A security breach can have a massive impact personally, financially and reputationally – on any organisation of any size.
Cyber Security is now one of the largest threats to modern businesses, yet it is often the least understood. This can lead to over-selling and exploitation.
Security is central to everything we do at Smartdesc, and we focus on being proactive by implementing robust and transparent controls to manage the ever-increasing number of cyber threats.
The Smartdesc Secure suite is a holistic package that covers all key aspects of IT security – not just anti-virus. It is available at a fixed monthly cost, that enables budgets to be controlled and costs capped.
Smartdesc Secure consists of;
- Managed Security
- IT Security Training
- Information Governance
- Data Protection
The fully managed suite protects IT networks at several levels:
- Training / Staff awareness
- Security Policy and Procedures
- Externally via Penetration Tests
- Internally via Vulnerability Scans
- Email Level spam protection
- Server Level threat protection
- Device Level virus protection
- Security Patches kept up to date
It is more than just a set of tools; it contains proactive processes such as threat management to respond to current trends and attacks, training, and governance frameworks to help align to legislation such as the DPA and GDPR.
Processes & Controls designed to protect systems
Audit and Risk Register: a ground up gap analysis of security loopholes, output into a bespoke, prioritized Risk Register
Compromised Accounts Check – scans user accounts daily against a vast public database to check for exposure of credentials on the internet.
Managed AntiVirus & Endpoint Protection: actively monitors systems and files to prevent malware and viruses. Checked daily by our Network Operations Centre (NOC) team.
Email Protection – an industry leading platform for spam email protection that stops infected emails (the biggest source of virus infections) before they arrive.
Threat Management – A pro-active service where Smartdesc monitors the ever-evolving Security landscape and sends user communications or recommendations to mitigate the likelihood of our customers being affected by a new threat.
Security & Patching: monitors PCs, Laptops and Servers for unusual activity, missing Security Updates (patches) and 3rd party application security compliance
Network Penetration Tests: bi-annual tests to spot gaps in your internal network and flag any potential weaknesses, with support on tightening up the configuration.
Website Protection: attempts to gain access to your network from the outside, reporting on holes to close. Plus optional protection for your public website against attack.
Information Governance and Security Policies – process flows and baseline documents to help your organisation align to best practice and legal requirements such as the Data Protection Act and GDPR.
IT Security Training & Compliance: Security Awareness training for you staff, and compliance checks to ensure all staff have read and understood mandatory policies.
CyberEssentials: readiness assessment to help your organization achieve certification.