Cloud Business Logo - white

Success stories

Our customers come in all shapes and sizes.

We work with organisations from all walks of life, with different ambitions and requirements. Explore how we’ve helped them reimagine everyday, and align technology with their culture and business goals.

microsoft purview

What is WiFi as a Service?

WiFi as a Service is a subscription-based model and 24/7/365 support that gives you peace of mind knowing your  WiFi is in safe hands. You define the network that you need today, and we’ll seamlessly adjust to the shifts in demand.
View case study >

How to get the most out of the Azure Cloud

The Azure Cloud can offer businesses of all sizes and industries functionality that can increase productivity and enable innovation whilst decreasing overall costs. Find out how you can get the most out of the Azure Cloud, read on >
View case study >

Information security vs cyber security: key principles and differences

If your business is looking into how to prevent a cyberattack or data breach, it is important to first understand the different types of information security and their principles and differences. Find out more in this blog.
View case study >

5 best practices for cloud security

What best practices will help you shore up your cloud security most effectively? In this post we explore 5 to protect your networks, data and people.
View case study >

What is zero trust security and how can it be implemented?

To stay safe in 2021, the entire approach to network security must be reconsidered. If you want to find out more about zero trust security and how it can be implemented, read this >
View case study >

Cost of a data breach to UK businesses

What is the cost of a data breach for UK businesses, and how can you calculate the cost for your business? Read this blog to find out.
View case study >

Do you know how hackers attack?

The workplace has transformed rapidly over the past ten years, as enterprises look to take advantage of the emerging technologies. Increasingly, employers and employees alike are able to leverage modern communications platforms and cloud technology to greatly enhance productivity and collaboration. As adoption of internet-based solutions increases, however, so does cyber crime. Almost half of UK businesses suffered an attack in the past year, with many experiencing cyber security related issues at least once a week. Most employees are likely to have had some kind of security training, standard procedure for the majority of businesses now, but how many know exactly how hackers attack? Psychological tricks hackers deploy With more companies using strong security solutions, attackers are shifting focus to exploiting workers, rather than network and system vulnerabilities. These so-called ‘people hackers’ use four main techniques to bypass critical thinking. Understanding them can help you detect attacks before they do damage, reducing the risk of any human errors being made. The most common psychological trick is quite simple: providing, or seeming to provide, something the victim needs. Many of us scoff at emails promising free products, but it can be much more crafty than that. Perhaps you’re at a conference when the Wi-Fi goes down. Before you know it, a backup network is up and running, but you’re prompted to enter your credentials again. This captive portal, purposefully launched by an attacker, could distribute malware or steal information from your device. The hacker has created the need and the solution, without arising suspicion. Such attacks can be made more powerful if the attacker appears to be a person of authority. In recent years, there has been a rise in assailants that use information gathered about higher-level employees to impersonate them. From the victim’s perspective, it may look like their boss requesting an important document or credential. In reality, it could be an attacker posing as them. The further an attacker infiltrates a network, the easier such impersonation becomes. Information gathering acquired through these methods also helps a hacker launch attacks during stressful periods, when logical thinking is compromised. When a deadline is looming and stress levels are high, employees are more likely to lose focus and download a document or open an attachment without thinking. Finally, but crucially, hackers will try to divert your attention one way while performing an attack elsewhere. It could be as simple as an email from a “co-worker”, asking you to print and deliver a physical document to their desk, whilst your system is being compromised in the background. Here’s a useful snapshot that you can share with colleagues and employees within your organisation: Click on the infographic above to download a PDF you can share with your users. Dealing with a suspicious email Studies have revealed that around half of UK hacks are phishing scams via email. One in every 3,722 emails is a phishing attempt, and most of those make use of one or more of the psychological techniques above. With attackers getting more sophisticated, here’s how you can protect yourself properly: Naturally, adhering to the above as well as staying productive during stressful times can be difficult, but thankfully, there are solutions out there that do most of the heavy lifting. Email security tools scan all inbound emails in real-time to look for suspicious content and detect anomalies in sender addresses or email headers. These alerts are passed on to employees in their email client while attachments are scanned before they can be downloaded. If a user does click a suspicious link, it will open in an isolated browser to protect from malware and phishing attempts. Our partners LIBRAESVA have developed an insightful test to see how secure your organisation’s email is. Simply enter your email address and they will send you a series of test emails to see what gets through your email security.
View case study >

Remote working, VPNs and DDoS attacks

Why are VPNs vulnerable to DDoS attacks and why has wide-spread remote working because of Covid-19 and the lockdown increased this risk? Find out here.
View case study >

Now everyone’s remote working it’s time to address network security

Many organisations who have rapidly deployed remote working as a response to the coronavirus crisis, have left their network vulnerable to attack.
View case study >

Tackle IT security risks with these 5 strategies!

How can you keep your organisation safe from IT security risks? Explore these 5 strategies to protect your organisation, people and data.
View case study >

Six reasons why cyber crime is increasing, and what you can do about it

Why is cyber crime increasing and what threats do you need to protect your organisation from? Find out here >
View case study >
microsoft purview

What is WiFi as a Service?

Many IT companies are offering their customers WiFi as a Service, also known as Managed WiFi. But what is it and what are the benefits of outsourcing your wireless network to an IT provider? In this post we explain all!

WiFi as a Service subscription service

Instead of having an onsite IT department designing, deploying and managing your WiFi network, WiFi as a Service outsources it to a team of WiFi experts.

Managed WiFi, wireless as a service or WaaS – whatever you want to call it – is a SaaS subscription-based service. In the past, designing, procuring, and installing a WiFi network was a CapEx investment, with maintenance, monitoring and upgrades falling to your IT team.

WiFi as a Service turns this investment into an operational expenditure, with monthly billing covering everything from RF surveys, network design, procurement and installation, to ongoing maintenance, network monitoring, upgrades and technology refresh*.

Benefits of WiFi as a Service

Budgeting is a key benefit of a Managed WiFi service. The desire to move away from CapEx investments to OpEx is a common reason for purchasing this service. However, there are other benefits including:

  • Provides on-demand upgradability
  • Enables limitless scalability
  • Facilitates predictable payment schedules
  • Aligns costs with consumption, increases capital efficiency
  • Eliminates business risk
  • Increases network security
  • Freedom from depreciation cycles and term commitments
  • Lower total cost of ownership
  • Enterprise financial ratio stability
  • Superior 24/7/365 support

Perhaps the greatest advantage is that it puts the responsibility for performance, maintenance, and risk management into the hands of highly experienced experts. Freeing up your IT team to focus on other priorities.

Security and WiFi as a Service

WiFi network security is a critical concern for all organisations. This involves implementing appropriate security controls, authenticating and tracking users and monitoring the network for potential breaches. 

As with any other security service or solution, it’s only as good as the people who deploy and manage it. If you don’t have the skills or sufficient resource internally, a Managed WiFi services gives you access to a team of experts to protect your WiFi networks and defend against threats.

Next generation technology

If you need to make changes to your WiFi network, WaaS makes it easy. For example, adding new access points to expand the area covered by your network is straightforward and the cost reflected in your monthly billing. 

Upgrading your wireless tech is also easy. Depending on your contract, your IT provider will manage the installation of new technology, replacing legacy, every 3 – 5 years.  

Is Managed WiFi a good fit for your organisation?

Any organisation that requires a high-performance WiFi network can get value from this service. However, it’s particularly beneficial for those organisations where a fast and reliable WiFi network is required across a large square footage.

Retail outlets and shopping centres, commercial buildings and coworking spaces, healthcare settings, university and schools, leisure and hospitality sites, and manufacturing premises and warehouses, are good examples of where WiFi as a Service delivers significant value.

If your organisation needs to provide wireless connectivity across a large site, with multiple users (employees, visitors, customers, contractors etc.), and if the impact of downtime, poor performance and WiFi dead spots affects the bottom-line, outsourcing may be your best option.

To find out more about WiFi as a Service or to speak to our team about whether it’s a good fit for you, click here >

*depending on the IT provider and what their WiFi as a Service scope
View Case Study

How to get the most out of the Azure Cloud

The Azure Cloud offers businesses of all sizes and industries functionality that can increase productivity and enable innovation whilst decreasing overall costs. This may be through replacing existing physical infrastructure, or making use of next generation technologies such as AI and machine learning. 

However, migrating to the Azure Cloud does not guarantee cost savings as running workloads in the cloud without managing costs can result in unexpectedly high bills. Thankfully there are many tools within Azure to assist businesses to manage budgets effectively. In this article we discuss how businesses can get the most out of the Azure Cloud through effective cost management, next generation technologies, and by strengthening their security posture. 

Ready to start your Azure journey? Explore our Azure migration services here >

Take advantage of big data analytics

Technology-reliant businesses collect an exorbitant amount of data. This includes everything from data relating to customers and their buying habits to data captured from business processes. This data can be analysed to help businesses make better informed decisions to ensure long term sustainable growth. However, there are two key hurdles to overcome to truly drive value from captured data: storage and analytics.

To take advantage of big data analytics, first you must have an effective method of storing the necessary data. Azure has database options to suit all businesses and use cases. Some options for big data file storage include Azure Lake Store, and Azure Storage Blobs – the most flexible way to store blobs from numerous data sources These blobs can be any form of file including logs and database backups. Azure Data Lake Store is a hyperscale repository for big data analytic workloads which enables businesses to capture data of any size and type to store in a single location for analytics.

Once you have implemented a big data storage solution, they are able to use Azure to analyse the data to make informed decisions. Once again there are numerous big data analytics solutions available through Azure to meet different business needs. The three most common solutions include Azure Analysis Services, Data Lake Analytics, and Azure Synapse Analytics. All of these solutions are designed to quickly, and easily, scale regardless of how much data is collected and use next generation analytics to give powerful analytics that can enable data-driven decision making. 

Make use of Azure Cost Management

Regardless of what workload a business hosts in the Azure Cloud, it’s important to make the most of Azure Cost Management to get the best value for money. A simple way to do this is by using the cost analysis section of Azure Cost Management. This enables business leaders to view projections of future costs based on current usage. It’s also possible to enter a spending budget, and if usage looks likely to go over budget, take steps to reduce consumption.

You can also set alerts within the budgets section of the Cost Management tool for when a certain budget percentage is reached. When the alert is triggered, an email is sent to inform the business owner. This early notification makes it easier for businesses adjust their consumption to ensure they do exceed budget. 

Both suggestions will help you stay within spending limits whilst using the Azure Cloud. For cost optimisation, use the advisor recommendations section of the Cost Management Tool. This gives actionable recommendations of how to optimise costs to get the best value for Azure spend.

Enable SSO and MFA in Azure AD

Businesses that use Microsoft 365 are already making use of Azure Active Directory, Microsoft identity and access management platform but not all are getting the most out of the solution. Within Azure Active Directory it’s possible to enable Single Sign-On (SSO) which allows users to activate one set of login credentials for a multitude of Software-as-a-Service (SaaS) applications. Enabling SSO increases productivity as users do not need to enter multiple login credentials and it increases security, as users only need to remember one long, complex password, rather than many.

It’s also possible to enable multi-factor authentication (MFA) – an authentication process where a user must provide two or more forms of identification to login into their account. Azure AD Multi-Factor Authentication requires two or more of the following authentication methods: something you know (typically a password), something you have (typically a trusted phone or hardware key), and something you are (typically biometrics, such as a fingerprint or face scan). Enabling MFA greatly increases security and can stop 99.9% of account compromise attacks, as even if a cybercriminal knows a user’s login credentials, they can’t access their account.

Want to get the most out of the Azure Cloud?

These are just some of the many ways businesses can work more productively, save money and increase security through the Azure Cloud. If you have any questions about Azure please contact us. We’d be happy to help.

View Case Study

Information security vs cyber security: key principles and differences

Over the past two decades technology has advanced rapidly and fundamentally changed the way that businesses function. Whilst this has primarily been a positive experience for businesses, these advancements have also given rise to an increase in cybercrime. With the current prevalence of cybercrime, all organisations are currently at risk of falling victim to a cyberattack. Thankfully, many businesses are aware of the risk and starting to invest more time and money into protecting their data and systems.

If your business is looking into how to prevent a cyberattack or data breach, it is important to first understand the different types of security and their principles and differences. In this article we will discuss the definitions of information security and cyber security, the key principles of each and why they matter to your business. 

What is information security?

Information security are the practices organisations implement to protect their business records, data and intellectual property. These practices ensure that both physical and digital data is protected from unauthorised access, deletion, corruption, unlawful use, or modification. The key information security principle is the CIA triad, which is a focus on the balanced protection of the confidentiality, integrity and availability of data.

What is cyber security?

Cyber security is a branch of information security including the practices an organisation undertakes to reduce the risk of a cyberattack. These practices are focused on technology to stop cybercriminals from accessing sensitive information, extorting money from users, or interrupting normal business procedures. Common cyber security practices include protecting networks, endpoints and educating users on how to avoid an attack.

Find out how vulnerable is your organisation is to cyberattack. Explore the benefits of a Cyber Security Posture Assessment here >

Key information security principles

The key information security principle is the CIA triad, this includes:

Confidentiality – Protecting confidentiality ensures that that any sensitive information is not made available or disclosed to unauthorised individuals, entities or processes. Countermeasures that protect confidentiality include defining and enforcing access levels for information, as well as avoiding password theft, device theft and ensuring sensitive data is encrypted. 

Integrity – Integrity in the CIA triad is focused on ensuring that information has not been modified, and therefore can be trusted to be correct and authentic. Integrity can be comprised by a cybercriminal causing a data breach and modifying data for malicious reasons. Integrity can also be compromised by human error or poor access policies and procedures. Countermeasures that protect integrity include digital signatures, hashing, physical and digital intrusion protection systems, and strong authentication methods, including multi-factor authentication.

Availability – For a business to function effectively, it is important that information is available whenever it is needed. This means that all networks, systems, and applications are working as intended to allow authorised users access to resources as required. The key risks to data availability include hardware failure, natural disasters, denial of service attacks and human error.  Countermeasures that ensure data availability include backups, data redundancy, denial of service protection and a comprehensive disaster recovery plan.

Key Cyber Security Principles

Network security – Network security includes any measure taken to protect the usability, security and integrity of a network and its data. This includes hardware and software solutions designed to stop cybercriminals from accessing a network or spreading malware within a network. Some network security measures include firewalls, network-wide email security and anti-malware software, and authentication solutions.

Endpoint security – Whereas network security aims to protect a network as a whole, endpoint security aims to protect the individual end-user devices that connect to a network, however there is overlap between the two. These endpoint devices include desktops, laptops, servers, smartphones and IoT devices. Common endpoint security solutions include privileged access management, endpoint protection platforms, device anti-malware, application control and patch management.

User Education and Awareness – A significant factor in keeping businesses safe from a cyberattack is ensuring users of networks and systems have an awareness of common attack vectors. Some common attack vectors include phishing emails, compromised or weak credentials, malvertising and brute force attacks. If an organisation runs regular cyber security education and awareness training it enables employees to detect a potential attack or breach of procedure before it is too late.

Why information security and cyber security matter

In 2021, the greatest threat to all businesses, regardless of size or industry, is a cyberattack or data breach. As the methods cybercriminals are using become more complex and attacks more prevalent, if your business has not secured their network, systems, and information, now is the time to start taking security seriously. If you want to find out more about how to implement a comprehensive information security or cyber security solution within your organisation, get in touch today.

View Case Study

5 best practices for cloud security

The cloud is a shared responsibility platform. This means that although most cloud technology companies provide excellent cloud security tools, it’s down to you to ensure that what you move to the cloud is secure. 

Follow these 5 best practices to strengthen your cloud security: 

  1. Identity and access control 
  2. Security posture management 
  3. Secure apps and data
  4. Threat protection
  5. Network security 

Cloud security best practices 

1: Identity and access control 

Cloud security practice number one is to “assume breach”. This means behaving as if an attacker has breached the network perimeter and you need to do everything possible to protect your data and systems. 

Identity and access control is where you can prevent attackers already instead your network perimeter from accesses the most sensitive data. Deploy the following: 

Multifactor authentication – two or more of the following authentication methods 

  1. Something you know (typically a password)  
  2. Something you have (a trusted device that is not easily duplicated, like a phone)  
  3. Something you are (biometrics)  

Conditional access – set conditions that only allow sensitive resources to be accessed in certain way. For example, blocking or granting access depending on a specific location. 

Operate a zero trust model – verify everything that wants to authenticate or connect to your IT environment. More on the zero trust model here > 

2: Security posture management 

Get ahead of the curve by prioritising and actioning recommendations to improve your security posture. This helps to get you out of reactive mode where you’re constantly responding to threats. If your IT environment is in 365 and Azure, a free Secure Score Analysis will help you understand what actions to prioritise. 

3: Secure apps and data 

A layered, defense-in-depth strategy across identity, data, hosts, and networks protects your apps and data. Use encryption for data at rest and in transit, make sure your open dependencies don’t have vulnerabilities, and remember the cloud is a shared responsibility model (so you don’t have to do everything.) 

Here’s what you’re responsible for, what’s shared and what’s down to your cloud provider: 

4: Threat protection 

Ensure threat detection is enabled for virtual machines, databases, storage, and IoT. Use a cloud provider that integrates threat intelligence, providing the necessary context, relevance, and prioritisation for you to make faster, better, and more proactive decisions. Consider a cloud-native security information and event management (SIEM) to scale with your needs. 

5: Network security 

You still need to protect your network perimeter but remember a firewall is only as good as the people who deploy and manage it! If you don’t have time to do this work consider a Managed Service that will do it for you. Protect online assets and networks from malicious traffic by deploying Distributed Denial of Service (DDoS) Protection. Use virtual networking, subnet provisioning, and IP addressing to create a micro-segmented network that is harder to penetrate. 

If you need support strengthening your cloud security, get in touch for an informal chat about your IT environment. 

View Case Study

What is zero trust security and how can it be implemented?

In 2020, the global average cost of a data breach was $3.86 million (USD). On average it took businesses 207 days to identify the data breach, and 73 days to contain it. Regardless of the size or industry, all businesses are at risk of a data breach as they store valuable information, especially customer data. 

For this reason, businesses and security professionals alike are constantly searching for the best method of securing a network from all threats. 

Traditionally, most businesses use a castle-and-moat approach to security. This is where the focus of security is on the network perimeter and most of the security investment is in firewalls, proxy servers and preventing intrusion from outsiders. In theory this approach seems logical, however it has some key limitations. 

The castle-and-moat approach allows those within the network access to all data. This means that even if the moat is effective at keeping intruders out, it doesn’t stop users with compromised identities or insider threats. It’s also outdated as it was built for traditional networks and does not consider how networks have changed as businesses move to the cloud. 

Is your organisation at risk? Book a free cyber security health check with our expert team to find out >

Cyber security and hybrid work

With the workplace fundamentally changing, as hybrid work becomes the new norm, the traditional castle-and-moat approach is no longer viable. When all employees worked in an office space if a machine tried to access a network from outside the office it would raise a red flag. Now with employees working from home it is important to be able to accurately authorise and authenticate users, regardless of where they are physically located.

In order to overcome these limitations businesses must change the way they view network security; this is where the zero trust security model comes in.

What is the zero trust security model?

The zero trust security model assumes that there are malicious actors both inside and outside a network. Therefore, no users or machines are automatically trusted, and all requests must be authenticated and authorised. This verification is based on all data points, including user identity, device health, service or workload, classification and anomalies. Another key principle of the zero trust security model is least-privilege access. This states that users should only have access to the data they need to do their job, and nothing more. 

Why move to a zero trust security model?

The zero trust model greatly increases security and is a security model that considers how digital transformations have fundamentally changed businesses and their networks. This is particularly important as many organisations keep their data in the cloud, rather than on-premise. 

The modern network does not have clearly defined perimeters to protect, so the zero trust model moves the perimeter to each individual file. This model, especially the least-privilege access principle, significantly reduces the risk of an insider threat. As users can only access the data necessary to do their jobs it means they cannot access sensitive data that could be shared maliciously or accidentally. 

How to implement a zero trust security model in your business

There are multiple principles in the zero trust security model, and your business may already have implemented some of the necessary technology. However, transitioning to a comprehensive zero trust security model takes time and significant planning as it involves completely rethinking how a business views security. 

The key to successfully implementing zero trust architecture is to first take inventory of existing mechanisms and technology. It is important to consider how traffic flows through the network and what is currently controlling the flow. From there the business must implement the necessary technologies and policies in line with the zero trust principles. This includes identity access management, endpoint management, in-app permissions, data protection, and infrastructure and network security. Once your business has implemented all the necessary technology and policies it should be regularly reviewed and iterated upon to dynamically enforce policy changes.

The zero trust security model is a modern rethinking of what constitutes a comprehensive security solution for a business. It overcomes the limitations of the castle-and-moat approach and greatly reduces the risk of a data breach, even one due to an insider attack. However, the road to zero trust is not simple, and it takes time and expertise to ensure that all the potential benefits are realised. If your business is considering moving to a zero trust security model, and need some expert advice, please get in touch with our cyber security practice.

View Case Study

Cost of a data breach to UK businesses

Data protection is at the forefront of most CEOs minds this year as the inevitability of a data breach has become very much a reality for most organisations. While many public data breaches appear to be predominately in the US, we can’t afford to be complacent here in the UK.

The infamous data breach at TalkTalk in 2015 (actually the second that year, if not the third) certainly caused many people to wake up to this reality, not least after TalkTalk revealed that the cost of the October data breach amounts to £60 million. For a company with projected earnings before interest, tax and other items for the year ending in March of £255-£265m, and a dividend increase of 15%, this is not an insignificant amount.

Consider what it would mean to your business to have approximately a quarter of your income wiped out by a data breach. While we don’t know the breakdown of where the £60 million has been spent, we have a good idea of the costs a data breach incurs.

Stay safe by understanding current threats and your organisation’s risk level, explore our Cyber Security Posture Assessment here >

Calculating the cost of a data breach

The following factors can all contribute to the overall cost of a data breach. Although the average total cost of a data breach has risen year on year, £2.37 million based on the Ponemon Institute’s most recent benchmarking report, 2015 Cost of Data Breach Study: United Kingdom, where this money is spent as a percentage of the overall total has remained fairly stable.

  • Lost Customer Business: 43%* TalkTalk estimated they lost 101,000 customers following the October hack, but other estimates put this figure closer to 250,000.
  • Investigation and forensics: 16%*
  • Customer acquisition cost: 9%*
  • Inbound contact costs: 8%*
  • Outbound contact costs: 7%*
  • Audit and consulting services: 5%*
  • Public relations and communications costs: 3%*
  • Legal services – defence: 3%*
  • Legal services – compliance: 3%*
  • Free or discounted services: 2%*
  • Credit monitoring services: 1%*

Actual figures will naturally vary depending on the sector an organisation operates in, and the nature of the data breach. For example, ‘lost customer business’ will not be such a significant cost if the data breach only impacts on employee records. However, when looking at these figures CEOs should be aware that they may have higher risks and costs because of the sector they operate in. The table below shows the per capita cost by industry of those benchmarked organisations:

How to reduce the cost of data breaches

It’s not all doom and gloom. While another study by PwC – 2015 Information Security Breaches Survey – commissioned by HM Government, found that 9 out of 10 businesses in their survey had suffered some form of data breach; there are ways to reduce the cost to businesses. The Ponemon Institute study identified the following as factors that can reduce cost of a data breach:

  • Extensive use of encryption: up-to-date data protection methods protect both from malicious attacks and human error,
  • Incident response team: clear systems, procedures and key staff to deal with any data breach ensures that no time is lost addressing the breach and militating against it,
  • BCM involvement: awareness, training and planning for getting business critical systems back up and running in the event of an incident can reduce the costs associated with loss of business significantly,
  • Board-level involvement: sponsorship from the Board will ensure that cyber security and data protection procedures are embedded in the organisation,
  • Employee training: clear guidance and training on how to deal with a data breach, and how to recognise one (as well as prevention training), will result in a swifter and smoother response,
  • CISO appointed: fortunately for any Chief Information Security Officer reading this, your role is an important factor in preventing and reducing the risk and cost of data breaches,
  • Insurance protection: Data breach insurance naturally reduces the overall costs for the organisation, but may also be instrumental in putting better data breach planning in place so that incidents are managed effectively.

So although in all probability most businesses will experience a data security breach at some point, the risk can be managed and therefore the impact on your organisation reduced.

* Percentage of total cost for 2015, 2015 Cost of Data Breach Study: United Kingdom

View Case Study

Do you know how hackers attack?

The workplace has transformed rapidly over the past ten years, as enterprises look to take advantage of the emerging technologies. Increasingly, employers and employees alike are able to leverage modern communications platforms and cloud technology to greatly enhance productivity and collaboration.

As adoption of internet-based solutions increases, however, so does cyber crime. Almost half of UK businesses suffered an attack in the past year, with many experiencing cyber security related issues at least once a week. Most employees are likely to have had some kind of security training, standard procedure for the majority of businesses now, but how many know exactly how hackers attack?

Psychological tricks hackers deploy

With more companies using strong security solutions, attackers are shifting focus to exploiting workers, rather than network and system vulnerabilities. These so-called ‘people hackers’ use four main techniques to bypass critical thinking. Understanding them can help you detect attacks before they do damage, reducing the risk of any human errors being made.

The most common psychological trick is quite simple: providing, or seeming to provide, something the victim needs. Many of us scoff at emails promising free products, but it can be much more crafty than that. Perhaps you’re at a conference when the Wi-Fi goes down. Before you know it, a backup network is up and running, but you’re prompted to enter your credentials again. This captive portal, purposefully launched by an attacker, could distribute malware or steal information from your device. The hacker has created the need and the solution, without arising suspicion.

Such attacks can be made more powerful if the attacker appears to be a person of authority. In recent years, there has been a rise in assailants that use information gathered about higher-level employees to impersonate them. From the victim’s perspective, it may look like their boss requesting an important document or credential. In reality, it could be an attacker posing as them. The further an attacker infiltrates a network, the easier such impersonation becomes.

Information gathering acquired through these methods also helps a hacker launch attacks during stressful periods, when logical thinking is compromised. When a deadline is looming and stress levels are high, employees are more likely to lose focus and download a document or open an attachment without thinking.

Finally, but crucially, hackers will try to divert your attention one way while performing an attack elsewhere. It could be as simple as an email from a “co-worker”, asking you to print and deliver a physical document to their desk, whilst your system is being compromised in the background.

Here’s a useful snapshot that you can share with colleagues and employees within your organisation:

Click on the infographic above to download a PDF you can share with your users.

Dealing with a suspicious email

Studies have revealed that around half of UK hacks are phishing scams via email. One in every 3,722 emails is a phishing attempt, and most of those make use of one or more of the psychological techniques above. With attackers getting more sophisticated, here’s how you can protect yourself properly:

Naturally, adhering to the above as well as staying productive during stressful times can be difficult, but thankfully, there are solutions out there that do most of the heavy lifting. Email security tools scan all inbound emails in real-time to look for suspicious content and detect anomalies in sender addresses or email headers. These alerts are passed on to employees in their email client while attachments are scanned before they can be downloaded. If a user does click a suspicious link, it will open in an isolated browser to protect from malware and phishing attempts.

Our partners LIBRAESVA have developed an insightful test to see how secure your organisation’s email is. Simply enter your email address and they will send you a series of test emails to see what gets through your email security.

View Case Study

Remote working, VPNs and DDoS attacks

Covid-19 and the lockdown has dramatically increased the use of Virtual Private Networks (VPNs). At the beginning of 2020 most organisations would have had the majority of users connecting to the network locally, and just a handful of remote workers connecting via a VPN. Since March 23th that dynamic has changed, with the majority of users now relying on remote connectivity for work. 

This has naturally come with a few challenges. Connectivity issues are common when a user doesn’t have enough bandwidth. But this can often be resolved by ensuring that other people sharing the home WiFi are not on Netflix or House Party while a remote worker is trying to work!  

via GIPHY

The biggest challenge is security and specifically Distributed Denial of Service (DDoS) attacks. VPNs are easy targets and multiple users accessing the network via VPNs dramatically increases the surface area for these attacks. 

What is a Distributed Denial of Service (DDoS) attack? 

DDoS attacks take advantage of network capacity limits and will send multiple requests to a network resource with the aim of exceeding its capacity to handle multiple requests. As a result it overloads the system and prevents the network resource from functioning properly.  

Typically, attackers target website resources with the goal of a ‘total denial of service’ so that the victim’s website won’t function. This may be for the purpose of demanding payment to stop the attack, to discredit a company or as a smoke screen to steal sensitive data. Targets are often online businesses like ecommerce retailers, IT and telecom companies, financial service providers and banks, and government organisations. 

The financial consequences of an attack vary depending on the size of business and the network resource attacked. A DDoS on an ecommerce website will cost the business in lost sales, remediation and potentially any payments to stop the attack.  

Why are Virtual Private Networks (VPNs) vulnerable? 

While hackers generally target website infrastructure, the Covid-19 pandemic and widespread remote working has presented them with another opportunity. There has been a significant increase in malicious attackers launching DDoS attacks on VPN infrastructure at a time when they know the impact will be most felt. 

Even low volume attacks can overwhelm VPN concentrators and firewalls, and low volumes are likely to go undetected by DDoS defences – as they don’t get triggered. Secure Socket Layer (SSL) VPNs are also vulnerable to SSL floods, where they are unable to handle high volume of SSL handshake requests. Randomised UDP floods or IKE floods are also an issue. Internet Key Exchange (IKE) is used by IPSec VPNs for authentication and encryption handshaking. 

What can you do to secure your network? 

As your remote VPN applications and concentrators may be old and previously only used as gap-filling IT infrastructure for a small number of remote users, you may not have optimised DDoS protection for your VPN or have tested your VPN infrastructure against this type of attack. 

To identify threats and attacks your cyber security tools need to know what normal looks like, and VPN traffic currently looks very abnormal compared to what it looked like at the beginning of the year. 

Monitoring and alerting are therefore essential to initially build a picture of what’s normal behaviour, and for real-time visibility on what’s happening on your network. With this information you can fine-tune DDoS policies to ensure attacks are identified in real-time. 

To help address this challenge our recently launched cloud based Virtual SOC service now extends visibility beyond the perimeter to include VPN activity. This new feature will enable vulnerable businesses to quickly and cost effectively address the significant risks faced through the increase in VPN activity 

In response to Covid-19 and the increase in remote working, we are also offering customers a free Cyber Security Health Check. For further details please visit this webpage or contact us directly to find out more. 

Stay safe 

View Case Study

Now everyone’s remote working it’s time to address network security

For many businesses the last few weeks have been spent firefighting as business continuity plans are rapidly enacted and remote working is deployed.

New users have been added to collaboration tools like Microsoft Teams, remote working policies dusted off and distributed, and perhaps you’re now seeing a slowing down of support tickets as remote workers settle into the new normal.

Now’s the time to review where you are and start optimising tools to ensure staff can perform at their best and that business continues where possible.

The most essential job is to shore up network security.

If you’re concerned about remote working ad security threats, book a free consultation with our CSO to discuss what solutions you have in place and where you might be vulnerable to attack. Click here to arrange a call >

Remote working network security threats

The rapid deployment of remote working may have left your network vulnerable to threats – both insider and external threats.

Insider threats

At this time, insider threats are most likely to be in the form of human error as users are becoming familiar with new technology and ways of working, and hackers exploit their lack of knowledge. It is therefore essential to raise awareness of current threats – especially phishing and social engineering attacks – and offer users training and support.

We’re also seeing Covid-19 phishing attacks which are preying on people’s fear and anxiety over the coronavirus pandemic. There are scams targeting vulnerable individuals with the goal of relieving them of their cash, but also attacks designed to access your organisation’s data using employees to establish a connection to your network.

Email security gateway tools can provide add another layer of protection when users are working remotely – these can be easily deployed on premise and in the cloud. Please get in touch if you would like to learn more.

Personal devices and home WiFi

There are several security issues with personal devices and home WiFi. The first is that personal devices don’t have corporate security controls which means they are easier to hack, similarly home WiFi may be insecure.

User behaviour can also be a threat. Employees may be worried about job security and that may lead them to download work files and data onto their personal devices – either because they think they may soon be in the job market or because they think it will be easier to perform their job

If your company is relying on users own personal devices rather than providing them with corporate devices, there are tools like Microsoft Intune to help you protect data and manage access to corporate systems on your user’s own mobile devices.

VPN brute force attacks

In the last two weeks, ZDNet has reported a 33% increase in enterprise VPN connections. That has increased the opportunity for VPN brute force attacks as there are over a million more targets to exploit than earlier in the year.

Attackers target a VPN portal and blast it with multiple authentication attempts using pre-gathered lists of credentials. As some companies have disabled built-in lockouts to reduce support tickets from users who are struggling to remember their logins and get connected remotely, these companies are especially vulnerable to a brute force attack.

These vulnerabilities should be addressed quickly, and multi-factor authentication enabled.

5 steps to boost network security and make remote working more secure

  1. Review security policies for remote workers and make sure that employees are aware of their responsibilities
  2. Instigate security training including spotting phishing emails and other attacks
  3. Review and establish policies including conditional access and multifactor authentication and check security defaults
  4. Implement mobile application management policies
  5. Explore intelligent threat-hunting security solutions that can ‘learn’ what’s normal activity on your network and identify unusual behaviour – even when remote working is not the norm

Please get in touch if you would like discuss any of the subjects covered in this article. Or book a free cyber security health check to find out what you need to do to protect your network.

View Case Study

Tackle IT security risks with these 5 strategies!

IT security is a hot topic. Companies everywhere need to watch out for new viruses, incidents of ransomware and malware, with cyberattacks more of a risk now than ever. Here are 5 strategies for tackling IT risks.

As a business owner, you need to know that your IT security, networks, storage and devices are secure. Under GDPR and other regulations you also need to take every reasonable step to safeguard the data that you are entrusted with, and to keep your confidential information – such as financial and client details – secure.

Cyber threats can come from any angle. In the IT industry, these are known as attack vectors. Hackers and criminals can try and access your networks and secure data through internet connections, software, email, and even Excel and PDFs aren’t safe.

The question is, as a business owner, how do you reduce the risk of falling victim to a potentially crippling cyber attack?

Find out more about our Cyber Security Posture Assessment to understand your organisation’s security posture and reduce IT security risks >

The following steps don’t require an expensive outlay in technology or cyber security solutions – many ‘out of the box’ SaaS solutions can help shore up you defences without breaking the bank. Best practices like good password hygiene and cyber threat awareness raising exercises don’t need to cost your business anything, and could actually save substantial amounts of money and reputational damage if they prevent an attack. Have you implemented the following?

5 ways to mitigate IT security risks

 #1: Passwords

It sounds simple, even obvious, but whenever you, or your employees, leave a device – a tablet, phone or computer – alone for a moment, make sure it’s protected with a strong password. It is far too easy to assume you’re safe when working in an office with colleagues. But what if someone is looking to steal data? What if a client is in the building? Or a contractor that you don’t know?

Without a password, you are taking too much of a risk and haven’t taken a reasonable step to mitigate a serious and avoidable security risk.

An IT team or external provider should also make sure that the passwords on every device – including personal mobiles – that contain sensitive data are secure. Don’t make it easy for cyber attackers. Use a combination of upper and lower case letters, numbers and symbols. In the world of passwords, longer more involved combinations are statistically far more secure. It sounds simple, but you run a much higher risk of a data breach without secure passwords.

If your office has public WiFi, you need to take the same approach with this password, and make sure it is changed every few months. Put a password policy in place for everything that constitutes an attack vector, therefore mitigating the risk of a cyber breach.

#2: Virtual Private Networks (VPN)

With smartphones we can work anywhere. Many professionals access emails and sensitive documents on the go, wherever they are, often over public WiFi.

Public WiFi and phone networks aren’t secure. Neither is the WiFi in your house or favourite coffee shop. Sure, network providers take every reasonable step to maintain high levels of security, but that doesn’t mean that cyber attackers haven’t found ways to implement attacks that steal data.

The only way to guarantee the security of your company’s data on-the-go is with a virtual private network (VPN). Once this is setup, your employees and anyone else who needs to access work email and files can do so through a secure network that can be monitored and protected. Again, maintain a password policy that changes every few months for an extra layer of security and be careful who is granted access.

#3: Multi-factor authentication

Another way to increase security is with multi-factor authentication. When logging in, a code can be sent to a registered mobile device. The person trying to gain access then needs to enter that code and the login sequence is complete. It is a common feature of financial service websites, the Government gateway and many other secure websites. 

It is recommended that you provide that extra layer of safety for your network and employees. It can involve two or more steps, depending on how critical the systems being accessed. 

#4: Remote lock-down/wipe

Finding out that your phone or laptop has been stolen is a nightmare. Especially when this is a company device full of sensitive information. 

Make sure you have a lock-down and wipe procedure in place that can be implemented automatically 24/7. Whenever possible, ensure this is something an employee can initiate themselves through access to a secure website or on another device they own, even if that is a personal phone or laptop. 

Wiping a computer or phone after it has been taken needs to happen quickly, which is why this isn’t something that should wait until the next working day. Even if a cyber criminal is able to hack the password you want to make sure there is nothing for them to find and potentially use to damage the reputation of the company.

#5: Use access prevention and controls

Do you know where all of your secure data is and who has access?

If not, then this is something you need to get serious about. In any company, there are always going to be files that need to be more secure than others. Know what they are, where they are and ensure there are ways to control and monitor access.

Set passwords and an access protocol around the relevant files and systems that are more sensitive. When access is granted, make sure any files that are downloaded are only accessed on secure work devices, or through the VPN. Have policies in place so that staff know they’re not allowed to send sensitive documents to personal devices.

Learn more about Identity and Access controls here >

Finally, provide regular training and cyber security awareness raising exercises so your staff understand the risks, adhere to cyber security policies, and know what to do if they suspect an attack or attempted breach.

Point them in the direction of our Cyber Security Vulnerability Quiz to test their knowledge and identify where further training could help. 

With these security measures, your data should be safer and risks of being hit with a cyber attack are reduced. Taking measurable steps to improve security will keep your company compliant under GDPR and other regulations designed to protect customer data. 

View Case Study

Six reasons why cyber crime is increasing, and what you can do about it

There is a disconnect between Security and Operations within many companies, which can lead to a ‘SecOps Gap’.

In turn, this lack of coordination can lead to a loss of revenue, increased costs, and damage to a company’s brand, as well as the failure to meet regulatory requirements and big fines.

Get a free cyber security health check here >

The 6 key reasons that cyber crime is increasing are:

  1. The cost of data breaches continues, which has increased 29% to an average of $4 million per incident.
  2. Breaches caused via mobile devices.
  3. Malware embedded in legitimate applications, targeting poorly secured Wi-fi spots, stealing passwords, and more in their quest to steal information.
  4. Unauthorised products with weak security controls in the corporate cloud.
  5. Zombie servers.
  6. Known vulnerabilities that are not patched in time. 

What can you do to protect your organisation from cyber crime?

We recommend focusing on the following areas:

Security architecture: Do you know where your weak spots are? Penetration testing will help you understand where your vulnerabilities are, then deploy the right solutions to protect your network.

Vulnerability management: In an ever-changing threat landscape you can’t afford to stand still. On going vulnerability management services keep pace with new threats and identify new vulnerabilities so you can deploy appropriate solutions, or modify information security policies and procedures.

Identify & Access Management (IAM): Manage access levels and block hackers & unauthorised login attempts with a robust IAM strategy and the right tools to ensure your users can get on with work, without compromising security.

If you’re concerned about cyber security threats and the impact they could have on your organisation, book a free cyber security health check with our expert team.

Further details can be found here >

View Case Study

Cloud Business Logo - white
Microsoft Gold Partner Logo - Cloud Business

Cloud Business Limited
8 North Street
Guildford
GU1 4AF

0845 680 8538
hello@cloudbusiness.com

Twitter Linkedin-in
Microsoft Gold Partner Logo - Cloud Business

2023 © Cloud Business Limited
Registered Company in England and Wales 06798438

Technology

Get connected

Work smarter

Stay safe

Who we help

Success stories

Legal

Public sector

Who we are

About us

Leadership team

Technology partners

Work for us

Resources

Blog

Knowledge hub

Get in touch

Contact us