Security Review

Risk Assessment

Penetration Testing

Real-time Security Monitoring

Infrastructure Vulnerability Monitoring

Post Security Breach Incident Response

Office 365 Security and Compliance

AI Based Anti-Virus/Anti-Spyware

Dark Web Monitoring and Alerting

Email Protection

Desktop Risk Mitigation

Security Awareness Training

Security is a top priority for all companies today. It should also be a priority for your IT. Minimally, we recommend you should strive toward the SANS 20 for critical security controls for effective cyber defense. Many of the SANS 20 controls should be core to your IT support and consist of a series of best practices. Ask your IT about these cyber security best practices to ensure you are doing the right things before there is a serious security incident.

Not all companies need or want advanced security solutions, but some do need them. More companies are looking to implement additional security protocols which are described below. We help guide our clients through their cyber security needs/wants and will add these advanced security solutions where appropriate.

Security Review – This is the place to start so you can get a handle on your security and risks. Waident will do a high-level security overview to help gauge where you are with security overall and work on implementing best practices. Most security risks are not about the big things. Cyber security breaches most often happen because the little things are being ignored.

  • Review a questionnaire of business and technology cyber security items
  • Go over best practices and recommendations
  • Determine if any additional security measures or plans are needed

Risk Assessment – Have a security expert do a high-level SANS 20 review of your IT infrastructure and your business processes to help point out cyber security concerns while keeping an eye on best practices. Once completed, we can help lock things down and address any vulnerabilities.

  • Dive deeper into your infrastructure, polices/procedures, and business practices to ensure that security is the focus of your business
  • You don’t know what you don’t know
  • This is a must have next step for all companies needing, or wanting, to be as secure as they can possibly be

Penetration Testing – This is an advanced, social engineering driven, deep dive into your IT infrastructure and your users. More advanced than the Risk Assessment, penetration testing gives you greater insight into your security risks. Once completed, we can help address any security concerns that are found. Within 60 days you can even do another penetration test (at a fraction of the cost) to ensure you are in good shape.

  • Once completed, you will know exactly what your risks are and have a plan for addressing them
  • Do you need to do penetration testing for compliance or your cyber security insurance policy?
  • The ultimate security discovery process 

Real-time Security Monitoring – Have your network monitored in real-time to catch possible security breaches and anomalies. Most security breaches are discovered 9 months after they happen. With this, you will know of a security breach the day of the event so it can be addressed immediately.

  • SIEM implementation
  • Everything on your network is monitored for correlating events that could indicate a breach
  • Real-time monitoring of log files

IT Infrastructure Vulnerability Monitoring and Alerting – Are all of your systems up to date with the best possible security patches? It is nearly impossible to do this manually for all of your network technology. Having a monitoring and alerting system in place ensures you are as secure as possible.

  • Ensure everything plugged in to your network is up to date with the manufacturer recommended security updates
  • Many cyber security breaches happen because of a system not being up to date. Don’t let this happen to you!
  • Know when a rogue device is plugged in to your network since it will show up on a report

Post Security Breach Incident Response – Have you had a breach or security incident? The sad fact is, even though “you are back to normal”, most times the security hole that caused the breach may still be there. We can do IT forensics to find the root cause and make sure it has been stopped.

  • A cyber security break can happen, so when it does, are you sure you are secure from it happening again?
  • Do you need to do this for compliance reasons?
  • You don’t know what you don’t know….

Office 365 Security and Compliance Management – We help clients manage their Office 365 account with respect to security by leveraging the built-in Secure Score module. Secure Score is a security analytics tool that helps determine areas of risk and the steps to take to reduce that risk. You get points for each area that adheres to Microsoft’s best practice. The higher your score, the lower your risk and the better your security and compliance is. Improve your security posture with the least amount of usability impact for your users.

  • You are using Office 365 but is your system as secure as it can be?
  • GDPR, Data Governance, Threat Management, and Microsoft Secure Score
  • Strengthen your Office 365 platform with industry best practices

Advanced AI Based Anti-Virus/Anti-Spyware – Take your anti-virus and anti-spyware to the next level. No anti-virus application is perfect; they all can miss viruses, and some are definitely better than others. A new breed of AI based applications is hitting the market now and it’s a lot better than what you are most likely using currently. 

  • Does not rely on daily updates so the system is always ready to catch new viruses
  • You will not even notice the system is running and it takes a fraction of the time to scan your network compared to traditional anti-virus applications
  • Identifies attacks before they can even start

Dark Web Monitoring and Alerting – Monitors the Dark Web in real-time for hijacked user logins/passwords, addresses, social security numbers, and the list goes on. Receive a daily report of the data so you can quickly act upon the break to prevent future problems. The report will give you pertinent details including the email address, where the breach occurred, when the break happened, and even the leaked password. 

For personal protection similar to Life Lock, you can use ID Agent Spotlight. This platform will monitor the Dark Web for your personal identity, social profiles, and credit profile. Plus they will help restore your identity including a $1,000,000 identity insurance policy.

  • Know about a data breach days after it happens instead of months later, hoping you find out about it then…if at all
  • Get stolen identity protection if that is something you want
  • Users often have the same password for multiple services, such as network logon, social media,online stores and other services, exponentially increasing the potential damage from a single compromised username and password

Email – Spam, Phishing, and Ransomware Filtering – Stop spam and ransomware emails before they become a problem. All of your corporate emails will be filtered and cleaned of bad messages before ever making it to your inbox.

  • Is the built-in filtering in Office 365 (or your current system) good enough for you?
  • Most ransomware infections happen because of a user clicking on a link or attachment in an email
  • How much impact would a ransomware infection cause to your organization?

Desktop – Risk Assessment and Real-Time Activity Monitoring and Management – You have robust security in place, but do you know what your users are doing on their computers to naively circumvent your security? For example, is there a system in place to know when someone prints files from a secure folder (or copies them to a USB drive)? What about if a user sends out an email with sensitive client data (even the ability to read attachment contents to ensure no sensitive data is being sent out)? Know exactly what is happening on every computer all of the time. Yes, this can be thought of as a “Big Brother” platform, but for banks and other regulated institutions where a secure environment is paramount, it’s a savvy business tool.

  • Know where your sensitive data is now and how it is being used
  • Your compliance auditors will love you. The software meets all the regulatory compliance from NIST, HIPPA, SEC, PCI / PII, ISO 17799, GLBA, FERPA, GDPR, and others
  • Armarius Software’s SMS – Scribe Management Suite provides security at the user end node.  The SMS end node user solution proactively monitors and controls the user’s activity.

Security Awareness Training – Continually educate your team about security and clicking on those bad links in emails. And if they do, you can help your team not do it in the future.

  • Most security breaches are caused by humans. Educate them regularly so they can make better decisions and prevent more cyber security incidents
  • Custom phishing emails used to educate your team
  • Know who needs additional training and who is doing a good job not clicking on things they should not be clicking on

Get the support you need, before you need it

Contact Waident to see how we can solve your IT Security needs before they become problems. Consultations and estimates are always free.

Speak With Us