Education Archives - Page 3 of 3

What are the benefits of Sophos Intercept X Advanced with EDR?

February 22, 2021/in Education, IT Security, Latest Tech, Security /by Maciej Owsiany

Over the last few months, you may have heard the word EDR (Endpoint Detection and Response) banded around when talking about security products, but what does EDR really mean for you and your business? In this article I am going to explore EDR and the tangible benefits that you would see from having this product in place.

What is EDR?

Sophos Intercept X Advanced with Endpoint Detection and Response (or EDR) is an award-winning security solution that is built upon the framework of the Sophos product that so many of you use and know.

One of the simplest ways to look at it is like a cake made up of three layers. You may already have two of these in place:

Endpoint Protection – traditional anti-virus that detects and blocks threats in real-time. This is the signature-based piece of the puzzle something that every business should already have even if it’s from another vendor. It is looking at what is happening and checking it off against a list of known attacks.

Intercept X – anti-ransomware protection. This comes in the form of AI and Machine Learning driven technology which knows what your device should look like if you are working as normal. When you’re not, it uses a technology called CryptoGuard and detects any encryption attempt, reversing any encryption that has already taken place. This is your backstop and a way to protect yourself from unwanted changes. This is a technology many of our customers have and saw the value in having after the WannaCry outbreak of 2015.

EDR (Endpoint Detection and Response) – This enhances the ability to analyse an attack and see what happened, whether the threat has spread to other devices and if any data has been lost. This is new and this is less about what is happening and stopping it and more about the validation of how safe you were following an attack. Now this may sound counter intuitive, if the product is protecting you, why would you need to know what happened in an attack? To answer that simply we need to look at GDPR and the requirement to report breaches.

These components combined provide you with the whole protection cake. You have the ability to protect your data (these are the sponge top and bottom made up of Endpoint Protection and Intercept X) and then you have the knowledge that if something happens you can clearly report on what took place (this is the jam filling that completes your cake). Protection like this is second to none when coming up against today’s attackers, in a threat landscape that is every changing.

How does it work?

Sophos Intercept X Advanced with EDR combines proven endpoint threat protection with the power of advanced machine learning to identify and block malicious processes. Intercept X uses AI that detects malware without relying on signatures and monitors system behaviour for any changes that could mean a malware attack. SophosLabs then provides the knowledge to back it up.

Take a targeted ransomware attack as an example. Bad actors will try to brute force their way into a externally facing RDP server. Once in they will drop an encryption package onto the system and start to encrypt files. Intercept X will detect the behaviour, CryptoGuard will stop the encryption and EDR will be able to fully report on the events chain (source, root cause, beacon, when it was detected and if it has been cleaned) providing complete analysis. Additionally, EDR customers will have access to a SophosLabs Threat Intelligence report that further aids you in your decision whether to allow the suspicious file or not.

How does this benefit you?

Sophos Intercept X Advanced with EDR will increase your security footprint without the need for additional resources to look after the solution. You can be safe in the knowledge that the solution you have chosen is the best in the business. With EDR you will have all the tools you need to make sure that any detected threat has been stopped in its tracks!

I’m sure you know that if there is a breach and data is compromised, the Information Commissioner’s Office (ICO) have to be informed. As a result of this, if your security solution is deemed to be inadequate you will be subject to a substantial fine! Throw GDPR into the mix and you have the potential to be in serious trouble. With Sophos Intercept X accompanied by EDR, not only will you have an industry-leading security product, but also EDR ensures all details are captured for reference later.

So, should you become a target you will be able to prove where exactly the threat has come from, where it has been and if it has been dealt with completely.

From a resourcing view, investigating all detected threats and tracing their actions to ensure nothing has been compromised is a full-time role; EDR does this automatically and comprehensively so you don’t have to. You can search through 90 days so even if you have only been made aware of a threat you can wind back the clock and quickly see how it was dealt with.

How good is Sophos compare to the competition?

As you can see, Sophos Intercept X with EDR is industry-leading when put up against the competition:

Security as a Service (SECaaS)

Now sometimes it is all well and good having the tools yourself, but you may not have the inhouse skills or the time to make proper use of them, this is where our Security as a Service offering comes in – with SECaaS we will provide further peace of mind by monitoring your Sophos solution and remediating any alerts within an agreed timeframe. We will also provide you with periodical reports at an interval of your choosing showing the health status of your estate, complete with our recommendations to make sure you are as protected as you can be.

About Adam Harrison

My name is Adam, and I am a security-focused Technical Architect. It is my job to provide expert advice on security solutions and assist our customers with protecting their environment from viruses, ransomware, and other nasty attack vectors! My background is in Security as a Service, Infrastructure and Helpdesk Support; I keep myself up to date with the latest threats and security products, so you don’t have to!

If you want to talk to me about how Sophos Intercept X with EDR would fit into your business then please call 01235 433900 or you can reach out to me via DM or at [email protected].

Help us educate 200 of Oxford’s most vulnerable schoolchildren

January 25, 2021/in Education, General, Planet Heros /by Barry OBrien

The students of The Oxford Academy, an 11-18 secondary comprehensive located between the Blackbird Leys and Littlemore estates in Oxford, are incredible young people. With support and hard work, they will be the entrepreneurs, artists, athletes and leaders of Oxford in the future. Unfortunately, for many of them they come up against incredibly difficult economic circumstances.

Nearly half the students at The Oxford Academy are disadvantaged and therefore receive free school meals; many other families narrowly miss out on the criteria. This is more than double the average in most schools in Oxfordshire. Thirty per cent of children in Blackbird Leys, Littlemore, Rose Hill and parts of Cowley live in poverty (Indices of Deprivation 2019), making the areas in the top 20 per cent of the of the most deprived areas in Britain.

For the students at The Oxford Academy, a lack of access to technology is a barrier to learning and success. This is all the more apparent now during this time of national lockdown. Some children have to share a single device with 3 or 4 other siblings, or with their parents who are now trying to work from home, and some of them are trying to do everything on their phone.

This is particularly close to us here at Planet IT. Our Founders Sean & Gavin attended the school when they were growing up in Blackbird Leys.

We are asking you for your help!

To educate the 200 most vulnerable children, ask yourself, do you have a working laptop that you can spare? If you donate it, we will wipe and restore it, ready for a young student to learn.

What’s more, for every 2 laptops donated, we will buy a brand new Dell Chromebook to donate to the Oxford Academy.

Every laptop gives one more schoolchild at the Oxford Academy the opportunity to learn, be digitally literate and successful.

If you don’t have a laptop to donate, you can still help or even buy a new Chromebook using the School Trust’s Just giving page,

Please remember to mention The Oxford Academy Educate 200 when donating, as for the value of every 2 machines donated or cash donated, we will provide 1 more!

https://www.justgiving.com/campaign/RLTHomelearning

If you have a laptop to donate, please get in touch and be a part of offering pride, aspiration and opportunity to every member of our student community.

Call us on 01235 433900 to donate your laptop

Be Internet Safety Awesome … Start Them Young!

January 21, 2021/in Education, IT Security, Remote Working, Security /by Simon Williams

I, like many others, am currently home schooling. I have two gorgeous boys, but my god it’s tough working, especially with it just being the three of us…

In the muddled, jumbled up world of working and schooling, security (funnily enough) is still high up on my list. And something I thought I would share, to not only keep the small ones entertained, but also secure is a fantastic online tool that yours will love!

Interland is a game from Be Internet Awesome and Google. It helps make the most of the Internet, where kids need to be prepared to make smart decisions. It teaches the fundamentals of digital citizenship and safety so they can explore the online world with confidence.

Check it out HERE

Internet Safety I mean, it’s an awesome training game by Google, hats off. And Eddie, the one with the Nerf gun in the pic, loved doing it. So, now, pride of place on the fridge sits this certificate. You can’t start them too young!

With the many different balls I need to juggle to try and keep ahead of the curve in security, ensuring the end user is tested and trained on their cyber security knowledge is key.

Something that is a little more for the grown-ups is the KnowBe4 training platform. The market leader in cybersecurity training. It has millions of training videos, tests, articles and advice… the list could go on.

And then there are the phishing campaigns….. All in one central portal, and easy enough to set-up yourself, or if you prefer some more guidance and assurance, we can do it for you.

Training is key to any company, please speak to me if you have any requirements – [email protected]

Why do so many IT Projects struggle to complete on time and in budget?

December 7, 2020/in Education, General, New, Professional Services, Project Management /by Nick Johns

Project Management is a key skill and resource for any business. I think we can all agree on that. It’s a massive industry full of very clever people with accreditations, degrees and most using the latest, greatest software to make their difficult jobs a lot more streamlined and efficient.

Then why do so many projects fail or go so far over budget?

Go a little further, beyond focusing on project management in general, IT projects are notoriously difficult to plan, budget, execute and deliver within the expected timeframe.

The numbers behind these claims?

Almost 1/3 of IT projects go over budget, according to Forbes
1/5 overspend by an eye-watering 200%
Overspending is generally tied in with a schedule overrun, 70% longer on average
Only 2.5% of projects were completed totally successfully within the original scope, on-time and under budget, according to a PWC study of over 10,000 IT projects.
17% of failed projects threaten the survival of the business.

But what causes these failures? Is it the software? The goals? The approach? All of the above?

“Better software must be the answer?”

Let’s put that to bed straightaway. At Planet IT we are constantly approached by companies claiming to have the latest and greatest project management solutions that we can either use ourselves or re-sell to clients. Certainly, the right software package can make a job easier, but it’s a tool to use, nothing more.

“Should everyone be using SCRUM or AGILE techniques?”

Once again, these methods and techniques can help, but are like the software, not going to save your project.

“Unrealistic objectives, lack of set goals or milestones?”

Now you’re thinking along the right lines! It’s not necessarily the poor objectives, missing goals or even scope creep – it’s more the people that set the objectives and allow variance from the plan that’s the problem!

That’s right, projects struggle to succeed because of the people!

All of the software, tools and tricks are no substitute to a project delivered with proper processes, procedures, monitoring and communication, with a professional approach by an expert in that field.

You wouldn’t ask the best logistics PM to plan and execute an IT Project, just like you wouldn’t ask an IT PM to execute a skyscraper construction plan.

The problem isn’t that it’s an IT project. Complicated technology does not cause the shortfalls, it can be that the wrong people are operating and interacting with tech they cannot handle, poor SoW, Lack of information divulged by the internal project sponsor, senior people within the business changing the scope without understanding the process and the knock on affects, outside factors could even be business requirements change within the project delivery. It could be so many factors and so many reasons why a project can be delayed, changed, late or even fail. It all comes down to proven processes within the Project Management of each stage of the project and ensuring that the whole team fully understands and follows it.

Learning in Practice

Our IT project managers, as well as the top PM’s at other big IT companies, have years of experience behind them. They have delivered countless large and complex tasks. They have become proficient on the job, spending time in the trenches building that competence through actually doing it! They are recruited and nurtured due to their previous successful project experience, their leadership abilities, their communication skills, their ability to work in teams and the basic skills and competencies necessary to complete technology projects successfully.

Evolution

Technology is constantly evolving. We hear that all the time. However, so too is the IT project manager. They grow with the latest tech, software, practices and executions. We regularly see (but rarely ask) our PM’s to complete training in their spare time. They live and breathe their work and thrive on being the best at delivering structured solutions to complex dilemmas.

At Planet IT, we’re very lucky that we are high level partners with the major technology vendors. It means we have access to new training as soon as it’s available. And to the experts who flourish on being the best… well, they feed on the knowledge that they are at the top of their industry and strive to prove it though delivering time and time again.

Communicate Clearly and in Time

Pair that technical expertise to the ability to communicate effectively and you’re looking at a very good IT Project Manager.

Some people are genius at what they do. However, sometimes they struggle to get a point across. IT experts often have a bad reputation for talking too technical to people not as technical as they are. It’s a reputation that is unfortunately earned for a reason. Points need to be shared business wide. There are going to be stakeholders that don’t have the expertise of others, but still need to understand how all cogs work together.

Building the right plan, with clear milestones and deliverables is essential. Having just that yet not sharing it succinctly is criminal. As is not sharing updates, wins and any hic-cups that might arise – because they often do, out of anyone’s control.

Unforeseen problems do occur throughout almost all projects, communicating in a timely fashion to the project sponsor, building in captures and following the process when something doesn’t quite go to plan. Change of scope is never good to hear however it’s better to communicate at the source and when the issue occurs rather than sitting on the problem, this helps drive a new albeit slightly different path for the Scope of Work at the earliest point rather than waiting for further problems or longer delays.

The Planet Difference

At Planet IT, we believe in the Planet difference: our experts’ abilities, determination and commitment to the project. They never leave a project unfinished and to always resolve the unexpected, wherever it occurs.

Good PM’s are here to lead the way, ensuring due process is followed and goals are achieved on budget, on time and as expected.

How do we do this?

✅ Strategy – Initial audits, research, and advice
✅ Design – Clear solution designs against business case
✅ Transition – Project approval through to project start and procurement
✅ Operation –Implementation and monitoring
✅ Improvement –Change management and client review

If you’d like to take a closer look at our process, we’re happy to offer a free walk through of our proven project formula for those companies looking at IT changes and might want a professional help – just send me an email to arrange – [email protected]

Similarly, if you’d like to read more about our work, check our our Project Management page or download our Skills Matrix:

PLANET IT SKILLS MATRIX

Conclusion

Certainly, IT projects are difficult. There are lots of things that can be pointed out as the cause of failure:

Clear project process
Poorly defined scope
No use of formal methods & strategies
Lack of communication
No defined goals & milestones
Failure to track progress
Quick and Responsive to necessary changes
Ineffective leadership
Poor technology
Lack of detail
Cultural differences

… but what do all of these have in common? The people that deliver the project.

Start there. Get the right, qualified, experienced and proven people to run a project.

Do it right, the first time!

Email Security – The biggest scope for an attack

October 21, 2020/in Education, IT Security, Software /by Barry OBrien

There is no bigger scope for attack on your organisation than e-mail.

We all use it. We all have stacks of it. And we have all fallen for some gimmick or promise. Or not even that, spoofing, where you thought Stuart in Product Development was genuinely asking you out for dinner and so needing you to send back you phone number! Only to then get inundated with phone calls as you’ve given your number out to the bad guys. (Yes, ready meal for one coming up).

Our very own dreamboat Adrian Sweeney was spoofed recently (thankfully, we’ve done our training!)”.

There is no off switch. I wish there was. It’s my most asked about security concern, and so it should be!

Even the Mimecasts or Barracudas of this world can’t catch everything, it’s a constant game of cat and mouse, and sometimes the mouse wins!

What WILL help against this constant barrage of spam, is Email protection. (It is scary how many companies out there still don’t have ANY). And in fact, if you don’t have it, you are either crazy or bonkers. There are SO many vendors out there. Ones I like, Mimecast, Barracuda and Censornet, (less known but works well).

And……..

So you’ve got the security guards checking the e-mails, if your names not down, you’re not coming in……Well what happens if it still gets in?

Yes – This big cost you have just forked out has still let spam in. As mentioned before the mouse won….

A solution – Simulated fishing campaigns… One company name that stands out for me on this one, market leader KnowBe4.

It’s easy to use and set-up, and you can safely send simulated email phishing attacks to your staff AND if they fail, they get sent the correct training to help them not do it again.

It’s easy to keep track of who is having issues, and it helps you tailor the campaigns to better suit the business you run. This only helps you get the best from the product.

Sorry, that one went a bit salesy. But only because it’s important and we can help you. If you would like a proof of concept at no charge, or discuss how Planet can just take care of all this for you contact: [email protected]