Advice + Tax + Accounts for smart business owners.
September 18th 2020

Now's the time for efficient, secure business IT

Top tips on making your business IT more efficient and secure.

Scholes Chartered Accountants brings readers this guest blog from Lugo: IT support and systems for businesses throughout Scotland.

Never have we been so reliant on technology than in 2020. This has been the year where longer-term plans for digital transformation have been fast-tracked at lightening speed. Our hand has been forced to embrace the digital world, even down to something as fundamental as no longer having the option of paying for your lunch by cash. To this end, it’s just been announced that the Royal Mint won't produce any more 2p or £2 coins for 10 years, as cash use declines.

Business survival means adapting to new ways of working, which will force change and teething problems, but ultimately, it’s about working as efficiently as possible whilst making the most of the technology that’s available to you.

Microsoft 365

Many businesses already make use of Microsoft technology in some form, including software such as Word and Excel. These are part of the Microsoft Office 365 suite of applications which can now be purchased through Software as a Service (SaaS) licences. This is where you pay based on how many people need access to the software.

Microsoft have recently gone through a product refresh, with Office 365 now called Microsoft 365 – a new name with added features and security. There are different variants of the licence, dependant on each individual’s needs. Microsoft has a variety of productivity and security management offerings for small to medium-sized businesses, each bringing increasingly powerful features and functionality, designed to help you work collaboratively and have more time to concentrate on your business. Applications like Word, Excel, PowerPoint and Teams are updated monthly with the latest features and security updates and Microsoft protect your data with 24/7 security and support.

The SaaS model is popular, as it means you don’t end up on an old, outdated version of the software. Not only is it good to be up-to-date with the newest functionality available, it also means you remain secure and compliant.


Lugo has seen an increase in cyber-attacks since the implementation of cloud computing. The vast majority of these attacks have been phishing scams that target businesses using Microsoft. Cyber criminals are aware of security flaws in the older, more basic Office 365 packages and exploit these by coercing users to click on links and give away their credentials. Microsoft 365 Business Premium provides additional layers of security that can safeguard against these attacks. Conditional access allows your administrator to configure your users to only have access to emails from inside your corporate network. This prevents access by unauthorised individuals. If workers need to access the network from home, this can be altered to allow only access from the UK. In Lugo’s experience, the majority of targeted cyber-attacks originate outside of the UK.

Multi-Factor Authentication

Most users access their Microsoft 365 environment using a username and password. There is plenty of good advice on making your password as hard to guess as possible – complex, unique, lengthy passwords make your password incredibly difficult to guess. However, what if you accidently gave your password to a cyber-criminal via a phishing scam? It doesn’t matter how complex the lock is, if you give away the key! On top of your existing password policy you could implement Multi-Factor Authentication.

Multi-Factor Authentication (MFA) is the practice of using at least two forms of authentication to access your account. You will most likely have come across MFA if accessing your bank account online. You must authenticate with something you know (a password or a PIN) and something you own (a phone or a token). This adds an extra layer of protection to important services and could be the difference between your account remaining safe or being compromised.

Microsoft have been offering MFA protection for normal Office 365 user accounts since 2014 yet less than a third of user accounts are protected. So why are adoption rates so low? Obstacles include lack of awareness, Bring Your Own Devices policies and a fear it could negatively impact productivity.

There is no cost attached to the service and most IT providers should be able to implement this for you with minimal hassle and cost. An office phone number could be used for authentication if mobile devices aren’t allowed on site. Productivity may dip on the day you first implement MFA but there is no need to enter MFA credentials every time you access your email or even on a daily basis, only when accessing from a new device/location or when your password has been changed.

MFA is the single most effective measure you can take to secure your Microsoft 365 products.

As a Microsoft Partner, Lugo has been providing outsourced IT support to SMEs across Scotland since 2003. If you’d like to arrange a virtual meeting to have a chat about moving to Microsoft 365, outsourcing your IT or making your systems more secure, please click here to book an appointment.


Let's talk

Book your free consultation now:

Preferred Method of Contact