• 317-664-5316

  • Good Security: All about the layers

  • Edited 2/22/2022

    In one of our blog articles, we talk about using a proper firewall. That notition is still valid regardless of the date of the posting. However, Solvonex preaches and works hard to implement a layered security approach. Here's what that means.

    Yes, a strong next generation firewall is critical for the outside of your network. But the next step is good antivirus or malware protection on the end point devices. Yes, install it on your Windows devices but also on your Macs and Linux devices. Anyone that tells you Windows is the only insecure operating system is flat wrong. ALL software including operaitng systems are created by humans and have flaws. Every device that an end user touches needs some kind of security including Windows, Macs, and Linux device. Even mobile devices need security!

    Next, web filteirng can and should occur at the firewall level. However, taking that web filtering and malicous content filter with your users when they are off campus or out of the office is also important. Having filtering at the end user device level is also needed. Even if it means you have two web filters to configure and maintain, it will be worth it to handle on the firewall and the end user device protection software. Solvonex uses multiple solutions for end user device web and content filtering.

    If you are complex enough to have or host web sites or web applications at your office, data center, or in the cloud, we recommend using a web application firewall or WAF like something from Fastly. Web application firewalls are specialized and handle everything from the most recent Log4J vulnerabilities to DDOS or denial of service attacks. Internet based attacks and outages are a significant issue and require a next level approach.

    Internal and external network vulnerability scanning is not a new solution but is something most companies do not use. Solvonex has partnered with Qualys to scan external and internal resources to find and help companies patch or fix vulnerabilities in everything from PCs to servers, switches, wireless devices, and even printers. How do you know what to secure if you aren't keeping on top of device vulnerabilities? We scan external and internal assets and develop vulnerability remediation plans. This isn't done once but is a continual effort and required for good cyber security.

    The next layer and most vulnerable resource in any company, school, etc. is the end user. The human element in any environment is ALWAYS an insecure link in the chain. From web to email filtering, proper device and user rights assignments, and even data breach searches are now the defacto standard for all business, schools, or even home users. Solvonex has partnered with and obtained a unique dark web research tool to reactively and proactively monitor email addresses, domain names, and other information found on the web to help users change their passwords and avoid data breaches. Training and breach monitoring will also help witn you cyber liability insurance premiums. Don't have cyber liability insurance? Talk to us!

    There are other tools out there for keeping network secure, but all of the above ultimately comes down to experience and process for good implementation. Solvonex adds decades of experience and context to help keep organizations safe and secured. No solution is perfect. No effort will ever be enough; however, our methods include industry standard, tried and true, and best practice threat remediation solutions. Our solutions will absolutely help and get you on the right path.

    If you are not layering your security, you are open to breach, ransomware, employee mistakes causing data loss, and other issues that will cost your company money and reputation. Let us work with you to do an assessment to find the best approach to solve your security needs. It does not matter if you are a small business or a large business, a K-12 school, or a house of worship: all need layered security!