Lockdown has seen the threat of cybercrime increase significantly. More of your team are working from more locations, sharing more data, and connecting from more devices, and using more remote access tools. Hackers are very aware of this and they know that all these new technologies and working methods leave your staff more vulnerable to phishing and social engineering attempts than ever before.
The new Carden IT Services cyber-defence team
At Carden IT Services, we felt that with the growing rise of cybercrime, the increased vulnerability that home working has introduced, and the large range of new cybersecurity technologies regularly being introduced, it was in our clients’ best interests to start our own dedicated cyber-defence department. While we have always provided antivirus and ransomware protection to our clients, the rapidly changing cybersecurity landscape now requires us to take a more aggressive stance to protect our customers’ interests.
Since the start of lockdown, our cyber-defence team have been constantly researching the latest cyber threats and their most effective countermeasures, and they are currently spearheading the introduction of an array of new, effective, and low-cost cybersecurity products and solutions to compliment and upgrade our existing solutions.
New cyber-defence services and solutions
Some of our new cybersecurity solutions include:
- Cyber Essentials Certification – we have been a provider of Cyber Essentials for some years now, but now we are incorporating it as part of a cyber-defence package. You can read more on our Cyber Essentials blog post here > Why all businesses should invest in Cyber Essentials.
- Dark Web Monitoring services which scan the dark web for instances of your company’s usernames, passwords and emails. Unfortunately, no matter how many times they are warned not to, the likeliness is that some of your staff still are reusing work logins and passwords for other websites. If one of these sites is compromised and the information leaked, cyber-criminals will try using those leaked login details on sites and applications across the web. By detecting these reaches early, you have a chance to change reused passwords before they can be exploited by hackers.
- Penetration Testing services where one of our team member attempts to break into your network using all the latest techniques that a real hacker would use. They do this in order to test the security and preparedness of your network and your team in a real-world scenario, using very sophisticated tools and software to perform the task. This doesn’t just stop at external to internal, we will also test internal systems, and this can even be items such as passwords on post it notes, social engineering and more.
- Office 365 Hardening – creating Microsoft Office 365 restrictions and policies, providing stronger authentication and access restrictions to block unwanted attempts on your tenant.
- Web Filtering Hardening – blocking access to non work related websites, which often lead to less productivity, but even worse could cause data leaks for your business, for example file sharing and personal email websites. Allowing personal email websites could allow emails to be opened that have not be scanned by a corporate spam filter.
- Increased Awareness and Training – for our clients. Focusing on phishing, social engineering, multi-factor authentication and more. We can help you tick the box that your teams have been trained on cyber-awareness. More information on this can be found on our news article here > cyber awareness training.
- Application Whitelisting – This monitors your team’s regular application usage for a short time and learns the applications that they regularly use. Once happy, the system is locked down, only allowing whitelisted applications to run, blacklisting any others, which could be non-productive or harmful. This keeps you safe while giving your team freedom to use the applications they need in their day-to-day work.
- The introduction of a new Service Operation Centre where we can monitor the security of hundreds of devices from a single integrated system, helping us protect our clients more effectively and monitor for unusual activity across various networks. For example, successful logins from suspicious locations, or brute force password attempts.
Our aim is to improve or fortify the cyber-defences of all our clients. Our clients will be hearing more about our plans in their next QBR meeting. In the meantime, you can read about how we are deploying this in our cyber-defence packages post.