With cybercrime still on the rise, can Server 2016 help?
Posted on 10 March 2017
According to figures released by Get Safe Online and the UK’s national fraud and cybercrime reporting centre, Action Fraud, UK businesses reported losses of over £1bn in 20161.
Fraud is a growing issue. It’s also an ever changing problem, with new areas of cybercrime threats constantly developing. The data shows that mandate fraud in particular, where fraudsters trick employees into changing a direct debit or standing order by pretending to be a supplier, is becoming an increasingly worrying issue for businesses.
This type of fraud is strategically targeted and has seen a 66% rise in the past year, with 2,323 reported cases.
Hacking also remains a big concern with 1,314 reported cases in the last 12 months. A fraudster can hack into a business's server, an employee’s personal computer, or access email and social media accounts to obtain private information.
SMEs are vulnerable as millions of consumers share their data with them every day and most large companies work with SMEs in their supply chain2. This makes them a very attractive target to criminals looking to get hold of valuable data – whether corporate or personal.
To tackle this issue head on, businesses need to review their own skills and knowledge, determine if they need outside help, and then create measures to prevent, detect and respond to potential security threats.
What else can you do?
Windows Server 2016 provides a set of new and highly effective security features; introducing layers of protection that behave as an active component in your security defences3. These layers range from threat resistance and enhanced detection, to managing privileged identity and protecting virtual machines from a compromised fabric.
If attackers find their way inside your system through phishing or compromised credentials, there are many ways for them to quickly gain control. Privileged identity is one way of protecting your business. Server 2016’s Just In Time Administration allows you to assign, monitor and limit the timespan that people have administrative privilege, while Just Enough Administration limits what administrators can do. Even if an attacker infiltrates a server, Credential Guard prevents them from gaining credentials that can be used to attack other systems. Finally, to help you secure privileged access end-to-end, there’s Securing Privileged Access, which guides you through best practices and deployment steps.
When an attacker gains access to your virtual environment, running your applications and infrastructure on Windows Server 2016 provides layers of protection against internal attacks using threat resistance technologies. These include Control Flow Guard, which blocks common attack vectors, Code Integrity, to control what can run on the server, and the built-in Windows Defender, which detects, protects and reports on malware. In addition, Windows Server 2016 includes enhanced security auditing to help your security experts detect and investigate threats in your environment.
With fraud on the rise, it’s critical to install the right security. To find out more about Windows Server 2016 or to discuss your concerns with an expert, get in touch today.
Author: James Cripps, 10 March 2017