Data Center Services Overview
Infromation Sercurity
Securing an organization is an ongoing process, not a point-in-time event. Thousands of new cyber attacks and threats are released every day, and are continuously becoming more sophisticated, circumventing common safeguards such as anti-virus and anti-malware. With employees, vendors and partners becoming more and more mobile and virtual, there is no true network perimeter any more. Attacks to an organization are no longer pranks, but a means to criminal behaviors such as corporate espionage and theft. They are designed to be persistent and undetected. The cost of a single event could range from thousands to millions of dollars in regulatory fines, loss of revenue, loss of productivity and loss of reputation.
A partnership with BDT could mean the difference between success and failure in protecting your network your data. Our approach to information security is that it is an enabler to achieving your business goals including: Compliance, Corporate Governance, and Competitive Advantage. We help you assess your current security posture, helping you to see where you are properly secure and identify your risks. With this understanding, we partner with you to implement point technologies to meet specific needs, and/or develop a comprehensive Security Program that properly meets your organization’s requirements, budgets and timelines.
INFORMATION SECURITY ASSESSMENT
Through a comprehensive 5-phase security assessment, we will set a security baseline as it pertains to your Information Security Goals (Compliance, Best Practices, Business Partnership/Client Mandates, Competitive Advantage, etc.). Each can be done as a separate project or as a complete assessment.
Phase 1: Security Policy and Process Review
Phase 2: Infrastructure & Server Security Review
Network Infrastructure, Wireless, Security Appliances (e.g. Web Gateways, Mail Gateway, IPS, DLP, Encryption, etc.), Windows Active Directory, Servers, Remote Access (VPN, Web Portals, Citrix/Terminal Services, etc.), DR/Business Continuity
Phase 3: Internal & External Vulnerability Assessment
Phase 4: Endpoint Health Compliance Review
Installed/remnants of malware, unauthorized applications/devices, unauthorized sharing of data/devices, and deviations from software standards (agents, a/v, patch levels, software versions, etc.)
Phase 5: Data Leakage Review
Monitor network traffic for sensitive data entering and leaving your organization.
Custom crawls of data repositories – identify where sensitive content resides and help you classify your data.
DATA GOVERNANCE
Your organization’s data is its most valuable asset. Whether it be customer information, research data, business strategic planning, financial information, product designs, or employee HR information, keeping your data secure and reliable is imperative. Most compliance regulations (SOX, HIPAA, HITECH, PCI, GLBA and others) revolve around data protection. Even if your organization is not bound by legislative compliance, your business associates who are, may mandate you to have data protection controls in place as part of their compliance requirements.
The first step in data protection is data governance – a strategic methodology for implementation of business rules and controls around your organization data. BDT can enhance your current data governance strategy through the development of policies, processes and procedures. With these administrative controls in place, we can then implement physical and technical controls to protect your data.
DATA PROTECTION
Your data is valuable. Whether it be for compliance, competitive advantage, business associate requirements, client mandates, or business stability/growth, protection of your data is critical. Working with BDT, we can implement technologies and appropriate processes to help you:
- Identify and classify your sensitive data and determine how and where this data is at risk.
- Ensure only proper access is given to sensitive data based on business needs.
- Ensure business appropriate use of sensitive data.
- Protect your organization from Data Leakage (via e-Mail, Web protection and Device Control)
- Implement encryption – Mail, File, Disk, Internet
NETWORK PROTECTION
Proper protection of you network depends on layers of protection known as Defense-in-Depth, where you implement layered security controls throughout the infrastructure of your network to prevent and/or mitigate threats. If an attacker is able to bypass one control, others are in place to stop him. However, to get the best ROI from your security technologies, it is important that the right controls with the right configurations are implemented to meet your organization’s individual needs.
BDT realizes that each of our clients is unique and therefore has his or her own individual requirements. We will work with you to efficiently configure, optimize, manage and administer the security technologies you need for your business, some of which include:
- Firewalls
- Routers and Switches
- Intrusion Detection/Prevention Systems (IDS/IPS)
- Gateways (Web. Mail, etc.)
- Log Management (SIEM)
- Server Hardening
- Remote Access
ENDPOINT PROTECTION
The most vulnerable point of any network is the end user. Most data breaches are caused by user errors. Your end users may unknowingly download malware from a compromised website, be a victim of social engineering, or simply post/email sensitive information without realizing that they are exposing your organization. It is imperative that you implement layers of control to protect your endpoints including physical and virtual desktops, laptops and mobile devices.
First and foremost you need to educate your users on the importance of security and how they can protect themselves and your organization. BDT can help you enhance your Security Awareness practices from classes to full campaigns. In addition BDT can partner with you to implement technologies that provide defense-in-depth protection of your endpoints including:
- Patch Management
- Host Intrusion Detection/Protection
- Device Usage Controls
- File & Device Sharing Controls
- Endpoint Standardization
- VM Host Hardening
- Antivirus/Anti-Malware