The Financial Impact and Gains Of GDPR

The General Data Protection Regulation (GDPR) has taken four years of negotiations and debates, and the finalised legislation will come into place on 25th May 2018. As a business, the topic on everyone’s mind is how much is GDPR going to cost me? Looking at the cost vs gain of implementation, we have outlined what you could lose for non-compliance against what you can gain from being prepared for the EU’s newest law.

Breach charges

The most obvious way to be financially affected by the GDPR is through non-compliance. As it stands in Paragraph Five of Article 83 in the GDPR official document, the cost for breaching any of the legislation is a maximum of €20 million or 4% of the total worldwide annual turnover of the preceding financial year; whichever is higher.

While it is not currently known how high the actual fines for breaches will be, it is assumed that the initial infractions will set a precedent for continued charges. It is highly likely that the EU will implement high penalty to present a clear fight against non-compliance.

In the UK, the recorded highest fine for a data breach was given to telecommunications company Talk Talk. Talk Talk were fined for their violation of data over 150,000 customers names, addresses, dates of birth, phone numbers and email addresses as well as thousands of customers bank details and sort codes. In this instance, the cost for the telecommunications company was £400,000.

While it is not currently known the intended outline for breach charge levels, starting the legislation with a strong message of control seems to be the aim of the GDPR regulators.

Impact of reputation

While a data breach is considered the highest financial impact of non-conformation to GDPR, it is essential also to consider the cost impact for a bad reputation. With modern technology, customer-effecting incidents rarely stay out of the news. While all eyes will be on the implementation of GDPR, it will not be long to discover which companies are not complying from the onset.

In regards to the Talk Talk breach mentioned earlier, it is estimated that they lost 101,000 customers and suffered non-fine related costs of £60 million. Despite the violation happening in 2016, the company is still considered inferior to its competition; with a considerable amount of that falling to customers trust. It can take a long time for companies to earn trust and just seconds to cause irreparable or long-term damage.

The financial gain of GDPR

While many businesses are worried about the initial costs, in regards to time, resources, equipment and training, it is always important to remember the financial benefit that can be reaped from a well set up, maintained and in-house regulated policy.

Running costs

Many international companies invest considerable funding for country-specific officers in charge of monitoring the company’s data protection and liaising with government officials to ensure they are regularly updating and monitoring accordingly. Having an EU-wide policy will enable organisations to have less staff working on the data protection side as there is now only one regulation for all. This opens up opportunities for companies to deploy personnel to excel other aspects of the business.

Having one, firm legislation that is operated by all companies also means that costs of training new employees will be reduced as organisations can set up one business-wide GDPR training system.

It may be assumed jobs will be lost from the lack of need for country appointed government liaisons. However, employees with this background and understanding can successfully be deployed to a data protection officer (DPO), or monitoring role. These members of staff are the SMEs and the trainers who can reduce the costs for training new employees on the difference between the old and new legislation and how they affect the business in-house.

Reputation 2.0

As previously discussed, the negative impacts of reputation are critical contenders in the cost element of GDPR; however positive reputational results are essential to consider when looking to

reap financial gain. Customers are going to be using their research to find out which companies they can trust, and this will be reflected by the publication of data protection procedures and how prepared a company is to comply.

For your business, you can show your customers and prospects that their trust and your compliance is at the top of your priorities. Ensuring there is a clear outline, readily available to customers highlighting how you as a business intent to not only comply to GDPR standards but also how you intend to keep your customers well informed and protected will assist in boosting reputation for the company in comparison to competitors.

Reap the rewards today

As GDPR comes into legislation on 25th May 2018, there is no time to waste. It is important to ensure you are prepared well in advance and have spent enough time broadening your knowledge on the topic to ensure there are no nasty surprises. To make sure you are ready, get in touch with the experts at Cyan Solutions today to provide your business with the tools you need to see the benefits of GDPR.

Managing Volunteer Teams Through Good Technology

Coordination and communication are key to running a successful charity campaign. Organisations often want to bring together large, transient teams of volunteers to raise money. Making sure everyone works from the same playbook to the same ends can be difficult and time consuming.  

Getting the management of volunteer teams right, of course, ensures more money is raised while overheads are reduced, and efficiency and engagement improved.  

The good news is that today’s digital options are helping many charities achieve their campaign goals in more flexible and beneficial ways. 

The Challenge of Organising Remote Volunteers 

There’s no doubt that volunteers are the life blood of all charities. They give their time and effort to raise money and promote important causes across the UK and around the world on a daily basis. Many small charities have very few full-time or paid staff on board, so volunteers are vital factors for any campaign and ongoing fund raising.  

Charities, particularly smaller ones, operate on a tight budget and building effective relationships with volunteers is necessary. Even the simple act of thanking someone for all their work can prove challenging if you don’t have the proper resources at hand.  

Better engagement requires charities to find new and innovative ways to reach out to volunteers as well as organise remote teams when campaigns are running to achieve maximum results. Focused and flexible solutions such as cloud technology are attractive options, certainly for charities that are seeking to improve performance and lower costs at the same time.  

The Benefits of Cloud Technology  

  • Cloud technology meets the challenges of working with large remote teams, especially volunteers. 
  • It allows charities to access better communication management, collaboration tools and benefit from online date, whether staff are working at the head office or in a remote team. 
  • Cloud services can quickly be scaled up and down to meet needs of any campaign. 

In its simplest sense, cloud technology is a way of storing and accessing files and programs on a range of different devices and locations independent of where you are and what time it is. Someone can sign onto a cloud service and access all they need on their tablet, laptop or smartphone, wherever they are in the world. All they need is an internet connection.  

What is more important for charities is how scalable cloud technology is. This delivers high degrees of flexibility for organisations who can expand or contract their services depending on their current needs. For example, if a charity is running a campaign, it can roll out services to volunteers and improve communication and coordination. Once the campaign is finished they can then scale back that provision.  

Cloud technology brings a high-value solution that can be tailored to each charity’s specific needs. It greatly reduces the cost of administration and can certainly help charities spend more of their time raising money rather than administrating. Neither is there the need to worry about licences and permissions which can all be handled by the cloud provider.  

Most charitable organisations are worried about security because they hold sensitive data on everyone from donors to volunteers. This is another area that cloud services generally cover more effectively than inhouse IT providers nowadays – security is updated automatically to help keep users safe online, wherever they are in the world.  

The Apps Helping Charities 

Better connectivity and the fact that so many of us have smartphones and tablets nowadays has also begun to change the way organisations such as charities view the use of apps. Developing an app is becoming increasingly common but there are also many off-the-shelf solutions available now that are aimed at volunteers and improving communication and engagement in the third sector.  

Charities often have large numbers of volunteers working across different departments and areas, sometimes all around the world. Checking what they are up to, producing reports and maximising performance has often depended on an old-fashioned form-filling exercise. An app like Track It Forward allows volunteers to log their activity and for charities to quickly access information that, in the past, would have taken weeks or even months to collate. Another similar app is Sign Up which helps get volunteers onboard and track their progress.  

Attracting volunteers has always been challenging for smaller organisations that don’t have the visibility or advertising power of some of their third sector peers. An app like VolunteerMatch is designed to put people in touch with their perfect charity – they sign on and browse for organisations in a particular area and which meet their criteria. Charities can post their details for free and reach new volunteers within a matter of minutes.  

The Challenge of Embracing Tech for Charities 

A survey carried out by Blackbaud in 2016 found that just over 7% of all charitable giving is carried out online. It’s a potential that smaller organisations have been slow to grasp but which presents a huge opportunity for not only encouraging donations but engaging with volunteers more effectively. Larger organisations like Oxfam have been moving forward in this area for a few years now, for instance, introducing opportunities for people to donate using contactless payment systems at points around the UK.  

While for smaller charities, who make up the vast majority in the third sector, it can be difficult to develop a dedicated app, there are plenty of low cost solutions out there than can improve efficiency and engagement, particularly when it comes to organising volunteers.  

Today’s cutting-edge cloud services not only provide a range of on demand IT support services that many can benefit from, they are highly scalable. That means charities can keep a tight control on where their IT is used and how budgets are spent. It also means that smaller organisations now have the capacity to explore new and exciting ways of bringing volunteers together and coordinating them during important campaigns.  

 

Cyan Solutions are the perfect fit for charities that want to be empowered using technology. Highly scalable cloud solutions mean that you can tailor your IT support to meet your immediate needs, including organising and communicating with networks of volunteers during campaigns. If you want to find out how the cloud can revolutionise your organisation, contact our friendly team today.    

What You Need To Know About GDPR: 6 Key Principles

What is GDPR?

Formulated over a total of four years, the General Data Protection Regulation (GDPR) has been developed in order to monitor and regulate the new ways that consumer data is used in an ever technologically advancing world. Replacing the 1995 EU Data Protection Directive, it is designed to implement the stricter regulation, as well as hefty fines of non-compliance and breach of data, and give consumers more control on how their data is stored and distributed by companies.

Principle One: Compliance and company-customer honesty

Any data shared with a company by a customer is still lawfully owned by the customer. GDPR is designed to help customers sharing data stay in-the-know about what happens with their data and offers the ability to review it. For businesses, the processing they describe must match what they have outlined as their objective. Stricter monitoring of this means that any organisations breaching contracts between themselves, customers and the EU regulators will face higher fines and harsher repercussions.

Principle Two: Purpose limitations

The initiation date in May 2018 brings in new rules in relation to the reasoning for obtaining data. Outlined in the official document, personal data may only be collected for ‘specified, explicit and legitimate purposes’. This means that customers consenting to a company holding their data cannot have their data used for marketing, consumer research or third-party distribution. Removing the clauses allowing organisations to use the submitted data in deceiving ways allows for a higher level of privacy and control over what is happening with your personal information.

Principle Three: Relevance

Where a customer would once supply a considerable variation of their personal information to allow businesses to have full records, the new legislation controls companies from obtaining any data that they do not explicitly need. Anything not relevant to the process the data is required for must either never be obtained, or removed to ensure it complies right from the beginning of the legislation.

Principle Four: Accuracy

If a company intends or requires holding customers information for a considerable length of time, they now must ensure that not only does it meet a 100% accuracy rate, but also that it is regularly updated to make sure it is up to date. Periodically checking the accuracy of the data is a secondary way to ensure that what is being stored is still relevant and required for the practice in motion. Developing a successful method for managing and storing data also assists in consumer protection against identity theft.

Principle Five: Limitations

Ensuring that identification of data subjects is monitored and regulated allows for businesses to regularly review the need for specific data. Applying company based compliance settings on how long a consumers data can be obtained without regular review or use is a sure-safe way to ensure GDPR is always being applied and avoiding stern charges and repercussions. Also, checking the finality of deleted data is a safe way to protect a company from any negative consequences, as well as protecting the customer from the dangerous distribution of their information or identity theft.

Principle Six: Security

While a business may be maintaining strenuous legislations about the removal and relevance of consumer data, it is important to remember the importance of an air-tight security management system. Security is essential to ensure third parties cannot enter the system and obtain information that a company could be held liable for distributing. Employee confidentiality, two-step computer systems are locked, and remote storage are just three of the ways as a business you can ensure the protection of a consumers data, and your own licences.

Think about your clients

Consumers will be aware of the implications of GDPR and will know what to look for when assessing your business. It is worthwhile considering the customers perspective to make sure your GDPR system is compliant in their eyes.

Consumer safety measures include;

• Terms and Conditions – Does your business make your terms and conditions as well as data opt-in readily available?

• Requesting deletion – How will your business handle requests and cater to customer needs. What is the timescale for removal and how can errors be avoided in this situation?

• Rights – Customers may ask for clarification on your policy to ensure you are a trustworthy business. Can your organisation provide the knowledge and peace of mind that the customer is looking for?

If you need help addressing any GDPR concerns, then get in touch with the IT Solution experts at Cyan Solutions. The team can help you to implement the necessary GDPR measures to ensure your business remains competitive, successful and compliant.

How GDPR affects charities

In addition to understanding the General Data Protection Regulation in businesses, it is also essential to understand the role of the GDPR in non-profit organisations. Any organisation that will hold personal data will need to comply with the new GDPR. The new regulation can be an opportunity for charities to rethink the way they store data, and whether or not the processing of sensitive data is effective. There are a several ways the GDPR might affect the way charities manage data and consider their current processes.

Volunteers

The information about volunteers and the training they receive should be just as employees, and this might result in a processing rethink. An audit is a preferred method of beginning to prepare for the GDPR. This will identify what information you hold, the place of origin, and where you will use that data.

The audit will provide a basis for what needs to be done to comply. The location of the information is essential, as well as the length of retention, and most importantly the risks associated with holding the data. These are all things that might need reconsidering; it may be worth following best practice in business to make sure non-profit organisations comply with GDPR.

Volunteers should also have the necessary and sufficient training for GDPR. This will include making sure there have refresher training sessions to keep data protection issues at the forefront of staff minds. Training can consist of training on transferring data securely and the importance of complex and regularly updated passwords. Any policies that you create as a result of the GDPR need to be distributed, and these policies need to be fully understood.

Individual consent

The individuals whose data you hold need to be able to provide explicit and educated consent. The information about consent will need to be separated from the terms and conditions and will need to be presented in a way that the individual can fully understand. Approval must be actively acquired and reviewed to ensure understanding and avoid miscommunication. Information about what data you store about an individual must be easy to find, and always present.

Consent will cover the donors as well as individuals that your charity helps.

Encrypted technology

Ensure that all technology used to store personal data is secure and encrypted. This should include hard drives and memory sticks. Encrypting technology can avoid data breaches, and protect the data of the individual, as well as protecting the charity.

Charities may need to include in their budget the scope for enhanced IT solutions, to make sure all of the technology they use complies with the necessary regulations. At Cyan Solutions, we can help to ensure you have the right IT solutions in place that will conform to the essential requirements.

How your customers benefit from using a smart meter

The evolution of smart meters

Around 7 million smart meters have been installed in homes in the UK since they were introduced in 2009, primarily to simplify the billing process.

The government hope that these will help to create a more efficient, low-carbon, and reliable energy grid. They originally stated that every home would have a smart meter installed by 2020, but they have now changed this to say that every home will be offered a smart meter by 2020, giving consumers back the choice.

 

How do smart meters work?

Smart meters automatically send gas and electricity readings digitally from the customer’s house directly to their energy provider. They do this using radio waves like those used by mobile phones and televisions, meaning an internet connection is not needed to send and receive data.

The customer has an in-home display screen showing how much energy they are using, and the meter is installed for them by an engineer so there is no need for DIY.

 

What are the benefits of smart meters?

The main benefit of having a smart meter is that the consumer no longer needs to send meter readings to their energy supplier, or let their representatives into their homes, to receive accurate bills. This also saves costs for utility companies not having to employ teams to read the meters.

In addition to this, consumers can track their energy usage using the in-home display screen and see exactly how much energy they are using and how much it is costing them to do so. This can also be monitored via an online account and will display figures in almost real-time.

Most smart meters will allow the customer to see how much energy has been used within the last hour, week, or month, which means that they can see how this differs over time and gain understanding about how they might be able to cut down their energy usage and save money.

It has been estimated that the average household will save around £26 per year by 2020 after having a smart meter installed, and this will rise to a saving of £43 per year by 2030 due to rising energy costs. The display itself is very low energy and only uses around £1 of electricity to run per year.

In addition, data can be gathered about how much energy is being used at which parts of the day which can be used to create more accurate tariffs that will help customers to save money and use energy more efficiently.

This is also good for the utility companies as a better understanding of their customers enables them to develop more targeted products and services.

 

As there are so many benefits of using smart meters for utility companies, consumers, and the environment, we believe they are a great innovation and adoption will continue to increase rapidly.

The Data Protection Law Is Changing: What Does Your Business Need To Do?

Coming into force on the 25th May 2018, the General Data Protection Regulation (GDPR)will mean businesses have to adhere to new rules for managing personal data set by the European Parliament and European Council.

GDPR will be binding and enforceable. With the threat of hefty fines for non-compliance, here is our simple guide to what your business needs to know and act on before this crucial deadline.

Why is GDPR important?

With cyber security threats increasing, there has been increasing focus on safeguarding personal information. It is a strict privacy law that offers potentially worldwide benefits and peace of mind to individuals who share their data. By protecting data, you can protect your business from a potential exploitation, attack or data breach which can significantly damage your organisation and its reputation.

Does GDPR affect my business?

If your business processes personal data for any individuals who live within the EU, then your business must adhere to the regulation. Even if your business is based outside of the EU, if you have personal data for anyone within the EU, the regulation still applies. If you are in the UK, despite Brexit looming, it is likely that the UK will continue to maintain this regulation. So, it is best to act now to avoid potential fines from next year.

What personal data is applicable?

Personal data is considered any information that may identify a person. Direct and indirect data collection applies. Some of the information that’s subject to GDPR regulation includes;

  • A subject’s name
  • Email address
  • Social media posts
  • Bank details
  • Medical records
  • IP addresses
  • Mobile phone IDs
  • Genetic information
  • Biometric data
  • Fingerprints
  • DNA samples
  • GPs

In fact, anything that can physically, mentally, economically, genetically, physiologically, culturally or socially identify an individual must be considered.

Even if your business does not keep data, you may still be liable to follow GDPR regulations if you process information on behalf of another business, agency or individuals. You can find out more from the Information Commissioners Office.

How can my business comply with GDPR?

It is wise for businesses, individuals and agencies which fall into the category of data controllers or processors to have access to an appointed person who has data protection knowledge and understands what to do to comply with data protection law.

For larger organisations, GDPR may enforce you to have an appointed Data Protection Officer. For smaller teams, it may be beneficial for data protection to be a part-time role. Alternatively, it may be worth using a consultant with expert knowledge to help your organisation to achieve compliance and maintain good practice standards.

What measures can my business take to improve data protection?

There are many ways that businesses can increase their security measures which, in turn, will help to adhere to GDPR regulations. Considerations for your business and its security include;

  • How can you make document management more secure?
  • Is your user identification sufficient?
  • Is your data encrypted?
  • Can you improve data overwriting or automatic deletion processes?
  • How can you protect your business from malware?

With GDPR coming into force, now is a perfect time to consider the accuracy of the information you have, how accessible it is as well as the storage and retention policies.

What happens if my business does not comply with GDPR?

Should there be a data breach or your business is found to be non-compliant, the penalties are serious. A severe issue could lead to a fine of €20 million or 4% of your annual global turnover, whichever is greater. Fines can be less and will depend on the severity of the breach. What’s important is that this is a situation that is not taken lightly and investing in compliance could save your business in the future.

How can Cyan Solutions help?

With expertise in information technology, we can empower your business not only to understand the new GDPR regulation, but we can also enable your business to achieve and sustain compliance.

If you want to find out more about how we can help to support your business with GDPR compliance, get in touch for friendly, expert advice.

Microsoft Office 365: Discounts and Subscriptions for Charities

All charities need to be careful about their spending, especially when it comes to administration. For many, it’s a constant challenge to find areas where savings can be made while ensuring that everything works as it should and donations are maximised.

Getting it right means more cash available for the good cause that is being supported. Getting it wrong can quickly drain valuable resources.

One area where charities always look to make savings is on IT licences and supply. The good news is that cutting-edge packages like Microsoft 365 come with heavily discounted rates for charities in the UK

Microsoft Office 365 For Non-Profit Organisations

Microsoft has a pretty good track record of working with charities around the world, providing cut price IT solutions with superb functionality. It’s one of the reasons why Microsoft Office has long been the industry standard for all sorts of organisations. The vast improvement in technology with cloud-based services nowadays provides all users with an excellent range of highly useful tools that can be used absolutely anywhere.

Microsoft are currently offering either free or heavily discounted licences for non-profit organisations. There are two packages available for small and medium size charities:

  • Non-Profit Business Essentials: For charities that are simply looking for email provision, cloud storage and sharing facilities for files as well as excellent team working tools, the donation licence is free for up to 300 users. Staff are able to access Office 365 tools such as Word and Excel through web versions.
  • Non-Profit Business Premium: For charities that require desktop business applications such as Word and Excel as well as all the usability provided in the Essentials package, the premium business licence is just £1.50 per user per month. That’s a massive saving compared to the normal premium business package which is currently £9.40 per user per month.

For larger charities there are 3 different licences to choose from:

  • Non-Profit E1: Similar to the Business Essentials package, this is free, available for up to 2,000 users, and comes with web access for Word and Excel.
  • Non-Profit E3: This provides desktop Office applications as well as a host of useful elements such as web conferencing, work management tools as well as the chance to broadcast to over 10,000 people via the internet. The licence costs £4.00 per user per month and allows unlimited accounts.
  • Non-Profit E5: The top package is aimed at large charitable organisations that need better security such as data protection with DLP, higher level analytics and advanced eDiscovery tools. The licence is £8.00 per user per month.

The Benefits of Office 365 For Charities

Apart from the low cost of running Office 365 and all its elements for your charity, these licences come with a lot of other advantages that make them some of the most powerful IT packages on the market today.

Many charities have workers that are mobile and out in the field. Office 365 is cloud based technology which means that files and other information can be accessed on the go, wherever someone is located. Everything can be synched across multiple devices in real time, so an employee can update files any time they want. It makes communication much more fluid and team working highly efficient, independent of where staff are based.

Changing to a service like Office 365 is also highly cost effective. Cloud based tech means that you no longer need to have expensive hardware driving your IT system. It’s simple to migrate everything to the cloud and easy to maintain at a much lower cost. The other good news is that it’s also highly scalable – the service grows or even shrinks to meet your personal demands as a charity and adding more users couldn’t be simpler.

Of course, one thing that all organisations worry about, particularly charities, is the issue of security. Microsoft have a strong reputation for providing a highly secure environment for businesses and charities of all types to operate in. Not only will you have all the tools you need, you can be sure that your data is well protected with security systems regularly updated to handle all current risks.

Eligibility for Microsoft 365

To qualify for the non-profits discounts and free subscriptions you need to be registered as a charity in the UK. In England and Wales, this means you need to be registered with the UK Charity Commission. In Scotland it’s the Office of the Scottish Charity Regulator (OSCR) and, in Northern Ireland, you have to be registered Charity Commission for Northern Ireland (CCNI).

Other non-profits need to be registered with HM Revenue & Customs (HMRC) as tax exempt.

Get a Free Audit Today

At Cyan Solutions we offer a comprehensive free audit to all charitable organisations. We’ll be able to look at your current provision and advise which licence plan is best for you. If you want to save money and streamline your IT, contact our team today to see how we can help.

How to protect your business against phishing scams

Phishing is a form of online identity theft that has grown in popularity by hackers over recent years. It primarily affects home internet users, however a number of users have found themselves a victim at work, simply because they didn’t expect to see it within the confines of the office. Here’s how you can protect yourself, your colleagues and your business from phishing scams.

Phishing scams are one of the most common forms of cybercrime. In fact, it is now so widespread that it is commonly believed to be the most common form of cybercrime. It makes use of false emails and fraudulent websites in an attempt to steal a person (or professional’s) personal information. This often includes debit/credit card information and passwords.

For businesses, passwords are all the more valuable. When it comes to IT infrastructure security, information held by humans is often the weakest link, and what results in the majority of cyber attacks. Therefore, for business users, avoiding phishing scams is all the more important.

Clearly one of the most important ways to avoid phishing within a business is with high quality security rules and regulations. Be sure that these are always properly explained to new team members. Alongside this, be sure you have the finest security solutions possible installed across your systems.

Here are some of the things you should educate your team about phishing scams in order to protect your business:

Know how phishing emails work

Phishing scams occur from links in emails that appear to come from trusted sites, and often they link through to sites that mimic the actual site. Ensure your team know to be wary of anything that requests personal or business information, especially that which is financial or requires a password. Phishing commonly uses scare tactics. Luckily within a business setting individuals will usually report this kind of email.

Never click links you are uncertain about

Bad links within phishing emails can result in attacks of your IT infrastructure. While you should have the best possible security linked to your business email provider, some can get through. Be sure to let team members know that they should never click links just because they are curious.

Report all dodgy looking emails to an IT admin

Having a reporting policy in place for any phishing email attempts is the best possible way to ensure education and awareness across the whole of your business. If you don’t already have a policy in place, create one and be sure to communicate it to everybody.

The best person to deal with phishing emails is an IT admin. They should be able to report the email to any web service provider that you use, and also educate your team about the attempt.

Flaw in Intel Chips Puts Millions of Computers At Risk

  • A flaw in computer chips, particularly those produced by Intel has been identified and could potentially put your pc or smart device at risk.
  • The bugs that could affect computers and smart devices, as well as cloud servers, are called Spectre and Meltdown.
  • All the major companies, including Windows, Linux and Apple, are now working hard to roll out the fixes and patches to solve this issue.
  • Everyone should update their systems as a matter of priority when patches become available, no matter how old or how new your computer is. That includes those devices you use for home and business.

The New Year has started badly for online security with news there is a serious flaw in the design of widely used Intel chips, something that could affect millions of computers bought over the last decade or so. While Microsoft, Linux and Apple are all working hard to update their operating systems in order to solve the problem, many computers still may be vulnerable and have been for some while.

Essentially, the flaw in the chip has gone unnoticed for the last decade and the problem has only just been uncovered by researchers. It puts many computers at risk from potential hacking because of a back door that gives access to the chip’s kernel. This means that hackers may well be able to get past any existing cybersecurity measures, including antivirus and firewall, no matter how robust they are.

Experts have pinpointed the disruption to speculative execution which is used to basically speed things up on your computer. Your data should be protect and, more importantly, isolated so that it can be kept secure. Researchers have found that this data can actually be exposed while your processor queues it up, giving hackers a chance to spy on your information.

What Cyan Solutions Are Doing?

Firstly, all operating systems that run on an intel chip, whether you have a new computer or an old one, will need to be updated. If you have automatic updates on your computer turned off for any reason, you should turn them on as a matter of priority.

For all Cyan Solutions managed Windows systems, patches will be applied as and when they become available and some already have. If you have any concerns at all, you can contact our support team for further information and help on 02392 333 365.

We will, of course, keep customers fully updated on progress as this story develops. If you have home computers or private devices, again, make sure you keep everything updated and download and install the latest patches as soon as they are available.

What The Intel Chip Flaw Means

Of course, we’re used to security issues and everyone, particularly businesses, understand there is a constant battle being fought to keep everyone safe online. Issues normally arise because of malware and other attacks but this is a flaw that affects one of the main hardware components of our digital devices.

The good news is that a fix is on the way for all Windows, Linux and Apple operating systems and should be available within the next few days and in many cases updates have already been issued.

The bad news, according to some experts, is that the patches could slow some computers down, particularly those over five years old. At the moment the information is that this performance hit could range from 5% to 30% depending on the processor and task, read here for further information.

This should not prevent you from updating your system, however, as it is imperative that patches are applied as soon as possible.

Is It Just Intel Chips?

There is also speculation that the flaw could reach beyond Intel chips to those made by ARM and AMD as well – you’ll be glad to know that these companies are working together to ensure they are covering all the bases.

What Is Being Done?

As you might expect, all the major operating platforms are working extremely hard to develop their patches to solve this particular issue. Microsoft have issued a statement saying:

“We are in the process of deploying mitigations to cloud services and are releasing security updates today to protect Windows customers against vulnerabilities affecting supported hardware chips from AMD, ARM, and Intel.”

Linux have already issued an update they say solves a large part of the problem. Apple have confirmed that all their devices accept their watches are affected by the chip flaw and have issued updates to mitigate many of the issues but will have further ones in the coming days.

Companies that offer cloud services are also potentially affected. Amazon have stated that all but a small percentage of their EC2 fleet is protected and they are providing updates to fill any slight cracks shortly. Google have also stated that they have updates and patches covered for their systems.

This is a serious problem but one which is being resolved as we speak. Cyan Solutions will update both our own and all our client’s software to ensure they have the latest patches and solutions in place to protect their systems.

If you have any queries at all, then contact our help team on 02392 333 365 or email us.

 

What even is a blockchain?

In recent months there has been a great deal of talk about the underlying technology of Bitcoin, blockchain, and its potential to be a huge disruptor. It’s potential uses are cited to be inumerable, with entrepreneurs and forward-thinkers from any and all sectors finding ways that it could be utilised in their area.

But what even is it?

Well, blockchain is almost like an extended and linked database. Many of us have heard of Bitcoins and cryptocurrency. Blockchain is basically a ledger of records grouped together as batches of data called blocks. These use cryptographic validation to link themselves together. Each of these blocks references and identifies the previous. This forms an unbroken chain. With us so far?

Probably not. To simplify it even more, blockchain is like a database that validates itself. What makes it different to other databases is that it exists in multiple locations at one time – it’s said to be distributed across these locations, in multiple locations, so that anybody can maintain a copy of it. Meaning that nobody can tamper with the records.

Accessed from anywhere within the chain, a blockchain will be able to see any and all previous transactions, and when new transactions are added, they are done so irreversibly, and so become another previous transaction that remains on the chain permanently.

A permanent, transparent database existing in multiple locations

If you are still with us, hopefully you will begin to see that a blockchain is effectively a tamper-proof, permanent, community controlled and shared database. Another term for a blockchain is a multiple distributed ledger, or MDL – something which has been around since 1976. So why the change of term? Well, read on.

That’s where the Bitcoin bit comes in

Bitcoin simplified the traditional MDL into the blockchain that we see today – and that everybody is raving about. Bitcoin’s nature as a currency maintained by a community and owned by nobody made blockchain ideal. Through blockchain, Bitcoin was able to be labelled secure, permanent and always trackable.

Where and why would we use blockchains

Simply put, blockchains can be utilised in any instance and in any sector where trust is hard-founded. As a registry within a sector, a blockchain would provide complete and total clarity looking backward for regulators and auditors, simply because all data within it is immutable and permanent.

And it’s not just for the financial too. Blockchains could be ideal as an audit-trail for pretty much anything.

That’s what blockchain is.