IT 4 Offices

Call us - 0333 332 6600

Pro-Active Support

At IT 4 Offices we use a state of the art monitoring software to ensure your systems are running and kept running, preventing downtime where possible and ensuring you are in running your company using your IT systems effectively and not allowing your IT to prevent you working.

Pro-Active IT

IT Migration

Whenever a system change is required within a business, a migration process is used to ensure that important company and client data is kept secure and accessible.
Including: Cloud, Virtualisation or Mergers/Buyouts

Migration

Email Security

Are you fed up with adding senders to junk lists.   Many of our clients using our spam filters now have the time to work without interruption from constant adverts and unimportant spam emails, as well as having the peace of mind that they are protected by multi-layered virus protection.

Email Security

Network Design

IT 4 Offices have developed a solutions portfolio that enables the provision of full end-to-end infrastructure solutions.
This range enables us to provide our clients with both a tailored and integrated solution to their entire infrastructure networking needs.

Network Design

Principle of Least Privilege and Multi Factor Authentication

Principle of Least Privilege and Multi Factor Authentication

IT Security has always been important, and as many businesses grow and utilise cloud-based systems the need to fully secure them has grown increasingly.

When you own the IT equipment and know where your data physically is, it is easy to work out your boundaries; ensuring your servers are locked up and your data is backed up. 

As technology has changed and allowed the data to be accessed from any part of the internet connected world the physical boundaries have changed. The need for data backup has not changed, whether it is an accidental corruption or due to a software update or the latest malware which encrypts your data, the ability to restore data from a backup will always be needed. 

Creating layers within a system adds to its complexity but also its security. Ensuring your users have access to only the data they need vs everything just in case is of key importance. 

This is known as the Principal of Least Privilege. (This means that any user, program or process should have only the minimum privileges necessary to perform a task.)

The process for securing systems requires a number of steps:

  • Conduct a privilege audit. Check all existing accounts, processes, and programs to ensure that they only have the permissions required to do the job.
  • Start all accounts with least privilege. The default for all new account privileges should be set as low as possible. Only add specific higher-level powers as needed to perform the job.
  • Enforce the separation of privileges. Separate admin accounts from standard accounts, and higher-level system functions from lower ones.
  • Use just in time privileges. Wherever possible, restrict raised privileges only to moments when they are needed. Implement on expiring privileges and one-time-use credentials.
  • Make individual actions traceable. User IDs, one-time passwords, monitoring, and automatic auditing can make it easier to track and limit damage.
  • Make it regular. Auditing privileges regularly prevents a situation where older users, accounts, and processes accumulate privileges over time, whether they still need those things or not.

Least Privilege Examples

A member of the accounts department who has access to read only the company bank records and match them to the accounts system; receives a spoofed email asking them to transfer funds a 3rd party. As they do not have permission to send payments, they would have to request further authorisation or deny the request. 

If the same person opens a link which infects their computer with a zero day virus, only their files and systems which they have access to maybe affected but the whole system would not be.

Even restricting IT departments so that they have a separate admin account that is used for admin tasks, but is not their user account helps to ensure that if their own account is compromised for any reason the whole system is not affected. This is known as just in time privilege.

 

Multi-Factor Authentication

Microsoft Office 365 provides a wide range of applications and services which can be accessed via a single sign on process. This all sounds great until the password is compromised.  Key individuals such as directors, IT admins and office managers are targeted by malicious persons who would benefit from accessing all or even some data found on the office 365 platform in email or OneDrive, Microsoft has its own security solution called MFA (Multi-Factor Authentication) which adds a 2nd layer of authentication to allow or deny users from accessing their systems.

Office 365 Multi-Factor Authentication will send an SMS/TXT message to a mobile number or via the Microsoft Authenticator app which is setup in advanced. 

For some non-Microsoft applications which may need to integrate with the office 365 email, Microsoft offer a separate password which is setup for individual apps and is randomly generated by Microsoft and are not editable.  

The above is only a brief outline as to how you can keep your systems and data secure. If you feel that you would like to discuss in further detail how we can help, then please give us a call on 0333 332 6600

SMB IT Support

If you are a business owner/manager and would like to discuss outsourcing your IT support, give us a call and speak to one of our team

SMB IT Support   Ad-hoc Support

IT Supply

If you have a hardware or software requirement or have a project you would like to discuss, give our team a call

Hardware   Software   Hosting

Partnerships

At IT 4 Offices, we have formed strong relationships with industry recognised businesses to provide our clients with the best systems that they require to run their daily business tasks.

   
 
 
 HP Cisco
Draytek Synology

Contact Us

Call on 0333 332 6600

52 Halcyon Close
Witham,
Essex. CM8 1GY

follow us on twitter follow us on google+ view our youtube channel like you facebook