Posted on September 17, 2020September 23, 2020 by Silhouette Creatives

How to Secure Microsoft 365 for Remote Working

It seems that remote working won’t go away after the pandemic passes. In fact, organisations in most industries are working towards making it a permanent and viable option.

Large enterprises and corporations like Facebook and Google plan to keep the model for a while. While others like Twitter, Slack, and Zillow decided to allow (most or all of) their employees to work from home permanently. Their decision-making points towards the likeliness of remote work becoming a permanent option in most companies.

SMBs looking to secure work from home

According to Intermedia’s survey, small to medium business owners believe the remote work model will stay permanently. The survey indicates there is an overwhelming preference in keeping remote work as a long-term option. With 57% of SMB owners stating that employee availability and life and job satisfaction have increased, and citing a drop in overhead costs as a benefit that enabled them to stay afloat during lockdowns.

Those SMBs deciding to embrace the model are in the midst of preparations to make remote work permanent.

The Microsoft 365 suite is heavily used among SMBs, as their subscription model offers industry-leading functionality at a reasonable price. With access to security and operational features previously available only to enterprises, Microsoft 365 also includes cloud-based services that can be used from anywhere. Making the suite a perfect choice for work-from-home teams.

Compliance remains a core concern for work-from-home protection

Remote work comes with a new set of risks, especially for cybersecurity. Compliance acts and regulations don’t differentiate between in-office and remote work.

They require that you have secure working-from-home policies for sensitive information and data, and that you secure staff when working from home.

The most common regulations to comply with include:

Health Insurance Portability and Accountability Act (HIPAA) for businesses offering health services
EU’s General Data Protection Regulation (GDPR) for all businesses processing and handling personal data from EU citizens
California Consumer Privacy Act (CCPA) for all California-based businesses and those doing business in California
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) for everyone handling personal data from Canadian citizens

These acts require you to comply with Information Security Management Systems (ISMS) standards, most notably the ISO/IEC 27000 series, as well as the Payment Card Industry (PCI) Data Security Standard (DSS) for those who take card payments online.

SMBs often struggle with acquiring the right security solutions because the budgets are low.

Remote work and software spending

The graph below shows how expectations on software spending have changed from March to May 2020.

As the impact of the pandemic stopped being an unknown variable, respondents have revised their expectations on spending, which is indicated by less spending than initially expected.

Statistic: COVID-19 impact on software spending worldwide 2020 (Survey results comparison: March, April & May) | Statista

Find more statistics at Statista

While the highest percentage of respondents (40%) initially stated they will increase their spending on software, in May, 44% reported there were no changes compared to spending during the previous year.

And while the overall spending seems to stay the same, there are big shifts on what type of software the funds are allocated to.

Statistic: Where are businesses increasing software spending? | Statista

Find more statistics at Statista

With working from home being the new norm, conferencing takes the lead, followed by collaboration, remote desktop tools, and security software.

Work-from-home protection is an important concern for SMBs, and as the newest data from Microsoft shows, everyone is trying to speed up their cybersecurity digital transformation.

So how can you protect all the Microsoft 365 documents and communication that you work with daily when everyone is using different networks and devices to access it?

How to protect Microsoft 365 when working from home

In our experience, the most efficient option to cover both of these is to use Advanced Microsoft Information Protection (MIP), as it has the best cost-benefit ratio.

Microsoft Information Protection uses built-in capabilities from Microsoft Office 365 and Windows 10, as well as additional solutions provided by Microsoft, to secure Microsoft 365 and all the digital information and data you work with in your business across the whole playing field: in the cloud by using Cloud App Security, as well as on devices and on premises.

It allows you to detect sensitive information and locate where it’s currently stored, secure documents as soon as they are created, and even ensure that you dispose of them in a secure manner.

What Microsoft Information Protection can do for SMBs:

It will secure Microsoft 365 apps and services you use and all your business information from leakage.
It blocks malicious actors from access, and doesn’t allow access to untrusted actors.
The automatic classification protects all documents based on the criteria, trigger words, and phrases you set up.
It actively tracks data through its lifecycle and gives you insight into who has access to data and a log of who accesses it and what they are doing with it.
It helps your employees stay productive and learn about working from home best practices. The system will suggest labels and teach them how to use and apply them correctly.
It gives you overview over information flow, with valuable insight on patterns of data usage inside of your organisation.
This allows to spot anomalies in data usage and access, enabling quick detection of potentially harmful actions by actors or malicious software.
It keeps all data secure even when sharing with vendors and third parties by not allowing forwarding, downloading, or copying information shared with them.

Such capabilities extend beyond securing your data – it also keeps your staff secure from making errors while handling data, and all the vendors you work with by not allowing them to forward any information you share with them further.

Once set up, you’ll have a system that performs well in the cloud, covering the need to secure remote working, but on premises too, once you decide to go back into the office.

See MIP in action with our email demo video here:

Why you need to secure Microsoft 365 for remote working

When you secure Office 365, you and your team can do remote work securely and are saving time and money. But that’s only one benefit of using such an extensive system:

No changes in workload: The automatic classification and encryption of all documents you work on and share with remote staff, contractors, and other third parties means there is no need to increase workload for your staff and spending time on complex manual security checks that they need to learn to apply.

You will secure Microsoft Office through compliance: Classification and encryption executes on the cloud level too and protects against human error, one of the most common reasons behind data leaks. Securing Microsoft 365 for remote working also helps you be compliant with all regulations.

Security travels: The cloud-based protection extends beyond business devices – the protection remains with documents and data and travels with them, ensuring they are secure even if they end up in the wrong hands.

Secure external consultant documents for Microsoft 365

Working with external consultants increases risk of data leakage and breach, since you are relying on them to practice good cybersecurity.

Instead of hoping they are doing a good job, you can secure Microsoft 365 documents sent to and used by external consultants through MIP. With auto classification, the options for downloads and further sharing will be disabled, ensuring the data can never be accessed by anyone but your external consultants.

Secure internal sensitive and confidential information when working from home

Secure Microsoft 365 data with MIP’s extensive labeling and trigger system based on labels. You can classify all information into specific categories, and set up sensitivity labels for each of those categories.

The trigger system activates based on the rules you set up. For each rule, there is a condition that must be met in order to trigger the second part, the action, something that will happen automatically when the condition is matched.

For example, when a user without permission tries to access a sensitive document, the rule sends an email to the user and administrator of your system about the incident.

Whenever someone creates a new document, no matter where within your organisation, it will automatically be protected based on the category and labels applied to that type of document.

These labels are document-based, meaning they persist with it and are transferred anywhere the document ends up. If the document ends up being in an insecure environment, your security policies will continue being enforced, and won’t allow usage by anyone who isn’t a trusted source.

The system allows you to track all data and documents as it moves through and outside of your organisation. In case you ever suspect foul play, you will be able to revoke access to the document, rendering it useless to anyone who is trying to get it.

In such cases, the MIP can, based on your setup, respond with a real-time email alert, or a report on the dashboard.

Microsoft Information Protection includes Data Loss Prevention (DLP) capabilities, with policies against accidental sharing. With it, you can also label documents for information retention, set an expiry time and apply deletion policies that will execute automatically when requirements are met.

Secure email communication when working remotely

The labeling system goes beyond Office apps, and you can secure Microsoft Outlook in the form of Office 365 Message Encryption.

It allows you to classify and secure email messages as well. When labeled, the policies for that specific label will be applied to the email. This includes policies such as:

Encryption
Watermarks
Access restriction
Disabling forwarding

The label that is applied will persist with the email and keep security policies on the email even when it leaves your organisation. It helps employees work from home securely by preventing phishing attacks and disclosing information accidentally.

Secure BYOD for remote working

By having online-only work, your employees will use a number of devices to access business data, like Windows and Mac OS machines and mobile devices. A comprehensive security suite such as Microsoft Information Protection has encrypting standards that will work on all of them.

If you’re unsure on the right way to secure BYOD for remote working and set up policies, we can discuss other ways of working with BYOD. For example, we offer Windows Information Protection setup services that secure employee-owned devices from data leakage and other security incidents.

The MIP setup takes time and IT knowledge

Microsoft Information Protection is definitely an all-encompassing solution that addresses the risks of remote work well. It secures access to sensitive data and documents, grants permissions to the right stakeholders, and ensures all your business data is safe even if it’s somehow accessed without authorisation.

But there is a downside to it: It takes a lot of time to set up such an extensive system for someone who never had to deal with it. Even if you have an IT professional on your team, chances are, they will need to ask for help. Only those with knowledge in Active Directory, a good comprehension of Microsoft licensing, and previous experience with Microsoft or Azure Information Protection itself can set it up.

One error in permissions and labeling, and you can lock yourself out from your own documents, even if you are the admin. Or if you miss it during setup, the system might not flag important documents correctly, making them easily accessible by someone without permission.

Learn more about how we can help here:

Advanced Office 365 Security for Remote Working

Professional setup saves time and money

Towerwatch has many years of real-world experience with encryption. We have been working with Microsoft Information Protection and setting up automatic encryption protocols for global brands even back when MIP was still known as Azure Information Protection.

Now you can rest easy knowing it’s set up properly and that all documents and communications are secure. You will efficiently eliminate the risk of costly mistakes that could result in regulation breach fines or loss of customers.

To find out more about how we can secure your business operations with a future-proof cloud-based solution that will continue working even if you decide to go back into office, book a consultation with Microsoft Global Professionals for MIP, and our initial session HERE.

Our initial session is priced at £250, and for this investment, you will not just cover the session cost, but also get a comprehensive overview of the current state of your cybersecurity solution and work-from-home compliance status. When you decide to move forward to the next stage, this investment will also be deducted from the project fee.

Book your initial session HERE.

Posted on September 12, 2020September 12, 2020 by Silhouette Creatives

The Importance of IT and Cybersecurity in Hospitality

Hospitality businesses are at a higher risk of suffering a data breach because of the nature of the industry.

The most recent case that made rounds is the massive data breach Marriott International suffered, especially because the breach has remained undetected for over 3 years. In that time, data such as credit card numbers, home addresses, loyalty points, birth dates, passport numbers, and other valuable information were stolen.

Imagine something like that happening to your cafe, restaurant, or hotel.

Could you handle the aftermath of a breach?

It’s not just about the massive damage payouts. The real aftermath is dealing with the trust that will be damaged beyond repair.

How safe are your current systems? Are you sure you could deter or detect a breach?

The high risk of the hospitality industry

Hospitality businesses are a high-value target of malicious intent. The first part of the issue revolves around the characteristics of the industry:

You work in a people-centred industry where competition is fierce.
To succeed, your hospitality business has to stand out from the crowd by providing your customers with the very best service.
You also have to deal with a lot of stored sensitive information about your clients.
This data can help you provide a streamlined and personalised experience. Unfortunately, such data is highly valued on the black market, which makes you a prime target to hackers.

The other part of the problem is your back office:

It’s a highly dynamic industry that requires a centralised system with lots of connection and access points.
Any of these can become a potential point of access.
The turnover rate of hospitality businesses is higher than in other industries.
Any old, forgotten, and inactive accounts from former staff are security threats.

How can IT and cybersecurity solutions help hospitality?

Hospitality businesses are highly vulnerable to cybersecurity threats. Even large enterprises will succumb to a data breach without advanced cybersecurity solutions.

Instead of sticking to incident response and passively reporting on a security breach, hospitality businesses have to implement proactive measures that will make a breach unlikely and data unreadable.

The right IT solution keeps your business efficient and your customer and employee data safe. Our IT and cybersecurity solutions and services will:

Standardise your whole network infrastructure – We can take care of everything – from network hardware installation and setup, to VPN and token solutions.

Streamline your operations – This will reduce errors and data mismanagement, and will speed up your whole system.

Encrypt data and documents – While you should aim to avoid a data breach, encryption helps you remain compliant and make data unreadable and unusable in case it does happen.

Report any red flags – Advanced monitoring solutions help detect any irregularities in your database, payment system, or loyalty programs immediately. Your data stays secure, and your services stable.

Create and maintain backups – Your whole systems and operations backed up, ready to weather any storm.

Train your staff – Even the best systems remain vulnerable if your staff isn’t up to date on how to use it, or isn’t informed about the latest security threats and policies.

Provide ongoing support – From helpdesk and remote support to onsite interventions, we got you covered.

Responsive IT Support

We go well beyond simple network setup, optimisation, and one-time security protocol setup.

Cybersecurity is an ongoing task, and TowerWatch Solutions offers ongoing IT support for your hospitality business.

Our IT support range includes 1st, 2nd, and 3rd line support. No matter what type of IT-related issues you are dealing with, we can help you resolve it quickly and have you up and running in no time.

Your employee lost their password? Our helpdesk will help them retrieve it.
Your POS can’t connect to the network? We can get it up and running remotely.
Your customers can’t order ahead through your app? Our engineers will find the reason as soon as possible.

Our IT support is available around the clock, and you can choose between:

Helpdesk support – A solution for any minor issues that keep disrupting your daily operations is just a phone call away. Our helpdesk support will quickly resolve POS connection issues, account lockouts, or network drops.

Remote assistance – When you can’t take care of the problem on your own, our IT support agents can quickly resolve minor inconveniences with remote access.

Onsite IT expert and engineer teams – Have issues with hardware or software setup? Your Wi-Fi system is down and routers aren’t responding? No worries. We’ll deploy our onsite IT experts to take care of all your IT worries in no time.

Already have an in-house IT team?

Nothing to worry about. Besides 1st to 3rd IT support, we also offer full IT management support.

We will take care of in-house team hiring, management, and training to keep your team up to date on the latest security practices and threats, and work alongside them and offer a helping hand.

Let us deal with technicalities so you can stay focused on your customer and the experience you provide.

Project Implementation

The IT projects and solutions we implement are all based on the latest technology and security standards.

The hospitality industry works with high volumes of sensitive data, and our solutions warrant it stays safe – we will make sure all your operations are GDPR-compliant too.

Project implementation preparations

Our experts and engineers have over 10 years of experience in IT management and project implementation. Before we draft a project for your hospitality business, we will take a look at your current setup.

TowerWatch Solutions will ensure your IT systems can handle your business demands, follow the latest hospitality trends, and battle security threats.

We can make the project as simple or complex as you need it to be. We can implement a simple backup solution for your current operations, or reinvent your whole IT infrastructure and offer a streamlined digital dining journey.

Your IT needs should never take the back seat. Today, IT solutions are the driving force of successful hospitality businesses. We can help you with:

Implementing full server systems, communications, and platforms.
Physically relocating your sites and helping you open new sites.
Moving your physical servers to safer virtual environments.
Converting your local data and operations to the cloud.
Installing and implementing encryption solutions for your customer data and loyalty programs.
Taking care of GDPR and PCI compliance.
Implementing access control measures.
Setting up Backup and Data Loss Prevention (DLP) measures.

Fully custom solutions, tailored just for you

Because no two hospitality businesses are alike, we focus on getting to know you first. Your long-term goals become our long-term goals.

When we are familiar with your strengths and weaknesses, we will know how to design an IT system that will emphasise the former and eliminate the latter.

A custom-designed IT system will cover all your needs and provide a streamlined experience to your customers and patrons.

We will implement new hardware, software, and full IT solutions with minimal disruptions to your operations.

With our IT services, you’ll be ready for rapid expansion and franchising: We will future-proof your IT infrastructure so you can easily open new locations locally, regionally, and globally, and deploy your whole system instantly.

Streamlined Setup

Do not worry about business disruptions while we implement our IT and security solutions.

We have streamlined our setup routine so you can continue working without losses in uptime, efficiency, or staff and guest satisfaction. We’ll start with upgrades that are easiest to implement and work our way to the more complex solutions.

Continue impressing your guests and customers while we update, improve, and optimise your whole IT system with:

Equipment standardisation – Differences in hardware, procedures, and policies across franchises are a common reason for disjointed operations. We will standardise all your equipment.

The best guest Wi-Fi solutions – Your systems are not the only thing that benefits from being connected. Your customers will keep coming back to enjoy not just your services, but also an amazing, lightning-fast, and most importantly, secure Wi-Fi in any of your establishments.

Cloud solutions that sync across your whole franchise – No matter how many locations you have, relocating your operations to the cloud will allow your staff to work efficiently from any branch and sync data across all your locations.

Active network monitoring – Proactive approach to possible issues is the only way to deal with them before they become serious. Our IT solutions can monitor your whole infrastructure and network, and alert our IT support in case of irregularities.

GDPR compliance implementation – Unsure about GDPR compliance and worried about possible legal risks? We got you covered here too.

TowerWatch Solutions is your one-stop shop for implementing cybersecurity and IT systems that will make you fully compliant with the GDPR.

Our compliance strategy includes data mapping and auditing. We will uncover where your data is stored and review all your software for possible security gaps.

We will implement security measures such as system monitoring and advanced data encryption to keep data safe.

PCI compliance implementation – PCI compliance helps you protect your customer’s credit card data and reduce fraud attempts. By making sure your new IT setup is compliant with PCI DSS standards, your customers and guests will know you place the highest emphasis on their security.

Future-proofing – Our IT solutions ensure your systems are future-proof and you won’t have to worry about substantial investments down the line. When you migrate your operations to virtual environments and the cloud, all the updates are handled by the provider, guaranteeing your systems are always up to date and safe.

Your IT security is only as good as its weakest link. Unintended data disclosure can easily be prevented with the right staff training. Leave it to us to teach them how to use the newly implemented systems and foster a culture of security.

Consultancy & Research

Are you opening a new restaurant and want a good IT infrastructure right away? Or are you an established franchise that could use some updating in the IT department, but you’re not sure where to start?

Start by consulting with our experts

TowerWatch Solutions offers consulting services on hospitality IT systems and cybersecurity. We’ll help you plan out every detail of IT system implementation and assist your in-house IT teams on every step of the way.

No in-house teams? No problem. We can manage your IT projects on our own too.

If you are more comfortable with having in-house IT experts, we also provide consulting on IT Training and Recruitment. We can help you set up, recruit, and train an in-house IT team for you. We can set up, manage, and recruit new members to your team.

Our dedicated IT experts and engineers will help you with a boost of specialised knowledge right where you need it:

IT project management – From implementing ePOS systems to handling guest Wi-Fi options, we’ll help you manage the whole project. We consult you on the best ways to implement it, and what the needed security measures and best practices are.

IT security requirements – We can help you and your team set up staff authentication, BYOD policies, GDPR, and PCI compliance, and consult you on the latest industry standards.

Data safety and recovery options – Our experts will be happy to explain all the solutions you can implement to prevent data leaks and losses and help you pick the best mix of options. Learn about:
- Differences between backup solutions
- The importance of business continuity strategies
- How data loss prevention (DLP) works
- What disaster recovery options would be best for you

Cloud computing solutions – We’ll guide you through possible cloud computing options and advise you on the one best suited to your particular needs, be it private, public, or hybrid.

Migration services – We can help you move your data and operations from one location to another, or to a virtual environment. We will also ensure that any risks – privacy, security, and data access – are eliminated in the process.

Overall…

Hospitality is an industry that handles huge amounts of sensitive data on customers, guests, and patrons. Hospitality cybersecurity is more important than ever before. As a restaurant, cafe, or hotel owner, it’s your responsibility to keep their data safe.

How up to date is your current IT setup? Have you taken care of your GDPR compliance? Do you know who has access to sensitive data?

Here are some of the latest facts and figures on hospitality data breaches, and just how much damage they can do:

Restaurant group Earl Enterprises data breach from May 2018 to March 2019
- Data affected: Over 2 million credit card numbers were stolen
- Attack vector: Malware on their POS system
- Brands affected: Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria
- Damages paid: Unknown
- The company launched a website so guests can check whether their details were stolen.

RMH franchise security breach in 2018
- Data affected: Guests’ names, credit or debit card numbers, expiration dates, and card verifications codes
- Attack vector: Unauthorised software placed on the POS system
- Brands affected: 167 Applebee’s restaurants
- Damages paid: Unknown

Wendy’s data breach of 2015 and 2016
- Data affected: Name, card number, expiration date, security, and service codes, and other payment card-related information.
- Attack vector: Malware on POS system
- Brands affected: Wendy’s restaurants
- Damages paid: $50 million

Dunkin’ Donuts data breach
- Data affected: Usernames and passwords for loyalty programs
- Attack vector: Third-party breach
- Brands affected: Dunkin’ Donuts
- Damages paid: Unknown

Hilton Hotels data breach of 2014 and 2015
- Data affected: Credit card numbers, names, addresses
- Attack vector: Cash register computers
- Brands affected: Hilton Hotels
- Damages paid: $700,000

Marriott data breach: The biggest breach up to date
- Data affected: 500 million customers’ information, including names, addresses, phone numbers, email addresses, passport numbers, account info, birth dates, gender, and arrival/departure information
- Attack vector: Unauthorised access to the hotel database
- Brands affected: Ritz-Carlton, St. Regis, JW Marriott, W Hotels, Sheraton, Delta Hotels, Le MERIDIEN, Westin, Renaissance Hotels, Four Points, SpringHill Suites, Fairfield Inn, Residence Inn.
- Damages to pay: $915 million GDPR

Digital technology and data safety have become an integral part of the hospitality and dining experience.

How IT Solutions Influence the Dining Journey

Technology is affecting the hospitality industry, and those who don’t embrace IT solutions are bound to fall behind fast.

According to the Windstream Enterprise-BRP Consulting digital restaurant study that focused on preferences of Millennials and Gen Z, shows that digital technology affects the hospitality sector, particularly restaurants, quite a lot.

Here are some of their most interesting finds:

74% find that ease of ordering and payment is extremely important.
- only 45% of restaurants have excellent execution for this preference

60% place importance into Wi-Fi availability
- only 44% of restaurants have a good solution in place

42% actively look for contactless and mobile payment availability
- only 33% of restaurants have it

41% look for mobile and web order ahead options
- only 26% of restaurants offer a good solution

The following infographic by Deloitte from 2016 shows just how important technology has become in hospitality:

Source

Some key findings include the fact that 40% of people prefer to order online, and when technology is used to place orders, customers will spend an extra 20% on an average per visit.

The findings clearly show that the customer journey and experiences are heavily influenced by the convenience of new tech solutions. The only way forward for your business is to implement IT solutions that will be convenient but also safe.

Do you have the right IT solutions in place? Get in touch to see how we can help you streamline, boost customers with technology projects, and improve your security.

Posted on September 27, 2019July 30, 2020 by Eli Migdal

5 London Hotels That Are Above the Curve on Technology

The hotel industry is only just starting to embrace the latest tech. London hotels areis working hard to make guests feel like they are right at home during their stay. But when does a hotel stay feel like home?

The latest technology has made it possible to set up the room just the way you like it. From choosing the right room, lighting, temperature, music – everything can be controlled and set up in advance. London hotels have started picking up on the need to personalise every guests’ stay and invest in new technology to make this possible.

Here are five of the London hotels innovating technology in their offering to guests:

1. Eccleston Square Hotel

Named London’s most high-tech hotel, Eccleston Square Hotel is a unique blend of historical elegance and exciting new technology.

The hotel’s very own app that guests can download to their device acts as a digital concierge and lets you set up everything just the way you want for your arrival.

Each room has access to free and fast Wi-Fi, and comes equipped with free smartphones that guests can use for international calls and free data while roaming the city or conducting business.

The in-room pads let guests control every single aspect of their room – light, sound, and temperature – and they can also browse the menu, order room service from the restaurant, and select the time of delivery.

The bathroom glass walls can be toggled between see-through and frosted with a simple touch of a button. The best part is that the “Do not disturb” sign can be activated from the touchpad, too!

2. Radisson Blu Edwardian, Berkshire

Radisson Blu on oxford Street never stops innovating to offer the very best guest experience. While staying at the Edwardian on the Bloomberry St, guests will be able to use their very own virtual assistant called Edward.

Edward will help throughout the whole stay and help them with check-ins, checkouts, and requesting anything guests might need. Each room has fast Wi-Fi for an unlimited number of devices, and guests can even stay up to date thanks to their digital news app.

3. South Place Hotel, London

The South Place Hotel also realised that guests want full control of their room setup, so every guest can control lighting and electronic blackout blinds, and enjoy crystal clear sound thanks to the Bang & Olufsen media centre and a library full of free on-demand movies and shows.

The bathrooms are equipped with a TV and speakers too, and those who get tired of movies can head to the hotel’s games room.

4. Amba Hotel Marble Arch, London

Also located on Oxford Street, Amba Hotel Marble Arch lets guests have full control over every aspect of their stay. They can choose rooms themselves during booking, and the Mobile Valet app lets guests explore the hotel and all amenities, order room service, and set up express checkout easily.

Every room is equipped with USB sockets next to beds and super-fast unlimited Wi-Fi. There’s also a tablet in each room that guests can use as they like, and Smart TVs they can link their own devices with and connect to their favourite services. Plus, you can keep your tech secure thanks to the in-room laptop safe which is a great addition for business trips.

5. CitizenM London Bankside

The CitizenM London Bankside offers their guests compact rooms filled to the brim with technological gadgets that make the stay comfortable and futuristic. Starting with ‘one-minute’ check-in kiosks, the guests are guided to a room that they can adjust as they want.

Guests will have their own tablet “mood pad” that gives them control over all the aspects of the room. Coupled with lightning-fast Wi-Fi, it’s really like being portalled to the future.

Today, a personal touch and focus on guest preferences is what it’s all about. The very best hotels focus on the guest experience by making it easy to check in and out, order, and connect to personal and business accounts and services right in the room.

Posted on April 20, 2019August 2, 2020 by Silhouette Creatives

IT Managed Service Providers vs In-house IT Teams For Hospitality

As businesses are undergoing digital transformations, IT is becoming a critical part of their business success. With consumers expecting hospitality to match the digital era with new customer experiences, it’s often one of the things that are left behind!

So whilst basic IT knowledge goes a long way in hospitality, having a dedicated IT expert is still the best solution. Most business owners are now faced with a critical decision: to choose between an IT managed service provider vs in-house IT team. How are they different? Which one is better? How safe is it to let someone else take care of your IT needs?

The choice between an IT managed service provider vs in-house IT team often boils down to the size of the company and its specific needs. Here’s a rundown of the pros and cons of each option.

In-House IT Team: Pros and Cons

In-house IT staff usually handle day-to-day IT operations and requirements. Startups and small and medium businesses will often start with a single IT expert who will handle their IT needs. As they grow, however, they will also need more than one IT expert to keep track of everything.

Pros

It’s not that in-house teams are without benefits:

They will have intimate knowledge of your operations and know your infrastructure in and out.
They can be immediately available when you need them.

On the other hand, having a full in-house IT team is often limited to large enterprises only. A full IT team when you’re a small or middle-sized business is just not possible financially. Not only would they eat up resources but you need a place to put them day-to-day too!

Cons

The cons of in-house teams seem to be more prevalent when it comes to IT requirements of most hospitality businesses:

The costs run high: They will be your full-time employees, meaning you will have to cover their salaries, benefits, training, NI, and other expenses.
The emergencies increase costs even more: The cost of intervention often goes up considerably in case of emergencies that happen overnight, and you have to pay overtime.
Team members are not bound to your company: If they decide to leave for what they think is a better opportunity, they are free to do so. When they leave, they will take all their expertise with them and you’re stuck with tech you don’t know how to run, unless you employ a team – which is even more expensive!
In-house teams can rarely keep up with all the latest IT developments or industry trends, meaning that parts of your IT infrastructure will inadvertently become outdated. It’s their job to keep things running, not constantly innovate!
Often limited to reactive interventions instead of proactive IT strategy development.

Is an IT managed service provider better than in-house IT teams? Let’s see what they can offer.

IT Managed Service Providers: Pros and Cons

Business owners are often wondering how is an IT managed service provider better than in-house IT teams. It seems logical that hiring a third-party provider to take care of your IT needs would be less efficient.

But this is a common misconception.

Managed service providers actually improve efficiency. They deliver higher quality services because IT is their speciality; it’s all they do. They are experts who continuously improve their knowledge by following the latest developments.

Pros

When a business hires an IT managed service provider, they will reap the following benefits:

Paying a lower price for hiring them than you would for keeping an in-house team. Their services are available for a flat monthly rate, which makes budgeting for IT super easy. You benefit from economies of scale here, because ultimately, you won’t be the service provider’s only client – but that means they are more affordable!
They are available around the clock and can monitor your systems at all times.
Your operations will rarely be disrupted: Managed service providers have service level agreements (SLAs) that are legally binding. They guarantee to provide the highest possible uptime and service quality. It also means that should you move to someone else, they should provide you with all the procedures and documentation necessary to ‘hand-over’ your day-to-day.
Managed service providers also have access to the latest technological solutions, software, and industry contact. This means that all your IT needs will be up to date as soon as there’s one available.

Cons

Of course, there are also some disadvantages of managed service providers:

Finding the right fit for your business needs takes time. Sometimes, trial and error is the only option to find a managed service provider who has everything you need.
Sometimes, service packages can be arranged in such a way that you might need to pay for some services you don’t really need. Still, many managed service providers will happily let you make a fully custom package.
The biggest concern is their on-site availability. Your MSP should always be able to provide some level of physicality! Particularly for 1st line support which often involves users directly.

IT Managed Service Provider vs In-House IT Team: Who Wins?

Is an IT managed service provider better than in-house IT teams? Our verdict is a big fat YES because they can offer everything an in-house IT team does, and more! Ultimately, you pay for a ‘service’ rather than a person when it comes to an IT managed service provider and therefore you know you’re always covered!

Comparing an IT managed service provider to an in-house IT team shows that you will ultimately save more money by opting for a managed service provider.

Having up-to-date software is also a crucial point – it ensures you are well protected against cybersecurity threats and attacks that are becoming more elaborate over time. Your IT managed service provider will make sure all your security definitions are up to date, that they never expire, and that your business and customer data is secure.

IT managed service providers free up the time you would otherwise spend on the challenging tasks related to your IT. They are not just your IT support, they are the technological catalyst for your business. Working with you to develop the right strategies to acheive your your long-term goals.

Posted on March 27, 2019July 30, 2020 by admin

Microsoft Announces Microsoft Threat Protection (MTP), But What Does This Mean For Their Cyber Security Users?

Summary: With Microsoft Threat Protection (MTP), Microsoft has announced big changes coming to their security apps. Focusing on bringing a unified solution that correlates data across their cybersecurity services, they want to offer an end-to-end security solution that will help users stay one step ahead of sophisticated cyber attacks.

With the global cyber security landscape becoming more diverse, it is becoming increasingly difficult to stay protected against cyber security threats. The cyberspace is a new battlefield, and businesses should always assume that someone is attempting to hack into their systems and exploit their environments.

Microsoft Threat Protection (MTP) Is the Answer to New Cybersecurity Threats

Microsoft Threat Protection (MTP) is the most exciting update of the Microsoft Ignite 2018 that was held from September 24 to September 28, 2018, in Orlando, Florida. The Ignite Panel on Microsoft Threat Protection explained a large portion of the changes coming to their cyber security services.

What Is Microsoft Threat Protection (MTP)?

Microsoft Threat Protection is Microsoft’s latest response to the increasing complexity of the digital estate and security issues that come with it.

Anything connected to the internet can be attacked. This not only includes laptops, tablets, phones, but also IoT devices such as smart meters, smart watches, and others – all of them are possible vectors of attack. The endpoints in the environment that are a target of cybercriminals are not just computers or phones, but complex systems like smart cities, sensors, smart cars, and smart energy grids.

These are coordinated and intelligent attacks, and it’s been an ongoing game of cat and mouse, where cybercriminals land a blow, the security experts respond, then cybercriminals find new exploits, and so on.

Microsoft Threat Protection aims to break this cycle and ensure to stay one step ahead by using the power of cloud computing, automated responses, and scaling capabilities to secure everything.

Why Did Microsoft Decide to Develop MTP as an End-to-End Security Solution?

The digital environment is more diverse than ever before, and Microsoft Threat Protection aims to offer a solution that protects enterprises and their digital environment against a growing number of sophisticated cyber attacks.

Once a cybercriminal gets access to any device within a system, they also get access to everything that the device has access to, searching for additional logins on the affected device to move across your whole environment.

Microsoft Intelligent Security Graph

The Microsoft Intelligent Security Graph is the foundation of all the security services included in Microsoft Threat Protection. It gives insight into various attack vectors and shows how many security threat signals are coming in daily from consumers and corporations – 6.5 trillion signals a day. Those signals are gathered from users, corporations, and Microsoft services.

The graph shows just how many signals are detected in various areas, such as Outlook, where over 400 billion emails are analyzed, or from 1.2 billion devices that are scanned each month, where over 5 billion threats are detected in that time.

Every single security alert and signal that is received is part of a larger attack, and it’s difficult (and very expensive) to correlate all signals across all devices. The Microsoft Intelligent Security Graph requires analysis by more than four thousand in-house security specialists, with over $1 billion invested each year into cyber security.

It is virtually impossible for most enterprises to have access to such security skills and budget to correlate all threats to their digital estate. Microsoft, therefore, offers enterprises the ability to use Microsoft’s vast cloud computing capabilities and insights by choosing MTP as their ultimate cyber security solution for all digital devices and assets you have in their environment.

How Microsoft Security Solutions Used to Work…

Before this, Microsoft’s threat protection was divided between their various services, which meant that cyber attacks could happen outside of those areas, in the gaps that were not covered by a specific service.

By bringing all these services closer together and having multiple apps address the different aspects, those gaps are covered and the risk of a breach is lowered.

What Services Does Microsoft Threat Protection Include?

Microsoft Threat Protection isn’t a single app that covers all cyber security needs. It’s a group of services that work together to ensure all attack vectors are suitably covered from multiple angles.

The Services included in MTP are as follows:

Azure Active Directory – This covers identity and access management.
Azure Advanced Threat Protection (ATP) – This covers detection of advanced attacks across the digital environment.
Microsoft Cloud App Security – This is a Cloud Access Security Broker (CASB) that covers data protection in the cloud environment.
Microsoft Intune – A part of Microsoft Enterprise Mobility and Security, Intune is a cloud-based service that helps you manage mobile devices, apps, and the way workforce accesses and shares company information.
Windows 10 – These are updates to existing security services like the Windows Defender.
Azure Security Center – This is a unified security management system that protects hybrid workloads running in Azure and other environments.
Windows Defender Advanced Threat Protection – Windows Defender is getting new capabilities that include post-breach detection, investigation options, and response.
Office Advanced Threat Protection – This covers malicious attacks found in emails, collaboration tools, and links.
Office Threat Intelligence – These are threat protection capabilities across all Office apps.
Windows Server Linux – This covers Linux based servers.
Exchange Online Protection – This covers email filtering, spam and malware protection, as well as protection against messaging policy violations.
SQL Server – A protection through advanced machine learning.

Those services work in tandem to secure the five pillars of cyber security. This gives them greater coverage of possible attack vectors and in case one service doesn’t address a specific vector, the other will. These are the five pillars:

Identities – This pillar includes vectors such as users and admins and is protected by the following services: Azure Active Directory, Azure Advanced Threat Protection, and MS Cloud App Security.
Endpoints – This includes all types of devices and sensors that could be possible vectors for a breach. It’s protected by Microsoft Intune, Windows 10, Windows Defender ATP services.
User Data – All email messages and documents are protected by Microsoft Cloud App Security, Windows Defender ATP, Office 365 ATM, Office Threat Intelligence, and Exchange Online Protection.
Cloud Apps – All data stores and SaaS solutions/apps are covered by MS Cloud App Security, Office 365 ATP and Exchange Online Services.
Infrastructure – All enterprise servers, virtual machines, networks, and databases are protected by Windows Server Linux, SQL Server, and Azure Security Center.

How Do Enterprises Use and Benefit from MTP

A good example of how enterprises benefit from MTP is Telit, who has over twenty years of experience in IoT and offers end-to-end IoT solutions. They use Microsoft’s services to protect everything: from IoT Products, over Services, IoT consulting, and building systems for enterprises.

They realized quickly that by having a unified system, they can address any security issues more efficiently and save a lot of money when compared to using different providers for each aspect of their business.

Your enterprise will benefit because instead of using the top services for each category, the MTP unified system can secure all of the following, and more:

Mail protection and encryption
Mobile device management
Endpoint security
Incident response
Cloud access
Securing data and apps
Data classification and governance
Data loss prevention
Compliance (GDPR)
Identity protection and privacy

Microsoft Threat Protection addresses the following cybersecurity pain points and helps enterprises by offering the following:

Integration – All security products should aim to be closer together and better integrated. This improves response and automation and closes gaps is security where attackers often operate.

Intelligence – The power of the cloud can improve security across all apps.

For example, businesses can have an overview of each user activity and get alerts on unusual activity or devices for each of their accounts or identities.
MS combines machine learning to detect deviations from usual patterns in user/ID/machine behaviour and activity.

Automation – The focus is placed on incidents that are most important, not all of them. This saves time on mundane and routine tasks through automated actions for each type of attack.

Alerts are correlated across machines and network to figure out how it happened and whether it’s part of a larger incident.
The incident takes X number of alerts and groups them together, shows the timeline of all alerts, and shows affected machines, emails, users what investigations and actions were taken.
By combining services to correlate alerts, better detection and response is achieved, and it’s easier to secure all the attack areas, strengthening the overall security.

A User-Centric Approach – Solutions are geared toward how users work.

For example, in emails, you will be able to display the underlying URL instead of the text part to immediately see if the link was spoofed. This offers security against threats targeting users (phishing etc) while not undermining the user experience.

Ecosystem–Intelligent Security Association – Instead of trying to cover every security aspect on their own, Microsoft is working with over thirty leading security tech providers to expand security coverage.

The Purpose of MTP

Microsoft wants to take a more active part in the realm of cyber security, and their threat protection gives them an important role of a cloud security provider. With their Intelligent Security Graph analysis, their Microsoft Threat Protection combines integration, intelligence, and correlation, and gives enterprises access to their computing power and scale.

Ideally, MTP will offer the following:

Protection Against All Attack Vectors – The optimal solution is to stop all attacks, but since this is impossible, it should stop as much as possible from breaching the system.
QUICK Detections When a Breach Occurs – Since some attacks will sneak by, it is crucial that they are detected as soon as possible.
Response and Remediations – Once a breach is detected, adequate action should be taken. Here, automation options help take care of smaller threats by automatically remediating them, while larger threats will be brought to attention and the system will await input on what to do with them.

While MTP will make it easier to protect every aspect of your digital estate, user education and training are important too. Here, MTP wants to help businesses teach their employees about security risks, what they have to understand, and why they might be targets.

Ultimately, Microsoft Threat Protection should reduce complexity, time, and lower costs on incidents by offering an end-to-end security solution that also works with external security providers to truly extend their cyber security reach where it matters.

Posted on February 25, 2019August 3, 2020 by admin

7 Best Ticketing Software for Managing Tech Support

The best ticketing software helps tech support resolve issues faster and allows managed service providers to offer a better service! Here are seven excellent IT ticketing software solutions that will optimise your IT support:

1. Spiceworks IT Help Desk

Spiceworks is amongst the best ticketing software solutions, and all their products are free!

It’s a full help-desk system with multiple-channel ticket support and network monitoring. All systems are customisable to meet the requirements of any business.

The most prominent features include automatic ticket routing, prioritisation, and notifications for IT teams, as well as a knowledge base for most common issues that can be integrated into a ticket.

2. ManageEngine ServiceDesk Plus

ManageEngine’s ServiceDesk Plus is a solution that helps an IT managed service provider with advanced automation options of many processes.

The project management module supports tracking of any number of IT projects and helps with planning. Ticket routing, prioritisation, and escalation options make it a favorite of many IT teams. The IT ticketing software automatically informs users about any changes to the status of their tickets and reported issues.

The analytical capabilities help link recurring issues to the root cause and eliminate their occurrence permanently. The knowledge base keeps the ticket inbox decluttered through self-service for end users.

Prices range from $10 to $50 per tech per month.

3. Remedy Service Desk

BMC’s Remedy Service Desk is the best option for an IT managed service provider who caters to enterprise users. It provides MSPs with a comprehensive service management suite that can be deployed in the cloud or on-premises.

Their incident management with service impact analysis is their best feature. It helps IT staff see how problems and incidents affect business systems.
Problem management detects recurring incidents and helps trace the cause.
Knowledge management delivers the required information directly to users and staff.

This service desk supports a multichannel report of incidents and issues via email, web service, self-service, social, or chat. Pricing is provided per request.

4. Freshdesk

Freshdesk is a solution that can work for internal IT departments, but it’s actually an IT ticketing software that’s better tailored for an IT managed service provider. Customer tickets are processed in a swift manner thanks to ticket workflow optimisation, routing, ticket response automation options, and service level agreement (SLA) management. The IT team can collaborate on a single ticket and resolve complex issues faster.

There’s a free plan available, while other tiers span from $19 to $89 per agent per month.

4. Zendesk

Zendesk is one of the best-designed ITSM solutions out there. Asset, problem, and incident management are done via a ticketing system that includes all the tools an IT team needs: ticket priority, tracking, and resolving have powerful automation options.

Everything is available from a central interface: on-premise information and third party apps, as well as self-service options and workflows, which makes it one of the best ticketing software designs available.

There’s a free trial and five price tiers that span from $5 to $199 per agent per month.

6. Jira Service Desk

Jira Service Desk is available as a cloud-based or on-premise solution that includes problem, change, and incident management, while the self-service feature helps users resolve tickets on their own by accessing a knowledge base.

The most notable feature includes the ability to link the Service Desk IT ticketing software to software issues, so the required IT experts will be notified about the issue faster.

There are two price tiers: $10 for up to three agents, and $20 for four to five agents, and discounts for larger groups.

7. SysAid

This is a cloud-based IT ticketing software that offers a wide array of features: from help-desk automation and IT asset management, all the way to performance analysis and monitoring.

Their incident report and service request modules, as well as their remote control capabilities, are their strongest features. They help track and resolve issues quickly. Their ticketing system is extensive and includes incident management, knowledge base, and a self-service portal, and incidents can even be reported via email. The tickets can be assigned automatically to the most appropriate IT professional, while escalation rules ensure all tickets are addressed in a timely manner.

The pricing is available from the vendor per request.

The best ticketing software helps resolve IT issues quickly but also plays a proactive role: by analysing incident reports, problems can be eliminated before they cause large-scale issues by tracing the root cause.

If you need help managing your IT support, contact us to discuss a quote.

Posted on January 7, 2019August 3, 2020 by Eli Migdal

How to Hold an Azure Information Protection Staff Training

In light of the latest data security climate, where a risk of a breach is higher than ever, it is of utmost importance to keep valuable data safe. Microsoft’s Azure Information Protection (AIP) helps in achieving this goal and it’s the solution we recommend.

Particularly when you consider that the UK average cost of a data breach is close to £2.87 million ($3.68 million) according to a recent report from the Ponemon Institute.

Azure Information Protection is a cloud-based data protection solution that keeps data safe through advanced encryption, identity, and authorisation policies.

But.

Adopting AIP isn’t enough – you need to train your staff on how to use it properly. Newly accepted regulations like the EU General Data Protection Regulation (GDPR), combined with concerns about what awaits the UK in terms of free data flow after Brexit, make data security an important aspect to every company, so it makes sense to invest into Azure Information Protection staff training.

Ensuring Your Employees Are ‘On Board’

Change is something many employees are not fond of, so getting them on board with Azure Information Protection Staff Training is the first thing to do before you begin with implementation and actual training.

When your employees are educated on GDPR and data breach consequences, they will become more engaged in Azure Information Protection staff training. Not being compliant and risking a breach could cost them their job because many businesses that suffer a major data breach never recover.

But, how do you do hold Azure Information Protection Staff Training?

Step #1 Educate on the Risks

Start by making your staff aware of the dangers of security breaches and just how little it takes for one to occur if data protection is lacking.

Step #2 Explain Their Role in Compliance & Data Protection

Many employees are not aware of just how important they actually are in keeping data safe. Start by explaining their role in the company security and compliance. Explain that whenever they send data – be it email or access to a folder – to somebody inside or outside of the company, it can be a security risk. The risk here is that often there are no resources that would monitor or restrict misuse of that shared data.

The most recent statistics included in IBM’s Cost of a Data Breach Report show that a staggering 27% of all data breaches that happened was caused by a human error – in other words, employee negligence was the cause.

Think about the following scenario: You are sending sensitive financial data to an outside partner. The partner is negligent and sends this confidential data to parties that should not have access to it. This constitutes a data breach.

A data breach has serious consequences far beyond actual financial costs including:

Hacking
Downtime
Loss of customers
Loss of personally identifiable information (PII) from customers and employees
Loss of intellectual property
Loss of financial information
Breach of data protection laws
Legal fines and claims
Reputation damage

Step #3 Show Why Azure Information Protection is the Solution

Proper training will help reduce the risk of a data breach as a result of human error. Before you fully implement AIP, ensure your staff become familiar with all the features and that each department knows how to utilise its full potential.

Explain how Azure Information Protection works and how, when integrated, in the organisation it can help on an operational level.

Step #4 Show off Features They Can Use

During Azure Information Protection staff training, the focus should be on providing specific and detailed guidelines to each department. Present all the important features that AIP offers:

You Can Classify Your Data – AIP helps classify and label data based on how sensitive it is through a system of labels that automatically protect it once applied.
24/7 Protection – Once you classify data and protect it, it stays protected. AIP follows data and ensures it’s protected even when shared outside of your organisation or stored on an external device.
Track Data and Revoke Access – AIP helps you track what is happening to data you have shared, and in case it’s needed, you can easily revoke access.
Log and Report Support Compliance – Get access to powerful features that help analyse and monitor usage of data. The reporting feature helps maintain compliance with rules and regulations.
Safe Collaboration – Thanks to labeling and classification, you have complete control over who has access to data and how they can interact with it.
Microsoft Office Integration – AIP is integrated into MS Office so you can secure any document with a single click as well as automatically in the background.
Easy to Manage and Deploy – AIP works in the cloud and on-site equipment too.

Step #5 Make it Specific

Once done, provide each department with detailed guidelines and best practices for using AIP specifically for them. For example, teach your finance department staff on how to use AIP features like the Do Not Forward Button or Sensitivity Bar, or your marketing department on how to apply AIP labels and send data to external partners.

If you want to make your AIP staff training easier, we’ve created an Azure Information Protection Staff Training Course on The TowerWatch Academy.

Posted on December 23, 2018August 3, 2020 by admin

Delete Metadata on Redacted Documents To Avoid a Data Breach

delete metadata on redacted documents feature image

Did you delete metadata on redacted documents the last time you sent them?

If not, it’s easy to see the original information if you know where to look and then you might as well not have redacted them at all! This doesn’t just apply to ‘Top Secret’ documents anymore, it also poses a problem under GDPR.

For example, it’s easier to redact personally identifiable information (PII) you don’t want to share when sending a document to third parties or externally. Rather than getting consent from each user or changing your document (or database) altogether.

But.

Some people have been making mistakes. The ICO reported that in Q4, failure to redact data was one of the most common types of data security incidents. So, ultimately, if you don’t delete the metadata on redacted documents it can lead to a data breach! To remove the risk, it’s best to remove the metadata. Here’s how it’s done:

Delete Metadata on Redacted Documents in Word

Select and open the Word document you want to remove the data from.

Click on the “File” tab and select “Info” from the menu.

Choose “Check for Issues” and select all the data you want to check the document for:
- Comments, revisions, and versions
- Properties and personal information
- Headers, footers, watermarks
- Hidden text
- Document server properties
- Custom XML data
- Ink

Click “Inspect” and review the results.
Choose “Remove all” to strip the document of metadata.

Delete Metadata on Redacted Documents in Excel

Select and open the Excel workbook you want to remove metadata from.

Select “File” > “Info” and under “Check for Issues” choose “Inspect document.”

Select the data you want to check:
- Comments and annotations
- Properties and Personal Information
- Hidden rows and columns
- Hidden worksheets and names
- Custom XML data
- Invisible content
- External links and embedded files
- Macros
- Cached data

Choose “Inspect” and review the results.
Select “Remove all” on each type of information you want to remove.

NOTE: If an Excel workbook was saved as a shared file, some information can’t be removed. This includes document properties, personal information, comments, annotations, headers, and footers. To remove these, you first have to unshare the workbook. Should you remove hidden rows and columns with data, this can affect calculations and formulas.

Delete Metadata For PDFs

Unfortunately, in the free version of Adobe, access to metadata is limited. So whilst you can view the properties, you can’t edit or remove them. To remove you’ll need a subscription to Adobe Acrobat XI or a specialist tool. But, here’s how to do it with an Adobe Acrobat XI license.

In Adobe Acrobat XI, locate the Tools panel in the top right corner.

Open the “Protection” tab and locate the “Hidden information” heading.

Select “Sanitize document” and click “OK.”

To choose what to delete, select the “Remove Hidden Information” option.
Name your file and click “Save.”

Delete Metadata on Redacted Documents in PowerPoint

Select and open the Powerpoint presentation you want free from metadata.

Under the “File” tab, go to “Info” > “Check for Issues” > “Inspect document”

Select the data you want to check:
- Comments
- Properties and personal information
- Revision data
- Custom XML data
- Off slide and invisible content
- Macros

Click “Inspect” and wait for the results.
Click on “Remove all” on all the information you want gone.

Delete Photo Metadata

Okay, this one might be a bit of a stretch as far as GDPR is concerned, but we figured we might as well show you how to do this as well whilst we were here! Also note that you can access photo metadata if you’re adding it to a document, so you’ll need to remove it before adding to a redacted document.

Right-click the image file and go to “Properties.”

Go to the “Details” tab.

Select “Remove properties and personal information.”
Select which data you want to remove.

Although it might seem like a faff! Incorrectly or failing to redact documents properly will lead to data breaches. Particularly when sending files publicly! so, delete metadata on redacted files and you should reduce your risk significantly.

8 Signs Your IT Managed Service Provider Is GDPR Compliant

GDPR Compliant IT Managed Service Provider Feature Image

Before hiring an IT managed service provider you need to make sure they are GPDR compliant, and capable of making sure your business technology is compliant too. You can’t afford not to.

With the recent GDPR regulations that came into effect in May, no matter how big or small your business is, you still need to comply.

But, that’s not all.

Under the GDPR, any 3rd parties that handle sensitive information on your behalf are processors, and your duty is to make sure they know their responsibilities too. Your service provider falls into that category. Here are 10 signs that indicate they have taken the appropriate measures to be GDPR complaint as well.

1. They can answer your questions on GDPR and how it relates to technology.

Your GDPR compliant IT managed service provider (MSP) should be able to provide clear answers to any inquiries related to the GDPR. They should have details on the type of data they manage and how it’s being stored, processed, and protected.

They should be able to explain what steps they are taking to ensure that data is safe, and they will be able to provide you with proof of how they are doing that.

Then, they should be able to explain how they can help your specific business do the same.

2. Their GDPR compliance is reflected in their contracts

To ensure that they are compliant, your managed service provider should have included GDPR principles into their contracts. Since they are exchanging data with you, the contract should reflect the GDPR regulations. If you have an ongoing contract with your MSP and it wasn’t updated yet, contact them ASAP and demand the update.

They should also have an up-to-date and compliant privacy policy.

3. They are ICO registered

Most MSPs will need to register with the ICO, some will need to pay a fee while others won’t. Only data controllers have to pay the fee, and if that applies to them you should be able to find them on the ICO public register.

Note: It’s highly likely they will need to be registered with the ICO. However, this is not always the case with every business. If they aren’t registered they should be able to demonstrate why they are exempt.

4. They honor new personal data rights

GDPR clearly states that individuals are the owners of their data and have specific rights pertaining to their data:

They have the “right to be forgotten” and can request that all their data be erased. When such a request is received, it should be solved within a month.
They should be informed about any usage of their data.
They have the right to request copies of their data.
They also have the right to correct any data collected on them.

MSPs should have policies in place that honor every single one of these rights. Although this places an extra burden on how they are handling data, not adhering to it can jeopardise them and the data they are processing.

5. They understand GDPR compliant tools

Since your MSP regularly exchanges data with you and others, they should ensure that data can never be accessed by an unauthorised party. This can be done through encryption and other security policies that keep data safe wherever it is.

Now imagine your MSP is storing data outside of the EU – their data centres are located in the US. Because they are still handling data from EU citizens, it still falls under the GDPR jurisdiction and should be treated as such. This means that no matter the location, that data should be protected in a compliant way.

7. They have updated their own practices

It’s easy to say you’re compliant but often companies will still be using their original bad practices. For example, automatic opt-ins, ignoring erasure requests, or using old lists without the proper consent.

8. Understand their own processes that collect and store data

Your MSP should be able to tell you which stages of their process they collect data, how it’s stored and in what way it is used. That should be part of their road to compliance. If they can’t they may not have been as thorough as they first appear.

Signs Your IT Managed Service Provider is NOT GDPR Compliant

1. They say “GDPR doesn’t apply”

This can be a major red flag. Because in most circumstances it will apply to some degree or another. Those who aren’t compliant often use this as an excuse but ignorance won’t stop their fines (or yours) if you work with them.

2. They aren’t willing to sign data processing agreements

A data processing agreement is needed for data controllers to use a data processor under Article 28. If this applies and your MSP is unwilling to sign, AVOID!

3. They have a ‘GDPR certification’

At present (Dec, 2018) there is no form of official GDPR certification/qualification or body of official training that gives this any weight. Of course, there are many training programs which can be helpful in providing education, but you cannot be ‘GDPR certified’ or ‘GDPR qualified’ as a company (yet.) This ‘qualification’ or training does not equal compliance.

Hopefully this has made it easier for you to determine the fact from the fiction when it comes to finding a GDPR compliant IT managed service provider!

If you wish to make sure your data is safe and compliant, we can help. Contact us today and let us help you set up the highest security standards for all your data requirements.

Posted on November 5, 2018August 3, 2020 by admin

15 Tasks IT Managed Service Providers in Hospitality Can Do

managed service provider for hospitality tasks feature image

The hospitality industry is starting to embrace digital solutions, with hotels being in the forefront of the industry. Still, many hospitality businesses downplay their IT requirements. For instance, they are still reluctant to open their doors for IT managed service providers in hospitality.

Hotels, hostels, resorts, bars, and restaurants assume they will see no benefit from investing into IT. Their main argument being that they don’t have the time or money to hire and keep IT staff. This is where an IT managed service provider (MSP) can help.

So, here are some of the things, we deal with and take off the plate of our hospitality-based clients.

1. Be Your IT Supplier Liaison

Whether it’s an equipment failure that needs repairing or replacing, software and domain licenses that need renewing or simply negotiating the best deal for tech rentals (think printers etc.) we can help.

As a managed service provider, we act as the middleman when it comes to dealing with suppliers and 3rd parties to talk their lingo and get things sorted as quick as possible. It’s a time saver, and chances are we can save you money long-term with supplier agreements.

2. Provide 1st – 3rd Line Support

Many MSPs provide various stages of support, from 1st-3rd line. Whether you need on-site assistance or a dedicated number to call, your MSP should have it covered.

Unsure of the type of support you need?

In the case of minor IT issues, you can access 1st line support and talk to general help desk operators that will guide you through the troubleshooting process. Common 1st line issues are related to email passwords and account access.
For more complicated IT issues, 2nd line support takes over, for example, a non-critical issue with your equipment or tills.
3rd line is your specialists who are trained in your specific systems. They are often the most qualified and certified and deal with complex or emergency issues. For example, your POS system going offline during service.

3. IT Management

If you already have an IT team but are struggling to tie it together in your operations and strategy, an MSP can help here too. A hospitality IT managed service provider can deal with your entire IT infrastructure, or just part of it depending on what you need.

They will proactively monitor your IT operations, assess the current efficiency, and suggest improvements and integration options to ensure the highest uptime and optimal data flow between systems. So that you’re making the most sales and providing the best customer experience possible.

4. Backup Solutions

The hospitality sector handles vast amounts of data, and with the introduction of digitalisation and the internet of things (IoT), the amount of data will steadily increase. It includes everything from sensitive data and credit card information to info gathered from your guests and customers that helps you segment them. This allows you to follow the latest trends, and offer personalised experiences, all the way to complex automation operations.

IT managed service providers in hospitality will take proactive steps to ensure all your data is safe in case of system failure, power outage, or natural disaster by using a cloud-based backup and disaster recovery system. This system ensures you have access to your data at any time, no matter what circumstances. It’s a reliable solution that offers better safety and protection than you could set up in-house. Check with your MSP to see which backup vendors they partner with, for us, it’s Microsoft Azure.

5. Handle Wi-Fi Security

It is very common to find unsecured or badly secured networks in the hospitality sector. Many restaurants and bars have unsecured Wi-Fi or use the same Wi-Fi that they offer to their guests, which leaves them vulnerable to security threats, most notably hacking and data breaches. To ensure the highest security, your MSP will establish a secure Wi-Fi network throughout your entire establishment or chain that only your staff will have access to, with a fully separate POS network solution.

They can also ensure the protection of your customer data and improved experience by setting effective customer Wi-Fi.

6. Ensure Compliance

While compliance in hospitality is traditionally tied to things like food safety, IT systems bring about their own set of compliance regulations to be followed. Your MSP will ensure that your technology and software solutions are compliant with government regulations (like GDPR) by utilising secure systems like Microsoft’s Azure Information Protection. They can also help with PCI DSS (Payment Card Industry Data Security Standard) compliance for your POS systems.

7. Standardise Equipment

A very common practice for medium to large enterprises is to standardise equipment to reduce costs and make maintenance and upkeep easier. But, for smaller businesses, this isn’t often attempted, because people don’t know how.

Your IT managed service provider can standardise current systems as well as oversee purchases to make sure they really are necessary and compatible with your current systems. Having this in place will allow for better monitoring, applying updates and reducing response times.

8. Offer Cost-Effective Solutions For Better Customer Service

Your MSP is more than just IT support. They are IT professionals with specific knowledge of your industry that follow the latest trends. Their goal is to align with your goals and help you offer an amazing service to your customers. In hospitality specifically, your IT managed service provider can advise on ways to improve customer experience through technology, whether that’s free Wi-Fi or even marketing beacons.

9. Facilitate Expansions

When opening a new venue or location, your MSP can help fit in the IT seamlessly with your design plans so you can future proof your venue. From simple tasks like outlets and power supplies to the larger, more intricate technological planning, expanding to meet the same IT standards you have currently has never been easier. For example, we liaise with contractors and project managers during construction to make sure IT specifications and planned equipment are tailored to.

10. On-Site Upgrades

Whether your equipment is due an overhaul or you’re in need of repairs, your IT managed service provider can implement them on-site with minimal effect to your customers. Often they can work out of hours to deal with upgrades at less busy times, but if not, they understand how best to proceed with the least impact. Luckily, when you hire an MSP they normally have notifications and analytics to check to deal with these upgrades ahead of time before anything goes wrong. But, even if issues occur, they are dealt with easily and swiftly.

11. IT Budget Management

All businesses out there have a limited budget, and it can be hard to determine just how big the IT budget of a business in the hospitality sector should be. The industry average suggests around 2.5% of your turnover should be spent on technology, but this will vary depending on the type of business you have.

IT managed service providers in hospitality will assess your current situation and offer a detailed overview of where you can save money and how. This will most commonly include software and hardware standardisation across all your devices and establishments. Additionally, hiring an MSP for your IT requirements means that you will pay them a fixed monthly fee, which is considerably lower than paying for specific IT services when something breaks down, when you need a major overhaul of all systems or emergency fees when you need something done quickly (that could have been prevented.)

12. Meeting and Function Room Setup

Do you make income from function or meeting room rentals? Improve your technological capabilities, become an innovative location for events and not only provide a better experience, but charge more!

Your MSP will inspect your meeting and function rooms in detail and suggest the needed technology and software to implement so they are fully equipped for social gatherings, ceremonies, or conferences. They will also offer their services to the party that booked your meeting/function rooms and help with the setup.

13. On-Site Repair and Maintenance

While traditional IT services offer maintenance and repairs only when you request it, managed service providers conduct proactive monitoring. This helps them spot an issue early on before it becomes a much bigger problem. They will repair and maintain equipment on-site as soon as they detect issues to give faster turnarounds before it breaks completely.

This also means you don’t have to sit on hold to a helpdesk who try to explain how to do the fixes yourself! It just gets done!

14. New Software & Hardware Audits

An MSP will continuously research new software and hardware options to see if they are viable and relevant to your business. An MSP has the required industry and IT knowledge to assess new software and hardware and determine whether they would benefit you. Often times, restaurants and other key players from the hospitality industry opt for solutions that might be a good fit for their needs but are not compatible with their current systems. An MSP will ensure that the tech solution you choose is compatible and won’t cause major disruptions during or after implementation.

15. IT Consultancy

Some IT managed service providers in hospitality won’t include consultancy, but we do. From consulting on IT equipment and device policies, to making innovative improvements to your security or processes that ultimately help you make money!

All of these tasks aim to improve your customer service and ability to sell to customers or maintain that relationship. Technology is overlooked in the IT indsutry, but that doesn’t mean it’s not important.

If you want a ‘one-stop-shop’ and unique MSP that deals with everything tech related for your hospitality business. No fuss, just seamless expert solutions, contact us HERE today.