Care Micro Systems Website

Care Micro: your IT in safe hands

Beating the hackers, bots, viruses and phishing attacks prevalent in our modern computing world is an arduous task. Maintaining system integrity and protecting your hardware and data is a constant journey. And it also requires the recognition that threats can come from within as well as without.

Every two years, the DTI surveys 1,000 companies - representing a cross-section of British industry - to see how they manage information security. The good news, according to the latest report published in April 2007, is that things have improved. The bad news is that they are still pretty awful.

Viruses and other unwanted code are still finding their way onto company networks and the threat from hackers is constantly on the rise. But the biggest danger still comes from within - as staff spend their time accessing dodgy websites, sending e-mails with corrupt attachments, and stealing private company information. Corrupt data and programs are brought in by CD, USB sticks and even iPODs have been known to carry harmful software.

So how do you take control of the situation? Having an acceptable usage policy is a vital first step. This is followed by thorough training to ensure all your staff understand why network security is important. And what can happen to your business - and their jobs - if policy and procedure are not followed.

You can add suitable technology to enforce the policy, not just the anti-virus and anti-spam software that often come as standard on most PCs, but systems that manage and ensure safe emailing processes. Software is now available to block access to certain websites (eg gambling, eBay, home shopping, social networks). And, if you really want to take control, installing a "thin" client network will put you in the driving seat for safe operation.

All these strategies takes time to implement thoroughly. But with Care Micro as your accredited security partner you know you're getting a skilled team on your side to help you win the battle against external threats. Care Micro will manage the complete security process for you - including writing your policies and training your staff - or simply manage key aspects of it such as your network or PC security. It's up to you to decide how safe you want to be.

Please call Care Micro today on 0845 1226898 or email us via our Contact Us page to learn more about how Care Micro can minimise the threats to your business and maximise your network uptime. Please see below for more details of our security services.

Care Micro - IT's safe with us.

Please read on for a description of Care Micro's range of security products

As a Sophos Partner these are just some of the solutions we offer to protect your business:

Sophos Anti Virus Small Business Edition

Sophos Anti-Virus SBE provides award-winning virus, spyware and adware protection in one easy-to-use software package for small businesses. Designed for non-technical users, it protects Windows and Mac desktops, laptops and file servers against the latest threats. The simple dashboard gives you a summary of security status, so you can focus instantly on vulnerable computers. With a couple of clicks you can completely remove all malware in a single operation, or centrally authorize adware or other applications you consider unsuitable for your business environment. The industry's smallest, most rapidly issued protection is automatically updated, and with 24/7 support, peace of mind is assured.

Sophos Anti Virus

Sophos Anti-Virus is a key component of Sophos Endpoint Security and Data Protection and, together with Sophos Client Firewall and Sophos NAC, is centrally managed by Sophos Enterprise Console. A single anti-virus client detects viruses, spyware and adware, suspicious files, and suspicious behavior, and controls removable storage devices and unauthorized software usage including VoIP, IM, P2P and games - all in just one scan - eliminating the need for separate standalone products. Behavioral Genotype® Protection proactively analyzes behavior before code executes, guarding against new and targeted threats, and delivering the benefits of a host intrusion prevention system (HIPS). Sophos Anti-Virus protects a wide range of platforms, including Windows, Mac, Linux and UNIX computers and NetApp Storage Systems.

Sophos Endpoint Security and Data Protection

Sophos Endpoint Security and Data Protection secures computers and data without stretching your budget. It automatically protects against latest threats by ensuring protection is up to date without impacting system performance. Data is secured and regulatory compliance ensured with full disk encryption and by controlling removable storage devices and applications like P2P, VoIP and IM. Administration and fixing problems across all Windows, Mac, Linux and UNIX machines is simple and quick with the central management console, while 24x7x365 support is included as standard in every license.

Enterprise Console

Sophos Enterprise Console automates the deployment, management and updating of Sophos Endpoint Security and Data Protection. A single console provides central management of Windows, Mac OS X, Linux and UNIX computers, and gives complete visibility of a network’s security status. Synchronization with Microsoft Active Directory® ensures your chosen security policy is automatically enforced as new computers join the network. Endpoint computer security settings can be assessed against the policy, enforced by Sophos Enterprise Console and automatically fixed before access to the network is granted. It comes complete with role-based administration tools and allows the centralized clean-up of malware.

The threat from staff abuse of internet and e-mail (2007 survey)

• 17% of UK businesses suffered staff misuse of web access.
• 11% had misuse of e-mail. Larger companies are more likely to have incidents involving staff misuse.
• 52% had experienced web misuse and 43% e-mail misuse.
• 41% of the worst misuse incidents involved staff accessing inappropriate websites.
• 36% of the worst incidents related to excessive web surfing. The most serious of these involved access to illegal material; several companies reported incidents of staff accessing unsavoury websites. The average cost of individual incidents was relatively low compared with other types of security breaches - less than 10% caused business disruption or direct cash costs.

Technology, telecommunications and utility companies were most likely to report incidents; retail and travel were the least likely.

Protecting confidential information sent by email is still rare. In only a quarter of UK businesses can staff send encrypted e-mail to the company's business partners, even though encryption technology is now widely available.

Online dangers can arise in many areas. Perhaps your company will receive a virus by email that erases critical data and files. Maybe a network worm will find its way into the company's systems, destroying your servers. Or you might simply suffer from unproductive staff misusing the internet. Whatever the threat one thing is clear: failing to manage internet traffic will leave your company facing inevitable risks and problems.

Business Impact of a Security Breach

The biggest impact of security breaches, the report says, is disruption of business, with some incidents causing problems for more than a month. An attack on a website was seen as the most disruptive. Roughly two-fifths of the worst systems failures also led to major business disruption, with systems out for more than a day in about half of these.

Self-help for IT Security

If you want to keep up with the latest developments in IT security and minimise the impact of any lapses on your business, here's Care Micro's handy guide to keeping your computers squeaky-clean.

De-perimeterisation and the Jericho Forum

Recognising this changing IT security landscape, a group of large companies got together two years ago to devise a new way of doing things. Called the Jericho Forum (‘walls come tumbling down'), the group attracted big-name corporates such as BP, ICI, Boeing, Qantas, Royal Mail and Rolls-Royce.

The jury is still out on how effective the Forum will be in shaping future products, but no-one argues with the notion that security has to change to meet a changing business world.

More details at www.jerichoforum.org

Spam, phishing and botnets

If you have an email account will have received a message purportedly from their bank (and many other others, too) asking you to confirm your details by revealing your valuable personal and financial information.

These so-called phishing attacks may have fooled plenty of people when they first appeared a few years ago, but most users are more wary these days.

But the phishers have not given up - they have just changed their tactics. They have to find fresh suckers - which is why we're seeing smaller targets and in different languages, including Greek, Finnish and Czech.

German phishers recently came up with a new wheeze. They sent out messages purporting to come from a utility that provides an electronic invoice as a pdf file. Recipients were invited to click on the link to download the document which, instead of having the suffix 'pdf', had '.pdf.exe'. In other words, it held an executable program that secretly lodges itself on their hard drive.

The program was a trojan, a piece of secret code that allows the sender to take control of the infected machine and, for example, record the users' keystrokes.

We call this spy-phishing and we have already seen quite a lot of these attacks.

The other big problem with Trojans is their huge number. The aim of those sending them out is to capture and infect an many machines as possible. In the parlance, a hi-jacked machine is termed a robot, or ‘bot', and a network of bots controlled by a single source is a ‘botnet'. The widespread use of broadband, which provides a permanent connection between PCs and the internet, has provided the so-called ‘bot-herders' with a fertile ground for their attacks. Botnets can consist of hundreds of thousands of machines, with the combined power to send out spam messages by the million, or to mount denial-of-service attacks against commercial websites.

You've been hit - what do you do next?

The first instinct if your company is hit by a security breach or fraud is to fix the problem and get your business operating again. It is an understandable reaction, but not the right one if you want to find the cause and, more especially, the culprit.

If the incident is serious enough to warrant a prosecution, your first priority should be to apply forensic principles, just as with any other scene of crime. If a computer system is touched after an event, software settings may change and it may be impossible to prove who did what.

The second instinct for you may be to call in the police, but the general advice is not to bother. The recent absorption of the National Hi-Tech Crime Unit (NHTCU) into the new Serious and Organised Crime Agency (SOCA) is a signal that the main focus by law enforcement will be on the most serious internet-based crime and not on smaller, more local attacks.

Where the crime is international, then a private investigation firm could be employed to gather evidence, deal with local police and trace the perpertrators and the proceeds of the crime. It is then down to you as the the victim to decide how to proceed.

Smaller companies can also now find protection with a new membership organisation call the Computer Forensic Alliance (CFA), which offers its members a low-cost investigative service.

CFA annual membership costs between £175 and £480, depending on the level of service.

More details at www.cfallies.com

Maintaining your Business Continuity

Security Services or Business Continuity Management processes provide the means for your company or organisation to recover quickly from a situation where company data or communications are not available. Also known as Disaster Recovery (DR) processes, they are of paramount importance for today's modern organisation. With so much information being stored on file servers and associated storage devices, the loss or corruption of relevant operating data for any significant period could prove fatal to your company

Leading experts have estimated that, on average, a company will suffer a major computer disaster every fifteen years.

In the world of IT, disaster means loss of data, whether this is due to fire, flood or criminal action (which would include hackers and viruses).

From communicating with clients and colleagues to storing data and files, email and the internet are essential tools for any business. Yet while many firms have some online protection, most have experienced a security incident. Can your company afford to count the cost of lost business, cash flow and credibility?

For help and advice on how best to defend your company or organisation against viruses, junk mail, browser vulnerabilities, spyware and trojan software, please contact Care Micro.