Cybersecurity

Layers of Security
Cybersecurity Explained

Operational support = long term success

In the modern computing world a traditional anti-virus solution is insufficient to protect you against even the simplest of threats.  All of our managed services clients are protected by at least three (3) layers of security but we don’t stop there:  it’s not uncommon for our clients to employ 6 layers of security, and a few go as high as 10! If you’re interested in the feeling the security of our multi-layered approaches, please read below to learn more.

On-Site PC’s Layered Cybersecurity Offerings

Multi-Factor Authentication (MFA)

We consider MFA as the most important security measure that you can employ in defending your systems and users from threats. In fact, we believe that MFA prevents 99% of breaches from occurring before they can start. We help you configure the MFA settings and scope that make sense for your business needs, setting the policies in whatever environments that you use to do your work.

Signature-based anti-virus protection

This is traditional anti-virus protection that we provide in all of our managed services agreements.With signature files that update continuously and other newer techniques, it’s the first, base layer of defense.

Next-Gen Managed Detection and Response (MDR)

Our MDR solution looks beyond simple signatures by assessing behavioral patterns in the execution of code on your systems. When anomalous behavior is detected, it is stopped before the threat has a chance to create a real problem. The system is isolated and the event is reported immediately to security professionals for remediations – these are real humans in a managed services operations center who do nothing but analyze and remediate these situations. Tickets are automatically created in both ours and or security partners’ systems so that no threat goes unaddressed.

Event Detection and Response (EDR)

Similar to our MDR solution, our EDR tools look for events that are written to the logs on your workstations and servers. When abnormal events appear, the alarms are raised at the same time as the evidence logged in SEIM platforms. Again, real humans react to these detections and respond in a timely and appropriate manner.

Advanced SPAM and URL Defenses/ Encrypted Email Portal

The SPAM detection provided by O365 and Google do better than they used to, but they’re still lacking in many ways. Our solution sits between your email system and the Internet to provide that extra layer of protection, including rewriting and testing of possiblymalicious URLlinks within all messages sent into your mailboxes. This system is also where you have an encrypted email portal (much like your doctor’s office) where you can send and receive sensitive information with outside parties without it ever having to travel over the internet.

Password and Privileged Access Management

We provide a PAM solution as an optional service to many of our clients. Clients can setup shared passwords and their users can maintain their own personal password vaults for both work and personal account needs. Role-based access and MFA provide a tailored approach for every imaginable need, and resetting and rotating passwords is made simple.

Microsoft Office Protect

Provided as an affordableadd-on feature to Microsoft O365 licensing through our trusted provider, Office Protect provides many additional benefits. Among other benefits, it: blocks email attachments known to be bad; prevent your users making their personal information public through their calendar; blocks mass exfiltration of company emails to an external destination; protects your company reputation by alerting you if your users are spamming; and informs you of many situations where hackers are making moves against your systems. You can’t buy this service directly from Microsoft or any other seller – it’s only provided through Sherweb, our trusted O365 licensing partner.

Dark Web Monitoring

Almost half of our clients elect dark web monitoring as a simple set-and-forget addition to their layered security defenses. This platform monitors both your company network and email accounts and your employees’ personal accounts that are based on email addresses. Whenever any of these accounts are found as compromised and for sale on the Dark Web, a ticket is created in our systems and the employee is alerted immediately alerted to change the account password wherever it’s been used on the Internet. Used in combination with our password and privileged access management solution, this is a simple task in stopping a breach threat on external systems that are outside of your control.

Phishing and Security Awareness Training

No matter how many hardened technical controls you have in place, your human users will always be a source of risk: advanced threat actors know that social engineering and uneducated users are still their best bets at getting through the gates. Many of our clients elect this optional service where we setup convincing phishing campaigns that drip quietly into your workforce’s mailboxes, testing their reactions to modern techniques. The results are measured and then followed up on through security awareness trainings in the form of quick, easily digestible video vignettes. Phishing and security awareness are some of the most common questions in today’s security audits, and conducting these exercises is just good practice and hygiene.

Data Loss Prevention (DLP)

Data loss prevention goes a step further than protecting against malicious threat actors on the outside of your systems: it’s really about protecting against threats inside the firewall, whether those are accidental mistakes or ones from disgruntled or malicious employees or contractors. We help you identify your sensitive information both by where it’s stored and by doing pattern-matching within the data itself. When sensitive data has been tagged, we help you define hardened technical policies that either warn users before they accidentally let it leave your systems, and/or that prohibit that leakage absolutely.

Penetration Testing and Vulnerability Management

Cloud platforms like O365, Google Workspace, and AWS conduct pen testing and vulnerability management on your behalf. However, your on-premise network is still susceptible to real threats and it’s too easy to configure a hosted environment like AWS to allow threats to breach the perimeter. We have trusted security partners who do nothing but test your defenses from both inside and outside your firewalls, providing specific and actionable steps for remediation that we can help you to implement. Adding penetration testing and vulnerability management to your portfolio also helps to answer a lot of questions correctly to any interested business partner you have.

Stay Compliant, Save Time & Money!

Take Advantage of Our FREE No-Obligation IT Assessment