Many businesses in Glasgow, Edinburgh and the rest of Scotland are not making the most of their Office 365 subscription causing wasted time and costs using other applications and services. Riverbank Solar offer IT support to business all over Glasgow, Edinburgh, Aberdeen and the rest of Scotland and are at the forefront of supporting Office 365 and helping your business get the most out of it.
Here are out 5 top tips that will enhance your office 365 experience and make sure you get the most out of it
- Make a creative presentation using Sway
is a presentation creation tool. While PowerPoint does the job, Sway allows you to generate a more creative presentation in a super efficient way. It’s integrated with Bing, YouTube, Twitter, OneDrive…the list goes on. This means that both image and video integration and insertion into presentations is that much easier. Say goodbye to boring and bland and hello to grand!
- Take advantage of anywhere/anytime access
In today’s age, it seem like everyone is constantly rushing to get somewhere. Luckily, with Office 365 mobile application rollouts, work on the go is now possible (and even convenient). These mobile apps are available to download for your Android, iPhone, iPad, tablet, etc. However, it’s important to note that the option to download some apps is dependent upon your subscription. Certain apps are only accessible for personal users, and the same goes for business users. Once you have downloaded the app, all you need is an internet connection, and you are free to use your mobile apps.
- Sign the dotted line
It’s official: DocuSign and Microsoft have teamed up to make signing documents online easier than ever. This feature is available for all Office 365 users, as long as you configure DocuSign with your Office 365 account. Once the configuration is complete, you can simply select the correct signature and add it to all the necessary places. Finally, no more nightmarish “draw your own” signatures!
- Save your doc anywhere
Having access to your files is easier than ever now since Office 2016 is fully capable of syncing with OneDrive and SharePoint. The process of saving them to the cloud is very straightforward. All you need to do is click ‘Save’ as you normally would, and there will be an option to upload to OneDrive and SharePoint. You can then decide where you want your document to be uploaded to, and voila! Your document is accessible from virtually anywhere. On the flipside, if your file originated in the cloud, you also have the option to download it to your desktop. Talk about convenient.
- Use shareable links
We’re accustomed to attaching files to emails, which can become cumbersome. Office 365 has an improved option. Once you have files uploaded to your account, they are saved in Microsoft’s cloud. Each document is assigned its own unique URL, which can be used for sharing. The sharing process is fairly simple:
Clicking ‘Share+’ will pop up the list of shareable links that you can choose from.
You can assign collaborators certain roles/privileges to edit or view the document attached to the link.
You can even share with people outside of your company as long as you choose the ‘No sign-in required’ option.
Once you become acquainted with this, you’ll find that it’s effortless in comparison to the mundane search-and-attach process we are accustomed to. Happy sharing!
And there you have it. With just a few simple configurations and experimentation with new features, you can set yourself up for a fulfilling Office 365 experience.
If your business in based in Glasgow, Edinburgh or anywhere else in Scotland and would like to check you are getting the most of your office 365 subscription then contact us for a FREE IT AUDIT or call 0141 474 1995
For all businesses in Edinburgh, Glasgow, Aberdeen and the rest of Scotland Cybersecurity is no longer workable with a “tick in the box” approach. Apart from IT Support Riverbank Solar provide proactive Cybersecurity consultancy to help determine and mitigate risk.
A SME business in the hotel business, for example will not have the same risk appetite as a bank or credit card company.
The old excuses of having “no top secret data” does not cut it anymore with strict GDPR laws. Now all systems hold sensitive data that is accessible from anywhere.
These are our top tips to improve your companies Cybersecurity:
Tip: Ensure that regular anti-malware/antivirus scans and backups are scheduled. Most of the big vendors perform automatic updates, ensure that settings are configured.
Tip: Always keep business-critical assets and important servers in a separate network segment with restricted access.
Principle of Least Privilege
Tip: Start with separate accounts for privileged users. For example, James, who is a database administrator, should have one corporate account (for routine tasks such as email, intranet, timesheets, etc) and one production account (for privileged tasks as part of his role) with different password policy restrictions.
Secure Internet Access
Tip: Remove unrestricted internet access from servers with exceptions to services needing internet access.
Tip: Start with password managers, enforce strict password policies and add a list of blocked passwords to active directory.
Tip: The majority of the service providers offer two-factor authentication. If this is not an option, look for alternatives such as passwordless authentication or two-factor authentication modules such as Duo, Authy, Okta, etc.
Tip: Add security benchmarks as an extension to your IT team’s OS build checklist. Ensure that sign-off from the security point of contact is a mandatory part of the process before any build is released into the production environment.
Secure and Regular Backups
Tip: Irrespective of the backup solution you opt for – don’t forget to test the backup restore.
Tip: In case of a solution, ensure that it’s simple, quick to use and helps users who are the least tech-savvy. If you are using Office 365, add this button “Enable the Report Message add-in” to Outlook clients that helps users report messages with a single click.
Secure Wireless Networks
Tip: We have observed with several organisations, backend infrastructure is shared for guest networks. Ensure that it is a totally separate internet route offering no connectivity with the corporate environment. A captive portal is an efficient way of user management (with approvals) ensuring security and usability aspects remain balanced.
Riverbank Solar can help you with this and many more. To get started contact us for a FREE AUDIT
In October, Microsoft will make a new step in sending some of the old apps and even a Windows version to the unsupported list. Riverbank Solar know this will impact many SME organisations in Glasgow, Edinburgh, Aberdeen and Scotland.
What is the Windows end-support list? According to Microsoft’s end-support document, the most important software that will go on the unsupported list will be Windows 10, version 1709 (Enterprise, Education, IoT Enterprise). Windows 10 versions 1803 (Enterprise, Education, IoT Enterprise), 1809 (Home, Pro, Pro Education, Pro for Workstation, IoT Core) or Windows Server version 1809 (Datacenter Core, Standard Core), they will expire on November 10th.
You must also start the upgrade process if if you have Windows 10, version 1903 (Enterprise, Home, Pro, Pro Education, Pro for Workstations, IoT Enterprise) or Windows Server, version 1903 (Datacenter, Standard) because they will be retired on December 8th.
What is the software end-support list for October 13th? Regarding Microsoft software, the list is a lot longer, and all the tools listed below will be retired on October 13th.
Dynamics GP 2010
Excel Mobile 2010
Exchange Server 2010 (all editions)
FAST Search Server 2010 (all editions)
Groove Server 2010
Office 2010 (all editions)
Search Server 2010
System Center Data Protection Manager 2010
System Center Essentials 2010
Visio 2010 (all editions)
Windows Embedded Standard 7
Office 2016 for Mac (all editions)
Excel 2016 for Mac
Outlook 2016 for Mac
PowerPoint 2016 for Mac
Word 2016 for Mac
If you are using any of these OS versions or software Riverbank Solar can help you upgrade to newer version to ensure the latest security updates installed. We offer 24/7 IT Support to businesses in Glasgow, Edinburgh, Aberdeen and Scotland.
Are you prepared to upgrade to the next versions? Riverbank Solar can identify what needs to be upgraded and design a plan to help you. It all starts with a FREE IT Audit. Call us tocay on 0141 474 1996 or contact us to find out how we can help.
There is no business in Glasgow, Edinburgh or Scotland that is too small to be targeted by network attack, all an attacker needs is one entry point to find a way into something bigger So how can Scottish businesses use a penetration test to fit their budget?
“We don’t need penetration testing, we’re so small” is something we frequently hear but this is simply absurd. Vulnerabilities exist in software, hardware, and configurations regardless of how big your business is. There are now regulatory requirements for penetration testing to be conducted regardless of organization size. This can be GDPR related or industry reacted such as legal or financial regulators.
The key questions are does a small business require penetration testing? How can a small business make penetration testing effective given limited resources? We will explore aspects of penetration testing and provide some tips on how to make it effective for a small business.
What is penetration testing?
We will look in web servers or network systems and applications that are exploitable by an attacker. The use of tools and publicly available exploits helps a penetration tester to be more effective in the assessment.
A vulnerability assessment is a surface-level scan of the web application or network ports for indicators of vulnerabilities such as version numbers and open ports. Issues reported after a vulnerability assessment may contain false positives as they are only based on initial indicators. Penetration testing takes one step further to attempt to exploit the found issues to confirm that they are indeed vulnerabilities.
For our Glasgow, Edinburgh and Scottish clients we recommend performing penetration testing before a new system is commissioned or when there are significant changes to the environment or code. For the existing system, it is recommended to perform it annually, with more frequent testing for sensitive systems such as systems dealing directly with critical processes, privacy data, or financial data. It is always recommended to perform both automated and manual penetration testing to have a comprehensive assessment result.
Considerations for Penetration Testing
Historically penetration testing was costly and time-consuming depending on the complexity of the system. As small business owners will always face resource constraints, penetration testing should be strategized to maximize its benefit. Glasgow, Edinburgh, Aberdeen and Scottish Business owners can consider the simple steps listed below to make an informed choice.
- Gather the organization’s critical information system assets
Most Scottish business do not have the full picture of what information systems they are running to power their business. These systems could range from an e-commerce web application bringing in revenue to an internal Human Resources (HR) system to manage employee time-off. These systems could be run directly by the business or could be a managed service by a provider.
- Determine the possible threats
Once you have identified the critical systems, determine the possible threats that the system may face. You can start by determining if the application is Internet-facing as it will mean that the application can be attacked by anyone in the public. Focus on Internet-facing applications/networks.
The more exposed interfaces will also mean more threats to the system. A system with only a web application (exposed web service) may not be as vulnerable compared to a system with multiple services (web, email, database, etc.) running on it. Focus on the system with more interface exposure.
Next, determine which are the targeted users of the application. If an organization does a good job vetting and auditing its users, they will pose less threat to the system than external users who have little incentive to use the system in good faith. This difference makes it crucial to pay more attention to systems which allow external users. Focus on applications used by external users.
Lastly, systems or networks dealing with sensitive information cause more damage when compromised. If you need to make a choice between a system storing sensitive information such as Personal Identifiable Information (PII) or credit card details vs a system storing public information, focus on the system storing sensitive information.
One more thing, you may not classify regulatory requirements as threats but you will once they start costing you money or hindering your ability to operate your business. Focus on regulatory requirements.
- Prioritize threats by risk level
“I’ve identified the threats and there are so many of them, which ones do I tackle first?” might be the question that is bothering you right now. To tackle this problem, business owners have to prioritize them according to risk level. IT risk is determined by the impact the threat will bring to the network or system and the likelihood of it happening.
Ultimately, it is the risk to the business that we are talking about. Systems with high-risk threats to the business should always be addressed first, followed by medium and low threats. Risk assessments can be complex but achievable once broken down into simple steps.
Riverbank Solar are a Glasgow based IT Support provider who offer Cloud and IT Support to businesses in Glasgow, Edinburgh, Aberdeen and the rest of Scotland. Contact us today to find out how our Penetration Test will help you identify issues. Call us on 0141 474 1995 or arrange a FREE IT Audit.