Secure IT Simplified
Cyber Security is a broad concept; unfortunately it can no longer be deployed by organizations as an after thought. Security needs to be baked into all digital business processes in order to manage cyber risk. Making it an integral part of every project is what After Hours does; so our clients are protected without being overwhelmed.
Cyber Security Simplified
Cultivating a security mindset should not sacrifice end user productivity or experience. It can be done by focusing on the statistically most vulnerable network attack surfaces. Mitigating breaches begins with a cultural shift to instill a security mindset in every member of the organization.
We train staff in best practices with table top exercises and sneak attacks. At the end of the day a system or network is only as secure as the people who guard the gates.
Our security assessments focus on 7 areas:
Employee Security Awareness
Company staff cannot be expected to deal with the myriad of cyber attacks being developed without proper training.
We provide threat modelling and table top exercises that engages staff and prepares them to:
-
spot social engineering
-
safely browse the net
-
safely social network
-
protect data
-
avoid data destruction
-
manage mobile devices
-
report a cyber incident
To test the effectiveness of the training we launch a series of cyber attacks to see how they respond.
Firewall Configuration
We review your existing firewall configuration policies to make sure they adhere to best practices. We export and back up the configuration prior to our examination. During the review we also look at:
-
Security configuration of internal subnets
-
Wireless subnet security
-
Remote access policy
We report what we find and make no changes to your configurations without your written approval!
Password Management
We review your organizations internal password policy. If you do not have one we develop one.
We then deploy a password manager for your organizations so that the password policy is enforced.
Email Security
Phishing is among the most common attack methods used by cyber-criminals to steal sensitive data. In fact misuse of business email is responsible for the majority of data and network breaches:
-
90% of data breaches started with a phishing email
-
Spear phishing was the culprit in 91% of successful data breaches
-
95% of all enterprise network intrusions were also the result of spear phishing
-
Phishing threats sent via spam are increasing 41% annually
-
An estimated 6 billion fake emails were sent to businesses daily
Email intrusion is still by far the biggest risk for a data breach. We strongly advise investment in mail security.
Patch Management
Patch management fixes vulnerabilities in your software and applications that are susceptible to cyber-attacks, helping your organization reduce its security risk. Software on all systems should be kept up to date:
Operating System
Antivirus
Internet Browsers
3rd Party Software
To the criminal community unpatched software is security vulnerability waiting to be exploited. Patch management ensures your software and applications are kept up-to-date, run smoothly and securely.
Antivirus Management
Ensure that antivirus software is:
-
Installed
-
Properly configured
-
Up to date
On all company systems.
Cloud Security
The majority of companies use cloud services to conduct business operations. These services come equipped with many security tools included by the service provider. Unfortunately cloud service providers do not provide the hours of training required to securely configure their platforms.
After Hours provides professional administration for the 3 largest SaaS platforms in the world:
-
Zoho Workplace
-
Google Workslace
-
Microsoft Office 365
After Hours certified administrators will securely deploy your cloud infrastructure to reduce your organizations attack surface.