Cybersecurity and Risk Management

Cybersecurity and Risk Management

Business continuity depends on your systems being secure.

New hacking techniques are surfacing daily and year by year attacks continue to rise globally. In fact "2021 saw a 50% increase in cyber attacks per week on corporate networks compared to 2020 -- that's a significant increase" said Omer Dembinsky, data research manager at Check Point Software. Compared to 2015, hacking attempts have increased by over 500%.

These protections may be deployed at the level of your website, intranets, email, documents, local servers, hosted servers, PC operating systems and custom web applications. It's about devices too, especially with a bring your own device world.

At the end of the day, with our approach, we simply provide your business with a level of assurance and peace of mind. And secure systems mean you can continue with business.

Prevention is always better than a cure.


What We Actually Do:

Our services are enterprise grade and continuously evolving. They are used to identify bad actors using modified browsers, as long as thwarting DDoS floods, bots, spam, malware, application level deceptive techiques, and brute forcing attempts. We use the following techniques to protect our clients from an online world of continuous threats:

  • SSL
  • firewalls
  • DNS hijack prevention
  • password encryption
  • multipass email filtering with strong email DNS policy
  • permissioned based access
  • webform filtering
  • bot blocking
  • flood attack protection
  • continuous system updates
  • private cloud obscurity
  • DDoS protection
  • rigorous backup strategies
  • device lockdown

 

Our web application security suite includes:


Email Obfuscation

We encrypt email addresses you choose to display on your website by scrambling them in the source code. This prevents bots from reading and harvesting emails while retaining visibility to human visitors. We include this feature with our base hosting plan.


Inclusions: Base Hosting Plan


Vulnerability and Penetration Testing

Web application assessment, penetration testing, and scripting to identify and close potential exploit vulnerability points (SQL injection, cross site scripting, and other forms of attacks) and malware removal and clean up processes.


Inclusions: Addon


Ongoing System Maintenance

Maintenance and security patching is a critical defence line. Up to date hosted environments and web applications are your best protection from exploitation from new vulnerabilities as they get discovered.


Inclusions: Addon


Backup Protection

Protecting your hosted servers, websites, applications and emails is critical. We design custom solutions for when backups occur, how often they occur, and the type of backups (folder/ file, disk image, DRaaS) provided with an SLA.


Inclusions: Addon


Webform Protection

On our framework your webforms are protected from webform spam, sql injections, and other intrusions. We do this with a variety of methods including honeypots, DNS bouncing of bad IP neighbourhoods, and other methods to deflect unwanted attention.


Inclusions: Addon


SSL Security Encryption

Secure Socket Layers / HTTPS is a must-have for modern websites. By using SSL your site encrypts data such as passwords, credit card numbers and other sensitive information while it is in transit (inbound and outbound) to ensure it is kept confidential.


Inclusions: Addon


Firewall Protection

Our web application firewall uses "collective intelligence" meaning new threats from one website can be shared to block threats on other websites sitting on our global network. Block heavy hitters, bad neighbourhoods, IPs, or whole countries.


Inclusions: Addon


Content Scrape Protection

Prevent copying or stealing information and images from your website by making it harder than it usually is. Tools include disabling text selection, copy to clipboard, right-clicking, layering of transparent images, and hiding content from search engines.


Inclusions: Addon


DNS Protection with DNSSEC

Recently vulnerabilities in DNS were discovered that allow an attacker to hijack and control the DNS lookup. It accepts any address given to it no questions asked. DNSSEC secures this by verifying each request before a connection has been established.


Inclusions: Addon


SSL Forcing with HSTS

HTTP Strict Transport Security is a header which sets a website to enforce use of SSL security in client web browsers to prevent downgrade attacks, SSL stripping, and cookie hijacking. Forced SSL is important for websites needing higher security.


Inclusions: Addon


Traffic Rate Limiters

Rate limiting provides granular control for detecting bad traffic, customised rulesets to ensure that your legitimate visitors are not impacted, and insights on how to improve and capitalise on your security position as system attacks continue to evolve.


Inclusions: Addon


Protections from DDoS & DRDoS

Our enterprise-class infrastructure has the capacity to absorb more than 20 times than the largest Distributed Denial of Service (DDoS) attack ever recorded. By operating at the network edge, it protects your website against all forms of DDoS attacks.


Inclusions: Addon