Apaxon Cybersecurity Assessment
Is your company secure? Your reputation rides on it
Is your business safe? Our clients are asking this question everyday. In the last year alone, we’ve seen a major increase in cybersecurity questions. Many business owners are confused about whether or not cyber attacks are a real threat. Many want a quick way to find out. Why worry unless you have a real problem?
In the 2016 Ponemon Cost of Data Breach Global Study, published in June 2016, Ponemon reports, “While the likelihood of a data breach involving a minimum of 10,000 records is estimated at approximately 26% over a 24 month period, the chances of a data breach involving 100,000 records is less than 1%.” Why is this important? This statement shows larger organizations with larger data sets are typically better protected than small businesses. Simply stated, small business is a more attractive target for cyber criminals.
We recommend right-sized assessments that take into consideration 1) the size and complexity of your business and 2) Whether or not your business is subject to regulatory constraints. There is an art to right-sizing security assessments for small business and we understand the delicate balance.
The business owner will first take a five-question quiz that is located on the Apaxon website. Next, the individual will schedule a 30-minute consultation with a cyber-security expert. The franchisee or technician performs this consultation. During the consultation, the client will complete a Multi-Question Assessment and allow the cybersecurity expert to review the answers.
The answers to the Multi-Question Assessment will forward a matrix with the following four quadrants. The four security areas consist of Administrative Safeguards, Physical Safeguards, Technical Safeguards and Organizational Requirements.
If the business is in a non-regulated industry, the generated matrix will be reviewed in concurrence with running the Full Network Detective Security Diagnostic.
If the business is in a regulated industry, the generated matrix will be reviewed in conjunction with running the Full Network Detective Security Diagnostic.
Why are Assessments Important?
Cyber threats are a serious issue for businesses today. Many companies do not have the appropriate safeguards or policies and procedures in place. Other businesses may feel they have implemented the proper standards when in reality they are at risk. The Apaxon Cybersecurity Assessment can identify the areas that your company needs to improve and recommend the appropriate action. We find your security holes and plug them.
Don’t guess when it comes to the cloud. Get exactly what you need — nothing more, nothing less. The cloud is only economical when sized correctly. Give us 30 minutes and we’ll make your cloud fit. Assess your risk with these 10 Cybersecurity quiz.
Apaxon Security Solution
Apaxon IT Support provides a security solution capable of monitoring your infrastructure, detecting threats, intrusion attempts, system anomalies, poorly configured applications and unauthorized user actions. It also provides a framework for incident response and regulatory compliance.
Apaxon monitors system and application configuration settings to ensure they are compliant with your security policies, standards and/or hardening guides. Agents perform periodic scans to detect applications that are known to be vulnerable, unpatched, or insecurely configured.
Additionally, configuration checks can be customized, tailoring them to properly align with your organization. Alerts include recommendations for better configuration, references and mapping with regulatory compliance.
Apaxon provides out-of-the-box active responses to perform various countermeasures to address active threats, such as blocking access to a system from the threat source when certain criteria are met.
In addition, our intelligent agent can be used to remotely run commands or system queries, identifying indicators of compromise (IOCs) and helping perform other live forensics or incident response tasks.
Apaxon helps monitoring cloud infrastructure at an API level, using integration modules that are able to pull security data from well known cloud providers, such as Amazon AWS, Azure or Google Cloud. In addition, Apaxon provides rules to assess the configuration of your cloud environment, easily spotting weaknesses.
In addition, Apaxon light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level.
At Apaxon IT Solutions, we provides security visibility into your Docker hosts and containers, monitoring their behavior and detecting threats, vulnerabilities and anomalies. The Apaxon intelligent agent has native integration with the Docker engine allowing users to monitor images, volumes, network settings, and running containers.
Apaxon continuously collects and analyzes detailed runtime information. For example, alerting for containers running in privileged mode, vulnerable applications, a shell running in a container, changes to persistent volumes or images, and other possible threats.
Multi-Question Assessment Matrix Categories
Our matrix identifies the following four areas where your business may need to improve security.
This identifies potential threats, risks, and vulnerabilities with your data. It also ensures that you protect the confidentiality, integrity, and availability of the data you create, receive, maintain, or transmit. In addition, it outlines how you manage user access to data and train workforce members to protect confidential data. Lastly, it clarifies what policies and procedures are used to monitor login attempts.
This ensures correct technology policies and procedures are implemented. It will look at the current framework for how access is granted to hardware/software systems and data. It also reviews the company password policies, details how inactive sessions are closed, and assess how data is protected from alteration or destruction.
This evaluates the disaster recovery procedures and emergency operations plans you currently have in place. It will also assist in identifying how you grant access to your office, your systems and your data, as well as how you inventory all systems with access to data. Assessing the maintenance and protection of passwords is also covered.
This evaluates how your business partners protect the privacy and security of confidential data and how data breaches are handled. Contractual provisions are reviewed to ensure business partners protect the privacy and security of data. It also ensures that records are kept to document adherences to contractual provisions.