0131 510 3456

Archive for category: Business Technology

What is multi-factor authentication?

What is multi-factor authentication?

Multi-factor authentication (MFA) is an extra layer of security that can be used to protect online accounts and other shared computing resources against unauthorised access.

The easiest way to understand MFA is to think about your bank card. When you withdraw cash from an ATM, you need your card (something you have) and your PIN (something you know). There is also a third factor (something you are) – your fingerprint, retina or other biometric information.

When you enter the wrong PIN, the cash machine won’t let you withdraw money and will prompt you to take your card. The same is true with MFA. When you enter the wrong details, access will be denied, and your information will remain secure.

Why is MFA important?

It is more important than ever to protect online assets.

1 – The threat of identity fraud is growing. Hackers have unfettered access to a plethora of personal information from social media accounts, making this type of fraud an easy win.

2 – We have more to lose. We are increasingly reliant on digital infrastructure to manage our lives. Dating, communicating, working, shopping and banking are just some of the areas dominated by digital technology.

3 – Streamlined access. MFA offers a simple and secure method of offering access to the right people at the right time.

4 – Providing another layer of protection against weak or compromised user credentials. MFA should complement strong user credentials; however, it can also provide an additional layer of protection against weak or compromised credentials in some instances.

5 – More organisations and individuals are being targeted by hackers. The chances of being targeted by hackers are increasing. Criminals have many motivations for accessing online data including theft, service disruption, data destruction and more.

What types of authentication exist?

Authentication takes many forms, most of which you will be familiar with already.

Examples of things you know:

PIN – a numeric password such as the one typically used to access your phone or to protect your bank account.

Password – A string of user-defined characters that may include numbers, symbols, upper-case and lower-case letters. It’s important to follow best practice when choosing a password, download our free password guide to get some useful pointers.

Challenge/response – Answers to questions that only you should know. This type of authentication method is less effective due to the amount of personal information available online. Pet names, high-school name, place of birth and even date of birth can, in many cases be accessed by online criminals.

Examples of things you have:

Magnetic stripe cards – Cards that contain user ID data.

Smart cards – A smart card has a pre-programmed integrated computer circuit, usually taking the form of a small chip. Examples include bank cards and mobile SIM cards.

Security tokens – Mobile apps and physical USB tokens that generate a unique one-time passcode (OTP) typically within a minute before generating a new code. Many companies also use SMS messaging to deliver OTPs.

Example of something you are:

Biometrics – Examples of biometric data include voice recognition, fingerprint and iris scanning.

It’s important to note that multifactor authentication is where two unique factors are used in conjunction with one another at the same time – i.e. a smart card must be used with a PIN. Similarly, a security token or authentication app is used to deliver a passcode which must then be entered into the system.

Identity Access Management

Many organisations are seeking to further streamline the login process by using Identity Access Management (IAM) solutions. IAM removes the need for users to know their login credentials and is used to login into apps. Passwords are generated automatically by the software, reducing the possibility of a simple weak password being chosen by the user.

Another benefit of using IAM is during offboarding. If users don’t know the login credentials to various web apps, they can’t access critical business files once their employment comes to an end, making life easier for system admins and business owners.

Why should I care about multi-factor authentication?

Multi-factor authentication on its own won’t be enough to protect your business online, but it will help to ensure your people are taking steps to protect their vital information. As your business grows and becomes more reliant on digital services to function, the threat from cybercrime will increase significantly.

Adding an additional layer of security to business and personal logins will help protect your information and will reduce the threat of becoming another hacking victim. Multi-factor authentication should definitely be in your IT security strategy wish-list this coming year if you haven’t already thought about it.

Network ROI can recommend MFA solutions to suit the needs of your business. Call us on 0131 510 3456 for a chat with one of our security experts today.

In your corner in the fight against cybercrime

In your corner in the fight against cybercrime

Network ROI is helping Scottish SMEs take advantage of the latest scheme to bolster Scotland’s digital infrastructure and protect SMEs against cyber threats. The Scottish Government is offering SMEs in Scotland up to £1000 towards the cost of Cyber Essentials accreditation in a brand new initiative to support business.

Cyber threats come in many forms, and your business network is always under attack. Here is a list of common methods used by hackers to target organisations:

  • Email phishing – usually involves targeting many individuals within an organisation
  • Spear phishing or CEO fraud – a highly targeted attack method that focuses on top earners within the organisation
  • Ransomware – typically activated by clicking on a link in an email or web page to disable computers, enabling the criminal to extort funds
  • Viruses and malware – deployed using various methods to disable devices, causing downtime and disruption
  • Weak passwords – criminals use methods to target weak passwords to gain entry to company systems
  • Web-based threats – criminals compromise legitimate web pages to harvest data such as payment card details
  • Dormant user accounts – hackers exploit unused user accounts to enter the company network to suit their nefarious needs
  • Outdated software – Hackers target vulnerabilities across devices due to poor patching and OS updates

Hackers and malicious actors don’t discriminate. They pick on the weakest link – whether that’s a person, a weak password or an unused email account. SMEs are especially vulnerable, and it is wrong to assume they only target large corporations.

What is Cyber Essentials?

Cyber Essentials is a Government-backed scheme designed to help organisations demonstrate their commitment to cybersecurity, helping reduce cyber threats by as much as 80%. Given that cybercrime is the most common offence in the country, that’s a considerable reduction.

Cyber Essentials involves implementing a set of five technical controls that will help you:

  1. Secure your Internet connection
  2. Secure your devices and software
  3. Control access to your data and services
  4. Protect from viruses and other malware
  5. Keep your devices and software up to date

Benefits of Cyber Essentials accreditation

Achieving Cyber Essentials accreditation has many advantages, such as:

  • Drastically reducing the threat of falling victim to cyber-crime, protecting profits and reducing long-term costs
  • Boosting consumer confidence that you are taking cyber-security seriously
  • Allows you to bid for Public Sector contracts (Government will not consider bids from non-CE certified businesses)

Qualifying for the grant

To ensure fair distribution of the funds, – £500,000 in total has been allocated – the Scottish Government has set out some conditions.

To qualify for the grant, you must:

  • Be a Scottish private business with an SC company number or a charity registered with OSCR
  • Have not completed Cyber Essentials previously
  • Be a designated SME under EU guidelines
  • Obtain a pass certificate for Cyber Essentials before you can claim
  • Complete the pre-approval process

The grant can be used for any work or services that result in your company obtaining Cyber Essentials.

About Network ROI

Network ROI is committed to helping our clients protect their information against all types of cyber threat. We are Cyber Essentials, Cyber Essentials Plus Assessor and IASME Gold Assessor accredited as well as being a Trusted Police Scotland Cyber Essentials partner – we are ideally placed to support Scottish SMEs with their Cyber Essentials journey.

Want to know more about Cyber Essentials?

Call us on 0131 510 3456 or email Ronnie Fraser at to find out how becoming Cyber Essentials accredited can boost your Scottish SME.

Video Case Study – VOCAL Edinburgh

Video Case Study – VOCAL Edinburgh

VOCAL is a charity that provides additional support to carers throughout Edinburgh and Midlothian. To aid in their strategic growth plans, they required a reliable and efficient technology solution for their new HQ, a 200-year old building in Edinburgh.

As their existing IT provider, Network ROI’s team of experienced project engineers designed and installed an entirely new wireless infrastructure that would enable VOCAL to operate in an entirely new way.

An important consideration for this project was to make it affordable without sacrificing security, functionality and reliability.

Project Specification

Hot-desking and increased flexible working capabilities

High-speed, reliable Wi-Fi throughout the office

Cloud-hosted and hands-free telephone system to aid confidentiality and improve efficiency

Fibre leased line to deliver fast and reliable internet connectivity with a guaranteed SLA

Modern, secure laptops running Windows 10 and Office 365 to aid flexible working and increase disaster recovery capabilities

Project Challenges

Delivering an effective Wi-Fi solution in an old building on multiple levels with thick walls and high ceilings proved challenging due to the difficulty of maintaining a constant signal throughout the building. Conducting a thorough Wi-Fi survey at the outset helped our engineers overcome these obstacles.

VOCAL contracted other companies to carry out essential works to ensure the building met current regulations. As a result, some key milestones changed, potentially jeopardising project timescales. Clear and consistent communication from Network ROI helped us meet client expectations and deliver a successful project on time.

Watch the interview

We interviewed VOCAL CEO, Sebastian Fischer to hear how the new technology project has made life with technology easier for VOCAL staff.

Project Outcomes

The wireless infrastructure project has truly revolutionised the way everyone at VOCAL approaches their work.

Flexible working spaces let VOCAL staff, a mix of full-time and part-time and volunteers work from any desk, work from home or other offices.

Cloud-hosted telephony from Gamma delivers a modern and future-proof telephony system that will provide future growth and resilience.

Hands-free headsets offer increased call confidentiality, an essential element of delivering sensitive services.

Fast fibre internet delivers secure and reliable internet connectivity which will power the future scalability and productivity required to meet VOCAL’s growth targets.

Powerful laptops with Office 365 enable staff to work from anywhere with the powerful security features of Office 365 built in.

Secure and reliable Wi-Fi delivers superfast broadband in every room of VOCAL’s 200-year old building – a feat never accomplished prior to this project

Working with a trusted IT partner has ensured everyone at VOCAL has access to the technical resource when required. VOCAL Chief Executive, Sebastian Fischer praised how Network ROI have dealt with technical teething issues and supporting user adoption.


Find out how Network ROI transformed a 200-year old building into a cutting-edge hub for carers in Edinburgh

Keeping children safe online in schools

Keeping children safe online in schools

We need to do more to protect children online in education. However, it is not solely the responsibility of the school to manage the content children access during school hours. Parents, teachers and carers need to work together to understand more about the many dangers lurking online.

Blocking and filtering offensive content by keyword is only part of the answer as radicalisation, online bullying, grooming and harassment offer a persistent threat to the safety of young people online. A multi-pronged approach to Internet safety that includes changes to current legislation, recognition of the mental health timebomb facing children and a new way of protecting children online is needed.

Legislation changes are needed to protect children online

The legislative backdrop is changing due to failures by social media giants who are being urged by the UK Government to do more to protect younger members of society against online threats. The UK Government has challenged the leading social media providers, Facebook, Google and Twitter to ensure more is done to protect underage users of the platforms.

Children between the ages of 10 and 12 are facing significant emotional risks due to social media exposure. Increased levels of anxiety and pressures to maintain their image online is affecting children in their formative years, according to a report commissioned by the Children’s Commissioner.

Gaming addiction is a real threat to children’s mental health

The World Health Organisation has listed ‘gaming disorder’ as a mental health condition, and the NHS is now treating children with gaming addiction. Many parents and teaching professionals are despairing as addictive games such as Fortnite encourage children to stay up well into the night to play with friends online. Lack of sleep and disruption to their daily routine is playing havoc with children’s behaviour, learning and development.

Psychology underpins the entire software industry. App developers and hardware manufacturers deliberately design addictive products, as they know the longer we spend looking at a screen, the more profitable we are. But It is not just children who are at risk, many of us are addicted to our smartphones as we turn to our devices to manage more of our day. A recent report published by industry watchdog Ofcom found that on average, adults check their device every 12 minutes.

The fear of missing out (FOMO) is a real problem, and entire industries are flourishing as vanity and anxiety take control of our lives.  An example is the three dots that appear when someone is replying to an iMessage. The dots are designed to heighten anticipation and therefore offer a reward when the reply comes in. The red dots that litter our phone screen are designed to have the same effect, they make us feel good; reinforcing warm and fuzzy feelings of being wanted and liked, engendering a sense of belonging.

In 2015, the BBC published an article citing the Connected Kids report, compiled by Childwise. The report found that children now spend an average of 6.5 hours per day in front of a screen compared to an average of 3.5 hours in 1995. That increase has many experts worried about the detrimental effect on social skills as well as the potential for a future mental health crisis.

Changing online behaviour with Gooseberry Planet

Gooseberry Planet exists solely to protect children in school online. Entrepreneur Stella James founded Gooseberry Planet to address the online security concerns encountered by her children when they attended school.

Based on 50 role-playing games, Gooseberry Planet connects children, parents and teachers via a secure online portal which can be quickly set up and easily monitored. The platform is designed for all children of school age and delivers a holistic approach to online safety. Studies show that providing a one-off assembly is an ineffective method of educating parents, teachers and children about the many dangers that exist online.

Network ROI is delighted to partner with Gooseberry Planet to help deliver a safer and more secure online experience for school children in Scotland and North England. As one of the UK’s top Managed Service Providers, our skilled engineers have years’ worth of experience managing and supporting technology infrastructure for organisations throughout the UK. Our commercial background ensures we deliver an effective and cost-effective service at all times.

The Ownership Dividend

The Ownership Dividend

Network ROI is proud to be one of more than 100 employee-owned (EO) businesses and advisors who contributed to the Ownership Effect inquiry – the results of which are published today (June 27th, 2018). There is a significant and valuable Ownership Dividend to be gained from more employee ownership in the UK economy.

The Ownership Dividend can deliver a more inclusive and productive economy in three ways:

Improving UK productivity – EO businesses are unlocking higher levels of performance and productivity powered by the increased personal endeavour and discretional efforts of employees acting with greater common purpose once they become employee-owners.

Resilient regional economies – EO provides a viable succession planning option for business owners looking to retire or sell. Selling the company to existing employees protects jobs and provides more opportunities within the local community.

PwC commissioned a ‘Family Business Survey’ which found that two-thirds of all SMEs – 3.4 million businesses – currently don’t have a succession plan in place. The survey also found that only 13% of the £519bn family business sector had a robust documented and communicated succession plan in place.

More engaged employees – via more inclusive, transparent and effective models of corporate governance and employee engagement which better involve, motivate, and financially reward individuals through their ownership stake and other incentives.

Deb Oxley, CEO of the Employee Ownership Association, said:
The ownership dividend benefits individual employees through the delivery of better work and greater financial opportunities and together, employees’ extra discretional effort as owners impacts positively on corporate performance. The ownership dividend also helps businesses to maintain an independent and sustainable model of ownership, and subsequently roots jobs and investment locally and more resiliently.

Employee engagement is historically low in the UK, a crucial factor to increased productivity, higher levels of happiness at work and job satisfaction. Employee ownership provides the perfect vehicle to deliver a more engaged workforce as EO businesses recognise success is driven by their most important asset – their people.

For the UK to benefit fully from the Ownership dividend we are calling on the government to:

  • Invest in ownership capacity building that echoes Scotland’s successful scheme
  • Create a National Strategy for Business Ownership
  • UK regions creating trailblazing pilot projects focused on resilience and succession

Richard Marr, Chief Operating Officer of the The eaga Trust, said: With the employee-owned sector growing considerably over the past 5 years, and at a time when the economy is ready for ways to prepare for the challenges ahead, there is no better time to showcase the results of the most comprehensive study of employee ownership in the UK and look for support to truly realise the Ownership Dividend in the UK.

Employee Ownership in a post-Brexit Britain

As Britain prepares to take a new place on the World stage post-Brexit, it’s a critical time for the UK economy. Employee ownership offers a clear opportunity for UK companies to compete in global markets by delivering exceptional products and services.