cisco meraki banner CMS Group

CMS Awarded Cisco Meraki’s 12th Top Growth Partner

CMS Group is proud to announce that we’ve been recognised as Cisco Meraki’s 12th largest growth partner across the whole of Europe. As a result, we were invited to one of the 15 available spaces for the Meraki EBC tour at San Francisco at Meraki’s Head Quarters.

This demonstrates CMS Group’s degree of experience in designing and implementing the best-of-breed networking solutions and having a strong relationship with Meraki to ensure that our clients get the greatest value from their solutions.

About Meraki

Cisco Meraki is the leader in cloud controlled wifi, routing, and security. Secure and scalable, Cisco Meraki enterprise networks simply work:

Meraki provides a great suite of network products, all of which are powerfully cloud-managed:

  • Wireless LAN – Enterprise-class performance managed from the cloud for faster deployment, simplified administration, and richer visibility.
  • Security & SD-WAN – for security, networking, and application control.
  • Switching – Meraki’s access and aggregation layer switches provide the backbone for networks of every size, combining secure, scalable, robust performance with an elegant, intuitive management experience.
  • Smart Cameras – Enterprise video security with advanced analytics, bandwidth conscious and comes with everything in the box (no need for additional storage, etc).
  • Endpoint Management – Unify management and control of thousands of mobile and desktop devices in the secure, browser-based Meraki dashboard. Drive your organization’s mobility initiatives by seamlessly onboarding new devices and automating the application of security policies.
  • Meraki Insight – helps IT administrators optimize the end-user experience, significantly reducing the time it takes to isolate network or application problems that lie beyond the LAN, and create happy, productive users.

Our clients always have extremely positive feedback on the Meraki solutions. We find that when they make the move to Meraki, they stick with it going forward due to the quality, ease of control, and capability.

Interested in Meraki?

If you are interested in any of Meraki’s solutions, the first point of call would be to reach out to CMS Group so that we can understand what you’re looking for and best advise. Following from there, there are a variety of steps we can provide you with to help you get to know the Meraki portfolio, such as:

  • Providing you with a demonstration
  • Arranging for free equipment!
  • Provide trial kit
  • And so on.

There is also a promotion currently running – where you get an additional year of cloud-managed licensing through Meraki First Year On Us – meaning now is an excellent time to experience the simplicity of the Meraki dashboard.


Oliver Coop


Oliver Coop

Account Director

CMS Group


Request A Call Back      Send A Message

City Landscape

How IT Leaders Best Serve Their Business

If you’re an IT Leader you will be seeing the change in the IT Landscape, Business’s are now expecting the IT teams to deliver real value by driving strategy and delivering projects.

It’s a bit like juggling balls, only now you are being asked to juggle more ?


In this article we uncover how these additional pressures place different demands on IT leaders – the factors behind the change, and most importantly – how to make the change and deliver the greatest benefit to your business (with a real world example case study at the end).


Lets first look at the main driving factors behind the changing landscape:

  • Increasing complexity of IT systems.
  • Vendor Management
  • Increasing potential for IT to benefit the business (if properly explored), and help a business achieve its strategy.
  • Increased potential of damage or impact to the business from IT outages.
  • Blurred boundaries of IT – IT is no longer just a platform. It is relevant to all departments of the business and many customer interactions.
  • Challenge of running the support function internally – still critical but equally a significant daily distraction.


Considering these changes, internal IT leaders have needed to adapt. It is no longer enough to focus on resolving break-fix issues. In fact, IT maintenance absorbs too much time and focus, taking them away from where they can really benefit the business.

IT leaders are now taking a strategic lead to the business, in that they are uniquely positioned to understand the businesses objectives, and at the same time create a strategy for how IT can not only support it, but also boost it. All whilst building in the appropriate mechanisms to ensure the business is protected from any loss-of-service.

To make this shift, IT leaders have handed over day-to-day IT support to a partner.


For this model to work, your selected partner should be well developed in the following key areas:

  • Ownership – especially managing 3rd parties (such as ISP’s, bespoke applications, POS, etc). End users can pass over any IT issue and focus on their work.
  • Technical Support – IT is a broad field and no one person can be an expert in all areas. Technical consultants specialise in different areas which means that when clients want to discuss a potential project, it is possible to bring the best knowledge to the table.
  • A high standard of 1st line Service Desk
  • Coverage – an option of true 24*7*365 support nationwide (and further afield), .
  • Management Wrapper – this is then all wrapped up in a management wrapper with your Account Director and Support Managers to oversee the day to day running of the support and be the bridge of communication.


CMS Group have specialised in delivering these types of relationships for around 30 years now, and as a result we have a great deal of experience in understanding what it takes to make them work. Below is an example of a client we work with in this regard:

Village Hotels:

Village Hotels a nationwide hospitality brand with over 31 sites / 1650 users. We have worked with the for around 25 years.

IT is critical to Villages function, a simple failure can be measured in serious loss of revenue. To add to that, the nature of many sites spread across the nation with a web of different vendors delivering a variety of services and the need for IT to work 24*7 highlights the degree of support required.

As stated, CMS have worked closely with the Head of IT for Village Hotels. CMS manage all IT Support issues from end users and manage 3rd party issues such as POS, Lines, telephony and so on. As a result, the Head of IT is able to focus is valuable time delivering new business improvement, selecting and managing vendors, and overseeing the strategy of IT in the business.

In addition to delivering support to all sites 24*7*365, we also assist with projects – whether working with them to architect the right solution, or roll outs across all sites.

Communication is critical. Day to day the Account Director is overseeing support and communicating with not only the Head of IT, but also GM’s of sites and users. In addition, the Account Director is liaising the day to day support (escalations, site visits, etc). They also work closely with the Head of IT on ticket reviews routinely to understand any areas where trends are arising, and discussing a plan to resolve root causes to collective tickets.

The result is a very successful relationship which spans over 20 years, one which we are proud of and which demonstrates how effective and empowering this partnership can be.


If you are reading this and it strikes a chord, in that either you or your internal IT department could be delivering more value to the business, if they were released from daily maintenance activities, or if your incumbent is failing to deliver and as a result you are being pulled into the day to day support due to their failings – it would be worth exploring how this could work for your business through an exploratory meeting with myself or another Account Director.


Oliver Coop


Oliver Coop

Account Director

CMS Group


Request A Call Back      Send A Message

Collingwood Lighting

New Client – Collingwood Lighting

CMS Group is pleased to announce our new relationship with Collingwood Lighting. Collingwood Lighting (established in 1901) is a Designer, Manufacturer and Wholesaler of LED Lighting Solutions with roughly 120 employees spread between England and France.

We will be providing both IT Service Desk support to help their staff with any IT issues, as well as proactive 3rd Line / Technical Services to support and manage their core IT Infrastructure.

We look forward to a long, successful relationship together!

Grand Hotels CMS Provide IT Support

CMS Group are specialists in Hospitality IT Support. We wanted to take a moment to shine a light on a selection of grand hotels which we are extremely proud to be working with.

Cliveden House

Cliveden House five-star hotel is set in 376 acres of National Trust gardens just 9 miles from Windsor Castle and was built in 1666. In addition to the rooms, other amenities include a relaxed, equestrian-themed bar-and-grill, and an ornate fine-dining restaurant. Afternoon tea is served in a grand lounge. A chic spa offers hot tubs, an outdoor pool and a gym, plus tennis courts.

Cameron House

Read the Cameron House Case Study.

Situated on the banks of Loch Lomond, Cameron House resort is the perfect place to experience Scottish hospitality at its best. Cameron House is a five Star Luxury Scottish Baronial Mansion Hotel Resort set with 136 guest bedrooms/suites. The Resort includes two Golf Courses, one a Championship Golf Course and an award-winning SPA. Recently awarded Gold Crown status for the 6th consecutive year at the Resort Recognition Awards, Cameron House luxury lodge resort is a UK holiday destination like no other.

The Midland

The Midland Hotel dates from 1903. This grand Edwardian hotel faces Manchester Central convention complex and Manchester Central Library. Amenities include an upscale regional restaurant, an imaginative international eatery, and a long-standing tea room offering elegant afternoon tea. There’s also a sleek bar and lounge serving casual all-day fare. Additional amenities include a luxe spa with an indoor pool, a sauna and a gym.

Grand Harbour Hotel

The Grand Harbour Hotel is home to 173 rooms and suites, as well as dining experiences from Marco Pierre White. This is an upscale, modern hotel with a sloping glass facade. There’s a relaxed restaurant with floor-to-ceiling windows and a glass-covered bistro/bar with a terrace. Other amenities include a gym, an indoor pool and spa facilities, plus parking.

Sea Containers

Sea Containers Hotel is a 359 room hotel situated on the banks of the River Thames, and under the creative direction of renowned British designer Tom Dixon, the hotel captures the essence of 1920s cruise ship glamour integrated with the modern twists and sophisticated design. The hotel benefits from a spa and fitness centre, cinema, meeting and events rooms. On top of that, you can wine and dine at their Sea Containers restaurant, Dandelyan bar, or of course, their famous rooftop Rumpus Room featuring panoramic views over London.

The Belfry

The Belfry is a high-end golf resort and hotel surrounded by 500 acres of countryside. There’s an upscale grill, a buffet restaurant and a pizzeria, along with a lounge, a sports bar and a nightclub. Other amenities include 3 golf courses, a posh spa and an indoor pool. The Belfry introduces luxurious guest bedrooms and suites, meeting and event rooms, restaurants, bars, a nightclub, a luxury Spa and Health Club and of course amazing golf.

Chewton Glen

Chewton Glen is a five-star country house hotel in Hampshire, set on 130 acres of countryside and is a 1-mile walk from the sea. The cosmopolitan restaurant serves an eclectic seasonal menu. The spa has a grand Roman-themed pool, crystal steam rooms and an outdoor hot tub.

Hotel Groups

In addition to these Grand Hotels, we are also proud to work with some very prominent groups who have sites located all across the country, such as Village Hotels (32 sites), Malmaison & Hotel du Vin (36 sites), Apex Hotels (12 Sites), and more.

We are seeing an increasing number of Hotel groups move to CMS Group for IT support, largely down to their incumbent under-delivering of the level of service they expect. This is affecting their internal IT Teams ability to concentrate on their primary objective. At CMS, we understand hospitality – we work very closely with our clients and provide a high standard of support. The result is great relationships – demonstrated in our Case Studies and the lengthy relationships we maintain (such as Village Hotels for 20 years).

We work with hotel groups nationwide delivering IT Support and Services 24*7*365 – including services such as managing 3rd parties, implementing new 3rd party systems, migrating out of management contracts, building new environments (or whole new hotel setups), onsite/remote support, and more.


Oliver Coop


Oliver Coop

Account Director

CMS Group


Request A Call Back      Send A Message

Managing 3rd Parties in IT Support

It’s no secret that hospitality businesses are dealing with an increasingly complex network of IT systems which are critical to their operation. Should any of these systems have issues, it is crucial that the problem is resolved in the most efficient manner possible so that the business can get back to operating as usual. Unfortunately, in most scenarios, this is not the case.

By ‘3rd parties’, in this context, I am referring to any business you work with who provides an IT related application or solution to you. For example:

  • Key Equipment:              e.g. Tills, Printers, key cutting, door entry
  • Infrastructure:                 e.g. Network, Backup, Cloud, Guest WiFi
  • Software:                          e.g. PMS, Payroll, HR, Bespoke Apps, Security
  • Telecoms:                         e.g. Phones, Internet

The questions you should ask yourself are:

  • “If X system stops working, how much revenue would you lose?”
  • “What amount of work would you lose from your staff?”
  • “Do we have a defined process to restore the solution?”
  • “What impact would it have on your business?”
  • “What reputation impact would there be?”

For example – Lost bookings, problems with checking in, lost postings from restaurants, and so the list goes on…

You need to work through questions like the above (and others) so that you have a clear understanding of what processes your business needs to put in to mitigate risk. The first step is to ensure IT Support fully manages 3rd parties. Doing this properly (and I say properly as there is a very broad range of ways businesses “manage” 3rd Parties), has a notable impact on your business.

  •  Staff get a single, accountable, point of contact to log any IT related issues – no confusion of who to go to. As there is a single pane managing all, you can report on the 3rd Parties performance.
  • Managing a problem through to resolution can take a serious amount of time (from queuing on the phone, working through the problem, chasing, and getting an RFO). This takes your staff away from delivering the work you employ them for and is a poor use of their time.
  • Having IT manage all 3rd Parties means that the dialogue is IT literate, and more informed for when (for example) a 3rd party needs access to a server.
  • Ultimately, you improve the end-to-end service levels, increase user satisfaction and minimise the business impact.

 Understanding the importance of managing 3rd parties effectively is one part of the process, but it’s another thing altogether to put in a solution for How to do this.

Because of this, I wanted to share some of the methods we use which have proven to be very effective:

3rd Party Audit: Whilst taking on the IT Support, you should carry out an in-depth audit/documentation of all 3rd parties (communicated out to the relevant staff) by setting up a call with their account manager to capture all the key information. Besides the usual (support details, system description, etc), you should also be looking to best understand and plan for when it doesn’t work – e.g. what is the process for out of support hours? Who are the escalation contacts and what is the process? What is the fail-over process? What are the SLA’s? etc

Monitor Trends: Managing a large user base can make it difficult to identify linked issues which are occurring in real time, but these can often suggest that a more serious threat to your business is manifesting. Yes, having strong communication in your IT team is beneficial, but this is not enough. You should build into your Ticketing Software the ability to highlight recently linked issues of the current users/sites/issue. This must always be visible so that the IT Support team can raise the issue to the 3rd parties as soon as possible, whilst also understanding the breadth of the issue.

Escalations: In the event of a P1 or P2 issue (business-wide/site-wide business affecting issue), communication becomes critical. First, escalate it to the 3rd party through the correct channels, but then also, send out communications to an agreed distribution list of relevant colleagues (e.g. directors, IT, etc), detailing that the issue has been identified, raised (ref ID), what it is, and how it is being progressed. Then, update all throughout, right up to the Reason for Outage (RFO).

For instance, in the event that you’re out with your family on the weekend, the last thing you want is to be pulled into the office in a panic trying to restore services. Instead, having this flow of communication helps everyone see that the problem has been picked up and how it is being progressed live.

Availability: IT issues can happen at any time. Unfortunately, just like hospitality businesses, they don’t adhere to a 9-5 working week. It’s important you have a team which is available 24*7 to pick up issues and raise to the 3rd party as soon as they arise (without waiting until the next morning).

Updates: 3rd parties need consistent chasing with updates being communicated to the users. It is not as simple as a log, drop and wait.

Meetings: It’s important to keep on top of the 3rd party’s performance. We recommend support review meetings to ensure there is no loss of performance and to go through any trends by reviewing all tickets logged to then.

Contingency Processes: This all forms the basis for building thorough contingency plans to prevent the business from being caught by surprise and minimise business impact upon system failures. For example: if your internet line fails, it may be that you set it up to fail-over to a backup/secondary line; if your telephony fails, it may be that you divert calls to different site; if any key equipment fails, you may put in spares to swap in whilst waiting for an engineer call out. These all need working out and are bespoke to each business.

With specialising in Hospitality IT Support, managing 3rd parties is a critical piece to the work we do. As you can see, there is much more to it than I can fit into the above. If you want to discuss this in more detail, I would be happy to schedule a call.

Oliver Coop

Oliver Coop

Account Director

CMS Group



Request A Call Back      Send A Message

Statistics in Hospitality IT Support

In this article, I lay out some insightful statistics on Hospitality IT Support. This is made possible as CMS Group Ltd are the specialists in Hospitality IT Support (for over 20 years, CMS has provided 24*7*365, nationwide IT Support to a wide range of Hospitality clients).

I have reviewed a sample of 50,000 support tickets of our Hospitality clients. The data is comparable in that my sample only includes 24*7 contracts, end-user (non-infrastructure) tickets, over a 12-month period (to avoid seasonal deviations).

Looking at the time-day behaviour of users raising tickets, we can see that…

Tickets raised by time:

Tickets raised by day – 12% of which are raised on a Saturday-Sunday (24 hr):

Total tickets outside of core office hours are 29% (all excluding Mon-Fri, 9-5):

With the above in mind, office hours only account for 24% of the hours in a week. Working in hospitality we know that the industry is non-stop, and in fact, the most critical (revenue affecting) time that you need IT to work typically falls outside of office hours (such as guests checking in or dining).

Therefore, it is critical that your staff are supported by a thorough IT Support model to ensure that there is no potential for loss of revenue.

We find that clients have one or two problems here:

  1. The cost and administration of running an internal team to cover a 24*7*365 shift rota is either unattractive/not viable. This is compounded by holidays/absences, staff churn/training, the need for specialisation, and the lack of economies of scale.
  2. Internal IT do not wish to, or currently are, being dragged into the time consuming, reactive IT Support of low level (e.g. break-fix) IT Support. This is a serious time sponge and takes away the Internal IT teams’ ability to drive the business forward.

This is generally the point at which CMS Group are asked to assist. We complement the internal IT Team by allowing them to offload all reactive IT Support. We provide a very highquality support, 24*7*365, taking full ownership of problems – this includes managing issues through to resolution with 3rd parties on behalf of users.

Stats of relevance for our Service:

First Contact Resolution (FCR) – 94.7%:

Answer time – 77% of calls to our Service Desk are answered under 30 seconds, 93% under 2 minutes.

  • This is more notable when you consider that we do not employ call loggers. Each call a user makes goes directly to an engineer who is likely able to resolve the issue straight away.

Tickets resolved remotely vs needing to escalate to field – over 99% of tickets were resolved remotely (1 in 250 calls require field escalation):

The above points demonstrate the importance of having capable engineers (not call loggers), readily available to help your staff with issues as they arise. I often find clients are surprised by how much can be resolved remotely with the right team.

I hope you found the above of interest, and of course, there is much more to the story. If you would like to discuss this in more detail or see how a similar model may work for you, then feel free to contact me.

Oliver Coop

Oliver Coop

Account Director

CMS Group



Request A Call Back      Send A Message

Cloud or on-prem infrastructure

IT Infrastructure Strategy


Are you approaching the need to invest in your IT Infrastructure? If so, you may be wondering what your options are, and what impact each option has on areas such as risk; scalability; commercials (TCO); disaster recovery and backup options.

The purpose of this article is to briefly highlight what the key options are in renewing IT Infrastructure, present case studies on clients who have adopted different models, but more importantly, to offer a path forward to help you understand which option is most suitable for your case.

Please bear in mind our focus is to get you to question what your business really needs from a high level; the nuts and bolts can come along later.


Over the years, there has been some mixed messaging. Initially, you would hear that “Infrastructure must be onsite”, almost as if being able to touch and see the equipment provided peace of mind. Now, many are preaching to move everything to the “Cloud” (we have all been there before with ‘trends’).

The reality is that the cloud is now better than ever – it’s more affordable, resilient, and offers great performance. However, the truth is that those facts alone are not a strong enough case to move there. Instead, you must study your business requirements to see if it’s the right option for you.


To summarise the high-level options available to us:

  • Refresh on-premise infrastructure
  • Move everything to the cloud (365 / Azure)
  • Host your own infrastructure in a DC
  • Or a Hybrid approach

As you can imagine, each option comes with its own pros and cons. The art is to understand which option is most beneficial to your business.


To give you some examples, we work with businesses nationwide providing IT Support and Projects. Below are just a few clients who we have implemented a different model of infrastructure to best benefit each of them uniquely:

BII: On-premise Infrastructure getting tired, backups weren’t working and had a poor support partner. The IT team really wanted to focus on strategy and delivering projects. They needed an OPEX model for their infrastructure but were open to where the kit was located. After several workshops with CMS, we migrated their Infrastructure to Azure cloud and Office to 365.

Cameron House: A stunning 5* Scottish Baronial Mansion, Cameron House was purchased by KSL Capital Partners for circa £75m in 2015. The remit was to provide a completely new IT Infrastructure hosted off-site, at the same time the client took the opportunity to upgrade all applications to newer more innovative apps that delivered real value to the business.

Trumeter Technologies: International manufacturer Trumeter, Head Office in Bury; manufacturing in Malaysia and two sites in the USA, recently a further site in the UK, Trumeter needed an Infrastructure that was both truly scalable and international, coupled with a 24*7*365 support mechanism. CMS implemented a cloud solution with IT Support for all sites. 10 years on Trumeter are still very happy with their model and we have an excellent relationship with them.

“IT is an enabling tool that allows us to run our business as efficiently as possible. By switching to the CMS Cloud Service we’ve sidestepped many of the day-to-day hardware and software management issues that don’t add any real value to the business. Instead, we’ve got a dynamic and flexible IT infrastructure that is both resilient and more suited to the demands of a rapidly growing Trumeter Technologies.” – John Smith. CEO, Trumeter Technologies

Cavalier Carpets: Cavalier Carpets required all data and infrastructure to be maintained onsite, however, they also realised the need to have an effective DR and Backup solution in place. We worked with Cavalier to implement an offsite managed Backup and DR solution whilst they maintained their core infrastructure onsite.


These examples paint but a few use cases for different models. To really understand what model would be most suitable, you need to do a real deep dive to understand your applications, how your business operates, your resilience requirements, costs, and more.

This is where we can help you. With our 25+years in the IT industry, we have experts in solution architecture and implementation.

If you are at a point in time when you are looking to refresh your infrastructure, I recommend we carry out a workshop to go through this in detail:

  1. First, we arrange a call to discuss high-level understanding of your business requirements, setup, etc
  2. Secondly, a day onsite with one of our Professional Services Architects to understand the business, where you are, plans and objectives, perceived challenges and growth strategy.
  3. Following the onsite day (no charge), we will propose putting together a High-Level IT Infrastructure Strategy that will use best of breed technologies to deliver the preferred solution for your business. The work to produce this will be outlined with appropriate costs. Strategy and solution to include: Risk Analysis; Commercials – TCO – potential growth in costs; Disaster Recovery – what are the real DR requirements – departmental risk analysis; True cost analysis; etc
  4. From here, we can help you implement the solution.


If you are approaching the renewal of your infrastructure and would like to understand which option would be best serve your business, I recommend you carry out this process. To arrange or discuss, call 01254 296 700 or click one of the buttons below.

Andrew Coop

Managing Director

CMS Group


Request A Call Back      Send A Message

Hospitality IT Support- How It’s Changing

The Scene

There has never been more pressure on IT in hospitality than there currently is. Be it with the innovations to the guest experience (e.g. self-check ins, in-room technology, etc) or behind the scenes managing 3rd party solutions that work. Competition is rife, standards are high and moreover, IT must be stable. IT has a lot on their plates!

Traditional Model

Traditionally, all IT would be serviced by internal staff, not just the big picture work such as projects, strategy and so on, but also the more menial support of break-fix and user issues. However, for reasons we will go in to, there has been a shift away from this model. The main drivers being:

  • It’s costlier – typically by ~25 %.
  • It absorbs IT leaders time, pulling them into management, break-fix and assistance. A waste of a valuable resource which would better benefit the business by working on the big picture work such as developing the strategy, project implementation, and driving the business forward.
  • Can be impractical to run a 24*7*365 shift coverage – potentially may need to employ more staff to cover the 24*7 shift rota than resource is required.
  • You wouldn’t employ your own mechanics to service the company cars, so why here. IT Leaders don’t have the time to figure out how to run a support centre when they are focusing on how to drive their own business forward.
  • IT departments are being tasked with more projects for business change, putting a real strain on their resource.

Emerging/New Model & Benefits

Because of these challenges, the industry has seen a huge shift towards leveraging IT Support partners in predominantly two different models:

  1. Internal IT Leaders. External IT Infrastructure and User level support.
  2. Internal IT Leaders and Infrastructure Support. External User level support.

Both above models have proven to be effective solutions to the challenges raised above. This is what Dan Morley had to say on the matter (Head of IT Infrastructure and Service Delivery, Village Hotels and KSL Resorts):

I do not need to get involved with support if a serious escalation arises I am always kept informed in a timely manner. This allows me to focus on the bigger picture delivering and adding real value to the business.

Separate to solving the traditional model’s challenges, IT Leaders have fed back that they also recognise the benefits of:

  • Access to a wider knowledge/skill pool.
  • No worry over staff churn and training.
  • Potential for more simultaneous tasks.
  • Working with a partner who has wider industry knowledge- exposure to other hospitality businesses, vendors, and best practices.
  • Project assistance- access to staff for roll-outs; consultation/white-boarding from specialists in different fields, assistance on planning calls/meetings with 3rd parties, and project management. This gives IT Leaders more elasticity/scalability for projects and changing requirements.

CMS Group

I have studied this shift first hand as I work at CMS Group (the fastest growing Hospitality IT support company in the UK). Our model is simple, we manage all your IT support (24*7*365, nationwide) to release your IT team to really deliver for your business by driving strategy/innovation, and improving costs. Clients we work with include:

I’d love to hear from you if you have any points to add, or if you would like to discuss this in more detail. You can reach out to me via:

Oliver Coop

Oliver Coop

Account Director

CMS Group



Request A Call Back      Send A Message

‘Meltdown’ and ‘Spectre’ Vulnerability Guidance

This article contains important information on vulnerabilities with all machines CPUs (manufactured since 1995) and how to fix it. Please read this email thoroughly and let me know if you have any questions or if you would like to discuss this further.

The below text comes from the National Cyber Security Centre (

Guidance for enterprise administrators in relation to the recently published processor vulnerabilities ‘Meltdown’ and ‘Spectre’

What are Meltdown/Spectre?

‘Meltdown’ and ‘Spectre’ are two related, side-channel attacks against modern CPU microprocessors that can result in unprivileged code reading data it should not be able to.

Most devices – from smartphones to hardware in data centers – may be vulnerable to some extent. Vendors are working on (or have already released) patches to mitigate the issue. The NCSC advise you to patch your devices as soon as possible.

What are the vulnerabilities?

Processors in most devices employ a range of techniques to speed up their operation. The Meltdown and Spectre vulnerabilities allow some of these techniques to be abused, in order to obtain information about areas of memory not normally visible to an attacker. This could include secret keys or other sensitive data.

These vulnerabilities comprise:

  • Spectre (bounds check bypass and branch target injection): CVE-2017-5753 and CVE-2017-5715
  • Meltdown (rogue data cache load): CVE-2017-5754

For more information, visit the Spectre attack website:

What is the impact?

In the worst case, code running on a device can access areas of memory it does not have permission to access. This can result in compromise of sensitive data, including secret keys and passwords.

What can I do to protect myself and my organisation?

Device and platform manufacturers are releasing updates to supported products which will mitigate this issue.  Ensure that the latest patches have been installed and that you are not using unsupported devices as these will not be fixed.

The following section summarises responses from the major suppliers that the NCSC is aware of.

Cloud services

The major cloud service providers are installing fixes on their own platforms. However, in a virtualised environment, fixes are required for both the hypervisor and guest virtual machines. Therefore, when using Infrastructure as a Service (IaaS), you will need to update the operating systems of any virtual machines and container base images that you manage. For Platform as a Service (PaaS) and Software as a Service (SaaS), your provider should install these patches for you. If in doubt, check that your service provider:

  • is aware of the issue and installing fixes
  • is providing advice for dealing with the issue

Data centers/servers

Operating systems and hypervisors need patches, as does the firmware of the physical machines you are running. The major equipment manufacturers (OEMs) are producing patches; you should obtain these directly from the OEM. Patches for Linux are also being produced and will be included by the most common distributions. These should be installed as soon as they are available.

End-user devices

The major operating system vendors have produced patches which mitigate the issues, though some parts of the patches need to be installed via the equipment manufacturer (OEM) as they contain platform-specific elements. This means that it’s not sufficient just to update the operating system – you will need to check that the underlying firmware is also up to date. Links are provided at the end of this page.

Applications and software

Software compilers need to be updated to protect applications from the Spectre vulnerabilities. Once compilers have been updated, applications will need to be recompiled to take advantage of these mitigations. As with operating systems, applications should be regularly updated to ensure the latest security fixes are applied.

More information

Some CPU microprocessors are affected more than others. Check with your processor’s manufacturer to find out the full impact of the vulnerabilities.

This attack requires code to be running on the target device, so is currently a local escalation of privilege attack. However, the vulnerabilities may be exploitable from within application sandboxes (including web browsers), so take care when executing any untrusted code, including JavaScript on web pages.

Intel Security Advisory    /     Newsroom
Microsoft Security Guidance
Amazon Security Bulletin
ARM Security Update
Google Project Zero Blog
Mitre CVE-2017-5715   /    CVE-2017-5753    /     CVE-2017-5754
Red Hat Vulnerability Response
Suse Vulnerability Response
Apple Vulnerability Response

Spectre attack website:

In Summary:

Update ALL devices as soon as possible and ensure you regularly patch your operating systems.  This is best practice anyway, however, this is now absolutely critical. Windows and Linux based devices already have a patch available to ‘fix’ the vulnerability. Chromebooks updated to Chrome OS 63 are already protected as are Android devices, including the Google Nexus and Pixel smartphones (with the latest security updates applied).

  1. Verify that you are running a supported antivirus application before you install the operating system or firmware updates. Contact the antivirus software vendor for compatibility information.
  2. Apply all available Windows operating system updates, including the January 2018 Windows security updates.
  3. Apply the applicable firmware update that is provided by the device manufacturer.

If you have any queries, please do not hesitate to contact myself or support.

We can also assist with rolling out updates as a project if you would like assistance.

Continued Growth: Surpassed 2016’s +43% by Aug 2017

Last year was a record year for CMS, with a growth of 43% for IT contracts. This year new IT Support Contract values have already passed 2016 (as of only August 2017), with a projected increase for the year of 45%.

This growth demonstrates that CMS is delivering real value, offering a range of IT Support services including 1st line, 3rd Line, and Field Support. Our approach is different, we dig deeper and make sure we fully document all 3rd parties/SLA’s/hours of cover etc. By having this detailed approach, we make sure the support quality is high, also we work extremely closely with the internal IT team, offering a high level of communication.


  • We never rest and are always looking at ways to improve support and assist the client’s business.
  • Detailed take on process, provide you with all documentation
  • High calibre staff
  • All staff understand ‘ownership’
  • Work with you on developing strategy

New Customer examples

  • Nationwide Hotel Group with over 30 sites, planning significant growth
  • Nationwide Hotels Group, new site opening this year
  • Premier Luxury Hotel Group
  • Textile Manufacturer
  • Educational Establishment
  • And more….

Businesses are ever pressed to deliver improvements, by working more efficiently, make better use of IT, work smarter; by partnering with CMS the IT team can focus on delivering these improvements and making a tangible difference

 Request A Call Back      Send A Message