Enhanced Security Services: Protect & Prevent Cyber Attacks

Posted by Jason Firch on Feb 24, 2017 2:14:21 PM

 

 

Welcome to the Enhanced Security Services demo by OSIbeyond.

We will be giving an overview of our Enhanced Security Services, which is designed to provide comprehensive safeguards to protect against and prevent cyber attacks.

These cyber attacks can have a devastating impact on your organization causing:

  • Damage to customer/member trust
  • Reputation
  • Direct financial losses

However, OSibeyond’s Enhanced Security Services consists of 5 main components to proactively protect and prevent against malicious attacks, data compromises, and network vulnerabilities.

  1. Two Factor Authentication
  2. Targeted Threat Protection
  3. Mobile Device Security
  4. Phishing Security Tests
  5. Network Vulnerability Scans

 

Two Factor Authentication

Passwords are becoming increasingly easier to compromise.

They can be stolen, guessed, or hacked, and you might not even know when someone is accessing your account.

However, with two factor authentication, a second layer of protection is provided to secure your online accounts. The primary benefit of two factor authentication is to prevent anyone from logging into your account, even if they know your password.

When you attempt to log into a service protected by tow factor authentication, you’ll be promoted to enter your user name and password.

To access your account you must complete one of 3 authentication methods, using an authorized device.

  1. Push notification
  2. Call Me
  3. Passcode

Two Factor Authentication.png

First, the push notification sends a notification to your device to confirm if you’ve made the request.

Once the push notification has been sent to your device, you will be notified through the mobile app, which is available on iOS and android devices.

Two Factor Authentication Push Notification.png

If you did not initiate the request, you can choose to deny the attempt and report it for fraudulent reasons.

Two Factor Authentication Fradulent Attempt.png

This triggers an email notification to a network administrator who can block future malicious attempts made against your account.

If you did initiate the request, tap the approve button to access your account.

Second, an automated call is placed to call your device with instructions to access your account.

Two Factor Authentication Call Me.png

Lastly, the passcode method sends a 7 digit number via text, which expires 5 minutes after sending.

Two Factor Authentication Passcode.png

 

Targeted Threat Protection

Inbound email attacks are one of the fastest growing cyber threats challenging organizations.

Employee information can be easily stolen, causing irreparable damage to member trust, reputation, and direct financial loss.

Targeted threat protection is an advanced cloud security service that provides multiple safeguard to prevent:

  • Malicious links
  • Weaponized attachments
  • Malware free socially engineered attacks

 

Attachment Protect

Targeted threat protection consists of three methods to prevent cyber attacks.

First, attachment protect reduces the threat of weaponized or malware laden attachments used in spear phishing attacks.

Inbound emails with attachments are opened in real-time, in a virtual or sandbox environment, which is isolated form your organizations network.

Staff will receive emails in a safe file format, which strips away any malicious content.

Targeted Threat Protection Attachment Protect.png

Since the sandboxing checks take place in real time, there is no delay for staff to access content.

 

URL Protection

URL protection rewrites all inbound email URLs to block the threat of a malicious attack. When a link is clicked, regardless of the device, the destination website is scanned in real-time.

Security policies can be set to instantly restrict access when a link containing phishing content is detected.

Targeted Threat Protection URL Protect.png

When a malicious link is clicked, staff are shown a blocked page preventing access.

Phishing Security Threat Detection.png

URLs containing suspicious file extensions, such as .exe, which is used to spread malware, can be blocked to further safeguard your network.

Prevent Cyber Attacks.png

In addition, user awareness is a feature used to provide network administrators with a way to track staff prone to clicking on bad links.

Targeted Threat Protection User Awareness.png

 

Impersonation Protect

Impersonation protect defends against the rapidly growing threat of whaling, commonly referred to as CEO fraud.

By marking key indicators of these socially engineered attacks, suspicious emails are blocked and labeled as potential threats.

Similar internal domain provides protection from inbound messages where the senders domain looks similar to any of your internal domains.

Similar Internal Domain Phishing Attempt.png

Targeted threat dictionary identifies key characteristics in the body, subject, and header of the email.

How to identify a suspicious email.png

This provides an additional layer of protection to prevent cyber attacks from accessing sensitive or financial information.

Enabling number of hits, and selecting 2, requires at least two of the identifiers above to be triggered before any action is taken.

How to prevent false postitive detections.png

This features prevents false positive detections from blocking safe traffic.

 

Mobile Device Security

Mobile device security provides a way to easily maintain and secure smartphones and tablets.

Granular security policies help to proactively prevent unauthorized devices from compromising your network.

Regardless if they are owned by your organization or by your employees

Complicate enforcement rules can also be sent went a device is out of compliance.

Group can be created to specify security policies:

  • Globally to all device
  • By device type
  • Employee owned devices

Mobile Device Management Groups.png

Groups ensure separate security policies are created and enforced, regardless if they are organization owned or employee owned devices.

In addition, custom groups can be created to set policies for individual departmental use.

Granular compliance rules can be set to ensure devices connected to your network do no pose a security risk.

Enforcement rules ensure all devices are in compliance by keeping operating systems up to date.

Mobile Device Management Compliance Rules.png

Preventing black listed applications from not being used on devices.

Mobile Device Management Black List Applications.png

And preventing jailbroken or rooted devices from accessing your network.

Mobile Device Management Prevent Jailbroken Devices.png

Similar to group security policies. You can set compliance rules to specified devices, or by department.

In the event a device is out of compliance, an email notification will be sent to a network administrator.

Furthermore, granular security policies can be set to specified devices based on the groups created, or globally to all groups.

Mobile Device Management Security Policies.png

For example, passcode policies can require devices to include:

  • Minimum passcode length
  • Set a passcode expirations
  • Auto lock idle devices after a set period of time.

 

Phishing Security Tests

Phishing security tests are a highly effective way of preventing socially engineered attacks.

Detailed reporting metrics track:

  • Links clicked by staff
  • Email attachments that have been opened by staff
  • Staff replies to emails

OSIbeyond will provide remedial online training to prevent future network compromises in the event staff fall for the simulated attack.

When phishing security tests are implemented, staff will receive emails at random, promoting them to take an action or provide personal information like their username and password.

Phishing Security Tests.png

In this case, the sender, [email protected], is informing staff of a security breach and that they should click the link to change their password immediately.

Once the link is clicked, a familiar destination page will appear, promoting staff to sign into their account.

Email Phishing Attack.png

If staff fall for this attack, a page will appear notifying them of the simulated phishing test.

Simulated Phishing Test.png

Remedial online training will be provided to inform, educate, and prevent staff from future security compromise.

This training will be provided in a video format, with real life use cases of the malicious attacks.

Cyber Security Remedial Training.png

In addition, built in quizzes test staff’s knowledge and understand of potential cyber threats.

Employee Phishing Attack Quiz.png

A monthly report of the simulated phishing attack will be provided, showing an overview of all activity.

Monthly Phishing Security Test Report.png

Individual user actions are track to show who are most at risk to phishing attacks and therefore may warrant additional in person training.

 

Network Vulnerability Scans

Network vulnerability scans consist of a 3 step approach to proactively securing your network.

  1. Monthly internal and external scans
  2. Remediation of high or critical threats
  3. Detailed monthly reports of overall health of network

Network Vulnerability Scans.png

Completed scans show the total number of threats and assess each one by severity (low, medium, high, or critical).

In the event a high or critical threat is detected, OSIbeyond will provide remediation preventing any data or network compromises.

Critical Network Vulnerability Detected.png

All other threats will be presented in a monthly report.

Monthly Network Vulnerability Scan Reports.png

These monthly reports provide documentation that your organization is taking proactive measures to secure your network.

 

How to Prevent Cyber Attacks

Organizations can no longer afford to ignore the risks, as cyber attacks become more widespread and sophisticated.

A breach in your network can have a devastating impact, making cyber security an essential component of your technology operations.

As you’ve seen with OSIbeyond’s Enhanced Security Services, a holistic approach is delivered by adding multiple layers of security.

These proactive measures protect and prevent cyber attacks that would otherwise compromise your organization’s technology systems.


Prevent Cyber Attacks with OSIbeyond's Enhanced Security Services

Topics: Managed Security Services