The Leaders in Security
INFOGUARDIAN 2017 | All Rights Reserved. Cardio theme by Flythemes.
Databases are most often the target of attacks organisations are currently faced with and they are compromised in various ways. From malicious insiders who exploit their access privileges to purpose-built malware designed for data harvesting, as well as the hijacking of a user’s credentials, it is becoming increasingly difficult to ensure that we are never compromised. Database Activity Monitoring (DAM) tools give us the ability to protect database infrastructure through virtual patching, while at the same time monitoring, recording & alerting on potential suspicious user activity and creating an in-depth audit trail of all access. InfoGuardian’s DAM solution can be provided as an on-premise solution managed by the customer or as-a-service.
Data Loss Prevention is offered by various vendors and they provide varying levels of functionality, which also comes with varying price tags and usually extensive professional services engagements. InfoGuardian has differing views on DLP and its effectiveness versus client readiness for adoption. We therefore prefer to phase DLP projects so as not to impact our customers businesses while trying to gain control of the movement and usage of the organisational information assets. We also work with multiple vendors to ensure that the solution we propose meets the specific customer requirement, whether a moderate solution focussed on a few key policies or a more complex solution that organisation-wide touching on all information assets.
As most organizations move to a cloud based infrastructure, we are effectively exposing our entire datacenter to everyone, and as such the security controls need to provide adequate multi-faceted defenses. Therefore, we have developed an Application Security solution that combines a Web Application Firewall with an Intrusion Deception Technology to address this high-risk environment. Web Intrusion Deception is an industry first that monitors a user’s interaction with your Web Application and takes action based on their behaviour. It employs intrusion deception techniques by inserting tar traps into the web application code, and then blocking the user should he display malicious intent. It then goes a step further by fingerprinting the perpetrators machine with an indestructible cookie and then updating all of your firewalls deployed within your organization, instantly. Therefore, an attacker identified trying to hack through your Web Servers will immediately be blocked at branch level.
The solution includes:
From a Web Security perspective, it is equally important to ensure that we are doing more than just URL filtering but again organizations often forego in-depth security in favour of performance to enhance the user experience. In doing so, organizations often do not see Command & Control communications from inside the network making it extremely difficult to know if the organization has been infected by targeted malware or botnets. There have been many well-documented cases of organizations leaking information and allowing direct infection and data exfiltration paths for many years before realising they were infected. These breaches could have been avoided, or at the very least detected sooner, had more robust controls been implemented.
InfoGuardian’s Secure Web Gateway solution offers:
Our MDM solution architecture is built from the ground up to be multitenant, highly scalable and to integrate with existing IT infrastructure. The solution scales to support deployments of hundreds to thousands of devices through a robust architecture that is fully configurable according to your environment and requirements and is built on industry standard technology, such as ASP.NET and SQL Server, making it easy to manage alongside your existing enterprise applications. It can be deployed in a highly available environment and fully supports disaster recovery configurations to minimize downtime.
This Best in Class Architecture provide the following advantages:
Very often the forgotten area when it comes to Information Risk, an enterprise-wide Backup Solution is every bit as important as traditional Security Controls when dealing with organisational data. The recent upswing in Ransomware attacks has accentuated this point and we are often left with no option but to restore from backup. However, unmanaged & unmonitored backup solutions are as much of a risk as not having a solution in place as they tend to instil a false sense of security. It is only when trying to restore from a failed or corrupt backup that organisations feel the pain. InfoGuardian offers multiple Backup Solutions including Cloud or On-Premise solutions with Cloud or On-Premise storage and all of these options can be bundled with management & monitoring services.
InfoGuardian’s vulnerability management solution is designed to operate entirely independently of operating system, network type, asset type or application. Utilisation of best of breed technologies ensures future requirements are catered for due to ongoing investment in research and development. By combining the necessary solutions from established vendors in this space and integrating them to ensure a single view of the vulnerability landscape, we are ensuring that our solution is future-proof, while also catering for legacy systems. By taking a multi-vendor approach, we are able to offer best-in-class technology from market dominating vendors ensuring that any single attack vector will be interrogated by multiple, independent technologies to ensure maximum detection.
Intrusion Prevention Systems are another core element of a sound Network Security architecture, but they must be integrated with other elements of the security infrastructure and global intelligence systems in order to be truly effective. InfoGuardian’s Advanced Threat & Targeted Attack Prevention solution discovers unknown threats which allows us to use certain identifiable characteristics of these threats to trigger filters on the NIPS and block the attack on the wire, before it has an opportunity to infiltrate the network.
The solution offers the following:
Most organisations tend to focus their patching efforts on Microsoft and the bad guys know this, which is why they target vulnerabilities in operating systems or third party applications that do not get the attention they deserve. Most malware types use these vulnerabilities to access systems, but hackers and hacking tools exploit them too. This leaves antivirus and other security controls hamstrung and in a reactive position, allowing re-infections to take place even after a threat has seemingly been eliminated from the environment. InfoGuardian can provide various tools to address this risk for either customer use or delivered as-a-service.
Firewalls were previously seen to be the core of any Network Security architecture but they have now evolved into a less dominant, but still necessary element of an overall defence-in-depth strategy. Due to the additional capabilities offered by Firewalls today, organizations are better served in using them to segment the network and to control the spread of infections or potential attacks. With this design, we are able to utilize the Firewall to control the impact of an infection by only blocking the services impacted by the threat, while still allowing the unaffected services to continue. InfoGuardian offers various Firewall-related services including a 24x7x365 completely managed service that includes Incident & Event Management.
An advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. APT usually targets organizations and/or nations for business or political motives. APT processes require a high degree of covertness over a long period of time. The “advanced” process signifies sophisticated techniques using malware to exploit vulnerabilities in systems. The “persistent” process suggests that an external command and control system is continuously monitoring and extracting data from a specific target. The “threat” process indicates human involvement in orchestrating the attack. InfoGuardian has developed a Malware Prevention Solution that is able to monitor and proactively identify these types of attacks, allowing us to block them within the shortest possible timeframes thereby minimising any potential impact.
The Information Security industry is still undecided as to the importance of traditional signature-based antivirus software. InfoGuardian believes that it is a vital necessity, provided that it is properly managed and maintained. It allows us to prevent known attacks, thereby clearing away the noise enabling us to detect unknown and targeted attacks faster and with more accuracy. Furthermore, the volume of attacks we are dealing with requires round-the-clock vigilance, which is why we have created a 24x7x365 Managed Antivirus Service that is available across multiple market-leading vendors.