axon-IT has been appointed by one of York’s largest student housing letting agencies, IG Property and Manchester-based quantity surveyor, Salem, Myer, Simpson. Along with this, axon-IT has been selected by Gaddum Centre, which is a registered charity providing a range of social and health care services situated in Manchester, Bury, Oldham and Rochdale.

Finally, axon-IT’s latest account win is Nash Industrial Services Limited. Based in Buxton, Nash is a specialist contract cleaning company who work with large manufacturers such as Tarmac.

Graham Fern, axon-IT Managing Director says: “This is great news for axon-IT. In the current climate it is exciting to achieve one account win, so you can imagine what it must feel like to win four. The team and I are very much looking forward to working with all companies”.

For more information on axon-IT and their range of services call 0845 313 0025 or go to www.axon-it.com.

Press Information:-
For more information, photography or an interview with the senior management team please call Anthea Fosti, Kathryn Renshaw at Zeus Public Relations Limited on 01260 271429 / 07971437042 or email anthea@zeuspr.co.uk.

The increases in capital expenditure, axon-IT point out, are endemic of a feeling of increased confidence amongst their clients, displaying possible early green shoots of recovery.

Recent clients making further IT investments in systems and hardware include Brighter Futures, UKSourceLab.com, Shokk Gym Equipment and Gascoigne Halman.

Graham Fern, axon-IT director comments, “Despite all the negativity surrounding the UK economy, we have seen substantial growth this year, both with new accounts, and more recently with existing clients choosing to upgrade their systems.”

The business is co-owned by directors Graham Fern and Mike Agutter, who set the business up in 2001. They turned over in 08/09 over £800,000.

axon-IT is a Microsoft Gold Certified Partner and Small Business Specialist, providing managed, outsourced IT services. They supply clients with an up-to-date, stable and secure infrastructure through which to run their day-to-day IT operations and business.

The firm specialises in design, implementation, troubleshooting and provision of business-focused end-to-end IT solutions.

For more information on axon-IT and their range of services call 0845 313 0025 or go to www.axon-it.com.

Press Information:-
For more information, photography or an interview with the senior management team please call Anthea Fosti, Kathryn Renshaw at Zeus Public Relations Limited on 01260 271429 / 07971437042 or email anthea@zeuspr.co.uk.

 
Axon recently had an issue enabling Bitlocker encryption on a Dell Vostro 1510 with a TPM chip and Vista Ultimate. The laptop came with the TPM Infineon software and driver installed.

 
However with the TPM support enabled and the chip activated in the BIOS and having completed the Infineon setup wizard which initialised the TPM chip, Bitlocker could not be turned on. The following error message was displayed:

 
A TPM was not found. A TPM is required to turn Bitlocker on. If your computer has a TPM, then contact the computer manufacturer for Bitlocker-compatible BIOS.

 
This issue was resolved by the following steps:

 
1. Uninstall the Infineon TPM Professional Package via the control panel.
2. The uninstall wizard will recommend that you disable the TPM chip. Select ‘yes’. This will take you to the Infineon Security Platform Security Settings tool. Select the advanced tab and disable the TPM chip under the Security Platform Feature.
3. Reboot the laptop and enter the BIOS. Enable and activate the TPM chip, save the configuration and let the laptop restart.
4. Confirm the Enable and Activation of the TPM chip and then continue.
5. Once logged on with local administrator rights go to Device Manager, System Devices and ensure that the Infineon driver is not listed. If it is right click and uninstall it selecting the delete driver checkbox.
6. In Device Manager scan for hardware changes. This should detect the TPM chip and load the Microsoft TPM 1.2 driver. This should appear under a Security category. If the system does not detect the TPM chip manually install it selecting security devices.
7. Go to the Bitlocker section of control panel under security. You should now see the TPM administration tab and be able to turn Bitlocker on.

• Identify assets and which ones are critical
• Identify and assess threats
• Assess the vulnerability of critical assets to specific threats
• Determine the risk
• Identify ways to reduce those risks
• Prioritise risk reduction measures

This all makes sense as an overall “big picture”, but we now need to optimise these guidelines to reflect the businesses’ need to conduct a Risk Assessment on its IT infrastructure, and the systems that run on it.

The first question in my mind is how important Information Technology (IT) is to the business that I am dealing with?

Ask any business owner that question and they’ll all say they cannot accept any risk. This question needs to be impartial, as setting a goal of no risk is unlikely to be reached, and will have considerable cost implications.

I do not ask this question nor is it one I expect an answer to. It’s a feeling that one builds up as the discovery process unfolds, as to the importance of IT within the business. This allows you to tailor any solution relevant to risk versus cost, as it nearly always is a balance of these two factors.

I will now translate the points above into the IT world, and some of the key areas that should be considered.

Physical IT Assets (i.e. servers or other devices). Compile a list of these devices, then assess the effect of each item from the list below, and the possible knock on effect to the business and its continuity:

– Theft (physical security)
– Fire & excessive heat
– Water or excessive damp
– Equipment failure or damage

Software Assets (i.e. databases or business applications). Again, compile a list of applications or software systems that your business uses day to day, and consider the impact on each point.

– Theft of data (through poor data security or a disgruntled employee being malicious)
– Software failure (e.g. a business database)
– Accidental data deletion or corruption
– Data being unavailable due to physical equipment failure
– Data security (who can access what and from where)

Having looked at these two key areas you will be forming opinions about importance and risk. What are the chances (or risk) of a fire or a flood? What about theft?

Now we have to attribute the chances of said item happening and what percentage of that chance are you willing to accept? This answer will in turn reflect the likely cost implications in order to meet the requirement.

The average business will have tight financial constraints that mean they have to accept some risk. They have to deal with the reality of day to day risk, which normally presents itself as data loss through hardware failing, data corruption or accidental data deletion.

Here are some thoughts to a simple blanket solution that turns a blind eye to the more exceptional risks, but covers the likely events:

• Ensure all hardware, have good manufactures warranties. Typically this would be three years cover with four hour response or next business day at least
• Ensure all business critical software has support from the suppliers, and be clear what that support offering actually is
• Protect all vital physical equipment from theft
• Protect key equipment from electrical surges or outages
• Backup key data- this is a large subject matter on its own but a good disaster recovery plan is vital and it must be multi layered (i.e. don’t rely on one system). Remember though a backup is only as good as the last restore!
• System administration. Ensure you either have qualified professional IT staff, or use an industry certified outsourced IT Support Company, who can maintain system integrity and security to ensure no risk is presented through viruses, spyware, hacking or incorrect access to data etc. Ensure you have a service level agreement with your IT department, so you know likely response times in the event of things going wrong.

In summary, IT Risk Management is largely common sense, but ensure you seek the right IT professionals to help guide you through the possible scenarios and the solutions. From this you will strike that balance of risk versus cost, and ultimately your peace of mind!

The reason why Acorn has opted for Avaya is due to its ad-hoc call recording facility. Acorn is shortly going to be offering a service where your staff can contact them directly before the start of work to report any sickness.  To me this is would be a great weight of my mind knowing when an axon employee called in sick that acorn takes the call and  gives that person the appropriate advise and I was given a report advising axon as to what appropriate actions were taken to help the employee when sickness occurs.  Acorn have recently invested in a bespoke database assessment system which will allow them to provide the customer reports quickly and efficiently.

Axon have provided both the Avaya IP 500 and the Database Assessment System and wish Acorn every success with their new service offering.

With the recent Swine Flu epidemic, Andrew Burrows, Director has sent me a PDF document, should you have any concerns about swine flu give Andrew Burrows or Isabel Burrows a call on 01260 277797.

www.acornoh.co.uk

pandemic-flu-briefing-note3

Everyone is aware of the issues in the media regarding internet usage and the security of our electronic data that we store or transmit to 3rd parties. These perceived issues are almost the same; it’s just the scale of the solution that differs and therefore the cost. So is it really an issue or are we just scare mongering?

The simple answer is both ‘yes’ and ‘no.’

Is my computer and its data at risk?
Yes it is if you don’t take reasonable steps to protect it. Would you leave your home unlocked? Of course not, but nevertheless this simple analogy holds true to computers and systems that are at risk if you ‘leave the door wide open’.

So how do I ‘shut the door’ to my PC network and lock it?
Some simple steps will effectively reduce the risk to an acceptable level – we must protect our data and limit the amount of risk, but without spending very large amounts of money. The solutions differ slightly between the home user and the business user but in this case I will focus on the business.

Using analogies again lets think of a bank. When it comes to protecting the money, banks place their highest security closest to the actual money – the bank vault door with complex alarms, together with the front of house security- a simple lockable door, a visual deterrent in the form of a security guard, some cameras and likely some toughened glass protecting the bank clerks.

This is referred to as a multi layered approach that allows and encourages normal people into the bank, but in turn discourages the robber with a difficult path to the money.

This analogy holds true to IT systems and the data they contain. IT security should be tiered with multiple levels of security from the front door to the bank vault.

So how does this really translate from IT speak into real world? Firstly email, we all use it, in fact in a recent Microsoft study it was determined that email was the number one use of a PC. So if email is important we needs to take steps to ensure the emails we receive are relevant to the business:

Spam
We need a device or a service from a provider that “cleans” our emails of spam, this device or service should also remove viruses at the same time, therefore ensuring what you receive in your inbox is relevant.

Now these systems aren’t 100% perfect, therefore any system implemented must be able to learn and needs to be simple to use/administer. We then need to extend this protection to the actual PC as another layer in the form of a suite of software that blocks and inhibits spyware, viruses, malware, spam etc.

This software needs to be adaptive to the threats and learn quickly, it also needs to talk to a central system with status information.

Our security doesn’t end there, we almost certainly have internet access at work, well if we can get out to the internet it is logical that the internet can get to us, so we must now also take steps to protect our computer network and its data from the outside electronic world:

Firewalls
Firewalls are as their name suggests are walls that stop fire/heat spreading throughout a building or vehicle. So in IT this device stops the Internet from getting inside your computer network. These devices vary considerably in features and price and one size does not fit all!

Best practise would dictate a relatively simple (fast) device is placed closest to the internet to undertake simple security blocking tasks (like the front door to the bank), then closer to the users you would place a more complex device (like the bank vault) that can undertake a very fine inspection of information flowing in.

These complex devices can also inspect/block what is going out from your network, which can be a useful productivity and security tool if your staff are surfing the Internet at potentially unsafe web sites that could contain spyware and viruses.

So these devices and ideas are the starting point of formulating an IT security plan and policy, each business is unique and each requirement and its solution is different from the next.

Are the risks real?
Yes they are. The use of professionally written, intelligent and well executed viral code is becoming widespread. These code writers use the same processes and procedures a professional application developer would use to ensure the highest quality virus.

Infections today are less openly destructive than they used to be as the writers now know that they can extract useful and valuable data that has a financial worth, like credit card details. Infected machines have allowed these people to undertake money laundering, remote access to internal database systems, allowed terrorism to be funded and other criminal activities.

These attacks are not just limited to small time ad-hoc efforts but they can be streamlined targeted affairs for a particular purpose. This type of criminal activity is rapidly becoming mainstream, the number of detected viruses over the past two years is almost equal to all the viruses detected since they started recording such information.

The approach above is typically through email or web sites but we haven’t mentioned direct attacks i.e. “Hacking”. Here people try and exploit security weaknesses in your Firewall, computers or even people, they could attack your network via a home worker whose PC is unchecked and insecure (this method was used many years ago to illegally access Microsoft’s network). They can also use a “blended” attack where they use a virus to allow backdoor access through your firewall and then use a Trojan Horse type of attack from within. There must be many security hurdles in place to thwart a determined hacker from gaining access to your network or as the military would say defence in depth.

Security is large subject matter, but to put matters in to perspective it is all about risk, what risk is your business willing to accept and there will always be some. This answer alongside your business type and what you do for a business will help determine the solution.

By Graham Fern
Director, Axon IT

Posted: Telegraph Business Club

I had to take this photo of some plugs that had been taken out of a public building recently.  You instantly can see that the plugs tops are smaller than normal but the worst is,  they do not have any fuses in them. 34 of these leads had escaped the attention of the people who work there and it wasn’t until their annual PAT testing (which they saw as a chore) that they were discovered.

Once they realised the consequences these leads could have had PAT testing suddenly wasn’t a chore anymore.  It has also been reported recently that insurance companies are voiding claims if claimants PAT testing are not up to date.

My question is to you can any company afford to take these risks?

Don’t be fooled by the adverts you see offering testing for pence per item.  Remember a single desktop PC tested properly is 4 separate tests (the tower, the monitor, and the two IEC leads).  These companies also tend to charge extra for repairs to plug tops and fitting correct size fuses etc. Suddenly your cheap quote is much more expensive than you were led to believe.

If you have any queries or would like to talk in more detail about PAT Testing,  please call the office and talk to Andrea.

For any small business ensuring that their company’s IT is up to date is absolutely essential – but in today’s economic climate it is equally important to get value for money.

Factors to consider when purchasing IT systems:

Budget – It is surprising how many businesses have no IT budget in place, working on the ‘when it’s broken I’ll replace it’ philosophy; this approach isn’t cost effective if it means waiting days for the new equipment to arrive, meaning staff can’t be productive·

At the time of purchase buy the best you can afford – this is proven over a typical 5 year period to save you money. Ignore this and the total spend could be greater than paying for a well-specified system.

Keeping up to date – An IT managed service will ensure your IT software remains current, protecting your business against security vulnerabilities and software enhancements.

Ensure your IT meets your business needs – ensure the business need, ‘drives the IT need’. If you’re IT dependant you’ll need to have sound budget planning in place to meet these needs, whereas if your business can operate with minimal IT requirements you should carefully examine your IT expenditure.

Currently 75% of IT budgets are spent on maintaining an IT infrastructure, leaving only 25% for investing in new solutions. This poses issues- how do we change the balance? A large proportion of the 75% is wasted by poor implementation/understanding of equipment and software. IT outsourcing with managed services, will cut down on staffing costs while maintaining skills levels with a team of IT staff. Most IT systems, if monitored and maintained, will run reliably with minimal human interference!

How to finance it:

Delayed payment – Buy now and pay in 12 months – just the same as with other products.

Complete solution package – This means you buy IT hardware, engineering time, project management and ongoing support for the entire solution, including the end users. Basically everything is covered in one monthly cost over a 3 -5 year period. Should you wish to add to your system/upgrade during the term, then the term extends to cover the change, with the monthly cost remaining unchanged. This is similar to lease purchasing a car with maintenance.

Capital expenditure cost – This is money straight from the business. As with all the options above the money needs to be spent wisely with good advice. Expect any company money invested in IT to be spent on hardware that will last five years, but it should be accounted for and paid off over three years – allowing for a two year budget window for future expenditure.

For more information visit-http://www.axon-it.com

Post Date: March 12th, 2009 in New business

As a business becomes increasingly reliant on the data on its systems, it faces ever-increasing threats to the network and data integrity, and this will continue to rise as long as the need for more efficient technology rises also.

We all pick up on issues in the media regarding internet usage and the security of our electronic data that we store or transmit to third parties, and these perceived issues are almost the same, it’s just the scale of the solution that differs and therefore the cost.

It seems today many users are complacent about their computer security needs, as they become too reliant on the services and advancements of the technology world to protect their data.

Computers and data will always be at risk if you don’t take reasonable steps to protect it. Would you leave the front door to your house open or unlocked whilst you were out for the day? Of course not, but this simple analogy holds true to computers and systems at risk if you leave the door wide open.

Some simple steps will effectively reduce the risk to an acceptable level. However, a committed burglar will gain entry in to your house despite what measures you take, unless you spend an extraordinary amount of money on your security systems and even then there are no guarantees. So to protect our data, we must accept a small amount of risk without spending very large amounts of money, and unfortunately the risks are quite real.

The use of professionally written, intelligent, extremely powerful and well-executed viral code is becoming widespread. Infections today are less openly destructive than they used to be as the writers now know that they can extract useful and valuable data that has financial worth, like credit card details. Infected machines have allowed these unscrupulous people to undertake money laundering, fund terrorism and other criminal activities. These attacks are not just limited to small time ad-hoc efforts but they can be streamlined targeted affairs for a particular purpose.

As an example, during the recent American presidential elections, unsolicited e-mails with convincing subject matters where directed at party members involved in the campaign in an attempt to quietly infect the users computers and capture all their e-mail traffic and data contained within the PC. One can only imagine what that type of data could be worth to the highest bidder. So this type of criminal activity is rapidly becoming mainstream, the number of detected viruses over the past two years is almost equal to all the viruses detected since they started recording such information.

It doesn’t stop there. Mobile devices like phones are the latest target. Infected phones can be controlled without the owner knowing. This can include turning on the microphone remotely to listen in to conversations in a board meeting, turning on GPS and tracking every movement and reading text and e-mail messages.

Published in Computer Weekly 18th March 2009

Special thanks to;

• Isabel and Andrew from Acorn Occupational Health
• Tim Halman from Gascoigne Halman
• All the girls from Caterforce Ltd
• Mark and Tim from Intelligent Networks
• Steve Ryan from 3 Counties Electrical
• Tim from QFS
• Claire from axon-it

Take a look at the photos.

updated post 01.04.09 the winner of the Red Nose who’s up for a laugh competition was won by Charlotte of Caterforce Ltd. many thanks to everyone who took part and well done to Charlotte.