Assett Professional Services

28/03/2024

Easter Bunny came early to Assett this morning.

15/03/2024

Printer techs enjoy an afternoon off at the races.

20/02/2024

Do you know the difference between a NAS and a Backup Solution ?

In the world of data management, it's crucial to differentiate between a Network-Attached Storage (NAS) system and a backup solution. While both play essential roles in safeguarding data, they serve distinct purposes.

A NAS is essentially a centralized storage device that connects to a network, allowing multiple users and devices to access and share files. It serves as a repository for storing data and often provides additional functionalities such as data sharing, media streaming, and remote access.

On the other hand, a backup solution is focused specifically on creating copies of data for the purpose of disaster recovery and data protection. It involves regularly scheduled backups of critical data to a separate storage medium, whether it be an external hard drive, cloud storage service, or another NAS device. Backup solutions typically offer features like automatic scheduling, versioning, and encryption to ensure data integrity and security.

So, while a NAS can serve as a convenient storage solution for accessing and sharing files, it's not inherently a backup solution. It's essential to implement a dedicated backup strategy alongside a NAS to safeguard against data loss due to hardware failures, malware attacks, or human error.

By understanding the distinctions between a NAS and a backup solution, organizations can effectively leverage both technologies to ensure comprehensive data protection and availability.

14/02/2024

The Valentine's Bar has been raised in the Assett office today. Forget flowers, one of our lucky IT boys received a whole red velvet cake to share with the work boys. If that's not true love, I don't know what is.

08/02/2024

Thanks to Carly’s Helping Hearts for coming out today and running our team through the AED training. While we'll hopefully never need it, we're prepared if we have to.

30/01/2024

Do you still have staff working from home since Covid? Or have you always had a remote business model that's allowed staff flexibility in working arrangements? While the business landscape has evolved tremendously over the past few decades, this is almost exclusively due to the advancements in technology. So as you have kept up to date in your own industry or those in adjacent fields, have you kept pace with the technology changes you rely on everyday?

Some of the things you should consider when it comes to remote staff are:

Security Measures:

Amid the challenges introduced by remote work, with employees accessing company data from various locations and devices, the implementation of robust cybersecurity measures becomes imperative.



Continuous Monitoring:

Continuous monitoring of network activity, identifying potential security threats, and proactively implementing measures to prevent cyberattacks. This ongoing vigilance is essential for safeguarding both the company's data and that of remote workers.



Cloud Services:

Collaborative cloud services, offering remote workers the flexibility to access data and applications from anywhere. This is crucial for remote work scenarios, providing employees the ability to collaborate seamlessly and access essential tools without being tied to a physical office.



Regulatory Compliance:

Remote work often involves compliance with various regulations and standards, depending on the industry. Stay up to date on compliance requirements, implementing measures to ensure that remote work practices align with legal and regulatory frameworks. This is particularly crucial in industries where non-compliance can lead to severe penalties.

If any of these have struck a chord with you, and you think you could use an IT audit to ensure you business is on track reach out and let us help take guess work out.

17/01/2024

Importance of Data Protection: NAS vs. Backup

Let's talk about the critical aspects of data management – NAS (Network Attached Storage) and Backup.

NAS (Network Attached Storage):
A NAS is like a data hub, providing centralized storage accessible to multiple users and devices on a network. It's fantastic for collaboration, sharing, and efficient file organization. However, it primarily focuses on data access and retrieval within the network.

Backup:
On the other hand, backup is the unsung hero of data security. It's the process of creating duplicate copies of your valuable data to safeguard against unforeseen events like hardware failures, accidental deletions, or cyber threats. The goal is simple – ensure you have a safe, separate copy of your data for potential restoration.

Now, here's the catch: while a NAS is an excellent solution for centralized storage, it's not inherently a backup solution. Having a NAS doesn't automatically mean your data is backed up. If something happens to the NAS itself, the data might still be at risk.

Why You May Not Have a Backup Solution:
Sometimes, folks might assume that having a NAS is equivalent to having a backup. However, it's essential to recognize that a robust backup strategy involves additional measures – like storing copies of your data in separate locations, whether that's external drives, cloud services, or dedicated backup systems.

The Takeaway:
Whether you're an individual professional or managing data for a business, it's crucial to distinguish between storage (NAS) and backup. Ideally, integrate both into your data management strategy for a comprehensive and resilient approach to data protection.

Remember, a well-thought-out backup strategy can be your safety net against unexpected data loss scenarios.

11/01/2024

Stay Ahead of the Game: Top 3 Email Scams to Watch for in 2024!

As the digital landscape continues to evolve, so do the tactics of cybercriminals. Protect your business by staying informed about the latest email scams. Here are the top three threats to be vigilant against in 2024:

1. Deepfake Phishing Attacks:
Cybercriminals are leveraging deepfake technology to create highly convincing audio and video messages. Watch out for emails with seemingly authentic content, as they may be attempting to manipulate employees into divulging sensitive information or executing unauthorized transactions.

2. AI-Driven Spear Phishing:
Advanced artificial intelligence is being harnessed to personalize phishing emails, making them more convincing and targeted. Be cautious of emails that seem tailored to specific individuals within your organization, as cybercriminals increasingly use AI to gather and utilize publicly available information for spear-phishing campaigns.

3. Supply Chain Deception:
With businesses interconnected globally, supply chain attacks are on the rise. Cybercriminals may compromise the email accounts of suppliers, partners, or even customers to infiltrate your network. Stay vigilant against unexpected changes in communication patterns and implement robust verification processes for any critical transactions or information exchanges.

At Assett, we are committed to staying at the forefront of cybersecurity trends to ensure the safety of our digital ecosystem. Educate your teams, encourage a culture of skepticism, and report any suspicious activity promptly. Together, let's fortify our defenses against emerging threats!

04/01/2024

So know we know the What, and the How of the Essential 8, how do you know if you’re one of the Who?

The industries that are most aligned with implementing the Essential Eight in Australia include:

Government and Defense: Given the sensitive nature of information held by government and defense agencies, implementing robust cybersecurity measures is crucial. The Essential Eight provides a comprehensive framework for securing critical systems and data.

Finance and Banking: The finance sector deals with a significant amount of sensitive financial data. Implementing the Essential Eight helps protect against cyber threats that could compromise the integrity and confidentiality of financial information.

Healthcare: The healthcare industry in Australia deals with sensitive patient data and is subject to stringent privacy regulations. Implementing the Essential Eight is essential to safeguard patient records and maintain trust in the healthcare system.

Critical Infrastructure: Industries such as energy, water, and transportation are considered critical infrastructure. Cyberattacks on these sectors can have widespread and severe consequences. The Essential Eight helps protect critical systems from cyber threats that could disrupt essential services.

Telecommunications: With the increasing reliance on telecommunications infrastructure, ensuring the security of communication networks is crucial. The Essential Eight helps telecommunications companies mitigate the risk of cyber incidents that could impact communication services.

Education: Educational institutions handle a large volume of sensitive student and staff data. Implementing the Essential Eight helps protect this information from unauthorized access and data breaches.

Manufacturing and Industrial: As industries become more connected through the Internet of Things (IoT) and industrial control systems, the Essential Eight becomes important in safeguarding manufacturing processes and critical industrial infrastructure.

Technology and IT Services: Companies in the technology sector and IT services often hold valuable intellectual property and client information. Implementing the Essential Eight is fundamental to protecting these assets from cyber threats.

It's important to note that while these industries are more likely to implement the Essential Eight, cybersecurity is a concern for all sectors. As cyber threats continue to evolve, organizations across various industries should continually assess and update their cybersecurity measures to address emerging risks.

02/01/2024

Implementing Essential Eight in Your Organization

So we know what the pillars are, what’s the best practice for implementing them?

Application Whitelisting:
Tailor whitelists to specific organizational needs, ensuring a balance between security and operational efficiency. Regularly update and review the lists.

Patch Applications:
Establish a robust patch management process, prioritizing critical vulnerabilities. Test patches in a controlled environment before deployment.

Configure Microsoft Office Macro Settings:
Disable unnecessary macros and enable only digitally signed macros. Educate users on safe macro usage.

User Application Hardening:
Limit user privileges and restrict unnecessary functionalities. Regularly audit and update user permissions.

Use Multi-Factor Authentication:
Implement MFA across all systems and applications, especially those containing sensitive information. Educate users on the importance of MFA.

Backup Data Regularly:
Establish a robust backup strategy, including regular testing of backups. Encrypt sensitive backups and store them securely.

Implementing the Essential Eight in Different Industries:
Tailor the implementation to industry-specific needs and regulatory requirements. Collaborate with industry peers to share insights.

Incorporating the Essential Eight principles into your cybersecurity strategy requires a thoughtful approach, addressing unique organizational nuances and industry-specific challenges. By embracing these best practices and proactively tackling challenges, you'll strengthen your defence against evolving cyber threats.

If this all sounds like it’s outside of your job description, maybe it’s time to talk to a managed IT provider.

31/12/2023

Unravelling the Australian Essential Eight Principles

Cyber threats are evolving, and so must our defence strategies. In this post, let's dive deep into the Australian Essential Eight principles, essential pillars in fortifying our cybersecurity defenses.

Why Essential Eight?
Understanding these cybersecurity strategies is pivotal in constructing a resilient defence against the ever-growing landscape of cyber threats. From application authorisation to patching applications, each principle plays a crucial role in safeguarding our digital assets.

Significance in a Nutshell
These principles are not just guidelines; they are the backbone of a robust cybersecurity posture. By embracing them, organizations can create a formidable shield against malicious actors, ensuring the confidentiality, integrity, and availability of their sensitive information.

Key Takeaways:
Holistic Defense: Each principle complements the other, forming a holistic defense strategy.
Real-world Relevance: Connect theory with reality through tangible examples.
Continuous Improvement: Cybersecurity is an ongoing journey; stay informed and adapt.

30/12/2023