Many businesses have IT Support, but they may not realise they also need IT Security.

Depending on the solution your business is being provided with, you may have a little security within your support, but don’t take this for granted!

Basic IT support may cover you with an anti-virus solution, but in today’s world this isn’t adequate. Support is about keeping the devices required to run your business, productive. Think of it like having a car, you get it serviced regularly at a garage. Your car is the device, but what about the driver? The driver doesn’t go to a garage for a check-up, you go to the doctors.

IT Security goes beyond support. An anti-virus solution doesn’t keep your business covered for all threats that businesses are targeted with these days. There is far more malware being found on devices than ever before. Some of these malware applications can lay silent in programs, or on your system, just waiting for a trigger point that can lead to damage and business disruption.

Beyond Malware is Ransomware, which can really hurt!

If you’ve been on the receiving end of a successful ransomware attack, you’ll know how much they can hurt a business. The disruption and damage to a company’s reputation is the least of the problems. Depending on the depth of the ransomware attack, it can lead to a full closure of a business. A large majority of these attacks start with a user being phished.

Security uses a different tool set from support, it therefore requires a different knowledge bases and skill set, which is a worthwhile investment for any IT support business. Support and Security are two different packages and should be treat as such. Your business may of the size where you have an in-house IT team, but with security, you’re going to need to take a different approach.

IT Security isn’t about the device, its focus is the users. Phishing attacks are becoming more and more sophisticated and harder to spot. This makes cyber education a key element of any business security policy. If a user doesn’t identify a phishing attack, and accidentally activates a live link, this could be catastrophic for any business. By having processes and procedures to follow, you can use technology to assist with picking these attacks up where humans can’t react quick enough. If you work in a security sensitive business, such as a solicitors, you may need to extend your security policy to include a SOC (Security Operations Centre), who are there to monitor your infrastructure 24/7.

In any business, there are two weak points:

  • The oldest device
  • The laziest person

How do you identify either of them?