Cyber Security For Small & Medium Businesses
Professional Cyber Security Services For Small & Medium Businesses (SMBs)
ACS Office Solutions uses the latest cutting-edge cyber security technology to protect small and medium businesses, and larger corporate organisations, from cyber attacks. With one comprehensive cloud-native platform, we defend companies and organisations by using artificial intelligence and computer vision to monitor systems for suspicious activity. In partnership with SKOUT Cyber Security, ACS offers your business 24x7x365 monitoring and increased visibility into your network, and our next-generation tech, including our fully managed SIEM and AI analytics platform, can even help you prepare for zero-day cyber attacks.
In the event of a potential security breach, our team will immediately alert you and take steps to protect your data at any time.
SKOUT Network Security Monitoring is a managed security product that provides network intrusion detection with a physical or virtual appliance. Suspected threats are correlated for AI-enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Detect potential threat activity on your network like command and control connections, denial of service attacks, data exfiltration and reconnaissance.
Key Features:
- Network Intrusion Detection
- SIEM Analysis
- AI Analytics Engine
- Self-service Reporting
- Physical or Virtual Appliance
- Supports key industry and regulatory compliance standards such as continuous monitoring and network monitoring
Command & Control Communication
Cross-site Scripting
DoS
FTP and Cloud Storage Exfiltration
SQL Injection
Cases:
- Denial of Service (DoS) attacks – Identifying unusual traffic from organization-owned devices, being leveraged to perform a denial of service attack.
- scripting attacks (XSS)
- SQL Injection- Identifying layer-7 network signatures indicating a SQL injection attack designed to exfiltrate data from vulnerable web applications
- FTP and cloud storage exfiltration – Monitoring network traffic over protocols that facilitate large data transfer and alerting when unusual quantities or file types are being transferred, or when the target is unknown or malicious.
- Command and control communication – Network Monitoring can correlate network traffic to discover malware communicating with external attackers. This is a sign of a compromised account.
SKOUT Office 365 Security Monitoring is a managed security product that monitors Office 365 activity using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center to identify threat-like behavior such as unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, and brute force attacks.
Key Features:
- SIEM Correlation & SOC Analysis
- Support for custom alerting and reports
- Visibility to login activity in the dashboard
- Detects potential threats of suspicious activity in Office 365
- Supports Industry & Regulatory Compliance requirements
Failed/ Unauthorized Access
Foreign Login
Impossible Login
Malicious Admin Changes
MFA Removed
Suspicious Email Forward
Unauthorized Delegate Access
Cases:
- Malicious Admin Changes- Track admin activity and changes to the O365 tenant
- Unauthorized Delegate Access- Track when emails delegates are added
- Foreign Login– Monitor geolocation access with IP location sourcing and login from suspicious or unusual countries
- Impossible Login- Detect logins from different geolocations within a short period of time
- Suspicious Email Forward- Alert when email forwarding rules have been created outside of the domain
- MFA removed- Detect changes to MFA
- Failed or unauthorized access – Detect failed or suspicious access attempt
SKOUT Log Security Monitoring is a managed security product that collects, aggregates, and normalizes log data from hundreds of sources for AI enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Identify threat-like behavior in your systems such as impossible logins, multi-factor bypass, coordinated attacks, and rogue agents.
Key Features:
- Hundreds of Support Integrations
- SIEM Analysis
- AI Analytics Engine
- Self-service Reporting
- Deployment of physical or virtual appliance for on-prem logs (like syslog)
- Supports key industry and regulatory compliance standards such as continuous monitoring and log retention
- ROI on existing investments – Merge data from your existing security tools with multiple sources to provide greater visibility and re-use existing investment
3rd Party Violation
Anamolous Privilege Escalation
Cloud Infrastructure Attack
Compromised User Credentials
Unauthorized Access
Multi Vector Attack
Cases:
- Unauthorized Access- Monitoring who is accessing devices and where they connect to, and alert when source or target is unknown or suspicious.
- Compromised User Credentials- Log Monitoring can use behavioral analysis to detect anomalous behavior by users, indicating a compromise. For example, logins at unusual hours or at unusual frequency.
- Anomalous Privilege Escalation – Log Monitoring can detect users changing or escalating privileges for critical systems.
- Third-party violations – Monitors activity by external vendors and partners who have access to organizational systems, to identify anomalous behavior or escalation of privileges.
- Multi-vector Attacks – Correlate data from multiple sources to get consolidated visibility of multiple attack
SKOUT Endpoint Protection is an endpoint-based malware detection and response (MDR) solution that detects and stops malicious files and processes (known as malware or ransomware) on Windows, Mac or Linux devices. Unlike traditional signature-based Anti-Virus, this product uses machine learning models to detect zero-day malware as well as known variants, fileless, script-based memory, and external device-based attacks. It is backed by the SKOUT Security Operations Center to continuously monitor for major infections and to identify infection sources.
Key Features:
- AI and behavioral-based
- Automated blocking
- Protection while offline
- Zero-Day Prevention
- Memory Exploitation Detection and Prevention
- Script and Fileless Malware Detection
- Easy deployment via SKOUT dashboard
- Visibility to all managed endpoints in SKOUT Dashboard
- Low memory and CPU footprint
- Supports a variety of operating systems including Windows XP
Email Payroll
Fileless Attack
Malicious Scripts
Ransomware
Remote Worker Attack
Zero-Day Prevention
Cases:
- Malware & Ransomware- Identifies and blocks malicious executables
- Malicious Scripts- Controls the way scripts execute to prevent attacks, including PowerShell.
- Fileless Attacks- Eliminating the ability for attackers to use fileless malware attack techniques on protected endpoints
- Email Payloads- Preventing malicious email attachments from detonating their payloads
- Remote Worker Attacks- Because the technology does not rely on signatures, there are no database updates. Even home workers receive all the benefits, without being connected to the internet or secure company networks.
- APT & Zero day Prevention: Threat intelligence and constant machine learning modeling keep new variants of threats from being successful.
SKOUT Email Protection is a cloud-based email security product that detects business email compromise, spam, and phishing-type emails and attacks. The product catches malicious emails by utilizing computer vision, AI, and machine learning. SKOUT Email Protection is fully managed and provides you with the option to either inform your users of suspicious or malicious emails through an HTML banner or block them with quarantine features. Driven, curious, mobile, and growing smarter by the subject line, SKOUT Email Protection adds an important layer of protection to your inbox.
Key Features:
- Detects VIP spoofing, brand forgery, and other attacks used in business email compromise and phishing
- Provides user-friendly warnings in way of banners on malicious and suspicious email
- Sanitizes embedded links to help protect users from potentially malicious websites
- AI and Computer Vision models to catch evasion techniques
- Easy “Report to SOC Button” for human analysis
- Fast Deployment built into SKOUT dashboard
Home Attack
Malicious Files
Malicious Insider
Malicious Links
Phishing
VIP Impersonation
Cases:
- Phishing, Zero-day phishing, and 3rd party brand impersonation- AI, machine learning, and computer vision identify patterns in text, image, and html to identify potential threats. The unique banner system allows for borderline threats to be flagged without compromising business functionality.
- VIP Impersonation- Identifies attempts to impersonate VIPs via email spoofing, typo squatting, or other malicious tactics.
- Malicious Files- Scans for malicious links, infected PDFs, and embedded code including scripts. Analyzes text within each email and attachment(s) to determine if sensitive words or phrases are used such as: password, invoice, payment, etc
- Malicious Links- All links in emails are sanitized using a sandboxed server. The user cannot access the link directly. They are brought to a landing page showing a screenshot.
- Personal Device and Home Attacks- Attacks on personal devices are mitigated by conducting analysis on the server side and injecting the results into the email, completely removing the need for remote software such as dedicated email clients.
- Malicious insider- Machine learning develops behavior profiles and social graphs that identify suspicious emails that don’t match a known profile, triggering an impersonation warning.
At SKOUT, we are committed to make cybersecurity accessible to all by enabling MSPs to deliver cybersecurity-as-a-service. COVID-19 (Coronavirus) is driving many organizations around the world to rapidly adopt a work-from-home policy. Business Email Compromise (BEC) and ransomware are the top two threats that MSPs and SMBs are facing in today’s cyber-landscape. To enable MSPs to rapidly respond to the changing landscape, SKOUT has designed a package specifically for companies with remote employees. Each product is backed by our 24/7/365 Security Operations Center and extensive technical and go-to-market support.
SKOUT ENDPOINT PROTECTION: SKOUT Endpoint Protection is an integrated threat prevention solution that utilizes our own streaming-data analytics platform. The product combines the power of AI to block malware infections with additional security controls that safeguard against script-based, fileless, memory, and external device-based attacks and is backed by our Security Operations Center.
SKOUT EMAIL PROTECTION: SKOUT Email Protection is a cloud-based email security product that blocks spam and phishing attacks. Our solution catches malicious emails by utilizing computer vision, AI and machine learning. Driven, curious, mobile, and growing smarter by the subject line, SKOUT Email Protection adds an important layer of protection to your inbox.
SKOUT O365 SECURITY MONITORING: SKOUT Office 365 Monitoring is a managed security product that collects, aggregates, and normalizes log data from Office 365 tenants using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7/365 Security Operations Center. Identify threat like behavior in O365 like unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, mass file downloads, and brute force attacks.
Key Features:
- Prevents and Detects Business Email Compromise
- Blocks Ransomware
- Powered by AI and Machine Learning
- User-friendly
- Rapid, Remote Deployment
- SIEM Analysis
- AI Analytics Engine
- Self-Service Reporting
- Satisfies Industry and Regulatory Compliance
Security Awareness Training:
- Live interactive course presented by cybersecurity professionals to increase end users’ attentiveness to cyber attacks both in the office and while at home
- End user training sessions on malware tactics
- Healthy online usage techniques to further reduce risk, data breaches, and cyber infections.
- Phishing and ransomware demos to help show just how easy it is for attackers to compromise an end users’ system and account.
Recommended Cyber Hygiene for MSPs and SMBs
- Establish what you want to protect the most. The data and systems YOU care about
- Build concentric rings of security around that data
- You have to know if you have a problem, that’s WHY monitoring your network is ESSENTIAL
- You have to take response time down. It’s the difference between a problem getting public or not
- You have to pick a framework that cover People. Process and Technology, Point to the framework as a way to mitigate the risk (We believe NIST will become like GAAP accounting a standard even though it’s not perfect)
5 Steps talk track:
- You need to focus on the critical data and information on your network that is critical to the running of your business. What data, if stolen and became public, would hurt your brand and the overall viability of your business? Would this hurt your reputation? What intellectual property, if stolen and given control of to a competitor, would be detrimental to your business? Once you’ve identified this data… next, we recommend building concentric rings of security.
- We recommend building concentric rings of security around that data. We use the plural, rings, as in many instances it’s not enough to just use one solution, say, endpoint protection. If a criminal is savvy enough to get around one checkpoint, then that key data is at risk. Hackers can develop ways to get around one checkpoint.
- That’s why monitoring is key. You need to know if you have a problem. With network monitoring, we can see bad actors navigating around your network and gaining increased access. Monitoring provides our SOC team the ability to view your network 24/7/365 to stop any suspicious activity before it becomes a problem for you. If this occurs, we would be able to let DRP know so we can work together to remediate the situation.
- Back to time and reputation. Knowing you have a problem early on is the difference in something threatening your business and your reputation. What would the cost of not knowing be? The loss of data or a remediation bill, after the fact are all facets you need to consider in bolstering your cyber posture. This is not a technology issue. This is a business protection issue, your business.
- We recommend using a Framework like NIST to prevent, detect and respond to cyber risks. The NIST framework mitigates risk by focusing on people, processes and technology. It puts in all the elements of cybersecurity that a small to medium sized business will needs, all at a cost-effective price. If you follow the NIST guidelines, you can secure your network and you’ll be in compliance that may be applicable to your industry.
Key Metrics:
- This years Cost of a Data Breach Report (2020), released by IBM, has showed some consistencies with last years (2019) remaining at $3.86M. (IBM)
- The United States has the highest average cost per breach per country at $8.64M. (IBM)
- The average time to identify and contain a data breach, or the “breach lifecycle,” was 280 days in 2020. Speed of containment can significantly impact breach costs, which can linger for years after the incident. (IBM)
- On average, companies can save upwards of $1M by containing a breach in less than 200 days v. more than 200 days. Time is money. (IBM)
Resources
ACS Systems acquired by multinational technology company
ACS Systems has been acquired by multinational technology company, Bechtle. Founded in 1983, Bechtle is now one of Europe’s leading IT providers with a presence in 14 countries. In the past, Bechtle direct ...
Evolution of the MSP
Watch Sessions After almost three years, ACS returned to the University of Northampton for their ‘Evolution of the MSP’ event. Guest speakers included Steve Horobin of Arrow, Greg Bayliss of Cymulate and Stephen ...
Strengthening your first line of defence
As businesses fight the war against phishing attacks and cyber security breaches, staff are, in the words of one data systems manager, both the weakest link and the first line of defence. Doug Frost, ...
Cyber Security
We protect your business against ever-evolving threats to your security, both online and offline.
Communications
We deliver integrated communications around your workforce behaviour for real business benefit.
