Security

Security is inconvenient. There are constant headlines about security breaches and new threats to your assets. The goal is to do what is necessary to protect your data while making it as simple as possible to work.

 

Planning – Security should be considered as a part of every IT project. It is much easier to design in good security then to try to fix a flawed design.

 

Compliance – We can help you meet the compliance and regulatory requirements for your industry. Ask us for a checklist to get you started. We can help you develop and implement a security policy and plan for your business that fits your situation. We work with HIPAA, Red Flag, PCI compliance, WISP, GLBA, SOC2, and many other industry specific needs. More on compliance…

 

Managing user risk – Have a checklist for onboarding and letting go of staff. Have a “computer use” or “acceptable use” policy. Plan for training staff to be sure they don’t put your company at risk.

 

Cyber-Liability Insurance – Most insurers now require you to implement specific security solutions to be eligible for insurance coverage. Often this included adequate malware protection, backups, firewall protection, and 2-Factor Authentication for online accounts. We can assist.

 

Backups – Good backups and planning for the worst assure that even if your security or data integrity is compromised, your business is intact and can recover quickly.

 

Managed Antivirus – The biggest problem we see with Virus protection is that it is not kept up. Even though it may automatically update, many small business users don’t take the time to install new versions when they come out, and keep up with changes in the industry. We recommend an antivirus product that integrates with our network monitoring and management. We get notified when a virus or malware is detected on your computers and can take immediate action if needed.

 

Patch management – most security breaches take advantage of known flaws in existing software. Patch management provides low cost, consistent, automated ways of making sure your computers stay up to date, and detecting any failed updates.

 

Firewall – the right balance of firewall settings allow you to share information over the internet only with those you intend to. We are dealers for and trained in most firewall products including Cisco, SonicWall, WatchGuard, Fortinet, Barracuda, and others.

 

Web filtering – Most malware is now delivered simply by visiting the wrong website, or clicking on a malicious ad. Some of this can be caught and prevented by using software that is aware of and catches malicious web browsing activity.

 

Network management – By using a server based network, you can apply security policies to improve security. Some businesses are better served by cloud based centralized security such as Azure Active Directory. We can help determine what is best for your business.

 

Passwords – One of the biggest security issues is the management of all the website logins you need to have to conduct business. We recommend and help implement Keeper Security – a password management tool that gives you control of the many logins your employees need to do their job. We also recommend setting up some form of 2 factor authentication, and have worked with biometric and token based security systems.

 

Working remotely – keep it secure by understanding the risks and preventing problems. Make sure all devices accessing your data are adequately secured.

 

Wireless – There are unique risks associated with wireless networks. Proper configuration is essential.

 

Asset management – Know where your data is and how it is protected. We can help you keep track of your IT accounts, assets and software licenses.

Security Resources

Articles

Managing Passwords for Websites

Login Security

Protecting your Identity

Here are some resources for developing your security policy and plan.

As you investigate IT security, you will discover that there are well established best practices for IT management which provide a foundation for good security.  Here are some starting points: