Programmer at desk

Security Monitoring Services

18:01 15 March in analysis, attack, cloud security, consultancy, Cyber security, Incident Response, Management, monitoring, security operations, small business, Threats by robp
1

If you follow me on twitter, or read the blog here, you’ll know that I am very keen on security monitoring. Effective security monitoring means that you can spot bad stuff when it happens and take action promptly to remediate the problem, and importantly, limit the impact. This has become even more important with the advent of GDPR – you are now expected to report breaches that impact personal data in 72 hours, and the NCSC have produced guidance on compliance that recommends you are able to ‘detect security events’. You can read more on what I think that means here.

Getting security monitoring right can be challenging, not least because it involves a number of moving parts. Firstly, you need someway to detect suspicious activity (usually a software tool of some sort), then you need someone who can look at the alerts this tool generates, understand them and decide what action needs to be taken, and finally of course you need a way of promptly implementing whatever the recommended action is.

Lots of organisations, even large organisations, stall at the second and third points. Finding people who understand the alerts they are seeing, and then taking effective action, is not easy (I’m not saying the technology is easy either, but lots of times I see people focus on that rather than the other two components). For small and medium sized businesses this is even more of a challenge.

So, I am pleased to announce we are offering two new security monitoring services aimed squarely at small and medium sized business. You can find more details here, but I’ll provide a short overview:

These services are aimed at two key elements of your business; your website and the cloud services you use. The astute reader will note in my blog on GDPR and security monitoring I talk about endpoints (by which I mean laptops, desktops etc) too – we don’t have a service in that space right now, but plan to offer one in the future.

Our two new services are:

CloudSecurity+ : Put succinctly this service pulls audit data from your cloud service provider, and we examine the data and look for suspicious activity.  Our focus has been on Microsoft O365 (as it is so widely used), and we also currently support Dropbox with Gmail following shortly. Whatever service you are using, if you are interested in monitoring get in touch – most cloud service providers offer some way of access data about who is connecting and what they are doing, so we should be able to work with whatever service you use.

WebSecurity+ : As the name suggests this service is focussed on monitoring website. It is a little more than that though – for cloud services we have a read only view. We watch for suspicious activity and alert you with recommended actions when we see any, but we have no access to your cloud service ourselves. With Web Security+ we install two pieces of software on your web server that block suspicious activity and attacks in realtime. We still get alerts, and will report to you when you need to take any action, but the tools we use are very effective at defending your website.

These services are designed to give SMEs access to people with a lot of security monitoring experience, and to give you assurance about the security of your data. 

If you have questions, or want more information, please get in touch!

Thanks for reading.


Rob