Security Design Consulting
A core focus of Acumenis is to understand the individual business and technology needs of our clients. We then work to ensure those needs are met, while significantly reducing exposure to cyber-attacks.
For clients with compliance requirements for a formal Information Security Management System (ISMS), we provide ISO 27001 consulting services to assist in the development and maintenance of an IT security program, and obtain compliance certification.
For smaller businesses, or those that are not ready for a formal ISMS, we provide a more economical and expeditious security improvement service, designed to mitigate risks and detect threats at each stage of a security breach, including:
- Initial Intrusion (such as through a malicious email attachment)
- Privilege Escalation (for example, gaining admin rights)
- Obtaining Persistence
- Lateral movement of attackers or malware throughout a network
Acumenis can work alongside your existing IT staff or IT provider, to supplement their capabilities with specialist security skills and experience. We usually begin with an IT Security Design Assessment, before proceeding with the server, workstation or network hardening tasks listed below.
Server and Workstation Hardening
Acumenis can bolster the resiliency of your company's servers and workstations, often without the need for any additional investment in security products. We mitigate entire classes of attack in many environments by simply taking a considered approach to server and workstation configurations. We make use of features and techniques that are readily available, but too often neglected.
Many available security features are disabled to prevent disruption to staff, or due to application compatibility. We're experienced in deploying these technologies in ways that allow staff to work unimpeded, while also ensuring that they're not exposing the organisation to unnecessary risk. Some of the strategies we're experienced with include:
- Application Whitelisting, including Device Guard, AppLocker and Software Restriction Policies
- Credential Hygeine, to limit theft of credentials by malware
- Application Hardening, for example to reduce exposure to macro, OLE and DDE attack techniques
- Restricting lateral movement and privilege escalation should a machine be compromised.
Acumenis can protect your network from intruders. We configure your network design, switches and firewalls to provide adequate protection against worms and other malicious activity.
Ransomware and other forms of malware are increasingly attempting to spread from one machine to another, in order to perform the maximum amount of damage. Network segmentation and isolation can help protect critical resources, without causing disruption for staff.
We can configure your existing firewall to provide appropriate protection, or we can recommend and install a new firewall appliance, including the popular WatchGuard range.
Contact Acumenis today to discuss how we can help reduce risk of cyber attack for your business