03 443 5499

What should I be doing to secure my business? 

One of the first things about Security is realizing that security is much more than stopping people “hacking in”. 

It is fundamental to any business to have a business continuity plan (BCP). If you plan for a power outage what happens? Your IT systems will be down.  

Can I use the same plan if an outage occurs to my IT systems and it’s not a power problem?  

Security is the foundation of resilience. 

The hardest part about security is getting started. Often, it’s on the “to do list” until it’s too late.  

Hopefully you have already talked to your IT Alliance partner and had the security business continuity conversation.

If not “What should I do first” is a common question? Rather than recommend one single thing, the answer should be – “Have a plan”  

So, what does your plan need to cover? 

  • Firstly, look at any existing business continuity plan. Is it up to date has it been tested? 
  • Look at not just the worst case but also the best case and know that when an incident occurs it will lie somewhere in
  • Most importantly have a plan, know what to do and who to call. 
  • Understand your risks and apportion the appropriate resources to minimize those risks.
  • Make the plan proactive. Be a fence at the top of the cliff and don’t rely on an ambulance at the bottom. 
  • Prevent rather than recover.
  • Inventory is a crucial starting point of any plan. What equipment do you have? what software do you have? What data do you have?
  • Then look at where are the biggest risks. Is there a single point of failure?

Look at your plan as being a holistic business continuity plan, that is a living document. Continually revisit, update, fire drill, and improve.  

Many of the incidents we see disrupt business are due to poor Cyber hygiene not some advanced nation state hack.  

Do the following to enhance your security: 

  1. Keep the software for your devices and applications up to date.
  2. Access? How do I verify my user is in fact who I think they are? Is MFA (Multi factor authentication) on!!!
  3. What information do I have? Where is it stored? Who has access?
  4. What are my essential services?
  5. What are the financial implications of these risks?
  6. What are my obligations to customers, employees, and shareholders?
  7. If I was breached, how would I know and when?
  8. Am I running Microsoft 365 Business Premium?

Can my staff trust that the Cyber workplace is as safe and secure as possible? If it is, you will see productivity and creativity flourish, staff retention rises as well as the ability to recruit new staff. 

“She’ll be right” –  Is not a plan! “No surprises” is a plan. 

For further advice, contact your local IT Alliance member to discuss creating a plan for your business.  

By Paul Caldwell – Microsoft Security BDM 

Protecting your business with ESET Security

Written by: Andrew Fergus, IT Alliance

Now, more than ever, it is important to secure your data. Cybersecurity threats to your organisation, your staff and your clients are becoming a regular occurrence here in Otago. As these cybersecurity threats become more significant, it’s really important to understand what they are, and how to do your best to prevent them. So let’s dig in and look at the different types of attacks and one of the most popular options for countering it – ESET Endpoint Security.

So what are the key threats?

Ransomware. This is a type of malware which threatens to publish or block access to your data unless a ransom is paid.

Email Virus Attachments. It’s common for viruses to be sent as email attachments to unsuspecting users, if opened these can potentially infect your whole system with unwanted viruses.

Spyware. This is another type of malware which can steal sensitive data such as passwords, credit card details and commercially sensitive data.

ESET Endpoint Security

ESET is used on 110 million devices, each one sends a feed to head office if it detects an unknown potential virus – this means they can examine it and send out a fix if needed. They send out updates every 2 hours and have a team dedicated to threat security. It also has a negligible impact on computer performance. Meaning your computer wont go super slow. Its testing system has no false positives, so if there is a notification, you know it is correct.

With so many businesses moving their files to the cloud there is an additional ESET product helping keep business safe. ESET Cloud Office Security provides advanced preventive protection for Microsoft 365 applications against malware, spam and phishing attacks via an easy-to-use cloud management console. Eliminate spam from Microsoft 365 inboxes and keep your OneDrive files malware-free.

A Word of Warning for Compromised Data!!

One more motivation will be around from 1st December 2020 with a new Bill from the New Zealand Government, which means that if you are compromised and your data gets taken or lost, you have to notify the Office of the Privacy Commissioner and affected individuals. If you don’t then you could be liable for up to $350,000 per EACH MEMBER of a class action.

So what next for your Cybersecurity?

We recommend using ESET Endpoint Security, this protects your files and network, doesn’t hog your resources or waste your time on false positives – it also mitigates your risk against the NZ Privacy Act 2020.

Bonus tip for those using Microsoft 365

For those of you that have moved your files to the Microsoft Cloud. We recommend turning on 2FA (Multi-Factor Authentication) which is included free with your Microsoft 365 subscription. Also add your Office IP address so it only prompts you for a second authentication every few months when using your office, but still prompts to authenticate when adding new devices or visiting new areas.

If you’d like help choosing the best antivirus & firewall software for your business and help with setting it up, contact us today on +64 3 443 5499. If you’d like to visit or email us, you can find our details here.