Your Virtual Chief Security Officer (vCSO)

Cyber Security should not be scary.  You don’t have to go alone.  VanBo would love the opportunity to help you as your virtual Chief Security Officer. 

If we do the basics, we can improve the confidentiality, integrity, and availability of your data giving confidence to your partners, customers and customers to be.

We start with a standardized proven approach and then customize it to your business:

Employee Training – We start with Cyber Security training as the cornerstone to security.  Hackers are lazy, they are not sophisticated like popular culture dictates, they want to do the least amount of work for the most money possible. They go after those that are easy targets. Let us help you not be an easy target. Our focus is Cyber Security Training for your company.  Untrained employees can cost you your business.  Besides Cyber Security Training we also offer other training to keep your business in business. We offer HIPAA training if you deal with Patient Health Information (PHI), GDPR training if you work in Europe or have European customers, PCI training if you take credit cards (It’s part of your contract), and sexual harassment prevention training if you work in one of the 37 states that have sexual harassment prevention training laws or the 5 new states that are implementing them soon.

Secure email Email is the most vulnerable of all business systems. Secure it.  Are you still using a consumer grade email system?  Switch to something that will better protect the business you’ve built. Avoid e-mail systems that are not approved to store, process, or transmit personal information.  This includes most free and consumer grade email systems.  These companies invest in protecting their business clients first.

Secure website – VanBo conducted a study of over 450 businesses and found that less than 60% had any website security.  Basic security of a website can be surprisingly affordable. There are a few simple things that can be implemented to stop over 50% of attacks. Not encrypting your website can scare and confuse customers.  We have a Website Security Analysis program that includes Encryption, Vulnerability Study, and Next Steps.

Update, patch and monitor your resources – Active monitoring of desktops and servers can prevent and catch problems quicker. The faster an issue is stopped, the less costly it tends to be to resolve. Keep an eye on your equipment so you don’t have to.  Anti-virus and Virus-Malware tools to keep you safe from attacks. & 24/7/365 status monitoring and protection for peace of mind

Provide offsite backups of any important data – Can you recover from ransomware?  You must treat it like a Disaster Recovery situation (because it is).  Even if you pay off the attackers (which puts you on the list of those that pay) can you trust the software has been removed? A strong backup is the key to recovery.  In the event a problem does occur, a strong backup can be the difference between a quick recovery and never recovering.  We provide an offsite backup service to give you that edge.

Other Items to Consider:

Encryption – Critical information should be encrypted.  That includes encrypting the hardware that the information resides on and encrypting the transfer of information between computers when possible and cost effective.

Password Policy – Do you have a password policy?  Is it documented? Do your employees know what it is and what is expected of them?

2FA (Two Factor Authentication) – This is important for your cloud services that, at a minimum, your administrators have two factor authentication enabled.

Disclaimers – Do you have privacy disclaimers where appropriate?  Do your employees and other know how they can use the information?

Policy and Procedures – Do you have policies for your employees?  Do they know the procedures?  Do you review them regularly?  

Wireless Network Testing – Do you have a wireless network?  Is your guest network separate?  Have you tested your wireless network for vulnerabilities?

Remediation – Now that you know you have issues, now what?  We will work with your IT to help remediate the issues or do the remediation on your behalf if you do not have the staff to do it.

 

Tools and Partners

VanBo utilizes some of the best tools in the world for analysis and remediation including:

Kali Linux Security Tools

We are Microsoft Partners with focus on Azure, Active Directory, Backup.

Microsoft Partners

We partner with UltraScary for our deep security going further than the average organization goes.

All logos and trademarks are property of their respective organizations