Cyber Security Solutions
If concerns about your level of Cyber Security are making you more uneasy lately, they should be.
Your greatest vulnerability? Your people (usually unknowingly) allowing access to your network.
Components of Our Comprehensive Cyber Security Strategy
IT Managed Security Services
An initial Security Assessment provides a baseline of your overall network security at a point in time. This will identify such things as:
– Do you have policies in place regarding passwords?
– Who has access to what files?
– Who has remote access to your network?
– Where is sensitive information such as credit card information stored?
– Do you know if security policies are being followed?
– Is your computer network being regularly maintained with software security updates and patches?
Once your discovered vulnerabilities are addressed, the job of protecting your network and data is not done. This must be an ongoing process of network scanning and maintenance activities along with employee education. Changes happen on your network daily, as do new external vulnerabilities. Our current world of heightened IT security risks, requires diligence if you are to stay protected.
Data Backup & Disaster Recovery
A reliable, managed data backup and disaster recovery solution is critical to protecting your organization against cyber attacks. Where other lines of defense fail, the ability to quickly recover lost, corrupted or encrypted data is essential to maintaining your customer service levels, your reputation and overall business continuity. A solution which includes full image backups both locally and in the cloud, that is regularly tested to ensure backups are happening as they should, is a must.
Security Guardian Service
Since networks are ever-changing; what was secure yesterday might be exploitable or have vulnerabilities today.
BSC’s Security Guardian Service provides several options for regular or ongoing computer network security checks and reporting, to help keep your systems secure.
Level 1 provides quarterly internal and external network scanning followed by a quarterly IT Security Assessment Report. This will highlight any areas of concern and recommendations for action.
Level 2 adds real-time monitoring of Active Directory and your firewall. Alerts are generated on unusual activity and monthly reports detail changes and activity. This allows action to be taken in a timely fashion to resolve or prevent unwanted network activity.
Level 3 adds your File Server to the list of monitored devices for a more extensive view into activity on your computer network.
IT Security Awareness Testing & Training
Phishing is a term which refers to attempts to gain sensitive information such as usernames, passwords and credit card details, for malicious reasons. In this case, cybercriminals obtain this information through an email (or other electronic communication) disguised as originating from a trustworthy source such as a bank, delivery company or even a co-worker or friend.
The best defense against Phishing Attacks is employee education.
Our solution to the challenge of employee education involves simulated phishing attacks to identify users who are prone to falling prey to such attacks. This is coupled with a library of on-demand, interactive, engaging training videos, short comprehension tests and scenario-based Danger Zone exercises, all to help employees understand what to look for, what not to do, and much more. Periodic simulated phishing attacks are conducted on an ongoing basis to keep users on their toes and continually wary.
PCI Compliance Testing
If your business accepts payment cards, you should know that maintaining payment security is serious business. It is vital that every entity responsible for the security of credit/debit cardholder data diligently follows the PCI Data Security Standards.
Quarterly External Vulnerability Scanning helps businesses fulfill Payment Card Industry Data Security Standard (PCI DSS) requirements and secure their network. The scanning process works to find business network and web application weaknesses that may allow backdoors, remote access, SQL injection and many other types of malicious attacks.
Meeting compliance deadlines and knowing exactly how to fix discovered vulnerabilities can be difficult. We help clients to understand their identified vulnerabilities and to close the gaps.
BSC’s services in this area include:
- Assistance with completion of annual PCI compliance questionnaire
- Review of quarterly scan results (performed by an approved third party vendor such as Security Metrics)
- Professioinal services to perform any required remediation