Apple says these are the best security keys around

Apple has revealed what it believes are the best security keys to add an extra layer of protection to your digital world.

The recent release of iOS 16.3 saw Apple add security key compatibility to its iPhone and iPad devices – as well as to its laptops and desktops with the macOS 13.2 update.

Now, in a support document, the company has selected its recommendations for the best physical security keys to use with its devices, which comply with FIDO standards – the foremost alliance on credential security that most of big tech are signed up to.

PHYSICAL PROTECTION

Security keys are physical devices that you can use to authenticate a login to a website or service – a type of multi-factor authentication (MFA) method. The difference compared to other, more common MFA methods – such as using an SMS message or authenticator app on another device – is that security keys are not connected to your network, so are protected from any potential compromises on it.

The downside of using physical security keys, however, is that there are no copies of their associated decryption keys stored on a cloud network, meaning that if you were to misplace them, you won’t be able to log in. Apple doesn’t keep any backups either, so you may be permanently locked out of your account.

You can use security keys when logging into your AppleID, in which case they will replace the usual six-digit codes that comprise the standard MFA process. However, you cannot use security keys to login into child or managed AppleID accounts, nor can you use them with iCloud for Windows.

To use them with Apple Watches, they have to be paired with your own phone, not a family member’s.

Apple has recommended what it believes to be three good examples of security keys, which are the YubiKey 5C NFC, YubiKey 5Ci and FEITAN ePass K9 NFC USB-A. The first two it says will work with most current Macs and iPhones, whilst the last will work with older models of these devices, since it uses a USB-A connection rather than the latest USB-C featured on the other two.

More generally, the company stated that any security keys you opt for should be FIDO certified and, of course, have the right connection type for your device.

Apple states that security keys with a USB-C connector work with most of its devices, and those that use near-field communication (NFC) only work with iPhones from iPhone 6 onwards. These connect wirelessly to your device, but do not use your wi-fi network, so are safe from prying eyes.

Although security keys are not essential to stay safe, using one of the best password managers pretty much is.

Source: https://www.techradar.com/

Is Your IT Support What It Should Be? – Things to Look Out For

In the previous article, we looked at the modern office and came to the conclusion that technology has radically changed both our work environments and our personal lives. We also came to the conclusion that simply purchasing technology is insufficient, as you must choose technology that is strategically suited to how you and your team operate. Furthermore, you need to make confident that the tech’s support is of the top calibre.

The duties of your support provider are far more varied than they used to be, and IT assistance is no longer just support.

We’ll highlight a few things to watch out for while you browse the websites of possible providers later on in this post.

Proactivity not reactivity

If your supplier is not proactive, you have little possibility of using the most recent technology. If the tools you are utilising right now aren’t assisting in the expansion of your company, you shouldn’t be forced to keep using them. Proactivity can be revolutionary for the progress of your organisation, as well as from a monitoring perspective. Please don’t be misled — just because an IT company advertises 24/7 monitoring on their website doesn’t indicate that they are proactive. Being proactive takes time. The service provider who will best serve your needs will get to know you, your staff, and what makes your company go. Look at the pledges businesses make when you browse the websites of potential providers; if you’re not sure if they offer this consultancy as part of their SLA, contact them and ask.

Remote support

In the contemporary environment, remote help ought to be taken seriously. Traditionally, you would phone your provider to report a problem, and they would attempt to explain it to you and, if necessary, send a professional to your location to attempt a physical fix. This is no longer essential because many service providers now employ software that enables you to submit a request, which is quickly followed by a professional entering your system – provided you permit them access through a remote session – and resolving the issue remotely. Hopefully, doing so will enable you to learn what to do if the issue recurs.

Expertise

Finding a service with experience and expertise working with businesses in your industry area is the most obvious recommendation. Consider this: Can someone give you the finest advice on what to adopt in your company if they have no experience operating a profitable enterprise in your industry?

Strategic Partnership

Watch out for references to a strategic collaboration, a tailored strategy, or strategic alignment; all have the same meaning and, if made, are positive indicators. It is up to your supplier to make the effort to forge a strategic partnership with you; this is made possible via a combination of initiative and knowledge. Your provider should approach you with an IT strategy that is future-proof and uses the capabilities of current technology. Everything should be geared toward maximising efficiency so that you, your team, and eventually your organisation can continue to advance. As a result, there are a lot of things to check out on a potential provider’s website. These articles should make it clear to you what is expected of an IT team today and how, with the correct assistance, technology may actually work in your favour. This can be difficult, so if you still need clarification or assistance, please don’t hesitate to contact us.

Need to change IT Support provider?

If you are unsure about any of these areas then please don’t hesitate to reach out to us. Our experts here at 4TC can help you with your IT Support or any other technical queries.

Is Your IT Support What It Should Be?

The modern world has changed as a result of revolutionary technology. Technology is continuously changing, and it is thanks to this progress that both our personal and professional life are now easier and much more connected than they ever were. Businesses all around the world are gradually integrating technology into every aspect of their operations, some without even realising it. Whether it’s a small family-run company or a huge multinational behemoth, tech is having an impact.

The use of the proper tools and, more importantly, the appropriate amount of support for those tools’ use, could not be more crucial today, as technology is perhaps the most vital component of a successful business.

The influx of business technology has led to an explosion in IT support companies, and aspiring business owners have seen an opportunity. The majority of these companies make outrageous claims like, “We give the best support,” “We approach your IT landscape proactively,” or “We cater our service to you.” How can you even define “the best” IT support? How is it measured? The answer unquestionably depends on the goals you have for IT.

One widespread misunderstanding about IT support is that it is just support. Contrary to the name, it isn’t any longer only support. Yes, there was a period when that was what it meant, but it was only because technology hadn’t advanced enough to meet everyone’s requirements. There was no chance of making future plans. The IT was functional, but that was about the best you could hope for as you had to adapt your business to fit within its constraints rather than the other way around. Fortunately, we can now tailor our IT support plans to each client rather than forcing them to adjust to IT’s requirements.

Modern IT support should do more; it should be tailored to your business and change to meet your demands. The IT professionals who handle your account ought to be concerned; they ought to exert every effort to join your team and work hard to assist you in achieving your business objectives with the aid of cutting-edge technology.

What can a competent IT support professional do for you?

Show interest with proactivity

An IT organisation needs to take a proactive stance. They should be genuinely interested in your company’s future and want to know about its past. When they only seem to show interest or offer any support when an issue develops, the majority of IT suppliers behave more like an insurance provider than a partner. By demonstrating interest, they will be able to plan for the worst-case situation in a way that best suits your particular management style and, consequently, your entire organisation. How can they accomplish that if they are unaware of how your business is actually operated on a daily basis? Since every company in the world is unique, why are we all given the same treatment?

A proactive approach enables you to anticipate situations far more successfully; in the event of an issue that could define your organisation, you and your team will be ready—or at the very least, have developed a plan to keep your team operating. Strategically aligned IT, combined with IT support that reflects it, is crucial because being able to foresee problems prevents small ones from growing into large ones.

Allow for unlimited calls

Any IT provider who restricts the number of calls you are permitted to make to them should be ignored right away. How could you possible foresee how frequently you may need assistance or when that assistance may be required? The premise alone is absurd. If you knew that, you wouldn’t ever require help in the first place.

Effective communication

Tech-savvy people aren’t always the best communicators; while this doesn’t diminish their technical expertise, it does have an impact on the level of service they can provide. Your IT environment, as well as your provider’s relationship, could suffer from inadequate levels or quality of communication. If they don’t accomplish these things, you have little chance of being ready for any potential problems. They must be in continual touch with you, show interest in your future plans, and discuss with you any concerns they have about the general technology landscape of your firm. You won’t even get this far if there is bad communication from the beginning since how else would they be able to understand your worries and goals, let alone assist you in resolving them?

You’ll communicate with the right providers frequently. Of course, don’t anticipate a call every day; a call once a month will do. They must make a concerted effort to learn about you, your team, your company’s operations in general, its history, and your long-term goals.

The top support providers will not only become technically familiar with your company; they will also want to know what makes it successful, what operational issues can jeopardise it, the difficulties you have on a daily basis, and what they can do to assist.

Service Level Agreement (SLA)

An SLA is crucial because it outlines the criteria you and the service provider agree upon and outlines the guarantees they provide regarding the service. Take your time to discuss things with potential providers; don’t just accept the first contract that is presented to you. Each supplier has a comparatively unique product.

If the article has the desired effect, it will arm you with the knowledge to make a revised decision about what is best for you, your team, and the future success of your business. The following article will be a checklist of what to look out for in an IT provider, outlining what to look out for on potential providers’ websites.

Need to change IT Support provider?

If you are unsure about any of these areas then please don’t hesitate to reach out to us. Our experts here at 4TC can help you with your IT Support or any other technical queries.

Buying the Best Tools for Remote Working – Secure Remote Access

At the height of the pandemic, 49% of UK workers found themselves working remotely at least one day per week.  The same figure for 2019 stood at just 12%, illustrating the dramatic culture change that was forced upon workplaces across the country. 

Today, whilst many of us have returned to the office on a permanent basis, 22% of employees continue to work remotely at least one day per week, and 11% (roughly one in eight) report working from home exclusively: proof that the concept can endure when correctly implemented.

With benefits ranging from improved employee retention and enhanced work-life balance to reduced pressure on office space and a reduction in costly commutes, enabling remote work can be advantageous for employers and employees alike.  However, to ensure your remote team remains motivated and productive it’s vital that they have access to the right tools and services.

At the heart of a workable remote working strategy is a means by which to provide secure, unhindered access to the data and services your remote team need, a concept known as ‘secure remote access.’  In this article we’ll look at some of the most popular options for providing secure remote access with consideration given to the advantages and drawbacks of each solution. 

Remote Access Virtual Private Networks (VPNs)

Virtual Private Networks are one of the most popular ways to grant geographically dispersed employees access to corporate resources.  VPNs can be configured to allow remote employees to access resources such as email services, enterprise software (scheduling tools, project management tools, CRMs etc) and data vaults without compromising the security of sensitive information. 

A VPN extends the privacy afforded by an on-premise network to remote employees by encrypting all transiting data.  Authorised end users log into the VPN using a client portal on their endpoint device and this establishes a protected, private connection between the user and the internal network, ensuring sensitive data is kept safe from prying eyes.

Advantages of Remote Access VPNs

  • 24/7 Access to resources and data.  Remote access VPNs provide round-the-clock access to resources.  All that is required is an approved device and a dependable internet connection. 
  • Heightened Security.  Remote access VPNs shield sensitive data against malicious interception.  Particularly important when access resources using insecure networks such as public WiFi.
  • Affordable for small businesses.  With services offered on a per-user subscription basis, remote access VPNs are a cost-effective way to grant secure remote access to employees, with the ability to scale up and scale down provision in line with demand.

Disadvantages of Remote Access VPNs

  • Careful management is required.  Client software must be installed on every approved endpoint device, and must be regularly updated to ensure a high standard of security.  Care must also be taken to ensure account credentials don’t fall into the wrong hands, as these could grant a hacker access to multiple network services in one fell swoop.
  • High Latency (cloud-hosted VPNs).  While affordable and convenient, cloud-hosted remote access VPN services can result in high data transfer latency if the service’s NAS (network-attached storage) is located a considerable distance from the company’s internal network.

Remote Desktops

Remote Desktop setups allow remote users to take command of a specific, office-based computer via an active internet connection.  IT support is a common application of such technology, allowing technicians to diagnose issues and apply fixes to a machine without having to be physically present. 

Using a client application installed on the remote device, users can access files and applications stored on an elected ‘host’ device as though they were sitting in front of it, with the service transmitting mouse and keyboard inputs from the client device to the host.  In addition to desktop PCs, Remote Desktops can also be used to access servers and virtual server environments. 

Advantages of Remote Desktops

  • Cheap and Effective.  Remote desktop services are a very affordable way to enable remote access to office-hosted apps and data.  The setup requires no hardware to operate and services often feature encrypted connections for greater security.
  • Familiarity.  Remote desktops allow remote workers to access files and services via the desktop interface they’re familiar with.

Disadvantages of Remote Desktops

  • The host machine must be turned on.  The machine being accessed must be on and remain on for the duration of the session.  It also cannot be used by another employee whilst the remote connection is active.
  • ‘Data-heavy’ activities may perform poorly.  Data-intensive activities such as video editing or graphic work may be clunky and unresponsive.

SD-WAN

While SD-WAN (Software-defined wide area network) is most often associated with medium to large companies seeking to connect multiple branch offices to their headquarters, the technology is increasingly being used to keep remote workers connected to the cloud-hosted and on-premise resources they need access to. 

Wide area network (WAN) connections extend corporate networks over a large geographical area using numerous connectivity technologies, including MPLS, wireless data connections, broadband, VPNs and the internet, allowing employees to access the resources they need from any location. SD-WANs feature software which monitors the quality of these connections, ensuring data is routed via the most reliable and efficient pathway at all times. 

SD-WANs not only connect remote users with office-hosted apps and data, they also link to cloud-hosted services including trusted SaaS providers for a full-optimised remote access experience often backed by SLA-defined performance level guarantees.

Advantages of SD-WAN

  • Reliability.  Because SD-WAN can route data via multiple connectivity pathways, there are almost always several failover options should one fail.
  • Improved network performance.  Software routes traffic via the most efficient connection for reduced latency, improved application performance and a superior end-user experience.
  • Centralised management.  Network managers benefit from a central command point known as an ‘SDN controller’ for convenient routing and policy management.

Disadvantages of SD-WAN

  • Security.  An SD-WAN should be supported by an array of security apparatus to protect the network form external threats.  Intrusion on one machine could spread network-wide without the necessary precautions.
  • Can be difficult and expensive to support.  Setting up and maintaining SD-WAN solutions requires technical expertise that can place a heavy burden on small internal teams and contracting-in such support can often be expensive. 

Software-as-a-service (SaaS)

Over the last decade, the ‘Cloud’ has transformed the way businesses access IT services and launch new tech projects, with software, infrastructure and development platforms accessible on a subscription basis via cloud service providers.  Today, the Software-as-a-service marketplace features enterprise software for almost any conceivable business function, from marketing and HR to accounting and sales. 

Cloud-hosted software combined with cloud storage can be a convenient, secure and low-hassle way to give remote employees access to the apps and data they need. 

Microsoft 365 is perhaps the pre-eminent SaaS offering, featuring a broad suite of tools designed to empower remote workforces.

Advantages of SaaS

  • Scalability.  Unlike conventional software where upscaling might involve provisioning additional server capacity and acquiring additional licenses, SaaS providers typically allow new users to be added in a few clicks for a small additional monthly fee.
  • Cross-platform integrations.  Outdated legacy applications often leave data segregated, resulting in time-consuming and inefficient data handling.  Today’s SaaS offering often feature extensive cross-platform integration and the ability to automate workflows across services for improved workplace productivity.
  • Low-cost access to the best enterprise software.  The SaaS model offers a compelling value proposition compared to traditional software licensing, with services often able to be provisioned for a single end user for a modest monthly fee. 
  • Zero Maintenance.  SaaS providers maintain the software and ‘push’ new features and upgrades to users automatically.  This reduces the management burden for internal IT teams.

Disadvantages of SaaS

  • Lack of customisability.  Compared to custom in-house applications and even locally-hosted proprietary software, SaaS products offer very little in the way of customisation potential. 
  • Data security remains your responsibility.  While SaaS providers are responsible for maintaining the integrity and accessibility of their service, they are not responsible for the security of the data you store on it.  Using a backup service to safeguard cloud-hosted apps and data is advisable, as is the use of secure authentication methods and antivirus protections to further safeguard data being accessed remotely. 

New Materials Will Bring the Next Generation of Quantum Computers

The technology is primed to become faster, more versatile, and thankfully cheaper.

Technologies enabled by quantum science will help researchers better understand the natural world and harness quantum phenomena to benefit society. They will transform health care, transportation, and communications, and enhance resilience to cyber threats and climate catastrophes. For example, quantum magnetic field sensors will enable functional brain imaging; quantum optical communications will permit encrypted communications; and quantum computers will facilitate the discovery of next-generation materials for photovoltaics and medicines.

Currently, these technologies rely on materials that are expensive and complicated to prepare, and they often require expensive and bulky cryogenic cooling to operate. Such equipment relies on precious commodities such as liquid helium, which is becoming increasingly costly as the global supply dwindles. 2023 will see a revolution in innovations in materials for quantum, which will transform quantum technologies. Alongside reducing environmental demands, these materials will allow for room-temperature operation and energy saving, as well as being low-cost and having simple processing requirements. To optimize their quantum properties, research labs can manipulate chemical structure and molecular packing. The good news is that physicists and engineers have been busy, and 2023 will see these materials moving from science labs to the real world.

Recently, the UK Engineering and Physical Sciences Research Council announced a vision for innovation in materials for quantum technologies, led by Imperial College London and the University of Manchester. The London Centre for Nanotechnology—a collaboration of hundreds of researchers across Imperial, King’s and University College London—has considerable expertise in the simulation and characterization of quantum systems. The UK’s home for measurement—the National Physical Laboratory—just opened the Quantum Metrology Institute, a multimillion-pound facility dedicated to the characterization, validation, and commercialization of quantum technologies. Working together, researchers and industry will usher in a new era in pharmaceuticals, cryptography, and cybersecurity.

Qubits, the building blocks of quantum computers, rely on materials with quantum properties, like electron spin, which can be manipulated. Once we can harness these properties, we can control them using light and magnetic fields, creating quantum phenomena such as entanglement and superposition. Superconducting qubits, the current state-of-the-art for qubit technology, comprise Josephson junctions that operate as superconductors (materials that can conduct electricity with zero resistance) at super-low temperatures (–273ºC). The harsh temperature and high-frequency operation requirements mean that even the most basic aspects of these superconducting qubits—the dielectrics—are tricky to design. At the moment, qubits include materials like silicon nitride and silicon oxide, which have so many defects that the qubits themselves have to be millimeter-sized to store electrical field energy, and crosstalk between adjacent qubits introduces considerable noise. Getting to the millions of qubits required for a practical quantum computer would be impossible with these materials.

2023 will see more innovation in the design of materials for quantum technologies. Of the many awesome candidates considered so far (e.g., diamonds with nitrogen vacancy defects, van der Waals/2D materials, and high-temperature superconductors), I’m most excited about the use of molecular materials. These materials are designed around carbon-based organic semiconductors, which are an established class of materials for the scalable manufacture of consumer electronics (having revolutionized the multibillion-dollar OLED display industry). We can use chemistry to control their optical and electronic properties, and the infrastructure surrounding their development relies on established expertise.

For example, chiral molecular materials—molecules that exist as a pair of non-superimposable mirror images—will revolutionize quantum technologies. Thin, single-handed layers of these remarkably versatile molecules can be used to control the spin of electrons at room temperature. At the same time, the long spin coherence times and good thermal and chemical stability of metal phthalocyanines will see them being used to carry quantum information.

While 2023 will undoubtedly see more bombastic headlines about the operating speeds of quantum computers, materials scientists will be studying, discovering, and designing the next-generation of low-cost, high-efficiency, and sustainable quantum technologies.

Source: New Materials Will Bring the Next Generation of Quantum Computers | WIRED UK

2023 could be the year of public cloud repatriation

With cloud costs and complexity higher than expected, many enterprises are making a U-turn and putting applications and data back in traditional systems.

Here’s a topic we don’t discuss as much as we should: public cloud repatriation. Many regard repatriating data and applications back to enterprise data centers from a public cloud provider as an admission that someone made a big mistake moving the workloads to the cloud in the first place.

I don’t automatically consider this a failure as much as an adjustment of hosting platforms based on current economic realities. Many cite the high cost of cloud computing as the reason for moving back to more traditional platforms. 

High cloud bills are rarely the fault of the cloud providers. They are often self-inflicted by enterprises that don’t refactor applications and data to optimize their cost-efficiencies on the new cloud platforms. Yes, the applications work as well as they did on the original platform, but you’ll pay for the inefficiencies you chose not to deal with during the migration. The cloud bills are higher than expected because lifted-and-shifted applications can’t take advantage of native capabilities such as auto-scaling, security, and storage management that allow workloads to function efficiently.

It’s easy to point out the folly of not refactoring data and applications for cloud platforms during migration. The reality is that refactoring is time-consuming and expensive, and the pandemic put many enterprises under tight deadlines to migrate to the cloud. For enterprises that did not optimize systems for migration, it doesn’t make much economic sense to refactor those workloads now. Repatriation is often a more cost-effective option for these enterprises, even considering the hassle and expense of operating your own systems in your own data center.

In a happy coincidence, the prices of hard drive storage, networking hardware, computer hardware, power supplies, and other tech gear dropped in the past 10 years while cloud computing costs remained about the same or a bit higher.

Business is business. You can’t ignore the fact that it makes economic sense to move some workloads back to a traditional data center.

It makes the most sense to repatriate workloads and data storage that typically do a lot of the same thing, such as just storing data for long periods of time without any special data processing (e.g., no advanced artificial intelligence or business intelligence). These workloads can often move back to owned hardware and show a net gain ROI. Even with the added costs to take over and internalize operations, the enterprise saves money (or a lot of money) compared to equivalent public cloud hosting.

However, don’t forget that many workloads have dependencies on specialized cloud-based services. Those workloads typically cannot be repatriated because affordable analogs are unlikely to run on traditional platforms. When advanced IT services are involved (AI, deep analytics, massive scaling, quantum computing, etc.), public clouds typically are more economical.

Many enterprises made a deliberate business decision at the time to absorb the additional costs of running lifted-and-shifted applications on public clouds. Now, based on today’s business environment and economics, many enterprises will make a simple decision to bring some workloads back into their data center.

The overall goal is to find the most optimized architecture to support your business. Sometimes it’s on a public cloud; many times, it’s not. Or not yet. I learned a long time ago not to fall blindly in love with any technology, including cloud computing.

2023 may indeed be the year we begin repatriating applications and data stores that are more cost-effective to run inside a traditional enterprise data center. This is not a criticism of cloud computing. Like any technology, cloud computing is better for some uses than for others. That “fact” will evolve and change over time, and businesses will adjust again. No shame in that. Source: 2023 could be the year of public cloud repatriation | InfoWorld