Cyber Security - What Does It All Mean??
2 Factor Authentication
Two-factor authentication is a security mechanism that requires two types of
credentials for authentication and is designed to provide an additional layer of validation, minimizing security breaches.
Generally, this either means a six-digit code is sent via text to your mobile phone, or you receive an automated call to your mobile with the code. This authentication requires you to register your mobile phone number and is used alongside your usual login details as a second layer of security.
Some service providers have their own code generating app which can be downloaded to your mobile phone and provides the code automatically.
Please let us know if you wish to implement this for Office 365. (emails)
16 Digit Password
We suggest that you now implement a 16 digit password for your emails, this gives extra security, normally this password is created from 3 different words – this will make it more difficult for people to hack your password.
Please let us know if you wish to implement this for Office 365 (emails)
Security Router (Firewall)
We recommend a Meraki Firewall router.
The advantages to this over a standard firewall/router is that it also provides content filtering to block access to questionable websites. It analyses the traffic through your network and as soon as it detects anything suspicious it will kill the connection. This router is available with an annual licence.
Office 365 has an extra feature to enable you to send encrypted emails.
For encryption – you would require the minimum licence of Business Essentials, and then a bolt on of Azure Information Protection Plan 1 – which is £1.52 pcm per user.
If your business handles sensitive data such as financial information regularly, e.g. solicitors, accountants, insurance brokers, IFAs; this security option is a must.
Advanced Threat Protection
Office 365 has an extra layer of protection for your emails against phishing emails. If you receive emails they deem suspicious, they will give you a warning before you click on any link.
As secure as we can make your network, vigilance is still required from the end user with regards to e-mails and its contents. Even if you had all the security in the world in place, it wouldn’t stop the end user from being able to click a link within an e-mail.
Any time you receive a possibly fraudulent e-mail, please contact ourselves to ensure its authenticity.
Firstly it is advisable to implement a number of backup strategies. Image backup via encrypted external drives which are physically taken offsite as well as offsite backup via the cloud. Datto is a box which allows an image of your server to be stored in the cloud, so in the event of failure, this can be accessed as a temporary server allowing you to continue to work and access files with minimal disruption. Datto also has a built-in feature which helps protect against cryptolocker ensuring that your backup is not affected.
We can also offer training on cyber awareness training for all staff should you require it.
We also offer Cyber Essentials Accreditation or Cyber Essentials Plus Accreditation which is available on an annual subscription.
Although you can implement all the technical security measures above, the last line of defence in data security is always the end user.
It is important to ensure that the users are aware of and understand what their responsibilities are regarding this and in the event any uncertainty they must please contact our IT Helpdesk.