In today’s digital world, cyber security is of increasing concern – especially in regulated industries. Assuring the safety of your company’s and your clients’ data and assets has become a key element of competitive advantage and client retention. In certain cases, failure to take action can represent a threat to the business itself.
Threats to your firm’s data can come from various sources – from theft and disruption by hackers to inadvertent loss of an employee’s cell phone or laptop. STG offers a full complement of services that address regulatory authority cyber security guidelines, mandates, and recommendations (SEC, OCIE, HIPAA, etc.) We also provide insight into other areas that companies should address, including: Data Governance, Testing, Access Controls, Data Loss Prevention, Vendor Management, Training, and Incident Response.
STG has been addressing these areas of focus since 2014 with a variety of tools and applications. We provide a turn-key, outsourced solution. It makes cyber security affordable for our customers, as investing in these solutions in-house can be prohibitively expensive.
Recommended STG Applications Include:
- Mobile Device Management – Don’t rely on “Find My Phone” to find or wipe lost or stolen phones and tablets. Monitor, manage and secure employees' mobile devices that are deployed across multiple mobile service providers and multiple mobile operating systems.
- Hard Drive Encryption – Your Windows or IOS password does not stop the bad guys from getting data access. They can easily read your data by removing and accessing the hard drive. Disk encryption protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.
- Log-In & Event Management – Go to the video tape! Firewalls and network devices keep logs for only a short time. Keeping the logs indefinitely allows you to investigate hacks and other security issues. We can install auditable records compliance across industry-specific IT regulatory frameworks.
- Endpoint Management and Security Suite (LEMSS) – Update, update, update! Unpatched applications are the soft underbelly of your network. The operating system (OS), platform and application support are all critical to patch management. STG scans for inventory, makes updates and reports results.
- 2-Step Verification – Strong passwords are not enough. Add an extra layer of security to your accounts by using 2-Factor Verification. This requires a second approval or code, often sent by email or text message, to grant access to your most important data -- business or personal.
- Network Vulnerability Assessment – Do you know if all the windows and doors are locked? Let STG perform an in-depth scan of your network (Internal/External or External only) to report weaknesses and recommend remediation or mitigation to remove or reduce these risks.
- Cyber Security Phishing Campaigns and Awareness Training – The best-laid plans of mice and men often go awry. The best cyber security plans can be subverted by uninformed employees.
copyright 2006 John Klossner, www.jklossner.com
Protect your data from Dave! Make sure Dave – and all of your employees -- know what to look for and what to do if they suspect they’ve stumbled into a phishing scam or that their data has been compromised.
- Documentation – Put it in Writing! STG provides documentation for employees and compliance regulators. We will draft and/or refine your Written Information Security Policy (“WISP”); Incident Response Plan (”IRP”); and Disaster Recovery/Business Continuity Plans (“DRBCP”).
And more. Contact us with your cyber security questions and concerns and we can assess your specific issues and draft a plan to address them.