Database Security—Repelling a Breach with Defense-in-Depth

Lily Hay Newman, in a recent article in Wired, pegs “poorly secured databases that connect directly to the internet” as a main culprit for many of today’s mega data breaches. Why? Robust database security offers a defense-in-depth strategy should an attacker breach your perimeter defenses. But if the security measures are left unused, the sensitive data presents an easy target for hackers to go after.

Read More

6 IT Security Services to Build Your Cybersecurity Foundation

When it comes to cybersecurity, there’s one constant that business leaders can agree on: The threat landscape is ever evolving. As a result, Gartner forecasts that in businesses worldwide will spend more than $124 billion on information security spending in 2019. However, not all organizations have a large budget to spend on protecting their businesses. In the greater Boston area, the business community is focused on putting the right security services into place to help each of their organizations build a solid security foundation. Below are six services we recommend that you consider to build a strong security position.

Read More

What is a network security assessment?

Over the years, businesses’ mission-critical technology has expanded at a rapid pace. A network no longer consists of only servers, client computers, and basic networking equipment. Cloud computing has been introduced to host “X as a Service” solutions and applications that rely on big data, allow mobile and remote endpoints, network shares, and multiple communication applications, just to name a few. Even the solutions meant to secure the network and endpoints have grown complex to the point where a misconfigured security solution could leave an organization vulnerable.

This is why many organizations turn to outside partners to conduct a network security assessment. Having one performed by a trusted partner lets you know not only where your organization's security posture currently stands, but also what you can do to better protect yourself from the current threat landscape.

Read More

5 AWS security best practices for small businesses

Amazon Web Services (AWS) offers small businesses a number of benefits. There are plenty of Amazon Machine Instances that are preconfigured so a small IT team can quickly spin up a virtual appliance, server, or other computing resource. Like any other cloud service, AWS offers scalability to allow business IT resources to grow on demand and it helps control costs by offering a number of different pricing plans. There are, of course, other benefits that entice small businesses to turn to AWS for a number of their computing needs. However, like any other resource, there are security considerations that you need to make.

The following list outlines five of the most important best practices any small business needs to consider when using AWS in their environment.

Read More

What Types of Security Threats Do Small Businesses Face?

When it comes to choosing a victim, cybercriminals often look for low-hanging fruit. They seek the path of least resistance to keep their chances of success high and of getting caught low.

This is why so many criminals target small- to medium-sized businesses (SMBs). It is no secret among SMBs that they are frequently targeted by attackers. In fact, a research report from the Better Business Bureau shows that 87 percent of SMBs are aware that they are not safe from cybercrime. Despite this awareness, cyberattacks cost SMBs an average of $2,235,000 in 2017. This means smaller companies are still failing to properly secure their assets.

Read More

3 Essential Components of Your IT Security Roadmap

Businesses that lack adequate data security are exceptionally vulnerable to cyberattacks. They’re also are more likely to experience problems associated with mismanaged, unorganized, and insecure data. If you don’t have an IT security plan in the modern age, you’re exposing your business to unnecessary risk and liability. A comprehensive IT security strategy can help you protect your business, your customers, your data, your viability, and your integrity. We’ve laid out three essential components of an IT security roadmap to help you protect your company and plan for the future.

Read More

Two Factor Authentication – Buy, Borrow or Loot

Two Factor Authentication (2FA) or Multi-factor Authentication (MFA) is the most common preventative measure that companies and organizations implement as an additional layer of security to the standard username and password login credentials on a website or application. Taking a half-step back, 2FA/MFA can be described as something you know and something you have. 2FA/MFA is currently used on almost every application, from banking websites to SaaS services to video games

Read More

Cloud Best Practices and Security Review

 

As organizations have moved more and more critical applications, workloads and services to the cloud, I am often asked by clients to help them review their overall cloud strategy and architecture from a best practices and security point of view.

As we're several years into this cloud migration for most organizations, a lot of things have changed regarding how they leverage the cloud, the type of applications and services they need to be able to provide and how they control and monitor access to resources. No two organizations are exactly the same, but more often than not, the underlying fundamentals are consistent across organizations.

Read More