What a difference a few weeks can make to you and your business! I bet you didn’t think you and your teams would be working from home in April! Although for some of you home working may be the norm.

In this blog I will show you how you can protect your data and business while working from home or in an office.  If you can put a tick next to the following 8 layers of protection you can give yourself a pat on the back because you are doing all you can to protect you and your customers data. With GDPR now in full swing it is more important than ever to keep your customers data secure!.

The 8 Layers of protection

  • Passwords
  • 2 Step\Multi Factor Authentication
  • Antivirus
  • Encryption
  • Patching
  • VPN
  • Backups
  • Security Awareness Training

While each layer deserves a blog of its own below is a brief description of each layer.


Follow these best practises to ensure your online passwords are not easy to guess or crack.

  • Avoid using the same password at multiple sites
  • Do not write passwords down..
  • Use a password manager like Lastpass to store your passwords so you only have to remember one.
  • Don’t use easily guessed passwords, such as “red123” “password” or “letmein.”
  • Do not choose passwords based upon details that guessed by someone looking at one of your social media accounts , such as names of family members.
  • Do not use words that can be found in the dictionary. Password-cracking tools contain dictionary lists that will try thousands of common names and passwords. If you do use dictionary words make sure to use more than one and use lowercase and uppercase letters, numbers and symbols as well,
  • Avoid using simple adjacent keyboard combinations: For example, “qwerty” and “123456”
  • Some of the easiest-to-remember passwords aren’t words at all but collections of words that form a phrase or sentence.
  • It has to be at least 8 characters long, containing lowercase and uppercase letters, number and symbol.


Multi Factor Authentication (MFA)

MFA adds another layer of security to your online account, as well as your password you will have to enter a code from your phone that could be from an SMS or authenticator app.

So if an attacker learns of your password they still cannot access your account without access to your phone.

MFA should be set up on every email account (including personal) you have! It takes less than a minute to set up so what are you waiting for?


You can think of Antivirus software as the security officer of your computer. It searches every file accessed by your computer and checks it for Malicious content. If it finds a threat it will lock it away or quarantine it to ensure it cannot do any damage to your system.

New Malware is coming out all the time. It is the job of the antivirus software to keep up with the latest threats. So it is important that your Antivirus is business class, configured to update daily and perform a full system scan weekly.

All of our managed service plans include Business class Antivirus



If a computer’s hard drive is not encrypted it is surprisingly easy for someone to access the data on your computer if it is lost or stolen, even with a really secure password.

That is why we recommend encrypting the hard drives of any device that you use to access your company data. I.e. desktop, laptop, tablet and smartphone.

The following devices come with encryption software, it just needs turning on!

Windows 10 Pro and Enterprise:


Apple iPads and iPhones

Android tablets & smartphones:


57% of data breaches are attributed to poor patch management.

If your computers get infected with Malware it will search and exploit any vulnerabilities it finds on your computer. This is how Ransomware infected so many NHS computers. Patching not only keeps systems and applications running smoothly, it also keeps your data secure.

While most operating systems automatically install patches they do not patch most non-Microsoft apps. You also have no idea if any of your systems are missing updates due to technical issues stopping the patches being installed.

A good patch management system will patch all supported applications and flag any computers that are vulnerable because they are missing security patches.

All of our managed service plans include Business class Patch Management



Do you know that most physical firewalls (i.e.Sophos, Watchguard, Fortinet)  have a VPN client that will allow your remote workers to securely connect to the company network over the internet. This means that all the data sent from the computer over the internet is encrypted so anyone on the network won’t be able to snoop on what your staff are doing.

This also gives your staff a secure way of connecting over the internet to any servers or applications you have in the office.


Backup, backup, backup, did I say backup?

The rule is: keep at least three (3) copies of your data, store two (2) backup copies on different storage media, with one (1) of them located offsite.

An example of how to achieve this is to have a backup of your data on a USB that is only connected to a computer to perform a backup and the 2nd backup on the cloud.

Security Awareness Training

Last but definitely not least is Security Awareness Training. You could have all the other layers covered but only takes one mistake by yourself or an employee who opens a malicious link or responds to a phishing email to bring all those layers down.

Train your staff now on how to spot malicious emails and what they need to if they receive one.

All staff with access to a computer should know how to spot a malicious email and what they need to do when they do receive one.

If you want any help securing your data give Tomorrows Today a call. We can help you implement a robust Cyber security solution

For a low monthly fee we can install the following software to protect you:

Business Class Antivirus software

Patch management

System Monitoring

DNS filter