Vulnerability management, stop it before it happens.
Computer security, also known as cyber security is the protection of computer systems from theft or damage to their hardware, software or information, as well as from disruption of the services that they provide. Cyber security includes controlling all access to the hardware whilst protecting against harm that can come from network access, data and code injection. Also, due to user error by operators, albeit intentional, accidental, IT security is open to being tricked away from secure protocols through many methods.
So what can Avon IT do to protect your business from the dangers lurking out there?
We manage User accounts. This may seem incredibly obviouss though suprisingly many companies have very poorly configured Active directory or LDAP servers.
We can monitor system access. (AC) as it is commonly known is the mechanism of setting restrictions on data or resources such as shared company folders, commonly understood as permissions. Again it may seem obviouss but how many logins do you think are username / 1234?, it's a lot...
We can install and manage firewalls. By far the most common prevention systems from a network security perspective as they, can when properly configured shield access to internal network services, and block certain kinds of attacks with packet filtering.
We offer bespoke intrusion detection systems. IDS systems are designed to monitor and protect your network in real time as an attack occurs they respond accordingly either by blocking the attack or filtering out the malicious data live as it hits your infrastructure whilst safely capturing and logging the attack allowing for analysis later.
We can implement vulnerability management. This is the process of identifying, remediating or mitigating vulnerabilities especially in software and firmware, vulnerability management is essential to ensure computer security.
We offer remote penetration testing services. Avon IT offers this as a security audit service. We can safely run the most common attacks against your infrastructure highlighting any potential weaknesses, then provide you with the solutions.
Reduce the risks to your business today
We offer two factor authentication. This is used to mitigate unauthorized access to you computers or information. It requires a password or PIN, and a card, dongle, mobile phone, or other piece of hardware. This increases security as an unauthorized person needs both of these for access
Data encryption technologies. This process encodes data in such a way that only authorized parties can access it, encryption itself cannot protect against data theft but it does ensure if your data is stolen it cannot be accessed,
We offer security best practice training. We seek to prevent social engineering and other fraudulent tricks or traps by training users on persuasion tactics through exposure classes.
We offer drive locking solutions. Essentially this process secures the entire hard disk be it an internal or an external disk protecting every byte of data incase of theft.
Further reading - vulnerabilities and attacks
A vulnerability is a weakness in design, implementation, operation or internal control. As they are discovered many vulnerabilities are documented in the Common Vulnerabilities and Exposures (CVE) database. An exploitable vulnerability is one for which at least one working attack or "exploit" exists.Vulnerabilities are often hunted or exploited with the aid of automated tools. To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can typically be classified into one of the categories below
A backdoor in a computer system, a cryptosystem or an algorithm, is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor configuration. They may have been added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons; but regardless of the motives for their existence, they create a vulnerability.
Denial of service attacks (DoS) are designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once. While a network attack from a single IP address can be blocked by adding a new firewall rule, many forms of Distributed denial of service (DDoS) attacks are possible, where the attack comes from a large number of points and defending is much more difficult. Such attacks can originate from the zombie computers of a botnet, but a range of other techniques are possible including reflection and amplification attacks, where innocent systems are fooled into sending traffic to the victim.Direct access attacks occur when an unauthorized user gains physical access to a computer most likely to directly copy data from it. They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice. Even when the system is protected by standard security measures, these may be able to be by-passed by booting another operating system or tool from a CD-ROM or other bootable media. Disk encryption and Trusted Platform Module are designed to prevent these attacks.
Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. For instance, programs such as Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks.
Spoofing in general, is the fraudulent or malicious practice in which communication is disguised as a source known to the receiver. Spoofing is most prevalent in communication mechanisms that lack a high level of security.
Tampering describes a malicious modification of products. So called Evil Maid attacks and security services planting of surveillance capability into routers are examples.
Privilege escalation describes a situation where an attacker with some level of restricted access is able to, without authorization, elevate their privileges or access level. For example, a standard computer user may be able to fool the system into giving them access to restricted data; or even to become root and have full unrestricted access to a system.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details directly from users. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Preying on a victim's trust, phishing can be classified as a form of social engineering.Clickjacking also known as UI redress attack or User Interface redress attack, is a malicious technique in which an attacker tricks a user into clicking on a button or link on another webpage while the user intended to click on the top level page. This is done using multiple transparent or opaque layers. The attacker is basically "hijacking" the clicks meant for the top level page and routing them to some other irrelevant page, most likely owned by someone else. A similar technique can be used to hijack keystrokes. Carefully drafting a combination of stylesheets, iframes, buttons and text boxes, a user can be led into believing that they are typing the password or other information on some authentic webpage while it is being channeled into an invisible frame controlled by the attacker.
Social engineering aims to convince a user to disclose secrets such as passwords, card numbers, etc. by, for example, impersonating a bank, a contractor, or a customer. A common scam involves fake company emails sent to accounting and finance departments. In early 2016, UK pokice reported that the scam has cost UK businesses more than 2bn in about two years.