Cyber Security

There are few more important operations than to keep your users, data assets and infrastructure secure. Cyber Threats continually evolve rapidly and compliance requirements for all organisations continually change.

Cyber Protection

Against threats, attacks and breaches.

Ensure Compliance

With the latest regulatory requirements.

Safeguarding

Protect your vulnerable users against all manner of on-line threats.

Protect important data

From threats and ransomware.

Expandable and useable

We can help you implement security solutions that grow with your needs.

Academia provides an extensive range of security solutions and services. Everyone has slightly different Cyber Security demands, do give us a buzz to discuss how we can help your organisation.

Contact us today

What is Identity Management (IDAM)?

Identity Management (IDAM) is the framework of policies and technologies that ensure the correct people are granted appropriate access to IT systems. It is the foundation of all good security schemes. In recent years it has become critically important for good regulatory compliance as well as management of access to cloud and on-premise IT systems and applications.

  • Access Management – ensure the correct people have access to the relevant cloud and on-premise systems and applications
  • Single Sign on – allow you users to log in and authenticate to all their cloud and local applications using a single identity, saving time and password resets.
  • Auditing – Improve your security controls with user access and authentication report ands and alerts.

An integrated approach to Identity and Access Management. Micro Focus offers a full suite of solutions to allow everything from Identity Governance to Single Sign On (SSO).

A complete access management platform for your workforce and customers, securing all your critical resources from cloud to ground. Good integration with other applications including JAMF.

What is Email Security & Continuity?

Email security is about protecting your mail and all content in your mailboxes, without good Email security you leave your organisations open to risks:

 

  • Phishing attacks: Fraudsters will try get sensitive information from you or your staff usually with emails disguised as being from legitimate sources.
  • Email Compromise / Spoofing: A fraudster uses a fake internal email to try get a user to send money or reveal sensitive information.
  • Malware or Ransomware: Email security prevents fraudsters delivering malware and ransomware to a user’s inbox by checking hyperlinks and attachment.
  • Man-in-the-Middle attacks: By intercepting emails to/from your organisation, a fraudster can alter them for gain, these attacks are possible when users send emails sent over unencrypted Wi-Fi.

 

Email continuity ensures access to you email if your regular email system is down for maintenance, power cut or any other reason.

Mimecast’s mission is to mitigate the risks from email and to reducing the cost and complexity of protecting organisations by moving this workload to the cloud.

What is Multi-factor Authentication (MFA)?

Multi-Factor Authentication (MFA) is an IT systems access technology where a user is given access to a system after presenting two or more pieces of information (or factors) to an authentication mechanism. Two-factor authentication (2FA) is a type of multi-factor authentication in common use typically requires a user to confirm a password and a one-time code delivered via pre-designated means.

Simple and effective, Duo provides two-factor authentication, endpoint remediation and secure single sign-on tools

What is End-Point Security & EDR?

Everyone knows that good basic endpoint security is a must have for all devices – it’s where the rubber hits the road, where the users and their machines are most vulnerable and for this reason quality, fully supported anti-malware software is central to a cyber security defence.

 

EDR (Endpoint Detection and Response) is a more advanced level of endpoint security and is particularly effective against stealthy advanced persistent threats where EDR tools monitor the endpoint for usual activity and the end-user is prompted when suspicious activity is found and offered a range of preventive actions.

Sophos allows you to secure every endpoint of your network, from laptops to virtual desktops and servers, to web and email traffic and mobile devices. With easy cloud management, Sophos simply ensures your network’s security.

Trend Micro was founded 1988 to develop antivirus software and over the last three decades, they have become a market leader in hybrid cloud security, network defence, small business security, and endpoint security.

ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software. Now, ESET’s goal is to make sure that everybody can enjoy internet with the highest levels of safety and security.

Heimdal Security solutions utilize an innovative suite of DNS Traffic Filtering and Automated Patch Management to prevent even the most advanced threats that traditional security such as antivirus can’t detect.

McAfee is long known for providing security solutions and in the last few years McAfee’s new security solutions are cloud-centric and cloud manageable. McAfee is also in forefront of other cloud security technologies, web filtering and CASB.

Jamf Protect, jamf’s Apple security solution has been developed natively on Apple’s architecture and offers dashboards, real-time alerts, and extensive reporting on built-in macOS security frameworks like XProtect, Gatekeeper and MRT.

What is Email Security & Continuity?

Email security is about protecting your mail and all content in your mailboxes, without good Email security you leave your organisations open to risks:

 

  • Phishing attacks: Fraudsters will try get sensitive information from you or your staff usually with emails disguised as being from legitimate sources.
  • Email Compromise / Spoofing: A fraudster uses a fake internal email to try get a user to send money or reveal sensitive information.
  • Malware or Ransomware: Email security prevents fraudsters delivering malware and ransomware to a user’s inbox by checking hyperlinks and attachment.
  • Man-in-the-Middle attacks: By intercepting emails to/from your organisation, a fraudster can alter them for gain, these attacks are possible when users send emails sent over unencrypted Wi-Fi.

 

Email continuity ensures access to you email if your regular email system is down for maintenance, power cut or any other reason.

Mimecast’s mission is to mitigate the risks from email and to reducing the cost and complexity of protecting organisations by moving this workload to the cloud.

What is Web Filtering?

Web filtering stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web Filtering is especially important as it protects users and organisations and ensures compliance with best security practise.

 

  • Protects users and organisations against all manner of web-based threats such as fraud, phishing sites.
  • Compliance with best security practises.
  • Blacklist and Whitelist are types of web filtering. Blacklists are where websites that are deemed inappropriate are blocked. A “Whitelist” allows users only to access certain sites.

 

Keyword and Content filtering prevents access to websites that contain specific keywords or predefined content (such as pornography, for example).

Sophos have made web protection simple, from deployment, to daily management and support. Sophos’ world class in-house threat researchers use advanced automation to stay ahead of the latest threats.

McAfee’s MVISION Unified Cloud Edge solution designed to protect data and defend against cloud-native threats. This solution provides the ideal balance of security and performance while simplifying the adoption of a Secure Access Service Edge (SASE) architecture.

What is Vulnerability Scanning & SIEM?

A Vulnerability Scanner is crucial for security. It scans each system on a network looking for mis-configured and missing patches then generate reports so that you can remediate. You should scan your network with credentials every week to check for missing patches and configuration changes.

 

  • Pinpoint vulnerabilities in your organisation.
  • Locate vulnerable unpatched devices on your network.
  • Use reports to close security loopholes.

 

SIEM (Security Information and Event Management) is a set of tools and services giving real-time visibility of an organisation’s information security. SIEM works by combining real-time system monitoring and collecting data from log files for analysis and reports on security threats and events.

 

  • Event log management that consolidates data from numerous sources.
  • Correlates logs from various sources and uses intelligence to trigger security event notifications.
  • Dashboards for security issues and other methods of direct notification.

Tenable aims to empower all organisations to understand and reduce their cyber security risk. Their award winning, popular solutions help more than 30,000 organisations understand and reduce their security risk.

Rapid 7 combines Vulnerability Scanning and SIEM. Their comprehensive award-winning solutions simplify complex through shared visibility, analytics, and automation that unite your teams around challenges and successes of cybersecurity.

LogRhythm is a world leader in NextGen SIEM, helping organisations to reduce risk by rapidly detecting, responding to and neutralising damaging cyberthreats.

What is Security Patching?

Outdated operating systems and software are the most common attack vector for hackers. In 2019, 60% of breaches happened because of unpatched vulnerabilities. Relying on a unified platform that handles both Windows and 3rd party software updates removes the burden of management, regardless of the number of endpoints you need to manage.

 

  • Mitigate exploits, close vulnerabilities and automate software patching.
  • Remotely deploy software and Windows updates and third-party updates.

Automated Patch Management solution will automatically install updates based on your configured policies, without the need for manual input. As soon as 3rd party vendors release new patches they are deployed to endpoints, without the need for reboots or user interruption. Set and forget.

What is Data Back-Up?

A properly established Backup and recovery is process is critical for Information Security. It ensures that your data is preserved in the event of a primary data failure. These can occur for many reasons such as drive failed, data corruption or a user or person-caused event, such as a malicious attack or accidental deletion of data.

 

  • On-premise or cloud storage of back-up data.
  • Data archiving preserves data for compliance or regulatory purposes.
  • Preserves integrity of data over its entire life.

Veeam is the world leader in backup solutions that deliver Cloud Data Management. Veeam provides a single platform for backup, accelerating hybrid cloud and securing data.

Acronis’s backup, anti-ransomware, disaster recovery, storage and enterprise file sync and share solutions are enhanced by its award-winning AI-based active protection technology, blockchain-based.

What is Data Encryption?

Disk encryption protects your information by converting it into unreadable code that cannot be deciphered easily by unauthorised people.

 

  • Full disk encryption will normally utilise Microsoft BitLocker or Mac File Value to ensure that data stored on a laptop can cannot be assessed in the event of loss or theft.
  • File encryption encrypts individual files and can be for secure messaging. 

Sophos SafeGuard encrypts content as soon as it’s created. Utilising Windows BitLocker and Mac FileVault for full disk encryption as well as featuring file encryption to encrypt files individually, Sophos SafeGuard is able to protect data everywhere automatically.

What is DLP (Data Loss Prevention)?

DLP is a technology that prevents leakage of sensitive information and business critical data on the network, in the cloud, and at the endpoints.

  • Remain Compliant – Ensure compliance and safeguard personal data with automated reporting.
  • Simplify Deployment and Management – Manage common policies and streamline incident workflows with flexible deployment options.
  • Data discovery and data in motion and data at rest controls.

Comprehensive data loss prevention in one suite – The suite includes our core data loss prevention components: McAfee DLP Discover, McAfee DLP Prevent, McAfee DLP Monitor, and McAfee DLP Endpoint. Centralised Incident Management and Reporting.

What is CASB (Cloud Access Security Broker)?

CASB (Cloud access security broker) is on-premises or cloud-hosted software that sits between users and cloud service providers to enforce security, compliance, and governance policies for cloud applications. CASBs help organisations extend the security controls to the cloud.

 

  • Enhance security when using cloud services such as office 365.
  • Discover “shadow “IT cloud services and see user activity with authorised cloud applications.
  • Identify sensitive data in the cloud and enforce DLP policies.

McAfee MVISION Cloud protects data and stops threats in the cloud across multiple cloud services from a single, cloud-native enforcement point.

Trend Micro Cloud App Security enhances Office 365 with protection designed to help you communicate and collaborate in the cloud by adding sandbox malware analysis and malicious code detection in PDF or Office documents.

What is Security Culture & Security Awareness Training?

Do your users understand the online risks?

Can they tell the difference between a legitimate email and a fake one?

 

Cyber Security must be embedded into everything an organisation does but whilst cyber security measures are widespread, security culture has not kept pace with the threat landscape. Every day the news highlights the latest data breech, ransomware outbreak or email fraud. An active security culture attempts to instil security awareness for all in an organisation to help prevent these online threats and the easiest way to start by regular security awareness training.

 

Developing a security culture and security training programme is the most effective way of protecting your organisation

 

  • Instil the concept that cyber security belongs to everyone.
  • Train, test, analyse and repeat. Threats change so should security training.
  • Make security awareness training fun and engaging.

KnowBe4 is the world’s most popular integrated platform for security awareness training combined with simulated phishing attacks.

What is Cyber Threat Intelligence?

Cyber threat intelligence allows you to leap ahead of the cyber threats and help identity indicators of Compromise such as IP addresses, usernames and file names. Sources often include social media and intelligence from the deep and dark web.

 

  • Evolve a predictive Cyber Security posture.
  • Allows organisations to develop a more energetic Cyber Security defence.
  • Better informed Cyber Security decision-making before, during and following an intrusion

SpyCloud safeguards the identity of all in your organisation with the world’s most comprehensive and actionable repository of compromised credentials.

Speak to us today

Tips, resources, and advice for remote learning Find out more