/ By Jane Webb / Cyber SecuritySecurity/ 0 Comments

Tools and Services to Enhance Security Measures

In today’s digital-first business environment, small businesses face increasing pressure to protect their data, systems, and customer information from cyber threats. With cybercrime incidents on the rise—over 67,500 reported in a single year, according to the Australian Cyber Security Centre (ACSC)

—The need for robust security measures has never been more urgent.

Fortunately, a wide array of tools and services are available to help small businesses strengthen their security posture, minimise the risk of cyberattacks, and ensure operational continuity. This article explores key technologies and services that can make a meaningful difference.

Firewalls: The First Line of Defence

Firewalls are foundational to any cybersecurity strategy. Acting as a barrier between your internal network and external threats, firewalls monitor and control incoming and outgoing traffic based on predetermined security rules. Next-generation firewalls (NGFWs) go a step further by incorporating features like deep packet inspection, intrusion prevention, and application awareness.

For small businesses, deploying a firewall—whether hardware-based or software-based—is a critical step in protecting sensitive data and preventing unauthorised access.

Intrusion Detection and Prevention Systems (IDS/IPS)

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are designed to detect and respond to suspicious activity. IDS tools monitor network traffic and alert administrators to potential threats, while IPS tools actively block malicious traffic in real time.

These systems are particularly valuable for businesses that handle sensitive customer data or operate in regulated industries. By identifying threats early, IDS/IPS solutions enable swift action to mitigate risks before they escalate.

Cybersecurity Software Suites

Comprehensive cybersecurity software suites offer bundled protection that typically includes antivirus, anti-malware, a firewall, and email security. These packages are often cost-effective and easy to manage, making them ideal for small businesses with limited IT resources.

Endpoint protection platforms (EPPs) and Endpoint Detection and Response (EDR) tools are also gaining popularity. These solutions provide advanced threat detection and response capabilities across all devices connected to your network.

Multi-Factor Authentication (MFA)

One of the simplest yet most effective security measures is Multi-Factor Authentication (MFA). MFA requires users to verify their identity using two or more factors—such as a password, a mobile device, or biometric data—before gaining access to systems or applications.

Enabling MFA across email, cloud storage, and financial platforms significantly reduces the risk of unauthorised access. Microsoft, for example, has begun enforcing MFA across its Microsoft 365 tenants to enhance baseline security.

DNS Protection and Email Gateway Security

Domain Name System (DNS) protection helps prevent users from accessing malicious websites by filtering DNS requests. Email gateway security, on the other hand, scans incoming and outgoing emails for phishing attempts, malware, and spam.

These tools are essential for defending against social engineering attacks, which remain one of the most common entry points for cybercriminals.

Managed Security Service Providers (MSSPs)

For businesses lacking in-house cybersecurity expertise, Managed Security Service Providers (MSSPs) offer professional monitoring and management of security systems. MSSPs can handle everything from firewall configuration and threat detection to compliance reporting and incident response.

Partnering with an MSSP ensures that your business maintains constant vigilance against threats, even outside of regular operating hours.

The Essential Eight: A Strategic Framework

Developed by the Australian Signals Directorate (ASD), the Essential Eight is a set of mitigation strategies designed to help organisations prevent and limit the impact of cyberattacks. These include:

  • Application whitelisting
  • Patch management
  • User access control
  • MFA
  • Daily backups
  • Antivirus software
  • Security configuration
  • Restricting administrative privileges

At innoTel, we work closely with businesses to implement the Essential Eight model, tailoring each strategy to suit the unique needs of our clients.

Security Awareness Training

Technology alone isn’t enough—human behaviour plays a critical role in cybersecurity. Training staff to recognise phishing emails, use strong passwords, and follow safe browsing practices can dramatically reduce the risk of breaches.

Some of the topics included in Security Awareness Training include Information Security Fundamentals, Phishing Simulation and Prevention, Malware and Ransomware Education, Cybersecurity Best Practices and Incident Response Awareness

Data Sovereignty and Compliance

Storing data within Australia ensures compliance with local privacy laws and enhances control over sensitive information. This is especially important for legal, financial, and healthcare sectors. Tools that support data sovereignty, combined with regular compliance assessments like the Victorian Protective Data Security Standards – Review & Self Assessment, help businesses stay aligned with regulatory requirements.

By integrating these tools and services, small businesses can build a robust defence against cyber threats. Whether you’re just starting out or looking to upgrade your existing security infrastructure, taking proactive steps today can save you from costly breaches tomorrow.

To learn more about how innoTel can help your business implement these solutions, speak with our team on 1300 736 048 or visit innotel.com.au.

World Backup Day 31st March
/ By innoTel / Business ContinuitySecurity/ 0 Comments

World Backup Day 2018 – Business Backup Reminder

World Backup Day 2018 is being held on the 31st of March and is designed to promote awareness around the importance of keeping backups of your business data in the event that something happens and you lose information. Business Backup is simple and affordable, yet so few businesses backup their data!

So we’re doing our bit to promote World Backup Day this year and encourage more businesses to backup!.

 

What is a backup?

A backup is simply a copy of your important files; backups are (usually) stored in a separate location to your computer (best practise!) so you have a copy in case something happens to your computer.

In short, to anyone who stores data, especially businesses, they ensure they’re backing up all their data.

 

What happens if we don’t backup?

A lot of people say why?  We’ve never lost it before.  Is it worth the risk?  What’s the cost to your business?  Financially? The heartache?  How long has it taken you to build your business?  How long would it take to rebuild your business if you lost EVERYTHING?!

Consider it like insurance…. Insurance with a car…. You don’t have an accident before taking insurance do you?  It isn’t always our fault and we don’t intend on having an accident.  We insure the car on the basis that we hope that we will never be in an accident, but should it happen, we are covered.

Think of business backup the same way.  Back it up on the basis that you may never lose your data, but if you do, lose any data, if you are hacked, if your hardware fails or a fire destroys your business premise, be confident that you won’t lose your entire business – it is worth the peace of mind.

 

What do you stand to lose if you don’t backup your data?

Tax information, business documents, financial records, customer orders, spreadsheets, forms, customer information that you have spent years compiling and creating. What happens if you lost all of those in seconds?

 

It will never happen to me!

Losing all your data, therefore losing all of your business information and starting again happens more commonly than you think!

Source: worldbackupday.com

 

What’s the benefit of a backup?

If you have a backup, should the unfortunate happen and all your data is lost, you will be able to simply, quickly and easily restore all your data.  Back to business as usual in very little time!

The benefits that data backup can have on your company!

Higher Reliability – One of the greatest benefits of regular remote data backup is the reliability it provides. Remote backup can be automated and updated daily basis, or you can set a time. Because the backup is done via the Internet, should you need to, you can recover files quickly.

Easy Set-Up – Set-up isn’t as difficult as you may think.  You can set it up and automate it; while resting assured that all your data is protected, backed up and up-to-date.

Increased Security – Having a remote backup means your data is stored in a secure location. You can often encrypt your data so only the person with the ‘key’ can unencrypt your backups giving you confidence knowing that your data cannot be compromised.

Peace of mind – Leave the office at night knowing your data is backed up and in safe hands.

 

So you’re convinced?

So you’ve made the decision that Business Backups are a great idea. Great! Not only has World Backup Day done its job, but you’ve taken the first step to protecting your business.

So now you need to get started – that’s where innoTel can help.

 

Business backup is simple

innoTel offers an affordable online business backup service which allows you to store your backups offsite allowing for quick recovery of data for when you need it.

For as little as $7.95 per month, you can start backing up your important data.

It’s a small price to pay for peace of mind – cheaper than an insurance policy (that won’t recover the data you lost if you weren’t already backing up your business data!).

Backup any type of Windows, Mac, Linux computer, laptop and server or a Synology NAS quickly and easily. Set-up only takes a few minutes.

If you currently store your business data in Dropbox, OneDrive or Google Drive, you can also ensure you have a backup of those documents with the innoTel backup service.

Need to backup Office 365 Mailboxes, Exchange databases, SQL databases? We’ve got that covered too (additional fees apply).

innoTel Online Business Backup is your flexible backup solution for your critical data.

 

/ By innoTel / Business ContinuitySecurity/ 0 Comments

National Privacy Week 2017

Did you know it was National Privacy Week 2017 this week?

In the wake of a few large businesses experiencing privacy breaches over the last few years, people are more concerned about privacy these days than they ever have been.

Check out the Australian Community Attitudes to Privacy Survey results in info-graphic form from the OAIC.

According to the OAIC survey results, 58% of people decided not to do deal with some businesses because of security concerns.

As a business, how are you making sure you customer’s private data is sensitive?

Do your customers expect that their private information is secure?

Do you or your customers place any emphasis on privacy when dealing with each other?

A great tool for your business could be the Privacy Impact Assessment (PIA) eLearning program, which allows you to conduct your own privacy assessment and understand privacy risks and the strategies you could develop to help address the risks.

Take a look at the Privacy Awareness Week 2017 website hosted by the Office of the Australian Information Commission to see how your business can become more ‘Privacy Aware’.

/ By innoTel / Security/ 0 Comments

Protect your small business from scams

Scams cost small businesses in Australia millions of dollars each year. Do you know what to look out for in order to protect your small business from scams?

While scams are designed to look completely legitimate, some that have appeared lately can throw you off guard if you’re not paying attention.

And it’s growing!

2,652 Australian businesses reported in 2014 they had lost $509, 000 dollars to false billing type scams alone. In 2015, this grew to 4,103 businesses reporting they had lost $616,000 and based on data collected so far for 2016, these figures are expected to grow to over 8,000 business reporting losses of false billing scams to the tune of $800,000. Figures courtesy of ScamWatch.

Now some might say that’s not a lot of money, however consider the number of businesses that aren’t reporting because they’re too ashamed to admit they’ve been scammed!

Here are a few of the more notable scams doing the rounds;

 

The invoice / false billing scam

Have you ever received an invoice, either my mail or email, for something you can’t recollect purchasing or ordering?

This scam is more often successful with larger businesses where there are a number of employees and it’s harder to keep track of who ordered what and when.

A few variants of this scam are;

You receive an invoice for something you order on a regular basis from a supplier you do not recognise, or they note on the invoice that the supplier has changed their name.

Another variant comes in the form of a scammer attempting to mirror your current supplier for goods and services for which you would regularly purchase. They might send you an invoice that claims to be from your regular supplier with a note saying their banking details have changed.

You may also receive an invoice from a new supplier for goods or services you or an employee did not order.

In some cases, the scammer will attempt to chase up after the due date listed on the invoice and may even threaten debt recovery proceedings.

 

Advertising scams

There are two variants of the Advertising scam;

Similar to the invoice scam, these generally come in the form of invoices or requests to pay for advertising did you did not request and possibly for an advertising publication that doesn’t even exist.

The second variant plays on a legitimate advertisement you publish, and attempts to fraudulently invoice for you using an invoice made to look like one from the legitimate advertiser, while providing fraudulent payment or banking details so you end up paying the invoiced amount to the scammer and not the genuine advertising company. These are often harder to detect as scams, however you should always be diligent when approving or paying invoices.

These Advertising scams can also mask hidden costs, or an ongoing commitment and like the invoice scam above, may follow-up and threaten a business with debit recovery proceedings.

 

Domain name renewal scams

Have you ever received a domain name renewal notice by mail or email, however not from the company you have your domain currently registered with?

The domain renewal scam often involves an email offering to renew your domain and while all of your details will be correct on the invoice, it may well be from a company you’ve never heard of, or a company appearing to ‘manage’.

Unfortunately the domain name system allows almost anyone to look up your domain registration details including your name, business name, ABN and email address. With a little more effort, a scammer can use some of these details to look up your business address, giving them everything they need to send you what looks like a legitimate invoice.

Often scammers will send out a renewal notice well before the renewal is due, in order to get ahead of the renewal notices from the company that actually provides you with your domain name

When in doubt, always check with the company your domain name is currently registered through. Losing a domain name doesn’t just mean losing your website, but could also mean losing your email – given how critical they both are in today’s world, it’s always worth a quick call to your current domain name provider to confirm if the invoice is legitimate.

 

The tax scam

While this has been more widely reported among consumers and not so much small businesses, there have been reports of people calling small businesses who claim they are from the Australian Taxation Office (ATO) ‘reminding’ you of an outstanding tax debt, and you’ll go to jail if you don’t pay immediately. These scams have also appeared as emails.

In short, Government agencies like the ATO don’t conduct themselves like this and any request to ‘pay immediately or go to jail’ should be ignored and reported. If you’re unsure and wan tto protect your small business from scams, hang up and call the ATO.

 

Ransomware

This scam one has become a reasonably large issue lately.

The tell-tale signs of this scam generally start by receiving an email with an attachment, either a Word Document, Zip file or similar file that can carry malicious software.

The unsuspecting recipient of the email, upon opening the attachment unleashes the malicious software on their computer which could be used in a number of ways, including;

  • Lock all of your files, or your computer in a way they can’t be used
  • Extract sensitive information from your computer and send on the to the scammer

Once infected, the term ‘ransonware’ comes into effect. You’ll often see messages along the lines of ‘pay a ransom or you won’t ever be able to access your files/computer again’ or claim to use the sensitive details extracted to cause havoc depending on what information it was able to extract.

In short, never pay the ransom money. But more importantly, don’t ever open a file attached to an email that you don’t trust.

If you’ve been sent an email with an attachment from a source that looks legitimate, but weren’t expecting, confirm the email’s legitimacy with the sender before opening.

You should always back-up your files and back up regularly to protect your small business from scams. There are a number of reasons why you might need backups, but this is one that could cripple a small business very quickly.

Don’t have your files backed up? We recommend you get that sorted quickly taking a look at our Online Backup options.

 

What can you do to protect your small business from scams?

  • Be on your guard at all times; if an invoice looks suspicious then investigate it.
  • Educate your employees on scams
  • Limit the number of employees who can order goods and services, and pay invoices.
  • Put processes in place within the business to check each invoice with the person who ordered the goods/services.
  • Don’t just throw away old invoices, consignment notices or anything that would detail items you’ve purchased in the past. If you have to dispose of these, shred them!

 

Is it worth dobbing in scammers?

Most times, it’s going to be difficult to trace where and who the scam originated from, however if you come across a fraudulent invoice with banking details, it’s worth speaking to the police or your state Consumer Affairs office to report it. While most people think the scammers get away red-handed, some don’t as in this case in New South Wales, so its always worth reporting scams and encourage others to do the same, which helps protect your small business from scams in the future.

 

More information

This is just an overview of how to protect your small business from scams. More great information can be found at ScamWatch. Don’t forget to head over and check out our online backup options, in case you ever do get caught up in a scam (we hope you’ll never need it, but it’s good insurance!)