Why You Need A Multi Layered Approach To Security

Multi layered security

Firewalls are a well-known security essential, and we are certainly big fans, but did you know a firewall alone is not enough to keep your business safe? It is like building a fence around your house to keep the burglars out: You feel safe, private and secure… but the reality is, anyone with a ladder, enough motivation or ninja skills poses a real threat. That is why despite every networked business having a firewall in place, security breaches are increasing at an alarming rate – further protections are still needed.

Without these additional protections, once the firewall is beaten or bypassed it’s like a fox in a hen house. The bad guys are free to view and download files, make changes, and even take over your systems completely. That’s why computer security works best when it’s multi-layered. When one protection fails, the next layer kicks in to keep your business safe. And then the next, and the next…but that doesn’t mean you need CIA level security that gets in your way.

A few strategic, well-planned measures can provide all the protection your business needs to keep operating without costly downtime. While it’s cool to imagine a system so secure you’ll be opening doors with retinal scanners the reality is infinitely more usable and affordable. In fact, we’ll help you choose the perfect measures that blend invisibly into your existing processes, boosting security without affecting productivity. Take a look at some of our offerings:

Proper firewall device
While not enough by itself, your firewall is still your first line of defence. However, there’s a huge difference between the generic firewall that comes standard with your broadband router and a dedicated hardware firewall appliance. Our technicians will work with you to identify which firewall is suitable for your business.

Corporate Grade Antivirus Software
A free antivirus program might be ok for home use but do you really want a free program with no backup or support protecting your confidential business data and financial information?

Access restrictions
We’ll help you give employees access to only the files they need to do their job. It’s not a matter of trust, but rather one of security. If they were the one to accidentally let the attackers through the firewall, perhaps by clicking an email link, you’re then able to limit the damage. Without this added layer of protection, it’s relatively easy to access any and all files.

Encrypt confidential files
More secure than simply password locking a file, this uses a secret ‘key’ to scramble the files and their contents, so that when anyone else tries to view them all they see is incomprehensible nonsense. Our technicians can setup an encryption system for you so that approved users can use them normally while all files remain secure.

Backups
As nothing is totally 100% secure no matter what features you implement a backup is a necessity. Having your data backup on multiple removable devices (stored both locally and offsite) as well as a cloud based backup is a must.

DP Computing offers security services to make sure all our clients are protected and all their security products are operating at 100% efficiency. Threat analysis, prevention, management and response are all included so your focus can remain on growing your business and we’ll take care of the bad guys.

Give us a call at 08 8326 4364 or via email at david@dpcomputing.com.au about multi-layered protections for your business.

Don’t Become a Victim of Social Engineering

Social EngineeringYou can have the best in computer and network security but if you or one of your staff members inadvertently give out some information all the security can come to nought.

Social engineering is the art of manipulating other people to take certain actions or divulge private information. Some hackers use social engineers techniques and skip the hassle of writing code and go straight for the weakest link in your security defenses – you and your employees. A seemingly innocent phone call or email may be all it takes to gain access to your computer systems, despite having solid software and hardware protections in place.

Here are a few ways on how social engineers work:

Email: Pretending to be a co-worker, supplier or customer who needs a simple piece of information. It could be a money transfer, contact person or some sort of personal details that they pretend they already know, but simply don’t have in front of them. The hacker may also create a sense of urgency or indicate fear that they’ll get in trouble without this information. Your employee is naturally inclined to help and quickly responds with a reply.

Phone: Posing as IT support, government official or even a customer, the hacker can manipulate your employee into changing a password or giving out information. These attacks are hard to identify and the hacker can be very persuasive, even using background sound effects like a crying baby or call-center noise to trigger empathy or trust.

In person: A person in uniform or a repairman can easily get past most people without question. The social engineer can then quickly move into sensitive areas of your business. Once inside, they become invisible and are free to install network listening devices, read a Post-it note listing passwords or gain information and tamper with your business in other ways.

It’s impossible to predict when and where (or how) a social engineer will strike. The above attacks aren’t particularly sophisticated but can be extremely effective. Your staff have been trained to be helpful, but this can also be a weakness.

So what can you do to protect your business? First, recognize that not all of your employees have the same level of interaction with people, the front desk person taking calls and welcoming visitors is at higher risk than the back office or factory worker. We recommend cyber-security training for each level of risk identified and focus on responding to the types of scenarios like those listed above. Social engineering is too dangerous to take lightly.

Talk to us about your cyber security options today. Call us at 08 8326 4364 or at support@dpcomputing.com.au