Business Focused IT Support
Showing posts tagged with: firewalls

Keeping your network secure

by Nicki Dowsett in Anti-virus software, cybercrime, Disaster Recovery, Engineers, General, Helpdesk, IT Support, IT Systems, MPR IT Work, Password Security, Ransomware, Training

Keeping your network secure – this is a subject that should be carefully considered for any network whether business or personal. Technology is the main way that people communicate today and we increasingly rely on email communication. Cyber criminals are using this as an opportunity to send more and more scam emails, texts and phone calls. Often all very realistic. Making sure your network has the best security systems in place will help to keep your network and data secure.

Password Security and 2FA

When it comes to password security the one main rule is NEVER EVER share your password with anyone. Then next is to ensure that your password is difficult to guess. 123456 or password are sadly still often used despite them being so easy to guess. Making sure you have a password that is harder for criminals to guess is vital. Alongside using different passwords for each account. With so many passwords to remember for your work and personal accounts it is becoming harder to separate these out as well as remember them all. This is where 2FA( 2 factor authentication) is an advantage. Many on-line accounts now require 2FA, where you will enter your normal password and are then required to confirm the log in with an additional code generated by text, email or an authenticator app.

Finally if you are ever asked to reset a password via an email – check it is a genuine request. It is very unlikely that any organisation would ask you to reset a password unexpectedly. Many people unfortunately become victims of scams through realistic looking requests to update passwords.

Firewall – why do you need one?

In the construction industry, a firewall is historically the protection between two buildings to prevent fire spreading across adjacent buildings.

The computing equivalent works in a similar format. Acting as a security fence surrounding your network, a firewall observes and restricts information coming in via email or the internet. The firewall will only allow information from sources pre-determined by your firewall and can either be a network or host based security system.

In most homes and businesses, routers are used to enable the connection of various devices to the internet. Prior to routers, each individual device would need to be plugged directly into the modem. When connected directly in this way, a device has a public IP address a allowing information to be accessed by anyone on the internet. As technology has developed most devices will have their own firewall built in. However larger networks will have a separate firewall to protect the security of the network.

Antivirus Software – why do you need it?

Did you know that the first computer virus was released in 1971? The Creeper virus was not designed to be malicious or cause damage but was an experiment to demonstrate a mobile application. Today, it is believed that over 6000 new viruses are released each month.

Antivirus software, also known as anti-malware, is a computer program designed to prevent, detect, and remove malware. Antivirus software can protect users from: malicious browser helper objects, browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. There are various levels of protection available on the market. It is important that your choose the right anti-virus software for your network. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity, online banking attacks, social engineering techniques, advanced persistent threat and botnet DDoS attacks.

Security Awareness Training and Testing (SATT)

In addition to Firewalls and anti-virus software, MPR IT Solutions also offer SATT, Security Awareness Training and Testing. The purpose of this is to stop security incidents on your network, by providing your end users with Security Awareness Training and regular Testing. SATT is a fully managed service that is bespoke and tailored to every individual organisation. It takes up none of your time or resources, and is guaranteed to make a difference.

The SATT service combats the weakest cyber security link in any organisation – your end users – and is delivered in three stages over a 12-month service agreement. The total cost for the 12 month SATT service is far less than the cost of just one security incident.

Contact our team today

Supporting companies from a wide number of industries, MPR IT Solutions are experienced in the multitude of options across the markets and can tailor the right security systems to keep your network secure.

For more information on protecting and securing your network contact our team today on 0800 030 20 30 or email sales@mpr-it.co.uk

Read more

Cybercrime and your business

by Nicki Dowsett in cybercrime, Industry News, IT Support, Password Security, Uncategorized

Cybercrime and you

The hot topic for the first half of 2016 has been all about cybercrime, hacking and ransomware.  It seems that no company no matter the size is safe from attack.  In this blog we will talk about some of the companies that have been attacked and how this can ultimately affect you.  We will also talk about the steps you need to take to ensure your systems and network are secure.

cyber crime

Can you name a well-known organisation that has been attacked?  Here are just a few that you will know and possibly use:

Talk Talk – 57,000 customer personal details accessed and 15,600 customer bank details taken.  This caused uncertainty for many customers as to what had happened to their bank details and at what cost to them.  This attack cost the company upwards of £35million in compensation and loss of customers.  4 people were subsequently arrested in connection to the attack.

Vtech – Over 5 million customers affected by this attack on children’s manufacturer.  Accounts set up online to allow children to play games were hacked, leaving them vulnerable.  Whilst it did not store any bank or credit card details, it did store personal contact information.  The company were not even aware of the attack until contacted by a journalist.  A 21 year old was arrested, he had carried out this attack from his home in Berkshire.

BBC News, The New York Times, MSN – One of the more recent occurrence. These news sites were unwitting victims to malicious adverts on their sites or malvertising.  Tens of thousands of people were exposed to these adverts, which could deliver malware to your device, encrypting your files.  This was a large attack on well-known news outlets and if they had been successful could have been devastating for millions of people, however all ads were removed quickly.

Ashley MadisonThe chances are you don’t know the company by name, but will have heard this story.  The company are an on-line site encouraging extra-marital affairs.  The site was hacked and user details stolen.  The information was then leaked on-line causing many spouses to be very unhappy. We can all guess how that ended up for many people.

FBISlightly concerning that the Federal Government of America are also at risk.  The same hackers also accessed the CIA director’s personal email.  Having accessed the FBI Portal the hackers were then able to view records on arrested suspects.  These details were then leaked on-line.

Donald TrumpNow no matter your view on the Presidential candidate for the US, it is surprising that even businesses owned by one of the most successful businessman at are risk.  Malware was put into the Trump Systems and stole credit card details from hotels across the US.  It is not known how many people were affected by this, but expected to be in the thousands.  The hacktivists Anonymous have also recently announced they are declaring war on Trump.

cryptolocker

Now for some of the lesser known companies, some of which are in our own region, just to show you that it is not just the large companies in the world that can be vulnerable.  Do not have a false sense of security that this cannot happen to you.  Sadly everyone is at risk.

Solar UK – Based in Battle, East Sussex, this small business of just 11 people were hacked by the current largest terrorist organisation, ISIS. The company website was vulnerable to attack and unbeknown to them, the website had been taken off line.  Anyone searching for them, would be horrified to see CCA or the Caliphate Cyber Army videos.  This hack was apparently in revenge for a drone strike in Syria.  It is believed that the company was targeted by a search Robot trawling through the internet to find unsecure websites.

Chatham Town FCIn January of 2015, this small part time football club had its page hacked and in place of the usual content an image was put up supporting the perpetrators of the Charlie Hebdo attack in Paris.  Luckily all the content of the Football website was backed up and was back up and running after a couple of days with no data lost.

The list seems to go on and on of varying different business types that are vulnerable, we highly recommend that you review all your network and personal security.  The Government Cyber Essentials scheme backed by the FSB is key to help win any government contracts and is good practices for all businesses.  It is no longer something that businesses should think it would be nice to have in place, it is essential.  The risks are extremely high, not just for your customer’s details, but also your business as a whole.  If you are unfortunate enough to be attacked, it will be costly both in monetary value for custom, but also in getting it fixed and downtime for your staff.

These are the 5 key points on the Government Cyber Essentials scheme

Malware Protection – do you have a robust malware in place?  This will stop viruses and ransomware from getting through to your emails and employees.

Access Control – encourage your staff to choose passwords that would be hard to guess and not simply change the number on the end each time it needs to be updated.  Password or 123456 are not ever going to be good choices.  Also ensure that admin passwords are only given out to members of staff that should have access to these.

Firewalls – investing in a high end firewall can prevent hackers from gaining access to your systems and to make certain there are no leaks.

Secure configuration – Is your system configured to ensure security for your organisation.  Are all laptops, PC’s and phones password protected? Do files need to be password protected?

Patch Management – the likes of Microsoft and other operating systems regularly release new updates to their software.  Ensure you are fully up to date as these updates will often include patches to ensure your systems are more secure.  As hackers become more clever the software providers work hard to identify areas to increase security.

We also recommend you view the national cybercrime website or if you have any concerns about any of the issues raised in this blog – please contact MPR IT to discuss the current state of your network and if there is anything else we can help you with to improve security.

Read more