How The COVID-19 Pandemic Forced Adoption of Co-Managed IT

Adversity is the true test of character indeed, and Covid-19 has proved to be a tough test. The COVID-19 crisis has brought about almost a decade’s worth of changes, from the rapid inclusion of cloud technology to the mass adoption of remote working.

In fact, a study by McKinsey supports this deduction, stating that “responses to COVID-19 have speeded the adoption of digital technologies by several years—and that many of these changes could be here for the long haul.”

An important change that the pandemic brought about is the adoption of Co-Managed IT. All these changes are expected to last even after the crisis abates. Thus, it is vital to understand these changes and learn how to adapt.

What is Co-Managed IT

Co-Managed IT services allow organizations to access the external technical expertise and scalability they need. It provides the convenient framework of an IT manager while also offering the knowledge and support of a managed service provider.

A recent Canalys survey showed that almost 60 percent of the respondents agreed that the co-managed service adoption increased during the time of Covid-19. Forty-one percent of the participants admitted to seeing IT co-management frequently.

How Covid-19 Changed the IT Industry

With the remote working requirements that came with Covid-19, organizations realized that they lacked the tools required to enable a smooth transition. This led to a worldwide scramble to assemble the tools and expertise needed.

Complex Technology Requirements

IT departments need solutions that are automated. Managed Service Providers provide these automated solutions to organizations. Every organization, irrespective of its size, needs this technology to serve its customers better.

More Staffing

With large workloads and stretched IT departments, Covid-19 has put a toll on the workforce of most organizations. IT management is a time-critical industry with routine checks, repairs, and monitoring. Co-managed IT spaces allow organizations to tackle challenges and use new technologies.

Budget Cuts

Covid-19 led to budget cuts across IT departments.

To reduce expenses, co-managed IT services are the best solution. This eliminates the need for an in-house IT team and full-time employees. With primary support, an automated tool base, and easier handling of tasks, Managed Service Providers can help companies mitigate the cost cuts that came with Covid-19.

Why Co-Managed IT is a Good Fit

With Covid-19 spreading over the world, organizations have understood that Co-Managed IT is a great option. It offers the following advantages.

Keep up With the Latest Technology

Keeping up with the latest trends in technology is vital for the success of an IT firm. Co-managed services allow you to explore the latest in tech like security, software, and data processing. It also avoids the time and resources that have to be spent to train your staff.

Constant Support

You have the chance to offer complete support to your clients around the clock with co-management services. With the spread of Covid, co-management helps cover things like sick leave or vacation time, making sure that your clients are supported.

Less Responsibility

People and organizations have a lot on their plate. Lowering the responsibility they have to take on helps keep operations running smoothly. It’s easier than hiring new staff and training them.


Covid-19 helped organizations understand the importance of collaboration. It also promoted keeping in touch with the latest technology, despite cost cuts. Co-management is a great way to overcome both these problems and more. In addition, co-management also lets companies make the best out of their existing resources.

This trend is here to stay and could usher in a new era in the technology sector.

Why 70% of Business Leaders Feel Their Cyber Risks Are Increasing?

A few years ago, only one in every four companies did business on the internet. Today, 100% of companies rely on the internet for their business operations. Unfortunately, with this increased digital adoption comes the risk of cyberattacks.

Around 70% of business leaders accept that they are now more vulnerable to cyber attacks, as they increase by 10% every year, resulting in a significant revenue loss.

To put things into perspective, cyberattacks and data theft are amongst the top five risks faced by CEOs, according to the World Economic Forum report on global risks.

This post will discuss why organizations are shifting to more robust digital infrastructure and the effects of this adoption.

Why Is Cybersecurity Awareness Increasing Among Business Leaders?

1.     More Sophisticated Cyber Attacks

Cyberattacks are growing at an average rate of over 10% every year.

On top of this, hackers are constantly adapting to new ways to bypass the security systems. For example, cybercriminals are now launching attacks on industrial control systems rather than just focusing on data theft. Further, data is not only being copied or sold by malicious attackers. Instead, data is being destroyed and altered, causing distrust among every stakeholder. As for techniques, hackers heavily launch people-based attacks such as insider attacks, phishing, social engineering attacks, etc.

2.     Media Coverage Resulting In Loss of Trust

Customer trust is at the center of every business.

A cyberattack makes the company a headline. There will be media reports everywhere citing the amount of user data leaked. Honestly, no customer will do business with such a company if they cannot promise data integrity.

On the other hand, if a business succeeds in inducing more trust among their customers as compared to their competitors, the business will enjoy a wider customer base. It is no wonder why higher security standards are becoming a marketing tool.

3.     Increasing Losses

Globally, it is estimated that around $5.2 trillion is at risk due to cybercrimes.

The average cost of a malware attack for an organization is around $2.1 million per annum. On the other hand, malicious insider attacks cost organizations $1.6 million every year.

If we consider each type of cyber attack, the annual cost of a cyber attack for an organization stands at $13 million.

4.     Regulatory Fines

Regulations like General Data Protection Regulation (GDPR) and  California Consumer Privacy Act (CCPA) hold organizations accountable for not using customer data responsibly. In case of consumer data leaks, companies are heavily fined. GDPR has fines up to $23 million or four percent of annual global revenues. On the other hand, CCPA imposes small fines of up to $7,500.

There is no denying that such economic disincentive inspires more accountability. However, it also increases the financial burden of companies in case of cyberattacks.

All these factors push organizations to invest more in their cybersecurity infrastructure. Companies are investing in technologies like blockchain, cloud services, AI, ML, as well as security intelligence threat sharing applications like SIEM, DLP, NGFW, and IPS to name a few.

These investments save significant costs for companies. For instance, security intelligence and threat sharing save around $2.26 million, whereas AI and automation save around $2.09 million.

A More Secure Digital World

The increasing cybersecurity adoption will slowly create a more secure place for digital interactions.

One of the major benefits of strengthening cybersecurity infrastructure is data integrity. Data is the lifeblood of this rapidly digitizing world. Cyber attacks not only harm business, instead, everyone is at risk. When hospitals are targeted, millions of patients are at risk. Cyber attacks on the country’s defense system compromise national security. When cybercriminals attack large industrial systems, they put a dent in the entire economy. Considering all this, strengthening digital security will play a major role in the nation’s economy, and security.

Improving cybersecurity infrastructure will also promote responsible digital behavior. Let’s be honest, people are the weakest link in cyber attacks. Insider hacks, phishing, and social engineering attacks are amongst the most popular ways to intrude an organization’s security firewall. Companies are thus providing extensive training to their employees against such risks to build a digitally robust workforce. Further, they are also helping customers to adopt more robust security measures.


Cyberattacks are indeed the biggest challenge for digitization. However, organizations are attempting to improve their cybersecurity infrastructure to provide their customers a secure digital environment.

Tech Talk – April 2021

It’s that time again, the latest edition of Tech Talk has arrived.  In this edition:

  1. Keep your devices secure
  2. Turn your biggest Cyber Security threat into your best line of defense
  3. Win a $50 JB Hifi Gift Card

Tech Talk Monthly – Mar Apr 21



Things You Should Know Before Buying Refurbished Hardware

The thrill of saving money on electronics, be it computers, phones, or any device, by simply buying a refurbished gadget is too thrilling to ignore. It not only saves money but also allows gadgets a new lease of life as opposed to being thrown out into a landfill.

Refurbished hardware, however, is not brand new, and buyers need to ensure that they are not being ripped off. While it is natural to forego a few accessories that would otherwise accompany the device or deal with a few dents or imperfections here and there, there are a few things to keep in mind before you leap to claim what you believe to be the best deal on a refurbished product.

Refurbished vs. Open Box

It is important to differentiate between refurbished and open-box when you buy a refurbished computer or device.

An open-box gadget is one that was returned right after the purchase. Such products were returned either because the buyer didn’t want them, found a better deal, or due to factors like damaged packaging or wrong color. These products were returned before they were ever used.

Refurbished products, however, have been used before you purchase them. It might have been cleaned, repaired, or spruced up to working condition again. This often includes “pre-owned” or “reconditioned” products and then repaired to work almost as good as new.

Watch Out For Warranty

Warranty is something you might have to compromise on for the savings you get from buying a refurbished product. Some products, especially if refurbished by the original manufacturer, come with a new warranty. In some cases, you might get a warranty that still has six months on the original one year. But you need to check in advance with the seller about the possibility of an extension and the length of the warranty. This is especially true if you intend on long-term use or use for a business.

Return Policy

While you may receive a refurbished product that looks too good to be true at first glance, problems may crop up after a few weeks of use. You need to ensure that the product in question can be returned if it does not work as expected. Make sure to read the fine print of the sale and figure out options in case the product is not as good as you hoped. Also, make sure to check out the system before payment is made to avoid any hassle in the future.

Who Refurbished the Device?

There are some cases in which the company that manufactured the product refurbished it. In such cases, you have very little to worry about, as they will most probably offer you a warranty, and you might even get accessories that are normally part of the package. Some retailers even offer good open-box and refurbished products.

You can even check with some refurb specialists for great offers. Wherever you check, make sure to keep in mind that the refurbished product is in decent condition and available for a good price. It is always a better option to shell out a few extra bucks for a refurbished product from a reputed or trustworthy specialist. Check with multiple sources until you figure out the best deal possible and make sure it is legitimate before making a choice.


In conclusion, refurbished products are a great way to get your hands on a good product for a reasonable price. Make sure you are getting the best deal possible and keep the above factors in mind before going through with a purchase. If done right, refurbished products can save you a ton of money and give you great value addition.

How Using The Same Passwords For Work & Personal Can Be Disastrous

So you’re signing up for a brand new account, and the dreaded ‘Password’ text box pops up. Since you don’t want to risk picking a standard password, or worse, a password that you won’t remember, you do the next best thing and enter your personal account’s password. This may seem like a great idea because you’re choosing a secure password that only you know. However, the reality might be a bit more alarming than you imagined.

Every new online account requires a fresh password that can be quite frustrating to come up with, and it’s clear that many people agree with this. Microsoft estimates that around 73% of people use duplicate passwords for their accounts. If you consider the sheer number of people who go online, this number becomes extremely large, making it a significant problem.

Why is Reusing your Passwords an Issue?

All of our online accounts are connected in one way or another. For example, when we sign up for an account, we usually attach an email address to that account. Our social media apps all require an email address to confirm a person’s identity. Even professional platforms like LinkedIn have a list of all our details right on the profile page. Although this connection is highly convenient for online users, reusing passwords can put your accounts at risk.

If even one of your accounts were to get compromised, this could lead to the other one getting breached, too. All the hacker has to do is look for an account with relatively weak security and work their way up from there. This is especially true if you’re a person who has a ton of different accounts with overused passwords. Cyber breaches happen all the time, and once your personal mail gets broken into, it can be very tricky to get it back. Your information can get stolen in a matter of minutes before you even notice that anything has gone wrong.

One of the most common causes of data breaches is poor passwords, and it’s easy to see why. We’ve seen many companies put measures in place to stop this issue from occurring, but a majority of people still reuse passwords. The bottom line is, when a single password is all that stands between a cyberattack and your account, you need to make sure that the password is as complex as possible.

So What Can You Do To Solve this Problem?

The reason why people tend to keep reusing passwords is that they forget them. No one can properly remember around ten different unique passwords for their accounts. It’s simply not very plausible, unless you have a little assistance with it. Using a password manager can help you save several complex passwords on your devices without having to remember them. This makes it an easy and quick solution.

Another useful tool is two-factor authentication. Many companies use this tool to strengthen their online user accounts, and some places like Google have even set up multi-factor authentication tools. This helps strengthen the security of your account immensely. Doing a regular reset of your account passwords can also be a great way to avoid compromising your data, but this task can be quite challenging to follow through with. In case you’re looking for a quick fix, you could add a few characters to an already existing password to strengthen it.

There are many options out there, so pick the ones that are best for you. Whichever way you choose, just remember that having a solid password will help secure all your accounts and keep your online presence much more protected.

Smishing Attacks Increased by 328% in 2020!

The COVID-19 pandemic forced everyone inside their homes, pausing all physical activities for a few months. As a result, all activities shifted to online mode, and cyberspace saw more users than ever. While digital communication and economy made it easier for people to navigate through the lockdowns, it also exposed users to cybersecurity risks.

The pandemic saw an exponential increase in cybercrimes such as phishing, hacking, ransomware, cyberstalking, harassment, etc.

According to Proofpoint’s report, smishing attacks increased by 328% in 2020 alone. These attackers have been exploiting people’s fear associated with COVID-19 to send malicious messages via email, SMS, or web pages.

What is Smishing?

Smishing or SMS phishing means sending fraudulent text messages to coax victims into revealing private information or installing malware. Cybercriminals send these messages to steal credit card details or other sensitive information such as usernames or passwords to private accounts.

Attackers typically disguise themselves as reputable organizations sending these text messages to deceive the victims. Instances of smishing have particularly increased multifold due to internet and smartphones reaching even the world’s remotest corners.

Smishing attackers use social engineering techniques to deceive message recipients into revealing private and financial information. For example, during the holiday season, you could receive a text message from a seemingly well-known retailer asking you to verify your billing information to get your gift package delivered. The information you provide could then be used for identity theft or potential fraud.

SMS phishers could also distribute spyware or malware through these fraudulent text messages. These messages typically create a sense of urgency for the recipient to click on the link attached to the message. This link then leads to unsafe or bogus websites that can install malware on your device.

Some of the common smishing attacks you need to watch out for are:

  • Urgent messages about your financial information, including credit card or bank account details
  • Notifications about winning prizes or lotteries
  • Fraudulent survey links
  • Phony messages pretending to be from trusted brands

Was the Spike in Smishing Circumstantial due to COVID-19?

Yes and no.

COVID-19, much like any other newsworthy event, gave cyber criminals an opportunity to hoodwink people across the globe. The widespread infection and death rate caused by coronavirus instilled fear in people, and they quickly fell prey to fraudulent messages about COVID-19.

Text (SMS) messages are a more direct and trusted method to contact people. According to Symantec, 1 in 20 COVID-19 related messages contained phishing attempts.

Attackers use URL shortening services to hide the domain names and URL destinations from the malicious links they add in SMS. Unsuspecting, vulnerable people in the coronavirus-struck world didn’t think twice before clicking on such links. Symantec also notes a spike in phishing attacks using COVID-19 related SMS messages after it was declared a global emergency by WHO in March 2020.

However, cybercrimes like SMS phishing do not appear or increase only during times of emergency crisis like the COVID-19 outbreak. With technological advancements and people becoming increasingly dependent on their smartphones and other devices, cybercrimes have been on the rise. Whether it’s a period of recession, war-like state, holidays, cybercriminals leave no stone unturned in deceiving digital users.

It seems like cybercriminals are always two steps ahead. Even with cybersecurity updates and robust software to detect and report cybersecurity risks, cybercrimes have not subsided.

Now, with vaccines out in the market, criminals have found new vaccine-themed deception tactics. As always, technology is a double-edged sword. With the life-altering benefits come the security risks. One can only stay smart and alert to avoid these risks from causing damages.

How to Protect Yourself from Smishing?

Smishing attackers target unwitting victims who will be easy targets. You can easily avoid being a victim by being aware. Look for poor grammar or spelling mistakes in these messages. Also, malicious links included in SMS messages are often slightly altered to make them look legitimate. For example, amazon.com could be written as ama.zon.com. Having software like anti-spyware or anti-virus on your device is also a good idea.

Ways To Avoid Backfires From Your Employee Monitoring Program

Every effective team leader, manager, and business owner has a set of practices in place to monitor employees. This could be to monitor performance, workplace behaviour, or even progress. Whatever the reason, employee monitoring can help you identify the best way to utilise time and resources.

A 2018 Gartner report stated that 50% of organisations, among a list of 239, monitor employee emails and social media, while a 2019 Accenture survey brought to light that 62% organisations used new tools in order to collect employee data. This number has undoubtedly gone up in recent times. The key here, however, is to successfully monitor employees without creating any friction.

Why Employee Monitoring can Backfire

There are a number of reasons why employee monitoring can backfire. Some of the most common among them are listed below.

  • A feeling of continuously being monitored could cause increased stress and anxiety among employees. This may lead to them finding “blind spots” that are not monitored, which would be detrimental to the overall productivity.
  • If employees are constantly monitored, you may feel obsessed to pick out the minor details, which would lead to resentment and a feeling of being micromanaged. This would also affect the overall productivity of the workplace.
  • A feeling of lack of privacy, or mistrust might cause employees to look for another organisation, which would significantly affect your retention rate.

While these are all difficult to spot, it could affect the overall nature and environment of your workplace. It could cause both the workplace productivity and employee health to take a hit. That is why it is important to find a healthy boundary, and establish steps to use the monitoring programs without these side effects.

Image by mohamed Hassan from Pixabay

How Can You Avoid These Backfires With Your Employee Monitoring Program

Here are some ways to utilise your employee monitoring program without having to deal with unsatisfied, stressed, and disgruntled employees.

Be Transparent With Your Employees

The first step to good monitoring is to let employees know that they are being monitored. Also ensure that they know why you are monitoring and be open to feedback. You can even explain your concerns, disclose what data will be monitored and how it will be used. Transparency is the best way to make employees comfortable with the fact that work is being monitored, while avoiding any feelings of mistrust.

Monitoring, not Surveillance

The ability to monitor might be quite addictive, as you get a sense of control. It is important that you do not micromanage, and get rid of unnecessary monitoring. You need to understand that the idea is to improve overall productivity, not pick out flaws. It is unnatural to always expect employees to be on their most productive.

Also ensure that you are able to guide employees as to where they are lagging, what they are doing right, and so on. If possible, hold regular sessions to discuss progress and take their opinions into consideration.

Have Policies in Place

Make sure you have made a copy of your monitoring policies available to employees. Check that it is legal and compliant, and let employees know the details so that they can adapt to it.

Use Dedicated Tools

Use tools and software that you know are secure. You would not put your client’s details at risk, and you should be equally careful about your employees and their privacy. Make sure your tools use all the major metrics required, without disturbing the work of employees.


These steps should make sure that your monitoring actions do not backfire in the office!

How Worms & Other Malware Spread Laterally Across A Network

Cybersecurity is an important part of anyone’s online presence. Unwarranted attacks can make most individuals and organisations prone to many negative repercussions, which is why there are a number of initiatives taken to actively educate people about malicious software and their effects.

While these measures often help individuals identify potential threats and take a few necessary precautions, most people still wonder how a malware attack on their system could compromise the entire network. Understanding this would help users pay close attention and prevent such attacks from happening, thereby reducing the number of security breaches.

What is Malware?

Malware is generally used to describe any software that is distributed with malicious intent. This could damage your systems, steal data and cause a general environment of chaos. Some types of malware include viruses, Trojans, spyware, worms and so on.

What are Worms?

Photo by JJ Ying on Unsplash

Worms are a form of malware that take advantage of existing security vulnerabilities in your system. Thus, they act almost like their real-world counterparts and make your system vulnerable to further attacks. They try to reach as many hosts as possible. Their aim is not to inflict serious damage; the most they will do is slow down your system or the network. This is usually done by using up hardware resources or bandwidth.

Worms nowadays also carry a payload, which is malicious code. These can directly attack your system and create vulnerabilities for other attacks. For example, in 2004, a Mydoom worm contained a payload that let hackers gain remote access to systems. This was then used to perform a DDOS attack on the website of SCO Group.

How Do They Spread?

Many malware types like viruses require you to click on a link or download an infected software or attachment before they do any harm. But there are certain types of malware that can spread laterally across a network. An example of this kind of malware is worms.

There is a huge variation in the makeup of worms and other malware, but there are similarities in how these spread. Keeping this in mind, let us take a look at how these malware spread laterally between networks.

Once malware like a worm attacks a system, it uses this machine’s network connection and seeks out machines connected to the same network. It might mask as network packets or can even spread through P2P or network-based filesharing or network servers.

It then uses network-based vulnerabilities on the machine to spread from one system to the next. This is quite possible, especially with old and unattended machines. It is also true for machines that are not updated or secured using anti-malware software. They create something generally referred to as “internet background noise”. This is because such malware is constantly scoping out other machines connected to the vulnerable networks and spreading to them using network vulnerabilities.

How Can You Prevent This Lateral Spread of Malware?

You can protect your system and the entire network through your router. A router is a firewall that helps stop these attacks. This means that machines cannot connect inwards to your system. If the only kind of connection is an outbound one from your system, it is improbable that such an attack occurs.

You can be protected from local machines by simply using the Windows Firewall, which helps reject unsolicited requests from other machines, even if you are on the same local network.

You can also prevent this by using multiple routers and a separate guest access router that minimise your risk. It also pays to be careful about the files you share and attachments you download.

Tech Talk – Feb 21 Edition

It’s that time again, the latest edition of Tech Talk has arrived.  In this edition:

  1. Boost your productivity with Microsoft Teams
  2. Make remembering passwords a thing of the past
  3. Win a $50 JB Hifi Gift Card

Tech Talk Monthly – Jan Feb 21


Managed Updates vs. Automatic Updates: What’s the Difference?

Any PC user is familiar with the frequent interruption and nuisance caused by update notifications. You’re probably so used to dismissing them by now that it has become a reflex action. However, those updates are essential for your device’s productivity and security. Ignoring these updates only slows down and jeopardizes your device.

Automatic updates

There are two ways to install these updates: automatic and manual. Automatic updates seem like the obvious choice because of how handy they are. All modern operating systems have the option for automatic updates. You can simply set your device to update automatically every time there’s a new patch or update without having to think twice about it. As perfect as it might seem, the automatic update system has its drawbacks and can even cause more harm than good.

Drawbacks of Automatic Updates

  • Updates are not guaranteed for all the software on your system. Some applications may not have an auto-update facility. As a result, they get left out of patches. Thus, automatic updates can create a false sense of security.
  • Manual updates are needed for firmware and special types of files.
  • Updates that haven’t been properly vetted can cause serious problems.
  • Updates can take long to download and install, leading to significant downtime.

Managed Updates

To safeguard yourself against these issues and to ensure efficient, up-to-date systems, it’s important to have a comprehensive plan for updates. A routine management strategy for testing and deploying updates can save you from a lot of frustration and security vulnerabilities. You can manage updates manually or by using group policy or use management tools for large organizations. Begin by having an update policy.

Update Policy

An update policy ensures efficient, predictable update processes. This can help users avoid downtime by planning their work and incorporating updates during inactive times. It also sets protocols in place for dealing with unexpected issues, including rolling back failed updates. The policy addresses several types of updates, like Patch Tuesdays, firmware updates, and feature updates.

In order to generate an update policy, consider the following aspects:

  • When to install monthly updates: Monthly cumulative security and reliability updates are downloaded and installed within 24 hours of their release on Patch Tuesday. You can also defer these updates for up to 30 days. This gives you time to test the update for compatibility and not simply to procrastinate.
  • Restarting PCs to complete installation of updates: Most updates require a restart to finish installation, and usually, this takes place outside of the Active Hours setting of 8 am-5 pm. However, if your active hours differ, you can change the setting to an interval that suits you, up to 18 hours.
  • Pending updates and restart notifications: Users have limited control over these settings. However, more options are available using Group Policy settings.
  • Out-of-brand updates: Sometimes, Microsoft releases security updates outside of normal Patch Tuesdays. Make sure you have a plan regarding these infrequent updates.
  • Update failures: Have a plan to deal with a situation in which an update fails to install or causes problems.

Managing Manual Updates

Small businesses, including individual-run businesses, can configure Windows Update manually. Just go to Settings > Update & Security > Windows Update.

You can select the Change Active Hours option to schedule restarts that will help you avoid downtime. You can also go to Advanced Options and regulate the settings under Choose When Updates Are Installed.

Feature updates can be deferred by a maximum of 365 days, and monthly updates can be deferred by 30 days. For version 2004 and later, these options are not available. You need to adjust Group Policy settings to adjust delays in installations.

Managing Updates Using Group Policy

All of the manual settings can be applied using Group Policy, and it enables you to go beyond what’s available in Settings. These policies are almost exclusively available for Windows 10. You can check out the Windows Update for the Business feature in Computer Configuration. With this feature, you can:

  • Choose a servicing channel and set delays for feature updates.
  • Set delays for quality updates.
  • Manage preview builds.
  • Choose a specific feature update version for subsequent scans.

Additional configurations include:

  • Remove user access from the “pause updates” feature to avoid interference with the installation.
  • Prevent users from changing any Windows Update settings.
  • Allow updates to be downloaded automatically or on devices using a metered connection.
  • Prevent Windows Update from installing device drivers.


While automatic updates may seem like a quick fix to newly discovered performance and security issues, they are not perfect. If handled incorrectly, automatic updates can wreak havoc. Managed updates, on the other hand, strike a balance between staying up-to-date and avoiding chaos. Thus, the wise choice would be to make some effort for your system’s health and manage your updates.

1 2 3 4 5