IT Security

What Is IT Security?
What Is IT Security

What IT Security does my business need?

Most IT security threats arrive via a malicious email, whether it be a link in the email to a website that aims to trick you into revealing passwords (phishing), or less commonly a virus/malware attachment that looks safe to open.

The result of a milicious email being acted upon can be devastating for your entire business and has even closed some small businesses altogether due to the financial losses that result. Ransomware is a good example of this – where a virus that one of your employees unknowingly allows through, encrypts all of your business documents stopping work altogether, and potentially losing your data forever. The more sophisticated modern forms of ransomware will also try to delete your backups at the same time trying to leave you no way out but to pay the ransom.

IT security systems aim to prevent all threats, through a layered defence.

It starts with good perimeter defence. Microsoft 365 business premium gives your business all the features you need to keep almost all malicious emails out – when correctly configured by your IT team. This includes scanning all links withing emails and re-writing links to direct your web traffic via Microsoft’s safe servers and scan the resulting site. This also includes impersonation protection to stop emails that may appear to be from your own staff, but are actually malicious, sometimes directly asking your finance staff to send money directly to the malicious actors. Microsoft 365 Business Premium includes zero day protection and their own sandbox environment to test unknown code and attachments that may not be well known to other email filtering solutions.

Our Ubiquti firewall configurations don’t just block basic services and protocols, but actively scan all traffic in and out your business looking for malicious code and activity and blocking it before it reaches your systems.

Should anything get through the above filters we ensure all our clients login’s are secured with 2 factor authenticaion and passkeys – a more secure form of protection over passwords. We also have the ultimate backstop in Huntress ITDR and EDR. These powerful solutions are a standard across our IT support, to actively monitor your logins to detect and immediately block accounts that appear to be logging in from suspicious geographic locations, or in suspicious ways such as token theft to bypass 2 factor authenticaion.

There is also a human training element and physical security to take into account. No IT security is 100% secure, and it is often a balance between maintaining a high level of security, whilst not slowing or stopping the user from completing their work efficiently.

IT security takes a layered approach, including but not limited to: 

• Email Filtering
• Perimeter Network Firewall
• Endpoint Protection (antivirus)
• Intrusion Detection System (IDS) or Intrusion Prevention System (IPS)
• Security Patching (updates)
• Access Permissions
• User Training
• Physical Office Security
• Monitoring and Alerting

 

IT Security - How Liberate IT Can Help

So how does IT Security apply to my Buiness?

You may not understand what level of IT protection is required for your business or industry, as the requirements both expected by your clients/suppliers and the government (ICO – Information Commissioners Office) are constantly changing and evolving.

You may not realise that you are keeping sensitive information that requires a higher level of security, such as scans of passports/birth certificates that many recruitment agencies, solicitors and estate agents keep on their IT systems as standard.

Liberate IT are your trusted partner for IT and data security. We keep up with the latest industry requirements and adapt your IT security accordingly. We work with you to identify the data your are storing and processing and instruct you on the appropriate IT security measures you need to be taking. We can then add value by implement these solutions in a way that is tailored to your business and the way you work. We reduce disruption with out of hours work, and work with you onsite to implement new solutions seamlessly.

We are always on the lookout for the latest solutions that could bring better value to your IT security and help your business stay protected. In some areas, the built-in security measures in Microsoft 365 and Windows defender are not enough to protect your data so we implement 3rd party tools to fill those gaps such as Huntress ITDR and EDR.

Find out more by getting in touch with the IT security specialists at Liberate IT Support.

How can Liberate IT help?

IT security threats are constantly evolving and so should your IT security! Our IT support contract offers a pro-active approach that will keep you one step ahead of the threat and put protection in place to prevent you becoming the victim of a costly and commercially embarrassing attack. We can work with your HR team to get the correct policies in place to protect your business legally and financially. We also have experience in implementing PCI DSS security compliance and beyond.

Get in touch with the IT security specialists at Liberate IT to build a strategy to suit your business and security requirements. We can take away the IT security headache and provide a full security audit to get you up to speed.

Cyber Essentials

Liberate IT is Cyber Essentials Certified and highly trained in IT security across multiple vendors and systems, which means that we are qualified to protect you and your business from online security threats.

We can help your business to attain Cyber Essentials plus and ISO27001 certification.

How Hackers Get Into Your Email

Frequently Asked Questions

  • A cyber security ‘incident’ is when an attack doesn’t result in a breach to the business, ie. the attack is successfully repelled & the company’s data isn’t compromised.
  • A cyber security ‘attack’ is when the businesses firewall has been breached and the business has been impacted by it, ie. they have lost access or confidential data has been leaked, etc.
  • A cyber security ‘threat’ is when there is a possibility of a malicious attempt to damage or disrupt a computer network or system.

Cyber hygiene refers to the practices and steps that all computer or device users within a business take to maintain and continuously improve their security, both online and offline. These practices are often part of a routine to ensure the safety of identity and other details that could be stolen or corrupted.
  1. Install a reputable antivirus and malware software
  2. Protect computer with robust firewalls and secure routers
  3. Update all software regularly
  4. Set strong passwords
  5. Enable Multi-Factor Authentication
  6. Employ Device Encryption
  7. Back up regularly
  8. Keep your hard drive clean
  9. Secure your router
  • Malware/Ransomware
  • DDoS (distributed denial of service)
  • Drive-by
  • Zero-day
  • MITM (man in the middle) attacks
  • Phishing campaigns
  • Virus infections

Small businesses are collectively subject to almost 10,000 cyber-attacks a day, according to new findings from the UK’s largest business group. Due to the high cost associated with a breach, 60% of these organisations go out of business within 6 months.

Without any kind of Cyber Security Plan in place, small businesses risk their privacy, client trust, financial integrity, employee integrity, data integrity and the longevity of the business.

GDPR, or General Data Protection Regulation, regulates that everyone who is responsible for using personal data has to follow data protection principles to ensure the information is used lawfully, transparently and fairly. This system was put in place by the government in order to protect the individuals rights to protect their personal data. To find out more about GDPR check out Data protection: The Data Protection Act

GDPR is necessary because of new advances in technology and the ways we are storing data (such as in the cloud), and because of widespread IT Security failings which have exposed confidential information. This regulation aims to stop data breaches and exposure of ‘Personally Identifiable Information’ or PII for short.

GDPR is great news for individuals who are fed up with nuisance calls or emails from companies who you haven’t given permission to contact you, and keeping your private data secure is something we all expect from a business, but surprisingly don’t always see. 

Although antivirus software is essential, more should be done to protect sensitive information or PII (Personally Identifiable Information). You may not even realise you’re keeping sensitive data, but a detailed client list can qualify, and so do scans of passports that recruitment agency’s typically keep on file.

Want to know more?

Speak to the team
Cisco CCNA
Dell Partner Direct
Eset Authorized Partner
Kerio Certified Partner
Microsoft Certified Systems Administrator
Microsoft Certified Technology Specialist
Symantec Registered Partner
Veeam Pro Partner

Still not convinced?
Why not take a look at our Case Studies:

Astle Paterson Solicitors White Logo

Case Study

VHS Fletchers Solicitors White Logo

Case Study

Accountants
Case Study

Manufacturers
Case Study

Scroll to Top