Businesses rely on people, applications, data and devices in order to operate and remain competitive. If not properly managed any one of these can present a potential weak point at which outsiders can infiltrate your business with catastrophic results. Organisations both small and large need to take a proactive approach to keep their business secure.
We provide service to accountants, architects, engineering firms, recruiters, solicitors and other professions. They need to focus on their core business while knowing that the technology they use every day is delivered in a way that keeps their company, and clients, safe. In order to minimise threats, we take a systematic and standardised approach to security using industry leading tools. . This ensures we minimise disruption as proven in the numerous clients we have defended against attack.
We use Cyber Essentials as a starting point for how we deliver the security element of our technology solutions. This government backed scheme was designed to help UK businesses to identify the security controls that need to be in place in order to have confidence they are mitigating the risk of cyberthreats. In reality, this scheme provides a great set of guidelines for any business on the important areas that need to be addressed. We ourselves are certified to the Cyber Essentials Plus scheme, a higher level of certification verified by an independent 3rd party. Below we briefly outline the various technical areas we protect.
Boundary Firewalls and Internet Gateways
These devices protect your internal network against threats originating from the public internet. Implementing and maintaining functions such as firewall rules, connection management and admin passwords are basic yet important elements for protecting against external threats.
Endpoint devices such as mobile phones, laptops, tablets, and PCs need to be set up correctly and updated as necessary.
- 1. Have default passwords been updated to something more secure?
- 2. Have unnecessary user accounts been removed from devices?
- 3. Have unnecessary applications been removed from devices and have IT or management approved applications that have been added to devices.
- 4. Are personal firewalls in use on each device?
Can you consistently answer yes to all of the above? The more devices in use, the more important it is to standardise configurations and use tools to simplify management of them.
Who has access to your data? Poor access control policies can provide outsiders with easy entry to your business data and lead to irreparable damage. Admin access gives someone the keys to important parts of the business and if not controlled correctly could spell disaster. Admins can change passwords, add or delete users essentially locking you out of your own business.
Viruses, ransomware and malware are on the rise and no business is immune. These types of attacks target thousands of users at once in the hope that someone will take an action that starts an infection. Malware kits are easily available on the internet making it easier than ever to perform these types of attacks. Anti-virus and malware protection should be installed on every device that connects to the internet. This will ensure the best protection against the newest forms of threat which will give criminals access to your network and data. Once installed these should be configured to run regular scans of existing and incoming data.
If your business uses any type of software application these should be kept up-to-date or removed if no longer used. Mobile devices such as smartphones and tables also need to have their operating systems and apps updated to ensure they are also better protected against the latest threats. There are many different ways your business could be at risk ranging from people (former staff, password management) to weak points in your business applications. Monitoring and keeping all of these elements up-to-date requires a structured approach. Our bundle of IT solutions with integrated security measures delivered through our management framework ensure that our clients are not only protected on day one, but can rest assured that the security of their systems will evolve to meet future needs as demands change. If you are concerned that your security measures are inadequate, or would like an independent assessment of your current IT environment you can contact us here (link to contact form). As IT support professionals we can ensure the above measures are managed to greatly improve your defence against Cyber Threats. When required, in cooperation with a trusted specialist security partner we can also offer additional security services such as in-depth penetration testing of your systems, information security consulting or staff security awareness training.