How to Migrate from GoDaddy to Microsoft 365

Home » Microsoft

What Is Microsoft Copilot Analyst & Researcher? The AI Tools Transforming Excel, Word & Power BI

Home » Microsoft

What's inside?

The Full Product Portfolio: Discover each individual Copilot product, from Copilot Chat to Copilot Studio.
Prompt Guidance: Learn how to craft effective prompts to get better results.
Integration Guidance: Get step-by-step advice on securely implementing Copilot into your business.
A Day in the Life of a Copilot User: See how Copilot can save you time and streamline your workflow.

Download a copy

Home » Microsoft

Departmental Use Cases: Microsoft Copilot

In today’s fast-paced environment, different business departments will experience diverse challenges depending on their job requirements. Our eBook delves into how Copilot can revolutionise job roles across finance, sales, marketing, HR and customer success. Learn first hand how to boost productivity, save time and accelerate learning with real-life use cases.

What's inside?

Copilot's offering - Discover how Microsoft's AI can empower your business to maintain a competitive edge.
Copilot in action - Learn through use cases of how Copilot can elevate learning and increase productivity across various departments within your organisation.
Prompt guidance - Understand how to prompt Copilot to complete certain tasks and actions.

Download a copy

What the CrowdStrike Outage Teaches Us About the Cost of Downtime

Home » Microsoft

Written By

Keir Nolan

Publish Date

25/07/2024

Categories

Blogs Hot Topic

The recent CrowdStrike failure was indeed an unfortunate event, causing significant disruption across many organisations. However, it also provided a stark illustration of the potential consequences when critical systems are compromised. Unlike a cyber attack, this outage demonstrated how even non-malicious failures can have far-reaching impacts.

The Reality of Downtime

Downtime, regardless of its cause, can have devastating effects on a business. These range from loss of revenue and inaccessible data to diminished customer confidence and, ultimately, loss of business.

In the case of ransomware attacks, the impact can be even more severe, comparable to the dreaded “blue screen of death” experienced worldwide last week. While a blue screen may have straightforward solutions, ransomware attacks often leave organisations without viable workarounds. This leads to significant operational disruptions, data loss, and financial repercussions. Essentially, a ransomware attack is like a blue screen of death—for all the data in your business.

The CrowdStrike outage affected a vast number of users, highlighting the vulnerability of even the most robust systems. The incident underscored the critical need for businesses to have strong cybersecurity measures in place, not only to prevent attacks but also to ensure quick recovery from unforeseen failures.

“It won’t happen to us”

The financial impact of IT downtime is staggering. According to a report from MSN, companies are losing billions every year due to IT downtime. This loss is not just due to ransomware but also from unexpected system failures, like the one experienced by CrowdStrike. Despite these recurring issues, many organisations are not improving their ability to fix such problems promptly.

However, the facts show that the chance of downtime is increasing, with the ‘it’s not if, it’s when’ mantra commonplace amongst cyber security experts.

Small businesses are often the prime targets for malicious emails, with 1 in 323 being harmful. The average office worker receives 121 emails per day. (1)
One-third of small businesses with 50 or fewer employees rely on free, consumer-grade cybersecurity solutions. (2)

According to the Hiscox Cyber Insurance Readiness Report 2023:

Cyber attacks rose for the third year running – 53% of firms suffered a cyber attack of some sort up from 48% last year
One-in-eight attacked businesses suffered costs of £200,000 or more
In three years, the proportion of firms attacked with less than ten employees rose by more than half to 36%
One-in-five firms received a ransom demand but those paying fell from 66% to 63% – less than half of those that paid recovered all data (3)

These statistics emphasise the critical need for robust cybersecurity measures and quick incident response protocols.

This recent event has served as a wake-up call for businesses to reassess their IT strategies. It is crucial to invest in robust protective measures, proactive threat detection, and swift incident response protocols. Many organisations operate under the false assumption that “it won’t happen to us” until it does. The CrowdStrike outage is a powerful reminder that downtime can strike any business, at any time.

Who is Responsible?

It’s essential to have clear accountability within your organisation for managing cybersecurity risks. Typically, the IT Lead is responsible for the overarching cybersecurity strategy. However, every employee has a role to play in maintaining security protocols and reporting suspicious activities.

As Microsoft advises,

“In the event of an outage or disruption to the Service, you may temporarily not be able to retrieve Your Content. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

This highlights the importance of regular data backups and having a well-defined disaster recovery plan in place.

Lessons Learned and Moving Forward

The disruption experienced during the CrowdStrike failure serves as a sobering reminder of the critical need for robust protective measures. To mitigate the risks associated with IT downtime, businesses should consider the following steps:

Invest in Robust Cybersecurity Infrastructure: Ensuring that your systems are protected against both external threats and internal failures.
Implement Proactive Threat Detection: Continuously monitor for potential vulnerabilities and address them before they can cause harm.
Develop Swift Incident Response Protocols: Have a clear and practised plan for responding to IT incidents to minimise downtime and recovery time.
Cybersecurity Accountability: Clear accountability in managing cybersecurity risks is crucial, typically led by the IT Lead, but ensuring there is no single point of failure.

Conclusion

In conclusion, the CrowdStrike outage has provided valuable lessons on the cost of downtime. No one thinks it will happen to them—until it does. By learning from these experiences and taking proactive measures, businesses can better safeguard their operations and minimise the financial and operational impact of future disruptions.

As a Managed Service Provider (MSP), we are committed to providing and maintaining secure and resilient IT infrastructures. If ever there was a wake-up call required around the impact of downtime, last week provided a stark reminder. If you are interested in mitigating the risk of downtime, and want a no obligation discussion around email security, backup & disaster recovery, or security awareness and testing for staff, please fill in this form.

Stay Secure.

Best practices for handling Microsoft licensing when employees leave

Home » Microsoft

Written By

Keir Nolan

Publish Date

10/07/2024

Categories

Blogs Guides

Removing a former employee’s Microsoft account can be complex, and it might be challenging to determine the best approach. Should you wipe the account and set it up again? Or remove the license and then add another?

Employee turnover can make managing accounts a time-consuming task, especially with other responsibilities on your plate. To save time and focus on other IT priorities, consider outsourcing this process to Microsoft experts through a managed service. These professionals handle the secure management of your Microsoft tenant daily, ensuring your business’s data remains protected. But for the time being, below is a step-by-step guide to ensure you follow best practices, keeping your data safe and secure. While the process might seem lengthy, safeguarding your data should always be a priority.

These steps are based on Microsoft’s guidance and our own expertise.

1. Confirm Your Global Administrator Status

Ensure that you are a global administrator. Only global administrators have the necessary permissions to alter Microsoft 365 licenses and complete the following steps.

2. Block the Former Employee’s Access to Their Microsoft 365 Account

To ensure the former employee can no longer log in to their Microsoft 365 account, follow these steps to block their access:

Reset the Password to Force Sign-Out:

Go to the admin center.
Navigate to Users > Active users.
Select the box next to the former employee’s name.
Click ‘Reset password’.
Enter a new password or use an automatically generated one. Ensure you do not email this password to the former employee!
Click ‘Reset password’ and close the window.
Select the former employee’s name again, and under the Account tab, click ‘Sign out of all sessions’.

Alternatively, Block the User:

In the same Users > Active users page, instead of resetting the password, select ‘Block this user’.
Click ‘Block sign-in’ and save changes.

Blocking a Former Employee’s Access to Email

If your M365 subscription includes email, you need to block the former employee’s access to their email as well:

Sign in to the Exchange admin center.
Go to Recipients > Mailboxes.
Select the former employee’s mailbox.
Under Email apps & mobile devices, click ‘Manage email apps settings’.
Turn off the sliders for the following options and click ‘Save’:

Outlook desktop (MAPI)
Exchange web services
Mobile (Exchange ActiveSync)
IMAP
POP3
Outlook on the web

3. Preserve the Former Employee’s Mailbox Content

To ensure that the former employee’s mailbox content is saved for reference by new or current employees or for potential litigation, follow one of these options:

Option 1: Place a Litigation Hold or In-Place Hold on the Mailbox

Why Choose This Option?

Ideal if your Enterprise plan includes archiving and legal hold.
Necessary if litigation is a possibility.
Suitable if you have a technically strong IT department.

Steps:

Before deleting the user account, place a litigation hold or in-place hold on the mailbox.
After converting the mailbox to an “inactive mailbox”, administrators, compliance officers, or records managers can use In-Place eDiscovery tools in Exchange Online to access and search the contents.

💡Note: Inactive mailboxes cannot receive email and are not displayed in your organisation’s shared address book or other lists. For detailed instructions, refer to Manage inactive mailboxes in Exchange Online.

Option 2: Export Outlook Data to a .pst File

Why Choose This Option?

Simpler than placing a litigation hold.
Useful if you need to transfer data to another email account.

Steps:

Add the former employee’s email address to your Outlook on Desktop.
Export the data to a .pst file.
Import the .pst file to another email account as needed.

4. Wipe a Former Employee’s Mobile Device

(Skip this step if the employee did not use a company mobile device.)

Access the Exchange Admin Center by going to the Exchange admin center. Navigate to Recipients > Mailboxes.
Manage Mobile Devices: Select the former employee’s user account. Under Email apps & mobile devices, click on Manage mobile devices.
Wipe Company Data: On the Mobile Device Details page, under Mobile devices, select the appropriate mobile device. Click Wipe company data, and then select Block access.
Click Save to apply the changes.

5. Keep the Former Employee’s Email Address Active

It’s important to keep the former employee’s email address active to ensure that emails from customers or partners are directed to the person taking over their responsibilities.

💡 Note: If you’re setting up email forwarding or a shared mailbox, do not delete the former employee’s account. The account is necessary to anchor the email forwarding or shared mailbox.

Option 1: Convert the Mailbox to a Shared Mailbox

When you convert a user’s mailbox to a shared mailbox, all existing emails and calendar events are retained. This shared mailbox can then be accessed by multiple people, rather than just one.

Things to be aware of:

This option is cost-effective as you won’t need to pay for a license if the mailbox is smaller than 50 GB. If it exceeds 50 GB, you will need to assign a license.
All old emails will be available in the shared mailbox, which might take up considerable space.

Follow Microsoft’s guide: Convert a user mailbox to a shared mailbox – Microsoft 365 admin | Microsoft Learn.

Option 2: Forward the Former Employee’s Email to Another Employee

Go to the admin center and navigate to Users > Active users.
Select the name of the former employee, then select the Mail tab.
Under Email Forwarding, select Manage email forwarding.
Turn on Forward all email sent to this mailbox. In the Forwarding address box, type the email address of the current employee who will receive the emails.
Select Save.
Remember, do not delete the former employee’s account.

💡Note: Remember to cancel all meetings that the former employee had scheduled in their calendar.

6. Granting Another Employee Access

Access to OneDrive:

Sign in to the admin center as a global admin or SharePoint admin. If you receive a message indicating you don’t have permission to access the admin center, you lack the necessary administrator permissions in your organisation.
In the left pane, select Admin centers > SharePoint. (You might need to select Show all to see the list of admin centers.)
If the classic SharePoint admin center appears, select Open it now at the top of the page to access the SharePoint admin center.
In the left pane, select More features.
Under User profiles, select Open.
Under People, select Manage User Profiles.
Enter the former employee’s name and select Find.
Right-click the user and choose Manage site collection owners.
Add the new user to Site collection administrators and select OK.
The new user will now be able to access the former employee’s OneDrive using the OneDrive URL.

Access to Outlook:

To give another employee access to the email messages, calendar, tasks, and contacts of the former employee, import the information to the new employee’s Outlook inbox. Follow Microsoft’s step-by-step guide: Import email, contacts, and calendar from an Outlook .pst file – Microsoft Support.

7. Removing the Microsoft 365 License from a Former Employee

💡 Note: If your organisation uses Active Directory, delete and restore user accounts in your local AD service. You cannot delete or restore them directly in Microsoft 365.

When you remove a license, you can either reassign it to someone else or delete it to avoid paying for it until you hire a new employee. When a license is removed, the user’s old email, contacts, and calendar data are retained for 30 days before being permanently deleted, so it’s crucial to have M365 backup solutions in place.

Removing the License:

In the admin center, go to the Users > Active users page.
Select the name of the employee whose license you want to remove.
Select the Licenses and Apps tab.
Clear the check boxes for the license(s) you want to remove, then select Save changes.

Reducing the Number of Licenses:

In the admin center, go to the Billing > Your products page, and select the Products tab.
Select the subscription from which you want to remove licenses.
On the details page, select Remove licenses.
In the Remove licenses pane, under New quantity, enter the total number of licenses you want for this subscription in the Total licenses box. For example, if you have 25 licenses and want to remove one, enter 24.
Select Save.

Forwarding Calls: For information on forwarding calls within your organisation, refer to the guide on Calling policies in Microsoft Teams.

Managing Microsoft licensing when an employee leaves can be a complex and lengthy process. However, ensuring it is done correctly is crucial for the security of your business and the preservation of important data. Our Microsoft experts have extensive experience securely managing organisations’ tenants, allowing businesses to focus on innovation and other priorities instead of time-consuming administrative tasks.

Our managed service offers numerous benefits, including third-party patching, ongoing monitoring for suspicious activity, and monthly reports on your tenant’s activity. For a quick, informal chat about how we can help your business, call us on 0345 223 9000 or contact us.

Need help?

We can do your Microsoft licence admin for you!

Learn more

Home » Microsoft

5 things to look for when finding an IT provider

Discover the top 5 things to look for when engaging with IT providers and MSPs. Our guide delves into the essential core values that distinguish exceptional IT providers, helping you to avoid the feeling of being just ‘another transaction’. You’ll also find a comprehensive list on what to keep in mind when doing your research to ensure your IT provider prioritises your business needs and makes your IT journey as seamless as possible.

What's inside?

Discover the core values and initiatives that set top IT providers apart
Understand the key distinctions between a mere 'supplier' and a true IT partner
Learn what to watch out for when evaluating different IT providers, including hidden costs and the pitfalls of only recommending basic practices

Download our one-page guide

Home » Microsoft

6 costly data protection gaps in M365

While Microsoft 365 offers reliable application access, it lacks true backup and recovery capabilities. In fact, Microsoft recommends using third-party apps for data backups in their services agreement, which many businesses mistakenly believe Microsoft is responsible for. To learn about Microsoft’s backup weaknesses and how to address them, download our one-page guide, “6 costly data protection gaps in M365 and how to close them.”

What's inside?

Your responsibility as a user - Understand the stipulations set by Microsoft in their Service Agreement concerning your obligations for backups.
Data loss scenarios - Discover the limitations of Microsoft's partial backup and the circumstances that could lead to data loss for your business.
The hidden risks in M365's default data protection - Know the differences between Microsoft's Recycle Bin and Recoverable Items folder, as opposed to hard-deleted and irretrievable data.

Download our one-page guide

Strengthening Your IT Security with Automated Patch Management

Home » Microsoft

Written By

Juan Lyall

Publish Date

28/05/2024

Categories

Blogs

Keeping your business safe from cyber threats is a top priority in today’s digital landscape. One key aspect of this is ensuring your systems are regularly updated with the latest patches.

Cyber attackers often exploit vulnerabilities left unaddressed by outdated software, leading to potential financial losses and breaches for businesses. Addressing these vulnerabilities through regular patch management is crucial.

In a 2019 survey conducted by Ponemon Institute, 60% of breach victims said they were compromised due to known vulnerabilities they didn’t patch. In 2021, Microsoft found that more than half of known network vulnerabilities were due to missing patches, and a staggering 68% of organisations hit by ransomware lacked effective patch management. Clearly, patching is an absolute necessity for any business when it comes to their cyber security.

So, what exactly is patch management?

Patch management involves the timely deployment of updates by third-party applications to address evolving vulnerability gaps. This ensures that the software remains resilient against potential security breaches, mitigating the risk of exploitation by malicious actors.

By promptly applying updates as they become available, organisations can minimise their exposure to vulnerabilities, reducing the window of opportunity for a breach. Basically, you’re keeping your digital defences up-to-date to ward off potential attacks.

With technology advancing rapidly, cyber threats are becoming more sophisticated, especially with the rise of AI. Attackers can now exploit vulnerabilities faster than ever, meaning developers are having to constantly release patches where there may be a security gap.

And how do I ‘patch’ my devices?

While patching manually is possible, it can be time-consuming and prone to delays which is not ideal when it’s neck and neck between you and a potential cyber-attack. In fact, it is estimated it takes 28 days to patch once a high-risk vulnerability is detected on-premises.

On the other hand, automating patch updates streamlines the process, ensuring your systems stay protected without the risk of human error. Just remember to plan out these automatic patch updates so that you have the least amount of disruption for your business as possible. Not only does then mean less downtime for your business, but your IT team will have greater internal availability for other projects.

The solution to always being set to best practice

It may not always be possible with every application to just ‘automatically patch’. But if external management is the route you want to take, you could consider working with a managed service provider (MSP) to ensure seamless patch management.

Integrating patch management into your IT strategy is crucial for maintaining security best practices. Partnering with an MSP that offers automated patch management, along with device management and proactive monitoring, ensures your systems are always protected.

At Cobweb, we provide a comprehensive Microsoft managed service with third-party patch management for over 1500 applications. Our experts will handle the patching process, freeing you to focus on your core strengths and responsibilities. Learn more here about our managed services to keep your business secure and resilient.

Why patching is your biggest vulnerability

Thursday 13th June 2024 @ 3PM

Opting for Managed IT over in-house expansion

Home » Microsoft

Written By

Keir Nolan

Publish Date

13/05/2024

Categories

Blogs

The IT infrastructure within your organisation is crucial for its success in today’s digital era. Business expansion is heavily dependent on the effective utilisation of technology to make a significant impact and the companies that excel are those that employ technology most innovatively and have the time to manage it.

However, with the UK grappling with significant issues like the skills shortage and the rising cost of living, the ability for many businesses to invest in IT to the necessary extent for success is becoming increasingly challenging.

But what about opting for a service which offers the same efficiency, practicality, security and expertise of an in-house IT team? This is a managed IT service. It’s like having an IT manager 24/7, who never leaves or goes on holiday, is never sick and yet costs only a fraction of what it would to hire one.

So what are the benefits of Managed IT?

To remain competitive, your business must operate efficiently. A lack of efficiency can cause your entire operation to decelerate, preventing it from being well-equipped to handle the workload and challenges of a modern business environment.

Without an expensive IT department, maintaining efficiency is difficult. One IT technician or a small team may not suffice for all your requirements and they are often restricted to assisting just one or two individuals simultaneously, decelerating your operations and possibly resulting in greater downtime. Time is money after all!

Choosing a Managed IT Service resolves this issue at a minimal cost, providing on-demand access to a full team (which should possess strategic vendor relationships to expedite recovery times) without the need to enlarge your IT staff. Essentially, it grants access to IT specialists, enhanced security, and rapid resolution times, all while being more cost-effective than hiring and expanding your IT team.

How will a Managed Service help my IT budget?

For many businesses, budgeting for IT can be challenging due to the skills shortage, making it hard to find the right employee and agree on a wage that satisfies both the business and the individual’s needs.

Opting for a managed IT service, businesses only need to pay a pre-agreed service charge per term, gaining access to a team of experts and continuous support. This team can function as an extension of your existing IT department, liberating resources that can be redirected towards business growth.

Gain a competitive edge

Having access to IT expertise can provide your business with a competitive advantage. You will receive guidance on the latest technologies that can drive organisational change, enabling you to leverage tools like AI and business process automation (BPA) effectively.

The support of a knowledgeable team from a managed IT service provider ensures that you receive comprehensive assistance and can resolve issues swiftly, minimising operational downtime.

Choosing Managed IT enhances security and compliance

Much like security cameras monitoring your home 24/7, a Managed IT service will proactively monitor for any suspicious activity within your own digital environment, to mitigate malicious actors causing harm to your organisation’s data.

Protecting your business around the clock is a resource most businesses simply don’t have without using Managed IT services. Even if you employ an IT specialist to monitor your organisation’s security, there will be times when they are not available and need to go home. However, a Managed Service provides continuous 24/7 monitoring and ensures that new security patches and updates are applied promptly, so your business is never left exposed.

Managed IT service providers can also help you understand compliance regulations and provide advice to ensure you’re not violating these regulations. This helps to prevent noncompliance, which could lead to litigation consequences.

How Cobweb can help

We’ve seen why IT for businesses can be costly. A managed IT service removes this stress and gives you access to a team of experts who work in the background and can help whenever you need it.

Check out Cobweb’s award winning managed services! We’ll be able to work with you and guarantee that your organisation has everything it needs to grow, as well as take care of anything else that you may require.

We’re Your Team, Extended.

Find out more about our Award-Winning Managed Services

Learn more

How to Migrate from GoDaddy to Microsoft 365

Why Should You Leave GoDaddy’s Microsoft 365?

“Isn’t Microsoft 365 the same no matter where I get it?”