Critical Cyber Security Enhancements

What is myITmanager doing to help clients stay cyber safe?

We have invested heavily in R&D over the last few months to improve our offerings and are implementing a number of key solutions that will significantly reduce the likelihood and impact of the most common cyber breaches.  These changes will deliver what we consider is an absolute minimum level of protection. New threats are continuously emerging and we will continue to respond to these and help keep our clients business to remain adequately protected.

CERT (Computer Emergency Response Team) NZ is a government run organisation set up to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. They have published a set of 10 critical controls which we are adopting into our standard solutions.

Our new Security & Protection Solutions

Enhanced EndPoint Protection on your laptops and desktops

Traditional “Anti-virus” solutions are no longer effective at stopping many modern-day attacks which often never involve an actual infected file.  Most attacks are very sophisticated and have never been seen before so antivirus “signatures” haven’t even been created to detect them.  Enhanced EndPoint Protection is the new generation of solution to protect PCs and laptops and needs to be effective at scanning weblinks, looking at behaviour of the entire system and doing real-time analysis to determine if it looks suspicious and blocking.

We are upgrading all our “Workstation Security and Monitoring” plans to include EndPoint protection

Traditional Antivirus Enhanced EndPoint Protection
Scanning based on signatures provided by the AV vendor Complete Anti-malware & Antivirus
Real-time detection based on file pattern signatures Machine Learning and Artificial Intelligence to block elusive new threats
  Exploit Defense to identifying and blocking exploit techniques used to hijack legitimate applications
  Web Threat Protection
  Network Attack Defense
  Process Inspector
  Risk Analytics

 

Security Hardening of your Microsoft 365 subscription

This involves our team updating security policies and settings in the backend of your Office 365 account to adhere to Microsoft’s current best practice. These new or updated policies help significantly reduce the chances of cybercriminals being able to breach your systems.

This includes; preventing email forwarding to external address, blocking sign-in for shared & inactive mailboxes, updating anti-spam and anti-phishing policies, enabling audit logging & alerts, reducing the number of emails that can be sent from an account per day, preventing logins from known risky countries (eg. Ukraine, Russia, China among a number of others) or anonymised IP addresses.

Backing up your Microsoft 365 data including users’ emails, calendars & contacts plus documents in OneDrive, Sharepoint & Teams

There is a common misconception that because Microsoft 365is cloud based, that you are adequately backed up. Microsoft does have a commitment to keep the platform up and running and not to lose data through a breach of their systems however customer’s data and access to this via usernames/passwords is the responsibility of the customer. Cyber criminals are getting smarter and know these limitations and leverage this.  Our 365 Backup provides a cloud-based backup solution outside of Microsoft with infinite data retention (i.e. backups are kept forever) and backups Emails, Contacts, OneDrive, SharePoint, Teams data 3 times per day.

Enforcing Multi-Factor Authentication for Microsoft 365 logins

Once we have implemented these changes the next key enhancement that we are recommending for all clients is Multi-factor Authentication (MFA) on Microsoft365 logins.  This is a technology that the organisations such as the banks having been using for a number of years which requires a second form of authentication in addition to a password to sign in.  This will involve some impact to end user to get setup and requires a planned approach to ensure that is it implemented smoothly and effectively.

Microsoft themselves are moving closer to making this mandatory across all of their Microsoft 365 subscriptions and many other vendors already mandate this (for example Banks, Online Accounting and Payroll systems etc).  We believe that this is so vital to protecting user’s login credentials and means that even if a hacker gets hold of a username and password combination they won’t be able to access the system without access to the users mobile device, making it significantly harder and making them much more likely to choose an easier target.  We can implement this in such a way that it won’t prompt users every time for a multifactor login but when the login is deemed “risky” it will automatically require this.  Examples would be logins from new locations, unfamiliar or non-compliant devices.

Check out our recent Article on MFA