Blog

Why choose The Silver Cloud Business as your managed service provider?

Wed, 05 Nov 2025 00:00:00 +0000

Why choose us?

This week we were asked to provide a presentation to a management consultant on what we did for one of our clients under management and it got me thinking, why should you choose The Silver Cloud Business as your MSP?

When ever we take on a client, the first thing we do is to build a solid IT foundation. The foundation we use for our clients is to ensure each complies with Cyber Essentials.

This doesn't mean each client will automatically be taken through the accreditation, it just means we follow the guidelines IASME has set out to make our client's environments compliant so should they wish to get the accreditation, it would be a straight forward process.

The reason we do this is because these are solid foundations that we can then build on, knowing that the underlying infrastructure is secure from cyber attack and everything running on it is in a supported state from the manufacturers.

Why is it important to have everything in support?

Cyber threats to businesses are increasing each day, bad actors, hackers use technology to exploit any weaknesses and one of the main weaknesses in IT infrastructure is equipment that is running out of date software, firmware or drivers that have known exploits.

Manufacturers often update their software because a third party has found a weakness and has notified them for a bounty. It is in the interest for manufacturers to run bounty schemes like this because it is far cheaper to fix a problem and roll out the update than to allow customers using their product to run code that can be compromised.

BUT... the manufacturer releasing an update is like an arms race. By announcing the update, they are also letting the world know about the potential exploit, so all hackers know to target this exploit and they go hunting for unpatched, out of date devices running the old software that has the exploit, allowing them to get in.

"They won't bother with my business, its small"

This is often an excuse used by smaller businesses thinking they are off the radar owing to their size, but this is not the case.

Yes larger, higher profile organisations are often targeted for attack, but exploiting vulnerabilities is just a numbers game, where the hackers will set off an an automated attack that just probes anything and everything for vulnerabilities and it is just a matter of pot luck which businesses are included in these bulk attacks.

They don't care, they just want to impact as many vulnerable systems as possible.

What do we do to protect our clients?

Cyber Essentials is built on five areas of technical control which are:

Firewalls - Firewall is the generic name for a piece of software or a hardware device which provides technical protection between your network devices and the Internet. We make sure these are enabled and secure.
Secure Configuration - Computers and cloud services are often not secure upon default installation or setup. An ‘out-of-the-box’ set-up can often include an administrative account with a standard, publicly known default password, one or more unnecessary user accounts enabled. We make sure default accounts are either removed, disabled or have their security reset to prevent their usage.
Security Update Management - To protect your organisation, you should ensure that all your software is always up to date with the latest security updates. We do this but can take it one step further. We have a patch management service that does more than just patch the operating system, we can patch 3rd party applications as well adhering to IASME standards, not as a snapshot in time, but in real time, all the time.
User Access - It is important to only give users access to the resources and data necessary for their roles, and no more. We work with clients to introduce roll based access and remove elevated rights from day to day user accounts, reducing the risk of exploitation.
Malware Protection -Malware (such as computer viruses) is generally used to steal or damage information. Malware is often used in conjunction with other kinds of attack such as ‘phishing’ (obtaining information by confidence trickery) and social network sites (which can be mined for information useful to a hacker) to provide a focussed attack on an organisation. We use a layered security approach, running multiple layers of protection for our clients to prevent the various threat vectors, such as email, internet and portable data storage (such as pen drives). The layered approach means that it is far harder for threats to get through the layers and exploit the device. We use solutions that are found in the Gartner Magic Quadrant leaders quarter, who are the best at delivering solutions and leaders in their field.

This is our baseline for customers under management, it is just the foundations we then work from with our clients, it is not limited to the five areas of technical control, it is just where we start and build from, providing our clients under management with a very secure foundation to develop their IT services from.

The best part is that it doesn't impact our clients, it just makes their working environment a lot more secure, and a lot less likely to be exploited and it means that if they want or need to get the Cyber Essentials accreditation, it can be obtained without the need to change anything, because our baseline is to get all our clients under management to this baseline already.

If you want more information about our services or would like to become Cyber Essentials certified, call us on 01722 411 999 and we can help you achieve this, quickly and with little fuss.

Is it worth sacrificing your personal data security for a bit of convenience?

Wed, 29 Oct 2025 00:00:00 +0000

I have spent many years working in IT, which is an odd place to find myself, especially when you consider I started my career as a Chartered Quantity Surveyor.

Over time I have witnessed the evolution of technology, and I love helping organisations embrace technology that, put simply, makes their lives easier, more productive, and helps them work smarter, not harder.

Throughout these 20 plus years, I am always looking for solutions to protect against the ever-increasing threats that are potentially aimed at my customer base, and not a lot has phased me in this time.

However, there is one threat that concerns me, over which I have no control: the government's plan to implement people with a Digital ID.

What has got me worried?

Government led projects hardly ever scream efficiency, technical excellence, value for money, being bug free or having good security.

It is nigh on impossible to find a Government implemented IT project that has been on time, on budget and successfully implemented. Instead, they always run over budget and they under deliver on what was promised and don't get me started on how they suffer from all sorts of technical issues, data leakage and security breaches.

The next thing on the list that has me worried is the Post Office scandal featuring the Horizon IT project which is shocking, it was known to be flawed but Post Masters were still held accountable for compute errors and some were even given criminal records and were imprisoned, rather than the people running the flawed system admitting that the software didn't work. That is just a level of evil that is difficult to comprehend, how those people sleep at night is beyond me, knowing that innocent people were behind bars, all because they didn't want to admit to having a badly coded system.

Thinking of the Post Office scandal, let's set a scenario:

Someone steals your Digital ID
You try to use your Digital ID but it no longer shows your picture or allows you access to your accounts and services

How do you prove to the government that you are you? Especially when your picture no longer is of you on your digital ID?

I don't mean what if someone steals your phone with your Digital ID on it.

I mean what if someone hacks the database and steals your identity and digitally becomes you?

Identity theft has been a blight on society, with people getting saddled with debt they were blissfully unaware of because someone stole their identity and used it to setup financial agreements, like credit cards or bank accounts or loans.

What would happen if someone managed to steal your Digital ID, they are effectively you, and if the government development roadmap for Digital ID is accurate, they would have access to all your personal information, including financial details, medical records, driving license, passport, and potentially even contracts and property deeds. Meaning they become you, could then own what you did legally and how would you prove otherwise, especially if we look at the Post Office scandal track record of people spending years fighting to clear their names, how do you convince someone who doesn't want to admit their system could be hacked, that it has been hacked and that you are you, not the other person whose picture is on your Digital ID. What the Horizon IT scandal showed us was those in charge were deliberately lying, saying this had never happened to anyone, when they knew it had, I doubt any lessons have been learned from it, so expect more of the same.

In the meantime, whilst you are trying to convince a faceless bureaucrat at the other end of a telephone call that you are you, all your assets could be exploited, spent and sold off, just how would you get these back once you did prove you are you?

Here is hoping you never find yourself in this position.

Recently, the Government hasn't covered itself in cyber security glory either, there have been several high-profile hacks, the most shocking being an MoD data breach that resulted in the known deaths of 49 Afghanis and family members, with significantly more likely dead but unverified as yet, all as a direct result of the data breach.

Poor cyber security has real world consequences and unfortunately Government IT projects have poor cyber security. Couple this with the rich pickings of data on offer and it makes Digital ID a prime target for attacks.

Did you know...

That Digital ID has been in development since Covid? The vaccine passport application was the basis for the new Digital ID platform. It has already been hacked TWICE that they know of. The first was through Government testing of the application, the second was from hackers who broke the security, got in, were unnoticed by the developers and testers and it only came to light when they notified the project! If they hadn't notified the Digital ID test team, they would most likely still be blissfully unaware of the breach!

But it is not just Digital ID that is insecure

The legal Aid Database has been compromised, leaking information relating to personal data about applicants for legal aid (both civil and criminal) and their legal representatives.

Another example has been Russian hackers stealing data from MoD sites and publishing the data on the dark web.

In all cases the data should be stored and accessible only on an encrypted network that cannot access the Internet, let alone be hackable, but time and time again we find out this is not the case, so if this is the level of security that can be so easily breached, what chance with our personal sensitive information when it is all linked into one repository?

The government, through various politicians and departments recently went on a social media campaign pushing for how your life will become so much more convenient if we have Digital ID, but as I asked in the title, is it worth having a little convenience when the price you end up paying could be so high?

If you feel as strongly as I do, I will leave you with this call to action, write to your MP and express your concern with the track record of poorly run IT systems, the fragility of the internet of late with service providers failing and the raft for security breaches suffered by government run projects.

You can write to your MP by visiting the website “Write to them” (click here) and follow the instructions

Are we putting too many eggs in a digital baskets?

Wed, 22 Oct 2025 00:00:00 +0000

On Monday 20th October, AWS US-EAST-1 suffered from issues which had a significant impact on a lot of online services.

AWS stands for Amazon Web Services, which is a cloud hosting platform owned and operated by Amazon, Jeff Bezos's massive online business empire. AWS provides cloud compute services to anyone that wants to buy them, they are used to host and operate various businesses which is why so many business websites, portals and online services suffered disruption when AWS US-EAST-1 suffered an outage.

This is a worry as these services are sold to businesses as having multilayer resilience, meaning they should not have any single points of failure, if a component should fail, it shouldn't knock out the entire service.

What happened with AWS and why did it have such a wide impact?

Monday's outage impacted more than a thousand businesses and millions of service users around the world and the most frustrating thing of all, it was down to something simple that should NOT have happened, it was a DNS (domain name service) error. This is not the first time this has happened and it won't be the last either.

DNS (domain name service) is how computers work out how to talk to each other and other services online. It allows a human to enter in something easy to understand like a website address (like our website www.thesilvercloudbusiness.com) and the DNS server tells your computer how to find the website or service by translating the name into an IP address so that the computer can then work out the route across the internet to connect to the site.

DNS service issues are usually down to one of two things, either a service failure, or human error. Both of which can cause catastrophic consequences and failures if this happens and unfortunately it is difficult to mitigate against these issues.

Now you may ask, and its a VERY sensible question:

"If it is something as simple as the DNS address being wrong, why can't they fix it quickly, why was the outage so long?"

Well, it is not that simple, we are still waiting to find out exactly what happened with AWS, but when Microsoft suffered from a DNS misconfiguration in one of their data centres in January 2023, and someone accidentally entered the wrong address in a DNS record on the server, it meant they had locked themselves out of the system because when they tried to reconnect to it, it would point them to the wrong address!

The other issue is that they were fighting DNS and how it works. DNS replicates itself to other DNS servers, so the incorrect address, once in the system, replicated with other servers, so not only were they locked out of their own system because it was reporting the wrong address, this information replicated around the world, impacting everyone trying to connect.

To fix the issue, they needed to work out what the issue was (remember they couldn't get into the system due to the wrong address making diagnosis harder), then they had to get someone who could physically access the DNS server to rectify the issue, then they had to wait whilst the updates replicated around the world to all the other DNS servers before things started to return to normal.

The above example hopefully explains why it takes a while for a simple issue to get resolved.

The next issue we are faced with is that unfortunately there are only three global cloud service providers:

Amazon Web Services
Microsoft Azure
Google Cloud

All of which are US companies, all of which have experienced significant service outages that have impacted millions and what this outage has highlighted once again is there are a lot of digital eggs in one of three baskets, making it harder and harder to mitigate incidents of these kinds.

So what can be done?

For larger organisations that went offline because of the AWS outage, it is unforgivable really. Not every service provider or company using AWS went down because they factored in their own resilience by spreading their services across multiple sites. If businesses had decided to build their own resilience into their service by using multiple sites then they would not have gone offline. Whilst it increases costs, it increases resilience, providing a better service to customers.

For businesses and organisations that consume cloud based services provided by others, such as cloud accounting services, or cloud based HR or stock order processing, the only real choice is to try to mitigate this risk as much as possible, and make sure that not all of your critical services are provided by businesses that are all working from the same cloud hosting provider with single site exposure.

For example, a lot of businesses couldn't access their email after the Microsoft outage of January 2023. However businesses that were using a mail security service such as Barracuda could still see inbound email sitting in Barracuda's service, waiting to be delivered to Microsoft, because their service was not using Microsoft Azure cloud services, so these businesses could still see inbound messages and react to them before the issue was fixed by Microsoft.

Another way to mitigate prolonged online service outages is to utilise data backup that is hosted away from your primary cloud provider and recover your data to a temporary work store so that your business or organisation can keep working.

It is easy enough to ask service providers if they use a cloud provider so you can map out where you data resides, and asking them about their service resilience and make sure it is spread across multiple regions, ensuring again that you are not putting all your digital eggs in one basket and you can access a copy of your data by restoring it elsewhere, should you need to if the outage is prolonged.

The long and the short of it is that we live in an online world, but this world is fragile, so it pays to ensure the services you subscribe to have geographic resilience and to spread the services you consume across different providers where possible.

If you would like help identifying where your cloud bases services are located, call us on 01722 411 999 and we can help you navigate the service layers making up your IT and work our where they reside and how resilient the services are.

Send A Visual Message In Outlook In Microsoft Windows

Wed, 15 Oct 2025 00:00:00 +0000

Have you ever had an email and you wanted to reply to something like a new logo but to mark it up and send back alterations but didn't know how without printing the email, hand writing on it and sending back either a scan or the physical copy.

Did you know that there is a way to annotate and send free form, hand drawn images in Microsoft Outlook Windows Edition?

Worry no more as here is how to do it in Outlook:

Open Outlook
Navigate to the email you wish to annotate or draw a reply in
Click on the Draw tab
From the menu, select Drawing Canvas and position the area you wish to draw or annotate in the email
Select one of the pens or annotation bubbles from the menu
Draw or annotate in the email
You can also
- Erase what you have done (by selecting the eraser icon)
- Change the thickness of the lines you are drawing
- Change the colour of the pen

If you have a touch screen computer, you can use stylus and free hand draw using the touch screen.

NOTE: as an added bonus, your email recipient can click on your drawing / sketch and download it as an image, allowing them to save it so they can edit the image or share it further. This means the image can be modified by both parties, back and forth until everyone is in agreement and happy with the end result.

What is an email signature manager and why does my organization need one?

Wed, 08 Oct 2025 00:00:00 +0000

Email clients like Outlook or Mac Mail can add an email signature so why would you want one for your business or organisation if you can use the email client? Here are a list of compelling reasons why you should:

An email signature manager allows you to control the email signatures used in the organisation, allowing for a uniform look to everyone's email signatures.
An email signature manager will apply the same email signature to outgoing emails regardless of which device is used, meaning emails sent from a mobile email client will get the same signature applied to the email as it would from a desktop client like Outlook, giving a uniform look to all outbound emails.
The organisation can control the signature, updating it regularly, with opening hours, seasonal messages, offers or up coming events, allowing for a centralised message applied to every email being sent from the organisation.
The email signature manager can build signatures based on information taken from the organisation's directory, so an email template can populate details like name, job title, phone number, email address, all taken from the organisation directory meaning that setting up a new user, once their details are in the organisation directory, will automatically create their email signature.
You can include graphics and logos in the email signature via the manager so that any changes in branding can be deployed across the organisation at the same time, making a rebrand launch seamless.
You can run different email signatures depending on users or groups, allowing a more custom look and feel, such as providing more information about a department such as department contact number or bespoke operating hours, or allowing part time users to have their active hours added to their email signature.
You can include URLs (web links) to allow users to click on a link or an image with a link embedded with it in your email signature to access various sites or services such as your organisation's website or social media links.

There are so many compelling reasons to have an email signature manager, it allows for centralised management of an organisations email looks and feel, so no more rogue email signatures, no more someone forgetting to update their email signature with updated details, no more old logo after a rebrand and every device that can send email, will get the correct signature added, even if you use a browser to access and use your organisation's emails.

If you would like more information about email signature managers and a demonstration, call us on 01722 411 999.

We use a signature manager ourselves for our email branding, so it is very easy to demonstrate how it works and show how easy it is to setup and use.

Why you should use unique passwords, they can help identify a data breach.

Wed, 01 Oct 2025 00:00:00 +0000

In our newsletter we have an article about the proposed Digital ID, the Brit Card, which is meant to be implemented some time in 2029.

The fundamental flaw with the Brit Card is that it will be a single repository for all the data the government will store about individuals in the country, but the biggest flaw will be that it won't be one source of data, it will be multiple threads, pulled together, with all of the inherent flaws and risks. Couple this with the government not exactly being a shining example of how to implement robust and functional IT systems, (it is why there is not a single NHS IT platform, but instead multiple, disjointed platforms that do not interoperate very well yet) and you start to get the picture. Then throw the Post Office Horizon IT project into the mix, that was flawed from the outset and even though they knew it was flawed, they chose to run with it rather than try to fix it and you get an understanding of how this could be a problem in the making.

Brit Card will initially only be about the right to work but it is no secret that the longer-term plan is to include all government gateway, medical information, all financial information, tying in your banking and spending, travel information, internet usage, in fact, pretty much everything about your life, all in one place. This creates a centralised gold mine of information about every individual in the country, and it will be a hacker’s paradise.

Putting all your eggs in one basket is never the best plan, whilst it is very convenient, if you drop the basket, you lose all the eggs, if it is a standard basket. This is why it is so important to understand that convenience of using a simple basket to carry all the eggs around should never trump security of being able to split them up into more secure containment.

And people already do this, for example, think of a bunch of keys. There are different keys on the bunch, one or two for the house, same for the office, the car, the locker at the gym, the back gate, the bike padlock, the safe key, all different, all unique keys for different and unique locks.

It would be really convenient to have a single key for every lock you use in your life, only needing to carry around that one key to unlock everything you access or operate, but if you lose that key, or worse, if someone were to copy it without you knowing, whoever has the key, ends up with full access to every single lock you use, granting them the same access to everything as the owner of the key. And if they got a copy of the key without you knowing, they have full access to everything you use without your knowledge, so you won't get the locks changed leaving them with full access.

This is why we have bunches of keys, not a single key. A bunch is harder to duplicate, a bunch is harder to work out which key opens which lock, it is a means of diverse security reducing risk, even with all the keys in one place.

This also translates into passwords and PINs. Security dictates that we should all have unique passwords and PINs for everything we access, but, and I am being generous here by calling it this, convenience (code for apathy or more brutally being lazy) typically means people use only one or two logins and passwords and more than likely the same PIN on all cards and phone alike.

Now is the time to start using unique passwords, if you don’t already, for every site and login that you use. The same goes with PINs, make sure you have unique PINs for everything.

Each password should be complex and unique, but a tip is to also include an identifier for the site it is used in so that if the site, business, or organisation gets hacked, and your information is leaked, the compromised information will expose which site leaked the information. A lot of the time, a data breach goes unnoticed by the organisation, often for a significant amount of time, in many cases months before the leak is identified.

If your details do end up exposed, at least you would know which site it was that leaked the data. It also means only one site is compromised, and you would not need to change the password on EVERY site it was used on as it is unique to the one site.

The one difficulty with this approach is to try to remember every password and login used across all sites you access, which is where a password vault becomes the best use option, with multi factor authentication enabled. A password vault is a single, secure, encrypted repository for all your passwords. Yes, it is putting all your eggs in one basket, but it is a secure basket with multiple layers of protection. It is protected by some or all the following:

Master username and strong password or passphrase
Multifactor Authentication – regularly changing code
Biometric layer
Encrypted database
Zero-Knowledge Architecture - data is encrypted on the local device using the master password or passphrase, and the decrypted data never leaves the device
Secure data transmission – the data is encrypted not just when stored but also during transmission between your device and the server, protecting it from interception

A password vault is protected by you at setup as you get to choose the encryption keys used meaning that no one else should be able to access the data, couple this with the layers of security means that someone would need to know multiple points of data (some changing every 30 seconds) making it nigh on impossible to crack the vault.

Password vaults can also be used in a business environment with compartmentalised vaults inside the vault. Some can be shared with other colleagues, meaning there is a shared, secure password repository for staff to access, securing company passwords.

If you would like more information about a password vault for either personal or business use, call us on 01722 411 999 to discuss all of the options available that would best suit you requirements.