A dozen years or more ago, the cybersecurity landscape was quite different from what it is now: “Endpoints” referred to the tower PCs on every desk, the perimeter of the LAN and local data center defined what needed protecting, and clouds were white fluffy things that floated in the sky.
Today’s security picture is much more complicated — plus, it’s one that’s prone to near-daily change. Organizations use technology for just about every function across the business, and topologies shift between different cloud providers and services, both on-premises and remote. Edge computing allows for resources to be placed closer to users for better responsiveness.
Cybersecurity practices from yesteryear don’t cope with the ever-changing situation well, and many organizations struggle to create protection policies.
At Network Connections, we are a data protection-focused company. We care about understanding the data, the criticality, and the sensitivity of that data. We want to understand a number of attributes that are relevant to how that data is being used, manipulated, and shared. The relevant attributes are things like the identity, the user behavior, the device type, the network, and the data that are now being used within applications or cloud services. We identify complications when personal and business SaaS uses coincide. For example, both the private and corporate uses of file-sharing services like OneDrive or Dropbox.
Our approach to Cybersecurity is different than most others. Traditionally, SOCs are set up to accommodate a small pool of customers with unique environments then consume monitoring data from specific enterprise SIEM or EDR products often chosen by the customer. It’s the ultimate in attended security monitoring but it’s limited by the effort required in the initial configuration and access management.
By using an innovative agent-based zero trust model that eschews conventional perimeter-based security models Network Connections can easily monitor all endpoints for virus, malware, ransomware, trojans, file-less threats, and incoming attacks over the network. Data from endpoints is continuously streamed from the agent to the SOC analysis hub which runs in a private cloud. It’s then analyzed against known threats and vulnerabilities and escalated to a human analyst depending on the type of event. Our team then provides analysis and recommendations for remediation of the security event.
We may have designed an innovative and extremely effective tool for catching threats, but it’s just the instrument the orchestra plays. Security threats come from malicious actors — real humans’ intent on stealing or damaging your data. Oddly, they adhere to the same basic tenet we do: whatever tools make us the most effective are the ones that will be used in our job. They will write code to circumvent protections, trick users, and wreak havoc, but in the end, it’s a human orchestrating the attack with advanced tools.
NCI's Security Operation Center (SOC) is people watching over our customers from an advanced operations center using an advanced, purpose-built toolset. Here are a few of the functions our SOC provides which are normally only found in integrated combinations of premium enterprise-grade security suites:
- SIEM Services
- MDR (Managed Endpoint Detection & Response)
- Vulnerability management
- Advanced Threat Protection
- Threat Intelligence
- Threat Hunting
- Incident Response
Who is NCI and how we can help!
If you are looking for a proven IT service provider, Network Connections has all the solutions you're looking for. We offer your business managed IT services, mobile or remote workplace, Microsoft cloud services, managed cybersecurity and hosted VoIP solutions.
Contact us today, and find out how we can help your business.