The SST’s MSSP program provides comprehensive data protection, highly efficient disaster recovery, backup and restore, and innovative security awareness services/training
PHASE 1 – GAP ANALYSIS ASSESSMENT
SST conducts an initial risk assessment of your organization. A report of findings and recommendations is generated at the conclusion of the assessment. The findings indicate your current security profile; that is how your organizational goals and requirements align with your risk tolerance and resources. The end result of the initial assessment is providing a roadmap that ensures your assets are adequately managed to withstand current threats for your organization.
PHASE 2 – LAYERS OF SECURITY BUILD UP OR ASSURANCE
In this Phase, SST works with your organization to implement tailored layers of security that results in your target security profile.
ASSET VULNERABILITY MONITORING – PATCH MANAGEMENT RECOMMENDATIONS – ASSET SCANNING **
SST works with your organization to create a vulnerability management program or fill gaps in your organizations vulnerability management program.
IA CONTROLS SELECTION & IMPLEMENTATION
An organization’s security posture level is determined by the strength and level of IA controls implementation program. According to best practices there are four security postures that determine the maturity of IA control implementation program. They are: Security posture level 1 (Ad hoc security-results in weak controls), Security posture level 2 (Risk Informed – results in basic and adequate controls), Security posture level 3 (Repeatable Practices – results in refined controls), and Security posture level 4 (Adaptive Status – results in robust and resilient controls)
This service includes policy writing documentation such as organization/system security plan, incident response plan, etc
*HIGHLY EFFICIENT DISASTER RECOVERY, BACKUP & RESTORE INNOVATIVE SECURITY AWARENESS SERVICES/TRAINING
Companies can instantly bring systems online in our cloud when hardware failure or natural disasters occur. Encrypted data is safely maintained with regards to Confidentiality, Integrity, and Availability (CIA).
EFFICIENTLY MANAGE BACKUP AND DR STORAGE AND REDUCE COST
Storage costs are efficiently managed by allowing a more eﬀective use of local and oﬀsite appliance storage allocation. (By keeping the most recent or important backups on a local appliance with the remainder archived to the SST cloud, local and replication retention policies are managed separately)
15 MINUTE FAILOVER GUARANTEE
Guarantees to bring any system back online in SST cloud in 15 minutes or less from time of the disaster
CENTRAL DEPLOYMENT AND MANAGEMENT
Appliance backup settings and schedules as well as recoveries can be accessed over the WAN from a central management console or limited to LAN/VPN access for environments requiring greater security. *VPN (Virtual Private Network)
ENDPOINT PROTECTION (INCLUDING RANSOMWARE)
Endpoints including laptops, desktops and mobile devices are protected. Since ransomware is usually disseminated via phishing and web downloads, endpoint protection is increasingly vital to guarding against today’s most pervasive threats.
SINGLE PANE OF GLASS
Easily manage and monitor backups remotely in real time, and troubleshoot issues. (Account usage, activity alerts, Anomaly Detection, retention management, reporting and monitoring, and advanced policy settings.)
GEOLOCATION & REMOTE WIPE
Easily locate lost or stolen devices. You can delete any business-critical data on remote devices with push-button ease.
BUILT-IN ORCHESTRATION & AUTOMATION
Set efficient workflows, including the ability to edit and modify workflows using our graphical orchestration workflow editor
TRIPLE LAYER ENCRYPTION & THE KEY
Encrypts data in-transit and at rest. Private key encryption (optional) giving you (and only you) the ability to view or decrypt your data in the cloud.
MULTI-FACTOR AUTHENTICATION (OPTIONAL)
Only trusted and authenticated administrators can access your company’s dashboard to better control device and data access.
ANOMALY DETECTION/EARLY DETECTION
By tracking the backup trends across client mobile devices and reporting the event details, an anomaly warning reports when the ‘new’ or ‘changed’ file count surpasses a user-defined benchmark
SEAMLESS CONTINUITY OPTION USING SST’S FAILOVER TO THE CLOUD PROVISION
Helps businesses minimize downtime with RDP (Remote Desktop Protocol) access (For Windows and Linux machines, administrators can right-click backups and choose any version of a machine’s backup to be booted and run directly in the SST cloud, with RDP access)
Hyper-V & VMware Agentless Backup & DR
Save additional time, money, and reduce risk of downtime due to human error.
LOCAL GRANULAR DISASTER RECOVERY WITH EASE
Windows and Linux systems that have been backed up onto an on premise SST appliance (Cloud Failover series) can be run directly on the appliance by simply right-clicking a backup and selecting “boot.” In a matter of minutes, administrators will have VNC access to a live running machine. Once ready, the machine(s) can be powered oﬀ, backed up and recovered to production environments, including recovery to an existing vSphere environment. *VNC (Virtual Network Computing)
FULL AND GRANULAR RECOVERY
Utilizing universal VSS writer support which ensures the consistency of application data when a shadow copy is created, SST’s DRaaS platform is capable of backing up databases like SQL, SAP and Exchange with additional support for mailbox level recovery of Exchange databases and ﬁle-level recovery for backups of Windows and Linux machines.
SECURE, OFFSITE REPLICATION
For maximum eﬃciency, the replication is secured with encryption to protect data against unauthorized access during data transfer
DEVICES AND OS’S PROTECTED
Protects data and applications, including physical and virtual servers, laptops/desktops, and mobile devices. Supports most popular operating systems, including Windows, UNIX, Linux, AIX, VMware, Mac, and Android
PHYSICAL & VIRTUAL SERVERS
VMware and Hyper-V environments and natively protects Windows, SQL, SharePoint and Exchange data too.
Reducing human error and combatting the number one IT security threat to any organization: Security threat of social engineering; of employees/users (Human IT Security) Employees are the low hanging fruit that cybercriminals go for.
24 HR SOCIAL ENGINEERING SECURITY MONITORING
Better management of urgent IT security problems of social engineering, spear phishing and ransomware attacks. Designed for employees to understand the mechanisms of spam, phishing, spear phishing, malware and social engineering, and are able to apply this knowledge in their day-to-day job.
REAL TIME REPORTING OF PHISHING ATTACKS
Phish Alert add-in button gives users a safe way to forward email threats to their security team for analysis and deletes the email from the user’s inbox to prevent future exposure. All with just one click
VULNERABLE BROWSER PLUGIN DETECTION
Information about vulnerable plugins users have installed on their browsers is automatically gathered during a phishing campaign. When a user fails and clicks on a phishing test, they arrive on a landing page which will gather information on what plugins are installed on that user’s browser. We look at the results and compare them to a database of known vulnerable plugins and report it back to you.
See where your simulated phishing attack failures are on a map
LEARNING MANAGEMENT SYSTEMS (LMS) INTEGRATION
For organizations with their own LMS, all training can be delivered in industry standard formats such as SCORM and AICC
ORGANIZATION POLICY INTEGRATION
Ability to Embed an Organization’s Policy as Part of the Training
USB DRIVE TEST
On average 45% of users will plug in USBs they ﬁnd. This test allows you to test your user’s reactions to unknown USBs
SIMULATED PHISHING CAMPAIGNS (PHISHING PENETRATION TEST)
– EZXPLOIT™ (PATENT PENDING)
Intended for all employees in your organization who use a computer, email and internet, from the mail room to the board room. An automated way to pentest your users and prevent hackers from owning your network. Cost a fraction of the manual version.