Sophos ranked #1 in malware detection

MRG Effitas recently conducted a commissioned test comparing endpoint protection products’ ability to detect malware and potentially unwanted applications. Six different vendors, including Sophos, were reviewed in the test.

  • Sophos ranked #1 at detecting malware
  • Sophos ranked #1 at detecting potentially unwanted applications
  • Sophos had an impressive false positive rate

Click here to download your copy of the report.

As Sophos Gold Solution Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

Request your no-obligation free trial via this link or call us on 01274 396 213.

 

Start-ups: How to start the right way with IT security

Always built on innovative ideas, intellectual property and the collective vision of its founders, startups take years to turn dreams it into real business plans and obtain funding to start operations.

But a new business can find itself in a spider web of competition and intense pressure to grow the business. There is hardly time to think about issues like Security. But when problems do occur, loss of critical business information is inevitable.

Complete IT Systems and Lenovo take a look at how you can start your business the right way and without breaking the bank in this age of unprecedented cyber security attacks.

Why are startups more susceptible to security issues than more established companies?

Most of the focus (understandably!) is on acquiring customers and driving profitability

According to a recent study by Champlain College, 60% of small businesses fail within six months of suffering a cyber-attack. Almost 31% of all cyber-attacks targeted companies with fewer than 250 employees. The point is that startups often rely on the perception that they aren’t significant enough to warrant the attention of cyber criminals. Criminal intent, on the other hand, will find the most natural targets first. As the IT resources of most startups are directed towards growth rather than security, these organisations are comparatively easy targets.

Lack of detailed data security policies

We live in an era where the mobile workforce is prevalent. Employees routinely use their business devices as well as personal devices for work-related tasks. The Champlain College study also shows that 60% of small businesses don’t have a privacy policy that employees must comply with when handling customers, such as sharing files using free sites and tools. As a result, these companies can’t be sure that employees are aware of the risks even when they merely sync data across their devices. The risk factor goes up as the digital touch points with customers expand with new ways of doing business.

Lesser capacity to sustain ‘damage.’

Big companies have dedicated resources and funding assigned to ensuring IT security. While damaging, a one-time data breach is not necessarily business-crippling to them. According to this ZDNet post, “The larger Target breach, which occurred in late 2013 and exposed over 40 million credit and debit card account numbers as well as 70 million other PII (Personally Identifiable Information) records ended up costing the company about $105 million, after subtracting insurance reimbursement and tax deductions for breach-related expenses. That is less than 0.1% of the company’s 2014 sales”.  However, 60% of small companies fail after IT security problems. Security problems can be more damaging to a startup, compared to a large and established business.

What’s the easiest way to increase security?

End-point security is the simplest and easiest way to boost security and protect your business. It ensures that only bonafide employees can access company PCs and data. It is the first and most crucial component of IT security infrastructure. Without it, even the most sophisticated IT security solution is incomplete. For startups, end-point security assumes even greater significance because it is easily accessible, affordable and straightforward to manage.

End-point security is the overall term for three categories of protection:

User access control
This set of technologies protects unauthorized persons from accessing company PCs. It doesn’t depend on passwords only, which can be stolen or hacked, but on a potent combination of biometric and secondary identifications.

Port & hardware protection
Port security features controlled help protect against theft of data from the USB and other access ports on company PCs. Hardware protection includes features that prevent access to the chassis of desktops and workstations, and also for inbuilt devices like cameras.

Data protection
Data needs to be protected from theft, and from inadvertent loss due to technical failures. Backing up data efficiently and automatically can be the strongest ‘peace of mind’ factor for startups. It is also necessary to ensure that if data loss or theft occurs, it is recoverable only by you, and unusable by thieves because of strong encryption.

What are the end-point security features that matter?

User Access Control

  • FPR (Fingerprint Recognition): A biometric security feature which requires the user to authenticate themselves using a fingerprint.
  • Smart Card Access: A highly secure way of storing login information in tamper-proof cards, that can also be used to manage access to multiple devices without using passwords.
  • NFC (Near Field Communication): NFC is a type of radio communication standard, much like Bluetooth, WiFi and other networking technologies. To snag the NFC signal to log in, the user needs to be physically close to the company’s PC, with the right NFC tag or secondary device.

Port & Hardware Protection

  • Smart USB protection: This is a USB security solution which blocks the data transfer capability of the USB port, but still keeps it functional for input devices like mouse and keyboard.
  • Camera Shutter: Camera hacking risks can be avoided by physically covering the camera. With the shutter built into the camera, protecting privacy just requires closing the camera cover.
  • Chassis lock: A lock and key mechanism for the chassis that prevents theft of components, including hard drives and graphics cards.

Data Protection

Full Drive Encryption (FDE): This is a method for encrypting hard drives in such a way that all data on the drive is always encrypted, without the use of third-party encryption solutions. FDE drives encrypt data on the disk by default. Used along with a hard drive password, FDE prevents unauthorised users from booting the drive and accessing your data, while full disk encryption prevents more sophisticated attacks, such as attempting to retrieve data directly from the drive’s platters.

Online Data Backup: Compared to tape archives, backing up your business data automatically online offers better speed and ease of use. Business continuity is assured when technical or natural disasters strike.

Hard drive retention: When a hard drive is replaced under warranty, this add-on service allows the company to retain the original drive. It ensures the data is always in safe hands and is never handed over to a third party.

Built-in security features of Lenovo products:

As Lenovo Platinum Solution Partners, Complete IT Systems can offer you expert advice on the Lenovo range and how it could be effectively deployed in your business. To find out more give us a call on 01274 396 213 or email  and we’ll get back to you promptly.