Network Security

Protect Your Business and Customer Data

Home/Network Security
Network Security 2016-10-12T15:43:58+00:00

Is Your Business Network Secure?

With new threats surfacing daily, your network may be vulnerable to data loss or intrusion. Security isn’t just for those in the medical and banking fields either… Whether you are regulated by PCI DSS, HIPAA, standard banking industry audits, or you are just worried about your data and your customers’ information, we can help. The professionals at Sicoir Computers will provide a confidential network analysis to help you eliminate these threats.  *Schedule an on-site evaluation today!

Contact Us

network-security-sicoir-2-5-16

Vulnerability Scan — Internal, External, or Both

  • Used to identify potential software exploits that are already known
  • Comprehensive scan of the entire network to ensure every computer is evaluated
  • Typically performed monthly

A vulnerability scan is the most basic and is typically considered the “bare minimum” when it comes to network security. A vulnerability scan by itself will often times allow a small business to meet various regulatory requirements whether mandated by HIPAA, meaningful use, PCI compliance, etc. This scan will provide you with a list of the current vulnerabilities that affects your current setup. Typical items that are identified in a vulnerability scan are unnecessary or dangerous ports opened on your firewall, un-patched or out of date software on servers/workstations, unnecessary services running on computers, etc.t.

Vulnerability and Security Assessment — Internal, External, or Both

A security assessment is the logical next step beyond a vulnerability scan and is vital for businesses of any size who truly value the protection of their (or their customers) data. Unlike a normal scan, an assessment will not only provide you with all of the information about current potential risks that are identified on your network, but it will also give you information on how to address your current threats along with an ordered list that is based on the level of risk importance. This involves going through and auditing firewall rules, testing common guidelines and best practices, etc.

  • Provides a game plan of how to fix the current issues that reside in the network
  • Addresses and identified potential weaknesses in an infrastructure

Penetration Test

  • Used to identify unknown “zero-day” exploits and vulnerabilities
  • Emulates a real-world attack using the same tools the “bad guy” would
  • Usually performed by multiple professionals to ensure accuracy and thoroughness

A network penetration test is recommended for businesses who have previously went through assessments and have likely re-mediated a good portion of the findings. Penetration testing is the process of using current threats and exploits to access the network. This will help allow you to protect yourself and prevent an attack that can be potentially harmful to not only to your business but to your customers as well.

Remediation

Another critical step in the security process often overlooked due to time constraints or complexity is remediation. Regardless of the amount of times the network is scanned or tested, without remediation all of the previous services are for naught. Here at Sicoir Computer Technologies, once the assessments are complete, we are willing and able to fix identified security issues that affects your network so that you may get as close to 100% protection as possible.

  • This is the most important step, without fixing the issues found you are still vulnerable
  • Block all unnecessary ports from the outside world
  • Stop or reconfigure all unnecessary services that may cause security breach
  • Set up and identify network monitoring tools
  • Eliminate as many potential avenues an attacker may use to access your data and your network as possible

In the world of cyber crime, knowledge is power

What commonalities exist?

Victims were targets of opportunity 79%
Attacks were not highly difficult 96%
All data compromised involved servers 94%
Breaches took weeks or more to discover 85%
Incidents were discovered by a third party 92%
Breaches were avoidable through simple or intermediate controls 97%
Victims subject to PCI DSS had not achieved compliance 96%
Download Breach Report