Security Methods Offered

PC Anti-Virus – do this first

We use either Trend Micro or Windows Defender anti-virus and make sure it fetches daily virus pattern updates. On your Windows PC, follow the pictured 3 step process to verify your anti-virus is “all green” or click on it to display the broken item and choose “Turn On” to clear the issue.

Have multiple data backups

Make sure all data, even cloud systems, are backed up in another locations. We offer Immutable Data Backup & Instant Recovery 

The #1 security threat is “spear phising”

This NIST govement web site explains phishing and methods to defend agains phishing. We recommend a simple three step exercise. We can help with any step.

  1. Require your users to study the NIST web site.
  2. Have a meeting and ask your employees to quiz each other on phishing risks. Make it a game.
  3. Allowing us to hack your users using our fake mail address. When we catch a user falling for our email, we will alert you to train again.

Rehearse a prepared disaster recovery plan

The bottom line is to have a practiced worst case senario plan to recover clean offline data to fresh formatted workstations and servers on a backup network. For this, we offer

Everything else on the page below are added security layers. The more layers, the better.

Penetration Testing and Domain controller testing

Use a 3rd party penetration testing tools to test a domain and then plug the detected holes. We use securityscorecard.com

Computer server security 

  • Operating System Patches are scheduled and attended.
  • Virus protection software from a paid service with virus updates set to daily.
  • Daily server health monitoring from our data center.

A firewall stops travel to risky destinations. 

Install an advanced security router using professional install services from the manufacturer. You attend the session or answer a survey to lock things down to essential traffic.

  • May we lock out access to/from Russia, China and Iran IP addresses?
  • Who needs social media access at all or at what times
  • Can we restrict surfing to 100 web sites? Will you accept an open Internet research computer on it’s own network?
  • May we shut down Internet access and or wifi at certain times?
  • Restrict access to a current MAC list. A visitor’s laptop would not work with a hard wired connection.
  • Only DNS, HTTP(S), DHCP and ICMP services for LAN and WiFi interface.

 

DMARC protects your domain identity from being stolen 

DMARC is a registration of your email domain that tells the world what servers can use your domain name.

Active Directory (AD) server controls your staff’s behavior 

A computer virus is a malicious software program that runs on your PC. Prevent virus installs and you prevent viruses.  An AD server is a guard that tells work stations what it can and can not access or install, enforces complex passwords and password changes, restricts users to only the required network directories for them to do their job.

VPN connections for voice and data traffic

We use 256bit encryption VPN tunnels to connect to our customers. We started using encrypted voice back in 2004 before anyone else.  Now, it’s a VoIP requirement for many industries.

Isolated voice and data networks

  • Physical separate voice and data cabling and Ethernet switches are provided.
  • Logically separated VLANs from the edge router are programmed.

Mobile Devices

We believe Apple IOS is more secure than Android. We can extend group security policies to these devices.

Cyber Insurance

The cyber insurance industry is young and coverage has many gaps. Yet, it’s sometimes required by your business partners. Money spent on prevention via the above methods to include 3rd party audits increases your chance of being paid for a cyber claim.

Things we do at our own cost