Security

Security

  • Email Security

    Our email security solutions stops viruses, phishing emails and spam before they reach your inbox. We have solutions to fit all email systems, whether you have cloud based email (e.g. Google Apps/Office 365) or an on premise Exchange (or any other) mail server.

  • First steps for securing mobile device access: iPhone, iPad, Android etc

    Smartphones are fantastic. I can respond to emails from clients, suppliers and partners wherever I am. Using apps like Drive, Dropbox etc we can share important information. But what if I lose that phone - how do I stop people using it, getting access to client information, or otherwise harming my business?

  • How do you demonstrate to your clients you have adequate cyber protection?

    Most people understand how to physically secure their organisation, locks on the doors and windows, burglar alarm, security camera's etc. But most people don't understand cyber security, how do you make sure the protections you have in place are sufficient? How do you demonstrate that to your clients?

    Cyber Essentials is a simple but effective, government-backed certification scheme that will reassure you and your customers that you are following best practices and have adequate protections in place. It only costs £300 and also includes cyber insurance.

    We’ve done it ourselves, click here for proof. We've also helped several of our customers get up to standard and pass the certification.

    if you would like to talk about how we can help your business pass the Cyber Essentials certification please get in touch.

  • How is next-generation AV different?

    There is a lot of buzz in the IT world about Next-Generation Antivirus (NGAV), but what’s the difference compared to traditional antivirus?

    Traditional antivirus relies on signatures. A signature is like a fingerprint, a way to uniquely identify each malware item. The antivirus vendors attempt to obtain every single malware in existence to take their fingerprints. When your antivirus updates it is receiving the latest set of fingerprints. If you encounter a new strain of malware before your antivirus vendor does, your antivirus won’t detect it. Unfortunately the malware writers can just make a trivial change to their code and the fingerprint changes too.

    NGAV analyses the behaviour of each program running on your device. If a program is opening multiple files, encrypting them, then deleting the original then that’s behaving like ransomware. It will stop the program and move it to the quarantine. It does not rely on the vendor having seen that exact malware before.

    Other NGAV features vary between vendors, but some useful ones are:

    • Attack forensics - View the chain of events of a particular attack, which files were touched, etc
    • Sandboxing - Run a suspicious application in a safe sandbox before allowing it to run in your environment
    • Risk analytics - Get notified of risks within your organization such as misconfigurations, vulnerabilities etc
    • Device roll back - Roll a device back to the state it was in before the attack
    • Ransomware warranty - The vendor will pay compensation if due to ransomware the device roll back feature was not able to restore the device to the state it was in before the attack
    • Self Isolation - When a threat is detected, isolate the device from the network until the threat has been resolved

    Contact us to improve your organisation’s security

  • Is your business secure?

    Yes you say! You ensure the doors are double locked when the last employee leaves the office for the day and have a door code that is the length of your arm that changes every two weeks. You even have a decent CCTV system setup that catches the most insignificant of suspicious movements and alerts you by text message that a crisp packet blew past the front door. Ok so unless someone comes up with an ingenious plan that resembles a plot close to the Italian Job your business is safe. Right?

  • Laptop encryption, why you need it

    Do you lock the doors of your house when you are not in?  I hope the majority answer to this question is "yes of course I do, this isn't Canada you know!" This leads me to my next question. Are your organisation laptops encrypted? The answer to this question should be the same as the first but I bet it isn't. 

    No I don't think you all are spies before you ask, but I do think you should all be at least aware of why laptop encryption is a necessity for EVERY organisation and not just the ones that send their payslips to employees titled agent. 

    Let me quickly explain what encryption is and why you need it.

  • Moved everything to the cloud? What about Encryption

    Moved everything to the cloud? It’s tempting to think “I don’t need hard drive encryption on my laptops, there’s nothing important there”.

    Without encryption, if someone stole your laptop they could easily extract any saved passwords, and then use them maliciously, e.g. stealing, deleting or ransoming all the information you have stored in the cloud.

    With encryption you are safe in the knowledge that no one can extract any passwords from the laptop.

    Contact us if you want to secure your information.

  • Moved everything to the cloud? What about malware?

    Moved everything to the cloud? It’s tempting to think “I don’t need anti-malware on my devices, there’s nothing there anyone wants”

    Without anti-malware a keylogger would capture everything you type, including passwords, bank details and confidential client information.

    Your devices could be used as part of a botnet, causing your ISP to suspend your internet connection.

    Ransomware would render your device unusable even though there’s no information to encrypt

    Think of the damage to your business's reputation.

    Contact us to prevent these problems.

  • Password Policies - The Final Lock On The Door

    There are many elements to securing your business data, but one that gets widely overlooked is the inclusion of a strong password policy.  Although a 128 character password that is changed on a daily basis is secure, it is not that practical.  What policies can you apply to make unlawful access that little bit harder?

  • Phishing attempts are getting more dangerous

    A teacher at a school we support, forwarded to us a suspicious email from a student’s parent. It was a phishing email with a link to a website that looked identical to the school’s. But it was fake and requested the teacher’s username and password.

    Ultimately the hackers would be trying to get control of the school’s servers, get fake invoices paid, divert salary payments, install ransomware etc.

    We advised the teacher to delete the email, to advise the parent that their email had been hacked and to warn the other teachers.

    This was a school, but it could just as easily be a business, a charity etc.

    We offer security awareness training coupled with regular testing to improve your staff’s skills at recognising phishing attempts, and protecting your organisation from damage.

    Contact us to protect your business from phishing.

  • Phone call fraudster

    Recently a fraudster called a CEO and used a deepfake voice synthesizer to impersonate the voice of his boss at their parent company. They then instructed them to make a payment of £200,000. The CEO recognized the voice and proceeded with the payment as per their procedures.

    We stay on top of security news for our customers and warn and work with them to prevent losses like this. In this instance the fraud could have been prevented if their procedures included verifying the payment details by calling back via a known number. It is also important that other protections are in place such as two factor authentication, display name spoofing protection etc.

    Want to know more? call us

  • Stealthy Trojans need the 'door bouncer' treatment on your network.

    No, this isn't a blog post on Brad Pitt. 

    I'm hopeful you've heard of the mythical story of the Trojan Horse? Where, in 1194 BC, the Trojans built a gigantic wooden horse that was disguised as a gift and left it outside the City of Troy's gates. The people of Troy celebrated the peace offering and took the horse inside its impregnable walls. Little did they know, the horse was full of Trojan's best warriors - and at night, they jumped out; opening the gates to the Trojan army where they plundered and razed the city.

    The same ruse is now being used to enter our networks and steal our sensitive data. All it takes is a user to open or download a link sent from a malicious email that is disguised as secure and safe. A study in 2011 showed that a 69.9% of all malware attacks are Trojans.

    Once downloaded or opened, the malware infects your network or local computer. Attackers can then steal data such as credit cards, financial information, email accounts, passwords and emails, and even send thousands of emails to clients from your own email with the same link or file, creating a snowball effect that is hard to stop. Whatever is saved or used on your network is at risk.

    It's a network's Achilles heel.

    Thankfully, whilst Trojans are getting sneakier and craftier as technology gets more complex and advanced, so do the deterrents and prevention we can put in place. These prevention's act the same way as a bouncer at a club; checking ID's and making sure no unwanted visitors get in.

    That's what Telanova is; a bouncer. We monitor remotely and seamlessly in the background, allowing you to get on with the important work at hand without having to worry and lose sleep over network security issues. Contact us to find out how we can protect your network's city walls from attacks.

  • Tales from our helpdesk: Encrypted files

    Encrypting files is a really useful mechanism for protecting sensitive information. But there’s a risk that you might not be able to access the information in the future. Here’s a tale from our frontline support team.

  • Wifi for staff and visitors

    Customers and staff expect access to wifi at your premises, for very good reasons. If you simply give them the wireless code for your network, you'll expose your servers to attack from devices you don't control. You may have confidence in your guests' integrity, that they wouldn't deliberately hack into your servers, but malware could be running on their devices without their knowledge. So how can you provide guest wifi whilst also protecting your network?

  • Windows 7, Server 2008, Exchange 2010 End of Life

    In January 2020, Windows 7, Windows Server 2008, and Exchange 2010 will all reach Microsoft’s end of life. This means they will no longer get security patches making them unsafe to use.

    Most small businesses will be using at least one of these but are not aware of the looming deadline. This will cause a domino effect of upgrading or replacing hardware, applications etc that won’t work with newer versions.

     

    If you would like to talk to us about this and how we can help your business prepare for this deadline please get in touch.

  • Windows XP - how bad will it be when Microsoft ends support on 8 April?

    Quite a few customers ask whether it's safe to run Windows XP after 8 April when Microsoft ends support and ceases issuing security updates. They point out they'll still have antivirus, firewalls and server passwords to protect them. Is it really the cliff edge that it's made out to be? Our advice is yes, it really is that big a risk.

  • Would you trust a HTTPs verified site?

    Oh, you think you're so safe with your little green padlocks, huh?

    Think again. PhishLabs have recently published research where they have found a staggering 24% of phishing sites use HTTPS, an otherwise well known protocol that used to establish trust and privacy of using a site.

    Over the years, we have seen a massive push towards encryption of everyday services. Browsers now display a warning for sites that aren't encrypted and half the web now uses standard encryption for their websites. So why fight the competition when you can just join them?

    How many times have you visited a website and trusted inputting your sensitive financial data just because your browser says its safe? It's time for that behaviour to change!

    How to stay safe online

    Create complex passwords.Yes, I know, you've heard it all before. But the reason you've heard this before because it is the forefront of security, and arguably the most important part. Having a strong password (e.g. complex, numbers, capitals, special characters) can save you from a world of trouble.

    Be overly cautious.If its too good to be true, it probably is. Don't enter or give any information to anyone unless you can authenticate who they are. And, for whatever reason, don't click random links on the internet.

    Look into active web protection.In a day and age of increasing number of cyber attacks, we also fortunately have an increasing number of methods to protect ourselves. Look into installing some form of active web protection that blocks possible malicious websites e.g. McAfee

     

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand