Cyber Hygiene Essentials

Our Cyber-Security solutions provide the critical services that every business should have in place to help protect their IT systems, employees, vendors, and clients from ransomware attacks, email scams, financial fraud, data theft and other cyber threats.

To keep things simple, this Cyber-Security bundle is offered on a per-user basis so you can be sure that all employees that use IT have the protection they need.

What’s Included in the Cyber-Security Hygiene Bundle?

  • Web Content Protection: Any user browsing the internet may inadvertently land on websites that deliver malicious software such as viruses to any computer that connects with them. These websites could infect the user’s computer and potentially precipitate a broader cyber-attack. Web content protection blocks users from accessing known bad websites. Depending on the preferences of the client, this service can be set to block other categories of website and content that may be deemed incompatible with the client’s usage policies.Deployment is per workstation – bundle includes up to 1.5 workstations per user.
  • Emailing Protection: Spam emails are one of the most common attack vectors, used by hackers to deliver harmful software or to lead users to bad links. The email protection service uses advanced machine learning technology to catch potential spam and other known and unknown threats in email. It places suspected content in a quarantine folder where it can be reviewed safely by users and selectively released.Deployment is per mailbox – bundle includes up to 1.5 licensed mailboxes per user (shared mailboxes are included for free).
  • Multi-Factor Authentication: Many cyber-attacks get started by stealing user credentials through specially designed malware, social engineering, or other means. Multi-factor authentication (MFA) enhances protections by requiring a second PIN, usually delivered via a cellphone, to be entered along with the user’s email. If a user’s password has been compromised, MFA ensures the hacker will still be blocked. Duo provides MFA for users to access their PCs, and also for remote access via a VPN. For good reason, MFA is high on the list of protections required by cyber insurance providers. Deployment is per user – bundle includes up to one Duo subscription per user.
  • Password Management: To make it challenging for hackers to guess or crack a user’s passwords, or to limit the damage if the credentials are compromised, security best practices demand that every system uses a different password, that the chosen passwords are long and complex, and that they are stored in a safe place. All of this is made possible by Keeper, which provides an easy way for your users to keep all of their passwords securely in one place, and to access them as needed from all of their devices. Deployment is per user – bundle includes one Keeper subscription per user.
  • Keeper Password Breach Watch: In addition to safely storing your users’ passwords, a Password Manager monitors the Dark Web for stolen passwords offered for sale. If any of those on offer matches a password managed through the Keeper Password Manager, they will immediately notify both the user and PCG so we can be sure the password is promptly updated. Deployment is per user – bundle includes bundle includes the Breach Watch subscription per user
  • Security Awareness Training/Phishing Campaigns: No email spam solution can be 100% effective in separating spam from legitimate email, so it remains vital that all users are trained to recognize spam, and what actions they should take when they suspect an email. A core element of this training is to send your team simulated phishing emails from time-to-time so that they remain mindful of the risk, and so you can identify users that may need additional training. Cofense is one of the World’s leading providers of simulated phishing. We recommend all clients implement a quarterly simulated campaign, combined with periodic training. Deployment is per user – bundle includes one Phishing subscription per user with one campaign per quarter.
  • “EDR” Endpoint Detection and Response: SentinelOne is an advanced threat detection agent that applies artificial intelligence and other leading-edge technologies to provide additional protection for Windows and Mac computers by looking out for unusual behavior that might be associated with malicious activity. When any such activity is identified, the agent can take additional steps including quarantining the suspicious process. In addition to the PCG team, SentinelOne is supported by a 24×7 SOC (Security Operations Center) that will review any detected events.

PCG recommends that staff who regularly access sensitive documentation, including HR, accounting and senior management, have a SentinelOne agent installed in their workstation(s). SentinelOne reinforces the antivirus agent we require in all of the workstations we manage (which is included in all of our Manages Services Agreements).

Deployment is per workstation – bundle includes up to one workstation agent per three users. Clients with a higher proportion of users accessing sensitive information can subscribe to additional agents as needed.

Monthly IP Address Vulnerability Scanning: The first line of defense for an IT network is its connections to the internet. Each such connections should be protected by a firewall which is usually set to disallow all traffic unless it is specifically needed.

Best practice is to scan all public IP addresses periodically to ensure that the firewall is in place and correctly configured. We use a cloud-based vulnerability scanner for this purpose that checks for tens of thousands of identified vulnerabilities, including outdated or unpatched software and misconfigurations.

Deployment is per IP address – bundle includes scanning of up to 10 public IP addresses per client, irrespective of the number of users enrolled.

Where Does the Cyber-Security Hygiene Bundle Fit?

PCG provides our clients with a broad range of technologies, tools and guidance they need to keep their IT systems, employees and clients safe from cybercrime. To this end we have implemented a multi-part security architecture, with a broad range of security services that cover each of the five security functions defined by the NIST (National Institute of Science and Technology) Cybersecurity Framework. Our Cyber Hygiene bundle is focused squarely at the “Protect” mission, and as such should form the foundation of any cybersecurity program.

The following diagram illustrates where our Cyber Hygiene Bundle and other PCG offerings fit in the NIST framework.