Andrew Ingram, Director of High Tide Group, explores a few key considerations that need to be factored in when planning and auditing an organisation’s IT plan over the coming years, without always needing to pick between quality, security, and cost
Recent changes to government policy and the introduction of a requirement for businesses to meet the Cyber Essentials standard when dealing with government agencies and organisations have created a headache for many businesses running on older hardware and unable to upgrade to Windows 11. Incidentally, this meant that devices fall out of support and therefore out of the scope of Cyber Essentials approval.
In these cases, it’s tempting to go with the cheapest hardware to meet the requirements, and in my many years of experience, this never ends well. People end up spending much more than the expected lifespan of that device. It’s much better to spend a bit more upfront than replace parts of cheaper units that are likely to fail, or replace the entire devices altogether. It’s also worth picking a machine that’s a higher specification than what you need, as it will help ensure your software upgrades don’t outgrow your devices quickly.
Security
Huntress recently reported that over 75% of all cyber-attacks begin with an email. It’s no longer a question of if an attack will happen, but rather when it will occur. While many email filtering services are available, staff training remains the most crucial element in prevention. During our customer training sessions, we emphasise the importance of promptly informing someone if you suspect you’ve clicked on a malicious link. It’s better to report it quickly than to try to conceal it and hope for the best – no one will face punishment for being honest. This allows us to take action before the situation escalates.
Additionally, it is important to consider the upcoming introduction of the Cyber Security and Resilience Policy Statement by the Department for Science, Innovation, and Technology. This policy will require organisations to report suspected data breaches to the Information Commissioner’s Office (ICO) within 24 to 72 hours, depending on the severity of the breach. Therefore, staff must be proactive in reporting any mistakes or suspicions, as this will impact businesses of all sizes.
Another important topic regarding security is firewalls. The days when firewalls served as the first line of defence for organisations are behind us. With the rise of remote working and mobile devices, we must recognise that our data resides everywhere. One potential solution is to adopt a zero- trust model, which secures each device in its own environment and assumes that no device can be trusted without verification.
Network and wireless
In today’s digital age, connectivity is more important than ever. Being able to access information and data across all buildings within your organisation is vital. Both cabled and wireless coverage play significant roles in this, and ensuring that they are implemented correctly will save you time, resources, and costs.
The latest release of Wi-Fi 7 is designed to provide high-speed wireless connectivity in crowded environments and enhanced security standards. It is highly recommended to conduct a wireless survey before making any changes to your wireless network. Newer equipment may not perform the same way as older wireless devices; factors such as density, interference, and coverage range can vary.
I strongly recommend using a central cloud-managed system instead of relying on signal booster devices. Unlike boosters, which can compete with one another, a cloud-managed system dynamically adapts to your environment as needed and is easier to manage.
Guest networks are also an important consideration for your wireless network. Many site visitors or contractors will require connectivity, and a guest network can provide that quickly and securely.
A single network can be divided into multiple layers, allowing for secure organisational layers, guest layers, and even layers for running access control and CCTV. You don’t have to spend a fortune on separate physical networks with their own cabling and devices; this can be achieved at the digital layer instead.
Remote working
I often get asked about remote working and its associated security concerns. With the adoption of a zero trust model, we can treat your staff’s home, office, or any other workspace the same way – everyone needs to verify their identity. While remote working presents challenges related to employee wellbeing and training, it is crucial to address issues such as preventing unauthorised individuals from overhearing or viewing work-related information and ensuring devices are locked during breaks.
Additionally, business continuity planning is a common topic of inquiry, but we will delve deeper into this later, as there are many factors to consider when creating an effective plan.
Helen, our CFO, takes the lead on business continuity planning.
Telecoms and connectivity
Recently, I’ve heard a lot about businesses signing lengthy contracts and the impending analogue switch-off. While the fibre rollout is in full swing, it’s important not to let companies pressure you into signing contracts that can last up to seven years and potentially increase significantly in cost over time. No one will be disconnected overnight, so you have plenty of time to make an informed decision.
Many companies can provide you with telecom and connectivity services at competitive prices and reasonable contract lengths. However, cheaper options aren’t always the best. It’s essential to consider the quality of support and customer service. If something goes wrong, would you prefer to call a company like ours that will assist you quickly, or would you rather be stuck waiting in a long call queue?
In the coming months, we will be exploring these subjects in greater depth.
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International.
