IT security post pandemic – where should you start?!

by | Apr 21, 2022 | IT Services & Support

For all intents and purposes, it seems the Covid-19 is now behind us. Mandates have lifted and the world is returning back to a ‘sense’ of normality… But what does that mean for forward-thinking businesses?

Hybrid working was a godsend for most, enabling companies throughout the country to continue, and this looks to be an ongoing trend that businesses will need to embrace to stay competitive.

“In fact, two thirds of businesses expect a permanent shift towards hybrid working in the future!”
TalkTalk business

Though, by putting more reliance on connectivity and online collaboration, a business’s online existence becomes just as vital as the physical, and needs to be protected just as much – if not more.

This blog will help you to understand why businesses need to invest in cybersecurity, the essential products necessary to protect digital assets and how to find the right partner for your needs. So, let’s get started!

The importance of IT security

As operations move to hybrid working strategies, the number of devices that connect to centralised data or hold business-critical information increases. This stretching of the network edge means more opportunities for hackers to gain access to digital information.

“Mobiles, laptops, even your employees, all have specific vulnerabilities that hackers can manipulate to gain usernames and passwords, to access business-critical information”
Martin Adams, Director, Express Telephony

Therefore, businesses need to stay aware of who accesses what information, and when, and safeguards are put in place to ensure only those with permission can get to critical data.

More focus on cyber attacks

Obviously, the move to hybrid working has also meant there’s more valuable data to try and pilfer. Major cybersecurity issues quickly become big news – just look at the Solarwinds attack last year, or the NHS WannaCry attack back in 2017!

“An international supply-chain data breach emanating from a compromise of SolarWinds was one of the most significant incidents that the NCSC dealt with over the last year”
NCSC

In terms of real-word effects, suffering any form of cyber-attack is more likely, and the costs of resolving them are growing too – not to mention the ongoing damage to customer confidence and brand credibility! Therefore, the need for robust cyber security policies (especially staff training) is essential to protect a growing issue that affects businesses of all sizes, including SMBs…

Small businesses are increasingly vulnerable

Most enterprises have robust security policies to ensure their data is hard to intercept, but this has pushed hackers to move lower down the supply chain – just like the Solarwinds attack mentioned above.

Rather than going for the ‘big fish’, hackers are finding vulnerabilities in a smaller commercial partner’s systems and using whatever credentials they skim from the ‘little fish’ to then access the ‘big fish’s’ systems, usually undetected!

So, how can businesses protect themselves? Here are a few suggestions…

What products will help protect you?

While there’s a near-infinite number of cyber-security solutions available, there are three key areas where we’d recommend you focus your attention:

Endpoint security

As we mentioned, more devices connecting to your network means more routes to access your data, each with their own vulnerabilities. Endpoint security solves many of the issues at the edge of the network by ensuring only permitted devices have access, and the right credentials are entered before data is made available, with features like multi-factor authentication.

“Microsoft found that 99% of account hacks are blocked using multi-factor authentication (MFA), and yet 97% of M365 users don’t use MFA!”
UK Cyber Security Council

Threat detection and management

It’s all good having barriers that prevent unauthorised access, but that doesn’t necessarily alert you to when those barriers are broken down. 24/7 vigilance is absolutely essential in this digital-first economy, but you need an experienced eye that can accurately identify false alarms from real attacks.

Encryption

Encryption not only prevents files being accessed if a device is lost or stolen, but it also ensures data that’s in transit can’t be intercepted and used for nefarious purposes.

Basically, encryption involves translating your data into incomprehensible gobbledegook that can only be deciphered with a password, usually known as a ‘decryption key’.

In fact, you’re probably already using encryption!

Services like iMessage and WhatsApp already encrypt messages end-to-end to ensure even the providers themselves can’t view the messages sent between users.

In business scenarios, it may not be as seamless as hitting the ‘send’ button on a message, but with the right encryption services, the time spent decrypting data can be minimised to ensure staff don’t lose precious time waiting for data to be deciphered.

“Firewalls, two- or multi-factor authentication, encryption and threat detection should be standard in any business, especially smaller ones where there’s no IT team to manage systems internally”
Martin Adams, Director, Express Telephony

Though, these products won’t plug all of the potential pitfalls in your cybersecurity. Staff training is essential to ensure employees aren’t convinced by a fraudulent email that looks official but is actually a phishing attack; a trap (usually via email or text) designed to gather email addresses and passwords which could lead to unauthorised access or loss of personal information, or even identity theft!

“86% of UK businesses haven’t trained end-users on phishing attacks in the last 12 months, even though end-users are the #1 cause of data breaches”
NCSC

And with so many complex technologies and solutions involved, many SMBs don’t have the time, resource or patience to produce a robust cybersecurity policy internally. That’s where outsourced IT services can take the slack; but how can you find the right partner for your needs?

Choosing the right IT partner

We may be slightly biased, but our recommendation would be to give Express Telephony a call!

Being fair though, you need a partner with accreditations or experience in supporting the vendors you use the most – likely Microsoft, as well as a robust support service -usually 24/7 support and business-grade SLAs that promise a fix to major issues within a specific timeframe.

Cybersecurity is a margin-rich industry too, so it’s worth finding a partner that won’t take you for every penny they can. Even Managed IT support and advanced security solutions like treat detection and prevention, should be affordable to SMBs that need to protect their digital assets!

Here at Express Telephony, our team consists of highly qualified, experienced engineers that can ensure that we meet all your communications and security goals, even surpassing them!

We remain patiently diligent too, meaning we’ll work at your speed and make sure you understand the technology and options available to you, before moving forward with your decision.

And while we’re not a major provider like BT or TalkTalk Business, we offer a level of service and support far higher than you could expect from them, because every customer is just as important as the next to us, no matter their size.

So, even if it’s for a second opinion, we’re here to help, so don’t hesitate to call us on 0330 332 2640 or send us an email here.