ENVISION

security-hero

SECURITY

Envision clients recognize the surge in Cybersecurity threats and want to be vigilant without breaking the bank. For many organizations it’s difficult to hire in-house cyber security experts, invest in their own enterprise-class security platforms, or build and staff a Security Operations Center. That’s why many organizations supplement their security posture by partnering with Envision. At Envision security is at the core of everything we do. We help organizations harmonize security, end-user experience, and value.

Security is not a single process, training, tool or solution put into place and then forgotten; instead, effective security requires all of these items, creating layers of security. As Cybersecurity threats emerge it is necessary to constantly monitor these layers and make changes and updates to protect our systems and users. Small to midsize Businesses are finding it more and more difficult to constantly perform security best practice reviews and keep up with the daily security operations and having dedicated security personnel is often not feasible. Envision, along with our customers are able to join forces to implement enterprise class security practices and tools in an affordable and effective manner, this includes a co-managed threat detection and response platform backed by a US-based Security Operations Center (SOC). 

Envision recommends at a minimum the following layers of security and is able to assist you in design, deployment and management of the solutions that make sense for your business:

Cybersecurity Risk Assessment
  • By assessing your business’s current risk exposure, Envision can work with you to co-create a roadmap to get you from where you are now (potentially holding too much risk) to where you feel more comfortable (holding an acceptable level of risk).
Next Generation Data Protection and Architecture for Resilience
  • One of the most important defensives you have against Ransomware is the ability to recover your data without the worry of paying large sums of money and then risking that you may not get your data back. When choosing a data protection solution, it is important that the protected data is stored in multiple locations and segmented from your production Windows domain infrastructure. In addition, the solutions should allow you to perform frequent testing, ensuring that your backup copies are indeed healthy and recoverable.
  • Migrating to Microsoft’s Office 365 has relieved customers of the challenges involved with hosting and managing their own Exchange environment, however this does not mean that your Office 365 data (Exchange, SharePoint, OneDrive, Teams) is recoverable in the event of malicious activity.
  • PC’s are often not considered when performing data projection, ideally your end users are not storing data on their PC’s so this is less important, correct? It’s true, no unrecoverable data should be stored on individual PC’s, however there are instances where standalone PC’s are running specialized apps and recovering that PC’s could be challenging. Data protection for PC’s is also now being implemented as a security consideration, if all of your PC’s are infected with malware or ransomware, how fast could those PC’s be rebuilt from scratch?
Threat Detection and Response
  • Intrusion Detection
    • The average time to identify a breach in 2019 was 206 days; it’s important to have the ability to monitor your network and use Threat Intelligence resources to identify compromises.
  • Threat Intelligence Management
    • Due the fast-changing threat landscape it’s necessary to subscribe to and curate several feeds of Threat Intelligence, often these feed sources are industry specific giving you insider information on threats your peers are seeing.
  • Event logging with next generation Security Information and Event Management (SIEM)
    • To get a complete picture of an attack and to allow effective remediation it’s important to be able to trace the steps of an attack and then determine what systems may have been compromised. For this complete picture it’s important to have a robust central logging repository that uses intelligence to organize and sift through the data. Envision recommends the log gathering of all compatible systems from servers, workstations, access points, routers and firewalls.
  • Security Operations Center (SOC)
    • Experienced and credentialed security team that works around the clock to assess, and when necessary, respond to signs of threat.
End User Security Awareness Training
  • A really bad day for any engaged employee is when they unknowingly fall victim to a phishing email and compromise their entire organization.
  • Enable your employees to become your human firewall by giving them the skills to identify red flags and detect Phishing emails
  • Satisfy compliance and insurance requirements by providing your users high quality, effective security training.
Microsoft/Office 365 Protection
  • Advanced Threat Protection (ATP) checks your incoming email for malicious content and will replace URL’s for known bad links, unknown links continue to be monitored and can be marked as malicious as more data is analyzed
  • ATP utilizes an automated sandbox environment open attachments and validate if suspicious behavior is detected.
Endpoint Protection
  • Malware and Virus Protection for servers and endpoints
  • Endpoint Detection and Response (EDR) is an emerging technology
    • While traditional Malware and Virus Protection has been around for several decades, these systems typically rely on regularly updated signatures to detect threats. This is a slow process that can leave systems vulnerable to new, unknown and advanced threats. EDR solutions use Artificial Intelligence (AI) to help identify unknown threats in real-time.