Cybersecurity
CGNET provides a comprehensive suite of cybersecurity solutions tailored to our clients’ individual needs.
Identity and Access Management
Identity and access management (IAM) is a framework of policies and technologies to ensure that the proper people have the appropriate access to your organization’s resources. Think of IAM as the “front door” to your security apparatus. CGNET has experts that can help you properly configure and manage your IAM setup. We can handle all the details for you, or just review your setup and tell you if we see anything that needs to be changed.
Migration to Azure Active Directory
The reasons for maintaining an on-premise Active Directory setup are melting away. It’s time to move your AD setup to Azure Active Directory. CGNET can help you get this done. We will implement Azure Active Directory (AAD) and decommission your local Active Directory. We will also provide alternatives for services that were supported by your local AD but which cannot be supported by AAD (eg, local print servers). We can ensure that your migration to Azure Active Directory takes place without a hitch!
Multi-factor Authentication
Multi-Factor Authentication (MFA) is a simple mechanism that dramatically strengthens your security posture. The addition of MFA to the authentication process foils the common cyber attacks on user identity and user credentials. CGNET can work with you to set up MFA: We purchase the licenses for you and then either consult with you on the setup, or if you prefer, do the installation for you.
Conditional Access
Conditional Access is the tool that makes decisions and enforces security policies when it comes to who can access what information at your organization. Let CGNET get you set up with Conditional Access and know that you’ve made your organization more secure. We will obtain the licenses for you, and then either consult with you on how to set up the tool, or we can do it all for you. We will also leave you with a set of policies to help manage secure access to your information moving forward.
Microsoft Information Protection
What if your information could protect itself? You can achieve that with Microsoft Information Protection (MIP). MIP gives you tools to automatically label content. And, once labeled, you can set policies that control what recipients can do with the data. We’ll purchase the licenses for you and either consult with you on the setup or, if you prefer, do it for you. The process requires defining labels for content (eg, sensitive, confidential) and then defining policies for how to handle content with a given label. By doing so, you will have security at the level of the information itself. Let CGNET help you get set up and take your security to the highest level!
Data Loss Prevention
It’s shockingly common to email information to the wrong recipient. With Data Loss Prevention, you can ensure that sensitive/confidential data doesn’t get sent in email. Restrict credit card numbers, social security numbers and other information from being sent, or at least ask senders to confirm that they know what they’re doing. CGNET will purchase the licenses for you and do the necessary configuration to protect your sensitive data. We can also help you to fine-tune your policies around the transmittal of this type of data.
Security Policies & Procedures
Security policies give your users best practices for secure computing and browsing. Security procedures detail how you will respond if security incidents happen. Do you have everything you need? Better to find out now vs. while you’re in the middle of a security incident! CGNET can review your existing security policies and procedures and identify gaps and missing information. When we’re finished, you will have a written report of everything we found, as well as a prioritized roadmap for closing any security gaps and making your policies and procedures more sound. An added benefit is that the reports we provide will help you maintain regulatory compliance and are useful for responding to IT audit requests.
Security Testing and Training
The most common way networks get compromised is through phishing, so you know it’s important to educate your users in how to spot and avoid phishing attempts. CGNET resells the KnowBe4 phish test and training tool. We can get it set up for you and show you how to perform your own security testing, or do the testing for you. Plus, we can provide customized anti-phish training for your organization, if you desire. Finally, we can install PhishER software, which strengthens security by automatically removing identified phish emails from all mailboxes.
Azure Site Recovery
You put a backup and restore program in place. Good job! But what about your applications? What happens if you lose your servers and applications and data all at once? Let CGNET set you up with Azure Site Recovery. We configure the servers and apps and wait for the word to take the Azure site live. Just like that, you’re up and running. Now, if an emergency outage occurs, your organization will breathe a collective sigh of relief with the fast restoration of service. And if you’d like, CGNET can also manage the service for you on an ongoing basis.
Backup and Restore
Do you have a good backup and restore program? Have you tested it lately? The rise of ransomware means that it’s more important than ever to back up the information that’s vital to your organization. This includes material stored in the cloud! Let CGNET work with you to set up a robust backup and restore program for the critical information in your organization. We can either consult with you on the program setup or do it for you. And if desired, we can manage the service on an ongoing basis.
INKY Email Security
INKY is a service that works with any email client to detect and block phishing and malware attacks. It identifies potential phishing based on experience with other mail deliveries, known bad URLs, brand impersonation, DMARC/DKIM, social media history and keyword patterns. It also scans inbound links and attachments. Inky flags messages for users with a banner indicating the level of confidence that message is a threat, and gives them the option to report the message as phish. Administrators can also set up a rules engine to allow/deny messages based on a particular criteria. Inky also scans outbound messages to protect against data loss.
Risk Assessments
With CGNET’s risk assessment, we work with you to discover what information you have and where it’s located. We then help you determine the risk that different kinds of information could be compromised and the impact if that were to occur. This assessment gives you a report of our findings, as well as a prioritized roadmap of recommended fixes to reduce information security risk.
Vulnerability Testing
You think your network is safe. But how do you know? With CGNET’s vulnerability testing, we look at your network from inside and outside the firewall. With our penetration testing, we can discover network elements that are running software with known vulnerabilities and then we provide you with a priority-ordered list of things you should fix.
Comprehensive Security Reviews
It’s important to step back to examine security across all aspects of your organization every three years. CGNET works with you to conduct a thorough and comprehensive security review. This will include OSINT data gathering, policy and procedure review, phish testing and training, a security workshop for your staff and a review of your organization’s security posture and administrative settings. We will provide actionable recommendations and a priority roadmap for keeping your security posture as strong as possible.
Microsoft 365 Checkups
With this comprehensive evaluation of all parts of your Microsoft 365 environment, CGNET can help uncover opportunities to improve your productivity, security and compliance.
We will:
- identify potential security weaknesses and offer solutions
- ensure your organization is adhering to data protection and retention regulations
- assist you in maximizing the efficiency of Microsoft 365 tools for enhanced productivity
- evaluate your licensing agreements for potential cost reductions