Security Services

BestIT provides a full suite of managed enterprise security services to assess, reduce and mitigate security risks, designed as a packaged, multi-year solution that bundles assessment and health-check, periodic revisions and updates, continuous monitoring and SWAT team intervention on declared threats and breaches. This “peace of mind” security solution provides 360 degree cost-efficient and integrated information security functions with permanent access to our top security experts.

Protect your business from security threats with the “peace of mind” one stop-shop
Gain permanent access to our security experts
Receive timely alerts on security breaches with continuous monitoring and Cyber SWAT Team interventions when and as needed
Maintain your technology environment in a healthy state of security and compliance

DISASTER PREVENTION IS PEACE OF MIND

Did you know that 43% of businessess that experience major data loss from a disaster do not reopen. Reported in Symantec Intelligence Report, 2013.

WE SOLVE SECURITY BREACHES

BestIT’s Remediation Services cover a broad range of features and solutions. Remediation may involve minute and detailed code changes, configuration settings on servers, workstations, network devices, and/or applications, or entire redesign of system configuration standards, network architecture, authentication schemes and data encryption across your complete organization. We can serve as the single source provider for the design and implementation of centralized information security programs, within your company, where none previously existed.

Our solutions for your business can range from highly tactical to highly strategic, involving technicians, project management, and thought leadership. Regardless of the source of security dilemmas, we deliver positive results. We can implement a Security Event and Incident Monitoring solution, or design a data classification scheme to identify confidential information and a centralized enterprise encryption solution.

We also offer ongoing remediation contract services for a specific scope—such as network, code, or systems where compliance is an ongoing issue and remediation is part of an ongoing information security/audit life cycle. Our work is completed when the desired results are achieved: the remediation gap is closed and the client is satisfied.

What We Cover:

Audit/Assessment Response
Compliance
Breach Response

Understand breaches and resulting impact
Discover the source of the breach and take preventive measures to protect your data and assets
Be confident in urget response and remediation
Cyber SWAT Team / Response Team on major breaches
Project services or flat rate available

IDENTIFY SECURITY RISKS

A suite of assessment and audit services that can be tailored to the unique needs of your organization’s security and compliance challenges. The Health Check provides specific answers on the current level of risk, threats, compliance and the effectiveness of controls. Get the best penetration and vulnerability testing available, as well as impact threat analysis and comprehensive regulatory compliance assessment and audit preparation.

Vulnerability assessments are similar to getting regular checkups at the doctor’s office. We perceive them as mildly invasive, they make us feel a little uncomfortable and we often worry about the results. However, we find out valuable information that will enable us to live well, protect from disease and disablement and the more we get them, the less we find we have to worry about.

Understand your risk, compliance, vulnerabilities
Threat analysis report
Roadmap for the improvement of system security
Expert independent penetration & vulnerability testing
Make sure your controls are enforced and effective

WE PREVENT DISASTERS

Be prepared for natural disaster, but also more subtle, but equally devastating, risks to your business. You can assess and get prepared for permanent or temporary loss of talent or skills, critical supplies or access to your customers can be assessed. BestIT will help you build Disaster Preparedness and Business Continuity plans at lower costs.

What We Cover

Disaster Readiness Assessment
Disaster Recovery Plans, Testing & Review
Business Continuity Plans, Testing & Review
Business Impact Assessments
Workforce Safety & Security
Data Loss, Theft & Intellectual Property

Know your data is secure and is fully available to keep your business moving
Maintain a disaster recovery solution that is tightly aligned with compliance and customer commitments
Reduce the cost / monetize your preparedness solutions and cover less visible risks at once

INTERNAL COMPANY SECURITY RISKS

In an age when companies are suffering security breaches on a consistent basis, it is important to ensure the data at your company is as secure as possible. In addition to external threats from hackers, internal security risks also need to be identified. All of BestIT’s security assessment offerings include a risk and impact-based approach to uniquely analyze the risk of finding a gap or vulnerabilities within the organization. We identify the gaps in your security and seal them before a data breach of any size hits your business.

Read BestIT’s
"Security-As-A-Service"

DOWNLOAD .PDF

VULNERABILITY ASSESSMENT INTRUSION TESTING ARCHITECTURE ASSESSMENT INTERNAL GOVERNANCE TECHNOLOGY RISK MANAGEMENT SECURITY INCIDENT RESPONSE

VULNERABILITY ASSESSMENT

A vulnerability assessment provides a third party independent validation of current security and risk within the environment. The result is an assessment of all security and environment controls with a focus on vulnerabilities and risks within the enterprise or a specific focused scope of it. Examples of scopes of these assessments include external facing systems such as webservers, websites and applications, internal systems including database servers, application servers, workstations, network devices, wireless access and extranet networks between the organization and business partners.
Regardless of the focus, all vulnerability assessments follow the same approach with four essential phases:

Discovery Essentially a data gathering period to assist testing during enumeration and applied in analysis for impact, risk and effort ratings.
Enumeration Systems are tested during this phase and the results are gathered for analysis. Testing includes system interrogation tools such as Nessus, NMAP, Nexpose, SAINT, Cain, DTsearch, Network Stumbler, ShareScan, SamSpade, AirSnort, RAT, among other tools as well as manual testing processes.
Analysis Data gathered from the enumeration is analyzed against relevant industry best practice, business impact, and known risks reported by enumeration tools relative to the organization and observed compensating controls.
Reporting A formal report is generated with all vulnerability findings ranked in order of their severity relative to actual risk, business impact and effort to remediate the issue.

BestIT will assess the vulnerabilities that could exist within:

External (Internet facing)
Internal (private business and production networks)
Wireless (WiFi network access at business facilities)
Extranet (Private B2B networks)

INTRUSION TESTING

Intrusion testing (attack and penetration testing) provides validation of the level of protection applied within the environment/scope by examination of defense in depth control effectiveness in preventing data loss, leakage and/or alteration through tests utilizing current and real-time attacks, vectors and scenarios.
The BestIT approach combines the use of skilled and experienced information security researchers with technology and tools. Whereas some of our tools and technology are privately developed and purchased, the majority of the tools are open source, are freely available on the Internet and widely used by professional researchers and criminals alike. What differentiates the BestIT service from other “intrusion tests” is that we don’t rely on “script-kiddie” techniques, we don’t trust the tools to find the holes, but we use the tools as intended — that is to check what we already suspect and what may have been overlooked.

Social engineering and physical intrusion require special mention here as they represent special case testing. Although they typically follow the same methodology and approach as the “logical” intrusion test, the exploit is against human targets to gain information or access to physical locations where information assets reside.

Approaches will include phone work, social media, “casing” a facility to determine ingress and egress points, tail-gating into controlled areas, and may involve disguises to pose as “authorized” visitors/vendors. These tests are mostly about determining the level of security and policy awareness of the workforce.

What We Cover:

Web Service and Applications
External Networking Infrastructure
B2B Extranet
Internal Network and Host
Wireless Infrastructure
Internal Applications and Data Stores
Social Engineering and Awareness (Physical/Logical)

What You Should Know

Intrusion tests aren’t just about finding a security hole. It’s about testing effectiveness of the controls to stop an intruder at multiple layers.
Many so-called intrusion vendors only run automated tools, which leads to poor and inaccurate results.
Regulatory standards require an annual intrustion test, however most organizations should consider more frequent testing.
Time is everything when considering how long you want a test to take. Remember, cyber criminals have all the time they want and will strike at your worst moment.
Our intrusion experts are highly trained and knowledgeable in exploit methodology and attack vectors.
Intrusion tests can be a great training exercise for your security incident response program.

ARCHITECTURE ASSESSMENT

A security architecture assessment examines the security design and configuration of an environments’ infrastructure and can include virtual components. Typically, the assessment focuses on one or more logical architecture areas:

Network

Firewalls, load balancers, NIDS/NIPS, routers, switches, remote access (VPN)

Physical

Security controls at ingress/egress points where data assets reside (Data Center, workstation, servers)

Application

Code review, error handling, data filtering, authentication, encryption

Data

Classification, data leakage protections, encryption

System

Operating Systems, HIDS/HIPS, authentication, authorization, End Point Protection

Approaches and methodologies vary on the architecture to be assessed. For logical infrastructure reviews, configuration files and benchmark standards with available documentation of the environment are gathered and analyzed. If benchmark standards have not been designed and/or applied to the “in-scope” environment, then appropriate industry standard and/or regulatory standards may be reviewed and agreed to with the project sponsor(s).

Automated tools may be run to determine deviation in the environment from the documented/agreed benchmark. Common tools used in these assessments are configuration analysis kits and audit tools, although a manual review of configuration is always performed. The assessment can be performed as part of other BestIT services. For example, the security assessment can be a component of a more comprehensive operational review and testing such as load testing to include Denial of Service resiliency, high availability, or as part of system acceptance, or included as part of a Compliance Readiness Gap or Internal Governance assessment. The Architecture Assessment concludes with a report that provides an executive summary of high level “roll-up” findings, an overview of the methodology and tools employed during the assessment, detailed technical findings with recommendations for remediation, and a report on any deviations of benchmark standards within the environment.

INTERNAL GOVERNANCE

Internal governance is an important aspect of understanding the security risks that exist within your company. Each organization should have policies in place to help
minimize the risk of a major security incident. Employee negligence or malicious insiders are often the source of security breaches for companies. Your company should have
these elements in place to reduce the risk:

Security Policy
Security Baseline Standards
Security Process and Procedures

Internal Governance Assessments provide a third-party validation that organizational specified security requirements are being met and that the environment reflects
documented security baselines. The effort includes examination of security policies, baseline/benchmark standards, process and procedures, diagramsand configurations.
Testing is done using automated tool kits, performing interviews with key staff, and observing the environment. The primary objective is to develop an understanding of the
organization’s expected security controls effectiveness and match that expectation to the real state within the scope environment. The service is offered as both a stand-alone
assessment or can be incorporated into a more comprehensive assessment solution with any or all of the other assessment offerings.

The Internal Governance Assessment follows the same approach, processes and utilizes the same tools as the Compliance Readiness Gap assessment. The deliverables are
also identical although the both the scope and the benchmarks would, of course, differ.

INTERNAL COMPANY SECURITY RISKS

One of the best ways to prevent security breaches and risk exposures to adopt a proactive stance. BestIT’s Technology Risk Management services offer solutions to assist organizations concerned about the security of their data and technology assets. Our services offer full design of information security and technology risk management departments and can assists organizations that lack a centralized security program by building fully operational departments. Services are also offered for the organization looking to enhance functionality and strengthen an existing department by focusing on specific core security/risk management pillars, including risk mitigation.

To ensure that mitigation decisions are not made in a silo environment, we design and assist organizations implement risk mitigation strategies to enable organizations to identify mitigation criteria, adequately identify acceptance and mitigation criteria, and effectively communicate and track decision results and how they apply against current organizational governance. Internal governance forms another crucial pillar for exposure prevention. More than just a set of documented polices, standards and procedures, BestIT offers skilled professionals to offer unique customization of best practices to fit your environment and organization and ensure that your security controls evolve with your technology investment and business objectives.

Whether we are designing a security department from “scratch,” enhancing an existing program, designing an accountability model, exception lifecycle, or updating security policy, the approach follows identical process and phases. Starting with a clear business objective and measurable goals, a plan is proposed and executed against. The primary objective is completion of the project, maximized knowledge transfer and client satisfaction. Data gathering is main component for the success and as such, all identified stakeholders will be included in requirements gather as well as documented current state versus desired state. Stakeholders remain involved throughout the project.

Once a design is built, it is proposed and reviewed with the sponsor and the stakeholders for acceptance. At each milestone of build out, acceptance reviews are conducted to ensure collaboration which strengthens the resiliency of the final solution. Finally, immersion of the solution within the organization concludes as education and training completes and the design is fully functioning outside of a testing mode. Periodic “checkups” can be included as part of the overall solution with recommendations and/or suggestions for adjustments to continue to build the program effectiveness.

What We Cover:

Design Information Security Program
Strategic Risk Mitigation
Internal Governance

SECURITY INCIDENT RESPONSE

BestIT’s Security Incident Response is an ad hoc service available to a customer when they detect or believe a security breach or some other compromising event has occurred that threatens the business. Incidents can range from the untimely exit of a senior business leader with intellectual property, sexual harassment, internal corporate policy violations, misuse or abuse of system access or privileges, fraud, espionage, or external hackers attempting to hold the company’s data hostage or otherwise attempting to interfere with the company’s business operations.

Security breaches always have a significant negative impact on the business. In rapid response, BestIT immediately assigns qualified and experienced professionals, including resources with both security incident handling and intrusion testing backgrounds, to assist your company with responding to the breach, containing the attack. Our comprehensive service offers both onsite and remote support with immediate guidance, identifies the extent of the breach, the significance of the risk, achieves containment, investigates possible leads and gathers
evidence. In addition, if the breach resulted from a vulnerability that is w ide spread within the environment, ourteam will build and can assist with execution of urgent remediation to prevent follow-on attacks, assist with contingent planning, and document the response and communication and final incident post mortem with reporting.

In addition to security incident handling, our experts can work with an organizations leadership and/or Human Resources to provide internal investigations ranging from misuse of technology resources, policy violations, regulatory infractions, harassment, fraud and other internal issues where evidence is requested prior to action. Investigations are always handled discretely.

The Three Sub-Types of Security Incident Response

Response and Containment
Forensics
Recovery

OUR RESPONSE & CONTAINMENT PROCESS

BestIT’s highly experienced, certified, and consultative experts work with your business to respond to the incident by determining appropriate response approach. This may include rapid deployment of a response team to your location, immediately setting up a communication plan, implementing a command and coordination center for the duration of the response effort, issuance and coordination of containment tasks, determination of the appropriate level of involvement of Law Enforcement Agencies, identifying applicable notification laws and assisting company leadership in understanding them, and regulatory reporting issues and documentation of the response process. Response and containment activities can include rapid remediation of security exposures to prevent follow-on attacks.

Although the notion that you can prevent a natural disaster such as a hurricane from hitting your corporate facility head-on may seem out of the realm of possibility (and unfortunately, it is) preventing it from becoming a business disaster is within your control.

Read Our Case Studies

We continue to successfully deliver value to our clients through our extensive experience.

Read our case studies below as examples of our proven track record.

The Road to Enhanced Security Confidence

A federal credit union was concerned about its vulnerability level toward sophisticated hacking attempts.

Briefing
A federal credit union was concerned about a its risk level from a memo that it received about a rise in the amount of denial of service attacks (DDoS) happening to financial instutitions. BestIT was called in to help them identify all of the gaps in their security and provide a plan to seal them.

FULL CASE STUDY (.PDF)

Developing a Playbook to Keep Systems Secure

A government hospital worked with BestIT to fill the gaps in their IT security.

Briefing
A major county hospital was overdue for vulnerability testing of their IT security infrastructure. They thought that they had the latest security parameters in place to protect patient data from any form of security breaches. The BestIT security team discovered and exploited major vulnerabilities in their network. A plan was put in place to seal them and strengthen their security.

FULL CASE STUDY (.PDF)

Operations Down: Solving a Security Breach

A medical device supply company suffered a major security breach that shut down operations. BestIT solved it.

Briefing
Computers at a medical device supply company were infected with a worm that caused operations to completey shutdown temporarily. BestIT immediately responded to the breach and flew the security SWAT team to the company take care of the situation and reinstate business operations.

FULL CASE STUDY (.PDF)

Filling the Gaps to Protect Intellectual Property

An engineering firm was concerned that relaxed information security defenses might have paved the way for the leakage of its trade secrets

Briefing
The engineering firm manufactures industrial mining equipment to shake through ore and help mining operators reclaim waste. After an audit,the executive leadership team noticed a flood of similar mining equipment in the market being offered by competitors. They needed to test the security parameters around IT to see if there was the possibility of trade secret leakage.

FULL CASE STUDY (.PDF)

By partnering with BestIT to manage your IT security infrastructure, you get the most powerful, responsive and reliable service support at your fingertips.

We look forward to assisting you with your Security Service needs. Please contact us to setup an initial free consultation.

Security Services

DISASTER PREVENTION IS PEACE OF MIND

WE SOLVE SECURITY BREACHES

IDENTIFY SECURITY RISKS

WE PREVENT DISASTERS

INTERNAL COMPANY SECURITY RISKS

Read BestIT’s
"Security-As-A-Service"

VULNERABILITY ASSESSMENT

INTRUSION TESTING

What You Should Know

Intrusion tests aren’t just about finding a security hole. It’s about testing effectiveness of the controls to stop an intruder at multiple layers.

Many so-called intrusion vendors only run automated tools, which leads to poor and inaccurate results.

Regulatory standards require an annual intrustion test, however most organizations should consider more frequent testing.

Time is everything when considering how long you want a test to take. Remember, cyber criminals have all the time they want and will strike at your worst moment.

Our intrusion experts are highly trained and knowledgeable in exploit methodology and attack vectors.

Intrusion tests can be a great training exercise for your security incident response program.

ARCHITECTURE ASSESSMENT

Network

Physical

Application

Data

System

INTERNAL GOVERNANCE

INTERNAL COMPANY SECURITY RISKS

SECURITY INCIDENT RESPONSE

OUR RESPONSE & CONTAINMENT PROCESS

Read BestIT’s
Security Overview

Read BestIT’s
"Identify Security Risks"

Read BestIT’s
"Prevent A Disaster"

Read BestIT’s
"Solve Security Breaches"

Read Our Case Studies

The Road to Enhanced Security Confidence

Developing a Playbook to Keep Systems Secure

Operations Down: Solving a Security Breach

Filling the Gaps to Protect Intellectual Property

RESOURCE LINKS

BESTIT PROCESS

CORE SERVICES