IT Cyber Security For Our Financial Services Client

Managed Print Provider

Since January 2020, Windows 7 Operating System is not supported by Microsoft anymore. This means any PCs still running the software no longer receive security updates, software updates, or technical support for any issues.

Many small businesses are not aware of the potential impact and implications of not running the latest software releases. Their approach? “If it ain’t broke, don’t fix it”. Unfortunately, this mindset will cause systems to be compromised at some point as there is no further maintenance available to protect their operating system from cyber attacks if they still use Windows 7.

On the upside, this Windows 7 end of life status has incentivised some of Espria’s clients to undertake a review of their IT systems. 

Our client’s issue : an IT system vulnerable to threats

One of our clients has used the cessation of the Windows 7 platform to look at their complete IT infrastructure and ensure that it is as secure and reliable as it can be.

The team here at Espria performed an audit of their IT systems.

Several areas in need of improvement were identified, including:

    • Multiple anti-virus products being used throughout the organisation but also on some machines!
    • Different versions of Microsoft Office being utilised, including Windows 2007, and desktops running multiple Windows Operating Systems
    • Windows Updates not being applied to all machines
    • Large levels of spams received on a daily basis
    • Many web browsers in use
    • Administrative rights granted to users on their desktops
    • Simple passwords used and shared amongst all users
    • Remote user laptops only secured by simple passwords
    • All users provided with remote access to the server, whether it was actually required by the business or not

Laughing people

Our solutions : new processes

Whilst the above was not causing any problems from an operational perspective, clearly this is not best practice as to how IT systems should be maintained.

Through the introduction of new processes and a small investment in hardware and software products, we were able to address each of these concerns within a short space of time with minimal disruption to the userbase:

  1. Whilst the above was not causing any problems from an operational perspective, clearly this was not best IT practice.

    Through the introduction of new processes and a small investment in hardware and software products, we were able to address each of these concerns within a short space of time with minimal disruption to users:

    1. We introduced a modern, anti-virus solution with central management, update services and reporting.
    1. We migrated all users to Office 365, ensuring that the same version of the Office product was used and automatic updates were carried out.
    1. We standardised Windows 10 operating system across all machines, performing in-place upgrades where possible or machine replacements where hardware was not suited to the new environment.
    1. We configured Windows 10 to perform updates automatically in the background to ensure that all users are on the latest security release.
    2. With the migration to Office 365, this has automatically provided a level of spam protection : only required emails are allowed to go through.
    1. We agreed with the business that only 2 Web Browsers should be used and removed non-supported products. We configured automated updates to ensure that the latest product versions are always present.
    1. We removed administrator rights from all users to ensure that their desktop environment cannot change so that no additional software can be installed.
    1. We introduce complex passwords to ensure a minimum level of characters, as well as password change enforcement every 30 days.
    1. We enabled encryption services on remote laptops prior to Windows starting so that the data cannot be accessed without an initial key being entered to allow the machine to start.
    1. We reviewed all remote user access to ensure it was restricted to only those that need it. In addition, a secure Firewall with VPN Services was installed so that remote users have to authenticate against the Firewall before they are given access to the network.

If your business is not up to date with IT security, your systems are at risk of being compromised.
So it’s imperative you remain a step ahead with your cyber security.

Dene, our Expert

The Results

These steps have led to an improved IT offering for the business’ customers while ensuring the company is better protected against cyber attacks.

We will continue to review the installation every 6 months to ensure that the levels of protection and policies used remain adequate.

In this post

    You may be interested in

    Businesses are losing money and jeopardising security to IT sprawl and quick fixes, says Espria

    IT Leaders must take action on unchecked technology sprawl and shadow IT that are draining budgets, increasing cyber risks, and complicating their digital environment. According to a recent study, budgets towards insider risk management have doubled in the past 12 months, with 81% of business leaders looking to secure their internal business infrastructure as geopolitical tensions escalate and remote workforces become the norm. ‘Digital transformation ushered in new possibilities and solutions for computing, but it also introduced a potential for sprawl that burdens IT teams everywhere,’ said Brian Sibley, Virtual CTO at Espria. ‘When faced…

    Read the article

    Espria launches Espria Connect, enhancing Microsoft Teams with Advanced Unified Communications

    The new product, Espria Connect, isn’t just another telephony solution. It’s a game-changer, offering a cost-effective, scalable, and secure telephony solution for SMBs, mid-market and enterprise customers. Combining the power of Microsoft Teams with Cloud-Based Unified Communications, Espria, the leading managed services provider, is excited to introduce Espria Connect. This powerful solution streamlines business communication infrastructure and addresses the growing demand for a unified communication solution that supports hybrid work environments. Designed for businesses of all sizes, Espria Connect allows users to manage voicemail, make and receive calls, and access a diverse range of other…

    Read the article

    Reimagining education: How AI is changing the way we teach, learn, and collaborate in schools

    Technology has long been used by educators to support teaching and operations, facilitating staff with a wide range of platforms and resources. A particular tool that has sparked both controversy and curiosity is the inclusion of artificial intelligence (AI). A study by BCS, the Chartered Institute for IT, found that most teachers are reluctant to use AI for pupil learning with 84% of educators not changing the way they assess their students’ work. This comes after Ofsted recently launched an independent review on the use of AI in schools and how to develop the understanding of…

    Read the article

    Espria launches CSP renewal assessment service

    Leading managed service provider launches new service to address the costs associated with software sprawl, helping to drive down OpEx as businesses increasingly feel the financial squeeze. Espria, a leading digital solutions provider, has launched a free M365 Licence Assessment programme to help businesses save costs by reviewing existing licence estates and identifying those licences not in use or no longer being utilised. With Microsoft recently changing how they sell and structure licenses, businesses must now reassess their current M365 licenses, looking for ways to reduce costs and keep the capabilities they need as they…

    Read the article

    Your guide to leveraging NCE pricing to get the best value

    Renewing your Microsoft Licensing Agreement is an opportunity to align your IT strategy with your business goals. It allows you to take advantage of the latest technologies, optimise costs, and ensure compliance with industry standards. While this might seem straightforward at first glance, to achieve the best value and biggest discounts, it’s often more complex than it appears and navigating the renewalprocess requires careful planning. In this Blog we will walk through what you need to know about the new Microsoft Licensing rules,when to get the best value from your renewal, and how to review…

    Read the article

    Loving your customers with AI, cybersecurity and peace of mind with MSP support

    2024 has marked a massive shift for SME IT needs, as creating an appropriate and optimised business strategy has become an increasingly difficult challenge for business owners and IT operators nationwide.

    Read the article