Security, security, security. You’ve probably heard a lot about it lately. But that’s because there’s always something new coming along to threaten it.
And as those threats evolve, we evolve our response. So over the past 18 months, we’ve expanded and improved our approach to security.
- It started with establishing a dedicated security team.
- We added new services, such as an email phishing test.
- And over the past few months, we’ve been bringing it all together with new names and a new strategy under the concept of 4Pillars™.
4Pillars™: a comprehensive security approach
IT security has four pillars: governance, policy, prevention and recovery.
Any of them will go some way towards holding your organisation up, but the fewer you have, the greater chance there is of it all falling over. Because each contributes a different kind of protection.
Think of your house. You probably have insurance, to cover yourself if things do get stolen. But it’s best to avoid getting to that point in the first place. So you put physical security in place, like locks on your doors, security catches on your windows; maybe a burglar alarm. Possibly a moat, if you’re super-keen.
But none of that is any good if you forget to lock the door. Or leave the windows open. Forget to set the alarm. Leave the drawbridge down. Or even put a big ol’ sign outside that says “we’re not home. And everything’s unlocked”.
It’s the same with your IT security. So that’s why we’ve brought it under this new 4Pillars™ concept: to emphasise the importance of addressing your security from all angles.
4Pillars™ covers your security from four angles
If we hadn’t already overloaded this with analogies, we might compare these four pillars to members of The Beatles. All good on their own, but together they work even better.
Governance: to coordinate everything and set a good direction
That’s someone on your board and in your management actively involved in security issues, and an overall security strategy for your organisation. You need that pillar to make sure your security is being taken seriously.
Policy: to make sure everyone does what they need to do
That’s having plans, policies, procedures and processes in place so your staff know what to do. Like making sure everyone knows to lock the door before they go out.
Prevention: to keep the threats at bay
These are a lot of the technical measures you might be familiar with: anti-virus, firewalls, and a few other clever measures to keep you safe.
What we do: Provide a comprehensive range of prevention services – UserShields, which protect individual users/workstations; and SystemShields, which protect your system as a whole.
Recovery: to get you back on your feet if something goes wrong
Sometimes you will be caught out. This makes sure you can retrieve your data and systems if something goes wrong.
What we do: tailored backup and disaster recovery services to keep your data safe
Changes to our prevention services names
As part of this new approach, we’ve renamed some of our existing prevention services, and put them into two categories. If you’re signed up to any of these, you’ll see the new names from next month’s invoice.
UserShields: protecting individual users/workstations
- MailProtect: Email Spam Filter (formerly CloudShield) – Protects you from email threats, such as viruses and scams.
- ScamProtect: Scam Awareness Training (formerly Email Phishing Awareness Campaign) – Assesses and improves how your staff respond to scam emails and suspicious attachments.
- UserProtect: Workstation Anti-virus – Protects your users/workstations from viruses and malware
SystemShields: protecting your system as a whole
- ServerDefence: Server Anti-virus and Intrusion Prevention (formerly Deep Security) – Defends your servers from viruses and malware
- NetworkDefence: Firewall – Defends your entire network from automated or manual hacking
- ExternalDefence: External Vulnerability Scans – Proactively scans your system and reports on any weaknesses exposed to the internet