Smart Cybersecurity Has Layers - ThreatAdvice
Let's face it: Today, with everybody working from home, more and more devices are being open to the internet. More and more connections are being made to your company's network. And with all that happening, guess what that brings about? More cyber crime. So, today at NXTsoft, we want to introduce you to some new tools that we're using today for our clients to help you, your company and your employees minimize the risk of a cyber attack on your business. And the good news is we're not here to tell you that it's super complicated and super confusing, because it's not. The truth is that cyber posture today with companies does not have to be complicated, but the most important element of your cyber strategy should be layers.
Layered security: What does that mean? That sounds like a buzzword - but it's not really. Let's take your house for instance. Do you have a front door? Yes. Do you have a lock on that front door? Yes. Do you have a gate around your yard? Do you have an alarm system? Is it on your doors? Windows? Is your alarm system being monitored? Do you have a gated community that you live in? All those factor into a layered security approach. Obviously, the reason why we do those is, while we may live in a great neighborhood, we want to make it as hard as possible to break in to our house. And we want to put up as many barriers as we can to access to our house. So we want to introduce you to some more layers to your cybersecurity program for your company.
To start out with, let's talk about endpoint protection. If that's a new word that you haven't heard, it's just antivirus on steroids. Antivirus in the past traditionally has been software that looks for known malware from past. The reason why there's a problem with that today is that thousands of new types of malware are release every single day. So if you don't have a forward-looking antivirus that looks at behaviors and looks into the future at anomalies with the user, guess what? That's almost useless if it's just looking in the past, since there's new technology trying to infiltrate your network every day.
Endpoint protection goes on all your servers. It goes on all your workstations. And at ThreatAdvice we monitor that 24/7, 365 days a year. And if you think about your business today, you may have an IT person or staff or even an outsourced company that may manage some parts of your IT program. Are they there 24 hours a day? Are they there 7 days a week? And are they there 365 days a year? Probably not. They probably leave at 5. The problem with that is that the folks that are trying to hack into your business are awake when we're asleep. Endpoint protection is a critical component to layered security.
Another aspect of layer security that we want to introduce you to today is what we're calling the ThreatAdvice SOC and SIEM. SOC: Security Operations Center. SIEM: Security Information and Event Management. What do they do? Well, the SIEM is the software that monitors not just the workstations and the servers, but it's looking for real time threats and attempts to infiltrate your network. It's looking at firewall traffic. It's looking at any external employees that are logging in through VPN to your network. In the case that there is a threat, our SIEM will acknowledge that and send an alert to the SOC, which has real people, real monitoring 24/7, 365, and we take care of it for you.
That's important today because if you're not there and monitoring it and that happens, someone can get into your network and hibernate for a period of time. The average hibernation period we see today is 300 days in your system before they actually create an event to steal information. So what we do is we monitor the threats with our SIEM, and then our SOC actually acts on it.
That's important today because if you're not there and monitoring it and that happens, someone can get into your network and hibernate for a period of time. The average hibernation period we see today is 300 days in your system before they actually create an event to steal information. So what we do is we monitor the threats with our SIEM, and then our SOC actually acts on it.
So again, we've introduced you to 3 new solutions to increase layered security for your business: endpoint protection, SOC and SIEM. If you don't have those three things in your security toolbox, get them today.