IT Security

Cyber Security is critical to your company’s safety, and we don’t take it lightly. Our Team of engineers go through security training. Security is not just a good password; it has entry points everywhere. Services, unsecured applications, Firewall configurations, users with too much access. The list is extensive.

Advanced Security Categories

Backups

Accounts

Patches

Firewalls

Antivirus

Surveillance

Education

M365

Encryption

Penetration Test-Reasoning / Methodology

Do you know WHY users are your biggest cybersecurity threat?

Because studies show that 91% of ALL cyberattacks start with a phishing email. This puts the hacker right inside your organization.

Our team uses a proprietary (patent pending) process to go beyond phishing training and find out what a hacker can gain access to when someone in your organization is phished.

Internal Testing

Considering over 90% of cyberattacks begin with a phishing email and over 19.8% of employees click phishing email links, our team focuses on what the attacker will gain access to if a normal user were to click a link.

We target employees who are the most likely to be phished. These employees also happen to be the ones who have the most to lose: CEOs, CFOs, Directors, HR and sales team members.

Why are they more likely to be phished in the first place?

They are often communicating with people outside your organization AND they process many more emails than others.

External Testing

What about the other 9% of attacks, how do they get started?

Hackers build sophisticated automation that is constantly scanning the internet looking for vulnerabilities. They use these vulnerabilities to get into networks. Galactic Advisors uses some of the same tactics to outline the perimeter of your organization, look for exposed services, find vulnerabilities, and attempt to exploit them

The following report contains evidence of our findings, remediation steps, as well as descriptions of the risks associated with them. Hackers are constantly coming up with new attack chains and vulnerabilities. These new methods need to be evaluated and remediated often. Best practice includes regular ongoing security assessments to identify and respond to these new threats.

Training

Train employees to recognize Phishing Attempts

Stop employees from rolling out the red carpet for hackers

Sandra Network provides in depth Testing of all aspects of your network, and then works with you to remediate the findings.

Backups

  • Ensuring your data is secure is part of any Advanced Security Plan, but do you know the difference in backups and restore times?
  • Image based backup vs File Based backup?
  • Is your Cloud based Office 365 or G-Suite backup covered?
  • If you get hit with Ransomware, you will want to know the difference to ensure you are up and running as soon as possible.

IT Security Policy Checklist

Acceptable Use Policy

Incident Response Policy

Security Awareness Policy

Password Policy

Backup and Disaster Recovery Policy

3rd Party Access Policy

Data Confidentiality Policy

Business Continuity Plan

I don’t know if we have any of these

Mobile Device Policy

Remote Access Policy

User Termination Policy

Bring Your Own Device Policy

IT Asset Disposal Policy

Removeable Media Policy (USB Drives/Sticks)

To commit to protecting your network