Cybersecurity

Cybersecurity

  • Demonstrate to your clients you have adequate cyber protection

    Most people understand how to physically secure their organisation, locks on the doors and windows, burglar alarm, security camera's etc. But most people don't understand cyber security, how do you make sure the protections you have in place are sufficient? How do you demonstrate that to your clients?

    Cyber Essentials is a simple but effective, government-backed certification scheme that will reassure you and your customers that you are following best practices and have adequate protections in place. It only costs £300 and also includes cyber insurance.

    We’ve done it ourselves, click here and search for telanova for proof. We've also guided several of our customers through the process, getting up to the standard and passing the certification.

    If you would like to talk about how we can help your business pass the Cyber Essentials certification please get in touch.

  • Spear phishing - how to protect your organization

    “Phishing” emails are fraudulent emails which attempt to get you to open a malicious website, program or document. They are sent to thousands of people at once, so are usually something common and generic. They are playing a numbers game and only need <0.1% of recipients to fall for it to make it profitable. “Spear phishing” however is targeted at a specific individual, the attacker will have invested significant time identifying, researching and tailoring their approach to their target.

    A recent example one of our customers faced worked like this - the attacker was following the business on linkedin, waiting for when a new employee joined. They then emailed the new employee from a free gmail account they had created with a similar name to the CEO. The first email was a simple welcome to the business. Then a couple of innocuous follow ups before the real attack - “Please could you quickly purchase £500 in amazon vouchers and send them to me? I need to send them to Joe Bloggs as a reward for referring a new client and I don’t have my card on me...”

    It is crucial that cyber security awareness training is part of your new starter onboarding process. If you don’t have the budget for something more comprehensive the UK government’s national cyber security centre has some free training available here

    Even if they are not involved in financial transactions, include your process for how a legitimate request like the one in the attack above would be made, such as “The CEO would email the request to the accounts team, and the accounts team would verify the request by calling the CEO back on the number they have on file.” Make sure they know that no one would ever be punished for insisting these procedures are followed.

    Share this post to spread the word and prevent attacks like this from succeeding.

  • Stealthy Trojans need the 'door bouncer' treatment on your network.

    No, this isn't a blog post on Brad Pitt. 

    I'm hopeful you've heard of the mythical story of the Trojan Horse? Where, in 1194 BC, the Trojans built a gigantic wooden horse that was disguised as a gift and left it outside the City of Troy's gates. The people of Troy celebrated the peace offering and took the horse inside its impregnable walls. Little did they know, the horse was full of Trojan's best warriors - and at night, they jumped out; opening the gates to the Trojan army where they plundered and razed the city.

    The same ruse is now being used to enter our networks and steal our sensitive data. All it takes is a user to open or download a link sent from a malicious email that is disguised as secure and safe. A study in 2011 showed that a 69.9% of all malware attacks are Trojans.

    Once downloaded or opened, the malware infects your network or local computer. Attackers can then steal data such as credit cards, financial information, email accounts, passwords and emails, and even send thousands of emails to clients from your own email with the same link or file, creating a snowball effect that is hard to stop. Whatever is saved or used on your network is at risk.

    It's a network's Achilles heel.

    Thankfully, whilst Trojans are getting sneakier and craftier as technology gets more complex and advanced, so do the deterrents and prevention we can put in place. These prevention's act the same way as a bouncer at a club; checking ID's and making sure no unwanted visitors get in.

    That's what Telanova is; a bouncer. We monitor remotely and seamlessly in the background, allowing you to get on with the important work at hand without having to worry and lose sleep over network security issues. Contact us to find out how we can protect your network's city walls from attacks.

  • Would you trust a HTTPs verified site?

    Oh, you think you're so safe with your little green padlocks, huh?

    Think again. PhishLabs have recently published research where they have found a staggering 24% of phishing sites use HTTPS, an otherwise well known protocol that used to establish trust and privacy of using a site.

    Over the years, we have seen a massive push towards encryption of everyday services. Browsers now display a warning for sites that aren't encrypted and half the web now uses standard encryption for their websites. So why fight the competition when you can just join them?

    How many times have you visited a website and trusted inputting your sensitive financial data just because your browser says its safe? It's time for that behaviour to change!

    How to stay safe online

    Create complex passwords.Yes, I know, you've heard it all before. But the reason you've heard this before because it is the forefront of security, and arguably the most important part. Having a strong password (e.g. complex, numbers, capitals, special characters) can save you from a world of trouble.

    Be overly cautious.If its too good to be true, it probably is. Don't enter or give any information to anyone unless you can authenticate who they are. And, for whatever reason, don't click random links on the internet.

    Look into active web protection.In a day and age of increasing number of cyber attacks, we also fortunately have an increasing number of methods to protect ourselves. Look into installing some form of active web protection that blocks possible malicious websites e.g. McAfee

     

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand