Insights

Why you shouldn’t rely on generic cloud-based email security to protect your organisation An increasing number of internet-based threats are being deployed via email, which is why it is imperative for your business to have a comprehensive security service in place. It is much easier to stop threats before they become full-blown attacks on your network or infrastructure. Prevention, by means of the detection and blocking of threats, is preferable for the business continuity of any enterprise. Dealing with the fallout of the avoidable and damaging consequences of a lack of security can be extremely complex as well as costly. So, what steps can you take to ensure your email system is secure? Understand the threats Internet-based threats are constantly evolving and are a challenge to detect when sent under cover of an innocent-looking email. Sophisticated methods of camouflage are employed to mask the presence of malicious URLs; for instance, emails can be embedded with: spyware bait for the purposes of phishing DoSA (Denial of Service Attack) spam disguised URLs (containing redirects and/or time delays) zero-day attacks (exploiting undiscovered email security vulnerabilities). Any of these can result in damage to your operating system or applications and may also lead to the corruption or loss of sensitive data. Learn how email security works Internet-level defences identify and eliminate spam and viruses before they have an opportunity to enter your network, and web-borne viruses, phishing threats and spyware are detected and controlled with URL filtering. Email content and attachments, either sent or received, are scanned, monitored and managed according to your own defined policies, driven by your business requirements. Appreciate the risks of low-level protection A cloud-based email security service is provided at a basic level with Microsoft Office 365 and Google Apps, etc. However, your business should not be reliant on this limited level of protection as it is not sophisticated enough to neutralise more than the simplest form of malware. Ignoring the need to detect and block an ever-increasing number of complex internet-based threats could make your business vulnerable to exploitation. Having a service that provides a wide-ranging level of email security could mean the difference between you averting a cyber disaster or finding yourself recovering from one. How Awareness can help ASL can offer an all-inclusive level of security for your email system that: protects critical data from the threat of spam and virus blocks spear phishing campaigns restricts web access (customisable, according to your requirements) filters URLs assists administrator controls protects and supports roaming users. Our service also offers the central management of your security requirements without the need for additional hardware or software by providing a web-based console. For more than two decades, we have supported small to publicly-listed UK corporations with their growing needs for reliable email and an effective security solution that maintains network and infrastructure integrity. Our comprehensive email antivirus service detects and blocks threats before they become a serious issue. To discuss how to enhance your email security, call our Sales team on 0345 862 0345 and find out how we can help you and your business safe online.

The implications for disaster recovery when staff use their own devices at work BYOD (Bring Your Own Device) is a popular trend among UK SMEs, which without a proper policy in place to govern its usage, might be harmful to your data security. When staff access sensitive business information using their own laptops, phones and tablets, there is a corresponding increase in the risk of a disaster happening.  Typically, an individual’s own devices are set up with less security and virus protection. Why businesses like BYOD Savings can be made when employees use their own devices for work purposes. Their laptops, tablets and phones are often more up to date and advanced as well as being lighter, more portable, with bigger screens and wider capabilities than your existing company hardware. Productivity increases because of the level of familiarity with your own device. People work better and your business benefits as a result. However, it is important to consider how you could be impacted if you are employing BYOD. You could be making yourself more vulnerable to data breaches and loss and suffer legal consequences as a result. So, what risks should you consider? The associated risks of BYOD Lack of security Disaster is more likely in the form of accidental leakage and data loss, viruses and cyber-attacks when your staff use their own devices. Their device could be easily compromised, lost or stolen, which could give a third-party easy access to sensitive data. The consequence could be extremely serious or possibly fatal for your business. Management of different operating systems Devices are being updated and upgraded all the time, meaning the operating systems are too. The number of different versions make it very complex for a business to manage and support and this can lead to security breaches occurring. Your disaster recovery plan should include an effective solution that addresses this management issue. Having no BYOD policy Arguably the biggest risk of a disaster happening at all is failing to have a company BYOD policy. As well as weakened data security, there are also legal implications. BOYD legal implications and responsibilities Depending on the nature of your business, you may have to comply with legal requirements to do with the Data Protection Act, the Official Secrets Act or the Freedom of Information Act, etc. Your BYOD policy should address who is responsible for the protection of personal information and the implications of non-compliance with legal obligations. BYOD policy planning – what to include Apart from having a legal compliance strategy, other considerations are: network security data encryption local data storage prevention protection controls and limiting access tracking and deploying of applications establishing secure app-to-app workflows. Communicating your policy fully to your employees means they will be aware of what their responsibilities are when it comes to safeguarding your sensitive information. It will also help to reduce the risk of a disaster being caused internally. ASL can help you to successfully benefit from BYOD by performing a full assessment of the risk involved on all devices that access your company data. We can offer qualified advice on the security implications of jailbreaking and sandboxing, as well as assessing encryption methods and the use of passcodes to protect sensitive areas. For further details on creating a BYOD policy for your business that reduces the risk of a disaster, contact ASL on 0345 862 0350.