How we secure your network

Ala Carte [Click on each layer for more information]

Security Layers

Security Layers

Data Backup comes in two flavors:

  • File-Based backup
    • Recovery: Running System.
  • Image-Based backup
    • Recovery: Running System, Bare metal Recovery to a new server, off-site virtual recovery

You can store your backups in one of two locations

  • > Backup on-premise for faster Recovery Times
  • > Backup in the cloud for more resilient Backups

Gateway Antivirus

Anti-Virus Protection at the edge of your network allows you to protect phones, tablets, printers and other devices that do not have an Anti-Virus layer running.

Scanning Defenses

Run regularly against endpoints, these scanners are the most thorough look into the complete system while looking for malware.

These scans are intensive and are set to run during non-work hours so as not to affect productivity.

Endpoint Software Patching

Whether it's Windows, MacOS, or Linux, all operating systems have exploitable flaws.  Those flaws aren't limited to the Operating Systems and are found regularly in Third Party Software too.

As those flaws are found, patches are created to fix those vulnerabilities to make the software more stable or less vulnerable to attack.

Realtime OS Protection

Advanced AI scans running software and determines:

  • If it walks like a duck
  • And it talks like a duck
  • It's probably a duck

Threat-hunting capabilities allow us to answer the question: "How did this get here?" and "Are there any scripts or other non-malware software that are enabling malware on my system?"

Risk Intelligence

Helps you to locate the files that are most attractive/valuable to a data breach, determines the actual liability and gives you the knowledge to take the opportunity to protect your data at rest before the breach happens.

2FA for Administration

This protects your computers from being administrated by those without the proper credentials as well as a second factor like a one time code on their phones.

This makes certain that those loading programs and doing administration are really authorized to do so, not just someone who hacked a password.

Pen Testing

This is an outside-in approach to trying to white-hack your system regularly before the black-hat hackers can get there.  By trying to hack your system for vulnerabilities and getting a report on what is vulnerable, we get the information necessary to fix the vulnerabilities before the bad guys can use it.

Human Risk Reduction

Our best technology to identifying something fishy is people... but only if they are trained.  HRR allows us to help each user on the network become the best firewalls we could ask for instead of the biggest risks to our network.

Content Filtering

By filtering out the content that we don't want using policies, we can reduce the footprint of websites that users on the network can access, therefore reducing our risk.  This also makes certain that the websites that would violate a Network Use Policy are avoided.

External DNS & Email Filtering

DNS is helpful when you are trying to find a site, but it can also be used to block bad sites by using an external service.

Emails that come in can be processed externally - before they hit your servers - and have the junk and viruses removed.  This increases productivity by only dealing with emails that are legitimate.

Honey Pot

This is a special "server" on your network that is designed to be so tempting to hackers that they just can't avoid taking a look.

This is essentially like a motion detector alarm.  It won't keep anyone out, but it alerts us when someone has been able to get by the other defenses.

IDR/IDP

This runs at the gateway and detects attempts from the outside world to get by our firewall.  It inspects all traffic to determine which ones fit a pattern of known bad acting and responds based on rules on the firewall.

Encrypting Data at Rest

If the data sitting on your hard drive is sensitive, could be monetized by a bad actor, could be used as leverage against our company, etc., then that data needs to be encrypted.

Encryption really depends on the use case.  But what doesn't change is that if we assume a breach will someday happen, then that data needs to be protected.  You can use a Risk Intelligence Scan to get a better picture of what data is sitting there at risk.

Backup Power

When a circuit gets tripped, the power goes out, or your UPS fails, etc. you don't need your systems to crash.

Backup Power means that your system runs smoothly even when the power doesn't.

Backup Internet

As we become more reliant on the Internet as a means to get work done, it has become part of our Business Critical Infrastructure.  This means it costs us dearly when the Internet is down.

A Backup Internet connection keeps your business running even when your primary Internet connection is down.