Information Security Overview
The cornerstone to all IT security is preparation. Put another way, the continued safety of your company tomorrow depends upon what you do today. Just ask any of the major retailers, corporations, brokerage houses and government offices that have been recently breached. The damage is already done by the time you get the first hint of a symptom. The fallout could be anything from lost revenues to angry customers, even legal problems.
So, how can you protect your customer database, your accounting, your intellectual property? Security begins at the door and extends to every switch, router and wireless access point, workstation, thin client, laptop, tablet, smart phone and various other BYOD’s (bring your own device) associated with your network. Just as most other security practices, we set up strict intrusion prevention around your perimeter, since this is the first line of defense. The new, next generation firewalls operate all the way through the application layer (L7), so they can examine packets for context. Subscription based heuristics allow detection of any suspicious activity, though it might be caused by a previously unknown threat. Even with these sophisticated mechanisms in place, malicious code may still enter your premises by stealth or other means, such as an infected laptop, flash drive or email, intentional tampering, etc.
Once a threat has passed your gateway, it will have unrestricted lateral movement (East-West) without proper preventions. Credentialing and authentication, physical structuring, antivirus, workload segregation and cryptography are among the many tactics employed. However, the key is understanding how to apply them in a particular situation while leaving no gaps in protection and maintaining a clear path for authorized users.
A holistic assessment and interpretation of your IT environment by competent, experienced examiners is a critical first-step to implementing an effective and complete security program. “Every use case is highly complex and individual,” says Rafael Velasquez, Practice Manager for Information Security. “There is no universal software or appliance that works every time. What you need is somebody who knows all of the solutions out there and how to best implement the ones that fit your enterprise.” We have industry neutral, veteran engineers that are certified in every major security offering.
DON’T WAIT TILL TOMORROW OR THE NEXT DAY WHEN YOUR NETWORK IS COMPROMISED! CALL US TODAY FOR A NO-COST CONSULTATION.
There are too many security offerings to list, but this is a representation of the various categories.
- Network Access Control (NAC) – Software that tracks file activity and user behavior to audit and control access. Active Directory provides NAC along with many third-party packages.
- Anti-Malware – Software that identifies and eliminates threats using heuristics or definitions of known malicious code.
- Heuristics – Process of identifying threats by signatures or suspicious behaviors. Offers the advantage of detecting previously unknown or “zero-day” threats.
- End-to-End Security – Security software designed to protect systems at either end of a connection, over a network or the internet.
- Micro-Segmentation/Containerization – Software that isolates applications but allows them to share a host operating system and an Application Programming Interface (API) library.
- Security Reference Architecture – A tested network blueprint that provides security by design.
- Mobile Device Management – Software for organizing and securing the many different types of remote, portable devices.
- Encryption – Software that uses a mathematical algorithm to temporarily scramble data so that it is inaccessible during storage or transmission. Data may be later unscrambled for review by intended users.