Technician + Trainee Cyber Security auditor = Antony Woodward

“A day in the life of”… an IT Technician and Trainee Cyber Security auditor A bit about Antony Woodward, our IT Technician… My name is …

“A day in the life of”… an IT Technician and Trainee Cyber Security auditor

A bit about Antony Woodward, our IT Technician…

My name is Antony Woodward and I am an IT Technician and Trainee Cyber security auditor at excellence IT.  I have recently graduated from the University of South Wales with a BSc Hons in Computer Forensics.  I am also a former associate of the National Cyber Security Academy (NCSA) in Newport.

Before University, I had never worked within the IT industry.  I often bounced between jobs due to lack of progression and career opportunities. At the age of 25, I decided to make a change and achieve a qualification in a subject in which I wanted a career; IT and Cyber Security.

I hope my story demonstrates that it is possible to make a drastic change in career, even when you think the opportunity may have passed.  I hope to highlight how steep of a learning curve it has been for me and the challenges I have faced.  Hopefully this helps offer insider advice for anyone looking to make a change and wants a new career in IT.

A bit about Antony’s Technician role…

The primary function of an IT Technician is to assist with customer phone calls, raise tickets and escalate issues when needed.  This has been the most challenging position I’ve held.  The knowledge my fellow technicians hold is simply astonishing but thankfully, they share this with me whenever I need assistance.

My first impression of excellence IT is how detail orientated the technicians and engineers are. The focus is truly on the customer and the overall customer experience.  High quality service really is at the centre of everything here at excellence IT.

Having never been in a phone-based role before, let alone in an IT role, becoming an IT Technician has been interesting to say the least.  The biggest adjustment I have had to make from previous job roles and student life, is learning how to multi task efficiently. Balancing a customer on the phone, while remoting on to a system and checking background software proved very tricky to start with.

All businesses operate in different ways and because of this, each of our customers has a service tailored to their needs.  I find it rather challenging when trying to remember the way in which each customers’ infrastructure has been constructed.  It is a brilliant learning curve which helps me become more familiar which each customer and is definitely improving my memory!

A bit about Antony’s auditor role…

excellence IT recently became a Cyber Essentials auditing body.  Due to the high volume of requests from customers, they were looking to recruit an extra pair of hands. excellence IT wanted someone who shared their passion for keeping businesses secure in this ever-growing world of cybercrime. The role excellence IT were offering combined two great interests of mine, Cyber Security and IT Support.  When I saw the role, I instantly applied and, due to my time at the academy and my determination, I attained the role.  With the risk of sounding cheesy, I felt very proud of myself!

The Cyber essentials/plus/IASME auditing is very interesting as it allows you to gain an in-depth knowledge of the customers’ infrastructure.  This enables us as a company, to recommend solutions that will not only keep their business safe, but also improve the functionality of their company.  Besides that, it is great way to build trusting relationships with our customers.

Since working for excellence IT, I have undertaken a few audits with direct supervision and I am looking forward to completing my first audit alone.  (I have the IASME training course coming up soon and I am feeling very nervous!)

Antony’s thoughts on excellence IT and the IT industry…

excellence IT is a fantastic company to work for and I genuinely feel lucky to be here.  The technicians and engineers are always willing to help when I inevitably encounter a new issue where I lack experience.  The Directors at excellence IT are extremely supportive of all staff.  They are constantly helping develop and widen their staffs’ skillset; supporting them through exams, courses and accreditations.  It’s refreshing to see a company so invested in the personal development of their team.

The ethos of excellence IT is very much in line with my own; helping businesses to “improve, innovate and transform”, with a robust and secure IT infrastructure.

Thank you excellence IT for seeing potential in me and providing me with the opportunity to embark on this exciting journey!

That’s all for now!

If you have any further questions, I am available on Twitter and LinkedIn, as is excellence IT.

 

excellence IT

Twitter: @eituk
LinkedIn: excellenceIT

 

Antony Woodward

Twitter: @antonyjwoodward
LinkedIn: Antony Woodward

Meet the rest of excellence IT’s team here: Meet the Team!

Customers can log a ticket with excellence IT here: Log Ticket

 

 

 

Photo by Anete Lūsiņa on Unsplash

 

Why becoming Cyber Essentials Certified should matter to you and your business

Here at excellence IT, we can now proudly say we are Cyber Essentials Plus certified! This week, we are celebrating becoming Cyber Essentials Plus certified. …

Here at excellence IT, we can now proudly say we are Cyber Essentials Plus certified!

This week, we are celebrating becoming Cyber Essentials Plus certified. We have worked hard to ensure we are fully compliant because we want to reassure our customers we are providing the most secure service we possibly can.

Why Cyber Essentials should matter to you…

Cyber Essentials is a Government supported scheme established to help companies protect themselves against common, online threats by adhering to a set of technical controls.

The five key technical controls that are the focus of a Cyber Essentials audit are:

  • Testing Firewalls and internet gateways to confirm hardware and software are working correctly.
  • Ensuring secure configurations have been arranged on all systems and are aligned with the company’s needs.
  • Access control has been set up to provide staff with relevant access to necessary areas of the system(s).
  • Ensuring all Malware protection has been installed, is up-to-date and working correctly.
  • Checking the latest supported version of all applications are being used and all necessary patches have been applied.

Implementing these five key technical controls within a business can prevent many cyber-attacks and is strongly recommended to comply with the upcoming GDPR this May.

How Cyber Essentials can benefit your business…

There are two different levels of certification that a company can achieve; Cyber Essentials (CE) and Cyber Essentials Plus (CE+). Each level of certification can help an organisation improve their cyber security and data protection.

The first level of Cyber Essentials helps a company establish basic processes to protect against cyber-attacks. Cyber Essentials Plus takes a more in-depth investigation into your IT infrastructure which is verified by an expert.

Each certification enables a company to demonstrate how serious Cyber Security is within their business. Becoming Cyber Essentials Certified adds value to a company through the following:

  • Increased opportunities within the public sector – Being CE certified allows a company to bid/tender for contracts within the government.
  • Demonstrates compliance and commitment to CyberSecurity – Shows current and potential customers the correct tools have been implemented within the organisation to stay cyber secure and ensure data is protected.
  • Assists in preparation for GDPR – supports the creation of relevant policies and procedures that are crucial for GDPR.
  • Helps to identify risks within a business – not only does it identify weak spots within a company’s IT setup, it helps put the measures in place to eliminate the risks.

Excellence IT is now a Cyber Essentials accrediting body…

Being an IT support company, gaining IASME Gold, CE and CE+ status was crucial to our development. Providing high quality IT support to our customers is extremely important. These certifications provide us with the opportunity to demonstrate our dedication to protecting our customers from cyber-attacks and data breaches.

We wanted to assist our customers in acquiring Cyber Essentials certification. excellence IT worked tirelessly through audits and exams to become a Cyber Essentials accrediting body.

We want to help all businesses ensure their work environment is safe from avoidable cyber-attacks. To receive a quote for Cyber Essentials or Cyber Essentials Plus audit, please call us on 02920 887 362.

For more information on Cyber Essentials, visit:

https://www.gov.uk/government/publications/cyber-essentials-scheme-overview

Managed IT Support for companies who want to feel cared for!

A little about excellence IT and the Managed IT Support Service we provide. Over the years, excellence IT have grown our Managed IT Support service …

A little about excellence IT and the Managed IT Support Service we provide.

Over the years, excellence IT have grown our Managed IT Support service organically through word of mouth and referrals from current customers. We have spent years building a strong foundation for our company focused on providing a high-quality service. We offer no lock-in contracts with no exit fees as we are confident in the quality of the IT Support we provide.

The conception of excellence IT.

excellence IT was born when our 2 directors decided to build a company based on their genuine passion for IT.  For the past 25 years, both Andy Beer and Andy Green have lived and breathed IT.

We pride ourselves on delivering a full-cycle IT service to help organisations IMPROVE, INNOVATE and TRANSFORM; these 3 words are what form the foundation of our company’s DNA.

What we do for the companies we look after and support.

Here at excellence IT, we understand that IT isn’t everyone’s cup of tea. Your passion and focus is the industry in which you work. We want to take all of your IT woes off your hands, so you can focus on your core business.

Excellence IT likes to think of the companies we support as partners in business.   We want to become an extended arm of your company, getting to know your staff and how your business works. (So much so, we have been known to enjoy many a social with our customers). This allows us to provide the most relevant and productive Manage IT Support for you.

Our Values.

Here at excellence IT, we want to work with and support companies whose values align with ours. We understand the importance of relationships built on trust. We pride ourselves on our honesty, high-quality customer service and exceptional service delivery; which is what we believe is the perfect recipe for a trusting relationship between businesses.

This trust is what allows us to build and create successful IT infrastructures within our customers’ organisations. We would never recommend any service or product we feel isn’t going to directly benefit your business.  Making sure you are looked after and supported successfully is what makes your day-to-day IT lives more relaxed, and our jobs easier.

Future plans for our Managed IT Support.

Excellence IT are looking to grow. We want to provide other companies out there with the high quality and honest service we have spent 15 years developing. We want to be part of your company’s progress, ensuring we are supporting and evolving your IT infrastructure as you grow.

If you want to outsource your IT support to a company who is passionate about IT, cares about the people we work with and wants to find our success through helping other companies find theirs, give us a call on 02920 887 362.

To see how our Managed IT Support has helped some of our customers, please visit our case studies here.

Never mind the KPI’s – what happened to good old fashioned customer focused services?

Never mind the KPI’s – what happened to good old fashioned, customer focused services? As an owner and director of a South Wales based Managed …

Never mind the KPI’s – what happened to good old fashioned, customer focused services?

As an owner and director of a South Wales based Managed Service Provider, I like to keep a watchful eye on trends in the industry. In the past few years I’ve witnessed a few interesting, and concerning, trends.  These trends often focus on unrealistic and misleading statistics around what a good Managed Service Provider looks like.

There seems to be a race to the bottom with providers trying to do outdo each other.  They are often using statistics based around the time it has taken to answer the phone (in seconds!) and service level agreements being met 100% of the time etc – really?  What does this actually mean? Is your call answered and a call logged / fixed / escalated? The devil is in the detail and in my opinion the statistics are mainly irrelevant.

My point is you still need good processes and suitably qualified/experienced engineers to provide a good level of service and not be blinded by misleading and irrelevant statistics and KPI’s.  I would argue the best service would be where there your call is answered by a suitably qualified and experienced engineer who sees you call through to a satisfactory completion at first response. A great ideal but not always achievable.

In my opinion, a more objective view of the performance of a service desk is evidenced by amount of engineering time required to fix the issue and the amount of tickets that are closed without escalation to more senior members of the team. These are very strong indicators of high service levels and properly trained and qualified engineers.

We are constantly meeting with prospective new clients and hear the same stories day in day out – poor service being hidden behind KPI’s and stats.

For example, having an agreement in place where a service provider is contracted to respond within 2 hours in the event of a critical problem – what does this mean exactly?

From what I’m being told, the call is acknowledged within 2 hours and someone may start working on it but as far as the service provider is concerned the service level agreement has been met so no breach of contract.

With business-critical systems unavailable, costing your business thousands of pounds per hour, you are stuck on the phone wasting more time hassling the service provider to fix the problem only to be tied up in an escalation procedure you don’t’ really understand as it wasn’t explained to you in the first instance. We get it, not good enough!

When I look around the South Wales Managed Service Provider market I don’t see many companies where the leadership team is from a technology company background, in our case HP (Hewlett Packard). The point I’m trying to make is that in our time working at HP on service contracts for huge multinational organisations, there were service delivery managers, engineers and escalation teams as you would expect but we never hid behind a ticking clock or SLA where customer service was concerned. Understanding of the customer business was foremost in our thoughts – when the proverbial hit the fan it’s was all hands to the pump and get the job done. That’s still how I see it today.

It’s this element of customer focus and a pragmatic approach to service delivery is what I believe is getting lost in the quagmire of KPI’s and statistics. We understand you need processes and procedures in place (we are certified ISO 9001) or carnage will ensue. However an understanding exactly when our clients  ‘really’ need us is what sets us apart. It’s a bit of a cliché, but there are service providers who see themselves as partners to the business and those that are mainly transactional with a different focus I don’t think I need to point out which camp we are in.

We still believe KPI’s and statistics have a place in service delivery, just not for hiding behind poor service. We rely heavily on this type of information in evidencing business cases for updating systems or identifying training needs, stuff that really adds value to your business.

In summary, I would strongly advise anyone looking at a Managed Service Provider to see past the meaningless stats that seem so prevalent in the industry and speak with companies with similar requirements of their experiences with providers in your area. In any walk of life anecdotal evidence has a considerable gravitas for me, particularly from people I have worked with and trust.

I’ll finish my blog with a point which I believe holds true in almost every walk of like. You won’t get to really know your service provider until you really need them. I hope you are not left high and dry in your hour of need!

Andy Beer, July 2017

Key reasons why Disaster Recovery limits cyber-attack damage

Experts are already predicting a bumpy year for cyber security in 2017. Whilst proactive security is essential, effective disaster recovery could just save the day …

Experts are already predicting a bumpy year for cyber security in 2017. Whilst proactive security is essential, effective disaster recovery could just save the day if a dreaded cyber-attack hits your business.

Think 2016 was a bad year for cyber security? In 2017 security experts are predicting that cyber criminals will execute more sophisticated, advanced attacks.

It’s a no-brainer that in your business there will be a keen focus on keeping the hackers out but there is always a risk of a security breach. Cyber criminals are determined to exploit vulnerabilities. A key part of your defence should include your plan of action should your business suffer a cyber-attack.

A cyber-attack could be critically damaging

We all know this is the truth, and this is why businesses across the globe are awakening up to the importance of cyber security. But what happens if a hacker succeeds in executing a breach?

The short answer: You risk exposing your business data, disrupting service delivery and the repercussions could be costly.  If your business suffers a cyber attack, it’s essential to limit the damage. It’s at times like these when disaster recovery steps in to save the day.

Reducing the impact of a cyber attack with disaster recovery

When developing a post-attack strategy in your business, take a well-rounded approach. If you assess how your data could be compromised, who this will affect, and how it will impact business operations then you can prioritise your disaster recovery process.

Disaster recovery looks different in every business, therefore, you need to consider how this fits with your organisation and your sector.

It’s important to think about the following:

  • How are you going to be able to recover data? Attacks such as ransomware hold data hostage. Effective backups can be your lifeline if you hit by this malicious malware.
  • What is your communications strategy? Your staff will need to know how to respond and customers will need to be made aware.
  • How can you measure the impact? If your business is breached, you will need to know the extent of the damage.
  • How can you analyse what happened? To recover your business, you will need to understand how the breach happened and how it can be prevented in the future.