Shields up! All companies and even home users looking to improve their IT security in 2026 need to review our guideline below.

With AI malware and phishing on the rise we have an essentials check list and new way to ensure your business is protected automatically.

We are announcing our new “PC Armour” software which monitors PC health and Security.

This is the worlds first automated software to test your overall security and give you an easy to read score out of 100.

Your Antivirus, DNS and Network Firewall is safely tested against the very latest Malware and Phishing attacks.

The amount of people that thought they had good protection in place, only to discover it was essentially worthless has been really surprising.

Typical PC Armour – Security Scores are as follows:

Under 5% is commonly seen on computers with basic defender antivirus and no additional security.

Under 20% is seen with good antivirus with no additional protection enabled.

Under 50% is seen with good antivirus with either DNS or Network firewall with IDS/IPS rules enabled.

Under 80% is seen with antivirus, DNS protection and Network firewall protection fully enabled but overall requires improvement.

97 to 100% is the gold standard. Your combination of protection is working as it should. Keep an eye on your charts to maintain this.

Here is the link to “PC Armour” – your privacy focused automated PC health and security monitor.

If you need assistance to archive a near 100% score use our contact page for details.

Is Your Business Secure? A Quick IT Security Checklist to Attain 100% Protection.

In today’s digital world, strong cybersecurity is essential for protecting your data, employees, and reputation. Use this quick checklist to evaluate your core security measures and identify areas for improvement.

💻 Endpoint Security (Computers & Devices)

  • Updated Operating Systems: Ensure all workstations and servers are running a modern, fully supported OS (like Windows 11) to receive critical security patches.
  • Advanced Malware Protection: Verify that every device is protected by an actively monitored Endpoint Detection and Response (EDR) solution, such as ThreatDown EDR. (IT Pro Expert are certified suppliers of ThreatDown)
  • Application Control: Implement policies to prevent the installation and execution of unauthorized or unvetted software on company computers. You can use ThreatDown App Lock, AppLocker or ThreatLocker.
  • Browser Protection: Ensure users do no install unvetted browser plug ins (very few are actually safe to use). Have a security protection plug in like ThreatDown Browser Phishing Protection enabled.
  • Hardware Lifecycle Management: Identify and plan the replacement of any computers or hardware that are no longer receiving security and firmware updates from the manufacturer. Typically all hardware over 7 years old should be replaced. Optimally a 5 year maximum is best.

🔑 Account & Access Security

  • Strong Password Policies: Enforce the use of strong, unique passwords for all user accounts across all services.
  • Password Managers: Try to enforce the use of a password manager (Proton Pass) for all staff with confidential data access. General staff could use a secured browser password manager under Edge browser which is locked to their 365 sign in.
  • Multi-Factor Authentication (MFA): Activate MFA/2FA on every supported application and service, especially for email, VPN, and administrative accounts. This is a critical defence against account takeovers. Ideally move to Passkeys for the best security protection for 2026 onwards.
  • Secure Administrative Accounts: The highest-level administrator accounts (e.g., Global Admin) should be reserved for emergency use only, with daily tasks performed using standard, privileged accounts.
  • Staff Training: Do staff training at least once a year with refreshers every 3 to 6 months. Staff attitude towards security is the most critical.

🌐 Network & Email Security

  • DNS Protection: Use a DNS filtering service (like NextDNS or ThreatDown DNS Protection) as a second line of defence to block access to malicious websites and filter harmful content. It is critical that this is configured correctly with multiple current rule sets that are updated daily will ensure this layer of protection works as intended.
  • Next-Generation Firewall: Confirm your firewall has an active and updated Intrusion Prevention/Detection System (IPS/IDS) to monitor and block sophisticated network threats. Ensure blocks are turned on for all categories like Bots, Virus, Spyware, Hacking, Exploits, P2P, Dark Web, Bypass Protocols and Recon. Also ideally block certain countries that are high risk. We recommend a UniFi Router/Gateway.
  • Ports: The previous common practice of opening firewall ports or port forwarding should be stopped outright unless IP locked. Use local VPN access via the network firewall router or using a Mesh VPN like Tailscale. All external staff should use VPN access. Block external CCTV access.
  • Modern Network Equipment: Phase out any legacy network equipment (routers, switches, etc.) that is no longer supported with firmware updates. Routers/gateways should be replaced at least every 3 to 4 years, switches and other equipment every 5 to 7 years.
  • Advanced Email Security: Protect your primary communication channel with a dedicated email security solution (like ThreatDown Email Security or Microsoft Defender) to scan for malware, phishing links, and impersonation attempts. This is another layer on top of the rest.

In summary – Professional AntiVirus with correctly configured DNS protection and a IPS/IDS firewall with Browser Phishing Protection and Email Protection should achieve a 100% security score.

Similar Posts

Leave a Reply