Runwell Solutions is capable of handling your entire network security.
Working with leading vendors like Fortinet, WatchGuard, Cisco, Webroot, OpenDNS, N-Able, Auvik, Mimecast and others, we create solutions that meet your goals and work with your budget. We will manage and protect you using a combination of advanced tools.
- Dark Web Protection
- Email Scanning
- Security Patch Management
- Malware Protection
- Ransomware Prevention
- Proactive Monitoring & Threat Prevention
- Secure Remote Access
- Cybersecurity Training
WHY CYBERSECURITY MATTERS
Not only to the files stored on your computers and servers, but also to your company’s reputation. When we talk about Cybersecurity, we’re talking about two key points. It’s important to understand these before we continue:
- VIRUSES are typically engineered to attack random targets, but can be used in a directed attack.
- HACKERS typically focus on a specific target and may use viruses to accomplish their goals. For example, Ransomware is a type of virus that is engineered to attack random targets. Conversely, the data breaches we hear about in the news are carried out by hackers. The purpose of Ransomware is strictly financial where as a hackers are typically trying to steal sensitive information.
We’ve seen a lot of viruses, and hackers, and the damage they can do.
Theoretically, small to medium sized businesses (“SMB”) are at low risk for becoming a target for a hacker (a data theft attack). Hackers are looking for a “big score” and will spend time researching their targets and carefully planning their attack.
However, small to medium sized businesses are at big risk for viral threats like Ransomware.
Unconscious use of outdated antivirus software and infrequent installation of security patches.
Trust in the myth that they won’t be targeted; Ransomware is not intended to attack a specific target, the target is often random.
Heavy reliance on common files such as Word Documents, Excel Spreadsheets, PowerPoint Presentations, PDFs, etc, which are the most vulnerable to a Ransomware attack.
The purpose of a Cybersecurity solution is to prevent downtime, protect your reputation, and keep you in business!
LAYERS OF PROTECTION
As we all know, viruses today are easy to get, hard to fix, and cause devastating damage. It’s a sad reality for many businesses that a single virus outbreak could do irreparable damage. We understand the seriousness of viruses and your need to remain safe, secure, and minimize downtime. It is very costly to have an employee, let alone all of your employees, unable to work on their computers while a system is being remediated.
The silver lining in this is that, as the impact of viruses have grown, so has their complexity. Modern day viruses have to go through a series of events in order to have full impact on your computer system. Each of these events, or “steps,” provides us with an opportunity to stop the virus. We’ve analyzed the most serious threats, like Ransomware and data theft viruses such as Emotet, and have developed a solution we call SkyShield.
Security Patch Installation
An interesting fact: most viruses aren’t released until 4-8 weeks after a security patch has been released. Why? Because the bad guys know that most people do not install Windows Updates or other important updates for Flash, Java or Acrobat. With SkyShield, we make sure patches are installed and that your computer is rebooted so the patches take effect. Having security patches in place is the best way to prevent a virus from exploiting your computer.
If a virus is released before a patch can be installed, antivirus software is the next layer we use to stop it. Once a virus is released, other bad guys quickly work on making different versions of the virus. These are called “variants”. Many current antivirus programs use a signature-based method of virus detection, which is both antiquated and ineffective. Why? Each new variant requires a new signature. Each new signature has to be created and then downloaded to your computer to be effective. With behavior-based antivirus, these variants, although different, behave in a similar way. Behavior-based Antivirus stays ahead of the curve.
Also referred to as the “human firewall” or “securing the human.” In order for a virus to execute, it needs a victim. It needs someone to open an attachment, click on a link, and visit a Website. We’re able to provide specialized training for your staff to keep them up to date on the latest phishing scams and increase their educational level about how to identify threats. We also do simulated phishing attacks, which keeps everyone on their toes!
Internet Threat Protection
If a virus gets past the antivirus software, our next step is to prevent it from communicating with its attacker. Some viruses will “phone home” to the “Dark Web” to ask for further instructions. Some viruses will be instructed to execute a Ransomware attack or attempt to steal confidential information, or both! Still others may not do anything. They may sit and lie dormant for weeks or months. Internet Threat Protection is engineered to prevent a virus from “phoning home.” It may be on your computer, but it can’t do anything because it can’t communicate with the “Dark Web.”
The vast majority of viruses are distributed via email as phishing attacks. Another layer we add to protect you is simply to prevent the virus from ever reaching your Inbox. Each email is scanned to look for threats. The links contained in the email are evaluated to determine if they point to a known-bad Internet address. All attachments are placed in a “sandbox” and are executed to see if they do anything malicious. We also check attachments for embedded “macro” code, common in malicious Word Documents.
You’ll see this word all over any IT Website. What does that even mean? Here’s what it means to us, and why it’s important for you: All of the above layers of protection are great, but they all need to be maintained. Updates have to be installed, a component of SkyShield may need maintenance, a component may be too aggressive and needs an adjustment. What is most important about all of this though, is that each and every component generates alerts. These alerts are critical to ensuring that all the pieces and parts are up to date, in proper working order, and keeping you protected. Moreover, the earlier we can catch a virus or threat, the less damage it can do.
We talked about securing your computer systems, but what about the network itself? Firewalls are intended to prevent unsolicited requests from entering your network. This basically means that people outside your network can’t get in if someone doesn’t invite them in.
But what happens if information coming into your network was solicited?
How do your end-users know that link they clicked on has now created a “solicited request” for malicious information?
Some security appliances provide this level of protection, but they do so in a way that creates performance issues on your network. We utilize high-performance security appliances which provide you with the protection you need but don’t slow you down.
When it comes to backup, disaster recovery and business continuity, the only real question that needs to be answered is, how much downtime can my business afford? With the tremendous opportunity afforded by the Cloud, it makes sense to utilize a backup and recovery strategy that maximizes your protection and minimizes costs and recovery time.
The obvious reasons for having a solid backup solution in place is to recover your data due to hardware failure, accidental or malicious deletion of data, virus outbreak or other disaster. However, there are intangible costs associated with the downtime that comes along with the recovery. What is the cost to your business to be unable to operate while systems are recovered? How long will the recovery process take? For these reasons, having the ability to recover quickly is imperative.
Downtime has two components: lost revenue in that you’re unable to produce, and lost revenue due to paying employees who can’t work. Adding the loss of revenue to wages paid will add up to a high cost of downtime for your business. Adding to this the cost of data loss, the factors are huge.
HIPAA, PCI & SOFTWARE LICENSING
From Microsoft Licensing to HIPAA audits and everything in between
Compliance comes in many different forms, and often shows up on a rainy Tuesday when you least expect it. Compliance covers the gamut of Microsoft Licensing audits up through something as complex as a HIPAA audit.
The information you receive can be confusing…often people ask “if I just ignore this, will it go away?” The hard reality is, it won’t, things will only get worse.
Moreover, different agencies interpret the compliance requirements differently, so a compliance audit from one agency may look different than the compliance audit you get from another one.
We can also assist you with a financial analysis to determine whether or not it makes sense to invest in the remediation. That may seem foolish however, if you have only one customer who is creating this compliance need, and the cost of becoming compliant outweighs the revenue from this customer, does it really make sense to invest in the compliance process?
We’re here to help you deep dive into these complex matters.
We can walk you through each step of the process, educate you on your options, and help you make wise decisions. Each audit starts with learning more about where you’re at.
We’ll go through each area of concern, explain the issue and ramifications, and provide you with options for remediation.