Martyn and Joe also scored very highly from among 1,000 competitors worldwide – finishing a record 17th and 32nd respectively.

Each passed significant milestones in their challenges – at 2000 points and 3000 points respectively – with Hugo becoming one of only four competitors worldwide to break the stratospheric 4000-point barrier.

Designed to test System Administration and IT engineering skills, the CyberDrain CTF challenge puts competitors through a series of forty investigative challenges across server and client-side, Microsoft Azure, Linux and Microsoft 365 environments. The competition ran throughout July, with bigger point bonuses awarded for more complex technical challenges.

Congratulations to all our competitors!

 

For IT Support and technical expertise – please contact us today.


Lineal Takes On Capture the Flag SysAdmin Challenge

An intrepid group of Lineal IT engineers are each competing in a capture the flag (CTF) event designed to sharpen the skills of Systems Administrators.

Points are awarded by completing a number of investigative technical challenges across Hyper-V, Microsoft Azure and 365 – capturing a ‘flag’, or important string of text, which credits the player’s score.

Designed to test System Administration and IT engineering skills, one thousand contestants are taking part in the ongoing July event, organised by CyberDrain, and supported by judges from Managed IT Service Provider association CyberGeek.

There are forty flag-capture challenges being attempted by (overwhelmingly) IT engineers around the world – spanning server and client, Azure, Linux and Microsoft 365 management.

Challenges must be completed independently, and the scoreboard is updated as individuals compete for first place. Contestants are encouraged to tackle more difficult challenges to win prizes, and find creative alternative solutions to capturing flags – although hacking is strictly prohibited!

The capture the flag competition is sponsored by a number of leading IT, communications and cybersecurity providers, including Microsoft, Datto and Huntress.

Good luck to all those taking part!

 

For IT Support and technical expertise – please contact us today.


Kaseya Clients Struck by Ransomware

More than a thousand organisations using Kaseya Remote Monitoring and Management (RMM) software are estimated to have been hit by ransomware over the weekend.

The supply chain attack, which was described as “colossal and devastating” by security research company Huntress, is believed to have been carried out by the same Russia-linked ‘REvil’ ransomware gang strongly-suspected of the recent ransomware attack on meat-packing corporation JBS.

Miami-based Kaseya’s ‘VSA’ product – which is used by Managed Service Providers to provide remote IT services to the systems of organisations worldwide, including endpoint and patch management – is believed to have been breached with an update that rolled-out ransomware to many of Kaseya’s own customers.

REvil themselves claim the total number of encrypted user endpoints around the world may be as high as one million, and have demanded an unprecedented ransom of $70m in Bitcoin (around £51m at current price.)

On Friday, Kaseya advised all customers to immediately shut down any on-premises Kaseya VSA servers, to prevent hackers shutting off administrative access for future fixes – and ignore any communication from hacking groups while an FBI investigation was ongoing. 

Access to Kaseya’s cloud-based SaaS services were initially shut down as a precaution, but has since been restored, and an endpoint detection tool has been published online here.

It is now believed that the exploit for Kaseya VSA had recently been highlighted by the Dutch Institute for Vulnerability disclosure, but early patches to rectify the problem had not yet been issued. In the 48 hours following the breach, more than 2,000 VSA severs were taken offline – suggesting that many organisations did heed warnings issued by the US Cybersecurity and Infrastructure Security Agency (CISA), the UK National Cyber Security Centre (NCSC) and others – although Swedish supermarkets, New Zealand schools and many others have had systems crashed by encrypted data.

Kaseya is published regular updates to its advisory page, here.

 

For Cyberscurity expertise and support, please contact our team today.


Helping Us Keep You Safe

As things re-open from Covid-19 lockdown measures, Lineal are taking some important steps to help keep everyone safe while we care for your technology.

 

Regular Staff Testing

This Spring we introduced regular Covid testing, with Lineal staff receiving Innova SARS-CoV-2 antigen rapid lateral flow self-testing kits.

All results are received within 30 minutes and are submitted twice weekly via the GOV.UK Covid-19 test reporting service.

 

Maintained Social Distancing

Although staff have returned to the office, we’ve maintained flexible remote and home-based working for many, with around three-quarters of staff working at least two-days per week remotely. Staff hot-desking is discouraged – a measure we’ll review over time.

Lineal’s front-of-house has been enrolled in the NHS venue QR code system since September 2020, for app-based track-and-trace.

We’re asking both staff and clients to maintain onsite social distancing & mask use during site visits, as a precaution.

 

Vaccination

We’re encouraging all our staff to book vaccination appointments as soon as their age group is eligible under the national NHS covid-19 vaccine roll-out.

At time of writing, this programme has now been extended to those in the 30-40 age bracket.

 

We’ll be reviewing recommended best practice regularly as NHS guidelines are reviewed. For more information, please contact Lineal today.


FragAttacks: how they can devastate your WiFi devices

A new set of fragmentation vulnerabilities have been discovered which have the capacity to affect all WiFi enabled devices dating back to 1997.

There have been 12 identified separate vulnerabilities discovered by New York University Abu Dhabi researcher Mathy Vanhoef, named FragAttacks (fragmentation and aggression attacks) which have a dangerous data exfiltration potential to gather information about the owner of a WiFi enabled device and export it to a within-range attacker or to run malicious code to compromise the device; bypassing WEP and WPA security protocols.

Vanhoef announced that more than 75 tested Wi-Fi devices are affected by at least one of the FragAttacks vulnerabilities, but a majority of the devices are impacted by multiple CVEs. These tested devices included Huawei, Google, Samsung and Apple for mobile devices; computers from Dell, Apple and MSI; Xiaomi and Canon IoT devices; Asus, Linksys and D-Link routers; and Aruba, Lancom and Cisco access points.

Furthermore, the identified CVEs had the capacity to erroneously reassemble fragments encrypted under different keys, process fragmented as full frames and not clear fragments from memory when (re)connecting to a network. These vulnerabilities are named ‘FragAttacks’ due to the issues on how the WiFi network dissipates and then reorders data for easier transmission before reassembly at the receiving endpoint device.

Despite the existence of these unearthed vulnerabilities, WiFi Alliance released a statement saying that “There is no evidence of these vulnerabilities being used against WiFi users maliciously” and suggests protection methods to users through downloading “routine device updates that enable the detection of suspect transmissions or improve adherence to security implementations”

The video below demonstrates how the 12 discovered vulnerabilities can be used as a stepping stone to launch advanced malware attacks:


macOS Gatekeeper Vulnerability Discovered

Apple has released important security updates under macOS 11.3, in response to a serious gatekeeper vulnerability discovered by security researcher Cedric Owens.

The weakness, found in Apple’s ‘Gatekeeper’ tool which normally blocks unrecognised apps from being installed by default, allows a dangerous file to be rigged so as to not trigger the operating system’s inbuilt safeguards.

Writing in a Medium Post entitled ‘Gatekeeper Bypass: 2021 Edition’, Owens demonstrates a terrifying method by which an attacker can ‘very easily craft a macOS payload that is not checked by Gatekeeper.’

Once launched, no warning prompts prevent the user from installing just about any dangerous application, which can also communicate with external servers without even triggering App Transport Security (ATS).

The simplicity of the hack, which leverages the fact that scripts placed in Contents / macOS / directory are not checked, has been described by Objective-See as ‘massively bad’ and ‘a doozy’ of a blog post.

GateKeeper itself was originally introduced in 2012 as part of an effort to stop the spread of malware in Mac OS X ‘Lion’ v10.7.5, and was followed by enforced application notarisation in 2020 under macOS 10.15 ‘Catalina’, as Apple required software developers to have apps officially cleared for authorised use.

In response to the discovery, Apple have released macOS Big Sur 11.3 update with ‘improved state management’ that prevents the ‘bypass’ of Gatekeeper checks, and are urging macOS users to install the upgrade.

 

For Cybersecurity expertise and support, please contact our team today.


Facebook & Linkedin breaches hit 500 million users

Facebook and LinkedIn have both suffered massive data breaches, exposing the details of more than 533 million and 500 million user accounts respectively, it has been revealed.

Extensive leaked data from Facebook was reportedly found online by security researcher Alon Gal – including the personal information of 11 million UK users such as phone numbers, locations, birth dates and many email addresses.

It’s believed that the ‘hack’ may relate to a bug in Facebook’s friend-adding ‘Contact Importer’ tool which was fixed in September 2019. Previous breaches in 2017 fell before the introduction of GDPR, which Facebook argues absolved it of responsibility to notify users.

Questions still hover over the LinkedIn breach in particular, with the company claiming much of their data appears to have been aggregated from other sources, or (like Facebook) were perhaps not technically ‘hacked’ at all – but scraped in bulk from publicly visible parts of the popular professional website.

The huge cache of Linkedin data was thought to be on sale, after security researches found a 2 million user ‘sample’ advertised online.

A Facebook spokesperson told Reuters the social media platform will not inform users if their accounts were part of the breach, and Linkedin are yet to issue a statement on this point – although given that LinkedIn has around 740 million accounts in total, a clear majority of its users are likely affected.

Users of both platforms can check if their email addresses (and now phone numbers) were likely breached via either platform over at: https://haveibeenpwned.com/ – and are advised to update passwords as a precaution.

 

For IT Support and cybersecurity expertise, please contact our team today.


Urgent Patches issued for Microsoft Exchange Server

Microsoft have urged the system admins of on-premise Exchange email servers to upgrade in response to new breaches from state-sponsored hackers.

The Chinese group, known as ‘HAFNIUM’, are believed to have exploited previously undiscovered zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016 and 2019 via compromised US-based servers. Microsoft Exchange Online or related services (such as Microsoft 365) are not affected.

All four breaches were announced on Wednesday under the Microsoft Security Response Centre (MSRC) and graded ‘Critical’ – requiring urgent patching.

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 create a ‘perfect storm’ under which the attacker makes an untrusted connection to the targeted Exchange Server on port 443, and connects appearing to be someone with authorised access to add a web shell that grants a backdoor for future access.

HAFNIUM has previously been accused of industrial espionage and attempts to breach the technology of important private, public and national security organisations, including defence contractors.

As of 4th March, the Department of Homeland Security has also issued an emergency directive to all US federal agencies to urgently patch any on-premises Exchange servers by midday on 5th March.

 

For Cybersecurity advice and expertise, please contact our team today.


Cyber Aware Launch new Action Plan tool for Small Businesses

The UK National Cyber Security Centre have launched a new online Cyber Aware ‘Cyber Security Self-Assessment Tool’ to help small businesses.

Free to use, and aimed at organisations with fewer than ten staff, the short online questionnaire generates a handy to-do list of actionable cybersecurity recommendations and points to check, with guidance for each – depending on the answers submitted.

Questions are branching depending on the circumstances of each small business, but covers topics including backups, passwords, technology lifecycle management and more. Small business owners are also directed to useful plain-English resources to address each point highlighted.

Cyber Aware is a campaign launched by the UK National Cyber Security Centre (the public-facing arm of GCHQ) designed to provide simple guidance for individuals and small businesses to use technology more safely.

You can learn more about Cyber Aware, the NCSC, and get your own Action Plan here.

 

For IT Support and cybersecurity expertise: please contact our team today.


Five Tech Articles We Wish We’d Written

2021 continues to bring surprises, and in the fast-moving world of technology, new revelations are always just around the corner.

Here’s five of the most eye-catching tech articles our team have spotted in recent weeks:

 


“With no payload, analysts are struggling to learn what this mature malware does.”

A curious malware found on numerous latest-generation Macs seems to have no purpose, and even comes with a self-destruct mechanism – leaving the cybersecurity community baffled.

“New malware found on 30,000 Macs has security Pros stumped” – ARS Technica


“So Alex could just call Tony Abbott’s cell phone directly to report this, or send him a DM on Insta.”

Why shouldn’t you post a picture of your boarding pass on social media? A cybersecurity technician ends up talking to the former Prime Minister of Australia, after discovering you don’t necessarily need any hacking skills to breach a major international airline.

“Ep.84 – Jet Setters” – Dark Net Diaries


“What seems like a big win for privacy may, ultimately, only serve to tighten Google’s grip on the advertising industry and web as a whole.”

As Google decides Chrome will soon block all third-party cookies, Wired contemplates a world where Google controls anonymised ad-targeting.

“Googles next big Chrome update will rewrite the rules of the web” – Wired


“Facebook are saying it’s harassment and muting people and giving them a Facebook ban.”

A new anti-harassment standard accidentally strikes down Facebook users in the Plymouth area, highlighting the technical perils of non-contextual filtering by specific keywords.

“Facebook Apologises for Flagging Plymouth Hoe as offensive term” – Evening Standard


“Chrome OS became the second-most popular OS..”

Driven largely by education sales, Chrome OS has officially become the world’s second-most popular operating system, taking new market share from Microsoft Windows and pushing Apple’s MacOS into third place.

“The world’s second-most popular desktop operating system isn’t macOS anymore.” – ARS Technica


 

For IT expertise and support, please contact our team today.


Final Month for Edge Legacy Browser

Support for Microsoft Edge Legacy will officially end on 9th March 2021, and the web browser will not receive any further security updates, Microsoft have announced.

The next Windows 10 monthly update, due 13th April, will automatically include the new (Chromium-based) Microsoft Edge and replace the legacy version automatically.

Edge was originally released in 2015 as a direct replacement and refresh for Internet Explorer, which was rapidly losing market share among the world’s most popular web browsers. Edge Legacy, which used EdgeHTML, was a programming fork of Microsoft’s ‘Trident’ engine that had been used in Internet Explorer 11.

The new Edge, released in 2020 and based on the same Chromium ‘Blink’ browser engine as Google Chrome, has proved more popular – and as of January 2021 looks set to overtake Firefox as the world’s third biggest web browser.

Enterprise organisations still provisioning the legacy version as standard are advised to plan their deployment of the new Microsoft Edge with the following set of steps.

 

Lineal are Microsoft Gold Partner – for IT expertise and support, please contact us today.


Xiaomi debuts wireless air charging

Chinese tech giant Xiaomi have debuted a new, longer-range, wireless ‘air charging’ technology.

Mi Air Charge allows a special charging beacon in the home to detect a device, such as a smartphone, and directionally provide up to 5W of wireless charging at a distance.

The company claims this is the first ‘truly’ wireless charging technology that doesn’t require a device to be physically placed at a base station for induction charging.

144 antennas comprising a phase control array allows the beacon to direct millimetre-wide charging waves via beamforming to a special rectifier circuit on a Xiaomi smartphone handset that recharges the device battery. The company believes similar technology will eventually be available for smartwatches, smart speakers and other home devices.

It’s not yet clear how far a user will be able to roam from the beacon, although Xiaomi claim the charging will work at ‘several meters’ distance.

Although the device is largely a marketing prototype at this stage, Xiaomi are expected develop it into a viable consumer product. The corporation has been officially listed on the Hong Kong Stock Exchange since 2018, and is focusing on ‘Internet-of-Things’ (IoT) devices and supporting technology.

 

For IT support and expertise, contact our team today.


Microsoft Teams adds Breakout Rooms

Microsoft Teams have added Breakout Rooms to online meetings to support group collaboration.

Breakout rooms act as small satellite virtual meetings, and can be used to temporarily divide a larger meeting into smaller teams for workshop exercises or brainstorming sessions.

The feature has been a popular request among Education users, as successive Covid-19 lockdowns forces more academic institutions to adopt remote-teaching.

Teams supports up to fifty simultaneous breakout rooms with custom names, assigning individuals to specific rooms, organiser announcements across rooms, and automatic closing of rooms back into the meeting.

The additional control is still marked as ‘Preview’ while the feature is being rolled out to PC and Mac users.

Lineal are a certified Microsoft Gold Partner – for Microsoft 365 expertise and support, please contact our team today.


81,000 .eu Domains Frozen

Approximately 50,000 UK customers have had .eu domains suspended, following Brexit.

The .eu domain registrar EURid has formally suspended 81,000 such domains as of 1st January 2021, following the decision that .eu ownership requires the owner to be resident in a country that holds membership of the European Union.

Many internationally trading UK companies hold foreign domain versions of their websites to assist trading overseas, support multiple languages, improve web performance in other territories and develop export markets.

Numerous IT services, including email, websites, directories and more are often also tied to domains which represent a key pillar of many companies’ authentication technology.

Many British domain holders cancelled their domains as the transition period approached – over 200,000 .eu domains held by UK customers were cancelled between 2018 and 2021, with registrars contacting customers multiple times to alert them to the changes.

Although the remaining 81,000 have not been not cancelled outright, UK customers have no way to recover these domains without being able to prove the owner holds citizenship of an EU member state, and provide a suitable registered address.

Britain’s exit from the EU also begins a countdown for these customers – who must either have an EU company representative to renew on their behalf, or face their domains put back up for sale again by 2022.

 

Need IT Support expertise? Contact Lineal today.


Internet Providers Announce 2021 Broadband Price Rises

A number of major UK internet service providers (ISPs) have announced above-inflation broadband price rises for 2021.

Virgin Media says an average customer will face a 4% rise this year – announcing that the increase is part of a plan to invest £1 billion in its network infrastructure.

BT, EE and Plusnet have also amended their terms of service, and are expected to publish above-inflation price rises over 4% shortly. Sky have already raised prices, with some customers seeing increases of up to 10%.

Ofcom figures suggest market rates for broadband have remained broadly consistent over the course of the last decade prior to 2020 – driven in part by more of the UK being brought on-stream under Openreach’s superfast fibre roll-out.

broadband price rise

Although network investment is likely to be welcomed, many customers will no doubt suspect ISPs are raising profits at a time that the UK is particularly dependent on home use of connectivity.

Where investment also supports fibre-to-the-premises (FTTP) rollouts, the increase may also represent a regressive step – charging customers in less well-connected parts of the country with slower broadband to fund upgrades in already better-connected areas.

Approximately 41% of broadband customers are not in contract, and the best deals are gained by those who look for options rather than renewing automatically. New Ofcom rules mean that price rises from an ISP allow escape from contract terms, giving customers other options.

Contact Lineal – Placing your connectivity with a trusted IT provider can be both more organised, and sometimes better value. Contact us today!


October 2020 Windows Update – What’s New?

Microsoft have previewed the Windows 10 October 2020 update with a partial re-design aimed at making the display clearer and enhancing security options.

Windows 10 updates are free of charge and are now issued to over a billion devices on a twice yearly update cycle.

Among the changes recently revealed on the Windows Experience Blog were:

  • “A refreshing Start. The Start menu has a more streamlined design. A uniform, partially transparent background to the tiles creates a beautiful stage for the redesigned app icons like Calculator, Mail and Calendar. This refined Start design looks great in both dark and light themes, but if you’re looking for a splash of color, first make sure to turn on Windows dark theme and then toggle “Show accent color on the following surfaces” for “Start, taskbar, and action center” under Settings > Personalization > Color to elegantly apply your accent color to the Start frame and tiles.”

Ease of use has also driven other improvements, such as more natural support for Windows 10 on convertible devices:

  • “2 in 1 toast elimination. 2-in-1 devices now naturally switch by default to the new tablet experience without the notification toast asking you to switch into the tablet mode when you detach the keyboard, helping to keep you in your flow.”
  • “A Taskbar tuned to your liking. Getting a new Windows PC? You will enjoy a cleaner, more personalized, out-of-box experience featuring a taskbar specifically curated for you—less clutter and more content that you’ll love. (This experience is limited to new account creation or first logon scenarios.)”

In addition the new version includes security enhancements – including an updated version of Windows Hello3 single-sign-on & multi-factor authentication technology:

  • “Simpler device management. Mobile Device Management (MDM)1 now includes a Local Users and Groups policy that gives administrators the same options as on-premises Group Policy.”
  • “More secure biometric sign on. With enhanced sign-in security2, Windows Hello3 now offers added support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates and secures a user’s biometric authentication data.”
  • “Stronger app protection. Windows Defender Application Guard (WDAG)4 now helps protect Microsoft 3655 as well as Microsoft Edge with a unique hardware isolation strategy. WDAG keeps enterprise data protected by opening sites and Office files from untrusted sources in a virtualized container.”

 

Lineal are a Microsoft Gold Partner – for IT support and solution expertise, please contact our team today.


Lineal Becomes Keeper Partner

Lineal Software Solutions has become a managed servicer provider for Keeper Password Management.

We tested a number of different Password Management providers, including 1Password and LastPass, but were particularly impressed with Keeper.

Password management is increasingly recognised as a key pillar of cybersecurity: the UK National Cyber Security Centre admits it is ‘virtually impossible’ for users to use unique passwords for all their accounts without software assistance.

Password managers help users remember all their passwords – but can be a much more powerful tool for dramatically limiting the damage in the event of a single account being compromised.

Criminals increasingly use credential-stuffing attacks where automated tools use previously-breached account details to gain access to the user’s other accounts.

A good password manager ensures you can use a strong, randomly generated and distinct password across each of your accounts to prevent any single breach putting other data at risk.

Keeper can also notify users when breached passwords are identified online, integrate with single sign on tools such as Active Directory, and enforce multi-factor authentication – all important considerations for organisations needing to maintain cybersecurity standards across large teams.

For added convenience, Keeper is available via the web, Windows/MacOS desktop clients, browser extension and Android/iOS mobile app.

 

For Cybersecurity advice and expertise, please contact our team today.

 


AI saves the day

AI lent a helping hand to one of our technical support teams last week to help Lineal save a local business from an email hack.

At 07:40 GMT on a seemingly normal week day, Barracuda Sentinel issued an alert to Lineal to say an account had been accessed from a suspicious location.  It seemed a malicious actor, appearing to be from Nigeria, compromised one of a client’s finance department email accounts, and created a forwarding/delete rule in the inbox.

Barracuda Sentinel’s AI email protection caught the account takeover attempt, and as a result, we were able to mitigate and resolve a significant threat to one of our customers. Barracuda Sentinel detects both account takeover attempts and attacks launched from compromised accounts.

Corporate account takeover presents a significant new threat to business. Hackers gain access to email accounts and use them as tools to launch subsequent targeted attacks, internally and against external targets – who themselves fall victim.

Account takeover or attacks that originate from these accounts are almost impossible to detect as they don’t use the usual impersonation techniques—they come from a legitimate account and appear to be from a trusted source, allowing the attacker to initiate sophisticated financial scams.

Lineal automatically picked up the alert & create an incident in Barracuda Sentinel.  Sentinel remediated the issue with an immediate password reset, disconnecting all active logon sessions for the user and deletion of any rules created during the incident time.  Within 40 minutes this potentially disastrous event was avoided.

Barracuda’s worldwide threat protection network automatically gathers intelligence from inboxes around the world to deliver award-winning security, checking both inbound and outbound email to stop the spread of cyber-threats and malicious communications.  To find out more visit our Barracuda Email Security page on our website.

This risk could have easily been mitigated by using any of Lineal’s services, such as:

  1. Using Multi-Factor Authentication (MFA) on the account,
  2. Barracuda Sentinel-type tools to alert/remediate on compromise,
  3. Having Azure P1/P2 licensing to allow the use of conditional access to prevent sign-ins from risky locations, untrusted countries, etc.

If you would like to find out more about Cybersecurity and how Lineal can help protect your business please contact us.


Top Marks in Lineal Satisfaction Survey 2020

This year’s Lineal Client Survey 2020 saw hugely positive feedback, and record customer satisfaction results for our staff – thank you to all who took part.

2020 has been a turbulent year so far, but our positive improvement in the quality of our technical services continues from similar results during recent years. (Past Client Survey Results: 2019, 2018, 2017, 2016)

A record high number of you (76%) felt we “understand your questions and/or problems” “Extremely Well”. This is the most people who have ever awarded us the top grade, and represents long-term progress: over double the quality score we received back in 2015.

We asked an important supplementary question this year: how did you feel our IT Teams supported you during the Covid-19 lockdown specifically? Respondents graded us strongly, with a mean average of 4.45 stars out of 5.

covid-19 it support score

For the first time, more than 70% of respondents considered our overall customer support “Great” – also the highest grade available, and twice our score from five years ago.

We also continued to make steady progress on our speed of responsiveness: more than 50% of you now feel we respond ‘Quicker’ than expected, and for the first time more than 20% of you considered us to be “Much Quicker” than expected – again: a rating we’ve doubled in recent years.

Lineal’s Net Promoter Score – an industry wide metric for good customer service which asks whether respondents with consider referring our services to a friend or colleague, rose to +56 this year, our best score to date.

Your feedback helps us identify areas of weakness where we still have room to improve: and to focus training and other resources on ensuring our clients receive the best service possible. In this coming year, we’ll be looking at ways to track our progress more steadily over time.

  • “Staff show an understanding of the issues and are dedicated to resolving them and formulating a constructive outcome cost effectively. It is not so much about a quick response and service, it’s more the fact that the staff take ownership of the problems.’
  • “We love Lineal.  So helpful and understanding of our needs.  No other company matches up to the efficiency of them.  Big thanks to Paul and Hugo!”
  • “When we moved from Outlook 365 Home to Business we could not have had more support.”
  • “Fantastic service! They helped me find a replacement iMac when mine died, and the service they give is exemplary! Highly recommended! 10/10.”

 

For expert IT Support and technical services, please contact us today.


Adobe Lightroom Users Suffer Data Loss

Many Adobe Lightroom users on iOS have suffered a crippling data loss after a faulty routine update.

Users who updated to Adobe Lightroom Mobile 5.4.0 on iPhone or iPad had their photos and software presets deleted unexpectedly.

Adobe, which develops a large suite of creative apps for the media and design-sectors, has apologised and issued an update for the fault, but made clear that the lost data is irretrievable to those without backups.

The software company’s statement clarify it is only a subset of Lightroom users who have been affected – specifically those:

  • Using Lightroom Mobile 5.4.0 on an iOS device (iPhone/iPad)
  • Without an Adobe Cloud Subscription, or with cloud sync disabled
  • Without a separate device or cloud backup (such as iCloud) in operation, independent of Lightroom itself.

This includes many free version users who would have trialled Lightroom without a full Adobe Creative Cloud subscription.

Hundreds of unlucky users took to Adobe’s Support Forums, social media and Reddit to complain that years of photos had been lost as part of the routine update. Others flagged that restoring from local device backups deleted the restore once the app was re-opened.

As noted by The Register, Adobe’s problem is especially acute given Lightroom’s specialist popularity among professional photographers, and others who have significant time or money invested in valued images.

Users are advised to update to 5.4.1 to avoid the issue, although this will not restore lost photos. As always: please, please, please maintain an independent backup of all data you can’t afford to lose.

 

For IT Support and business continuity assistance, please contact our team today.


UK Gigabit Voucher Scheme FAQs

Qualifying businesses in many rural parts of the UK are eligible for a Voucher worth up to £3,500 to help get new leased-line fibre broadband installed under the UK Gigabit Voucher scheme.

The Government recently urged SMEs to apply, with Digital Minister Matt Warman MP arguing the £70m pot is “still there for the taking.”

But what is the Gigabit voucher scheme, and how does it work?

 

How fast is gigabit?

Gigabit broadband is 1,000 megabits/per second (around twenty-times the download speed of a normal domestic FTTC connection) and unlike conventional broadband, supports a ‘symmetrical’ upload rate that is equally as fast as the download.

In most cases however, SMEs will deliberately opt for a more limited connection speed on a gigabit ‘bearer’ (eg: 200Mbit/s up and down) to keep costs manageable, while retaining the capacity and option of regrading up to a maximum of 1,000 Mbit/s at a later date if needed.

 

What does the voucher get used for?

Most connectivity providers charge an installation cost on new Leased Line installations – normally based on the length of fibre cabling that must be ‘dug in’ to connect the business. The voucher is a refund to help offset this upfront cost. Businesses must pay the ongoing monthly connectivity charges as normal, but the voucher is intended to help firms overcome the initial barrier-to-entry.

 

I’d like £3,500 please.

Quite! Although the the voucher is paid direct to your chosen supplier. Once your business has applied and been deemed eligible, your supplier will submit your voucher with your details when you place the initial order for your leased line. After your fibre is dug-in and connected, the scheme will check that your service is live before paying your supplier the due amount.

If your install is less than £3,500 you are likely to only be awarded the relevant cost, rather than the full amount. In most cases businesses will be signing a leased-line term with their provider for the ongoing cost of connectivity – normally between one and five years.

 

Can I use my voucher via Lineal?

Yes! We use Gamma Telecom Ltd for fibre leased-line connectivity, who are an approved supplier under the Gigabit Voucher Scheme.

 

Why is this funding being offered?

Successive Governments have reasoned that investing in better broadband is good for UK business growth, but the logistics of physically digging in fibre cabling is left to third-parties such as Openreach. Those providers insist ‘hard-to-reach’ properties are not economic to connect under the regional FTTC and FTTP broadband roll-outs because of the upfront cost of this installation work, or that gigabit fibre to the entire country is only achievable over the long term. For the best return on investment, the Government wants to prioritise upgrading businesses that already suffer slow speeds.

Gigabit fibre installations to commercial properties are also a capital project – the physical fibre, once ‘dug-in’ to a business premises, may end up being used for years to come by future businesses who take over the site, allowing more companies to benefit from widespread upgrades to the existing infrastructure.

 

What are other businesses doing?

To date around £90m worth of vouchers have been awarded so far, and around 29,000 connections have already gone live. The Government’s election pledge during 2019 was for gigabit fibre for the whole of the UK by 2025, a target which is widely expected to be missed.

This leaves rural businesses dependant on inclusion in their regional fibre-to-the-cabinet broadband roll-out as a stopgap, hoping to be included in an early tranche of Openreach’s future FTTP roll-out, or looking to fund the upgrade to a leased lined themselves.

 

Help! We really are out in the sticks!

If the cost of your install is still too large, there are other options: such as pooling your vouchers with neighbouring eligible businesses, accessing faster connections via 4G or point-to-point link. Speak to us to learn more.

 

How do I find out more?

You can learn more about eligibility and how to apply for your voucher via the UK Government’s Gigabit Voucher Scheme website here: https://gigabitvoucher.culture.gov.uk/ or get in touch with Lineal for more information.


SQLWorks V10 Launches

Announcing Version 10:


Lineal Software Solutions are excited to announced the public release of our next generation of SQLWorks software.

Version 10 of our flagship business management suite harnesses more advanced manufacturing capabilities for the first time – introducing brand new material resource planning (MRP) capabilities into our existing integrated accounting, CRM & stock control platform.

Automation is critical to productivity. SQLWorks MRP allows businesses to instantly gauge future demand for stock items & materials based on a flexible time horizon and existing stock availability, automatically generate purchase orders for approved suppliers, automatically roll-up part and cost changes through bills of material, and automatically create works orders for production centres on the factory floor.

 

“… We are clear that the faster adoption of technology will result in greater investment and in more manufacturing taking place in the UK.”

 

UK Gov ‘Made Smarter’ Manufacturing Review

 

 

These hotly-anticipated new features will help drive real business benefits, especially among manufacturing and logistics companies: including more intelligent and cost-effective purchasing, optimised stock holding, and coordinated forward planning of production.

Factory managers can now backflush manufactured items, auto-attach engineering documents, optionally roll-up updated part-costings from purchasing through the relevant kits, and even import new assemblies from popular engineering CAD software via drag-and-drop.

 

 “… British manufacturing needs a factory reset.”

Mike Matthews, Lineal Software Solutions

 

MRP is an immensely powerful tool for running a business – and we’ve given users the ability to drill-right down into purchasing and production recommendations – finding the exact source of demand from potentially thousands of orders, to line level, with a simple double-click.

SQLWorks manufacturing abilities integrate seamlessly with other business processes across accounting, CRM and stock control – and we’re planning further extensions to functionality for release later in 2020: including detailed capacity planning, support for ‘Just-In-Time’ (JIT) style manufacturing, and more complex ad-hoc report building.

 

sqlworks versions

 

We’ve also made some updates to the visual identity of SQLWorks with this iteration to help make our software feel smoother and more accessible to new users, and expanded Lineal’s UK Software Development Team of Omnis developers to hasten our development cycle.

Mike Matthews, Lineal’s Managing Director, explained: “This is a terrific new leap forward for our SQLWorks software. The new release is our most advanced ever, and introduces powerful new manufacturing and logistical control to our existing business management tools.”

manufacturing

Measurable Business Benefits


  • One, fully-integrated platform
  • Heightened financial visibility
  • Hours of work duplication saved by automation
  • Greater manufacturing control
  • Optimised spending & stock holding
  • Genuine support for business continuity

 

“We believe the ability for industry to automatically complete important engineering tasks – like importing newly-designed assemblies, production planning, updating part costs and forecasting future operations – will prove a popular choice among manufacturers.”

“Post-lockdown many firms will be doing some serious soul-searching about whether their systems are really up to scratch. British manufacturing needs a factory reset. If you can’t innovate then you’re at a dead end, and modernisation will be an important part of the UK’s economic recovery.”

SQLWorks V10 with MRP is available NOW

 

Learn more at www.sqlworks.co.uk or by contacting our UK Software Development Team today.


Lineal on Tech South West Podcast!

Lineal’s Mike Matthews and Huma Mahmood-Khan recently featured on the Tech South West Podcast (‘Tribe Tech’) – to discuss the post-lockdown recovery, women in tech, and Lineal’s new SQLWorks MRP software.

It’s nearly a year since Lineal was shortlisted for Tech Company of the Year, and won a 2019 Tech South West Award (North Devon Cluster). Members of our team were invited to discuss recent developments, including Covid-19 and other issues facing the technical sector, alongside other award-winning tech businesses from across the region.

Listen now for the story behind our response to the C-19 crisis, the importance of more women exploring a career in tech, and the latest developments for our hotly-anticipated new SQLWorks software release.

Tech South West exists to champion the area’s growing number of technology businesses, showcase innovation and suport STEM skills across the wider South West region – partnering with a number of more local Tech Business Groups to advocate for the sector.

You can learn more about their mission on their website here: https://www.techsouthwest.co.uk/

 

For IT expertise and support, please contact our team today.


DNS Vulnerability: Your IT Team to the Rescue

July 14th: as Microsoft flag a ‘Critical’ Level-10 DNS vulnerability on Domain Name System (DNS) servers worldwide, Lineal engineers rush to patch the infrastructure of dozens of organisations overnight.

The Microsoft Security Response Center recently released details of CVE-2020-135, a ‘Critical Remote Code Execution’ weakness deemed ‘wormable’ (potentially spreading between devices automatically) affecting all Windows Server versions.

A grade of 10.0 is the highest possible severity level that can be assigned under the Common Vulnerability Scoring System Calculator. For comparison the WannaCry attack, which temporarily crippled the NHS in 2017, had a CVSS rating of 8.5.

Lineal staff use remote monitoring software to administer large numbers of client servers and devices, monitor hardware health and deploy patches more rapidly – and were quickly on the case overnight to patch the vulnerability as a special emergency.

dns vulnerability conversation

Within 8 hours we’d patched a large number of DNS servers – applying both an initial fix and further scheduled updates.

DNS is a naming technology which translates the identities of computers, servers and other networked devices into the IP addresses used for connecting on private and public IT networks.

dns how stuff works diagram

For this reason, DNS servers often have massive reach, and must be carefully protected to mitigate the risk of compromising an organisation’s technology on a huge scale – even across the globe.

Israeli IT security firm Checkpoint Software Technologies, who discovered the 17-year old hidden bug and reported it to Microsoft, argue ‘this is not just another vulnerability’ and risks handing an attacker ‘complete control of your IT’ if IT admins fail to address the issue urgently.

 

For IT expertise and support, please contact our team today.


Sharepoint Maximum File Size Increased to 100GB

Microsoft have increased the Sharepoint maximum file size upload limit up to 100GB.

Previously limited to 15GB, Microsoft’s powerful cloud-based, centralised file sharing platform used by businesses and enterprise organisations around the world will now permit users to store larger files following Microsoft’s June update.

A default Sharepoint tenant of 1TB could now store up to ten 100GB files – allowing Microsoft 365 users greater flexibility to store or backup longer videos, CAD designs and other typically large filetypes used by specialist software.

This also applies to Microsoft 365 products which use Sharepoint as their underlying technology behind the scenes – such as OneDrive, Stream and Microsoft Teams.

Although Sharepoint is mainly a web-based platform, Microsoft actually recommends anyone uploading files bigger than 1GB to do so using the OneDrive sync client – saving a local copy inside a local desktop folder that itself synchronises with the linked Sharepoint site.

You can learn more about recent updates to Sharepoint here.

 

For Microsoft expertise and IT support, please contact our team today.


Apple introduces macOS Big Sur with a beautiful new design

macOS 11.0 Big Sur, unveiled in June 2020 at WWDC, is the newest version of macOS, set to be released this Autumn.

macOS Big Sur elevates the most advanced desktop operating system in the world to a new level of power and beauty.   Delivering their biggest design upgrade since the introduction of Mac OS X. Experience and enjoy Mac to the fullest, with a refined new design and the biggest Safari update ever.  Discover new features for Maps and Messages and get even more transparent around your privacy.

Mac OS X is finally finished, with Apple confirming that it’s officially moving to macOS 11 after almost 20 years of OS X (or macOS 10).  This fall, users will finally be upgrading from the 10.X versions that Apple has been using for nearly two decades to version 11.0.  It’s ‘MacOS’ from now on, much like ‘iOS’ and ‘iPadOS’.

Safari Updates

Safari is packed with new features, including a customisable start page, elegantly designed and more powerful tabs, quick and easy translation, and a new Privacy Report.  A new weekly Privacy Report on your start page shows how Safari protects your browsing across all the websites you visit.  Users can choose when and which websites a Safari extension can work with, and tools like data breach password monitoring never reveal your password information — not even to Apple.

In the biggest update to Safari since its original launch in 2003, the world’s fastest browser is even faster, providing industry-leading speed and battery life.  Tabs have been entirely redesigned to make navigating with Safari faster and more powerful by showing more tabs onscreen.  Displaying favicons by default to easily identify open tabs, and giving users a quick preview of a page by simply hovering over the tab.

Other newly Updated features

The updated Messages app lets Mac users send and receive more personal and expressive messages, and easily keep track of and interact within group messages. Maps also offers an all-new experience with immersive features for exploring and navigating the world.

macOS Big Sur delivers a spacious new design that makes navigation easier, while putting more controls at users’ fingertips.  Overhauling everything from the curvature of window corners to colours and dock icon designs.   A refreshed Dock displays thoughtfully designed icons that are both uniform and consistent in shape to match others in the Apple ecosystem.  Buttons and controls for apps appear when needed, and disappear when not in use.  The entire experience feels more focused, fresh, and familiar, reducing visual complexity and bringing users’ content front and centre.

The customisable menu bar features a new Control Centre, delivering instant access to the controls used most, from the desktop.  And a new design for core apps brings more organisation to multiple open windows and makes interacting with apps even easier.

macOS Big Sur is available to developers, with Apple planning to make a public beta available to public beta testers next month. When it launches in the fall, macOS Big Sur will be a free update for all compatible Mac models.

 

For Apple device expertise and IT Support, please contact our team today.


How to get value from offering public WiFi

Free public Wi-Fi is a popular service for retail, events and hospitality providers to offer, and increasingly becoming an expected service among the public.

This needs careful thought: not least technical considerations like how to keep public networks isolated from work networks, and providing strong enough connectivity to support the user environment.

But most importantly: how should a businesses or organisation to gain value back from providing free Wi-Fi? We take a closer look at some of the best techniques.

 

Authentication & Audience Participation

Most public Wi-Fi networks expect connecting users to ‘authenticate’ by providing details such as their email address or name, and often accepting some terms and conditions of use.

This can be a fantastic marketing opportunity to gather email subscribers, demographic data, survey product popularity, or simply count customers.

Alternatively, commercial quality systems like Cisco Meraki also offer hidden gems like Facebook Authentication – in which the user has to ‘Like’ the business brand or page to gain access. This kind of authentication is superb way of increasing your visibility online by leveraging value from public Wi-Fi – effectively asking the public to become your marketeers via social media.

Physical signage and other real-world marketing can also encourage visitors to share their experience of your venue or event online while their complimentary connectivity is available.

Targeted Advertising

‘Splash’ Pages loaded on the User’s device when they first connect are customisable on many business Wi-Fi platforms, and this creates a perfect opportunity to brand the experience.

Treating this like a regular webpage offers the chance to advertise offers that are time-sensitive, updated seasonally, or promoting key products.

Alternatively, if your audience is large or targeted enough, then this space can be treated like digital real-estate, and sold on as advertising space to others looking to reach an audience.

Footfall Mapping

By combining signal strengths from different access points and triangulating the direction, enterprise systems like Meraki are able to produce animated ‘heatmaps’ of footfall around a site or venue over time.

This is valuable information it itself for public-spaces and retail centres – who rely on being able to control or exploit human travel to maximise sales, minimise costs or optimise the flow of people.

Prompt for Reviews

You’ll never get a more geographically targeted audience than this – so why not ask the key question when it counts?

To online brands in particular, digital reviews are worth serious investment, and smartphone connections direct with the customer is a perfect opportunity to prompt via the web for useful feedback or survey customer satisfaction.

Alternatively ask publicly: and gather Google Reviews, Facebook Ratings, Trustpilot Stars, or any other feedback that is of value to your organisation en masse.

 

For Wi-Fi guidance and networking expertise, please contact our team today


Adobe asks users to uninstall Flash

Creative-software house Adobe is urging users to uninstall Adobe Flash, before the software reaches End-Of-Life (EOL) in December 2020.

System administrators can find details on the end of Flash support here.

Flash is being retired for cybersecurity reasons: the same technology which can easily load web-based games or other client-side content is especially vulnerable to exploitation by hackers to run malicious scripts on a user’s device.

Adobe state in an update on their website that all security updates, and the availability of all version downloads, will cease from this date.

Flash-based content will also cease working – leading technical experts to suggest Adobe have recently programmed a ‘time-bomb’ into the code of Flash Player to render it useless after the supported date. This should help prevent users seeking out third-party versions, and represents one of the strictest policies towards end-of-life enacted by a major software developer.

Fewer and fewer websites still operate this way (possibly as low as 2.6%) since the original announcement of the technology being retired in July 2017. This follows major browser developers, including Google, Microsoft, Apple & Mozilla urging developers to transition to HTML5 and Javascript alternatives that are more integrated into the browser itself.

For Cybersecurity and IT expertise, contact our team today.


Lineal’s Kevin Tackles Four Marathons for Charity

Lineal IT Support engineer Kevin White is running four marathons during June in support of FORCE Cancer Charity and Breast Cancer Care.

To complete the challenge, he must run at least six kilometres every day throughout June, to exceed his one-marathon-a-week target.

Kevin decided to raise money for his chosen charities after wife Debbie, a nurse, was diagnosed with cancer herself twice during the past decade – and praised the support provided by FORCE cancer support centres across Devon.

The couple benefitted from counselling sessions, a breast-reconstruction support group, a course on life after cancer, pampering sessions and even travel insurance advice.

Debbie explained: “At the time I was first diagnosed there was nothing like this in North Devon. I found FORCE very helpful. At times it can feel like you are in the middle of nowhere not knowing where to turn. FORCE helped me to put things into perspective.”

zwift

Running under lockdown on a treadmill, Kevin’s progress is also logged in online exercise app ZWIFT  – allowing him to run ‘virtually’ with other runners and cyclists around the World while shielding – and to stay motivated.

Kevin has returned to running himself as part of a recovery: shedding five stone in weight since 2018. His fundraising target for the June challenge is £250 – but he hopes to exceed this at a time when many local charities will be struggling to fundraise.

On behalf of the whole team at Lineal: well done Kevin – keep going!

 

Learn more about Exeter-based Force Cancer Charity here, and Breast Cancer Care here.

For IT expertise and support, please contact Lineal today.


ASUS gambles on dual-screen laptop

Two years ago ASUS first previewed an experimental dual-screen laptop. Dubbed ‘ProjectPrCog’, the unusual concept creation effectively doubled the available screen size to both the top and bottom case of the laptop.

In 2020, ASUS have (sort-of) finally taken the plunge with the ZenBook Duo. An intriguing new design, this ‘one-and-a-half-screen’, $1499 version includes a secondary rectangular monitor in the lower half of the case for extra display room.

Among the theoretical advantages of a dual-screen laptop are the ability to hold communications apps like email or instant messaging on the lower screen while working on the upper, and the ability to stream video from the top while controlling the stream itself lower down. A powerful Intel i7 processor included as standard ensures the extra screen space isn’t wasted, and it’s easy to imagine the Duo becoming a cult-hit with graphic designers and similar.

The overall design is not quite as futuristic as ProjectPrCog – ASUS have shied away from a full touchscreen keyboard, favouring a cut-down version of conventional laptop keys, and a touchpad mouse/numberpad combination.

The ZenBook Duo is also thankfully less wacky than previously failed attempts at the same thing, such as Lenovo’s odd Thinkpad W700ds.

Conceptually though a dual-screen laptop still poses some challenges: a cramped keyboard close to the edge makes it quite difficult to type on top of er… one’s lap.  At 1.5kg the model sits around average for laptop weight, but dual displays is likely to impact the battery life considerably compared with single-screen models.

A highly commendable effort from ASUS and undoubtedly interesting. World-changing? Probably not yet.

 

For IT Support and expertise, please contact out team today.


Dropbox Trial New Password Manager

Cloud storage giant Dropbox is beta-testing a new password manager app – ‘Dropbox Passwords’ – by invitation only.

Password managers allow the user to generate and store encrypted, complex passwords for many user accounts inside a single piece of locked software and autofill them into websites and applications – making it easier to use diverse, complex passwords across all of your IT.

Password managers are measure increasingly recommended by respected cybersecurity authorities – including the UK National Cyber Security Centre. Options like 1Password, Lastpass and others are already well established, although Dropbox is likely to have significant reach to business customers considering using a password manager for the first time.

dropbox password manager google play

Unlike bigger rivals such as Microsoft’s Office 365 and Google’s G-suite, Dropbox do not offer workplace document editing apps – leading the company to explore new avenues for branching out beyond file-sharing and cloud-storage.

These plans have included Dropbox Paper (a collaboration and project management tool), integrations to other growing challenger-platforms such as Slack and Zoom, and now password management.

The rise of password managers have prompted some to speculate that the age of passwords (or at least – memorised key-string passwords) may be over – either replaced by biometrics or generated, encrypted, held and recalled by software.

Principally a cloud-storage company that helped establish file-sharing in the minds of those who had never used it before, only time will tell if Dropbox can establish a broader brand for securing a cloud-first IT business world.

Dropbox Passwords can be found by invitation only here: https://play.google.com/store/apps/details?id=com.dropbox.passwords_android

 

For cloud-software and cybersecurity expertise, please contact Lineal today.


Securing the NHS C19 Contact Tracing App

The combined NHS Digital Taskforce, NHSX, recently beta tested the new UK Covid-19 contact tracing app on the Isle of Wight, and have released code to the cyber security community to review.

The app logs interactions with other bluetooth-enabled smartphones each day, and allows the NHS to notify users who have been in contact with self-reporting Covid-19 cases that they should re-enter isolation as a precaution.

A recent blog post by the UK National Cyber Security Centre identified a number of areas for improvement, with the contact tracing app itself expected to be officially released in June 2020.

 

The Pairing Problem

NHS servers ping the app every 8 seconds to confirm active connections, and the app itself records received signal strength indicators (RSSI) via Bluetooth to gauge where users have been in contact with each other. Users then upload their records if they experience symptoms.

Any attacker with access to this upload traffic, (which does not include the user ID but is unencrypted) could begin comparing submissions via start/end times and signal strength readings, and would theoretically be able to pair these users together.

This problem of uniquely identifiable pairs potentially compromises the identity of the individuals using the app, as well as their location history relative to each other.

The NCSC have confirmed that in the release version, even ‘anonymised’ RSSI data will itself be encrypted, to stop any third-parties attempting to ‘re-identify’ either or both of the users.

 

Intercepting the Public Key

In beta testing, the Authority’s Public Key was not transferred to the user’s phone via TLS encryption (like a secured web-page) raising the possibility that although the app could be downloaded successfully, this important piece of information used for submitting data could be compromised.

This would be akin to a kind of ‘man-in-the-middle’ attack, where a user’s encrypted uploads could be (even if not unencrypted) sabotaged or withheld during transmission back to NHS systems.

Security researchers have suggested that since this key is not secret, it should be wrapped into the installation of the app itself.

The NCSC have since confirmed that intermediate certificate pinning has been used to reduce the risk of this happening, and that this limitation will be fixed once the Isle of Wight trial ends.

 

Bluetooth Broadcast Values

The app operates via broadcast values with change every 24 hours to prevent a device being tracked by Bluetooth over longer periods of time. This is significantly longer than the industry standard 15 minutes.

However, more controversially, a predictable ‘KeepAlive’ counter is used to connect old and new broadcast values, raising the potential for an attacker to re-identify the user beyond the 24-hour limit.

The NCSC defends the longer-term tracing as necessary to establish social interactions more accurately, but has resolved to randomise the counter to stop broadcast values being easily matched or the user re-identified endlessly.

 

Whistleblowing

Under beta testing, the app’s original policy documentation contained the line: “You may not publicly disclose any details of the vulnerability [that you’re reporting] without consent from NHSX.”

This would have run counter to the NCSC’s own vulnerability disclosure policy, which suggests that members of the technology community should be encouraged to highlight system weaknesses (particularly during public consultation beta-tests) for correction.

This line is to be removed from the public release version.

 

For cybersecurity support & IT expertise, please contact our team today.


Reply All Email Storm Protection launches for Exchange Online

Microsoft have announced Reply All email storm protection for Exchange Online – designed to prevent crushing organisational reply all email chains.

By default, the feature will detect ten reply all emails to over 5,000 recipients within 60 minutes, (what IT admins jokingly call a ‘reply-allpocalypse’) and will block further sending to prevent the problem escalating.

A particular problem in large organisations, email storms begin when large numbers of recipients click ‘reply-all’ either to respond or ask to be removed from the chain – massively multiplying the overall number of emails passing through Exchange servers.

If you find yourself stuck in a big reply all email storm, the guidance is simple: Do nothing. Do not reply to the email. Replying only makes the problem worse for everyone in the email chain, including you.

reply all email storm protection

Reply all email storms have plagued large organisations. The NHS was infamously struck by a server-crushing 500 million emails in less than two hours on 14th November 2016, after an IT contractor accidentally sent a test email to everyone with an NHSmail email address – approximately 840,000 people.

Microsoft itself became one of the first test cases during the “Bedlam DL3” incident of 1997, when a user emailed 13,000 company addresses. Other users unaware of how many replies they were sending asked to be removed, and by the time the storm had subsided a terrifying 15 million emails had been sent – far beyond the capacity of late-90s email servers.

Reply-all email storm protection is currently being rolled-out to Microsoft Exchange Online and packaged services including Microsoft 365.

 

For IT Support and expertise, please contact Lineal today.


Microsoft launching new Teams features

Microsoft Teams will soon gain the ability to display video-call participants in a 3×3 (9-person) grid, among other new Teams features.

The new teams features improve on the current limit of a 2×2 (4-person) grid – one notable limitation when compared with popular rivals such as Zoom.

Other features being added include custom-backgrounds, a ‘raise-hand’ feature similar to that used in Citrix GoToMeeting webinars, audio-sharing and call recording for 1-1 direct calls. The iOS version on mobile/tablet will also gain Teams’ background blur feature used to obscure the caller’s surroundings.

Recognising perhaps that Teams is still new to many workplace settings there has been a revised focus on hardware for new teams features: ‘Teams Certified’ audio/conferencing devices are now available, and the new Teams push-to-talk ‘walkie-talkie’ mode designed for field workers is currently in preview.

teams dashboard preview

Playing catchup with Teams’ dramatic surge in popularity – to over 44m daily users and 1000% more calls during lockdown across the globe – Microsoft are also overhauling the Teams Admin centre to give admin users more visibility and control over meetings, usage and group policies.

 

Lineal are a certified Microsoft Gold Partner. Learn more about Microsoft Teams, or contact us today.


Number of Covid-19 Scams Explodes

The volume of Covid-19 scams and phishing emails has increased dramatically in recent weeks according to cybersecurity authorities.

Email security software and cybersecurity provider Barracuda Networks has reported a 667% increase in phishing emails throughout the pandemic.

Common scams include pretending to represent Government, law enforcement or medical authorities to obtain information or financial payment, blackmailing users with threat of infection, donation requests for fake organisations, and malware distribution – including one new ransomware even dubbed ‘Coronavirus.’

Barracuda Covid-19 email scams graph

Via Barracuda: Source 

In a joint statement published in April, the UK National Crime Cyber Security Centre and US CISA (Dept. of Homeland Security) notes the sudden rise in Covid-19 scams, and even highlight instances of SMS text-messaging phishing attempts mimicking UK Government text alerts.

In the example cited, a fake compensation payment is offered to entice the user to hand over details via an imitation UK Government website.

covid-19 scam sms phishing example

There has also been a growth in online hackers and trolls targeting Zoom and other video conferencing platforms. Users unfamiliar with this kind of software in particular may prove an easy target for cyber criminals.

Phishing scams are part of a larger trend of online Covid-19 themed fraud. In March, the NCSC removed around 500 fake online shops claiming to be selling fraudulent virus-related items over the internet.

Google currently estimate that Gmail filtering is blocking over 100 million phishing emails each day, and that almost 20% of online email scams now refer to Coronavirus (around 18 million) – likely to be the largest phishing ‘theme’ in history.

 

For cybersecurity expertise and assistance, please contact Lineal today.


Mid-market iPhone SE relaunched by Apple

Apple have launched a new mid-market iPhone, the iPhone SE, to popular aclaim.

Similar to the iPhone 7 in appearance, this more baseline model of iPhone is designed to broaden the user-base of Apple’s popular iPhone range into the territory of more budget Android smartphone alternatives.

Not that Apple have scrimped on the technology – even the more basic SE includes an A13 Chip, 4.7-inch Retina HD display, and the ‘best single camera’ system on an iPhone ever (as opposed to the multi-lens affairs on more premium iPhones.)

In a nod to the World’s current Coronavirus difficulties, the SE also contains the original TouchID fingerprint sensor, so that users can still unlock the screen without removing facemasks.

Like it’s experimental predecessor, the 2nd-generation SE will also be available at more affordable prices: including £10.99 a month, or £279 upfront via Apple trade-in, suggesting there will soon be some very cost-effective deals reaching customers on the high street. To thin Apple’s extensive iPhone range, the iPhone 8 will also be discontinued.

Apple’s physical high-street stores remain closed due to Covid-19 lockdown – however online preorder begins from Friday 17th April, starting at £419.

For technical expertise and business mobile, please contact Lineal today.


Keeping Things Moving

As businesses and their staff begin to adapt to the UK’s Covid-19 lockdown, we take a closer look at how IT Support requirements have shifted.

After two weeks of IT Support call volumes to Lineal rising significantly, queries have begun stabilising as the organisations and companies we support, and their employees, become more accustomed to working from home.

You can find answers to Frequently Asked Questions in our lockdown FAQs article here.

In parallel, the nature of IT tickets we commonly address has also altered, with a majority of support queries involving either virtual private network (VPN) or remote access assistance – even overtaking email in the short term.

We’ve seen renewed interest in cloud-based services, including Microsoft Office 365 tools, Gamma Horizon hosted telephony, and Azure-based computing, as well as portable hardware shortages – with major distributors keeping things moving but reporting limited availability of new laptops, headsets and power cables.

In-house, Lineal’s own use of Microsoft Teams has increased noticeably as staff work remotely. Following an initial lockdown practice drill in early March,  activity graphs show three weeks of increased Teams collaboration between staff – including audio/video conference calls, chats and screen-sharing.

lineal teams usage graph

We’re keeping things moving and continuing to support all our clients fully throughout the the Covid-19 lockdown; if you have any feedback or ways we can improve our service, please let us know.

 

For IT Support and technical expertise, please contact Lineal today.


Good News Stories You Might Have Missed

The world is on lockdown, but not all is doom and gloom – as people unite during a period that can only be described as one of the most challenging times we have faced in decades. Our ways of life have been put on pause, travel and holidays are no more; our freedom of movement halted.

But this is only temporary and there will be an end to this crisis. There is a global rise of togetherness and tough times don’t last – but tough companies do.

What good can come out of this chaos and uncertainty? There is hope: here’s some good news stories you might have missed:

Time is the greatest healer and as we have the time to reflect, appreciate the smaller things in life. Spend time with your children, your pets, your significant other – you may be with just them, for a little while. Take some time out to look out the window, if you go for a walk notice how spring is arriving.

One thing we don’t know is how long this will all last, all we do know is there will be an end – we’ll get through this and Lineal’s team are here for you when you need us.


Zoombombing Trolling Spreads

Zoom’s video-conferencing software has seen a surge in hacked video calls around the world, with a new phenomenon, ‘Zoombombing’, disrupting unsecured conference calls.

As large numbers of people work from home due to Covid-19, online trolls have begun searching for Zoom calls where meeting hosts have not passworded access or credentials are easily obtainable, and disrupting meetings with either audio or un-expected screensharing of inappropriate material to other attendees.

Zoom’s ease-of-use for beginners and freemium download option have proved popular in recent weeks with the platform surging to over 200 million users – a pattern also seen among similar conferencing platforms from Microsoft, Cisco, Google and others.

Cyber security experts have also highlighted the availability of automated Zoom-call hacking tools in the darker corners of the web – able to seek out conference calls without passwords for trolls to exploit.

Most experts believe Zoombombing intruders can be avoided with routine security precautions which should be taken by the host (and co-hosts) of any Zoom meeting.

In particular Zoom meeting hosts have been cautioned to:


  1. Set a unique, complex password for every Zoom meeting
  2. Generate a random ID for each meeting, try to avoid using your personal one. Zoom have published a helpful article on how to do this. 
  3. Not share screenshots of their meetings. (Even UK Government Cabinet Ministers’ accidentally publishing shared calls with visible meeting IDs recently. Don’t do it!)
  4. Avoid sharing meeting IDs on publicly visible social media or websites.
  5. Disabling screen-sharing rights unless needed via Screen Share > Advanced Sharing Options > Who Can Share?
  6. Enforcing Waiting Room prior to new attendees being permitted to join the meeting
  7. Lock Meetings once all attendees are present via Participants List > More > Lock Meeting

For Cybersecurity expertise & IT Support, please contact Lineal today


Keep calm and carry on

As more and more of us are starting to accept remote working as the new norm, it may still feel unnatural and difficult for those who have not experienced this before. Keep calm and carry on – Lineal are here to help.

Remote working out of the office or from home has increased by nearly a quarter of a million over a decade, according to the office of National Statistics.

We may have lost the face-to-face daily contact with our colleagues and friends, but this does not mean we cannot stay in touch easily and efficiently;

  • Through phone calls
  • Messaging
  • Video calls
  • Business platforms such as Teams

With the current global crisis, for most of us we may feel like we are in uncharted waters.   A lot of people have had to adapt to working from home, with no planning and little time to prepare for the change. There are many questions:

  • How do you set up a space where you can focus?
  • How do you stay connected when you can’t meet face-to-face?
  • Why does it feel like it’s never the right moment to take a break?

It’s inevitable that some employees will have questions and may struggle adapt.

 

So what have we learnt so far?  

Microsoft’s article – Making the switch to remote work – is an interesting read, with 5 lessons on how they have approached working from home, and ideas of how best to overcome common hurdles.  The current situation has compelled Microsoft to take a new look at everything from scheduling meetings to the way teams are managed.

In particular, protecting your employers and employees mental health is very important:

  • Check in regularly with your team members
  • Colleagues
  • Customers
  • Suppliers

Also check out: https://www.forbes.com/sites/onemind/2020/03/17/when-home-becomes-the-workplace-mental-health-and-remote-work/ to see what some of the experts in the industry highlight could be the key concerns and how to manage them.

 

So how do we make the most of working from home?

Routine is Key:

  • Wake up at your normal time, but enjoy a little longer to get ready.
  • Have some breakfast an extra cup of coffee, as you don’t have to face the stress of the daily commute – No traffic jams, public transport or queuing, bonus!
  • Then structure your day like you would if you were in the office.
  • Organise meetings, speak to your colleagues, call your customers and suppliers, adapt your ways of working.

Be productive and proactive, there are many solutions available to you, and Lineal are here to help, if you need us.

There are also various positives for remote working, both for the employee and the employer:

  • Increased productivity – working remotely increases productivity work that needs focus by 16 per cent
  • Higher morale – a study showed that those who work from home love their job more than those who work in an office.
  • Higher employee retention
  • Less stress – one in five employees say that juggling their work and personal lives is the main cause of stress
  • Some of us may be lucky enough to have some four-legged furry colleagues keeping us company instead on a day to day basis.

Keep calm and carry on, and if you have any IT concerns please contact the Team here at Lineal Software Solutions Ltd.


We’re with you

At a challenging time for many businesses and organisations, Lineal’s top priority is your business continuity.

We’re supporting a wide range of clients with some very similar queries – here’s what that looks like:

 

  • Will our staff still be supported?

Yes – all Lineal’s remote support will continue as normal, and on-site engineer visits to workplaces as scheduled, pending further guidance by the UK Government. We’ve successfully completed practice drills of our business continuity plan, and you can learn more about our preparations here.

As always, please contact [email protected] and 01271 375999.

 

  • Help! We need to work from home!

OK – don’t panic: try and make a quick list of everything you commonly need to work in the office. Then contact our IT support teams via [email protected] and 01271 375999

Cloud-based services such as Microsoft Office 365, G-suite and Dropbox should still work via your web browser as normal (but please ask if you run into difficulties.) However, if you have systems that are based at your workplace, you might need to ask Lineal for a VPN in order to gain remote access (see below.)

Check out our tips for happy remote-working here, and some great deals for remote workers here.

If you have a Gamma Horizon phone system, we’re offering several months of free Gamma Collaborate licensing to extend your phone system to mobile/desktop devices – to support remote working. Please let us know here.

 

  • Can you help me set up a VPN?

Yes – as you might expect, this is currently our most requested support ticket type! Please speak to your support team via [email protected] or 01271375999.

 

  • How do I access ___[system]___ or line-of-business applications.

The answer to this will vary depending on the system, the security permissions at your company, and where it’s hosted – please speak to your support team via [email protected] or 01271375999.

 

  • Are Lineal extra busy?

Yes – our call and support ticket volumes have increased around 30% over the past two weeks, however these are still at perfectly manageable levels.

 

  • How do I set up my desktop PC at home?

We can walk you through ‘which-cable-goes-where’ if you’re unsure, but if your work-now-home-PC isn’t configured how it normally is in the office, please just speak to our support teams for remote assistance: [email protected] or 01271 375999.

 

  • Why might I need a ‘VPN’?

A Virtual Private Network gives direct access to your workplace network from home. If you have technology which is only available in the office (eg: an accounting database or CRM system based on your own server) these won’t be accessible outside without first connecting via a VPN.

If you have cloud-based services such as Microsoft Office 365, Dropbox, G-suite, webmail, Salesforce or other online services, these should be available through your browser as normal.

 

  • Help! I can’t buy ___[hardware item]___ anywhere!

You’re not alone: we’ve seen stocks of laptops, convertibles, power cables and others run low from many UK suppliers. If you’re having trouble sourcing something, please contact us via [email protected] for a quote, and we’ll do our best to find your request direct via distributors.

 

  • I think ____[service]____ is down, but maybe I’m just confused. How do I tell?

It’s first worth heading over to DownDetector.com to see if there are issues reported with major UK providers, such as mobile networks, cloud services and broadband ISPs. If you’re unsure, please speak to our support teams.

 

  • Will the internet/service_x fail due to high demand?

No, but we do all need to act responsibly. Much like with supply chains and emergency hotlines, capacity needs to be used sensibly by everyone.

Please don’t stream 4K or High Definition video unless it’s really necessary, and expect some of the bigger cloud computing providers, like Microsoft and Google, to dial down the responsiveness of some connectivity-intensive bonus features to help accommodate the extra computing demand around the world.

 

  • How do I use my work phone system remotely/from home?

Depending on who maintains your phone system, you might need to speak with your provider for either remote access or call re-directs.

If you have a Gamma Horizon phone system provided by Lineal, we’re offering several months of free Gamma Collaborate licensing to extend your phone system to mobile/desktop devices – to support remote working. Please let us know here

 

For IT Support & technical expertise, please contact our team today.


Lineal join Omnis for Web Engineering Day

Members of Lineal’s Software Development Team were recently invited to join the Omnis Software Engineering Team for a special 2-day visit focusing on development work regarding web features within SQLWorks.

Software engineers from both companies focused the dedicated day on the implementation and deployment of Lineal’s recent online work including business-to-business (B2B) trade ordering portals and online user survey systems.

The SQLWorks Team at Lineal wanted to thank the staff at Omnis for being excellent hosts and helping to craft an extremely useful and informative visit.

Omnis Software recently celebrated 40 Years in the industry, having been founded in 1979 by Blyth Computers Ltd. Co-founder Paul Wright.

Omnis technology has underpinned Lineal’s SQLWorks Business Management Software (integrating accounting, stock control, CRM and manufacturing) since the early 1980s. Lineal’s Managing Director Mike Matthews is a part of the international Omnis Technical Committee, and Lineal staff regularly help coordinate and take part in EurOmnis, the international Omnis software developer conference.

 

For Software development advice and expertise today, please contact our team today.


Gamma Roadshow 2020

We recently attended the 2020 Gamma Communications Roadshow at Stamford Bridge – hearing the latest business telecoms and technology trends from across the UK. But what do businesses need to be aware of?

 

Clock Ticking for ISDN

BT will officially turn off all ISDN services by 2025, with the ‘stop-sell’ order coming as early as 2023.

With UK businesses just getting used to putting ‘2020’ on paperwork, this is no longer a drill – if your phone system uses ISDN, your business needs to begin preparing to switch to a digital services such as SIP or better still, a hosted VOIP platform.

There are perhaps as many as 1.5 million ISDN channels still in use by businesses across the UK. Gulp.

 

Ultrafast Fibre Rollout Gathers Pace

Superfast broadband (‘Fibre to the Cabinet’ or FTTC) prices are falling all the time, but the big story of the decade is likely to be the steady roll-out of ultrafast ‘Fibre to the Premise’ to many more businesses – to around 40% availability over the next few years.

Salisbury is the first single-year rollout ‘test’ area trialling complete fibre infrastructure (booking a new copper line in the Salisbury area is likely to be rejected).

Interested in fibre for your area? Perhaps you should speak to your friendly neighbourhood IT provider…

 

Not all 5G is born equal

We’ve known for a while how the smallest of the UK’s four mobile networks (Three Mobile) is arguably in the best position to deliver data, although it’s now becoming clear Three has an enviable technical advantage over some of the other major providers – and is even using the cheeky marketing slogan: ‘If it’s Not Three, It’s Not Real 5G’.

The reserved spectrum range favours Three to such an extent that EE/BT, O2 and Vodafone have all submitted strongly worded complaints over preferential access. Gulp.

 

Microsoft Teams Telecoms Emerges

Among Gamma’s most exciting news was the announcement of a Direct Call Routing service for Microsoft Teams – which effectively plugs into the back of Teams and Microsoft’s ‘Phone System’ PBX add-on, to turn your Microsoft Teams software into a fully fledged business phone system.

teams phone

Until now Microsoft’s Teams platform has been a strong option for video/audio conferencing, screenshare, instant messaging and collaboration – but have always lacked the more robust business call-handling feature-set of true phone systems, or suffered from a shortage of physical handsets. With both of those challenges solved by Gamma and the Teams app available on a variety of devices, it’s easy to imagine Teams phones appearing on desks.

Direct Routing for Teams is expected from April 2020. The final pricing is likely to be somewhere in the region of between £15-25 a month per user (including Microsoft Office licensing) – finally unifying telecoms under the same single user account as Microsoft Office 365 hosted email, files storage, office apps and collaboration software. Watch this space.

 

For communications services and expertise, please contact our team today.


Lockdown: How Lineal ran a full 24hr Quarantine Drill in Secret.

Edit: This article was originally published a few weeks before the first national UK COVID lockdown, 2020 – and has been left in its original form.

 

“All Staff Meeting” it said in the diary, and that was unusual. While both Lineal’s technical and non-technical teams meet regularly, it is rare that they are all required to gather at once on a Monday. Something was up.

“Tomorrow…” announced Mike, “… you’re all going to work from home. Lockdown: you have two hours to prepare.”

Tuesday 10th March would be a complete quarantine drill day. Staff would attempt to replicate everything Lineal does while working remotely – from home in most cases, but in physical isolation from each other. The scenario would be a practice run for either a coronavirus isolation scenario, or a catastrophic on-site evacuation incident such as severe flooding.

We would be permitted to visit clients if required, make preparations for home working, and to remove any equipment we might need from Commercial House in advance – providing we did so within the 2 hour advance warning period.

The business operations of our clients would remain critical throughout, so everything would need to operate as normal, with the quarantine remaining effectively ‘secret’.

lockdown meeting

(Lineal staff first begin finding out about the quarantine drill. Approx. 1430hrs Monday.)

The problem with working in a technology business is that you rely on a lot of technology. Two hours isn’t a long time to coordinate twenty-six people, so putting Lineal’s Business Continuity Plan into practice isn’t as easy as asking if everyone has memorised the document.

First: untether from the desk. Staff without laptops would need to be issued them quickly, and everyone remove their device from the building. Fears of a burgeoning black market in charging cables proved unfounded, and by late afternoon everybody had what they needed.

 

“.. those who have had close contact will be asked to self-isolate at home for 14 days from the last time they had contact with the confirmed case ..”

(Gov.uk, “COVID-19 Guidance for Employers and Businesses”)

 

Web-based and other cloud services such as Microsoft Office 365 would be accessed over home broadband connections, with the same security controls as staff normally use while remote working.

lockdown

Good luck everyone!

As always, IT Support engineers would depend on remote assistance software to help end-users, and need to ensure good communication at all times. Throughout the process, staff were encouraged to note their experience of the experiment and highlight issues for review.

Secure access to Lineal’s internal networks, and all the systems that sit behind it, would be granted to our team via a secure Virtual Private Network (VPN).


Top tip #1: Familiarise yourself with the mobile hotspot on your smartphone, because the 4G connection is a useful way to test that your VPN will connect successfully, before actually leaving your place of work.

 

Tuesday Morning


Everyone was connected remotely to all our business continuity systems, which granted access to Lineal’s in-house telephony, shared workspaces in Microsoft Teams, and SQLWorks business management software.

Without a physical desk phone at home, staff would instead use a desktop softphone on their PC, continuing to handle and transfer calls exactly as before – relying on status indicators to gauge each other’s availability, similar to how they would with their existing desk phone.

lockdown softphone

Microsoft Teams would permit instant message and document sharing – and facilitate video conference calls and screen-sharing with clients who were often otherwise unaware that Lineal’s offices had gone dark for the day. Teams rapidly became the preferred method of quick communication between individuals or small groups – with a rapid problem-solving chatter sitting below the level of email.

Incoming and outbound call volumes were actually slightly higher than usual, as staff continued not just taking customer calls, but calling each other more regularly due to the lack of physical proximity. The relative ease through which individuals would usually interact was replaced through Teams, and more conference calls, later reflected in higher Teams user activity.

lockdown microsoft teams user activity graph

Lineal Microsoft Teams User Activity: 3rd – 10th March

 

Top Tip #2: To enable full home-working, you need not just a unified communications tool, but more call volume ‘capacity’ than normal.

 

Full remote-working is an interesting exercise because it forces your team to reconsider elements of the operation everyone takes for granted. For example, our teams regularly make use of meeting rooms and spaces at the Lineal office in order to work on projects and meet with customers.

In a geographically distributed “virtual” world, these meetings need to take place in different ways. Generally, tools like Teams make an excellent substitute and the result is a far more focussed experience which achieves the shared aims of the meeting, but with slightly less social interaction than you would expect when meeting face to face.

lockdown call volumes graph

(Business as usual, with rising call volumes)

Although the practice of full home-working is dramatically easier than it once was, and potentially hugely cost-saving, several staff reported feeling a little isolated. We’ll be incorporating all our staff’s feedback into our Business Continuity planning, and continue to make improvements.

 

How to Plan:


Have a Plan Saved in your email drafts – detailing what needs to happen in the event that a significant number of staff need to be sent home. Worry about things in this order:

 

1. Basic Connectivity & Communication

How will your staff connect to your IT remotely, and how will they communicate with each other. The checklist runs as follows: hardware, cables, broadband and communications tools. These are the most fundamental tools for both work, and circumventing any other problems your team encounters.

 

2. Access to Work Files

In the short term, staff otherwise isolated from systems can still process documents productively – If you’ve moved to Office 365, G-suite or cloud-storage platforms like OneDrive or Dropbox, this should be easiest workplace task to provide access for.

 

3. Access to Databases

Operating cloud-based? That will help. However, remotely connecting to non-cloud, ‘on-site’ systems such as accounting, stock control and other vital software will rely on external access to your network – for example via VPN.

This is likely to be unfamiliar to many end users used to working from the office – start with the users that most need it for the continued operation of the business, such as mission-critical staff or more senior accounting managers.

 

4. External Permissions

What systems do you need access to that are operated by third-parties. Remote equipment? Agency resources? Supplier portals? If these are web-based they may be accessible from anywhere, but make sure this is the case. To dramatically simplify this one, don’t run an IT company!

 

5. Support Structure

If you’ve never worked entirely from home before, it can feel strangely isolating. Guidance from NHS England currently states coronavirus self-isolation should last as long as two weeks, so check regularly that your team are coping OK. Encouraging emails, chat channels, funny gifs, team calls and the like are more important than you might think.

 

***This page will be updated with links to new guidance, as required.***

 

For business continuity technology and expertise, please contact Lineal today.


Supporting Hidden Talents

Lineal’s Managing Director Mike Matthews recently spoke to more than a hundred business leaders who gathered in Tiverton and at Haldon racecourse near Exeter for ‘Purple’ disability employer conferences.

Organised by Be Ready Employer Hub, the event focused on the business benefits of employing hidden talents staff and those with disabilities or long-term health conditions.

Lineal benefits from the contribution of our hidden talents staff and were asked to talk about their work, our experience of both mistakes and successes, and the importance of building a supportive working environment.

Invited as a guest-speaker, Mike’s case study included the story of Lineal Software Developer Reuben Winsor, who won the 2016 Pluss SouthWest ‘Achiever of the Year’ award for his progress.

Ready Devon is supported by Devon County Council and the Department for Work & Pensions – providing disability awareness training, guidance for employers, networking and access to partnership organisations.

Be Ready can be found online here, via LinkedIn here and on Twitter @BeReadyHub.


New supercomputer that can forecast the weather worth £1.2 billion!

The technology in the world has advanced that a new supercomputer has been built to forecast, the clement and the weather for airports to see when incoming storms are coming in. It’ll collect mass amount of data to help predict storms, floods and changes to the global climate.

With the government saying it’s the year to change the world and of climate action with this new supercomputer, they’ll be able to make a change to the world and make it better for everyone stopping floods and storms without any preparation.  The government will be making even more upgrades to the computer at the end of 2022.

With technology over the last 30 years getting better, it’s easier to measure the weather forecast as the capacity of data being transferred faster and more at a time.  It’ll also be better for the UK as its going to increase the capability of the UK data storage and transfer speed, this will increase broadband therefore faster Wi-Fi.


BT to charge for unrecycled broadband routers

New customers will face a fine of up to £50 if they decline to return their BT router at the end of the contract, British Telecom have announced.

BT operates a scheme to recycle old routers, which will soon become compulsory, in an effort to reduce electrical waste and cut the volume of unrecycled broadband routers being sent to landfill.

Customers may voluntarily return their old router by following the instructions published here.

Entry-level Broadband routers from many major providers are locked to a single Internet Service Provider (ISP), which often causes spare routers to pile up in cupboards when customers switch broadband supplier.

The move follows a pattern of UK companies trying to bolster their green credentials, in the wake of Extinction Rebellion and other environmental movements gathering increased public support.

As subsidiaries, the BBC reports that the scheme will also ‘eventually’ apply to EE and Plusnet broadband customers.

Increasing numbers of local councils in the UK now offer direct recycling of small electrical items, reflecting a noticeable rise in the value of copper and other useful materials – giving home users few excuses not to attempt to recycle their old router.

 

For IT support & expertise – please contact our team today.


Lineal Welcomes Chancellor

Lineal Software Solutions Ltd. recently welcomed Chancellor of the Exchequer Sajid Javid MP to Lineal’s Barnstaple Offices to tour our operations and see our technical work.

Visiting with North Devon’s new MP Selaine Saxby, Mr Javid toured Lineal’s different departments and had chance to meet technical staff in a number of different roles (and enjoy a cream tea!)

Considered one of the most senior Cabinet positions, the Chancellor is responsible for financial and economic matters at the Treasury. A former Managing Director at Deutsche Bank, MP for Bromsgrove, Culture Secretary and then Business Secretary, Javid is the first British Asian to hold one of the Great Offices of State.

lineal sajid javid

For IT Support and technical expertise, please contact our team today.


Critical Security Flaw Found in Firefox

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have advised all Mozilla Firefox users to urgently update their browser versions, following discovery of a vulnerability that grants potential access to the operating system.

The unusual warning comes after Mozilla itself admitted being aware of ‘targeted attacks in the wild abusing this flaw.’

Security loopholes in major platforms are usually closed before criminals are able to exploit them on mass, but this latest admission raises the ‘security advisory’ notice to ‘critical’ status.

Users should upgrade their browser to at least version 72.0.1 on PC/Mac – mobile versions are thought to be unaffected.

  • To upgrade on PC, open Firefox and click ‘About’ and select ‘Restart and Update Firefox.’
  • To upgrade on Mac, open Firefox and click ‘Options’, ‘Firefox Updates or Options’, ‘Advanced’, ‘Update to update Firefox.’

Discovered by Chinese security company Qihoo 360 just two days following the release of Firefox’s previous update, the US Government ‘encourages users and administrators…. To apply the necessary updates.’

 

For IT Support and cybersecurity expertise, please contact Lineal today.


Lineal Wins Tech SW Award

Lineal Software Solutions Ltd recently won a Tech SW award at the 2019 Tech South West Awards.

Held at the Exeter Mercure Rougemont Hotel, the Tech South West Awards recognise technology excellence across the wider South West region of Bath, Bristol, Cornwall and the Isles of Scilly, Devon, Dorset, Gloucestershire, Somerset and Wiltshire. Awards celebrate talent, creativity, business success, education, leadership, diversity and more.

Each ‘Cluster’ Award celebrates fantastic organisations and technical initiatives across different parts of the South West. This could be a company achieving fantastic growth, an organisation or partnership delivering a big positive difference to their community, a learning initiative, innovative programmes, novel ways of encouraging and celebrating tech heroes, diversity, best practice or local tech successes.

This year Lineal won North Devon’s Cluster Award, and also narrowly missed out on winning ‘Tech Company of the Year (Revenue under £5m)’.

Managing Director Mike Matthews and Naomi Williams (Business Development) were proud to collect our Tech SW award, and our glass trophy now enjoys pride of place in our office!

“We were honoured to be the recipient of one of the first Tech SW awards” explained Mike: “It’s a real endorsement of our team’s hard work and our commitment to delivering brilliant technology solutions for businesses and organisations across the South West.”

Lineal will continue to grow and develop – we look forward to next year’s Tech SW awards, which you can learn more about here: https://www.techsouthwestawards.co.uk/


How secure is your password?

How secure is your password?… One of the biggest reasons for security breaches is weak passwords.  People often choose passwords that are too short.  Regardless of how tedious it seems, make it a point to update your passwords regularly; use upper and lower case letters along with symbols and numbers.

The key measurement of password security is entropy. This, in computer science terms, is a measurement of how unpredictable a password is, based on how long it would take an attacker to work it out by making a guess at each character.  As a standard, longer passwords are by definition more secure and harder to crack.  In the table below you can see how shorter/easier passwords, are quicker to crack.

Password strength

What should a password look like

Strong, secure passwords have a lot in common; they are usually long, unique, random and involve a mixture of lowercase and uppercase letters as well as special characters and numbers.  Trying to create passwords that comprised of all of these aspects, can sometimes be challenging.

Most insecure passwords are the result of our human behaviour. People do a lot of very predictable things and in general find it difficult to be random, especially when they are actively trying to be.  For instance putting special characters only at the beginning or end rather than mixing them up in the middle, or using common phrases and keyboard patterns.  So that we can remember we often try to use memorable pieces of information but we should always, where possible, avoid clues and references to our personal lives.

Where can I go for advice

There are many articles online to help assist with what a strong password looks like.  At a recent event Lineal ran with the South West Police Regional Cyber Crime Unit, which focused on cyber security, password strength was highlighted as a high risk for many businesses and individuals.

To find out more, or if you require any help with ways to help protect your business, please contact the IT support team at Lineal.


Lineal Hosts SW Police Cybersecurity Workshop

Local businesses recently gathered at Barnstaple Library for a special cybersecurity workshop organised by the South West Police Regional Cyber Crime Unit and Lineal Software Solutions Ltd.

Thirty participants from firms across the South West took part in a series of lego-based group exercises highlighting key concepts in cybersecurity, as they sought to protect a fictional utilities company from attack by common real-world cyber crime.

The winning team defended their company by spending their budget on the correct countermeasures at each stage of the exercise, and strategically limiting the damage from any breaches in security.

The South West Regional Organised Crime Unit (SW ROCU) is one of nine regional units across England and Wales that delivers specialist capabilities to target and disrupt serious and organised crime. Designed to raise awareness of coordinated digital threats, the cybersecurity workshop session is part of a new educational initiative being run by the Police right across the region.

Group exercises were followed by a short Q&A including advice for businesses on related topics including network best-practice, password policy, physical security, and the Government’s new Cyber Essentials certification.

Lineal’s Head of Technical Services, Matt Norris, explained: “We were to delighted to be able to organise the Cyber Crime Unit to run this very special workshop for local companies: we see cyber attacks becoming ever more sophisticated, and the SWRCCU takes a really positive and constructive approach to educating business owners about how to protect their organisations and employees.”

“Many businesses struggle to grapple with cybersecurity, but help and expertise is accessible.”

 

You can learn more about the South West Police Regional Cyber Crime Unit’s and their educational work across the South West online here.

For IT support and cybersecurity expertise, please contact Lineal today.


4 Ways Email Filtering Rescues Your Inbox

Email remains a, if not the, key threat vector for protecting organisations from cyber crime – with around 90% of cyber attacks beginning by compromising an unsuspecting user via email.

Today we take a closer look at some of the clever tricks of Barracuda’s email filtering & security service, and why the small investment to protect your inbox  is worth it:

 

Attachment Scanning

In addition to profiling every email which passes through its live email filtering service in seconds, Barracuda scans each email attachment for signs that the contents might be malicious.

As cyber criminals begin to use more sophisticated means, it’s worth implementing this to prevent macro-enabled office documents, infected PDFs and similar file download tricks from catching out users who might be curious to open a dangerous attachment.

 

Outbound

Barracuda email filtering scans not just incoming, but outgoing emails from your hosted mail service or mail server, ensuring not only that your clients are protected from suspect emails, but that staff cannot circulate threats further within your organisation.

Anybody familiar with being caught in a reply-all ’email storm’ knows how quickly bad email can spread internally – be part of the solution yourself, not the problem.

Email Spooling

In the event that your email service falters, clients quickly begin receiving bounce-backs, which leave a poor impression of customer service.

This is avoidable – routing via Barracuda’s email servers, emails will temporarily ‘spool’ like planes stacking over an airport, ensuring onward delivery later when the service comes back online. This ensures any unfortunate interruption to communications is not immediately visible to your clients.

 

Long Term Recovery

Hosting your email in the cloud with Microsoft Office 365? Everything is backed up in the cloud, correct? Not quite – even Office 365 has a 30-day recovery period on deleted email, and emails can ultimately only be restored individually.

This retention period can be longer, or even unlimited, with Barracuda email backups, making sure that emails can be recovered long after staff have deleted them, accidentally or otherwise.

This extra silo of automated email backup protects not just against employee negligence or malpractice, but also common digital breaches such as compromised accounts.

 

For cyber-security and IT expertise – please contact our team today.


macOS Catalina Released

Apple have released MacOS Catalina, 2019’s update to the Mac’s leading operating system.

Catalina introduces a number of new features, including ’Sidecar’ dual display, new media systems, Mac Catalyst for developers and Screen Time activity monitoring.

Although we say it every year, the endless march towards a unified Mac/iPad operating system feels another step closer: macOS Catalina introduces ‘Sidecar’ – which allows an iPad to be the secondary monitor for your MacBook. In addition to being a smart productivity trick for those needing extra screen space, the iPad is able to perform new functions such as an extra high-resolution display for those with impaired vision.

MacOS Catalyst, released in the latest version, also makes it easier for app developers to publish their apps across both MacOS and iPadOS operating systems, with the implication being that Apple see the devices as very much part of the same software universe.

Apple have shuffled their media services options around this year – replacing iTunes with new services named Apple Music, Apple Podcasts and Apple TV. In addition, the new Apple Arcade gaming subscription service has been launched, with a fixed-subscription service for an unlimited package of games.

Screen Time introduces activity monitoring, with either productivity or parental control clearly in Apple’s sights. Downtime allows users to share time away from the screen, categories or individual apps, and includes shared visibility across multiple apple devices.

As always, it’s worth waiting a short time for others to discover any early release-bugs in the new operating system update, before updating promptly.

 

For Apple device expertise and IT Support, please contact our team today.


Free Charity Microsoft 365 for Nonprofits

Microsoft are offering an initial ten free Charity Microsoft 365 licenses for Nonprofit organisations.

Microsoft 365 allows users across an organisation to work more flexibly, collaborate on shared work and maintain an ‘always-up-to-date’ software base across a charitable organisation.

The flagship ‘Microsoft 365 Business’ cloud IT bundle, which normally retails at £15.10+VAT per user per month (Or £3.80+VAT per month for NonProfits) includes everyone’s favourite Microsoft Office 365 apps such as Word, Excel, Powerpoint, Outlook and more. 50GB of Exchange Online email hosting per user is also included as standard, with 1TB of cloud OneDrive storage, and Windows 10 Pro licensing for each user’s device, packaged with a host of organisational security features.

Lineal’s Head of Technical Services Matt Norris explained: “This is a super offer which we’re expecting to do some real good in the Charitable sector especially – and hopefully nonprofits will snap up their free Charity Microsoft 365 licensing while it’s available. Office 365 makes flexible working and collaborative projects much easier, advantages that we know are a key concern for many in the voluntary sector.”

Interested in this offer for your organisation? Please click here.

 

Lineal are a trusted Microsoft Gold Partner, click here to learn more about Microsoft Office 365 cloud working.


Lineal Shortlisted for Tech Company of the Year

Lineal Software Solutions Ltd. have been shortlisted for Tech Company of the Year (Revenue under £5m category) in the Tech South West Awards 2019.

The Tech SW Awards recognise the work of the region’s best technology firms, from Bristol to Land’s End and beyond, in making the Westcountry the home of a vibrant, skilled and thriving tech sector.

Mike Matthews, Lineal’s Managing Director explained: “We’re delighted to be shortlisted for the Tech South West awards – it’s a real recognition of our team’s hard work, creativity and dedication to be ranked among the best in the region.”

“2018-19 has been really quite something for Lineal. We’ve opened new premises, taken on bigger projects than ever before, expanded our product offering to new areas, and signed a diverse range of new clients.”

“It’s fantastic to make it through to the final round of this prestigious award.”

Tech South West exists to champion excellence among tech companies, and make the South West a hub for technology and innovation.

The awards will be presented in a special ceremony at Exeter Castle on Wednesday 27th November – a full shortlist of nominees and categories has been published on Tech South West’s website, here.

 

awards


Office 365 Dark Mode Announced

Microsoft have announced dark mode for Microsoft Office 365.

Dark mode will extend muted and low-light colour schemes across Microsoft’s suite of Office 365 apps, and across Office.com, beyond the Outlook dark theme introduced last Summer. The improvement comes just in time for the newest releases of iOS and Android smartphone operating systems.

Adding low-light themes has become a popular addition for the major tech players in recent years – with Apple and Microsoft making significant strides in adapting their operating systems to be easier to use after-hours.

Office 365’s development team point to the changing nature of work: that office users increasingly use battery-dependent devices (such as laptops, tablets and smartphones) that need to conserve power, over desktop PCs with fixed power connections.

Today’s workforce is much more mobile, often working from home at night, in shared office spaces or even darkened aeroplanes – and are more aware of the health dangers of eye-strain and sleep deprivation that can be caused by unnaturally bright screens.

Instead the focus is on a more ‘relaxed’ viewing of Office 365, with Outlook even able to automatically able to switch to dark-mode depending on the hour and date dynamically, or when the user has enabled battery-saver.

Dark Mode is expected to roll-out to Office 365’s 200-million users in coming weeks.

 

Lineal are certified Microsoft Gold Partner – for Office 365 expertise, licensing and support, please contact us today.


iPhone 11 Set to Launch

Apple have officially announced their expected launch event for the iPhone 11, for Tuesday 10th September 2019.

The invite, issued ‘By Innovation Only’ doesn’t give much away about what we can expect to see, although Apple devotees have noted the similarity between the glassy colouring of the teased Apple logo and the original Apple Emac’s famous colourful style from the early 2000s.

Rumours circulating online suggest Apple may be planning multiple iPhone 11 models – with square multi-lens camera clusters and glassy coloured casings, photos of the materials or which were leaked online in May.

Remaining releases are likely to be mainly iterative, including iOS 13 for iPhone, iPadOS and even WatchOS 6. MacOS 10.15 Catalina is also expected to be a key part of Apple’s showcase.

The tech giant is likely to see the iPhone 11 announcement as a chance to help reverse hardware sales trends – which Apple now curiously no longer publishes in full, asserting that devices sold is ‘less relevant today than it was in the past’ a likely marker of the iPhone market slowing down as consumers hang on to their devices for a longer replacement cycle.

Apple is also expected to launch it’s own gaming service, dubbed Apple Arcade, as an online subscription service akin to an iTunes for gaming – just one example of how the company is increasingly re-focusing its efforts on premium service offerings, rather than luxury hardware.

 

For Apple hardware, expertise, accessories and support – please contact our team today.


Are passwords doomed?

Reports of the death of the password may have been greatly exaggerated in the media: from the suggestion that passwords are the ‘weakest link’ in the cybersecurity chain, to the notion that humans are so bad at using them, that it’s time the technology industry saved us from ourselves.

But is it true; are passwords doomed? Enter the FIDO2 Project – a fascinating effort to ‘Move the World Beyond Passwords’ led by the FIDO Alliance industry association and World Wide Web Consortium.

Headlines aside, FIDO2’s aims are ambitious: to replace passwords with a flexible device-based authentication standard that allows users to log in via biometrics or temporary security keys.

Unique to each website, not stored centrally and not transmitted, FIDO2 argue this standard naturally scuppers phishing, password theft and replay attacks – and introduces some privacy advantages sure to woo even ardent digital rights activists: such as the inability to track users between sites.

While still technically possible, cheating biometrics requires the kind of preparation not common to everyday opportunistic cyber-criminals.

The big players are taking note: Google plans to ‘begin’ retiring passwords for Google services accessed via biometric enabled smartphones (such as those with fingerprint scanners) and Microsoft is planning similar changes to apps in Windows 10; even talking of a ‘passwordless world‘ via Windows Hello that extends facial recognition. Apple have been publicly heading down this road for a while now – with ‘FaceID’ facial recognition introduced for recent generations of iPhone and iPad, as well as Apple Watch device-led unlocking for your Mac.

Apple’s efforts to prove that the iPhone stores only a ‘mathematical representation’ of the user’s face also suggests that they’re preparing to defend a policy of extending FaceID further at the expense of passwords, even in an increasingly privacy-conscious World.

Users may of course find the a world without passwords a little disorientating to begin with – although not forever, if the replacement technology proves more convenient.

Password keeper apps (such as the excellent 1Password) have become an interesting half-way house to a more secure password future – where the password manager retains a set of passwords behind a strong keycode, in an encrypted form. The password manager may also perform other useful functions, such as warning the user where passwords overlap, allocating different password access permissions to different people within a business or organisation, or auto-filling in common web browsers.

The adoption of password managers may reflect a coming time where users continue to ‘use’ passwords, but without engaging in the process of recalling or typing the password. It may not be passwords that are doomed, but the user’s traditional interaction with passwords.

Are passwords doomed? A few potential futures emerge: one where passwords exist but are used less directly by users, where passwords are relegated to a secondary security measure of questionable usefulness, or most radically, where passwords are replaced entirely.

 

For cybersecurity and IT expertise, please contact our team today.


5 Cool Tricks for Microsoft Teams

Office 365’s Microsoft Teams has grown and grown to become far more than a simple work chat or video conferencing app.

As new features are added to the collaboration suite all the time, you could easily miss the best of the new updates – so we’ve collated some of the most interesting cool tricks for Teams:

 

Blur background

Homeworking? Taking an important video call with a less than formal background? Unless you want to end up in a viral video clip like BBC commentator Professor Robert Kelly, Teams has got you covered with simple controls to mask your immediate surroundings from a video call.

With a simple toggle, Microsoft Teams will detect your face in the foreground and blur the remainder of the screen, to spare everyone the embarrassment of your favourite coffee shop or messy home office.

Teams background blur

 

Screenshare to Mobile

Teams has had the ability to optionally share your screen with other attendees in the same meeting for some time, choosing to show either the whole Windows desktop or restricted to a single window (such as a presentation.)

However, Microsoft have also recently added this feature for iOS/Android, allowing attendees to enjoy the full Teams experience on the move.

Teams Screen Share Android

Viewing a desktop on a mobile can be an eyesight challenge, although it’s especially handy to be able to view a shared Powerpoint presentation in Private mode – and skip back through slides without interrupting everyone else’s flow.

 

Join by proximity

Join by proximity allows Teams to detect meeting that’s physically located nearby. This seems like a peculiar idea to begin with, but is actually designed for more open ‘meeting’ situations – such as conference venues or hotdesking environments: making individuals’ screen space as collaborative as the room itself, or extending a spontaneous group meeting into a virtual one.

Teams Join by Proximity

Teams will prompt within the meeting room lobby if any existing rooms are available nearby via Bluetooth, allowing the user to apply to join the meeting with audio muted, and without an original Teams invite. The meeting room organiser must accept via a Meeting Room control unit for security reasons, to ensure only welcome attendees join the meeting room.

Proximity join is available from May 2019, including on mobile versions of Teams.

 

Integrate Interactive Tabs

One of the best untapped features of teams is the ability to add custom tabs (click ‘+’) into each chat channel which allows for the creation of something entirely custom.

Among our favourites are embedded maps, OneNote notebooks, diary, Sharepoint files, and Microsoft Power BI’s impressive data visualisations.

Of course, Channel admins can also add from a category simply marked ‘website’ – via which any responsive web service with a valid SSL certificate can be deployed neatly through teams for the look-and-feel of a more integrated desktop.

Teams Add Tabs

 

Get Notified of Availability

Status indicators mean its easy to tell if a contact is unavailable to chat, but right-clicking on a contact now offers a handy ‘Notify When Available’ option which performs the basic requirement of call back – allowing Teams to prompt you of contact availability the best time.

Teams Notify Me

Microsoft Teams is available with Microsoft Office 365 Business Essentials licensing and above.

 

Lineal are a Gold Microsoft Partner – for Microsoft Office 365 support, licensing and expertise, please contact our team today.


Zoom in hot water over Mac webcam exploit

Apple have issued a silent update for video conferencing software Zoom, following discovery of a major webcam security vulnerability affecting Mac users.

Zoom issued an emergency patch for the problem two days ago – in a rapid response Apple was still concerned might not reach enough users.

The controversial web server installation – originally designed to save Mac-based Safari web browser users from additional clicks and make video conferencing easier to use, was shown to create a potentially serious vulnerability whereby Zoom calls could be launched from any website with the camera turned on.

In bizarre scenes, technology journalists researching the problem were even paired up in video conferences with other unknown individuals doing the same.

Believed to put at risk more than 4 million webcams globally, the zero-day exploit was discovered by security researcher Jonathan Leitschuh – who originally gave Zoom 90-days to resolve the issue prior to publication.

zoom tweet

Leitschuh has since praised Zoom’s willingness to do a public ‘about face’ with the emergency patch, and Zoom’s CEO taking direct video calls to discuss the problem.

Nevertheless, Apple’s decision to step in to protect Mac users remains an embarrassment for the previously very successful video conferencing solution.

Additional problems include Mac versions of video conferencing software which use Zoom’s underlying services for white-labeled video calling – such as Ringcentral.

Instead of patching the problem, Zoom’s permission to turn on the webcam can also be disabled manually, via Settings > Video > ‘Turn Off My Video When Joining a Meeting.’

 

For software expertise and support, please contact Lineal today.


The power of mac taken further with macOS Catalina

Due out this Autumn (2019) is macOS Catalina – Apple’s latest new operating system for the Mac range.

MacOS Catalina is currently in Beta, so it’s unclear exactly how the final update will look. However it appears once again that Apple are increasingly blurring the boundary between Mac and iPad, as well as doubling-down on a rich media experience:

…MacOS Catalina gives you more of everything you love about Mac. Experience music, TV and podcasts in three all-new Mac apps. Enjoy your favourite iPad apps now on your Mac. Extend your workspace and expand your creativity with iPad and Apple Pencil.  Discover smart new features in the apps you use every day.  You can now take everything you do above and beyond.  With macOS Catalina, the apps you love are now more beautiful and intelligent making your everyday tasks easier than ever.”

Apple’s decision to replace iTunes also receives its own sales pitch as part of the new operating system’s roll-out:

… iTunes forever changed the way people experienced music, films, TV programmes and podcasts. It all changes again with three all-new, dedicated apps — Music, Apple TV and Apple Podcasts — each designed from the ground up to be the best way to enjoy entertainment on your Mac. And rest assured: everything you had in your iTunes library is still accessible in each app. iCloud seamlessly syncs everything across your devices — or you can back up, restore and sync by connecting the device directly to your Mac.”

In addition, some of macOS Mojave’s ‘focus’ tools are being extended, in the hope of making your Mac use more productive – in addition to advanced voice control.

… macOS Catalina brings all your favourite Screen Time features to Mac, giving you greater insight into how you’re spending your time. Monitor usage, schedule downtime, and set limits for both apps and websites across all your devices. Enhanced security features better protect macOS against tampering, helping to ensure that the apps you use are safe, giving you greater control over access to your data, and it’s even easier to find your Mac if it’s lost or stolen.”

Apple is expected to release macOS Catalina free of charge to all users, and is currently in a testing phase. We do not recommend Apple users seek to move to Catalina just yet, as final version bugs may still be identified during the public beta.

 

For Apple hardware, expertise and support, contact Lineal today


First Look: New Polycom VVX450

Communications giant Poly (nee ‘Polycom’) have launched their new VVX450 series phone handsets – and our team at Lineal have taken it for a test drive.

On first impression, the new handset is exceptionally eye-catching – the square design certainly feels modern and cutting-edge, if a little serious. All the controls will feel very familiar to users of the very successful VVX410 and VVX411 handsets, but the phone’s 4.3″ full colour screen is the most dramatic improvement – with a wider display and higher definition that appear much sharper.

Much like the VVX411, the menus and buttons are simple and intuitive – continuing the same focus on ease-of-use that has seen Poly sell VVX phones in the hundreds of thousands across the UK, into a very diverse array of business sectors.

We were particularly impressed by the speakerphone. Polycom have cranked the in-built speaker up to eleven, and the Polycom VVX450 could easily be used as a capable conference phone for a typical meeting room.

polycom vvx450

Someone may have been slightly over-ambitious with the phone’s size: desks may include less paper these days, but the handset feels large and space might be an issue in more traditional working environments. As before, the VVX450 supports single-cable (‘POE’) network and power, PC pass-through, headsets and more, but is noticeably larger than the VVX411 predecessor, itself a substantial handset. Overall, the impression is that the new model may look more naturally at-home on the desk of an executive, rather than an occasional phone user.

For power users, the new handset also boast some new extras, including two USB ports for media and/or storage applications. VVX450 handsets will be available to Lineal cloud-hosted business phone system customers from July 2019.

 

For Communications and connectivity expertise and support, please contact Lineal today.

 


Google incorrectly stored plaintext passwords

Google has admitted that some of its enterprise customers’ passwords have been incorrectly stored in plaintext, in a security issue dating back 14 years.

It’s been disclosed a bug has caused a portion of G Suite users to have their passwords stored in plain text.  The bug has been around since 2005, but there is no evidence that anybody’s password was improperly accessed. They’re resetting any passwords that might be affected and letting G Suite administrators know about the issue.

It’s unclear exactly how many users have been affected, Google would only say that it relates to a “subset of G Suite” customers. G Suite is the corporate version of Gmail and Google’s other apps, the bug came about in this product because of a feature designed specifically for companies.  The issue has been fixed and there is no evidence of improper access to or misuse of the affected passwords.  No consumer Google accounts were impacted.

The company typically stores passwords on its servers in a cryptographically scrambled state known as a hash. But a bug in G Suite’s password recovery feature for administrators caused unprotected passwords to be stored in the infrastructure of an admin control panel.  Google has confirmed even though the passwords were stored in plain text, they were at least stored in plain text inside Google’s servers.  This therefore would have been harder to get to, than if they were just out on the open internet.

Although Google didn’t say so explicitly, it seems they want to ensure people don’t associate this issue with other plain text password problems.

Facebook, Twitter and GitHub have all admitted storing user passwords in plaintext over the past year or so. In Facebook’s case, hundreds of millions of users are thought to have been affected.

 

For IT expertise and support please contact Lineal Software Solutions Ltd.


Lineal attend Apprenticeship Recruitment Fair at Petroc

Growing our business with the youth of today, Lineal support Apprenticeship Recruitment.  Creating opportunities with one of the region’s largest privately-owned IT companies, offering the first step to a career working in IT.

Staff at Lineal attended Petroc’s annual Apprenticeship Fair last Tuesday the 7th May.  At this year’s event a small team attended, two of whom are currently employed Apprentices at Lineal Software Solutions.  Talking to students about the company and sharing their experiences of studying and working, being paid to earn as you learn.

Attending these events is vital to aid the growth of local businesses and apprenticeship recruitment, above all it allows students to meet with local companies.  Since 2014 we have been working closely with our local College Petroc to take on candidates who we feel have a talent for working within the industry.  Being an apprentice offers hands on work experience in a multi-disciplinary IT company to suit a variety of skills and expertise.

For IT expertise please contact Lineal Software Solutions Ltd


Rumours point to new Mac Pro to be launched at WWDC next month

The current Mac Pro computer debuted back in June 2013 with an upgrade consequently in the winds.  Reports suggest that a fresh model may finally see the light of day in the first week of June. According to sources, Apple will be revealing its new Mac Pro at the World Wide Developers Conference. 

Given that the Pro targets demanding pro-users, like Architects and Developers, it makes sense for the new Mac to be revealed here.  With super fast processors, more maximum RAM, better GPUs, and a slew of other improvements, almost certainly make this the most powerful and capable Mac Pro Apple have ever launched.

The new design will better accommodate future upgrades and higher-end hardware. Apple says the design of the current high-end device has restricted the company’s ability to upgrade it, necessitating a total redesign.  Internal expansion and dual-processor options are key aspects on the wish list of improvements.  The actual capabilities of the most recent creation are however still a mystery.  

Aside from a revised Pro, there are rumours that Apple is developing a high-end high-throughput modular system.  This will facilitate regular upgrades to meet the needs of Apple’s pro user base. It will ship alongside an upcoming Apple-branded pro display, which rumours suggest will be 31.6 inches with a 6K resolution.  With “outstanding picture quality” enabled through a new Mini LED-like backlighting design.

For IT expertise please contact Lineal Software Solutions Ltd


iOS 13 Rumours hint at big changes for iPad

Online rumours about the release of iOS 13 have suggested Apple may be about to add a number of ‘Mac’ style features to their touchscreen-based operating system.

Among the improvements hinted at exclusively by 9to5Mac for release at Apple’s Worldwide Developer Conference in June, iOS 13 looks set to include system-wide dark-mode and high-contract display versions, a less intrusive volume control, new font management, desktop-version website priority and new ‘Undo’ controls.

Most importantly, iOS 13 is rumoured to include a kind of panel-based app container system, allowing users to more easily control screen space and switch between applications smoothly.

If true, the move will be seen by many as the first confirmation of a long suspected plan by Apple to begin merging their two main operating systems, iOS (for iPhone and iPad) and MacOS (for MacBook, iMac and Mac mini ranges) for a more common experience across Apple’s range of devices.

Numerous concept images of what the proposed iOS might to look like have appeared online, although Apple aficionados may note that dark-mode would display very differently on OLED devices to non-OLED ones.

Recent iPad Pro advertising, which asks ‘What’s a computer?’ suggests that much like Microsoft, Apple is preparing for more capable tablets to increasingly replace traditional laptops for work computing.

 

For Apple equipment and expertise, contact our team today.


Google Plus to be Shut Down

Google Plus is to be shut down, following a data leak which put almost half a million user accounts at risk.

The tech giant announced on Monday that the consumer social media platform would be retired by the end of August 2019.

Launched in 2011, Google Plus has had a rocky history – spawning a comedic sub-genre focused around it’s slow adoption, weirdly vocal support from Google employees, and failure to compete with larger social media rivals such as Facebook.

Google’s own statement acknowledges this in harsh terms:

Google Plus

More controversial however have been recent security problems. This month the Wall Street Journal published details of a bug in the Google+ API which had allowed app developers to access user data without permission via their friends, (an almost identical vulnerability to that underlying 2018’s Facebook/Cambridge Analytica scandal which resulted in Facebook executives testifying before Congress – in Google’s case potentially exposing 496,951 Google+ user accounts.) Google estimate around 400 application developers would have had access to private profile data as a result of the bug.

First discovered in March shortly prior to GDPR coming into effect in the EU, Google was not legally bound to report the breach to all European users, but would now be required to do so within 72 hours from discovery under ICO rules, if a similar breach were to re-occur.

News outlets have linked Google’s failure to disclose the leak with the final decision to close the platform, despite Google’s insistence that widely known low user-engagement is behind the move. Existing Google+ users may choose to restrict security permissions or remove content, although the platform’s lack of success suggests many will allow ‘phantom’ accounts to be disregarded.

In overlapping new coverage, Google is expected to launch the newest version of its flagship android Pixel smartphone in just a few hours time.

For IT and security expertise, contact Lineal today.


Lineal becomes VMWare Enterprise Partner

Lineal Software Solutions Ltd. has become the only current VMware Enterprise Partner across Devon, Cornwall and Somerset.

Enterprise Partners can both provide and implement the most advanced and specialised VMware solutions to the market – including cloud infrastructure and mobile device management solutions alongside datacentre products.

Now owned by Dell Technologies, VMware’s ground-breaking technology has become a staple of business IT around the World since early innovations in server virtualisation first revolutionised computing during the 1990s.

Previously one of the South West’s few VMware Professional Solution Providers, Lineal achieved the coveted status of Enterprise Solution Partner after engineers and other staff successfully passed an extensive series of examinations to qualify for the highly sought-after industry accreditation. VMware Partners are expected to maintain current subject knowledge and the 2018 series of assessments are particularly challenging, requiring considerable experience and understanding to achieve the high standards set by VMware.

Lineal’s Managing Director Mike Matthews explained: “VMware’s virtualisation solutions are renowned as some of the world’s most sophisticated, most demanded, and most secure technology.”

“The ability to manage virtualised computing, network infrastructure, storage and more has made VMware the worldwide market-leader for cloud-based computing and software-defined data centres.”

“In particular, we’re very excited to be offering VMware Mobile Device Management (MDM) solutions built on the latest Workspace ONE platform to organisations that need device security and compliance assurance measures in place.”

“This is an emerging requirement for more and more organisations of all sizes, and as a VMware partner in Devon, we look forward to delivering real innovation using VMWare to build the next generation of datacentre, MDM and application delivery platforms for our clients.”

 

VMWware partner

 

For VMWare expertise and support, contact our IT Support team today.


Apple debuts iPhone XS

Apple have announced the iPhone XS, iPhone XR and fourth series of Apple Watch as part of 2018’s Apple Keynote Address at the Steve Jobs Theatre.

The iPhone XS, currently available for £999 pre-order for the 5.8” version, or as a ‘Max’ 6.5″ version at an eye-watering £1,099, will include an A12 Bionic chip powered by longer life batteries and driving the highest quality screen currently available on a smartphone.

Interestingly, Apple will also be debuting a more mid-range iPhone XR, with a range of colours, a new liquid retina screen positioned in a similar corner-to-corner style, and the same headline A12 Bionic chip specification. Updated 12MP camera technology allows each iPhone to introduce accurate depth of field in portrait mode,  and Apple have continued their glass-first theme to ensure all three versions of the latest flagship iPhones are waterproof.

iPhone XS

For Apple Watch Series 4, Apple’s design team have rounded the edges to create a less square device, and re-oriented the more customisable watch face to make better use of the screen corners. The re-designed device will also include some new tricks: including electrodes able to take an electrocardiogram, and fall-detection should the wearer suffer an accident.

Each new product also corresponds to a drop in price of previous generations of Apple technology – including the Apple Watch Series 3 being reduced to a more affordable £279.

While the quality of Apple’s touchscreen products never fails to impress, Team Lineal were left wondering whether the Mac range will ever receive a new release. Predictions of a new Mac Mini, a new Mac Pro, and even the widely rumored new Macbook Air, were revealed to be unfounded.

Apple’s reliance on new iPhone sales is well-documented, with the popularity of the high-quality public-oriented product line pushing the tech giant to become the world’s first trillion-dollar company over the Summer. For at least another year, Apple’s focus has remained ‘business as usual.’


Lineal Space Invaders stall lands at North Devon Show!

This year Lineal Software Solutions Ltd. was an official Sponsor of the 51st North Devon Show, and launched (maybe) the show’s first ever Space Invaders Championship.

The retro arcade pub-classic, in which the player holds out against descending ranks of tiny pixelated aliens was first released in 1978, making the game 40 years old this year (yes, really.)

Mike Matthews, Lineal’s managing director explained: “We wanted to make this year’s show fun with something both young people (and the young at heart) would recognise instantly and enjoy.”

“For those of us er… more advanced in years… the memories flooding back!  Lineal was first founded in the 1980s, and it’s astonishing to think how far technology has developed.”

Fortunately so has Lineal, and visitors to our stall could learn more about Lineal IT support, cybersecurity, business software, cloud services, phone systems and much, much more.”

Lineal, which recently moved to new premises in central Barnstaple, was also an official Sponsor for this year’s North Devon Show, and presented the prizes to winners of the ‘Hacks and Riding Horses’ class.

North Devon Show Lineal Prize Giving

However, much like IT support, battling aliens also seems to be a matter of experience – with parents often achieving much higher scores than children on our Space Invaders High Scores board.

Space Invaders High Scores

After 2017’s Show was unfortunately cancelled due to poor weather, 2018 was a huge success and a fantastic day out for locals and visitors alike. Next year? We’ll be planning something even bigger…

Mike explained: “The North Devon Show is always a highlight of the calendar, and the array of businesses, charities, livestock, rural groups, crafts and all-round entertainment is a showcase for the community in this part of the world. We’re always proud to be able to support it.”

See you next year!

 

For IT Support and expertise, contact Lineal today.


WPA3 Wi-Fi Introduced

The Wi-Fi Alliance has formally announced the introduction of the WPA3 security protocol, the next generation of wireless security to protect routers and networks.

The new security standard follows hot on the heels of last year’s breach of the existing WPA2 standard, which has been in use since 2004.

WPA3, released in both ‘personal’ and ‘enterprise’ with extra protections, is expected to fix a number of deficiencies in the older WiFi protocol, including:

  • Captured encrypted data cannot be decrypted by a later breach of the password – in order to access data, a hacker must have both the password and data at point of transmission.
  • Encryption of data will be individualised, such that snooping on other devices across less secure Wi-Fi networks will be made more difficult.
  • Extra protections against password brute-forcing and ‘dictionary’ style attacks, dramatically increasingly the time cost of bulk guessing a password successfully.
  • Smart devices with no screen, including many Internet-of-things (IoT) technologies, will be administered via a smartphone screen during Wi-Fi setup.

To most end-users, the experience of entering a Wi-Fi key will feel virtually identical. WPA3 isn’t expected to actually be implemented until 2019, and is predicted to gradually replace the existing WPA2 standard on all Wi-Fi certified devices. WPA2 will continue to function, but will be steadily phased out.

Nevertheless, expect to see major manufacturers rushing to ensure their own products are stamped with the very latest security ‘WPA3 Ready’ branding.

For networking and cybersecurity expertise, please contact Lineal today.


DrayTek Vigor Firmware Warning

At time of writing, Lineal technical support staff are currently updating DrayTek Vigor firmware for all clients with known DrayTek equipment.


Enterprise Router provider DrayTek has called for urgent firmware updates, following discovery of a security vulnerability.

20 different business router models from DrayTek’s Vigor range are known to be affected by the security flaw, known as DNS hijacking, which may allow a third-party to alter DNS settings by issuing commands to a dormant session of the web-based DrayTek router control interface.

The unwelcome news marks the first major security flaw to befall the acclaimed networking equipment brand for some time – and comes less than a year since DrayTek won PC PRO’s ‘Best Router Brand Award’ for 2017.

A Vigor router showing IP number 38.134.121.95 is reported to be a likely indicator of compromise, and affected routers may exhibit unusual network behaviours.

DrayTek’s official guidance warns that this is likely to be only a preparatory ‘phase 1’ of any like cyber-attack by criminals, preparing re-direction of web traffic to compromised web pages which might capture unsuspecting users’ passwords or other sensitive information.

As a general security precaution, it’s always worth logging out of web-portals and other accounts not being used (including your email, social media, bank account and device itself… or indeed your router’s configuration panel.)

If you have a DrayTek Vigor router not covered by a Lineal Support Agreement with us, please get in touch for guidance.

Please check back for updates


Project X Taking Shape

The future of Lineal is nearly ready – the long awaited Project X (Lineal’s new home) is entering the final project stages.

Managing Director Mike Matthews explained: “Lineal’s new offices will be a significant leap forwards for us, and allow us to much better support our clients. Higher quality connectivity will make Lineal more contactable and reliable than ever, and we’re installing new server hardware and other infrastructure to expand and improve our capacity for cloud-based and hosting services.”

“Our staff will also have access to new and improved training facilities, an important part of our planning for future years. As our IT team expands to take on larger projects, and our SQLWorks software team expands to support the release of Version 8, we’ll be needing the space!”

Formerly Commercial House, Lineal’s new location on Barnstaple’s Strand is a two-story period building which will be the working headquarters of around twenty staff. New solar panels will help contribute to our efforts to make Lineal a more environmentally responsible business.

Important Information

  • Although Lineal’s address will ultimately change on official paperwork, all key services (including phone numbers and support channels) will remain as they are currently.
  • Lineal will begin to move frontline staff in stages between:

                     Wednesday 23rd – Friday 25th of May

  • All Lineal clients will receive additional information regarding schedules for infrastructure switchover where applicable. We anticipate no disruption of service during normal working hours.

 

Please contact our team via 01271 375999 or email [email protected] with queries.

We wish you all a happy Bank Holiday weekend!


Adobe discount slashes pricing for education sector

Adobe has announced a large discount for its Creative Cloud suite of apps, in a special Adobe discount scheme designed to win over the education sector.

The leading creative software package will now cost only $5 per user/month in the US, or around £4 in the UK – a large discount on the original $25/£18 per user/month price – although this Adobe discount price will currently only be available to academic institutions purchasing a minimum of 500 licenses.

Many of the big names in software, including Microsoft’s Office 365, Google’s G-Suite and other popular products such as ESET’s antivirus range, have been offered with significant discounts for the education sector through partner resellers, in the hope of capturing the next generation of technology users early, and contributing to wider learning.

In each case, the gesture is undoubtedly a worthy public relations boost, with Adobe also pledging to support workshop schemes to show educators how to teach with Adobe’s suite of creative apps in the classroom.

In both cases early access is especially important for Adobe Creative Cloud, which includes Photoshop, Lightroom, InDesign and many other leading creative apps, because of the very high high barrier to entry: both creatively and by cost – despite the software brand being simply unrivaled across the creative sector.

Adobe clearly hopes the dramatically reduced Adobe discount pricing will wet the appetite of larger organisations, and introduce high quality design apps to a much wider audience at an earlier age.


Warning: Phishing Email Scams to Avoid

***Latest Update to the Hall of Shame – 8th February 2019***

At Lineal our IT team review a lot of dodgy emails. The criminal scam known as phishing (sending fraudulent emails to trick end users into divulging sensitive information or downloading dangerous files) is a widespread threat, and we’re constantly on the lookout for dangerous new scams appearing on the internet.

It’s estimated that around 90% of organisational security threats are caused by a mistaken click in an email, making it by far the most common way businesses are breached by ransomware, viruses or individuals with malicious intent.

There are ways to mitigate this – a strong antivirus software can assist by intercepting your mistake once you’ve misclicked, and backups are a vital insurance. Moving your email to a highly monitored service in the cloud (like Microsoft’s Office 365) helps narrow the odds dramatically: putting all your incoming email through a range of filters and cutting the amount of phishing spam your staff have a risk of clicking on, from the outset.

However, some human intuition and alertness is always required. With this in mind, we take a look at some examples of the most devious phishing scams we’ve ever seen:


 

phishing email dpd

The ‘Delivery Note’

Phishing emails are from fake ‘banks’ or enterprising Nigerian oil ministers, right? Wrong. This fairly innocuous email is the digital form of one of those ‘sorry we missed you’ cards you might receive through the letterbox for undelivered packages.

If you didn’t notice the suspicious sending address, accurate branding could lead you to believe this was really from a major logistics company, and divulge various personal details before realising there isn’t really a package to collect.

 

fake tv licensing email

The Card-Payment Conundrum

Oh dear! My recurring card-payment for my TV license has expired – time to key my new card details into a dodgy website.

The growth of recurring payment systems for everyday things (like TV licensing) has meant users are familiar with being prompted to update card details, but stay alert: just because the request is mundane doesn’t mean it’s innocent. This is a nasty phishing email which scammed viewers out of thousands of pounds – even hitting national headlines.

 

phishing email dropbox

The ‘File Share’

A proliferation of easy file-sharing platforms mean that we’re all more familiar with receiving large files via sharing links.

Curiosity about what this file is, and why your contact is emailing it to you (via a pretend ‘Dropbox’ email) might cause you actually to hand over your email address details. This trick is very simple, and persuasive – only the vaguely mail-merged ‘Hi info’ should suggest this is not really something you want in your inbox.

 

phishing email natwest

The (Convincing) ‘Fake Bank’

Forget semi-literate Russian hackers and the like, the quality of this fake Natwest email is in a different class. Spelling corrections, clumsy phrasing or dodgy branding can often give away an email scam, but criminals are becoming increasingly sophisticated at imitation. Anyone who falls for this email would be handing over their online banking login details.

Imitation is the sincerest form of flattery, and for the unwary email user, likely to be the most expensive.

 

fake gov email

The Government Request

Uh Oh. An official demand from Companies House. Better respond quickly. Bad luck – you’ve been scammed.

Don’t let the impeccable branding or the dull subject matter catch you out: look at the email address and the link. .ink is not a normal public-sector domain, so that should ring alarm bells.

 

phishing email 1and1

The Domain Scam

Much like the delivery note scam above, this clever phishing scam we recently witnessed is based on the user not realising there’s anything sensitive about their domain details.

Hovering your mouse over the buttons reveal URLs that are not from this organisation, and should not be trusted.

 

The ‘Email Recovery’

This crafty scam invites you to ‘Recover (email) Messages’ that your email service held back due to a sync error – which should be your first clue that this is suspicious. Genuine email filtering tools (such as the excellent Barracuda) are very transparent about exactly what has been quarantined, or (as with Microsoft Office 365) expects an admin user to review the email separately.

Suffice to say you should NOT click ‘Recover Messages’.

 

The Fake Order

A sales enquiry from a University for a high value item – how promising! Except no, ‘Daniel’ isn’t a Procurement Manager, and if dispatched on credit terms, you’ll never see this item again. Worst of all, when you invoice the real University of Nottingham, they’ll think you’re an email scammer trying their luck. How ironic.

As before, the email address should give this away: real universities use valid .ac.uk (academic) domains, not free gmail accounts with a ‘.ac’ dumped somewhere in the address by a criminal.

 

 

For IT Security expertise and support – contact Lineal today.


Top Picks: Best GDPR Resources

Be honest, you’ve read some truly useless things online about GDPR. We all have.

The problem isn’t one of enthusiasm: more and more companies are recognising the impending deadline of the new data protection regulations and acting to implement best practice.

There is, of course, a growing industry of consulting firms and data protection advisers trading on businesses’ lack of expertise and frequently, fear of being left behind. Most organisations begin preparing with a spot of Googling, some light reading, and a bit of browsing online GDPR help articles written by experts.

However, the real experts can’t divulge too much free advice (otherwise why contract their services?) thus much of the available articles and blog posts are deliberately vague. The conundrum has already spawned some unfortunate attempts at humour, but doesn’t really help companies attempting to put in place GDPR compliant policy.

All is not lost: there really is some genuinely useful  guidance out there – here are our pick for some of the best GDPR resources:

 

ICO: Eight Practical Steps

ico eight practical GDPR steps

The Information Commissioner’s Office original ‘eight practical steps’ presentation is a series of slides that are exceptionally clear, and can be worked through in stages. A more recent, formal ’12-step’ version also exists, for a more conceptual understanding of the new regulations.

 

GDPR Readiness Assessment from Microsoft

Microsoft GDPR quiz

A little technical at times, this quick quiz is a useful way of thinking further about protection policy, particularly around access control. For further information on how Microsoft can assist with GDPR in the cloud, look for the blue button in the top right hand corner.

 

ICO Helpline

ICO GDPR helpline

The ICO has a little known helpline via which small businesses and charities can consult a member of ICO staff for extra advice – details of which can be found above.

 

IT Governance Compliance Gap Assessment Tool

IT governance GDPR compliance gap assessment tool

Always a strong source of IT expertise and policy, IT Governance have developed a range of ‘Toolkits’ to assist data protection officers and those implementing GDPR within their organisations. These range from the simple £60 compliance gap assessment tool (a handy Excel Spreadsheet you can work through) to more expensive implementation packs and data flow mapping tools.


Lineal’s Lewis wins Petroc Award

Lineal’s IT security apprentice Lewis Marrow has won a Petroc Outstanding Achievement Award for the 2017 academic year.

The award was presented by VP of Finance and Resources, Bill Blythe, in a ceremony at the Barnstaple Hotel to congratulate prize winners from across the Higher Education college’s student body.

Lewis is one of Petroc’s few Degree Apprentices, studying for University undergraduate degree level qualifications whilst also working as part of Lineal’s frontline IT support team. Lewis takes a keen interest in cybersecurity, and has demonstrated advanced security skills in addition to educating employees of Lineal clients on how to use technology safely.

Writing on Twitter, Mr Blythe praised all the winners, many of whom are beginning careers training with some of Devon’s best known companies across diverse sectors including accounting, computing, construction and engineering.

Lineal’s Head of Technical Services Matt Norris congratulated Lewis on his professional development:

“Lewis’ progress and contribution as part of our team has been fantastic – we expect this won’t be the last time Lewis wins an award. Training in partnership with Petroc helps us add important skills, and some exemplary individuals, to our team”

Congratulations Lewis!

Lewis wins


Lineal ‘Pitch in a Pound’ for North Devon Hospice

Team Lineal have raised £250 for North Devon Hospice, after hosting a fundraising buffet for staff and visitors.

The donations were collected by the IT Support firm as part of the local charity’s ‘Pitch in a Pound’ day, held each year in support of the hospice by North Devon businesses, schools and community groups.

Managing Director Mike Matthews explained: “It’s hard to find anyone in North Devon who doesn’t have a friend or family member who has been cared for by this terrific local charity, and it’s important every business does its bit for worthy causes.”

“That’s why I agreed I would match whatever my team raised on the day. Well done to all involved!”

North Devon hospice, which covers more than 800 sq. miles of Northern Devon, supports and cares for more than 3000 patients with life-limiting illness each year.

Lineal staff cooked, baked and sold a variety of sweet and savory food, including curry, pastries, chilli, samosas, dips, and a whole variety of different cakes and sweet treats.

Learn more about ‘Pitch in a Pound’ day on North Devon Hospice’s website by clicking here.


Why USB drives are terrifying

USB drives are a security nightmare. From losing files, to sharing them inadvertently, or accidentally installing something malicious, these tiny handheld digital storage grenades are a data-protection disaster waiting to happen.

Many people can’t help themselves. Sometimes it’s just so useful to be able to move a file to a separate computer, or carry a copy of that file on a handy keyring.

It’s true that too many operating systems auto-run memory sticks. As users we could perhaps be more careful though – find a USB and it’s tempting to plug it in… a 2016 University study suggested roughly half of those who find a memory stick on the ground will plug it in without thinking.

In particularly data-sensitive environments options are available to either disable PC USB ports, or remove them from a PC entirely. At the very least, businesses preparing for this summer’s new GDPR regulations need to take some sensible USB security precautions:

 

1. Be strict.

Ask yourself whether it’s entirely necessary to put this file on a memory stick, and be harsh about what files you copy. Memory sticks now hold terabytes of data, and are too easy to drop, or leave on the train.

GDPR is naturally concerned with sensitive personal data, and not your supermarket shopping list. Nobody ever intends to lose a file full of personal data, so you should think twice before putting the former on a USB drive, while the latter is probably OK.

 

2. Don’t allow easy access to your network.

USB based viruses come in a variety of forms – from cheap foreign spyware purchased online, to the fascinatingly complex (and probably Western-sponsored) ‘Stuxnet’ worm which famously sabotaged the Iranian nuclear program with planted USB drives in 2011.

The best antivirus softwares (for example Lineal’s recommended ESET antivirus) automatically offer to scan a newly connected memory stick for malicious software, before the user accesses the files. This only takes a few seconds, but it’s strongly advised to let your antivirus act as gatekeeper for a USB stick, as you would your emails or web browsing.

usb drive security

 

3. Sharing is not caring

Sharing files via memory sticks is not sensible, not least because you’re forced to share the whole contents, including the ability to duplicate files.

You can’t be certain what any given person will do with the USB drive or its data, or what the person giving you a memory stick might have done with it previously, so it’s safer to confine USB drives to a specific individual.

 

4. Get something better

The world of IT is full of better solutions, including Apple’s useful ‘Airdrop’ function which allows direct, localised file sharing over WiFi. For company-wide systems, numerous excellent cloud-based file storage and sharing platforms are available. Microsoft’s excellent OneDrive platform is easy to use from any device, and allows businesses to share files online via the cloud, with customisable permissions to control who has access to the data at any time.

A USB drive should not be necessary to complete routine IT tasks. Thank goodness.


$100,000 top prize pledged for 2018 Imagine Cup

Microsoft is seeking student UK technology developers to enter the 2018 Imagine Cup – with a chance to win $100,000.

The prestigious technology trophy, awarded every year to a team of three young people who develop a groundbreaking technology idea, are currently accepting entries for 2018’s Imagine Cup UK finals.

UK finalists are expected to be chosen in March (top prize $5000) with global finalists travelling to Redmond, Virginia (the home of Microsoft) for 2018’s worldwide finals, and a chance at a grand prize of $100,000.

The winning entry must be an original technology project, created from an initial idea to implementation and run from the Microsoft Azure cloud platform. Entries can be on any theme, although recent competitions have been dominated by inventions designed to not only demonstrate innovation, but contribute to human well-being.

Entries from the UK will be judged by an expert panel, including Clare Barclay Chief Operating Office of Microsoft UK; Haiyan Zhang, Innovation Director at Microsoft Research; Michael Wignall, National Technology Office at Microsoft UK; and Rob Fraser, Commercial Software Engineering Lead at Microsoft UK.

Microsoft’s insistence on the final solution operating via Microsoft Azure no doubt reflects their ‘cloud-first’ business approach, in addition to a recognition that the ‘global’ finalist’s winning idea should be a truly global possibility.

Winning Imagine Cup entries from previous years include a solution to help those with diabetes manage symptoms, a charity donation app that embeds into news articles, and the ‘Emma Watch’ – recently featured on the BBC for assisting those with Parkinson’s in reducing limb tremors.

Teams can learn more, and enter the competition, here.

 

Lineal are a certified Microsoft Gold Partner – learn more.


4 Hidden Google Games for your Coffee Break

Google search is by far the world’s biggest search engine (sorry Bing), but some of its more hidden Google games, apps and tools are lesser known – a reward for a lucky few.

Got a few minutes to kill? Here’s some of our favourites:

 

Chrome Dinosaur

Google T-Rex Run

Google’s Chrome browser contains an offline game for when your browser can’t connect to the internet: T-Rex run charts the journey of a pixelated dinosaur in her/his quest to reach the right hand-side of the screen.

Press space bar to begin, jump over obstacles and try to set a new high score. Perfect for killing a couple of minutes when your router is re-starting.

For those with a frustratingly reliable internet service, an online version of the Chrome T-Rex Runner is available here.

 

Go Stargazing

Google Sky

Like Google Earth, Google Sky allows you to explore the heavens with useful overlays for learning the constellations, and zooming into high quality NASA photography of distant galaxies where available.

For extra wonder, search out the ‘Ultra Deep Field’ image, captured by the Hubble Space Telescope in 1995 – the furthest optical point humanity has ever seen.

 

Make Music

For the creative-type, Google added this guitar widget to its hidden Google games in 2011. Move your mouse over the strings to compose a musical masterpiece, and record your jamming session with a handy record function.

Google Guitar

 

Google Doodle Pacman

hidden google games

Google’s doodles have become an almost daily feature – celebrating everything from the World Cup, the birthdays of famous inventors and the anniversary of beloved 1980s classics.

The doodles normally link to a relevant search term intended to educate, but just occasionally games – such as a wonderful ‘Google-themed’ Pacman widget from 2010.

The productivity team over at RescueTime estimate that Google’s heartwarming arcade game was actually played for over 4 million hours by distracted office-workers worldwide, costing roughly $120m in lost employee productivity.

Lineal’s IT team can in no way condone such behaviour. Now get back to work.


Lineal Becomes a Triple Gold Microsoft Partner

Lineal Software Solutions have become a Triple Gold Microsoft Partner, after having been awarded a third Microsoft Gold competency.

Our IT team was formerly awarded Microsoft’s Gold ‘Windows and Devices’ certification by Microsoft’s Partner Centre earlier this week.

“We were thrilled to qualify as one of the South West’s few Microsoft Gold Partners back in 2016” explained Head of Technical Services Matt Norris, “but for our team to show sufficient expertise and skill to obtain three Gold competencies is a truly groundbreaking achievement.”

The additional gold certification is added to Lineal’s existing double-status, ‘Gold Small and Midmarket Cloud Solutions’ and ‘Gold Hosting’, in addition to ‘Silver Application Integration.’

To achieve the additional gold certification, several members of Lineal’s team were required to pass a series of challenging exams demonstrating a high level of knowledge in larger scale Windows device roll-outs, and ongoing device management best practice.

“Lineal greatly value staff training and development, for the invaluable extra skills Triple Gold Microsoft Partner know-how delivers to our IT support helpdesk. Our clients can be confident that a Lineal engineer will have excellent Microsoft system knowledge when resolving technical queries and assisting with longer-term IT strategy..

“Well done to our IT support team for all their hard work.”

Triple Gold Microsoft Partner

For Microsoft expertise and support, please contact our team today.


Team SQLWorks at EurOmnis 2017

This year Lineal’s SQLWorks Team traveled to Arnhem, The Netherlands, for the 4-day European Omnis Developers Conference – EurOmnis 2017.

Conference workshops offer the opportunity for developers from more than a dozen countries to exhibit their latest work, seek advice from other programmers and share best practice. A primarily educational event, EurOmnis brings together the brightest and best to further develop software projects and draw on a wider pool of knowledge.

EurOmnis workshop

Members of the Omnis Executive Team also attended to discuss the very latest developments of the platform, explain new features (such as remote debugging technology working live from the developer console) and gather valuable feedback from the wider Omnis developer community.

Managing Director of Lineal Software Solutions, Mike Matthews explained: “Over the many years during which we’ve helped organise EurOmnis, both the software itself and the Omnis Developers Group (ODEV) have gone from strength the strength.”

omnis developers

“This year’s conference studied some exciting breakthroughs in web development, mobile/tablet-friendly user interfaces, internet-of-things (IOT) examples, future API technology, and much, much more.”

“SQLWorks is designed to be a highly flexible business management software, and we greatly value contributions from the extraordinarily diverse range of industry sectors, creative skills and technical knowledge represented each year at EurOmnis.”

In addition to coding, EurOmnis 2017 attendees had the chance to visit and dine at the Kasteel Doorwerth, a medieval chateaux dating from before the 13th Century, and literary home of the Beaulieu restaurant, where Erik Hazelhoff Roelfzema wrote Soldier of Orange.

See you next year!

 

Lineal are Omnis and business software development specialists – learn more here.

Euromnis venue


Phone Systems from Lineal: Hall of Fame

Perhaps no industry moves faster than the world of telecoms, with traditional business PBX phone systems looking increasingly ancient on the wall.

At Lineal we’ve been impressed at just how quickly technology has advanced to support far greater user mobility, more flexible deployments, wider integration and dramatically lower costs.

Businesses (and other organisations) have more choices open to them than ever before – we look at 3 of our favourite options that make much more sense than struggling on indefinitely with prehistoric communications.

 

ShoreTel Connect

ShoreTel’s on-site phone systems have been some of the best for years, and their Connect platform continues to impress.

Connect is available as either a feature-rich and scalable ‘on-site’ system (more familiar to a normal enterprise workplace), or in the cloud (an option increasingly popular with the sub-25 user smaller business market looking to avoid heavier upfront expense or where users are split across multiple offices.)

The Californian company’s handsets are simply the best we’ve ever seen, durable and well-built with clear and effective controls. The noise cancellation built into every handset is so effective it has to be experienced to be believed.

Yet it is ShoreTel’s software (intellectual property so well regarded that telecoms behemoth Mitel has spent several years manoeuvring to purchase the entire company) where the real innovation lies.

A cross-platform, smartphone friendly, cloud-based collaboration and instant messaging unified solution more akin to Slack, Basecamp or Microsoft Teams, ShoreTel takes everything to a whole new level of integration. The onscreen client for Windows/Mac is already a superbly intuitive piece of design, but is increasingly becoming part of a bigger software offering that feels identical across lots of devices and screen sizes.

This is unified communications where your phone system coordinates with technology across a business: not just a tool, but a truly high quality communications ‘solution’.

 

 

Gamma Horizon

For maximum flexibility and features at competitive pricing, look no further than one of the UK’s fastest growing business telecoms providers.

Gamma Horizon replaces your boxy on-site PBX with subscriptions to a virtual equivalent in a UK data centre, with VOIP handsets that operate over the internet. 4000 minutes a month are included as standard per phone, sufficient for even the most talkative callers using the cloud-based system.

This brings some major advantages: the phones themselves should work anywhere with an internet connection and power supply (router permitting) allowing one cohesive ‘system’ to cover multiple sites or home offices. The number of subscriptions can be increased or decreased to balance requirements against cost, or to fit with seasonal businesses. More complex features such as advanced call-routing, auto-attendant, smart-phone apps and scheduling are also available, and all the phones in a system will obey the configuration set in the online web portal, wherever they’re located.

Handsets connected to Horizon look and feel like any traditional phone systems in use, with Polycom’s business-like HD Voice hardware our recommendation (portable DECT and conference phones are also available.)

Calls between Gamma phones are free of charge, with other special deals available to Gamma broadband customers. The UK small/medium business sector appears to love the flexibility of Gamma Horizon, so it’s little wonder there are already more than a quarter of a million endpoints out there.

 

Skype for Business

Why pay for a phone on your desk? Sure, we all find something very reassuring about the heft of a piece of well-manufactured plastic, but when we so many people use laptops and carry smartphones anyway, many businesses will correctly reason that the extra expense is not *actually* mandatory.

Skype for Business is available as both a desktop and smartphone app – users can make or answer audio or video calls from either. Arguably the best thing about this software (’softphone’) alternative is that anyone already using Microsoft Office 365 Business Premium or Enterprise plans has it available to download and use via the cloud without extra charge.

Internal calls between users and instant messaging are free, and integration with Microsoft Exchange allows your Outlook calendar meetings to sync up with the on-screen client. Video conferencing is (surprisingly) smooth and reliable, even on low bandwidth connections, and with handy options for screen sharing and group meetings also available – again at no extra cost.

Add PSTN licensing however (for a fraction of a normal call plan), and Skype’s business version allows you to dial outside Skype for Business to any phone, becoming a fully fledged unified communications solutions and replacement for traditional phone systems.

Skype for Business is brilliant for dispersed teams, mobile-workers and anyone seeking a low cost collaboration solution. More advanced call-routing and auto-attendant options are still being developed, leaving Skype for Business still some way short of an enterprise phone system in the cloud for now, but for businesses looking for a cost-effective next-generation digital transformation, such an option could be ground-breaking.

… and for those who still find a soft-phone a step too far, Skype for Business can still be ‘plugged-in’ to many SIP desk phones or conference phones, for a more familiar call experience.

 


SQLWorks is changing

 

SQLWorks is changing: Lineal will be launching a new major version of our flagship business software in 2017.

Version 8 will bring a host of new features to our flagship business management software, as well as provide existing SQLWorks customers a greatly improved user-experience.

Managing Director of Lineal Mike Matthews explained: “We were determined to release a major new version of SQLWorks this year, and wanted to implement the customer feedback we’ve been gathering in recent months.”

“By changing to the StudioWorks 8 framework, SQLWorks Version 8 will allow us to update the technology behind our business software – modernising the visual ‘look-and-feel’ to be more intuitive, adding greater flexibility, and offering more options for integration.”

Version 8 is expected to be available from Autumn 2017 – check back for more soon!


Anti-Virus Politics: Kaspersky offers to hand over source-code to US Government

In a surprise move, Eugene Kaspersky has publicly offered to give the US Government access to the source code of its security software in a bid for transparency.

The offer is the latest development in an ongoing dance between the Russian IT security company and the US Government, after the Senate Armed Services Committee threatened to ‘blacklist’ the software company from applying for US defence contracts over the risk of influence from the Russian Government.

In a sensationalist piece released by Bloomberg, journalists claim the Moscow-based firm hold regular meetings with Russian Ministry of Defence and FSB agents, and that Eugene Kaspersky has even personally met with Russian intelligence officials in a ‘banya’ sauna.

Modern business anti-virus software typically collect invaluable background data to reinforce a real-time intelligence war against the latest security threats on the internet – with many users not being aware of whether their antivirus understands the latest threats.

Kaspersky argues the headlines are part of a ‘witch-hunt’ by Washington; industry analysts have acknowledged the heightened scrutiny of Kaspersky by US authorities has closely followed their recent uncovering of NSA ‘Equation’ hacking tools as a part of work against recent ransomware outbreaks, but may also represent the beginnings of a smear campaign by domestic US security providers.

Speaking to the Associated Press, the security provider implied it had already rejected government requests to undertake offensive cyberattacks rather than defensive software development – not necessarily requested by the Russian government.

Against the background of press-interest in alleged Russian hacking stories, it appears the dramatic feud has some distance left to run.

 

For IT security advice and expertise – contact Lineal’s team today.


New Apprentices join Lineal

Lineal are proud of our role investing in skills and people, and our growing office now includes two talented new apprentices looking to develop their technical know-how.

Apprenticeships provide a vital way for trainee staff to develop specialist industry skills, highly-sought after by employers, at an early age.

In the second of our recent ‘new faces’ features, we welcome these two new valuable members of our IT Support team:

 

lewis marrow   Lewis Marrow

Lewis joins our IT support team from Petroc as our first ‘Degree Apprentice’, pursuing education and training in tandem. He’ll join our main IT support team on the frontline to help resolve customers’ IT queries and help improve their system security.

Focused on security in particular, Lewis has even demonstrated Lineal’s ability track email fraudsters, and aims to become a cyber-security specialist.

 

luke woolacott   Luke Woolacott

Luke joins us an Apprentice to support Lineal’s workshop – expanding our ability to turn around repairs more quickly, and deliver more ambitious hardware and cabling projects, both in-house and on-site.

Always hands-on with technology, Luke previously worked for one of North Devon’s best known retail companies before pursuing a new career with Lineal.

 


Could your PC be the last you ever buy?

Several major PC manufacturers have disclosed a new rental PC payment model to dramatically slash the cost of upgrading your PC.

Dell, HP, Lenovo and Microsoft have all recently announced new ‘PC-as-a-service’ schemes whereby rental PCs will be available to businesses entirely under a pay-monthly model rather than an upfront purchase.

Software services, particularly popular cloud-based offerings like Microsoft’s Office 365, have been increasingly moving to a subscription model for some time, offering both consistent cash flow for software developers and all the advantages of low-entry costs to their user base.

Hardware developers are finally catching up with this trend, offering PC hardware to the business sector on a rental basis – with the formerly high up-front cost of upgrading hardware spread over a longer period, more akin to credit-backed contract markets for mobile phones or cars.

A rental PC arrangement obviously poses a risk to the technology giants – accepting that the dominant future model for sales may be one where they still carry significant financial risk for devices already ‘in-use’ across the business market.

Microsoft in particular took a big step in this direction with their ‘Surface-as-a-Service’ last year –  offering subscription based premium touchscreen devices to business customers in the US (although these are subject to credit checks and other lending precautions.)

For Dell, HP and Lenovo, by far the world’s three biggest PC manufacturers, to take the same step represents a huge volume increase in this kind of approach, significantly cutting upfront costs for businesses investing in physical hardware.

Your PC won’t be the last you pay for, but it could be the last you ever ‘buy’ in the sense we now understand it.

For PC support and expertise: contact Lineal today.


New Faces on our Team

Lineal’s been growing recently, and we’re pleased to be able to welcome some new faces onto our team to help better support our customers:

 

Lineal's Sarah  Sarah Allsobrook

Sarah joined Lineal earlier this year from a well-known North Devon electronic engineering company, and has quickly become an invaluable member of our team.

Her responsibilities include managing communication with our customers, coordinating our engineers’ busy schedules, and ensuring that Lineal’s offices run smoothly.  

lineal's kieran  Kieran Tennant

Kieran became part of Lineal’s SQLWorks team a few weeks ago for work experience. So far, he has been assisting with more complex data tasks, and helps maintain our IT Support Team’s Lineal Active Monitoring Process (LAMP): a proactive series of hardware maintenance checks performed every day on our clients servers- a job that favours a methodical approach and a keen eye for the early warning signs of server problems.

Check back for more soon…


Fake DVLA Emails: Tracing a Trojan Scam

Continuing our recent series on email phishing trickery including fake invoices and Apple ID theft, this week we discovered a new scam involving a fake communication claiming to be from the Driver & Vehicle Licensing Agency (DVLA).

You haven’t sent them your vehicle details: but never fear, enter them below and avoid a hefty ‘1000 GBP’ fine. Never mind that your garage should have organised a V5 document for you, just click the link and type in your details. This couldn’t be a scam? Right?

We set Lineal’s security trainee Lewis on the fake DVLA emails case – who found that the email links to a private (non Gov.uk) web-page with a extensive bit of PHP code running in the background. A classic Trojan, this webpage invited you to download your casefile – and likely something dangerous along with it.

trojan

Despite poor grammar, the format matched a GOV.UK page quite closely and the ‘official’ nature of the styling might easily have tricked unsuspecting motorists.

Avoiding the page itself, Lewis completed an HTTPS lookup on the domain hosting the fake web page – but found two servers running the same scam. The email itself appeared to be routed via the USA, in an effort to mask the attacker(s) identity.

Tracing both IPs seperately led back to the same address in Germany, registered under two different names which could either be part of an organisation (or more likely) both assumed identities stolen from others fallen victim to the scam.

German privacy law prevents Google StreetView from being completed across most of the country, so an aerial view of an unknown industrial building on the outskirts of Lippstadt was a close as we could get to sourcing the suspicious email itself.

Clearly a sophisticated operation, fake DVLA emails like this highlight the growing technical ability of online scammers and the need for solid IT security precautions.

 

For IT Security advice and support, contact Lineal today: 01271 375999


Hunting Down Email Scammers

 

Here at Lineal we check a lot of suspicious emails – containing everything from fake invoices, dodgy downloads and even new ‘Zero-day’ ransomware threats not yet seen elsewhere on the internet. Cyber-security is a rapidly developing battlefield.

Last week our security trainee from Petroc, Lewis, received a fairly typical ‘Phishing’ email – designed to look like an official request for information in order to trick recipients into handing over personal details. Keyboard at the ready, he decided to go on an investigation – hunting down email scammers.

‘Your Apple ID has been suspended’ read the headline, but never fear, you can reset your account by typing in your private details via ‘Appl.e.com’. It may sound like an obvious scam, but the written quality of the email was high, and Verizon estimates that more than 25% of Phishing emails are not only opened, but clicked on by unsuspecting victims.

The email link itself looked suspicious so Lewis stripped the exact page link back to it’s original domain as our first clue. A quick HTTP lookup found the IP address of a Linux based Server with several open ports.

The scammers themselves were careful – expanding the email header shows an encrypted code in place of an email reference.

Online tools like GeoTool suggested the server sending the email had been French (although mapping this an imprecise science – suggesting the Parisian machine was sat at the bottom of the river Seine.) Nevertheless this gave us a country of origin and also a more accurate address.

Here we hit a problem: the address listed related to a French cloud hosting provider’s company office building in Roubaix, near the city of Lille on the border between France and Belgium. The company itself appears entirely legitimate, so it’s likely a server there has been hijacked or otherwise used inappropriately by a customer of the provider.

A reverse DNS lookup via an online US Security tool suggested the hosted domain name’s registered contact person was based in an apartment building in district 56121, Thessaloniki, Greece, and even listed a gmail address and phone number for the named contact (redacted.)

Had we wanted to, there’s an opportunity here for mischief, but here we decided to end our search – with sufficiently detailed information to report to customer services of the French hosting provider whose server had been misused to distribute the email.

Although it’s likely the original source had been found, it’s possible the Greek client registering the domain name was themselves a victim of the Phishing email or a similar scam.

As a case study, Lewis’ virtual chase across Europe hunting down email scammers highlights how every business is at risk from a globalised world of threats – anyone can be struck by a dangerous email from anywhere, and even the most local businesses need to take precautions.

 

For IT Security advice and support – contact Lineal today.


Webcam and Microphone Security for Beginners

Who’s watching you? The nagging feeling that your webcam might be spying on you is not paranoia: someone may be.

For plugin webcams and microphones, it’s best to unplug when not in use, as once hacked these can become a dangerous weapon in the hands of cyber criminals.

‘Built in’ integrated webcams, like those found on laptops and other portable devices are more difficult to secure, as many do not even include a safety light displaying when the camera is recording, and there’s no guarantee this will indeed light if your webcam is hacked anyway.

The obvious solution (if you don’t intend to use your webcam or microphone) is to place a small piece of electrical tape over it (Mark Zuckerberg Style) and block the view of any potential snoopers. For a slightly neater solution, Ebay will sell you a correctly sized Webcam Sticker for around £3.

However if you actually need to use your webcam, this will quickly become inconvenient and messy.

If you instead wish to Monitor your webcam against intrusion, ESET security sofware for Windows is a smart purchase. Newer versions, such as the excellent ESET Internet Security, include webcam security, allow you to set rules for when your webcam can be accessed and notifying you if a program attempts to access it.

eset webcam security

For Mac Users, a free webcam and microphone monitoring tool named Oversight can be a useful free addition. This handy software is one of Objective-See’s set of Mac security products aimed at giving users visibility over what processes their Mac is running.

webcam alert

As we’ve noted before, smartphones bring a huge number of security risks, including both a personal microphone which is constantly listening on Android and iOS, GPS tracking of your location, frequent connection to public WiFi networks and often both front and rear-facing cameras.

The safest bets here are the obvious ones: invest in a smartphone antivirus software, keep your phone’s contents locked behind a PIN code, don’t install unknown apps and don’t connect to any unknown WiFi networks which might give hackers an access route for your microphone or camera(s.)

On Android you can also review your phone’s audio recordings and GPS tracking of your location for Google via Google My Activity and Google Location History.

Stay safe!

 

For IT security advice and assistance, contact Lineal today.


Lineal reviews Skype for Business

reviews skype

Skype is probably the only brand name in video calling successful enough to have become synonymous with its purpose (try offering ‘Citrix’ to somebody and you’ll get confused looks.) It’s perhaps unsurprising therefore that Microsoft have taken their former Lync communications platform, and given it both an upgrade, new features, and a name with a better pedigree.

Enter Skype for Business, Microsoft’s newest unified communications offering for Windows, Mac and Android – available as a downloadable client or via a web browser. On the face of it, the potential in Skype for Business is enormous: calls, group meetings, directory lookups and instant messages between Skype for Business users are free-of-charge, making it a perfect internal communications platform in the cloud.

Skype for Business is already available to those using Microsoft Office 365 Business Premium as a free download. Users can connect, make audio/video calls and collaborate from anywhere in the world. VOIP packages are also available to allow calling ‘out’ to conventional phone numbers, presenting an affordable alternative to your old phone system.

We’ve found the video and sound quality to be exceptional (even on some poorer broadband connections.) For those on the move, a designated app is also available for your smartphone and tablet which, operating over your Wi-Fi or 4G connection, also extends the platform into the wider world.

Most reassuringly, Skype for Business need not just be a ‘soft-phone’ on screen but can connected to a traditional, physical, AudioCodes or Polycom VOIP handset on your desk.

That’s not to say that there are no shortcomings. Calling outside Skype requires the additional PSTN licensing which is likely to confuse those unfamiliar with Microsoft licensing. Skype’s website is not particularly helpful in this respect, with it sometimes being unclear when links refer to Skype, or Skype for Business.

Certain features that Microsoft originally advertised (such as the ability to take polls in group meetings) are also still in testing  on some platforms at the time of writing, although screen sharing and scheduled meetings already work smoothly and are very intuitive. Focusing on collaboration, these are sure to be fixed as Microsoft reviews Skype for Business.

The minimalist design is smarter and more formal than the original Skype and, whilst a little unfamiliar to begin with, the general ‘look’ of the platform is a noticeable improvement on both Lync and traditional Skype.

Skype for Business is not quite ready to take over the world just yet, but it’s certainly one to watch for 2017.

 

For unified communications support and expertise: contact our team today.


Lineal Reviews: macOS Sierra – should I upgrade?

Sierra

Should I be upgrading to macOS Sierra?

With Apple’s latest OS, Sierra, now available for download and already receiving it’s first update (10.12.1) what do our team think of the latest version – and what are our favourite additions? If El-Capitan’s endless prompt messages haven’t already tempted you, we review some of the best below.


Siri

Siri

Siri makes her (or his? Different voices are available in your mac’s system preferences case this is the kind of thing that bothers you…) debut on Apple’s machines, with all the normal features available on iOS iPhones and iPads: web searches, booking diary appointments, starting calls, messages and more, all by asking Siri.

It’s surprisingly innovative too. We can launch our SQLWorks software by instructing Siri to do so, although it requires us to enunciate S-Q-L Works quite carefully.


Tabs

Many applications can now be run in a tabbed view much like a web browser. This is very useful if you need multiple documents, maps, virtual machines or remote access windows running at once, without constantly moving things around to free up screen space.

Sierra


Universal Clipboard

Copy from your Mac, paste on your iPhone or vice versa. If you own multiple Apple devices signed in to your iCloud account, this can be really useful. This feature is overdue on Apple devices, so it’s good to see it introduced in Sierra.


Archiving

iCloud will now look through your files to check for files that are used very infrequently and will archive them automatically to prevent them taking up space. If you use iCloud a lot, this will help do some essential housekeeping for you.

Much like with universal clipboard and the ability to unlock your Mac with your Apple Watch, it feels like Apple are now designing with the assumption that it’s fans will own multiple Apple devices.


Despite all these features, the usual warnings apply of course: no one can guarantee that older versions of software will be compatible on Sierra (indeed Microsoft Exchange bugs involving non-syncing email were hurredly fixed in Sierra’s first update)  so it’s best to let someone else take the risk first, and wait a little while for any bugs to be fixed – before updating from El Capitan to the best MacOS yet.

For Apple help and support – click here.


The future of your PC: to blend in, or re-invent?

PC

Pity the traditional tower PC, it doesn’t get much love these days.  How can fixed hardware continue long into the future, when all consumers seem interested in is impossibly thin laptops and ever more powerful smartphones?

HP may be offering one solution: making the desktop PC part of the furniture. The Pavilion Wave (pictured) is their latest experiment: a curious triangular desktop PC with a fabric surround, resembling a speaker.

In addition to 6th Generation Intel Core i7 quad-core processors, up to 2TB of storage and up to 16GB of memory, the Wave can support two 4K displays and is therfore, by normal standards: a desktop PC. Yet the large central speaker, deflecting sound off the triangular lid also maintains the illusion that your HP device is nothing so dull as a desktop PC, but part of a household sound system.

Or what about making the device portable? Intel’s compute stick and Asus’ Vivo Stick give you the option of a ‘desktop’ PC you can disconnect from the HDMI port of your monitor and walk away with, although these are entry-level performing devices at best.

For a more unusual re-imagining, look to Acer, who continue to develop the magnetically attached small-form modular ‘Revo Build’, built from any number of optional blocks that add storage, extra graphics performance and more. HP have attempted something similar with the ‘Elite Slice Desktop’ – an artistic small form desktop workstation which can connect optional modules for extra storage or more powerful audio.

Both show a recognition of the way desktops have had to adapt: giving users more flexibility, and including a wireless charging loop for your smartphone on the top of the external casing, so that your phone can be charged whilst you sit at your desk.

Will the traditional desktop PC live on? If it does, it may look quite different.

For carefully selected, cost effective IT systems – speak to a member of our team today.


4 Smartphone security threats you need to avoid:

smartphone security

We increasingly live in a mobile dominated world in which Smartphone sales have skyrocketed whilst traditional PC sales have stalled. With portable devices likely to be the future of many people’s IT use – we’ve put together a few of the main smartphone security threats you need to be aware of.

 

  • Mobile Phishing & Fake Apps

Phishing websites which pretend to be your bank in order to get your personal or financial details have been around for many years, but for few people imagine that this is also a big risk on their smartphone.

Fake apps are the most obvious modern incarnation of this scam. IT security specialist ESET recently showed that a popular app like Prisma spawns multiple fakes online, downloaded unwittingly over 1.5 million times before being pulled from Google Play, with many containing harmful malware which attempt to steal personal information.

Don’t attempt to download an anticipated app before it’s official release date, as it’s likely you’ll be downloading a fake. Avoid downloading apps from unknown third-party websites, check the comments for warnings from other users, and invest in mobile antivirus to intercept downloaded threats to your smartphone security.

 

  • Old-fashioned Theft

In addition to fitting in your pocket, your phone contains a staggering amount of personal information about you which makes theft a real danger – everything including your personal details and those of friends/family, your emails, GPS coordinates of places you regularly visit and more: all stored on the device.

Home Office research suggests iPhones are the device most likely to be stolen – perhaps reflecting the Apple smartphone’s high value, quality and distinctive branding.

In addition to setting numeric pin codes on every device to prevent the danger of theft, tracking and lifesaving wiping tools like are strongly advised.

 

  • Public Wi-Fi Networks

With the proliferation of portable devices, many businesses, particularly in retail, offer public Wi-Fi hotspots to customers.

The problem with this is that you’re sharing a network with… whom? Terrifying free tools like [Redacted – obviously] and [Redacted] allow anyone on a shared public network to view insecure websites you visit, and snoop on any keystroke you type.

Not every public Wi-Fi network is a security nightmare, but it’s sensible to avoid using public Wi-Fi to do anything sensitive, such as online banking. A 4G data connection or simple telephone banking is the easiest alternative if you’re on a mobile phone, and likely to be more secure than a public Wi-Fi Network.

It should probably go without saying that you shouldn’t connect to entirely unrecognised, unsecured or unknown Wi-Fi networks either. For obvious reasons.

 

  • Being Personally Targeted

The problem with the wider shift to portable devices is that we carry our workplace into the outside world. Many of us expect complete access to our business data on our smartphone (as we would on our PC) wherever we are.

But carrying your work phone outside work means you’re also outside the protection of in-house IT security software and firewalls.

A simple phishing email can easily be targeted to you outside working hours when you’re ‘off-guard’, and the potential loss of confidential company data could be devastating.

Of course, many of the best IT security software providers now offer Android & iOS smartphone versions of their antivirus software – so why not extend your business’ IT security to your smartphone?

 

For IT support and security guidance – contact Lineal today.


How to Fix emails stuck in iPhone Outbox

emails stuck
If you’ve received an “Unsent Message” status in the iOS mail app on your iPhone or iPad, it could be because you have emails stuck in your outbox, with mail refusing to send correctly.

As always, it’s worth firstly re-booting your device (something most of us won’t normally do more than once or twice a week) to check whether the problem persists. This will prompt iOS both to refresh the mail app, and install any necessary updates from Apple.

You attempt to can send the email again by going to the outbox, selecting the message with the red [!] warning icon, and touch the send command to attempt to re-send the message. If your connection dropped whilst sending, this can be used to prompt a successful second attempt when the connection is restored.

If your outgoing email still remains stubbornly unsent, it may be best to delete the un-sent email and re-draft (some artful copy-pasting can alleviate this frustration considerably) by selecting the failed email in the outbox, choosing ‘edit’ and choosing ‘trash.’

Should your device remain uncooperative, putting it into ‘Airplane Mode’ should turn off wireless connection searching – which can help Mail stop searching for a way to send the email, and give you the chance to ‘trash’ the offending draft.

For Apple hardware expertise, support and supplies, contact Lineal today.


Fake Invoices – Don’t enable document malware!

fake invoices

This week’s IT security alert from Lineal – fake invoices which ask users to run a dangerous piece of code.

The example above comes from a fake Word document emailed with a typical text line, such as ‘Please check this invoice’ or ‘Double check my numbers for me’, to an unsuspecting user.

Upon opening, the document appears to load a popup from Office 2016 prompting the user to ‘Enable Content’ for compatibility purposes, before they can view the detail of the ‘invoice.’

In fact, the display is just an image within the word file, and the ‘Enable Content’ content button instead runs a piece of Visual Basic code downloading unknown malware from the internet.

The scam relies on users’ curiosity at the unusual $1999.00 charge, and upon reaching a user still running an outdated version of Microsoft Office.

 

Several measures can be taken to prevent this kind of attack:

  • Don’t click any popup that doesn’t visibly pop ‘open’ in Microsoft and don’t ‘Enable Content’ you can’t see in a document.
  • Consider an email filtering service like Barracuda – in the above example, Barracuda had recognised this email as malicious and stripped the code from the document before placing it in the correct email inbox for the intended recipient.

 

For IT Security advice and guidance – speak to Lineal today.


You spoke, we listened – Results of the Lineal Client Feedback Survey 2016

customer support

It’s that time of year again – when we ask you how we’ve been doing, and what Lineal can do to improve the quality of our technical support.

Firstly, a big thank you to those of you with kind words to say about members of our IT help desk. Our team found your kind comments to be enormously supportive and it’s good to know that so many of our customers value the contribution of their account manager so highly.

83% of you felt we met the technology needs of small to medium size businesses ‘Well’ or ‘Very Well’, and 89% felt we understood your IT queries ‘Very Well’ or ‘Extremely Well.’ Overall, 85% of you rated our customer support ‘Good’ or ‘Great.’

We weren’t perfect however – some of you felt we’d been slower to respond to certain emails and call-backs recently, and we’re putting in place new measures to address this: we’ll be adding to our team in coming weeks to help manage our responsibilities to our ever-growing number of IT support clients, and to ensure clearer communication between our team and customers during ongoing project work.

Your comments included an insightful mix of both praise and constructive criticism which we’re reviewing carefully – but here were a few of our favourites:

  • “A good “local” company. Always on hand.”
  • “As a small organisation of mainly non IT literate users Lineal staff always respond to queries in language we understand and without making us feel stupid!”
  • “Would like to thank Martyn especially, and dealing with mostly one person simplifies things.”

Thank you to everyone who gave us their feedback, it will inform our future decision making and help us provide a high quality of customer support.


Zepto Cryptolocker Alert: Lineal intercepts dangerous zero-day threat with ESET Antivirus

Zepto

Yesterday Lineal’s team successfully rescued a client from a new ‘zero-day’ Cryptolocker Virus which nearly destroyed many of their files.

The dangerous variation of the ‘Zepto’ cryptolocker, only identified online during the last 24 hours, is believed to be a brand new threat originally derived from ‘Locky’ ransomware.

An employee at one of Lineal’s IT support clients recently opened an email containing an infected file – a malicious piece of obfuscated code written in Visual Basic scripting language. The installed Zepto cryptolocker began encrypting the company’s files, readying to demand a heavy ransom.

In a coordinated attack, an outside user also forced access to our client’s server, instructing it to begin sending fake Barclays ‘phishing’ emails, attempting to criminally capture banking details.

Our team caught both threats early, forcefully locking out the intruder in mid-session, identifying the employee who introduced the threat, and quarantining the infection with ESET’s business endpoint security. 

Lineal then notified ESET about Zepto to help with future identification, having avoided the need to restore all the clients files from backup at great disruption.

The landscape of online security threats is rapidly changing, and Cryptolocker variants have spread quickly in recent months.

In this case Lineal’s rapidly responding team and professional security software helped our client dodge the huge potential losses from the security breach – and highlighted how vital it is that organisations of all sizes take proactive steps to protect their IT from hostile intrusion.

 

For IT security advice and support, contact Lineal today.


MacOS Sierra will bring Siri to your Mac

Sierra

Apple’s voice activated assistant Siri will be available on macOS Sierra from this Autumn it was revealed, following an announcement at the Worldwide Developers Conference this week.

MacOS Sierra, the upcoming and re-branded version of Apple’s trademark desktop operating system, also looks set to introduce Apple Watch assisted login, intelligent storage-optimisation tools and cross-device copy & pasting.

Longstanding Apple fans will note that the re-branded name, ‘macOS’ returns Apple’s OS X operating system to it’s original desktop computing name.

One major shift will be the release of the new ‘Apple File System’, which Apple have advertised through developer preview will permit multiple file systems to share a storage block, and includes a cloning system which writes changes to file copies to limit demanding data synchronisation.

Evidence has also surfaced that iOS will soon include a ‘dark mode’ optimised for night-time use – a feature so far restricted to Apple Maps used when driving – but potentially extended to overall iPhone/iPad use.

As always, Lineal advises Apple users to wait for early operating system issues to be ironed out this Autumn, before making the jump to macOS Sierra themselves.

For Apple expertise and IT support: please contact Lineal today – [email protected] or 01271 375999


Microsoft ‘trick’ schedules automatic Windows 10 upgrade

automatic windows 10 upgrade

Edit – 14:15 25.05.16: Following customer feedback, Microsoft have now added an additional pop-up which confirms update scheduling time to give users an additional chance to opt-out of the update.


A Microsoft ‘trick’ which prompts an automatic upgrade to Windows 10 has been condemned as misleading by PC users.

Microsoft’s Windows 10 update prompt was recently changed so that the ‘X’ close button, instead of closing the prompt, schedules an automatic update. PC World declared the change a ‘trick’ and Windows users who preferred older operating systems took to social media to complain.

Instead, users must specify to cancel the scheduled upgrade by clicking a small link in the fourth line of text which reads “Click here to change upgrade schedule or cancel scheduled upgrade.”

This is likely to catch out many users who have ignored the ‘GWX app’ so far, who until recently would have used the close button as their only way to close the updater and avoiding an automatic Windows 10 upgrade. Once upgraded by mistake, PC users must use Microsoft’s rollback service to return to Windows 7 or 8.1.

Escalating measures to push users towards upgrading demonstrate Microsoft’s drive to reach its stated target of one billion users running Windows 10 by the start of its 2018 fiscal year (beginning around October 2017).

The controversy surrounding a automatic Windows 10 upgrade is likely to only draw more attention to Microsoft’s Windows 10 upcoming upgrade deadline – the free Windows 10 upgrade will cease to be available to PC users after the 29th of July.

For Windows IT support and expertise, contact Lineal today.


Cryptolocker Warning from Lineal

 

Cryptolocker Warning: in the past fortnight we’ve seen an increasing number of companies hit by sophisticated cryptolocker viruses.

These dangerous programs, often installed by accident, lock your files over time, encrypting data and eventually demanding victims pay a ransom to retrieve their irreplaceable data.

In all of these cases, security products were installed but they did not protect against the threat. In our experience the only product that is reliably detecting these new threats and offering sufficient protection at this time is ESET. Older, less effective or out of date security products are offering little or no protection against these new cryptolocker variants.

Once affected by a cryptolocker, there is no way to de-encrypt scrambled files without paying the ransom, and users must remove the trojan before recovering recent versions of a file from their backups – highlighting the importance of a regular backup plan for data.

Please don’t be the next one to get caught out – talk to Lineal today about IT security options to ensure your valuable data is protected.

 


Lineal’s George Wins Petroc Award

Lineal’s George

Congratulations to Lineal’s George Ward, who has won a Petroc award, in recognition of his improvement over the past year.

Apprentice George will become 2014-15 academic year’s proud recipient of the local higher education college’s ‘Most Improved Student’ award from the Department of Leadership and Higher Technical Skills Awards Evening, sponsored by North Devon Orthodontic Centre.

The prize-giving ceremony was held on Wednesday 23rd March at the Barnstaple Hotel.

This is high-flyer George’s second major award in two years, after winning the North Devon Journal Business Awards ‘Apprentice of the Year’ in 2015.

Well done George!

 


£2.50 Freedom 251 Smartphone Launches

 

Smartphone manufacturer Ringing Bells has launched a £2.50 Smartphone, the Freedom 251, aimed at bringing mobile access to rural parts of India.

The Freedom 251, which costs only 251 rupees, runs on Android and features a 1.3Ghz quad-core processor, 8GB of memory, with front and rear facing cameras.

As the second largest mobile phone market in the world, India is already estimated to have around 236 million mobile users – but this is expected to grow to a staggering 317 million during 2017.

Part of that growth includes tailoring the system to the needs of users in rural India – the Freedom 251 will include software aimed at farmers and fishermen, elderly users needing medical assistance, and even includes an app for ‘women safety’.

Wider connectivity is not only expected to bring economic benefits for Indian consumers, but also to third parties – with the £2.50 price reflecting an already heavy subsidy from interested companies looking to be the first to reach India’s newest smartphone customer base

A smartphone for less than the cost of a cup of tea? Welcome to the future.

 

For business IT Support, contact Lineal IT today: 01271 375999 or email: [email protected]


Google and Apple unite over user privacy

 

Google and Apple’s respective CEOs have joined forces over the issue of customer privacy, with Apple CEO Tim Cook publicly refusing the Federal Bureau of Investigation (FBI) ‘backdoor’ access to iPhone software.

Google CEO Sundar Pichai backed Apple’s decision on Twitter, arguing that assisting the FBI to gain such access to a private individual’s smartphone would be a ’troubling precedent.’

The mobile phone privacy dispute with the FBI over encryption comes 2 months after Farook and Tashfeen Malik killed 14 people in a mass shooting in San Bernadino, California, with investigators demanding that Apple now assist the authorities in accessing Farook Malik’s iPhone 5C.

Both Apple and Google argue that ‘backdoor’ decryption would put the privacy of millions of ordinary smartphone users at risk from Government intrusion, with Tim Cook famously arguing that ‘You can’t have a back door that’s only for the good guys’. In theory, each iPhone’s encryption method is unique, and Apple argue that there should be no possible method for accessing a given user’s data.

On Tuesday however a Federal Judge ordered Apple to disable Farook Malik’s suspected phone setting which enforces usage delays or wipes the iPhone in the event of multiple incorrect password attempts, giving the FBI the opportunity to automatically test millions of possible passwords without penalty.

Both companies’ actions are being driven by the issue of reputation: giving law enforcement authorities the ability to access an individual’s data would utterly undermine smartphone manufacturers’ advertisement of user security.

With neither side willing to back down, expect the dispute to go to the courts, with the key issue being whether Apple can control permitted access to this iPhone, and this iPhone only.

 

For specialist IT Support, contact Lineal today: 01271 375999 or email: [email protected]


Don’t fall for it: how 1970 will destroy your iPhone

 

An unfortunate hoax is catching out iPhone users this week, Lineal have learned, after many users discovered resetting the date will completely destroy their iPhone.

Despite what a website may promise you – DO NOT reset the clock on any iOS device to January 1st 1970 under any circumstances. This will permanently break (or ‘brick’) your device.

A device broken in this way will simply display the Apple iOS loading screen forever, permanently stuck. The bug, which prevents the phone counting Unix time (a count of seconds since 00:00 01.01.1970) if the clock is set ‘before’ this using local time (UTC-1), is impossible to fix without hardware support from Apple to remove the battery.

You have been warned!

 

For expert apple support from Lineal, contact us today: 01271 375999 or click here.


Lineal merges with Active Computing & Telecoms

Lineal Active Merger

Lineal Software Solutions recently merged with another local IT company, Active Computing & Telecoms Ltd, based in South Molton.

Active Computing formally joined with Lineal as of December, and will continue to offer quality business IT services across Devon as part of Lineal’s IT support division.

Nick Hews, Managing Director of Active explained: “I’m very pleased to see Active joining with Lineal: like Active, Lineal began right here in North Devon, and places a very special importance on listening to their customers’ needs – which was very important to us before moving ahead.”

Managing Director of Lineal and former branch chairman of the North Devon FSB, Mike Matthews said: “We’re delighted to be taking on Active Computing. Between us we can now offer the widest possible range of business IT & telephone systems, technical support and business accounting software.”

Following the Lineal Active merger, the two partners have recently launched their new website (www.lineal.co.uk) for 2016.

Former staff members from Active now work at the premises of Lineal, and added together the two companies have more than 50 years’ experience trading across the wider North Devon area and beyond.

 

Visit www.lineal.co.uk or call us on 01271 375999


How Lineal provided Free Wifi to Barnstaple Town Centre

 

Over Christmas 2015/16, Lineal launched a technical trial to provide free, public-access Wifi across Barnstaple Town Centre.

The pilot scheme, which took place during the busiest shopping period of the year, saw our team solve a number of technical challenges: scoping sites for Wifi access points, installing suitable hardware and managing network connectivity for shoppers and visitors to the town.

With generous support from Barnstaple Town Centre Management (BTCM), North Devon Council and M&E Alarms, we delivered a free wifi network connected to by more than 400 people each day at peak usage.

To build the network itself, we used Cisco Meraki MR-66 ruggedised outdoor routers, fixing a ‘mesh’ grid of interconnected access points high on selected buildings owned by local businesses who agreed to take part. Visitors to the town could connect from any smartphone or other wirelessely enabled device, via a special ‘splash’ page.

Managing Director of Lineal, Mike Matthews, explained: “We wanted to attempt an ambitious project which would benefit our local area. Wider connectivity opens up new ways for people to find out information about upcoming events, for local businesses to advertise, and for visitors to our town to share their enjoyment of Barnstaple with friends and family over social media. There are many possibilities.”

connectivity trial

Throughout the trial period each access point also collected anonymised location data in real-time. With as many as 20,000 wirelessly enabled devices moving within Barnstaple town centre during a 24 hour period, the free Wifi Project was also successfully used to measure footfall patterns in public places, which could one day be used to help local authorities plan for busy periods.

Although the pilot project has now ended, team members from Lineal presented the initial findings to the Barnstaple Town Centre Management, North Devon Council and Devon County Council in February 2016, with a view to launching the network as a more permanent asset for the town in the near future.

 

For more information on cabling & network infrastructure services from Lineal: click here or call us today on 01271 375999


Teachers Rejoice! Apple Education Package Launched

 

Apple have finally announced that iOS 9.3 will included special support for schools and colleges.

Using iOS 9.3, each student can be given a unique Apple ID that is compatible with any iPad in a classroom, allowing for the use of any device from a pool of shared school iPads. The Apple education package ID’s themselves are maintained through Apple School Manager, a web based control panel giving admins control over the system.

Apple’s new ‘Classroom’ App allows teachers to launch any app on every shared device in a room at once, and guide students through educational materials. A ‘Screen View’ function keeps an eye on what’s on every student’s screen, allowing teachers to prevent distractions from learning.

For students assigned the same tablet each day, a caching system holds work and resources, and gives a photo login procedure so that each child can find their usual device easily.

More than 70% of UK primary and secondary schools now use tablet computers as part of their ICT tools – including ‘Bring Your Own Device’ (BYOD) schemes. So far however, schools have had to find a good reason to justify the extra expense for Apple’s high-quality iPad devices over cheaper rivals.

By offering cleverly designed software support for the classroom environment, Apple may have just provided that justification.

 

Learn more about IT support for the education sector – contact Lineal today: 01271 375999.


Lineal exhibit ShoreTel at Blue Frog Business Group Show

Telephone Systems

Telephone Systems on Show

Lineal recently showcased ShoreTel Connect Telephone systems at the first Blue Frog Business Group Show at Cedars Inn, Barnstaple.

ShoreTel’s cloud telephony operate over a business’s internet connection making the system more flexible for mobile working, more cost effective, and more accessible to small businesses.

Head of Technical Support services Matt Norris explained: “We were delighted to get the chance to exhibit ShoreTel at the North Devon business show. ShoreTel is a phone system designed for small teams looking to grow, or for those whose workplace is not a single location – so we knew it would be of great interest to small businesses at the show.”

The business group, run by Blue Frog Media, are planning for the trade show to be the first of many in the region.

Managing Director Mike Matthews praised the show, adding: “It was fantastic to see so many firms from the wider North Devon area represented in one place and doing business.”

“We’re hoping Lineal can contribute even more to the group in the near future.”

To learn more about how ShoreTel can transform your business communications, get in touch with us today: email [email protected] or call 01271 375999


New Lineal Website 2016

Lineal

Lineal are pleased to announce the launch of our new website for 2016.

The new website comes with additional features, and has been carefully designed to improve the user experience of our technical support customers and new users.

Managing Director Mike Matthews added: “We wanted the new website to give a fast, stress-free experience for those needing IT help, and to simplify the process of finding information on Lineal’s eight product areas.”

As ever more of our customers are taking up mobile working through their mobile or tablet device, the new website has been designed to be responsive to different screen sizes.

Web designer & developer Stephen Stanbury explained: “Downtime costs money, so Lineal needs to deliver IT solutions quickly. Our challenge was to build a website which was convenient and clear, to help all our users find what they need easily.”

“We’ll be adding new features in the near future, so please get in touch with us if you have any suggestions.”

Lineal’s flagship business management software SQLWorks is also set to relaunch a fresh website in the new year.

For help and assistance with all your IT needs, please contact Lineal today: 01271 375999 or [email protected]


The Windows 10 update you didn’t notice

 

Windows 10.1 updates security

With ‘Windows 10.1’ now barely a month old, and the Microsoft operating system already running on over 12 million business PCs, how fares Microsoft’s free updates strategy?

Windows 10.1 update was released with relatively little fanfare (be honest, you didn’t notice) adds features that, understandably with hindsight, might have been a distraction at the main Windows 10 release back in July.

Packaged within were mainly performance and security upgrades – Windows 10.1 will now boot almost 30% faster than an old Windows 7 system on the same device, the Cortana virtual assistant has some new handwriting recognition skills and there are new enterprise tools for mobile devices. Microsoft Edge runs smoother too, offering previews of tabs before viewing and syncing favourites across devices.

Most importantly, after recent corporate data breaches in the news, Microsoft have added a range of new security safeguards. These including ‘Windows Hello’, supporting enterprise grade biometrics including fingerprint and facial recognition – sadly currently only available for US users.

Aside from controversy surrounding user privacy then (if you didn’t notice your Windows 10.1 update, that’s maybe because Microsoft installed it automatically on your device without asking you) the first free update went ahead with relevant additions and limited fuss.

Starting free updates officially moves Microsoft into line with Apple’s OS X business model that has become the industry standard. Yet limited promotion of Windows 10’s ongoing development risks downplaying Microsoft’s progress.

Which would be unfair, because Microsoft is plainly taking extra care to develop the business security of their product range, including the excellent Office365, Microsoft Azure and now Windows 10.1. Microsoft is clearly listening to business’ fears, and businesses should welcome it.

 

For help and support with Microsoft enterprise IT, contact Lineal today.


Why your AirDrop isn’t working (and how to fix it)

Airdrop

AirDrop must be prompted to recognise older Apple devices

Apple’s AirDrop tool has been a much praised addition to Apple’s software lineup – allowing Mac users to wirelessly transfer files from one Apple device to another in close proximity.

However users often report that their new Mac is unable to ‘see’ adjacent Mac devices, preventing them from using AirDrop.

The solution is surprisingly simple: look to the bottom of the AirDrop window on the newest manufactured device, where a small link reads “Don’t see who you’re looking for?” clicking this opens a new option “Search for an older Mac”, which widens the search to older devices running OS X or iOS.

There’s been no explanation from Apple as to why Airdrop is set up in this way, but enabling ‘Search for an older Mac’ allows a 2015 Macbook to find a previously invisible 2011 Macbook with ease, allowing you to begin transferring files.

Happy AirDropping!

 

Lineal have over 20 years of Apple expertise: contact us today via 01271 375999 or email [email protected]