We are acutely aware that SMBs are becoming a larger target for cyber threats and accounts fraud. Over the last 6 months, global businesses small and large were impacted by cyber attacks that could have been thwarted with higher threshold cyber hygiene.
In the last 12 months 35% of global SMBs have experienced a cyber security attack and 80% of hacking-related breaches happened as a result of stolen and/or weak passwords. We’ve talked to and worked with our cloud product vendors to assess the product functionalities we use and provide, together with their security controls.
Amazing Support’s response to the changing cyber climate
Since January, we have been rolling out more secure and robust client systems, layers of managed cyber security protection, together with providing you with clearer visible information on your business IT through effective monthly reporting. Whilst still ensuring we deliver the best IT support and implementing market leading IT and cyber security solutions. When it comes to keeping your business secure we take it seriously, especially when 91% of cyber attacks originate from a phishing email.
Q4a Major Security Update
As a response to the global cyber threat activity, we are going to make it mandatory for all customers using Office 365 to use 2-step verification aka Multi-Factor-Authentication (MFA) by way of a secondary security code to login to Office 365 accounts. This will ensure external cyber threat actors cannot compromise your Office 365 accounts and to reduce the chances further of you and your clients being affected by phishing attacks, CEO whaling and email fraud.
What does this security change logistically mean?
Once we have enabled the MFA security setting on your account, the next time you login to any Office 365 application (both installed on your computer and through your web browser), you will be prompted to do the following:
1. Sign in to Office 365 with your work account and password.
2. After you enter your password, you’ll be sent a code to your phone (or to whatever device/app you will specify when you set up 2-step verification).
3. When you receive the 6-digit code, enter it in the box and then choose Sign in.
This two-step security process will occur when you login to Office 365 initially, when you attempt to login from any new device or IP address, when your Office 365 password is reset and at any time there is a suspected security or account issue.
The security code can be sent to your phone via SMS but you can also use the Microsoft Authenticator app on your smartphone for 1-click verification. You can opt to use the app during setup of the 2-step verification and for more information on how to install and use the Microsoft Authenticator app visit https://amzsup.co/2YoBzPL.
The Office 365 2-step verification security update is part of our on-going strategic responsibility as your Managed Support & Security Provider to provide additional cyber security measures to protect your business against the evolving threat landscape.
Q4b Major Security Update
Our email cyber security filtering with advanced threat protection that we rolled out to all clients in April was a resounding success keeping your business protected from sophisticated cyber and social engineering attacks, as well as reducing day-to-day noise, spam and malicious viruses from entering your business. In fact within that time we have blocked over 10 million potentially malicious and dangerous emails from being delivered to our clients.
We therefore have another improvement we are rolling out to all clients to reduce even further hoax attempts (where cyber criminals attempt to use your email domain as the sending address for email phishing attacks). Over the next few months we will be enabling DKIM (DomainKeys Identified Mail), an email authentication method within your Office 365 platform and within your domain name designed to detect forged sender addresses in emails (email spoofing), a technique often used in phishing and email spam.
Cyber Security Awareness Training (SAT)
We have also come to see many of you to deliver Cyber Security Awareness Training through our Lunch ‘n’ Learns which is an important and vital part of business cyber security protection. Ensuring you know how to spot a potential phishing email is crucial to combat cyber threats, together with the backing of best of breed technology. In order to keep your business protected we have to keep improving our cyber security prevention by adding more layers of security to achieve that.
Important to remember! that your Office 365 password is set to change every 60-90 days. So when you receive the email reminders to reset your password, ensure you use a different alphanumeric/upper-case/lower-case/special 8 character minimum password every time.
You can also use a free password generator to create a secure strong password for you at https://amzsup.co/2FSDPaW.
Top Cyber Threats To Watch Out For
In an ever increasingly digital world, the threat digital attacks pose to businesses of all sizes continues to grow. According to a recent survey by the Department for Digital, Culture, Media and Sport, over four in ten businesses (43%) and two in ten charities (19%) experienced a cybersecurity breach or attack in the last 12 months. These figures demonstrate how important it is for businesses to implement robust security measures that will safeguard key business data.
Below is a quick infographic detailing the 4 biggest & scariest Cyber Threats to UK businesses & how to avoid them.
The Risk of Deep Fake Videos
It’s getting much harder to spot a Deep Fake video. Fake videos and audio keep getting better, faster and easier to make, increasing the mind-blowing technology’s potential for harm if put in the wrong hands.
Bloomberg QuickTake explains how good deep fakes have gotten in the last few months, and what’s being done to counter them.
We strive and are committed to keeping your business as best protected from cyber threats as possible. If you would like to discuss these market changes in more detail please do speak to us.
David Share – Director