Cyber Security Protection Package

Multi Factor Authentication

A username and a password combination is no longer secure.  Exclusively using simple username and password protection on Internet facing portals such as Webmail, VPN, and Remote Desktop, allow hackers to gain access via weak or stolen user passwords. Multi factor authentication is a two-step verification process that adds an extra level of protection by requiring authorization via a mobile device.

Ransomware Protection

Ransomware is a form of malware that encrypts all corporate files and prohibits access to this data unless a ransom is paid.  Recovery options are to restore from backup (and lose all changes post last backup) or pay the ransom.  Active protection against ransomware will minimize outbreaks and reduce/eliminate damage.

Vulnerability Scans

Exploitations in firmware, configurations, and software are a common occurrence in today’s technology. These exploits can make any firm a target both from internal and external cyber-attacks. Scheduled automated vulnerability scans will verify the security of all servers, network devices, workstations, and laptops on the corporate network.  The scans are run on a quarterly basis to check devices for any known exploits and reports identified potential risks. Once identified, these risk can be addressed.

Log Aggregation

All network devices and servers generate diagnostic and informational logs for all events that occur. These logs are generally hard to review because they exist in several locations on several different platform types. With log aggregation a centralized device captures all logs generated by accepted systems and places them into a single container which can then be used to automate alerts based on specific events. This process allows for greater speed to response when the first signs of trouble begin to appear.

Security Training

In order to increase employee awareness against cyber security threats and social engineering attacks, management must provide training to users.  Security training provides the necessary tools to ensure compliance with policies and procedures as well as the knowledge to mitigate cyber threats.  

Active Directory Monitoring

Active Directory administrator accounts should be kept to a bare minimum.  With active domain monitoring alerts will be generated any time an account is granted administrative privilege, whether intentional or malicious.

Hard Drive Encryption

Remote computing has many advantages, however it puts data at risk if a laptop is lost or stolen. Even with a password protected device, laptop hard drives can have their data read and stolen with little effort. By utilizing hard disk encryption, all data on a laptop hard drive is protected from extraction by an unwanted party.

Phishing Test

91% of successful data breaches are started with a spear phishing attack.  The best defense for these attacks is to raise employee awareness and improve their security behavior.  “Disguised” phishing emails sent to all users on a quarterly basis will output to a report outlining which users are most susceptible to attacks. 

Password Leaks

Over 14.7 billion data records have been lost or stolen since 2013 due to data breaches.  This data includes account passwords and logon information. Actively monitoring these large data breaches will identify which employee accounts have been leaked and require immediate attention.

Password Testing (hash cracking)

Weak passwords are easily compromised via brute force and dictionary attacks.  Periodic hash testing against all accounts will expose weak passwords and output reports on which should be immediately changed.