Managed Database Security
Securing databases depends on having the right tools and the right ‘surveillance systems’.
We assess your current database security and, if needed, design, implement and manage more effective solutions.
Through continuous monitoring, we ‘catch’ both external attackers and ‘bad actors’ inside your organization – so you can fulfil your legal obligations and protect data assets.
1 – Identify
Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
2 – Protect
Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services
3 – Detect
Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
4 – Respond
Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
Gain control over your data by monitoring and regulating how employees use and transfer data via common channels.
- Gain control over your data by monitoring and regulating how employees use and transfer data via common channels, such as email, IM, printing, and USB drives—both in and away from the office.
- Stop data loss initiated by sophisticated malware that hijacks sensitive and personal information.
- Secure data when it’s stored on desktops, laptops, tablets, and in the cloud.
- Manage Apple FileVault and Microsoft BitLocker native encryption on endpoints directly from McAfee ePO software.
- Communicate with and take control of your endpoints at the hardware level, whether they are powered off, disabled, or encrypted, to halt deskside visits and endless help desk calls due to security incidents, outbreaks, or forgotten encryption passwords.
- Prove compliance with advanced reporting and auditing capabilities; monitor events and generate detailed reports that show auditors and other stakeholders your compliance with internal and regulatory privacy requirements.
All about endpoint encryption. Consists of:
- Enterprise-Grade Drive Encryption
- Removable Media, File and Folder, and Cloud Storage Encryption (FRP)
- Management of Native Enctyption (MNE) – management of BtLocker (Windows) or FileVault (OS X) encryption, including reporting, managed within ePO.
These are separate products on the tech side.
Varies per product, see data sheets.
Data Security describes how your business protects it’s Intellectual Property or “Crown Jewels”.
The service would typically involve full or part-time management of some or all of the following technologies:
- Browser Control
- Endpoint Encryption
- Host Based Intrusion Prevention
- Database Security
- Host-based Data Loss/Leakage Prevention (DLP)
- Cloud Application Controls & BYOD
Data Security describes how your business protects it’s Intellectual Property or “Crown Jewels”. Data Security is achieved by combining various technologies at specific points on a network and configuring these to work together according to security best practice. Every company’s network will differ slightly from others, so it is important to architect the solution before implementing it. We provide a full service from consulting, gap analysis, architecture & design, implementation and management.
Remote Managed Services imply the virtual presence of our people on your premises. Our staff work remotely either as technical consultants or subject matter experts, or may perform specific operational security tasks for your company, depending on your requirements and the type of service you require. Our Remote Managed Cyber Security Service options are:
- Retainers, where a fixed amount of hours are purchased, bundled with an SLA for a guaranteed response.
- Full Outsource Where you fully outsource one or more of your security functions to us. We take full responsibility for the function from end to end, (this can include design, implementation, which would take place on site. Once implementation has been completed, we will remotely perform the daily management of the platform and / or the chosen solutions. This would typically include reporting, escalation, troubleshooting and upgrading.
- Partial Outsource Where you partially outsource one or more of your security functions to us. We take partial responsibility for the function, and this work takes place remotely. This can include aspects of design, implementation, management of a platform or solution, reporting, escalation, troubleshooting and upgrading.
Our Managed Cyber Security Services can be tailored according to your exact needs and budget. We do not subscribe to a one size fits all approach. We have developed and refined an agile framework which focuses on the successful delivery and implementation of affordable security services to all sectors of the market. Customers who adopt our framework through our managed security services make noticeable progress towards a more mature security posture in very short timeframes. This is borne out in vastly improved coverage, policies, detection rates, correlation, deduplication, escalation processes, analysis, incident response and forensic capability, reporting and visibility.
We offer complete design, implementation, and customisation support for access-rights management systems and data leakage prevention solutions. This provides valuable information used for detecting unauthorised access events and any possible data leakages
Cognosec can assist you while implementing the correct architecture to protect your data.
Typically a software or hardware solution that is installed at network egress points near the perimeter. It analyzes network traffic to detect sensitive data that is being sent in violation of information security policies.
Such systems run on end-user workstations or servers in the organization. Like network-based systems, endpoint-based can address internal as well as external communications, and can therefore be used to control information flow between groups or types of users.
DLP solutions include a number of techniques for identifying confidential or sensitive information. Sometimes confused with discovery, data identification is a process by which organizations use a DLP technology to determine what to look for (in motion, at rest, or in use).
Data leakage detection
Sometimes a data distributor gives sensitive data to a set of third parties. Some time later, some of the data is found in an unauthorized place (e.g., on the web or on a user’s laptop). The distributor must then investigate if data leaked from one or more of the third parties, or if it was independently gathered by other means.
“Data at rest”” specifically refers to old archived information that is stored on either a client PC hard drive, on a network storage drive or remote file server, or even data stored on a backup system, such as a tape or CD media. This information is of great concern to businesses and government institutions simply because the longer data is left unused in storage, the more likely it might be retrieved by unauthorized individuals outside the Network. In order to protect this phase of data, systems use methods such as access control and data encryption.
“Data in use” refers to active data stored in databases that the user is currently interacting with. DLP systems that protect data in-use may monitor and flag certain unauthorized activities.
“Data in motion” is data that is currently traversing through a network to an endpoint destination. These networks can be internal or external. DLP systems that protect data in-motion monitor sensitive data that is being sent over a network through various communication channels such as email or IM
The protection of sensitive data such as passwords, payment information, financial data, or intellectual property needs to a priority for organisations. With the establishment of security regulations such as the PCI DSS, HIPAA, and the EU Data Protection Directive, systems can be brought to a high standard of security, but the sheer number of threats targeting vital systems is dramatically increasing, so efforts towards protecting data should as well. Security breaches resulting in leaked data can become very costly to an organisation and to it’s clients should attackers get ahold of sensitive data. Cognosec can perform an assessment on the IT-infrastructure handling the data and can ensure that your sensitive data is properly managed . We offer complete design, implementation, and customisation support for access-rights management systems and data leakage prevention solutions. This provides valuable information used for detecting unauthorised access events and any possible data leakages
The term data protection is used to describe both operational backup of data and disaster recovery/business continuity (BC/DR). A data protection strategy should include data lifecycle management (DLM), a process that automates the movement of critical data to online and offline storage and information lifecycle management (ILM), a comprehensive strategy for valuing, cataloging and protecting information assets from application/user errors, malware/virus attacks, machine failure or facility outages/disruptions.