An organisation’s primary and immediate line of defense against malware is typically the antivirus software installed in each of their users’ endpoint devices. It works in the background, checks data being received for known malware signatures, and warns users of possible threats. Antivirus software does contribute greatly to an organisation’s online security, but it is not enough to mitigate all malware threats when you consider how advanced these threats have become.
VPN use is widespread and for good reason: it brings large security and privacy benefits to end-users as it shields internet usage from prying eyes. But what if the VPN provider you’re using is susceptible to foreign government interference?
What if your VPN provider’s host country provides little in the way of data protection legislation? Have you considered whether the owner of your VPN service takes data security seriously at all? VPN users don’t always ask these questions – but they certainly should.
The World Wide Web has always been a valuable source of information and a reliable means of communication to masses of users across the globe. With more than 5 billion Google searches made every day and a projected $3.5 trillion online retail sales for 2019, you’d think that the internet as we know it is already as vast as it can be.
Unknown to most people, however, is that the surface or visible web—the part of the internet which the average user can access through search engines—comprises only about 4% of the entire web. The rest is composed of the deep web, a small part of which is the oh-so-mysterious (for the curious) but essentially shady, dark web.
IT security is one of those business risks that can go under the radar until the worst happens. Businesses which do not operate in the technology arena are especially vulnerable to the consequences of the lack of IT risk assessment. Fortunately, these existential risks can be completely avoided.
What does an IT security assessment do?
In essence, IT security assessments are the actions and procedures that determine, evaluate and then eliminate a range of vulnerabilities in technology systems and the business processes linked to those systems.
Password security is a major issue that no business or enterprise can ignore. Countless hacking attempts succeed due to inadequate password security. However, remembering all those strong and (hopefully) unique passwords can be tedious, to say the least. Are password managers an alternative? Let’s take a look.
Data breaches can result in dire financial repercussions for any organisation that has to deal with sensitive data, whether that be personally identifiable information (PII), personal health information (PHI), payment details, or other similar data. Depending on the number of records compromised, the costs range anywhere from tens of thousands to hundreds of millions of dollars.
The latest Ponemon study, sponsored by IBM and released in July 2018, calculates the full cost of “mega breaches” (involving more than 1 million lost records) to be $350 million. This figure takes into account the more evident cyber incident expenses such as those for technical investigation, customer breach notification and credit monitoring, regulatory fines and litigation services, among many others. The organisation would also have to cover the cost of investing additional resources into network security improvements.
In this blog, we’ve covered many of the ins and outs of BYOD (bring your own device), including the pros and cons. In reality, much of the discussion is no longer about whether employees should be allowed to connect to company networks with their own devices, BYOD is simply becoming the standard way of operating.
A study published in 2016 suggested that 59% of businesses allow BYOD, and things have certainly moved along in the intervening years. The only remaining point of discussion is BYOD cybersecurity. In this post, we give you eight top tips to help ensure BYOD does not pose a threat to your business.
With the onset of new technologies, most organisations have come to rely heavily on their IT practices and systems to ensure that operations are carried out with utmost efficiency. But how do corporate executives and business owners know that their IT system is effectively contributing to the company's business objectives?
The careful consideration given to the acquisition of software assets or the upgrade of IT infrastructure is justified. However, less attention is devoted to evaluating if these investments are actually providing a positive return for the company. Perhaps more important than ascertaining whether IT resources are properly leveraged, is to ensure that the enterprise's IT systems are reliable and secure enough to maintain the integrity of the company's data and information assets.
It is easy to follow the mistaken belief that beefing up security at your business involves buying expensive hardware and software, or hiring a top-rated security consultant to step in and make major changes. In fact, it is possible to make solid security progress by simply following good practice, and by tightening protection where needed.
Making these essential improvements is important for businesses of all sizes. In 2016, the Federation of Small Businesses found that the UK’s small businesses are collectively attacked over 7 million times a year, costing up to £5.26 billion. In this article, we cover some of the most effective ways to improve resilience against these attacks without spending an arm and a leg.
The challenges of actively managing information security are growing, and every business, regardless of size, should pro-actively protect their systems and the data held within. But how do customers know that your information security practices are fit for purpose?
Even the best intentions do not guarantee sound security practices for businesses. The only way for customers to judge the internal processes of your business is by checking for accreditation such as ISO 27001. In fact, 71% of respondents to a 2016 survey by IT Governance Ltd said that they had fielded a question about ISO 27001 accreditation.