Cyber Security

Cyber Security


Cyber-attacks on businesses are increasing every day. 40% of all UK crime is cyber based. We are getting an increasing number of customers reporting viruses, malware and ransomware on their systems. This can result in a huge amount of downtime while we sort out the problem.

scary-ransomware

Only 10% of UK businesses have specific insurance policies in place to cover cyber-attacks, and many traditional insurance policies have exclusions for cyber-attacks which limit their losses. Please check with your insurers to clarify what cover you have. You can normally add cyber cover to your existing policy, but without a ‘Cyber Essentials Accreditation’ the premiums are likely to be very high. However there is no need to panic, as we have a solution!

Firstly, let’s explore the threat to your business.

Who might be attacking you?

  • Cyber criminals, interested in making money through fraud, ransomware, or from the sale of valuable information.
  • Industrial competitors and foreign intelligence services, interested in gaining an economic advantage for their companies or countries.
  • Hackers, who find interfering with computer systems an enjoyable challenge.
  • Hacktivists, who wish to attack companies for political or ideological motives.
  • Employees, or those who have legitimate access, either by accidental or deliberate misuse.

You have no control over their capabilities and motivations, but you can make it harder for attackers by reducing your vulnerabilities.

Threats Requiring Mitigation

Organisations need to mitigate against the following common types of cyber-attack:

  • Phishing: malware infection through users clicking on malicious e-mail attachments or website links.
  • Hacking: exploitation of known vulnerabilities in Internet connected servers and devices using widely available tools and techniques.

There is no such thing as 100% security, but you can reduce the chances of attack (and reduce your insurance premiums) by getting Cyber Essentials Certification. AMA can help you do this.

The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the 10 Steps to Cyber Security. And through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.

cyber_essential_logo

To mitigate the threats identified above, Cyber Essentials requires implementation of the following controls:

Boundary firewalls and internet gateways

 

Information, applications and computers within the organisation’s internal networks should be protected against unauthorised access and disclosure from the internet, using boundary firewalls, internet gateways or equivalent network devices.antu_preferences-system-firewall-svg

Secure configuration

Computers and network devices should be configured to reduce the level of inherent vulnerabilities and provide only the services required to fulfil their role.Network-Security

User access control

User accounts, particularly those with special access privileges (e.g. administrative accounts) should be assigned only to authorised individuals, managed effectively and provide the minimum level of access to applications, computers and networks. user

Malware protection

Computers that are exposed to the internet should be protected against malware infection through the use of malware protection software. This software must be kept up to date. malware

Patch management

Software and operating systems running on computers and network devices should be kept up-to-date and have the latest security patches installed. patch-management-best-practices

 

AMA Managed Services can highlight and fix vulnerabilities in your network security, for a reasonable monthly (or annual) cost.

AVG Server Management Patch Management, monitoring of: backups, anti-virus updates, errors, disk space, resources, security breaches etc.
AVG Workstation Management Patch Management, monitoring of: backups, anti-virus updates, errors, disk space, resources, security breaches etc.
AVG Anti-Spam Block spam & malicious emails before they enter the building
AVG Anti-Virus Protect against viruses & other malware
AVG Content Filtering Prevent employee access to dubious, dangerous or time-wasting web sites.
Datto Backup If all of the above has failed and you need to restore, this is the ultimate infrastructure backup system. Recover from a disaster in minutes, either locally or in the cloud. Unlike standard backups, Datto backups are protected from infection from ransomware & viruses.

 

Once the above controls are in place, we can supply your business with Cyber Essentials Accreditation though our accreditation partner, PGI Cyber. PGI can also supply higher level accreditation ‘Cyber Essentials Plus’ or ‘ISO 27001’, if required.

You can register for Cyber Essentials accreditation here (£395+VAT) –https://cyberservicesportal.pgicyber.com/?ref=FWB07391

You can see a demo pf the accreditation portal here – https://vimeo.com/152268371

For more information on the ways the government is advising you stay cyber streetwise click here.


 

For further information, please call us today on 0117 9231133 or email sales@ama-it.com