Cybersecurity Consulting Services
Practical & Powerful Defenses
At Accellis, we provide cybersecurity consulting to industries with some of the most stringent requirements, including legal, financial, banking, insurance, and government. Our experience in these regulated and targeted industries means we have an armory of expertise, certifications, and resources to harden your defenses. Our process – the Accellis Assessment Framework (AAF) – follows industry standards and best practices like NIST, SEC, and FINRA to identify and mitigate risks. But we also use a pragmatic and reasonable approach that balances security and compliance against firm budgets, practical needs, and impact to workflow. As your strategic partner, our goal is to create or improve your security program with a wrap-around approach that includes everything from email protection and pen tests to policy assessments and training.
Contact us to learn more about our IT security offerings.
Key Cybersecurity Services
Accellis CORE Security is your digital security guard, protecting all of your IT assets in one powerful package spanning vulnerability management, MFA, DNS protection, Security Operations Center as a Service, and more. If you’re just staring to look at security for your company, this turnkey package will take you from 0 to 100 overnight. It directly confronts and secures nearly every attack vector your business faces. Firms on this package can meet just about any security or compliance requirement with no upfront investment and a cost effective monthly fee. For firms with controls in place, this package is a natural complement that fills in the gaps.
When it comes to cybersecurity, email is the weakest access point, acting like an open door for 94% of malware breaches. The good news is that securing email is also one of the most cost-effective safety measures you can take, and Accellis has an arsenal of solutions to protect you and your network. Our solutions include domain fraud prevention, anti-spoofing, anti-impersonation, AI-based anti-spear phishing and anti-spam, cloud backup and disaster recovery with unlimited storage, and ongoing security training, all for a flat-rate monthly fee per user. Our Email Security service is a turnkey solution that does all the work for, eliminating the possibility for human error. It also requires no maintenance or upgrades and can be installed in a few hours.
As experts in cybersecurity consulting, Accellis can provide invaluable insight into your security, compliance, and risk. Our staff have attained some of the industries best security certifications including CEH, OSCP, and CISSP. In the simplest terms possible, our assessments provide a snapshot of what you have, what you need, and how to bridge the gap. We look at the complete picture – from infrastructure design to policies and procedures to workflow considerations and beyond. And we won’t abandon you with just a dossier of data. We can continue to work with you to implement our recommendations.
Security assessments and penetration tests are essential, but cybersecurity must be an ongoing focus beyond one-time engagements. That’s why Accellis offers ongoing vulnerability management. We’ll perform monthly external scans, quarterly internal scans, and provide remediation reports so you can fix the gaps with a few clicks of the mouse. If you need us, we’re there to help remediate the vulnerabilities using consulting hours at discounted block rates. Vulnerability management is required by many industries and regulators and is the necessary last step (after Windows Updates and third-party patching) to prevent brute-force entry into secure systems.
Our customized penetration tests are designed to challenge your network security and elucidate areas that need improvement. Engagements can include running an external scan and attempting to brute force the top attack vectors, or we can customize a more detailed approach to include social engineering, dark web searches, spear-phishing, web scraping, and even physical security testing. In one of our recent tests, providing our security engineer with just the firm’s name and website address, we were able to secure nine Office 365 usernames and passwords in four minutes by spoofing a 365 login page and sending a spam email from a fake administrator at the firm.
One of the lowest cost, highest impact security investments you can make is MFA. Once implemented, it almost takes a nation state to breach you. Hackers move on to lower hanging fruit. MFA means a hacker needs to pass through a few safety nets before they can access your equipment, software, or data. These may include something you know (i.e., password), something you have (i.e., trusted device), or something you are (i.e., biometric).
Our MFA solutions can factor in geography (i.e., no login from outside the US), user behavior (i.e., risky sign in), anomalous activity (i.e., impossible travel), and even more advanced features like dark web searches to ensure your credentials aren’t for sale online somewhere. We also help you minimize workflow disruption by utilizing push-button notification through authenticator apps and can customize conditional access policies to relieve the MFA requirement while working at the office in a known, secure IP range.
Working with our sister company, Agile1, we provide outsourced Security Operations Center as a Service. This delivers 24×7 monitoring, alerting, and logging, together with real-time incident detection and response. The average breach goes unnoticed for 45 days; this is where the real damage is done. Man in the middle attacks make a living off these 45 days. SOC allows us to reduce that intrusion to mere minutes providing you with the ability to stop the attack, prevent data loss, and eliminate the need to notify clients and law enforcement. Traditionally, to get a SOC, you needed to spend six figures buying a solution like Splunk and then another six figures staffing it. Today, we can provide this service for an incredibly low monthly cost with no upfront expenditure.
Even with the best security technology and policies in place, your defense is only as strong as the humans involved. While the best systems alleviate the possibility for users to make mistakes, users will nonetheless find themselves confronted by criminals at some point. It’s here, at this moment, that your investment or lack of investment in security training can make or break all the work you’ve done. Security training for your staff is necessary to build a culture of caring. Caring about each other, the business they work for, its clients and stakeholders. Accellis provides custom training courses designed to engage and educate your staff to rapidly increase awareness. These benefits will extend beyond the workplace into every aspect of your employees’ lives.
When it comes to your IT infrastructure and technology, prevention is the best defense. Accellis can help you look at every element through the eyes of a hacker and then address the gaps strategically and cost-effectively. We understand the importance of security, but we also understand your business and the importance of productivity. Our experienced and certified cybersecurity consulting staff will provide you with the highest level of personalized and relationship-focused service, keeping your business running smoothly and safely.
- Kaman & Cusimano, LLC
We’ve grown to appreciate Accellis not as a typical vendor or service provided, but truly a partner in our practice. I trust them completely with our most sacred asset other than our people: our technology. They are knowledgeable, dependable, and innovative. As someone who has a keen understanding of technology, I appreciate the level of skill and expertise that they contribute to our practice. Bottom line for me is that our success can be directly linked to the work Accellis has done. Our legal professionals, both staff and attorneys, can focus their entire day on the practice of law, as many of the things that Accellis has recommended to us or designed for us all makes our work easier, more efficient, and ultimately more profitable. As with every technology product, we have had our challenges, but they are always resolved. When I’ve needed them in the middle of the night, they’ve been there. I’m thankful each day that they are on my team, and they’ve never let me down.
- Kaman & Cusimano, LLC
On behalf of our firm, I want to extend our thanks and appreciation to Accellis’ tremendous efforts yesterday in responding to the virus/worm that infected our network and workstations. I was out of the office when the virus hit but from what David, Jeff, Brian and others have reported, Accellis identified the nature and the scope of the issue even before we knew there was a widespread problem of any type. Accellis responded immediately and in force to root out the problem and restore our systems to working order in just a few hours – if not for those efforts, even we could see that the virus had the potential to shut us down for a much, much longer period of time. As Jeff said, we’ve wondered what might happen in an IT crisis, whether because of a virus, cyberattack, disaster in the server room, or other issue. Yesterday afternoon, we faced just such a scenario and Accellis more than proved it was up to the task.
- Weston Hurd LLP
Wanted to thank you again for scrambling Jason and Dave to the office yesterday to help with the staff move... The move happened before I had expected it to. I’d planned to discuss a plan/strategy with you guys on Monday and then take care of the move with the on-site engineer on Tuesday. Obviously that’s not how it played out. It would have been understandable if you’d been unable to provide on-site assistance on the fly. After all, you had no notice. In fact, I was really calling just to see who might best walk me through some of the issues over the phone. But you rounded up a couple guys and they came and hammered it out without complaint, even staying late to make sure we’d have few issues for the following morning. They were terrific. ... You and the team have been fantastic over the years.