Securing Your People

The last few years have seen a flurry of attacks targeting the user – unfortunately, with phenomenal success. Ensuring that your staff and users are educated effectively so that they are aware of the business risks that cyber security threats pose is vital. It is challenging to get this training and awareness right and continues to be the most underfunded aspect of businesses information security strategies.

In addition to education and awareness, businesses must also continue to assist their users by implementing effective technical controls that help avoid accidental incidents, which still make up the largest percentage of breaches that occur. Too much access to data, weak passwords and ineffective malware protection make up a large proportion of the issues that we see organisations tackling on an ongoing basis.

Sapphire have a range of services and solutions that will help support your business protect and enable your staff and users to build an extra layer of protection against current and emerging threats.

Malware and Phishing Prevention

Phishing emails, ransomware and malware have been the most high-profile attacks by far over the past few years. Incidents and the effectiveness of this attack vector can be greatly reduced by implementing layers of protection, comprising of: robust perimeter email and web solutions, effective endpoint malware protection and user education and training.

Sapphire offers a valuable phishing awareness service that monitors the effectiveness of the training we provide by coordinating simulated phishing attacks, authorised by your organisation. This service helps highlight staff who may need additional training and awareness, helping you focus on the people most at risk within your business.

We also offer a range of effective technical controls for the perimeter and endpoint that offer 100% protection against malware threats, reducing the risk for human error.

Insider Threat and User Behaviour Analytics

To avoid a data breach, your organisation must detect and respond quickly to anomalous activity. User and Entity Behaviour Analytics (UEBA) can help you monitor for known threats and behavioural changes in user data, providing critical visibility to uncover user-based threats that might otherwise go undetected. Our UEBA solutions perform profiling and anomaly detection using a wide range of analytics approaches against diverse environmental data. Our solutions deliver scenario and behaviour based analytics, then corroborates insights, providing visibility across the spectrum of cyberattacks.

Social Engineering and Open Source Intelligence (OSINT)

Regardless of the most comprehensive cyber security training and awareness programmes, the need to monitor and measure the effectiveness of the training and the general levels of standard users within a business is key. Social engineering can be used to gauge how secure your organisation is by using social skills and methods to see what access or information can be obtained and where possible breaches could occur. Carried out by skilled professionals, this can extend to testing the physical as well as technical security of your premises or datacentres.  

Open Source Intelligence (OSINT) is another method available to businesses to ascertain what information is available on the web about the company, a key or high-profile employee or even Intellectual Property (IP).  It can also be used to identify what information individuals have shared on the Internet that may accidentally increase the businesses vulnerability to cyber attack.

Sapphire offer both of these services, delivered by our team of professional and highly skilled consultants and testers: Social Engineering and Open Source Intelligence OSINT.

Access Security

The issue of controlling how and what users have access to continues to be at the heart of many breaches that we see on a regular basis. Weak credentials and unnecessary access to data or information still poses a huge problem for most organisations.

Secure authentication continues to be underused with businesses relying on basic username and password for access to networks, VPN’s and more worryingly, cloud applications such as Office365, Salesforce and Dropbox. With credential theft on the increase, it is vital that organisations help their users to be more secure by deploying strong authentication to key applications and systems.

Sapphire offer a wide range of solutions which help secure your users access:

Secure Authentication
Privilege Access Management
Cloud Access Security Broker (CASB)
Single Sign On (SSO) for web applications

Policy Compliance

Whether your company needs to attain compliance standards, regulatory guidelines or maintain corporate governance, creating clear policies that are read and understood by your users and employees is sometimes a challenging and costly process. Often organisations need to adhere to more than one standard or regulation and it is complicated to keep up to date and make sure that policies are visible and reflect the latest updates.

Sapphire can assist in offering guidance on which documents sets and policies are appropriate to your organisation and can assist in creating their creation. We also offer policy compliance automation solutions that greatly reduce the complexity and overhead of publishing, verifying understanding and auditing the acceptance of policies, procedures and e-learning.

Sapphire offers: Policy review, Policy creation and Policy compliance automation.