I provide cyber security services to small businesses in Kent, that use the Office/Microsoft 365 productivity suite.
365protect is the service I offer to backup and protect your Microsoft 365(formerly Office 365) business data.
Did you know that Microsoft does not backup your Microsoft 365 emails, files, folders or data!
They offer 14 days retention for recovery of emails as default and if you change the setting, you can get 30 days. We know about anti-malware, phishing and spear phishing and your workstations and servers should be protected but what is protecting your cloud data, certainly not your server and workstation based protection. Once your business email addresses are compromised do you know when they are being traded on the dark web ready for a phishing attack?
A Cloud Backup Suite for Microsoft 365
Microsoft 365 is the number-one cloud-based productivity suite, with powerful tools for communication, collaboration, and content creation. More and more businesses are moving from various source email systems to take advantage of all that Microsoft 365 offers.
To protect that data, Microsoft provides geo-redundancy which just mirrors the current data across different servers. Delete a file and it gets deleted across all the servers.
You will also get limited data retention. That means you must realise the deletion, loss or malicious activity has occurred and the restoration must take place before,
14 days (can be extended to 30 days) for Exchange online
180 days for SharePoint and OneDrive for Business
30 days for Groups/Teams
There are also premium features for legal and compliance issues. These features require a higher-priced Microsoft 365 licence, are not designed to quickly restore lost data, and require technical expertise to even restore a single mailbox. It takes 5+ hours to restore a single email using Legal Hold.
I offer full and unlimited backups, up to six times a day of the entire suite, Exchange Online, SharePoint for business, OneDrive for Business and Teams. With unlimited retention, restoration within minutes and full encryption of your data in transit and at rest.
 Exchange Online • Email, Shared Mailboxes, Calendar, Contacts • Tasks, Notes, Journal • Public Folders |  SharePoint for Business • Classic Team Sites • Subsites • Lists • Files and versions |  OneDrive for Business • Full account • Folders • Files and versions |  Teams • Conversations • Calendar • Files and versions • Notebook • Modern Team Sites |
Email Security for Microsoft 365
So each of your workstations and servers have anti-malware, anti-phishing and ransomware protection. What about the biggest single point of entry to the entire organisation, your Microsoft 365 suite. One breach via email can allow the bad actor into the entire suite and therefore access to all your company data. As its in the cloud none of your workstation or server protection is even looking there.
Most email security software, diverts your emails from your Microsoft 365 environment to quarantine it, then sends it back, totally bypassing the Exchange Online Protection. As it is working outside your Microsoft 365 Environment any malicious email let through can then freely pass between employee accounts, accelerating its spread.
I offer Anti-Spam, Anti-Malware, Anti-Ransomware, Anti-Phishing and Anti-Spear Phishing email protection fully integrated into Microsoft 365. It adds to the Exchange Online Protection and adds internal email scanning. Continue using the familiar 365 environment, no need for additional training for staff. You remain in control of your data because nothing is being diverted off for quarantine.
Dark Web monitoring
Did you know cybercriminals may use hacked or public information to imitate important company figures to steal data and commit fraud?
These are called Business Email Compromises. Here’s what to look out for.
- The message is from an important or trusted company figure who would not normally contact you directly.
- The message asks you to spend money, or make a wire transfer on behalf of the sender.
- The message implies the request is urgent, sensitive, or secret.
Consider what you post publicly on social media. Could a criminal use your information against you?
Where is this information available to use against you? The dark web!
A term you may have seen floating around in cybersecurity circles is “the dark web”, usually in the context of ‘dark web monitoring services’ or similar. But what is the dark web anyway?
CS Online defines the dark web as “the part of the internet that isn’t visible to search engines and requires the use of an anonymising browser to be accessed”.
The ‘dark web’ has dark connotations which aren’t unwarranted – most activity that takes place on the dark web is illicit, and frequently deals with the buying and selling of goods and services that are not available for sale in legal markets – think credit card numbers, social security numbers, email addresses, site logins from data breaches and similar.
This is why ‘dark web monitoring’ is a service that exists for businesses-providers. These services use sophisticated software to search the dark web for the information of their clients that might be available in data breach logs and other leaks.
The dark web isn’t completely illegal activity and subterfuge, but it’s problematic enough to warrant the use of dark web monitoring services if you’re concerned about the possibility of your information floating around for purchase by an anonymous dark web user.
I offer a dark web monitoring service per domain, so it doesn’t matter how many users you have. It is working 24/7 to continually monitor for your compromised credentials and Personal Identifiable Information. When a new breach takes place you are immediately alerted, so you can better protect your business data from compromise.
