Today's business IT is more complex than ever. With companies expanding their staff, opening remote offices, allowing more people to work from home and the proliferation of bring-your-own-device (BYOD) - device, data and network security are more critical than ever. Our security audit seeks to identify areas of your business which are at risk, determine how to secure entry points into your corporate network and ensure your staff can still do their jobs. Here just some of the areas and items our security audit considers to determine how secure your business critical data is:
- Is access to your wireless network restricted to specific devices, or can anyone connect?
- Can guests connect to the same wireless network your employees do?
- How far outside your building can your wireless network be seen?
- Do all your computers have current anti-virus and anti-spyware software installed and working?
- Can an internet based hacker see your network?
- Do you rely on your Internet Service Provider's (ISP) modem to provide you network 'security'?
- Does your corporate email server have anti-spam and anti-virus gateway to prevent attacks via email?
- Can employees export customer contact data and email it (in violation of PII laws)?
- Do employees have remote access to their corporate desktops using any of the "Screen Sharing" services available vs. a secure VPN connection?
- Does your website collect personal information via a contact form using a secure connection (to comply with personal information laws)?
- ... and much, much more
Cyber attacks on companies that manage critical infrastructure have surged a whopping 2,100% over the last three years – and yet IT budgets worldwide remain flat. To make the most of limited IT spending, more companies are relying on managed security services, and this evolutionary approach to the management of security is expected to double by 2015. Our security team can assess your network, identify areas for improvement and implement a continuous security plan. We are experts in advanced hardware and software security solutions from trusted names like Barracuda Networks, Fortinet, Cisco, Symantec and Microsoft to help eliminate outside threats.
We also design and implement policies and procedures that tighten your internal security. Our company helps a wide range of customers with network security services for both simple and complex IT systems. We staff highly trained and educated IT specialists who use proven processes and procedures to ensure your safety.
Thinking about outsourcing?
The following are a list of guidelines to help you outsource securely. Today, customers are hesitant to outsource because of security issues. If some of the simple guidelines listed below are followed, you can outsource and stay worry-free.
- Having a good security policy - The first step to be followed before outsourcing is to ensure that your organization is in order. You must also check your security policy. A good security policy will be sound and rational. Some of the important facets of your policy should include a data classification that can distinguish between sensitive and common data. The policy should also state clear standards and guidelines. These guidelines should be finalized by the stakeholders, managers and employees of your organization.
- Selecting the right outsourcing vendor - Selecting a right outsourcing vendor is one of the most crucial steps to be followed while outsourcing. Select a vendor who follows a strict security policy. You must also ensure if the selected vendor makes security a rule in his organization. Your vendor must also have security rules that protect your data from being copied to portable devices.
- A sound privacy and intellectual property policy - Check if your vendor has sound intellectual property protection laws. Make sure that your vendor will go by your privacy and intellectual property policies. Make these clear with your vendor to avoid later misunderstandings.
- Protecting your data - Start employing the use of database monitoring gateways and application layer fire walls before outsourcing. These devices can help you enforce usage policies. Such devices can also prevent privilege abuse and vulnerability exploitation. Choose a vendor who employs both these functionalities. This will help in the total protection of your data.
- Providing Education on handling data - Check if your vendor is educating his/her employees on how to handle and protect sensitive data. In case your vendor is not providing education, ensure that he/she provides education. This is very important, as this will help ensure the security of your data.
- The rule of least privilege - Before outsourcing, decide on a method to monitor material exceptions on your vendors and ensure the rule of least usage. Most of all, do not provide access to all your records during the same time. Ensure that this is also monitored.
- Leak-Proof traffic - Make sure that your vendor monitors outbound Internet traffic and checks emails for potential information leaks. These checks would ensure leak-proof traffic.
- Ensuring application and network security audits - Conduct regular application/database security audits and network security audits. This will help in ensuring secure outsourcing. Audits can help identify issues and potential vulnerabilities with the applications, databases and devices on the network.
- Ensuring that prevention technologies are employed? - Check the prevention technologies that your vendor uses. Inquire if your vendor has a technology to control data flow. Also check if your vendor’s policies are followed by the employees. Make sure that your vendor has technologies to protect sensitive data from being emailed or copied to removable types of media.