February 2018 - DNA IT Solutions

Monthly Archives: February 2018

News

Do Your Senior Management Know How to Spot a Phishing Attack?

Posted on by Sean Lucas
Fusemail Phishing attack DNA IT Solutions
26
Feb

The rise of spear phishing attacks means we have to learn to be suspicious.

Spear phishing attacks are on the rise and therefore so are the number of victims of successful attacks. In order to protect your organisation from threats like this you need to have a multifaceted approach to email security.

Your Staff are the Key

You may have invested in the best technology to prevent or mitigate a phishing attack but equally important to your defence is your staff and that aspect can be difficult to control. It takes just one person to open a phishing email or click on a malicious link to put your entire network and company at risk.

Senior management, decision makers, and people with access to transfer finances are the most likely to be targeted by phishing attacks.  FuseMail, the email security experts, have developed leading email security technology to identify and prevent phishing and spear phishing attacks in the cloud, before they reach your network.

Spear Phishing

Phishing is described as any website, online service, phone call, text message or email that poses as a company or brand you recognise. Attacks are generally undertaken on a large scale – a big net is cast to try to catch as many victims as possible.

Spear phishing is similar to phishing but is undertaken on a more targeted level. The spear phishers target specific individuals using social media, telephone calls and in some cases the hacking of accounts in order to get more detailed information about their potential victims. They invest time and effort to get as much information as possible about their target and then use that to make their requests appear very authentic.

Both types are designed to convince you or your team to hand over valuable organisational details, money, or trick you into downloading something that infects your computer and corporate IT network. The impostors phish for potential victims by sending emails, social media messages or text messages or making phone calls with urgent messages in the hope of persuading someone to visit the bogus website or pay out sums of money.

Why do they do it?

They do it because it works.  One in four companies reported a cyber breach in the last 12 months.   According to research compiled by the University of Portsmouth for the 2016 Annual Fraud Indicator report, fraud is taking place on an industrial scale and is one of the biggest crimes afflicting UK PLCs today.

It just takes a single click.

You may have invested in the best technology to prevent or mitigate a phishing attack but the mainstay of your defence is your staff and that can be difficult to control. It takes just one person believing a phishing email or clicking on a malicious link to put your entire network and company at risk.

Staff knowledge and awareness is the balance between success and failure

By arming your staff with the knowledge to identify phishing scams you will benefit from money and time savings, a clean reputation and an improved staff mood. In fact, being able to detect a potential malicious email and act promptly makes your staff feel important, empowered and active in the fight against cyber-crime.

Adopting a user awareness programme combined with traditional anti-malware enhances your anti-phishing capabilities, by understanding that employees can serve as a valuable active defence layer inside the organisation.

FuseMail allow you to connect with confidence everywhere and every way.  For more information on FuseMail you can speak with the expert team at DNA IT Solutions.

News

The Right Security Solution for Mobile Workers

Posted on by Sean Lucas
right solution for mobile workers DNA IT
12
Feb

In a previous article we looked at how the modern enterprise meant that workers were now used to working remotely and using mobile technology to enable them to do so.

Using smartphones, laptops and tablets as part of their day to day activities and moving from one to the other with ease.   While this remote working may make life easier for your team, it also leaves them open to high risks.

In that article we looked at the 3 steps needed – 1.Protect users and devices  2.  Protect the Enterprise Network  and 3.  Protect Corporate Data  You can read all about securing mobile part 1 here

What Else is Needed? 

By protecting users and devices, our network and our data, we complete the three key steps outlined already. However, if the solution or solutions we use are typical, they will be complex, piecemeal and not very user friendly.  In order enable the safe path to mobile productivity, organisations need to not only take the 3 steps outlined above, but the solutions they adopt must be comprehensive, simple to deploy and manage and end-user ready. When selecting a solution to protect your users, networks and data, consider the following:

Comprehensive, Simple, End-User Ready!

1) Is the solution comprehensive and integrated? Does it offer all of the critical protections outlined in this paper, or does it leave significant gaps in protection. If it is comprehensive, do all of the parts work as one, or is it a set of individual piece parts that require additional resources?

2) Is the solution simple for you? Is it easy to license, acquire, deploy and manage?  Can you easily measure the effectiveness and compliance delivered by the solution?  Does the solution have a single administrative, reporting and deployment capability?  Are the management processes simple, straight-forward and easy to learn?

3) Is it end-user ready? Can you tailor the solution to meet the needs of your users? Does the solution respect user privacy while still meeting corporate objectives? Does the solution empower users to manage their own issues such as password reset

Mobile use and mobile risk is on the rise.

Employees are no more likely to give up their smartphones and mobile devices and tether themselves back to their desktops than they are to give up streaming music and go back to LPs. Cyber criminals are well aware of these trends. Organisations cannot ignore mobile risk. They must protect their users, devices, networks and data. In order to do this effectively, they need comprehensive solutions that are simple to deploy and manage. And most importantly solutions that are end-user friendly. Only then can organizations reap the productivity benefits of using mobile devices while protecting themselves against the risk.

Sophos Mobile

Sophos Mobile is the EMM solution for businesses that want to spend less time and effort to manage and secure mobile devices. Manage mobile devices with the easy-to-use, web-based, unified Sophos Central admin interface alongside endpoint, network, or server security from Sophos. With its best-in-class data protection, comprehensive security, value-for-money, and flexible management options, Sophos Mobile is the best way to allow the use of mobile devices for work, keeping users productive, business data safe and personal data private.

For more information about incorporating Sophos Mobile into your security solution contact the DNA IT Solutions team.   We work with Sophos tools to help keep our clients protected.