An IT Support Blog from London

Read the latest IT news, tips and insights from IT Support pros at HTL Support

Should Your Business Use A Password Manager

Should Your Business Use A Password Manager

Password security is a major issue that no business or enterprise can ignore. Countless hacking attempts succeed due to inadequate password security. However, remembering all those strong and (hopefully) unique passwords can be tedious, to say the least. Are password managers an alternative? Let’s take a look.

Continue reading
  303 Hits
303 Hits

Is Ransomware Still a Threat?

Is ransomware still a threat

The year 2017 was a dismal year for IT security, particularly in the arena of ransomware.

Less than 12 months ago, the ransomware worm WannaCry wreaked havoc across the globe, placing large organisations – including NHS trusts in England and Scotland, at the forefront of one of the most prolific cyber attacks in history. Then followed NotPetya (initially believed to be the Petya malware of 2016) in June, which also spread quickly and, even without the aid of human intervention, managed to harm multinational companies.

Yet more ransomware attacks compromised the data of individuals and organisations, but they were not nearly as high profile as the aforementioned attacks, and this prompted many people to believe that ransomware is no longer the threat that it was twelve months ago. But is this really the case?

Continue reading
  679 Hits
679 Hits

7 Ways You Can Improve Security Without Breaking Your Budget

7 Ways You Can Improve Security Without Breaking Your Budget

It is easy to follow the mistaken belief that beefing up security at your business involves buying expensive hardware and software, or hiring a top-rated security consultant to step in and make major changes. In fact, it is possible to make solid security progress by simply following good practice, and by tightening protection where needed.

Making these essential improvements is important for businesses of all sizes. In 2016, the Federation of Small Businesses found that the UK’s small businesses are collectively attacked over 7 million times a year, costing up to £5.26 billion. In this article, we cover some of the most effective ways to improve resilience against these attacks without spending an arm and a leg.

Continue reading
  717 Hits
717 Hits

4 Tips to Make Your Cloud More Resilient to A DDoS Attack

 4 Tips to Make Your Cloud More Resilient to A DDoS Attack

DDoS attacks are typically designed to inundate servers and entire networks by consuming computing resources through large volumes of traffic, connections, or requests. And so, because cloud infrastructures are assumed to be backed by a large assemblage of such resources, many people believe their servers are less susceptible to these types of attacks if they’re hosted in the cloud. But that’s not entirely true.

If your servers are hosted in a multitenant environment along with a bunch of other servers belonging to other organisations (which is usually the case in a public cloud), your servers could be at risk of collateral damage. If those other servers (note: not yours) are bombarded by a DDoS attack and your cloud service provider (CSP) attempts to absorb the attack, your own servers, which share the same underlying infrastructure with those other servers, could also suffer.

Continue reading
  672 Hits
672 Hits

Going Beyond Checklists: Why Security Matters More Than Just Compliance

IT Security Compliance Checklists

With the losses associated to cyber crime expected to hit around $6 trillion by 2021, security has become a top priority of many businesses. These companies diligently implement compliance initiatives in hopes that they can ensure security within their organisations. But here’s the thing: achieving compliance doesn’t necessarily mean that your business is fundamentally secure.

Last year, Verizon published a report that revealed a major eye opener regarding compliance. According to that report, 45% of PCI DSS certified customers needed remediation. Meaning that these businesses still needed to improve their security controls in order to be considered secure as per PCI DSS.

It’s important to note that these businesses actually already passed a previous compliance audit. In fact, they were certified to be fully PCI DSS compliant. In other words, they had already spent a considerable amount of time, attention, and money establishing IT security controls that met PCI DSS requirements.

Continue reading
  843 Hits
843 Hits

Top 4 Cyber Threats UK Businesses Need To Watch Out For in 2018

Top 4 Cyber Threats UK Businesses Need To Watch Out For in 2018

The cyber threat landscape continues to evolve and in order to maximise your cyber security budgets, and position resources where they are most needed, you need to know what threats are most likely to make an impact in the near future. To help you, we’ve put together a list of what we believe are going to be the top 4 cyber threats in the UK this year. 

Continue reading
  1062 Hits
1062 Hits

How Important is Penetration Testing to Achieving Optimal Network Security

How Important is Penetration Testing to Achieving Optimal Network Security

Let’s say you’ve already invested a fortune on network security. How do you determine that investment’s effectiveness in preventing a data leak or withstanding a deliberate cyber attack? Your best option would be to conduct a penetration test or pen test.

Continue reading
  1394 Hits
1394 Hits

This Is What Happens When You Don’t Take DNS Security Seriously

This Is What Happens When You Don’t Take DNS Security Seriously

When businesses embark on cyber security initiatives, one of the things that’s often overlooked is DNS security. Many people forget or simply aren’t aware that a compromised DNS infrastructure (or any critical component of that infrastructure) could potentially lead to considerable downtimes, malware outbreaks, data breaches, and several other forms of cyber incidents.

These things can happen because DNS or the Domain Name System plays a crucial role in almost any user-initiated activity that takes place on the Internet. DNS is in charge of resolving the easily-recognisable names like www.somesite.com or ftp.companyx.com that users enter into their web browsers, email clients, or file transfer clients into the IP addresses (e.g. 200.100.10.10) that computers use to communicate with one another.

Continue reading
  925 Hits
925 Hits

Protecting Your Staff and Business from E-Mail Spoofing

Protecting Your Staff and Business from E-Mail Spoofing

The prevalence of firewalls and anti-virus software has closed many of the common attack vectors that cyber criminals use to gain unauthorised access to networks and to bypass online security. For this reason, attacks increasingly rely on fooling users into allowing access to systems: legitimate-looking emails that easily clear the common-sense hurdle can hide malware and well-planned hacking attacks.

Even with the necessary protections in place it is surprisingly easy to “spoof” an address, with a from field that looks correct in every way; except for the fact that the sender is not who it appears to be. Most users will think twice about opening an attachment sent by an unknown sender, but if the attachment appears to be from a colleague the usual caution is sometimes left by the wayside.

Continue reading
  1232 Hits
1232 Hits

Why is Ransomware Becoming the Favourite Attack Dog of Cyber Criminals?

Why is Ransomware Becoming the Favourite Attack Dog of Cyber Criminals?

Of all the types of malware wreaking havoc these days, one clearly stands out - Ransomware. This troublesome malware appears to be gaining a lot of fans in the cybercrime community and has, in turn, caused considerable stretches of downtime on a large number of organisations.

Continue reading
  1562 Hits
1562 Hits
Top