Archive

Category Archives for "General"

This is the default category

How to protect your company’s sensitive information from being traded on the dark web

Did you know that your employee identity or customer details can be illegally sold on the dark web for as little as £7 to £10?

Businesses may or may not have heard the phrase "dark web", and even if they have, it may be difficult to understand what the dark web is and what it can mean to their business. In today’s digital world, online interactions have increased tenfold with digital payment systems, online databases with sensitive information, personal identities and digital corporate information. It has led to an explosion of digital crime with hackers stealing sensitive data and selling them on the dark web.

The three levels of the Internet:

Level 1 – Surface Web: The surface web is accessible by all and is what we all know as the internet. The surface web represents about 4% of the internet. Surface web is also known as the public web which is anything that can be indexed by a search engine like Google, Bing, etc. Online shopping, sharing posts in social media, searching for information, etc. are all part of the surface web.

Level 2 – Deep Web: Deep occupies around 93% of the internet. Internal company sites, intranets, databases, members-only websites are examples of the deep web. These sites are not indexed in search engines, i.e. they won’t show up in searches unless either you are connected to your company’s network or you know the web address and have access to it.

Level 3 – Dark Web: 3% of the internet belongs to the dark web. The Dark Web is intentionally hidden and is inaccessible through regular web browsers. Multiple layers of encryption and security help the dark web in maintaining its anonymity. The dark web is the go-to place for large scale illegal activities and online crimes.

Why should SMEs be Wary about Dark Web?

Criminal activities on the dark web can directly affect your business. For example, your customer data, employee information or other sensitive information can be stolen and sold on the dark web. 

Recently security specialists at m3 Networks recently uncovered alarming results from research investigating more than 600 businesses which are members of Dundee and Angus Chamber of Commerce. Almost 24,000 security breaches with an average of 39 per company were found on the dark web – over 57% of all these businesses appeared on the dark web with breached credentials.

How can SME’s Protect themselves from the Dark Web?

  1. Ban employees from using TOR: Don’t allow employees to access the TOR network; they can easily expose your business to malware. TOR is the most common software client used to access the dark web. Provide clear and strict employee guidance on how to cleanly use the internet.
  2. Train employees on security protocols: Cybersecurity experts always advise that employee error plays a major role in a successful cyber-attack. The fact that most SMEs are unaware of the dark web is argument enough that additional training on IT security is essential. This will help increase employee awareness about cybersecurity measures and compliance so that they follow your businesses security protocols.
  3. Treat passwords carefully: Don’t use the same password for multiple accounts. Creating a strong password is best practice as well as storing these with a reputable password manager such as LastPass or OnePass – but this is not a guarantee. You could have the strongest password but if your business does not protect it in a secure format then it could be stolen. Knowing your password has been breached as soon as possible is critical so you can change it in all the locations it has been used. Or it WILL be used against you.
  4. Limit employee access to sensitive information: Many SMEs cannot differentiate between sensitive data and publicly accessible information thereby offering a much larger possible attack surface. Limiting employee access to sensitive data can limit a cybercrime incident. Therefore, it is advisable to restrict access to sensitive data on a need to know basis.
  5. Take help from dark web monitoring experts: At m3 Networks, we offer dark web monitoring services to alert when a business has been compromised so that passwords can be changed quickly. We have tools that can trawl more than 600,000 forums and websites on the dark web. 

We also offer a suite of other security services such as security awareness training, penetration testing,  real-time network and security event monitoring, incident response and virtual CISO services, amongst others

Our technical director Mark Lamb recently gave an interview on the dark web to The Courier “Personal details of thousands of workers from Tayside firms being sold on dark web”. Follow the link to learn more about our investigation and what Mark Lamb’s recommendations are for enterprises.

Advantages of Outsourcing your Cyber Security Services

“Almost half of businesses in the UK including SMEs (43%) suffered a cyber-attack in the last twelve months.” - Department for Digital, Culture, Media and Sport

Reasons for outsourcing cyber security services

Current Scenario

Advantages of Managed Service Provider (MSP)

Breadth of cyber security knowledge

In the UK:


- 43% of micro firms,

- 41% of small firms,

- 39% of mid-sized firms


don’t know the reasons which lead to a cyber-attack.

- Lack of proper knowledge on the contributing factors and sources for most of the disruptive breaches makes SMEs vulnerable to cyber-attacks. 

- As such its best to outsource cyber security to a Managed Security Service Provider (MSSP). Experience and knowledge of managed cyber security service providers will reduce the chances of a cyber-attack considerably.

- Also, a managed security service provider will be able to educate employees through cyber security awareness training programs and monitor your organisations exposure on the dark web, amongst other things

Fixed monthly or yearly cost

- 34% of SMEs in the UK find it challenging to invest in IT security as the cost has historically been high

- 30% of SMEs spend less than 3% of their overall budget on cyber security.

- Managed Security Service Providers (MSSP) offer cyber security services at a very affordable and fixed cost.

- Majority of MSSPs offer their services to SMEs on a monthly subscription fee, but some may charge it annually.

- The fixed cost helps SMEs to plan their cyber security investment efficiently.

24/7 peace of mind

On average it takes around 3 days to neutralise the effect of a cyber-attack, leading to lost staff time and deviation of focus from the core business.

- Managed security service providers will perform around-the-clock monitoring.

- Continuous monitoring is an essential aspect of security as an enterprise can come under a cyber-attack at any time of the day.

- With 24/7 monitoring and security support, SMEs can enjoy peace of mind to focus on their core business operations and revenue generating activities

Availability of cyber security professionals

According to industry experts, there will be a shortfall of 100,000 cyber security professionals in the UK by 2022.

- Outsourcing cyber security is the best option for businesses these days, and it is especially crucial for SMEs that have limited budget or employees. 

- SMEs often have trouble attracting and retaining top security professionals.

- Some do not have the time or resource to deal with routine maintenance, which will ultimately lead to an inefficient security system.

Better Security Management

The cost of cyber attacks


- for small enterprises amounted to around £894

- while for medium-sized enterprises it was around £8,180

- Managed security service providers (MSSP) use a suite of detection and prevention tools and robust backup protocols to try and prevent cyber-attacks and shorten recovery time.

- Outsourcing cyber security services to MSSPs will reduce and mitigate cyber threats.

- MSSPs maintain cutting-edge security technologies to provide endpoint protection, web and dark web monitoring, security awareness training, penetration testing, vulnerability scans, firewall management and much more.

Why it is Important to Fix Your IT Costs

Organisations across the world are undergoing an extraordinary transformation. A new generation of technology is changing the way businesses maintain security, customises a product, enhances the customer experience, markets their products and more. In time, and possibly in a short period, the entire way UK companies engage with their customers will be different, or rather will be very customised. Driving this change is the rise of new technologies. UK companies which combine this with the right IT budget (which can be tricky at times) can seize this opportunity.

Type of IT Cost

IT budget is a combination of total information costs which include IT spending and salaries of all IT users. Information costs include buying of services from service providers, advertising agencies, consultants, and accountants to support the information workforce.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Acquisition Cost

Hardware

Direct

Initial hardware purchases or lease costs. Customers can choose a cloud-based platform or build it in-house which would incur a significant expense.

Software

Direct

It includes software costs with a monthly, yearly or one-time plan.

Implementation

Direct

The cost associated with setting up a new system.

Subscriptions/ Licenses

Direct

Either each license to be purchased separately for each user or it can be a package with access to multiple users. The cost would differ based on the type of license/subscription.

Data migration

Direct

Data migration can be surprisingly expensive, so it is advised to check with vendors on what the pricing policy is and if they offer this for free.

Training

Direct

Though this is considered to be the largest cost in the acquisition stage, investing in training will improve business efficiency.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Operations Cost

Security

Direct

Managed security services to help reduce and mitigate various forms of cyber threats.

Ongoing training

Direct

Ongoing training can be for current users looking for training on specific complex features or for new users to expand the knowledge of the platform.

IT Maintenance

Direct

Overall IT platform maintenance and software upgrades comes at an additional cost.

IT Support

Direct

IT support services for the installed system will come at a cost. It is advised to check with the vendor if they offer 24/7 support to keep operations running at all the time even if it comes at a premium.

Data Center

Direct

Another cost to consider is the costs associated with maintaining in-house servers and hardware.

Downtime

Indirect

The cost associated with productivity and revenue loss due to inaccessible systems during a disaster.

End-user operations

Indirect

Productivity lost due to troubleshooting, bad end-user interface, etc.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Resource Cost

IT staff

Direct

Salaries for a team of IT professionals to keep systems secure and running.

Strategy consultant

Direct

External vendors/consultants offering clear and structured strategic IT planning support to businesses. Ensuring the IT strategy is aligned with the needs and demands as the company grows and develops.

Administration

Direct

Salaries to additional resources to manage CRM and other marketing automation tools.

Why fixing IT costs is important

Effective IT spending plan: IT cost allocation is a complicated process even for large organisations. Budget constraints and limited IT expertise often keep SMEs from making effective IT spending decisions. Better visibility into the type of IT costs can help SMEs come up with a definite IT spending plan based on their business requirements.

Cushion against surprise cost: A better knowledge of hidden hardware and software costs can help enterprises reduce unnecessary costs and reallocate resources to more critical business operations. Before investing in new IT equipment, it is essential to evaluate an enterprise’s spending history and implement best practices that will improve the bottom line.

Balance cost among hardware, software, and services: Fixing IT cost will balance the spending among hardware, software and services. Strong systems management is the key to overall cost reduction, per a report by Gartner. The more budget allocated for direct IT expenses, like operations, training, support and services, the less budget will be wasted on lost productivity and downtime.

Reduce total cost of ownership (TCO): Enterprises when planning for IT cost, should factor in the total cost of ownership (TCO). IT systems need to be upgraded and maintained continuously. Constant costs related to IT security, software updates, labour, repair and tech support are unavoidable. However, simplifying the IT infrastructure and management processes will increase productivity, efficiency and reduce TCO to a great extent.


“For IT, total cost of ownership (TCO) includes hardware and software acquisition, management and support, communications, end-user expenses and the opportunity cost of downtime, training and other productivity losses.” - Gartner

How fixing IT cost can benefit an enterprise

Managing annual IT expenses will help in understanding the actual IT implementation cost and how to avoid costly and ineffective solutions. Estimating IT infrastructure cost over a period of time helps enterprises make better buying decisions when deciding which solution provides the best possible ROI.

Options

Cost

Review

In-house System

Expensive

Generally, in-house systems are built based on the company's requirement by a team of IT professional. This type of IT solution is costly for SMEs, hard to maintain, and will always be on the lookout for experienced IT professionals.

Enterprise Suite

Expensive

Enterprise Suite usually is an enterprise CRM as the core technology stack and requires different custom integrations with third-party systems. 3P systems may include sales automation, social media, project management, website tracking, predictive analytics, among others. Purchasing different platforms from different vendors and user training for individual platform makes this option an expensive one.

Integrated Solution

Moderate

CRM platform integrating marketing, sales, customer service, operations, etc. into one single platform. This complete solution offers a much more profitable ROI when it comes to technology purchases as all the tools come in one package. Enterprise's all data and information are stored in one location, which is accessible to employees of different departments. These features make this option a better choice as compared to option one and two.

Managed Service Provider

Affordable

Among the four options, the best is outsourcing IT services to a Managed Service Provider (MSP). MSP is often recommended as the cost-effective IT solution for SMEs. For a minimal fixed monthly fee, MSPs provide customised IT solutions and services based on the business need.

5 ways Cyber Essentials can Improve your Business

“1 in 6 UK small and mid-sized enterprises fell victim to a cyber attack in the last 12-month duration. Of the enterprises affected, more than one-fifth stated that it cost the company more than £10,000, and 1 in 10 mentioned that it cost more than £50,000.” - Zurich SME Risk Index

The Cyber Essentials scheme is backed by the government to help companies protect themselves against cyber threats. Cyber Essentials helps organisations guard against the most common cyber threats by implementing cyber security best practices. Following are five clear benefits of Cyber Essentials.

Protection against cyber threats

According to a report by NIG, almost 80% of data breaches can be prevented by implementing Cyber Essentials which are simple security practices. Daily, hackers are trying to steal data, money or cause severe disruption to SMEs and mid-market companies. Following the Cyber Essentials scheme is the best way for businesses to approach cyber threats. The Cyber Essentials scheme includes highly effective precautions such as using stronger passwords, updating software regularly, limiting access to sensitive information, background checks of employees, among others.

Improves existing and potential customers’ trust

Per a report by KPMG, almost 60% of UK consumers would be willing to stop doing business with a breached enterprise. Enterprises rigorously following the Cyber Essentials scheme have a competitive advantage in comparison to competitors without accreditation. Cyber Essentials certified enterprises show its commitment to security, demonstrating to customers, investors, suppliers, and regulators that it takes cyber security very seriously. Cyber Essentials accreditation becomes even more critical for enterprises using and storing personal data like medical records, financial information and other sensitive data to build trust.

Cyber Essentials an essential step towards preparation for GDPR

GDPR is the new data privacy regulation which aims to give protection and control to the EU populace over personal data. Typically, the law will affect how businesses can collect and use personal data. By so doing, companies will be required to be more transparent when it comes to collecting and utilising data from customers. Cyber Essentials is a significant first step in preparation for GDPR as violators will have to pay a potential fine of up to €20 million or up to 4% of a company’s annual turnover.

Improves business efficiency

Without a coherent and consistent plan, a great extent of time, money and resources are spent on patching IT infrastructure and security as and when they arise. There is an inevitable loss in staff time during the restoration of services, particularly for IT staff. Implementing Cyber Security Essentials will allow both technical and non-technical staff to remain as productive and efficient as possible by focusing on core business without the need to fix bits and pieces of the company’s IT infrastructure.

Better chance of winning government contracts

The government is using the Cyber Essentials scheme as a step towards reducing the levels of cyber security risk in its supply chain. Since October 2014, the UK Government requires all enterprises bidding for contracts which require handling of sensitive and personal data or the provision of technical products and services to be Cyber Essentials certified.

5 Benefits of Fixed IT Costs

When you are looking for business IT support, you can find various types of contracts and agreements. You could just decide to Pay As You Go (break/fix) basis, pay in advance for blocks of hours, or choose a fixed price IT support contract which includes the majority, if not all, the things your business will need on a monthly basis.

The biggest benefit of a fixed price model, is that you know exactly how much your IT support costs will be each month. This is great for cash flow and essentially your IT costs just become another commodity – just like paying your rent, electricity and insurance. But there are some other major benefits that you may not have realised.

Continue reading

5 Steps to Email Compliance

Your email is NOT secure.

For most businesses, email is a vital method of communication. Many organisations rely on email to send confidential information within and outside the business. The widespread use of email for confidential information makes it highly vulnerable to exploitation. In fact, email accounts for 35% of all data loss incidents, a recent study found. So with huge potential to cause harm to your business, there is a need to secure, control and track email messages and attachments wherever you send them.

Continue reading

Can your IT provider prove how good they are?

We are delighted and very proud to shout from the rooftops that our overall customer satisfaction score for 2017 was a staggering 98.7%!

Industry averages are around 93%, so we’re outperforming most of our competition. All IT companies will say they provide amazing service, but how many can actually prove it?

Continue reading

Meet our newest team members!

It’s been a great year so far here at m3. Our Helpdesk continues to get busier and busier. We’re always onboarding new customers which means more technicians are needed to keep your IT systems running smoothly.

It gives me great pleasure to introduce the latest new recruits to the m3 team. Joining our Helpdesk as 1st Line Support Technicians is Craig Reid and Ruth Lamont.

Continue reading

The B2B Roadshow Glasgow

Today we were exhibiting at the B2B Roadshow at the Village Hotel in Glasgow. What a fantastic venue! This was the first business event we have exhibited at for quite a while, so we were really excited to get out there and meet some new contacts. The event was really well attended, and we got to speak with lots of businesses about our Managed IT Support and how we help customers with their IT needs.

Continue reading

>