Our Target Audience
Small businesses generally under 15 employees and 1 - 3 physical locations.
We have two linked primary offerings, specific to computer related functions:
1) A Computer Security Review of the Client's business including:
Creation of a manual inventory of their network (computers, printers and network devices).
An electronic inventory of the network to ensure the list of computers, printers and network devices matches up with the manual list.
Confirm all computers, printers and network devices are secure and all operating system patches and firmware has been applied and up to date. Ensure the computers are configured correctly to be as secure as possible and reduce the exposure to hack/cracking, viruses, etc.
Confirm that there is anti-virus and anti-malware software installed on each Windows and Apple Mac PC in the office. Verify that all subscriptions are up to date and that updates are installed as they arrive.
To help protect against destructive viruses such as WCry and other ransomware, we review and confirm the corporate backup policy, and confirm that the system being used is resistant to damaging attacks. We also confirm that backups can be reasonably restored, that the corporate backup policy is being followed, and that the backups are tested at regular intervals
Teach the Clients office staff about various phhishing scams such email messages, websites, and phone calls that are designed to steal data/money. Cybercriminals use these type of techinques (also known as social engineering) to trick users into installing malicious software on their computer or into revealing potentially sensitive information. As such, Secured by THEM provides instruction to educate, warn, and train people how not to have this happen to them. As part of the hardening process, we make sure that all people in the company understand not to give out info over the phone or to open their computers to people that call or email attempting to gain access to office computers.
With the business owner's approval, we attempt to amount a simulated cyber attack imitating what a blackhat hacker will try. This process allows us to evaluate the effectiveness of training and identify any weaknesses not spotted during the hardening process. As part of these penetration tests, we attempt to crack their businesses’ firewall, and computers providing a written document of what we found, how to address it, and at future visits, ensure that our hardening measures are still in effect.
The output of this work is a written document that lists the good, the bad and the ugly of what we found. It will include recomendations if employees need more training and what kind. A computer by computer inventory of what needs to be done to bring the company’s computer network up to snuff. Same with all printers and network devices. The business owner can then fix the issues, or hire the work done, or hire us to help them do it. We prefer not to get into any long term specific IT work but we can help if need be.
2) Installation of a small sensor on the business's network to protect against data leeching attacks (data loss):
We monitor the network 24 hours a day, 365 days a year.
Our sensors use industry standard S/MIME and SSL data encryption and authethication to communicate with our servers. Any communications from Secured by THEM also use standard S/MIME authethication (which shows up with a special lock or ribbon in most mail readers) to make sure that you are actually speaking with us and not an imposture.
The sensor has the ability to:
Monitor and log the origination and destination of all network traffic. This is a rolling log, maintaining this log data for 30-60 days. This allows us to see if there is unusual traffic to areas of the world known as sources of malware. We also integrate active logging of any device that supports the standardize syslog protocol such as network firewalls, switches, and other devices.
Using the popular SNORT framework, we perform advanced threat detection of traffic entering your network from the Internet, creating a record of all attempts to breach and scan your network. Alert notifications are sent by email or text message to both us and you providing real time detection of threats to your network 24/7.
During the initial site visit and surveying, we create an electronic record known as a baseline of every device allowed to have access to your network. After we leave, the sensor keeps a copy of this baseline record and can note any changes to your network over time. As such, if an unauthorized user is connecting to your private network without your knowledge, it can be detected by the sensor and notify you. We can also remotely update the baseline in case you install new computers between our annual visits. As such you can rest assured that you know everything is accounted for.
As part of our logging and detection software, we also provide a record of what sites on the internet a given computer is accessing at a given time. As such, we can provide information if a user is abusing the network by visiting social media excessively, copying files and data off site, and providing a log of which machine was doing what and when. When combined with standard audit logs providing in most operating systems, this can provide a definitive record of who did what and when.
On a monthly basis, we generate reports of all the statistical information collected by the recorder such as data used, attacks attempts (but failed), and other interesting statistics. In the near future, we will offer a website to allow clients to be able to log in and view this data in near-realtime.
For businesses without a dedicated IT contact, we provide limited IT services directly, and work with local contractors we've vetted to help bring your network up to spec, and help implement the recommendations we provided during our audit and onsite visit.