Information Security

Layered Security

Information Security (InfoSec) is a continued need for all businesses.  We understand this need and are here to find a solution that works best for your company.

Our goal is to provide a proactive solution regarding information security.  We do not want your business to experience any downtime due to viruses or ransomware.  Lost time is lost money for most businesses, so we want to assist in planning, auditing, and managing every aspect of your security plan.

Hardware, such as firewalls or network security appliances, is an important layer of security.  Having these items configured correctly, and the firmware up-to-date, can help minimize most external attacks.

Software, such as Anti-Virus/Anti-Spam software and IDS software, helps with security by reducing the chance of viruses spreading through a network, or in the case of the IDS, helps detects attacks before they reach the internal network.  Also, software that provides data encryption on a computer, or during transmission, provides another layer of security.

Finally, the most important part of Information Security is knowledge.  Training employees on security awareness helps reduce all types of security threats.  Establishing an Information Security Awareness campaign is a great start.  Giving employees the tools to prevent security threats, whether external or internal, helps the company.

Chart by Visualizer
Chart by Visualizer

Security Compliance

With the increase in security threats to all businesses: large and small; companies need to provide clear rules and policies for their employees.  Some of these rules and policies come from laws with the local or federal government: HIPAA, PCI-DSS, SOX, and FISMA.  Other rules and policies build on industry standards: NIST, ISO, and COBIT.

Having well defined policies and plans provides the company options if or when a breach occurs.  It clarifies what discipline can be taken against employees, and provides a plan to recover from an attack or disaster.

Having these policies and plans clearly defined before any threat or disaster occurs is preferred, but if your company does not have any of these, or only a few, we can assist in creating them.

Contact us for any assistance with your Information Security needs.

Contact Us

95

% of data breaches due to human error (3)

43

% of cyberattacks that target small business (4)

3860000

Average cost of a data breach in dollars (5)

111605

Average ransomware payment in dollars (6)

InfoSec Services

  • Firewalls
  • Network Security Appliances
  • Information Security audit
  • Compliance audit
  • Anti-Virus/Anti-Spam software
  • Advanced EDR software (next-gen AV)
  • Intrusion detection software
  • Encryption
  • Multi-factor authentication
  • Updates – software and hardware
  • Employee security awareness training

InfoSec Benefits

  • Disaster recovery support
  • Virus remediation and prevention
  • Ransomware risk reduction
  • Data encryption
  • Secure transfer of data – WAN or LAN
  • Statutory and regulatory compliance
  • Audit results

InfoSec Policies and Plans

  • Information Security Policy
  • Acceptable Use Policy
  • Access Control Plan
  • Business Continuity Plan
  • Disaster Recovery Plan
  • Electronic Communication Policy
  • Incident Response Plan
  • Risk Assessment Plan

References:

1. Verizon.com; 2020 Data Breach Investigations Report – Executive Summary (verizon.com)

2. ID Theft Resource Center; Home (idtheftcenter.org)

3. Cybintsolutions.com; 15 Alarming Cyber Security Facts and Stats | Cybint (cybintsolutions.com)

4. Verizon.com; 2020 Data Breach Investigations Report – Executive Summary (verizon.com)

5. IBM Security; Cost of a Data Breach Report 2020 (capita.com)

6. Fintechnews.org; The 2020 Cybersecurity stats you need to know – Fintech News