.svg){kind=icon}
.svg){kind=icon}
.svg){kind=icon}
Here we share our basic and standard recommendations for IT security and support. There is often more than this, however these are what we recommend to most new (and existing) clients as “prudent minimums”. Please contact us to discuss what we would recommend in your situation.
The cybersecurity context:
Unfortunately, it is a dangerous world out there, and it is full of people constantly on the lookout for opportunities to attack your technology, and make money out of you.
If you do not have the basics of security in place, then you quite simply make yourself a more attractive target.
Why attempt to break into the well-secured house when the one next door is wide open and much easier?
Cyber criminals are not dissimilar to this. Like any ‘business’ person, they are looking for a return on their investment of their time, and hacking easier targets often gives that.
In fact, one of the reasons why more smaller businesses are being targeted, is that the bigger businesses and organizations are generally well-protected these days.
So, by our clients having a decent level of protection, you are less likely to be hacked successfully.
Important - virtually no amount of security can make you invulnerable. It is not about that. It is about spending the right amount of money for your situation, to reduce the risk. Even a modest spend means massively less risk than no or inadequate protection.
Standard Recommendations
Anti-Virus:
You need some sort of system to be able to prevent and/or detect many of the attack techniques used today. Traditionally known as “anti-virus”, today's software is often far more powerful than just detecting viruses.
We recommend a “managed endpoint security” service for most of our clients because of their general risk level. This is suitable for today’s complex threat environment at the small to medium business level.
We find the right level of security for your business needs, balancing protection without paying for more costly products.
We can manage this remotely via our cloud console, and every working day, a GTB technician checks that the system is performing as it should be. To read more about our security recommendations click here.
Patching:
A key way the attackers can exploit businesses is if the computer operating software is not up to date.
Microsoft is always updating its Windows and Server operating system, as new vulnerabilities are uncovered. These are then pushed out as updates, but these can fail or cause issues sometimes.
Many computers are not set up to take these patches. GTB has a system where we manage these updates, ensuring they are successfully applied, and ensuring the bad ones are remedied before you get them.
We call our system to do this SureIT Monitor+, and it performs many other useful functions as well. But, your computers need to be up to date with patching at all times.
Email Verification
DKIM and DMARC are two important technologies that enhance the security and authenticity of your email communications. They prevent spoofing, phishing, and spamming by verifying the sender's identity and the integrity of the message. They are rapidly becoming essential. They are applied to your 365 email account to help you avoid falling victim to cyber-attacks.
We have already applied DKIM and DMARC to our managed service clients (SureIT Remote, Full, Extended) as a part of your agreements.
2FA - Two Factor Authentication
We’ve written a few blogs about this over the years, and it is now becoming compulsory for many apps, including Microsoft 365. The bottom line is that for most businesses, having Two Factor Authentication in place is an absolute no-brainer.
Even if “they” do manage to get into your email account, having 2FA turned on will mean they can’t do anything unless they also have your smartphone.
Here is a previous GTB blog on 2FA and strong passwords
Strong Passwords
Similarly, the days of having your dog's name with a number after it as your password, and using it everywhere, are long gone.
Like all security, it is a bit of a hassle, but it needs to be done. GTB can help you with this to some extent, but what you and your team do is not an IT issue, it is a business issue. We highly recommend that you use strong passwords.
Here is another previous GTB blog about strong passwords
Team Awareness
It is still very true that most hacks are successful because someone clicked on something they shouldn’t have.
How do you support your team to be aware of these risks, and to be constantly vigilant?
Ask us about our Cyber Shield Program, which works with you and your team to help you stay up-to-date and aware of threats.
Hint - you can use the content of our e-comms and blogs (like this one) as topic starters for team discussions. For example, our occasional ‘need to know’ 2-4 minute videos are designed so that you can show them to your team, to help increase their awareness. Our gift to you. To see some from the past ‘need to know videos’ click here.
The five items above are our most basic and standard recommendations. There are obviously other things that you should be doing too. But if you have the items above ticked off, you at least have a prudent minimum level of protection in place.
How can we help?
If you are concerned about security, feel free to give us a call on 04 297 1040 or email us for a confidential, no obligation chat.
We know it can be overwhelming thinking about all of your IT needs, but GTB is here to make all of this as effortless as possible.
GTB was designed and built to be the 'one-stop-shop' for almost everything IT for 'busy professionals' in SMEs. This means that you only have one relationship to manage, and that we are incentivised to take care of your broader as well as day-to-day needs.
Allow us to be your IT partner for today and the long haul.
In Summary
You are far less likely to be successfully hacked if you have the basic precautions in place.
