An IT Support Blog from London

Read the latest IT news, tips and insights from IT Support pros at HTL Support

4 Tips to Make Your Cloud More Resilient to A DDoS Attack

 4 Tips to Make Your Cloud More Resilient to A DDoS Attack

DDoS attacks are typically designed to inundate servers and entire networks by consuming computing resources through large volumes of traffic, connections, or requests. And so, because cloud infrastructures are assumed to be backed by a large assemblage of such resources, many people believe their servers are less susceptible to these types of attacks if they’re hosted in the cloud. But that’s not entirely true.

If your servers are hosted in a multitenant environment along with a bunch of other servers belonging to other organisations (which is usually the case in a public cloud), your servers could be at risk of collateral damage. If those other servers (note: not yours) are bombarded by a DDoS attack and your cloud service provider (CSP) attempts to absorb the attack, your own servers, which share the same underlying infrastructure with those other servers, could also suffer.

Continue reading
  4128 Hits
4128 Hits

Going Beyond Checklists: Why Security Matters More Than Just Compliance

IT Security Compliance Checklists

With the losses associated to cybercrime expected to hit around $6 trillion by 2021, security has become a top priority of many businesses. These companies diligently implement compliance initiatives in hopes that they can ensure security within their organisations. But here’s the thing: achieving compliance doesn’t necessarily mean that your business is fundamentally secure.

Last year, Verizon published a report that revealed a major eye-opener regarding compliance. According to that report, 45% of PCI DSS certified customers needed remediation. Meaning that these businesses still needed to improve their security controls in order to be considered secure as per PCI DSS.

It’s important to note that these businesses actually already passed a previous compliance audit. In fact, they were certified to be fully PCI DSS compliant. In other words, they had already spent a considerable amount of time, attention, and money establishing IT security controls that met PCI DSS requirements.

Continue reading
  2813 Hits
2813 Hits

Top 4 Cyber Threats UK Businesses Need To Watch Out For

Top 4 Cyber Threats UK Businesses Need To Watch Out For in 2018

The cyber threat landscape continues to evolve and in order to maximise your cyber security budgets and position resources where they are most needed, you need to know what threats are most likely to make an impact in the near future. To help you, we’ve put together a list of what we believe are going to be the top 4 cyber threats in the UK. 

Continue reading
  3427 Hits
3427 Hits

How Important is Penetration Testing to Achieving Optimal Network Security

How Important is Penetration Testing to Achieving Optimal Network Security

Let’s say you’ve already invested a fortune on network security. How do you determine that investment’s effectiveness in preventing a data leak or withstanding a deliberate cyber attack? Your best option would be to conduct a penetration test or pen test.

Continue reading
  4956 Hits
4956 Hits

This Is What Happens When You Don’t Take DNS Security Seriously

This Is What Happens When You Don’t Take DNS Security Seriously

When businesses embark on cyber security initiatives, one of the things that’s often overlooked is DNS security. Many people forget or simply aren’t aware that a compromised DNS infrastructure (or any critical component of that infrastructure) could potentially lead to considerable downtimes, malware outbreaks, data breaches, and several other forms of cyber incidents.

These things can happen because DNS or the Domain Name System plays a crucial role in almost any user-initiated activity that takes place on the Internet. DNS is in charge of resolving the easily-recognisable names like www.somesite.com or ftp.companyx.com that users enter into their web browsers, email clients, or file transfer clients into the IP addresses (e.g. 200.100.10.10) that computers use to communicate with one another.

Continue reading
  4091 Hits
4091 Hits

Protecting Your Staff and Business from E-Mail Spoofing

Protecting Your Staff and Business from E-Mail Spoofing

The prevalence of firewalls and anti-virus software has closed many of the common attack vectors that cyber criminals use to gain unauthorised access to networks and to bypass online security. For this reason, attacks increasingly rely on fooling users into allowing access to systems: legitimate-looking emails that easily clear the common-sense hurdle can hide malware and well-planned hacking attacks.

Even with the necessary protections in place, it is surprisingly easy to “spoof” an address, with a form field that looks correct in every way; except for the fact that the sender is not who it appears to be. Most users will think twice about opening an attachment sent by an unknown sender, but if the attachment appears to be from a colleague the usual caution is sometimes left by the wayside.

Continue reading
  3940 Hits
3940 Hits

Why is Ransomware Becoming the Favourite Attack Dog of Cyber Criminals?

Why is Ransomware Becoming the Favourite Attack Dog of Cyber Criminals?

Of all the types of malware wreaking havoc these days, one clearly stands out - Ransomware. This troublesome malware appears to be gaining a lot of fans in the cybercrime community and has, in turn, caused considerable stretches of downtime on a large number of organisations.

Continue reading
  4694 Hits
4694 Hits

Making BYOD Safe: Policies for Your Employee's Devices

Making BYOD Safe: Policies for Your Employee's Devices

It is without question a risky affair: allowing employees to use their personal devices to access your network and valuable, often confidential company data. Yet despite the risks BYOD (bring your own device) marches on and companies and organisations around the world are adopting tactics and technologies to make it work.

Continue reading
  4427 Hits
4427 Hits

This Is How A Drive By Download Sneaks Malware Into Your System

This Is How A Drive By Download Sneaks Malware Into Your System

There used to be a time when it was relatively easier to prevent malware from infecting our systems. We’d install an antivirus, keep its database updated, and equip end users with a laundry list of things to avoid - like suspicious email attachments and unfamiliar websites. Today, drive by downloads are making malware avoidance a more challenging task.

A drive-by download is a malware infection procedure that doesn’t require the user to download anything or even click a link. For his/her system to get infected, the user only has to visit a site that’s been compromised. The infection process then takes place behind the scenes, without the user ever noticing anything unusual.

Continue reading
  5307 Hits
5307 Hits

Britain Shaping Up to Confront Cyber Risks

Britain shaping up to confront cyber risks

In the wake of Brexit, it seems like there has never been a more important time to attract businesses to the UK. There are still plenty of reasons for multinationals to set up shop here. While it has experienced setbacks in recent times, London has retained its status as one of the world's financial hubs. We also have the fifth largest economy in the world according to GDP (Nominal), and despite the current uncertainty, there are still solid strategic reasons for companies basing themselves in the UK.

Continue reading
  3488 Hits
3488 Hits
Top