Cyber Security

Cyber Security Checklist

Keyfort’s service

Steps to protect yourself

Next Generation Anti virus

Keyfort’s VULNERABILITY Scan

Cyber Essentials

Cyber Security Checklist

Steps of Keyfort’s service

Steps to protect yourself

Next Gen Anti virus

Keyfort’s VULNERABILITY Scan

What is Cyber Essentials?

What is ISO27001
 

Cyber Security Checklist

Keyfort’s service

Steps to protect yourself

Next Generation Anti virus

Keyfort’s VULNERABILITY Scan

Cyber Essentials

Cyber security is the protection of your data, systems and networks from ransomware, theft or damage to hardware, software or even your electronic data. It is important to be cyber aware because cyber attacks can cost organisations both time and money and can also cause serious damage. 

Benefits of a cyber security solution:

  • Protects your business’s critical systems.
  • Protect your business’s data.
  • Provides appropiate protections against ransomware and malicious attacks.
  • Keeps your organisations up and running for your customer NOT for cyber criminals.
Contact Keyfort for a free assessment
Cyber Security Introduction

Checklist to review your cyber security protection

  • Next Generation Antivirus
  • Email Server Certification
  • Email Anti-Spam
  • Email Anti-Phishing
  • Email Antivirus
  • Strong Wi-Fi Encryption
  • Firewall Configuration
  • Accounts Data Backed Up To An Off-Site Location
  • Customer Relationship Management (CRM) Data Backed Up To An Off-Site Location
  • Shared Files Backed Up To An Off-Site Location

Checklist to review your cyber security protection

  • Next Generation Antivirus.
  • Email Server Certification.
  • Junk Email (Anti-Spam).
  • Anti-Phishing (Email).
  • Email Antivirus.
  • Strong Wi-Fi Encryption.
  • Firewall Configuration.
  • Accounts Data Backed Up To An Off-Site Location.
  • Customer Relationship Management (CRM) Data Backed Up To An Off-Site Location.
  • Shared Files Backed Up To An Off-Site Location.

What does Keyfort’s service include?

 – Initial Assessment: Keyfort performs a vulnerability scan to start with, to access any vulnerabilities or threats in your system.

 – Plan of Action: Once Keyfort has the initial assessment of your system, we can work out the best way to combat these vulnerabilities or threats.

Implementation and Back-Up: Keyfort will then configure an automatic daily off-site backup of your key data so that in an event of an onside corruption, malign or error, we can quickly restore your original data from the secure UK only data centres.

6 Monthly Vulnerability Scan: Under Keyfort’s cyber security plan, we conduct a vulnerability scan of your network every 6 months to verify that the automatic updates and access rights continue to meet the required security standards.



- Pro-Active Engineers Support: Keyfort is dedicated to providing IT Engineering support to clients. Our engineers have a breadth of knowledge, skills and expertise so we are able to deal with a cast range of situations.

- Management Information: Keyfort uses CRM (Customer Relationship Management) system to log, track, notify and address issues. This facilitates the provision of case studies, usage reports and incident logs to meet your organisation’s requirements.

Cyber Security Checklist
Cyber Security Checklist

What does Keyfort’s cyber security service include?

 – Initial Assessment: To start with, Keyfort runs a vulnerability scan. This is to see if there any weaknesses or threats in your business’s system.

  Plan of Action: We then create a plan to work out the best way to combat these weaknesses or threats. 

Implementation and Back-Up: Keyfort will arrange an automatic daily off-site backup of your sensitive data. This is in case an event of onsite corruption or harmful errors occur, so we can then quickly restore your original data. This is done from the secure UK only data centres.

6 Monthly Vulnerability Scan: A vulnerability scan of your network is applied after 6 months. The reason for this is to check that the automatic updates and access rights continue to meet the required security standards.

Pro-Active Engineers Support: Our staff are dedicated to providing excellent IT Engineering support to our customers. As a matter of fact, our engineers have a breadth of knowledge and skills, so we can deal with a wide range of situations.

Management Information: We use a CRM (Customer Relationship Management) system. This is to log, track, notify and address issues your business may have. Therefore, allowing our staff to manage case studies, usage reports and incident logs to meet your organisation’s requirements.

Social Engineering

Please make sure that your employees follow these 3 simple rules to increase security:

  • Be VIGILANT of tempting offers. If it sounds too good to be true, it most likely is.
  • Do NOT open emails or attachments from suspicious sources. Even if it someone you recognise, try checking with that person via another source i.e phone.
  • Do NOT give out sensitive data or information to anyone.

Here are some of the steps you can take to protect yourself:

  • Network Security: Defend the network perimeter, filter out unauthorised access and malicious content. Monitor and test security controls.
  • User Education and Awareness: Ensure staff are well trained and cyber security awareness is maintained.
  • Malware Protection: There are many anti-malware defences to protect your organisation, thus produce policies in order to adhere to them.
  • Removable Media Controls: Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing onto the corporate system.
  • Secure Configuration: Apply security patches and ensure the secure configuration of all systems is maintained.
  • Managing User Privileges: Limit user privileges and monitor user activity. Control access to activity and audit logs.
  • Incident Management: Test your incident management plans. Provide specialist training. Report criminal incidents to law enforcement.
  • Monitoring: Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate an attack.
  • Home and Mobile working: Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline and build to all devices.
Cyber Security Lock

Here are some of the steps you can take to protect yourself:

  • Network Security: You will need to filter out any unauthorised access and harmful content. Which means you will need to monitor and test security controls.
  • User Education and Awareness: Make sure the staff are well trained and are cyber aware. Staff need to be reminded of phishing emails, not opening attachments from unknown sources and protecting the organisation’s sensitive data.
  • Malware Protection: There are many anti-malware defences to protect your organisation. So make sure that you create policies and follow them.
  • Removable Media Controls: You will need to produce a policy to control all access to removable media. This means controlling the use of objects such as a USB, phones, tablets etc. This can be done by scanning the object before it is connected to the businesses computers.
  • Secure Configuration: When building and installing computers or networks, you need to make sure that you follow procedure correctly. By doing this you will be preventing future attacks.
  • Managing User Privileges: You will need to limit user privileges and monitor user activity. This refers to controlling access to activity and audit logs.
  • Incident Management: You will need to test your business’s service, operations and function plans. Because it allows you to prevent any future emergencies. Also, ensure you give specialist training, so the staff will know how to deal with an emergency if it was to occur.
  • Monitoring: Once you have followed the steps as above, you will need to be continuously monitoring all systems and networks. Make sure you analyse the system and log unusual activity that could indicate an attack.
  • Home and Mobile working: Make sure you set in place a mobile working policy. Then make sure the staff are trained and stick to the rules. Apply the secure baseline and build to all devices.
Cyber Security Lock
Cyber Security

What is Next Generation Anti-Virus?

Next Generation Anti-virus is an advanced version of the traditional anti-virus. It is designed to prevent attackers and potentials threats. As well as LAN anti virus it includes ‘Software Patch Management’ which ensures your software is updated to prevent known security weaknesses.

Software with vulnerabilities can be exploited by cyber criminals rapidly and can leave your organisation open to an attack. Which is why our staff will be able to give you the best advice on which anti-virus protection you will need.

It is easy to upgrade from your old antivirus to Next Generation Antivirus. Plus there is promotional pricing* to provide free cover for the remaining period of your old antivirus cover. There is no better time to improve your cyber security!

*Promotional pricing is available to replace old antivirus licenses subject to a minimum 1-year Next Generation PC Antivirus Purchase.

Keyfort’s Vulnerability Scan includes:

  • Keyfort’s cyber security includes remote testing via an internet connection to stimulate the view of your systems through the eyes of a potential attacker.
  • An in-depth assessment allows us to produce a technical overview with a management level summary of the weaknesses within your network. Keyfort’s engineers can then advise the best course of remedial action.
  • Scoping: Identifying the main risks and assessing the appropriate targets for security testing
  • Discovery: Gathering information about a network and its service.
  • Vulnerability Scanning: Testing systems and services for known vulnerabilities (they are assessed, but not exploited so your systems are not compromised)
  • Analysis: The results arising will be considered and assessed.
  • Risk Assessment Report: You will receive an executive summary and recommended corrective actions.
Vulnerability of fingerprint

However… Keyfort’s Cyber Security testing does NOT include:

  • Application Tests: these are used to identify/assess potential threats to software applications (including bespoke or propriety software applications).
  • Social Engineering Tests: these rely heavily on human interaction and often involve tricking other people in breaking security procedures.
  • Penetration Test: exploiting internal and external vulnerabilities.
Vulnerability of fingerprint

Keyfort’s Vulnerability Scan includes:

  • Remote testing: This is a procedure that allows us to see your business’s systems through the eyes of a potential attacker. This is to show the weakness and threats your business face. This is done through an internet connection.
  • An in-depth assessment: An assessment of your business’s weaknesses and threats is done. Keyfort engineers will then advise you the best course of remedial action.
  • Scoping: We then identify the main risks and assess the appropriate targets for security testing.
  • Discovery: Then we gather information about the business’s network and its service.
  • Vulnerability Scanning: We will then test systems and services for known weaknesses and threats. However, the systems and services are only assessed but not exploited, meaning your systems will not be compromised.
  • Analysis: From the in-depth assessments and scoping, Keyfort will collect the results which will be considered and assessed more.
  • Risk Assessment Report: Once we have assessed the results, you will receive an executive summary and recommended corrective actions.

However… Keyfort’s cyber security testing does NOT include:

  • Application Tests: These are used to identify/assess potential threats to software applications (including bespoke or propriety software applications).
  • Social Engineering Tests: These rely heavily on human interaction and often involve tricking other people in breaking security procedures.
  • Penetration Test: Exploiting internal and external vulnerabilities.
pricing with discounts

What is Cyber Essentials?

The UK Government brought out a new scheme called Cyber Essentials. Which is intended to help all organisations to be safe when operating digitally. 

It is also backed up by industries such as FSB (formally Federation of Small Businesses), the CBI (Confederation of British Industry) and a number of insurance companies.

UK Government has required all suppliers bidding for sensitive/personal information and handling contracts to be certified against the scheme since October 2014.

For more information, visit the Government Website.

contact Keyfort for more information

ISO27001 Information Security Management

Using ISO 27001 standards enables organisations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties. The ISO27001 standard is widely known for providing requirements for an information security management system (ISMS).

What is an ISMS?

An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, process and IT systems by applying a risk management process. It can help small, medium and large businesses in any sector to keep information assets secure.

Click here to read more about ISMS