Skip to content

Tag: cyber security

  1. Home
  2. Tag Archives: cyber security

The small hero of local storage

Down to earth, solid and secure

Keeping your organisation’s data in the Cloud isn’t always the only and right option. It’s more about finding an approach that suits you.

A survey in various countries across Europe has revealed that despite the opportunities that the Cloud offers, about 90% of employees still use USB drives to transport data. This is for good reason, as USB drives:

  • Allow you to work independently without the need for internet & Cloud access
  • Require a one-off investment only and don’t require any maintenance
  • Don’t need a lengthy set-up and contract

The nuclear option!

Yet we also know that many organisations lock down USB ports and ban their employees from using them. This isn’t always a sensible solution, as it limits flexibility and can encourage employees to search for workarounds such as private email or Cloud services.

Smart alternatives to the nuclear option of locking down USB ports include:

  • Rolling out encrypted USB drives company-wide to provide your users with the secure file sharing solutions they need to do their job quickly and effectively
  • Integrating encrypted USB drives into your companies’ security strategy and architecture via endpoint management
  • Educating your employees on data security and training them on how to use USB drives securely

Kingston’s encrypted USB drives come with a variety of customisation options that make them fit with your organisation’s security needs, strategy and policies.

How we can help

Complete IT Systems and Kingston Technology have the solutions, experience, accreditations and skills to provide your business with the security solutions you need. For more information call us on 01274 396 213 or contact us and we can call you back.

Driving Ferrari’s true cybersecurity

Connect, detect, protect.

When you’re one of the world’s most iconic brands, driven by the most successful team in Formula 1 history and people’s safety depends on the accuracy and availability of your data, you can’t afford to take risks. That’s why Ferrari trusts Kaspersky Lab to take care of its cybersecurity.

From its world-famous Maranello factory to the Formula 1 circuit, more than 5,000 Ferrari endpoints and systems globally are secured by the world’s IT Security specialists, Kaspersky Lab.

And as both companies’ technological vision and innovation extend to connected cars, Internet of Things and a constantly evolving web presence, Kaspersky Lab is deepening its technology partnership with Ferrari, delivering protection that extends beyond devices to the data itself, 24 hours a day, seven days a week.

“Though we work in very different industries, we’re united by the same core business values: technological leadership and a passion for innovation and getting forever better at what we do,” says Kaspersky Lab founder and CEO, Eugene Kaspersky. Speed, security, cutting-edge innovation…great ingredients for deepening a great partnership.

Always-on cybersecurity – everywhere.

In addition to the more than 300,000 unique pieces of malware Kaspersky Lab experts uncover every day, new threats are evolving all the time. As cyber criminals develop tools individually tailored to each victim, indicators of compromise are no longer enough on their own to help organisations detect attacks. The continuing march of ransomware and distributed denial of service (DDoS) attacks have joined with device integrity in an Internet of Things landscape to introduce new areas of vulnerability, particularly in manufacturing environments where new-found connectivity isn’t always accompanied by cybersecurity awareness.

In this environment, knowing where you’re vulnerable is as important as your ability to detect and prevent cyber-attacks. Rounding this self-awareness out with the latest threat intelligence to help anticipate what’s around the next chicane is vital for an organisation with Ferrari’s profile and reputation.

They need a security partner that doesn’t just keep pace with the latest threats, but stays ahead of them – while anticipating the vulnerability profile of the most innovative digital technologies. That’s why Ferrari chose to deepen its partnership with Kaspersky Lab. In addition to protecting traditional areas of company technology such as endpoints, ERP and PLM, Kaspersky Lab now works with Ferrari to protect its digital world through penetration testing, vulnerability assessment and threat intelligence.

Protecting the brand, ensuring availability

With a global web presence and a valuable brand to protect, it was critical that the company trusted to do this was not only global in reach, but global in its threat intelligence and analysis capabilities and expertise. Kaspersky Lab, already a trusted partner in protecting Ferrari’s endpoint ecosystem, was put through its paces and, once again, was the perfect fit to protect the company’s digital presence.

Defence against known web exploits, paired with threat intelligence and vulnerability assessment to anticipate and mitigate threats before they become a problem, is now another layer of Kaspersky Lab’s cybersecurity helping to protect one of the world’s biggest brands. On-demand scanning with minimal performance impact, protection from DDoS attacks, the capacity to provide actionable threat intelligence within strict platform specifications and complete confidentiality in reporting…just a few of the reasons Kaspersky Lab made it to Pole Position in Ferrari’s rigorous tests.

True security without compromise

But it doesn’t stop at the web: overall availability of systems, infrastructure and the applications running on them is of vital importance, but so is performance: “Performance, as you can understand, at Ferrari is very important, so we need to ensure security without compromise,” says Chief Technical Officer, Francesca Duri.

Tasked with ensuring the availability of the IT infrastructure for Ferrari’s manufacturing plants, Duri says Kaspersky Lab’s industrial cybersecurity solutions set it apart in a market where few mainstream vendors can offer this kind of expertise: “I was surprised in a very positive way when, working with Kaspersky, I learned that they already have solutions for security in this area. That’s the reason we’re working together and why we will keep working together to make sure the same level of cyber security applies to all the business areas.”

High performance under pressure gives you an edge

Ferrari operates one of the most sophisticated production lines in the world, where high levels of automation combine with precision techniques, test data and more than 2,000 employees to form a complex, high-value infrastructure with unique security requirements.

And that’s before you factor in the demands of a race weekend: with over 60Gb of data per car accumulating over the course of a race and multiple, real-time simulations using that data at the track, there’s a lot at stake.

“One of the advantages we’ve found in the collaboration with Kaspersky is their availability to follow our needs,” says CIO Vittorio Boero. “Kaspersky is a company I selected to work with in 2012 when I arrived here in Ferrari.” Like all the best relationships, this is one that continues to grow and evolve around shared vision, understanding and expertise.

Want to find out more?

As Kaspersky Platinum Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

What do eBay, Uber, LinkedIn and Superdrug all have in common? 🔒 🚩

Spoiler warning – they have all experienced cyber attacks in recent years.

British Airways and Marriott International are the latest organisations to have made unwanted headlines this week with a total of almost £300 million in fines handed out to the pair by the ICO.

It prompted us to think back to some of the other big security breaches that have occurred in recent years, and to again question how prepared the majority of businesses really are for cyber attacks.

This isn’t meant to be an exhaustive list, but it’s some of the big names that either affected UK firms or UK consumers (or both).

Superdrug
20,000 customer details breached, and hackers attempted to blackmail the pharmacy chain.

Equifax
Personal data from 145 million people stolen from the credit reference company.

Yahoo 
Every single one of Yahoo’s 3 billion accounts worldwide was hacked in 2013 (and details emerged in 2017).

WannaCry
The famous global ransomware attack affected more than 150 countries and 300,000 devices, targeting companies running outdated Windows software.

Uber

In 2016 hackers stole the data of 57 million Uber customers, and the company paid them $100,000 to cover it up. The breach wasn’t made public until the following year.

LinkedIn
Over 160 million accounts were compromised, and the leak was found to have been occurring for 4 years up to 2016.

eBay
145 million members’ personal details stolen in 2014. eBay’s response caused almost as much concern as the hack itself.

You can read more of the hacks in this excellent article from the BCS.

Secure your business

While these are all household names and therefore make the headlines, don’t be lulled into thinking that small and medium sized business aren’t also at risk.

Email is the leading source of modern cyber-threats which makes selecting the right enterprise email security is critical to your business success – this is vital even if you’re using Microsoft Office 365 as we discuss here.

Don’t miss what Forrester Research is saying about enterprise email security – Barracuda has been named a leader in the recent Forrester Wave Enterprise Email Security report.

 

 

Request your copy of the complimentary report now to read more!

How can I find out more?

As Barracuda Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

5 reasons you need Barracuda if you’re running Microsoft Office 365

Using Office 365 for your business productivity tools certainly has many advantages; easy, user-friendly accessibility from anywhere and at anytime, simplified email access, and reduced costs of business operations and management.

However, the migration and use of Office 365 isn’t without security risks. In this article we look at 5 of those risks, and how your organisation can get best in class protection from ourselves and Barracuda solutions.

1) Defend your Office 365 environment against email-borne threats

Barracuda Essentials for Office 365 stops spam, viruses, and known malware using signature-matching that leverages Barracuda’s vast global threat intelligence system, which gathers real-time threat data from millions of collection points around the world. It also includes a subscription to Barracuda Advanced Threat Protection—a cloud-based service that uses a multilayered architecture with a CPU-emulation sandbox to detect and block new (zero-day) and advanced, evasive threats before they touch your deployment.

2) Prevent data loss and theft

Outbound email filtering protects sensitive data against accidental or deliberate leaking. You can define keywords to look for, along with specific types of data (social-security and credit-card numbers, for example). And if your users have inadvertently allowed their systems to be used for botnet spam, Essentials ensures that outgoing spam and viruses are blocked.

Sensitive emails can be manually marked for encryption, or you can set up rules to automatically encrypt emails based on the sender, content, and other criteria. Your Office 365 emails are sent to the Barracuda Message Center for 256-bit encryption in the cloud. They remain encrypted via Transport Layer Security (TLS) until they reach the intended recipients.

3) Discover latent threats in your mailboxes

The email files stored in your Office 365 environment almost certainly include latent threats—malicious URLs and attachments that are just waiting for a single distracted click to launch an attack on your network. Given the volume and variety of threat-bearing emails, it’s not realistic to consider a manual approach to finding and deleting them all.

The Barracuda Email Threat Scanner is a cloud-based service available to anyone, at no charge. It scans your Office 365 email folders using advanced analytic techniques. It then delivers a report that details all the latent threats, including risk levels, affected users, and more. The information not only lets you clear out the latent threats in your environment; it also gives you the insights you need to adjust or improve your email security policies and strategies to reduce the chance of more malicious email getting into your system.

4) Don’t fall victim to phishing, brand hijacking, and domain fraud

The most sophisticated email-based attacks are the ones that personal. Attackers convincingly impersonate legitimate businesses, colleagues and even customers to obtain sensitive data and money. Barracuda Sentinel uses artificial intelligence engine to add real-time defense from email-based fraud.

Barracuda Sentinel automatically learns the unique communication patterns of each individual organisation. It uses this knowledge to find anomalous signals in the attributes of the incoming message’s metadata and content. It also adds DMARC (Domain-Based Message Authentication Reporting & Conformance) to track potentially sensitive emails being sent from your organisation.

5) Turn employees into a line of defence against phishing attacks

Phishing attacks are more convincing than ever, and they can be difficult to spot. To complicate matters, the attackers are targeting unsecured personal mail accounts more than ever. As a last line of defence, employees need to get better at spotting socially engineered spear phishing attacks.

Barracuda PhishLine provides leading-edge user awareness training to counter sophisticated phishing and socially engineered spear phishing attacks. PhishLine helps your users sharpen their anti-phishing skills with advanced phishing simulations along with end-user testing, reporting, and comprehensive metrics that let you take prompt and meaningful action against threats.

How can I find out more?

As Barracuda Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Sophos ranked #1 in malware detection

MRG Effitas recently conducted a commissioned test comparing endpoint protection products’ ability to detect malware and potentially unwanted applications. Six different vendors, including Sophos, were reviewed in the test.

  • Sophos ranked #1 at detecting malware
  • Sophos ranked #1 at detecting potentially unwanted applications
  • Sophos had an impressive false positive rate

Click here to download your copy of the report.

As Sophos Gold Solution Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

Request your no-obligation free trial via this link or call us on 01274 396 213.

 

Start-ups: How to start the right way with IT security

Always built on innovative ideas, intellectual property and the collective vision of its founders, startups take years to turn dreams it into real business plans and obtain funding to start operations.

But a new business can find itself in a spider web of competition and intense pressure to grow the business. There is hardly time to think about issues like Security. But when problems do occur, loss of critical business information is inevitable.

Complete IT Systems and Lenovo take a look at how you can start your business the right way and without breaking the bank in this age of unprecedented cyber security attacks.

Why are startups more susceptible to security issues than more established companies?

Most of the focus (understandably!) is on acquiring customers and driving profitability

According to a recent study by Champlain College, 60% of small businesses fail within six months of suffering a cyber-attack. Almost 31% of all cyber-attacks targeted companies with fewer than 250 employees. The point is that startups often rely on the perception that they aren’t significant enough to warrant the attention of cyber criminals. Criminal intent, on the other hand, will find the most natural targets first. As the IT resources of most startups are directed towards growth rather than security, these organisations are comparatively easy targets.

Lack of detailed data security policies

We live in an era where the mobile workforce is prevalent. Employees routinely use their business devices as well as personal devices for work-related tasks. The Champlain College study also shows that 60% of small businesses don’t have a privacy policy that employees must comply with when handling customers, such as sharing files using free sites and tools. As a result, these companies can’t be sure that employees are aware of the risks even when they merely sync data across their devices. The risk factor goes up as the digital touch points with customers expand with new ways of doing business.

Lesser capacity to sustain ‘damage.’

Big companies have dedicated resources and funding assigned to ensuring IT security. While damaging, a one-time data breach is not necessarily business-crippling to them. According to this ZDNet post, “The larger Target breach, which occurred in late 2013 and exposed over 40 million credit and debit card account numbers as well as 70 million other PII (Personally Identifiable Information) records ended up costing the company about $105 million, after subtracting insurance reimbursement and tax deductions for breach-related expenses. That is less than 0.1% of the company’s 2014 sales”.  However, 60% of small companies fail after IT security problems. Security problems can be more damaging to a startup, compared to a large and established business.

What’s the easiest way to increase security?

End-point security is the simplest and easiest way to boost security and protect your business. It ensures that only bonafide employees can access company PCs and data. It is the first and most crucial component of IT security infrastructure. Without it, even the most sophisticated IT security solution is incomplete. For startups, end-point security assumes even greater significance because it is easily accessible, affordable and straightforward to manage.

End-point security is the overall term for three categories of protection:

User access control
This set of technologies protects unauthorized persons from accessing company PCs. It doesn’t depend on passwords only, which can be stolen or hacked, but on a potent combination of biometric and secondary identifications.

Port & hardware protection
Port security features controlled help protect against theft of data from the USB and other access ports on company PCs. Hardware protection includes features that prevent access to the chassis of desktops and workstations, and also for inbuilt devices like cameras.

Data protection
Data needs to be protected from theft, and from inadvertent loss due to technical failures. Backing up data efficiently and automatically can be the strongest ‘peace of mind’ factor for startups. It is also necessary to ensure that if data loss or theft occurs, it is recoverable only by you, and unusable by thieves because of strong encryption.

What are the end-point security features that matter?

User Access Control

  • FPR (Fingerprint Recognition): A biometric security feature which requires the user to authenticate themselves using a fingerprint.
  • Smart Card Access: A highly secure way of storing login information in tamper-proof cards, that can also be used to manage access to multiple devices without using passwords.
  • NFC (Near Field Communication): NFC is a type of radio communication standard, much like Bluetooth, WiFi and other networking technologies. To snag the NFC signal to log in, the user needs to be physically close to the company’s PC, with the right NFC tag or secondary device.

Port & Hardware Protection

  • Smart USB protection: This is a USB security solution which blocks the data transfer capability of the USB port, but still keeps it functional for input devices like mouse and keyboard.
  • Camera Shutter: Camera hacking risks can be avoided by physically covering the camera. With the shutter built into the camera, protecting privacy just requires closing the camera cover.
  • Chassis lock: A lock and key mechanism for the chassis that prevents theft of components, including hard drives and graphics cards.

Data Protection

Full Drive Encryption (FDE): This is a method for encrypting hard drives in such a way that all data on the drive is always encrypted, without the use of third-party encryption solutions. FDE drives encrypt data on the disk by default. Used along with a hard drive password, FDE prevents unauthorised users from booting the drive and accessing your data, while full disk encryption prevents more sophisticated attacks, such as attempting to retrieve data directly from the drive’s platters.

Online Data Backup: Compared to tape archives, backing up your business data automatically online offers better speed and ease of use. Business continuity is assured when technical or natural disasters strike.

Hard drive retention: When a hard drive is replaced under warranty, this add-on service allows the company to retain the original drive. It ensures the data is always in safe hands and is never handed over to a third party.

Built-in security features of Lenovo products:

As Lenovo Platinum Solution Partners, Complete IT Systems can offer you expert advice on the Lenovo range and how it could be effectively deployed in your business. To find out more give us a call on 01274 396 213 or email  and we’ll get back to you promptly.

 

 

 

Live Webinar: Datto Intelligent Business Continuity Demo (28th June 2017)

Wednesday 28th June @ 11:00 BST

In these uncertain times of ransomware attacks and broader cyber security threats, your business can achieve data backup, recovery and business continuity for local, virtual and cloud environments – all within a single platform.

Are you currently providing the highest level of business continuity? If your company is not running Datto’s Intelligent Business Continuity, you could be missing critical pieces of the larger puzzle.

Our live webinar will explain the components of the solution and offer the opportunity to ask questions of the Datto and Complete IT Systems team.

How to attend: 

1. Please join my meeting.
https://www4.gotomeeting.com/join/765392965
Scheduled meeting time:
11:00am BST on Wednesday 28th June 2017

2. Use your microphone and speakers (VoIP) – a headset is recommended. Or, call in using your telephone.

United Kingdom: +44 330 221 0088

Access Code: 765-392-965
Audio PIN: Shown after joining the meeting

Meeting ID: 765-392-965

Ahead of the live webinar you can also click here to view a short video of the Datto SIRIS 3 solution and how it can help your business ensure full continuity and data protection.

Thank you for your interest and we look forward to welcoming you to the event on Wednesday.

The Kaspersky Cloud and how it benefits your business

The Kaspersky Endpoint Security Cloud couldn’t be easier to manage. It’s the most effortless – and powerful – way for busy IT pioneers to guarantee exceptional future-ready protection without sacrificing IT resources, time or budget. It delivers exceptional future-ready protection that couldn’t be easier to manage.

Bursting with next generation technologies, it’s perfect for the era of cloud, remote working and BYOD – eliminating risks and safeguarding your cloud investments for a secure, profitable, and exciting future.

In our next article, we look more in-depth at the features of the Kaspersky Endpoint Security Cloud, but for now we focus on the cloud and what it can do for your business.

The power of the cloud

The cloud is a powerful tool, so long as you know how to control it. With NEW Cloud Discovery technology, you can uncover and block unauthorised cloud use automatically.

Instantly stop the spread of malicious software, phishing, ransomware, spam and business email compromise (BEC), and enjoy automatically updated protection from Kaspersky Security for Microsoft Office 365 – included as standard.

Advance, discover, explore, with Kaspersky Endpoint Security Cloud – the easiest way to protect your business, without sacrificing your IT resources, time or budget.

How to get started – 2 FREE licenses and try it FREE for 6 months!

With two free mobile licenses per user, you’ll get a solid umbrella cyber defence for your organisation that follows your employees everywhere, and you can even enforce security policies remotely. Meanwhile, NEW Cloud Discovery takes the headache out of controlling their cloud use, uncovering and blocking unauthorized cloud use automatically.

To support remote working in this challenging time, we’re also offering 6 months’ FREE protection with the very latest version of Kaspersky Security for Microsoft Office 365.

This extends protection for SharePoint Online and Microsoft Teams, securing all collaboration and messaging channels within Microsoft Office 365.

Sign up NOW for a FREE 6-month license and take protecting remote workers and business data off your to-do list.

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

 

Linkedin Facebook Twitter Youtube