July 2018 Cyber Essentials

Certified and ready for business!

What is Cyber Essentials?

Cyber Essentials is a government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

 

What are Strobe IT’s details?

Cyber Essentials Please visit our online certificate to view our details.

 

What does this mean?

This certification shows that we have taken the time to prove the systems we use to store your data and provide our services mean the UK Governments guidelines or better for security.

July 2018 Email Secuity Enhancements

Security improvements via spam filtering (SpamSnake)

What is this about?

As technology improves, we like to improve our systems and setups too. We do this has we look to provide the best services possible, but to also beat the bad guys.

The improvements we have coming throughout July are all email based, and for customers who have our spam filtering service.

 

What improvements are being made?

DKIM

Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. It allows the receiver to check that an email claimed to have come from a specific domain was indeed sent by the owner of that domain. It is intended to prevent forged sender addresses in emails, a technique often used in phishing and email spam. In technical terms, DKIM lets a domain associate its name with an email message by affixing a digital signature to it.

Throughout July we will be adding these signatures to outgoing emails, and as part of that we might ask you to contact your web hosting provider (if not us) to update the DNS records for this.

Once done recipients of your emails will be able to validate your messages using their filtering systems improving email protection.

Unfortunately if the recipient does not use any email filtering/protection this will not help you.

 

DMARC

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

Once again  if the recipient does not use any email filtering/protection this will not help you.

 

Routing Rules and Security

To improve security between our spam filtering platform (SpamSnake) and your email servers, we will be introducing rules to lock down transport between both systems.

 

Spam Reporting

To aid in reporting spam emails, or even ham emails (wanted but incorrectly caught). We have been working on an add-in for Microsoft Outlook for simple buttons to report it to us for analysis.

We will use the samples of these supplied emails via the buttons to improve the detection of spam, in turn creating a safer & cleaner inbox.

June 2018 Email Data Loss Prevention

Data Loss/Leak Prevention

What is Data Loss Prevention (DLP)?

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network.

 

How can we stop data loss?

To start with, identifying the type of data you have  using GDPR guidelines is a good start. Once you have identified the data, we need to look at the ways the data could be lost or leaked from the business.

This blog is all about losing the data via email. This could be an employee sending the data or a virus transmitting it over email for instance.

To stop such data loss via email get in touch with one of our team to get your emails protected now.

How do Strobe IT protection emails again data loss?

As of the 28/06/2018, we have upgraded our spam filtering offering called “SpamSnake”. This system now has a DLP module in it to scan outgoing emails.

The system works on rules and patterns we create, and using these rules emails are then stopped and quarantined if they match. Once an email is quarantined we will be alerted to the issue so we can approach you about it.

Currently we have rules that cover the following types of data: –

  • Credit card number
  • Driving license
  • National insurance
  • Passport
  • etc…

We shall be adding to these all the time, but if you have a data requirement contact us letting us know so we can look at adding these for you too.

June 2018 GDPR IT Helpsheet

What do you need from IT for GDPR

For a long time now people have been going on and on about GDPR. Well people could not decide what GDPR meant leaving lots confused and not complying after 25/05/2018.

To help we have put together a very quick summary and tick sheet allowing you to assess your status. This PDF is provided free of charge with no guarantee of legal standing as we are not a law firm, and all policies, procedures and questions should be directed to such a company.

This is purely our interpretation of your IT requirements to allow you to work towards being compliant.

GDRP Help Sheet

June 2018 Helpdesk Changes

Helpdesk and Monitoring Changes

As with all services, changes happen. Sometimes these changes are too often or maybe they seem to be a backwards step. We hope the changes we have introduced are an improvement and the way forwards.

 

Monitoring Agent Branding

As part of our maintenance service agreement, we install an agent on your devices called Comodo ITSM Agent.  This agent allows us to monitor your devices for errors, run corrective processes, update software packages and more.

One thing we have found is that client question what this is, especially when it is asking to reboot your computer. To make this seem more acceptable and self explanatory we have re-branded this to Strobe IT ITSM Agent.

 

Helpdesk Emails

We have for a long time tried to cram a lot of information into a ticket update email, but we have been finding that these are not friendly and do not work on mobiles. To combat this we have re-designed our email templates to remove things like our logo and silly catch phases. We have also taken the useful information like ticket number and topic, and placed them at the top before any update messages so it’s clear what we are talking about.

19th March 2018 – Snow Status

The weather has hit us again, this time no beasts involved.

Unfortunately, for safety reasons we will not be performing site visits today as reports of road closures, accidents and more, show that it is un-safe to do so.

All services are as per normal except for site visits, so if you are able to get in and need help. Give us a call on 01884 664004 or email us on helpdesk@strobe-it.co.uk

1st March 2018 – Snow Status

Whats all this about?

As you all might be aware, the UK has been experiencing especially cold weather. This has now unfortunately hit the South West.

This morning at 06:15 GMT in Tiverton at the office there was nothing to greet us for the start of the day. Unfortunately, by 06:30 this changed bringing in a nice layer of snow.

This weather according too the news is going to get worse as we have store Emma approaching which is set to bring in more snow.

 

How does this effect us?

Well weather like this does not normally effect us, but due to the current conditions we have some alterations.

During the current weather our engineers are still contactable on 01884 6640004 and helpdesk@strobe-it.co.uk , but we shall not to performing any site visits today and until further notice.

We are sorry if this causes issues to your business, but we believe being safe is the best.

Please rest assured our monitoring and remote support is not affected.

 

Service Status

ServiceStatus
Remote SupportService as Normal
On-Site SupportCurrently Unavailable
Internet ConnectionsService as Normal
Office 365Service as Normal
Spam FilteringService as Normal

 

Nov 2017 Internet Protection

Internet Protection with Dome Shield

As part of our constant developments as an MSP, we have been looking at the biggest issue for our clients; the INTERNET!

 

Why is that an issue?

There are many reasons why the internet is an issue, for others more of the following examples will apply than others: –

  • You want to stop access to known virus infected websites
  • Do online banking and want additional protection to stop access to phishing websites
  • Restrict or stop certain content types entering the business

 

How will this protection work?

The process is an address book lookup change, instead of giving you the address of the unwanted information we give you the address of a page explaining why you have been stopped.

A little more information on this for a technical minded is….

Every human readable address like www.strobe-it.co.uk for example is converted to a computer readable address lie 81.21.254.71 which is called and IP Address. So what we would do is change the address book you use (normally your internet service providers) to ours; at that point we send you the addresses in accordance to the configured rules we have for you.

 

So what does this extra protection cost?

This is the beauty thing, we are going to be offering this basic service for FREE to all maintenance clients. So be that you have either a remote only or on-site agreement we will offer this service to you FREE!

 

How do we get this setup?

We have already started doing this for our clients. Over November we are going to be rolling this out to all clients with compatible setups.

Once this is complete we will then be looking at customers with more complex setups, so watch this space!

 

What if we don’t want it?

If you do not want the service, or want to change some of the defaults to meet your needs; please contact us so we can make this work for you.

Nov 2017 SpamSnake Engine Change

SpamSnake Engine Change

For about 3 years now we have offered spam filtering devices and spam filtering services to our clients. Every so often we make some big leaps in the technology that runs this, and here is another!

 

Who have we been working with?

We have been working closely with Comodo and their virus / spam threat lab, and have got a solution to improve the experience for all. We chose Comodo for this project after looking at the new release of the existing engine called “MailCleaner” and Comodo’s engine called “KoruMail”.

 

Why KoruMail?

There are many reasons we have chosen to use KoruMail over grading the existing engine which include access to support, development is better and more; four reasons are: –

  1. KoruMail uses Comodo’s business grade antivirus product for scanning emails instead of a free basic scanner.
  2. Comodo have a dedicated team creating and writing spam rules allowing us to be ahead of the game.
  3. Not only do we have the access to RBL’s (Blacklists), Comodo provides their own managed list like this too.
  4. More customisable so we can tailor it to each client.

 

What advantages will that give SpamSnake?

This is the big question, but we have many answers as the change is so successful, where to start!

  • We launched the new system on 02/11/2017, before this we were seeing about 70% of email being classed as clean. Now we see on average 45-50% classed as clean, this is a massive 20% extra caught!
  • New classifications of emails too, so we tag the subject lines to [PROMO] and similar for adverts etc. This allows you to have rules in your email clients like Outlook to move them to folders and more with ease.
  • Quarantine reports are produced every 4 hours with just the newly caught stuff since your last report unlike the old system, as an illustration something is caught b mistake you don’t have to wait 24 hours to release it.
  • Spam is no longer just split into Spam, Virus and Clean. We have many categories like: –
    • Spam
    • Probable Spam
    • Certainly Spam
    • Virus
    • Social
    • SPF Reject
    • and many more allowing us to see exactly what your receiving and help battle this growing menace better.

 

Our Conclusion

The KoruMail engine is extremely good and has already proven itself. There are more features coming in future developments to help protect you better.

If you do not believe us; why not contact us and setup a free 2 month trial!

May 2017 Cyber-Attack

WannaCrypt Cyber-Attack

On Friday 12th of May over 90 countries have seen the start of a mass cyber-attack using a virus called WannaCrypt. This virus is an updated version of the recent CryptoLocker that hit businesses a few years ago.

Below is a guide on how this virus works as well as what you can do to protect yourselves; but a quick note for all is make sure your systems are up-to-date as this is why it has spread.

 

How does WannaCrypt work

How does it infect me?

WannaCrypt enters your computer by either an email which has an attachment, or a link that you click downloading it. Once it is in your network it tries to spread using standard SMB network language which is at the heart of most Microsoft networks.

What does it do to my machine once infected?

If you are successfully infected by the virus it starts searching for files it has access to on your PC and any network drives you have access to. Once this list is created the system then encrypts them using a password that your business does not know; as you do not know the password, encryption level or software you cannot access your files anymore.

How do I protect against this?

Maintenance Clients

 

As part of our ongoing tasks, in the background we are constantly looking at your businesses security from Microsoft patches to the quality of your virus scanner and connection to the internet.

The security patch from Microsoft that stops this infection from happening was released 14/03/2017 under security bulletin MS17-010. Our policies for patches of this security level are to run an update routine every day meaning our clients with PC’s protected by this patch will have it installed.

Non-Maintenance Clients

For our non-maintenance clients, we suggest you run your update procedures as soon as you can as well as running a virus scan on your computers. Once this is done your systems should be secure from this attack.

What do I do if I have already had my files compromised?

If your files have already been compromised you need to look at turning off all possible computers to stop the infection from spreading as well as contacting your preferred IT Support company or us via our Contact Us page.

Your support company should then be looking at either data recovery; or rolling your data back using your backup or disaster recovery system.

Why has this spread so fast?

The reason the virus has spread so fast is down to out of date systems. Lots of companies use out of date versions of software like Microsoft Windows for various reasons like: –

  • Lack of funds to replace systems
  • Run an older application that is no longer created
  • Run an older application that does not support newer operating systems like Windows 10

 

 

We hope this information has been helpful, but if you do have any questions please get in touch with us via our Contact Us page.

« Older posts