Search

  • UK +44 (0) 207 863 7523    US +001 917 463 0496

  • E-mail enquiries@globalaware.co.uk

Security
Cyber Security

Cyber security involves a whole range of services and solutions that can be incorporated into your overall data security management, either as a one off application/service or combined to offer a complete solution.
Data security is a specialist IT area, and one that not all businesses will have the expertise or man power to fulfil. We can support you by designing, implementing and managing the security of your electronic data.
Our security systems provide you with the knowledge that your data will meet and qualify your expectations with regard to ease of use, compliancy for both legal and business requirements and give you the assurance and confidence that your data is secure.
Our solutions are industry proven and offer a reliable cost effective, fully managed service and maintain control over your IT configurations, satisfying all operational and regulatory data security requirements.
Information found in audit logs offer IT professionals the diagnostics to identify problems and to verify actions taken by software. Our auditing solution measures, manages and enforces security policies across a wide range of operating systems assessing host security, detecting and reporting on weaknesses.
In short we have the expertise, knowledge and methodology to ensure that all data within your network, mobile device or storage and whether across public or private networks is safe, secure and qualifies to meet regulatory and compliance requirements.

 

 

Network Security
Where are your most valued assets on your network?

Who has access to them?

How are they protected from cyber threats?

Where are you most vulnerable from cyber-attack?

Understanding your network is complex and protecting your ‘crown jewels’ can be a challenge.
As servers and data have become more interlinked it is often difficult to determine what to protect from unauthorised access. Sometimes the only way is to separate off the physical networks with internal firewalls which can be complex to manage and lead to increases in network operating costs.
Taking a multi Firewall approach is not an ideal solution. Protecting your critical data from the inside out and hiding your servers by making them ‘go dark’ (making them disappear from the network) on the other hand is. Making your network disappear then allowing visibility to only the appropriate COI (communities of interest) which could be users, devices or both, thereby hiding critical parts of your network. The secure communities will see the servers as normal whereas for everyone else there is nothing to see. In essence, an invisibility cloak for your servers – we call it Stealth.
Stealth reduces your risk of cyber-attack – you can’t hack what you can’t see!

 

 

Log Management
To maintain control over IT configurations and to satisfy operational, regulatory and data security requirements you need to operate in five key areas.
Security: Using trusted systems with operational security controls
Optimisation: stable configurations that operate efficiently
Compliance: Compliant to international standards, internal policies & good practice
Auditing: An IT infrastructure that is secure with centrally stored forensic audit trails
Monitoring: Automatic monitoring and reporting of system events and changes

Cyber Security

 

 

Data Protection – Encryption
Cloud services and out sourced server management provides businesses access to the latest technology in a more cost effective way.

However these services can leave organisations exposed to data theft, data corruption or legal seizure.

The consequences of this could lead to substantial fines, bad press and even complete business collapse.

Protecting data through encryption renders it unreadable to unauthorised access, then by monitoring who or what is accessing your data and when provides peace of mind that your business is secure and fully compliant.

 

 

Access Control – Active Directory
As part of our range of cyber security solutions we would recommend that attention is paid to access control, who is accessing your data and why?

Who has access to specific directories within your network and are any of these directories restricted; if not should they be?

What happens when an employee leaves your organisation, are their access rights removed?

Can your IT team quickly review rights and can they provide accurate up to date reporting?

The software improves internal data security by providing a transparent overview and full reporting of access rights on file servers, SharePoint and Active Directory, as well as allowing full control of all administrative tasks. A solution that is designed to endure the steadily increasing requirements of auditing and tracking of user access. It guarantees the documentation of rights-assignments and standardises processes, minimising the possibility for errors and significantly improves transparency within any organisation.

 

 

Additional Security Solutions include: Authentication
Are you still using passwords, PIN’s or key tokens?
Unlike password based security systems our solution ensures that the secret information remains just that, resulting in a highly secure yet ease-to-use authentication and transaction verification system.
Using pattern recognition in a grid to provide a one-time code means that all the user needs to remember is a pattern of squares, which is much easier for most people as opposed to remembering a PIN or password. The user can change their pattern at any time.
The key part of this solution is that the pattern is never revealed during logon, this differs from ordinary 2 factor authentication options and is far more secure.

 

 

Penetration and Vulnerability Testing
In addition to the above solutions we can work with you to initially test your organisations vulnerability through penetration and vulnerability testing.
Testing your corporate network to determine how secure it is via penetration testing, vulnerability tests, ethical hacking or indeed for assurance projects is demonstrated by our consultants interacting with your system, if we can then others may be able to also.
Vulnerability assessments covers two areas, infrastructure testing and application testing, of which both can be completed or as individual tests.
Penetration testing falls into two categories also, using an automated scanning platform and manual penetration testing. These fall into 3 key processes, zero knowledge engagement, partial knowledge or full knowledge.
Any of these tests will provide a realistic view point of your organisations security position. We provide a full report on the attacks performed and a full list of vulnerabilities discovered and the method the tester used, along with a resolution plan that will rectify any issues identified.