Microsoft’s decided to retire and rework an AI tool that could not only recognise our facial features, but also identify our mood.

Azure Face is an emotion recognition tool. These are highly criticised by experts who believe they violate human rights.

Microsoft has just published the updated version of its Responsible AI Standard.

It wants AI to be a positive force in the world, and says it recognised Azure Face has the potential to be misused.

It seems like it’s not goodbye for good for the AI facial recognition technology though. Although the public won’t be able to access it, Microsoft sees the value of controlled access for specific needs, such as assistance for the visually impaired.

One thing that has been cut is the AI’s ability to recognise individuals based on their gender, age, hair, and even facial expression. The concern is that the feature could be used by cyber criminals to impersonate individuals and commit fraud.

On top of the Azure Face change, Microsoft’s also limiting which businesses can access its Custom Neural Voice service. This is a text to speech app that’s said to be very lifelike.

In other related news, it’s not the only new step that Microsoft is taking right now to help protect us from fraud and threats.

It’s also adding new features to its email service in Microsoft 365, that improve how something called Tenant Allow Block List works.

Previously, this was a feature that allowed people to block contacts. If a blocked contact tried to email you, the email wouldn’t reach you.

Now, Microsoft is previewing an additional control which also allows you to stop emails being sent to these blocked contacts, too.

It means the threat of being caught out by a phishing scam is reduced, giving you another layer of security as part and parcel of your Microsoft 365 subscription.

With phishing scams becoming increasingly more dangerous, it’s not a moment too soon in our view.

The feature should go into preview soon, and is expected to be available by the end of the month. In the meantime, if you’re concerned about your business’s email security, get in touch.

  Download our latest business guide here!

It’s no secret that some applications are a little too interested in us and what we’re doing.

We’ve all had this experience. You might be talking to a friend about a new product that you’d like to try. Or perhaps you’ve discussed somewhere you’d like to visit.

Then the next time you go online you see adverts for the exact things you were talking about.

It’s more than a coincidence, surely???

Until recently, we haven’t had a lot of control over what information our apps are gathering about us.

Android and iOS first stepped up to give us more power over our online privacy. We were given the ability to control which apps could access our data, and sensitive things like our camera and microphone.

But while it’s easy to think of this only being an issue with phones… laptops have the same problems.

So here’s some great news. Microsoft’s testing a new feature in Windows 11 to put the power back in our hands.

It’s currently testing a new feature – called Privacy Auditing – which allows you to see which applications have been accessing sensitive hardware, like your webcam and microphone.

You’ll also be able to see if your screenshots, messages, and even your contacts and location data have been accessed. And there’s a log of which apps accessed this info, and when.

When launched, the feature will be available in your Privacy & Security menu, under App Permissions.

There you’ll be able to see a full list of what’s been accessed, by which app, and when. It should become your first port of call if you suspect any suspicious activity is taking place on your device.

When the feature is released, it will be a great tool to check periodically to help you avoid malicious activity and to make sure your sensitive data remains in the right hands.

In the meantime, if you’d like someone to look over the data permissions on your business’s devices, get in touch.

  Download our latest business guide here!

Spam emails. Everyone hates them.

It’s not just the emotional pain of clearing spam from your inbox. Having to do that is a real productivity killer, too.

A recent report found that each one of your employees could be losing up to 80 hours each year, thanks to filtering and deleting spam emails.

That’s a LOT of lost productivity.

Anywhere between 45% and 85% of emails generated each day are spam emails. And worryingly, that also includes malicious emails and those hoping to infect you with malware.

Although we don’t all receive the same number of emails every day, the hours lost to filtering them out adds up.

If one of your employees gets 30 external emails a day, they’d get around 30 spam emails each week. That would work out to around 5 hours each year wasted on sorting through and deleting them.

For an employee who gets up to 60 emails a day, it would be an average of 11 hours a year wasted.

And for someone who gets more than 100 emails each day, you’re looking at around 80 hours of productivity lost to filtering emails each year.

Now add that up for each one of your team and you could be looking at a big number.

Not only that, but since a proportion of these emails will be phishing attempts (that’s where the sender wants you to take an action that will secretly give them access to sensitive data), it’s also a big risk to your data security too.

Of course, there are a few things you can do to cut down the time spent on dealing with spam emails. The first is to make use of the spam and junk email filters available from your email service.

You may also consider bringing in dedicated anti-spam and anti-phishing tools.

Finally, you can make your people aware of the risks of spam, how to spot spam emails, and the best way to deal with it to save time and minimise the risk of malware or a data breach.

If that kind of training is something you’d like some help with, get in touch.

Download our latest business guide here!  

When you’re browsing it can feel like you’re being bombarded with things other people want you to see.

Not only do we have to click on permissions for cookies and tracking, but now a lot of websites ask for our permission to send us notifications.

And while many of these notifications are harmless – news updates, latest recipes, product releases – sometimes they can be outright spam.

It’s distracting, it’s making us less productive at work, and it’s just really annoying.

It’s called ‘notification spam’ and it’s becoming a problem. In fact, Google says it’s one of the top complaint reports from people using its Chrome browser.

So now the tech giant has decided to do more about it.

Back in October 2020, Google first acted on harmful notifications by exposing websites that misled people into giving permission. It created its own prompts to warn people the website may have malicious intent.

Now, Google intends to take things a step further if it feels the website is ‘abusive’ or ‘disruptive’. It’ll revoke a website’s permission to send notifications, and even block attempts to request permission.

Even if you’ve accidentally allowed a malicious site to send notifications, Chrome will be able to step in and block the alerts.

While it’s not yet clear how Google will define websites as ‘abusive’ or ‘disruptive’, it feels like a good move towards reducing the amount of spam we’re exposed to.

Google has explained that this new feature works to strengthen its ‘Developer Terms of Service’ that pledge not to use the company’s API to send any form of spam. It shouldn’t affect the majority of websites, but instead should go some way to keeping your Chrome notifications spam-free.

Development on Chrome’s notification spam block protection has only just started, so we don’t yet have a release date for the new feature.

As always, if you’d like any further advice on protecting yourself from spam and other productivity killers, get in touch.

Download our latest business guide here!

It feels like every day we’re being warned about a new threat to our cyber security, doesn’t it?

That’s for good reason. Last year, ransomware attacks alone affected 73% of UK businesses.

And the cost of cyber-crime is estimated to hit $10.5 trillion by 2025, according to the ‘2022 Cybersecurity Almanac’.

But we’re still seeing far too many businesses that aren’t taking this threat seriously.

It’s not only your data that you could lose if your company falls victim to a cyber-attack. The cost of remediation or mitigation can run into tens of thousands of £££.

And at the same time you’ll suffer an average of 21 days downtime after a cyber-attack. Imagine… 21 days without being able to use all your business technology as normal. It doesn’t bear thinking about.

That’s not to mention the loss of trust your clients have in you, which could lead to you losing their custom.

It’s really important that your business is taking appropriate steps to keep your data safe and secure.

That most likely means a layered approach to your security. This is where several solutions are used, which work together to give you a level of protection appropriate to your business.

This reduces your risk of being attacked. And makes recovery easier should you fall victim.

It’s worth pointing out that you will never be able to keep your business 100% protected from cyber-attacks. Not without totally locking down every system, to the point where it would be very difficult to do business (and your staff would constantly be looking for ways around the enhanced security).

No, the key to excellent cyber security is striking the right balance between protection and usability.

There are three mistakes that are most commonly made by businesses – and they’re also some of the most dangerous mistakes to make.

Is your business making any of these?

Mistake 1) Not restricting access

Different employees will have different needs when accessing company files and applications. If you allow everyone access to everything it opens up your entire network to criminals.

You should also make sure to change access rights when someone changes roles, and revoke them when they leave.

Mistake 2) Allowing lateral movement

If cyber criminals gain access to a computer used by a member of your admin team, that in itself might not be a disaster.

But what if they could move from your admin system to your invoicing system… and from there to your CRM… and then into someone’s email account?

This is known as lateral movement. The criminals gain access to one system and work their way into more sensitive systems.

If they can get into the email of someone who has admin rights to other systems or even the company bank account, they can start resetting passwords and locking out other people.

Scary stuff.

One strategy against this is called air gapping. It means that there’s no direct access from one part of your network to another.

Mistake 3) Not planning and protecting

Businesses that work closely with their IT partner to prepare and protect are less likely to be attacked in the first place.

And will be back on their feet faster if the worst does happen.

You should also have an up-to-date plan in place that details what to do, should an attack happen.

This will significantly shorten the amount of time it takes to respond to an attack. That means you’ll limit your data loss and the cost of putting things right again.

If you know you’re making one (two, or even three) of these mistakes in your business, you need to act quickly. We can help.

Call us, and we’ll review your current security arrangements.

  Download our latest business guide here!   

Ransomware is one
of the fastest growing cyber-crimes in the world

Last year, 37% of businesses
were victim to an attack.

In case you didn’t
know, a ransomware attack is where cyber criminals infiltrate your network (or
device) and steal your data by encrypting it. The data is still there, but you
can’t access it.

Then they demand
you pay a large ransom fee for the encryption key.

If you don’t pay
the demand (which can be tens or even hundreds of thousands of pounds), they
delete your data.

It’s not just the
cost of the ransom fee to worry about. There’s the stress, reputational damage
and downtime that goes with it. In 2021, the average downtime suffered after a
ransomware attack was 22 days.

Official advice is
not to pay any ransomware demands.

However, a new
survey has shown that a massive 97% of business leaders who’ve experienced a
ransomware attack in the past would pay up quickly if they were attacked again

A third of them
would pay instantly.

What does that tell
you about what a nightmare the whole thing is for any business?

The other problem
is, when you pay a ransomware demand, it’s not guaranteed that you’ll get your
data back. On average, only 65% of data is restored once a fee is paid.

You may face
further extortion. And by letting cyber criminals know that your business pays
ransom fees, it’s likely that you’ll face subsequent attacks in the future.

So what’s the best
way to deal with ransomware?

First, you should
put in place the right security measures to try to prevent an attack:

·        
Educate your people on cyber security
and best practice

·        
Implement multi-factor authorisation
across all your applications

·        
Use a password manager

·        
Make sure all updates are installed quickly

·        
And you should always have a working
backup in place – ideally one where older data is retained and cannot be changed

It’s also a great
idea to have a response and recovery plan that details what you will do in the
event of a ransomware attack.

Not only will it
mean your business can respond faster, but it should reduce the amount of
downtime suffered as you’ve already considered exactly what needs to happen.

This is what we do.
We help businesses increase their cyber security to reduce their chances of
being affected. Let’s talk.

Watch our weekly tech update video for more WEEKLY TECH UPDATE VIDEO

Focus more, be interrupted less… and get stuff done

When you’re a business owner or manager, you have a lot of
responsibilities. There are also many people who want to speak to you throughout your working day.

Unfortunately, that means that you may be interrupted more
often than you’d like. And you have to split your focus on things you’d rather give your full
attention to.

It can be a big frustration.

Many business owners and managers feel this way. You are not alone!

Download our latest business guide here! 

The ongoing Russian invasion of Ukraine has led to a sharp rise in cyber-attacks.

And while many of the attacks are between these two countries, there is very real potential for
other countries to fall victim to cyber-attacks by Russia, thanks to the
sanctions placed upon it.

Over in the US, President Joe Biden declared the government had been improving national cyber security defences for some time now.

They’re focusing on the infrastructure to make sure that water, electricity and oil pipeline
services aren’t at increased risk of attack.

Some very sensible cyber security advice has also been issued. There are a series of actions that
businesses should be taking immediately to protect themselves against
cyber-attacks, and other data security risks.

To start with look at implementing multi-factor authentication. This is where you generate a login code on another device, to prove it’s really you logging in.

Data backups should also be checked on a regular basis. Ideally there should be a copy of data that cannot be changed during a cyber-attack.

All data should also be encrypted, meaning it would have no value and be unusable if anyone did manage to access it.

It’s also a good idea to have an emergency plan ready to go that will help mitigate any attack
quickly and effectively.

Businesses are also being advised to give their staff training to help them spot and avoid the
common tactics used by cyber criminals.

These include phishing attacks where they send an email pretending to be someone else. And spoof login web pages, where they hope you will enter real login details in error.

If you have an IT support partner already, speak with them to make sure all of your systems are fully up-to-date and patched as necessary.

They can also help you to audit how well you’re performing with the items above, and get a plan in place to help you respond to an attack or attempted attack.

If you don’t have an IT support partner – or you feel your current one isn’t able to help you
with your data security, we can help. Call us.

Here are some ideas on what will be driving the data analytics and BI conversation in 2022 and beyond: Top Five BI, Data and Analytics Predictions for 2022 | bipp Analytics (see the article for more details on each of the following items.

1) The Data-Driven Company is Dead – Long Live the Culture of Analytics

True benefits of analytics and BI come from a cultural change. Give people access to tools on their terms by embedding dashboards in the intranets or apps they know. Create trust by ensuring everyone uses the same language to represent critical KPIs and clean data. And combine hands-on training with a platform that can scale your business, recognizing the cultural shift required to take enterprise-wide advantage of BI.

2) Data Modeling Layers Bring Self-Service (BI) Power to the People

Self-service business users can make decisions based on the same trusted logic as the same language represents critical KPIs. For example, they can create dashboards, trust their visualizations and easily filter them in real-time. Which means they’re making decisions based on the latest, real-time information.

3) The Ayes (Eyes!) Have IT

In an age of no-code/low-code, self-service tech, we’d better embrace the vision-first world of BI. Also, we need visual SQL tools that let blend data and create charts from disparate sources without going through an ETL pipeline. Using an intuitive, flexible drag-and-drop interface.

4) The Revolution Will be Augmented

The augmented analysis takes critical business metrics and lets the platform explore millions of combinations, determine the highest impact, reveal these as facts, and prioritize them in order of importance. All without needing to understand a query language, such as SQL.

5) The Year of the Data Engineer

Data engineers have to bolt and chain tools together with code as they strive to simplify the data stack. The data engineering skillset is ideal for a business-critical technical problem. Every business must enable teams with the best tooling while maintaining a unified, flexible data layer. Engineers will need to architect and operate data stacks that solve these problems and be responsible for machine learning, analytic reporting, and decision management.

Anomaly detection is one of the most interesting applications in machine learning.