Custom Security Services

Custom Security ServicesTier3MD is offering 4 levels of custom cyber security.  We do this because no everyone needs all we have to offer, but they do need some of what we have to offer.   As network security threats grow more advanced by the day, protecting your practice’s systems and data becomes more challenging. Knowing where your risks and vulnerabilities are is the first step to shoring up your network security.  Our industry-leading internal security alerting solution takes into account your custom security policies and intelligently identifies suspicious anomalies, changes, and threats. In addition, our powerful analysis engine examines multiple data points and notifies you directly of security issues caused by unusual user behavior and network misconfigurations.

Once we have tuned your network, working with you to fix any current issues and update your security policies, we will set up regular reporting that details changes in your network from report to report, as well as all the issues we have resolved in that time. In addition, we take measures to minimize internal network vulnerabilities. These measures include setting up daily and weekly alerts, and delivering actionable intelligence—in case of an accidental or malicious breach.

 

OUR CUSTOM REPORTING AND ONGOING MAINTENANCE OF YOUR NETWORK INCLUDES:

  1. Evaluate inbound firewall configuration and search for known external vulnerabilities

This helps ensure that the impact of changes made to the external firewall—or exposure of outward-facing applications—is minimized.

 

  1. Review out-bound firewall configuration

Blocking unnecessary traffic plays a vital role in eliminating the spread of viruses, worms, and Trojans.

 

  1. Inspect the effectiveness of the current patch management tool

The purpose of this task is to identify systems in which security patches have not been applied in a timely manner.

 

  1. Examine anti-virus and anti-spyware deployment

This activity determines where anti-virus and anti-spyware is not deployed or is out of date.

 

  1. Conduct administrator review

This review validates the list of users with administrative privileges.

 

  1. Perform physical security walk-through

This in-person walk-through of the office helps identify issues a network assessment tool can’t—like employees leaving their passwords in plain sight.

 

  1. Run internal vulnerability scan

This uncovers security flaws that could be exploited once an attacker makes it inside your network.

 

  1. Detect anomalous logins

This task is intended to review security audit logs for suspicious logins or log-in attempts.

 

  1. Assess security policies

Review default Group Policy and applicable Local Security Policies for consistency and alignment with best practices.

 

  1. Review with IT administrators

This step reviews user, computers, and Layer 2/3 detail with your in-house administrator to identify possible defunct or rogue users and systems.

 

  1. Perform compliance-level auditing

A compliance-level audit can be beneficial in finding security-related, best-practice violations for all companies, even if they are not required to comply with a compliance standard such as HIPAA or PCI.