1738 Elton Road Suite 316-A Silver Spring, Maryland 20903240-770-2097contact@secsofttech.com9am - 5pm

Key Features

The SST’s MSSP program provides comprehensive data protection, highly efficient disaster recovery, backup and restore, and innovative security awareness services/training

 

DATA PROTECTION

PHASE 1 – GAP ANALYSIS ASSESSMENT

SST conducts an initial risk assessment of your organization. A report of findings and recommendations is generated at the conclusion of the assessment. The findings indicate your current security profile; that is how your organizational goals and requirements align with your risk tolerance and resources. The end result of the initial assessment is providing a roadmap that ensures your assets are adequately managed to withstand current threats for your organization.

 

PHASE 2 – LAYERS OF SECURITY BUILD UP OR ASSURANCE

In this Phase, SST works with your organization to implement tailored layers of security that results in your target security profile.

 

VULNERABILITY MANAGEMENT

ASSET VULNERABILITY MONITORING – PATCH MANAGEMENT RECOMMENDATIONS – ASSET SCANNING **

SST works with your organization to create a vulnerability management program or fill gaps in your organizations vulnerability management program.

 

IA CONTROLS SELECTION & IMPLEMENTATION

An organization’s security posture level is determined by the strength and level of IA controls implementation program. According to best practices there are four security postures that determine the maturity of IA control implementation program.  They are: Security posture level 1 (Ad hoc security-results in weak controls), Security posture level 2 (Risk Informed – results in basic and adequate controls), Security posture level 3 (Repeatable Practices – results in refined controls), and Security posture level 4 (Adaptive Status – results in robust and resilient controls)

This service includes policy writing documentation such as organization/system security plan, incident response plan, etc

*HIGHLY EFFICIENT DISASTER RECOVERY, BACKUP & RESTORE INNOVATIVE SECURITY AWARENESS SERVICES/TRAINING

 

 

DISASTER RECOVERY, BACKUP & RESTORE

Companies can instantly bring systems online in our cloud when hardware failure or natural disasters occur. Encrypted data is safely maintained with regards to Confidentiality, Integrity, and Availability (CIA).

EFFICIENTLY MANAGE BACKUP AND DR STORAGE AND REDUCE COST

Storage costs are efficiently managed by allowing a more effective use of local and offsite appliance storage allocation. (By keeping the most recent or important backups on a local appliance with the remainder archived to the SST cloud, local and replication retention policies are managed separately)

 

15 MINUTE FAILOVER GUARANTEE

Guarantees to bring any system back online in SST cloud in 15 minutes or less from time of the disaster

 

CENTRAL DEPLOYMENT AND MANAGEMENT

Appliance backup settings and schedules as well as recoveries can be accessed over the WAN from a central management console or limited to LAN/VPN access for environments requiring greater security. *VPN (Virtual Private Network)

 

ENDPOINT PROTECTION (INCLUDING RANSOMWARE)

Endpoints including laptops, desktops and mobile devices are protected.  Since ransomware is usually disseminated via phishing and web downloads, endpoint protection is increasingly vital to guarding against today’s most pervasive threats.

 

SINGLE PANE OF GLASS

Easily manage and monitor backups remotely in real time, and troubleshoot issues. (Account usage, activity alerts, Anomaly Detection, retention management, reporting and monitoring, and advanced policy settings.)

 

GEOLOCATION & REMOTE WIPE

Easily locate lost or stolen devices. You can delete any business-critical data on remote devices with push-button ease.

 

BUILT-IN ORCHESTRATION & AUTOMATION

Set efficient workflows, including the ability to edit and modify workflows using our graphical orchestration workflow editor

 

TRIPLE LAYER ENCRYPTION & THE KEY

Encrypts data in-transit and at rest. Private key encryption (optional) giving you (and only you) the ability to view or decrypt your data in the cloud.

 

MULTI-FACTOR AUTHENTICATION (OPTIONAL)

Only trusted and authenticated administrators can access your company’s dashboard to better control device and data access.

 

ANOMALY DETECTION/EARLY DETECTION

By tracking the backup trends across client mobile devices and reporting the event details, an anomaly warning reports when the ‘new’ or ‘changed’ file count surpasses a user-defined benchmark

 

SEAMLESS CONTINUITY OPTION USING SST’S FAILOVER TO THE CLOUD PROVISION

Helps businesses minimize downtime with RDP (Remote Desktop Protocol) access (For Windows and Linux machines, administrators can right-click backups and choose any version of a machine’s backup to be booted and run directly in the SST cloud, with RDP access)

 

Hyper-V & VMware Agentless Backup & DR

Save additional time, money, and reduce risk of downtime due to human error.

 

LOCAL GRANULAR DISASTER RECOVERY WITH EASE

Windows and Linux systems that have been backed up onto an on premise SST appliance (Cloud Failover series) can be run directly on the appliance by simply right-clicking a backup and selecting “boot.” In a matter of minutes, administrators will have VNC access to a live running machine. Once ready, the machine(s) can be powered off, backed up and recovered to production environments, including recovery to an existing vSphere environment. *VNC (Virtual Network Computing)

 

FULL AND GRANULAR RECOVERY

Utilizing universal VSS writer support which ensures the consistency of application data when a shadow copy is created, SST’s DRaaS platform is capable of backing up databases like SQL, SAP and Exchange with additional support for mailbox level recovery of Exchange databases and file-level recovery for backups of Windows and Linux machines.

 

SECURE, OFFSITE REPLICATION

For maximum efficiency, the replication is secured with encryption to protect data against unauthorized access during data transfer

DEVICES AND OS’S PROTECTED

Protects data and applications, including physical and virtual servers, laptops/desktops, and mobile devices.  Supports most popular operating systems, including Windows, UNIX, Linux, AIX, VMware, Mac, and Android

PHYSICAL & VIRTUAL SERVERS

VMware and Hyper-V environments and natively protects Windows, SQL, SharePoint and Exchange data too.

 

SECURITY AWARENESS SERVICES/TRAINING

Reducing human error and combatting the number one IT security threat to any organization: Security threat of social engineering; of employees/users (Human IT Security) Employees are the low hanging fruit that cybercriminals go for.

 

24 HR SOCIAL ENGINEERING SECURITY MONITORING

Better management of urgent IT security problems of social engineering, spear phishing and ransomware attacks. Designed for employees to understand the mechanisms of spam, phishing, spear phishing, malware and social engineering, and are able to apply this knowledge in their day-to-day job.

 

REAL TIME REPORTING OF PHISHING ATTACKS

Phish Alert add-in button gives users a safe way to forward email threats to their security team for analysis and deletes the email from the user’s inbox to prevent future exposure. All with just one click

 

VULNERABLE BROWSER PLUGIN DETECTION

Information about vulnerable plugins users have installed on their browsers is automatically gathered during a phishing campaign. When a user fails and clicks on a phishing test, they arrive on a landing page which will gather information on what plugins are installed on that user’s browser. We look at the results and compare them to a database of known vulnerable plugins and report it back to you.

 

GEO-LOCATION

See where your simulated phishing attack failures are on a map

 

LEARNING MANAGEMENT SYSTEMS (LMS) INTEGRATION

For organizations with their own LMS, all training can be delivered in industry standard formats such as SCORM and AICC

 

ORGANIZATION POLICY INTEGRATION

Ability to Embed an Organization’s Policy as Part of the Training

 

USB DRIVE TEST

On average 45% of users will plug in USBs they find. This test allows you to test your user’s reactions to unknown USBs

 

SIMULATED PHISHING CAMPAIGNS (PHISHING PENETRATION TEST)

– EZXPLOIT™ (PATENT PENDING)

Intended for all employees in your organization who use a computer, email and internet, from the mail room to the board room. An automated way to pentest your users and prevent hackers from owning your network. Cost a fraction of the manual version.

Menu