Recently, one of our clients was hit with a zero day virus. A user opened an email containing an executable file that had a PDF icon. The malware immediately emailed itself to everyone in the unsuspecting user’s address book spreading rampantly throughout the organization. The virus made its way to another organization that our client had done business with and proceeded to infect them as well. This happened in a matter of minutes.
Fortunately for our client, they were subscribed to GCSIT Managed Endpoint Security Service. The client made a call to our helpdesk describing the situation and we obtained a copy of the malicious executable for analysis. A quick check of the executable revealed that only 4 out of 50+ anti-virus vendors had identified the malware previously.
Our helpdesk engineers immediately uploaded the file to our technology partner and within 15 minutes of initial notification, detection and mitigation processes were deployed to our client’s environment through our remote management agents and cleanup was under way.
As for the other organization that was infected, their anti-virus vendor did not detect the malware and days were spent trying to clean it up. They eventually enrolled in our Managed Endpoint Security Service and we were able to clean up the infection and provide continuous monitoring at less cost than they were previously paying to their anti-virus vendor.
QUESTION: "We have skills on staff, why should we consider managed VMware Stack services from GCSIT?"
by Mat Kordell, GCSIT Manager of Support Services
The great majority of our Managed VMWare-Stack clients have VMWare skills on staff and still choose to subscribe to our services in a co-managed relationship. Here are the top 5 reasons why:
1. BEST PRACTICES GCSIT’s expert staff are always up-to-date with best practices from VMWare and major storage and networking providers. Additionally, we compile our own best practices from experience in design, architecture, implementation and support of literally hundreds of VMWare environments. Our Managed VMWare-Stack clients benefit from the combined and concentrated knowledge, skills and best practices of our Design & Architecture, Deployment Engineering and Support Engineering teams. We will regularly review your environment and alert you if anything falls outside of our best practices or otherwise puts your environment at risk.
These terms are often used interchangeably, but there is a distinct difference in the scope and activities performed. In a nutshell, a penetration test answers the question “Can someone break into my organization?” where a vulnerability assessment answers the question “How could someone break into my organization?”
Let’s say you have a house with a fence around it. In a penetration test the goal would be to find a single hole in the fence to first gain access to your yard. From there, the goal might be to identify a single unlocked window or door to access your house and ultimately gain access to your valuable possessions.
When conducting a vulnerability assessment, using the same analogy, the goal would be to identify ALL of the holes in the fence, check all windows and doors to see if they’re locked as well as any other potential entry points.
Both penetration testing and vulnerability assessment can and should be conducted from multiple perspectives – Internal and External. Your security infrastructure should be constructed in layers to detect and prevent both types of attacks.