Cyber Security Education, Office 365 and the use of HTTPS
Welcome to our August version of the Kaon Newsflash. This month we cover topics including cybersecurity education, ensuring your Office 365 environment is secure and the use of HTTPS.
Education and Awareness
Finding engaging cybersecurity education and awareness content can be a challenge and involves a degree of trial and error. However, with an upfront Behavioural Risk Assessment of your audience and then access to an Adaptive Library of content you can create a program that has impact.
An Adaptive Library provides a range topic groups and/or topics options that you can select from, to assemble and form a training course that meets your unique needs. Topic groups - like PCI Security Standards - might form a course by themselves, while others - like Safe Computing - might be combined with another area of interest. Currently the Adaptive Security Library we have available is extensive and includes examples such as -
- Security Basics
- Security Awareness
- Security Awareness with Privacy Principles
- Security Awareness for Privileged Users
If you would like to run a free Behavioural Risk Assessment for your team then contact us. The assessment report comes as a personalised infographic of behavioural risk within in your user population, with actionable insights and recommendations in a follow up consultative session.
Ph: 09 570 2233 or email Mike Conboy or Steve Macmillan to discuss.
With the release of Version 18 of the IT Policy System we have produced an updated walk through video of both the full version and the new Lite version.
Click here to watch the full demo video
Click here to watch the lite demo video
Key changes in the V18 system content revolve around the use of Cloud based technology and the Protection of Personably Identifiable Information (PII).
Version 18 upgrade - if you currently hold a valid maintenance contract then we have a simple questionnaire which we need you to complete and thereafter your upgrade to V18 will be actioned. For more information contact Jon Flatley.
Is your Office 365 implementation secure?
This 60 point deep dive audit is designed to minimise any risk and uncertainty you might have about the security of your Office 365 environment.
Our experts will gather the relevant information to verify your Office 365 service is secured properly and key settings are enabled correctly.
At the end of the audit exercise Kaon Security will provide your organisation with a detailed report which includes the following information:
1. An Executive Summary of the 365 environment review, with a risk analysis commentary and security recommendations.
Note: Specifically written for business people, Our Executive summary will allow you to discuss how to improve your Office 365 security posture with Senior Executives.
2. A detailed “Key Observations” section for the CIO or IT Manager which covers our security findings, with a risk analysis commentary and our recommended next steps for remediation.
Some of the areas we will investigate and verify include:
- User Access
- Data Security
- Email Filtering
- Malware Detection
- Storage Security
- Calendar Security
For more information contact Mike Conboy or Steve Macmillan
Trust in your website
During the last few years there have been a number of changes made by organisations such as Google and Mozilla with regards to their support of unencrypted communications between the Chrome and Firefox browsers and web sites.
If you haven’t noticed internet users are being influenced to recognise that a website with a green padlock is more trustworthy than one without. It sends a signal to website visitors and potential customers that the website owners take privacy seriously.
If your website is still not using HTTPS and you are using unencrypted HTTP then we would recommend it is something you consider putting on your to do list for the coming months as some of the main players in the browser business will continue to take further steps to encourage the use of HTTPS.
In newly released Google Chrome 68, the omnibox now displays “Not secure” for any pages using HTTP on a site. Google also have a tool called Lighthouse that helps developers find which resources a site loads using HTTP and identifies those resources can more readily be upgraded to HTTPS.
Drop us a note if you would like to discuss how to make the change to HTTPS – e:firstname.lastname@example.org
Microsoft 365 Security Configuration Audit Service Now Available >