With working from home now being the norm for most people it is more important then ever to be aware of the cyber security threats. This is true for both IT support teams and for employees working from home.
The issue here is that we tend to be more relaxed at home, its normal as you are in a relaxed environment. Your not in the office environment which you would normally be in. In some instances you are working on your own devices to connect to a corporate network and in other it’s a work issued device. Spam and phishing emails are a bigger threat in this circumstance as you are more likely to click on one of these emails then you would be if you where in the office. There is also the whole COVID19 pandemic which cyber criminals have taken advantage of in recent months.
Our IT support team has seen a massive increase in the number of phishing emails detected on our clients systems. We have the right barriers in place to block these threats but it still is alarming. For examples emails about furlough or grants from HRMC. People are more likely to click on these emails as it draws interest and it may be something that the recipient is already looking into elsewhere.
Having the right antivirus and physical security in place is an essential part of protecting your business from cyber threats. Statistics from the UK Information Commissioners Office (ICO) show that around 90% of all data breaches are caused by human errors. In 2019 around 60% of UK businesses suffered from a data breach which was caused by human error (based on findings from research done by Gallagher. )It should be pointed out that in a lot of instances phishing emails was the main cause of these breaches .One important but often overlooked aspect of a good security protocol is staff training. In a lot of cases the employees of an organisation simply will not be aware of what to look out for. Your staff are your biggest asset and they play a major role in protecting your digital assets.
Training is often seen as an expensive and time consuming task. Typically you send one or more of your staff away for a day or two on a course. They go there, take notes and then come back to the office. For the first days or week they will be excited and try to implement everything they learned. In most cases this is all forgotten within a short period of time after the initial excitement finished. We typically see with clients that one of their members of staff are sent on such a course once a year, although a lot of times they are only ever sent once. Training becomes effective when it is a ongoing thing, its easy to use and memorable. You can’t send your staff on courses all of the time, it costs a lot and it takes them away from their normal day to day tasks for to longer period of time. It’s also difficult to implement what you have learned from the pages of notes that you took whilst you was on a course a few weeks back.
An ideal solution here would be to regularly provide testing and training for your staff so that their knowledge on cyber security is kept up to date. This is where on going training is the ideal solution, one which has different training available for specific threats. We have partnered with Sophos to be able to delivered this service to you. It can be consumed by itself or mixed with our other IT support solutions it fully depends on your business and it requirements and kept up to date. We can further tailor the training down to the specific needs of your staff to establish an effective training program. Please see below:
How it works
Our IT services team will send simulated phishing emails to your staff. These will look the same as normal emails from legitimate companies that you will most likely have some sort of relationship with. Think Amazon or Microsoft for example. Once the emails are sent they are monitored from here to see who interacts with them. After this we are able to compile the data into a list and see who the risky users are i.e. the ones that opened the emails, clicked on links and entered the credentials when prompted to. These will be the staff that will require the training. The training is done online at the user’s PC or laptop. It is typically delivered via a short interactive video which is based on the cyber security threat that they were most susceptible to (say social engineering for example).
Future results from the testing can then be further analysed to determine where the training has been successful and whether there are any gaps which need to be filled. Our staff will compile the report and provide it to you in an easy to understand format. Results from previous campaigned can also be analysed and compared against recent ones to highlight any trends. You don’t need to spend time identifying risky users, this is done by us and is highlighted by the testing results. Click here to watch a short video on how it works.
Now is a more important time than ever for your staff to be cyber security aware. As they are likely working from home. Our team can provide this service with an easy to use package that can be quickly tailored to independent people’s requirements. It can also be provided in different languages to in case you have any staff whom English is not their first language.
This kind of training can be used on a regular basis without having to take your staff out of the business on training courses for long periods of time. It is quick and easy to do and will not disrupt your day to day business activities. We are even able to have it run fully automated.
There are currently over 50 different training modules available, these cover compliance and security topics. Your staff will find the training both interactive and engaging and is compatible with both Gmail and Microsoft mailboxes.
Training to meet your staffs needs
There is choice of over 500 emails templates, these are designed to target specific types of this. After a simulated email has been sent your staff can be enrolled in one of 60 different training modules. These modules can be completed in 10 different languages.
Our dedicated services staff are also on hand to provide extra advice and hands on training if required. We are based in London and can provide additional remote and on site training services if it is ever required. This goes further then traditional methods of training as it is quick and effective. The simulated emails and training modules are continuously updated to stay relevant with the times and modern day threats.
By working closely with SMEs our IT support staff have found that a ongoing training method that can be used by everyone in the business works best. It improves overall awareness greatly and keeps the standard high. Training which can be tailored to specific needs and don’t take up a lot of time are also preferable here. It also fits in well with the multi layered approach to security. This is often underutilised by small to mid-sized businesses. However with this service and the other cyber security services that we provide you can achieve this for your business at an affordable price. Our on going services are licensed on a per user per month basis and is provided on a monthly rolling basis. So if one month you want to pause the service or stop it all together you can do this without any issues.
Think about it this way, how much would a ransomware infection cost you? Even if you was to get all of your data back, there is still a lot of time lost during this process to get back up and running. It costs time and money to recover from in and this is in the best instances. A lot of times not all of the data can be recovered. In some instances this could have been avoided if your staff new what to look out for. On top of this there is also the negative effect that it can have on the reputation of your business. By having a workforce of cyber security aware staff you greatly reduce the risks of becoming a victim to ransomware or another cyber threat.
Quick and easy to setup
Setting up the on going training is quick and easy, it is fully managed by our technical services team and can be up and running in less then one hour. No technical knowledge is needed on your side. All you have to do is give us a list of your employees, their email addresses and we will manage the rest of it from there.
Get in contact
ACC has been in business for over 30 years, we provide managed IT support services and consultancy to small – medium sized businesses in London. Our team is built up of certified IT service engineers who bring a wealth of knowledge to the table. On top of this we have achieved a Gold Level Partnership with Sophos directly, our team is well versed in Sophos and maintain their products in business environments. If you would like to find out more click here, or you can email us on firstname.lastname@example.org and a member of the team will get back to you shortly. A member of our team is always on hand to provide advice when needed. More information on the other services that we provide can be found on our homepage.