site map

0845 1226898

All enquiries

Please contact us on this number (at local call rates) or complete a contact request via the button below if you have a query about any of our services and products, or if you require any further information.


Software Security

Care Micro: your IT in safe hands

Beating the hackers, bots, viruses and phishing attacks prevalent in our modern computing world is an arduous task. Maintaining system integrity and protecting your hardware and data is a constant journey. And it also requires the recognition that threats can come from within as well as without.

Every two years, the DTI surveys 1,000 companies - representing a cross-section of British industry - to see how they manage information security. The good news, according to the latest report published in April 2007, is that things have improved. The bad news is that they are still pretty awful.

Care Micro Software securityViruses and other unwanted code are still finding their way onto company networks and the threat from hackers is constantly on the rise. But the biggest danger still comes from within - as staff spend their time accessing dodgy websites, sending e-mails with corrupt attachments, and stealing private company information. Corrupt data and programs are brought in by CD, USB sticks and even iPODs have been known to carry harmful software.

So how do you take control of the situation? Having an acceptable usage policy is a vital first step. This is followed by thorough training to ensure all your staff understand why network security is important. And what can happen to your business - and their jobs - if policy and procedure are not followed.

You can add suitable technology to enforce the policy, not just the anti-virus and anti-spam software that often come as standard on most PCs, but systems that manage and ensure safe emailing processes. Software is now available to block access to certain websites (eg gambling, eBay, home shopping, social networks). And, if you really want to take control, installing a "thin" client network will put you in the driving seat for safe operation.

All these strategies takes time to implement thoroughly. But with Care Micro as your accredited security partner you know you're getting a skilled team on your side to help you win the battle against external threats. Care Micro will manage the complete security process for you - including writing your policies and training your staff - or simply manage key aspects of it such as your network or PC security. It's up to you to decide how safe you want to be.

Please call Care Micro today on 0845 1226898 or email enquiries@caremicro.co.uk to learn more about how Care Micro can minimise the threats to your business and maximise your network uptime. Please see below for more details of our security services.

Care Micro - IT's safe with us.

 

Care Micro Security Products

Care Micro offers a great range of security products for you network.

As an accredited McAfee partner we deliver and install a full range of security products: 

The threat from staff abuse of internet and e-mail (2007 survey)

Technology, telecommunications and utility companies were most likely to report incidents; retail and travel were the least likely.

Protecting confidential information sent by email is still rare. In only a quarter of UK businesses can staff send encrypted e-mail to the company's business partners, even though encryption technology is now widely available.

Online dangers can arise in many areas. Perhaps your company will receive a virus by email that erases critical data and files. Maybe a network worm will find its way into the company's systems, destroying your servers. Or you might simply suffer from unproductive staff misusing the internet. Whatever the threat one thing is clear: failing to manage internet traffic will leave your company facing inevitable risks and problems. 

Business Impact of a Security Breach 

The biggest impact of security breaches, the report says, is disruption of business, with some incidents causing problems for more than a month. An attack on a website was seen as the most disruptive. Roughly two-fifths of the worst systems failures also led to major business disruption, with systems out for more than a day in about half of these.

Self-help for IT Security 

If you want to keep up with the latest developments in IT security and minimise the impact of any lapses on your business, here's Care Micro's handy guide to keeping your computers squeaky-clean.

De-perimeterisation and the Jericho Forum

Recognising this changing IT security landscape, a group of large companies got together two years ago to devise a new way of doing things. Called the Jericho Forum (‘walls come tumbling down'), the group attracted big-name corporates such as BP, ICI, Boeing, Qantas, Royal Mail and Rolls-Royce.

The jury is still out on how effective the Forum will be in shaping future products, but no-one argues with the notion that security has to change to meet a changing business world.

More details at www.jerichoforum.org

Spam, phishing and botnets

If you have an email account will have received a message purportedly from their bank (and many other others, too) asking you to confirm your details by revealing your valuable personal and financial information.

These so-called phishing attacks may have fooled plenty of people when they first appeared a few years ago, but most users are more wary these days.

But the phishers have not given up - they have just changed their tactics. They have to find fresh suckers - which is why we're seeing smaller targets and in different languages, including Greek, Finnish and Czech.

German phishers recently came up with a new wheeze. They sent out messages purporting to come from a utility that provides an electronic invoice as a pdf file. Recipients were invited to click on the link to download the document which, instead of having the suffix 'pdf', had '.pdf.exe'. In other words, it held an executable program that secretly lodges itself on their hard drive.

The program was a trojan, a piece of secret code that allows the sender to take control of the infected machine and, for example, record the users' keystrokes.

We call this spy-phishing and we have already seen quite a lot of these attacks.

The other big problem with Trojans is their huge number. The aim of those sending them out is to capture and infect an many machines as possible. In the parlance, a hi-jacked machine is termed a robot, or ‘bot', and a network of bots controlled by a single source is a ‘botnet'. The widespread use of broadband, which provides a permanent connection between PCs and the internet, has provided the so-called ‘bot-herders' with a fertile ground for their attacks. Botnets can consist of hundreds of thousands of machines, with the combined power to send out spam messages by the million, or to mount denial-of-service attacks against commercial websites.

You've been hit - what do you do next?

The first instinct if your company is hit by a security breach or fraud is to fix the problem and get your business operating again. It is an understandable reaction, but not the right one if you want to find the cause and, more especially, the culprit.

If the incident is serious enough to warrant a prosecution, your first priority should be to apply forensic principles, just as with any other scene of crime. If a computer system is touched after an event, software settings may change and it may be impossible to prove who did what.

The second instinct for you may be to call in the police, but the general advice is not to bother. The recent absorption of the National Hi-Tech Crime Unit (NHTCU) into the new Serious and Organised Crime Agency (SOCA) is a signal that the main focus by law enforcement will be on the most serious internet-based crime and not on smaller, more local attacks.

Where the crime is international, then a private investigation firm could be employed to gather evidence, deal with local police and trace the perpertrators and the proceeds of the crime. It is then down to you as the the victim to decide how to proceed.

Smaller companies can also now find protection with a new membership organisation call the Computer Forensic Alliance (CFA), which offers its members a low-cost investigative service.

CFA annual membership costs between £175 and £480, depending on the level of service.

More details at www.cfallies.com

Maintaining your Business Continuity 

Security Services or Business Continuity Management processes provide the means for your company or organisation to recover quickly from a situation where company data or communications are not available. Also known as Disaster Recovery (DR) processes, they are of paramount importance for today's modern organisation. With so much information being stored on file servers and associated storage devices, the loss or corruption of relevant operating data for any significant period could prove fatal to your company

Leading experts have estimated that, on average, a company will suffer a major computer disaster every fifteen years.

In the world of IT, disaster means loss of data, whether this is due to fire, flood or criminal action (which would include hackers and viruses).

From communicating with clients and colleagues to storing data and files, email and the internet are essential tools for any business. Yet while many firms have some online protection, most have experienced a security incident. Can your company afford to count the cost of lost business, cash flow and credibility?

For help and advice on how best to defend your company or organisation against viruses, junk mail, browser vulnerabilities, spyware and trojan software, please contact Care Micro.