Updated Security Recommendations

We have observed persistent and increasingly sophisticated cyber-attacks that have compromised organizations through the exploitation of software. Given the increase of attacks on both large and small businesses, it is our responsibility to protect you from these threats. Therefore, we will be building a zero trust architecture into your system.

Zero trust means changing the position from blocking only known threats to blocking anything from running that is not permitted. If a user tries to open an application that is not trusted and not allowed elsewhere in the organization, it will not be permitted to run. This prevents the use of both unapproved applications and malware disguised as legitimate software. Previously, new applications, including unknown ransomware could be approved by default. By implementing the zero trust framework, all software will be denied unless it’s been vetted and approved.

In addition, cyber insurance requirements are becoming increasingly stringent. For this reason as well as those described above, we are recommending some fundamental changes to your security so that you can avoid being denied coverage or paying higher rates.

We believe these upgrades to be critical, and therefore we are implementing new security unless you choose to opt out.We need to review the needed changes to ensure your business is not exposed these risks. Threats are worsening, and unfortunately thousands of small businesses are infected .by malware everyday.

ThreatLocker – $5.00 per month, per user

This product protects endpoints by requiring IT approval for new applications. When downloading a new application, users will receive a pop-up notification to request access.  Users have the ability to request permission or ignore notifications for unapproved applications. Once the request is submitted, one of our technicians will approve it promptly.

IRONSCALES Core – $3.25 per month, per user

This product offers better awareness of fraudulent emails; it will place a notice on any email from someone you don’t normally deal with and flag the email as likely to be illegitimate. Spam filters can sometimes be too aggressive in blocking legitimate emails.

Duo Essentials – $3.00 per month, per user

Offers strong Multi-factor Authentication (MFA), Passwordless, Single Sign-On (SSO) and Trusted Endpoints verification. This product provides a higher level of router security when remoting in to the office via Cisco VPN client; this is only relevant for users who use a VPN to remote in to work.

Symantec Protection Suite Enterprise – $5.00 per month, per PC

Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against malware, data loss and spam threats, and is quickly recoverable in the event of failure.

Any old routers will need to be upgraded to the Cisco Firepower 1010 ASA Firewall. The device also requires a security plus license and a maintenance contract  (renewable annually) to allow timely updates.