If concerns about your level of IT Security are making you more uneasy lately, they should be.
Your greatest vulnerability? Your people (usually unknowingly) allowing access to your network.
☑ Business Class Firewall
☑ Anti-virus Protection
☑ Malware Protection
☑ SPAM Filtering
☑ Web Content Filtering
☑ Application Control
☑ Brute-force Attack Blocker
☑ Secure Certificates
An initial Security Assessment provides a baseline of your overall network security at a point in time. This will identify such things as:
- Do you have policies in place regarding passwords?
- Who has access to what files?
- Who has remote access to your network?
- Where is sensitive information such as credit card information stored?
- Do you know if security policies are being followed?
- Is your computer network being regularly maintained with software security updates and patches?
Once your discovered vulnerabilities are addressed, the job of protecting your network and data is not done. This must be an ongoing process of network scanning and maintenance activities along with employee education. Changes happen on your network daily, as do new external vulnerabilities. Our current world of heightened IT security risks, requires diligence if you are to stay protected.
A reliable, managed data backup and disaster recovery solution is critical to protecting your organization against cyber attacks. Where other lines of defense fail, the ability to quickly recover lost, corrupted or encrypted data is essential to maintaining your customer service levels, your reputation and overall business continuity. A solution which includes full image backups both locally and in the cloud, that is regularly tested to ensure backups are happening as they should, is a must.
Since networks are ever-changing; what was secure yesterday might be exploitable or have vulnerabilities today.
BSC’s Security Guardian Service is a comprehensive security solution including ongoing internal and external scanning of your computer network, to uncover unusual activity, new vulnerabilities, and any changes made on your network.
The Security Guardian Service includes:
- Multiple daily internal network scans with real-time email alerts of unusual activity.
- Quarterly, comprehensive internal and external vulnerability scans.
- Quarterly Security Snapshot Report with an action plan to remediate any new issues which may have arisen.
Maintaining payment security is required for all entities that store, process or transmit cardholder data. Guidance for maintaining payment security is provided in PCI security standards. It is vital that every entity responsible for the security of credit/debit cardholder data diligently follows the PCI Data Security Standards. PCI Compliance testing begins with a review of an organization’s security standards and a PCI needs analysis. This process helps identify an organization’s scope of PCI requirements. To ensure conformity to PCI requirements, external network scans must be run quarterly.
Phishing is a term which refers to attempts to gain sensitive information such as usernames, passwords and credit card details, for malicious reasons. In this case, cybercriminals obtain this information through an email (or other electronic communication) disguised as originating from a trustworthy source such as a bank, delivery company or even a co-worker or friend.
The best defense against Phishing Attacks is employee education.
Our solution to the challenge of employee education involves simulated phishing attacks to identify users who are prone to falling prey to such attacks. This is coupled with a library of on-demand, interactive, engaging training videos, short comprehension tests and scenario-based Danger Zone exercises, all to help employees understand what to look for, what not to do, and much more. Periodic simulated phishing attacks are conducted on an ongoing basis to keep users on their toes and continually wary.