Cyber security is about protecting your company’s computer-based equipment and information from unintended or unauthorised access, change or destruction.
We now use the internet to do business, to advertise and sell, find new markets, customers and staff, communicate with customers and suppliers, and carry out our financial transactions. The internet brings huge opportunities and benefits. But it also brings risks. Every day there are attacks on the IT systems of UK companies like yours, attempting to steal your information and money or disrupt your business.
You can never be totally safe, but most online attacks can be prevented or detected with basic security practices for your people, processes and IT systems. These security practices are as important as locking your doors or putting your cash in a safe. You can manage your online security in the same way you would protect any other aspect of your business. With more customers demanding that their suppliers are secure, this is becoming a business necessity.
Requirements for IT Infrastructure
Take simple steps and your business will benefit. You can save money through adopting an efficient risk management approach – plan, implement and review. You can gain a competitive advantage by being seen to take security seriously. Good security can be an enabler for a thriving business: you will be protecting your assets, your reputation, your customers, and your peace of mind.
We recommend (and can help you to achieve) the following five (5) cyber security requirements:
• Anti-Virus & Malware Protection
• Software Updates
• User access control
• Security configuration
Firewalls create a ‘buffer zone’ between your own network and external networks (such as the Internet). Most popular operating systems now include a firewall, so it may simply be a case of switching this on.
The firewall has a list of security rules which can block traffic based on IP protocol, IP address, port number and/or applications. It normally blocks all non-valid connections and only allow connections originated from the users’ computer or a trusted computer, blocking non-solicited connections.
Anti-Virus & Malware Protection
Malicious software (also known as ‘malware’) is software or web content that can harm your organisation, such as the recent WannaCry outbreak. The most well-known form of malware is viruses, which are self-copying programs that infect legitimate software.
By installing anti-virus & anti-malware software, you can protect your company computer from most malware and viruses. It is such a simple step to take but one which so many forget or do not bother with. It really is not worth leaving it to chance. Make sure your company has an Anti-Virus & Malware Protection software installed on all computers and it is kept up to date.
Cyber criminals use weaknesses in software and apps to attack your devices and steal your identity. Software and app updates are designed to fix these weaknesses and installing them as soon as possible will keep your devices secure.
Users often receive a prompt on computers, smartphone or tablet to inform you that a software or app is ready to be updated. Do not ignore this message. The few minutes it takes to download and install the updates could save your company a significant amount of time and trouble in the long run, reducing the risk of you falling victim to identity theft.
User access control
Every active user account in your organisation facilitates access to devices and applications, and to sensitive business information. By ensuring that only authorised individuals have user accounts, and that they are granted only as much access as they need to perform their role, you reduce the risk of information being stolen or damaged.
Establishing and actively maintaining the secure configuration of systems should be a key security control. Systems that are not effectively managed will be vulnerable to attacks that may have been preventable. Failure to implement good configuration and patch management can lead to the following risks:
• Unauthorised changes to systems
• Exploitation of software bugs
• Exploitation of insecure system configuration
How can we help you?
We will help you manage the whole desktop life cycle, since the build until the machine is decommissioned and we will report devices compliance.
The figure below shows some of the tasks that we can help with: