Cyber Security Services

By

Protect yourself against cyber crime and general cyber threats with a custom solution by Flexible Solutions

Cyber security is a significant issue for anyone operating a computer anywhere in the world.

Everyone is a target. What may seem like the most insignificant device or piece of data to you could be turned into a profit for a cybercriminal that has a direct negative impact on you and your organisation. Protecting yourself against cybercrime and global cyber threats is a complex and never-ending solution.

How often are you online? Are you aware of daily online threats?

We have all experienced moments of uninterrupted internet service. Many businesses grind to a halt. We are often unaware of just how much we rely on online services:

  • Searching the internet for projects, products or information
  • Online banking
  • Online accounting software
  • Online project management systems
  • Sharing large files
  • Email
  • Social Media
  • Buying and selling online


These regular connections online are part of our daily routine but may be causing hidden threats. The only way to gain 100% online security protection is to disconnect from the digital world, but let’s face it, who can afford to (or even wants to) do that?

How do you stay connected and have a reasonable level of protection?

At Flexible Solutions, we have developed 5 Cyber Security Service Components, designed to protect many different users in a wide range of businesses and organisations.

Our security solution is effectively built on several different products, processes and education all working together.

Think of a simple analogy of “layering”.
The colder it is, the more layers and the types of layers you need to wear to stay warm.

What layers of protection does my business need?

We understand that many business owners don’t have the time to think about how to solve cyber security problems, or don’t think about the threats until it is too late.

Adequate security for your organisation might require far more layers than you ever thought. You also want to ensure you get the right layers in the right order before you actually need them.

The Flexible Solutions team can determine the best layers of protection for you and your business, and deliver them effectively and efficiently for you and your team.

Talk to our team about your Cyber Security solutions.

Menu

Essentials

Component 1

Recommended for: All computers. All business types.

Essentials – Component 1 is the absolute minimum level of security every computer should have – from a computer with the most sensitive data through to someone’s general home computer without any sensitive data.

Each layer of this security component is absolutely essential for any business or organisation.

 

Essentials delivers and includes:

Anti Virus & Malware Systems

Protection to all your computers and servers on your network with anti-virus, anti-malware systems on all computers.

  • Checking that every desktop is getting daily anti-virus updates
  • Monitored updates
  • Alerting
Email Filtering Systems

Minimise cyber security threats emanating from email with Email filtering systems.

  • Anti-SPAM email filtering
  • Anti-Viruses filtering
  • End user quarantine management
Operating System Updates

Protect your computers from the single biggest risk that cyber criminals exploit by updating outdated and insecure operating systems

  • Driving operating system updates on a regular basis
  • Monitoring the success or failure of these updates
Third Party Application Updates

Update outdated third party applications such as Acrobat Reader and iTunes to close easily exploitable security holes.

  • Regularly updated common third party software patches
Backup Systems

Backup systems were initially designed to protect your data against hardware failure. Whilst backup systems still provide this level of protection, they are now more important as a protection against cyber crime which might lock your data from being accessed. 

  • Daily Monitoring
  • Failure Alerting

Security Consulting

Component 2

Recommended for: Organisations wanting to get serious about protection against cyber threats. Essentials is mandatory for this component.

Once you have the Essentials in place, the next component we strongly recommend you take is engaging our Security Consulting. This consulting process has a number of security layers starting with a detailed risk assessment that highlights specific risks with your current network infrastructure.

This security component is an important building block and is specifically aimed at organisations who understand how significant the cybersecurity risk is at present and want to get on top of that risk. 

The consulting engagement takes you through the highly regarded Australian Cyber Security Centre’s (ACSC) “Essential 8” with your management team to determine what can be implemented immediately, what needs to be planned for the future and finally what needs to be reviewed for future suitability.

Security Consulting delivers and includes:

Detailed Network Risk Assessment

We interrogate your network and network devices to determine security risks with current network devices such as routers, firewalls, switches, computers, servers, etc.

  • Detailed Risk Assessment reports on your network and security status
  • Expert Consultancy to explain the meaning behind each identified risk
  • A guide on how to eliminate those risks where possible
Staff Security Awareness Training

Take your whole team through the current and emerging risks, how the solution requires everyone in the organisation to participate and what our the steps required to build a secure organisation.

  • Onsite team education on security trend and best practices
  • Password training
  • Email best practices
Complete the cyber insurance applications

Helping your team complete the cyber insurance applications. You will need to have certain solutions in place for the insurance to be affective and you also want the application to accurately reflect your current cyber security position

  • Driving operating system updates on a regular basis
  • Monitoring the success or failure of these updates
Implement the Australian Cyber Security Centre's Essential 8

Building managements understanding and the organisational impact of implementing the Australian Cyber Security Centre’s Essential 8.

  • Taking management through the security benefits and operational impacts of implementing each component of the Essential 8
  • Defining which of the Essential 8 should be implemented now and how that will occur, which are too arduous and costly to implement now and when they should be reviewed again.
  • Review the adherence to the Essential 8 annually (when subscribing to the appropriate security service).

Business Level

Component 3

Prior to delivering this security component, it is mandatory for your organisation to have the Essentials in place and to also have engaged our Security Consultancy service.

The need for additional components of protection from cyber threats will vary for each organisation, but based on today’s cyber crime threat levels, we see this component as one all businesses should have in place.

This security component provides a range of tools, processes, training and monitoring that comes together to deliver a higher level of protection against cyber threats.

Business Level delivers and includes:

Block Malicious Website Access

Minimise cyber threats by preventing users from accessing malicious websites. A system utilising DNS protection achieves this by: 

  • Providing an additional defence layer that ensures ALL requests are filtered by destination. This traffic check allows internet destination policies over 80 categories.
  • Traditional perimeter network defences are focused on internet traffic coming into your network and then determining if it should be blocked, but a lot less concerned with what’s going out. DNS Protection corrects this imbalance (and security risk) by using cloud based servers to instantly check and filter all outbound internet traffic, regardless of the network source.
Educating your team

There are no feasible tools or systems available protect against some cyber threats coming from Email Phishing. Educating your team to be aware of and takes steps against these attempted crimes is an important part of keeping your organization secure. We deliver this education through:

  • Comprehensive training courses designed to educate users about current security threats and how to avoid them.
  • Reporting on the progress of your team to identify potential email threats.
Dark web Scans and Reports

This security layer allows us to scan the dark web and check compromised emails and password that are available on dark web for sale and exploitation

  •  Identify if your users credentials are already being exploited within the cyber crime community.
Security Profile

Create a standard security profile for all your devices and report on how each device and user adheres to this standard. This security layer:

  • Creates and delivers device security profiling.
  • Risk and vulnerabilities monitoring and alerting.
  • Provides risk assessments and scoring on all devices.

High Level Computer Protection

Component 4

This security component should only be adopted once you have our Essentials and engaged our Security Consultancy service, as they are fundamentals for a robust cyber security platform.

This additional security layer provides a last line of defence against direct attacks to each computer in your organisation. The system uses a combination of applications installed on each computer, centralised security servers and a SOC (Security Operations Centre) staffed by a large team of security experts. The SOC and systems work together to identify potential threats and block those threats from acting. If a threat is activated by the computers users (ie through fraudulent emails, etc), the threat is identified and the SOC takes immediate action to block the threat and then roll back any effect the threat had on that computer.

High Level Computer Protection delivers and includes:

  • A fully SOC supported endpoint monitoring and threat detection system to identify active threats and remediate attacks.
  • Driven by the Sentinel One system.
  • Rapidly identifies thousands of variants of viruses and malware.
  • Immediate rollback - quickly responds to detected ransomware and rollbacks to an acceptable risk state.
  • Full rollback capabilities - in the case of any overwritten systems, you can leverage robust rollback functions through comprehensive tracking of changes at the endpoint.
  • Endpoint Attack Forensics, identify root causes of malicious behaviour.
  • Complete SOC Services - reduces false positives and ensures comprehensive protection through SOC analysis of quarantined applications and files.
  • Ransomware warranty - SentinelOne will pay up to $1,000 per infected machine towards the cost of paying a ransom if they don’t defend against or can’t rollback and restore data after a ransomware attack on a covered PC (up to $1m) .

Auditing and Compliance

Component 5

This security component will deliver detailed information on what attacks are occurring to your network and how your organisation is adhering to your security policies. The information provided allows your organisation to regularly understand the current state of cyber security and be able to provide evidence of what is occurring. Should an attack be successful, this security layer provides assistance to remediate against the attack.

The system leverages industry leading SIEM technology to collect, analyse and correlate information from network devices, endpoint logs and threat intelligence feeds. This information is used to identify security incidents, policy violations, fraudulent activity and other threats. The SOC will quickly take action to mitigate the attack while providing advanced remediation documentation and recommended next steps.

Auditing and Compliance delivers and includes:

  • Endpoint log monitoring - monitor key log files to identify and correlate events that could be malicious.
  • Common Network Device Monitoring - leverages out-of-the-box integrations with commonly used network devices in SMB client environments
  • Behavioural Analysis - quickly detect and address changes in systems and user behaviours with real-time processing and advanced correlation rules for intrusions and insider threats
  • Threat Intelligence integration - enables quick and accurate detection of network threats by integrating with valuable threat data feeds from ecosystem partners and open source providers.
  • Meet Common Regulatory Requirements - adheres to log management and threat analysis requirements for 23 regulatory standards
  • SOC Analysis and Basic Response - with analysis of events and basic remediation actions by the NOC, you can adhere to top compliance regulations without needing additional security-focused resources.

Protect yourself

Call and speak to the experts at Flexible Solutions to find out what's best for your business.