Protecting a business’ most valuable asset, its information.
It’s time to Cover Your Assets (CYA) with CYA|Suite™ layered protection!
Businesses run, grow and thrive on information; information about: products, services, intellectual property, employees, customers/patients, vendors, partners and investors; information that is stored in email, on file servers, in databases, CRMs, ERPs, accounting systems; information that is stored on-premises and/or in one of several public or private clouds.
No matter where that information resides, it needs to be protected. It needs to be protected from accidental or intentional deletion, corruption and leakage. Account Takeover (ATO), Business Email Compromise (BEC), Malware/Ransomware/AdWare, Phishing…just a few ways corporate accounts and data can be compromised, and it’s a continual battle.
There’s no silver bullet, no magic pill, no incantation, no pixie dust, no one product/service, NO ONE THING that will keep your organizational accounts and information assets 100% protected. It’s really not a question of IF you will have a breach (or maybe already do). It’s a question of when and what impact it will have.
It’s not all doom and gloom. It’s a matter of identifying risks, exposures, vulnerabilities and addressing what things that can be done to stop, mitigate and recover from a variety of attacks and account/data compromises. There are controls (logical/physical, applications/services/tools), policies and procedures that can be put into place that can dramatically reduce the likelihood of an account/data breach occurring, speed up recovery time (in the case of data corruption/loss) and reduce the potential negative financial and reputation impact to an organization, due to data loss/leakage.
A defense-in-depth information security strategy is not a new concept, yet for many organizations no such strategy exists. That’s where CYA|Suite™ comes in. We’ve spent quite a while putting together a suite of complementary cloud-based and professional services that align with defense-in-depth strategy for user account, device and information protection. These services can be purchased and consumed as an entire suite or individually (à la carte). There are no dependencies between layers in this suite, so if you are happy with certain equivalent services/applications you are already using, they can still work with these other services! Along with the unbelievably cost-effective pricing we’ve put together with these solutions, there are discounts for bundled services and tiered pricing levels for users/capacity, as well.
So, read a little more below about the CYA|Suite™ of layered protection services.
LAYER 7
Identity Management
Protect your accounts! Approximately 25% of Business Email Compromise (BEC) is directly attributed to the use of stolen user credentials. When it comes to data breaches, “there are four key paths leading to your estate: Credentials (~45% of non–error, non-misuse breaches), Phishing (~18%), Exploiting vulnerabilities (~9%) and Botnets (~2-3%)…no organization is safe without a plan to handle them all.” Verizon 2022 Data Breach Investigations Report. Multi-factor Authentication, Passwordless Authentication, Identity governance, privileged access management, account monitoring are examples of controls used to help protect accounts and access.
LAYER 6
Security Awareness Training & Phishing Attack Simulation
Train your users! Let’s face facts, end-users are a weak link when it comes to information security. It’s not because they don’t care, it’s really just part of human nature (for most of us anyway) to be trusting. Unfortunately, when it comes to protecting corporate (and personal for that matter) assets, we need to really have a “Zero Trust” mentality, or at the very least a “Trust But Verify” strategy. Security Awareness Training can cover a lot of topics but focusing on email phishing scams, ransomware and account/password protection are great places to start. A great way to train and test end-users is by simulating a variety of Phishing attacks.
LAYER 5
Content Filtering & Threat Protection
Stop threats before they reach your endpoints! A majority of data breaches, malware/ransomware outbreaks and data exfiltration/leakage occur via corporate email and email security products and services can catch a lot, but end-users typically have access to personal email, social media/networking sites (business and personal), instant messaging, groupware, SMS text messaging, etc.., and that traffic never passes through your email system. So how can you help neutralize the threat?
LAYER 4
Endpoint Protection & Management
Protect your endpoints! Over half of breaches start with a compromised endpoint and we are not just talking mobile devices here…we are talking about server, workstation, laptop and tablet endpoints as well. Organizations need to take protecting endpoints seriously and that starts a multilayered agent that covers areas like: Anti-virus/Ransomware protection & containment, patch management, endpoint firewall configuration, USB scanning and Mobile Device/Application Management (MDM/MAM).
LAYER 3
Configuration & Vulnerability Management
Barbarians are at your gate! Default permissions, misconfigured settings, outdated or unpatched applications/operations/network devices, the list goes on to the potential vulnerabilities and exposure an organization can face. These are all areas that a well-equipped hacker can easily take advantage of to comprise your environment to deploy Botnets, malware, steal and/or encrypt your data, implement Denial of Service (DoS) attacks on your website, firewalls, hosts, etc. The importance of continual monitoring of cloud-based services and on-premises networks and hosts for security issues/vulnerabilities/configurations cannot be overstated.
LAYER 2
Data Leakage/Data Loss Prevention & Compliance
Secure it at the source! No matter where your information is stored, your first line of defense is using the built-in security capabilities of cloud-based services, server-based applications/services and operating systems. Limiting access based on role, group and user needs; restricting the type of access (Read, write, execute, delete, modify); and encrypting database fields like credit card info, social security numbers, etc., can go a long way in protecting information from being accessed, corrupted, deleted and/or leaked.
We can help with planning for document classification & sensitivity labeling, data leakage prevention policies & controls, as well as GDPR, PCI and HIPAA compliance assessments.
LAYER 1
Backup and Recovery
Nothing beats a good backup! The most basic and yet most important data protection layer is being able to recover data to a specific date and time prior to a deletion or corruption event. In the event that something or someone has still slipped by your layered protection…with the right backup solution in place, you can recover deleted or corrupted data within a matter of minutes or seconds, getting you back in business quickly and helping you avoid paying ransom for your own files to get them decrypted.