We announced last week that we have formed a partnership with Skipton Business Finance. We are really excited about this and how we can mutually serve recruitment businesses with the best resources and services possible. If you are not familiar with Skipton Business Finance, read on to find out more. 

Skipton Business Finance - what we do

Skipton Business Finance (SBF) provides businesses with working capital through flexible Invoice Finance solutions, including Invoice Factoring, Invoice Discounting, LedgerLite, Headroom Facilities and our interest-free Skipton Select solution. With over 20 years’ experience, we have a business finance solution to suit any type of business, offering speed of delivery and unrivalled flexibility. With multiple locations throughout the UK, this also enables us to form even closer relationships with our clients and introducers. 

We can provide working capital to a business by advancing funds varying from £50,000 up to £15m. A healthy cashflow is vital to any business and our funding solutions allow you access to working capital when an invoice is issued to your customer. The solutions we provide can be used on a confidential or disclosed, light touch or credit managed basis, but what we're really proud of at SBF is that each and every solution we structure is tailored to every single business we partner with.

A personal service

With nearly 900 active clients, we are incredibly proud of our 98% customer satisfaction rate (carried out most recently in Dec ’22).  It’s our belief that we achieve this through;

A Flexible Approach to Funding – Unlike other financial institutions, we don’t base decisions on balance sheet multiples or historic financial performance alone. Our one goal is to create a solution to grow with your business - meaning you don’t have to keep going back to your funding partner, ask for increased funding, that we know can take too long.

Dedicated Account Manager – No getting passed from one department to another every time you need to speak to someone. You will speak to a dedicated account manager who knows you and your business inside out and will be able to facilitate rapid decisions to ensure you have the correct level of funding at all times.

Direct Access – We understand that running a business is time consuming and you don’t have time to be held up in call centre queues, repeating the same security questions over and over. When you call us, you get through to your Account Team – it’s that simple.

Simple Process – Every office completes their own commercial underwriting, so you’re not waiting for cross-department admin and your financial solution is processed smoothly.

Our People-Orientated Approach – Businesses often choose to stay with us for their financial needs, as and when their demands change. This is because we put you first and take the time to really understand your business’s needs.

A Building Society ethos

As part of Skipton Building Society, we share a unified ethos for client care and high-quality service. Independent from the UK clearing banks, Skipton Business Finance has the dual benefits of being part of a highly successful and long-established financial institution in Skipton Building Society, whilst retaining all the benefits of an independent. We have no expensive shareholder dividends to pay, therefore we are very much focused on understanding our clients’ business needs and assisting in creating wealth and jobs in business.. 

If you’d like to find out more about our Invoice Finance solutions and how we could help your business, please get in touch at info@skiptonbf.co.uk or visit our website.

Written by Rachel Allen, Marketing for Evertime by EdenGroup

As the UK enters its second month of a complete lockdown, many organisations are starting to think about the steps they can take now to get their recruitment agency in best shape for when the country returns to ‘normal’ (whatever that will look like).

The Recruitment and Employment Confederation has been a valuable source of information for Evertime and having listened to their Talking Recruitment webinar today (29.4.2020) we were very impressed at the amount of work they have been doing to support recruitment agencies during the Coronavirus crisis.

Neil Carberry, the chief executive of the REC, and his colleagues are liaising directly with the team at No 10 and the Treasury on a daily basis and they have been resolute in their need to have very clear guidance for their members. Although schemes have been put in place to get cash out to businesses who need it as quickly as possible, the guidance needs to be in place so that recruitment agencies aren’t audited in 3-4 years by the Treasury and required to pay back large sums of money. The REC has done a great deal of lobbying to the government about the recruitment sector’s needs and they feel that the understanding of the recruitment sector by the government is at the highest level ever.

The REC asked for four things to help the recruitment sector to get back on its feet:

1. Focus on cashflow

2. Fund Statutory Sick Pay for Workers

3. Help recruiters to help critical sectors

4. Help people to find work quickly and safely

The REC talks about the fact that we are now in a government-enforced recession, which has been created for valid public health reasons. For that reason, they have been very supportive of the government’s decision to delay IR35 until 2021, but they predict that chancellor Rishi Sunak will want to review how the self-employed are taxed, especially given the comments he has made about the support available for directors of limited companies.

We don’t want to publish information or guidance on the Evertime blog because the situation evolves and changes on a daily basis, however, would urge you to look at the official sources. You might want to head over to the REC website to find out more about:

· Temporary measures put in place around DBS checks, Right to Work and face to face interviews

· Business rate exemption for employment agencies (not initially included)

· Gangmasters and Labour Abuse Authority granting temporary licensing

· Clarity on JRS functions for agencies

The REC team spoke on the webinar about the various options available to help businesses including:

· Deferral of VAT payments until 30 June

· Guidance around Statutory Sick Pay

· Job Retention Scheme (Furlough)

· Coronavirus Business Interruption Loan Scheme. There are 40 providers available and the REC suggests you visit the British Business Bank website for more advice. There are different types of loans available, so it’s worth doing research about the options that are available.

· British Business bank also has a section on their website for large businesses. The REC guidance suggests that if you have applied for help before, but were turned down, it’s worth trying again because some people have been successful when applying a second time.

· There is an option to apply for more than one of the schemes available. You will obviously need to be certain that you qualify (which is why the REC has been calling for clear guidance).

· Coronavirus Bounce Back loans are available so that SMEs can borrow up to £50,000.

· If you are exempt for paying small business rates, you can apply for a grant via your local authority.

· Covid Corporate Financing Facility (CCFF) is also available.

The advice is being updated regularly as the situation evolves, and the REC’s view is that the government will apply monthly extensions to the various schemes, so it is worth keeping up to date with the help that is available.

We would highly recommend tuning in to these webinars, especially as it was accessible to non-REC members as well. The next Talking Recruitment webinar is on 19 June and you can book future webinars here. If you want a copy of the slides, please email bstanding@edenoutsource.co.uk and we can get a copy sent over for you.

Evertime is the game-changing, brilliant Pay & Bill SaaS solution with brilliant timesheet management capabilities that will power your business growth. 

Evertime unleashes the full potential of your business to rapidly accelerate revenue growth without having to upscale your back office whatsoever. 

The most complete, compliant, end-to-end contractor Pay & Bill solution available, Evertime harnesses the power of the cloud to transform your entire back office activities.

Visit Evertime’s partner page to view their exclusive Recruitment FDs' member offer

David Earl, Business Development Manager of Cambridge Global Payments highlights the challenges of working across currencies.

It is becoming more and more frequent for UK based recruiters to expand into global markets. Here at Cambridge, we have spoken to a number of businesses who face challenges when it comes to Foreign Exchange and highlighted some considerations to make when venturing overseas.

To begin with, the challenge. Let us say you invoice a customer $200,000 with 90 day payment terms.

On day one, you use the market rate of 1.2500 to work out your equivalent revenue in GBP.

$200,000 @ 1.2500 = £160,000

However, by day 90, when they pay, the rate of exchange has moved to 1.3000.

$200,000 @ 1.3000 = £153,846.15

Revenue depreciation : £6,153.85

How can this be managed better? Here are four points for to consider when you address expanding into global markets.

1. Accept payment into the correct currency account

Even in this day and age, it is still common for businesses to accept a foreign currency into their GBP account. The charges applied to this can be substantial, commonly at 3-4 per cent by the Bank. When our clients move into new international markets, Cambridge have over 30 currency accounts which they can utilise when accepting foreign currency revenue. At that stage the business has the control of the conversion, generating a substantial cost saving and allows you to convert the funds as and when it suits you best.

2. Check how broad your provider’s FX product portfolio is

Check what type of FX products they offer. Having access to a broad portfolio of FX solutions may be important if you want to develop a robust hedging strategy. If your needs are fairly simple, you may only need access to spot transactions. However, if you are a larger business with more exposure to currency, a range of products could be important.

3. Keep focus on the FX losses on your balance sheet at the end of the year

The foreign exchange (FX) market can be volatile and some days you may see market move by one per cent or more. If you begin to pay a supplier or receive from a customer the foreign currency equivalent of £100,000, a one per cent move in the market would make a £1,000 difference to the cost or sale. Most businesses don’t have the time or resource to monitor the currency market regularly or the knowledge to protect themselves against market volatility. There are a number of currency market specialists that you can speak to for help. There is also a range of products that allow you to fix the FX rate including forward contracts and structured products.

4. Consider having a look into your provider’s international payment capabilities

Not all FX specialists offer the ability to send third party payments. If you need this option, it may make sense to work with a provider who can facilitate currency exchange and send funds on your behalf. Not all providers can send funds to all destinations in all currencies. If your business makes payments to exotic destinations in emerging market currencies, check that your provider can do this. Some providers will have specialists with expertise in exotic currencies.

Working in foreign currencies can be complicated and without special care can lead to losses as the currency markets shift. Taking advantage of dedicated services in this area can mitigate these risks and make any foreign expansion worth so much more.

Cambridge Global Payments is a leading provider of integrated cross-border payment services and currency risk management solutions. As a trusted partner for over 25 years, Cambridge delivers innovative solutions designed to mitigate foreign exchange exposure and address unique business needs.

Visit Cambridge Global Payments’ partner page to view their exclusive Recruitment FDs' member offer

The past month has been a rollercoaster of change in light of the COVID-19 pandemic. One of the most prominent transitions is that of working from home instead of in the office. The UK has adapted to remote working well, given the circumstances; many able businesses have introduced new remote processes and employees have established new ways of co-working. Adoption of remote working solutions is through the roof; Microsoft saw a 25% increase in Microsoft Teams usage in the first week of lockdown, and meeting minutes hit 2.1 billion in a single day on the 31st March.

Millions of people have also started to take advantage of remote working to improve their wellbeing; taking family walks during their lunch hour, making healthier meals and finding innovative ways to exercise... everyone is talking about Joe Wicks!

It seems that remote working, and the flexible benefits that come with it, is being embraced as the ··new normal". But the big question is, will things ever go back to the "old normal?" Or will normal mean something different when the COVID-19 pandemic is over?

Indeed, it looks like mass remote working is, in some capacity, here to stay. Consulting firm Global Workplace Analytics' president Kate Lister predicts that within the next few years around 30% of people will be working from home a few days a week. Quoted by vox.com, she added that there has been demand by employees for greater work-life flexibility and now employers have had a chance to see the light.

Remote working offers huge benefits to both companies and employees; reduced overheads and office rental costs, no office commute, a flexible schedule, and a more personalised work environment - to name a few. It's likely that the use of hot-desk spaces and huddle rooms will increase, enabling employees to collaborate in person only when they really need to. Flexible working options like this offer opportunities for increased productivity, backed up by a poll (The Independent ) last year surveying employees who had flexibility in working time and location.

Despite the clear benefits of remote working, there are major downsides. Less people in the office means vacant infrastructure that would need to be repurposed. And, the physical proximity that co-workers gain in the office just can't be matched virtually; physical interaction within a designated space can create a sense of team and community that many businesses might struggle to maintain at a distance.

Whether you are for or against remote working long term, the world has changed in light of the COVID-19 crisis. When the storm passes, “normal” won't be the same as we knew it; even if the change is only in perspective on how to improve office spaces and work more flexibly.

Next steps

If you'd like more information about how SynergyGroup can help you to future-proof your business, or any of the other solutions we offer, you can contact any of the SynergyGroup team on 0800 915 6666 or email myteam@synergygrp.co.uk

Visit the Synergy Group partner page to view their exclusive Recruitment FDs' member offer

Written by Francis West, Westtek Solutions

While most working from home tips are concerned with how you work, we often overlook where we’re working. However, our work environment is a key factor in how much we can get done in a day.

Some things to think about include:

· What sort of lighting is best?

· How about temperature and air quality?

· What chair and desk should we use?

· Should we listen to music or work in silence?

· What about office pets?

AND

· What online security do we need?

Tip 1: Get rid of the clutter (both physical and digital)

If you can’t see the surface of your desk (or your computer desktop) it’s probably going to be difficult to work.

According to neuroscientists at Princeton University, physical clutter in your surroundings compete for your attention. This can lead to decreased performance and increased stress.

To clean up your workspace start with these suggestions:

· Become selective about what you accumulate. Ask yourself: Will this really add value?

· Clear out any digital tool that doesn’t bring you high value. Delete everything and only add back valuable ones.

· Conduct a monthly review of your space: Set time aside to clean, sort, and discard your physical and digital clutter.

Tip 2: Design your work environment for willpower

Our brains are lazy, and the choices we make often come down to a matter of convenience. This means that whatever is nearest to you—your phone, social media, TV—will be harder to block out.

You’ll be less likely to do things you don’t want to if you make them less convenient. This could be as simple as putting your TV remote in a drawer when you’re working. Or keeping snacks in the kitchen.

Tip 3: Music vs. silence in your work environment

Research shows that silence is the best option for an optimal work environment. But noise doesn’t have to be a deal breaker. Either find a place with a suitable level of volume, or pick the right music for the right task.

Tip 4: Should pets be in the office?

There are 2 sides to the argument

The good:

· Pets can reduce our stress

The bad:

· Pets can of course be another form of distraction either through unwanted noise, smell, or wanting your attention

In the end, having pets in your work environment comes down to personal preference and the people you work with.

Tip 5: Bring a bit of nature into your work environment

Adding more natural light is one of the quickest ways to improve your work environment.

Along with light, fresh air can also have a direct positive impact.

The final natural element you’ll want to be sure to include is nature itself. Surrounding yourself with plants can help alleviate mental fatigue.

To be more productive, try to bring all three into your work environment: Light, fresh air, and nature.

Tip 6: Look for quality office furniture

Although the thought of working on the couch or on your bed may sound attractive, your back and neck won’t thank you for this. Depending on the amount of space available, consider purchasing a large desk, bookshelves, and a comfortable office chair.

You don’t have to go top of the line but remember, the point is that you will be working in this space every day. So it needs to be comfortable and functional.

Tip 7: Stay Vigilant Against Security Threats

Just because you’re not in the office doesn’t mean you’re not a target for hackers. Your work machine is incredibly valuable for thieves and criminals, so take care to work securely.

Be aware of your company’s network policies such as the use of Wi-Fi, personal devices, and more. Ask if you are not sure.

Be alert for any documents or links sent to your inbox. Don’t click something that looks strange or suspicious.

Use a business-grade Virtual Private Network (VPN) for encryption.

Close your room’s door to avoid disclosing sensitive information to family members or visitors. Children especially hear and repeat everything.

Working from home can be a pleasant and enjoyable experience if you think things through and plan properly. Contact Francis.W@westtek.co.uk if you have any questions about cybersecurity or working from home for friendly expert advice.

Visit the Westtek partner page to view their exclusive Recruitment FDs' member offer 

Do you know which way to turn during the COVID-19 lockdown or if your staff are told to self-isolate?

Staff are unable to work from home effectively if everything they need if office based.

The effect on your business could be catastrophic.

You need to have a plan of action!

Ø  Having accessibility tools helps in creating an all-inclusive workplace for users with vision, hearing, mobility and mental health difficulties. These tools are pertinent in the context of the COVID-19 outbreak too.

Ø  We must create a solution for those in isolation to continue to work seamlessly.

Ø  We also need a solution in the event that the office is on lockdown

Ø  We must enable collaboration and productive working to continue

Collaboration tools such as Microsoft Teams will bring your business through these challenging times. You may well have the Microsoft Teams license as part of your current licensing package.

 Microsoft Office 365 is a cloud-based service that combines the familiar Office desktop suite with Microsoft’s next-generation communications and collaboration software to help organisations meet their needs for productivity, mobility, and security. With a top-of-the-line set of productivity tools, it offers the complete Office experience with services integration for your PC, Mac, and mobile devices, so users can be productive from virtually anywhere. Microsoft Office delivers the power of cloud productivity to businesses of all sizes, helping save time, money, and free up valued resources.

We can help you to set this up as pain free as possible.

If you need assistance in getting your workplace ready, please get in touch and we will book you a slot with one of our engineers to show you how.

You can contact us on:

0800 915 6666 or myteam@synergygrp.co.uk

Visit the Synergy Group partner page to view their exclusive Recruitment FDs' member offer 

Written by Darryl Hood, Head of UK Options Dealing and Sales, Cambridge Global Payments

If your company is weighing up the pros and cons of foreign exchange hedging, take a look at our five-point checklist…

Q1 - What do I hope to achieve from my currency hedging strategy?

As with any strategy you need to have a clearly defined goal. To a certain extent, your goal will help you determine whether to hedge and which may be the most suitable foreign exchange (FX) hedging products to meet your needs.

As the currency market has been volatile in recent times, your goal may simply be to protect your business from foreign exchange losses. Adverse currency market movements can have a direct impact on your company’s profitability. In this scenario you might consider using a foreign exchange forward contract. This allows you to fix the FX rate for a set time period.

Q2 - What impact would a 10% move in the FX market have on my business?

You may think a 10% currency market move is unlikely but, given the current political and economic environment, we cannot rule it out. Put your foreign currency exposure in the context of your profit margins. If you’re an importer or exporter with a profit margin of 10% or less then a swing of this degree could wipe out your profit and may result in you making a loss.

Also consider if you’re in a very price competitive commoditised industry. A couple of percent variation in your price due to a 10% move in the currency market may result in competitors taking business from you. In this situation foreign currency hedging may be a good option. It allows you to fix the exchange rate for a set time period and accurately forecast your profitability on future sales over this period.

If you have a much larger profit margin than 10%, you may think you can absorb the losses if the market moves against you and enjoy the gains when the market moves for you. However, even in this situation you may decide to hedge 50% of your exposure when the market is favourable. You then know you have a fixed rate on a share of your currency exposure for times when the market is against you.

Q3 - How easily and quickly can you re-adjust pricing with customers or suppliers?

If your business prices each piece of work individually and the time between quotation and acceptance is relatively short, you’re probably less sensitive to currency market movements. In this scenario you may decide to adjust your pricing according to the FX rate when you provide a new quote to customers.

If, however, your pricing is only updated once or twice a year (in a catalogue, for example) you’re more at risk from currency market movements. Many retailers and travel companies fall into this category. If you are an importer or exporter in this situation you may choose to fix the FX rate for the catalogue period in order to protect yourself from any adverse currency market movements.

Q4 - Can I accurately forecast business currency requirements?

Is it possible to accurately forecast how much currency you’re going to need to buy or sell over the next one, three, six or twelve months? If you’re a well-established business this is much easier as you have historical data to help forecast future requirements.

You may find forecasting more challenging if you:

• are a new business

• have just started working with a new overseas distributor

• have a new product or service and don’t know how well it will sell

Most forward contracts and structured products require you to commit to an agreed sum of currency over a set time period. Therefore, should there be a significant drop in your currency requirement, you are still committed to the contracted amount of currency. Whilst you may be able to sell the contract back to the market, if the contract has devalued you may be liable for any losses.

If there is a level of uncertainty over your requirements you can still protect yourself using foreign exchange hedging products but you may choose to only hedge 50% of your requirements and use the daily currency rate (spot market) for anything else you need. In this way you limit the potential downside if the FX rate moves against you and won’t leave yourself over-committed should your situation change.

Q5 - Do I have cashflow that can support my currency hedging requirements?

If your business is tight on cashflow, you may need to think about the following:

•  Can I afford to pay a deposit of 5% of the total currency hedged up front?

Some providers may ask you for an upfront deposit to secure the currency contract, which is returned once the contract has matured. This gives the provider security should you default.

• Can I afford to make further deposit payments if the currency market moves more than 5% against the contract?

If the market devalues the contract by more than 5%, some providers may ask for an additional deposit payment, which could be another 5% of the value of the contract. This is often known as a “margin call”.

•  Will I have the funds available when the contract matures to cover the contract?

On maturity you may be obliged to pay the remaining balance of the contract. Therefore, you need to make sure you have the funds available to settle with your provider.

If you answered “no” to any of these questions you may not have the available cashflow to hedge at this time.

It can be difficult to assess whether your business is ready to hedge currency, and what products may be suitable. These questions are a good starting point, but if you’d like to discuss foreign currency hedging with one of our experts, please fill out this form and we’ll be in touch.

For more hints and tips on international payments, download our white paper today.

Cambridge Global Payments, a FLEETCOR company, is a leading provider of integrated cross-border payment services and currency risk management solutions. As a trusted partner for over 25 years, Cambridge delivers innovative solutions designed to mitigate foreign exchange exposure and address unique business needs.

Visit Cambridge Global Payments’ partner page to view their exclusive Recruitment FDs' member offer

Clients, candidates, closing deals. We hear it all the time. It's the background chorus to life in a recruitment company. While sales bring in vital revenue, running a successful business requires more. So we're taking a break from usual broadcasting, to focus on a specific position: the finance director.

Welcome to Paul Glynn, founder of Aristar Financial Consulting & Aspiring FDs. Aristar provides an outsourced finance function to a portfolio of SME recruiters with a cumulative turnover of c£120m. He also runs Aspiring FDs, a 6-month development programme for heads of finance in recruitment businesses. Having worked in high-growth recruitment businesses gives Paul unique insights into the role. Here we go:

OneUp Sales: What would you say are the most common challenges for finance directors in recruitment companies?

Paul Glynn: Finance directors need to bridge the gap between sales and finance. It's an age-old issue: sales teams concentrate on closing deals and building relationships. Finance teams ensure a proactive & timely flow of intuitive reporting to the business whilst ensuring everything behind the scenes runs smoothly.

Incomplete or inadequate data from sales teams can make this a constant challenge. And it doesn't make managing cashflow any easier.

OneUp: The data problem is something we hear about all the time. And the truth is, there is so much CRM systems can do to help - if they're used well.

PG: One of my biggest challenges as an FD was trying to embed KPIs. "Those KPIs are wrong as I don't use the CRM!" was something I heard often. Incentivising sales teams to submit accurate data is a good first step.

OneUp: No CRM equals no data, right? How would you deal with this now?

PG: The most successful sales teams I have worked with are the ones enjoying work. For me, OneUp enhances the sales culture by creating competition and fun on the sales floor. From an FD perspective, it drives consultants to use the CRM through gamification. The beautiful by-product is that we suddenly have great data to work from.

OneUp: That's right. We're on a mission to bring fun to the workplace. OneUp links KPIs to sales competitions, head-to-head games and collaborative team missions. Actions only count as completed once the CRM is up-to-date. In the heat of the battle, submitting your data becomes second nature.

More data should mean more visibility for Finance Directors. What do you think?

PG: Absolutely, the platform highlights trends in activity to show areas of downtime. You can pinpoint inefficiencies in the sales process and target them with training. Early stage activity can be used to forecast revenue more effectively. If there are early indications of poor billings, they can be addressed in real-time. It also allows us to help consultants who are underperforming in the short-term by highlighting to them where their activity has changed from when they were performing well – to me that is invaluable!

OneUp: That's great to hear. We've recently redesigned our dashboard to give even greater clarity. The system also features an analytics toolkit. Configure your own beautiful reports with a few clicks. Easily export your data to share it at any time.

Thank you to Paul for sharing his insights with us.

Do these challenges sound familiar? Our "blank canvas" development approach means we can track any metric in any environment.

Check out our testimonials and book your demo now.

OneUp Sales are all about building successful sales floors through data. Their recruitment analysis and gamification platform helps you to finally get rid of those creaky old whiteboards (not that you needed much nudging!) and spreadsheets, replacing them with a vibrant, real-time dashboard and management suite, drawing data from your CRM/VOIP systems; all projecting to sales TVs around the office.

Visit the OneUp Sales partner page to view their exclusive Recruitment FDs' member offer 

SynergyGroup support your company’s IT, telecoms, security and 3rd party application requirements. They offer a menu of managed solutions; designed to suit you, your scale, complexity, operating hours, commercial risks and your internal capability. They work with you to advise which managed service level is the most appropriate to support your organisational goals and which products and services your business will benefit from. SynergyGroup understand that their clients value straightforward, easy to understand advice; alongside practical support to maintain their immediate business operations and enable their future plans.

Of course IT encompasses a lot of jargon that you may not know how to navigate. The following article, written by Chris Brunau, explains more about ransomware and how easily we can all fall victim to this.

Ransom malware, more commonly known as ransomware, is software designed to block users from accessing their computer system or personal files. While some types of ransomware can be easy to reverse, more advanced attacks will encrypt the victim’s files, making the data inaccessible without a decryption key. These advanced attacks are called cryptoviral extortion, which means the files will remain encrypted until the victim pays a ransom. Modern attacks often require victims to pay the ransom via cryptocurrency.

Who Does Ransomware Target?

Unlike kidnappings in the physical world, ransomware attacks are rarely directed to a specific user with deep pockets. Rather, they use a shotgun approach of trying many targets in the hopes that a small percentage are hit and charge a ransom that is not exorbitant to a single victim (yet totals prove quite profitable). They do, however, tend to target industries that are overtly vulnerable like higher education, healthcare, government, and law firms.

How Does Ransomware Gain Access?

In many cases, like the well-known Petya, WannaCry, or Locky, the malware enters by means of a phishing scam.

For example, a person inside a company receives an email from a job applicant with a file attached. The file’s name is some variant of “resume,” often with “pdf” within the filename, but it is actually an executable file. When the recipients of the email click the file, they must agree to the Windows User Account Control warning. For those who allow the control, the infection begins.

What Does Ransomware Do to Systems?

Different variants of ransomware, like CryptoWall or TeslaCrypt, work a little differently, but in general terms, Petya has been coined “the next step in ransomware evolution” due to its three-stage functionality.

Petya doesn’t encrypt specific files, unlike some ransomware. Instead, it overwrites the master boot record to encrypt the master file table. So while the files themselves aren’t harmed, the system doesn’t know how to find the files.

There is an in-depth resource about how different ransomware strains act by the Infosec Institute, but the general methodology is that they encrypt files or systems and then prompt the user to pay a ransom in order to decrypt.

Why Do Hackers Use Ransomware?

Ransomware is code that is relatively unsophisticated, so it isn’t hard to come by and generates huge returns. Statistically, a business falls victim to some form of ransomware every 14 seconds and in 2019, ransomware is expected to cost $11.5 billion. Most of the ransoms that are paid through an untraceable cryptocurrency.

“Ransomware is a game changer in the world of cybercrime,” says Marc Goodman, author of the New York Times best-selling book Future Crimes, founder of the Future Crimes Institute and the Chair for Policy, Law and Ethics at Silicon Valley’s Singularity University. “It allows criminals to fully automate their attacks. Automation of crime is driving exponential growth in both the pain felt by businesses and individuals around the world, as well as in the profits of international organized crime syndicates.”

Bottom Line: A Good Defense Is the Best Offense

Law enforcement suggests never to pay ransomware perpetrators as to not encourage them. TrendMicro’s research found that business people agree in principle: 66 percent said they would never pay a ransom. The same research, however, also found that when push comes to shove, 65 percent of companies attacked by ransomware actually do pay the ransom.

Experts agree that the best way to fight ransomware is by protecting your files and systems and preventing the ransomware from claiming your company as its victim. This is done with a multilayered approach:

• Use a good quality antivirus program, and patch and update operating systems regularly

• Educate your users about ransomware and how to detect phishing and social engineering schemes

• Back up files often -- and automatically. While the backup does not prevent infiltration, it does give you an out -- instead of paying the ransom, you can restore to your pre-attack status

Although ransomware attacks are continuing to increase, they can definitely be avoided with adequate protection. 

SynergyGroup advise clients on key support areas such as, enhancing the security of their 365 applications, how to provide instant retrieval of documents and emails (even those ‘’Permanently Deleted’’). BCDR in the event of data loss or hacking, agile and secure back-up solutions for laptop, and Early Warning systems that protect the business from malicious or accidental user behaviour. Alongside their internal / external threat audits and achieving Cyber Essentials accreditation for clients – SynergyGroup offer a wide range of solutions to a client’s Cybersecurity concerns.

 Visit SynergyGroup’s partner page to view their exclusive Recruitment FDs' member offer

Written by Andy Hinxman, Keybridge IT Solutions

In these modern times, data breaches are still a very real and tangible threat. For some, simply not paying back up costs or employing security measures may seem like a cost saving, but you will not realise its value once you experience data loss and breaches. 

So how can you avoid data loss and breaches?

There are two types of ways you can lose data or face a breach, deliberate and non-deliberate.

Deliberate attempts to breach data or data loss typically come from cyber criminals or disgruntled employees. Make sure you take every measure to prevent criminals from accessing your network, including permission maintenance, password security and restricting access.

• Have a firewall which can restrict user access outside your network and control traffic both inside and outside your network. It is a simple measure to take to mitigate against cyber criminals.

• Permissions and accessibility are key in maintaining security and preventing data loss and breaches. If an employee is always on the move, take additional measures to restrict data access or easily terminate access should the device be lost or stolen. Likewise, if an employee leaves (whether on good or bad terms), be sure to change ALL passwords and ensure they are secure.  A good example here is those utilising systems such as Microsoft 365; access can be blocked instantly and devices partially wiped If necessary.

• Passwords. We have said it before, but make them complicated and difficult to guess. The name of your loved one, favourite pet or favourite film are not good passwords, and things which make it easier for us, make it easier for the criminal as well. Something like Typsd5sd!gz$1 would be more secure than Mylovedonesname1. The more difficult it is to remember, the better to protect your network, and over time you will memorise your complicated passwords.  With the ability to have your phone and computer store your password whilst at the same time leveraging the security of Multi factor authentication (which is a must in our book), having to remember the passwords are not as necessary as they once were.

• Continue to train and educate your staff about cyber security, you may think they already know it, but always keep them up to date. Simply telling staff to not open attachments like ZIP files from people they do not know goes a long way to mitigating against cybercrime and data breaches. 

• Be vigilant and exercise caution! Be aware of spoofing and spear phishing which is when emails look as though they came from a senior member of staff, or in a response to an email chain, asking for money or to click on a dodgy link, like tracking information or to download an invoice. They can look fairly convincing, so can pass through spam filters, but do not come from the email user, rather from a similar email address. These are all rubbish and you should ignore them. If anyone ever asks for money, double and triple check with your Director before doing anything.

 Non-deliberate data loss or breaches can arise from hardware failures or lack of software, such as anti-virus and web protection. Hardware can fail, and so measures need to be taken to ensure that should they fail, your downtime is limited. Likewise, software needs to be kept up to date in order to protect terminals and alert to any failures.

• Always have up-to-date anti-virus to prevent against Trojans or other malicious software on your terminals. Always run scans and keep it up to date against the latest threats, which are increasingly evolving and becoming more convincing. Web protection offers an extra layer of security to your terminals, which can block certain websites or malicious websites (such as dodgy links in emails).

• Back up PCs and Servers with remote/ cloud back up out of the site. This is to ensure that any damage to the server/ PC does not implicate as well the backup HDD, tape or external backup. Backup regularly and ensuring it is actually backing up. Keybridge IT can supply secure remote backup, which, is monitored and maintained daily.

• Keep computers and servers in safe environments where they cannot be easily knocked over, gather dust or overheat. A gentle nudge can dislodge the hard drive or memory, which can cause further damage or data loss. Likewise, overheating can cause numerous issues for hardware and again can cause data loss and need for replacement, costing you more.   

• As mentioned above, ensure devices owned by employees are secure and protected, and if they leave the company or lose the device, you can lock down data easily. Microsoft Enterprise Mobility Suite is a software tool to accomplish this.

Keybridge IT  provide fully managed IT support services, which do encompass Anti-Virus, Web Protection and monitoring software to mitigate against cyber security threats, all for an affordable monthly cost.

Visit Keybridge’s partner page to view their exclusive Recruitment FDs' member offer

Written by Lauren Miller, Kyloe Partners

The term ‘Cyber Security’ is nothing new, but it’s a field that is constantly evolving and a topic which is becoming more prominent in businesses of all sizes. The chances are, if you’re working as part of a company that uses IT of any sort (and most do!), Cyber Risk is a very real threat that should be addressed. Despite its name, this risk extends beyond technology and requires having the correct processes in place and educating staff on adhering to these processes.

The discussions around Cyber Security are vast and overwhelming - a quick Google search on ‘Cyber Risk’ throws up over 140 million News results – for the purposes of this article, we’ll be focusing on the benefits of the Cloud when it comes to protecting your company.

The impact of Social Engineering

The Cloud is touted as a safer place to for your data data than a local server, so why do we still hear so many stories of high-profile data breaches? Security of the Cloud itself may be the obvious starting point for blame, but Proofpoint’s 2019 Human Factor report shows that more than 99% of the attacks observed required human interaction to succeed.

Social engineering (such as Phishing) influences human psychology and involves hackers accessing information by manipulating people into performing actions or disclosing sensitive data. By using social engineering, hackers can get hold of personal data without ever actually having to hack into the Cloud.

According to Security Boulevard, almost 75% of companies never equip people with minimal training, which means that organisations put themselves at risk.

Security benefits of the Cloud

There are many factors that influence Cyber Security so it’s important to remember that the Cloud isn’t a quick solution for eliminating risk, but there are various benefits which can help to reduce your vulnerability:

• Multi-factor authentication: as hacking techniques become increasingly sophisticated, a unique login and password aren’t always sufficient in protecting you. Staying on top of cyber threats can seem daunting and almost impossible for companies who don’t have large IT teams.

• Cloud-based solutions will take the hard work out of staying ahead and offer multi-factor authentication that verifies user identity via more than one method. For example, these verifications may combine something that the user knows (password), something that the user has (hard token), and something that the user is (fingerprint).

• Physical security: Cloud computing vendors are there to provide data safety – where small to medium-sized businesses may be restricted when it comes to physical security of their data and facilities, Cloud vendors have security as one of their main focuses, and therefore have the ability to employ stronger physical security measures at their facilities.

• There’s also no reason to worry about data being stolen as a result of misplacing storage devices or laptops and mobile phones. As data is stored on the cloud, the loss of a physical device does not affect the data.

• Security certificates: If you can’t afford to take chances with your data, compliance and security certifications are there to make it easier for you to trust cloud computing providers. Providers with certifications should be employing individuals who are qualified and experienced with configuring cloud servers and keeping client data secure.

Are you thinking of making a move to the Cloud?

In addition to the security aspects, the Cloud offers other benefits, from being able to work remotely, to lower IT costs. If you’re looking to make a move, beware of “Cloud pretenders” – vendors offering products that aren’t actually true cloud solutions. We’d recommend reading Bullhorn’s “Is It Really a True Cloud Solution?’ ebook, before committing to a specific vendor.

About Kyloe Partners

Kyloe Partners are recruitment industry, and Bullhorn, experts. We help recruiters get the right people into the right role as quickly as possible by offering clients of all sizes a real technology advantage in this fast-paced and ever-evolving industry.

Visit Kyloe’s partner page to view their exclusive Recruitment FDs' member offer

Written by Francis West, Westtek Solutions

Ever wonder what happens to your data if a company you’re doing business with has been hacked? Simply: it’s posted for sale on the Dark Web.

Let’s be clear about what we mean when we say ‘data’. We mean information, specifically, information about you. It will be anything the company that suffered breach held on you. So, it could be your name, address, email addresses, associated passwords, date of birth, bank details, credit card numbers, mobile and home phone numbers – in fact, a whole range of information that confirms your identity.

How Does It Matter?

When you use a credit card online, the retailer checks information associated with that card, the information you filled out on the application form. If the details don’t match, the transaction is declined. If a hacker has your credit card information, address and associated email, phone number, etc., there’s a good chance the transaction will be approved and you’ll end up having to jump through hoops to get your money back.

That was a fairly benign example. With all your personal information, a hacker can literally steal your identity, take out loans and credit cards in your name, siphon money from your bank account – and your mortgage too if they’re linked. You begin to see why keeping your data safe matters and why you don’t want it on the Dark Web.

What is the Dark Web?

Like the ‘regular’ internet, the ‘Dark Web’ is a collection of websites. The difference is the Dark Web is an encrypted network. This ensures the sites it hosts can’t be found by the casual observer using standard search engines such as Google or Bing or using traditional browsers such as Chrome and Safari. Websites on the Dark Web are encrypted specifically so their location, owners and activity can remain hidden. Anyone can access websites on the Dark Web as long as they’re using the right tool. Many of these along with instructions on how to use them, can be found with the help of YouTube. Before however, you go in search, we strongly advise you to leave it alone. If you don't know what you're doing, you could upset a lot of unscrupulous people. For those with darker or criminal intent, the Dark Web is full of possibilities.

Perhaps the most well-known of the sites operating on the Dark Web was (possibly still is) Silk Road – a sort of Amazon for people looking to buy things that aren’t legal, such as drugs, weapons and other awful, disturbing products and services. The other key offering on the Dark Web is people’s data.

How Much is Your Data Worth?

Dark Web Prices for Personal Data:

Source: Dream, Point and Wall Street Market – Feb 2018

Let’s break that down. Were you affected by the LinkedIn breach where 164 million emails and passwords were compromised? That happened in 2012 but it wasn’t until FOUR YEARS LATER the data was offered for sale on the Dark Web. People will often use work email for LinkedIn so hackers have gained access to work email now too. Any sensitive data contained in your email conversations will be harvested and used against you and your clients!

Once your details have been posted on the Dark Web, they stay there. FOREVER. It’s not a question of one buyer attains the rights to your details and they get taken down from the Dark Web. Anyone who wants them can pay the fee and have a go at hacking you - multiple hackers all targeting you, trying to steal your money in various and increasingly creative ways. And they’re using details you used years ago. Which is why you should NEVER reuse a password.

Ever log in to a website using “Login With Facebook”? Or “Login with Google”? If these details have been compromised, a hacker can use them to access any other site you log into using your Facebook or Google credentials.

If hackers get your Gmail details, they can access all your correspondence, your calendar and all your contacts. Does it matter if they have your Twitter login? Imagine the damage they could do to your reputation! Also – do you use the same email and password for Twitter as you do for Facebook? Or your Amazon account? Do you see where we’re going with this?

Our top 5 recommendations for protecting yourself:

1. Check all your email domains on www.haveibeenpwned.com. If you’ve been pwned, change every password on every account associated with it (if you can remember them all!)

2. Choose your passwords wisely: use three unconnected words, such as ‘ComputerGlassBusiness’. These types of passwords are virtually impossible to crack. Use objects you can see from your desk – makes them easier to remember.

3. Use a password manager such as LastPass, 1Password or Roboform – then you only need to remember ONE password and the app does the rest for you.

4. Don’t use work email domains for personal accounts or on websites used for personal surfing – keep your work email domain for work only!

5. Regularly check your email domains to see if they’ve been compromised so you can react quickly if you need to!

Did you know, Westtek Solutions now offers Dark Web scanning and monitoring? If you would like to see whether your domain has been compromised, get in touch. Our Dark Web monitoring service will notify you quickly should your information appear on the Dark Web. This gives you the best opportunity of preventing further loss of information or breaches that could cause you serious harm.

About Westtek Solutions

Westtek Solutions is a proactive Technology Success Partner that specialises in delivering cybersecurity measures, strategic consulting and technical support services to help you stay secure whilst maximising productivity. We make sure your technology works for your business and not the other way around.

Visit Westtek's partner page to view their exclusive Recruitment FDs' member offer