Uncompromised Security: Navigating Physical and Endpoint Protection in Retail.

“72 % of shoppers would be less likely to buy again if they felt a brand had been irresponsible with their data.”

“67% of consumers have concerns that their data would get hacked when sharing it with brands and retailers while shopping.”

Running a retail store in today’s unpredictable and digitalised world is no small feat. From the anxiety of the physical store being compromised to the fear of cybercriminals invading your digital assets, the challenges are enormous.

Retail stores, warehouses, and online platforms deal with vast amounts of sensitive customer data and financial transactions daily, making them lucrative prey for malicious actors seeking to exploit vulnerabilities.

In this article, we will explain the endpoint and physical security for a retail site and provide some recommendations for IT managers looking at improving security posture across their estate.

Endpoint Security in your store: The First Line of Defence

Endpoints include all devices connected to the network, such as point-of-sale (POS) systems, employee devices, self-checkout apps, mobile shopping apps, and reward program apps among others. These endpoints serve as entry points for potential cyber threats, making security a crucial aspect of overall business strategy.

Deployment of endpoint security solutions involves automating security operations for seamless integration. Continuous review and improvements are vital for ensuring successful deployment, as each business environment may require adjustments to suit its specific use case.

One of the primary challenges with endpoint security is the vast and diverse range of devices that need protection. Each of these devices carries its own set of security vulnerabilities. For example, POS Systems and in-store Wi-Fi are common targets for attackers aiming to steal customer credit card information and other sensitive data. On the other hand, Digital Signage and Interactive Kiosks risk being exploited to spread malware or used as a pivot point to gain access to the broader network.

Retailers must ensure that all devices accessing their network are secure, updated, and compliant with security protocols. Advanced endpoint security solutions offer real-time threat detection, encryption, and remote wiping capabilities to protect against data breaches and unauthorised access.

Enhancing Physical Security for Your Store

While endpoint security addresses cyber threats, physical security remains indispensable in safeguarding tangible assets and individuals within a store or business premises.

Physical security serves as the foundation of any comprehensive retail defence strategy. It involves protecting assets such as stores, warehouses, and inventory, from theft, vandalism, and unauthorised access. The implementation of access controls, surveillance systems, alarm systems, and perimeter protection measures all contribute to fortifying physical security.

Advancements in technology have transformed physical security measures, making them more intelligent and efficient. Incorporating technologies, such as biometric authentication and facial recognition, enhances access controls and minimises unauthorised entry. Also, video analytics and artificial intelligence-driven surveillance systems enable real-time threat detection and proactive responses to potential security breaches.

Amazon Go, the cashier-less convenience store concept, is a prominent example of leveraging advanced physical security. Utilising a combination of sensors, computer vision, and machine learning algorithms, Amazon Go creates a seamless shopping experience without traditional checkout counters. This real-time monitoring allows for quick response to potential security threats, mitigating shoplifting, and ensuring an enhanced shopping experience for customers.

Embracing an integrated approach to security is paramount. Prioritising both physical and endpoint security will fortify your business against a wide array of threats. Implementing robust security measures creates a resilient foundation for your store or multi-site environment, ensuring that your customers, data, and brand reputation remain secure.

Key Takeaways and Recommendations

  • Assess, Monitor, and Analyse Security Data: Conduct comprehensive security audits, and implement a robust security monitoring and analysis system to detect anomalies and potential threats in real time, allowing for swift responses.
  • Invest in Modern Cybersecurity: Embrace advanced surveillance systems, access controls, firewalls, and anti-malware solutions. Stay up to date with the latest security technologies to combat evolving threats effectively.
  • Educate and Train Employees: Human error remains a significant security risk. Train your staff on security best practices, phishing awareness, and the importance of data protection to create a security-conscious workforce.
  • Partner with Security Experts: Collaborate with reputable security experts like VCG, that specialise in retail security. These experts can provide valuable insights and support in designing and implementing robust security measures among other services.
  • Encourage Reporting of Suspicious Activity: Foster a culture where employees and customers feel comfortable promptly reporting any suspicious activity or security concerns.
  • Stay Compliant: Familiarise yourself with relevant security regulations and standards in the retail industry. Complying with these guidelines helps protect your business from legal liabilities.

As specialists in the field of cybersecurity, VCG offer comprehensive physical and endpoint security solutions tailored to your specific needs. Our team of seasoned professionals utilise the latest technologies and industry best practices to ensure your business stays protected from all types of threats, allowing you to run your business with the utmost confidence.

If you’d like to have a conversation with one of our security experts on ways to improve your security estate, please contact the team at 0161 406 1820 or email sales@vcg.group. Together, we can build a secure future for your store.

Top 5 FREE cybersecurity hacks for small businesses

No business is immune from cyber attacks these days, and most businesses know it. According to the most recent Allianz Risk Barometer, ransomware attacks, data breaches and widespread IT outages are now a bigger concern for companies globally than supply chain disruption and COVID-19.

For small businesses, the risks are perhaps heightened – and the consequences of attack potentially more catastrophic – when technology is necessary for critical business functions, but teams aren’t big enough to have dedicated IT security personnel.

According to Accenture, 43% of all cyberattacks are aimed at small businesses. Yet only 14% are adequately prepared to defend themselves. And they are even less prepared for recovering after an attack, with 83% of small and medium businesses saying they don’t have adequate funds.

There are, however, lots of steps small businesses can take to defend themselves against the possibility of cyberattack.

These are the best five cybersecurity measures small businesses can implement quickly and easily themselves, for free…

  • Phishing training

Phishing attacks remain one of the biggest threats to small businesses. This type of attack preys on human error – or a lack of knowledge about such attacks – to deliver malware, gain access to business systems and steal critical data. Phishing attacks typically arrive as emails that include bad links that download malware, or direct users to dodgy websites that persuade people to submit or change their passwords, thereby giving cybercriminals access to personal or business accounts.

Because phishing attacks can’t work without human error, training your teams in how to spot such emails is your best line of defence. Rolling out education and guidance on how to identify a potential phishing email, as well as the nature of the threat they pose, is critical. Help your teams spot the common features, such as an urgency to the messages, poor grammar or bad graphics, or language that pressures the recipient to act. The email address delivering the attack will also be a giveaway, so teach your teams to always check where messages are coming from.

It’s also worth educating users about the normal, approved process for making payments, logging in to business accounts and the like – this will help any phishing attempts stand out as unusual, limiting the chances of your business becoming a victim.

  • Multi-factor authentication awareness

This is a critical step in security processes, ensuring anyone logging in to the business system is verified as a legitimate user, but is sometimes viewed as cumbersome and unnecessary by users who don’t fully understand it. Multi-factor authentication, or MFA, requires users to log in to devices, networks or applications using a password, which triggers an authentication code via another method, usually a text message or email.

While usernames and passwords are of course important, they are also vulnerable to being stolen and exploited by cybercriminals, and the truth is that people rarely change or vary them often enough for them to be a reasonable standalone defence. If users have one password for all the critical areas of the business network – and it’s also one they use on their personal devices – your business is vulnerable.

An estimated 80% of hacking-related breaches are caused by stolen or weak passwords, so having a stronger authentication process that uses MFA, and teaching your users about why it matters, is essential.

  • Cyberattack prevention

Most devices, computers, software and applications will come with some sort of in-built defence against cyberattack. As much as you don’t want your business falling victim to an attack, manufacturers and developers don’t want their products to be associated with one either. It’s therefore important to make sure you’re using all these attack-prevention measures across your business IT.

Make sure firewalls are turned on and working across all desktops computers and laptops. Make sure all devices have adequate anti-virus software running. And ensure all software, systems and applications are kept up-to-date and fully patched at all time. Manufacturers and developers will often build updates to combat specific security vulnerabilities they have identified, so it’s critical to ensure you’re installing these as soon as they are rolled out. Again, ensure teams and users are aware of the importance of firewalls, anti-virus and updates, and encourage them to take the necessary precautions.

  • Proactive threat detection

It’s always easier to defend against attack if you know what the threats are and where they are coming from. For that reason, proactive threat detection is another good weapon in your small business arsenal.

Small businesses that use multiple computers or have remote workers will likely have a business network, which allows users to log in from wherever they are and access all the tools and information they need. By its very nature, a network is vulnerable, and it’s a good idea to have some way of monitoring who and what is trying to gain access at any given time.

Installing a Network Intrusion Detection System (NIDS) is a good way of protecting your business against cyberattacks, malware and DDoS attacks, and there are some great free NIDS available. Snort is an open-source intrusion prevention system that’s maintained by renowned tech company Cisco. It runs on Windows, Linux and Unix operating systems and there’s an online community that provides invaluable technical support and advice. Zeek is another free-to-use NIDS, which can operate on Unix, Linux and Mac OS, and runs on the application layer as well as monitoring network security. There are plenty of open-source, free-to-use proactive monitoring tools out there, so do your research to identify the one that best suits your business and reach out to your managed IT service partner for more information about the monitoring services they could make available to you.

  • Encrypt and back up data

Any good cybersecurity system – for businesses large and small – needs to account for the fact there’s no such thing as 100% protection. Even businesses with huge, dedicated in-house IT security teams fall victim to cyberattacks from time to time, so small businesses should take heart in the fact they’re not alone.

So what can you do to limit the damage in the event your business systems or data are breached, or your IT systems are taken down?

Encryption and data backup are crucial in this respect. Encrypting emails and data means that, if a nefarious third party does intercept or attempt to steal them, they won’t be able to read the messages or files. Most email clients, including Outlook, Gmail, Yahoo and Hotmail, allow for messages (and any attachments) to be encrypted for free, and most file-creating software supports free encryption too – you’ll just need to read through the FAQs or customer support pages on the relevant websites to find out how to do that.

Another solid move you can take now to help minimise the damage caused by any future cyberattack is to back up all your business-critical assets and data. For small business that don’t generate or store a huge amount of data, something like an encrypted (and securely stored) external hard drive should be sufficient. Alternatively, there are plenty of cloud backup solutions that offer free storage and backup to a certain amount of space. Again, do your research to find the most appropriate solution for your business.

Backing up data and assets means you can minimise the disruption of a breach or data theft by recovering all your files almost immediately. The next step up, full system backup, is designed to store and restore your entire business system, and there are some decent free versions available.

Free trial of security services for small businesses

Perhaps the most reassuring option for small businesses looking to improve their cybersecurity posture is to outsource to cybersecurity experts. Here at VCG, we offer a range of scalable and affordable IT security solutions designed to keep small businesses safe, so they can keep doing what they do best.

Want to see how we can support your small business? Why not try our security services for small businesses for free for up to 20 days, and see how we can help you achieve cyber resilience with less cost and less effort.

Identifying Security Vulnerabilities

Understand what’s happening & what’s needed

Cybercrime has reached epidemic proportions and as threats become more sophisticated and damaging, governments across the globe are actively encouraging greater awareness and action.

Security breaches and legal compliance are the top two current concerns for the boardroom as ‘Mission Critical’ protection becomes vital for business survival. We help you guard against the devastating damage to reputation and loss of revenue that can occur following a cyber incident.

Following the National Cyber Security Centre and Government guidelines, our 5-point framework provides ‘best practice’ advice for end-to-end infrastructure protection.

Vulnerabilities are both digital and human, and it’s important to accept that you can’t implement full protection without assessing and understanding what needs to be done.

All organisations have invested in cyber security to some extent, and before anything else – we help you identify and define the critical elements to your business operation.

We’ll fully assess your current infrastructure and systems protection – highlighting existing vulnerabilities and providing a roadmap of modular solutions to ensure all possible measures to mitigate and protect against the damaging consequences of an attack have been implemented.

We can help you with:

We review your operational systems and applications along with the data and information you hold, where it’s stored, and the levels of sensitivity of that data. Baselining existing arrangement enables a full understanding of the impact a security breach may have (or may actually be having) on your organisation.

Regulatory and compliance rules such as PCI and other guidelines are increasingly important, and we provide detailed analysis and advice about your current set-up to ensure you comply with, and exceed, any legal requirements and mandates.

You’re only as good as your last result, and in the rapidly changing world of cybercrime, nothing stands still for a moment. From penetration testing and an assessment of your vulnerabilities, we’ll identify weaknesses in your infrastructure before they are exploited by criminals. Rigorous and regular testing with corrective action is the only way to stay ahead of cybercrime.

Virtual Chief Information Security Officer (CISO)
For many organisations, having a full time CISO is not viable, so having access to an informed and accessible senior consultant will plug your skills gaps and ensure you’re at the forefront of cyber protection. A CISO resource provides on-going guidance on security arrangements, future strategy and decision making.

Professional Services
With extensive cyber security expertise, our specialist consultants will help you audit existing infrastructure and processes – identifying current vulnerabilities, and recommending and implementing robust security solutions to meet your exact requirements.

For more details about our VCG Secure services, please click here.

If you’d like to know more about our security solutions and Professional Services – please email us at: info@vcg.group

Accept nothing less. Zero Trust Security

With cyber threat levels at epidemic proportions and the battle between IT leaders and criminals becoming ever more challenging, one thing is for certain – the clear and present danger is here to stay! And regardless of where a company is on their transformational journey, protecting systems and data has to be a top priority.

Time to get serious as the Cybersecurity ‘Arms Race’ ramps up.

Against this backdrop, the term ‘Zero Trust’ has emerged, and it seems to be everywhere at the moment. And whilst many will think they’ve seen and heard it all before, there are crucial factors and benefits to adopting such an approach.

On one hand the emergence of Zero Trust is due to outdated and weak security policies that assumed everything was adequately protected, and on the other it’s due to the speed of transformation and business growth in many sectors, as we begin to accept that hybrid working is here to stay.

Of course, there are moves afoot to encourage workers back into the office, but a recent Gartner survey revealed that 82% of company leaders plan to allow employees to work remotely some of the time.

Regardless of how much work is done remotely in the future, the adoption of a strategy that trusts no individual user or device should be high on the agenda – and it’s smart practice to assume that everyone and everything could be compromised.

Incorporating secure remote working into operational business plans has therefore become a priority, with many realising that their current levels of protection are not adequate for permanent hybrid working practices.

For many employees nowadays, work has become an activity – not a place, and to attract top talent, businesses need to provide the right working environment along with rigorous protection for both employees and the organisation. Business leaders are well aware that security breaches regularly bring companies to their knees, and for this reason security is now firmly established on the board room agenda.

Digital transformation and modern, agile workforces demand access to systems at any time, and on any device. The traditional network edge has disappeared and most enterprises now have a combination of local and cloud-based applications, with dispersed resources and employees in many different geographical locations.

Cybercrime continues to become ever more sophisticated, and levels of security must be reviewed and improved on an on-going basis – traditional username and password authentication practices, that grant automatic access to systems and sensitive data, are no longer enough.

So, enter stage left ‘Zero Trust’ … a security framework that requires all users, whether inside or outside the network, to be multi-factor authenticated, authorised, and continuously validated for security configuration and posture – before and during monitored use of systems, applications and data.

Even though devices are within the internal or trusted side of a firewall or VPN, they should not be automatically trusted by default. Rigour must be built into digital transactions thorough context and posture assessment, combined with on-going monitoring of activity across the infrastructure to ensure only clean devices and accepted behaviours are granted access to resources.

At its core, Zero Trust has the ethos of ‘never trust, always verify’ – and such enhanced security combined with dynamic threat protection of the entire attack surface area should be built into IT strategy and investment plans.

If you’d like an initial conversation with one of our security or cloud experts about ways to improve both security and operational performance, please contact us on sales@vcg.group.


The return of REvil: Increased ransomware attempts on Remote Management tool

By Aaron Londsdale, VCG Security Manager

A recent surge in ransomware attempts is thought to be linked to the re-emergence of the notorious Russian hacking group, REvil, in the wake of the Russia-Ukraine war. Attacks by the group appear to be exploiting vulnerabilities in third-party RMM tools to gain access to business networks through the Windows BCDEdit command, which is a cause for concern for businesses across all industries because of how indiscriminate it is.

To explain to our customers what they can do to protect against this time of RMM-enabled ransomware attack, we listed some of the key questions describing this below. Here are the key things you should know.

What is REvil ransomware?

REvil is a Russian ransomware-as-a-service operation, known for targeting third-party software providers in order to launch larger-scale attacks on their customers. In its recent ransomware attempts, REvil has been targeting remote management and monitoring tools that are compatible with Windows solutions, with a view to altering the boot process of individual machines and gain access to business networks.

The group runs a sophisticated operation that has previously had devastating consequences for businesses around the world.

In July 2021, REvil launched an attack on software provider Kayesa’s remote management tool, which was being used by 35,000 customers, and pushed out a malicious software update that allowed them to hold business data hostage. Among those affected were public administrators, local governments, schools, hospitals, and thousands of small and medium businesses, including Swedish supermarket chain Coop, which was forced to close almost half its 800 stores when self-checkouts and tills stopped working. REvil demanded a $70 million ransom payout for a universal decryption key.

What are RMM tools?

Remote monitoring and management tools are pieces of software designed to allow computers or networks to be managed from a remote location. Whenever a business outsources its IT support, RMM tools are installed on devices in the network to give the IT service provider visibility of and control over individual computers and entire infrastructures. This allows them to make upgrades, carry out fixes and ensure optimal network stability, all from a remote location.

What is BCDedit?

BCDEdit is the primary command-line tool for modifying the boot configuration of Windows. By exploiting vulnerabilities in the RMM tool, attackers can gain access to the BCDEdit program and issue specific commands to boot a machine into ‘safe mode with networking’, a feature of many RMM tools. In the current attacks, REvil is using this method to change the operating system so it doesn’t use two-factor authentication.

How can you manage your business’s security estate to prevent ransomware attacks through BCDedit?

The best thing your business can do to protect against this type of potentially catastrophic attack is to make sure you have a layered defence.

At VCG, we offer a range of solutions to protect your network at every threat layer, from endpoint protection and managed firewalls to application security.

Our managed threat detection is a business-wide solution designed to help deliver ultimate cyber resilience around the clock, detecting, recognising and reacting to threats before they can cause any damage.

Learn more about VCG’s managed threat detection solutions.

Solving the ‘No Network Edge’ Conundrum

Workstyle changes and the global reaction to the pandemic forced many organisations to rapidly introduce new ways of working, and whilst many of the changes were already on the cards, digital transformation has certainly accelerated as a result of the pandemic.

As a consequence, the way people work and connect continues to evolve as companies upgrade and move applications to the cloud. Cyber security is, of course, a key part of any digital strategy – it’s firmly on the boardroom agenda and it must be constantly reviewed, tested, and updated.

Our Security Solutions Strategist Anthony Owen  tackles the fundamentals of SASE and the no network edge conundrum.

Introducing SASESecure Access Service Edge   

A gradual transition to the cloud puts organisations in a hybrid state of operations, with systems and applications split between on-premise datacentres, private cloud, and public cloud services.

Work anywhere, home networking, multiple device logins, and access to systems and data at any time is challenging for overstretched IT departments. Managing and securing IT infrastructures, and continually improving protection and performance must be constantly at the forefront of activity.

The goal of a Secure Access Service Edge (SASE) approach is to provide an optimum performance experience – from any location, and on any device, through enhanced and secure access, and the adoption of a zero-trust security policy.

Change the only constant

With continuous change the only constant in business today, IT leaders are adopting SASE approaches to future proof their security roadmaps. With hybrid working now the preferred option for knowledge workers, there’s a much greater attack surface area to secure, and the corporate network is no longer the perimeter or edge.

SASE brings both networking and security together, and without delving into the technical detail, it enables companies to protect data, systems and networks in a cloud-native way by bringing together software-defined wide area networks (SD-WAN) and enhanced security.

With cloud services continuously replacing traditional datacentres and the public internet now an established employee route to applications, our need for private and virtual private networks is changing.

Reduce throttling & control behaviours

Dedicated links from corporate networks will still be required, but the ‘tromboning’ of traffic into the corporate network and out again, regardless of destination, throttles performance and causes latency for applications. Routing non sensitive traffic directly to cloud-based applications improves the performance of those time critical applications and lowers bandwidth requirements.

Even the most risk averse organisations are embracing public cloud as a platform for non-sensitive applications and the increasing popularity of software-as-a-service (SaaS) applications like Office 365, Salesforce and others, enable those applications to be accessed without touching the corporate network. Bandwidth can therefore be handed back to time dependent applications, and latency is reduced in Teams, WebEx, and Zoom calls, with IP based voice traffic having all the bandwidth it needs.

Centralised control can be introduced to protect the employee and the business. Access to sites with poor security reputations can be blocked to avoid the honey traps of phishing and ransomware activity. Time based policies can also be applied to restrict / allow access to non-work-related content during appropriate workday time windows.

Enterprises that are actively engaged in digital transformation are embracing SASE as they wind down their on-premise legacy infrastructures in favour of public cloud and SaaS options for their critical workloads.

Future proof roadmap

SASE is far more than a security solution; it’s a ‘future proofed’ approach that deals with IT, security, and operational requirements through the balancing of productivity, scalability and cybersecurity imperatives.

Transitioning operational performance through hybrid infrastructures is something that pretty much every organisation will be going through, and a full Zero Trust and/or SASE strategy cannot be implemented overnight. Furthermore, it’s changed from being a seemingly aspirational concept a few years ago to a corporate reality today, and increasingly we’re helping customers plan their cloud journeys based on this methodology.

If you’d like an initial conversation with one of our security or cloud experts about ways to improve both security and operational performance, please contact us on sales@vcg.group.

Experiencing new ways of driving business in retail: enhanced digital and in-store customer journeys

The pandemic has changed consumer behaviours, some permanently, reshaping the entire retail landscape; many customers have also tried new omnichannel models: buying online, picking up in-store (BOPIS) this grew 28% year-over-year in February compared with 18% in January, and grocery delivery up by 57%.

Consumers report high intention to continue using models such as BOPIS (56%) and grocery delivery (45%) after the pandemic.

COVID-19 has driven cloud spend up versus on-premises software spend down; this isn’t surprising as organisations turn to SaaS to move apps and data to the cloud, as business shifts online.

Creating a future-ready technology ecosystem

Implementing the right IT platforms, network functions or systems in the right sequence can help improve the experience and serve the needs of shoppers, whether in-store or digitally.

This means that while sometimes the business case may seem like a simple implementation and technology decision, the reality of redesigning your network architecture and optimising services, applications and workflows can have several implications on operational efficiency and security if poorly applied.

Fast and secure access to cloud-based software

Retail networks require fast and secure access to cloud-based software, from anywhere at any time, from any number of locations. SD-WAN connectivity provides a single pane of glass that consolidates multi-vendor environments into one cohesive and connected platform.

Built on SD-WAN connectivity, a bespoke store network solution such as the one we developed for Poundland illustrates how this is achieved and the opportunities it provides such as: enabling fast, secure, and reliable access to cloud-based software that can be used from anywhere.

Enabling a consolidated customer journey

Solutions such as SD-WAN and secure wireless access to enterprise-class Wi-Fi for guests, side by side with business networks, can be a game-changer for retailers looking to secure omnichannel environments. Resilient network capabilities and in-store wireless access are key to achieving this.

Why VCG for retail?

Our expertise in the retail sector and multi-vendor relationships enable us to offer seamless solutions, unrivalled engineering capability, delivering technology for retail transformation at scale.

We provide industry-leading capabilities and a lower total cost of ownership when evaluating an acquisition, training costs, deployment, and operations. This helps decision-makers achieve business value, improve operational and cost efficiency and better manage transformational challenges.

Read more to find out how to strengthen or implement an enhanced in-store and online customer experience.

Cyber protection at every threat phase: How to mitigate risks with a multi-layered security architecture

Cybercrime is rising globally, and attacks are evolving at alarming rates. KP Snacks recently suffered a cyber-attack, putting them out of business for 3 months or more. It’s unlikely smaller organisations would be able to quickly bounce back from such an attack without significant impact.

For companies that hold vast amounts of sensitive and valuable data, the consequences of breaches, losses, data leaks and ransom attacks can be wide-reaching and catastrophic.

To remain competitive and compliant corporations today need integrated solutions that protect users, devices, networks, applications, and data.

Companies that handle delicate data, in particular, need to pay careful attention to cyber threats, and they need to capitalise on the many strengths of distributed SaaS applications to safeguard an increasingly remote workforce.

Currently, the UK is the 3rd-lowest country for using adequate cybersecurity. If you want to protect your assets and your business, implementing a best-practice approach to cybersecurity is needed.

Think of your business-critical data and systems like the money being held at a bank. You wouldn’t expect any bank to pile its cash into a room, seal it off behind a flimsy plywood door, lock it with a single key, and call it secured. Banks need multiple heavy-duty doors, with keys, combination locks, biometrics and several other methods to secure multiple entry points. It’s the same for your business-critical systems and data. You need to protect your business at multiple levels and in various ways, and that’s where a multi-layered security architecture comes in.

In most cases, business networks have 7 threat layers, these are:

  • The Data
  • The Human
  • The Perimeter
  • The Network
  • The Endpoint
  • The Application
  • The Business-critical assets

Here are 7 solutions for each threat phase:

1. The data layer

Data is arguably a business’s most important asset. Data loss through cybercrime is a very real threat with very real consequences that extend beyond legal and compliance issues to substantial financial loss and reputational damage. With so much data being stored, shared and viewed both inside and outside the network, it can be tricky to maintain visibility of those all-important assets. Encryption is one of the solutions that work in tandem with data loss protection tools, which are designed to ensure sensitive data is not lost, misused or accessed by unauthorised users.

2. The human layer

Educating your teams about the importance of cybersecurity is an easy but important step in protecting your business. Forewarned is forearmed, so keep them updated about the latest scams and threats going around. All it takes is for an employee to fall victim to a phishing scam, to click on a malware link, or to inadvertently share your company’s most valuable intellectual property.

3. The perimeter layer

Protecting your perimeter begins with a robust next-generation firewall. The more people you have accessing your data, the wider your perimeter and the greater the risk to your business of a security breach.

4. The network security layer

The ultimate security goal here is to prevent unauthorised access to your network. Because networks are spread far and wide, with BYOD and IoT devices complicating and widening the attack surface, it requires a multi-pronged approach for protecting them. Your network essentially is your business. In these days of hybrid working, everything that keeps your business up and running sits within your network.

5. The endpoint layer

The proliferation of connected devices in the workplace has exponentially increased the attack surface of business networks. Happily, endpoint security has evolved from traditional anti-virus software installed on individual desktops to become network-wide or cloud-based protection against sophisticated malware and evolving zero-day threats. Modern endpoint protection systems can be provisioned across network devices to quickly detect, analyse, block and contain attacks in progress. They will also work with other networks and device security technologies to enhance managerial visibility of threats, speed up detection and help businesses to quickly avert disaster.

6. The application layer

Most applications come with in-built security measures that protect while the app is in use, but there are additional security measures that can help patch vulnerabilities. Business apps all need to talk to each other, and they all need to talk to your assets. So, when one of these apps is compromised, it can wreak havoc across your entire business system. Insisting on controlled access to apps is fundamental to a secure application landscape, and best practice measures will include authentication, authorisation, encryption, and logging.

7. The business-critical assets layer

Every security measure you have implemented from layers 1 to 6 will go a long way to protecting the assets at the very centre of your business. Firewalls, data identification and segmentation, network access controls, restricted access and multi-factor authentication will all bolster your defences and make it difficult for cybercriminals to penetrate your systems this far. That said, there are further steps you can take to protect your mission-critical data: identify them, assess the threats, individualise the protection approach, and counter the threats with an early-warning system that enables a set of end-to-end controls.

Security at every layer of your business

The ultimate goal of every cybersecurity system is to protect your network and all the valuable, business-critical data and applications within it. With security talent always in short supply, SME’s need integrated solutions that provide holistic and unified observability across all critical control points. Discover how to get end to end security integrated into your organisation – across users, devices, networks, applications, and data – designed to protect every layer of your IT estate, from the myriad endpoints to all your business-critical assets.

To find out how we can evolve your cyber security posture from network to the cloud by protecting and monitoring all the assets, read our cyber security monitoring and alerting service factsheet.

Evri (The New Hermes)

How safe is your data?

Businesses are generating data like never before, but with subscription services like Microsoft’s 365 suite being used to create and share data across devices, users, and network boundaries, keeping all that data secure is a challenge.

The Microsoft 365 data security issue

The Office 365 suite is popular with SMEs because it offers a complete package of solutions for teams that need to work flexibly across a range of applications. It is highly available and resilient, with users tapping into it daily for everything from Outlook and document sharing to PowerPoint and data visualisation capabilities, but few businesses are aware of the security gaps it can create.

Microsoft’s 365 offers certain in-built data protection capabilities, however not every license has the capability to defend against constantly evolving threats. One weak endpoint can lead to a potentially destructive breach, and simply saving data to 365 doesn’t combat the risk of malicious data deletion, ignorance of the replication of data through SharePoint and OneDrive, and issues generated by a lack of versioning or co-authoring control, which can all result in data loss.

It’s critical for SMEs to know how safe their data really is to ensure business continuity in the event of a security breach, and a good backup solution for 365 is critical in our new hybrid world.

Securing data with Microsoft Information Protection

Microsoft Information Protection is a combination of licenses available as part of the Microsoft 365 Compliance dashboard. A main component of MIP is Azure Information Protection, a cloud-based solution that provides protection for Microsoft 365 users, no matter where data is stored or who it is shared with. It enables SMEs to discover, classify and protect within 365, and in Microsoft’s cloud services, documents and emails by labelling and classifying content and applying flexible protection actions that include encryption, access restrictions and visual markings. MIP integrates other Microsoft security solutions – including Office 365 Protection and Windows Information Protection – and brings them into one console to make it easy for even small IT teams to keep track of data, monitor who has accessed it, and revoke access as required.

5 Microsoft 365 data security challenges and how MIP can help

1.  Low visibility of your data estate
MIP gives SMEs the ability to see their entire data landscape in one easy-to-use console, consolidating information about data across cloud, on-premise, and hybrid environments.

2.  Not knowing where important data sits
MIP makes it easy to identify and locate sensitive data across your estate using predetermined or custom expressions or functions, or with trainable classifiers based on examples of what you’re interested in rather than the elements of the item.

3.  Difficult to classify data
Once you’ve identified your sensitive data, MIP makes it easy to classify it with sensitivity and retention labels to prevent malicious or accidental data deletion.

4.  Lack of insight into data access and movement
Using labels, the MIP console automatically generates a graphic representation of sensitive data items in the ecosystem, providing valuable insights into the actions being taken on that data, and by whom.

5.  Difficult to protect data moving in and out of the organisation
MIP is a one-stop tool for protecting data as it travels inside and outside of the ecosystem, whether that’s as emails, attachments, or shared documents. It includes capabilities for encryption, access restrictions, and visual markings across apps, devices, and services for complete data security.

Additional protection against data loss
Even with stringent protection in place, accidental data loss can occur. MIP builds in capabilities to minimise this risk, with DLP to help prevent the unintentional sharing of sensitive items and protective action for on-premises file shares, SharePoint folders, and document libraries.

Supported data security with VCG
As a CSP and Microsoft partner, we can design and implement the best security solutions for your data estate. With so much important data being shared across your business networks, it’s vital to have the proper protections in place. At VCG, we help organisations be protected and prepared for the future, with an end-to-end consultancy and advisory approach to identifying data security risks.

We’ll support you in your next stage of growth or through your next IT challenge, with solutions and services designed to optimise your business.

Book a free consultation for your business today Get in touch