We are Passionate About IT Security

In2secure believe that all organisations should be able to access good, pragmatic and approachable Cyber Security advice to ensure that any solution is right for your needs.

Get in touch with us

About In2secure

At In2secure limited, we specialise in offering Cyber Security services throughout Northamptonshire and beyond, aimed at small businesses and there to help keep your organisation safe from cyber threats to your business .

We believe that doing the basic things well, which should help you prevent being a victim of crime. This is why we whole heartedly believe in offering Cyber Essentials.

With cyber criminals always finding new ways to attack businesses and steal valuable data and money, the importance of knowing you have the most up-to-date, effective cyber security measures in place is essential. As an IASME Licensed Certification Body, you can be certain that by using In2secure limited for your cyber security requirements, you will have the cyber defences in place to help thwart the a range of cyber attacks.

How to secure your information

Know your information

What is an information asset ? Simply information that is of value to your business. It may be your HR database, your accounting data, your knowledgebase as part of your IT system.

For each of these bits of information, you need to know who is responsible for each asset and that any associated risks to that information are known and accepted. In2secure can assist you in identifying risks and securing your business information.

Know your environment

Gone are the days of information being held on a single drive in a datacentre. Now, some may be held in a cloud offering, you might have some on an internal server and other information might be part of a Software as a Service solution.

Ultimately, you need to know where your business information is and be able to protect it. This is where In2secure can help. Our expertise in data management means we can give you advice on how best to handle your information.

Know your risks

You might have risks to your industry sector, to your organisation or even to a particular part of the organisation. You need to know what those risks are, and who is responsible for them.

In2secure can review your information risk register (in whatever form) and make suggestions.

Once you have identified your information assets, and made an asset register, you can begin to identify and analyse the risks associated with them. Any incident that could negatively affect a business asset is a risk. Whether it’s a physical threat, such as criminal hacking or a vulnerability, such as poor coding or processes, In2secure can assist you identifying risks and mitigating them.

Test your controls

Do you know what your controls are and what risk they are addressing? Do you know whether they are working? As part of an assessment, In2secure can map controls to risks to ensure that each of the risks are being addressed and the controls are working.

For the majority of risks you identify you should have a control in place to manage that risk. This might be a patching policy to ensure your software is always up to date or it might be a password policy for good cyber hygiene.

Whatever controls you put in place its imperative that they are proportionate to the risk and that they work. As part of an assessment in2secure can map controls to risks to ensure that each of the risks are being addressed and the controls are working.

Our Approach to Security & Prevention

Click on an item on the NIST Cyber Security Framework to help you understand what you need to do.

The buttons to the right shows stages in the NIST Cyber Framework. It’s a series of steps for helping you identify your assets, manage your risks, and respond and recover from potential or actual incidents.

Identify

This is about getting the lay of the land. Understanding what assets you have in place, how you need to safeguard them, what governance you need, how you work out scoring risks and what the risk appetite should be.

Example. Pretend you own a jewellers with fancy jewellery. You need to understand what you have, who might want to get it and how they go about getting it. At this stage we could start putting our jewellery into costs bands (less than 100 pounds, upto 2,000 pounds and then more).

Protect

Now you are looking to deploy and implement controls for the organisation, building on what we know (what we need to protect and how much we need to protect it). This may be through the use of people, process, technology or physical controls.

Example. With our jewellers we are going to have alarms in place. We are also going to keep the really expensive jewellry in a safe and make it ‘on demand’ to view. The moderate priced pieces are to remain behind glass while the cheaper pieces are to be on display. We will keep the door locked and restrict customers in the shop when the safe is open.

Detect

We know what we need to protect and we know what we need to do to protect it. Now we need to know how we could detect if something either goes wrong or has the potential to go wrong.

Example. We have some brilliant processes in our jewellery shop that our owners and insurance company are happy with. However, we need to make sure everyone follows these processes. We need to identify when the safe is not locked (it should be locked all the time when access is not required). The door should be locked when we have viewings, the glass cabinets should be locked when not accessed and the alarm should always be set when the shop is closed (like at night). Detecting when this doesnt happen will help protect the jewellery.

Respond

This is about taking action if something either goes wrong, or has the potential to go wrong.

Example. In our jewellers, if the safe is not locked, we may need to educate staff or issue warnings. We may need to review the processes to make sure that it is documentated and that staff can understand what they need to do. If the alarm goes off, we need to investigate, rather than ignore. If there is a burglary – we need to know straight away what was taken and how our system was compromised.

Recover

Dealing with our actual (or potential) incident, making sure that we know what went wrong and reducing the likelihood of it going wrong again.

Example. People gained access to the jewellery shop though, after a short time, they fled the scene as the alarm was causing a commotion. Having reviewed the incident, the company have decided to add a support and monitoring contract to the alarm, together with CCTV monitoring by a security company.

Set up a consultation

Get In Touch with In2secure

Need consultancy, help or advice. Need someone to validate what could be considered a ‘gut concern’ ? Then get in touch with In2secure and see how In2secure could be your trusted security partner.

Get in touch with in2secure

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
icwp-wpsf-notbot	1 minute	This cookie, set by wordpress, is used for Bot Management.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_176941806_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
icwp-wpsf-notbot	1 minute	This cookie, set by wordpress, is used for Bot Management.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_176941806_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.