It seems like a week doesn’t go by without news of another data breach, it’s a big job to keep your staff secure from data breaches. What are the sorts of things we do here at Coffee Cup to help keep your company safe? Keep reading to find out!
Just this week, Dell has issued a warning to its customers regarding a security breach, following claims by a malicious actor of having pilfered data concerning roughly 49 million customers.
The technology manufacturer started dispatching notifications to its customers regarding the data breach, revealing that a portal used for customer purchases had been compromised.
Currently, Dell is conducting a probe into an incident involving a breach of a portal that houses a database containing specific types of customer purchase-related information,” according to a Dell data breach notification that has been sent out.
Dell has indicated that it believes the breach presents a minimal risk to customers due to the nature of the compromised information.
It doesn’t matter how big or small your company is, the risk of a breach is real. Quite often I hear the argument of “we’re too small, no one is going to target us” which I can understand the logic behind. Unfortunately, it’s not that simple, the vast majority of these attacks aren’t personal, they’re not targeted – they are automated attacks that will try every and any email address they have access to.
There are many different ways these sorts of breaches come about, from generalised email phishing attacks, targeted spear phishing attacks, compromised websites, man-in-the middle attacks and even social engineering to name a few.
How do we keep your staff secure from data breaches
First of all, it’s important to understand there is no technical steadfast way to ensure that a breach does not happen, but there are things that can be done to try and limit exposure to them.
All of our fully managed Assurance customers get the following as standard.
Education!
Above I state that you can’t just throw technical tools on and then rely on that alone, the most important thing you can do is make sure your staff are trained and understand the risks that are out there. I’m not saying you all need to be cyber security experts, but it’s good to understand the type of things to look out for. We have a few of things we do to help keep your staff trained:
- Gap Analysis Questionnaires – We send out a short 36 multiple question questionnaire to your team, to gauge current understanding and where further education is required. We can then create individually-tailored training courses for each staff member.
- Security Awareness Training – All of your staff have access to training courses in things like the various forms of phishing, social engineering, secure internet use and more.
- Phishing Testing Exercises – We will periodically send phishing attacks to your team. This will allow you to see who is more susceptible and who requires extra training.
Limiting the exposure
Now that people have been trained, it’s now time to look at what things we offer from a technical perspective that run in the background and are constantly remaining vigilant. All of which are monitored and supported by our Wokingham based helpdesk team.
- Enhanced AI driven email security – All of your emails are scanned to look for signs of a phishing attack, impersonation, business email compromise (BEC) attacks and more. By removing as many attacks as we can from the inbox, it significantly helps limit the risk.
- Correctly configure Microsoft 365 security features – If you’ve got Business Premium or E3, E5 licencing there are a lot of advanced security features we will configure as standard. Things like automatically checking attachments and links that are sent in real-time.
- Real time antivirus and network security – All endpoints we look after will have real time antivirus checking as well as network security. Blocking threats as they appear, and feeding that back to our team to check over.
- 24×7 Monitored EDR – EDRs are a bit different to antivirus, antivirus quite often rely on signatures and known patterns whereas by also having an EDR you add in behaviour-based monitors and detection. So, it’s essentially looking for abnormal behaviour. As part of this we also check for persistent footholds (hidden applications and threats that allow third party undetected access to your systems).
After the fact
As I keep saying, it’s not all fool proof, and some of these attacks are very sophisticated. There is still a risk that people fall for an attack, now we’ve done everything we can to help keep your team prepared, to try and stop the attack making its way through, but what happens if it does?
- Remediation – Our UK based helpdesk will look in to the extent of the breach and will work to limit the damage, restore the integrity of the security and lock down anything that requires it.
- Darkweb Monitoring – We monitor the darkweb to quickly identify exposed employee email accounts and identities that have been disclosed online via third-party data breaches.
- Offsite Logging – All of the logs from your endpoints and your Microsoft 365 estate are sent offsite and logged for at least 180 days. Allowing us to see the full logs should something happen. Quite often after a breach, logs are deleted so the infiltration point and full extent of the damage are a lot harder to work out. By taking them offsite and storing them in an immutable way, we can see the full story.
Now, this is just the things we do from a breach point of view, our Assurance package also includes things like password managers, OS and application patching and vulnerability checking, Office 365 backups, Cyber Essentials audits, unlimited helpdesk support and more.
Everything in this package is include in a per user per month cost, there are no separate licences or support costs.
Want a free dark web report to see how your business currently stands, or to talk about our Assurance package? Get in touch with us today.