SEARCH
You are in browse mode. You must login to use MEMORY

   Log in to start

level: Level 1

Questions and Answers List

level questions: Level 1

QuestionAnswer
SIEMSecurity information and event management
CHALLENGES• Frustrated by the time and resources it takes to PROPERLY scale their IT operations • Challenged by the complexities over the current government regulations with regard to the various regulatory compliance requirements • Concerned protecting their organizations against the current “CYBER PANDEMIC” we are experiencing is starting to place too much of a burden on their IT staff
CrisisA series of incidents (or a serious incident) can become a Crisis. The definition of a Crisis varies from business to business – but a large part of what makes a Crisis is its scope. If an incident, or series of incidents, significantly disrupts day-to-day activities, it’s probably a Crisis and demands assembling the Crisis Response or Crisis Management Team. There’s no one size fits all definition. It’s important for a business to have its own threshold for defining if something is a problem, incident or crisis. Without set rules, you lose valuable time deciding how and when to escalate and take action.
COMPLIANCE REQUIREMENTSNIST (National Institute of Standards and Technology) Hitrust (Health Information Trust Alliance) HIPAA (Health Insurance Privacy and Portability Act) GDPR (General Data Protection Regulation) CLIA ( Clinical Laboratory Improvement Amendments) ISO 27001 - ISO 27002
WHY OUTSOURCING CAN BE A GAME CHANGER?❑ Saves money and gives you peace of mind ❑ Let’s you focus on growing your business, while we manage your company’s IT operations ❑ Provides deeper technical expertise, a team of specialized engineers assigned to each client ❑ 24x7x365 IT services ❑ Customized IT agreement based on your budget ❑ One stop source for all IT services
Why Clients Value ICE?» always working hard to be your trusted IT partner » solutions tailored to your business and budget » one stop for all your IT needs » reduced cost, increased expertise » award-winning customer service
WHAT SEPERATES ICE?» transparent and accountable service » 24x7 live help desk support and NOC services » complete IT documentation » IT management portal designed especially for clients » no long-term contract required
THE SPECIALIST WE PROVIDENETWORK & SECURITY ENGINEER WINDOWS ENGINEER LINUX ENGINEER ACCOUNT MANAGER CLIENT SUPPORT STAFF HELP DESK SUPPORT VOICE/PHONE SUPPORT DATABASE ADMINISTRATION
SERVICES WE PROVIDE» Complete managed IT services agreements » Comprehensive IT audit and solutions » Network, systems & security design and implementation » High-performance computing (HPC) » Specializing in advanced Linux systems design and administration » VMWare and Microsoft hyper-V virtualization solutions » Windows and Mac systems administration » Storage, backup and disaster recovery » Private and public cloud services » Design, implement and manage AWS and Microsoft Azure cloud » Migrate servers to AWS cloud and Microsoft Azure cloud » Single sign-on and two-factor authentication » Implement and manage all cloud services » Design and manage data center on premise and colocation
SOC, NOC, ITIL, SIEMSOC (Security Operations Center) NOC (Network Operations Center) ITIL (Information Technology Infrastructure Library) SIEM (Security information and event management)
SECURITY ISSUESWHO reported a 5 fold increase in cyberattacks in 2020 Average cost of 1 data breach: 3.86 million Average total cost of data breach for companies with < 500 employees: 2.67 million PII (Personally Identifiable Information) was the most frequently compromised type of record, and the costliest at $150 a record. - The Ponemon Institute and IBM Security 48% of businesses have reported a security breach since the outbreak of COVID-19 Another 8% said that they do not know - Secure Age Loss of intellectual property Years of research down the drain Damage to your brand and reputation Cancelled deals and partnerships Millions in lost productivity and legal/remedies expenses Disclosure requirements imposed by your clients and governments intellectual property
SOC-AS-A-SERVICE (4 BENEFITS)MONITOR ANALYZE RESPOND ESTABLISH
MONITORAnti-Virus • Encryption • Firewalls • Single Sign-on • Multi-factor authentication • Wireless Authentication • Servers and Storage (Cloud or On-Prem) • E-mail Services • Cloud-Based Services • Remote connections
ANALYZECentralized Log Collector to collect and store logs from services and devices for analysis. Risk management process that reduces chances of security breaches.
RESPONDRespond immediately to cyber-attacks to avoid security breach
ESTABLISHIncident Response Plan (IRP)
SOC-AS-A-SERVICESOC AS A SERVICE Provides 24/7/365, real-time visibility into your IT infrastructure Staffed by a global team of trained professionals SIEM (Security Incident and Event Management) subscription includes industry-leading processes and security tools Proactive remediation of threats before damage is caused One of the most cost-effective and impactful ways to elevate any organization’s security posture as compared to developing these services in-house ICE security professionals respond to all alerts instantly to reduce the exposure and limit the damage a security breach might otherwise cause ICE SOC team will work with your organization to establish incident response teams (IRT), formulate Incident Response Plans (IRP), and perform the necessary actions to remediate threats in a timely manner, as required by many compliances’ frameworks
SOC 2(System and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. It is commonly used to assess the risks associated with outsourced software solutions that store customer data online.
SPECIALIZED SERVICES FOR BIOTECH High Performance Computing (HPC)  Large-Scale Data Storage and Management (Big Data Science)  Cybersecurity Services including SIEM (Security Information & Event Management) services  Linux Systems Design, Administration & Management  Provide NIST, Hitrust, HIPAA, GDPR, CLIA, ISO 27001 & 27002, SOC-2, and other Compliance Requirements
4 TYPES OF SERVICESSTRATEGIC TECHINICAL SUPPORT ADMINISTRATION
IT STRATEGIC SERVICES1. Provide IT Director services 2. Design IT Infrastructure On-Premises and Cloud 3. Implement Process & Procedures based on IT best practices 4. Meet compliance requirements 5. Handle office build-out, migration & expansions
IT TECHINICAL SERVICES1. Firewall, Switching & Routing 2. Linux, Windows & Mac servers & systems 3. Cybersecurity 4. Virtualization & Storage 5. Backup & Disaster Recovery 6. Wireless solutions 7. Single sign on (SSO) & Multifactor Authentication 8. Mobile Device Management (MDM) 9. Cloud services management 10. Onboarding & offboarding employees & contractors 11. Printing & phone services
IT SUPPORT SERVICES1. Onsite technical services 2. Helpdesk-live tech support 24x7x365 including holidays 3. Proactive weekly Preventive Maintenance o Network Security o Network Infrastructure o Systems Infrastructure o Endpoints (Desktops, Laptops & Mobile devices) 4. NOC (Network Operation Center) 24x7x365 5. Provide IT training to users
IT ADMINISTRATION1. Regular IT meeting 2. Project Management 3. Ticket Management 4. Client Satisfaction Reporting 5. Weekly & Monthly IT Reporting 6. Key Performance Index (KPI) Reporting 7. Hardware & Software procurement 8. Asset Management 9. Vendor management 10. Cabling services 11. IT Room, Cooling, HVAC 12. IT Documentation
ICE BACKGROUNDICE Consulting, Inc. specializes in providing Managed Information Technology (IT) services to small and medium sized companies. Certification: SOC 2 Year Established: 1996 (25+ years in business and going strong!) Client Satisfaction Score (CSAT): 97% (Industry standard 75%) CLSA Member Discount: 20% on hourly rate & 50% on IT Assessment
CSAT SCORE97 compared to 75 over 7,000 reviews
Why It’s Important to Work with a SOC-2 Compliant Partner?Many of our clients today have different compliance requirements such as ISO, HIPAA, Hitrust, CLIA, GDPR, NIST, and others. All of these require that the IT service provider be SOC-2 compliant, yet we’ve found that more than 95% of our competitors are not SOC-2 certified, and we believe this really differentiates ICE. In fact, more and more organizations are asking that their managed service provider (MSP) undergo a SOC-2 audit before engaging with them. This makes perfect sense to us—organizations want to know how secure an outside vendor really is. The SOC-2 certification is a coveted and hard to obtain information-security certification, and it demonstrates that an independent accounting and auditing firm has examined an organization’s non-financial reporting control objectives and activities, and has actually tested those controls over time to ensure that they are operating securely and effectively.
What is SOC-2?Developed by the American Institute of CPAs (AICPA), SOC stands for Service and Organization Control. It defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy.
5 TRUST PRINCIPALSAVAILABILITY INTEGRITY CONFIDENTIALITY SECURITY PRIVACY
IF THEY ALREADY HAVE AN IT DEPARTMENTcompliment and supplement them, help them in the areas after hours, specialists, new SOC real-time cyber security monitoring, threat prevention, response services
CHALLENGES1. Burdened by the time and resources it takes to scale their IT operations, which shifts focus away from their core business 2. Challenged by the complexities of the government’s compliance requirements regarding data management, privacy, and security 3.
INCIDENT vs EVENTAn incident is an unplanned interruption or a sudden reduction in the performance of an IT service. An event is a slight change in the state of the system or service in the IT infrastructure.
EventAn event is any observable occurrence in your IT infrastructure. An event can be something as benign and unremarkable as typing on a keyboard or receiving an email. Each time that happens, it counts as an event. An event doesn’t have to be a problem; updating your firewall is an event. Security Events are events that could affect your information security specifically. Businesses will face many of these – security measures deal with most of these and are unnoticed or not acted upon.
AlertAn alert is a notification that an event has happened. The alert goes to those responsible for taking action (if needs be). Not every event demands an alert – just those that will require action. If you set your threshold too low, you’ll be buried in alerts and won’t see real issues through the noise. Set the threshold too high and you won’t have enough warning to take preventative action.
ProblemA problem is the cause, or potential cause, of an incident. A problem can be flagged before it has caused an incident. It’s a lot better than reviewing after an incident has taken place. Active monitoring and up to date resilience measures help nip potential incidents in the bud. This is why a problem is not the same as an event – an event can be routine and benign and not require action or escalation. A problem needs addressing, ideally before it becomes an incident.
IncidentNot all events are incidents, but all incidents are events. Like how all thumbs are fingers, but not all fingers are thumbs. An incident is an event that negatively affects IT systems and impacts on the business. It’s an unplanned interruption or reduction in quality of an IT service. For example, a DDoS attack, or flooding of a server room are both incidents. Events don’t have to be negative – incidents always are. A Security Incident has a similar relationship to a Security Event. It specifically affects a business’ information security – normally by damaging or breaching it. Again, while the majority of Security Events don’t need dealing with, a Security Incident requires action.
CrisisA series of incidents (or a serious incident) can become a Crisis. The definition of a Crisis varies from business to business – but a large part of what makes a Crisis is its scope. If an incident, or series of incidents, significantly disrupts day-to-day activities, it’s probably a Crisis and demands assembling the Crisis Response or Crisis Management Team. There’s no one size fits all definition. It’s important for a business to have its own threshold for defining if something is a problem, incident or crisis. Without set rules, you lose valuable time deciding how and when to escalate and take action.