NetUtils launches ‘Platinum’ managed cyber security services to help large enterprises rationalise the new normal

Cyber security pioneer launches UK’s most comprehensive managed service offering 16 core features with 24/7 SoC to help larger enterprises strengthen their end-to-end cyber security posture

Kent, United Kingdom – February 2021, NetUtils, a leading IT specialist has launched the UK’s most advanced and highly integrated managed cyber security service aimed at helping larger enterprises to improve cyber security defences while reducing operational cost and complexity. 

The new “Platinum Tier” includes a fully staffed, 24/7 Security Operations Centre (SOC) and is backed by NetUtils continued certification around the ISO 9001 and ISO 27001  standards and as a registered  Crown Commercial Service supplier.

The new top tier service offers every element a large enterprise should deploy based on best practice methodology and includes Advanced Endpoint Protection, Vulnerability & Patch Management,

Managed Firewalls, Email Security Gateway, Privileged Access Management and Cloud Access Security Broker capabilities. The built-in SOC services provides full-time security monitoring across devices and applications including Office 365 along with structured Security Awareness Training sessions and ongoing helpdesk service. The Platinum tier is available at under £45 per user per month with significant discounts for larger organisations.

“Larger enterprises are faced with the dual challenges of managing more remote staff while still trying to deliver the core IT projects that are critical to the business. Our Platinum Tier Managed Cyber Security services are based on feedback from several enterprise customers around what they need – and is effectively a formalisation of a number of disparate services that we have been delivering successfully for many years.,” says Ashok Thomas, CEO for NetUtils. “When you look at the overall cost and especially when you factor in our 24/7 SOC capability, our Platinum service will typically save enterprises with a 1000 staff or more, hundreds of thousands of pounds each year in operational cyber security costs – with the assurance of transparent SLA’s and round the clock expertise.”

The new Platinum tier managed security services also aim to address several challenges that have accelerated due to the ongoing pandemic including critical digitisation projects, reduction in IT budgets and ongoing cyber security skills shortage. According to recent research by PWC, a consultancy, that questions over 3000 senior executives at larger organisations; 96% of executives have shifted their cybersecurity strategy due to COVID-19 while 55% of respondents lack confidence when their cyber spending is allocated towards the most significant risks.

NetUtils has built a reputation for technical excellence and is the most certified Juniper Networks partner in Europe and maintains over 420 industry and vendor accreditations within its team including CISSPs and CISMPsFortinet’s NS7, and Juniper JNCIPs. As part of the managed cyber security services launch, NetUtils has invested over £1.2 million adding more staff, enhanced training, and additional data centre capacity to meet growing demand. 

As David Bundock, COO for NetUtils explains, “Our top tier managed security service helps to address the operational challenges and skills retention issues that larger organisations are facing at a time when external factors such as COVID and Brexit are impacting core business processes. Our technical expertise and ISO compliant processes can help large enterprises improve cyber security though a trusted partnership that allows them to focus on their core business without compromising on active cyber security controls and monitoring.”

More information on the new managed cyber security services including the new Platinum tier is available via https://netutils.com/managed-service-bundles/

https://netutils.com/managed-service-bundles/

About NetUtils

NetUtils are a leading UK specialist integrator of network, security and data solutions for enterprise, telco, MSPs and ISPs. With more than 27-years history and over 400 enterprise and service provider clients including household names across finance, education, public sector, manufacturing, and healthcare, NetUtils brings its customers the depth and breadth of people, technologies and services to improve business performance in this ever-changing digital world.

NetUtils Media Enquiries:

Kara Jenkinson
Head of Marketing
t: 020 8783 3800 e: kjenkinson@netutils.com

w: www.netutils.com

Why Are So Many Organisations Turning to Managed Security Service Providers?

The technology industry is one that never stands still, but the cyber and security space specifically are even more fast paced than most other sectors of the industry. This in many cases can be attributed to the fact that the activities of cyber criminals are squarely focused on breaching enterprise security defences, because this is how they generate their income. Put simply your business is their primary target.

The pressures on IT operations, compliance and security posture are immense. Organisations constantly have to navigate the complexities of industry jargon and trends to keep abreast of the latest offerings and figure out the best fit for their business. This can be a full-time job in itself. But if IT is not your core business, then why should you burden yourself with managing it yourself?

The very nature of a Managed Security Service Provider (MSSP) is to alleviate the pressure by allowing you as a company to spend your time focusing on your core business, customers and innovation, in the knowledge that the necessary tasks that are required to keep your company safe and operational are in hand with the experts.

The Experts

An MSSP is a specialist, who’s core business is IT. As a result, you’re leveraging the expertise of a bigger team, who are up to date in all areas, that is, not just on general industry knowledge or the threat landscape, but also on the specific solutions and applications deployed within your business. It’s our responsibility to make sure the tools we use and the services we provide are always best of breed.

We spend the time and investment to train our teams, to get certified and fully compliant. We spend the time working closely with our vendor partners to understand the best ways of installing and using their products. We spend the time evaluating new and innovative solutions to the market.

We put in all the hard work, so you don’t have to.

Proactive Operational Efficiency

Managing the daily IT related tasks of most organisations can take most of the working day. Focusing on continuous improvements to revenue generating business critical tasks as well as customer service improvements, is what in many businesses determines their bottom line. It should not be surprising to learn therefore that most IT related operational improvements and security tasks can often be relegated to the back of the line. As long as things are working, then in many cases businesses are content and happy to focus their attentions elsewhere. Until of course something goes wrong.

By outsourcing the important IT operational management tasks to a trusted MSSP, you are ensuring that your IT environment remains operational at all times, because it is the responsibility of your provider to take care of security advisory notices, security patching, configuration management, access management, performance management, availability management, audit management and many other mundane but absolutely essential tasks to maintain a highly available and secure infrastructure. It’s our responsibility to be proactive on your behalf rather than reactive.

Speed of Implementation

It is no secret that there is a growing trend for many companies to outsource certain services, be that networking, telecommunications, cloud or security services. Besides the obvious cost savings and controls it affords, it certainly also helps free up internal resources and time. But there is one other major reason why MSSP services are being consumed at quite a staggering rate and that is speed.

Speed of implementation, widely known as how fast one can act on an idea, strategically or tactically, is often times what can set you apart from your competition. With the massive growth of cloud adoption and the improvements in its capabilities, we see a huge increase in the abilities of an MSSP to provision and deliver services to customers that would have previously taken weeks or months in only days and even hours in some cases. The reason for this is often that the provider has already provisioned its service capabilities ahead of time, so the service is simply ready to onboard new customers as and when they are ready. This of course takes a lot of planning and forethought on the part of the MSSP in order to be able to offer these ready to go services, so it can be said that the customers speed of implementing a new or replacement service is directly related to that provider taking earlier action.

We’ve launched 4 new managed service bundles to help small and medium sized businesses gain enterprise class technologies and services wrapped up in a per user per month price.

Priced from as little as £8 per user per month it’s never been easier or more cost effective to have the big tech normally out of reach to smaller businesses. These bundles combine between 4 and 16 cyber security services ranging from Endpoint Protection and Email Security Gateway all the way up to a fully-fledged SOC.

DISCOVER THE 14 CORE CAPABILITIES YOU NEED FOR DEFENCE-GRADE SECURITY

The following 14 core technical capabilities were created to help guide and prioritise cybersecurity investments.*

With cyber threats constantly evolving, it’s important to identify the gaps in your security posture and being prepared for cybercriminals to get through your defences in this changing environment is essential. You need to determine where to start and what is most important.

1. Asset Management

Identify assets by leveraging automated tools and discovery solutions (to also discover rogue systems), including:

  • Installed software (including on endpoints, mobile (leverage Mobile Device Management (MDM or EMM) solutions) and servers)
  • Deployed hardware (including endpoints, mobile, cloud and “on- premise” systems)

2. Network Segmentation

Ensure networks are properly segmented, particularly separating the business side from the infrastructure networks.

Focus initially on high value assets and critical systems. Move away from solutions that focus only on “on premise” segmentation and deploy network segmentation solutions, such as Software Defined Perimeter that allows for granular role-based segmentation of on-premise and Cloud-based systems, including legacy systems. Additionally, leverage Network Access Control (NAC) when possible.

3. Network Security

Leverage intrusion detection and prevention systems (IDS/IPS) across enterprise and system enclave boundaries (including ingress, egress points), including using cloud-based appliances whenever possible to monitor cloud traffic.

  • Select solutions that can protect both on-premise and cloud-based traffic and consolidate alerts/logs on a single dashboard
  • Consider leveraging Deep Packet Inspection/Packet Capture (DPI)
  • Consider deploying cloud access security brokers (CASBs) at cloud boundaries
  • Leverage Domain Name Server Security (DNSSEC) to secure your Domain Name Server (DNS)
  • Consider specific distributed denial of service (DDoS) protections to protect servers, applications, and networks
  • Consider solutions that protect communication systems against telephony denial of service (TDoS) and DDoS attacks

4. Identity Management

Manage user access and roles by:

  • Deploying a centralised identity management solution with access control management and identity proofing
  • Leveraging a Single Sign-On solution across the enterprise and its applications
  • Deploying multi-factor authentication across the organisation, particularly for critical systems and privilege access
  • Using identity management best practices to ensure “need to know” and “least privilege”
  • Properly disabling or deleting accounts according to the organisation’s policy requirement

5. Privilege Access

Privilege access management solutions should be deployed to manage and control critical infrastructure systems’ administrative accounts, including:

  • Requiring multi-factor authentication for all administrative accounts, including on servers and endpoints
  • Using solutions, such as Software Defined Perimeter, to enforce multi-factor authentication policies across the enterprise while implementing patching, need to know, and least privilege, among others

6. Patching and Vulnerability Management

  • Conduct proper monitoring and patch installation, including testing prior to patch deployments
  • Prioritise patches based on risk and critical impact
  • Regularly perform automated scanning (daily ideal or weekly), including credentialed, passive, internal, and external scans. Include database configuration and web services configuration scans
  • Install agents on servers and endpoints to facilitate scans whenever possible
  • Scan applications both statically and dynamically
  • Perform source code review when necessary

7. Continuous Monitoring

Continuous monitoring is recommended 24 hours a day, 7 days a week, including:

  • Employ alerts and Security Information and Event Management (SIEM) solutions with a customised dashboard to monitor critical systems using proper log management
  • Create/manage a security operation centre (SOC) to continuously monitor critical systems

8. Endpoint Protection

Employ endpoint protection solutions to:

  • Mitigate against viruses, ransomware, and malware using solutions such as Application Segmentation (Micro Virtual Machine isolation), Advanced Endpoint Protection, and Antivirus/Anti-malware
  • Deploy these solutions across all endpoints and servers, including mobile devices
  • Leverage a File Integrity Solution to protect against file tampering/rootkits etc.

9. Public Key Infrastructure (PKI)/Key Management

Deploy both symmetric and asymmetric encryption key management solutions, including:

  • Managing public and private keys used for application programming interfaces (APIs), email signing, and encryption using a PKI solution
  • Employing key management solutions to store keys, including Secure Shell (SSH) keys and other encryption keys

10. Log Management

Centralise, correlate and consolidate logs, including:

  • Ingress and egress logs
  • Application logs
  • Endpoint protection logs
  • Firewall logs
  • Security logs such as authentication failure, misuse, unauthorised access, insider threat
  • Server logs
  • Database logs
  • Webserver logs
  • IDS/IPS logs

Ensure proper timestamp by leveraging Time Synchronisation (Network Time Protocol (NTP)) solutions across every system.

11. Phishing Protection

Implement phishing training and plugin solutions, including:

  • Mandating regular phishing training for all employees, including senior executives
  • Deploying email validation system (Domain-based Message Authentication, Reporting and Conformance (DMARC), Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM)) to detect and prevent email spoofing
  • Deploying phishing plugin solutions on email servers and endpoints to allow phishing email detection, prevention, and reporting
  • Conducting real-life phishing campaigns to all your employees to measure openings/clicks, and target training to employees opening those emails

12. Configuration Management

Adopt a configuration management solution to properly enforce configuration requirements on servers and endpoints, including:

  • Prioritising solutions that can synchronise logs with SIEM and that support multiple operating systems
  • Leveraging application whitelisting solutions to limit access to necessary applications on endpoints and mobile devices. Whitelisting is recommended instead of blacklisting because new malicious software is too difficult to track

13. Application Security

Application security is the use of software, hardware and procedural methods to prevent vulnerabilities in applications and protect sensitive information from external threats. Applications may include desktop, server, and mobile technology. Software security should be built into applications during their development phase:

  • Fuzz testing (fuzzing) should be leveraged as a quality assurance technique, using a software tool called a fuzzer to discover coding errors and security loopholes in software, operating systems or networks. The technique involves inputting fuzz (massive amounts of random data) to the test subject to make it crash, find vulnerabilities, and identify potential causes
  • Dynamic analysis can be used as the testing and evaluation of a program by executing data in real-time to find errors in a program and flaws in the source code while it is running, rather than by repeatedly examining the code offline. Dynamic code analyser software finds security issues caused by the code’s interaction with other system components like SQL databases, application servers or Web services to debug a program in all the scenarios for which it is designed
  • Static code analysis is also available as one of the security tools the enterprise can use to identify flaws and malicious code in applications before they are bought or deployed. The process provides an understanding of the code structure, and can help to ensure that the code adheres to industry standards
  • Leverage Web Application Firewalls (WAF) solutions to secure your web applications

14. Data Security

Implement solutions to secure data, including:

  • Properly protect data, in particular, personally identifiable information (PII), personal health information (PHI), payment card industry (PCI), and sensitive, classified, and/or financial data, by using Data Loss Prevention solutions:
    • Leveraging solutions to detect and prevent data leaks and massive data exports on servers, databases, and endpoints, when possible
  • Deploying backup solutions across the organisation endpoints, servers, databases, and critical systems
    • Establishing off-site backup, whether in a separate datacentre or on the cloud
  • Mandating encryption for all PII, PHI, PCI, sensitive, and confidential data whenever possible. Examples include:
    • Requiring full disk encryption solutions for mobile devices, laptops, and removable media
    • Using encryption on databases and files whenever required

* 2018 Cybersecurity Guide – originally provided by Bromium featuring Nicolas Chaillan.