As a modern, forward looking organisation, you want your employees to have access to critical business data and applications at any time, from anywhere and from any device. You want to nurture collaborative working across teams, so you’re increasingly using tools such as Microsoft Office 365 and moving ERP systems such as CRM and accounting to the cloud too.
Benefits without Risk
The benefits of moving to the cloud include capital cost savings, increased flexibility and operational agility. Yet concerns over cloud security and the risk of a data breach persist among some C-level executives. These concerns can be addressed and overcome with the right cloud security technologies.Cloud Security Confidence
So you can have confidence in your cloud solutions, you need to implement a range of technologies including access encryption, application security, infrastructure security and to prevent hacking – as well as securing the VPNs used to connect remote teams. Setting policies and training end-users are both also important factors in the mix.
Weak access points are a common cause of data breaches and rogue access. To secure access points users should use high quality two factor authentication (2FA) technology, also known as multi factor authentication (MFA), from either Sophos or SecurEnvoy. Two factor authentication requires the use of a one-time password alongside a known password thus completely eliminating the risk of unauthorised access.
Why Use Multi Factor Authentication?
Two factor authentication technology can be used to secure VPNs, remote desktop working, WiFi access, web portals and laptop logon. Modern 2FA technology is easy-to-use because it is tokenless i.e. no additional hardware is required. The user simply receives a one-time password on their personal mobile phone to use in conjunction with a memorised personal password.
Securing Cloud Applications
Cloud-based applications such as Microsoft Office 365 and ERP systems such as Microsoft Dynamics Business Central and Dropbox are the future. So it’s vital to secure them against targeted threats and to protect sensitive data held within them. Sophos and Forcepoint provide IT Managers with visibility and control over apps to ensure that they’re being safely used.Controlling Compliance
Network user behaviour cannot always be controlled with policy alone, which means that not all apps used within the network can be officially sanctioned. Sophos and Forcepoint can identify cloud app security compliance gaps, enforce data access controls and manage network access for laptops, mobile phones and other devices brought into the network.
Your data and applications might be hosted in a private, public or hybrid cloud arrangement; whichever it is, your business processes depend on your cloud infrastructure, so you need to be confident that your hosted services are built on a solid architecture that guarantees 100% reliability and uptime, and are housed in secure data centres.Time to Focus on Your Services
Access Alto’s solid and secure hosting offers you the confidence and reliability you need, freeing you up to make the strategic and operational decisions about the services and applications your organisation needs. Services like Disaster Recovery as a Service, Backup as a Service, Software as a Service and Hosted Desktop services.
Secure Data Sharing
Employees need to share data securely across the organisation between multiple locations. This is key to enabling a mobile, flexible and productive workforce that can communicate and collaborate freely. An encryption solution such as Egress means emails and files can be transferred safely securely without the fear that it will get into the wrong hands.Any Time Anywhere Secure Data Access
Users need secure access to data at any time, wherever they are and IT managers need audit and compliance reports to monitor confidential data movement. For extra peace of mind, some secure data sharing solutions (including Egress) protect users — and the business — against mistakenly sending emails to the wrong recipient.
Working in the cloud increases exposure to distributed denial-of-service (DDoS) attacks, which overload servers with connections, preventing access for bona fide users. DDoS attacks are hard to mitigate so usually result in servers crashing. They are one of the fastest growing types of cyberattack so using sophisticated, automated, real time solution such as Radware is critically important.Flexible, Sophisticated, Always On
They keys to protecting against DDoS attacks include flexibility to deploy the solution according to your specific cloud configuration, the complexity to continuously adapt and respond to threat detection fast, and the option to deliver always-on (as well as on-demand or fully managed) service.
Keeping your private networks private between offices, sites and remote workers using the cloud adds a new layer of security complexity. The most cost effective and efficient way to connect users to their cloud resources, apps and system is to each remote site is to use highly featured VPN technologies to deliver secure, accelerated connectivity and high availability.Flexible, Sophisticated, Always On
By combing secure connectivity technology with high class firewall and encryption technology from providers such as Sophos and Forcepoint, network users can work as securely — and efficiently — at remote sites and home offices as they can at headquarters.
Home Working - Can You Collaborate?
#3 Connectivity and Support at Home
Working from home is now an everyday reality for many of our customers and network issues can be a challenge
As schools have now closed and other businesses have also sent people home, many home workers are struggling with ensuring they can run their real-time work apps such as Voice and Video conferencing without interference from other people, who are also working from home or using other online content
A Hackers Guide to Remote Working
Remote working for a hacker is brilliant, and not in the sense that they can work from home in a dark room wearing a hoodie. But because remote working means that a business is intentionally giving a path into the internal network that could potentially be accessed by anyone on the internet. This blog post covers some of the things that we have encountered across the team over the years.
#2 Your Cyber Security
If you are allowing devices to connect from people’s houses – it's possible that these networks have already been compromised by hackers or will be in the future. Implementing two-factor authentication, where another device like a mobile phone is used for extra security is the most important security measure that can be applied to systems.
#1 Your Telephony
As the Covid-19 situation looks set to escalate, there's a lot to think about to keep your business running. Last week we shared the Top 10 areas we've focused on to ensure our own business continuity.
From today, we'll be going into these in more detail, setting out what we've learnt and offering specific guidance and support. Let's start with telephony.
About six months ago, with the slow death rattles of the exquisite Empire C2 drawing near, not going to lie I'm still in mourning – that and python2, I was on the hunt for a new platform to sink my teeth into. While playing around with various frameworks on offer such as SilentTrinity, Faction, Merlin (all of which have their positives), I started looking at Cobbr's Covenant framework....