Security Methods Offered

The #1 security threat is “spear phising”

This NIST govement web site explains phishing and methods to defend agains phishing. We recommend a simple three step exercise. We can help with any step.

  1. Require your users to study the NIST web site.
  2. Have a meeting and ask your employees to quiz each other on phishing risks. Make it a game.
  3. Allowing us to hack your users using our fake mail address. When we catch a user falling for our email, we will alert you to train again.

Have multiple data backups

Make sure all data, even cloud systems, are backed up in another locations. We offer Immutable Data Backup & Instant Recovery 

Rehearse a prepared disaster recovery plan

The bottom line is to have a practiced worst case senario plan to recover clean offline data to fresh formatted workstations and servers on a backup network. For this, we offer

Everything else on the page below are added security layers. The more layers, the better.

Penetration Testing and Domain controller testing

Use two or more third party penetration testing tools to test a domain and then plug the detected holes.

Computer server security 

  • Operating System Patches are scheduled and attended.
  • Virus protection software from a paid service with virus updates set to daily.
  • Daily server health monitoring from our data center.

A firewall stops travel to risky destinations. 

Install an advanced security router using professional install services from the manufacturer. You attend the session or answer a survey to lock things down to essential traffic.

  • May we lock out access to/from Russia, China and Iran IP addresses?
  • Who needs social media access at all or at what times
  • Can we restrict surfing to 100 web sites? Will you accept an open Internet research computer on it’s own network?
  • May we shut down Internet access and or wifi at certain times?
  • Restrict access to a current MAC list. A visitor’s laptop would not work with a hard wired connection.
  • Only DNS, HTTP(S), DHCP and ICMP services for LAN and WiFi interface.

PC Anti-Virus

Use an ant-virus that establishes daily virus pattern updates and allows for central management for all of your PC’s.

DMARC protects your domain identity from being stolen 

DMARC is a registration of your email domain that tells the world what servers can use your domain name.

Active Directory (AD) server controls your staff’s behavior 

A computer virus is a malicious software program that runs on your PC. Prevent virus installs and you prevent viruses.  An AD server is a guard that tells work stations what it can and can not access or install, enforces complex passwords and password changes, restricts users to only the required network directories for them to do their job.

VPN connections for voice and data traffic

We use 256bit encryption VPN tunnels to connect to our customers. We started using encrypted voice back in 2004 before anyone else.  Now, it’s a VoIP requirement for many industries.

Isolated voice and data networks

  • Physical separate voice and data cabling and Ethernet switches are provided.
  • Logically separated VLANs from the edge router are programmed.

Mobile Devices

We believe Apple IOS is more secure than Android. We can extend group security policies to these devices.

Cyber Insurance

The cyber insurance industry is young and coverage has many gaps. Yet, it’s sometimes required by your business partners. Money spent on prevention via the above methods to include 3rd party audits increases your chance of being paid for a cyber claim.

Things we do at our own cost