The protection of an online identity. Criminals are finding new and creative ways to steal information from digital users. By implementing the following tools we help protect your identity, assets and technology online and on your mobile.
Brand Risk – This is the damage to your company’s reputation by means of scams, fraud, misuse of company intellectual property, corporate defamation and account impersonations and compromises.
Cyber Risk – Cyber risks can appear in many forms such as phishing, data leakage and malware infection through digital platforms. Some organizations and employees do not realize they are at risk at the time and only find out when it is too late.
Physical Risk – Acts of terror by external employees, protests or disruption of business.
Protection of smartphones, tablets and other portable devices and the networks they connect to from threats associated with wireless computing. We protect your devices by implementing the following:
Enterprise Mobility management - Managing and securing of business related data as well as employee owned devices without having a major impact on the general user experience. By securing the business-related data in a password protected container the enforced solution does not have any effect on employee owned content and only business related data will be wiped when the employee leaves the organization or in case of theft or loss.
Mobile Threat Protection / Prevention - Mobile threat defence solutions detect behavioural anomalies, perform vulnerability scans to identify configuration weaknesses, monitor network traffic and scan the device for weak applications that could potentially put business data at risk.
Enterprise Vault - Enterprise Vault is the enablement of securely working and sharing documents using multiple devices with both internal and external parties whilst having certain controls applied. The benefits of having such a solution is that users can be more productive and have peace of mind that the content is safe and secure.
The use of software, hardware, and procedural methods to protect applications from external threats. Security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats.
Web Application Firewall (WAF) - Purely designed to secure web applications from known vulnerabilities, to prevent SQL injections and to prevent DOS/ DDoS attacks. Depending on the technology, it can also offer virtual patching, prevent data leakage and protect against zero day exploits.
The approach to the protection of laptops, desktops and servers that connect to the corporate network and create attack paths for security threats. We protect these devices by implementing the following:
Advanced Threat Protection (ATP) - Threats nowadays are more focussed and targeted with a huge amount of intelligence built into them. The unknown or zero-day threats are also of great concern to any enterprise. Grouping of more advanced defence mechanisms that can be centrally managed in order to obtain a holistic overview of the threats that are potentially targeting or threatening organizations.
Antivirus safeguards the Endpoint against the traditional computer viruses, as well as backdoor viruses, rootkits, potentially unwanted programs, phishing attacks, adware and spyware that originate from any infection vector accessible from the Endpoint.
NGAV (Next Generation Anti-Virus) examines every process on every endpoint to algorithmically detect and block the malicious tools, tactics, techniques and procedures which attackers rely on.
NGAV does four, critical things to protect your business:
1 – Prevents commodity malware better than traditional AV
2 – Prevents unknown malware and sophisticated attacks by evaluating the context of an entire attack resulting in better prevention.
3 – Provides visibility and context to get to the root cause of a cyber attack and provide further attack context and insight.
4 – Remediate attacks.
A Firewall (whether this is host based or at the perimeter of a network) is required to protect the Endpoint from unauthorized access from other systems. Simply put, it builds a virtual wall with a set of specific controls that are implemented according to enterprise requirements. Intrusion Prevention Systems - IPS is an additional add-on that is normally a signature-based solution that can further protect endpoints against the more complex threats – the known and/or zero-day threats if the latest signature is available on the Endpoint.
Endpoint Encryption reduces the risk of loss, theft or unauthorized exposure of sensitive data by encrypting the entire hard drive or removable media device. The data is only accessible to authorized individuals by means of password authentication.
Content & Data
Data is the most important part of your business – it holds your customer information, your intellectual property, sensitive communications and social media updates. The issue with data is that it can fall into the wrong hands quickly and put your business and clients at risk. We protect your content and data by implementing the following:
• SSL Certificates – Protect website data by creating encrypted connections between the end user’s browser and the server
• Code Signing Certificates – Digitally signs a program to verify the author’s identity and ensure it has not been compromised by a third party.
• Document Signing Certificates – Ensures that the recipient, once the document has been signed, has not received an altered document without approval from the author.
• Data Leakage Prevention (DLP) – Implementation of a tool or set of tools to prevent accidental or intentional exposure of critical or sensitive business information.
The automatic processing of incoming and outgoing email messages against a set of predefined measure and controls:
The process includes (but is not limited to):
• Anti-Spam - Scanning email messages for certain patterns that could classify the email as being a spam email
• Whitelisting – Exclusion of certain email messages / senders from the controls that were put in place
• Blacklisting – Addition of extra controls to certain senders or blocking them
• Content – Evaluation of email messages for certain content based on the policies that were defined for acceptable mail use in an organization or for containing certain URLS that could be malicious.
Sending and or receiving secure email is critical in the corporate environment and it should be a priority for all businesses. In the end, the main goal needs to be to secure business information that traverses email systems.
Methods that can be used to secure email:
• Ensure sufficient email filtering services
• Encrypt emails and the communication between mail servers
• Confirm the sender is legit using digital signatures
• Do not make use of free mail, and or webmail based email solutions, for business correspondence
• Ensure that employees have knowledge of the potential impact that their decisions to open unknown emails could have on the enterprise
Open Internet is not a safe practice in the digital age due to the content that is available to internet users. Internet filters and control software is definitely a need to evaluate internet traffic and as a result to ensure a pleasant experience on the internet.
The process includes (but is not limited to):
• Content - Certain content might not be appropriate based on the policies that were defined for acceptable internet use in an organization or for containing certain URLS that could be malicious.
• Whitelisting - Excluding certain internet sites that were put in place
• Blacklisting - Blocking certain internet sites that were put in place
Database Security is one of the biggest concerns, especially when it comes to the whole compliance spectrum of IT Security.
Some areas that database security addresses are that of:
• Scanning database configurations to ensure that best practice benchmarks are adhered to; for example weak passwords
• Vulnerability scans in order to identify missing patches and hotfixes
• Database auditing to highlight what your DBA's / user accounts are doing on the database solution
• Hiding / masking sensitive information from the DBA, other users or third party applications, for example credit card information
• Encrypting database content
Any activity designed to protect the usability and integrity of your network and data, this includes hardware and software technologies. By implementing the following we make sure your network is secure and protected:
Identification of Vulnerabilities
An ongoing process that assists organizations in the identification of known vulnerabilities that form part of the network and the devices that are connected. Vulnerability scanners typically highlight the problems as well as proposed counter-measures that can be implemented to mitigate the vulnerabilities that have been identified.
The process of performing an authorized attack simulation on the information security infrastructure to exploit vulnerabilities and to provide a report containing a description of the vulnerabilities and the risk they may pose.
Penetration Testing can be divided into three main sections:
White Box Testing:
The test implementer has full access to the information of the system being tested. White Box Testing ensures that the system is thoroughly tested. However, it does not simulate a true attack as the tester has information that would not be available to a true attacker.
Black Box Testing:
The test implementer only makes use of information extracted as part of the attack to perform the test. This method simulates a more realistic attack scenario. The only disadvantage is the possibility of certain areas remaining untested.
Grey Box Testing:
The test implementer only has access to specific information related to the system being tested.
An ongoing process that requires the output of the vulnerability assessments to commence with the process of remediation or mitigation of the vulnerabilities. Phases that can form part of the management of vulnerabilities can be:
•Install the recommended patches or hotfixes
•Upgrade to more recent versions of the software
•Reconfigure software based on the recommendations from the scan results
•Update or change configuration of perimeter defences
•Ensure up to date IPS signatures in place
A system that has been designed to prevent unauthorized connections from entering or leaving the network as well as to provide monitors based on a specific set of controls. These systems can be found in different forms - either hardware or software based or a combination thereof.
Traditional firewalls were designed with a simplistic approach to primarily allow, block or reject a connection if not specified in the controls. Next generation firewalls provide more granular controls, are based on intelligence and greater visibility on all the layers of the network stack.
Secure Remote Access
Remote access is crucial to any employee that needs to access corporate resources from remote locations and it is even more crucial to ensure that the access to their information is secure.
Employees should also not be limited to certain device types (endpoint or mobile) and this should be an extension of the office. We use SSL VPN or client based VPN technology to provide users with secure connections.
User authentication, authorization and accounting
User authentication, authorization and accounting, also referred to as the Triple A’s of Authentication, entails architecture where user authentication takes place by means of providing a unique set of information which, once authenticated, the user is either granted or denied access to a system or network. Accounting relates to activity tracking in order to determine time spent on a specific system, amount of data used and failed and successful login attempts into a system.
• TACACS or TACACS +
• LDAP or Microsoft AD
A system that inspects all inbound and outbound network related activity and identifies possible suspicious patterns that may indicate that a network resource or system is under attack from someone (internal or external) attempting to break in or compromise these systems.