Threats evolve every second of the day. Visibility into all threats is needed to stay ahead of bad actors.
Comprehensive security strategy that encompasses testing, monitoring, vulnerability management, and compliance of perimeter, network, end point, and cloud services are required to stay ahead.
Security Assessment Services
This is a preliminary security assessment and gap analysis of current security posture.
Considerations:
What solutions are needed?
Are all components of a solution needed?
Is current solution properly configured?
Am I protected against phishing, advanced malware, and ransomware attacks?
What more could be done to improve Cybersecurity?
Remedy:
Assess, Prioritize and Manage Risk
Data Collection:
On-site assessment
Gather documentation
Interview stakeholders
Inspect IT systems
Security policies
Data Analysis:
Review documentation
Generate gap analysis
Security for Small Business Video(12:30m)
V2_CIS-156142_Small Business Security-English -Scale Play Sprint- James Lee 1080p.mp4Report:
Generate a security assessment
Make recommendations to remediate gaps in security and policies based on industry-standard security frameworks like NIST, CIS, etc.
Give Us a Call and Let Us Help You!
(703) 752-1100 | info@consultcity.com
Workplace Monitoring Short Video(0:52s)
WORKPLACE_MONITORING_SHORT_FINAL.mp4Workplace Monitoring(Camera) Install Services
ConsultCity will install smart cameras with built-in intelligence to gather insights to optimize work processes as well as increase safety in your business.
Today almost every small business owner is reevaluating the way their business works. With an increased focus on safety, social distancing, and traffic flow, you need more information about where people are and how close they are to one another. People won’t visit if they don’t feel safe.
Key Features:
Motion heatmaps display relative motion over time so you can where the most activity is occurring
Object detection shows you how many people are in an area and where they linger
Onboard analytics in smart cameras can help you gain a better understanding of traffic patterns, hot spots, and busy and free times
Include security features such as firewall protection, intrusion detection, and content filtering
Ability to integrate smart cameras with other applications and workflows
Send message with a motion recap image of an event and a link to the video
Endpoint & Network Security Services
Services Implemented with Enterprise class security applications and firewall products & solutions with Intrusion Detection Systems (IDS) / Intrusion Prevention System (IPS) from Cisco, Microsoft and other leading vendors to protect you from malware, hackers, and other online threats.
Cisco Security Small Business Overview Video(1.34m)
Security Small Business Overview Animated Video.mp4Managed/Unmanaged Endpoint Security
Deploy, and manage security measures across all devices and endpoints
Anti-virus/Malware protection with signatures updated in real-time from the cloud
Analysis to identify risky behavior and compromised Endpoints
Create and enforce security policies for Multifactor Authentication(MFA), Antivirus(AV), Domain Name Service(DNS), and Virtual Private Network(VPN) for Remote Access
Prevent malicious websites redirection by encrypting DNS lookups(Cisco Umbrella)
Block risky websites with content, URL, and web filtering(Cisco Umbrella)
M365 Security Video(1.09m)
M365 Security.mp4Success Accelerated with Umbrella Video(1.22m)
success-accelerated-with-Umbrella.mp4Future Protected with DUO Video(1.36m)
future-protected-with-duo.mp4AMP For Endpoints Video(0.16s)
AMP for Endpoints Overview Video.mp4Managed/Unmanaged Firewall Services
Install & configure Cisco Firepower Threat Defense (FTD) which is an integrative software image combining CISCO ASA and FirePOWER feature into one hardware and software inclusive system
Install & Configure Cisco ASA
Install & Configure cloud firewall from Cisco Meraki
Block risky websites with content, URL, and web filtering
Cisco Cloud Mailbox Defense(0.42s)
Emailisthe#1threatvector.mp4Microsoft 365 Threat Protection(2.39m)
Cisco Cloud Mailbox Defense(1.55m)
Cloud Mailbox Defense Overview Video .mp4Give Us a Call and Let Us Help You!
(703) 752-1100 | info@consultcity.com
Are you protected when you login to your email system?
Not if you don’t have MFA or Identity verification enabled.
ConsultCity Email security services can help you!
Multi-factor authentication (MFA), or two-step verification, requires you to present a second form of authentication, such as a verification code, to confirm your identity before you can access resources.
Email Security
Gartner believes that cloud email needs cloud security, recommending “a strategic approach to security that layers inbound, outbound, and internal detection and remediation” to address gaps in current email security.
Does your organization need protection from malware, ransomware, harmful links, and more?
Yes, you do! ConsultCity Email security services can help you!
Common Email Threats
Ransomware & Malware
Phishing > 90% of cyberattacks begin with a phishing email
Spam > 80% of emails received
Account Takeover > 60% of phishing capture at least one user’s credentials
Domain Compromise
Spoofing - Header anomalies, domain similarity, “spear phishing” and whaling”
Internal Threats - Unauthorized sharing of sensitive data like HIPAA electronic protected health information(ePHI) and credit card numbers(PCI)
“Microsoft 365 Business Premium includes Office 365 Advanced Threat Protection (ATP), a cloud-based email filtering service that protects you from malware, ransomware, harmful links, and more. ATP Safe Links protects you from malicious URLs in email or Office documents. ATP Safe Attachments protects you from malware and viruses attached to messages or documents.”
To secure your Microsoft 365 mailboxes, you need to augment its native security with additional protection. This supplemental security solution should include:
Multiple security elements to identify all the destructive elements of an email
Continual mailbox analysis for proactive protection anywhere
Automated detection and remediation tools to mitigate the spread of email-borne threats both inside and outside your organization
Are you able to retain messages for compliance or regulatory needs?
You can. ConsultCity Email security services can help you!
“Exchange Online Archiving is a cloud-based archiving solution that works with Microsoft Exchange or Exchange Online to provide advanced archiving capabilities, including holds and data redundancy. You can use retention policies to help your organization reduce the liabilities associated with email and other communications. If your company is required to retain communications related to litigation, you can use In-Place Holds and Litigation Holds to preserve related email.”
Are your messages protected from prying eyes?
It can be. ConsultCity Email security services can help you!
“Office 365 Message Encryption combines encryption and access rights capabilities to help ensure that only intended recipients can view message content. Office 365 Message Encryption works with Outlook.com, Yahoo!, and Gmail, and other email services.”
Domain Security
Do I need to secure our Domain Name Systems(DNS)? Give Us a Call and Let Us Help You!
Yes, you do! ConsultCity Domain security services can help you. (703) 752-1100 | info@consultcity.com
U.S. Department of Homeland Security and EU agencies are urging companies to take action to protect and secure their Domain assets due to DNS related attacks occurring with increasing frequency, sophistication, and severity.
What does DNS do for me?
Domain names, domain name systems (DNS), and digital certificates are used to direct and secure internet traffic used in all of the fundamental components of applications that enable your company to conduct business; your website, email, ecommerce, banking, and etc.
Okay now my DNS is compromised. What does that mean for my business?
Your online presence is partially or completely compromised.
Criminals can redirect websites for financial gain or hold domain activity hostage for ransom.
Intercept email to conduct espionage or even harvest credentials to breach your network.
Hijack email system to solicit information and/or redirect payment from your customers or your financial institutions(banks)
This can have a serious impact on your company's revenue and reputation and expose your company to significant financial penalties as a result.
Okay What can I do now? Give Us a Call and Let Us Help You!
Use a Tier 1 DNS provider
Internet Corporation for Assigned Name and Numbers (ICANN) accredited provider.
Enable WHOIS protection
Whois provides the contact data of domain owners.
Enable registrant information masking with the DNS provider to avoid this visibility.
Secure Domain Names and DNS portal access
Organizations should seek to consolidate domains to one DNS provider to ease management and increase visibility.
The provider should offer two-factor authentication.
Organizations should routinely review permissions for staff with access to domains and their DNS portal.
Choose a secure provider able to alert companies to changes in permissions.
Enable DNSSEC to encrypt queries to the internet service providers. DNSSEC digitally signs the root zone to prevent tempering with DNS records by bad actors which increases the confidence of the returned DNS results.
Implement Registry locks to prevent unauthorize transfer Domains.
Configure DNS Security for Email
Give Us a Call and Let Us Help You!
(703) 752-1100 | info@consultcity.com
Setup SPF, DKIM and DMARC DNS records to protect email traffic.
SPF - Sender Policy Framework:
Prevents the sender address of an e-mail from being forged.
List authorized MTAs allow to send emails on behalf of the domain.
DKIM - DomainKeys Identified Mail:
Email security standard designed to make sure messages aren't altered in transit between the sending and recipient servers.
Uses public-key cryptography(encryption) to sign email with a private key as it leaves a sending server to minimize spam and phishing.
What is DMARC?(video:2.45m)
DMARC- Domain-based Message Authentication, Reporting, and Conformance:
Publish domain’s email authentication practices. Email sender can determine how the recipient handles an email that does not meet SPF and/or DKIM requirements.
State what actions should be taken on mail that fails authentication checks.
Enable reporting of these actions taken on mail claiming to be from its domain. This ensures a consistent verification of the authenticity of the email.