Hidden Risks You Might Be Ignoring
In this month’s IT Bulletin, we’re shedding light on the cybersecurity threats that often go unnoticed — but can have serious consequences for businesses of any size. From unsanctioned apps to advanced impersonation techniques and overlooked hardware, these silent risks are becoming more common and dangerous. Being proactive is the best defence.
Shadow IT – The Hidden Risk in Your Business
Shadow IT refers to the use of software, applications, or devices that employees use without approval from your IT department or IT support Provider. Think of free online tools, personal file-sharing platforms, or unvetted cloud storage apps. While these may help with productivity, they can also create security gaps and compliance risks.
Why It Matters:
Sensitive data might be stored in platforms without encryption or access controls.
Shadow IT can bypass corporate security policies, leaving the business vulnerable.
How to Mitigate the Risk:
Use discovery tools to identify unsanctioned software.
Educate staff on approved tools and the risks of going rogue.
Implement clear policies and offer secure, approved alternatives to commonly used tools.
Deepfake Scams Are Getting Smarter
Deepfake technology has evolved rapidly, and cybercriminals are now using AI-generated audio and video to impersonate CEOs, finance teams, and even colleagues. The goal? Trick employees into transferring money, sharing login credentials, or providing confidential data.
Real-World Example: In 2024, a UK-based company was tricked into wiring over £200,000 after an employee received a voice message that sounded identical to their CFO.
If you’d like to see how convincing deepfake scams have become, check out our BIM Summit session with Andy Compton, where he demonstrates a real-world deepfake scenario during his cybersecurity talk. Watch the clip here!
How to Stay Protected:
Train staff to be cautious of unexpected, high-pressure requests via email, calls, or video.
Always verify requests for sensitive actions through a second channel (e.g., call back via known number).
Use internal security codes or keywords for financial approvals.
What Makes Printers Vulnerable:
Unsecured print jobs left on trays.
Default passwords or unsecured admin panels.
Older firmware that lacks modern security patches.
Stored data caches that can be accessed if not wiped regularly.
Printer Security Best Practices:
Change default admin passwords immediately.
Regularly update device firmware.
Enable user authentication for printing.
Set automatic data wipe policies.
Recent Vulnerabilities – May 2025
Cyber threats continue to evolve rapidly, and this month brings several critical updates you should be aware of:
Microsoft Patch Tuesday (May 2025) Microsoft released fixes for over 70 vulnerabilities, including five actively exploited zero-day flaws. These cover a range of risks from privilege escalation to remote code execution. Ensure your systems have applied the latest updates to stay protected.
More info: Read the full bulletin
Mozilla Firefox Zero-Day Flaws Two critical zero-day vulnerabilities affecting Firefox were patched this month. Users should update immediately to prevent potential remote code execution and data exposure.
More info: View update details
Reminder from Symetri: If you’re a Symetri customer with a managed service agreement, we’re actively applying these critical updates and firmware patches to covered devices.
Cybersecurity isn’t just about firewalls and antivirus software. It’s also about the day-to-day decisions your employees make and the devices and tools they use. Shadow IT, deepfake scams, and overlooked endpoints like printers can all open the door to significant breaches. Staying aware of these threats and taking preventative measures will keep your organisation resilient.
📧 Need support identifying and addressing these risks? Reach out to our team at info@symetri.co.uk to schedule a security review or consultation.
Migrate Multiple Projects Between BIM 360 and ACC: What you need to know
As Autodesk gradually shifts its focus from Autodesk BIM 360 to the more unified and scalable Autodesk Construction Cloud (ACC), many AEC organisations are navigating the complex process of migrating active and archived projects. While ACC offers enhanced collaboration, improved workflows, and long-term scalability, the path to get there isn’t always straightforward. In this post, we will explore some key complexities organisations face when migrating data from BIM 360 and ACC and offer insights on how to streamline the process.
How to Simplify Configuration for your Engineering Software
In this blog, we’ll look at some common challenges teams face when configuring engineering software and share practical tips on how to simplify the process. We’ll also explain how Symetri’s solutions can help you optimise your software setup, reduce errors, and keep your projects running smoothly.
4 ways to optimise your construction projects in the cloud
Managing a growing number of Autodesk BIM 360 or Autodesk Construction Cloud (ACC) projects can quickly become overwhelming - especially when it comes to project setup, user management, and data backups. With the right tools, you can eliminate manual inefficiencies, boost productivity, and focus on more strategic initiatives. If your team works with BIM 360 or ACC, this blog focuses on four powerful ways Naviate Cloud Manager can streamline your operations.
+44345 370 1500 · info@symetri.co.uk