In today's interconnected world, businesses face an increasing number of cyber threats that can compromise their valuable data, disrupt operations, and even tarnish their reputation. The evolving nature of cyber attacks necessitates robust and proactive measures to ensure the safety and security of digital assets. In 2021 MapleTronics introduced our Guard E.N. line of managed security services. Each year we continue to improve our security offerings and add new services and standards.
Our unique approach to managed security begins by looking at our security maturity model and selecting which ownership mentality and business strategy best aligns with your business. After the proper level for your business is selected we recommend services and standards to meet those needs. Below you'll see each level and the Services & Standards recommended in 2023.
Level 1:
Ownership Mentality:
"I can work through disruption and downtime without steep loss and I don't work with much sensitive data."
Business Strategy:
The starting point for security adoption and the bare minimum for business operation.
Services & Standards:
Basic Antivirus - Software used to prevent, scan, detect and delete viruses and malware from your devices. This is the first line of defense against breaches.
Spam Filtering - Detecting unwanted and virus-infested email (spam) to stop it from reaching your inbox, protecting your employees and your network.
DNS Filtering - Blocking malicious websites or content and allows your organization to restrict access to inappropriate material from your internal network. This only applies to Windows Devices
Enforced Password Policy - Ensures all employees maintain strong and varied passwords on internal applications to limit your chances of a breach.
Data Protection - Timely, reliable and secure backup of your data to either a cloud or onsite appliance
Basic MFA - Multi-factor Authentication goes beyond a strong password to add another validation method for users accessing your internal network and applications. The most basic versions of MFA are text message codes or simple authenticator apps.
Business Class Firewall - An appliance that monitors inbound and outbound internet traffic and removes malicious communications while allowing valid traffic to flow easily.
Vendor-Supported OS - A corporate policy that prevents users from accessing your network with older, out-of-date operating systems that haven’t been secured.
Level 2:
Ownership Mentality:
"Data and information drive my business but I can survive occasional disruption and I am willing to risk monetary or data loss"
Business Strategy:
Businesses begin to recognize the importance of security and invest in starting policies and technologies.
Services & Standards:
Corporate Controlled MFA - Adds another level of protection beyond basic MFA and provides authentication support for cloud applications, VPN’s, Remote Desktop sessions and more.
Security Awareness Training - An education program that equips your employees with the information they need to protect themselves from human-targeted attacks such as phishing and account takeovers.
Advanced Endpoint Detection - Identifies potential threats as early as possible and targets hidden bugs that sneak past traditional antivirus tools and sit on your network.
Microsoft 365 Hardening - Ongoing security changes and preventative maintenance of your Microsoft 365 corporate accounts to ensure optimal security settings are established and practiced.
Drive Encryption - Gives you the ability to encrypt your machines’ hard drives to fight against data or identity theft should any of your devices be stolen.
Dark Web Scans - A service that searches the dark web for any stolen usernames, passwords, credit card numbers, or social security numbers associated with your business that are listed for sale.
Business Class Firewall - A more advanced firewall that allows you to filter certain types of content on your network, adds another layer of Antivirus onto your network, and enables Intrusion Detection giving you another method of reporting.
Remove Local Admin Rights - A project that prevents every day users from being able to make system-level changes to their computers. This helps assure that an attacker cannot gain system access in the event that the user identity is comrpomised.
Active Directory Hardening - Ongoing security updates and implementation of best practices within Active Directory to ensure users are set into the correct security groups and artificial accounts aren’t being created in the background. Enforcing best practices on your network to make sure your users and devices are secure.
MFA Enforced on Public Apps - A critically important policy that adds a layer of prevention onto all of your public-facing applications, limiting the most common method of attack in today’s security landscape.
+ Level 1 Services & Standards
Level 3:
Ownership Mentality:
"Consistent uptime, protecting sensitive data, and a fully trained staff is critical to me and my business."
Business Strategy:
Businesses understand how vital security investment is to their success and strive to stay informed of new trends in the space.
Services & Standards:
Next-Gen Antivirus - A more advanced version of traditional antivirus that adds several new layers of security to protect against modern and evolving threats made possible through a combination of artificial intelligence, machine learning, and behavioral analysis.
Endpoint Detection and Response - a software that continuously monitors the computers (endpoints) in your network, collects activity data from those endpoints, and automatically responds whenever a threat is seen.
Vulnerability Scans - An application that creates an inventory of all the systems on your network, then runs test on that inventory to detect any known vulnerabilities. Vulnerabilities identified are either remediated or planned projects are identified to mitigate the impact of the vulnerability. Annual Security Assessments - A yearly review of all of your security systems and standards to ensure that your network security is up to date and meeting your expectations.
Corporate Password Vault - A software tool that allows your users to manage their passwords in a secure and centralized location. Also integrates well with popular MFA tools to ensure every application is secure.
Advanced DLP - Goes beyond traditional DLP to help protect and secure which devices are accessing your sensitive corporate data and how that data can be shared. Controls access to corporate data from BYOD (IOS, Android, Windows) devices and protects corporate data sitting on those devices. In the event of device theft or employee leaves corporate data can be removed.
Advanced Awareness Training - Employee security training that adds an AI-driven engine to phishing campaigns, producing more realistic and challenging phishing tests to all users.
+ Level 1 & 2 Services & Standards
Level 4:
Ownership Mentality:
"My business and potentially other businesses suffer heavy loss with any amount of downtime. I just can't risk a breach."
Business Strategy:
Businesses here are often service providers and cannot afford to have their reputation damaged or client's livelihood damaged by a security breach. Many invest heavily into cutting-edge security technologies.
Services & Standards:
SIEM Log Management - An extremely valuable tool that helps monitor activity on your network, manage security events, and identifies weaknesses before a breach can occur. The biggest advantage of a SIEM is that it provides you with a wide wholistic view of your company’s security in real-time.
Security Operations Center - A centralized team that deals with security issues on an organizational level. This team is comprised of security experts that deal specifically with detecting and responding to security incidents when they occur, and help prevent breaches from occurring in the first place.
Intrusion Detection - “A software application that watches networks for suspicious activity or policy violations. Any intrusion activity automatically gets flagged and reported back to your SIEM software.”
Zero Trust Controls - A system that allows you to dictate exactly what applications and types of files are allowed to run within your network, while blocking everything else.
3rd Party Penetration Testing - A simulated cyberattack on your network meant to evaluate how vulnerable your network would be in the event of a real attempted breach.
Mobile Device Management - The administration of mobile devices like smart phones and tablets within your network. MDM is usually done in the form of a 3rd party app that allows additional management features and limits any employee-owned devices from exposing your network to risk.
Incident Management Plan - A document or policy that helps you plan for and respond as quickly as possible to any security incidents. A solid IMP will help identify weaknesses in your security posture and limit the potential damage should a breach occur.
Physical Security - Your physical place of business is intentionally designed to prevent unauthorized access onto your network. Typically done with a combination of modern security cameras and door access.
+ Level 1, 2 & 3 Services & Standards
Level 5:
Ownership Mentality:
"Other businesses and potentially even individual people are legitimately harmed if my business goes down."
Business Strategy:
Businesses have a direct involvement in national security, where both private and public organizations are creating the latest and greatest security technology and actively fighting against cyber-terrorism.
Services & Standards:
Threat Intelligence - Big data that is collected, processed and analyzed to understand potential hacker’s motives, potential targets and attack behavior.
Predictive Security Technology - AI-powered technology that analyzes vulnerabilities in your network, compares that to the latest threat intelligence, and predicts the areas of your network that will most likely be targeted in an attempted breach.
Advanced Anomaly and Breach Detection - Top-of-the-line software that can detect even the smallest or most unnoticeable breaches and respond accordingly, protecting your network against sophisticated attacks.
User Behavioral Analytics - An advanced software tool that analyzes human behavior on your network, then applies statistical analysis and machine learning to detect anomalies from those patterns, indicating a potential threat.
Biometric Controls - A heightened state of Multi-Factor Authentication that relies on user biometrics such as retina or fingerprint scans to allow access. Machine Learning - Cybersecurity systems that can analyze threat or breach data and learn from it in real time automatically to help prevent similar attacks and respond to changing behavior. Embedded Hardware Authentication - New technology built into the hardware itself that can be used to verify a user’s identity without a password or PIN.
+ Level 1, 2, 3, & 4 Services & Standards
Ready to being protecting your business and employing managed security solutions? Contact us today.