More now than ever do businesses rely on their IT systems and the integrity thereof. Companies can be completely crippled if their primary internal data sources are compromised. Multiple studies and surveys from very credible sources and IT groups over the past few years show that more than 50% of businesses are breached over just a 1 year period. Hacking and breaching networks is now a multi-billion dollar “industry” – it’s the modern-day mafia. When a hacker breaches a network there are several things he’ll try and do, he might just do one or all of these: 1) sit silently and collect passwords, personal information, personal information from emails, etc. He’ll use this information to make purchases, spam your contacts, transfer money, impersonate you, etc. 2) use your computers, servers and email accounts to attack other websites, send spam blasts out, distribute illegal content on the internet and more, 3) Encrypt all of your information on your server or desktop and hold you at ransom.
Any of these actions can partially or completely cripple a company. ProTek takes security very seriously. Your weakest links are from the inside, even your most trusted employees can make the simplest of mistakes to let an attacker in. Phishing emails where hackers can disguise their links and attachments as emails from trusted websites are more than common – the network and employees need to be proofed up to prevent them from breaching the network.
We take a number of actions internally to bullet proof your network and servers from a breach or an employee letting in malware – so even if a mistake is made your network is geared to preventing it from spreading. We’ll train staff on what to look for so they can do their part in preventing hackers from fooling employees. At a new business we’ll do a full evaluation of the security of your network based on an exact checklist. We’ll also use tools to scan your network to determine how vulnerable it is. Based on that, we’ll provide an assessment and plan to clean up all vulnerabilities and keep it that way forever, rather than a patch job which will then let it slip back into its insecure setup.
IT Security Policies Implementation
Servers and IT solutions can be a complex and extensive myriad of services and platforms, all of which are vulnerable to wreak havoc on a network if put in the wrong hands.
Setting up a network should be done on the “principle of least privilege” (POLP). Giving any user too much access could be disastrous if a user was compromised by a hacker. Narrowing down access prevents accidental data editing or deletion and keeps users working on what they should be accessing.
In addition to precise network privileges for all users, these actions can easily fall out if not strictly kept in. ProTek can assist companies with exact written policies that can be adhered to for every IT action taken to ensure best security practices are kept in.
Every server and device on a network has various levels of access, these access levels need to be centrally regulated either through an LDAP or RADIUS service to make managing all of your devices as simple as possible.
Antivirus & Anti-Spam
Antivirus solutions are one of the key solutions in keeping a network safe and a company productive. Nowadays one virus can cripple an entire network, having all workstations protected with strict antivirus policies and kept up to date is critical.
Business antivirus solutions give you a complete view of the entire network and will properly alert you when there’s a vulnerability or a server/workstation’s AV software is not operating correctly.
Another layer of protection is a professional anti-spam solution. At least half of your security threats are through emails. Phishing, fraud, fake emails and the like are the primary cause to a network being compromised. Professional anti-spam solutions are a must to prevent or mitigate any attacks.
The Anti-Spam provider we use also scans for viruses and malware, making it an additional layer of security on top of your antivirus product.
There are industry standard vulnerability analysis tools that are able to analyze a network against ALL known vulnerabilities – server, workstation and network wide.
These tools are used in environments that require strict adherence to security checklists and policies such as high level credit card processing agencies, personnel management firms, hospitals, financial institutions and more.
All public emails over the internet are potentially open to being read by any authority or hacker that has access to those emails, whether at the sender, recipient or some system in between that has been compromised.
Many medical and financial institutions will employ email encryption solutions as emailing private medical or financial information over open mediums such as email, chat, SMS is very insecure.
Many hosted email encryption solutions will automate the encryption process for all employees, giving you the piece of mind that no sensitive emails are being sent without encryption.
Full PC encryption is recommended for mobile users that are potentially carrying sensitive information on their laptops. Employees forgetting laptops while travelling or laptop theft are scenarios employers must take preventative action on.
Even within an office, physical desktop and server access is commonly an oversight – either a disgruntled employee or a thief could easily steal information from a desktop or server they have physical access too, even without passwords.
Encryption would make it next to impossible for your sensitive information to be compromised.