IT SECURITY \ Cyber security

In recent years IT security has become more important than ever. Organised crime syndicates, which can be based anywhere is the world are continuously working on ways to take money from us. This form of crime is so lucrative that it is estimated to be worth over $3 trillion per year globally, and this number is rising fast. Anyone with a device connected to the Internet is a target.

HOW DO CYBER THREATS AFFECT ME?

IT Security is about reducing risk, there is no product or service that can be implemented that will guarantee to make your business completely secure from any cyber-attack. What we can do for you, is to significantly reduce the likelihood of a successful cyber-attack on your business.

Unless your business is highly targeted, which means you have something of significant value to the cyber criminals, you will only really be at risk to volume attacks. These are automated attacks, or at least start as automated attacks, and are easier to defend against than a dedicated hacker.

 

What we can do for you

Having a firewall and anti-virus on your computers is no longer enough.

We implement a ‘stack’ of security policies and products on your network based on NIST and the ACSC essential 8 controls. These are organisations with a number of experienced cyber security experts. Following their guidelines means you are getting a comprehensive security defence, with no holes that can be exploited.

Cybercrime is a significant risk to your business and must be taken seriously, otherwise the cost can be significant, not just in time and money but in reputation as well.

Cyber security myths

  • My business is too small to be a target. Unfortunately not, any device that is connected to the Internet is a target. These criminals are out to take money from us, they will exploit every weakness.
  • My IT provider keeps me secure – Maybe, but are you sure? Many IT companies have limited security experience and are not doing anywhere near enough to keep your risk low. If they are not talking to you at your meetings about IT security, they are most likely not providing you with very much.
  • I know an IT security expert who says my business is secure – This may be true, but there are a lot of ‘experts’ around, unless the controls from a known security body are being followed, then there will likely be gaps, and gaps are where the cyber criminals get in.
  •  Security audits are very expensive – yes, they usually are, especially if you are looking at PCI or ISO compliance. However we conduct an IT security audit with every client, that follows NIST and is succinct enough to done in about 30 minutes.
  •  I can’t afford to spend a lot of money on IT security – It’s true that IT security can be very expensive, but it’s also true that ignoring it can also end up very expensive. We include our complete security stack now with our managed services agreements, making it affordable to any business.

 

 

Our audit spans the five core areas of the NIST framework as detailed below

 

 

The Essential Eight

1. Application whitelisting

Application whitelisting of approved/trusted programs to prevent the execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.

Why: All non-approved applications (including malicious code) are prevented from executing.

3. Configure Microsoft Office macro settings

Configure Microsoft Office macro settings to block macros from the Internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.

Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.

5. Restrict administrative privileges

Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.

Why: Admin accounts are the ‘keys to the kingdom’. Adversaries use these accounts to gain full access to information and systems.

7. Multi-factor authentication

Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.

Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.

2. Patch applications

Patch applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.

Why: Security vulnerabilities in applications can be used to execute malicious code on systems.

4. User application hardening.

Configure web browsers to block Flash (ideally uninstall it), ads and Java on the Internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.

Why: Flash, ads and Java are popular ways to deliver and execute malicious code on systems.

6. Patch operating systems

Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.

Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.

8. Daily backups

Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.

Why: To ensure information can be accessed again following a cybersecurity incident (e.g. a ransomware incident).

We’ve got you covered

As a part of being your IT Department, we include as standard a suite of security applications to ensure you have a solid foundation of layered security and protection covering the Essential Eight, Maturity level 2 and beyond.

 We are happy to answer any questions or discuss your vision and how we can add value with our services.

Call Now Button