When you’re looking for IT support, there are so many different elements that need looking after we know it can feel a bit overwhelming sometimes. Often business owners don’t fully understand why they need something and end up leaving their business vulnerable as a result. Never fear, though. Here is a breakdown of our IT security package. It includes all of the tools we use to create a layered approach to your security defences, and what they’re for.
Advanced Email Security – Anti-spam
Barracuda
It doesn’t matter what football team you support, where you sit on the political spectrum, or whether you put jam or cream on your scones first – one thing unites us all, and that’s the knowledge that email spam, is an absolute pain in the proverbial backside. It fills your inbox, makes going through emails a longer task than it has any right being, and if you’re not paying full attention it can take a split second to click on a dodgy link that could end up causing you hours of pain.
That’s where Barracuda comes in. It’s fantastic at nearly all things email security, offering advanced threat management to protect you and your team. It offers end-to-end encryption, which means if someone intercepted a confidential email containing sensitive information like passwords or financial details, they would only see gobbledegook. Yes, we give you full permission to feel a bit like James Bond whenever you press send, it’s pretty cool.
It also fixes the dodgy link problem. Whenever you’re sent a link containing a URL, it dives in and follows the link to check that it’s safe to click on before you’ve even moved your mouse. If it isn’t, a warning will display.
It’s great value for all of the things it does, and it fits our monthly support model – you won’t end up fixed into a lengthy contract that you don’t need.
AI Phishing Protection for Email
Barracuda – Sentinel
As hacks become more and more sophisticated, using artificial intelligence (AI) to spot AI-based attacks is a great idea.
Sentinel flags emails if it thinks there’s something phishy going on. For example, it’ll highlight the use of Cyrillic letters. These are often used to mimic the Latin alphabet in URLs to make them look very similar to the originals at a glance. In this way, they can flag spam when it’s not immediately obvious in other ways.
You don’t absolutely have to have this, but it’s another layer of spam protection that can work really well in the rise of more intricate scams.
Advanced Endpoint Security – AntiVirus Plus
Bitdefender – GravityZone
Cybercriminals are only getting smarter. Where once you might imagine a hooded figure in a dingy room, typing away on their laptop and laughing like a supervillain, more and more cyber attacks are becoming automated. Your stereotypical cybercriminal is now probably living it up on a beach somewhere, while some code they’ve written does all their work for them sending out phishing scams to people via email.
With this in mind, you don’t really hear so much about viruses as you may have done before but that doesn’t mean they’re not still a very real threat, and if you end up being the victim of one it could be a catastrophe.
GravityZone is a next-generation antivirus. That doesn’t mean it uses confusing words like ‘yeet’ and tries to get you to do a funny dance on TikTok. What it does mean, is that it keeps up with the development of new viruses. It works by sandboxing, which means if it finds a threat within an email it shifts it to an area completely independent from all of your important stuff so it shouldn’t cause any major problems.
DNS Filtering
You might know this as the thing that can block social media across entire companies. However, although it can totally be used for that, there are other benefits too.
At the last count, (and it took us a while) there were over 1.7 billion websites on the internet. Not all of those are going to be good, secure and well-maintained with content appropriate for the workplace. DNS filtering prevents you from accidentally accessing websites that contain not safe for work (NSFW) content, or websites that might be malicious.
If you were to receive a convincing-looking email from someone pretending to be Facebook asking you to log in by clicking a link in the email, DNS filtering will pick up that it’s a website you’ve never visited before, and it’s in fact a phishing site looking for you to give away your details. It’ll let you know it’s not legitimate, which is called a ‘pattern interrupt’ grabbing your attention before you could accidentally make a costly mistake.
Human Risk management
Cyber threat training – phishing awareness
No piece of tech is 100% effective in protecting you against threats, which is why we harp on about it being important to layer security measures – it largely stops those pesky cyber criminals from finding a way to exploit weaknesses in your security armour.
However, occasionally something can slip through the net, so even if you’re confident in your own ability to spot a dodgy email, how do you ensure your entire team feel the same?
Training!
No one likes being taken away from their role for longer than they need to be. That’s why we offer simulations of phishing attacks and generate a report to show you areas where your employees could use some training. From here, we can then generate bespoke training plans, this will mean you’re only focusing on elements everyone needs to focus on, and not wasting time going over things everyone is already aware of.
Microsoft 365 Security Tools
Formerly known as Office 365, Microsoft 365 security tools are a selection of tools allowing your IT provider to monitor your network for issues. There are so many benefits to this, not least that most of the time it allows the early detection of problems, allowing us to fix things before you’ve even noticed that they’re an issue.
Much like the early detection of an earthquake, we can see small indicators that could point to a developing larger problem. Things like extra admin accounts being created, or bizarre rules being set up in mailboxes can all be indicative of hackers in the early stages of an attack. Although again they aren’t absolutely essential, we’ve used these tools in the past to foil hacking attempts that could have done a lot of damage, and the customers using them were very grateful they had it!
Password management
Last Pass
Last but by no means least, we have Last Pass. It’s a password management app that manages password security across devices and ensures unique passwords can be used for every login, without the need for anyone to remember them – the dream!
You can even share login details with people who need to access certain services, without them actually getting to see the log in. Very useful when working with third parties in things like marketing, or for virtual assistants. Although there are lots of great password management tools, Last Pass has a good heritage and really suits our way of working. The National Cyber Security Centre (NCSC) also advises using a password manager as a secure way of storing passwords in their guidance.
While this is all about prevention, what happens if it’s too late and you’ve already fallen victim to an attack? Read our post: Oh no! What to do if you’ve been hacked.