As a business, you have an increasing responsibility to your clients and employees to protect their sensitive and personal information. As cyber threats and government regulations continue to increase, your ability to implement, and maintain an effective security program is critical to its long term stability and overall success.
Accellis helps simplify and streamline your cyber security and compliance efforts. We help you get in front of potential threats by ensuring your systems and policies are up-to-date with the today’s latest industry standards and expectations. Whether it’s a security assessment, penetration test, or compliance evaluation – our team of certified security experts can ensure you’re on the right track.
Accellis Cyber Security Services
Accellis Technology Group specializes in a comprehensive approach to Cyber Security that rests on four pillars: defense, persistent threat analysis, education and enforcement, and continual assessment and validation.
Today’s technology landscape offers attackers and employees many more options for exploiting vulnerabilities and stealing your information. Vulnerability Scanning is a cost-effective way to protect your network infrastructure and data from being exploited. Our Vulnerability Management programs provides an analysis of any vulnerabilities that can be exploited within your firm.
Accellis uses state-of-the-art scanning systems to ensure the doors and windows are locked to prevent outside intruders from getting inside. Then, we’ll look deeper into your operating systems, applications, and workstations to identify security holes.
Accellis Vulnerability Management includes:
Internal & External Vulnerability Scanning
Vulnerability Scans come in two flavors, internal and external. External scans show the ‘holes’ the hacker can use to get in to your environment. Internal scans show you what someone could steal if they were to get inside your defense perimeter. Since vulnerabilities are created every day, it is important to run both internal and external vulnerability scans on a regular basis.
Analysis & Reporting
Accellis provides clear visibility into the physical and virtual risks inherent in your environment. We’ll prioritize any known security vulnerabilities and provide direction on defensive measures.
Remediation & Patch Management
Once there is a full picture of the vulnerabilities that exist, we will use this information to provide insight and direction on how to remediate any issues. Remediation and configuration adjustments can be done by Accellis or your IT provider.
For firms looking to perform either one-time or regular security audits, Accellis delivers a comprehensive Audit and Assessment that includes the identification of critical (at risk) data, the physical/technical location of that data and the security measures in place to protect it from the most likely threats.
The most common security threats can include everything from Internal Resources, Random Hackers, Competitors, Nation States and more. Leveraging the standards established by NIST, SOC and ISO, Accellis will work with your firm to create visibility into your network, where your risk are and what you can do to properly defend yourself.
Key elements of the Accellis Cyber Security Assessment include:
Internal / External Vulnerability Testing
First thing we need is a snapshot of the network and everything on it. Understanding all available access points on the network is the first and most critical element of creating a proper defensive position. Then we run a check against your network security controls against all known attack vectors. This gives us the information we need to determine how to proceed.
Network Topology and Data Validation Report
Once we confirm and list everything on the network, a graphic of the network is created to visualize how the network is setup. From this high level vantage point we can determine if any network infrastructure needs to be reconfigured. Included in this step is the identification of critical / sensitive data on the network and the creation of an initial defensive position for that data.
Physical Security Review
The next step is to review the physical security you have protecting your network. Understanding where sensitive data resides on the network also requires a clear policy on the physical exposure that data may have. A walk-through of the facilities is done and any potential security risks are noted.
Network Security Best Practices Review
Once there is a full picture of all assets within the network, each cyber security device or appliance is analyzed against known best practices for configuration and implementation. We will typically analyze all firewalls, wireless routers and access points, intrusion detection and / or prevention systems (IDS / IPS), Whitelist systems, all servers, all workstations, all printers, and all backup systems.
Security Policy Review
Finally, a review of all written policies is completed. This important step to our security audit ensures that you have all key components of a quality Written Information Security Plan in place. If there are no written policies in place, Accellis can recommend policies specific to your needs. Backup, disaster recovery and breach response are some of the most common planning documents we collaborate on.
Managed Security Services offers a comprehensive and continual approach to securing your organization. Our approach to Cyber Security rests on four pillars: defense, persistent threat analysis, education and enforcement, and continual assessment and validation.
The core components of Accellis’ Managed Security Services include:
- Internal & External Vulnerability Scanning
- Intrusion Detection
- Logging Analysis
- Quarterly Security Training
- Monthly Security Meetings
- Monthly & Quarterly Reporting
The Managed Security Services offers continual assessment and testing of a firm’s network infrastructure through the use of vulnerability scans and logging services. The vulnerability scans are designed to discover exploits in the most common vectors of cyber-attacks so that they can be remedied before the system is compromised. The logging service compliments the vulnerability scans by curating network events in an effort to expose in possible malicious activity within the network.
In addition to the scanning and logging services, we provide quarterly training and a monthly security reports detailing all activity as well as our analysis and recommendations.
If your firm works with banks or insurance companies, chances are you have either already been hit with an audit or you’re about to be. Even if you feel that your firm has done a solid job of staying current with technology, you’re likely to be caught off guard by the sheer magnitude and overall expectations of such an audit.
Accellis will help evaluate your existing security practices against banking or insurance industry requirements. We can prepare your firm for compliance audits by reviewing where your existing infrastructure, identifying potential gaps in compliance, and making recommendations to improve security and minimize risk.
ISO Compliance Assessment
As the attacks on our Cyber Security are growing in number and sophistication, security compliance standards are becoming a necessary utility for organizations of any size and type. ISO 27001 is the standard developed by the International Organization of Standards and the International Electrotechnical Commission to address security practices within an organization. ISO 27001 is unique in its breadth of coverage and virtually every other security standard pulls from the ISO 27001 framework.
For over ten years, Accellis has developed expertise with keeping organizations secure and ensuring compliancy by focusing on technology, processes, and continual education. We have made investments in processes and software to efficiently and effectively bridge the gap between ease of use and security.
These documents are necessary to ensure compliance and keep your business running smoothly despite a dynamic workforce. Creating a Written Information Security Plan (WISP) is step one in this process of documentation. Accellis security team has experience in developing these types of written policies for the US government, law firms and local companies. We can help you scope out your environment and put the necessary policies in place.
Disaster Recovery Planning
While sounding so very simple, these documents are the most important thing to have in place second only to a firewall. Sitting down and planning for possible contingencies and writing out the solutions to those problems is very important. Accellis is here to leverage decades of knowledge to help you write a complete and fully scoped Disaster Recovery Plan. Regardless the size of your company, having a well thought out, step by step plan in place for when disaster strikes is going to ensure your company maximizes profits, as well as staying secure during a time of crisis.
While sounding quite complicated, Breach Plans are there to take the guess work out of what to do when a hacker breaches your system. If and when you realize your data has been compromised, will you know what to do? Regardless of whether data is known to be stolen – local, federal and industry specific guidelines may still mandate the notification of clients and authorities of the suspected breach. Accellis leverages local and national guidelines to help scope and document your Breach Plan and ensure a proper response should a disaster strike.