Businesses may use a myriad of services and emerging technologies to grow their business, save money, and be more efficient in the realm of technology. As a business grows, so do the potential threats that could obstruct and damage operations. Organisations choose supportIT as their IT solutions and support partner for a variety of reasons, including dedication, knowledge, and trust. We are a relationship-driven company that works closely with each of our clients to accomplish their goals. We have compiled a few frequently asked questions which hopefully will assist you in understanding what we do and how we can assist your business.
1. What are the types of Cyberattacks?
- Malware Phishing – Tricking a user into downloading a malware attachment.
- Ransomware – Links into Phishing, Criminals Encrypt data then ask for money to decrypt
- Vishing – Trying to extract valuable information/bank details by pretending to be someone else over the phone.
- Spear Phishing – Researching a high value target(in Finance etc), developing a convincing backstory with personal information and intercepting an email conversation.
- Business Email Compromise – Using a phony email with a contrived pretext to request payment
- Clone Phishing – Replacing a single element of a legitimate email with malicious one to create a nearly identical email.
- Smishing (SMS + Phishing)- Delivering a malicious link via a short code to a Smartphone
- Pharming – Rerouting a legitimate traffic to an attackers page.
2. Why has there been an increase in Cyber Attacks?
- Attacks have tripled since 2020.
- Remote Users are being attacked because they are more vulnerable, are working disparately and separated from their processes & colleagues
- Reliance on Technology During the Pandemic – Technology can be easily used to impersonate
- Home machines are more vulnerable/Used by more than one person/Not Patched or Updated
3. How to increase awareness within your organisation
- People are the weakest link
- Clear IT Security Policies at induction, plus reporting procedures
- Regular Staff Training to ensure staff are aware of the latest threats
- Highlight attempted email scams so staff can know what to look out for
- Alerts work well for creating awareness
4. How to protect your organisation in remote working situations
- Agree policies that relate to all devices/BOYD policy/Protection
- Strong security policy to enforce user and device rules
- Strong password policies should also apply to 3rd party applications being used in the business, like CRM applications and Finance applications.
- Conditional Access based on user location
5. Which Threat Protection Solutions do you need?
- Anti-Virus – The best products are paid solutions with proven detection rates/Make sure that you include phones, tablets, laptops/Our recommendation is Webroot.
- Advanced Threat Protection (ATP) – ATP solutions block attempts to attack your network through inbound/outbound email in real-time. Security policies can be defined at individual and department level to meet the specific needs of your business.
- Multi-Factor Enablement – This is activated within the application itself/best practice to ensure your application is secure, particularly if you store personal identifiable or finance data.
- Data Loss Protection – For those organisations that have more stringent compliance. DLP is a built-in feature of Office365/activated through the management console.