The cloud is a revolutionary computing paradigm that has completely transformed the way we do business – not least by generating significant efficiencies across the board.

Taking software and data out of local premises and placing them within a secure global network of remote servers, the cloud operates as a single ecosystem to help manage and maintain digital infrastructure. Underpinned by third-party operation, it enables 24/7 access to data whilst eliminating unnecessary expenses and downtime.  

The chances are, your firm is already using a handful of applications hosted on the cloud – from social media sites and email platforms, to productivity suites offered by industry giants like Google and Microsoft.

And with an endless selection of options to deploy resources – from public, community, and private, through to hybrid models – organisations of varying scopes and sizes can benefit from a complete computing overhaul. 

But proceed with caution! While the benefits of using cloud-based services over outdated, in-house IT models are clear – reliability, scalability, efficiency, and security, to name just a few – it’s not necessarily right for every company. 

So, to help inform your decision and formulate the most successful strategy for your organisation, here are some of the key things to consider when determining the suitability of cloud computing…

Cost.

While the cloud offers a significant range of cost efficiencies – through the elimination of redundant technology and labour requirements, lower power costs, and reduced carbon footprint – it’s important to evaluate the price of switching infrastructure.

Capital expenditure (CapEx) and operational expenditure (OpEx) should be key considerations when weighing up your options – as the financial differences will influence the option you choose.

For most businesses, a pay-as-you-go OpEx plan is the obvious choice, helping to keep financial forecasts stable and predictable, while offering the flexibility to cancel or modify a plan at any given moment, and freeing up internal resources to focus on driving value for your organisation. 

However, if companies prefer to take control of cloud services – including costs and maintenance – and generate long-term revenue by improving production facilities and boosting operational efficiency, a private cloud might be a more suitable option.

Security and compliance.

With the increasing sophistication of cyber-attacks, maintaining a strong cloud security posture is key if your organisation is to house highly sensitive business information and intellectual property online – especially if your industry is highly regulated. Luckily, most private and hybrid infrastructures support compliance, but scrutinising this area to ensure your company’s needs are met is crucial.

The off-site nature of cloud storage, in which data is hosted in a separate location from your business, automatically reduces some risks – including the removal of USB sticks, or forwarding of login details – but there are some other key elements to look out for in your security strategy. These include:

Collaboration and flexibility.

Cloud-hosted platforms enable users a greater degree of flexibility, by allowing them to access files anytime, anywhere. It doesn’t matter if your teams are working remotely or in the office, on a laptop or a tablet – as long as each device is connected to the internet, important files can be accessed and updated conveniently.

But that’s not all, cloud-based software suites like Office 365 also unlock contemporary ways of working by empowering creative collaboration. With the ability to share documents both internally and externally, co-author in real time, and attend meetings virtually, cloud computing not only creates a shared understanding across your organisation, but crucially bolsters the team dynamic and encourages fresh ideas into fruition.

But don’t just innovate for innovations’ sake – if your teams are successfully collaborating without needing cloud intervention, don’t feel like you have to make a change.

While the technology industry has become a burgeoning powerhouse in recent years – offering an ever-increasing myriad of benefits to businesses from SMEs through to corporate enterprises – there can often be a mounting pressure to conform.

And while growth often brings an unavoidable need to adapt in some form or another, change can be marginally different from one organisation to the next.

To delve deeper into the topic of cloud with one of our experts, please don’t hesitate to get in touch – let’s discuss your options, together.

Microsoft Office 365 is a revolutionary tool, helping businesses across the globe achieve more through its comprehensive software suite housing over 20 applications, intelligent email hosting and cloud storage space, plus world-class security infrastructure.

Offering a host of collaborative, state-of-the-art features in one seamless, consolidated experience, the tool plays an integral role in the day-to-day operations of over 1.5 million company users worldwide. Not only do Office 365’s cloud capabilities remove geographical constraints – allowing around-the-clock access no matter where or when – they also present an abundance of cost and time-saving efficiencies for IT teams and finance departments by automatically issuing updates for products, patches, and new releases.

But while organisations large and small are continuing to invest in the subscription, a limited number of these are truly maximising its potential – with many business owners, and teams as a result, being unaware of some of the key features on offer.

That’s why, here at Central, we decided to put our tech-minded heads together to come up with 5 simple ways you can use your Microsoft Office 365 software to boost ROI – improving productivity within your teams, creating significant time efficiencies across the board, and spearheading creativity.

1. Anytime, anywhere access

Ok, so we’ve already touched on the fact that Microsoft Office 365 enables teams to access files at any given moment, but let’s delve a little deeper.

It doesn’t matter whether you’re working remotely or in the office, on a laptop or smartphone – as long as your device is connected to the internet, the cloud-based model allows users to keep important files up to date anytime, anywhere. Whether you need to tap into a fellow staff member’s document for important information, or finish a piece of work at a later date, this is a key feature that SME’s should not overlook. And with the remote working surge over recent years dispersing teams across different parts of the country – and often world – the value of instantaneous, flexible access is truly indispensable.

2. Creative collaboration

Offering a foundation to share, edit and collaborate through OneDrive, Microsoft Teams, and more, Office 365 crucially unlocks contemporary ways of working.

Gone are the days of one in, one out document editing, constant link sharing to access files, and rushing around to be in five places at once. No matter your location, you can be confident that you have the tools to help you adapt – with the ability to share Office files both internally and externally, co-author in real time, attend meetings virtually, and be productive from anywhere.

Not only does this create a shared understanding across your organisation, but it bolsters the team dynamic and encourages innovative ideas into fruition.

3. Productive email management

With almost 320 billion emails estimated to have been sent and received globally throughout 2021, we know that staying on top of your e-correspondence can be a stressful experience to say the least. But from contact grouping to clutter management, Office 365 has a myriad of features to make managing your inbox a whole lot easier.

The ‘Distribution Lists’ feature presents a simpler alternative to painstakingly typing each email address into your recipient list when sending a group email. With the click of a button, you can send direct mail to organised segments of your contact list – such as an entire marketing department or type of client – and even automatically forward to multiple addresses. Excellent for project work and seamless communications within your department.

What’s more, with Office 365’s ‘Focused Inbox’ feature, there’s a more convenient way to declutter your inbox and streamline workflow. Separating emails into ‘focused’ and ‘other’ category tabs, Focused Inbox brings your most important emails to the fore, whilst any remaining communications are filed out of the way – but still easily accessible.

4. Data loss prevention

Thanks to OneDrive, file accessibility and recovery is extremely straightforward and contributes to the headache-free running of day-to-day tasks.

We already know that being cloud-based is one of Office 365’s many USPs – not least in terms of collaboration – but this model also contributes to a more secure, reliable way of working. As well as saving on local storage space, housing your company’s files on the cloud allows you to sync updates and back up files across multiple devices. Plus, with the added bonus of OneDrive’s ‘Version History’ functionality, users can easily restore older copies of files.

But that’s not all – there’s an abundance of other state-of-the-art features to explore from OneDrive.

5. Enhanced data protection

Office 365 features several built-in data encryption capabilities – which, if you’ve read our recent blog on cybersecurity best practice, you’ll know this is something that should be high on the agenda for all organisations.

BitLocker, for example, is a Windows-integrated data protection feature which safeguards against threats in case there are lapses in other processes or controls – such as access control or recycling of hardware – that have the potential to compromise disks containing data. In instances where someone gains physical access to your hardware, BitLocker eliminates the potential for data theft or exposure through a key protection chain – essentially, the management of credentials used to unlock or recover encrypted disks which requires a high-level of elevation and approvals to access.

And there’s a whole host of further data protection offerings – both default and optional – to discover, if you want to optimise the security of your firm’s data.

At Central, we know that tighter budgets and fluctuating productivity mean that processes need to add real value if they’re ever going to become a mainstay of your firm. That’s why leveraging Microsoft’s productivity suite and its comprehensive range of capabilities is a must.

Beyond these top tips for maximising Office 365’s potential, our managed IT services can help you breathe easy by providing around-the-clock, expert advice.

And you’ll never be just a ‘ticket’ to us. While we pride ourselves on providing leading, strategic support to a range of organisations, we’ve got the resources and flexibility to keep our approach personal.

So, if you’re seeking additional assistance on Microsoft Office 365 or simply want to know more about how we can help to understand and implement your business’ needs, get in touch.

And don’t forget, you can also find news updates from the Central team over on Twitter and LinkedIn.

Whether you’re a business or charity organisation, we believe that technology should be at the heart of everything you do. With the increasing complexity of the digital revolution causing businesses to become victim to cyber-attacks and security breaches more frequently than ever, outsourcing your IT to a trusted partner could add real value to your existing team.

Offering reliable assistance that boasts a myriad of efficiencies — from widened access to industry knowledge and expertise, one often overlooked benefit of improved morale and productivity throughout your team — external partners can significantly reduce the burdens of mounting IT pressures.

So, whether you choose to wholly or partially outsource your IT needs, here are some of our top tips on leveraging the powers of professional IT services to grow your organisation…

And at Central, we think that service is even more important than the product itself. We always go the extra mile to look after our customers – and we’ve been doing this for 30 years. We’re committed to making IT as seamless as possible and placing people at the heart of everything we do.

Central can help to understand and implement your business’s digital transformation needs. To discuss your requirements with one of our specialists or for more advice on growing your organisation with professional IT services, Contact us.

And don’t forget, you can also find news updates from the Central team over on Twitter and LinkedIn.

Despite the integral role email plays in maintaining consistent communication in both professional and personal use, many of us take default email privacy and security features for granted.

No matter the size or scope of your organisation – or the status of your individual profile – email hacks and data theft remain some of the most prolific cyber-attacks amongst perpetrators across the globe, with the primary motive being to turn a profit.

And with over 319 billion emails sent and received worldwide in 2021 – each containing personal data – protecting your inbox from tragedy is crucial, especially as companies work to bolster our digital strategies throughout 2022 and beyond.

From ransomware and phishing to fraud and identity theft, there are a whole host of cybercrime categories in circulation to target vulnerabilities. The good news is, there are lots of tips and procedures that can remove both you and your organisation from the firing line, and help mitigate the nuisance and chaos caused as a result of malicious email attacks.

To spearhead your journey towards safeguarding your inbox, here are seven tips from the team here at Central…

1. Get to know your service provider’s Terms of Service

The first step in any digital privacy and security strategy is getting to know your email provider’s Terms of Service – only by knowing and understanding what the gaps are, can you fill them effectively.

While you might – rightfully – assume that your email provider shares the same values as you when it comes to data protection, this isn’t always the case. Take Google as a key reminder. If you’re not careful about who you grant permissions to, third-party developers could be trawling through your inbox. You can see an exhaustive list of those with access, by going to myaccount.google.com and going to ‘security’. 

2. Adopt and maintain regular training protocols

Your employees are your first line of defence in any threat. Ensuring full compliance throughout your organisation is essential in reducing the likelihood of compromise, Furthermore, undertaking regular tests will allow you to evaluate understanding of best practice within your firm to better inform future privacy and security decisions.

For example, company-wide phishing exercises can uncover whether or not your employees could successfully identify a malicious email – with a notification being triggered from clicking a masked link. Alternatively, you could regularly quiz your staff on different scenarios, to see whether their approach to a security threat would be correct.

3. Download anti-virus software

Anti-virus software is self-explanatory – it protects your device against viruses. And with cyber-attacks becoming increasingly sophisticated, these programs are becoming increasingly accustomed to tackling a diverse range of threats – including using behaviour monitoring and machine learning to scope out threats before they even exist.

Not only does anti-virus software scan inbound email attachments for potential dangers, but it also monitors outbound communications to prevent spam emails or corrupted files from being distributed to your network and ruining your credibility.

4. Use multi-factor authentication

While weak passwords are an obvious risk to security, strong passwords aren’t always enough to keep cybercriminals out of your account. Hackers are often either sophisticated enough to guess your login credentials, or have powerful insight into information on the dark web.

Multi-factor authentication (MFA) offers additional inbox protection by relying on more than just a password to gain entry. Such measures include one-time passwords, responding to an SMS prompt, biometric scanning, or even diverting your login attempt to a pre-listed, alternative device.

5. Create custom email filters

Cyber criminals are coming up with innovative ways of evading your spam filter every day, but configuring your email account with tailored filters can help to catch those that slip through the net.

Involving both inbound and outbound proactive email monitoring, email filtering services classify messages into different categories to mark them as safe – protecting both you and your network. By partnering with security and data protection leader, Barracuda, Central Networks offers a complete email management solution – with powerful and customisable governing of messages – to ensure productivity isn’t impacted throughout your business.

6. Encrypt your connections

To prevent private and personal information from being intercepted by data thieves, it’s important to encrypt the connection between your device and your email server. You’ll know if a site is encrypted because it will begin with https://.

While some email service providers encrypt your connection automatically, others require you to actively alter your account settings. Using a Virtual Private Network (VPN) offers peace of mind that your emails are secure, by routing traffic through a separate server and making your online movements less trackable.

Alternatively, you can encrypt individual emails through designated apps that make private messages impossible to decipher, unless you are explicitly authorised to access them – even in cases where your inbox might be compromised.

7. Lock your device in public spaces

Whether you’re stepping away from your device for thirty seconds or thirty minutes, never leave your email account visible for others to read at a glance or – even worse – go in and access. Not only could they retrieve sensitive data from your inbox, they could also change your log-in information to prevent you from accessing it for good.

To temporarily lock your desktop, simply press Windows+L on a Windows device, or Command+Control+A on a Mac. Then, once you’re ready to go again, re-enter your password and see your tabs re-open as before.

Whilst specific requirements will differ from one organisation – and person – to another, these tips provide a great foundation for everyone to bolster their email privacy and security strategies even further.

So, whether you’ve fallen victim to an email attack or are simply concerned about your current level of protection, it’s important to explore what your options are. To hear further advice from our team of cyber security experts, or to learn more about the value we can add to your business, please don’t hesitate to get in touch

The New Year provides a great opportunity to truly reset, and to think of a plethora of ways you can make this year better than the last – whether that’s through financial changes, a focus on better health, or perhaps something less intense like simply living more in the moment!

For many, goal-setting can often link to professional situations, too. And with technology playing such a crucial role in today’s SME and wider business landscape, taking control over your data and enhancing your organisational skills might just make your working life easier throughout 2022.

So, without further ado, let’s dig in to five tech resolutions SME owners should be committing to over the next 12 months…

Regularly back up your data

If you take one piece of advice, let it be this – online cloud storage is your best friend.

Not only is it easy to use, but it also plays dividends in the event of inevitable data-loss scenarios – from system crashes and malware infections to power outages and full-blown hard drive corruptions. And, because most backup services offer automated and encrypted protection, data on the cloud is more secure than ever.

When looking at Microsoft Office 365, in particular, be sure to speak to your technology partner about the security they offer for this, as having a multi-level archiving and backup solution in place will allow your organisation to prepare and migrate safely, efficiently and economically. 

But the most effective cyber security strategies require multiple layers of protection and diverse approaches to match the sophistication of threats. Therefore, if you don’t already, it’s also a good idea to enable extra security protocols such as two-factor authentication to access your cloud data, to enhance security even further.

Start using a password manager

No matter how great your memory is, overburdening your mind to recall passwords is no joy for anyone. And with the growing need to intensify the strength of log-in information in the face of increasingly complex cyber-attacks, the task has become near impossible.

Password managers offer a central storage hub for your data – automatically filling in information when you’re ready to log into an application and providing support to improve the power of your existing credentials. With that being said, it’s important to note that utilising a password manager is no overnight solution – getting started requires a lot of manual labour to input your details, although the time and trouble it saves in the long-run is invaluable.

Stop delaying infrastructure updates

How many times have you clicked ‘remind me later’ and postponed a vital software update? Although it might seem like a tedious, unimportant exercise, keeping your devices up-to-date plays a crucial role in protecting yourself against security risks and ransomware attacks – and is one of the easiest ways to do so!

Your operating system can be a particularly vulnerable target for hackers, as it manages all the functionality of your device. To keep on top of increasingly sophisticated threats from perpetrators, you should maintain regular updates by manually checking for availability in system settings, enabling automatic updates, or even opening your devices out of hours to mitigate disruption.

When it comes to software and hardware updates though, your IT partner should be checking in with you regularly about the requirements for your business, and how your systems can be enhanced – making operations seamless and downtime minimal.

Why not speak to your service provider regarding implementing an automated patching service? That way, no important security updates will ever be missed, and you can also provide evidence that your business is fully up to date and meets compliance requirements.

Give your email inbox some TLC

Whether you’re an SME owner that’s inundated with emails or hasa steady flow of messages in your inbox, having a strategy is a great way to stay on top of your workload – and what better way to start 2022?

It may seem like a daunting task but taking the time to implement a structured approach to email organisation is a quick-win that will create a host of efficiencies in your day-to-day routine. Start by unsubscribing from unwanted communications that clutter your dashboard and addressing the flagged emails that you’ve neglected, before harnessing the true power of filtering.

You can also save yourself a few extra minutes per day by creating pre-set signatures, scheduling emails, and learning keyboard shortcuts to power through your inbox more efficiently.

Here at Central, and in partnership with Barracuda, we can provide a complete email protection portfolio in a single bundle that is easy to buy, implement, and use. This offers comprehensive security against business email compromise, account takeover and other advanced developing email threats, all delivered as a cloud-based solution with direct integration to Office 365.

Think ahead about cyber security

Of course, there are plenty of simple ways to mitigate the risks of a cyber-attack, but your security strategy should extend across every day of the year and form a fully comprehensive approach – not just act as a casual, of-the-moment management solution.

To make life easier for your internal tech teams, and to create efficiencies across the board, you could consider outsourcing some or all your IT support to a third-party expert. This strategic partner can proactively monitor and remedy any issues before they even arise – keeping your operations running seamlessly. By sourcing a security operations centre (SOC) service, for example, vulnerabilities are constantly monitored to ensure rapid response to any incidents that slip through the radar.

Cyber security certifications are also available – such as the government-backed Cyber Essentials scheme – to give peace of mind that your defences offer effective protection against a range of common attacks and to enhance your knowledge on securing IT systems. This is one of the many ‘business protection’ services we offer at Central, so please contact us if you’d like to find out more.

You can discover everything you need to know about outsourcing your IT support in our recent blog.

Central Networks wishes you a happy, successful, and well-protected 2022!

Cybersecurity and its importance within business strategy has long been a topic of discussion within the corporate world. And no matter the size or sector in which an organisation operates, being as protected as possible from online criminals should be high on the agenda.

Mike Dunleavy, client director at Central, shares his top five tips on how companies can manage – and enhance – their cybersecurity, as they look ahead and beyond the pandemic. If you missed the original article, you can catch up below:

Cybersecurity and the pandemic

The cybersecurity space continues to evolve at pace – with new threats and tactics emerging daily. And the methods hackers are using to intercept data and access businesses’ systems are becoming increasingly sophisticated, as they try to find ways to outfox the protection offered by existing security software.

The truth is, a cyberattack can happen to any organisation. Gov.uk reports that four in 10 businesses (39%) and a quarter of charities (26%) have reported a cybersecurity breach or attack in the last 12 months. It also found that these percentages are higher among medium (65%) and large (64%) businesses, and high-income charities (51%).

These figures are hard-hitting, and what’s equally concerning is that a quarter of these organisations report experiencing them at least once per week.

In another report, it was also revealed that respondents believed their company had become more vulnerable to cyberattacks since the onset of Covid-19. In reality, when the world transitioned from the office to working from home, this naturally saw an increase in the success of cyber criminals’ tactics – with a record number of coronavirus-related phishing emails, more than 18 million in fact, being sent per day.

As businesses continue to operate either fully remote and hybrid working models, it’s never been a more important time for enterprises to make sure their cyber defences are up to date and doing their job properly. Otherwise, it can inflict serious security, reputational, and financial damage on a business.

The first step in ensuring a firm is as protected as it can be against any lurking cyber threats is to stand back and get the basics right. After all, positive changes can only be made if it’s clear what the starting point looks like.

In truth, there’s no ‘one-size-fits-all’ approach to IT security, so it’s crucial to take a breath and not feel compelled to compare one firm with another, and go out and buy all the ‘latest’ technology, thinking that will prevent and solve all problems. It really won’t.

Taking stock of IT infrastructure and auditing which cybersecurity software, firewalls, artificial intelligence tools, and policies are in place is the springboard to truly getting where business leaders want to be.

This will not only save organisations lots of money – by not purchasing equipment they don’t need – but it helps them to get a clearer picture of where they’re beginning and where they want to be.

If a company has experienced a cyberattack in the past, it’s important not to simply brush it under the carpet – recognising it and using it to learn from is crucial is helping to prevent history from repeating itself.

Whether an employee clicked on a phishing email, or a network was infected by a virus, knowing how and where the incident originated is key to identifying areas that need attention. Once that’s determined, this is when companies’ in-house IT teams and/or managed IT service providers can work together to assess suitable products that will mitigate any future attacks.

By ignoring any incidents that happened previously, businesses are overlooking a key learning resource.

It may – or may not – come as a surprise but human error accounts for a great proportion of data breaches.

And successful cybersecurity needs a collective effort from everyone across an organisation – no matter their job title, daily duties, or whether they’re office-based or remote. The entire workforce has a responsibility to keep the business safe from online criminals, but they can only do this if awareness and training are made routinely available.

Knowing about the security programs that are in place across the business, along with some of the most common threats – and how to spot them – can go a long way in helping staff to feel more in tune and comfortable in knowing what to do if they think they’ve come across an issue.

Hosting virtual, interactive, and bitesize cybersecurity sessions, for example, could help personnel to recognise the tell-tale phishing email signs, and be aware of the most common ways bad actors try to gain access to systems and sensitive data. Without shining the spotlight on these issues, workforces likely won’t know about them – and where cybersecurity is concerned, ignorance is anything far from bliss.

Linked with the point above, even if organisations feel their staff are ‘bought in’ to the cybersecurity tools they implement, it’s super important that they don’t rest on their laurels.

Regular ‘penetration testing’ – effectively, a simulated cyberattack – is an effective way to determine exactly how personnel would approach a real-life incident.

Everyone makes mistakes, that much is true, but when it comes to cybersecurity, organisations can’t afford to slip up. That’s why ‘ethical hacking’, as it’s often referred to, is a useful tool that helps to uncover where potential internal or external vulnerabilities are within the system – before cybercriminals get there first.

There’s no need to panic though. These tests mimic the real thing but don’t cause any damage. Conducting them frequently helps to keep everyone alert, ensures a business’s current security strategy is working, and identifies any flaws in software, hardware, endpoints, or servers etc.

Another potential access point for online criminals can be opened up if security patches, policies, or software and hardware updates are ignored.

And at a time when hybrid working models are more popular than ever, it’s easy for security upgrades on remote workers’ laptops or smartphones, to be missed. That’s why it’s vital that all organisations have a robust mobile device management policy in place – making sure that all company equipment is updated at the same time, no matter its location.

Again, this is also linked very closely with staff awareness. They may see a pop-up about installing a new version of cybersecurity software or operating system, and if they always click ‘remind me later’, this can prove detrimental. Knowing that these updates contain essential bug fixes and security enhancements should hopefully make employees more clued-up on what it could mean if they don’t install them.

In reality, while these are five fundamental ways companies can get ahead of the cybersecurity curve in a post-pandemic world, every individual business – from its tech infrastructure to wider corporate objectives – is different. And this means the risk of being cyber-attacked varies too.

But by going back to basics and assessing what cybersecurity measures a firm has in place, this will equip teams with the tools to make informed, evidence-based decisions that will help the enterprise grow and reach its goals. And, ultimately, it’s the role of an IT partner – whether in house or outsourced – to ensure any gaps are plugged and the right solution is in place to facilitate this.

With the continued advancements in the complexity of cyber fraud, traditional security is no longer fully comprehensive to ensure a system is as secure as possible. Previously unseen methods of attacks are impossible to detect with security protocols that are only looking for known threats.

In partnership with Darktrace, Central offers industry-leading artificial intelligence systems that allow for proactive monitoring of organisational activities, quickly identifying, triaging and even neutralising the issue instantly. 

With rollout being available for cloud, network, and email platforms, we are able to offer companies a comprehensive security package that creates efficiencies, saves time, and allows analysts to focus on higher-value tasks.

Features
• Operates under a machine self-learning model that builds a ‘pattern of life’ at a granular level within the organisation
• Acts like the human immune system by understanding what is intrinsically ‘normal’
• Detects deviations that signal threatening activity and issues reports
• Triages and assesses potential attacks, with 92% of time saved, on average
• Offers an advanced-level solution that not only detects and triages an incident, but triggers an autonomous and proportionate response, without disruption to business operations.

Benefits
• Identifies and responds to in-progress threats in real time, both external and insider 
• 100% visibility over the entire digital enterprise
• Scalable and adaptable to any environment
• Does not require knowledge of past threats to understand new ones
• Continually updates its understanding as the environment changes
• Constantly monitors, even when a security team isn’t present
• Requires minimal set-up
• Creates efficiencies of time and resource for security analysts

Throughout the COVID-19 pandemic, countless stories have featured in the press about UK businesses who had fallen victim to cyber-attacks.

With home working on the rise (and likely here to stay), many organisations have enhanced the digital solutions utilised to manage daily business remotely. With the use of cloud-based applications, personal devices and collaboration tools increasing, cybersecurity is now all the more important for you and your employees.

In this article, we aim to provide you with our five top tips to better manage cybersecurity amongst multi-location teams.

01. Risk
Develop a risk treatment plan and continue to review it.
As businesses and their environments change, so do their risk profiles. It’s important to continuously review your risks and refine actions in light of changes to your organisation. For some companies, remote working might be entirely new, if this is the case, you must reflect on recent incidents and highlight any new hazards that you may not have previously considered.

Now might be the time to invest in implementing ISO27001, the internationally recognised standard for the management of information security. As the standard is risk-based and requires the development of a risk treatment plan, businesses can take a broad, commercially focused view on what they need to do to manage cybersecurity.

Once you’ve identified any potential threats, it’s important to prioritise as you cannot eliminate them all at once. Developing a prioritised roadmap allows you to reduce the biggest security dangers immediately and helps make risk reduction commercially feasible.

02. Educate 
Provide employees with training to avoid phishing scams.
Many cybercriminals took advantage of the COVID-19 pandemic by sending phishing emails intended to lure users to click on malicious links or download files and allowing hackers to steal sensitive data or even take control of a user’s device. Action Fraud estimated that Britons lost around £3.5 million during March and April 2020 due to cyber fraud.

Furthermore, when furloughed employees begin to return to work, many will face an enormous backlog of emails. Rather than carefully sieving through hundreds of emails, employees are likely to rush through their emails to clear out their inboxes. This means that they are more prone to accidentally click on malicious links and give away confidential information.

You must educate and communicate clearly with your employees to ensure they are aware of the dangers of phishing messages and what actions to take if they receive any suspicious emails.

03. Authenticate
Utilise multi-factor authentication across the board.
Multi-factor authentication (MFA) is a great way to reduce cybersecurity risk as it provides additional protection, making it less likely for hackers to gain access to critical systems.

Two-step verification has become a standard for most leading software services, including Microsoft and Google. Once you input your password, you may have to answer a question using your personal, memorable information or sometimes you might be sent a verification code to your preferred contact number that's programmed into the software. Microsoft has reported that 99% of those who have their account hacked do not have two-step verification in place.

MFA is a quick, simple way to improve cybersecurity and reduce risk, yet according to statistics, just 10% of Google users take advantage of this security function. To support our customers deploy effective MFA procedures which do not hinder user productivity, Central offers a range of products that can be simply implemented.

04. Encrypt
Use encrypted video conferencing at all times.
Throughout the lockdown, there have been many stories about hackers targeting video conferences to gain access to sensitive information. You must choose a video conferencing software that is encrypted to help protect against this.

MS Teams incorporates built-in security features, as well as customisation options that allow its users to set their own protocols. It includes various authentication procedures to make it harder for unauthorised users to gain access such as organisation-wide, two-factor authentication or a single sign-on through Active Directory. This provides its users with the confidence that their conversations are private and secure.

05. Report
Put effective monitoring and management of cyber security processes in place.
Investing in cutting-edge technology is only part of the solution to managing cybersecurity. Companies also need to make sure they can continuously monitor and manage systems in a controlled environment. This preventative measure allows organisations to ensure that their IT systems are working correctly and that they are able to proactively identify any potential issues.

 

Cyber threats are rapidly evolving and changing, as digital criminals continually level up to find vulnerabilities in the latest tools and technologies put in place to prevent attacks.
"In 2020, there was a 130% increase in ransomware attacks alone, costing the global economy over $1 trillion.

Traditional cyber security protection is based upon known threats, and readily made solutions to prevent them. But, what can an organisation do when it is continually faced with novel attacks? 

Security teams often end up overwhelmed and unable to keep up. They are also simply outpaced when it comes to machine-speed attacks, such as ransomware, where they are unable to respond quickly enough due to a lack of resource.

Where can AI play a part?
This is where artificial intelligence — i.e. machine self-learning — comes into play. Deploying systems that span entire organisations, with the ability to learn what is normal and what is abnormal, means that the solution is not based on assumptions of what malicious is. 

In this way, AI can mimic the human immune system, and just as immunity is unique to individuals, the technology becomes exclusive to each organisation. It can quickly identify unusual behaviour and identify potential threats as they emerge.

Continuing in this vein, firewalls act like the skin – a protective barrier against known threats – but it is not infallible and things can get past it, and that is where artificial intelligence plays a crucial role. 

Often, these AI systems are left unsupervised to build up a ‘pattern of life’ at a very granular level – monitoring every user, piece of technology, and system within an organisation. Once this detailed picture is built, it can then very quickly identify when something deviates from this pattern, signalling threatening activity.

This is impossible for security analysts to do alone, but is designed to work in tandem with them to prevent malicious attacks. 

How can AI save time and costs?
Taking this even further, current technology is able to investigate and triage potential threats, helping to make quick decisions to create incident reports. Research by Darktrace estimates a 92% reduction in the time taken to triage incidents when using this type of platform – meaning that security teams are able to focus their time on higher priority tasks. 

Can AI fight back?
Autonomous response by self-learning systems is now entirely possible. Systems in place can generate a surgical and proportionate reaction to interrupt emerging threats, without impacting on day-to-day business operations.

Due to the self-learning capabilities, where the technology can identify what is normal and what isn’t, it can then detect, triage and neutralise cyber-attacks across cloud, network, and email – allowing teams to concentrate on the long-term security strategy.

So, what’s next?
With cyber threats continuing to progress at pace, organisations must look to artificial intelligence to protect their IT infrastructure and, ultimately, their business.

Loss of control of data or systems can often be a corporate death sentence for firms that are not properly equipped to deal with such incidents.

Secure email gateways are no longer sufficient to defend against today’s sophisticated social-engineering attacks. These attacks bypass traditional security and end up costing organisations time, money, and brand equity.

Central offers the most effective email protection solution to prevent targeted social-engineering attacks by adopting a multi-layered approach that combines a secure email gateway, AI-powered fraud protection and advanced security awareness training.

In partnership with Barracuda, we are able to provide a complete email protection portfolio in a single bundle that is easy to buy, implement, and use. This offers comprehensive security against business email compromise, account takeover and other advanced developing email threats, all delivered as a cloud-based solution with direct integration to Office 365.

Features
• API-based integration with Office 365
• Includes cloud-based backup and archiving
• Real-time AI-powered anti-phishing protection
• Brand protection using DMARC reporting and enforcement
• Tamper-proof email archiving for compliance and e-discovery
• Advanced, automated security awareness training
• Simple setup and management, with zero impact on network performance

Benefits
• Complete multi-level defence that combines AI-based email security, compliance, business continuity, and user security training
• AI learns your communication patterns to detect personalised fraud in real time
• Unique API-based architecture stops threats inside your mailbox that traditional gateways cannot
• Uses vast, real-time global threat information network to optimise detection

What's included in the bundle:
Forensics & Incident Response
Limit damage and accelerate remediation.
Slow, inefficient, manual response processes give attacks time to spread further in your network. Forensics and Incident Response automates incident response and provides remediation options to quickly and efficiently address attacks. Easily send alerts, remove malicious emails and use threat insights to stop the spread of malicious threats. 

Security Awareness
Fight phishing with continuous training and simulation.
Some attacks will land in users' inboxes. What happens next depends how well they've been trained. Our solution uses customised simulations with daily0updated content to transform your users into a powerful layer of defence, by dramatically boosting their ability to identify social-engineering attacks and respond appropriately. 

Inbox Defence
Defeat spear phishing and account takeover with AI.
Losses from socially engineered email attacks are in the billions of pounds and growing. They typically impersonate a trusted third party, to trick users into giving away credentials, data or money. Our solution detects and stops these costly attacks. It uses artificial intelligence to learn each user's unique communication pattern, to identify malicious intent and flag fraud attempts.

Resilience
Keep your data safe and ensure business continuity. 
You need data protection that boots resiliency, minimises downtime and simplifies recovery from ransomware and accidental data loss. We ensure data protection and business continuity with advanced email continuity and backup services, protecting against accidental or malicious deletion of emails and data.

Secure Gateway
Protect your business from email-borne cyber threats.
Modern attacks are rapidly growing in volume and sophistication - and 91% start with a targeted email attack. Our cloud-based security solution is designed to protect against spam, phishing, malware, ransomware and other targeted email threats. It combines heuristic, behavioural and sandboxing technologies to detect advanced, zero-day attacks.

IT'S WHAT WE DO.

Central Networks are a strategic technology partner. Excellent technology is a given, customer service, trust and long-term relationships are what drive our business. We support CEOs, Heads of IT, IT technicians and transformation directors to ensure technology provides an edge to their organisations.

© Central Networks & Technologies Ltd.
Byron House, Green Lane
Heywood OL10 2DY

T: +44 (0)1706 747474
E: info@centralnetworks.co.uk

Company No: 02604843
VAT: GB 562 6919 13

Privacy Policy
Terms & Conditions