There are many different types of cyber attacks and "scary" terms being thrown around all the time - phishing, denial of service, ransomware, spoofing, zero-day exploits, etc. The succinct answer is that we provide many layers of protection in an attempt to prevent you from being attacked/disrupted in these days, but we also provide layers of protection to help you recover promptly should we fail to prevent such an attack. Here are some of the ways that you can be affected by a cyber attack:
- Down Time / Inability to use some or all of your technology infrastructure
- Data Exfiltration (A breach of private data)
- Loss of Data (Inability to recover important data)
- Loss of Money (via fraudulent transfers)
- Loss of Reputation
Here are some of the ways we protect our clients from such attacks:
- Firewall at your network perimeter
- Firewalls on each individual PC
- Virus protection to prevent malware from being downloaded and/or executed
- Inbound Email filtering (to protect from phishing attacks)
- Outbound Email filtering (to protect private information from being exfiltrated)
- Phishing Training
- On Site Backups of your data (in our data center if you're cloud-hosted)
- Off Site Backups of your data in a separate location
- Acronis Active Protection (monitors for ransomware-like activity, and automatically reverts changes to avoid further damage - see here) - currently only active for servers in our data center
- Multi-factor authentication - prevents password
- DKIM/SPF/DMARC to prevent email spoofing (to prevent bad actors from pretending to be you in order to "socially engineer" others to take fraudulent actions)
As we're migrating to a "zero trust" model and moving cybersecurity to be a larger part of our practice, this list will continue to grow.