Here is a list of all major Broadband providers email settings. The list isn’t verified so please check to make sure they are the most up-to-date details available. PlusNet BT TalkTalk Sky Post Office Virgin
This time last year saw the introduction to the new Data Protection law in the UK titled the General Data Protection Regulations. The new regulations introduced severe penalties to companies who have broken the law, where they can be fined 20 million euros (£17.6m) or 4% of their annual global turnover – whichever is larger.
The new law is now a year old and organisations are asking, so what has happened with it all? This article hopes to answer that question.
Last year, we have seen the UK adopt the GDPR into UK law. As GDPR is an EU law there needed to be provisions for how it applies in the UK. So in 2018 we saw the old Data Protection Act 1998 be upgraded to the Data Protection Act 2018 or DPA 2018 as it has been dubbed.
So, who has been hit with the new fines since the new law? The answer is no one in the UK, even thou according to a BBC Technology post “More than 14,000 data breaches have been logged since the introduction of tough new data laws…”, further more the posts states that “Complaints from the public have also doubled, from around 21,000 to 41,000”.
Other than the new stiff penalties, the ICO has also implemented fines for non-payment of their fees. The message here is that those who didn’t pay risked a fine. This was further addressed this year when the ICO produced a trend report to show which sectors had been issued with fines.
However, what we have seen is a different trend which is more worrying than not paying a fee at all. This trend is those who pay a fee and don’t know why they are even paying it or even worse not understanding the legal framework or how to comply with it. In my opinion, this is where the system has failed organisations in not informing or promoting the new law to organisations.
So what’s next? I predict that you will probably see some of those data breaches resulting in large penalty fines in the next year and that as they do more organisations will take a moment to get to grips with the new law.
Organisations wanting to know where they stand with DPA 2018 can get in touch for more advice or they can read the guide on the ICO website https://ico.org.uk/for-organisations/guide-to-data-protection/.
This is not necessarily a new scam but more cleverly designed and worded.
The email is urging the recipient to act FAST and sign-in with their email credentials with limited time to react, it stresses that your email account will be DISABLED if you don’t react. Note, it is sent with a level of urgency by using UPPERCASE subject line and noting you have until the NEXT DAY. These are all techniques used by cyber-criminals to get you to react to the message. Furthermore, you note that the email is signed by the EMAIL ADMINISTRATOR and refers to MICROSOFT to further strengthen the trustworthiness of the message and encourage users to accept the email is real.
This is a targeted scam to businesses to gain access to users email accounts by using a strategy that not only targets the individual but an entire department. By sending an email to say sales@ or info@ the cyber-criminal is targeting multiple people at the same time knowing that someone in that department may actually open and react to the email.
In the past cyber-criminals would target an individual with these kinds of scams by emailing an individuals name (say tom@, dick@ or harry@), but by targeting departmental email accounts, the cyber-criminal has a greater chance of someone within that department opening the email and clicking the links or opening the attachments.
By training staff to identify scam emails like this, would dramatically reduce the threat landscape for these emails and stop your IT infrastructure from being exploited. RLS Computer Services Ltd. can deploy systems to reduce scam emails, install malware detection systems on your PC and install countermeasures and procedures to reduce any impact if a threat was executed by an employee.
The current climate in cybercrime isn’t going to change, so stop taking unnecessary risks with your data & let us keep it safe.
We have received many reports from customers who have received emails claiming that a cyber criminal has hacked their PC and gained footage from their webcam of explicit sexual acts. They threaten that unless they pay $xxxx (usually in Bitcoin currency) that they will leak this video onto the Internet and activate malware that they have installed on their PC.
Furthermore, In the email subject line you may also note that they have included a previously used password from a website that the user has accessed, this is to further strengthen your belief that this is real and solidify their attack on you.
First, we want to reassure everyone these are hoax, Phishing emails, designed to get you to part with your cash and create fear to make you engage in a knee-jerk reaction to what seems to be a terrifying attack on your privacy.
How to stay safe
Here are a few tips on what to do:
- Never pay anyone in Bitcoin or react (or interact) with a scammer.
- Never click a link or open an attachment to scam emails demanding a ransom.
- Always use complex passwords for the sites you use, especially ones with personal identifiable and sensitive information (i.e. Social Media, Banks, Shopping Sites, etc.)
- Only access sites that are secure (with the padlock and starting with https://)
- Never reply to a scam email.
- If you think your password has been compromised in anyway, change it.
- If you have gone too far and divulged your bank or card details to a scam email or rogue website, then you must inform the bank immediately.
If you want to know more about how to stay safe online please visit https://takefive-stopfraud.org.uk/
If you have been a victim of fraud then report it to Action Fraud by calling 0300 123 2040 or visit https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
Protecting our customers’ data is a high priority for us here at RLS Computer Services. With the General Data Protection Regulation (GDPR) coming into effect in May 2018, we see this as an opportunity to strengthen our commitment in the area of data security.
What is the GDPR?
In the UK, the Data Protection Act 1998 (DPA) is a law introduced to protect personal data stored on computers or in an organisation filing systems. Its purpose was to control the way information is handled and gave people “Data Subjects” legal rights over the purpose, lawfulness, accuracy, period and what information was held about them.
Since the birth of the DPA, technology has moved on dramatically. Social media, Internet presence, mobile technology and CCTV have all emerged and grown and the act is long overdue an overhaul.
Enter, The General Data Protection Regulation (GDPR), which comes into force 25 May 2018, the new law applies to data processing carried out by organisations operating within the European Union (EU), It also applies to organisations outside the EU that offer goods or services to individuals in the EU. The government has already decided that “Brexit”, will not affect the commencement of the new law, in fact we “may” also see introduced on the same day the UK’s Data Protection Bill, as the Data Protection Act 2018, effectively implementing the GDPR into UK law.
So simply put, GDPR, and the forthcoming Data Protection Act 2018, expand the privacy rights granted to data subjects (EU/EEA individuals) and place greater obligations on organisations who handle personal data of those individuals (data controllers and processors), wherever those organisations are based.
What we’re doing to comply with GDPR?
The task of compliance can be long and complex, so we have taken steps to make changes to our policies, procedures and systems to ensure that we comply with the Regulation and continue to put data protection first.
Some of the steps we have taken and are taking include:
- mapping all data handled by us and our suppliers
- analysing GDPR requirements against our current processes and policies
- making changes to our policies and procedures in line with requirements
- making appropriate changes to our software tools and services
- making sure our suppliers (“Processors”) are also compliant
- reviewing and updating contracts, as and where appropriate
- training all staff on the requirements of GDPR and our data privacy procedures.
But be assured, Organisations must ensure that they are compliant with the provisions of the new regulations when it comes into force, however the requirement to be compliant doesn’t end on 25 May. While there are a tick list of things to be done, our approach is not only to become compliant, but also reach beyond and gain certification in cyber security which will in turn assure our customers of compliance with our implementation to “Privacy by design and default”. This means we will implement technical and organisational measures to provide customers assurance of our security standards .
We hope to have all our policies and procedures in place before the 25 May and will keep you posted on our developments.
We at RLS Computer Services take cyber-security very seriously and don’t wish our customers to be a victim of fraud.
To help keep yourself safe from fraudsters by reducing their chances of getting hold of your information, we have put together some top tips for you.
- When using Internet banking or any online service, never share One Time Passcode (OTP), passwords, security codes or any other form of security information with another person. Not even an employee of that company.
- Never download software or let anyone log on to your computer or other devices remotely following or during a cold call.
- Never enter your Internet banking details after clicking on a link in an email or text message.
- Never follow a telephone instruction asking you to press keys on your keyboard, or run any programmes from a cold caller.
- Never visit a website given to you by a cold caller, it might contain malware.
- If you are ever unsure, we urge you to take your time, don’t be rushed. A genuine organisation will never rush you to take action on your account.
To illustrate the point of security and fraud please take the time to watch this witty but to the point video.
Nearly all computers worldwide – and many other devices – have been exposed to security flaws which leave them vulnerable to attacks by hackers.
As such we felt it important to warn customers that updates will be rolled out to our business customers computers as soon as they are made available. Home users are advised to contact us to update their computers.
Please be advised, this applies NOT just to Windows computer devices but also Apple iPad, iPhones, etc.; Android tablets & phones as well as some other devices like set-top TV boxes.
You can read more here on this BBC article (posted: 4th January 2018) http://www.bbc.co.uk/news/technology-42562303 you can also watch this video explainer to help you get a better picture of the overall problem.
If you are use to opening SMS messages in Outlook and find them not working, this post will explain why.
If you have switched the facility on in your email app on your Android phone to sync SMS messages so that you can open them in Outlook then suddenly found you can’t, this is because Microsoft have removed the facility of opening them in Outlook 2016. You can still see the text but not open them, as a workaround you can open them in OWA (Outlook Web Access), if you absolutely need too.
Our advice is, as you can see/read the text and see the number that sent them, I wouldn’t worry about it too much and this should be enough for most users.
What is a Backup Retention Policy?
A Backup Retention Policy governs the time that you keep backed up data, with it you would also consider the archive rules, format, method of storage, access policy and encryption. All of which must be documented for legal and privacy reasons under the DPA (including the new GDPR).
The most common retention policy used by most IT professionals is the Grandfather–Father–Son method for maintaining a period of tiered restore points. This method is a rotation scheme whereby a daily backup (the son), a weekly backup (the father) and a monthly backup (the grandfather) are created to maintain a good backup strategy.
Simply put, each week the backup from the last 7-days (daily backup) is aggregated into 1 backup called the son and is held as the weekly backup. Each 4-weekly is then aggregated from a son to a father and is held as the monthly backup and finally the last 6 months is then aggregated from a father into a grandfather and becomes the last 6-months backup. This process can vary depending on your retention policy, your legal requirements for completing data backups and how often you implement a backup (i.e. hourly vs. daily or monthly vs. 6-monthly).
For legal purposes in building your retention policy you need to consider what the impact would be if you needed to recover lost data and over what period. If for example your backup policy was:
- Daily backups – 7 days
- Weekly backups – 4 weeks
- Monthly backups – 6 Months
This would mean that for an initial loss of data that was immediately recognised by a user you would resort back to the previous day, if however, the mistake wasn’t immediately acknowledged, and it was a couple of weeks later you would resort to looking through weekly logs for the missing file and if the issue didn’t manifest a good few months later you would have to restore to searching in the last 6-months log for the file. However, you now need to consider if this is both acceptable for your business and for the data subject. It could be that the impact on business might have a financial cost or it could be that a data subject has put in a SAR (Subject Access Request) which must be complied with within 30-days (under GDPR) and you don’t have the information at hand. Therefore, a policy needs to be clearly drafted considering all scenarios considering the worst-case scenario’s
OneDrive is an amazing tool to allow users to access the same files from multiple devices. However, what if you don’t want to sync files to all of these devices but instead you just want to archive a bunch of files off your computer for safe keeping.
This article explains how you can use OneDrive to do just that.
What is OneDrive?
OneDrive is a cloud platform that provides storage space to save photos or documents and then be able to access them from any device, anywhere. You can use your phone, tablet or PC to view, edit and save documents or photos and then be able to continue on from any other device. These files can also be shared with other users and especially users who have Office 365 which can provide a rich real-time collaboration in editing documents very handy if you are working on a joint project.
What is Syncing?
Syncing is the process of uploaded files into the cloud and then have them sync to any other device you have like a phone, PC or tablet. The advantage of this is that your files are always accessible from any device anytime and from anywhere. When you alter, add or delete a file then the same process is echoed to all other devices connected to the cloud service.
What is Archiving
Archiving is the process of uploading files to your cloud storage service but not enabling synchronisation for that particular folder. The advantage of this is that certain files that you don’t want to be available on all your devices are only kept in the cloud which is handy for large files (i.e. video or audio) and means you have created a nice simple place to store files you want to keep (i.e. legal documents, old photographs)
Depending on your requirements you can use OneDrive either as a sync service to provide continuous access to files on all your devices or switch off syncronisation for particular folders that you don’t and instead use those folders as an archive. Remember if you want to access files and folders that you have setup to be “archive” or “Cloud Only” you won’t see them on your PC but instead you would have to login to the cloud service to access them.