Advisory and Assessment

Cybersecurity is a general term for protecting computers, networks, and sensitive information from cyber threats. Small and medium-sized businesses must prioritize cybersecurity measures, as they are often prime targets for cybercriminals due to weaker defences.

A breach can lead to substantial financial losses, damage to reputation, and legal issues. By investing in cybersecurity, businesses can safeguard their data and maintain trust with clients and partners, ultimately ensuring their continuity and success.

Cybersecurity has become a critical priority in recent years for several key reasons:

Surge in Cyber Threats - There has been a notable rise in cyberattacks, including data breaches and ransomware, with criminals becoming increasingly sophisticated.

Digital Transformation - As businesses adopt cloud computing and remote work, the attack surface has expanded, revealing new vulnerabilities.

Value of Data - As companies have become more digitally dependent, their data has become more valuable and is now a prime target for attackers and extortionists. Securing it is crucial for maintaining customer trust.

Social Engineering - Criminals' use of new advanced AI-driven tactics necessitates heightened awareness and training to prevent information compromise.

Regulatory Compliance - Stricter data protection laws require organizations to protect personal data, with significant penalties for non-compliance.

Geopolitical Factors - Increased cyber warfare and state-sponsored attacks emphasize the need for robust digital security.

Prioritizing cybersecurity is now essential for safeguarding data, maintaining customer trust, and ensuring continuity in today’s heavily computer-dependent businesses.

The Canadian Centre for Cyber Security is an excellent resource for Canadians to learn about cybersecurity.

We appreciate that this is a vast and intimidating subject, so if you want to learn more about cybersecurity and how it affects your business, don't hesitate to contact us anytime.

This question can only be definitively answered with research and consultation.

Cutting through the marketing hype - There is no cloud. It's just somebody else's computers and networking equipment.

Without documentation from the vendor detailing how they secure their Amazon, Google, or Microsoft cloud infrastructure and data backup procedures, we must assume that the hosted data is unsafe.

When researching cloud-hosted software, always ask about the security tools and backup procedures they implement to ensure your data's safety.

A reputable vendor that offers cloud-based applications or services will share generalized information about its security protocols, backup procedures, insurance coverage and certifications. In contrast, companies lacking security and backup procedures often use vague statements like, "We use Amazon/Google/Microsoft; it's safe," or "The security and backup information is proprietary and confidential."

It is also essential to ask the vendor where your data will be stored to comply with data sovereignty regulations and what data export tools are available to ensure your data can be migrated to alternate platforms should the vendor cease operations.

No. None of the Microsoft 365 and Google Workspace account data is backed up.

These services replicate data for accessibility and redundancy, meaning that users can quickly delete or alter files, leading to potential permanent loss. They also fail to protect against external threats like ransomware.

Relying solely on these platforms without a dedicated backup strategy puts your critical data at significant risk.

No. Popular cloud services such as Dropbox, Google Drive, and OneDrive store data with redundancy to ensure availability; data is duplicated across multiple servers to prevent downtime if one fails. However, this redundancy does not serve as a backup.

A backup is a separate copy for recovery in case of data loss, corruption, or deletion. While redundancy keeps data accessible, it doesn’t protect against complete data loss events like user errors or malicious attacks. Therefore, it’s crucial to maintain your backup strategy for essential data.

Canada has strong federal and provincial privacy laws, so you must know where your data is stored.

Surprisingly, few cloud service providers have Canadian-only data storage, meaning your information is likely to be stored in the United States and is subject to foreign laws, rules, and regulations.

It is challenging to track which service providers guarantee Canadian-only data storage to comply with data sovereignty regulations.

We've all done it - a collection of photos is too large to email, so they get shared through OneDrive. Does anybody remember to remove the shared folder?

It is difficult to monitor and control what staff have publicly shared data through popular file-sharing services, but it is possible.

It requires two of our security tools combined to effectively enforce this type of data loss prevention (DLP), but yes, we can prevent file-sharing service data loss.

Yes. One component of our Sentry Security Platform is specifically designed to prevent this. We can block all SharePoint sites and allow only those management deems necessary for business operations.

This, combined with our email identity threat detection and response component, dramatically reduces unauthorized or accidental account credential sharing.

No. Email is not a secure communication method. Sending passwords via email is risky, as it can expose sensitive information to hackers through compromised accounts and phishing attacks. Many email providers do not encrypt messages, leaving passwords vulnerable. Instead of relying on email, it is essential to use secure password managers or encrypted methods for sharing sensitive information.

Storing passwords in plain text documents, such as Excel or Word files, is unsafe.

Modern tools can quickly extract passwords from these files, making any protection they offer ineffective. Instead, it’s better to use a password manager, which securely encrypts your passwords and adds an extra layer of protection. If you must store passwords in a document, consider encrypting the document and using a robust and unique password for added security.

Storing credentials in plain text documents such as Excel and Word files is so common in businesses that our security tools actively hunt for, detect and warn users of their existence.

A password manager is a vital tool for both convenience and security. It securely stores and encrypts your credentials, allowing you to access them easily with one master password, hardware key, or biometric scanner (fingerprint).

This simplifies your login process while enhancing security by promoting strong, unique passwords that reduce the risk of cyberattacks. By easing the burden of password management, a password manager helps you protect your information while enjoying seamless access to your accounts.

Multi-factor authentication (MFA) is an essential security measure that requires two or more verification methods. It makes it much harder for unauthorized users to access your accounts.

By combining something you know (password), something you have (mobile device), and something you are (fingerprint), MFA strengthens your defences against cyber threats. In a digital world where passwords can easily be compromised, MFA protects your data, financial information, and sensitive business assets.

Prioritizing MFA is vital for safeguarding your security.

Two-factor authentication (2FA) and multi-factor authentication (MFA) are related concepts but are not the same.

2FA is a type of MFA that requires two distinct verification forms to access an account. This typically involves something you know (like a password) and something you have (like a smartphone for receiving a code or an authenticator app).

MFA encompasses any authentication method that requires more than one form of verification, which can include two or more factors. MFA can combine something you know, something you have, and something you are (like biometrics).

Yes! Our RMM tool monitors computer hardware and software for faults, failures, security threats and warranty tracking. We do not have unattended access to individuals' computers and can not view what you're doing.

Yes, but there are legal limitations.

Canada boasts some of the world's strongest federal and provincial privacy laws, affirming that all Canadians have a fundamental right to privacy.

Every business should implement an Acceptable Use Policy (AUP) that employees are required to review and sign annually. This document clearly states that company computers are monitored and defines acceptable and unacceptable behaviour on the company’s network.

Consult with legal counsel for further guidance on this subject.

VPNs, or Virtual Private Networks, are critical tools for homes and businesses that demand online privacy and security.

By encrypting internet traffic, VPNs effectively guard sensitive data against interception by malicious actors.

In a world where Internet Service Providers (ISPs) actively track and sell users' browsing habits, taking control of your online privacy is imperative.

A VPN protects your browsing activities from unwarranted scrutiny and delivers secure remote access for employees to company networks. This ensures that vital information remains confidential, regardless of location.

Investing in VPN technology is necessary for defending your digital life and fortifying business security.

Zero Trust Network Access (ZTNA) is a security model requiring strict identity verification for anyone accessing network resources, regardless of location.

This approach is vital for businesses, as it effectively reduces the risks of data breaches and insider threats. By assuming that threats can exist within the network and enforcing least-privilege access, ZTNA ensures that employees only access the resources essential for their roles.

Adopting ZTNA is a strategic necessity for any organization aiming to enhance security in an increasingly digital world.

We specialize in business-class computers from Dell and Lenovo, specifically designed to meet the rigorous demands of professional environments.

These systems provide superior performance and reliability, come with Windows Professional operating systems, and include a minimum three-year on-site warranty. Additionally, they feature anti-glare display panels and biometric security measures essential for efficient multitasking and data protection.

By prioritizing quality, we equip our clients with the best tools to excel and succeed in their operations.