Cyber Security Services - Security is only security if it's managed!
Gain Peace of Mind with Fully Managed Cyber Security Services from Tech Guard
Things are not always what they seem. The existence of a firewall or anti-virus software does not prove they are working correctly and blocking threats, just as the existence of a backup file does not prove the data is correctly backed up and could be successfully restored. A stolen laptop is only encrypted if it can be proven it was encrypted when it was stolen. When, not if, a data breach or system compromise happens - the law (see: GDPR) now demands proof that IT security and data protection measures were in place and working. Are you prepared?
Your network, your cloud, your endpoints, your users - they all require IT security. We get it, it's a minefield. How do you manage it all? Enter Tech Guard, a fully managed Cyber Security Services company that seeks to remove the burden of managing, monitoring and testing your IT security and backups across all areas, so you can focus on your business.
Next Generation Firewalls
Today's advanced cyber threats regularly bypass standard firewall technology. So much so that manufacturers have added several "next generation" security features to their next-gen firewalls. These are now a minimum standard in network protection. Next-gen firewalls are the primary line of defense, as ever-evolving threats that attempt to circumvent them now means that firewalls require constant managing, monitoring, updating and re-configuring to block the latest threats. Here at Tech Guard, we supply and fully manage next-generation firewalls for our customers, so they can focus on business and remain protected.
A vulnerability is a weakness (typically in a system/software) that could be exploited to introduce a risk to a company's IT security. Many confuse vulnerability and patch management, and while there are some similarities, there are many differences. Tech Guard's Vulnerability Management service seeks to continuously scan your network-based devices for vulnerabilities and then evaluate them based on risk to your company. We then look to advise upon and implement remediation where necessary.
Failure to regularly install the latest updates, patches, hot-fixes or firmware updates often results in viruses, malware and hackers exploiting known vulnerabilities that can lead to a compromise of your network, ransomware, data breaches and/or extended downtime. Tech Guard's Patch Management service seeks to ensure that your networking devices are updated and patched on a regular basis, to ensure that known vulnerabilities are blocked before it's too late.
Web & DNS Filtering
Do you know what malicious websites your staff are unknowingly accessing, exposing your network to undue risk? Many of the latest cyber threats come down from browsing of websites, be it (un)known malicious websites, reputable websites that have been hacked and loaded up with viruses or from popular websites accessed that may not relate to an employee's job role (such as social media sites). Many very popular reputable websites display advertisements but, unknown to many, these ads are usually hosted elsewhere and can be hijacked and loaded with viruses that then infect your network by taking advantage of vulnerabilities in your PC or browser. Tech Guard's Managed Website & DNS filtering service not only filters out known malicious websites and adverts that link to malicious websites, but also websites that aren't related to an employee's role, helping to maintain productivity.
Many viruses attempt to download and run as malicious executable applications. The majority of these malicious applications also attempt to talk out to the internet to hackers or command and control centres (usually run by bots). Indeed many unnecessary, non-business approved cloud applications can be exploited to facilitate a system compromise. Tech Guard's Managed Application Filtering service seeks to put in place measures that prevent these executable applications from being downloaded in the first place, also preventing non-company approved cloud applications from contacting the internet that might otherwise expose sensitive data, and cause a data breach.
Penetration testing is different from vulnerability scanning in that penetration testing tries to remotely break into your network (exploiting vulnerabilities to their maximum) to see what internal systems can be accessed from the Internet. Tech Guard's Penetration Testing service provides customers with a range of comprehensive penetration testing services undertaken by one of our partners (a leading ISO certified penetration testing company).
Network Configuration Backups
Many businesses know to back up their servers but often forget about all the important network devices that are the backbone of their network, from firewalls and routers to switches and more. These devices are critical and, should they fail and need to be replaced, their configuration needs to be available to allow for a quick restore. Tech Guard's Network Device backup service regularly backs up the configuration of the network devices in your network that are critical to your day to day business operations. These backups are then encrypted and moved offsite for additional security.
Spam sent to businesses has increased significantly in recent years as hackers realise how easy and lucrative it is to fool staff into clicking links in fake emails, which then infect a network with ransomware or other nasty viruses. Tech Guard implement robust anti-spam counter measures through its managed email filtering solution, which drastically reduces the amount of spam received, thus greatly reducing a company's risk of compromise.
Many employees unwittingly send personal sensitive data over email to third parties, unaware that their email may already be compromised. With the introduction of the General Data Protection Regulation (GDPR) on 25 May 2018, it is important , now more than ever, if no alternative means of securely sharing the data is possible, to put in place a process to enable staff encrypt emails containing personal data and train them to do it. Tech Guard's Email Encryption service can be branded with your company logo and allows businesses to send emails with military level encryption direct from Outlook.
Many companies purchase an email system or email account and just start using it. Our plug-and-play generation has lead many of us to skip reading the manual and forget to configure things properly. Security settings baked into email systems often do not get configured properly - from mailbox permissions, to the blocking of mail flow in or out based upon certain conditions, the addition of disclaimers, to the enabling of malware filters including basic attachment blocking the company may not need to receive. Most don't realise that these settings are there and need to be configured to ensure a secure email system. Tech Guard's managed email service comes with peace of mind knowing that these settings will be reviewed and configured in line with business interests to ensure maximum security.
SharePoint, like many other solutions, can do a lot but if not configured correctly can lead to weaknesses that can result in a user accessing sensitive company documents or personal data which they should not have access too. This scenario can have serious consequences, especially when viewed in light of compliance with the General Data Protection Regulation (GDPR). Tech Guard's SharePoint security services undertakes a review of its security settings for businesses to ensure that security best practices are in place and correctly configured in line with your business needs.
Data Loss Prevention
Data Loss Prevention has become a necessity for businesses to undertake, to prevent data leakages which can result in data breaches and can have legal and financial repercussions. Tech Guard's Data Loss Prevention service puts in place policies that help to audit and prevent data leakage from cloud services like Microsoft Office 365, SharePoint and OneDrive.
Cloud Application Backups
Cloud services like Microsoft's Office 365 (Exchange, SharePoint, OneDrive) or Google G Suite (Gmail, Google Drive) are great and can bring big cost savings to businesses, however many fail to understand that these companies are not backup providers as well. Your data stored on their systems is not backed up, period! Yes, you might be able to retrieve a deleted file from yesterday or few days ago, but what about a file from last year? What about that data the law says you need to retain for 5, 6, 7 years or more? Tech Guard's cloud application backup service for Microsoft Office 365 and Google G Suite helps ensure you not only comply with regulation, but you can also restore accidentally deleted files quickly.
Next Generation Anti-Virus
Fact: Not all antivirus solutions are created equal. The latest viruses are now changing their form each time they execute allowing them to avoid common antivirus solutions. Next generation antivirus software is now a minimum security requirement to detect and prevent ransomware and these new viruses (zero day threats). Businesses that purchase antivirus software and roll it out to their endpoints, often think "Great, I'm secure. Job Done!". They assume the antivirus software will continue to work until the license needs to be renewed. Unfortunately, that's not the case, even with next generation antivirus. Without monitoring and management, you can't prove it's working or know when it's not working and needs fixing. That's not very secure, is it? Check out our fully managed next generation Antivirus service and let Tech Guard keep you secure.
Application & Browser Security
Microsoft Office applications such as Word, Excel or PowerPoint are used all over the world, as well as internet browsers such as Microsoft Edge, Internet Explorer, Chrome and Firefox. Each application has configurations that can either make them more secure or less secure. Most applications need to be updated regularly to close security holes that are found in their software code. Tech Guard's cyber security service aims to ensure common line of business applications are updated on a regularly and configured in the most secure manner that works for the business.
Operating System Security
Microsoft Windows operating systems are installed on PCs in nearly every company on the planet. They are the most commonly hacked application and contain a myriad of security-related features that, if not configured correctly, can leave not one but multiple gaping security holes in your network that no antivirus or firewall can help detect or fix. One insecure operating system is like having a secure front entrance but leaving the back door wide open . It's a case of when, not if, you get hacked. You wouldn't want to make it easy for the hackers to access your data now, would you? Tech Guard's cyber security service aims to ensure every operating system is securely configured and the many operating system loop holes that viruses and hackers can exploit to compromise your systems are locked down where possible.
It's not just network devices like firewalls and routers that have vulnerabilities. Desktops, laptops and servers also have vulnerabilities that, if not secured, can lead to cyber criminals or viruses exploiting the vulnerabilities and compromising your network. The latest WannaCry ransomware exploited a vulnerability in the Microsoft Windows Server Message Block (SMB) operating system protocol allowing it to spread across the network with ease. Tech Guard's vulnerability management service scans your endpoints, servers and desktops on a regular basis so to ensure that any known vulnerabilities in your systems are identified, assessed for their risk and closed where possible.
Failure to regularly install the latest operating system and third party application patches often results in viruses, malware and hackers exploiting known vulnerabilities that can lead to ransomware, data breaches and/or extended downtime. Tech Guard's Patch Management service not only maintains the Microsoft updates or patching level of your servers, desktops and laptops but also updates several third party freeware applications that are frequently exploited by cyber criminals (Java, Adobe Flash, Chrome, Firefox to name but a few).
Ransomware and many other viruses try to evade antivirus software by posing as reputable applications which users inadvertently download and execute. These viruses then conceal or execute themselves in areas of the operating system that their reputable cousins would not otherwise run in. Certain hidden operating system folders are used commonly by ransomware and viruses to avoid detection by antivirus software. Tech Guard's cyber security service implements a managed Ransomware Protection solution that seeks to put in place endpoint measures that prevent ransomware, viruses and malicious, unknown or untrusted applications from executing.
Server & Workstation Backups
One major part of any security strategy should be a robust and tested backup process. Are you backing up all your critical data on your servers and desktops? Did your backups work last night? Are you confident your backups will allow you to restore from them when you need them to? How long will you survive without your critical data? Important questions that not many can answer with confidence. Why? Because most people don't monitor or test backups, and so they don't know when they are failing, don't know if they can restore from them when they need to and don't know how long a full restore might take. Tech Guard's cyber security services go hand in hand with our fully managed backup service that ensures your data is backed up offsite - secure and ready to restore on a moment's notice.
Security Awareness Training
It is estimated that 97% of people are not able to identify a sophisticated phishing email (Source: Intel Security survey of 19,000 people from 144 countries). As a result, it is not hard to believe the statistic that over 90% of past data breaches started with a phishing attack. It's a fact - staff are the weakest link and require up-to-date regular training not only to be aware of the latest scams and to spot the signs of a phishing attack but also to be aware of their data protection responsibilities. Our online based Security Awareness Training service teaches staff about IT security regularly throughout the year via multiple short interactive modules (with quizzes) covering topics like phishing, ransomware, CEO fraud, safe web browsing and the GDPR to name a few. As techniques change, the training gets updated. Don't leave it until it's too late. What staff don't know won't hurt them, but it will hurt you.
Simulated Phishing Attack Service
The majority of humans only really learn through practice and failure - that's why security awareness training on its own doesn't cut it anymore. The techniques used via email to scam users are changing at a rapid pace and unless users are frequently phished with emails simulating these new techniques and attacks, your network will be compromised for financial gain through ransomware, a data breach or similar. Our Phishing Service does just that. We phish your staff each month using emails simulating the latest scams, as clicking on our scams means they learn from their mistakes without hurting the business. It's not a case of if but when users will fall victim and click a link or attachment they shouldn't have. Phishing of staff can greatly help demonstrate good security practices in the eyes of the law (GDPR) and reduce the levels of fines for a data breach from phishing.
Phish Alert Service
As part of our Security Awareness services we offer a phish alert service for Microsoft Outlook, Office 365 and Google Mail mail users that allows them to report suspicious emails, phishing or otherwise, to us and your IT department. This allows instant visibility, not only into the threats facing your network on a daily basis, but also allows you visibility into how serious your staff actually take about the company's IT security. Cyber security is about awareness as much as it is about a layered approach, and you need to be aware if your company's security is not being taken seriously. Security is only as good as the weakest link.
Passwords, if compromised, can give hackers the keys to the kingdom. Compromised passwords are one of the main initial attack vectors that hackers will use. They also allow hackers to attack multiple systems as humans tend to use the same password (or with just slight changes). Passwords can be hard or easy to remember depending on the password. However with so many services, apps and websites requiring some form of password, the challenge becomes how to remember multiple passwords. Tech Guard aims to help companies solve this by rolling out a password management solution that gives the company a more secure way for staff to securely create, store and access complex passwords with just one click and with just one complex master password to remember.
Multi Factor Authentication
Passwords used to be the only means by which access to a system could be restricted. However, as they can be easily compromised, multiple authentication measures are now needed to thwart those attempting to access critical systems and systems containing sensitive or personal data with a stolen or compromised password. Enter Multi Factor Authentication (MFA), a security measure many systems are now adopting that requires an additional means of authentication (SMS code, fingerprint etc). Tech Guard helps companies implement MFA for Office 365 and Google Mail as email is the most common critical system to be compromised due their ability to be easily accessed remotely.
Compromised Password Checks
With thousands of data breaches happening daily, there are now billions of compromised passwords and email addresses available on the internet. Hackers have built programs to collate all this data which then attempt to automatically access websites and systems using these passwords or combinations thereof. Unsurprisingly then, 81% of hacking-related breaches leveraged stolen and/or weak passwords (Source: Verizon 2017 Data Breach Investigations Report).
Here at Tech Guard, we try to think like hackers and train our clients to do the same. We help companies turn the tables on the hackers and take advantage of this data by putting in place a solution that ensures none of their staff are using compromised passwords to access the local network and linked systems such as email and other internal/cloud based systems. Wouldn't that help add to your peace of mind?
Privileged User Access Control
Privileged User Accounts are the most important accounts on any system or application. If compromised, they typically give attackers all-access privileges to critical internal or cloud systems and/or sensitive data. As such, they need to be controlled, maintained and reviewed on a regular basis to ensure compliance. Tech Guard works with companies to ensure privileged access to desktops and servers is restricted to only relevant personnel. Too often users have admin rights to their computers meaning hackers and viruses also have the same access. Tech Guard also undertakes privileged user access reviews on a regular basis to help its clients ensure such access remains appropriate.