A central authority for user accounts provides the ability to manage and control all user accounts and required permissions for each user with Role Based Access Control system.

Windows Active Directory: Local on-premise Windows Server.

Microsoft 365 Azure AD: Cloud based Azure Active Directory

OneLogin Access Management: Cloud Based Directory with the ability to sync to Azure or Local Domains for user control and providing Multi-Factor Authentication

DUO Security: Cloud Based security provider enables the ability for a single platform to be used across multiple applications providing MFA and single sign on for easier user management.

Most systems are breached via email through a phishing attack against the organization. Even if only one person clicks the link or puts in their password, it can give the attacker full access into the organization’s most sensitive data. The human element is the most unpredictable and the hardest to protect against. That is why it is crucial to provide social engineering testing and training. Fake phishing emails are sent out to test the vulnerability of each user. Reports are then generated to see which employees require training to rectify the situation. Each training session is different and teaches employees ways to keep the organization protected.

Our SOC uses their tools to track and examine every packet sent in and out of the network. The sensors analyze every packet as well as firewall logs and any other relevant information to find malicious packets before they enter the system. Our SOC is constantly reviewing this information to stop the transfer of anything malicious.

Privilege Escalation is the process used when malware or an unauthorized user or system executes a procedure that allows them to gain more rights than they’re initially supposed to have.

Endpoint Anti-Virus: With our AV product running and managed from a central pane of glass, our team ensures that your systems are monitored for patterns that match these types of behaviors, and to alert, quarantine, and clean, any detected compromising software.

Security Baseline Policies: Following each systems manufacturer baseline policies, enhanced with our own internal security standards, we work to restrict administrative rights to specially designated accounts that need it and follow a strict process for granting additional rights when required. Be sure to let us know if there’s a specific industry standard you need to meet so we can adjust our processes.

Controlled Software Access: We can bring in additional services to provide a whitelist approach to any software that must run, or to design an approval process for any new software installs, simplifying requests to the help desk.

If there is any stored data that is sensitive in nature, then encryption should be applied to make sure only authorized users can access it. Both locally-stored and cloud-stored data should be encrypted, making the data unrecognizable to anyone not authorized to access it. We implement the best encryption algorithms, which are essentially impossible to breach, to make sure the data is secure. This is also used to send emails with confidential information.

Our Threat Hunter is used for advanced breach detection and remediation. It tracks every change made to every endpoint. The changes are then reviewed to find any auto-runs, which is used to execute malware. Any suspicious auto-runs are then manually reviewed by our analysts at their SOC (Security Operations Center). If they spot anything malicious our team quickly removes it from the systems.

Discovery is where malware sits on the network and starts examining the environment so they can see where best to attack next.

Endpoint Anti-Virus: With our AV product running and managed from a central pane of glass, our team ensures that your systems are monitored for patterns that match these types of behaviors, and to alert, quarantine, and clean, any detected compromising software.

IntelliSecure Breach Detection: With our award-winning EDR service enabled, our partner Huntress will be doing active threat hunting on your endpoints looking for malware that was able to avoid the standard Anti-Virus engines.

Ransomware is some of the scariest forms of malware and that is why we make sure extra protection is in place. We know how most ransomware functions and therefore target those areas to see if there are unusual signs of an attack. Once we spot it, we immediately remove it from the system before it can execute.

Ransomware is some of the scariest forms of malware and that is why we make sure extra protection is in place. We know how most ransomware functions and therefore target those areas to see if there are unusual signs of an attack. Once we spot it, we immediately remove it from the system before it can execute.