Saepio’s Guide to Trusted Access

Trusted Access is a Cyber Security Essential.

You need to ensure that only the right people and the right devices have access to your valued systems and data, this becomes even more important if your estate includes public and private cloud applications.

A user name and password are no longer sufficient to ensure integrity of access, Multi-Factor authentication is the first step on the journey, and if you can also ensure that your devices are trusted and behaving then you’re on the right path and Single Sign On solutions move the game on further still.

With access, your users need to be bought in and happy with the controls you implement to ensure the project is a success. Whatever you do needs to be simple to use and not impact your users from doing their day job.

If you are working with a lot of cloud applications and a lot of personal devices, a CASB is recommended. These solutions can protect access and data across a broad area with a single platform.

Passwords haven’t gone away, they are still necessary of course, the approach here needs to be a combination of policy and education first, and if this isn’t sufficient then password management solutions can help to enforce best practice and keep access secure.

There’s a lot to think about when it comes to your trusted access strategy, it’s important to get it right. Saepio provide objective advice based on which methods will give the greatest security improvement and the quickest return on investment.

Please get in touch if you’ve any queries around how we could help you with your access challenges.

Ransomware Protection Guide

It’s our job at Saepio to understand the latest tactics of miscreants in the cyber world and deliver appropriate protection to our customers. Presently, the most successful widespread and targeted attacks involve intelligent exploits to deliver malware often in the form of ransomware payloads.

Statistics show that 50% of organisations have experienced an infection and in 40% of cases the ransom is paid. It’s a profitable industry, therefore booming. Saepio offer objective advice and effective solutions to combat these threats. Preventing Ransomware is a good example.

Read more in our Ransomware Protection Guide.

Vulnerability Management Guide

We’re often asked ‘why would a cybercriminal target our business?’. The reality is every organisation has something a threat actor can benefit from, so the more relevant question is, ‘how easy would it be for a cybercriminal to target our business?’.

Like many situations in life, cybercriminals tend to take the path of least resistance and pick the low hanging fruit. Any business that displays public facing technical vulnerabilities will be their first port of call. By using readily available scanning and reconnaissance tools to scope the security health of websites, applications, wireless networks, firewalls, etc, they will focus on weakness. In fact according to Forrester, 41% of successful cyber breaches are down to a technical vulnerability being exploited.

Read more in our Vulnerability Management Guide.

Incident, Detection and Response Guide

Most IT departments are proud of their wall mounted LCDs displaying their network, monitoring performance and availability and alerting to issues. Conversely, most organisations are in the dark when it comes to security visibility.

• How do you detect breaches?
• How do you decide how severe an incident is?
• What level of urgency is assigned to each incident?
• What is the response?
• Should you report it to the authorities?

Security monitoring is a hot topic. It’s not ‘if, it’s ‘when’ you’ll face a cyber incident. Do what you can to Prevent, but get out of the dark with security monitoring to Detect incidents and Respond accordingly. If you want to take a proactive approach to security, Saepio’s solutions team encourage you to review Rapid7’s Insight suite of solutions for Vulnerability Management, Logging, Incident Detection & Response and Automation.

Read more in our Incident, Detection and Response Guide.