In this connected world of devices like IoT, mobile users, malicious web sites and crafty emails the security attack plane is multifaceted, real and continuous. Having a static security posture will not protect you for long. This has to be revised and refined continuously. Based in Sydney we can help tighten your company’s policies and security levels whilst maintaining a balance of functionality in business applications that your company requires. A quick win could be subscribing to Cisco Umbrella and Cisco Cloudlock. Obviously there is no silver bullet but this great and inexpensive step to securing your digital assets. Coupled with more in depth analysis of your companies IT systems, we can help keep you out of trouble and in compliance.
Some things to consider. This is an absolute minimum:
• Backups- Ransomware is a huge international business for attackers. You need to ensure you are taking regular backups and consider the 3-2-1 rule for backups (3 copies- 2 mediums- 1 offsite). We would recommend 1 offline as well.
• Host based FW/AV/Malware/IPS – software running on hosts that is up-to-date and feeding into threat intelligence systems that can mitigate attacks. Some are FireEye, Cisco AMP.
• Preventing network based attacks- Usage of IDS/IPS, web content filtering including email, Next-Generation FW (Cisco Firepower, Meraki MX, and Check Point)
• Patching- Ensure systems are all up-to-date with latest patches. Automation of these tasks is essential.
• Whitelisting of Applications- this is used to prevent malicious programs from running
• Application Hardening- turning off unnecessary or potentially dangerous features such as Flash.
Network Now, based in Sydney, can assist you in determining the best security strategy for your company that reduces the risks to your data, network and users.
For ad-hoc work, we can install and support firewalls, VPN concentrators, IDS, IPS etc. from many vendors such as Cisco , Cisco Meraki, Check Point, Palo Alto, WatchGuard and Fortinet in Sydney and Australia wide and even remote (we can do this via our remote access solutions)