Clear Guidance Partners (CGP) puts security at the forefront of everything we do. Our fully managed IT plans include a full suite of security processes to make sure your business is protected. At CGP we consider security to be non-negotiable, and these processes will provide sufficient protection for 98% of businesses. The above diagram shows our cybersecurity framework, including what covers each stage. The transition from protect to detect is called the boom, since that is where an attack succeeds. The detect, respond and recover phases are commonly neglected by IT teams and should receive extra scrutiny when planning for IT.

identify

• Our monitoring systems immediately alert us upon the creation of a new user account, or changes made to a firewall. These alerts are correlated to a scheduled change, or are investigated.

• On a quarterly basis, a list of all active user accounts are reviewed with HR to ensure all user and vendor terminations have been processed.

Protect

• CGP installs Fortinet firewalls at all client sites (a recognized industry leader), including a fully licensed security package which monitors all activity both inbound and outbound in real time.

  • If client is a manufacturer, the firewalls can be optioned with enhanced protection specifically for SCADA and related systems.

• All services at clients will be protected with multifactor authentication (MFA), both internal and external. MFA can prevent 99% of automated and bulk attacks and is a baseline requirement for security these days.

Detect

• Ransomware can quickly takeover your entire network if undetected. Canaries are special files left on every system, when they get ransomed we quickly get alerted and are able to react earlier than waiting for users to notice.

• CGP deploys Huntress to all machines, where their managed detection and response team investigates any new programs, scripts and other aspects for potential malicious activity.