Companies today are challenged more than ever with defending their organizations against ever-increasing attack surfaces, security vulnerabilities and social engineering attacks. In order to defend your network and data efficiently, you need to implement strong processes and integrated information security technologies. EDCi focuses on developing long-term partnerships built around increasing an organization’s security posture. We provide information security processes and solutions that secure the enterprise in all areas – from mobility to perimeter management, and incident readiness/response, to proactive alerting. More than a product set, EDCi provides expertise in ISMS creation, management and security controls, as these are the core components that enable your organization’s commitment to security.
Security involves more than just putting in an IPS. It’s about people, process and IT systems and the balance between risks to your business, and the cost of securing it. It’s about constant improvement, coordination and cost-effectiveness. That’s where a partner who understands the various Information Security Management Systems (ISMS) can provide the best value by helping you align your business strategy with your risk threshold. EDCi can provide the expertise needed to successfully implement and integrate an ISMS, and support the ongoing maintenance and continual improvement to demonstrate a true organizational commitment to security. Security frameworks that EDCi can provide consulting on are NIST CSF (and relevant special publications), ISO 27001/27002, PCI DSS and HIPAA.
In today’s business world – with ever-changing devices, user access requirements and the necessary components – it’s increasing difficult to balance security with the flexibility your customers and employees need. This is where you need a solutions partner that Identity Access and Authorization comes into play. Not only does EDCi understand how to implement and configure the technology, but we understand how it applies within the NIST and ISO frameworks and security controls. We can assist with designing the architecture, implementing, maintaining and utilizing the following platforms: Cisco ISE (Identity Services Engine), Cisco ACS (Access and Control Server), Microsoft NPS (Network Policy Server), Microsoft PKI (Public Key Infrastructure), Yubico HSM/Keys (Hardware Secure Module), and RSA Tokens.
Security Information and Event Management, or SIEM, devices provide the backbone for keeping you alerted to security breaches in your environment. A key part of any successful information security framework, SIEM’s provide and fulfill the necessary reporting, monitoring and altering security controls. Rather than attempt to up with all of the various alerts from your disparate network hardware devices, Operating Systems, and applications, SIEM devices allow you to provide a unified and holistic unified view of your environment. At its core, a SIEM provides for event and log collection, correlation and reporting and alerting. It can allow you to focus on your core operations rather than chasing a single uncorrelated event in your decentralized logs. EDCi’s Engineers can provide the necessary planning, configuration, implementation and training on the following SIEM platforms: LogRhythm and Splunk.
DNS and DHCP are one of the most critical components to your organization and should be treated as such. In the past 3 years, DNS attacks have become the defacto choice for attackers, ranging from its core importance, to phishing attacks, to DNS hijacking. Let EDCi show you the technology and tools to better organize, secure and provide for increased scalability for your DNS and DHCP. EDCi provides the following platforms for securing your DNS and DHCP: InfoBlox, Cisco OpenDNS and Microsoft DHCP/DNS Server.
Understanding your companies’ vulnerabilities and prioritizing your assets and their protection, is not a “one and done” task. It requires constant vigilance, and integration into your operational process and procedures. Vulnerability scans should be completed on any changes; new additions to infrastructure, operating system changes, application changes or any reconfiguration of the OSI stack. EDCi can help you provide this in a logical, cost-effective manner that will allow you to focus on your business and allow us to provide you with reports outlined specifically for your devices, infrastructure and components. We can even patch the devices on a preset schedule or outage windows that fit your schedule. Our services include customized penetration testing and cloud-based vulnerability scans, among others.
How you respond to Information Security incidents is one of the most critical security components and processes within your business. In fact, it has been reported that 60 percent of businesses fail after a cybersecurity attack. Your preparation for this type of attack will ultimately determine whether your business will continue to operate with full capacity and resources or possibly fail to deliver your product or service. By choosing a partner with the ability to deliver “emergency services” to a full cybersecurity incident response plan, you can be assured that you will have a plan when (not if!) a cybersecurity attack occurs. EDCi can provide the full incident planning services including: organizational process/planning, prioritization, event log analysis, SIEM tuning and emergency team response management (third party).
EDCi has secured Firewalls and provided IPS implementation and configuration for over a decade. We know their capabilities and how to use them effectively as part of your overall strategy to defend your network. An integral part of that strategy is the constant up-care and maintenance. Firewall configurations require periodic (at least annually) review for “stale” rulesets, while IPS require updating rulesets, patching and configuration to better protect your ever changing network. EDCi can provide everything from a baseline analysis of your existing firewall to providing a fully managed services offering whereas configuration, troubleshooting and reporting is provided by EDCi’s security engineers.
Endpoints serve as an organization’s first line of defense. As malware and phishing attacks become more sophisticated and attacks have continued to increase on the endpoint, it should be a key part of your overall security strategy to try and stay ahead of the bad guys. Malware attacks have continued to rise in the BYOD area (Android users beware as 60% of Android apps contain malware – Symantec) and require that businesses information security policies, process and procedures include a method of safely securing these devices. EDCi supports Cisco AMP in both network and endpoint configurations.