Tag Archive for: News Posts

Lack of cybersecurity training is leaving businesses at risk

Employees are constantly bombarded with phishing

Businesses are putting themselves at risk of all kinds of cyber-attacks due to poor practices when it comes to educating and training the workforce.

A new report from Yubico, found less than half (42%) of UK businesses it surveyed held mandatory, frequent, cybersecurity training. 

There are many things employees could be taught, which would improve the cybersecurity posture of organizations, the report further suggested. For example, roughly half (47%) often write down, or share their passwords  which is one of the most common mistakes when it comes to safeguarding a password. 

Resetting the password 

Elsewhere, the report found that many workers (33%) allow other people to use their work-issued device, while more than half (58%) use personal devices for work. 

A similar percentage (49%) do vice-versa, as well, by using a work-issued device for personal use, which is another cybersecurity red flag. Finally, half (48%) have been exposed to a cyberattack such as phishing, without reporting the incident to their IT and cybersecurity teams. 

Even when an employee gets exposed to a cyberattack, their organization does very little to amend the issue. “Very few” companies implemented phishing-resistant cybersecurity methods in response to being targeted, a third (28%) simply had their passwords reset, and just a quarter (28%) were made to attend cybersecurity training. 

“Cyber attacks, and how to prevent them, should be top of mind for every organization. However, our research reveals a remarkable disparity between the risks of cyber-attacks and businesses’ attitudes toward them,” commented Niall McConachie, regional director (UK & Ireland) at Yubico.

For McConachie, businesses should deploy multi-factor authentication (MFA) as soon as possible, and consider FIDO2 security keys. The latter “have been proven to be the most effective phishing-resistant option for business-wide cybersecurity”, he says. 

“By removing the reliance on passwords, MFA and strong 2FA are more user-friendly and can be used for both personal and professional data security. This is especially important as cyber-attacks are not limited to companies but can directly target customers and employees too.”

One of the most used-used passwords – “123456” – is still in use today, despite being known by virtually every cybercriminal out there, the report concluded.

Source: Lack of cybersecurity training is leaving businesses at risk

AI chatbots making it harder to spot phishing emails, say experts

Poor spelling and grammar that can help identify fraudulent attacks being rectified by artificial intelligence

Chatbots are taking away a key line of defence against fraudulent phishing emails by removing glaring grammatical and spelling errors, according to experts.

The warning comes as policing organisation Europol issues an international advisory about the potential criminal use of ChatGPT and other “large language models”.

Phishing emails are a well-known weapon of cybercriminals and fool recipients into clicking on a link that downloads malicious software or tricks them into handing over personal details such as passwords or pin numbers.

Half of all adults in England and Wales reported receiving a phishing email last year, according to the Office for National Statistics, while UK businesses have identified phishing attempts as the most common form of cyber-threat.

However, a basic flaw in some phishing attempts – poor spelling and grammar – is being rectified by artificial intelligence (AI) chatbots, which can correct the errors that trip spam filters or alert human readers.

“Every hacker can now use AI that deals with all misspellings and poor grammar,” says Corey Thomas, chief executive of the US cybersecurity firm Rapid7. “The idea that you can rely on looking for bad grammar or spelling in order to spot a phishing attack is no longer the case. We used to say that you could identify phishing attacks because the emails look a certain way. That no longer works.”

Data suggests that ChatGPT, the leader in the market that became a sensation after its launch last year, is being used for cybercrime, with the rise of “large language models” (LLM) getting one of its first substantial commercial applications in the crafting of malicious communications.

Data from cybersecurity experts at the UK firm Darktrace suggests that phishing emails are increasingly being written by bots, letting criminals overcome poor English and send longer messages that are less likely to be caught by spam filters.

Since ChatGPT went mainstream last year, the overall volume of malicious email scams that try to trick users into clicking a link has dropped, replaced by more linguistically complex emails, according to Darktrace’s monitoring. That suggests that a meaningful number of scammers drafting phishing and other malicious emails have gained some ability to draft longer, more complex prose, says Max Heinemeyer, the company’s chief product officer – most likely an LLM like ChatGPT or similar.

“Even if somebody said, ‘don’t worry about ChatGPT, it’s going to be commercialised’, well, the genie is out of the bottle,” Heinemeyer said. “What we think is having an immediate impact on the threat landscape is that this type of technology is being used for better and more scalable social engineering: AI allows you to craft very believable ‘spear-phishing’ emails and other written communication with very little effort, especially compared to what you have to do before.”

“Spear-phishing”, the name for emails that attempt to coax a specific target into giving up passwords or other sensitive information, can be difficult for attackers to convincingly craft, Heinemeyer said, but LLMs such as ChatGPT make it easy. “I can just crawl your social media and put it to GPT, and it creates a super-believable tailored email. Even if I’m not super knowledgable of the English language, I can craft something that’s indistinguishable from human.”

In Europol’s advisory report the organisation highlighted a similar set of potential problems caused by the rise of AI chatbots including fraud and social engineering, disinformation and cybercrime. The systems are also useful for walking would-be criminals through the actual steps required to harm others, it said. “The possibility to use the model to provide specific steps by asking contextual questions means it is significantly easier for malicious actors to better understand and subsequently carry out various types of crime.”

This month a report by Check Point, a US-Israeli cybersecurity firm, said it had used the latest iteration of ChatGPT to produce a credible-seeming phishing email. It circumvented the chatbot’s safety procedures by telling the tool that it needed a template of a phishing email for an employee awareness programme.

Google has also joined the chatbot race, launching its Bard product in the UK and US last week. Asked by the Guardian to draft an email to persuade someone to click on a malicious-seeming link, Bard complied willingly if lacking subtlety: “I am writing to you today to share a link to an article that I think you will find interesting.”

Contacted by the Guardian, Google pointed to its “prohibited use” policy for AI, which says users must not use its AI models to create content for “deceptive or fraudulent activities, scams, phishing, or malware”.

OpenAI, creator of ChatGPT, has been contacted for comment. The company’s terms of use state that users “may not (i) use the services in a way that infringes, misappropriates or violates any person’s rights”.

Source: AI chatbots making it harder to spot phishing emails, say experts

What is quantum computing and how will quantum computers change the world?

Depending on who you ask, some say that quantum computers could either break the Internet, rendering pretty much every data security protocol obsolete, or allow us to compute our way out of the climate crisis.

These hyper-powerful devices, an emerging technology that exploits the properties of quantum mechanics, are much buzzed about.

Only last month, IBM unveiled its latest quantum computer, Osprey, a new 433 qubit processor that is three times more powerful than its predecessor built only in 2021.

But what is all the hype about?

Quantum is a field of science that studies the physical properties of nature at the scale of atoms and subatomic particles.

Proponents of quantum technology say these machines could usher in rapid advances in fields like drug discovery and materials science – a prospect that dangles the tantalising possibility of creating, for example, lighter, more efficient, electric vehicle batteries or materials that could facilitate effective CO2 capture.

With the climate crisis looming, and technology with a hope of solving complex issues like these are bound to draw keen interest.

Little wonder then, that some of the largest tech companies in the world – Google, Microsoft, Amazon, and, of course, IBM to name a few – are investing heavily in it and angling to stake their place in a quantum future.

How do quantum computers work?

Given these utopic-sounding machines are drawing such frenzied interest, it would perhaps be useful to understand how they work and what differentiates them from classical computing.

Take every device that we have today – from the smartphones in our pockets to our most powerful supercomputers. These operate and have always operated on the same principle of binary code.

Essentially, the chips in our computers use tiny transistors that function as on/off switches to give two possible values, 0 or 1, otherwise known as bits, short for binary digits.

These bits can be configured into larger, more complex units, essentially long strings of 0s and 1s encoded with data commands that tell the computer what to do: display a video; show a Facebook post; play an mp3; let you type an email, and so on.

But a quantum computer?

These machines function in an entirely different way. In the place of bits in a classical computer, the basic unit of information in quantum computing is what’s known as a quantum bit, or qubit. These are typically subatomic particles like photons or electrons.

The key to a quantum machine’s advanced computational power lies in its ability to manipulate these qubits.

“A qubit is a two-level quantum system that allows you to store quantum information,” Ivano Tarvenelli, the global leader for advanced algorithms for quantum simulations at the IBM Research Lab in Zurich, explained to Euronews Next.

“Instead of having only the two levels zero and one that you would have in a classical calculation here, we can build a superposition of these two states,” he added.

Superposition

Superposition in qubits means that unlike a binary system with its two possible values, 0 or 1, a qubit in superposition can be 0 or 1 or 0 and 1 at the same time.

And if you can’t wrap your head around that, the analogy often given is that of a penny.

When it is stationary a penny has two faces, heads or tails. But if you flip it? Or spin it? In a way, it is both heads and tails at the same time until it lands and you can measure it.

And for computing, this ability to be in multiple states at the same time means that you have an exponentially larger amount of states in which to encode data, making quantum computers exponentially more powerful than traditional, binary code computers.

Quantum entanglement

Another property crucial to how quantum computing works is entanglement. It’s a somewhat mysterious feature of quantum mechanics that even baffled Einstein in his time who declared it “spooky action at a distance”.

When two qubits are generated in an entangled state there is a direct measurable correlation between what happens to one qubit in an entangled pair and what happens to the other, no matter how far apart they are. This phenomenon has no equivalent in the classical world.

“This property of entanglement is very important because it brings a much, much stronger connectivity between the different units and qubits. So the elaboration power of this system is stronger and better than the classical computer,” Alessandro Curioni, the director of the IBM Research Lab in Zurich, explained to Euronews Next.

In fact, this year, the Nobel Prize for physics was awarded to three scientists, Alain Aspect, John Clauser, and Anton Zeilinger, for their experiments on entanglement and advancing the field of quantum information.

Why do we need quantum computers?

So, in an admittedly simplified nutshell, these are the building blocks of how quantum computers work.

But again, why do we necessarily need such hyper-powerful machines when we already have supercomputers?

“[The] quantum computer is going to make, much easier, the simulation of the physical world,” he said.

“A quantum computer is going to be able to better simulate the quantum world, so simulation of atoms and molecules”.

As Curioni explains, this will allow quantum computers to aid in the design and discovery of new materials with tailored properties.

“If I am able to design a better material for energy storage, I can solve the problem of mobility. If I am able to design a better material as a fertiliser, I am able to solve the problem of hunger and food production. If I am able to design a new material that allows [us] to do CO2 capture, I am able to solve the problem of climate change,” he said.

Undesirable side effects?

But there could also be some undesirable side effects that have to be accounted for as we enter the quantum age.

A primary concern is that quantum computers of the future could be possessed of such powerful calculation ability that they could break the encryption protocols fundamental to the security of the Internet that we have today.

“When people communicate over the Internet, anyone can listen to the conversation. So they have to first be encrypted. And the way encryption works between two people who haven’t met is they have to rely on some algorithms known as RSA or Elliptic Curve, Diffie–Hellman, to exchange a secret key,” Vadim Lyubashevsky, a cryptographer at the IBM Research Lab in Zurich, explained.

“Exchanging the secret key is the hard part, and those require some mathematical assumptions which become broken with quantum computers”.

In order to protect against this, Lyubashevsky says that organisations and state actors should already be updating their cryptography to quantum-safe algorithms ie. ones that cannot be broken by quantum computers.

Many of these algorithms have already been built and others are in development.

“Even if we don’t have a quantum computer, we can write algorithms and we know what it will do once it exists, how it will run these algorithms,” he said.

“We have concrete expectations for what a particular quantum computer will do and how it will break certain encryption schemes or certain other cryptographic schemes. So, we can definitely prepare for things like that,” Lyubashevsky added.

“And that makes sense. It makes sense to prepare for things like that because we know exactly what they’re going to do”.

But then there is the issue of data that already exists which hasn’t been encrypted with quantum-safe algorithms.

“There’s a very big danger that government organisations right now are already storing a lot of Internet traffic in the hopes that once they build a quantum computer, they’ll be able to decipher it,” he said.

“So, even though things are still secure now, maybe something’s being transmitted now that is still interesting in ten, 15 years. And that’s when the government, whoever builds a quantum computer, will be able to decrypt it and perhaps use that information that he shouldn’t be using”.

Despite this, weighed against the potential benefits of quantum computing, Lyubashevsky says these risks shouldn’t stop the development of these machines.

“Breaking cryptography is not the point of quantum computers, that’s just a side effect,” he said.

“It’ll have hopefully a lot more useful utilities like increasing the speed with which you can discover chemical reactions and use that for medicine and things like that. So this is the point of a quantum computer,” he added.

“And sure, it has the negative side effect that it’ll break cryptography. But that’s not a reason not to build a quantum computer, because we can patch that and we have patched that. So that’s sort of an easy problem to solve there”.

Source: What is quantum computing and how will quantum computers change the world? | Euronews

Top edge computing platforms in 2022

Edge computing helps reduce latency of data processing. See which edge computing platform is right for your business.

As modern technology continues to advance in ways that satisfy the human desire for instant gratification, consumers are placing more emphasis on speed as a key feature when choosing their product vendors.

Whether you choose to blame this on the world’s introduction to old-school instant messaging or Amazon’s two-day shipping, at the end of the day, the demand for speed affects businesses and organizations like it never has before. But, this demand also means that businesses and organizations must step up their operations to keep up with the competition.

Software solutions that can enable companies to pick up the pace and complete their processes at a faster rate are highly favored, with this feature valued second only to reliability. Fortunately, organizations looking for a way to advance in their data processing can adopt edge computing technology in order to carry out their operations quickly but still trust that their data is secure.

Top edge computing products

Azure Stack Edge

Azure Stack Edge is a hardware as a service that enables organizations to access, utilize and analyze their applications and data locally.

Users can run their containerized applications at the edge location where data is generated and gathered. From there, the data can be analyzed, transformed and filtered, and users can control the data that they choose to send to the cloud. Their edge device also serves as a cloud storage gateway for easy data transfers between the cloud and the edge location.

Working with Azure’s edge solution makes it easy to utilize Azure’s other integratable products, so organizations can generate and train their machine learning (ML) models in Azure and benefit from quick data analysis and insight access.

Azure has several versions of their edge devices within their Azure Stack Edge Pro Series, granting users and organizations more options with a greater selection of features and capabilities to choose from, so they can get the tool that suits their needs.

HPE Edgeline

HPE Edgeline supports edge computing and processing through its various converged edge systems. Its systems provide IT functionality optimized for edge operating environments, enabling users to benefit from edge storage, computing and management.

Their solutions are purpose-built for the edge, with autonomous operations, local decision-making in real-time, and easy scaling across sites and locations. As for security, HPE Edgeline Integrated System Manager provides IT-grade security to support the deployment and operation of their Edgeline systems.

The HPE Edgeline Converged Edge systems serve as a distributed converged edge compute model, so users can manage their operations and data in real time, even without an internet connection. In addition, its systems connect open standards-based operations technology (OT) data acquisition and control technologies directly to the user’s organizational IT system, reducing latency and saving space.

HPE has various enterprise-class converged edge system tools for customers to choose from, with features optimized for different use cases. Additionally, HPE’s Edgeline OT Link Platform software is also offered and supports users’ edge activities like data flow and integration management.

ClearBlade

ClearBlade’s technology works to streamline edge data by connecting device sensors or event data and transporting it into cloud data lakes, enterprise systems or artificial intelligence (AI) tools through built-in integrations. Its software can connect via REST, MQTT and sockets in addition to its prebuilt connections for third-party systems.

The solution lets users choose to keep their functions local within their edge locations or transfer them within cloud storage and vice versa. Users can also complete various data processes at the edge, including data analysis, modification, routing, storage and management.

ClearBlade keeps users’ data secure with encryption, authentication and authorization of application programming interface (API) access. It enables connections across all user clouds, gateways and devices with various protocols.

Another aspect of its edge computing technology is offline continuity, which ClearBlade advertises as a perk to its software. Even when an internet connection is lost, all edge devices are able to continue their real-time behaviors.

Eclipse ioFog

The Eclipse Foundation’s Eclipse ioFog is an edge computing platform for processing enterprise-scale data and applications at the edge. By processing users’ data at the point of creation with an edge-centric compute architecture, users can gain more functionality and greater security for all of their data and application processes.

ioFog’s universal edge computing platform enables users to create and remotely deploy their microservices to their edge computing devices by providing a common computing platform that lets software run on any device.

Users can deploy and manage their multiple edge devices at once as an edge compute network, which ioFog manages automatically. ioFog can manage and transfer any data type and supports native Geofencing of users’ data, notes and routing.

To secure users’ edge activities, each node within the edge compute network is part of a distributed trust network and is constantly validating security protocols with all of the other nodes, monitoring for deviations. The data transfer and communications between notes occur via session-based MicroVPNs, which ioFog creates as a method of enforcing security for its users.

Google Distributed Cloud Edge

Google Distributed Cloud Edge users can now maintain their data use and storage according to their workload needs and requirements by utilizing any of Google’s 140+ network edge locations worldwide or their own localized, customer-owned edge locations. Google also supports Google Distributed Cloud services across the customer’s operator’s edge network and customer-owned data centers.

Users can use the open-source platform Anthos on their Google-managed hardware at their edge location to run their applications securely on a remote services platform. This way, they can locally process their data and transfer or modernize their applications with Google Cloud services.

By leveraging the capabilities of Google Distributed Cloud Edge, users can run local data processing, modernize their on-premises environments, run low-latency edge compute workloads and deploy private 5G/LTE solutions.

The software also connects with third-party services, granting greater accessibility within customers’ own environments.

Alef Private Edge Platform

Alef’s Edge API Platform enables organizations to manage their applications at the edge through mobile connections. In addition, users can develop their own private mobile LTE networks with API connections and firewall protection.

The APIs allow users to manage their mobile connectivity for Industry 4.0 applications. Additionally, deploying mobile networks as a service at the edge can allow users to create an easy-to-use private LTE network without on-site mobile network installation.

Alef’s system increases speed for users, as connecting to their edge enables them to access services within 50 milliseconds of any U.S. enterprise. Furthermore, by simplifying network complexities, Alef has reduced the time to launch to 60 minutes. And by orchestrating their operations and workloads at the edge with their core IP, organizations benefit from lowered latency for their applications.

Finally, leveraging Alef’s edge solutions means being able to connect to any spectrum, any EPC (Evolved Packet Core) and any cloud. Users can connect to 5G/4G/3G spectrums or their own Wi-Fi and manage data traffic across any cloud provider. And Alef is agnostic, so organizations can partner with their EPC or choose to bring their own.

Cisco Edge Computing Solutions

Cisco offers several edge computing solutions for users to deploy their services on their own developed edge computing infrastructure.

Users can design an edge computing infrastructure for their workloads that enable them to separate their network functions and optimize their resources with software-centric solutions that they can procure separately. Additionally, their fixed edge and mobile networks can share 5G core-based infrastructure coverage for greater efficiency in their operational processes.

Application developers can benefit from using Cisco’s open-edge computing model. IT can enable them to mitigate congestion in the core and meet local demands, as applications can access information about local conditions in real time. Additionally, close proximity to subscribers and real-time network data access can enable a better application user experience.

Cisco’s edge computing model can deliver high-quality data and application performance and security. By distributing the users’ computing capacity to the edge, users can benefit from lower latency to end devices, greater network efficiency with edge offloading and reduced costs for data transportation.

Infiot ZETO (Netskope Borderless WAN)

Infiot, recently acquired by Netskope, is a secure access service edge (SASE) platform that provides edge intelligence with AI-driven components. Netskope Borderless WAN will now integrate Infiot’s ZETO technology to further its edge functionalities for Netskope customers.

The combined technology of Infiot and Netskope will now be able to provide further built-in routing, policy-based traffic control, wired and wireless networking, and integrated network security functions for edge deployment.

Furthermore, Netskope customers will be able to utilize cloud-first networking through the use of Netskope SASE Gateways for secure connections between any enterprise location.

The solution’s developments will help improve Netskope customers’ performance speed, cloud visibility and application activity with the addition of this technology.

What is edge computing?

Edge computing is the process of utilizing a software system to process data closer to the data’s source and use location. Processing data with this solution can reduce the time it would take to analyze the data compared to having first to transfer it to a data center or cloud. This is because it shortens the latency time that would be required to move the data back and forth.

How do edge computing products benefit users?

Organizations that choose to store and leverage their business data are constantly increasing their data volumes. The ever-increasing volume and complexity of this data have caused the need for more space and have led to latency issues. However, edge computing software is capable of more significant amounts of data with reduced latency, which means more easily accessible data insights for organizations.

However, an edge computing solution can do more than just reduce the data processing time compared to cloud computing. Organizations can gain a vast range of additional benefits by processing data at a location at the edge of a network and utilizing systems at those physical locations.

Organizations that utilize cloud-based data analysis tools across all of their business enterprises can increase their risk of security breaches and potential data loss, as an attack on a connected solution could affect all of their organizational operations. With edge computing, a security breach would have less impact on the entire organization, and only the transferred data could be affected.

Conducting on-site data analysis with edge computing devices also means that the analyzed data is safeguarded by the localized firewalls that protect the enterprise.

Edge computing can also allow organizations to control their data flow and storage that takes place within their edge locations, enabling them to manage their data in a way that lowers data redundancy, reduces bandwidth and lowers operation costs.

Edge computing is also arguably more reliable than cloud computing. Using edge devices to save and process data locally can mean having greater access to data than entrusting remorse data storage location, as edge device users won’t need to worry about their internet connectivity issues when trying to process and access their data. Regardless of connectivity issues, organizations can have access to their network data stored in their edge solutions.

Primary features to look for in edge computing software

There are several features and capabilities that are common in edge computing products. Edge computing software solutions generally provide features that enable real-time access to local information to support immediate action. In addition, many edge computing software solutions will provide automated features that can occur regardless of unreliable or inaccessible internet connectivity.

To keep users’ data and applications secure edge computing software should come with security features. Common security features of these solutions may include on-premises security, isolated operating environments, edge device monitoring and authorizations, authentication, and encryption layers. Alternatively, edge software solutions may support connections with third-party security services.

Other beneficial features of edge computing systems should support the management of the organization’s data storage, analysis and transfer processes. This can include features that provide users with visibility into their data center and operations and even cloud operations.

In addition, granting users greater control over their data flows can help them facilitate easy scaling across locations, supported by an easily manageable and configurable architecture.

Source: Top edge computing platforms in 2022 | TechRepublic

Quality Management with ISO 9001 – The 7 Key Principles

In the last article we found out that ISO 9001 is the international standard that specifies requirements for a quality management system (QMS). And that most businesses use this standard to demonstrate the ability to consistently supply products and services that meet customer and regulatory requirements.

In this article we are going to look at seven focus areas to help to businesses to keep these standards ISO 9001 has seven key principles that it pushes as important:

Engagement of people

Making sure the management system involves your team

Senior management aren’t the only people who ISO 9001 is for. Your whole organisation contribute towards it’s processes. If you wanted to fully benefit from your quality management ISO then you are going to need to openly discuss issues and share knowledge and experience with your team. It is paramount that everyone in your company understands their contribution to its success and feels valued for it. This will demonstrate your businesses commitment to improving quality and will help to achieve certification.

You could possibly want to consider some awareness training to help to raise awareness of ISO 9001 and the benefits it brings. There are plenty of online courses that could be very informative and useful for your business personnel.

Customer Focus

Focus on your customers and their needs

A really great way of showing your commitment to quality us developing a strong customer focus. So that you can strengthen your business and its performance even further it is very important to gather customer feedback good or bad. This can help you to spot non conformities and improve your processes.

Your company should take into account not only the interests of the consumers, but also those of other stakeholders, including owners, employees, suppliers, investors, and the general public.

Leadership

Develop s strong management team

Strong leadership entails having a distinct vision for the future of your business. Effectively communicating this vision will guarantee that every team member is working toward the same goals, providing your organisation a sense of unity. As a result, employee motivation and productivity may increase.

Process Approach

Create a process culture

The ISO 9001 Standard’s Plan Do Check Act (PDCA) principle will assist you in fostering a process-driven culture throughout your organisation. This is a tried-and-true method to guarantee that you efficiently plan, resource, and manage your processes and interactions.

You may align operations for improved efficiency and make it easier to reach your goals by managing the many sections of your organisation as a whole. You can find areas for improvement by measuring and analysing these interconnected processes.

Improvement

Drive continual improvement

The ISO 9001 quality management system depends on continuous improvement, which is why it should be your company’s main goal. You can uncover ways to enhance and strengthen your business by putting processes in place for identifying risks and opportunities, spotting and resolving non-conformities, and measuring and monitoring your efforts.

Evidence-Based Decision Making

Base your decisions on facts

Making informed judgments requires access to accurate and trustworthy data. For instance, you need the appropriate evidence to identify the underlying reason of a non-conformity. Ensure that individuals who require information can access it and maintain open lines of communication.

Relationship Management

Develop mutually beneficial relationships with suppliers

It’s possible for your suppliers to give you a competitive edge, but this demands a partnership based on trust. Long-term, mutually beneficial methods must be balanced with short-term financial rewards in order to forge such enduring partnerships with suppliers and other interested parties.

Benefits of the Quality Principles

During the ISO 9001 certification process, putting these seven quality concepts into practise can assist you in fulfilling important Standard requirements. As a result, you will be able to raise employee engagement and productivity, customer happiness and loyalty, and resource usage.

By putting these seven quality concepts into practise, you may help yourself meet crucial Standard requirements during the ISO 9001 certification process. You will be able to increase resource consumption, customer satisfaction and loyalty, employee engagement, and productivity as a result.

We’re 4TC Managed IT Services

4TC can support you with all the services you need to run your business effectively, from email and domain hosting to fully managing your whole IT infrastructure.

Setting up a great IT infrastructure is just the first step.  Keeping it up to date, safe and performing at its peak requires consistent attention.

So we can act as either your IT department or to supplement an existing IT department. We pride ourselves in developing long term relationships that add value to your business with high quality managed support, expert strategic advice, and professional project management.

Quality Management with ISO 9001 – What is it?

The Quality Management Systems (QMS) creation worldwide standard, ISO 9001, was released by ISO (the International Organization for Standardization). The current standard is referred to as ISO 9001:2015 as it was most recently updated in 2015. For ISO 9001 to be produced and updated, it needed to be approved by the majority of member nations in order to be recognised as an international standard, which means it is accepted by most nations on the planet.

What are quality management systems? An ISO 9001 description would be that this standard provides the QMS requirements to be implemented for a business that wants to develop all of the policies, processes, and procedures required to offer products and services that fulfil customer and regulatory needs and enhance customer satisfaction. The cornerstone of quality assurance activities is quality management systems.

Why is ISO 9001 important?

As was already said, ISO 9001:2015 is a widely accepted standard for developing, implementing, and upholding a company’s quality management system. It can be utilised by any business and is intended for usage by organisations of any size and in any sector. Because it is an accepted international standard, many organisations demand this certification from their suppliers as the foundation for any business creating a system to guarantee customer happiness and progress.

Your consumers will feel more secure knowing that you have a Quality Management System in place that is based on the seven ISO 9001 quality management principles if you hold a SO 9001 certification. In fact, ISO 9001 is so important and prominent that it serves as the foundation for other industry standards to be developed by groupings of companies, such as AS9100 for the aerospace industry, ISO 13485 for the medical devices sector, and IATF 16949 for the automobile industry.

What is the current ISO 9001 standard?

The ISO 9001:2015 version of the standard is the most recent one. The previous revision, ISO 9001:2008, was replaced by the ISO 9001:2015 standard, which is also referred to as ISO 9001 revision 2015. Many of the procedures from the earlier iteration of the standard are included in this updated revision, which places more emphasis on risk-based thinking and an awareness of the organization’s context. A significant structural modification from the ISO 9001:2008 standard was made to enable this transition; the key clauses of the standard are different between the 2015 and 2008 iterations.

What is the purpose of ISO?

It is a very common question to ask what the purpose of ISO is. ISO is an international organisation that creates a commonly recognised set of requirements and guidelines to assist organisations around the globe to act more consistently. More than 22,450 standards are created, published, and maintained by the ISO organisation through technical committees made up of people from all around the world. These standards offer guidance on how to develop management systems, conduct certain testing, and design and construct products.

ISO does not go around assessing companies on these aforementioned standards. The ISO only participates in the maintenance of the standards; it leaves the evaluation of businesses in relation to the standards to outside certification organisations.

In the next article we will look in depth into the most important requirements of ISO and how to best implement them into your business.

We’re 4TC Managed IT Services

4TC can support you with all the services you need to run your business effectively, from email and domain hosting to fully managing your whole IT infrastructure.

Setting up a great IT infrastructure is just the first step.  Keeping it up to date, safe and performing at its peak requires consistent attention.

So we can act as either your IT department or to supplement an existing IT department. We pride ourselves in developing long term relationships that add value to your business with high quality managed support, expert strategic advice, and professional project management.

Your Android smartphone could be your biggest Word or PowerPoint helper

Small quality-of-life feature could change the way you use Microsoft 365

Microsoft has announced a new, more convenient way to pull images from Android devices, such as smartphones, into documents and spreadsheets made with the web versions of Word and Powerpoint found in Microsoft 365.

In a post on the Office Insiders blog, the company revealed that it will soon be possible for users of Microsoft’s online online collaboration tool to link their Android photo libraries to a Microsoft account using a one-time set up process. 

For now, the feature is only available to personal users, in addition to enterprise and education organizations, who have opted into the Office Insiders program, which gives users early access to exciting but experimental new features within the company’s office software suite.

Microsoft 365 and Android integration

While at a glance this might seem like an exclusive club, with some business and education users may be out of luck due to their organization’s Microsoft Office configuration, it’s not too hard to enrol so long as a user has full control over their system. 

For personal users, the Office Insider program is a simple opt-in, to be found on the product information page within Microsoft 365.

Once that’s done, linking your Android photo library to your Microsoft account is a simple process, so long as your Android device has the means to scan a QR code with its camera and install the Link to Windows app on the Google Play Store. 

Luckily, these are features that will come as standard on most, if not all, recent business smartphones.

The new feature promises to be robust and intuitive, supporting the same image sizes, dimensions, and file types currently supported by Word and Powerpoint on the web. It will also allow users to replace existing images in documents with those on mobile devices.

The feature will eventually be available to all users of Office on the web who have a Microsoft 365 subscription, use an android phone, and, if they are using the Mozilla Firefox web browser, are using version 104.0 or later.

Source – Your Android smartphone could be your biggest Word or PowerPoint helper | TechRadar

Meta Quest Pro VR headset may, with Microsoft’s help, be super productive

Several of Microsoft’s work and productivity tools are coming to the metaverse.

Microsoft is bringing some of its most popular remote working software to the metaverse, announcing during the recent Meta Connect 2022 event that it is entering a new productivity-focused VR and AR partnership.

In a blog post, Microsoft highlighted that as workplace environments evolve in the aftermath of the pandemic, it’s important to adapt with the times. The company points to recent data it collected showing “50 percent of Gen Z and millennials [envision] doing some of their work in the metaverse [within] the next two years.” 

It’s in this context that Microsoft is expanding beyond its own HoloLens/mixed-reality efforts to help Meta establish a foothold in productivity-oriented VR and AR.

Remote work support

Within the “coming months”, four of Microsoft’s “work and productivity tools” will be making their way to both the Quest 2 VR headset and the newly announced Meta Quest Pro (the official name for the long-awaited Project Cambria). Some of the tools include integration with Microsoft Teams as well as support for a variety of work apps.

To be more precise, the companies are adding Microsoft Mesh to the Quest headsets. This feature will allow people to join Teams meetings being held in Horizon Workrooms, which are virtual boardrooms. You’ll be able to interact with others through Meta Avatars and brainstorm ideas via virtual tools.

It appears the Quest devices will support all the apps from the Microsoft 365 suite. The announcement specifically mentions support for Word, Excel, PowerPoint, Outlook, and SharePoint, but nothing for OneDrive or OneNote. There are also reports stating the apps won’t be special VR versions. Rather, the apps will be a direct port of the desktop version done through Progressive Web App (PWA) technology. Windows 365 will be supported on Quest headsets, too, allowing users to stream a Cloud PC complete with personalized settings. 

Security is also being taken into consideration. Microsoft Intune and Azure Active Directory will support the Quest headsets, allowing IT professionals to protect the devices “with a Quest for Business subscription.” Put more simply, Intune helps manage hardware to protect company data while Active Directory protects software against cyberattacks.

Outside of the remote work integrations, both companies briefly mentioned a plan to bring Xbox Cloud Gaming over to the Meta Quest Store. A giant screen will be projected inside the headset giving you access to Xbox Game Pass and whatever titles you have, but it doesn’t cover the whole view. Think of a movie screen at a theater.

It’s unknown if services like Xbox Game Pass Ultimate will be supported. We reached out to Microsoft so we can learn more. This story will be updated if we hear back

Potential end of Hololens

After going through the reveal, we were left with one question: what will happen to Hololens?

Hololens is Microsoft’s own take on mixed reality headsets, but it never really took off. The current state of this tech is a bit of a mystery. Earlier this year, reports came out that Microsoft scrapped all work on the HoloLens 3 in the middle of development. But then the company said those claims were exaggerated and that Hololens was being repurposed for the US Army. Sure enough, the company revealed IVAS (Integrated Visual Augmented System) for the US military in early September.

So, when it comes to virtual reality for consumers and businesses, Microsoft looks like it’s more interested in providing support via software over hardware. Hololens may truly be gone now, outside of niche uses.

Source: Meta Quest Pro VR headset may, with Microsoft’s help, be super productive | TechRadar

Court win for man fired for not keeping webcam on

A telemarketer who was fired after refusing to keep his webcam on while working had his rights breached, a Dutch court has ruled.

The employee of US-based IT company Chetu was awarded approximately 75,000 euro (£65,700) by the court.

In August, the man, in the Netherlands, was told to share his screen and leave his camera on while working.

After he declined, he was fired for “refusal to work” and “insubordination”.

Chetu did not provide a statement to the court, nor did the company appear at the court hearing, the judgement says.

The court ruled on the case in September, but its findings were published this month and reported by the Netherlands Times.

The BBC has approached Florida-based Chetu, which has a branch in the Netherlands, for comment.

Increased monitoring

Earlier this year, the TUC, which represents unions in England and Wales, warned use of workplace surveillance tech – including the use of AI to monitor workers – had taken off during the pandemic and was “spiralling out of control”.

Methods included monitoring emails and files, webcams on work computers, tracking when and how much a worker is typing, calls made and movements made by the worker, through use of CCTV and trackable devices.

It called for stronger regulation of to protect workers.

Max Winthrop, a partner at law firm Sintons LLP, said surveillance of employees had increased massively as the necessary tech became more accessible and as employers sought to keep tabs on employees working from home.

But he said there was not a simple answer to whether any particular monitoring infringed on an employee’s privacy in the UK.

“It depends. A legitimate reason to monitor, such as the prevention of theft, or physical harm to employees, is likely to be considered favourably by a court or tribunal,” said Mr Winthrop, a member of the Law Society’s Employment Law Committee.

“Merely imposing an intrusive monitoring regime for no good reason, especially if monitoring takes place in areas or the workspace where employees could have a reasonable expectation of privacy, is not”.

‘I don’t feel comfortable’

The employee in the case in the Netherlands had been working for Chetu since 2019, when in August he was asked to participate in a “Corrective Action Program (“CAP”) – Virtual Classroom” during which his webcam was to be kept on.

According to the court record the employee refused, saying: “I don’t feel comfortable being monitored for nine hours a day by a camera. This is an invasion of my privacy and makes me feel really uncomfortable. That is the reason why my camera is not on. You can already monitor all activities on my laptop, and I am sharing my screen.”

In response to the employee’s objections, Chetu argued that this was no different from an employee being observed in an office environment.

But the court disagreed, citing a European Court of Human Rights ruling which, it said, stated that, “video surveillance of an employee in the workplace, be it covert or not, must be considered as a considerable intrusion into the employee’s private life”.

The court found that the there was no sufficient justification for the monitoring by Chetu, and it had therefore violated the employee’s privacy rights.

Source: Court win for man fired for not keeping webcam on – BBC News