Connor Smith No Comments

A Tech Shortage This Christmas

The Tech Shortage

If you have been trying to get some of the latest technology this Christmas, you may have noticed that there is a lack of stock in some of the major retailers. But what is the cause of the tech shortage and when will it be over?

Parts Shortage

Many of the parts used in electronics are in global constraint which has slowed production down for many large companies. For example, Apple has had to reduce iPhone production by 10 million due to a lack of available parts. The silicon chip shortage is a massive contributor to the recent shortage of technology. The chip shortage started back in early 2020, with the pandemic forcing manufacturers to close. This caused low supplies, while the Pandemic in turn created an increase in demand for portable devices. As countries began to reopen and manufacturing restarted, suppliers have been struggling to keep up with this increased demand. Supplies are expected to return in 2023.

Bot Buying

Another reason there is a shortage of electronics is due to bots. Bots monitor all the purchasing sites waiting for them to restock on certain items. Once they are available, bots will immediately buy as many as possible before the items go out of stock again. The people who use these bots will then sell the items to consumers at a higher price. This is happening with both the parts needed and the end products, making it difficult for consumers and manufacturers alike.

What Tech Is in Shortage & When Will They Come Back?

As mentioned above, Apple will be lowering production of new iPhones’ by roughly 10 million. Car manufactures such as Jaguar, Land Rover, the Renault-Nissan-Mitsubishi Alliance, and many others have also seen a decline in their vehicle production. Until the chip shortage is resolved in 2023, industries aren’t expected to get back to their usual production levels.

Supplies of laptops and desktops are still low for the festive period. If you are hoping to make a purchase of laptops or PCs, the tech shortages may affect your chances of purchasing one.

Despite the overall hardware shortages, itQED will always do our best to get you the products you deserve. If you have any products that you’re struggling to find for your business, contact us here and we will try our hardest to make sure we can meet your needs.

From of all of us here at itQED we hope that you have a happy holiday & a healthy New Year!

Nicole Lee No Comments

SPAM & Phishing

What is SPAM?

If you spend most of your time on the internet, you would have heard of the terms ‘SPAM’ and ‘phishing’. But what is SPAM and phishing?

SPAM is unsolicited, unwanted junk, bulk messages sent to a wide audience. These are usually sent for commercial purposes as the cost of one email is extremely low.  Interestingly, the term ‘SPAM’ was thought to have come from a Monty Python skit where the menu becomes increasingly SPAM orientated (See here).

There are many different types of SPAM ranging from messaging SPAM to SEO SPAM. We will be discussing mainly email SPAM in this article.

How to distinguish SPAM and Phishing?

This image is an example of a phishing email, depicting how phishers will pose as well-known companies in order to gain your trust
Example of a phishing email

How can you tell if an email is genuine, especially if the phishers are imitating genuine large companies or even someone you know?

You can check the email address to make sure they are who they say they are. In the example above, you can see that the email address is @amazonmisconduct.com (this is not Amazon). And if you hover over the link they want you to follow, you will see that it does not take you to Amazon.

If an email seems suspicious, this is what you can do to protect yourself and your data:

  • Check the email address; does it match who they say they are?
  • If the email is suspicious, DO NOT click on any links or images.
  • Hover over links to see where they will actually take you.
  • Do not open attachments from unknown senders.

SPAM examples

SPAM comes in many different forms.  The most common types that you may find in your email junk folder (or inbox if your SPAM filter is not tuned well) are as follows:

  • Health and medical services; alternative medicines, dietary pills, or even a miracle cure.  These products are most certainly empty promises, but it still doesn’t stop the SPAM emails.
  • Tech and internet; software and hardware offers, electronics ads, internet, and mobile services, etc.
  • Service enrolment; long-term services like education programmes or insurance.
  • Financial services and investments; debt assistance, low-interest loans, or even free money!

As mentioned before, SPAM emails are mostly used by companies as commercial advertisements because the cost of one email is so low, but it can reach such a wide audience compared to the more traditional advertising on TV or magazines hence it is an economical way for companies to reach large audiences.

SPAM VS Phishing

But what’s the difference between SPAM and phishing?

They are both unsolicited, unwanted emails.  The main difference is the intent behind the emails.  Although irritating and unsolicited, most SPAM emails are not out to hurt you but rather intended to sell you a product or service; they are advertising legitimate businesses.

What is phishing?

Phishing, however, has a much more malicious intent behind it.  Phishers are looking to gain access to your device and personal information, and to use this knowledge for nefarious purposes. There are many types of phishing, including:

  • Email Phishing – The attacker can install malware or viruses on your computer if you click on the links, or open any attachments, and type in your credentials. These are often bulk emails to thousands of users.
  • Whaling – Often the attacker has researched the executives of a company and sends emails pretending to be them, these often require colleagues to send money transfers or voucher codes to the attacker.
  • Vishing – Voice phishing; scammers will call and try to obtain your personal information (no, the caller isn’t really from the HMRC, Microsoft, or Amazon!)
  • Spear Phishing – Attackers have done their research on the recipient via company websites, social media, etc., and can carry out targeted attacks. These campaigns can be very convincing in order to get your personal information, credentials, and other sensitive information.
  • Evil Twin – Attackers can setup WiFi hotspots that look like company or coffee shop WiFi and then steal data and credentials form people connecting to it.

How to recognise phishing?

Some of the points to look out for are:

  1. Does the email call look to good to be true or require immediate, urgent action?
  2. Hackers often disguise themselves as someone you can trust, e.g. the bank, a large well-known company, or a colleague. Does the email address and website link match what you would expect? Is the tone and grammar of the communication what you expect? (please see the example above)
  3. Were you expecting the email or communication? If suspicious, contact the sender by other means to check it is valid.
  4. Never put in your credentials to a site linked from an email unless you are sure it is genuine, if in doubt don’t do it!

Common tactics of spam & phishing

Have you ever received an email saying you’ve won a competition even though you never applied to one before?  Or perhaps you’ve received an email stating that your computer has been hacked and you need to download an anti-virus to prevent further damage. Have you had an email asking you to reset your password?  Have you heard of the Nigerian Prince?

These are common tactics of a phishing email.  They usually sound urgent so that you feel like you need to act quickly, but that’s how they get you.  These emails would entice you to click a link, download something, fill in a form, put in your password or even complete a payment. That is all they need to gain access.

The image shows two examples of phishing whereby they use the sense of urgency to make you feel like you need to act quickly
Examples of phishing

With the plethora of social media sites, and how much of an online presence the average person has, phishers have access to more personal information than ever.  This means that they can tailor their attacks to their target’s needs, wants, and life circumstances.  In turn, this would lead to identity or financial theft, even corporate espionage, or data theft.

Click here to watch how quickly a phishing attack can spread.

How can you help prevent SPAM and phishing?

SPAM and phishing emails do not have to be part of your daily life.  You can reduce the amount of SPAM emails you get and stop them coming into your inbox.  Here are some tips on how you could do that:

  • Mark unwanted emails as SPAM, try and avoid unsubscribe links, these just prove you are reading them.
  • Keep it private.  Spammers find contact information online so try to keep your online presence as private as you can. Attackers will use information like your phone number and physical address.
  • If someone you know sent you SPAM, let them know. Let a trusted contact know if you’ve received a SPAM email from them, as their account may have been hacked and used for spamming. Keep yourself and others safe.
  • Keep your software and security measures up to date and make it hard for Spammers to try and exploit any vulnerabilities.
  • Consider tuning the anti-SPAM and Anti Phishing rules on your email service.
  • Consider company wide user awareness training for phishing emails, we have a number of options that can help.

If you would like to discuss ways on improving your cyber security, please contact us.

Click here to read our previous article on cyber security.

Nicole Lee No Comments

Video Conferencing Made Easy

Effective communication is a priority for us here at itQED. That’s why when we moved office to Arborfield, having a state of the art boardroom was a large factor in the decision. Fitted with a Logitech Rally Plus and a 65” interactive screen, we can now host seamless virtual meetings and provide comprehensive training to both our staff and clients.

Video conferencing is nothing new.  It was mostly used for inter-office communications in the early years, although external communications were possible.  Predominantly, it was used by larger companies.  While it worked fine, there was no consistent user experience.  Users would have to learn complex dial sequences for the different types of calls (i.e. internal/external).

Now, video conferencing is as easy as pushing one button.

itQED’s New Boardroom

After having experience with many room systems we decided that Logitech had the best blend of quality, ease of use and setup, offering high quality conference cameras, microphones, and speakers that work with virtually any PC or Mac, and can also be integrated into meeting room solutions to give professional and one touch access to meetings using Microsoft Teams Rooms (other rooms vendors such as Zoom and Google can also be integrated). 

Logitech offers three main ranges: Rally Bar Mini, Rally Bar, and Rally Plus, for your video conference room solutions.  Affordable, but not sacrificing quality.

All three ranges offer similar capabilities, the main difference being how big the space is and how many people are in the meeting.  Using RightSense technology, better meeting experiences have been made easy and automatic. RightSound optimises the human voice while reducing unnecessary sounds for amazing clarity, even auto-boosting quiet talkers so every voice is heard.  RightSight automatically detects attendees, moving the lens and adjusting the zoom to make sure that no one is left out of the picture.  RightLight intelligently adjusts video settings, so everyone always looks their best no matter the lighting conditions.

In addition, all three ranges are simple to set up with either Plug and Play or integrated room solutions.  No additional software is required, simply connect.  The All-In-One design for the Rally bars reduces clutter, and the extra compute function with the room solutions allows increased flexibility.

So How Do You Know Which Rally To Get?

Simply ask yourself what kind of space you are looking to equip. 

If you own a small business, hosting meetings for smaller groups, or just looking to equip a room for brainstorming or a huddle space, the Rally Bar Mini is perfect for you.  The Mini range can also be integrated with a mini PC and the Logitech Tap touch controller to give additional features.  It also includes the premier All-In-One video bar (in colours graphite or white), with motorised pan and tilt lens to provide extensive room coverage, and ultra-low distortion speakers for crystal clear sound.  To extend audio coverage, you may also add up to two Rally Mic pods.

The Rally Bar is perfect for midsize conference rooms. It can also be integrated with a mini PC and the Logitech Tap touch controller to give additional features and has a bigger All-In-One video bar.  The camera provides lossless image quality up to five times optical zoom, digitally enhancing to fifteen times total zoom with resolutions up to 4K.  You can also add up to three Rally Mic Pods for better sound coverage.

What we have in our boardroom, is the Rally Plus. 

Rally plus set up for video conferencing
Rally plus setup

It comes with all the equipment the other two ranges offer, but instead of the All-In-One video bar, the Rally Plus comes with a Rally 4K PTZ camera, two Rally speakers, and two Rally Mic Pods. 

Rally Plus Setup with 2 speakers and 4K camera

This set up makes the Rally Plus perfect for large conference rooms, boardrooms, or U-Shaped tables.  This range is customisable for large rooms of virtually any size or shape, allowing up to seven Rally Mic Pods extension.  Ours has also been integrated with a Microsoft Teams Rooms mini PC and Logitech TAP controller to give a one touch meeting experience.

Logitech TAP controller for video conferencing
Logitech TAP Controller

If you are looking to upgrade your conference room, or looking to set up a brand new one, we are here with the perfect video conference room solutions. We can also offer demos to show what is possible.

Call itQED for more information or make an appointment for a demonstration.

Colin Weeks 1 Comment

Cyber Security Awareness

Did you know that it’s nearing the end of Cyber Security Awareness month?

ECSM (cybersecuritymonth.eu

We thought that this would be a good time to start a series of blog posts to help keep cyber security awareness high and discuss the common threats and steps that can be taken to help mitigate them.

Hacking and malware have been around since the dawn of computing. Initially, malware was written ‘just because it could be’ and was designed to disrupt users’ systems and delete data. This then evolved over time to systems being silently compromised and data being exfiltrated without users’ knowledge. Today, this has further evolved into multinational gangs encrypting users’ data and then demanding ransoms to give back access – it is not just big corporates being targeted, it’s everyone!

With the increase of these threats and the challenges posed by an increase in home working, it is more difficult than ever to stay secure. In this article, we will discuss several things that all users can do whether at work or home to help keep their data secure.

Passwords & Authentication

We use passwords to secure almost everything; this is the simplest form of authentication in order to get to your data. Having a difficult, hard to guess password will prevent many common attacks. Below, we have a number of points to consider when choosing a password.

  1. Never disclose your password to others or share passwords. Others may write it down, put it into fake webpages, etc. Your password is for you alone!
  2. Never write down passwords. If you lose the record, others may well find it and compromise your data. Many people use similar passwords across multiple websites. This means that if you lose one password it can be used to access many sites.
  3. Do not use the same passwords for home and work. If either are compromised, it won’t take long for the hacker to work out who you are, where you live, and where you work using sources such as Facebook and LinkedIn among others.
  4. Do not use passwords containing personal information or that are too easy to guess (again, it is easy to work out personal information from social media sites).

These are examples of what to generally avoid when creating a password:

  • Simple to guess passwords such as ‘Password1’
  • Passwords containing names, dates, sports teams, etc.
  • Simple words
  • Predictable keyboard sequences:
  • 123456
  • Qwerty
  • Your child’s name

DO, however, use a combination of characters. Passwords should involve a character from at least three of the following groups and be at least 12 characters long:

  • Uppercase
  • Lowercase
  • Numbers
  • Punctuation

Consider using pass phrases rather than single words, such as: I1Like2Climbing3Mountains!!*. You should also consider using four random 3 letter words (and some numbers and punctuation). A common misconception is that spaces are not allowed in passwords – this is not true!

  • Enable two factor or multi factor authentication. This is the type of authentication used by banks and now more widely across the Internet and is based on the principle that you gain access to systems using something you have and something you know. In general, the password is something you know, and your mobile phone is something you have; so in order to log on, you’ll need to remember your password and then type in a code sent via SMS or click an accept button within an app to prove that it is you logging on. For example, even if you have typed your password into a phishing email, or somebody has guessed it, they will still not be able to log on as you because they do not have your mobile phone. This is one of the best ways to enhance your cyber security!

  • One final consideration is to use a password manager that means all of your passwords can be completely different. The end result is that you can have passwords which are 15 to 20 characters long and completely randomised which you don’t have to remember as the password manager does that for you. You just need to ensure that you have one long and complex password that you will remember to access the password manager – again, utilising two factor authentication is a good idea as this will contain all your precious passwords! Another advantage to all the passwords being different is that if one is compromised, it will not give access to all the different websites you use.

Updates

Other methods of accessing your data involve security flaws in your mobile phone, your computer’s operating system, or the applications running on it. To help avoid this, ensure that you always apply the latest updates soon after they are released so that your computers, phones, and applications are up to date with security patches. It is also best practice to uninstall old programmes that you no longer use.

Administrative Accounts

It is always best to log onto your computers with an account that does not have administrative rights. Although this is less convenient, you can have a separate account that can be used to install software when required. Working like this means that if any malware affects your machine, or you click on links in webpages that try to infect your computer, the consequences are likely to be less serious because they will run in the context of a standard user rather than an administrator that has full control of your machine.

User Awareness

User awareness of cyber security is another great way to ensure you stay safe – whether it’s your work colleagues or your family, having awareness of the common attacks can help you avoid them. This will be covered further in a later blog, but the key piece of advice here is that when you receive emails or texts that seem too good to be true, that you’re not expecting, or that require you to do something urgently, then treat them with a healthy dose of suspicion!

If you would like to discuss ways to help improve your security please Contact Us

Nicole Lee 4 Comments

Macmillan Coffee Morning 2021

On the 24th September, we hosted a Macmillan Coffee Morning, and we are pleased to say it had been a huge success!

Firstly, we would like to thank all our guests for coming and supporting our Coffee Morning. We would also like to extend thanks to our lovely staff who brought in all the cakes and biscuits (we’ve got some talented bakers among us!). Everyone had been extremely generous and together we have raised over £400!

It was incredibly nice to see so many new and old familiar faces whom we cannot thank enough for attending and supporting this worthwhile cause. We were so glad to see everyone having a great time and enjoying themselves.

All in all, it had been a very successful morning and we can’t wait to host our next Coffee Morning!

Nicole Lee 1 Comment

We Moved!

For over a decade, itQED has been based in a modest office in Knowl Hill.  As our company developed, it became clear that we were outgrowing this office and it was time to say our goodbyes to Knowl Hill.

Our beautiful new office in Arborfield is a converted barn and more suited to our thriving operations.  First floor, we have our support desk and projects team working hard, as always, to provide the best support and service to our clients.  Ground floor, we have our back office crew, and our new and improved deployment centre. We are also enjoying our new kitchen area, breaking it in with Nando’s!

What we are the most excited about, however, is our brand spanking new board room with state-of-the-art equipment (more on this in another blog).  We are looking forward to using the new tech and the room for face-to-face and remote training.

As we are now settling in, we are hoping to invite our friends, neighbours, and clients over soon for a Macmillan Coffee Morning to enjoy some cakes, tea, and coffee. Stay tuned for more information!

Colin Weeks No Comments

Comms Rack Chaos

How tidy is your comms rack?

Like everything in life, a comms rack can generally become chaotic over time. This is often due to a lack of time, emergency patching, no documentation and possibly some entropy.

itQED were recently involved in a project to provision a new VOIP phone system. As part of this, the network had to be re-vamped to ensure it was able to support prioritised voice traffic end to end. To this end, a number of Cisco PoE (Power over Ethernet) switches were installed in a redundant configuration to provide a stable and resilient network.

The picture below shows the comms rack at the beginning of the work:

Messy Rack

As you can see, the patching had organically grown over time! This can cause a number of problems, including:

  • Patch panel numbering is obscured
  • Changing any patching requires spending significant time tracing each cable
  • Rack doors will not close
  • Documentation is impossible to produce
  • Issues can be difficult to diagnose and solutions can be delayed.

As part of the work the entire cabinet was re-patched allowing:

  • Full documentation
  • Colour coded cables for each resource
  • Full visibility of the patch panel numbering and switches
  • Patching changes are now much easier, taking seconds rather than 15 minutes
  • Tidiness!

(Bearing in mind there was no access to the sides or back of the rack)

Tidy Rack

Colin Weeks No Comments

Azure and Hosting Remote Desktop Services

What are Remote Desktop Services?

Remote desktop services is a mature technology from Microsoft that allows many users to connect to “Remote Desktops” hosted on a central server or in the cloud such as Azure. Remote Desktop allows users to access their desktop and applications from anywhere and from a variety of devices and operating systems.

Its like having your office PC everywhere!”

Some of the advantages of this include:

  • A consistent desktop experience for all users, which is easily accessible from any device, including desktops (Mac and Windows), laptops, tablets (iOS, Android, windows) and smartphones!
  • Users can connect from anywhere with access to the same desktop, data and business applications
  • Data is stored centrally so company data is protected and easy to share
  • The system can be accessed from relatively inexpensive “dumb” terminals which require little maintenance
  • As all “remote desktops” are hosted on a centralised server(s) application management and updating is simplified
  • Applications are fast and responsive
  • Provisioning new users takes minutes as the environment is already setup
  • Connections can be made from older hardware which reduces costs involved in upgrading client machines
  • Remote desktops can be centrally configured and locked down to give a consistent experience.

Remote Desktop Services 2016

Remote Desktops can be provisioned in a number of ways and locations, including Offices, Data Centre or in Cloud Providers such as Microsoft Azure and Amazon AWS. itQED have experience in deploying and maintaining Remote Desktop Servers and server farms in all of these locations.

Deployment in Azure

Cloud Services and Infrastructure as a service (IaaS) are growing rapidly and maturing to a point that they can provide a Secure, Scalable and Smooth experience for all businesses. Deploying infrastructure in the cloud has a number of advantages, some of which are briefly described below:

  • The infrastructure and associated configuration can be deployed via scripts to ensure rapid consistent deployments and fast recovery in the event of disaster
  • The infrastructure is easily scalable so extra VMS can be added or removed depending n current requirements
  • You only pay for what you use rather than owning under / over utilised hardware
  • Stay updated with the latest operating systems and software
  • Configurations can range from small deployments for a few users through to large scale fully redundant deployments for hundreds of users
  • Flexible geo-redundant backups, allowing restores of full virtual machines or individual files and folders
  • Servers and infrastructures can be placed in specific datacentres worldwide including the UK

Azure Remote Desktop Diagram

itQED have implemented Remote Desktop Services across numerous client sites with great feedback! Our experience in this area puts us one step ahead of our competitors, allowing our wide breath of knowledge to be applied in deploying Remote Desktop solutions to fit our client’s needs.

Please contact us to discuss any requirements or to discuss the options available,

Colin Weeks No Comments

WSUS With Windows 10 1607

There was a case where a 2012 R2 server was being used to deploy Windows updates via WSUS to centrally manage client update approvals. Once the Windows 10 classification was added the WSUS console would not open. When connecting to the console an error stating that it could not connect to the database.

After further investigation and testing, it appeared that a recent update to the server had caused the issue. Specifically, the Windows update KB3159706 had caused this issue. This update appears to enable the new decryption feature in Windows 10 so that it can natively decrypt ESD files. After uninstalling this update the console worked as normal, however, the Windows 10 1607 machines weren’t appearing in the console correctly and updates weren’t applying correctly.

To resolve this issue, following steps were carried out:

  • Ensured that the April 2014 rollup was installed on the server KB2919355 along with KB3095113.
  • Installed KB3159706 on the server and restarted.
  • Opened an elevated command prompt and then ran following command “C:\Program Files\Update Services\Tools\wsusutil.exe postinstall /servicing”
  • Enabled HTTP Activation in roles and features within server manager.
  • Restarted the WSUS service.

Once the above steps had been completed, the console opened correctly and you could view all the Windows 10 1607 devices along with their associated updates. The WSUS console was able to push out Windows patches to Windows 10 machines correctly.

Reference : https://support.microsoft.com/en-us/help/3159706/update-enables-esd-decryption-provision-in-wsus-in-windows-server-2012-and-windows-server-2012-r2

Colin Weeks No Comments

Office 365 IMAP migration issues. Resolved!

We recently conducted a Microsoft Office 365 migration for a small organisation who decided to move away from their current IMAP mailboxes onto Office 365. They had decided to make the change as they wanted a highly reliable, robust, business grade email solution.

On completion of the migration, during testing, We noticed that the delete button within all of the users’ Outlook clients was no longer usable. All other functions behaved as expected apart from this one oddity. Items could still be deleted as normal using the ‘delete’ key on the users keyboard, however, not from the client itself.

After further investigation, it appears this was a result of exporting an IMAP data file to a PST file and then uploading the PST file to Office 365. The folders retained certain IMAP features, one of which was the purge function that is present in an IMAP mailbox as opposed to the delete function.

In order to resolve the issue, the following can be carried out:

  1. Download a 3rd party application called MFCMAPI. (Note, If you have 64 bit office, you will need 64 bit MFCMAPI)
  2. Open MFCMAPI select ‘session > logon’.
  3. Select the relevant Outlook profile.
  4. Double click on the affected data store.
  5. Expand ‘Root > Mailbox’.
  6. Expand ‘IPM_Subtree’
  7. Select the affected folder (In this case it was ‘Deleted Items’).
  8. On the right hand side, I search for ‘PR_CONTAINER_CLASS’ and double click it.
  9. Change the item IPF.IMAP to IPF.Note
  10. Repeat this for each folder that was exported from IMAP.
  11. When completed, close the MFCMAPI window and click ‘Session > Logoff’

After these steps have been completed, you should find that you regain the delete option within the Outlook client.