Those are words we never want to hear, no matter what the situation. Something undesirable has happened, we were expected to have prevented it, but it happened. By the time the question is being asked, there isn’t much to do except damage control.
When it comes to information security, sadly, this question is asked all too frequently. Attackers continue to refine their skills while, at the same time, more and more aspects of business are being digitized and moved online. If you don’t have a robust and constantly improving security posture, sooner or later you’re going to hear those words directed at you.
In the previous blog post, Make vs. Buy, we discussed the economic tradeoffs of investing in internal expertise versus leveraging external expertise. Maintaining effective information security is like running on a treadmill that doesn’t have a stop button: if you aren’t constantly moving forward it’s going to get ugly real fast. Staying up to date on the latest security trends, vulnerabilities, and solutions is a full-time job, and when you factor in PCs, phones, servers, networking gear, and other technologies, more than just one person can handle.
Clare Computer Solution developed NetCentral Secure to meet the managed security needs of your organization. Regardless of how large or small your environment, whether on-premise or in the cloud, our security services offer robust, multi-layered protection that can help you before, during, and after an attack. Let’s take a look.
Before an attack:
The best time to prepare for an attack is well before the attack. Evaluating your weaknesses, strengthening your defenses, and installing a warning system are the fundamental first steps of security.
We’re all familiar with anti-virus scanning. It references a seemingly always-out-of-date database of known security threats and slows down the PC while looking for matches. Fortunately, that’s no longer state of the art. NetCentral Secure uses artificial intelligence to not only test against known threats, but to adapt and learn as threats are evolving. Behavioral analysis of every threat is tracked and processed, helping build a growing database the artificial intelligence engine can use to detect new attacks in real-time.
Scanning has always been a two-edged sword. Increase the scanning, you increase security but bog down the CPU and reduce employee productivity. Even worse, savvy employees may decide to terminate security software so they can get work done. With NetCentral Secure, if your PC fleet meets the right requirements, the scanning software can leverage the integrated graphics to accelerate scanning without bogging down the CPU. Security is increased while productivity is maintained. It’s not often you get a truly win-win situation like this.
Even though we put a lot of effort into finding and securing technological weaknesses, employees are still the largest attack vector. A well-crafted phishing email can bypass many layers of cutting-edge security, so controlling the human factor is just as important as the hardware and software factors. That’s why NetCentral Secure includes an employee training curriculum you can deploy within your organization to ensure your employees are knowledgeable about threats and aware of their responsibilities to protect the organization against attacks.
It’s also critical to use all the security features that are available in the tools you already have. Microsoft 365 includes some advanced security features such as multi-factor authentication (MFA). With MFA, just stealing a password is not enough, as you will be asked for a second form of authentication, such as a security code sent to the cell phone registered with the account or a specific authentication application on the phone. Many of these security features are optional and need to be properly configured to get the security benefits. When you have Clare Computer Solutions handling your security, we’ll make sure these optional features are active and enforced, and as Microsoft continues to augment these features, we’ll ensure your configurations are updated to leverage the latest improvements. It’s all part of our mindset of doing as much as possible to respond to threats before they become attacks.
During an attack:
When malicious activities are detected, NetCentral Secure software agents automatically send alerts to the Security Operations Center (SOC), which monitors, detects, investigates, and responds to security threats around the clock, 24/7. If you’ve seen the movie Apollo 13, the SOC is Mission Control in Houston, a room full of the biggest brains on the planet ready to jump into action at the first sign of a problem and help you stay safe. Our experts have longer hair and they don’t wear ties like the NASA engineers in the movie, but if you have a security problem, they’ve got your back. (If you haven’t seen Apollo 13, stop reading now and go watch it on your preferred streaming platform, we’ll wait).
The geniuses in our SOC quickly evaluate the threat and begin their response: quarantining potentially compromised systems, killing malicious software processes, and using data about the attack to immunize other devices to limit the spread of the attack across the network. This can all happen before you’re even aware there’s a problem.
After an attack:
Once an attack has been thwarted, it’s time to clean up and prepare for the next attack. NetCentral Secure is paired with our Managed IT Security Services, which includes regular cloud-backups that allow us to restore computers to their pre-infected state quickly. Regular data backups are essential to recovering after an attack, especially the latest ransomware attacks, so you can’t really draw a line between management services and security services. In fact, when you engage Clare Computer Solutions for IT managed services, you automatically get security essentials with NetCentral Manage Essentials, because one without the other is an incomplete solution.
NetCentral Secure offers additional logging and forensics to help you fulfill any insurance or disclosure requirements your business may have. Our solution is designed to comply with the industry’s best-known compliance and standards organizations including Gartner, NSS Labs, AV-Test, AV-Comparatives, PCI-DSS, HIPAA, and ISO27001.
With all the other business demands you have, how many internal resources can you really invest in keeping up-to-date with the latest developments in the security industry? Will adding a cloud security expert on staff help grow your revenue better than an additional sales rep? Can you really afford the consequences of not having cutting-edge security defenses? When customer data is compromised, will they say, “I understand, you did your best,” or will they say, “How could you let this happen?” These are uncomfortable questions because they strike at the core of the security risk/reward tradeoff.
If you’re ready to tackle these uncomfortable questions head-on, give us a call. We can discuss your security needs and how NetCentral services can address the security issues mentioned in this blog. With security solutions for PCs, servers, phones, and tablets, you can continue to digitize your business while knowing you’ve got the experts at Clare Computer Solution keeping your digital defenses sharp 24/7.