With the introduction of GDPR laws and an ever-increasing trend for online services, protecting our data is becoming more important. Cybercriminals know that gaining entry into a business's IT systems can provide a huge bounty. Whether through illegal activity such as credit card fraud or selling stolen data, cybercrime is extremely lucrative yet damaging for those targeted. Learn the basics on how to protect your business from cyber crime.
If you're one of those people who think that Microsoft's Windows Defender provides adequate security to protect your business, then let me tell you now, you're wrong.
Despite defender having improved over the years, it still lacks basic functionality, such as outlook and web-based email scanning, which unfortunately leaves users vulnerable to phishing attacks. Not only this, rather than automatically blocking and deleting found threats, it instead prompts the end user asking the question "run anyway?" which is a huge security risk, especially on larger networks. The purpose of such software is to take the guesswork out of what's legitimate and what may potentially cause damage to your IT systems.
SysFix is a UK partner of eSet cybersecurity, and from just a mere £4.78 per device per month, not only do you receive a highly dependable security suite, but it also comes fully managed too. That means we're alerted when a user downloads a virus and can take action on your behalf. We can spot trends so you can focus on training staff to prevent them from putting your systems at risk. We also manage all necessary updates and block and wipe any mobile devices which may have been lost. The eset antivirus renewal price is the same each month.
This service is available for PC, Laptop, Mac, Server
I should also mention that Apple Macs are not exempt from cyber threats. Sure, most viruses and malware are specifically targeted towards the Microsoft Windows market, however, ransomware and phishing attempts affect us all. Gone are the days where a simple virus causes mayhem, but today, such events have greater financial implications for both home and business users alike.
Whilst it's true that it's much harder to infect a mac, due to the fact it is built on UNIX ( a type of operating system ), it's equally true that a Mac user can be sent phishing emails asking them to reset a password account only instead, providing it to the hacker.
A business grade router has a much wider feature set compared to the free devices supplied by your internet service provider. Truth be told, those bundled routers cost less than £30 compared to an
These enhanced features allow you to lock down your network to further prevent
The most feature rich is the new 2862, which also incorporates 4G and external antennae, which can take over should your broadband connection drop or fail. These routers can form part of your disaster recovery plan as discussed below. The majority of companies cannot operate without an internet connection, and this business router provides a fail-over system to ensure that you're always online.
The black antennae shown in the image connects to the mobile phone signal to the 4G network, whilst the white antennae provide wireless internet on your normal FTTC (
So what else can these mighty devices do for you?
SysFix IT Support
This is, in my opinion, one of the most useful additions to your cybersecurity arsenal.
In short, when we log in to a service, Gmail for example, we use a password. Passwords can be easily guessed by using software and a list of words called a dictionary attack. Each word will be tried in turn until successful, so this is why we techs suggest mixing up your passwords a little with Capitals, Numbers, and Symbols.
Dual factor authentication simply means that you need to complete 2 items of security to gain access to a system. A common method is to send a pin code to your mobile phone which you also have to enter to gain access.
Accessing your network via VPN gives you full access to all computers within your
Forget hacking and penetration attempts from the outside world, as the most common cause of a cyber
It's imperative that your employees know how to spot potential security risks as a simple click of the mouse can infect your whole business, encrypt all your data and allow
Have you asked all your staff to sign an IT policy?
What's acceptable to your staff will be wholly different
By connecting to their personal email accounts, your staff may inadvertently download attachments infected by viruses, not scanned by your own software, leaving you open to a breach. They could also send company data out of the business to their personal accounts without leaving a trace.
Are they allowed to use USB sticks or bring their own devices to work?
USB devices move from device to device, frequently increasing the chance of picking up viruses and malware from computers without adequate antivirus protection. Equally as above, this allows a member of staff to take away company information. Let's be clear, a data breach does not necessarily have to come from the outside world. Stealing your companies credit card and customer database can have a detrimental impact on your business.
No matter how good your defenses are, from time to time, you're going to need to rely on a backup. Ensuring you can recover your data is another important step to avoid paying ransom demands when you've been infected with ransomware. The NHS was recently attacked in this way and each machine had to be wiped and reinstalled from scratch, causing significant downtime and distress for all involved.
Whether you choose to back up on-site or in the cloud, ensuring you have a data backup plan in place is an important step in protecting your business from a cyber attack. This forms an integral part of your disaster recovery plan.By ensuring your data is backed up, you can avoid the costly ransom attacks which require payment to retrieve your data. We always recommend a multiple approach to backup, and to not put all your eggs in one basket. A mix of on-site backup for speed and off-site for resiliency.
Your disaster recovery plan is made up of a number of steps that should be performed in order of importance, to resurrect your business in the event of a disaster. This could be the result of a targeted cyber attack, a critical power outage or a natural disaster such as a flood or fire.
Understanding how Information Technology affects your business is a critical part of creating a plan and identifying the specific needs of your disaster recovery plan. Most businesses cannot function for instance without E-Mail and Internet connectivity. In the event of a disaster, do you have a plan in place to ensure you can swiftly resurrect your critical services in another location?
Equally, having a finely tuned plan is all well and good, but unless you set time to test its effectiveness by actually performing a test run, you're never going to be 100% certain that it works!
Part of your recovery plan should also cover the fundamentals, such as a list of all your critical suppliers contact names and numbers, insurance plans and other emergency contacts or passwords.
Laptops, Phones, IPads and other transportable devices are at risk of being lost, misplaced or stolen. Without the need
By encrypting your devices, a little like dual-factor authentication, the end user is required to enter a second password or PIN to gain access to a system. All information on the machine is jumbled up and makes no sense to anyone until the 2 keys are entered, allowing the system to boot (start up).
This should form part of your GDPR plan (EU Data Protection Law), and this aspect does not need to be expensive. If you have Windows Professional, you can use
We all see junk emails in our inbox, probably every day, but there are many ways to significantly reduce the amount we receive. SPF, Domain-Key and spam subscription services all play a part in reducing risk and by risk, I'm not necessarily talking about reducing the annoyance factor, but the reduction of risk in respect of receiving a phishing email.
A Phishing email is an attempt to convince the end user that the email sent is legitimate but asks the user to provide some confidential information. This is usually in the form of a "click here to reset your password" or "please confirm your details" but all is not as it seems. These emails are formed to look as if they have been sent by your bank or another legitimate source, however, when you do take action (entering a password), all you're doing is sending the attacker your password.
An anti-spam solution costs on average around £8 per user per month so it's something that should be considered to reduce your risk. At SysFix, we have been performing a lot of office 365 migrations for our clients, which not only results in improved email availability but also introduces anti-spam tools that can be used to
Of course, if you put all the above steps in place and you're still unfortunate to become the latest victim of a successful cyber attack, you're going to want to ensure that your business can continue to operate and that your costs are covered or kept to a minimum.
Your business insurance may already include elements of cyber insurance cover, but it's certainly worth ensuring the critical aspects are covered and that you understand the fine print and excesses.
You'll want your policy to include these 5 components: