Frequently Asked Questions
Solutions Questions:
Data Loss Prevention (DLP) Solutions are critical to protecting three types of data: data in use, data in motion, and data at rest. Data in use refers to data that is being used on a device. One way data can be stolen or lost while “in use” is an employee copying and pasting critical data while using their laptop. Data in motion is, for example, data that is being exchanged via email. Once the data arrives in the place where it is intended to be stored, it becomes data at rest. Aurora offers a variety of DLP Solutions to protect the data in an organization’s environment. Depending on the needs of an organization, Aurora offers DLP solutions from Symantec, McAfee, Fidelis, Forcepoint, Proofpoint, and Microsoft Security. Speak to one of our experts to understand which DLP Solution is right for your organization’s security goals.
Cloud Access Security Broker (CASB) Solutions go beyond other security solutions by providing visibility and control across the cloud. CASB Solutions can detect threats, manage multiple data streams and enforce security measures. It is a critical solution for any organization that collaborates and stores information in the cloud. Unlike on-premise security solutions that only can catch malicious activity happening on the permitter, a CASB solution can set off an alarm once someone has gained access to your cloud environment. The CASB would then perform actions to stop the data from being stolen. CASB can be integrated with existing data loss prevention solutions in your environment. Partner solutions that Aurora offers and are proficient in are Symantec and McAfee.
At Aurora, we have experts that can conduct Data Loss Prevention (DLP) Services in your organization’s environment. We have engineers trained in integrating Symantec DLP into your existing solutions. Aurora experts can integrate DLP and Cloud Access Security Broker (CASB) to extend your data loss prevention into the cloud. We can also integrate DLP and Web Gateways. Our experts are proficient in implementing and onboarding both Symantec DLP Services and McAfee DLP.
Endpoint security can be either cloud-based, on-premise, or a hybrid to protect your organization’s traditional and mobile endpoint devices. Using a cloud-based endpoint security solution can help you detect and protect your organization from threats targeting your endpoints. At Aurora, we offer Endpoint Security Solutions from a variety of partners: Symantec, McAfee, Trend Micro, Binary Defense, Sophos, VMWare/Carbon Black. Our security experts will work with you to understand which endpoint security solutions are right for your organization’s goals.
Aurora can provide several web security solutions for your organization depending on your goals and security requirements. We maintain close relationships with partners who provide excellent web security solutions. Web security solutions are an essential security solution for any organization looking to further protect their organization from cybersecurity threats. Some of the partner solutions that we provide include Symantec, McAfee, ZScaler, Sophos, Trend Micro, Fortinet, and iboss. Talk to one of Aurora’s security experts to see which web security solution is the right fit for you.
Identity Access Management (IAM) solutions help to assure that the right user is accessing the right data on the right device. These solutions are essential for any organization looking to protect its data from cyberattacks. There is a myriad of different identify access management solutions that work to better secure your organization. Depending on your security goals, the Aurora team can help you understand which of your partner solutions is right for you. We offer identity access management solutions from Okta, Plurilock, Symantec, RSA Security, Centrify, and Beyond Trust.
Privileged Access Management, or PAM, are solutions that work to secure and manage who gains access to privileged accounts. Privileged accounts refer to users who work with high-value information. The solutions work to ensure that privileged information is accessed by the right user on the right device. Aurora can provide our customers with PAM solutions from our partners such as CyberArk, Beyond Trust, and Broadcom/CA.
Security Awareness Training and Anti-Phishing Tools are required to protect your email from phishing and BEC (Business Email Compromise) attacks. At Aurora, we offer a phishing simulation risk assessment to evaluate your organization’s current risk for phishing. This helps us to provide you with recommendations to improve your security posture. Some of the solutions that we can offer to help you better protect your email from phishing and BEC attacks include KnowB4, Sophos, and Proofpoint solutions.
Security Capability Questions:
CASB or Cloud Access Security Broker is a security broker that sits between the end user and a cloud service. CASB Cloud Security is used to monitor all activity within your environment, ensure that no data is leaked or compromised as it moves in and out of the cloud. It can check for potential malware activity and will extend security policies to the cloud. CASB Cloud Security gives your organization visibility into the cloud. With increased visibility brings less security risk and peace of mind that your data is as secure as possible. A CASB can be integrated into your existing on-premise solutions such as data loss prevention (DLP) or a web gateway. This allows for the same protection that you are getting on-premise to be extended to the cloud. Aurora has experts in implementing CASB Cloud Security into existing environments. Contact us to see what the next steps are for your organization is to better protect the data that you store in the cloud.
Vulnerability management is the process of vulnerabilities on information systems, applications, and devices to reduce the attack surface and effectively better protect valuable data from a cyber-attack. The vulnerability management process is essential for every security-conscious organization and is even more critical as new technologies continue to emerge into our workflow. See our whitepaper: Vulnerability Management in a Post-Pandemic World to better understand vulnerability management in the context of today’s cloud-based workforce.
Yes. Aurora has experts in Symantec Data Loss Prevention (DLP) and Amazon Web Services (AWS). Together they can use Symantec DLP to better secure data within AWS EC2, S3, VPC and Workspaces. To learn more, see our whitepaper.
Security Assessment Services Questions:
Yes. If you do not have regulatory requirements, we will conduct a security assessment based on NIST-800-171 or Center for Internet Security (CIS) Top 20.
Healthcare organizations are required to meet the Health Insurance Portability and Accountability Act (HIPAA) Security standards to protect sensitive customer information. Many of the organizations that we work with chose to conduct a HIPAA Assessment on a yearly basis. In every industry, including the healthcare industry, technologies are rapidly changing. When new technologies are introduced so can new vulnerabilities. During a HIPAA Assessment, the Aurora team will evaluate how your organization’s environment compares to the policies and best practices of the industries. We will measure against the areas of weaknesses: people process and technology, to ensure that your organization’s security is in compliance with HIPAA’s requirements. Conducting a HIPAA Assessment regularly is good practice for healthcare organizations as being in noncompliance with HIPAA can result in fines and the loss of sensitive information.
A Phishing Simulation Risk Assessment measures an organization’s current level of risk for a phishing attack. In an assessment, our security experts will perform a controlled phishing attack against employees from different levels and departments within an organization. By conducting controlled phishing attacks, an organization can better understand if its employees are susceptible to emails that are designed to give away valuable information to malicious actors. Phishing emails are increasingly getting more sophisticated. By implementing phishing simulation risk assessments and conducting security training for your team, you can better prevent your employees from accidentally giving away valuable information in a phishing attack.
To be compliant with the security standards of your industry and better protect your data from a cyber-attack, we recommend that you implement penetration testing consulting services on a bi-yearly basis. In a penetration test, the tester will go into your organization and look for vulnerabilities that a hacker would be able to exploit. They will then work to remediate those vulnerabilities to prevent a hacker from taking control of your environment. Since new vulnerabilities can arise in your environment every day, implementing tests like Penetration Testing that actively detect and remediate vulnerabilities is critical.
A Cyber Security Risk assessment is used to understand how your organization’s current security posture compares to the best practices of the industry. During a cyber security risk assessment, Aurora will review your security policies and procedures in addition to interviewing key employees. We will conduct vulnerability scanning, both internally and externally, to get a full idea of your current security posture. Following the initial testing, we will prioritize the gaps found within your organization’s environment and make remediation recommendations. A cyber security risk assessment is often seen as a first step towards improving an organization’s security posture.
