At Nocwing, we have a few core values that guide us in our pursuit of being a great IT company. They may seem simple on the surface but require hard work and complex problem-solving. We’re constantly on the lookout for new software, hardware, and talent to help us make them reality.
We call them people+, technology+, and security+.
"We believe people need system updates too."
This means that, while business technology constantly changes and draws focus, the human element is often neglected. Your people need support too.
"We believe that your devices should take care of themselves as much as possible."
This means that your technology should be enabling you, not the other way around. You should be able to stay focused on your work while the fiddling is kept to a minimum.
The latest addition to our family of core values is what we’re calling...
"We believe that you should feel safe with your technology."
We’re confident that preparation and vigilance (not buzz words and reaction) are what combat digital attacks. New threats appear every day but they shouldn't have to worry you.
So, what are we currently using to accomplish security+? Let's break it down, but remember this list will change as we adapt for the future.
Intercept X (Endpoint)
The concept of an antivirus has been around for a very long time and its function is well understood. It's worth mentioning however, that viruses have changed significantly over the years and the original idea of an application that scans your computer to see if it's already been infected isn't worth what it used to be.
"These days we need to not be infected in the first place."
Sophos' Antivirus, dubbed Intercept X Endpoint, employs machine learning designed to look for virus-like behaviors rather than known viruses themselves.
File encryption is used to secure data and keep it from being accessed by those you don't approve of, but what happens when someone else uses it on your files without your permission and says you're not approved to access it? We call that ransomware. Intercept X doesn't merely look for ransomware viruses, it is trained in the proper methods to encrypt files and if an application tries to use a sneaky, unproper method, it shuts that process down.
Here are a few more ways Intercept X is capable of addressing future security threats.
Stops Unknown Threats:
Intercept X uses Deep Learning AI to detect and inhibit malware that hasn’t even been seen yet by the security community. It scrutinizes the file attributes of hundreds of millions of samples to identify threats without the need for a file signature.
Intercept X has features designed specifically to halt the encryption processes of ransomware. Encrypted files are rolled back to safe states, minimizing downtime.
Exploits are known flaws in software and devices that allow unauthorized access to a device. Intercept X uses special technology to stop the techniques that attackers rely on to compromise devices. These exploits are typically used to steal credentials and distribute malware. By stopping the techniques themselves, it's protecting your organization from file-less attacks and zero-day exploits.
Solutions work better when integrated with each other. That's why Intercept X and XG Firewalls share data with each other. This allows them to automagically isolate devices that are being cleaned up and then return their network access once the threat has been removed.
Sophos XG Firewalls (Enterprise Guard)
Firewalls are the silent champions of the security world. We don't see them, but they are always there in the background shielding us from threats that constantly fire at our connections to the Internet.
"They are the guard shacks, the bouncers, the agents in black standing outside the door, preventing anything unauthorized from coming in."
What makes these people successful is how well they are connected to what their superior deems acceptable. The guard shack checks known IDs, the bouncer checks guest behavior, the agent has a list of approved personnel. Without that information the number of failed checks increase.
Firewalls are traditionally configured manually to allow exactly what is and is not allowed through the gate. The gate that separates the entirety of the Internet from your network. Sophos XG firewalls have the unique design of being able to communicate with PCs that have the Sophos Intercept X Endpoint installed. This provides a valuable additional source of information that the firewall can use to check against.
If a PC is infected, Intercept X Endpoint can notify the XG firewall and it will disconnect the from your network. This can keep the PC from infecting PCs nearby, phoning home to an attacker's server, or sending your data out of your network.
Here are a few more ways that XG Firewalls can keep your network safe.
Handles the Load:
Every packet of data going in and out of your network has to pass through your firewall to get checked. Sophos Firewalls have a unique high-performance architecture that uses hardware acceleration. It's called Xstream. It processes data packets using a list of policies or curated app IDs maintained by SophosLabs. This not only accelerates important SaaS, cloud and SD-WAN traffic, but also improves performance for traffic that needs TLS or IPS deep- packet inspection.
Benefits from Data Visibility:
Sophos Firewalls are a part of the complete Sophos Cybersecurity ecosystem which offers enormous benefits for visibility, protection and management with Sophos Central. It provides a single cloud console to manage firewalls and other Sophos products, as well as cross-product integration to enable Synchronized Security, and cross-product threat hunting (XDR or MTR)
Scales to Fit and Grow:
Sophos Firewalls offer more modular connectivity options as well as a full suite of secure access networking solutions to fit any network.
Sophos Firewalls offer a better value than others by including more features at no-cost: free on-box reporting, wireless, cloud management and reporting, and unlimited remote-access VPN
Datto Secure Backup
Hard drives have a mechanical lifespan, it's a known fact. If your data is harmed and you don't have a spare copy somewhere else, there's nothing you can do. We've vetted many different backup solutions over the years, attempting to determine the best but they all seemed to fall short in one manner or another.
"It's not how reliably the software backs up your data, but how reliably it restores it."
Datto backup appliances are unique in a few ways. Aside from their rock solid stability and recovery reliability, is their ability to back up business data that is stored in the cloud. With more and more software solutions being migrated to the cloud (Office 365, email, file storage, etc.) and employees working remotely, there has been an assumption that the cloud vendor be responsible for backing up this data. This is not always the case, and the reliability of their backups are out of your control. With Datto, you take back that control and regain the functionality you're used to having with a local backup solution.
You can recover deleted emails or ransomware encrypted files even if they are hosted in Google Workspace or Office 365.
Reliable & Secure:
Reliably and securely backup Microsoft 365 and Google Workspace, ensuring that business essential services like email and docs are protected from downtime events and cyber threats.
Secure and Scalable:
An SMB-friendly endpoint file backup, with powerful MSP-centric capabilities allow us to automate the service and scale it to any size needed.
Facilitate Remote Work:
With the ability to backup over any Internet connection, File Protection safeguards client’s valuable business data wherever they are, whether they’re in the office or on the move.
Whether your people are in the office or working from home, as long as they have an Internet connection, their data can be backed up. File Protection safeguards your valuable business data wherever you are.
Enhanced Threat Detection (Liongard)
The latest edition to our Security+ toolchain is Enhanced Threat Detection (ETD) by Liongard. This is more a tool that we utilize for your benefit, than a software you interact with. When a problem on your network is fixed and you ask your MSP "Why did this happen?" ETD helps give a more solid answer.
"Data is only as useful as your ability to read it. Nobody wants to scroll through a 2000 page logfile."
ETD enables us to perform deep inspection of the ongoings of your devices and network. It takes existing logs and behaviors that are already available but compiles them into usable visualized data.
Liongard's inspectors pull configuration and status data across your systems and Environments and integrates into our documentation system giving us better visualization of your data more efficiently.
Get Alerts, Take Action:
Want to know about expiring assets or increased malware activity? Liongard’s actionable alerts set rules for the things you want to flag. It connects with PSAs to deliver alerts for teams to take action on.
Go Back in Time with Liongard:
Liongard's inspectors run hourly and keep snapshots on a timeline for easy perusal. We can then go back in time to see configuration and status details from specific days in the past.