Shane Chambers 1 Comment

2-Factor Authentication

Two Factor Authentication, 2-Factor Authentication or 2FA is a method of accessing a computer or online account in which the user is granted access only after successfully providing two separate pieces of evidence to an authentication mechanism. This is usually done in the form of a factor that requires memorisation combined with a factor that typically requires physical possession by the user.

One of the most common examples of 2-Factor Authentication is withdrawing money from an ATM, as only the correct combination of a bank card (something you physically possess) and PIN (something only you know) will allow access to the account. Another common example is adding mobile authentication to an online account. For example, you set up 2FA on sites like Facebook that require you to sign in with your password in addition to a PIN that is sent to your mobile phone.

Combining multiple factors, especially those that require physical possession of something by the user, makes it much more difficult for hackers to gain access to an account.

Shane Chambers No Comments

EU Business Is Turning to Microsoft After They Offer Contractual Commitments to the GDPR

GDPR, the EU’s new set of data protection laws, is coming in May of 2018. It is a complete overhaul of how user data is processed by companies and will supersede Irish law, consolidating Europe’s various national laws into one comprehensive regulation. GDPR is all about accountability, and as such, places equal responsibility on both businesses who hold EU data and any third-party providers that may process/hold data on their behalf. In practical terms, that means that if you outsource any aspect of your business, such as payroll to an external HR company, then both parties must be GDPR-compliant, even if the out-sourced company is not based in or even near the EU. So what does this mean for companies who outsource data processing or host data in the cloud outside the EU? Well, it means Microsoft’s suite of cloud services such as Office 365, SharePoint and Azure are now looking a lot more appealing – as Microsoft are offering contractual commitments to their clients to comply with the GDPR in time for the May 2018 deadline.


Microsoft Cloud has promised to be GDPR-compliant as deadline looms

According to Rich Sauer, Microsoft’s Corporate Vice President, “Trust is central to Microsoft’s mission to empower every person and every organisation on the planet to achieve more. So that you can trust the Microsoft products and services you use, we take a principled approach with strong commitments to privacy, security, compliance and transparency.”

Read more

Shane Chambers No Comments

Companies Continue to Cover up Data Breaches Despite Imminent Fine Increase Under GDPR

Recently, car insurance and breakdown cover provider AA faced accusations of covering up the severity of a data breach that occurred in April of this year. The AA, through their customer support Twitter, chose to downplay reports of the breach and assured users that no credit card or other sensitive data had been exposed. Data was leaked from their online shop due to a server misconfiguration. However, this server contained data on over 100,000 AA customers, and included partial credit card data. Despite knowing about this breach for over two months, it wasn’t until the cyber security community cried out in outrage that AA eventually admitted to the severity of the breach. No customers were notified by the AA directly.


No customers that were impacted were directly notified by the AA, despite the breach being discovered in April.

Read more

Shane Chambers 1 Comment

Cybercrime as a Service – Online scamming courses, €10 hacking software, & much more

Everyone’s talking about cyber security these days, and there’s a seemingly endless list of protective measures to be taken to prevent cyber attacks. It can be a bit daunting, and at times hard to secure the right budget, so is all this hype about security really necessary? The short answer is – YES. The long answer is that in order to understand why cyber security has taken over the forefront of IT for businesses, you must first understand that cyber criminals are no longer just bedroom hackers; they’re a fully fledged industry.


Cybercrime costs the economy an estimated $450 billion globally

Cybercrime-as-a-Service is on the rise in a big way, with criminals constantly developing more advanced ways to steal businesses’ hard-earned cash over the internet. The industry continues to evolve and adapt and is now highly organised. All one has to do is log onto certain sites on the Dark Web and they’ll be greeted with professional hackers offering ransomware, malware, phishing, DDoS and much more as-a-service.

Read more

Shane Chambers 2 Comments

CEO or CFO Fraud

CEO/CFO Fraud is a phishing scam that has gained popularity in recent years, where cyber criminals hack or spoof the email address of a senior staff member and request an urgent payment to an unknown account. These phishing emails are usually sent to staff involved in the finance or accounts of the company, and request payment in a manner which is often outside normal payment procedures. These emails appear to be genuine to convince staff members to comply with the request, believing they are indeed from their company’s CEO or CFO. Once the money has been transferred to the criminal’s account, it is usually withdrawn again straight away and hidden elsewhere.

You should be extra vigilant of:
– Any payment request which is outside of normal policy or procedure, especially by email
– Any urgent or confidential request for payment transfer, especially if not respecting the standard procedure
– Any unusual request such a transfer of high amounts to an unknown account or to a country where the company does no business

If you do receive an unusual financial request by email, we strongly advise you to get verbal confirmation from the sender before taking any action.

Concerned that your organisation may be vulnerable to such phishing attacks? We’re offering a free phishing risk assessment for companies who want to find out and learn how to mitigate these dangers.