Security

Security

  • Consider blocking USB sticks in your organisation

    What would you, or your most trusting colleague do on finding a USB stick in your car park? Would you try and find the owner? Perhaps plug it in and take a look?

    One tactic hackers use against valuable targets such as accountants, lawyers, architects, etc is to “drop” a malicious USB stick in their car park. There is a good chance a well meaning employee will plug it in and poke around to try and identify whose it is. Now the hacker has bypassed multiple layers of security and usually the only one left is the antivirus. If that doesn’t catch what’s on the stick then they’re in!

    The hacker will then steal your information, attempt bank transfer fraud, encrypt all your information so you can’t access it and hold you to ransom.

    Unrestricted USB sticks carry other risks too:

    • Unencrypted personal data could violate data protection legislation leading to fines, disqualification etc
    • A malicious employee can steal data with no/little trace
    • Booby trapped USB devices such as the USB Killer
    • Employee time wasting

    So, what can you do? For most organisations, cloud storage such as OneDrive or Dropbox can simply replace USB sticks and then you can block USB sticks outright. If your organisation has some niche need for them, then Microsoft Intune has fine grained permissions - e.g. allow particular employees/devices/usb sticks, while blocking the rest.

    Engage telanova to implement security measures appropriate for your organization.

  • Demonstrate to your clients you have adequate cyber protection

    Most people understand how to physically secure their organisation, locks on the doors and windows, burglar alarm, security camera's etc. But most people don't understand cyber security, how do you make sure the protections you have in place are sufficient? How do you demonstrate that to your clients?

    Cyber Essentials is a simple but effective, government-backed certification scheme that will reassure you and your customers that you are following best practices and have adequate protections in place. It only costs £300 and also includes cyber insurance.

    We’ve done it ourselves, click here and search for telanova for proof. We've also guided several of our customers through the process, getting up to the standard and passing the certification.

    If you would like to talk about how we can help your business pass the Cyber Essentials certification please get in touch.

  • Email Security

    Our email security solutions stops viruses, phishing emails and spam before they reach your inbox. We have solutions to fit all email systems, whether you have cloud based email (e.g. Google Apps/Office 365) or an on premise Exchange (or any other) mail server.

  • First steps for securing mobile device access: iPhone, iPad, Android etc

    Smartphones are fantastic. I can respond to emails from clients, suppliers and partners wherever I am. Using apps like Drive, Dropbox etc we can share important information. But what if I lose that phone - how do I stop people using it, getting access to client information, or otherwise harming my business?

  • How is next-generation AV different?

    There is a lot of buzz in the IT world about Next-Generation Antivirus (NGAV), but what’s the difference compared to traditional antivirus?

    Traditional antivirus relies on signatures. A signature is like a fingerprint, a way to uniquely identify each malware item. The antivirus vendors attempt to obtain every single malware in existence to take their fingerprints. When your antivirus updates it is receiving the latest set of fingerprints. If you encounter a new strain of malware before your antivirus vendor does, your antivirus won’t detect it. Unfortunately the malware writers can just make a trivial change to their code and the fingerprint changes too.

    NGAV analyses the behaviour of each program running on your device. If a program is opening multiple files, encrypting them, then deleting the original then that’s behaving like ransomware. It will stop the program and move it to the quarantine. It does not rely on the vendor having seen that exact malware before.

    Other NGAV features vary between vendors, but some useful ones are:

    • Attack forensics - View the chain of events of a particular attack, which files were touched, etc
    • Sandboxing - Run a suspicious application in a safe sandbox before allowing it to run in your environment
    • Risk analytics - Get notified of risks within your organization such as misconfigurations, vulnerabilities etc
    • Device roll back - Roll a device back to the state it was in before the attack
    • Ransomware warranty - The vendor will pay compensation if due to ransomware the device roll back feature was not able to restore the device to the state it was in before the attack
    • Self Isolation - When a threat is detected, isolate the device from the network until the threat has been resolved

    Contact us to improve your organisation’s security

  • Is your business secure?

    Yes you say! You ensure the doors are double locked when the last employee leaves the office for the day and have a door code that is the length of your arm that changes every two weeks. You even have a decent CCTV system setup that catches the most insignificant of suspicious movements and alerts you by text message that a crisp packet blew past the front door. Ok so unless someone comes up with an ingenious plan that resembles a plot close to the Italian Job your business is safe. Right?

  • Keeping your organization free from unsafe unsupported software

    You may think everyone keeps their IT up to date. But Windows 7 became unsafe to use a year ago and there are still 100 million devices running it.

    How can you ensure your software is still supported and safe to use? You could go to every device and make a note of the version of the operating system (e.g. Windows 7 Pro) and all the software present (e.g. Adobe Reader 9.2). Then cross check each with the vendor's website to see if it's still supported. Then update or upgrade any unsupported software.

    If that sounds like a lot of work... Then engage a proactive IT support team like telanova to handle it all for you. We actively monitor our clients' systems and software, identify those about to become obsolete, and guide our customers to the best solution to make sure they’re safe and efficient.

  • Laptop encryption, why you need it

    Do you lock the doors of your house when you are not in?  I hope the majority answer to this question is "yes of course I do, this isn't Canada you know!" This leads me to my next question. Are your organisation laptops encrypted? The answer to this question should be the same as the first but I bet it isn't. 

    No I don't think you all are spies before you ask, but I do think you should all be at least aware of why laptop encryption is a necessity for EVERY organisation and not just the ones that send their payslips to employees titled agent. 

    Let me quickly explain what encryption is and why you need it.

  • Moved everything to the cloud? What about Encryption

    Moved everything to the cloud? It’s tempting to think “I don’t need hard drive encryption on my laptops, there’s nothing important there”.

    Without encryption, if someone stole your laptop they could easily extract any saved passwords, and then use them maliciously, e.g. stealing, deleting or ransoming all the information you have stored in the cloud.

    With encryption you are safe in the knowledge that no one can extract any passwords from the laptop.

    Contact us if you want to secure your information.

  • Moved everything to the cloud? What about malware?

    Moved everything to the cloud? It’s tempting to think “I don’t need anti-malware on my devices, there’s nothing there anyone wants”

    Without anti-malware a keylogger would capture everything you type, including passwords, bank details and confidential client information.

    Your devices could be used as part of a botnet, causing your ISP to suspend your internet connection.

    Ransomware would render your device unusable even though there’s no information to encrypt

    Think of the damage to your business's reputation.

    Contact us to prevent these problems.

  • New Year’s resolutions for 2021: Sort IT out

    In 2020 we improved IT for many businesses. Here are some of the projects we’re most proud of:

    1. Supported our entire customer base’s shift to working from home
    2. Deployed SentinelOne next generation antivirus to all our customers
    3. For a private school we deployed a three-server remote desktop server farm
    4. For an accountant we replaced their entire server infrastructure
    5. Numerous laptop and PC fleet replacements

    Supported our entire customer base’s shift to working from home

    In February (seems a very long time ago now!) the prospect of mass work-from-home seemed likely. We helped our customers identify what the challenges would be and how they could prepare. For every customer we prepared our own plan, even if they weren’t ready to consider it at the time, so that we’d be ready to keep them working.

    Even with all that preparation we still had to manage a tidal wave! Our skilled engineers configured hundreds of VPNs and Remote Desktop connections so that our clients could work from home. And we advised on how they could make their work from home solutions secure.

    Deployed SentinelOne next generation antivirus to all our customers

    The increasing threats from malware, ransomware, viruses, phishing etc are major challenges for our customers. It is clear that traditional antivirus is no longer up to the task. Therefore we invested in SentinelOne, included it as standard in our support plans and have rolled it out to our customers. SentinelOne is a Next Generation Antivirus package, which we wrote about in our blog in July 2020. The following key features were pivotal in our decision making:
    • Uses AI to detect malicious behaviour, rather than relying on signatures
    • Can isolate an infected device from the network, preventing further infection
    • Ability to “roll back” a device to the state it was in before the malware struck

    For a private school we deployed a three-server remote desktop server farm

    To boost the School’s home working remote desktop capacity we needed to add three additional servers, but during the height of the first lockdown we wanted to be as safe as possible. We talked the on-site IT technician through installing the physical servers in the rack and starting them up. We were then able to connect remotely and complete the remote desktop server farm setup. They now have capacity for 150 staff to work from home at any time.

    For an accountant we replaced their entire server infrastructure

    This accountant’s three physical servers were 7 years old and although still performing ok, were well beyond their initially designed lifespan. We performed a comprehensive analysis comparing the costs and benefits of a cloud migration vs replacing the servers. Our customer chose to replace them rather than migrate fully to the cloud. Navigating the changing lockdown rules and supplier logistical issues gave us some headaches but we completed the project without any downtime during business hours.

    Numerous laptop and PC fleet replacements

    We have completed many laptop / PC fleet replacements during 2020 and have adapted our processes to keep our customers as safe as possible. Most have been completed by carrying out as much setup as possible in our office, re-shipping to the end-user, and talking through any remaining tasks over the phone.

    Contact us if you have a New Year’s resolution to sort out IT out in 2021

  • Password Policies - The Final Lock On The Door

    There are many elements to securing your business data, but one that gets widely overlooked is the inclusion of a strong password policy.  Although a 128 character password that is changed on a daily basis is secure, it is not that practical.  What policies can you apply to make unlawful access that little bit harder?

  • Phishing attempts are getting more dangerous

    A teacher at a school we support, forwarded to us a suspicious email from a student’s parent. It was a phishing email with a link to a website that looked identical to the school’s. But it was fake and requested the teacher’s username and password.

    Ultimately the hackers would be trying to get control of the school’s servers, get fake invoices paid, divert salary payments, install ransomware etc.

    We advised the teacher to delete the email, to advise the parent that their email had been hacked and to warn the other teachers.

    This was a school, but it could just as easily be a business, a charity etc.

    We offer security awareness training coupled with regular testing to improve your staff’s skills at recognising phishing attempts, and protecting your organisation from damage.

    Contact us to protect your business from phishing.

  • Phone call fraudster

    Recently a fraudster called a CEO and used a deepfake voice synthesizer to impersonate the voice of his boss at their parent company. They then instructed them to make a payment of £200,000. The CEO recognized the voice and proceeded with the payment as per their procedures.

    We stay on top of security news for our customers and warn and work with them to prevent losses like this. In this instance the fraud could have been prevented if their procedures included verifying the payment details by calling back via a known number. It is also important that other protections are in place such as two factor authentication, display name spoofing protection etc.

    Want to know more? call us

  • Stealthy Trojans need the 'door bouncer' treatment on your network.

    No, this isn't a blog post on Brad Pitt. 

    I'm hopeful you've heard of the mythical story of the Trojan Horse? Where, in 1194 BC, the Trojans built a gigantic wooden horse that was disguised as a gift and left it outside the City of Troy's gates. The people of Troy celebrated the peace offering and took the horse inside its impregnable walls. Little did they know, the horse was full of Trojan's best warriors - and at night, they jumped out; opening the gates to the Trojan army where they plundered and razed the city.

    The same ruse is now being used to enter our networks and steal our sensitive data. All it takes is a user to open or download a link sent from a malicious email that is disguised as secure and safe. A study in 2011 showed that a 69.9% of all malware attacks are Trojans.

    Once downloaded or opened, the malware infects your network or local computer. Attackers can then steal data such as credit cards, financial information, email accounts, passwords and emails, and even send thousands of emails to clients from your own email with the same link or file, creating a snowball effect that is hard to stop. Whatever is saved or used on your network is at risk.

    It's a network's Achilles heel.

    Thankfully, whilst Trojans are getting sneakier and craftier as technology gets more complex and advanced, so do the deterrents and prevention we can put in place. These prevention's act the same way as a bouncer at a club; checking ID's and making sure no unwanted visitors get in.

    That's what Telanova is; a bouncer. We monitor remotely and seamlessly in the background, allowing you to get on with the important work at hand without having to worry and lose sleep over network security issues. Contact us to find out how we can protect your network's city walls from attacks.

  • Tales from our helpdesk: Encrypted files

    Encrypting files is a really useful mechanism for protecting sensitive information. But there’s a risk that you might not be able to access the information in the future. Here’s a tale from our frontline support team.

  • Wifi for staff and visitors

    Customers and staff expect access to wifi at your premises, for very good reasons. If you simply give them the wireless code for your network, you'll expose your servers to attack from devices you don't control. You may have confidence in your guests' integrity, that they wouldn't deliberately hack into your servers, but malware could be running on their devices without their knowledge. So how can you provide guest wifi whilst also protecting your network?

  • Windows 7, Server 2008, Exchange 2010 End of Life

    In January 2020, Windows 7, Windows Server 2008, and Exchange 2010 will all reach Microsoft’s end of life. This means they will no longer get security patches making them unsafe to use.

    Most small businesses will be using at least one of these but are not aware of the looming deadline. This will cause a domino effect of upgrading or replacing hardware, applications etc that won’t work with newer versions.

     

    If you would like to talk to us about this and how we can help your business prepare for this deadline please get in touch.

  • Windows XP - how bad will it be when Microsoft ends support on 8 April?

    Quite a few customers ask whether it's safe to run Windows XP after 8 April when Microsoft ends support and ceases issuing security updates. They point out they'll still have antivirus, firewalls and server passwords to protect them. Is it really the cliff edge that it's made out to be? Our advice is yes, it really is that big a risk.

  • Would you trust a HTTPs verified site?

    Oh, you think you're so safe with your little green padlocks, huh?

    Think again. PhishLabs have recently published research where they have found a staggering 24% of phishing sites use HTTPS, an otherwise well known protocol that used to establish trust and privacy of using a site.

    Over the years, we have seen a massive push towards encryption of everyday services. Browsers now display a warning for sites that aren't encrypted and half the web now uses standard encryption for their websites. So why fight the competition when you can just join them?

    How many times have you visited a website and trusted inputting your sensitive financial data just because your browser says its safe? It's time for that behaviour to change!

    How to stay safe online

    Create complex passwords.Yes, I know, you've heard it all before. But the reason you've heard this before because it is the forefront of security, and arguably the most important part. Having a strong password (e.g. complex, numbers, capitals, special characters) can save you from a world of trouble.

    Be overly cautious.If its too good to be true, it probably is. Don't enter or give any information to anyone unless you can authenticate who they are. And, for whatever reason, don't click random links on the internet.

    Look into active web protection.In a day and age of increasing number of cyber attacks, we also fortunately have an increasing number of methods to protect ourselves. Look into installing some form of active web protection that blocks possible malicious websites e.g. McAfee

     

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand