Microsoft has commercially released new products and upgrades that will secure company information. The threat intelligence and data governance features are designed for businesses that adhere to strict regulatory guidelines and need an extra layer of protection against cyberattacks. Here’s a detailed look at what these Office 365 additions can do for your business. Threat Intelligence Threat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks. What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content. Advanced Threat Protection (ATP) upgrades In addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure. ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection. Advanced Data Governance The newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks. Data loss prevention enhancements Last but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately. Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting Multi IT on 011 435 0450 today! Alternatively visit our website for more information.  

Cybersecurity didn’t become more important in light of the WannaCry ransomware epidemic, it just became more visible to the average internet user. If like so many others, you’re auditing the security of business’s software, web browsers are a great place to start. Learn more about how your browser choice stacks up in your security comparison. Microsoft Internet Explorer (IE)/Edge Despite their nearly identical logos, Edge and IE are actually different browsers with vastly different security strategies. Microsoft’s legacy browser, IE, isn’t even fully supported anymore. The most recent version still gets occasional updates, but experts don’t expect that to last for long. If any website or services claims to require IE to run, consider that a possible red flag. Windows 10’s default browser, Edge, is a different story. This browser uses a technology called virtualization to create safe spaces to open and test links before granting a website’s programming code full access to a computer and user. Edge is based on the same software as IE, and the majority of its security improvements come from scrapping the browser’s customizability. If you’re okay with a fairly inflexible browsing experience, Edge is a good option. Apple Safari Safari is to Macintosh computers what IE is to Windows machines. Safari comes pre-installed on OS X and it has a long history of battling malware. Its security programming has been bested a number of times, but usually in research settings. The commonly held belief is that Safari just doesn’t have enough users to make it a profitable target. Apple has a history of responding quickly to malware, but we don’t recommend leaving anything to chance. Mozilla Firefox One of the earlier third-party web browsers to gain popularity was Firefox. Unfortunately, it just can’t keep up with the competition. In just one example, all the data from browser plugins is stored in the same location, which means a compromised add-on could easily gain access to the data stored in a password manager. One of the reasons that Firefox continues to stick around is its commitment to privacy. All the other browsers on this list profit from analyzing (and sometimes selling) your browsing habits, while Firefox has cornered the market on privacy. Security and privacy should never be confused, but if the latter is more important to you and you aren’t installing third-party plugins, Mozilla is an OK option. Google Chrome Chrome is used by almost two-thirds of all internet users, and for good reason. Like Edge, Chrome also uses virtualization to create a quarantined space between the internet and your computer. Additionally, Google issues routine security updates to its browser more frequently than any of the others on this list. There is near unanimous consent among experts that Chrome is the safest of all web browsers. Privacy however, is a whole other ball game. Pretty much every action you take using the Chrome browser is tracked, stored and analyzed. That’s not to say that your email isn’t encrypted or your saved passwords aren’t safe, it just means you have much less control over your internet identity. Being aware of how your web browser stacks up against its competitors in the cybersecurity game is only a fraction of the battle. WannaCry spread to uninfected systems through a gap in the Windows security framework, and most other ransomware infections prey on human error. What your business needs is a comprehensive security audit. For more information, call Multi IT today on 011 435 0450 or visit our website!

No one can escape the news of WannaCry. The IT industry has been covering this type of malware for years, but never has one campaign spread so far or infected so many computers. Read on to gain a greater understanding of what happened and how to prepare yourself for the inevitable copy cats. Ransomware review Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989. This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data. The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry. The WannaCry ransomware Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult. By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years. Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments. How to protect yourself for what comes next Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading. Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack. Every single day it should be your goal to complete the following: Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents. Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.” Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business. Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call Multi IT today on 011 435 0450 or visit our website!