Year: 2018

You can’t always trust your employees to follow proper security protocols when they handle sensitive files, especially when they send them via email. That’s common knowledge, and it’s the reason why email Data Loss Prevention (DLP) tools exist. Their implementation allows you to automatically scan and set rules on any attachments that pass through your email gateway.

What does DLP do well?

DLP software works well as a rules engine; defining security rules, scanning and categorising email and attachments, and applying those rules. But DLP tools are an imperfect solution because they generally cannot enforce rules in a flexible way. DLP is therefore limited in the scope of what it can accomplish on its own. In broad strokes, when a DLP system detects an outbound e-mail attachment, it can do one of three things:

1. It stops the email altogether.
2. It allows the attachment to send through without any protection.
3. It puts the email into a queue for someone to review and decide whether or not to send it.

And not so well?

The first option is not a great choice, as employees are likely to find another way of sharing the file – FTP, a third party file sharing site or a dummy email address. With the second, you might as well not have DLP at all.

That leaves us with the third option, quarantine.

“One of the problems with DLP is that it can monitor users as they send data to unauthorised parties, but it isn’t as good at stopping them,” explains SearchITChannel’s Yuval Shavit, citing security expert Mark Finegan. “Clients can set the DLP filters to raise a red flag if a user sends too much encrypted data, but only a more in-depth investigation, conducted by humans, can determine if the encrypted content is inappropriate.”

What problems does this cause to an organisation?

Though some email attachments are mundane and low-level, they can also contain some of the most confidential information in your entire company. You therefore need somebody with enough corporate knowledge and security clearance that they know what to do with it. They have to know about your highest-level projects, your mergers & acquisitions, what highly-placed people you’re recruiting, and so on.

In most cases, that means a security officer, or someone who is similarly-positioned.

I have spoken to one organisation with security officers throughout the company that are expected to review forty to sixty emails captured by the DLP system per day. These professionals are already busy enough – they simply don’t have the time to carefully review such a large volume of email, especially if they’re expected to make an informed decision about each message. As a result, they simply bulk-approve the emails, and we’re back at square one.

So what’s the alternative?

Automation. BlackBerry Workspaces (formerly WatchDox) Email Protector gives you total control over your organisation’s email attachments. Through Workspace’s Digital Rights Management technology, you can ensure that your attachments can only be accessed by authorised users – and that they can only use the files in ways you approve.

And with Email Protector, Workspace’s controls can be applied automatically, based on your business’s existing DLP policies. No more delays on the receipt of important documents while your CSO tries to find time in the day to sit down and review them.  Your senior employees will be left free to focus on more important matters, secure in the knowledge that critical files are only accessible to those with the proper authorisation.

Email DLP tools are invaluable for preventing data leaks via email, but they’re incomplete on their own, and an inefficient approach to email security. Through integration with Email Protector, your company will have more control over your files, less time spent sorting out the details of email attachments, and a more flexible, more streamlined approach to email security.

Although ransomware attacks continue to make big news around the world, one of the most effective protective components is usually completely overlooked: Application Control with a Whitelist of approved applications.

Not only limited to ransomware, Application Control is a useful extension to any antivirus tool in any event as it can stop known and also unknown viruses.

Other recommendations to protect against ransomware and other potential breaches include the following:

• Patch management – clearly this is very important. However, in actual fact it mostly helps against the spreading of ransomware, and rarely actually defends against the ransomware itself.

• Backup – this is also a good thing. Nevertheless, backups do not help defend against ransomware, but only serve to limit its damage. This concept is a bit like home insurance – in the event of a break-in your valuables and the TV are stolen, but at least you get something back. However, you don’t get everything back, and it’s similar with ramsomware attacks your last editions of files may no longer available.

• No longer saving files locally. This can help but not always. It can, however, make daily work far more difficult if you don’t have the right collaboration solutions in place.

• Awareness is always required, especially to your users. Yet it seems that no matter how often someone is informed, mistakes are always made. In addition, attacks are also becoming more and more sophisticated. Therefore you can either prevent users from opening files and therefore risk reducing productivity, or the threat of ransomware remains high.

• An antivirus solution is generally a must, but only helps, as mentioned, against known viruses. All new malicious software versions potentially have a free hand for several hours, and even several days on end – and this time in the digital world can equate to years in the real world, meaning huge damage could be done.With this in mind, and the reality that new viruses are continuously being developed to be undetectable by anti-virus technologies, the shortcoming becomes more obvious.

What’s the solution?

And this is exactly where we come to the solution. Would you want to regulate access to your company or your bank by giving a doorman 350,000,000 photos of all known criminals worldwide? And also describe to him the patterns that make someone who is not in this list suspicious, for example because he is wearing a mask or has an empty purse with him?

Alternatively, you could give the porter the list of 20-30 people who are allowed to enter the building, and all others have no access and can be added to the list only after a review. This option is not only easier, but also significantly safer. And this is how application control works.

Further reading?

You can read EgoSecure’s Application Control whitepaper here.

More information

Click here for more information on EgoSecure’s solutions…

Want to find discuss your requirements?

As EgoSecure Specialist Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a convenient time to call you back.

See how the largest contract food service company in the world, Compass Group, harnesses the versatility of Microsoft Dynamics 365.

Want to find out more?

As Microsoft Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

With the increased use of cloud services and mobile devices comes increased opportunities for security breaches and cyber attacks. Ransomware, phishing attacks, malware, and other threats are becoming more frequent and widespread.

Is your organisation prepared?

You need to be able to run and grow your business from anywhere without interruption. That means it’s critical to be able to identify potential vulnerabilities before your network can be compromised, and to react quickly and effectively after an attack.

It’s also important to have greater visibility into suspicious activities that may threaten your information, and have the right systems in place to help you.

How can Microsoft help?

Microsoft 365 Enterprise helps you prevent, detect, and respond to emerging threats.  Microsoft 365 Enterprise helps you prevent, detect, and respond to emerging threats.

By combining the best of Office 365, Windows 10 Enterprise, and Enterprise Mobility + Security, Microsoft 365 helps you address your most pressing security concerns:

• Advanced threat protection to safeguard emails
• Protect device endpoints
• Detect suspicious activity quickly and see threats and spot patterns to help secure your business
• Rich reporting provides insights into who is being targeted
• Manage data protection and compliance needs
• Gain visibility into Shadow IT and assess risks – no agents required

Want to find out more?

As Microsoft Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Organisations in fields such as healthcare, government, and financial services are faced with several unique challenges where mobility is concerned. On one hand, they must follow frameworks and directives such as the MiFID II regulations that dictate requirements around encryption strength, data storage, and data discoverability.

On the other hand, workers in these industries have the same day-to-day working needs as anywhere else, and they must have access to the corporate resources they require to do their job. This includes having the ability to quickly and easily collaborate with one another and with external contractors, suppliers and partners. And in some cases, they demand the ability to use their personal devices in the workplace.

How can IT departments accomplish all of these requirements without significant security trade-offs?

BlackBerry has a long, successful history working with businesses in regulated industries, and offers a range of solutions to this challenge. The unified portfolio offers software solutions designed to meet the needs of clients working in any regulated industry, including:

• BlackBerry UEM, the single-screen endpoint, content, and application management platform. UEM ensures you’ll be prepared for GDPR and other data privacy regulations, with the ability to maintain consistent security policies, make users happier and more productive, and decrease IT support costs.
• BlackBerry Work, is an all-in-one, best-in-class secure productivity app. BlackBerry Work provides employees with integrated email, calendar, contacts, presence, document access, document editing, and more – all wrapped in BlackBerry’s leading secure container.
• BlackBerry Workspaces, offers an enterprise file sharing and synchronisation platform. Workspaces ensures that your organisation always remains in control of critical files no matter where they are, and its logging functionality is invaluable for compliance.
• BlackBerry AtHoc, provides an industry-leading crisis communications solution. With AtHoc, you can keep your people safe and accounted for through any crisis.
• BlackBerry SecuSUITE offers an easy-to-use encryption and recording solution for secure voice and text.

Endorsment by Gartner

Because of its comprehensive solutions suite and commitment to security, Gartner recently granted BlackBerry the top score in the Regulated Industries Use Case for its 2017 Critical Capabilities for Enterprise Mobility Management Report. A survey of enterprise customers, the Critical Capabilities Report details how advanced EMM users use their mobility solutions.

Furthermore, this is not the only time BlackBerry’s leadership has been recognised. In addition to being recognised a Leader in Gartner’s EMM Magic Quadrant, the company also received the highest score in 6 out of 6 use cases in Gartner’s Critical Capabilities for High Security Mobility Management Report last August.

Secure, manage, connect, and comply through BlackBerry

Balancing regulatory compliance with productivity doesn’t have to be difficult. You CAN ensure your business keeps sensitive data properly protected without impeding workers, and you CAN give employees the level of access and freedom they demand without putting your data at risk.

That’s what BlackBerry enables. With the BlackBerry Enterprise Portfolio, compliance, collaboration, and productivity need not be at odds. The solutions give your employees the access they need, and do so without putting any of your data, regulated or otherwise, at risk.

See how British challenger bank Redwood has put its customers at the centre of its business and IT operations using Microsoft Azure cloud.

Want to find out more?

As Microsoft Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Your employees need to access and share documents to do their job, but how do you control critical documents wherever they go – even on devices beyond the control of IT?

Watchdox by BlackBerry is available as SaaS, a virtual appliance or a hybrid and provides a single pane of glass to work with personal and enterprise content, uniquely combining consumer-style app interfaces with security to suit any enterprise requirement.

The short video below gives you an overview into the tool and how you can:

		Control and track your sensitive files by managing access, print, download, copy or edit permissions on any devices, protecting them from advanced threats, insiders, and more.
		Securely share files with anyone, with the power to wipe them at any time(even after download).
		Deliver secure mobile productivity, including viewing, editing, and annotating files on mobile devices.
		Securely mobilise and externally share your files stored in SharePoint, file shares and more.
		Send large files securely (up to 10GB in size).

This video outlines a roadmap to application modernisation using Microsoft technologies. Discover:

• Moderinising your infrastructure starts with Hyper-V
• The move from older operating systems like 2008R2 to 2016 is a good time to do a container evaluation
• Containers are “In the Box” with Server 2016
• Azure Stack provides on-premises integration for PaaS services

Want to find out more?

As Microsoft Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.