ITCS Blog

ITCS sponsored Tondu United FC scores ‘Bags of Help’ from Tesco

Local football club Tondu United recently benefited from Tesco’s Bags of Help community scheme after a vote by the supermarket’s customers in Bridgend chose the club alongside fellow beneficiaries Bridge Mentoring Scheme (which supports vulnerable young people) and Cowbridge Community Allotments.

The three groups each won funding for community projects from the carrier-bag tax scheme, which is funded by the sale of carrier bags in store, and were recently invited to the store to celebrate.

The full under 9’s squad

Tondu Football Club has received a £1,990 grant which will be spent on equipment and a training education course for their volunteers.   Three members of the under 9’s team, who are sponsored by ITCS, joined the store alongside representatives from Bridge Mentoring Scheme, who received £4,000 to grant disabled access to their garden and Cowbridge Community Allotments, who received £1,000 to purchase a large poly-tunnel, which will benefit allotment users.

Three of the young players from the squad enjoyed meeting the Tesco GM Manager, Gareth Jeffries, Lynn Young, Tesco People Manager and Nikki Edwards, Tesco Community Champion as well as other representatives Laura Thomas (Bridge Mentoring) and Charles Champion (Cowbridge Allotments):

Proud Mum, Amanda Deere said:

“The boys train really hard and it’s great that Tesco and the local community want to support them.  Young as they are, they value all the support they receive and who knows, we could have a future Gareth Bale in the team!  At this age, their passion for the game is high anyway, but with the right training the team can develop their skills as well.  This money will make a huge difference to the team and as parents, we are really grateful to Tesco customers for giving them the opportunity.”

WebITCS sponsored Tondu United FC scores ‘Bags of Help’ from Tesco

ITCS responds to publicity surrounding CPU Chipset Vulnerabilities

Wayne Harris, Compliance Officer & Cyber Security expert at ITCS discusses the impact of the much-publicised chipset vulnerabilities revealed on 3 January.

There has been a flurry of publicity surrounding vulnerabilities identified within the Intel chipset (processors), however this vulnerability also affects other mainstream manufacturers AMD and ARM.  Together, these manufacturers provide the vast majority of processors in use by modern computer manufacturers.

Who is at risk and what is the threat?

The two vulnerabilities which have been revealed, ‘Meltdown’ and ‘Spectre’ affect every modern computer containing one of these processors, i.e. the majority of PCs on the market.  The CPU chipset vulnerabilities are present in most of the processors produced in the last decade and in certain circumstances the vulnerability allows access to contents of protected memory areas by some applications such as javascript in web browsers.

That said, despite the hype, the threat is currently considered low on the Common Vulnerability Scoring System (CVSS).

What is being done to tackle the risk?

The underlying vulnerability is primarily caused by CPU architecture design choices, so fully removing the vulnerability will require the replacement of the CPU hardware.  The true long-term solution will be the replacement of the vulnerable chipsets entirely – but don’t expect a product recall any time soon.

While it may be technically accurate to say a completely redesigned chip is the ultimate solution, large-scale hardware replacements would possibly amount to a needless, over-the-top reaction.  It is unlikely that manufacturers will offer chip replacements – we expect them to instead provide a solution to fix any chipset vulnerabilities with a patch.

Microsoft, Apple and other Operating system vendors have all responded quickly and they have released (or are working on) solutions which will ‘patch’ these vulnerabilities.

Will I notice any difference when my PC is patched for chip vulnerabilities?

Unfortunately, at present there is a performance cost to this patch solution –  because the solution involves segregating the kernel into a completely different address space, it takes additional time to separate the memory addresses and switch between the two.  The impact on performance will vary – anything from a 5% to 30% reduction in processing speed can be expected.

How are ITCS responding?

At ITCS, we have been monitoring the vulnerability since the news broke.

We have already implemented a roll out of the Microsoft patch update throughout our contracted customers to address these vulnerabilities.  Users may have had to restart their computers to apply the changes, and we will monitor these installations to ensure our customers continue to be protected with up‑to‑date vulnerability patching.

How should our customers respond?

This vulnerability highlights the need and importance of regular vulnerability reviews, and the timely installation vendor patching to reduce the risks to businesses from cyber-attack.

For a review of your cyber security, please contact ITCS on 08456 444 200, or use the call back request to speak to one of our support team.

 

 

WebITCS responds to publicity surrounding CPU Chipset Vulnerabilities

ITCS welcomes Severn Bridge Toll Reduction

Multi-award winning Welsh IT support provider ITCS has welcomed the news today that Severn bridge tolls are to be reduced.

The company, whose support vans will now pay £11.20 instead of £13.40 each time their engineers have to make a support visit to their many clients in Bristol said the cut was heartening, but that it is vital for Wales road infrastructure to also be upgraded.

Managing Director, Brian Stokes, said:

“As well as ensuring that the plan to scrap tolls altogether stays on track, the Welsh Government needs to urgently address transport and infrastructure issues in Wales.  The poor state of our over-congested motorways, the lack of an adequate road network between North and South Wales, and our underfunded rail network are all urgent problems which will continue to hamper trade. 

“From our Head Office in Wales, we now cover the whole of the UK.  Many of our clients are located in Bristol, so the toll reduction is welcome, but the road network causes problems even among engineers traveling between Bridgend, Cardiff and Swansea, so we have to keep local engineers on call to service our larger clients. 

“Thankfully, most of our IT support can be carried out remotely, but when staff have to make on-site support calls, there is nothing more frustrating than keeping clients waiting because the driver is stuck in yet another traffic jam on the M4, or struggling on single lane routes when trying to reach a client in North Wales.    The rail network is not much better, many of our staff travelling in by train experience delays on a daily basis and fellow businessmen say they have missed important meetings because their train was delayed.”

“We’ve been told that scrapping bridge tolls represents an important opportunity for Welsh businesses to get the level playing field they deserve.  I call upon the Welsh Government to address the infrastructure issues as a matter of urgency, because Wales cannot afford to see business opportunities wasted.”

WebITCS welcomes Severn Bridge Toll Reduction

ITCS celebrates a successful 2017 with appointment of new Operations Director

IT and Telecoms specialist, ITCS, has revealed that 2017 was their most successful year to date, with the company expanding both their turnover and their staff as well as seeing strong performance improvements across the board.

The multi-award-winning company expanded their IT support, web, SEO, telecoms, hyper-convergence and IT security teams throughout 2017 and expect further growth in these areas in the coming months, cementing their established status as Wales’ Top IT support provider whilst expanding coverage throughout the UK.    The company have today announced the appointment of a new Operations Director, Matthew Mutlow, who will be instrumental in driving the company’s continued expansion forward.

ITCS Managing Director, Brian Stokes, said:

“Following another very successful year for ITCS, Matthew’s dedication, performance, and commitment to successful delivery for the company shone out and we are delighted to welcome him to his new role as Operations Director.   He will continue to play a pivotal role in the ongoing growth of the business in 2018.”

Matthew said:

“I really appreciate the opportunity to continue to support the committed and driven team at ITCS in my new role, and look forward to driving the Operations aspect of the business forward throughout 2018 and beyond.”

WebITCS celebrates a successful 2017 with appointment of new Operations Director

(Not so secret) Santa visits the ITCS Team!

The ITCS team had a surprise visit today from Santa, who handed out the secret gifts which the team had been stealthily buying for each other over the previous weeks.

The team really enjoyed both the day and the Santa’s visit.  Here’s just one of the pictures, but you can see them all on the ITCS Facebook page:  https://www.facebook.com/itcs.co.uk

 

Web(Not so secret) Santa visits the ITCS Team!

Bridgend based Riverside Hardware gets tooled up online with web developers ITCS

South Wales’ Premier Engineering Superstore and the largest Calor Gas Main Dealer, Riverside Hardware have this week launched their new website, developed by leading Bridgend-based web designers ITCS.

Riverside Hardware’s customers can now view and order one of the UK’s largest ranges of Draper Tools and Calor Gas online, (as well as products from other suppliers) and have the tools they need delivered to their door for a small delivery charge, or pre-order to collect from the Bridgend store.

The company already have an excellent reputation for delivering good customer service and helpful advice, which they hope will be enhanced by the new website.

Managing Director Ryan Woodbridge explains why the company has extended their service to include online tool sales, service and advice:

“We try to offer more in terms of product range and support than the chain hardware stores, as many of our customers are professional workmen investing in hardware and tools for their business.  It therefore follows naturally that we have invested time making sure our staff are skilled and knowledgeable about the tools and hardware we sell.  Customers often seek our advice and experience when choosing the right tool for the job.

“However, we could previously only provide products and support to customers who were physically present within opening hours.  The new website will enable us to sell our tools and share our tips and experience with a wider audience, and also helps customers place orders and learn more about our products when our physical store is closed.

“We’re really grateful to Bridgend-based ITCS for making our huge range of products so easy to order online – and keen to stress that the new website is designed to enhance and complement the great customer service we are known for providing in-store already.”

 

Brian Stokes, Managing Director of ITCS said:

“It’s been an absolute pleasure to work with Riverside Hardware on their new web shop.  We’ve built hundreds of websites over the years, but every now and then you come across a really special project where you share so many values with the customer that working with them is a natural fit.

“Both Riverside Hardware and ourselves have a long-established presence in Bridgend, and like us, they are incredibly passionate about customer service.  Building the website so that customers can also buy tools online has been an honour, and we look forward to continuing our solid relationship with Riverside Hardware for the foreseeable future.”

WebBridgend based Riverside Hardware gets tooled up online with web developers ITCS

‘Tis the Season to be Cautious

Wayne Harris, Compliance Officer at ITCS shares his monthly IT security blog – this month, he talks about fraud and phishing attacks.

As the festive season approaches rapidly, we see an increase in cyber-crime, phishing attacks and fraud attempts.  I’m sure we have all read about or seen these attack emails, and believe that we would not fall for them, but beware, they are becoming more and more complex and plausible. 

A common attack at this time of year is a phishing email masquerading as a supplier email such as Amazon or delivery tracking email.  As our shopping habits change to on-line services, it opens up an opportunity for the criminals to gain your trust, after all you probably have just ordered goods from one of these suppliers or used your Pay Pal account haven’t you?  These attacks may be trying to gain access to your banks account/credit card details or using these emails and links to deliver a Virus or Trojan on to your systems such as Ransomware.  

Here are a few tips to avoid falling for these scams:

  • Make sure the website you are ordering from is legitimate, we see more and more online shopping scams at this time of year, and they are becoming more difficult to spot – gone are the days of poorly constructed websites or emails.
  • Do not use your business email address for registering to these services, that way if you get one of these emails to your business email address you know it is a scam.
  • Do not click on any links contained in the email.  If you have ordered goods from an on‑line store, use the store website to track your order progress.  Clicking on links within an email may download malicious software or take you to a fake website to steal your credentials or financial information.
  • Check the sender address very careful, and look for badly composed emails or spelling mistakes – however, this is becoming more difficult to spot as the attacks are becoming more complex and organised.
  • When you place the order, you probably received a confirmation number – make a note of it, suppliers generally include these details in any emails they send – check it.
  • Do not reply to any emails that you receive, this builds up a sense of trust between yourself and the attacker, and you could just get in deeper.

Email spam services will generally not pick up on these types of attacks, as they don’t contain malicious code in the source email, and unless are from a blacklisted domain will not score highly on the Bayesian database which is used to calculate the probability of spam.  Users are therefore the best form of defence against these types of attacks.

ITCS are currently running new courses on managing IT security, including the new GDPR regulations due to come into force in 2018. If you would like to book a place, or if you have any questions or concerns around computer security, please don’t hesitate to contact the ITCS support desk on 08456 444 200.

 

Web‘Tis the Season to be Cautious

ITCS Boosts Web Development Team with New Hires

2017 has been a really busy year for the ITCS web development team, with new clients, new websites and new SEO and Adwords clients – so somewhat appropriately, the company have ended the year by bringing new talent on board to boost the team.

Web Developer Jackson Denham and Junior Designer-Developer Charlie Lamb joined the company’s Bridgend-based Head Office in late November and are already putting their experience to good use, working on a wide range of projects.

Whilst ITCS are well known for their long-established IT support services (which saw the company named Wales Top IT Support Provider, although they cover the whole of the UK), many local businesses have been surprised to learn they have a large team of web developers and have literally hundreds of satisfied web design clients, from Estate Agents using all the online property portals to big E-Commerce sites with thousands of products.

The company, a Google Partner, have a unique approach to web development, which allows clients to pay monthly rather than a huge upfront cost.  This means even small businesses can have access to some of the top web talent in the business, with Copywriting, Digital Marketing SEO and Adwords Management services also available at very reasonable rates.

Managing Director of ITCS, Brian Stokes, explains:

“Our business has expanded massively from our small beginnings in a shop in Maesteg to a large, nationwide business, and every time we expand our team, I feel a real sense of gratitude and pride – I’ve never forgotten those early days and while we work with some huge names now, personal service, adding value to clients of all sizes and helping other businesses are still values we live by and instill into our team members.  I’m looking forward to working with Jackson and Charlie in 2018 – and continuing to help other businesses grow too!”

WebITCS Boosts Web Development Team with New Hires

Why Data Security starts in the Boardroom, not the IT Department

Wayne Harris, Compliance Officer at ITCS shares his monthly IT security blog – this month, he talks about information security and the part the boardroom must play in the security of your data.

Who is responsible for Data Security?

When I ask the question ‘who is responsible for data security at your organisation?’, without a doubt, the number one response given is ‘the IT department’.

However, if you think about it, data isn’t only about computers. Yes, it is the IT department who manage where the electronic information is stored and secured, but information security is also about how people access data, how and who they share it with – and let’s not forget about those hard, printed copies, often carelessly left on a printer, or face up on a desk.

The C-Suite cannot dismiss this important responsibility as an ‘IT issue’.  Information security must be dealt with in the board room, and should be a regular item on the agenda.  It is only by top lead risk management that you can implement a robust information security management system.  After all, if your senior management don’t understand the importance of compliance, how can you expect your shop floor users to implement and adhere to the requirements?

A clear understanding of what is expected must be communicated throughout the organisation, and involves co-operation between the C-Suite, HR leaders, marketing and other heads of Department – as well as IT.

What should Leaders do?

As a minimum, we suggest that you include the following in the management meeting agenda at least quarterly:

  • Current Risk environment
  • Suitability of current technical prevention/detection solutions
  • Information Audit (Do you know what information you hold, and is the correct security applied to protect it?) – Annual agenda item.
  • Data backup and recovery (Is all of your data protected? Include testing schedule, and DR solution fitness for purpose)
  • Staff communication and training
  • Breach reporting (include near miss reporting and security reports).

What changes will GDPR  bring?

As many leaders are already aware, the requirements for data breach reporting are changing with the implementation of the new GDPR legislation.  Organisations will be required to self-report within 72 hours of the detection of a breach, or face additional financial penalties.

Along with the new rules comes an increase in potential penalties for a breach, which could reach a new upper limit of €20 million or 4% of annual global turnover – whichever is higher.  Board members cannot afford to assume that ‘the IT Department’ are managing the risk, and training key staff in secure data practices will be vital.

If you have been a victim of a cyber-attack, and the personal data you are responsible for is encrypted by one of the Ransomware variants, the Information Commissioner’s Office may take the view that you have not taken appropriate measures to keep it secure.  Even if you are able to recover your data, the ICO may still look at the circumstances of the case to determine whether or not there were appropriate measures in place to have prevented the attack from succeeding.

How are ITCS supporting customers through the changes?

ITCS have an experienced team of data security specialists who have worked with clients to help them secure their network infrastructure.   As well as providing GDPR advice, we are able to take clients through cyber accreditations and implement robust DR and BCP solutions, including data recovery and scenario testing – and we are offering clients a free security overview.

We are also offering a series of courses on IT Security and compliance with the new GDPR regulations – we are offering limited free places for existing ITCS clients, although paid places for non-clients are only £35.

Clients can book up to two free places online.  If you have any questions or concerns around computer security, please don’t hesitate to contact the ITCS support desk on 08456 444 200.

WebWhy Data Security starts in the Boardroom, not the IT Department

Wayne’s IT Security Blog: The importance of using strong passwords

Wayne Harris, Compliance Officer at ITCS shares his monthly IT security blog – this month, he talks about the importance of using strong passwords

OK, so we’ve secured the firewalls, Installed AntiVirus, filtered out the spam, locked down your desktop PC, encrypted your drives and enforced password complexity – what could possibly go wrong?

Well, if you are using the same passwords for multiple accounts, sharing passwords with others, writing them down, using weak passwords, dictionary terms etc, then you should consider yourself as the weak point in the system!

Commonly used passwords that a hacker will try

Do you recognise any of these commonly used passwords?


These common passwords make it easy to hack into your account – so if one of them is familiar, change it now!

Other insecure passwords

Are you using names of loved ones, favourite sports teams, new film release? Even if you are subtlely changing these by the use of additional numbers, replacing characters with numbers, recycling passwords with sequential numbers etc. you should consider your passwords weak – and change them.

Don’t forget Social Media

Often people don’t think they are at risk – until it happens.  Even on social media, which is seen as ‘just for fun’, being hacked can be horrific. Social media is often where people have the least secure passwords, yet that password protects details about the most important people in your life.

You may wonder why people would bother to hack a social media account, but usually all the information people include in their passwords (family names, friends names, pet names etc.) is available for all to see – often even without a hack!  Plus, social media attacks can be incredibly personal and have a big impact on your life.

Many people use the same password on social media that they use for their work accounts, email accounts etc. Be smart and use secure passwords everywhere, at work and at home, and use a different password for each account.

Who would want my information, anyway?

If your password was compromised consider what information would get in to the wrong hands, especially if you use the same password on multiple accounts.

At home, this might be access to your emails and contacts which start spamming, or access to your financial information/bank accounts etc. At work, this breach might take down your network if you are targeted by hackers, causing expensive downtime and irreparable damage to your company reputation.

Secure passwords

No password is 100% secure, however you can increase your password security by following standard protocols.

Make passwords longer

While most password systems allow you to have 8 characters, we would recommend using a minimum of 9 or 10 characters – and your passwords should be changed regularly (we recommend doing this monthly).

No Names Rule

Passwords should NEVER contain names or usernames, and should also follow the standard ‘complexity rules’.

Password Complexity Rules

Strong passwords normally incorporate 3 out of the 5 characteristics:

  • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
  • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
  • Base 10 digits (0 through 9)
  • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;”‘<>,.?/
  • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.

It goes without saying that writing down passwords, or sharing them with others is an insecure practice.  Guard your passwords like you guard the PIN to your credit card!

CyberCrime is on the increase, and you have a part to play in the defence of your network. Secure your passwords now, and make sure you keep vigilant as to the risks that we all face.

If you have any questions or concerns around computer security, please don’t hesitate to contact the ITCS support desk on 08456 444 200, we are always happy to help.

WebWayne’s IT Security Blog: The importance of using strong passwords