At what hour of the day, do cybercriminals not attack businesses? Exactly, it happens around the clock. Your employees may work the 9-5, but criminals work 24x7x365.

Attacks are often automated, which can make them indiscriminate, meaning anyone can be a target. A common myth is that small businesses are not attacked, but this is false. Businesses of all sizes are attacked all the time. You may only read about large companies being attacked, but that is because the media often overlooks smaller company breaches. To make matters worse, small and even some mid-sized businesses are often the least prepared. These unprepared businesses may have no choice except to pay a ransom to regain access to their data or prevent their data from being sold on the dark web. In some cases, compromised business just cease operations all together.

So how does Fast Forward IT provide security 24x7x365? Security is a layered approach, some of the tools we provide are below.

SIEM

This is an acronym for Security Information and Event Management. This is a tool that receives logs from different platforms such as workstations, servers, firewalls, and cloud platforms like Microsoft 365. This processes happens around the clock, assuming devices are powered on. When something suspicious is detected, it is analyzed by a SOC.

SOC

Another acronym, in this case, Security Operations Center. The SOC is manned 24x7x365, the mission is to analyze suspicious findings in the SIEM and take action. When something suspicious is observed, such as impossible travel, the SOC can take action. An example of impossible travel is a user accessing email in Southern California, and then suddenly accessing email from Asia. Log analysis such as this can help detect compromises before they turn into full blown breaches or direct financial loss.

Vulnerability Management

The practice of actively looking for vulnerabilities for the purpose of remediating or mitigating the vulnerability. Remediation/mitigation can take the form of patching the software or removing the flawed software. An example of a vulnerability could be a security flaw in an out dated version of a piece of software like Adobe Acrobat. If you open a PDF that takes advantage of the security flaw, you may have just let an attacker in.

MXDR

Managed Extended Detection and Response. This is a managed version of XDR, provided by a security firm. The advantage is that trained security professionals are analyzing data.

Immutability

This is the concept of ensuring data cannot be deleted. For example, your backups should be immutable so that if your network is taken over the backups cannot be deleted.

Phishing

The practice of sending emails to users, that look legitimate but are not, with the goal of getting the end user to take an action that allows the attacker some type of access to the network. An example of a phishing email might include a link to reset a password, however the link takes you to the attacker’s site and prompts for your password. In this example, if you typed the password on the attacker’s site, they would then know your password.

Security Awareness Training

The process of educating employees so that they become security aware. This process helps employees spot phishing emails, and other types of threats.