Our Approach Is Simple
We help customers understand their security risks and identify an appropriate security posture. Then we offer, and implement security controls to achieve and maintain those aims.
Steps in the Security Lifecycle Model:
Monitoring applications is not the same as monitoring the network. SaaS applications like O365 often access and transfer your data without touching your network. Application visibility provides controls for cloud based SaaS applications, cloud based infrastructure and application level visibility on the network. This visibility can then be used for policy decisions and enforcement.
Distributed Denial Of Service (DDOS) attacks can be high volume bandwidth saturating or low-level logic based events. Either way, the effect disrupts the availability of a service. Cloud Service Providers offer scrubbing services to intercept attack traffic while application based solutions sit with your platform in either private or public cloud.
Users are generally the weakest link in information security chain and email is the largest attack surface. Advanced email protection sanitises links, stops malware, detects phishing campaigns and can even detect extremely dangerous mid-conversation email spoofing. Additional tools can simulate attacks and measure user awareness.
The market has moved on from pure AV solutions and there are multiple types of endpoint solution available including firewall, behaviour analytics and forensics. It is important to understand the capabilities of the endpoint options and match against your existing ecosystem. Modern threat prevention systems work alongside network and cloud controls to share the most up to date indicators of malicious activity and prevent it.
Very few organisations employ a single cloud infrastructure technology and no two IaaS services have the same security implementation. Hybrid cloud security provides for a common monitoring and control plane across the big 3 IaaS providers, private cloud and DC. This provides a means to see and secure public cloud usage with additional cost management benefits.
IAM solutions validate the identity of users and then validate that user’s authorisation to access resources. This provides a means to give users only the required level of access, and to ensure you can attribute actions to a user.
Sometimes confused with password stores, PAM solutions provide for management of privileged accounts including password rotation and brokered access to sensitive resources. These easy to implement solutions give you visibility of all elevated access and provide audit information for compliance requirements.
A good SIEM platform takes over where a logging engine stops and does what humans are not good at. They read log information from many sources and raise alarms when suspicious events occur based on linked events and machine learning. With detailed logging enabled from as many points, the SIEM solution provides much better warning of suspicious events and anomalies than a human could achieve. This warning systems enables you to take action earlier in the threat cycle reduce the impact of adverse events.
Network firewalls offer little protection for public web applications since almost all HTTP traffic must be permitted. Web Application Firewalls are designed to detect and prevent injection, forgery, brute-force other attacks on logic flaws and vulnerabilities in the web application.
Instead of the legacy perimeter security model, zero trust requires clients to validate their identity and authority to establish access to resources. This model requires adoption of identity and role based access controls. This both reduces the impact of unauthorised access within the perimeter, but also enables secure access for remote and mobile users.
In the initial stages, Hardware.com can provide technical security and network audits to provide factual information for security audits. We do not engage in analysis and penetration testing as we believe the role of analysing risk and selecting the appropriate security posture should be separated from the role of supplier.
Once the security strategy has been defined and the required posture is identified, Hardware.com can assist with guidance on best practice, baselines and procedures. We provide hardening guidelines and assist with policy creation for secure management.
Hardware.com assist customers implement their security strategy by providing technical solutions for the required security controls. This can include proof of concept testing and delivery of low-level designs for implementation. While often overlooked, proper design of a technical solution that your teams may not be familiar with is vital, and helps avoid the “empty-box” scenario where a technology fails to perform its primary function.
When required, we provide certified and experienced on-site resource to deliver technical solutions. We regularly deploy full-time Hardware.com staff to complete complex technical work and guide customers successfully through migrations.
We work with a range of leading security partners and are ready to discuss with you what measures you can take to minimise the risk to your organisation by helping you to design and build better and more secure systems for the future.
Find out More
Speak to one of our solution architects to discuss how you can benefit from our security expertise