Technology has long played a critical role in the work of accountants. Some of the oldest relics of human civilization dating back more than 7,000 years ...
DCG's CyberSAINT™ scans help us manage the risk and help provide an additional level of preventative protection from these threats.
As you may have seen in the news lately, the CryptoLocker Ransomware attack has joined the large number of other threats that may affect your network from the inside and the outside. Most CryptoLocker Ransomware occur from employees opening infected attachments they shouldn't have opened, and many of the attacks are the result of spear phishing.
What is CryptoLocker? It is a malware program that encrypts your most important data files using an encryption key that only the attacker knows. You're then told to supply the blackmailer with money in exchange for the encryption key needed to unlock your data. The FBI recommends paying the ransom if you do not have a current backup.
What is spear phishing? Malicious attackers focus on one or more employees in your company and craft socially engineered email that attempts to get them to follow a link or open an attachment. The attackers are remarkably successful way too often.
Please see the details below for the two scans we recommend for all companies. We also offer CyberSAINT™ HIPPA and CyberSAINT™ PCI compliance assessment scans if your business is affected by either of these issues.
The report presents you with a summary of your overall risk score based on the scan of your network, along with simple charts to show the problem areas.
This report will help prioritize issues based on the issue's risk score. A listing of all affected computers, users, or sub-systems is provided along with recommended actions.
Our scan will pull out literally hundreds of pages of end-user network activity and configuration data. The Full Network Assessment Report includes every detail, presented in line-item fashion in an editable report document. The report is organized by section with a table of contents to help you locate the specific findings of interest. Pproblem areas are conveniently highlighted in red, making it easy to spot individual problems to be rectified.
For each network scan, this report provides detailed information on each of the individual assets discovered by Network Detective. The report is ideal for cataloging and documenting the complete settings and configurations for individual workstations and servers.
This report includes a proprietary Security Risk Score and chart showing the relative health (on a scale of 1 to 10) of the network security, along with a summary of the number of computers with issues. This tool also reports on outbound protocols, System Control protocols, User Access Controls, and an external vulnerabilities summary list.
This report will help prioritize issues based on the issue's risk score. A listing of all security related risks are provided along with recommended actions.
A PowerPoint presentation is generated from the Network Detective. General summary information, as well as the risk and issue score, is presented along with specific issue recommendations and next steps.
A comprehensive output including security holes and warnings, informational items that can help make better network security decisions, plus a full NMap Scan which checks all 65,535 ports and reports which are open.
Highlights deviation from industry standards compared to outbound port and protocol accessibility, lists available wireless networks as part of a wireless security survey, and provides information on Internet content accessibility.
A detailed overview of the security policies that are in place on a domain-wide and local machine basis.
Comprehensive lists of all network “shares” by computer, detailing which users and groups have access to which devices and files, and what level of access they have.
Organizes permissions by user, showing all shared computers and files to which they have access.
Shows all logins, both successful and failed, by user. Report shows service accounts that are not properly configured (and thus failing to login) as well as users who may be attempting (and possibly succeeding) in accessing resources (computers) that they should not be.
Same data as User Behavior but inverted to show you by computer. This summary is quite useful, in particular, for looking at a commonly accessed machine (file server, domain controller, etc.), or a particularly sensitive machine for failed login attempts. Some examples would be the CEO’s laptop or the accounting computer where you want to be extra diligent in checking for users trying to get in.
Identifies users who have succeeded in logging in to another machine. Great for auditing/logging purposes to know of all attempts.