our approach
Security Resiliency Matrix
Most security risk encountered by Vancord with its customers can be managed through simple, common-sense practices built atop a strong foundation. The Vancord security roadmap presented below is based on this notion. Many customers likely require only a small subset of these activities, while some with greater exposure and obligations warrant more comprehensive effort.
Customized Cybersecurity Solutions Tailored for Your Unique Protection Needs
Vancord strives to understand the specific business and risk tolerance of every customer, and its recommendations are tailored to those characteristics. Organizations differ and the rigor required to protect them do, too. Businesses with health data or government contracts have different requirements compared to educational institutions and non-profits. Through collaborative discussions, Vancord identifies the needs of every customer to find a best fit.
Many businesses are tired of expensive security protections that fail to deliver despite being advertised as a silver bullet. Our goal is to measure risk through observation to provide guidance, achieving and maintaining a secure environment, and to craft appropriate solutions for likely threats.
Security Resiliency Matrix
- First Steps
- Security Fundamentals
Vulnerability
Management
Network
Security
Log Collection
& Review
Data & Asset
Inventory
Identity & Access Management
Data
Protection
Security
Awareness & Training
Policy & Incident Management
Fundamental
Vulnerability Assessment Measure risk by identifying vulnerabilities with an assessment and develop a plan to fix identified problems. Vulnerabilities are published by vendors and are frequently utilized by attackers as an easy target to exploit, so proactive effort to reduce exposure will improve resilience to attack. Patching Patch management is the lynchpin of any fundamental security program, just like regular vehicle maintenance. Out of date systems are appealing to attackers as an easy target to exploit. At a minimum, set up automatic patch updates.
Local Server Firewalls Last mile protection against network threats which slipped past perimeter defenses is provided by a local server firewall, also known as a host-based firewall. A crucial element of layered defense, should be deployed as a complement to perimeter or server network firewalls. Secure Wireless Wireless networks are more difficult to secure than a wired equivalent. Without strong protections, an unauthorized user can siphon sensitive data from a distance or break access passwords. Even small companies can achieve secure wireless at low or no cost. Perimeter Firewalls Defend against network attacks originating from the Internet at large.
Remote Access Multi-Factor Authentication (MFA) MFA protects users and systems - even if a password has been stolen - by granting access using information that a user knows or posesses. Endpoint Management Effort required to protect systems is reduced when consistent settings are ensured across all workstations and servers. Data Inventory Data is king. Business runs on it and cyberattackers want it. Document where it is stored or used so steps can be taken to protect it. Password
Manager Use a password manager to store passwords. Maximize password security with simple rules: never write a password down, avoid reliance on memory, do not reuse old passwords, and avoid formulas.
Manager Use a password manager to store passwords. Maximize password security with simple rules: never write a password down, avoid reliance on memory, do not reuse old passwords, and avoid formulas.
Email & Phishing Defense Deflects attempts at fraud and impersonation by preventing emails that seek sensitive information and/or are sent from unauthorized locations. Antivirus Basic malware and virus defense is now available from operating system vendors, often at no cost. Simple Local Backups Data is critical to business revenue and operation: be sure to back it up periodically. Even a manual backup that occurs weekly and is stored on a USB drive provides a modicum of protection.
Know Compliance Requirements Don't risk fines or worse for non-compliance. Many of the fundamental controls can deployed to aid in meeting compliance requirements. Written Information Security Plan Procedures and processes established in support of a written information security policy ensure regular, repeatable, and measurable progress toward a secure environment. Written Information Security Policy A written security policy establishes a framework for IT security activity and obligations of every individual to protect the organization. Such policies are required by law in many states. Incident Response Plan A basic plan that describes roles, reponsibilities, and actions during a security event will improve response times and success.
Enhance and Enforce
Network Segmentation Network divisions erected between systems (like user workstations from servers, or visitors from employees) provide opportunities for targeted monitoring and narrowly specific security policy. These barriers also slow down attackers attempting to move through the network. Guest Wireless Dedicated networks for guest users and devices ensure that such entities are unable to reach sensitive data and systems.
Security Leadership Leadership provides essential guidance during security incidents, strategy to govern spending and organizational focus, and bolsters organizational reputation. Cyberliability Insurance Cyberliability insurance policies provide a guard against the financial strain of a protracted, severe security incident. Insurers also provide access to supplemental tools and partners for assistance during and after such events.
Validate and Sustain
Security Maturity Assessment Self-aware organizations rank their maturity relative to industry benchmarks to help set future goals, identify initiatives, and discover gaps. IT Risk Management Formalized tracking and documentation of risk enables an organization to make data-driven decisions about weaknesses and threats. A framework should include risk acceptance criteria to govern how some concerns are deferred or retained without resolution. Penetration Testing Simulated attacks uncover unseen gaps in defenses and validate vulnerability management practices. Mounted against servers, applications, and the human element, these tests mimic the tactics of real attackers.
Advanced Firewalling to inspect application activity, identify anomalies, and prevent threats before they enter the network, advanced firewall features can be employed to grow beyond simple firewall policies that control network traffic. Web Application Firewall (WAF) Web applications are targeted in unique ways that differ from servers and other equipment. A WAF is intended to intercept and deflect attacks before they reach vulnerable web applications. Activity Correlation Engine
Security Awareness Training Role-specific security awareness training demonstrates threats tailored to specific employees and identifies specific steps to avoid becoming a victim of attack. This training augments self-driven security awareness training, in-person education, and phishing drills. Red/Purple team incident exercises This practice tests real-world actions of IT staff to detect and defend against simulated attackers who are active within the IT environment. Unlike a penetration test, this activity measures ability to discover attacks as they happen.
