IT & Data Security
Many small businesses are a soft target for hackers. While multinational organisations have security specialists working around the clock and sophisticated security systems to mitigate any attacks, SMEs rarely have such defences, which makes them the “low hanging fruit” for hackers.
IT & Data Security
Many small businesses are a soft target for hackers. While multinational organisations have security specialists working around the clock and sophisticated security systems to mitigate any attacks, SMEs rarely have such defences, which makes them the “low hanging fruit” for hackers. The “average hacker” would much rather spend his time successfully hacking into the computers of 20 SMEs than wasting time and effort trying to infiltrate the network of a multinational or government department.
“According to the Deloitte Consumer Review – Navigating Cyber Risks survey, half of Irish consumers would cease business with a seller altogether if their bank details were compromised by a cyber attack.”
RealClear IT can help you with
IT Security for your Business 2.1
How safe is your network? How safe are your team’s desktop PCs and mobile devices? We can perform vulnerability testing to assess your network and devices.
Firewall protection for your network
A firewall acts as a barrier between your network and the rest of the world via the internet. Having a good quality, properly configured firewall in place can eliminate threats before they reach your servers or PCs. We can supply, install, configure and manage Next Generation firewalls to protect your network.
Desktop / laptop security
We can perform security hardening of Windows and Mac devices to make sure that your operating system and applications are both up-to-date and security patched. We can supply and install quality anti-virus / anti-malware software that prevents malware infections from wreaking havoc or stealing data.
Laptop / Mobile device encryption
A laptop that gets lost or stolen can result in confidential information being accessed by an unknown third-party, and an operating system login password can be bypassed within minutes. For this reason, the encryption of mobile devices is needed to prevent data leaks. If your business or organisation stores customer information on mobile computing devices, then you are legally required to encrypt them in order to comply with the Data Protection Acts 1988 and 2003.
Wireless network security
Is the security on your wireless network configured properly? If not, a weakly protected wireless network can provide a backdoor to all sorts of snoopers. Our technicians can check if your wireless network is configured correctly, before applying the latest encryption and authentication protocols to your network to make it as secure as possible.
A good way to test if your IT security is working properly is to perform an intrusion test. This is basically a simulation of a hacker trying to access your network and can be a very effective way to find weak-spots or vulnerabilities on your network.
Security Awareness Training
Sometimes a business might have textbook-style IT security processes, detection software and security appliances in place, but they still end up getting compromised. Often, this can be attributed to a “social engineering attack”. This is where one of your users is tricked into divulging confidential information, such as system passwords, bank details or credit card information. While many users claim “that would never happen to me”, we have seen finance administrators right up to board-level executives getting tricked by highly-elaborate schemes designed to extract information. One way to mitigate against such attacks is through IT security awareness training, where users are trained the spot tiny incongruences in on-line or off-line transactions. For bespoke IT security training, please contact us.
Next-Generation Firewall solutions
Unlike a unified threat management system, the data packets are not bouncing around from one sub-system to the next. Instead, with next-generation firewalls, one single consolidated engine performs a deep packet inspection, intrusion prevention and SSL and SSH interception. One of the greatest advantages of an NGFW is the application’s awareness to identify applications at a semantic level. For example, if you are streaming video on an non-standard HTTP port, a traditional or UTM firewall might block it. A next-generation firewall is smart enough to recognise that an unusual port being used does not necessarily equate with a security risk. This is because it goes beyond the old-style “ports” and “protocols” to holistically analyse and block threats intelligently.
RealClear were helping an organisation in Sandyford, Co. Dublin who were getting an increasing number of requests from visitors for internet access, and were a bit wary because they did not want visitors logging on to their network and possibly accessing their confidential files. RealClear was asked to devise a solution that would enable guest internet access and provide better protection for their corporate data. We setup a VLAN and separate SSID on their wireless network specifically for guest access, so now guests can login with just a username and password to a guest network that is securely segregated from their main business network.
Some best practice guidelines for better security
Make sure that all your systems have all their updates and patches applied.
Produce user security policies that cover acceptable and secure usage of your organisation’s systems.
Make sure that your network perimeter is fully secured to filter out unauthorised access and malicious content.
Establish anti-malware defences on your computer systems because traditional anti-virus solutions can no longer provide adequate protection.
Analyse the logs for all systems and networks for unusual/suspicious activity.
Data Backup Solutions
It will never happen to me...
Having a good backup system for your business is imperative. It is only human nature to look on the bright side and maintain a “it will never happen to me” attitude, but there are numerous factors that can cause your irreplaceable data to be lost.
We offer local, hybrid and Cloud backup solutions which have been tried-and-tested by us and which are trusted by businesses worldwide.
Critical considerations for a backup system.
Simplicity – The best back-up systems are simple. Having a complex and convoluted backup system can often result in misconfigurations, error and data loss. Back-up systems that are simple to use mean new users or devices can be added quickly and easily.
- Automatic Back-Up Systems – Set-it-and-forget-it systems that backup Windows and Apple files effortlessly and reliably.
- Security – Your data backup medium should be protected with the right level of security.
- Local and Cloud – The best systems store your data locally and securely off-site. We choose only the most reliable and secure online backup providers for your data.
- Verification – Backup systems that allow for easy verification of data backup success.
Why you need to backup
There is a myriad of factors that can lead to data loss in your business or organisation – and your business needs to protect against them all.
- Hard drive failure – Disk failure is a persistent threat to your data, no matter how new your computer is. It’s often not a question of if a disk will fail, but when. This also applies to newer solid state disks.
- File corruption – Files such as MS Office, accounts and email store files can become corrupt. This can be caused by viruses, malware or a poorly coded application.
- Virus or Malware infection – Some viruses and malware infections are designed to delete, corrupt or maliciously encrypt files. For example, macro viruses can corrupt Office files, whilst crypto-graphic ransomeware viruses, like the infamous Cryto-Locker virus, can encrypt your files, rendering them inaccessible.
- Employee sabotage – Disgruntled employees pose a risk as they could sabotage your files. Even if your data is stored in the Cloud, it is not completely safe from sabotage by a disgruntled employee.
- Theft of IT equipment – Mobile computing devices can be stolen from your home, office, car or public spaces, such as cafes or bars. Moreover, it is not unknown for whole servers or desktops to be stolen during burglaries. This is why off-site back-up is so important.
- Fire and flood – Incidents, such as fires, arson, taps left running and burst water tanks, all pose a risk to your data.
3 reasons why some back-up systems fail
Over the years we have come across many cases where clients (of other IT support providers or “DIY IT Support” clients) have had back-up systems in place, but they still ended up losing data. How did this happen?
- No easy way to verify the data – Clients are sometimes told their data is being stored “in that box over there”. When disaster does strike, however, they discover there is no valid backup or that it is months out-of-date. A good back-up system should allow users to easily check or get notification of a back-up validity.
- Back-up systems that are too complex – We have noticed a strong correlation between clunky over-engineered back-up systems and data loss. With complex back-up systems there are too many things that can go wrong. Moreover, many users are afraid to make changes. If they buy a new laptop, they are often afraid of adding it as a backup device. Easy-to-use back-up systems will allow you to easily add new devices, without fear of interrupting the backup.
- Back-up systems that are misconfigured – Good back-up strategies centralise data and then backup it up. Some users (and some IT support providers) configure their systems to backup to various devices across the network, where data begins to sprawl and multiply in an un-systematic and un-unified way. This can be a disastrous strategy in terms of making sure that all backups are up-to-date, and can also be extremely problematic if you need to restore that data quickly.
Mini case study – When a back-up is not a back-up
A dental practice in Dublin 2 realised the importance of verifying backups one Monday morning when they discovered that the hard disk in their server had failed. Their previous IT support provider assured them that their online backup system was working perfectly, but never showed them how to verify it. Moreover, there were no email notifications of backup completion.
When they did actually find the login details to the online backup provider, they discovered that the last successful backup was executed nearly 4 months ago. Fortunately for them, we were able to salvage most of their data from their failed disk. This case illustrates the importance of verifying backups on a regular basis and of getting some form of notification of successful backup completion.
Be safer and more productive with spam-free email
To keep your employees on track and avoid the nasties that are sometimes attached to spam, it is vital to keep your email system free of unwanted marketing mails.
Reasons why you need an anti-spam solution:
- Prevention of phishing attacks
- Prevention of email-borne viruses
- Denial of Service (DoS) attacks
- Directory Harvest Attacks (DHA)
- Save Time – Wading through junk email looking for genuine messages wastes massive amounts of time. An effective spam-filter helps to free up their time.
- Have secure email - Keep viruses, trojans, spyware, “phishing” emails and other email-borne nasties at bay before they reach your inbox.
- Social engineering emails flagged – Everyday Irish SMEs are inundated with fake requests for invoice payments, courier surcharges and bank “verification” emails. Our spam detection systems can filter and flag these messages before they even reach your inbox.
- Ease of use – Our anti-spam systems work seamlessly with Outlook, Thunderbird, Mac Mail and Entourage.