Blog : Security

Top 5 things companies should be doing to improve security

Top 5 things companies should be doing to improve security

We asked our engineers for their “absolute musts” in company security. The things that have to be implemented company-wide and are non-negotiable.

Here’s what they came back with

Multi Factor Authentication

This by far was the number one recommendation from our team. It’s such a simple thing, not all platforms support it but many if not already on board are joining. As well needing a username and password to log on you also get a code sent through to an enrolled device such as your mobile phone.

This is such a simple but massively effective technique in keeping your account secure.

Audit Logs

Checking the logs of who’s been doing what with company logins can reveal most techniques hackers and bad actors use to extort your data and clients, and in most instances stop them before they can.

Log in reports

Getting a report of who’s logging in or attempting to log into your accounts can reveal potential security holes and also staff that may require a little more training on cybersecurity.

Company-wide email rules

Setting up email rules such as “no forwarding to external addresses” can protect your company from not just a GDPR perspective but also from hackers and bad actors taking your data and extorting you or your clients.

Internal alerts

Many hackers and bad actors will Phish for information or even send bogus emails, a setting such as alerting your team when someone external to your business is impersonating someone within your business can go a long way to stopping these attacks.

 

Aurora Tech Support have many many tools and procedures developed since 2003 to keep your company secure. If you’d like to discuss you comapny security please get in touch.

Security & Protection

Security Fridays at Aurora Tech Support

Security Fridays at Aurora Tech Support

Our mission statement (I’m not sure about that term) our reason for existing? Is that better?

Our reason for existing in 2003 is still the same today, to work hard for our clients, build relationships, keep moving as a company, and keep innovating.

With that in mind, it hasn’t escaped our attention that cybersecurity, breaches, and attacks are massively on the increase. We’re constantly evaluating the services we offer and how we can best protect our clients.

We have found upon review that we need to offer a much bigger service with regards to the security of the communication methods used in our client’s businesses.

So we have introduced two new options for clients, firstly we’ve introduced “security Fridays”. Every Friday we check the logs of all our Microsoft 365 clients to see if any risky logins or login attempts have been made as well as checking for any likely breaches of their accounts. Second, we have introduced our “security pack” for clients wanting a dedicated approach to their security we will set up your Micorosft 365 Tennant with all the security measures recommended by Microsoft as well as our own experience in keeping your Tennant protected.

You might not be on Microsoft 365 for your company emails, but we would recommend you seriously consider it, for just £3.80 per user mailbox the security and auditing features available more than justify the cost to protect your business.

If you’d like to have a chat with a member of the team about any of our security offerings please give us a call on 01937 586888.

Microsoft 365 for Business – IT Support Yorkshire

Microsoft 365 Security

Microsoft 365 Security

Microsoft 365 breaches are becoming more and more of an issue for businesses, we’re not one’s to sensationalise in an attempt to maximise the services we provide to our clients, but breaches from bad actors are becoming more of an issue and increasing at a quite frankly alarming rate.

Hackers and bad actors after gaining entry to your Microsoft 365 accounts will usually take care to hide their residence and thus an attacker can be inside your environment for an average of 99 days before they are detected.

As standard, the default security, auditing, alert, and reporting settings in your Microsoft 365 Tennant are not going to prevent or even alert your business to a breach.

For this reason, we set up rules within the Tennant to not only alert you and your users of anything fishy, but also alert us and our engineers so we can take action. As well as setting up rules to prevent many methods bad actors use to extort yourself and your clients, by blocking certain activities.

We monitor your Microsoft 365 environment and work through weekly reports to ensure that no-ones in your Tennant that shouldn’t be, doing anything they shouldn’t be doing.

The benefits to having your Microsoft 365 environment monitored in and protected in such a way are not falling victim to Phishing attacks and spoof invoices to your clients for payment or even to your team requesting payment. These attacks are on the increase and as such hackers and bad actors now view these tactics as a viable way to make thousands from compromised Microsoft 365 accounts.

It really is becoming of paramount importance to protect your organisations emails, so if you’re not using Exchange / Microsoft 365 for your company emails it’s time to consider it, for £3.80 per month* per email address it’s an ideal way to protect your business from modern threats, or £9.40 per month* with Office apps Word, Excel, PowerPoint, Outlook etc.

If you’d like to have a chat about switching to Micorosft 365 or setting up auditing and protection from Aurora Tech Support on your account give us a call on 01937 586888

I.T. Hardware and Infrastructure Support

*June 2020 pricing

What basic security should my business have in place for 2020

What basic security should my business have in place for 2020

It seems each year technology changes at an unrecognisable rate, and managing the security in your business can seem like a full-time issue (or is neglected all together). There’s serious threats now to businesses and their data with ransomware attacks up 12% year on year for the last 3 years.

This page aims to be an extremely basic guide to what you should have in place in your Business in 2020 at a bare minimum.

Endpoint Security

Endpoint security is a software security package that provides, anti-virus, anti-malware, anti-ransomware firewall, and intrusion detection. It terminates at a central control panel so your I.T. provider can view all alerts across all devices on the network without needing to check each system individually.

Robust Backups

A robust backup solution for your business is imperative for business continuity, this is not only a secured on-site copy of your data with ransomware protection but a secure off-site copy with previous versions and retained deleted files. Simply taking a copy of your data is not enough and it’s only a matter of time before you’re caught out (if you haven’t been already).

Router ports blocked

Many hackers will use known exploits in Windows security to gain access to your devices, blocking this access of your companies Router is essential to ensure that your data does not fall into the wrong hands, you don’t want these people on your network at all, once they are in they can unleash huge damage on your network and data.

 

In summary network security is an absolute requirement for any business these days, if you’d like to discuss the security of your business network and devices please give us a call from the number at the top, or book a meeting using the link on the right or to find out a little bit more about what we do please check the link below.

I.T. Hardware and Infrastructure Support

The end of Windows 7 as we know it

The end of Windows 7 as we know it

Today marks Windows 7 EndOf Life. In short, this means Microsoft will no longer release security upgrades and patches for security vulnerabilities.

But as Microsoft ends support for the Windows 7 operating system, still 79% of businesses in 2019 had at least one Windows 7 device in their office.

This will be a huge security flaw on any network moving forwards as Microsoft will not release security patches for known flaws and Internet Security and Virus protection do not patch security holes, that is the job of the operating system provider.

By March 2020 at the latest, you need to have all systems in your organisation running a supported operating system.

If you would like an Aurora Tech Support engineer to come to site to produce a free audit not just covering Windows 7 systems but a full security assessment please book to the right.

Protecting your computers and your future too

Protecting your computers and your future too

For 14 years we’ve worked harder than the competition to offer I.T. support that not only keeps all of your I.T. infrastructure working and working well, but to also offer that piece of mind that comes from knowing we’re on your side.

We build relationships that mean we both get the most out of working together. We can’t thrive as a businesses without our clients thriving as a business.

This is as important now as it ever has been, as more and more of our day to day business is done via computers and the internet and convergent disruption changing the business landscape beyond all recognition. Now more than ever modern businesses need to trade on the internet as their primary platform and those that don’t will get lost in the noise. We see a lot of businesses recognising they need a platform on the internet but in actual fact just end up adding to the noise with many switching potential buyers off.

They realise they need to have a presence on platforms like LinkedIn, Twitter, Instagram and Facebook but have no idea how to separate themselves from the pack and thereby end up adding to the already crowded middle.

The key we have found is to offer great free advice, doing this without de valuing your time or giving away hard earnt trade secrets can be difficult.

But in truth the issue goes deeper than just getting a message out there that’s a little different to the rest. It’s creating that different message and creating a different service for your clients and with that different service delivering different results. From start to finish being different, being better than the competition.

We’ve done this for over 14 years and so are as well placed as anyone to work closely to make sure your technology delivers not only for you and your team but for your prospects and clients too. Who ever we work with on whatever level we deliver not only amazing I.T. support services but future results for your business. We look constantly to make sure the systems you use are creating the desired results for you and those you support with your products and services.

Our traditional I.T. support contracts offer system monitoring (among many other amazing business benefits) so each month we’ll look to see how improvements can be made to your systems, improving productivity and team efficiency thereby creating amazing experiences for your clients and prospects.

And our Growth partnership services provide a working platform for us once a month or every quarter to sit down and spend time going through results with a fine tooth comb and producing better more amazing results after each meeting.

 

To find out more about either of these services please give us a call on 01937 586888 or click on the relevant link below.

I.T. Hardware and Infrastructure Support

Business Growth Partnership

The importance of Encrypting your data

The importance of Encrypting your data

Data breaches are on the increase, in fact data breaches are the hackers new preferred way of making money from the information they find and can use to extort you. And to fan the flames the Information Commissioner has formed the view that in future, where such losses occur and where encryption software has not been used to protect the data, regulatory action may be pursued.

Therefore it is worth seriously considering encrypting any sensitive data to best protect yourself from 1. breaches of your data and 2. regulatory action from the ICO.

The basics

  • Encryption protects information stored on devices and in transmission.
  • It is a way of safeguarding against unauthorised or unlawful processing of data.
  • Organisations should consider encryption alongside other technical and organisational measures, such as Endpoint protection on all devices and servers.

What the Data Protection Act says

Principle 7 of the Data Protection Act states:

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

What is encryption?

Encryption is a mathematical function using a secret value — the key — which encodes data so that only users with access to that key can read the information.
In many cases encryption can provide an appropriate safeguard against the unauthorised or unlawful processing of personal data, especially in cases where it is not possible to implement alternative measures.

Example

An organisation issues laptops to employees for remote working together with secure storage lockers for use at home and locking devices for use outside the home. However there is still the risk of loss or theft of the devices (eg whilst being used outside of the office).

Therefore the data controller requires that all data stored on laptops is encrypted. This significantly reduces the chance of unauthorised or unlawful processing of the data in the event of loss or theft.

Encryption in practice

Information is encrypted and decrypted using a secret key (some algorithms use a different key for encryption and decryption). Without the key the information cannot be accessed and is therefore protected from unauthorised or unlawful processing.

Whilst it is possible to attempt decryption without the key (by trying every possible key in turn), in practical terms it will take such a long time to find the right key (ie many millions of years) that it becomes effectively impossible. However, as computing power increases, the length of time taken to try a large number of keys will reduce so it is important to keep algorithms and key sizes under consideration, normally by establishing a review period.

Encryption should be considered alongside a range of other technical and organisational security measures.

Organisations will need to ensure that use of encryption is effective against the risks they are trying to mitigate, as it cannot be used in every processing operation.

Organisations should consider the benefits that encryption will offer as well as the residual risks and whether there are other security measures that may be appropriate to put in place. A Privacy Impact Assessment will help document any decisions and the reasons for them. This can also ensure that the organisation is only using the minimum of personal data necessary for the purpose.

The importance of good key management should also not be underestimated. Organisations should ensure that they keep the keys secret in order for encryption to be effective.

Encryption can take many different forms. Whilst it is not the intention to review each of these in turn, it is important to recognise when and where encryption can provide protection to certain types of data processing activities.

Encryption is also governed by laws and regulations, which may differ by country. For example, in the UK data owners may be required to provide access to the key in the event they receive a court order to do so.

Not all processing activities can be completely protected from end to end using encryption. This is because at present information needs to exist in a plain text form whilst being ‘actively processed’. For example, data contained within a spreadsheet can be stored in an encrypted format but in order to be opened by the spreadsheet software and analysed by the user it must first be decrypted. The same is true for information sent over the internet – it can be encrypted whilst it is in transit but must be decrypted in order for the recipient to read the information.

When is encryption useful?

When processing data, there are a number of areas that can benefit from the use of encryption. The benefits and risks of using encryption at these different points in the lifecycle should be assessed separately. The two main purposes for which data controllers may wish to consider using encryption are data storage and data transfer. These two activities can also be referred to as data at rest and data in transit.

Recommendation

Data controllers should have a policy governing the use of encryption, including guidelines that enable staff to understand when they should and should not use it.

For example, there may be a guideline stating that any email containing sensitive personal data (either in the body or within an attachment) should be sent encrypted or that all mobile devices should be encrypted and secured with a password complying with a specific format.

Data controllers should also be aware of any industry or sector specific guidelines that may recommend a minimum standard for encrypting personal data.

I.T. Hardware and Infrastructure Support

Article adapted from ICO

Apple’s macOS High Sierra allows root access with no password

Apple’s macOS High Sierra allows root access with no password

Firstly we’d like to point out that Security experts warn the public not to try and test the issue locally or remotely, as there is a risk of increasing the attack surface.

It all started on Twitter, a software developer claimed it was possible to obtain root access on Apple’s High Sierra without a password. A pretty strong claim if your understand exactly what Root access to a system affords you.

Lemi Orhan Ergin in his initial tweet, directed his findings directly to Apple.

The issue Lemi discovered in High Sierra is a serious one, Root access to a system allows you to play God and gives every permission possible to make changes. At this point, it’s not clear if High Sierra is the only OS affected. That said our tests in house have failed to reproduce the error on any other version of Apple’s recent OS releases.

High Sierra users need to address this issue urgently, as the root password bug is exploitable remotely, including in Applications such as VNC and Apple Remote Desktop.

However for those wanting to test their own systems proceed with caution, testing locally will open systems up to remote attack. Especially via Screen Sharing.

“By testing this vulnerability on your own computer, you’ll end-up creating (or modifying) a persistent root user account on your system. The danger here is that, by creating such an account, it will affect remotely accessible services such as Remote Desktop,” explained Bugcrowd’s Keith Hoodlet, Trust and Security Engineer.

“By testing this vulnerability on your own system, you remove existing safeguards around the root (i.e. God-mode) user – enabling passwordless root access to your system. Given the level of access the root account has, it has many (and wide-ranging) potential security impacts, including remote access through various services. We have internally confirmed that it adversely affects the Screen Sharing service.”

Apple have today released an Update to address this rather serious Security hole in it’s software, and we would suggest you install at your earliest convenience.

Apple has released Security Update 2017-001 to address what they call a “logic flaw” that allowed the abuse of the root user account locally and in some cases, remotely. All macOS users are encouraged to install the patch immediately.

After the patch is installed, if the root user is required (it shouldn’t be), the account will need to be re-enabled and have its password reset.

A pragmatists guide to Cyber Security

A pragmatists guide to Cyber Security

This week as part of Leeds Business Week we had 20 people booked on a free seminar we delivered at The Pit in Leeds City Centre.

It was a good bunch of people in attendance and after the seminar we had a really good chat about Cyber Security and there were some amazing questions about the future of cyber security and the best practices for protecting their businesses.

The reason we worked with Leeds Business Week to deliver this seminar was to increase awareness of where we find ourselves in the fight against hackers, viruses, malware and ransomware.

The truth is we are losing the fight and the hackers from countries such as China and Russia are out in front and we are trying to play catch up. Traditional methods of protecting users are out the window, with modern techniques concentrating on remedy and pretty weak firewalls, plus it doesn’t help when the NSA practically gift their Ransomware tools to the general public.

Security applications now seem to be moving towards anticipating user behavior in an effort to combat infections and security breaches. But with all of this and the most sophisticated software in the world the best strategy is to make sure that should you suffer a data breach it’s as small as possible and you can get back on your feet as soon as possible.

This follows two paths in a nutshell.

  1. Backup
  2. Device Protection

In terms of backup we suggest a method that achieves the following

– Previous versions

If your data is somehow corrupted by an infection or anything else for that matter it’s important to have a backup that keeps previous versions, this is probably the most important part of keeping successful backups.

– Email reports

It’s one thing putting a backup in place and it’s another keeping an eye on it to make sure it’s running properly. We’ve seen many a failed backup when it’s time to use the data and therefore the client has nothing. Email reports keep you in the loop and alert you to backup failures.

– Offsite copies

If something should happen to your offices then it’s important to have a copy of your data offsite to restore, burst pipes, fire and theft happen to a business on average every 7 minutes. And Ransomware attacks are successful every 40 seconds.

Now we come to device protection, and you might not like this, as we mentioned before the hackers are currently winning and the software and hardware protection available is somewhat lagging behind. But if your using free antivirus software you’re leaving yourself open to attack, literally.

These products are free for a reason and while part of that reason is to sell you their more expensive product that actually offers a small amount of protection they are far far behind the leaders, you need to protect your offices with a robust Endpoint UTM solution. Don;t worry about what that means, just give us a call

01937 586888

I.T. Hardware and Infrastructure Support

Yahoo! Tripled it’s quota on what was already largest data breech in history.

Yahoo! Tripled it’s quota on what was already largest data breech in history.

This week Yahoo announced that what was already the largest data breech in history was in fact 300% bugger and that in fact all of it’s 3 billion users had their data obtained. Not the 1 billion it revealed late last year.

On Tuesday the company announced that the breach previously disclosed by the company in December was in fact much higher than originally expected. Yahoo claim that following its acquisition by Verizon in June, it obtained new intelligence while investigating the breach with help from outside forensic experts.

And believes the stolen customer information did not include passwords in clear text, payment card data or bank account information.

I have to say this seems to be the new normal, hackers are looking for information and poor security is the same as leaving the door open, we’re no doubt going to become a stuck record on this one but as well as amazing I.T. Support in the Leeds area we offer we work with over 150 companies to secure their data and protect their networks.

If you’d like a free no obligation chat to discuss your companies Security needs please get in touch.

Free Consultation