# Network Fish — Full Site Content > Network Fish is a managed IT support provider based in London, established in 2002, serving small and medium-sized businesses across all London boroughs. Services include unlimited remote helpdesk support, on-site engineers, Microsoft 365 administration, cyber security management (antivirus, EDR, MFA, DNS filtering, patch management), business networking (structured cabling, Wi-Fi, firewalls, SD-WAN), Teams Phone setup, and backup and disaster recovery -- all under a single fixed monthly fee. Network Fish holds Cyber Essentials certification and supports clients through the certification process. > Phone: +44 (0) 207 403 4031 | Email: sales@networkfish.com | Address: Great Portland Street, London, UK This file contains the full text content of all Network Fish service pages and blog posts. See also: https://networkfish.com/llms.txt for the summary index. # SERVICE PAGES --- URL: https://networkfish.com/it-support-london/ Description: Managed IT support for London SMEs. Helpdesk, on-site engineers, proactive monitoring, Microsoft 365 support, layered security, and endpoint backup, all in one fixed monthly fee. Network Fish, est. 2002. # IT support for London businesses. One number, one team, one monthly fee. Network Fish provides managed IT support for London SMEs. We have been doing this since 2002 and our approach is straightforward: one fixed monthly fee covers everything your business needs from an IT support provider, helpdesk support, on-site engineers, proactive monitoring, Microsoft 365 administration, and security. You get one number to call, a one-hour response target, and a team that knows your setup. ## What this cover means in practice If a computer plays up, we watch every machine around the clock and often fix problems before anyone notices. If staff click a dangerous link, dangerous websites are blocked automatically on every device. If a laptop is lost or stolen, every machine is encrypted, backed up to the cloud, and can be wiped remotely. We keep every computer and application up to date automatically. Accounts are created on day one and switched off when someone leaves. We guide clients through Cyber Essentials certification step by step. ## What is included in managed IT support Helpdesk support: one-hour response target, Monday to Friday, 9:00am to 5:00pm. No per-call charge, no per-hour billing, no limit on issues raised. Most issues resolved remotely. On-site engineers: same or next working day attendance for London clients. Where possible, the same engineer each time. Remote monitoring and management: RMM software deployed across every device, server, and network component. Continuous vulnerability scanning. Issues often resolved before staff notice. Security included as standard: managed antivirus, EDR, DNS-layer web filtering, MFA enforced across every account, patch management, and vulnerability scanning. Not an optional add-on. Microsoft 365 and SaaS platform support: full administration including Outlook, Teams, SharePoint, OneDrive, Exchange, user accounts, licensing, security configuration, and MFA. Other SaaS platforms also supported. Cyber Essentials readiness: Network Fish holds Cyber Essentials certification and guides managed support clients through the process. Your contract directly addresses all five technical controls. Gap analysis, hands-on remediation support, and coordination with your chosen certification body included. Cyber Essentials Plus available as a separate engagement. Endpoint backup: every device backed up automatically to the cloud, versioned file recovery, encrypted storage, backup monitoring, and remote wipe for lost or stolen devices. Microsoft 365 backup available as a separate add-on. ## Who we support London SMEs from 5 to 250 users across professional services, financial services, legal, creative, and not-for-profit sectors. ## How it works Step 1: Free site survey. We visit your office and provide a written report on your infrastructure, security posture, and any gaps. No charge, no obligation. Step 2: Onboarding. Every device enrolled in our monitoring platform, security tools deployed, team given helpdesk contact details. Completed with no disruption to your working day. Step 3: Ongoing support. Helpdesk when needed, background monitoring, quarterly reports, annual account review. ## Pricing Per user per month. Covers helpdesk, on-site callouts, monitoring, security, Microsoft 365 support, and endpoint backup. No per-incident charges, no surprise invoices. Contact us for a proposal starting with a free IT site survey. ### Frequently Asked Questions Q: What does managed IT support include? A: Managed IT support from Network Fish includes unlimited helpdesk support, on-site engineer callouts for London clients, proactive remote monitoring and vulnerability scanning across all your devices and infrastructure, Microsoft 365 administration and support, a full security stack covering antivirus, EDR, DNS filtering, MFA, and patch management, and endpoint backup. All of this is included in one fixed monthly fee. Microsoft 365 backup is available as a separate add-on. Q: How quickly do you respond to IT support requests? A: Our target response time is one hour during business hours, Monday to Friday, 9:00am to 5:00pm. In practice many issues are picked up and resolved faster than this. For urgent issues, calling the helpdesk directly is the fastest route to a response. Q: Do you come on-site or is everything done remotely? A: Both. Most day-to-day issues are resolved remotely without anyone needing to visit your office. When an issue requires a physical presence, such as a hardware failure, network problem, or on-site device setup, we send an engineer to your premises. For London clients, we aim for same or next working day attendance. Where possible, we send the same engineer each time, so they already know your setup, your office, and your team. Q: How is IT support priced? A: We price per user per month. The fee covers helpdesk, on-site callouts, monitoring, security, Microsoft 365 support, and endpoint backup. There are no per-incident charges, no hourly billing for callouts, and no additional fees for raising support tickets. Microsoft 365 backup is available as a separate add-on, quoted separately. A free site survey gives us the information we need to confirm accurate pricing for your specific setup. Q: What size businesses do you support? A: We work with London SMEs typically ranging from 5 to 250 users. Our clients are businesses that want a single, reliable IT support partner rather than managing multiple suppliers or an in-house IT function. If you are outside this range, speak to us anyway as we consider each client on its own merits. Q: How do you handle the transition from our current IT provider? A: We manage the transition as part of onboarding. This includes coordinating with your existing provider for any handover information, enrolling your devices in our monitoring platform, deploying security tools, and briefing your team on how to contact us. Most transitions are completed with no disruption to your working day. Q: Do you support Microsoft 365? A: Yes, fully. Microsoft 365 support is included as standard: Outlook, Teams, SharePoint, OneDrive, Exchange, user accounts, licensing, security configuration, and MFA. Our engineers handle Microsoft 365 administration day to day as part of your managed support contract. Q: Is backup included? A: Endpoint backup is included in your managed support contract as standard, protecting the files on your computers with automatic cloud backup, versioned recovery, and remote wipe capability for lost or stolen devices. Microsoft 365 backup is available as a separate add-on and covers your email, calendars, Teams data, and SharePoint. Q: Are you Cyber Essentials certified? A: Yes. Network Fish holds Cyber Essentials certification. Every managed support client receives a security stack that directly maps to the five Cyber Essentials technical controls, and we support clients through Cyber Essentials certification as part of the managed support relationship. Q: Can you help us achieve Cyber Essentials certification? A: Yes. As part of your managed support contract, we carry out a gap analysis against the five Cyber Essentials technical controls, provide hands-on remediation support to close any gaps, and coordinate with your chosen certification body ahead of submission. For most clients the gap between their current setup and certification is smaller than they expect. Cyber Essentials Plus, which involves an independent technical verification audit, is available as a separate engagement. Q: What areas of London do you cover? A: We cover all London boroughs for on-site support. Our engineers are based in London and can attend premises across the city. Remote support is available to clients anywhere in the UK. --- URL: https://networkfish.com/extended-it-support Description: Extended IT support beyond standard hours for London businesses. Out-of-hours helpdesk coverage priced on your requirements. # Extended IT support hours. Standard support hours work for most businesses. Some don't fit that pattern. If your business operates later in the day, or you need cover beyond the usual working week, extended support hours are available as an add-on to your Network Fish contract. ### Frequently Asked Questions Q: What is extended IT support? A: Extended IT support is an optional add-on to a Network Fish managed support contract, giving access to helpdesk support beyond standard business hours. It is designed for businesses that operate later in the day or need additional cover for a specific period or activity. Q: What hours does extended support cover? A: Extended support hours are arranged based on your specific business requirements rather than a fixed standard offering. Get in touch to discuss what cover you need and we will confirm availability and put together a proposal. Q: How much does extended IT support cost? A: Extended support is priced according to the hours of cover required and the nature of your business. There is no fixed published rate, as requirements vary significantly between businesses. Contact us with details of what you need and we will provide a proposal. Q: Is extended support available to all clients? A: Extended support is available as an add-on for Network Fish managed support clients. If you are not yet a managed support client and are interested in extended hours cover, get in touch and we can discuss what arrangement would work for your business, including as part of a new managed support contract. Q: What happens if an on-site visit is needed during extended hours? A: If an issue raised during extended hours requires a physical visit, this is arranged for the next standard working day. Most issues raised during extended hours are resolved remotely without needing an engineer on-site. Q: Is extended support different from standard support? A: Yes. Standard managed support covers helpdesk access during normal business hours, Monday to Friday. Extended support is a separate, additional layer of cover beyond those hours, available as an add-on for businesses that need it. The two work together rather than replacing one another. --- URL: https://networkfish.com/it-infrastructure-services Description: IT Support and Infrastructure Services in London. Network Fish manages your networks, Wi-Fi, servers, and cloud infrastructure. Proactive monitoring, one monthly fee. # IT Infrastructure Services The infrastructure behind your business — your office network, Wi-Fi, switches, servers, and cloud systems — is the thing nobody thinks about until it stops working. We think about it so you don't have to. ### Frequently Asked Questions Q: What does managed IT infrastructure support include? A: Managed IT infrastructure support from Network Fish covers the ongoing monitoring, management, and maintenance of the physical and cloud systems that keep your business running. This includes your office network and Wi-Fi, switches and network hardware, on-premise servers, Microsoft 365 and cloud-hosted applications, domain monitoring, and DNS configuration. Everything is monitored continuously using remote monitoring and management software deployed across your entire estate. Q: What is remote monitoring and management (RMM) and why does it matter? A: Remote monitoring and management, commonly called RMM, is software deployed across every device, server, and piece of network equipment in your business. It watches performance, flags issues, and in many cases resolves problems automatically, before anyone in your business notices anything is wrong. When something needs attention, it creates a ticket in our helpdesk and an engineer deals with it. For Network Fish clients, RMM is deployed as standard across the entire estate from day one. Q: Do you manage Wi-Fi and office networks? A: Yes. We design, install, and manage business-grade Wi-Fi and wired networks across your office, including across multiple sites. This covers proper network segmentation between staff and guest access, coverage across every area of your office, ongoing monitoring, and firmware updates for access points and switches. A poorly configured Wi-Fi network is both a productivity problem and a security risk. We treat it as both. Q: Do you support on-premise servers? A: Yes. If your business runs any on-premise servers, whether for file storage, a line-of-business application, or any other purpose, we monitor, maintain, and support them as part of your managed support contract. Server health, disk space, performance, security patching, and backup verification are all monitored continuously. Issues are flagged and addressed before they become outages. Q: Do you manage cloud infrastructure as well as on-premise systems? A: Yes. We manage both. Cloud infrastructure, including Microsoft 365, SharePoint, Teams, OneDrive, Azure virtual machines, and cloud-hosted line-of-business applications, requires the same level of configuration, security management, and ongoing administration as on-premise systems. We handle the admin layer so your cloud systems are set up correctly, secured appropriately, and working the way your business needs them to. Q: What is domain monitoring and why do I need it? A: Domain monitoring means keeping watch over your domain name registrations and DNS configurations so that an expiring domain, a misconfigured DNS record, or an unauthorised change does not take your website, email, or business systems offline without warning. Domain and DNS issues are one of the most common causes of unexpected email or website outages for small businesses, and they are almost always avoidable with proper monitoring in place. We include domain monitoring as a standard part of our managed infrastructure support. Q: Can you support a business with multiple offices or locations? A: Yes. Network Fish supports clients across multiple sites under a single support arrangement, including offices in different cities and different countries. Remote monitoring covers every site regardless of location, and on-site engineer visits are available across London. For international or out-of-London sites, remote support is provided as standard with on-site coordination arranged where needed. Q: How quickly do you respond when something goes wrong with our infrastructure? A: For managed support clients, our target response time for remote support is one hour. In most cases, infrastructure issues are identified and addressed by our monitoring systems before anyone in your business is aware of them. Where an on-site engineer visit is needed, we aim to attend the same or next working day anywhere in London. Q: What happens if our internet connection goes down? A: We monitor your internet connectivity as part of the infrastructure support service. If your connection drops, we are alerted automatically and begin investigating immediately. We will contact your internet service provider on your behalf, manage the support case, and keep you updated on progress, so you do not have to navigate provider support queues yourself. Q: Do you help with hardware procurement? A: Yes. We advise on and assist with the procurement of IT hardware, including laptops, desktops, servers, switches, access points, and other network equipment. We can source hardware appropriate to your requirements and budget and handle the configuration and deployment as part of the setup process. We do not require you to purchase hardware through us, but we are able to assist if you would find it useful. Q: Is IT infrastructure management included in a Network Fish managed support contract? A: Yes. Network Fish managed support contracts cover the ongoing monitoring, management, and maintenance of your IT infrastructure as part of the monthly fee. This includes RMM deployment across your estate, server and network monitoring, domain and DNS monitoring, Microsoft 365 administration, and helpdesk support for infrastructure issues. There is no separate charge for infrastructure management on top of the managed support contract. Q: How is managed infrastructure support different from break-fix IT support? A: Break-fix IT support means calling someone when something goes wrong and paying for the time it takes to fix it. Managed infrastructure support means continuous monitoring, proactive maintenance, and automatic alerting so that most problems are caught and resolved before they cause any disruption. The difference in practical terms is that with managed support, your infrastructure is being watched around the clock, whereas with break-fix support, nobody knows there is a problem until your business is already affected by it. --- URL: https://networkfish.com/cyber-security/ Description: Cyber security services for London SMEs. Threat monitoring, email security, endpoint protection, MFA enforcement, patch management, and security audits. Fixed monthly fee. Network Fish, est. 2002. # Cyber security services for London SMEs. Most cyber attacks succeed because of a small number of avoidable gaps — accounts without multi-factor authentication, software that hasn't been patched, and staff who weren't prepared for a convincing phishing attempt. We close those gaps. Cyber security in London is not just a concern for large enterprises. SMEs are targeted constantly — often precisely because attackers know smaller businesses are less likely to have robust defences in place. Cyber crime is no longer something that only happens to large organisations. The majority of attacks now target small and medium-sized businesses — and they succeed because the fundamentals are not in place. No multi-factor authentication. Software that hasn't been updated. Staff who clicked a link in a convincing email. These are not failures of technology, they are failures of management, and they are entirely preventable. We manage cyber security for London SMEs as part of a fixed-fee IT support contract. Not as an add-on or an afterthought — as a core part of the service. ## Why London SMEs are targeted Small businesses hold genuinely valuable data: client records, payment details, supplier relationships, staff information, and often access into their clients' own systems. At the same time, most SMEs invest significantly less in security than larger organisations. Attackers are aware of this gap. Automated tools mean that a business with 10 employees is just as likely to receive a phishing campaign as one with 1,000. The difference is that the larger organisation is more likely to have the monitoring in place to detect it, and the technical controls in place to stop it. ## The key threats facing London businesses Phishing: fraudulent emails designed to steal login credentials, trigger payments, or deliver malware. The entry point for the majority of cyber attacks. Increasingly convincing — AI tools have made it possible to generate phishing emails without spelling errors. The defences are email filtering, safe link scanning, staff awareness training, and multi-factor authentication. Ransomware: malicious software that encrypts files on a device or network share, making them inaccessible, then demands payment for the decryption key. Most ransomware enters a business through a phishing email or a compromised remote access connection. Payment does not guarantee recovery. Protection requires layered controls: endpoint security, email filtering, patched software, restricted access, and independent backup. Insider threats: security risks from within the organisation — a current or former employee, contractor, or supplier with legitimate access. Can be intentional (a disgruntled employee deleting files before leaving) or accidental (a staff member who mishandles sensitive data). Addressed through access controls, offboarding procedures, and staff awareness guidance. AI-powered attacks: artificial intelligence has made attacks significantly harder to spot. Phishing emails that once gave themselves away through poor grammar are now indistinguishable from legitimate messages. Deepfake voice calls — where an attacker impersonates a colleague or director — are being used to authorise fraudulent payments. Automated tools can probe systems around the clock, identifying vulnerabilities faster than any human attacker. The volume and sophistication of attacks facing London SMEs has increased sharply as a result. Supply chain attacks: SMEs are increasingly targeted not for their own data, but because they are a supplier to a larger organisation. Attackers compromise a smaller business first, then use that access to reach the real target. If you supply services to larger companies, public sector bodies, or regulated businesses, your security posture is under scrutiny whether you realise it or not. ## What our cyber security service covers Threat monitoring: continuous monitoring for signs of compromise, unusual activity, and security policy violations using Microsoft Defender and endpoint detection. Email security: anti-phishing policies, safe link scanning, and safe attachment checking. For Microsoft 365 clients, this uses the security tools built into your licence — they just need to be properly configured. Endpoint protection: antivirus and endpoint detection across every device, managed centrally. Device compliance policies enforced so only compliant devices can access company data. MFA enforcement: multi-factor authentication enforced across every account with no exceptions. The single most effective control against account compromise. Patch management: operating system and software updates applied consistently across every device. Unpatched software is one of the most common ways attackers gain access. Security audits: regular review of security posture, with Microsoft Secure Score used as a running measure for Microsoft 365 clients. Staff awareness: guidance for your team on what to look for in a phishing email, how to verify an unusual request, and what to do if something looks wrong. Mobile device security: personal devices used for work — whether company-issued or employee-owned — are one of the most common security blind spots for SMEs. Unmanaged phones and tablets can access email, Teams, and SharePoint without any of the controls applied to office machines. Network Fish can extend security policies to mobile devices through Microsoft Intune, enforcing encryption, remote wipe, and conditional access. ## Cyber Essentials Cyber Essentials is a UK government-backed certification that tests your defences against the most common cyber attacks. It covers five key controls: firewalls, secure configuration, user access control, malware protection, and patch management. Network Fish can prepare your business for certification and work through the assessment with you. For businesses supplying government contracts or working in regulated sectors, Cyber Essentials Plus goes a step further — it involves independent technical verification of your controls rather than a self-assessment. An increasing number of procurement frameworks now require Plus as a condition of contract. ## Part of your managed support contract For Network Fish managed support clients, cyber security management is included as part of the service, not priced separately. Threat monitoring, email security configuration, endpoint protection, MFA enforcement, patch management, and Cyber Essentials readiness support — all covered by your fixed monthly fee. --- URL: https://networkfish.com/cyber-security-and-it-security-services Description: Cyber Security Services in London for SMEs. Managed antivirus, EDR, DNS filtering, email defence, MFA, and vulnerability scanning. All included in one monthly fee. # Cyber security for London businesses. Built in from day one. Most small businesses approach cyber security the wrong way. They buy an antivirus licence, assume that covers them, and move on. Then something goes wrong, and they discover that antivirus alone was never enough. ### Frequently Asked Questions Q: What cyber security services does Network Fish include in a managed support contract? A: The full security stack included in a Network Fish managed support contract covers: managed antivirus (Datto AV) on every Windows and macOS device; advanced threat detection (Datto EDR) covering Windows, macOS, and Linux; web-level threat blocking (DNS filtering); multi-factor authentication enforced across all accounts and business systems; device hardening applying a security baseline to every endpoint; automatic patch management for operating systems and applications; full-disk encryption with central key escrow; email defence including anti-phishing, safe links, safe attachments, and sender authentication; continuous vulnerability scanning with quarterly reporting; and Cyber Essentials readiness support. All of these are included at no extra charge beyond the monthly support fee. Q: Is antivirus enough to protect my business from cyber attacks? A: No. Antivirus is an essential layer but it only detects known threats by matching files and processes against a database of malicious signatures. It cannot catch new threats it has never seen before. Effective cyber security for a business requires multiple overlapping layers: antivirus for known threats, EDR for unknown or behaviour-based threats, MFA to protect accounts even if passwords are compromised, DNS filtering to block web-based threats before they load, automatic patching to close known software vulnerabilities, and device hardening to reduce the attack surface. Network Fish manages all of these layers as part of a single managed support contract. Q: What is the difference between antivirus and EDR? A: Antivirus (AV) detects threats it recognises by comparing files against a database of known malicious signatures. EDR (Endpoint Detection and Response) monitors device behaviour in real time and detects suspicious activity regardless of whether the specific threat is known. EDR can contain a threat automatically by isolating the affected device before an infection spreads. The two products work best together: antivirus handles known threats quickly, EDR catches what antivirus misses. Network Fish deploys and manages both Datto AV and Datto EDR for managed support clients. Q: What is Cyber Essentials and is it included in a managed support contract? A: Cyber Essentials is a UK government-backed security certification that assesses five technical controls: firewalls, secure device configuration, user access controls, malware protection, and patch management. It is increasingly required by insurers and by larger organisations when onboarding suppliers, and is mandatory for businesses tendering for UK government contracts. For Network Fish managed support clients, the Cyber Essentials gap analysis, remediation guidance, and support through the certification process are included in the contract. The only additional cost is the certifying body fee, currently around £300, paid directly to the certifying body. Q: What is multi-factor authentication and why do you enforce it? A: Multi-factor authentication (MFA) requires a second verification step when someone logs into an account, usually a code sent to a phone or generated by an app, in addition to their password. Even if an attacker obtains a password, they cannot access the account without completing the second step. MFA is included in Microsoft 365 and Google Workspace licences at no extra cost but is not enforced by default. We enforce it across every user account and every business system as a standard part of our managed support service because it is the single most effective control against account takeover attacks. Q: What is DNS filtering and how does it protect my business? A: DNS filtering works at the network level to block connections to malicious websites before they load in a browser. When your team clicks a phishing link, visits a website hosting malware, or accidentally navigates to a fake login page, DNS filtering stops the connection at the DNS lookup stage before any content is loaded. It works across all devices on your network and follows your team when they are working remotely. It does not require any action from your staff and does not depend on them knowing what to avoid. Q: What is device hardening and why does it matter? A: Device hardening means applying a recognised security baseline to every device in your business by disabling services that do not need to be running, restricting who can make administrative changes to the machine, enforcing strong login and password policies, and controlling what can be connected via USB or removable media. Out-of-the-box device settings from manufacturers are not optimised for security. Hardening closes a range of vulnerabilities that attackers commonly exploit, and it maps directly to the Cyber Essentials technical controls for secure configuration. Q: What is full-disk encryption and do I need it? A: Full-disk encryption means encrypting the entire contents of a device's storage so that the data is unreadable without the encryption key. If a laptop is lost or stolen, full-disk encryption is what prevents the data on it from being read by whoever finds it. It is a GDPR requirement for businesses handling personal data, a Cyber Essentials control, and standard practice in any properly managed IT environment. We enforce BitLocker on Windows and FileVault on macOS, with recovery keys held centrally. Q: What is vulnerability scanning and how is it different from a one-off security assessment? A: A security assessment is a point-in-time review of your IT environment. Vulnerability scanning is continuous. We run automated internal and external scans across your network and devices on an ongoing basis, checking for unpatched software, misconfigured settings, exposed network ports, and known vulnerabilities across all connected devices and network equipment. When an issue is found, it is raised as a helpdesk ticket and resolved. Every quarter we produce a written report summarising what was found and what was addressed. Q: Do you offer penetration testing? A: Yes. CREST-certified penetration testing is available as an additional service for businesses that want independent, audited assurance of their security posture beyond what continuous vulnerability scanning provides. A penetration test involves an accredited tester actively attempting to break into your network to find vulnerabilities that might not be visible through automated scanning alone. CREST is the UK accreditation body for penetration testing, and using a CREST-certified provider means the test meets a recognised professional standard. Q: What is the difference between Cyber Essentials and Cyber Essentials Plus? A: Cyber Essentials is a self-assessed certification: you complete an online questionnaire and, if your answers demonstrate compliance, a certifying body awards the certificate. Cyber Essentials Plus is independently verified: a qualified assessor actually tests your systems to confirm the controls are in place and working, rather than relying on self-declaration. Cyber Essentials Plus carries more weight with clients and insurers who want audited assurance rather than self-certification. Network Fish supports clients through both levels. Q: How is Network Fish's cyber security different from buying a security product ourselves? A: Buying a security product gives you the software. It does not give you anyone monitoring it, updating it, responding when it alerts, or ensuring it is correctly configured. A security product that is installed but not monitored, updated, or correctly configured provides significantly less protection than its specifications suggest. Network Fish deploys, configures, monitors, and manages every security control as an active, managed service. When a threat is detected, we respond. When a definition update fails, we know. When a device drops off the monitoring console, we investigate. The difference is between having a security product and having security. --- URL: https://networkfish.com/dns-security Description: DNS security services in London for SMEs. Network Fish blocks malicious sites before they load, protecting every device on and off the office network. # DNS filtering: stopping threats before they load. Every time someone clicks a link, opens a website, or follows an email attachment to a download page, their device makes a DNS request — essentially asking "where do I find this?" before it connects to anything. DNS filtering inspects that request and blocks the connection if the destination is known to be malicious, before any content loads. ### Frequently Asked Questions Q: What is DNS filtering? A: DNS filtering is a security control that inspects DNS requests — the lookups a device makes before connecting to any website — and blocks access to known malicious domains before a connection is established. It works at the network level, stopping threats such as phishing sites, malware distribution domains, and command-and-control infrastructure before any content loads in the browser. Q: Does DNS filtering work on all devices? A: Coverage depends on the device operating system. Windows devices receive full agent-based DNS filtering that follows the device wherever it is used, including off your office network. macOS and Linux devices are covered by network-level filtering while connected to your office network. If your business has a mixed-device estate, we will discuss the most appropriate approach for full coverage as part of your site survey. Q: Is DNS filtering the same as a firewall? A: No, though they work together. A firewall controls what traffic is allowed to enter and leave your network based on rules around ports, protocols, and IP addresses. DNS filtering specifically inspects domain name lookups and blocks access to known malicious or inappropriate domains before a connection is made. Both are part of a layered network security approach, and we configure and manage both as part of a comprehensive security setup. Q: Can DNS filtering stop phishing attacks? A: DNS filtering significantly reduces the risk from phishing. If a member of staff clicks a malicious link in a phishing email, DNS filtering can block the connection to the malicious destination before the fake login page or malware download loads, even if the email itself got past email filtering. It is one of several layers we deploy specifically because no single control catches every phishing attempt. Q: Does DNS filtering protect remote workers? A: For Windows devices, yes. Agent-based DNS filtering follows the device wherever it connects to the internet, providing the same level of protection whether someone is in the office, working from home, or travelling. For macOS and Linux devices, off-network protection is more limited and is addressed on a case-by-case basis depending on the makeup of your device estate. Q: Is DNS filtering included in a Network Fish managed support contract? A: Yes. DNS filtering is included as part of the security stack we deploy and manage for all Network Fish managed support clients, alongside antivirus, advanced threat detection, multi-factor authentication, and device hardening. There is no separate product or licence to purchase. --- URL: https://networkfish.com/antivirus-security Description: Managed antivirus and endpoint security in London. Network Fish deploys and monitors antivirus and EDR across every device, included in your monthly IT support fee. # Antivirus that's managed, not just installed. Installing antivirus software is not the same as having antivirus protection. ### Frequently Asked Questions Q: Is antivirus enough to protect my business? A: Antivirus is an essential layer of protection but it is not sufficient on its own. Traditional antivirus detects threats it already recognises by comparing files and processes against a database of known malicious signatures. It cannot detect threats it has never seen before, including new ransomware variants and zero-day attacks. For complete protection, antivirus should be combined with endpoint detection and response (EDR), which monitors device behaviour rather than just known signatures, alongside multi-factor authentication, automatic patching, DNS filtering, and machine hardening. Network Fish deploys and manages all of these layers as part of a managed support contract. Q: What antivirus software does Network Fish use? A: Network Fish deploys and manages Datto AV for Windows and macOS endpoints. Datto AV is part of the Kaseya 365 Endpoint platform and is managed centrally through our RMM toolstack, giving us real-time visibility of protection status across every device in your business. For businesses that want a higher level of threat detection, we also deploy Datto EDR alongside Datto AV, covering Windows, macOS, and Linux. Q: What is the difference between antivirus and EDR? A: Antivirus (AV) detects known threats by matching files and processes against a database of malicious signatures. If a threat is in the database, antivirus catches it. If it is a new or unknown threat, antivirus may miss it. Endpoint Detection and Response (EDR) works differently — it monitors how every device is behaving and detects suspicious activity regardless of whether the specific threat has been seen before. EDR can contain a threat automatically, isolating the affected device before the infection spreads. The two products work best together: antivirus handles known threats quickly and efficiently, EDR catches what antivirus misses. Q: What happens if antivirus detects a threat on one of our devices? A: For Network Fish managed support clients, a detected threat triggers an immediate alert in our management console. We investigate, assess the severity, contain the threat if it is active, and remove it from the affected device. This is handled as part of your managed support contract with no additional charge. We will also advise on whether other devices need to be checked and whether any wider investigation is warranted. Q: Do you manage antivirus on Macs as well as Windows computers? A: Yes. Datto AV covers both Windows and macOS devices. All managed devices, regardless of operating system, are monitored from the same central console. For Linux devices, we deploy Datto EDR, which provides equivalent threat detection and response coverage on Linux even though Datto AV itself does not currently support Linux. Q: What if our devices already have antivirus installed from a previous IT provider? A: We assess the existing setup during the free site survey or at onboarding. If a previous antivirus product is in place, we review its configuration, coverage, and management status. In most cases we migrate devices to Datto AV as part of onboarding, removing the previous product and deploying our managed solution centrally. If a device has been compromised or is running outdated definitions, we carry out a full clean-up before deploying fresh protection. Q: Can antivirus protect against ransomware? A: Yes, to a significant degree. Datto AV includes ransomware detection and provides a layer of protection against known ransomware variants. Datto EDR goes further: it detects ransomware-like behaviour, including mass file encryption activity, and can isolate the affected device automatically before the encryption spreads to other machines or shared drives. For the strongest ransomware protection, antivirus and EDR should be combined with proper backup and disaster recovery, so that even in a worst-case scenario, your data can be restored from a clean point before the infection. Q: Does antivirus help with Cyber Essentials certification? A: Yes. Malware protection is one of the five technical controls assessed under Cyber Essentials. To pass, you need to demonstrate that antivirus or equivalent malware protection is installed and actively managed on all devices in scope. We manage antivirus in a way that directly supports Cyber Essentials compliance, and for managed support clients, Cyber Essentials readiness support including the gap analysis and support through the certification process is included in your contract at no extra charge. Q: How often is antivirus updated? A: Datto AV definition updates are applied automatically as soon as new definitions are available, typically multiple times per day. We monitor update status centrally and are alerted if any device fails to receive an update within the expected window. You do not need to manage this, and your staff do not need to take any action. Q: Is antivirus managed centrally or does each user manage it on their own device? A: All antivirus management is handled centrally by Network Fish. Individual users do not need to run scans, check for updates, or take any action relating to antivirus on their devices. Everything is managed through our central console, which gives us full visibility of the protection status across your entire estate. This is one of the key differences between managed antivirus and simply installing antivirus software on each device individually. --- URL: https://networkfish.com/email-defence-services Description: Email defence services for London SMEs. Network Fish filters phishing, malware, and spam before it reaches your inbox, with SPF, DKIM, and DMARC enforced as standard. # Email Defence Services Email is the number one way attackers get in. We filter and block threats before they reach your team's inbox — not after. ### Frequently Asked Questions Q: What is email defence and why do I need it? A: Email defence is a layer of security that filters and blocks threats before they reach your team's inbox. Over 90% of cyberattacks start with an email, whether that is a phishing link, a malicious attachment, or a fake login page. Email defence services scan every inbound and outbound message automatically, blocking threats at the gateway before anyone in your business has the chance to click on something dangerous. Without it, your staff are the only line of defence against attacks that are specifically designed to look legitimate. Q: What is phishing and how does email defence protect against it? A: Phishing is an email designed to trick the recipient into clicking a malicious link, handing over login credentials, or transferring money. Phishing emails commonly impersonate banks, HMRC, Microsoft, suppliers, and senior colleagues. Modern phishing attacks are highly convincing and difficult to spot by eye. Our email defence service scans every inbound message for phishing indicators, including sender impersonation, suspicious links, and domain spoofing, and blocks or quarantines suspicious messages before they reach the inbox. Q: What is business email compromise and how common is it? A: Business email compromise, sometimes called BEC, is one of the fastest-growing and most financially damaging cyber threats to small businesses. It involves an attacker spoofing or hacking a senior employee's email address, then sending a convincing request to transfer money, change supplier bank details, or share sensitive information. The email looks like it comes from someone the recipient trusts. We protect against this by configuring sender authentication controls, specifically SPF, DKIM, and DMARC records, which make it significantly harder for attackers to impersonate your domain or your suppliers' domains. Q: What are SPF, DKIM, and DMARC? A: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) are three email authentication standards that work together to verify that an email claiming to come from your domain was actually sent by you. Without them, anyone can send an email that appears to come from your address. With them in place, receiving email servers can verify the email's origin and reject or flag messages that fail the check. We configure all three as part of our email defence service and check them regularly as part of ongoing domain monitoring. Q: Does email defence protect against malicious attachments? A: Yes. Every inbound email attachment is scanned automatically before it is delivered. Infected PDFs, Word documents with embedded macros, fake invoices, zip files containing ransomware, and other malicious file types are caught and quarantined before they reach your team. We also block specific high-risk file types from being delivered at all, reducing the risk of a dangerous attachment being opened accidentally. Q: What is outbound email filtering and why does it matter? A: Outbound filtering scans emails leaving your organisation as well as those arriving. If a device on your network is compromised and starts sending malicious or spammy emails without your knowledge, outbound filtering catches it before it damages your domain's sender reputation, gets your domain blacklisted, or spreads infection to clients and partners. A compromised email account sending spam is also a sign of a broader security incident that needs to be investigated immediately. Outbound filtering flags this automatically. Q: Does email defence work with Microsoft 365 and Google Workspace? A: Yes. Our email defence service integrates with Microsoft 365, including Exchange Online, and Google Workspace, including Gmail, as well as on-premise Microsoft Exchange. The security layer is configured at the platform level and works in the background without any changes needed on individual devices or by individual users. Q: Is email encryption included in email defence services? A: Yes. For businesses that handle sensitive information by email, we configure email encryption so that confidential messages are protected in transit between sender and recipient. Encryption can be triggered automatically based on the content of the message, the recipient, or applied manually by the sender. This is particularly relevant for businesses handling personal data, financial information, legal documents, or any other sensitive material that should not be readable if intercepted. Q: How is email defence different from the spam filter already built into Microsoft 365? A: Microsoft 365 includes a baseline level of spam and malware filtering, called Microsoft Defender for Office 365, but the default settings are not sufficient on their own. The built-in filtering needs to be configured correctly to be effective, and even then it benefits from additional layers. Our email defence service combines correct configuration of Microsoft's native tools with additional policies covering anti-phishing, safe links, safe attachments, and sender authentication, giving you a more comprehensive and correctly enforced level of protection than default Microsoft 365 settings provide. Q: Can email defence stop ransomware delivered by email? A: It significantly reduces the risk. Ransomware is frequently delivered via email, either as a malicious attachment or a link to a download. Our email defence service scans attachments, checks links, blocks dangerous file types, and quarantines suspicious messages before they reach the inbox. No email filtering is 100% effective, which is why we combine it with endpoint protection, web-level threat blocking via DNS filtering, and automatic patching. Multiple overlapping layers of protection ensure that if something gets through one control, others are in place to catch it. Q: Is email defence included in a Network Fish managed support contract? A: Email defence configuration and ongoing management is included for managed support clients as part of the security stack we deploy and maintain. This covers the configuration of anti-phishing, safe links, safe attachment, and outbound filtering policies within your Microsoft 365 or Google Workspace environment, as well as SPF, DKIM, and DMARC configuration for your domain. If you require a dedicated third-party email security gateway in addition to platform-level filtering, this can be quoted as an additional service following a free site survey. Q: What should I do if a phishing email gets through to my team? A: Report it immediately. In Microsoft 365, users can report suspicious emails directly using the Report Message button in Outlook, which sends it to Microsoft for analysis and helps improve filtering. You should also notify your IT support provider so they can investigate whether anyone clicked any links or attachments, check for signs of account compromise, and tighten filtering rules to prevent similar messages getting through in future. Network Fish clients should call our helpdesk immediately if a suspected phishing email is reported by a member of staff, so we can assess and respond quickly. --- URL: https://networkfish.com/encryption-service Description: Encryption services for London businesses. Full-disk encryption, email encryption, and GDPR-compliant data protection, managed by Network Fish as part of your IT support. # Encryption: protecting your data even when something goes wrong. Encryption makes your data unreadable to anyone who does not have the right key to unlock it. If a laptop is lost, if an email is intercepted, or if a hard drive is removed from a stolen device, encryption is what stands between an attacker and your actual data. ### Frequently Asked Questions Q: What is full-disk encryption and why does my business need it? A: Full-disk encryption protects the entire contents of a device hard drive by making it unreadable without the correct encryption key. If a laptop is lost or stolen, full-disk encryption prevents the data on it from being read by whoever finds it, even if they remove the hard drive and try to access it on another machine. It is a requirement for GDPR compliance for any business handling personal data, and a Cyber Essentials technical control. We enforce BitLocker on Windows and FileVault on macOS as standard for managed support clients. Q: Does encryption slow down my computer? A: No, modern full-disk encryption has minimal performance impact on current hardware. Both BitLocker and FileVault are designed to run in the background without any noticeable effect on day-to-day use. Q: What happens if a user forgets their password on an encrypted device? A: Encryption keys are held centrally by Network Fish, so access can always be recovered. If a user forgets their password or a device needs to be unlocked for a legitimate business reason, we can assist with recovery without the data being lost or permanently inaccessible. Q: What is email encryption and when do I need it? A: Email encryption protects the content of a message so that it cannot be read by anyone who intercepts it in transit — only the intended recipient can decrypt and read it. It is particularly important for emails containing financial information, personal data, legal documents, or any other sensitive content. We configure email encryption within your existing Microsoft 365 or Google Workspace environment, either applied automatically based on content or recipient, or triggered manually by the sender. Q: Is encryption required for Cyber Essentials certification? A: Encryption supports several of the Cyber Essentials technical controls, particularly around secure configuration and data protection. While Cyber Essentials does not mandate a specific encryption standard, having full-disk encryption in place on all devices is widely regarded as essential good practice and will be assessed as part of your overall security posture during certification. Q: Is encryption included in a Network Fish managed support contract? A: Yes. Full-disk encryption and email encryption are included as standard for Network Fish managed support clients, configured and managed as part of your overall security stack. There is no separate product to purchase or manage yourself. --- URL: https://networkfish.com/cybersecurity-awareness-training Description: Cybersecurity awareness training and phishing simulations offered by Network Fish to reduce the risk of staff falling for phishing and social engineering attacks. # Cybersecurity awareness training for your team. The most sophisticated security stack in the world can be undone by one person clicking one link. Awareness training gives your team the knowledge to make the right decision in that moment. ### Frequently Asked Questions Q: What is cybersecurity awareness training? A: Cybersecurity awareness training teaches your team how to recognise and respond to common cyber threats, particularly phishing emails, social engineering attempts, and unsafe practices like weak passwords or insecure file sharing. It complements technical security controls by reducing the risk of an attack succeeding because someone clicked a malicious link or shared information they shouldn't have. Q: What is a phishing simulation? A: A phishing simulation is a safe, controlled test email sent to your team that mimics a real phishing attempt. If someone clicks the link or interacts with the email, they are shown immediately what they missed and given guidance on what to look out for next time. There is no real risk involved — it's a learning exercise. Over time, simulations help build genuine awareness across your team and give you visibility of where additional training may be needed. Q: How often should security awareness training happen? A: Shorter, more frequent training sessions are generally more effective than a single long annual session, since regular, focused content is more likely to be retained and applied. We typically recommend ongoing, periodic training combined with regular phishing simulations, rather than a one-off course that is forgotten within weeks. Q: Why is awareness training necessary if we already have email filtering and antivirus? A: Technical controls like email filtering, DNS filtering, and antivirus stop the large majority of threats before they ever reach your team. But the most sophisticated attacks are specifically designed to look legitimate and can sometimes get past technical filters. Awareness training is the layer that helps your team recognise and respond correctly to the small number of threats that do get through, working alongside your technical security stack rather than replacing it. Q: Does awareness training help with Cyber Essentials certification? A: While Cyber Essentials does not mandate formal staff training as one of its five core technical controls, having documented evidence of security awareness training and phishing simulation results strengthens your overall security posture and is increasingly expected by insurers, clients, and partners conducting due diligence. It demonstrates a genuinely proactive approach to security beyond the minimum technical requirements. Q: What topics does the training cover? A: Training typically covers recognising phishing emails, safe password practices, secure use of email and file sharing, recognising social engineering attempts (including phone-based attacks, sometimes called vishing), and what to do if something looks suspicious or a mistake has already been made. Content is tailored to your business and team. Q: What happens if someone on our team clicks a simulated phishing link? A: Nothing punitive. They are shown immediately what they missed and given clear guidance on what to look for next time. The goal is learning, not blame. Genuine improvement comes from people feeling comfortable reporting mistakes and near-misses, not from being made to feel bad about them. Q: Is awareness training included in a Network Fish managed support contract? A: Cybersecurity awareness training, including phishing simulations, is available for managed support clients. Speak to us about including it as part of your contract alongside your existing security and IT support services. --- URL: https://networkfish.com/microsoft-365/ Description: Microsoft 365 support for London SMEs. Licensing, setup, security, and backup managed by one team. Network Fish, est. 2002. # Microsoft 365 support for London businesses. Licensing, setup, security, and backup — managed by one team, included in your fixed monthly fee. No dealing with Microsoft directly. No gaps between providers. Microsoft 365 is the productivity and communications platform used by the majority of London SMEs. For most businesses, it is where their email lives, where their files are stored, and where their team communicates. Managing it properly — getting licences right, keeping security configured, ensuring data is backed up — is not optional. It is the foundation of how the business runs. ## Microsoft 365 services Three distinct Microsoft 365 services, most managed support clients take all three: Business Support: licensing procurement and management, user and mailbox administration, Teams and SharePoint configuration, and helpdesk support for everything Microsoft 365 related. See: https://networkfish.com/microsoft-365-business-support/ Security Management: MFA enforcement, anti-phishing policies, conditional access, safe link scanning, and ongoing monitoring via Microsoft Secure Score. The security tools are in your licence — we make sure they're switched on and properly configured. See: https://networkfish.com/microsoft-365-security/ Backup and Disaster Recovery: Microsoft does not back up your data. We deploy a third-party backup covering email, SharePoint, OneDrive, and Teams, with granular restore and independent retention. See: https://networkfish.com/microsoft-365-disaster-recovery/ ## Why SMEs need a specialist Microsoft partner Licensing done properly: we procure licences at the right tier, manage them as your team changes, and ensure you're not paying for seats you're not using. Security that is actually on: many Microsoft 365 subscriptions include sophisticated security tooling that is never enabled — Defender for Business, Intune, conditional access, anti-phishing policies. We configure them properly and monitor them on an ongoing basis. Device management is part of how we keep your M365 environment secure. Through Microsoft Intune, Network Fish can enforce encryption on laptops and mobile devices, apply conditional access policies so only compliant devices can reach your data, and remotely wipe a device if it is lost or stolen. Backup that works when you need it: Microsoft 365 retains deleted items for limited periods, but it is not a backup service. We deploy independent third-party backup with granular restore. One team for everything: one number to call when something goes wrong with email, SharePoint, or Teams. We manage the relationship with Microsoft on your behalf and take responsibility for the outcome. Teams Phone and Operator Connect: Microsoft 365 can replace your traditional phone system entirely. Teams Phone lets your team make and receive calls through the Teams app on any device, with your existing business number. Through Operator Connect, a UK telephony provider connects directly to your Microsoft tenant — no on-premises hardware required. Network Fish can design and implement a Teams Phone setup, including auto attendants, call queues, and out-of-hours routing. Microsoft 365 Copilot: Copilot is Microsoft's AI assistant, built into the M365 applications your team already uses — Word, Excel, Outlook, Teams, and more. It can draft emails, summarise meetings, generate reports, and answer questions about your own business data. Copilot requires a Microsoft 365 Copilot licence on top of your existing subscription, and it works best when your M365 environment is well-configured. Network Fish can assess whether your current setup is ready for Copilot and advise on whether the investment makes sense for your business. ## Part of a broader managed support contract For most Network Fish clients, Microsoft 365 support sits inside a broader managed IT contract covering their entire environment — devices, networking, cloud services, helpdesk, and security. Everything managed by one team, under one monthly fee. --- URL: https://networkfish.com/microsoft-365-security Description: Microsoft 365 security management for London businesses. MFA enforcement, admin account separation, conditional access, and ongoing security hardening — all managed by Network Fish. # Microsoft 365 Security Microsoft 365 is not as secure as you think. Most businesses have never switched on the security features included in their licence. We configure, enforce, and monitor them so you don't have to think about it. ### Frequently Asked Questions Q: Is Microsoft 365 secure by default? A: No. Microsoft 365 provides the security tools but does not switch them on by default. Multi-factor authentication, anti-phishing policies, safe links, safe attachments, and device compliance controls all need to be configured before they protect anything. Most businesses running Microsoft 365 have never had these settings reviewed, which means they are paying for security features that are not working. Q: Does Microsoft back up my email and SharePoint data? A: No. Microsoft keeps your data available but does not back it up. Their terms and conditions state this explicitly and recommend using a third-party backup tool. If a file is deleted, an email account is removed, or ransomware encrypts your SharePoint, Microsoft's native recycle bin gives you a recovery window of 14 to 93 days depending on the application. After that window closes, the data is permanently gone. Network Fish puts proper third-party backup in place for Microsoft 365 as part of our managed support service. Q: What is multi-factor authentication and do I need it on Microsoft 365? A: Multi-factor authentication (MFA) means requiring a second verification step when someone logs into an account, usually a code sent to a phone or generated by an app, in addition to their password. Yes, you need it. Microsoft's own data shows MFA blocks over 99% of automated account takeover attempts. It is included in every Microsoft 365 plan at no extra cost but is not enforced by default. We switch it on across every user account as a standard part of our Microsoft 365 security configuration. Q: What is Microsoft Secure Score? A: Microsoft Secure Score is a running measure inside the Microsoft Defender portal that scores how well your Microsoft 365 environment is configured against security best practices. A higher score means more security controls are in place and correctly configured. Network Fish reviews your Secure Score regularly, identifies the highest-impact improvements, and works through them systematically. You receive a straightforward report on where you stand and what has changed. Q: What is conditional access in Microsoft 365? A: Conditional access is a Microsoft 365 feature that controls who can log into your environment, from where, and on which devices. For example, a login attempt from an unexpected country, an unmanaged personal device, or outside your normal working hours can be blocked automatically without anyone making a manual decision. We configure conditional access policies as part of our Microsoft 365 security management service. Q: What happens if a member of staff leaves and still has access to Microsoft 365? A: An account that is not properly deprovisioned when someone leaves is a significant security risk. The former employee may still be able to access company email, SharePoint files, Teams conversations, and any other Microsoft 365 data until their account is removed. We handle user offboarding as a standard part of our managed support service, ensuring accounts are disabled, data is handled correctly, licences are reallocated, and shared inbox and group access is reviewed as part of every leaver process. Q: What is the difference between Microsoft Defender for Business and Microsoft Defender for Office? A: Microsoft Defender for Office is included in most Microsoft 365 business plans and focuses on email security, covering anti-spam, anti-phishing, and basic malware filtering for email and Office files. Microsoft Defender for Business is available on Microsoft 365 Business Premium and above and extends protection to the devices themselves, covering endpoint detection and response, automated investigation, and vulnerability management across the computers and laptops in your organisation. Network Fish configures and manages both as part of our Microsoft 365 security service, depending on which plan you are on. Q: Do personal devices accessing Microsoft 365 create a security risk? A: Yes. If a member of staff accesses company email or SharePoint from a personal phone or laptop that is unmanaged, unencrypted, or running out-of-date software, your data is exposed regardless of how well your Microsoft 365 tenant is configured. We use device compliance policies to ensure that only devices meeting your security baseline can access company data, which is also a requirement for Cyber Essentials certification. Q: Is Microsoft 365 security configuration included in a Network Fish managed support contract? A: Yes. For clients on a full managed support contract, Microsoft 365 security configuration and ongoing management is included at no extra charge. This covers the initial configuration of security controls, enforcement of multi-factor authentication, anti-phishing and email protection policies, regular Secure Score reviews, and ongoing management of user accounts including onboarding and offboarding. The only costs not included are Microsoft licence fees themselves, which are charged directly by Microsoft or via your existing reseller arrangement. Q: Does Microsoft 365 security help with Cyber Essentials certification? A: Yes, significantly. Several of the five Cyber Essentials technical controls map directly to Microsoft 365 configuration: secure device configuration, user access controls, malware protection, and patch management all have Microsoft 365 equivalents. Getting your Microsoft 365 environment properly configured is one of the most effective steps a business can take towards passing a Cyber Essentials assessment. For managed support clients, Cyber Essentials readiness support is included in the contract. --- URL: https://networkfish.com/microsoft-365-business-support Description: Microsoft 365 Support in London for SMEs. Licensing, setup, security hardening, and ongoing support from Network Fish. One team for everything in your Microsoft 365 environment. # Microsoft 365 business support. Microsoft 365 brings together email, file storage, Teams, and the Office apps your business runs on. Getting genuine value from it depends on the right licence, correct configuration, ongoing administration, and support when something goes wrong. We manage all of it as one service. ### Frequently Asked Questions Q: Which Microsoft 365 licence is right for my business? A: This depends on how your team works. Microsoft 365 Apps for Business suits users who mainly need the desktop Office apps. Business Basic suits users who primarily need cloud collaboration tools like Teams and SharePoint without the full desktop apps. Business Standard combines both. Business Premium adds device management and information protection, useful for businesses with stronger security or compliance requirements. We assess your team and recommend the right mix, which is often a combination of tiers across different users rather than one licence for everyone. Q: Does Microsoft 365 back up my data? A: No. Microsoft 365 keeps your data available but does not back it up in the way most businesses assume. We provide dedicated third-party backup for Microsoft 365 as part of our service. See our Microsoft 365 disaster recovery page for full detail on what this covers. Q: What is the difference between Office 365 and Microsoft 365? A: Office 365 was Microsoft's original name for its cloud productivity suite. It was rebranded to Microsoft 365 as the offering expanded beyond the core Office apps to include additional services such as device management and security tools, depending on licence tier. The two names are sometimes still used interchangeably, but Microsoft 365 is the current branding. Q: Can you manage our Microsoft 365 security settings? A: Yes. We apply security hardening across your Microsoft 365 environment as standard, including multi-factor authentication, conditional access policies, secure admin accounts, and regular security reviews using Microsoft's own Secure Score as a benchmark. Q: Is Microsoft 365 helpdesk support included in a managed support contract? A: Yes. Day-to-day Microsoft 365 support — covering Outlook, Teams, SharePoint, password resets, and general issues — is handled through your standard helpdesk as part of your managed support contract, at no additional charge. Q: Can you help us migrate from a different email or collaboration platform to Microsoft 365? A: Yes. We handle Microsoft 365 migrations, including planning the move, configuring the new environment, and managing the transition for your team, as part of our Microsoft 365 business support service. --- URL: https://networkfish.com/sharepoint-support-and-management Description: SharePoint support and management for London businesses. Network Fish handles migrations, permissions, integrations, and ongoing administration as part of your managed IT support. # SharePoint support and management. SharePoint is genuinely powerful. Left unmanaged, it's one of the easiest Microsoft 365 tools to turn into a mess. We configure, manage, and support SharePoint properly, so it works the way it is supposed to. ### Frequently Asked Questions Q: What does SharePoint support and management include? A: SharePoint support and management covers initial setup and site structure, ongoing technical support, permissions and access management, user training, Microsoft Teams integration, and reorganisation or migration if your current setup has become disorganised. We manage this as part of your broader Microsoft 365 administration. Q: Why does SharePoint become disorganised over time? A: SharePoint is flexible by design, which means without active management, document libraries accumulate clutter, permissions are granted and never reviewed, and different teams set things up inconsistently. Over time this makes the platform harder to navigate and creates genuine security risk from access that should have been removed. Proper ongoing management prevents this. Q: Can you help reorganise our existing SharePoint if it has become a mess? A: Yes. We regularly help businesses reorganise an existing SharePoint environment that has become difficult to navigate, including restructuring document libraries, cleaning up permissions, and migrating content to a cleaner structure where needed. Q: How does SharePoint relate to Microsoft Teams? A: Every Microsoft Teams channel has a SharePoint document library behind it. When you share a file in Teams, it is actually being stored in SharePoint. Properly configuring this integration means files end up organised in the right place rather than scattered across personal OneDrive folders or lost in individual Teams channels. We configure and manage this as part of our SharePoint support. Q: Do you provide SharePoint training for our team? A: Yes. We provide training at whatever level is useful, from basic document handling and file sharing for general staff through to more advanced site and library management training for anyone who owns that responsibility within your business. Q: Is SharePoint support included in a Network Fish managed support contract? A: Yes. SharePoint support and management is included for managed support clients as part of your Microsoft 365 administration, alongside Exchange, Teams, and the rest of your Microsoft 365 environment. There is no separate product or additional charge. --- URL: https://networkfish.com/microsoft-teams-call Description: Microsoft Teams Calling for London businesses. One number, any device. Network Fish sets up and manages your complete Teams phone system — numbers, routing, and call handling included. # Microsoft Teams as your business phone system. If your business is already using Microsoft 365, there is a good chance you do not need a separate phone system at all. Microsoft Teams can replace your desk phones, your mobile forwarding setup, and your old PBX — with one phone number that works on a desktop, a laptop, a mobile app, or a desk handset, all managed from the same place as your email and Teams chat. ### Frequently Asked Questions Q: Can Microsoft Teams replace our office phone system? A: Yes, for most small and medium businesses. Microsoft Teams includes a full calling system that allows users to make and receive calls from a desktop, laptop, mobile app, or a Teams-certified desk phone, all using the same phone number. With the right licensing in place, it can fully replace a traditional desk phone system or PBX, with the added benefit of being managed from the same platform as your email and Teams chat. Q: What do we need to set up Teams calling? A: You need a Microsoft 365 plan that supports Teams, plus the appropriate calling licence — either a Microsoft Calling Plan or a direct routing connection through a third-party provider, depending on your requirements and any existing telecoms contracts. We assess the right approach for your business as part of the setup process and handle the licensing and configuration. Q: Can our team make and receive business calls from their mobile phones? A: Yes. With the appropriate Microsoft 365 calling plan, your team can make and receive calls using their business number from the Teams app on their mobile phone, from Outlook, or from a desktop. This means staff can take business calls wherever they are working without needing a separate mobile contract or carrying a second device. Q: What is an auto-attendant and do we need one? A: An auto-attendant is an automated phone menu that greets callers and routes them to the right person, department, or team — similar to "press 1 for sales, press 2 for support." It is useful for any business that receives calls from people who do not already know who they need to speak to. We configure auto-attendants and call queues as part of Teams calling setup for businesses that need this level of call routing. Q: Can we keep our existing phone number when moving to Teams calling? A: In most cases, yes. Existing phone numbers can usually be ported into Microsoft Teams calling, so your business does not need to change its published number when moving to the new system. We handle the number porting process as part of the migration. Q: Is Teams calling secure? A: Yes. Teams calling benefits from the same security controls as the rest of your Microsoft 365 environment, including multi-factor authentication and access controls. For businesses with compliance requirements, call recording is available on eligible Microsoft 365 plans (Business Premium, and A3, A5, E3, or E5), which we can configure as part of the setup. Q: Do we need new hardware to use Teams calling? A: Not necessarily. Many staff can use Teams calling entirely through their existing laptop and a headset, or through the Teams mobile app. For businesses that want dedicated desk phones, Microsoft Teams-certified handsets are available and we can advise on and configure suitable devices as part of the setup. Q: How does Teams calling compare to a traditional PBX or hosted VoIP system? A: A traditional PBX or hosted VoIP system is a separate platform your business has to manage independently of everything else. Teams calling sits inside Microsoft 365, which means call logs, voicemails, and user management are handled in the same admin centre as your email and SharePoint. For businesses already on Microsoft 365, consolidating telephony into the same platform typically reduces cost, reduces complexity, and makes it easier to onboard and offboard staff. Q: What happens to our phone system if someone is working from home? A: Nothing changes. Because Teams calling works through the Teams app on any internet-connected device, a staff member working from home makes and receives calls exactly as they would in the office — using the same business number, the same call routing, and the same voicemail setup. There is no need to divert calls to a mobile or set up call forwarding separately. Q: Is Teams calling included in a Network Fish managed support contract? A: Setup, configuration, and ongoing management of Microsoft Teams calling is available as part of a Network Fish managed support contract. Licensing costs for the Microsoft 365 calling plans themselves are billed according to your subscription. Speak to us about including Teams calling support as part of your contract. --- URL: https://networkfish.com/backup-and-disaster-recovery Description: Plain-English explanation of backup and disaster recovery terminology including RTO, RPO, DRaaS, and how to choose the right approach for your business. # Backup and disaster recovery: the key terms explained. Backup and disaster recovery covers how your business protects its data and keeps operating if something goes wrong. This page explains what the key terms actually mean, in plain English. ### Frequently Asked Questions Q: What is the difference between backup and disaster recovery? A: Backup means creating a copy of your data so it can be restored if lost or deleted. Disaster recovery is broader: a plan and set of tools for restoring your business's ability to operate after a serious incident. Backup protects your data; disaster recovery protects your business's ability to function. A complete plan includes backup as one part of a wider disaster recovery strategy. Q: What is RTO and RPO? A: RTO, Recovery Time Objective, is how long your business can afford to be without a system before the impact becomes serious. RPO, Recovery Point Objective, is how much data you can afford to lose, measured in time, based on how frequently backups run. Understanding your own RTO and RPO is the starting point for choosing the right backup and disaster recovery solution, since they determine how fast recovery needs to be and how frequently backups need to run. Q: Should my business use on-premise or cloud backup? A: Most businesses benefit from a combination of both. On-premise backup allows for fast local recovery but can be vulnerable to physical events affecting your premises, such as fire, flood, or theft. Cloud backup is stored offsite and protects against those physical risks, but recovery speed depends on your internet connection. Using both gives you the speed of local recovery for routine issues and the resilience of offsite storage for anything affecting your premises directly. Q: What is Disaster Recovery as a Service (DRaaS)? A: DRaaS is a managed service model where your backup, failover, and recovery capability is provided and managed by a third party, rather than built and maintained in-house. This is the model Network Fish provides: we design, deploy, monitor, and test your disaster recovery solution as part of your managed support contract, so you don't need in-house expertise to maintain it yourself. Q: How do I know what RTO and RPO my business needs? A: This depends on how costly downtime and data loss would actually be for your specific business. A business that can tolerate being without email for half a day has a very different requirement to one where even 15 minutes of downtime is seriously damaging. We assess this with you as part of a free site survey, looking at which systems are genuinely critical and designing a backup and recovery solution that matches the real requirement, rather than over- or under-protecting your business. --- URL: https://networkfish.com/server-backups Description: Managed server backup for London businesses. Three-tier backup with automated monitoring, immutable copies, and regular tested recovery, managed by Network Fish. # Server backup and disaster recovery. If your business runs an on-premise server, it needs a proper backup and disaster recovery plan. Not just a backup that runs — a backup that has actually been tested and verified. ### Frequently Asked Questions Q: What is the difference between backup, disaster recovery, and business continuity? A: Backup means copying your data so individual files and folders can be restored if lost or deleted, but recovering this way usually involves downtime while the issue is investigated and data is restored. Disaster recovery uses an image-based backup of your whole server, so the full system can be restored to a known working state. Business continuity is the highest level: your systems can be virtualised within minutes of a failure, so your business keeps operating with minimal disruption while the underlying issue is fixed in the background. We help you choose the right level of protection based on how costly downtime would genuinely be for your business. Q: How do I know if my current server backup is actually working? A: The only reliable way to know is to test it. A backup that completes successfully is not the same as a backup that can be restored — data can be incomplete, corrupted, or improperly captured without the backup process itself showing any error. We treat backup verification and testing as a standard part of server backup management, including automated checks and periodic recovery tests, rather than assuming a backup is working simply because it ran. Q: How often should server backups run? A: This depends on how much data your business can afford to lose if something goes wrong, sometimes referred to as your recovery point objective. For most SMEs, backups running at least daily are the baseline, with hourly or more frequent backups appropriate for businesses where losing even a few hours of data would be costly. We assess this as part of designing your backup plan. Q: Can server backup protect against ransomware? A: Yes, significantly. Modern backup solutions can detect ransomware-like behaviour — such as mass file encryption — within the backup data itself and allow a rollback to a clean recovery point from before the infection occurred. This is particularly important because ransomware attacks increasingly target backup systems directly, knowing that a business with a working backup has far less reason to pay a ransom. Q: Do I need both local and offsite backup copies? A: Yes, ideally. A local backup copy allows for fast recovery in the event of a routine failure. An offsite copy protects you if something happens to your physical premises — such as a fire, flood, or theft — that could destroy a local-only backup along with the original data. We maintain both as standard for server backup clients. Q: What happens if our server fails completely? A: This depends on the level of protection in place. With backup alone, the server would need to be rebuilt and data restored from the backup, which takes time. With disaster recovery, the full server image can be restored to replacement hardware more quickly. With business continuity-level protection, your systems can be virtualised within minutes, allowing your team to keep working while the physical server issue is resolved in the background, with data migrated back once it is fixed. Q: Is server backup included in a Network Fish managed support contract? A: Server backup is available for managed support clients as part of your service. We start with an audit of your current backup arrangement, identify any gaps, and design a backup and recovery solution suited to your business. Speak to us about including this as part of your contract. --- URL: https://networkfish.com/microsoft-365-disaster-recovery Description: Why Microsoft 365 does not back up your data, what native retention limits apply, and how Network Fish provides independent third-party backup for Exchange, SharePoint, OneDrive, and Teams. # Microsoft 365 Disaster Recovery Microsoft 365 does not back up your data. This is the single most important thing any business using Microsoft 365 needs to understand. ### Frequently Asked Questions Q: Does Microsoft 365 back up my data? A: No. Microsoft 365 keeps your data available and maintains the platform, but it does not back up your data in the way most businesses assume. Microsoft's terms and conditions state explicitly that data protection is the customer's responsibility and that Microsoft recommends using a third-party backup tool. Native retention periods for deleted email and SharePoint files range from 14 to 93 days depending on the application. Once those windows close, data deleted from Microsoft 365 is permanently unrecoverable without a third-party backup in place. Q: What happens to my Microsoft 365 data if I delete something by accident? A: If you delete an email, it moves to the Deleted Items folder, then to a Recoverable Items folder, and is permanently deleted after 14 to 30 days depending on your plan and configuration. If you delete a file from SharePoint or OneDrive, it goes to the recycle bin and is permanently deleted after 93 days. If the deletion is not discovered until after these windows have closed, Microsoft cannot recover the data. With a third-party backup in place, data can be recovered from any point within the backup retention period regardless of when Microsoft's own retention window expired. Q: What Microsoft 365 data does Network Fish back up? A: We back up all of the primary Microsoft 365 data types: Exchange Online mailboxes including email, contacts, and calendar items; SharePoint Online sites, document libraries, and lists; OneDrive for Business individual and shared drives; and Microsoft Teams data including chat history, channel messages, files, and meeting recordings. All are backed up to an independent location outside Microsoft's own infrastructure. Q: Can you restore a single email or file, or does it have to be everything? A: Granular restore is one of the key advantages of a proper third-party backup over Microsoft's native tools. We can restore a single email, a folder, an entire mailbox, a specific SharePoint file, a document library, or an entire SharePoint site, whichever level of recovery is needed. We handle the recovery process on your behalf. Q: Will Microsoft 365 backup protect me against ransomware? A: Yes, significantly. Ransomware that encrypts your SharePoint or OneDrive data is one of the scenarios Microsoft's native versioning and recycling bin cannot reliably address, because ransomware often works by overwriting or encrypting many versions simultaneously. A third-party backup captured independently of Microsoft's infrastructure gives you a clean recovery point from before the infection, without the limitations of Microsoft's version history. This is one of the strongest arguments for having proper backup in place even for businesses that consider themselves otherwise well protected. Q: How far back can I restore Microsoft 365 data? A: This depends on the retention period configured for your backup. We offer retention options of one year, three years, and longer depending on your requirements. Any point within the retention period can be used as a recovery point, so if a deletion or corruption is discovered weeks or months after it occurred, recovery is still possible as long as it falls within the backup window. Q: What happens to Microsoft 365 data when a member of staff leaves? A: When a Microsoft 365 licence is removed from a departing employee's account, their email, OneDrive files, and Teams data become inaccessible and will eventually be permanently deleted. Without a backup, this data may be unrecoverable if it is needed later for legal, compliance, or operational reasons. We manage the offboarding process for managed support clients, including preserving data from departing employees' accounts in accordance with your retention requirements before the licence is removed. Q: Is Microsoft 365 backup required for GDPR compliance? A: GDPR requires organisations to protect personal data from accidental loss, destruction, or damage, and to be able to restore access to personal data in a timely manner following a physical or technical incident. Relying solely on Microsoft's native retention features, which have fixed time limits and no granular restore capability, is unlikely to satisfy these requirements for most businesses. A properly configured third-party backup with appropriate retention periods significantly strengthens your GDPR data protection position. Q: How is a third-party Microsoft 365 backup different from Microsoft's own backup features? A: Microsoft's native features, including the Recoverable Items folder, SharePoint recycle bin, and version history, are designed for short-term recovery from accidental deletion within fixed time windows. They are not backups in the traditional sense. A third-party backup captures an independent copy of your data on a daily basis, stores it outside Microsoft's infrastructure, and provides granular point-in-time restore with configurable long-term retention. It also protects you if Microsoft itself experiences a service issue, since the backup exists independently of the Microsoft platform. Q: What is the difference between disaster recovery and backup for Microsoft 365? A: Backup means capturing and retaining copies of your data so that individual items, files, or mailboxes can be recovered when something is deleted or corrupted. Disaster recovery goes further — it covers the process of restoring your entire operational capability following a major incident, such as a cyberattack, a prolonged Microsoft outage, or a catastrophic data loss event. Microsoft 365 backup is the foundation of a disaster recovery plan for your cloud data. Network Fish can advise on the full disaster recovery picture for your business, covering both cloud and on-premise systems, as part of a free site survey. --- URL: https://networkfish.com/azure-services Description: Managed Azure services in London. Network Fish deploys and supports Azure Virtual Desktop, cloud storage, and hybrid infrastructure for London SMEs. # Azure Services Microsoft Azure support for London businesses. ### Frequently Asked Questions Q: What Azure services does Network Fish support for SMEs? A: Network Fish focuses on the three Azure services most relevant to London SMEs: Azure Virtual Desktop, which gives your team a managed cloud-based Windows desktop accessible from any device; Azure virtual machine management and backup, covering monitoring, patching, and independent offsite backup using Datto Backup for Microsoft Azure; and Microsoft Entra ID (formerly Azure Active Directory), the identity and access management platform behind Microsoft 365 and Azure. We do not offer generic Azure consultancy for large enterprise deployments — our focus is on the practical Azure services that make a real difference to small and medium-sized businesses. Q: What is Azure Virtual Desktop and is it right for my business? A: Azure Virtual Desktop is a Microsoft cloud service that delivers a full Windows desktop and applications to your team over the internet, from any device, without needing a physical office computer or a traditional VPN. It is particularly useful for businesses with remote or hybrid teams, multiple office locations, or staff who work from different devices. It is also a strong alternative to an on-premise server for businesses that want to reduce their reliance on physical hardware. Network Fish configures, deploys, and manages Azure Virtual Desktop environments for SME clients, including user profiles, application access, session hosts, and ongoing monitoring. Q: Does Azure back up my virtual machines? A: Azure provides its own backup and site replication tools, but these keep your data within Azure's own infrastructure. If Azure experiences a regional outage or service disruption, those tools may be unavailable at exactly the moment you need them. We use Datto Backup for Microsoft Azure (DBMA), which replicates your Azure VMs to an independent cloud outside of Azure entirely. This means your recovery options are not dependent on the platform that may have caused the problem in the first place. We manage the backup configuration, monitor completion, and handle any recovery requests on your behalf. Q: What is Microsoft Entra ID and why does it matter? A: Microsoft Entra ID, previously known as Azure Active Directory, is the identity and access management platform that underpins Microsoft 365, Azure, and most other Microsoft services. It controls who can log in to your systems, what they can access, from which devices, and under what conditions. Poorly configured Entra ID is one of the most common security gaps we find when auditing a new client's Microsoft environment — including former employees who still have active accounts, personal devices connecting to company data without security checks, and admin accounts with excessive permissions. We configure and manage Entra ID as part of our Microsoft 365 security service. Q: What happened to Azure Active Directory? A: Microsoft renamed Azure Active Directory to Microsoft Entra ID in 2023. The product is the same and serves the same purpose, controlling identity and access across Microsoft 365 and Azure environments. You may still see it referred to as Azure AD or AAD in older documentation and within some Microsoft admin portals, but Microsoft Entra ID is the current name. Network Fish manages Entra ID configuration and administration for managed support clients. Q: Can Azure Virtual Desktop replace our office server? A: For many SMEs, yes. If your on-premise server is primarily used to host a shared file store, run a line-of-business application, or provide remote access to a Windows environment, Azure Virtual Desktop can replace that function entirely, removing the need for physical server hardware, on-site maintenance, and the single point of failure that a physical server represents. We assess whether Azure Virtual Desktop is the right fit during a free site survey, and if it is, we handle the migration, configuration, and ongoing management. Q: Is Azure Virtual Desktop secure? A: Yes, when configured correctly. Azure Virtual Desktop sessions run in Microsoft's cloud, so your data does not sit on individual laptops or home computers. We configure multi-factor authentication for all Virtual Desktop users, apply conditional access policies so only compliant devices can connect, and manage session security settings as part of the ongoing service. All data remains within your Microsoft tenant and is subject to the same security controls as the rest of your Microsoft 365 environment. Q: Do I need a separate Azure support contract alongside my IT support? A: No. Network Fish manages Azure Virtual Desktop, Azure VM backup, and Microsoft Entra ID as part of your managed IT support contract. There is no separate Azure support relationship to set up or manage. Everything sits under your existing contract with us, with one point of contact and one monthly fee. Q: How do I know if my Azure environment is correctly configured? A: The most straightforward way is a free site survey. We review your Azure and Microsoft 365 environment as part of the survey, identifying misconfigured settings, inactive accounts, unmonitored virtual machines, and any gaps in backup coverage. We then provide a written report with specific findings and recommendations. There is no charge for the survey and no obligation to act on the findings with us. Q: What is the difference between Azure VM backup and Microsoft 365 backup? A: These are two separate backup requirements. Azure VM backup covers virtual machines hosted in Azure, which typically run servers, applications, or databases rather than individual user data. Microsoft 365 backup covers email, SharePoint, OneDrive, and Teams data belonging to your users. Both need independent third-party backup in place because neither Microsoft's native Azure tools nor Microsoft 365's native retention features constitute a proper backup. Network Fish manages both as part of our managed support service, using Datto Backup for Microsoft Azure for VM backup and a dedicated Microsoft 365 backup solution for user data. --- URL: https://networkfish.com/voip-app-voip-software Description: 3CX support for London businesses. Network Fish maintains existing 3CX deployments. Moving to Teams Calling? We can help with that too. # 3CX support for existing clients. If your business already runs on 3CX, we provide ongoing support, maintenance, and management for your existing system. For new phone system setups, our recommended solution is Microsoft Teams calling. ### Frequently Asked Questions Q: Does Network Fish still support 3CX phone systems? A: Yes, for existing clients already using 3CX. We provide ongoing maintenance, support, and management for current 3CX deployments. For new business phone system setups, our recommended solution is Microsoft Teams calling. Q: Should I move from 3CX to Microsoft Teams calling? A: If your business already uses Microsoft 365, moving to Teams calling consolidates your phone system into the same platform as your email and collaboration tools, with the benefit of shared security controls. If your existing 3CX system is working well, there is no requirement to change — we will continue supporting it. We can talk through the options for your specific business as part of a free site survey. Q: What does 3CX support from Network Fish include? A: Ongoing maintenance, troubleshooting, user and extension management, call queue and auto-attendant configuration, SIP trunk and number management, and keeping the system patched and securely configured. Q: Is 3CX support included in a managed support contract? A: 3CX support is available for existing clients as part of a managed support contract. Speak to us about including it if your business currently runs 3CX. --- URL: https://networkfish.com/managed-wi-fi-installation-for-flexible-office-spaces Description: Managed Wi-Fi and network installation in London. Enterprise-grade wireless, switches, and firewalls for London offices, set up and maintained by Network Fish. # Business Wi-Fi and network installation for London offices. A poorly designed office network is one of those problems that compounds quietly. Staff move to areas where the signal drops. Devices connect to the guest network instead of the staff network. Someone sets up a personal router under their desk. Security policies stop applying to half the office. ### Frequently Asked Questions Q: What does managed Wi-Fi mean for a business? A: Managed Wi-Fi means your wireless network is designed, installed, monitored, and maintained by a professional IT provider rather than left to self-manage. This includes proper access point placement for full coverage, network segmentation between staff and guest devices, security configuration, firmware updates, and ongoing monitoring so that connectivity issues are identified and resolved before they affect your team. Network Fish provides managed Wi-Fi for London businesses and flexible office spaces as part of our IT support service. Q: What is the difference between business Wi-Fi and a home or consumer router? A: Consumer routers are designed for home use, typically a small number of devices, light traffic, and no need for network segmentation or centralised management. Business-grade Wi-Fi uses enterprise access points that can handle many simultaneous connections, maintain performance under load, support multiple separate networks (staff, guest, IoT), and be managed centrally across multiple access points from a single console. They also support enterprise-grade security authentication rather than a simple shared password. For any office with more than a handful of users, a consumer router is not appropriate. Q: What is network segmentation and why does my business need it? A: Network segmentation means dividing your network into separate, isolated sections. The most common and most important separation for a business is between the staff network and the guest network. If a visitor or contractor connects their device to your network and that device is compromised, network segmentation prevents them from being able to reach your staff computers, servers, or cloud systems. Without segmentation, a compromised guest device has potential access to everything on the same network. Segmentation is also a requirement for Cyber Essentials certification. Q: Do you install the cabling and physical infrastructure as well as the Wi-Fi? A: Yes. We handle the full physical network infrastructure including structured cabling, patch panels, and switch installation, as well as the Wi-Fi access points. For a new office fit-out or a network upgrade, we design the full solution and manage the installation from end to end. We do not just drop in access points on an existing network that may have underlying infrastructure problems. Q: Can you manage Wi-Fi for a flexible office space or a building with multiple tenants? A: Yes. We have worked with flexible office spaces and multi-tenanted buildings in London since 2002. We design and manage shared infrastructure that keeps each tenant's network traffic isolated from others, with per-tenant access control, guest Wi-Fi with bandwidth management, and centralised monitoring across the whole building. Individual tenants can be added, moved, or removed without affecting the rest of the building. Q: What is a firewall and do I need one for my office? A: A firewall is a security device, either hardware or software, that sits between your internal network and the internet and controls what traffic is allowed to pass in each direction. It blocks unwanted inbound connections, prevents internal devices from communicating with known malicious addresses, and can alert on unusual traffic patterns. A properly configured firewall is a requirement for Cyber Essentials certification and is considered a basic security control for any business. We configure and manage business-grade firewalls as part of our network installation service. Q: What is a VPN and when do I need one? A: A VPN (Virtual Private Network) creates an encrypted connection between two points, typically between a remote worker's device and your office network, or between two office locations. It ensures that traffic passing over the public internet is not readable to anyone intercepting it. For businesses with remote or hybrid staff, or multiple office locations, a properly configured VPN is an important security control. We set up and manage VPN connections as part of our network installation and managed support service. Q: What is dedicated internet access and is it different from a standard broadband connection? A: Standard broadband connections are shared, meaning your bandwidth is shared with other users on the same local exchange, and your speed can vary depending on how many others are using the connection at the same time. Dedicated internet access provides a fixed, uncontended amount of bandwidth that is reserved solely for your business. It typically offers symmetric speeds and a higher level of reliability with a guaranteed uptime SLA. For businesses in multi-tenanted buildings or where internet reliability is critical, dedicated access is worth considering. We configure and manage dedicated internet connections as part of our network services. Q: Do you monitor the network after installation? A: Yes. We monitor your network continuously after installation, watching performance, connection quality, and hardware status across access points, switches, and firewalls. Firmware updates are applied as part of ongoing management. If something degrades or fails, we are alerted automatically and address it, usually before anyone in your business notices an issue. For managed support clients, network monitoring is included in your contract. Q: How do I know if my current office Wi-Fi is good enough? A: Common signs that your current Wi-Fi is not fit for purpose include: dead spots where signal drops in parts of the office; slow speeds when multiple people are connected; inability to reliably connect in meeting rooms; staff using their mobile data instead of the office Wi-Fi; no separation between staff and guest networks; and no visibility of who is connected or how the network is performing. We assess your current network setup as part of the free site survey and give you a written report with specific findings and recommendations. Q: Is Wi-Fi and network management included in a Network Fish managed support contract? A: Ongoing network monitoring and management is included for managed support clients. Wi-Fi and network installation projects are quoted separately based on the scope of the work and the size of your office, but once installed, the ongoing support, monitoring, and management of your network is covered as part of your existing managed support arrangement. --- URL: https://networkfish.com/networking/ Description: IT networking services for London SMEs. Structured cabling, Wi-Fi surveys and access point placement, firewall and router configuration, and ongoing network monitoring and management. Network Fish, est. 2002. # IT networking services for London businesses. As a network support company in London, Network Fish has been designing and maintaining business networks for SMEs across the city since 2002. The network is the physical layer everything else depends on — email, file sharing, cloud applications, remote access, and IP telephony all run on top of it. A well-designed network is invisible. A poorly designed one surfaces constantly as slow speeds, dropped connections, and problems nobody can diagnose because there is no monitoring in place. We install and manage networking infrastructure for London SMEs, from the structured cabling that runs through the walls to the firewall that sits at the perimeter. This is part of our broader managed IT support service. The network sits alongside helpdesk, security management, and Microsoft 365 administration under one fixed monthly fee. ## What we install and manage Structured cabling and physical installation: Cat6 data points installed to a patch panel, correctly trunked, labelled, and tested to standard. We design and install structured cabling to the correct standard, tested with a cable certifier, and fully documented so you know exactly what is where. Wi-Fi surveys and wireless networking: a Wi-Fi survey identifies dead spots, interference sources, and coverage gaps before access points are placed. We conduct site surveys and design access point placement for consistent coverage across the office, including meeting rooms and breakout areas. Devices like printers, door access systems, CCTV cameras, and smart building equipment should never sit on the same network segment as corporate data — Network Fish configures separate VLANs for IoT and guest devices as standard, keeping them isolated from business systems. Firewall and router configuration: we configure firewalls correctly for a business network, blocking unnecessary inbound access, applying content filtering, setting up secure VPN for remote access, and logging traffic for ongoing visibility. Firewall configuration is a direct control requirement for Cyber Essentials certification. Network Fish works with Cisco Meraki, Ubiquiti, and Fortinet across the full network stack — not just firewalls. That includes managed switches, wireless access points, and network controllers. These platforms give centralised visibility across your entire network from a single dashboard, which means faster fault diagnosis and consistent configuration across every site. Network monitoring and management: we deploy network monitoring across your switch fabric, access points, and firewall, with automatic alerting when something changes or fails. Network events are logged, reviewed, and addressed typically before anyone in the business notices. For businesses with more than one office, or those running most of their applications in the cloud, SD-WAN is worth considering. It prioritises business-critical traffic over your internet connection and can improve reliability and performance without expensive dedicated lines. Network Fish can advise on whether SD-WAN makes sense for your setup. ## Problems we solve Slow or dropping Wi-Fi: typically caused by too few access points, incorrect channel configuration, or interference from neighbouring networks. Outdated cabling: Cat5 or older infrastructure limiting speeds and causing marginal, intermittent connectivity that is difficult to trace. Unmanaged switches: switches with no VLAN configuration, no monitoring, and no traffic visibility. A security and performance problem, and a barrier to Cyber Essentials certification. No network monitoring: no visibility of which devices are connected, how the network is performing, or when hardware degrades or fails. Misconfigured firewalls: factory-default settings with open ports, no content filtering, and no VPN in place for remote staff. ## Ongoing network management Ongoing network management covers firmware updates for switches, access points, and firewalls; continuous monitoring with alerting on hardware failure or unexpected configuration change; VLAN and segmentation management; VPN management for remote and hybrid staff; and a single point of contact for any network-related issue. Network installation projects are quoted separately based on scope. Once installed, the ongoing monitoring, management, and support of the network is included as part of a Network Fish managed support contract at no extra charge. ### Frequently Asked Questions Q: What does IT networking support include? A: IT networking support from Network Fish covers the installation and ongoing management of your office network infrastructure. This includes structured cabling and physical data point installation, Wi-Fi access point placement and configuration, firewall and router setup and management, and continuous network monitoring across your switches, access points, and firewall. For managed support clients, network monitoring and management is included in your contract alongside helpdesk, security, and Microsoft 365 administration. Q: How do I know if my office network needs upgrading? A: Common signs that your network infrastructure needs attention include: inconsistent or slow Wi-Fi in parts of the office; staff using mobile data rather than the office Wi-Fi; video calls that drop or stutter under load; no visibility of which devices are connected or how the network is performing; and cabling that is more than ten years old and has never been tested or certified. We carry out a free site survey and provide a written report identifying any gaps and the most practical remediation steps. Q: Is network installation separate from a managed support contract? A: Yes. Network installation projects -- cabling, access point installation, firewall configuration -- are quoted separately based on the scope of the work. Once installed, the ongoing monitoring, management, and support of your network is included as part of a Network Fish managed support contract at no extra charge. The installation is a one-time project; the ongoing management is part of the monthly service. Q: What is the difference between a managed switch and an unmanaged switch? A: An unmanaged switch connects devices together on a network but cannot be configured, monitored, or controlled remotely. It provides no visibility into network activity and cannot support VLANs, which are needed to separate staff, guest, and IoT traffic. A managed switch can be configured with VLANs, monitored for faults and performance, updated with firmware, and centrally managed. For any business network that requires proper segmentation, security, and visibility, managed switches are the correct choice. Network segmentation is also a requirement for Cyber Essentials certification. --- URL: https://networkfish.com/cyber-essentials Description: Cyber Essentials and Cyber Essentials Plus certification support for London businesses, including pricing, timelines, and what the process involves. # Cyber Essentials certification A UK government-backed scheme that protects your business against the most common cyber attacks — and proves to customers, partners and regulators that you take security seriously. ### Frequently Asked Questions Q: What is Cyber Essentials certification and who needs it? A: Cyber Essentials is a UK Government-backed certification scheme that demonstrates an organisation has basic cyber security controls in place. It covers five technical areas: boundary firewalls, secure configuration, user access control, malware protection, and patch management. Any organisation that supplies the UK Government must hold Cyber Essentials certification. It is also increasingly required by local authorities, housing associations, NHS trusts, and large private sector businesses as a condition of supplier contracts. Cyber insurance policies increasingly reference it. Q: What is the difference between Cyber Essentials and Cyber Essentials Plus? A: Cyber Essentials is a self-assessed certification. The applicant completes a questionnaire confirming their controls meet the required standard, which is then verified by a certifying body. Cyber Essentials Plus includes everything in Cyber Essentials but adds an independent technical audit of the organisation's systems by an accredited assessor. Cyber Essentials Plus provides stronger assurance and is required for some higher-value government contracts and certain sectors including defence supply chain. Q: How long does it take to get Cyber Essentials certified? A: With Network Fish managing the process, most London SMEs achieve Cyber Essentials certification within two to four weeks of the initial gap assessment. The timeline depends on how many of the five technical controls require remediation before submission. Cyber Essentials Plus takes three to six weeks due to the additional independent technical audit. Both certifications must be renewed annually. Q: How much does Cyber Essentials certification cost? A: For Network Fish managed support clients, Cyber Essentials readiness is included as part of your contract at no extra charge. This covers the gap analysis against the five CE technical controls, hands-on remediation guidance, and support through the certification process end-to-end. The only additional cost is the certifying body fee — approximately £300 for Cyber Essentials — payable directly to the certifying body. Annual renewal is available from £300 + VAT per year. For businesses not on a managed support contract, Network Fish charges from £400 + VAT for a standalone Cyber Essentials gap assessment, and from £800 + VAT for full assisted certification including remediation guidance, for organisations with up to ten users. Cyber Essentials Plus starts from £1,200 + VAT. Certifying body fees for CE Plus are approximately £400 to £500, payable directly to the certifying body. Q: Can Cyber Essentials reduce cyber insurance premiums? A: Yes. Many UK cyber insurance providers offer reduced premiums to organisations that hold valid Cyber Essentials certification, because certification demonstrates that baseline security controls are in place. The reduction varies by insurer and policy, but businesses are encouraged to provide their certificate to their broker when renewing or taking out a cyber insurance policy. Network Fish can provide a Cyber Insurance Readiness Report as an optional add-on that addresses standard insurer technical questionnaires. Q: Does Cyber Essentials certification expire? A: Yes. Cyber Essentials certification is valid for twelve months and must be renewed annually. Network Fish offers an annual renewal service that includes a pre-renewal gap check, any remediation work required, questionnaire preparation, and submission management. Clients on a Complete Care support contract receive an annual Cyber Essentials gap check as part of their package. Q: What is the difference between a Cyber Essentials gap assessment and full certification? A: A gap assessment reviews an organisation's current IT environment against the five Cyber Essentials controls and produces a written report — RAG-rated Red, Amber, Green per control — identifying what needs to be fixed before the organisation can be certified. It does not result in a certificate. Full assisted certification includes the gap assessment, remediation of identified issues, preparation and submission of the certification questionnaire, and liaison with the certifying body through to the issue of the certificate. --- URL: https://networkfish.com/comprehensive-it-security-assessment Description: Free IT Security Assessment in London. A Network Fish IT support engineer checks your backups, MFA, antivirus, patching, and Cyber Essentials readiness. Written report, no obligation. # Comprehensive IT Security Assessment Find out exactly where your business is exposed. For free. ### Frequently Asked Questions Q: What is a comprehensive IT security assessment? A: A comprehensive IT security assessment is a structured review of your business's IT setup, carried out by a qualified engineer. It looks at the security and reliability of your systems including your backups, device encryption, antivirus coverage, login security, software patching, network configuration, and Cyber Essentials readiness. The result is a written report in plain English that tells you what is working, what is at risk, and what it would take to close the gaps. Q: How much does an IT security assessment cost? A: Network Fish offers a free IT security assessment, also called a free site survey, to any London business that wants one. A qualified engineer visits your office, carries out the review, and provides a written report at no charge and with no obligation to proceed further. For businesses not based in London or requiring a more in-depth standalone security engagement, please contact us to discuss options. Q: What does Network Fish check during a free IT security assessment? A: During the free site survey, we check whether your data is being backed up and whether those backups can actually be restored; whether your devices are encrypted so that a lost or stolen laptop cannot be read by a third party; whether antivirus is running and up to date on every device; whether two-step login (multi-factor authentication) is switched on across your accounts; whether your software and operating systems are being patched automatically; whether your network and Wi-Fi are correctly configured and segmented; and whether your business would currently pass a Cyber Essentials assessment. Q: How long does an IT security assessment take? A: A typical site survey takes between one and two hours depending on the size of your business and the number of devices and systems in scope. The written report is provided afterwards, usually within a few working days. Q: Do I need to prepare anything before the assessment? A: No significant preparation is needed. It helps if someone with basic knowledge of your IT setup is available during the visit, for example an office manager or the person who normally deals with IT questions. If you have an existing IT company, it is useful but not essential to have any recent reports or documentation they have provided. Q: Who should get an IT security assessment? A: An IT security assessment is useful for any London business, regardless of size or sector. It is particularly valuable if you have no IT support in place and want to understand where your risks are; if you have an existing IT company and want an independent second opinion ahead of contract renewal; if you have recently moved offices, changed staff, or migrated to cloud systems and want to confirm your setup is still secure; or if a client, insurer, or partner has asked whether you hold Cyber Essentials certification and you are not sure whether you would pass. Q: Will the assessment tell me if I need Cyber Essentials? A: Yes. Cyber Essentials readiness is one of the areas we specifically check during the site survey. We will tell you whether your current setup would pass the five Cyber Essentials technical controls, and if not, what would need to change. For Network Fish managed support clients, the gap analysis and support through the Cyber Essentials certification process are included in the contract at no extra charge. The only additional cost is the certifying body fee, currently around £300, paid directly to the certifying body. Q: Is there any obligation to sign up to a contract after the assessment? A: No. The assessment is genuinely free with no obligation. The written report is yours to keep and use however you choose, including taking it to another IT provider. Many businesses use it as a benchmark before a contract renewal, or simply to understand their current position before making any decisions. Q: What happens after the assessment? A: We provide a written report summarising what we found, what the risks are, and what we would recommend. If there are gaps we can address, we will explain what that would involve and what it would cost. If you are already well covered, we will tell you that too. There is no pressure to act on anything immediately, and no obligation to use Network Fish to address what we find. Q: Can Network Fish carry out a security assessment for a business outside London? A: Our free on-site survey is available to businesses in London, where our engineers are based. For businesses outside London, we can carry out a remote security assessment covering your cloud systems, Microsoft 365 or Google Workspace configuration, and device management setup. Please contact us to discuss what would be most useful for your specific situation. Q: How is a Network Fish security assessment different from a penetration test? A: A security assessment looks at the overall health and configuration of your IT systems, identifying known gaps, misconfigurations, and areas of risk. A penetration test (or pen test) goes further: it involves an accredited tester actively attempting to break into your network to find vulnerabilities that might not be visible through a configuration review alone. Network Fish offers CREST-certified penetration testing as an additional service for businesses that need that level of independent, audited assurance. Many businesses start with a security assessment and progress to a penetration test once the foundational gaps have been addressed. --- URL: https://networkfish.com/mobile-device-management Description: How Network Fish enrolls, secures, and centrally manages every device connecting to a London business, with remote wipe, encryption enforcement, policy management, and patch visibility included in managed support contracts. # Mobile device management for London businesses. Every device that connects to your business, secured, monitored, and managed centrally. ## What we configure and manage ### Device enrolment and inventory Every device that accesses your business systems is enrolled and visible in one place. We know what's connecting, who owns it, what OS version it's running, and whether it's compliant with your security policies. Devices that aren't enrolled can be blocked from accessing business data entirely. ### Encryption enforcement Full-disk encryption is enforced as a policy requirement, not a suggestion. BitLocker on Windows, FileVault on Mac. A device that isn't encrypted cannot access your business systems until it is. ### Remote wipe If a device is lost or stolen, we can wipe it immediately — before anyone else can access what's on it. This applies to both company-owned devices and personal devices enrolled for business access. For personal devices, the wipe is targeted to business data only, leaving personal content untouched. ### Security policy enforcement Screen lock requirements, minimum OS version, app installation restrictions, and passcode complexity are enforced centrally rather than trusted to individual users to configure themselves. A device that falls out of compliance is flagged automatically. ### Patch and OS management We monitor OS versions across your device estate and flag devices running outdated software. For managed devices, updates can be pushed centrally. This is one of the five technical controls assessed under Cyber Essentials. ### App management For businesses that need to control which applications are installed on company devices, we can manage approved app lists and prevent installation of unapproved software. ### Frequently Asked Questions Q: What is mobile device management? A: Mobile device management (MDM) is a system for centrally controlling, monitoring, and securing the devices that connect to your business systems — smartphones, tablets, and laptops. Rather than trusting individual users to configure their own security settings, MDM enforces consistent policies across every enrolled device and gives your IT support team the ability to act immediately if something goes wrong. Q: Does MDM cover personal devices as well as company-owned ones? A: Yes. MDM can be applied to both company-owned devices and personal devices that access business systems, a setup sometimes called BYOD (Bring Your Own Device). For personal devices, policies and remote wipe are typically scoped to business data only, leaving personal content untouched. We configure this boundary as part of setup. Q: What happens if a device is lost or stolen? A: We can remotely wipe the device immediately, removing access to business data before anyone else can reach it. For company-owned devices this is a full wipe. For personal devices enrolled under a BYOD policy, the wipe is targeted to the business data container only. Q: Does MDM affect what employees can do on their personal phones? A: Only within the business data container. A personal device enrolled for business access has MDM policies applied to the business email, apps, and data on that device, not to personal apps, photos, or messages. Employees retain full control over the personal side of their device. Q: Does this cover iPhones and Android devices as well as laptops? A: iOS devices (iPhones and iPads) are fully supported. Android MDM capability varies more by manufacturer and OS version, and we'll give you an honest assessment of what's covered for your specific device mix during a site survey. Windows laptops and PCs are fully covered as standard. Q: Is mobile device management included in the standard managed support contract? A: Core MDM capability — device enrolment, encryption enforcement, remote wipe, and policy management — is included as part of your managed support contract for covered device types. We'll confirm exactly what applies to your specific device estate as part of onboarding or a site survey. Q: How does MDM help with Cyber Essentials? A: Cyber Essentials assesses five technical controls, one of which is patch management, requiring that devices run supported, up-to-date operating systems and software. MDM gives us the visibility and control to enforce this across your device estate and flag anything that falls out of compliance, which is directly relevant to maintaining Cyber Essentials certification year on year. Q: What is the difference between MDM and the Mobility page? A: Our Mobility page covers the broader picture of how we secure remote and hybrid working — encrypted devices, VPN, DNS filtering, MFA, and Microsoft 365. This page covers the specific MDM tooling and policies that sit underneath that: device enrolment, compliance enforcement, app management, and remote wipe as a managed service. --- URL: https://networkfish.com/mobility Description: Mobile device management and mobility solutions for London SMEs. Network Fish secures smartphones, tablets, and remote working setups as part of your managed IT support. # Work from anywhere. Securely. Hybrid and remote working isn't a trend any more. It's how London businesses operate. The question isn't whether your team can work remotely. It's whether they can do it safely. ### Frequently Asked Questions Q: What does Network Fish do to support remote and hybrid workers? A: We make sure your team can work from anywhere without creating security gaps. This means enforcing multi-factor authentication on every account, deploying DNS filtering that follows devices off the office network, configuring VPN access for users who need it, managing mobile devices through MDM, and providing the same remote helpdesk support whether your staff are in the office, at home, or travelling. Q: Do remote workers get the same level of IT support as office-based staff? A: Yes. A member of staff working from home contacts the same helpdesk number and receives exactly the same remote support. An engineer connects to their device remotely in the same way, resolves the issue, and they are back working quickly. There is no difference in the service based on where someone is working. Q: How do you make sure remote devices are secure? A: We manage all devices centrally using our remote monitoring and management (RMM) platform, regardless of where they are located. This covers automatic patching, antivirus and threat detection, DNS filtering, full-disk encryption, and device health monitoring. If a device stops checking in or drops a security control, we are alerted and investigate. The protection follows the device, not the network. Q: Do you support mobile devices as well as laptops and desktops? A: Yes. We manage mobile devices including iPhones, iPads, and Android devices through mobile device management (MDM), which allows us to enforce security policies, configure email and app access, remotely wipe a lost or stolen device, and ensure personal devices accessing company data meet your security baseline. Q: What happens if a remote worker loses their laptop? A: Because full-disk encryption is enforced on all managed devices, the data on a lost or stolen laptop cannot be read by whoever finds it. We can also remotely lock or wipe the device through our management platform. We manage the incident from our end, including revoking account access and assisting with device replacement, so there is minimal disruption to the staff member and minimal risk to the business. Q: Is remote and hybrid working support included in a Network Fish managed support contract? A: Yes. Remote worker support, including helpdesk access, device monitoring, and security management for off-site devices, is included as standard in a Network Fish managed support contract. There is no additional charge for supporting staff who work from home or remotely. --- URL: https://networkfish.com/collaboration Description: Microsoft 365 collaboration tools for London businesses. Network Fish sets up and fully supports Teams, SharePoint, and OneDrive as part of your managed IT support. # Your team, working together. Properly set up. Most London businesses are already paying for collaboration tools. Microsoft 365 or Google Workspace, Teams or Meet, SharePoint or shared drives. The software is good. The problem is rarely the software. ### Frequently Asked Questions Q: What does Network Fish manage as part of collaboration support? A: We manage your Microsoft 365 or Google Workspace administration, Teams and SharePoint configuration, user onboarding and offboarding, backup for your cloud data, SaaS licence management, and multi-factor authentication across your collaboration platforms. The aim is that your team's tools are properly set up, secured, and backed up, not just installed and left to drift over time. Q: Does Microsoft 365 back up my email, SharePoint, and Teams data? A: No. Microsoft keeps your data available but does not back it up in the way most businesses assume. Their own terms recommend using a third-party backup tool. Native retention for deleted items ranges from 14 to 93 days depending on the application, after which the data is permanently unrecoverable. We put proper third-party backup in place for your collaboration data, covering email, SharePoint, OneDrive, and Teams. Q: What happens to a former employee's Microsoft 365 account when they leave? A: If offboarding isn't handled properly, a former employee's account, shared inbox access, and SharePoint permissions can remain active long after they've gone — a genuine security risk. We manage offboarding as a standard part of our service, removing access immediately, handling the data correctly, and making sure nothing falls through the gap. Q: Are we paying for Microsoft 365 or Google Workspace licences we don't need? A: It's common. People leave and licences stay active, or someone's role changes but they're still on the wrong tier. We review your licence allocation as part of our service and make sure you're paying for what you actually need, not what's accumulated over time by default. Q: Do you support both Microsoft 365 and Google Workspace? A: Yes. We manage and support both platforms, including administration, security configuration, onboarding and offboarding, and backup — whichever your business runs, or if you use a mix of both. Q: Why does Teams data need its own backup separate from SharePoint? A: Every Teams channel has a SharePoint document library behind it, but Teams also generates data SharePoint doesn't cover on its own — chat history, channel messages, and meeting recordings. A proper Microsoft 365 backup needs to capture Teams data specifically, not just the underlying SharePoint libraries, to fully protect what your team is actually using day to day. Q: Is multi-factor authentication enforced on our collaboration tools? A: Yes, as standard. Email accounts, SharePoint, and Teams are common targets for attackers because that's where your business data lives. We enforce MFA across every account on every collaboration platform you use, since a password alone is not considered sufficient protection. Q: Is collaboration support included in a managed support contract? A: Yes. Microsoft 365 or Google Workspace administration, Teams and SharePoint configuration, onboarding and offboarding, licence management, and MFA enforcement are all included for Network Fish managed support clients as part of your monthly fee. --- URL: https://networkfish.com/security Description: Managed IT security services in London for SMEs. Network Fish protects your business with layered security covering antivirus, EDR, DNS filtering, MFA, and patch management. All included in one monthly fee. # Cyber security that's already running before anything goes wrong. Most small businesses treat security reactively. Something goes wrong, they deal with it. The problem with that approach is that by the time you know something has gone wrong, the damage is already done. ### Frequently Asked Questions Q: What security measures does Network Fish include as standard? A: Every Network Fish managed support client receives a full, layered security stack as standard: managed antivirus, advanced threat detection (EDR), web-level threat blocking (DNS filtering), multi-factor authentication enforced across every account, device hardening, automatic patch management, and continuous vulnerability scanning. None of this is an optional add-on — it's included in your monthly fee. Q: What is the difference between antivirus and EDR? A: Antivirus catches threats it already recognises by matching files against a database of known malicious signatures. EDR (Endpoint Detection and Response) goes further, watching how devices behave and catching suspicious activity even when it doesn't match a known threat. We deploy both together. Q: Why do you enforce MFA on every account with no exceptions? A: A compromised account doesn't stay contained to one part of a business — it can be used to attack clients, suppliers, or other systems regardless of how sensitive that particular account first appeared. Multi-factor authentication remains the single most effective control against account takeover, and it's already included in most Microsoft 365 and Google Workspace licences. Q: What is DNS filtering and how does it fit into your security stack? A: DNS filtering blocks connections to known malicious websites before they load, stopping phishing links and malware sites whether they arrive by email, text, or any other route. For Windows devices, this protection follows you off the office network too. Q: Does your security stack protect against phishing specifically? A: Yes, through several layers working together: email filtering catches most phishing before it reaches the inbox, DNS filtering blocks malicious links that get through, MFA limits the damage if a password is compromised, and security awareness training helps your team recognise what technology alone can't catch. Q: What is vulnerability scanning and how often does it run? A: Vulnerability scanning is a continuous, automated check across your network and devices for unpatched software, misconfigured settings, and exposed ports — run regularly rather than as a one-off annual review. Issues are raised as helpdesk tickets and resolved, with a written report provided quarterly. Q: Does this security stack help with Cyber Essentials certification? A: Yes. The controls described here — malware protection, secure configuration, access control, and patch management — map directly onto the five technical controls assessed under Cyber Essentials. For managed support clients, the gap analysis and support through certification is included at no extra charge beyond the certifying body fee. Q: Is this security stack suitable for a small business, or is it built for larger companies? A: It's built specifically for SMEs. Every control described here is something we manage and monitor centrally, so you get enterprise-grade protection without needing an in-house security team or specialist knowledge. It's included in your managed support contract regardless of business size. --- URL: https://networkfish.com/refer-a-business Description: Referral scheme offering a £150 Marks and Spencer voucher for any business introduced to Network Fish that becomes a client. # Refer a business Know a business that would benefit from better IT? Refer them to Network Fish and we'll say thank you with a £150 Marks & Spencer voucher. # BLOG POSTS --- URL: https://networkfish.com/it-support-news/cyber-attacks-prepare-protect-your-business/ Description: Practical guidance on protecting a London SME from cyber attacks, covering phishing, ransomware, AI-generated threats, and the most effective defensive controls. # Cyber Attacks: Prepare & Protect Your Business ### Frequently Asked Questions Q: How common are cyber attacks against small businesses? A: Very common, and increasingly targeted specifically at smaller businesses. Verizon's 2025 Data Breach Investigations Report found ransomware involved in 88% of breaches at small and medium-sized businesses, compared with 39% at large enterprises — attackers favour smaller businesses because they typically have fewer defences in place. Q: How quickly do people click on phishing links? A: The median time for a user to click a phishing link is around 21 seconds after receiving it. This is far faster than any human-driven detection process can respond, which is why technical controls like email filtering and DNS-level blocking matter as much as staff training. Q: Has AI made phishing more dangerous? A: Yes, significantly. AI tools have cut the time needed to write a convincing phishing email from around 16 hours of manual effort to minutes, and have removed many of the spelling and grammar mistakes that used to make phishing easier to spot. The defence against this isn't a new category of tool — it's making sure the existing fundamentals (MFA, email filtering, DNS filtering, training) are properly in place. Q: Does staff training actually reduce phishing risk? A: Yes, but the approach matters. Untrained employees fail simulated phishing tests at a baseline rate of around 33%. With consistent, ongoing training rather than a single annual session, that figure can fall below 4% within 12 months for smaller organisations. Q: What's the single most effective thing a business can do to prevent cyber attacks? A: There isn't one single control that's sufficient alone — effective protection comes from layering several controls together: multi-factor authentication, managed antivirus and threat detection, email and DNS filtering, regular patching, and staff training. If forced to pick the highest-impact single control, multi-factor authentication is generally considered the most effective per pound spent, since it's included in most existing licences and blocks the vast majority of account takeover attempts. Q: Is Network Fish's cyber security service relevant for a very small business? A: Yes. Smaller businesses are now disproportionately targeted by attackers precisely because they're statistically less likely to have proper defences in place. The full security stack — antivirus, EDR, MFA, DNS filtering, email defence, patching, and backup — is included for every Network Fish managed support client regardless of business size. --- URL: https://networkfish.com/it-support-news/countdown-to-the-2025-telephone-switch-off-in-the-uk-are-you-ready/ Description: What the UK PSTN and ISDN switch-off means for London businesses, the new January 2027 deadline, and what to do if your phone system or other services rely on the old network. # The UK Telephone Switch Off: What Your Business Needs to Know ### Frequently Asked Questions Q: When is the UK PSTN and ISDN switch-off happening? A: The final nationwide deadline is 31 January 2027. The original target of December 2025 was extended industry-wide to allow for a smoother transition, particularly for vulnerable consumers and critical care users, but the new deadline is firm. Q: What is being switched off? A: The Public Switched Telephone Network (PSTN) and Integrated Services Digital Network (ISDN), the traditional infrastructure behind landline telephones and older business phone systems, are being retired and replaced by internet-based (all-IP) communication. Q: Does this affect more than just phone calls? A: Yes. Anything still connected through an old analogue or ISDN line, including some alarm systems, payment terminals, fax machines, and lift lines, will also be affected and needs an alternative arranged before the deadline. Q: What should our business move to instead? A: For most businesses already using Microsoft 365, Microsoft Teams calling is the natural replacement, consolidating your phone system into the same platform as your email and collaboration tools. We set this up and manage it as part of our service. Q: We already use 3CX, are we affected by the switch-off? A: 3CX already runs over IP rather than the old PSTN network, so existing 3CX deployments are not directly affected by the switch-off itself. We continue to support existing 3CX clients, though it's worth discussing whether moving to Teams calling would now suit your business better, particularly if you're already using Microsoft 365. Q: What should we do now to prepare? A: Review which parts of your business still rely on the old telephone network — landlines, alarm systems, payment terminals, or fax lines — and speak to the relevant providers about their specific migration timeline. If you need to move your phone system, get in touch and we can help you plan and set up Microsoft Teams calling well ahead of the deadline. --- URL: https://networkfish.com/it-support-news/10-reasons-to-create-a-disaster-recovery-plan/ Description: Why London SMEs need a disaster recovery plan, covering ransomware risk, the cost of downtime, human error, and how backup alone is not a complete solution. # 10 Reasons to Create a Disaster Recovery Plan ### Frequently Asked Questions Q: What is a disaster recovery plan? A: A disaster recovery plan is a set of policies, tools, and procedures designed to restore your business's ability to operate after a serious incident — a cyber attack, hardware failure, power outage, or human error. The goal is to get your business back to normal operation in as short a time as possible, with minimal data loss and disruption. Q: Why are small businesses more at risk from ransomware than large enterprises? A: According to Verizon's 2025 Data Breach Investigations Report, ransomware appeared in 88% of breaches affecting small and medium-sized businesses, compared with 39% at large enterprises. Attackers specifically target smaller businesses because they typically lack the layered defences, dedicated security teams, and tested recovery plans that larger organisations have in place, making them easier and more profitable targets. Q: Should we pay a ransom if our business is hit by ransomware? A: Increasingly, businesses are refusing to pay, with 64% of organisations declining in 2025, up from 50% two years earlier. However, refusing to pay is only a safe option if you have a tested, working backup and recovery plan already in place. Without one, refusing to pay simply means the data is permanently lost. This is exactly why a disaster recovery plan needs to be in place and tested before an incident happens, not decided in the moment. Q: How much does downtime actually cost a small business? A: Unplanned downtime now regularly costs organisations over $100,000 per incident when lost revenue, lost productivity, and recovery costs are accounted for, according to Uptime Institute research. For a typical SME, even a single day of significant disruption represents a meaningful financial hit, often disproportionately larger relative to a small business's overall revenue compared to a large enterprise. Q: Is human error really a major cause of IT disasters? A: Yes. Human error caused a major outage at nearly 40% of organisations in 2025, according to the Uptime Institute's Annual Outage Analysis Report, with the large majority of those incidents traced back to failure to follow procedures or flaws in the processes themselves. A proper disaster recovery plan accounts for human error as a realistic and common cause of incidents, not just external attacks. Q: Are AI-generated phishing emails making disaster recovery more important? A: Indirectly, yes. AI-generated phishing emails have become significantly more convincing, removing many of the spelling and grammar errors that used to make them easier to spot. As successful phishing attempts become more likely, the chance of a resulting ransomware infection or data breach increases, which makes having a tested recovery plan in place more important, not less. Q: What is the difference between having backups and having a disaster recovery plan? A: Backups are one component of a disaster recovery plan, but they are not the same thing. A disaster recovery plan includes backups alongside a clear, tested process for restoring your business's operations — who does what, how quickly systems come back online, and how data is recovered. A business can have backups running and still lack a genuine recovery plan if that process has never been defined or tested. Q: Does Network Fish help businesses create a disaster recovery plan? A: Yes. We help assess your current backup and recovery arrangements, identify gaps, and design a disaster recovery plan suited to your business, covering both on-premise systems and cloud platforms like Microsoft 365. See our Server Backups and Microsoft 365 Disaster Recovery pages for the specific services involved, or get in touch for a free site survey. --- URL: https://networkfish.com/it-support-news/microsoft-teams-calling-how-to-start-making-and-receiving-calls/ Description: A quick guide to making and receiving calls in Microsoft Teams, covering the Teams dial pad, call controls, transferring calls, and voicemail. # Making and Receiving Calls in Microsoft Teams: A Quick Guide ### Frequently Asked Questions Q: How do I make a call in Microsoft Teams? A: Open the Calls section in the left-hand navigation bar in Teams. You can search for a contact by name or type a number directly into the dial pad. Click the phone icon to start the call. You can also call someone from a chat window by clicking the phone icon in the top right of the conversation. Q: How do I answer an incoming call in Teams? A: When a call comes in, a notification appears on your screen. Click Accept to answer with audio, or you can choose to answer with video if that option is available. If you miss the call, it will appear in your call history and a voicemail will be left if the caller leaves one. Q: Can I transfer a call to a colleague in Teams? A: Yes. During an active call, click the More actions button (the three dots) and select Transfer. You can search for the colleague you want to transfer to and choose whether to transfer immediately or consult them first before completing the transfer. Q: How do I put a call on hold in Teams? A: During an active call, click the Hold button. The caller will hear hold music. Click Resume when you are ready to return to the call. Q: Where do I find my voicemails in Teams? A: Go to the Calls section and select Voicemail from the left panel. Voicemails appear here with a transcript and the option to play the audio. You can also configure voicemail greetings from the Settings menu under Calls. Q: Can I use Teams calling on my mobile phone? A: Yes. The Teams mobile app on iOS and Android supports full calling functionality. You can make and receive calls using your business number, access your call history and voicemail, and transfer or hold calls from your phone exactly as you would on a desktop. --- URL: https://networkfish.com/it-support-news/ms-windows-10-extended-security-updates-for-smes-and-home-users/ Description: What the end of Windows 10 support means for London businesses, ESU pricing, whether to upgrade or pay for extended support, and the Secure Boot certificate issue affecting devices in 2026. # Windows 10 End of Support: What This Means for Your Business Right Now ### Frequently Asked Questions Q: Has Windows 10 support actually ended? A: Yes. Windows 10 reached end of support on 14 October 2025. Since that date, Microsoft no longer provides free security updates, bug fixes, or technical support for Windows 10, unless a device is specifically enrolled in the paid Extended Security Updates (ESU) programme. Q: Can I still use Windows 10 safely? A: Not without additional protection. Any device still running Windows 10 without ESU enrolment has not received a security patch since October 2025, leaving it exposed to any vulnerability discovered since that date. The device will continue to function, but it is increasingly risky to use for any business purpose, particularly anything involving sensitive data or internet connectivity. Q: How much does Windows 10 ESU cost for a business? A: Business ESU pricing rises annually: approximately $61 per device for the first year, doubling to around $122 for a second year, and doubling again to roughly $244 for a third and final year, with the programme ending entirely in October 2028. Coverage must be purchased in sequence — a business cannot skip a year and resume later without paying for the missed period retroactively. Q: Should we pay for ESU or upgrade to Windows 11? A: For most businesses, migrating to Windows 11 is the better long-term option if your devices are eligible. Windows 11 is a free upgrade for properly licensed devices that meet the hardware requirements, while ESU is a temporary, increasingly expensive bridge that delays rather than solves the underlying issue. ESU makes more sense as a short-term measure for specific devices that genuinely cannot be migrated immediately, rather than as a strategy for your whole estate. Q: What is the Secure Boot certificate issue affecting Windows 10 and 11 devices in 2026? A: Microsoft's original Secure Boot certificates, used to verify that a device starts up securely, began expiring from June 2026. Devices that haven't received the required certificate updates may experience startup validation issues and could lose Secure Boot protection. This is a separate issue from the ESU programme and affects device security regardless of which Windows version is running. Q: Does running Windows 10 without ESU affect Cyber Essentials certification? A: Yes, significantly. Patch management is one of the five core technical controls assessed under Cyber Essentials. A device running an unsupported operating system that can no longer receive security patches is very difficult to bring into compliance, since the underlying requirement is that known vulnerabilities are patched within a defined window, which isn't possible on an end-of-life OS without ESU. Q: How do I find out which of our devices are still running Windows 10? A: This is exactly what a free site survey identifies. We review your full device estate, flag anything still running Windows 10 or any other unsupported operating system, and give you a clear, costed plan for migrating to Windows 11 or replacing incompatible hardware. --- URL: https://networkfish.com/it-support-news/spear-phishing-vs-phishing-how-to-tell-the-difference/ Description: The difference between phishing and spear phishing, why targeted attacks are harder to spot, and how Network Fish's layered security defences address both. # Spear Phishing vs Phishing: How to Tell the Difference ### Frequently Asked Questions Q: What is the difference between phishing and spear phishing? A: Phishing is generic — the same email sent to a large number of people, impersonating a recognisable brand and hoping a small percentage click a malicious link. Spear phishing is targeted — the attacker researches a specific individual or business beforehand and crafts a personalised, highly credible message designed specifically to deceive that target. Q: Why is spear phishing harder to spot than regular phishing? A: Spear phishing emails reference real, specific details — a name, a job title, a genuine colleague or project — that make them look far more credible than a generic phishing attempt. The usual warning signs of generic phishing — a stranger's name, an unrelated company, a generic greeting — simply aren't present in a well-researched spear phishing attempt. Q: Who is most likely to be targeted by spear phishing? A: Spear phishing often targets specific individuals with access to valuable information or financial authority — finance staff, senior managers, or anyone who regularly approves payments or has access to sensitive data. Attackers research their target's role and relationships beforehand to make the attack as convincing as possible. Q: Can multi-factor authentication protect against spear phishing? A: Yes, significantly. Even if a spear phishing email successfully tricks someone into entering their password, MFA prevents the attacker from accessing the account without completing a second verification step. This is one of the most effective protections against the consequences of a successful phishing attempt, regardless of how convincing the original message was. Q: What should someone do if they suspect they've received a spear phishing email? A: Don't click any links or reply directly. If the email claims to be from a colleague or supplier requesting something unusual, verify the request through a separate, known communication channel — a phone call to a number you already have, not one provided in the email. Report the email to your IT support team immediately so any related accounts can be checked. Q: Does Network Fish protect against spear phishing specifically? A: Yes. Our email defence service, including sender authentication checks, helps prevent domain spoofing — one of the key techniques used in spear phishing. This works alongside MFA, DNS filtering, and security awareness training, including phishing simulations, to address both the technical and human sides of the threat. --- URL: https://networkfish.com/it-support-news/what-is-the-biggest-cyber-security-threat-to-your-business/ Description: An overview of the most common cyber security threats facing London SMEs, including phishing, ransomware, insider risk, and weak passwords, and how layered defences address them. # What Is the Biggest Cyber Security Threat to Your Business? ### Frequently Asked Questions Q: What is the single biggest cyber security threat to businesses right now? A: Phishing is consistently the most common initial entry point — it's responsible for the majority of breaches because it bypasses technical controls by targeting people directly. But no single threat operates in isolation: attackers often combine a phishing email that delivers malware, exploiting a weak or compromised password to move laterally across a network that has unpatched systems. Treating these as separate problems, each requiring a separate solution, is less effective than building layered defences that address all of them together. Q: Why is ransomware disproportionately aimed at small and medium businesses? A: Smaller businesses are statistically less likely to have layered defences in place — no dedicated security team, inconsistent patching, and often no tested backup and recovery plan. That makes them easier targets, and attackers know it. Verizon's 2025 DBIR found ransomware present in 88% of breaches at SMBs, versus 39% at large enterprises. The good news is that the protective measures aren't complicated: managed antivirus/EDR and a properly tested backup plan remove most of the leverage ransomware operators rely on. Q: Are insider threats usually deliberate? A: Mostly not. The large majority of insider incidents are caused by negligence or mistake rather than malicious intent — an employee clicks a link in a phishing email, sends a file to the wrong recipient, or misconfigures a system. Deliberate misuse by disgruntled employees or contractors is the smaller share of the total. The implication is that the most useful controls are not primarily about catching bad actors — they're about limiting the blast radius when mistakes happen: least-privilege access, good offboarding processes, and audit logging. Q: Is requiring complex passwords still best practice? A: No — the consensus in security guidance has moved clearly away from complexity rules. Requirements for special characters, mixed case, and frequent mandatory changes tend to produce predictable patterns that are arguably easier to guess than a long, memorable passphrase. Current NCSC and NIST guidance recommends longer passwords, no forced rotation unless there's evidence of compromise, and — most importantly — multi-factor authentication as the primary defence. MFA is effective even when a password is compromised. Q: How long do employees typically take to click a phishing link? A: The median time from a phishing email landing in a mailbox to the first click is around 21 seconds, according to Verizon's 2025 DBIR. That's not a training failure — it reflects the fact that modern phishing emails are genuinely difficult to distinguish from legitimate messages, particularly spear phishing that uses accurate personal or company detail. Training and simulations help staff develop scepticism over time, but they are not a substitute for technical controls like email filtering, DNS security, and MFA that reduce the impact even when someone does click. Q: How does Network Fish protect businesses against these threats? A: We address each threat layer as part of a managed IT service rather than as standalone products: enterprise-grade email filtering and DNS security catch the majority of phishing and malware before it reaches a user; EDR monitors device behaviour for the threats that do get through; MFA blocks account takeover even when passwords are stolen; automated patch management removes the unpatched vulnerabilities attackers actively scan for; and access review and proper offboarding limit the damage from insider incidents. Everything is monitored and managed for you, for a single monthly fee. Get in touch to discuss your current setup. --- URL: https://networkfish.com/it-support-news/why-businesses-need-microsoft-365-copilot/ Description: What Microsoft 365 Copilot is, how it differs from free AI tools, what it costs, and how Network Fish helps businesses roll it out sensibly. # Microsoft 365 Copilot: What It Is, What It Costs, and Whether It's Worth It ### Frequently Asked Questions Q: What is Microsoft 365 Copilot? A: Microsoft 365 Copilot is an AI assistant built directly into Word, Excel, PowerPoint, Outlook, and Teams. Unlike a general AI chatbot, it's grounded in your organisation's own data through Microsoft Graph, meaning it can reference your actual documents, emails, and meetings to help draft content, summarise information, and answer questions specific to your business. Q: Is Copilot included in our existing Microsoft 365 licence? A: Not the full version. A free tier called Copilot Chat is included with most Microsoft 365 business plans, but it only accesses public web data — not your organisation's internal files or emails. The full Copilot experience, with access to your own data, requires a separate paid add-on licence on top of an eligible Microsoft 365 base plan. Q: How much does Microsoft 365 Copilot cost? A: Pricing is per user, per month, on top of your existing Microsoft 365 subscription, and varies depending on your base plan and current Microsoft promotions, which have changed several times through 2026. Rather than quoting a figure that may be out of date, we confirm exact, current pricing for your specific Microsoft 365 setup as part of any Copilot conversation. Q: Should we roll out Copilot to everyone in the business? A: Not necessarily, and we'd generally advise against it as a first step. Licensing every user by default before understanding who genuinely benefits is one of the most common, avoidable ways businesses overspend on Copilot. We typically recommend identifying the roles most likely to see real value — document-heavy or data-heavy roles in particular — and starting with a smaller rollout before expanding. Q: Does our Microsoft 365 security setup affect how Copilot works? A: Yes, significantly. Copilot's access to your organisation's data is governed by your existing Microsoft 365 permissions — SharePoint access, file sharing settings, and so on. If your permissions aren't properly configured, Copilot can potentially surface content to people who shouldn't have access to it. We review and tighten this as part of preparing your environment for Copilot. Q: Does Network Fish help with Copilot setup and training? A: Yes. We help identify where Copilot makes sense for your team, configure your environment properly beforehand, plan a staged rollout rather than licensing everyone at once, and provide practical training so your team actually gets value from it rather than letting unused licences sit idle. --- URL: https://networkfish.com/it-security/embracing-the-benefits-of-passwordless-authentication/ Description: What passwordless authentication is, how it differs from MFA, why it is more secure than passwords, and how London businesses can enable it through Microsoft 365. # Embracing the Benefits of Passwordless Authentication ### Frequently Asked Questions Q: What is passwordless authentication? A: Passwordless authentication is a way of logging into an account without typing a password. Instead, the user verifies their identity using a registered device, a biometric check such as a fingerprint or face scan, or a security key, usually combined with the same second-factor verification used in standard multi-factor authentication. Common examples include approving a login prompt on a phone, or using Windows Hello or Face ID on a device. Q: Is passwordless authentication the same as multi-factor authentication? A: They're related but not identical. Multi-factor authentication adds a second verification step on top of a password. Passwordless authentication removes the password from the process entirely, replacing it with a stronger method such as a device prompt or biometric check, often still combined with a second factor for additional security. The strongest setups use both together: no password, plus a verified device or biometric, plus a second factor. Q: Is passwordless authentication actually more secure than a password? A: Yes, significantly. Passwords are routinely reused across accounts, written down, shared, guessed, or exposed in data breaches. A password that doesn't exist can't be stolen, reused, or phished. Removing the password removes one of the most common entry points attackers rely on to compromise an account. Q: Does passwordless authentication require new software or hardware? A: Not necessarily. For businesses already using Microsoft 365, Microsoft Entra ID includes native passwordless authentication options, including Windows Hello for Business, the Microsoft Authenticator app, and support for FIDO2 security keys, all included within most Microsoft 365 licences. For many businesses, enabling passwordless authentication is a configuration step rather than a new purchase. Q: Will passwordless authentication make logging in more complicated for our team? A: Generally, the opposite. Most passwordless methods — a fingerprint, a face scan, or approving a prompt on a phone — are faster than typing a password, particularly a strong, unique password as recommended security practice requires. Users typically find passwordless login both quicker and easier than the password-based process it replaces. Q: Can passwordless authentication reduce IT support costs? A: It can. Password reset requests are one of the most common categories of helpdesk ticket for most businesses. Reducing reliance on passwords for accounts that support passwordless login reduces this volume, freeing up support capacity for issues that genuinely require attention. Q: Is passwordless authentication included in a Network Fish managed support contract? A: Microsoft 365 security configuration, including assessment and setup of passwordless authentication options through Microsoft Entra ID, is available for Network Fish managed support clients as part of your Microsoft 365 security service. Speak to us about reviewing your current setup. --- URL: https://networkfish.com/it-security/global-state-of-mobile-phishing/ Description: What mobile phishing is, how smishing and vishing work, why mobile attacks are harder to spot, and how Network Fish protects staff on mobile devices. # Mobile Phishing: What It Is and How to Protect Your Business ### Frequently Asked Questions Q: What is mobile phishing? A: Mobile phishing refers to phishing attempts specifically targeting mobile devices, including SMS phishing (smishing), voice phishing (vishing), malicious or impersonated apps, and phishing links sent through messaging apps. It is distinct from traditional email phishing aimed at a desktop user, though email phishing read on a mobile device shares some of the same risks. Q: What is smishing? A: Smishing is SMS phishing, a text message designed to trick the recipient into clicking a malicious link or revealing sensitive information, often by impersonating a bank, delivery company, or another trusted organisation. Smishing messages frequently create a sense of urgency to push the recipient into acting quickly without checking whether the message is genuine. Q: What is vishing? A: Vishing is voice phishing, a phone call designed to extract sensitive information or push someone into an urgent action, such as a bank transfer or sharing login details. Increasingly, vishing attempts use AI-generated voice cloning to impersonate a real person, such as a senior colleague, making the call sound more convincing. Q: Why is mobile phishing harder to spot than phishing on a desktop? A: Smaller screens make it harder to check sender details or spot a slightly altered web address. People also tend to respond more quickly to messages on their phone than they would at a desk, often without the same level of scrutiny. Mobile devices are also frequently used outside the network-level protections that may be in place in the office. Q: Can multi-factor authentication protect against mobile phishing? A: Yes, significantly. Even if a phishing attempt successfully captures a password, multi-factor authentication prevents an attacker from accessing the account without completing a second verification step. This is one of the most effective protections against the consequences of a successful phishing attempt, regardless of which device was used. Q: Does Network Fish protect against mobile phishing for our team? A: Yes. We manage mobile devices through MDM, enforce MFA across every account, deploy DNS filtering to block malicious links, and filter phishing attempts at the email level before they reach the inbox. We also offer security awareness training including phishing simulations, helping your team recognise mobile phishing attempts specifically. Q: What should an employee do if they receive a suspicious text or call? A: They should not click any links or call back any number provided in the message itself. If the message claims to be from a bank or supplier, they should contact that organisation directly using a number or website they already know to be genuine. They should report the suspicious message to your IT support team immediately so related accounts can be checked. --- URL: https://networkfish.com/it-security/what-is-a-passphrase-examples-types-best-practices/ Description: What a passphrase is, why length beats complexity, the NCSC three random words approach, and why a strong passphrase still needs MFA. # What Is a Passphrase? Examples, Types, and Best Practices Passwords and passphrases get used interchangeably, but they describe different approaches to the same problem. A passphrase is a sequence of random words used as a login credential. Length is more important than complexity — "carpet lemon thursday" is significantly stronger than "P@ssw0rd!" because its length makes it exponentially harder to crack by brute force. The UK's National Cyber Security Centre (NCSC) recommends the three random words approach: pick three words with no connection to each other or to you personally. A good passphrase is random (no personal references), long (15–25 characters across three words), and unique to one account. The old advice — mix uppercase and lowercase, add numbers and symbols, change every 90 days — has been substantially revised. Forcing complexity produces predictable patterns. Current NCSC guidance discourages mandatory complexity rules in favour of length. Three types: random word passphrases (recommended standard), sentence passphrases (slightly weaker due to predictable structure), and system-generated passphrases from a password manager (strongest, removes human choice entirely). A passphrase alone is a single point of failure. Once obtained through a data breach, phishing, or reuse, the account is compromised. MFA closes that gap — a stolen passphrase is not enough if a second verification step is required. Network Fish enforces MFA across every account for every client with no exceptions. ### Frequently Asked Questions Q: What is a passphrase? A: A passphrase is a sequence of random words used as a login credential. Unlike a traditional password, which relies on complexity (symbols, numbers, mixed case), a passphrase relies on length. Longer credentials are significantly harder to crack by brute force, which is why three random words together are stronger than a short, complex password. Q: Can you give me an example of a good passphrase? A: A good passphrase uses three or more genuinely random, unconnected words: "carpet lemon thursday" or "umbrella fence october" are examples of the right approach. The words should have no connection to each other, to you personally, or to anything predictable. Avoid phrases like "fluffy-birthday-2024" where the words are guessable based on personal information. Q: What is the difference between a password and a passphrase? A: A password is typically a single word or short string with added complexity (symbols, numbers, capital letters). A passphrase is a sequence of multiple words, which achieves greater security through length rather than complexity. Current guidance from the UK's National Cyber Security Centre recommends the passphrase approach specifically because short complex passwords tend to follow predictable patterns that attackers know to try. Q: What is a security phrase? A: A security phrase is another term for a passphrase — a multi-word credential used to authenticate access to an account or system. The underlying principle is the same: length provides more security than complexity for a given credential. Q: Which of the following is an example of a good passphrase? A: A good passphrase consists of three or more random, unconnected words with no personal significance: "carpet lemon thursday" is a good example. A poor passphrase example would be "Fluffy2024!" (short, predictable, personal) or "correct horse battery staple" (famous example, widely known). The key qualities are genuine randomness, length, and uniqueness to one account. Q: Do I still need to add numbers and symbols to a passphrase? A: No, not for security purposes. The NCSC specifically advises against mandatory complexity rules because they tend to produce predictable patterns. If a system forces you to include a number or symbol, add one to comply, but the length of the passphrase is what provides the security, not the added symbol. Q: Is a passphrase enough on its own to secure an account? A: No. A passphrase, however strong, is a single point of failure. If it is obtained through a data breach, phishing attack, or reuse on another site, the account is compromised. Multi-factor authentication (MFA) closes this gap by requiring a second verification step even if the passphrase is known. We enforce MFA across every account for every client for exactly this reason. Q: What is the NCSC's recommended approach to passphrases? A: The UK National Cyber Security Centre recommends the "three random words" approach: choose three words that have no connection to each other or to you personally, and use them together as your passphrase. This approach produces credentials that are long enough to resist brute-force attacks while being memorable enough that people don't need to write them down or reuse them across accounts. --- URL: https://networkfish.com/it-security/mfa-vs-2fa-choosing-the-right-authentication-method-for-your-business/ Description: The difference between MFA and 2FA, why Network Fish enforces a second verification step on every account, and how MFA is already included in most Microsoft 365 licences. # MFA vs 2FA: What's the Difference, and Which Does Your Business Need? ### Frequently Asked Questions Q: What is the difference between MFA and 2FA? A: Two-Factor Authentication (2FA) requires exactly two verification steps to log in, usually a password plus one additional factor such as a text code or an authenticator app. Multi-Factor Authentication (MFA) is the broader term for requiring two or more factors. Every 2FA setup is technically a form of MFA. In practice, the distinction matters less than whether a second verification step is enforced at all. Q: Is 2FA enough, or do we need full MFA? A: We don't recommend tiering this decision by how sensitive a particular account looks. We enforce a second verification step on every account across every business we manage, with no exceptions, because a compromised account in any part of the business can be used to attack other systems, clients, or suppliers, regardless of how sensitive that specific account initially appeared. Q: Does MFA cost extra on top of our Microsoft 365 or Google Workspace licence? A: No. Multi-factor authentication is included at no additional cost in virtually every Microsoft 365 and Google Workspace plan. It typically isn't switched on or enforced by default, which means many businesses are paying for a security feature they aren't actually using. Q: Is multi-factor authentication required for Cyber Essentials? A: Yes, MFA is one of the technical controls assessed as part of Cyber Essentials certification. Having it properly enforced across all accounts is one of the more straightforward requirements to meet, and also one of the most commonly missed before a formal review. Q: Can multi-factor authentication be bypassed? A: No security control is completely unbeatable, but MFA significantly reduces the risk of account compromise compared to a password alone. Even if an attacker obtains a password through a data breach or phishing attempt, they cannot complete the login without the second factor. This is why we treat it as a baseline requirement rather than an optional extra. Q: Is MFA enforcement included in a Network Fish managed support contract? A: Yes. We enforce multi-factor authentication across every account and platform as a standard part of our managed support service, at no additional charge. --- URL: https://networkfish.com/it-security/worried-about-ai-threats-build-your-cybersecurity-foundation-first/ Description: Why AI-powered cyber threats do not require new security tools, and why getting the established fundamentals in place remains the most effective response. # Worried About AI-Powered Cyber Threats? Get the Basics Right First ### Frequently Asked Questions Q: Is AI making cyber attacks more dangerous? A: AI is changing how some attacks are carried out, particularly phishing emails (which can now be written more convincingly, without the spelling and grammar errors that used to be a giveaway) and voice phishing, where AI voice cloning can make a fraudulent phone call sound exactly like someone genuine. However, the underlying defences that stop these attacks haven't changed: multi-factor authentication, patching, antivirus and threat detection, and a team trained to verify suspicious requests still work regardless of how the attack was generated. Q: Do we need special AI-detection software to protect against AI-powered threats? A: Not as a starting point. Most successful attacks, whether AI-assisted or not, succeed because of the same underlying gaps: no MFA, unpatched software, no monitoring, or staff who haven't been trained to spot a suspicious request. Getting these fundamentals properly in place is significantly more effective than adding a specific "AI security" product on top of a weak foundation. Q: How can our team spot an AI-written phishing email if it doesn't have the usual spelling mistakes? A: The old advice of looking for poor grammar is far less reliable than it used to be. The more reliable approach is to verify unusual or urgent requests through a separate channel — calling a known phone number rather than replying to the email — rather than relying on spotting obvious errors. Security awareness training helps build this habit across your team. Q: What is AI voice cloning and how does it relate to vishing? A: AI voice cloning technology can now convincingly replicate a specific person's voice from a small amount of sample audio. Attackers are increasingly using this in voice phishing (vishing) attacks, making a fraudulent call sound exactly like a senior colleague, a supplier, or another trusted contact. The defence is the same as for any vishing attempt: verify any unusual or urgent request through a separate, known communication channel before acting on it. Q: Does Cyber Essentials certification help protect against AI-powered threats? A: Yes. The five technical controls assessed under Cyber Essentials — firewalls, secure configuration, access control, malware protection, and patch management — form the foundation that makes a business resilient against evolving threats generally, including AI-assisted ones. These controls aren't specific to any particular attack method, which is exactly why they remain effective as attack techniques change. Q: What's the single most effective thing our business can do against AI-powered phishing? A: Enforce multi-factor authentication across every account. Even if an AI-written phishing email successfully tricks someone into entering their password, MFA stops the attacker getting any further without the second verification step. It remains the most effective single control against the consequences of a successful phishing attempt, regardless of how convincing the original message was. --- URL: https://networkfish.com/uncategorized/5-things-to-consider-before-implementing-ai-in-your-organisation/ Description: Five practical considerations for London businesses thinking about adopting AI tools, covering data protection, governance, Microsoft 365 Copilot, acceptable use policies, and how much AI assistance is appropriate in written work. # 5 Things to Consider Before Implementing AI in Your Organisation ### Frequently Asked Questions Q: Why should we think carefully before implementing AI rather than just getting started? A: AI tools can genuinely help your organisation work more efficiently, but the organisations that benefit most are those that approach it deliberately rather than reactively. Rushing in without clear policies, governance, or an understanding of how your data is handled creates risks that are much harder to fix after the fact than before. A small amount of planning upfront — defining what's permitted, who's responsible, and where your data goes — saves significant time and avoids exposing your organisation to regulatory, reputational, or operational problems. Q: What are the main data protection risks when using AI tools? A: The primary risk is inadvertently passing sensitive or confidential data through a public AI tool that processes or stores that data on third-party servers you don't control. Under UK GDPR, organisations handling special-category data — including anything related to health, finances, or protected characteristics — have strict obligations about where that data goes and how it's processed. Using an unvetted public AI tool and inputting client or staff data into it could constitute a data breach, with potential ICO scrutiny and regulatory fines. The practical starting point for most organisations already using Microsoft 365 is to keep AI interactions within your existing Microsoft tenant, where your own data governance and security policies apply. Q: What is Microsoft 365 Copilot and how does it keep our data secure? A: Microsoft 365 Copilot is an AI assistant built into Word, Excel, PowerPoint, Outlook, and Teams that works within your existing Microsoft 365 environment. Unlike public AI tools, Copilot is grounded in your organisation's own data through Microsoft Graph, and all processing stays within your Microsoft tenant rather than being sent to external servers. This means your existing data governance, security policies, and access controls apply to Copilot interactions in the same way they apply to the rest of your Microsoft 365 use. Q: Who should be responsible for AI governance in our organisation? A: Every organisation implementing AI should designate a specific, named person — a senior staff member or AI Champion — who is accountable for how AI is used. This person owns the approved tools list, the process for vetting new tools, and the incident response plan if something goes wrong. Without a named owner, you typically end up with different staff using different tools in different ways, with no oversight, no consistency, and no clear line of accountability if a problem occurs. Q: What should an AI acceptable use policy actually cover? A: At a minimum, a practical AI acceptable use policy should define which tools are approved for use, which use cases are permitted (drafting internal documents, summarising meeting notes, generating first drafts of content), and which are explicitly prohibited (making final decisions on sensitive cases without human review, inputting personal or confidential data into unvetted public tools). It should also specify who approves new tools, how AI use should be disclosed to clients or stakeholders where relevant, and what to do if something goes wrong. Starting with a short, practical document rather than a lengthy policy nobody reads is usually more effective. Q: How much AI assistance in written content is acceptable? A: There is no universal rule, but a useful working threshold is that AI assistance should enhance and accelerate human-authored work rather than replace it entirely. The person submitting or publishing any piece of content should be able to stand behind every claim in it and verify that nothing has been invented or hallucinated by the AI tool. For client-facing or regulated content in particular, human review and sign-off before publication is not optional. The risk is not using AI — it is publishing AI output without adequate human oversight.