Insurance companies are forcing public sector entities to update their cyber-security posture with the threat of drastically increased premiums. ATS would like to help you save your organization lots of money by guiding you through your Cyber-Security solutions.
We have created this guide to help you through this journey and we can provide the products and services along the way.
Phase 1
Protect the front door:
Users logging into your systems are the main point of entry for the majority of successful attacks. Complete these three projects and you will have completed phase 1.
a. Implement Multi-Factor Authentication (MFA) to harden access for all users in your enterprise. This will ensure that all users who successfully log into your network actually belong there and are permitted to access to your applications and data.
Product example: Cisco DUO
b. Implement Privileged Identity Management (PIM) and Privileged Access Management (PAM) systems to ensure that users who have write or root access to your systems (sys admins, developers, network engineers...) are who they say they are and have the access they truly needs to do their jobs, and nothing more.
Product example: Delinea (formerly Thycotic/Centrify) PIM / PAM
c. Implement a Preventative Email Anti-Account Takeover, Data Loss Prevention, Anti-Phishing and Anti-Malware technology to monitor accounts and activity, and scan all incoming emails whether on-premise or with a Public Cloud provider. This will scan all emails for suspicious email attempts, malware, and anomaly behavior. The solution also helps secure major file-sharing services—Google Drive, OneDrive, Dropbox... from malware, ransomware, east-west attacks and prevents accidental or malicious data loss. Product example: Check Point Harmony Email and Collaboration
Phase 2
Protect your data in the event of a breach:
Lets say an intruder successfully launches a ransomware attack into your system despite the face that you have MFA, PIM/PAM and email protection installed. As you watch your files being illegally encrypted you can rest assured that your critical data and applications are protected. Install these solutions to complete phase 2.
Install a Cyber-Recovery solution that is essentially a data vault that cannot be accessed from outside forces. This is called an air-gapped data vault. The vault must be protected by using artificial intelligence (AI) scanning systems to ensure the data that is written into the vault has been scanned with the latest tools and up to the minute information from entities that continually monitor the dark web.
Successful cyber attacks have recently been able to encrypt files, databases AND backups so this is the guarantee your insurance company will notice. Test these systems at least twice a year.
Product example: Dell EMC PowerProtect Cyber Recovery Solutions
Phase 3
Shore up everything else:
Make sure you have solutions for all of the following:
a. List all areas of vulnerability and ensure that you have a solution mapped to all these areas.
b. Fully protect your end-points with a product like VMWare - Carbon Black.
c. Keep your anti-virus solutions up to date and act on all systems patches as soon as you can.
d. Have and test a business continuity plan.
e. Conduct periodic phishing, social engineering and general cyber security training.
ATS can help with all three of these phases in your cyber-security journey.