As cyber-threats continue to grow in volume, complexity and threat vectors, small business are prime candidates for cyber-attacks. Our approach helps small and midsize businesses (SMB’s) to be resilient with cyber security threats, focusing on areas of increased risk, to help your organization prevent, detect, and respond to cyber threats effectively.
At Dex Solutions, we help SMB’s stay ahead of new cybersecurity threats.
How strong is your perimeter security? What information are you exposing to the internet which is vulnerable? Is your data protected? These are the questions that we answer when doing a penetration test. We use the latest methods and technologies to determine if your company is safe from attack from anywhere in the world.
IT Security is meaningless if your data centre or offices are not secure. Having a network access point in the waiting room is one example of how your organization can be exposed by allowing your competition to access your network behind your firewall. Our Physical security assessment deals with all aspects of your environment focusing on both safety and security.
Does your organization have a process in place to discuss, validate, implement and track changes to your Information Systems infrastructure? When investigating a breach, it is important to understand when and why a change was made and by whom. Equally important is to have a peer review of the change prior to its implementation to mitigate any risks to your functioning systems. Every organization should have a robust process in place.
When an employee leaves the organization, their account should be immediately disabled. It sounds simple, but in reality there are often many accounts that should be disabled but are not. There are a variety of reasons for this. Your organization may use a lot of contractors and it is hard to keep track of who is authorized. There may be gaps in the notification process between Human Resources and Information Systems. There have also been occasions where an IT person sets up a back door account prior to his/her departure. A regular review of the authorized users is essential to your overall security.
How ready is your organization for a cyber security attack? It could be as simple as a Distributed Denial of Service (DDOS) attack where computers from all over the world are sending meaningless data to your web server causing it to become non-responsive to real requests, in essence shutting your online business down. These attacks are often associated with extortion attempts. Is your security infrastructure where it needs to be in order to protect against these and other types of attacks.
The mistake most often made is that the governance model does not fit the size of the organization. Our experience can help you implement a governance model that is appropriate for your organization, whether that organization be large or small. How engaged is the business involved in driving IT issues? How engaged is IT in driving business initiatives?
IT Asset Management is more than simply knowing where all of the desktops and laptops are located in your organization. It involves a comprehensive plan around asset management and replacement. This also includes strategies towards virtualization and cloud based email and storage. Let us help you explore the options available to you to protect your infrastructure, give you maximum security and save costs.
PCI (Payment card industry) compliance is the current hot topic in the industry. Is your organization credit card data secure and are you in compliance with the standards being dictated by the Credit Card companies? We can assist with a pre-assessment or remediation to save your organization money.
Can your business survive a major disaster such as a fire, major incident or major data loss. According to statistics, 70 to 80 percent of business never recover or fail within 18-36 months. How many days can your business be unavailable partially or fully before having a major impact on your bottom line. The answer is different for different types of organizations. Our experts can put together a plan geared towards your industry.
Disaster Recovery is defined as a catastrophic failure to your data centre, whether it be fire, flood or some other type of major incident affecting the ability for Information Systems to deliver services to your organization. Identifying key applications and formulating a plan to deliver those services in the event of a disaster is the key to remaining operational.
A recently hired employee has, unbeknownst to you, brought confidential information from their former employer. Not only have they copied onto their desktop, but also shared it amongst some of their new collegues. The first you find out about it is when you are served with an injunction or civil law suit as the former company has unrefutable evidence of the theft of this information. We can assist in identifying and removing all of the information from your companies computer systems, including email and backups. Our experience has shown that a proactive approach to this type of situation is the best approach.
Technology is moving at lightning speed. Moving email to the cloud, Google apps, encryption and the cost of Information systems are all at the top of mind of organizations. Let us help you navigate this landscape with current best practices. Our experience will help yoau avoid the pitfalls.