A licence is not the same as protection
Most organisations in Angola that run Kaspersky believe they are protected because they hold a valid licence. In practice, the licence and the protection are two different things. Across the security assessments our certified team runs for Angolan organisations, a consistent pattern appears: fewer than half of the security capabilities an organisation is already paying for are actually active.
The difference between having a licence and being protected is configuration.
What the assessments keep finding
The pattern holds across very different environments, from around twenty endpoints to roughly a thousand, and across five different industry sectors. Three findings come up again and again:
- On average, less than half of the licensed Kaspersky capabilities are switched on.
- Anti-ransomware protection is frequently disabled, often without anyone realising it.
- Configuration and data-protection compliance gaps are present in almost every environment we review.
None of this means the products are weak. It means powerful tools were deployed once and then left on their defaults, while the threat landscape, the organisation, and the people managing it all moved on.
Why it happens
Security software is usually installed during a project, validated on day one, and then assumed to be working. Policies are never revisited. New features that ship with later versions are never switched on. Staff change. Alerts are sent to a mailbox nobody reads. Two years later the console still shows green, but the protection in place no longer matches the way the organisation actually works.
The regulatory weight has changed
Since 2024, Angola’s Data Protection Agency (APD) has been active in penalising inadequate security, and it has done so even where the organisation was itself the victim of an attack. The test the APD applies is whether the protective measures in place were adequate, not simply whether an incident occurred. Disabled protections and misconfigurations count against the organisation. Angola’s data-protection framework (Lei 22/11 and Lei 7/17) makes this a board-level concern, not just an IT one.
What good looks like
A licence you have already bought is worth using in full. Our approach with Kaspersky follows a structured lifecycle:
- Assessment. A structured, repeatable review across six pillars, producing a detailed report, a utilisation score per pillar, and a direct mapping to the APD’s requirements.
- Remediation. Fixing the gaps the assessment finds, with full documentation of what changed and why.
- Implementation. For a new deployment or a migration from another antivirus, building the environment on best practice from day one.
- Managed services. Continuous monitoring and tuning, by Menshen’s certified team.
As a Kaspersky Platinum Partner with a certified team based in Angola, Menshen can tell you, quickly and concretely, the real state of your environment, and close the distance between the licence you pay for and the protection you expected.
If you want to know that real state, talk to us at info@menshen.net.