Security solutions that address today’s most demanding business challenges.
Over 90% of cyber-attacks can be prevented by implanting a cyber program and following the recommendations of standards institutes like the National Institute of Standards and Technology (NIST) or the Center for Internet Security (CIS). Estimates show that over 70% of organizations have already or are planning to implement NIST. At a high level, a properly developed cyber program will define what an organization needs to protect and how.
Focus Technology is here to help guide organizations on the journey to a strong security posture, and help build full coverage cyber programs. That includes gap analysis of where your organization is currently versus were it needs to be for compliance. Focus can then help fill any of the gaps with products and services needed along with regular testing to ensure everything is working according to the plan.
Focus Technology’s Security Wheel
Account protection & identity management
It all starts with account protection and identity management or identity access management (IAM) as it is often called. Active directory policies around password complexity, when to lock out after incorrect attempts, and multi-factor authentication to protect passwords are common ways to protect accounts. Brute force attacks against weak passwords are still one of the most common ways bad actors get control of an account.
Every client server needs to be running endpoint protection. It’s no longer just about virus and malware protection. Modern endpoint protection needs to block encryption, use signatures for malware, and leverage machine learning and behavioral analysis to detect and protect against fileless attacks.
Secure networking – switching/routing and wireless
Proper network and wireless security must also be implemented and enforced. A guest wireless network should be created for non-employees, and network segmentation should be put in place to limit what is accessible in the event of a breach. Proper wireless security protocols should be used, and zero trust architectures and micro-segmentation should be investigated and deployed where appropriate.
NextGen Firewall & Cloud Firewalls
Older firewalls should be replaced with NextGen firewalls. These newer firewalls include features like application firewalling, intrusive detection, and packet inspection. The same features need to be applied to cloud resources as well. Too many people believe that security is inherent in the public cloud. The reality is it is a shared responsibility model. Cloud firewalls should also be deployed to provide the same level of protection to cloud resources that you provide to traditional datacenter workloads.
Secure remote workforce
Focus Technology believes that to provide a secure, reliable, and high performing experience for a remote workforce, you need to take a holistic view. It begins with the end user’s environment and involved understanding how an organization wants to deploy and manage endpoints and applications moving forward. It continues with the connectivity and how the endpoint will connect locally while maintaining acceptable performance metrics. Then it requires understanding how to protect the user and the user’s environment and to ensure safe connectivity to company owned/managed applications, data, and cloud applications. Focus Technology developed the Secure Remote Workforce Framework to help simplify implementation of a Secure Access Service Edge (SASE).
Regardless of the email solution an organization leverages, it needs to be properly protected. Email is one of the most common entry-points for cyber security breaches leading to billions of dollars in direct losses each year. An email protection solution should protect from malware, phishing, and imposter attacks and should allow encryption of data. Solutions in this space also commonly incorporate backup and archiving to assist with data preservation.
Secure backup and business continuity/disaster recovery
Backup, and Business Continuity / Disaster Recovery has traditionally been used to protect data from issues ranging from viruses, application corruption, mechanical failure, human error, and site outages. Now it is being used to recover from ransomware encryption attacks. To increase the probability of getting the ransom paid, once inside the environment attackers are hunting for the backup infrastructure and zeroing it out prior to encrypting production workloads. Backups and other BC/DR replicas need to be properly configured to protect against these attacks. Air gap solutions, and immutable copies are two ways organizations are combating this threat.
One of the biggest deficiencies we see in customer environments is in the security operations. At the enterprise end of the market, we see an efficiency problem where there are too many tools and alerts, and that causes real alerts to be missed due to nuisance unimportant alerts. In the SMB and Commercial end of the market, we see administrators with part time responsibility for security who lack proper tools and staffing levels. Security Operations is a 24/7 business, and it requires a blending of people, process, and technology. It incorporates tools in areas of asset discovery, Security Information and Event Monitoring (SIEM), vulnerability protection, behavioral monitoring, and intrusion detection. Team members need to be dedicated to this role and the team needs to be staffed accordingly. The bad actors continue to take advantage of blind spots late at night, on weekends, and holidays. All times when staff are not fully engaged. With a tight labor market and rising costs of security personal, many organizations have turned to outsourced security operations offerings to fill the gap or to augment their existing operations.
The Path forward
Working together implementing industry standard controls, Focus Technology and our customers can reach upwards of 97% protection from cyber-attacks. 80% of US companies have already been breached at least once. Its not a question of if, rather a question of when. We encourage all organizations to start down this path now as a preventative measure against attacks. The alternative is being forced down the path after a breach. That will prove to be far more painful and expensive process and one that recent studies show 40-60% of small business do not survive.