layered security

 

In this diagram, it’s specified how SOS Support works, as well as all the processes of our work, and our intention with this is that clients could get our MSP agreement, so they’ll be informed

Minimum Standards:

  • Business Grade Managed Antivirus
  • Patches installed within 7 days, Servers within 30 days
  • Non-critical and 3rd party OS and Device patches installed within 30 days
  • Critical Firmware/Driver updates installed within 7 days
  • Business Grade Unified Threat Managed Firewall providing Content Filter, AV, AM, Intrusion Prevention
  • Critical data backed up daily, tested quarterly at a minimum
  • All systems storing sensitive data must be wiped to ISO-27001 standards upon decommission
  • All portable devices storing sensitive data must use disk encryption technologies
  • All USB/CD/DVD’s containing sensitive information must be encrypted

Additional Standards:

  • All systems not behind the Business Managed Firewall must have Anti-Breach/Anti-Intrusion software
  • All networked computers to have real-time Suspicious login detection, Automated daily investigations and remediations, and PII/PHI detection.
  • All shared files/folders must be in a security-driven solution such as Windows Server File Server, Datto Workplace, or equivalent.
  • All email accounts must have 2-Factor Authentication enforced (2FA)
  • All industry-specific SaaS software (internet-based production systems) must have 2FA enforced
  • Email providers must match compliance requirements. We have found Microsoft 365 and Gsuite to be the only reliable reputable services to standardize upon.
  • Security Awareness Training campaigns to be actively deployed to train employees and users on phishing attacks
  • All endpoints are monitored by a 24/7 solution that monitors resources: CPU, Storage, Memory utilization
  • Production Server’s to be pro-actively managed in a plan with at least once/month of after-hours maintenance (preferably twice)
  • Enhanced Network Monitoring to be enabled on all networks with over 50 devices
  • Email Encryption Services with Enterprise SPAM filtering

 

Service Provider Terms & Conditions Privacy Notice
Antivirus Huntress Labs Multi-Layered https://www.huntress.com/platform/managed-antivirus https://www.huntress.com/privacy-policy
Backup & Recovery Datto https://www.datto.com/legal/content-owner-terms datto.com/legal/privacy-policy
Backup & Recovery Microsoft 365 Datto https://www.backupify.com/backupify-terms-of-use
DNS Filter TitanDNS https://www.titanhq.com/about/terms-conditions/ webtitan.com/privacy-statement/
Darkweb Scanning Darkweb ID Coming Soon
Documentation ITGlue itglue.com/terms/
Managed Detection & Response (MDR) Huntress https://huntress.io/terms_of_service.html https://huntress.io/privacy.html
EDR (Antivirus / Malware) Datto EDR https://www.datto.com/products/datto-edr/
EDR (Antivirus / Malware) Rocket Cyber https://edr.datto.com/help/Content/4-respond/rocketcyber-integration.html
Helpdesk Ticketing Datto https://www.autotask.com/assets/terms/2016/03/autotask.htm https://www.datto.com/legal/privacy-policy
Remote Monitoring & Management (RMM) Datto Coming Soon https://www.datto.com/legal/privacy-policy
Privileged Access Management (PAM) ZeroTrust Threat Locker
Office 365 Microsoft Coming Soon
Network Management Auvik https://www.auvik.com/terms/
Multi-Factor Authentication DUO https://duo.com/legal/terms
Workplace/Gsuite Google https://workspace.google.com/terms/user_features.html
Spam Filtering Proofpoint https://www.proofpoint.com/us/legal/license
Spam Filtering Barracuda https://www.barracuda.com/company/legal/terms-and-conditions
Spam Filtering Datto SaaS Defense https://helpdesk.kaseya.com/hc/en-gb
Password Management MyGlue https://www.itglue.com/myglue/