Upgrading your cyber defense

M&A Technoloy has always been focused on security. Our approach is rooted in risk management—we adapt our processes and technologies on today’s threat landscape, adding the appropriate layers of protection for our clients.

Cyber Security is one of the biggest risks to your business

divider

Jack Welch, in his typically blunt style, said “Face reality as it is, not as it was or as you wish it to be.” We wish cybersecurity would be simple and straightforward. But you hired M&A Technology because you know cybersecurity is one of the biggest risks to your business.

How should we face reality? We’re dealing with attackers who are smart, well equipped and always changing their approach to find an open door to exploit our systems or force large ransoms. On top of that, governments are instituting new laws and regulations for data protection that include fines for those who fail to comply that make the ransomware payments look pleasant. For example, the federal government has implemented the Cybersecurity Maturity Model Certification (CMMC) that will impact at least 300,000 supply chain contractors this year. California is instituting a new data security law while many states are expected to follow the example of GDPR. The reality: It is no longer a question of if you’re going to be attacked, but when, how often and are you resilient enough to survive. On top of that, if the hackers don’t impact you, laws and regulations will. Welcome to the new normal.

Upgrading your cyber defense. M&A Technoloy has always been focused on security. Our approach is rooted in risk management—we adapt our processes and technologies on today’s threat landscape, adding the appropriate layers of protection for our clients. Given the state the world is in, how risk to your business is evolving, and the fact that you've entrusted us to protect you—we're going to be making changes to increase the level of protection you receive from M&A Technoloy as a way to enhance your security posture and reduce the risk of breaches, ransomware and more.

Here are the different cyber security areas

we've broken everything into:

divider

Email Security

Perfect for institutions needing low cost internet access to their districts, medical facilities, and municipalities.

Office Protect

Multi-Factor Authentication

Activation/Updates Of SPF And DKIM Records

Email Gateway Filtering

Email Continuity Protection

Dark Web Domain Scanning

Employee Security Awareness Training

For clients who are not already on Office365 but have your own email service, we'll be migrating your email system to Office365 and adding these protections. If you're using a personal email address (@gmail, @aol, @yahoo, ect), we'll be providing you with your available options

Endpoint Security

While we already provide commercial grade endpoint security software for every system we manage, depending on the agreement we have with you, it may not have all of the available features enabled. Going forward, every endpoint will have the following protections in place:

Active Adversary Mitigation

Managed Threat Response

Exploit Prevention

Anti-Ransomware

Endpoint Detection and Response

Artificial Intelligence Powered Malware Detection

Zero Trust Program Profiling

User Least Privilege Control

System Hard Drive Encryption

Synchronized Security (for clients with Sophos firewalls)

File/System Backups

This is one of the most important upgrades, designed to help you recover following any kind of disaster, not just a data breach. We'll be offering two options going forward for those without a backup solution in place. The first is an image-based solution. It's the one we've solely focused on over the last few years as it allows your business to get back up and running in the fastest amount of time. The second option will be a file-based solution. Though considerably slower on the restoration process, it still provides a high level of data protection.

Security Operations Center (SOC)

We've worked very closely with our security vendor Sophos to create a joint venture to manage active threat responses. Our SOC will take all of the security information between the email systems, endpoint devices and network firewalls to actively monitor for threats - including hunting for insider (employee) threat activity.

What does this change mean for you? The changes outlined above will be deployed to all of our clients in the coming weeks and months. This will ensure that each network we manage has the same level of cybersecurity protection regardless of its size or complexity. M&A Technology will take on the majority of the cost to upgrade and deliver these new protections. However, some clients will see additional costs. Cognizant that we’re in the middle of a pandemic, we’re not going to roll everything out all at once. Instead, we’ll implement these new products and services in phases based on the area they address while keeping in mind the costs and timelines for completion.