8 Ways to Protect your Business from a Cyber Attack

Now more than ever, businesses need to be more aware of the dangers of cyber-attacks. Attackers are doing it for profit and are organised! Criminals are now more likely to be sitting in a plush office behind a powerful computer than physically breaking into your business premises.

The damages of a cyber-attack to businesses can be huge! From loss of crucial, confidential or sensitive data, to reputational damage and even GDPR fines if your client’s data is compromised. Ensuring you are vigilant is essential!

Sadly, there is no silver bullet to make your business secure from attack, however, here are some techniques to prevent a cyber-attack: 

  1. Security Assessment

Most companies only have a vague awareness of what a cyber threat is and the degree of damage that could result from an exposure.

Consider getting an assessment done that provides you with a written report of the level of risks and vulnerabilities, and the options and costs of addressing them. 

With a security assessment you can better manage the risk to your business, manage visible risks and prioritise the most severe threats, and have an agreed acceptance of the less severe risks.

  1. Spam and Malicious Email

When attacks happen, they often originate from emails. Filter your company emails for known spam or malware before they even reach your network. 

Consider banning users from accessing their private emails on company computers as it is common for corporate email to be filtered for malware, but personal email accounts such as Gmail etc, are not. If a user triggers malware contained in a personal email, on a company PC, the malware could infect PCs and servers on the company network with serious consequences.

  1. Passwords and Policy

Apply security policies on your network, for example, enforce rules about password length, complexity, and frequency of changing. Deny or limit USB file storage access and set screen timeouts.

One area of vulnerability is the accounts of users who are no longer with the company being left in place. Make sure you have a defined leavers procedure that includes locking, archiving or deleting inactive accounts.

  1. Multi-Factor Authentication

It is normal to provide a username and password in order to log in to all sorts of sites and applications. The problem is that if we are tricked into providing these credentials then an attacker can use them from any PC, anywhere in the world.

A simple form of multi-factor authentication can be provided by a free app on a mobile phone which continually sends out a one-time code that expires after a short period of time so that when you login, you will also be required to enter the code to add a secondary level of security. Even if an attacker gets you to provide it in a phishing attack, the damage is limited as the code expires in a short period of time.

  1. Updates

Keep Microsoft, Adobe and Java software updated with the latest security patches. Software vendors often discover bugs and vulnerabilities in their software, and they are constantly releasing updates to fix bugs and close down vulnerabilities. Many attacks take advantage of known vulnerabilities in widely used software that has not yet been updated. A regime of regular updates will minimise your exposure.

  1. Password Management [hyperlink to password blog]

We all use so many passwords both at work and in our personal lives, that it is hard to keep track of them all. If you re-use the same passwords for different sites and one of those sites is hacked, the attacker then has easy access to your accounts on the other sites. Consider using one of the many password management applications to make it easy to have unique and strong passwords for every application and website.

  1. Encryption

Wherever possible, the goal is to encrypt files at rest and in motion (think email); especially on mobile devices. Hard drive encryption is now an option included as standard in Windows 10/11 Professional. Be aware that the encryption only kicks in when the PC/laptop is shut down as opposed to the “sleep” option, so it is important that your PC/laptop automatically locks itself when it goes to sleep.

The use of VPN technology ensures that data being sent over the internet is encrypted. This is particularly important if you use publicly provided Wi-Fi such as in hotels and cafes to access websites for business purposes, or to remotely access your office IT systems.

  1. Firewall

In security terms your firewall is your front door. At the very least, the firewall should be kept updated so that it can scan for the latest malware incidents. The current generation of firewalls can do so much more than before, but in order to be effective they need active management. Make sure that Internet ports that don’t need to be open are closed. Turn on Intrusion Detection and Intrusion Prevention features. To discuss further ways to protect yourself and your business from cyber-attacks, email our team, info@beanit.co.uk or call us on 0121 667 8977

5 of the biggest Advantages of Office 365

Research shows that when it comes to productivity suites in the cloud, Office 365 is at least twice as popular as Google’s G Suite.

Implementing Office 365 can bring many benefits to any organisation. In this article, Bean IT looks into the biggest benefits of using Office 365.

Enjoy!

1. SECURITY

A very common misconception is that the cloud isn’t safe but with Office 365, Microsoft takes responsibility for security and reliability of hardware and storage.

Office 365 eliminates the cost of purchasing and maintaining expensive servers by offering:

  • Encrypted Email – Cloud based end-to-end encrypted email, accessible from anywhere in the world with an internet connection.
  • Data Loss Prevention – Your data is stored in the cloud meaning you aren’t storing data on devices such as memory sticks and USB drives which are liable to get lost, corrupt or damaged.
  • Mobile Device Management – Remotely monitor and access your Microsoft devices. If you lose a device, you can remotely log in and erase data to ensure your sensitive information doesn’t get into the wrong hands.
  • Advanced Threat Analytics – Live monitoring software that follows suspicious activity and makes you aware of ransomware, phishing and spam etc.

These are just a few security benefits.

Continue reading “5 of the biggest Advantages of Office 365”

Getting the most from your virtual meetings

Although some businesses are starting to plan to go back to the office, many of our clients are still working remotely and some are even reconsidering working from home as a business model going forward. We thought it may be of interest to read on some tips for getting the most out of your Virtual Meetings:

  • Lighting: Avoid windows or other major sources of light behind you as this causes your image to silhouette and darken so that you cannot be seen. Instead, use lighting from a window or lamp positioned behind your webcam and facing towards you. This will help avoid shadows on your face.
  • Camera position: Centre yourself in the webcam frame, leaving just a bit of room free above your head. Have the webcam adjusted to your eye-level to provide a straight-on view of your face. You may need to prop your laptop or webcam up on books or other means in order to achieve the best result. 
Continue reading “Getting the most from your virtual meetings”

Tips and Tricks for Working from Home

Many of us have been working from home under lockdown/self-isolation for a good few weeks now. What was initially unique, and maybe even fun for a while may have already got ‘tired’.

Here are a few ideas and tips that have been shared with us and we hope they are helpful to you:

Arrange the day around normal working hours – it’s only your commute that has changed. Start and end work at the same time as normal. Use what would have been your commuting time for arranging your working space, or perhaps for scheduling in some exercise. Make sure you keep coffee breaks.

Designate a working area. Make sure everyone in your house understands what your working area is. It’s not easy of course, especially with everyone in the family now having to do it together in a confined space. Try changing something; rearrange a table, a chair, something, even minor, just to create that mental separation that “this area is now for work”.

Don’t go to work in your underpants! Keep things as normal as possible. You don’t need to wear high heels or a suite, but you should still make sure you get up and dressed and ready for work as you would any other day.
Continue reading “Tips and Tricks for Working from Home”

Working from home during Covid-19

Bean IT are here to support you and keep your business working, however, we are sure you appreciate that the safety of our technicians is very important to us. All of our team are setup to work from home and calls and emails are being attended to as fast as possible. We have been deluged with calls and emails to support many of you who are now having to work from home and we are working through the requests as quickly as possible, but we do ask for your patience at this time.

Aside from setting up and assisting with home working environments, we’re aware that companies and individuals are seeing a large increase in attempts to breach security and privacy during this pandemic. With so many people now working from home, hackers have stepped up their attacks and we are seeing an increase in breaches.

Please protect yourself and your business by adhering to the following: Continue reading “Working from home during Covid-19”

Wishing you a Merry Christmas and Happy New Year!

Bean IT are celebrating 10 years of trading this year and have seen growth year on year since we started – thank you for your business that has made this possible. Most of our growth has come from referrals and we are very grateful to all our loyal customers for passing on our details and singing our praises. Continue reading “Wishing you a Merry Christmas and Happy New Year!”

Cyber Essentials Accredited

Cyber Essentials aims to help organisations implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously.  The scheme is available at two levels:

  • Cyber Essentials – an independently verified self assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
  • Cyber Essentials PLUS – a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks.

The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet.

Organisations that undertake Cyber Essentials are encouraged to recertify at least once a year and, where appropriate, progress their security.

Since 1 October 2014, Cyber Essentials became a minimum requirement for bidding for some government contracts (https://www.gov.uk/government/publications/procurement-policy-note-0914-cyber-essentials-scheme-certification

For further information, email info@beanit.co.uk or call us on 0121 667 8977

How Backups Can Save your Business in a Ransomware Attack

To prevent ransomware infecting your system you need a multilayered security approach.  From comprehensive and regular staff training, to machine learning antivirus software, to cloud storage/backups with version control, you need all of this to prevent viruses such as WannaCry taking hold.

What happens, however, when the virus finds a way through?  This is when the trusty offline backup can save your business. Continue reading “How Backups Can Save your Business in a Ransomware Attack”

General Data Protection Regulation (GDPR) – Things You Can’t Ignore

The General Data Protection Regulation (GDPR) comes into play among EU states on the 25th April 2018.  The new regulations are reported as the biggest shakeup in data protection for two decades.  GDPR will replace the existing Data Protection Directive 95/46/EC and closes many of its predecessor’s ambiguities. Continue reading “General Data Protection Regulation (GDPR) – Things You Can’t Ignore”