CTP CyberSecurity for Commerce
Collaborative Technology Partners, Inc., is a Boston MA based IT consulting company. We have been providing design and implementation of IT security solutions, often to meet compliance requirements of a variety of financial services companies, since 2001.
We suggest a fundamental change has come about – where ten years ago companies could reasonably strive to prevent a successful cybersecurity attack and penetration, the likelihood now is that networks of most companies will be compromised in spite of those efforts. Attention should now turn to minimizing or even preventing damage in such an event.
Meeting new threats does not take from the old ones
Strong network monitoring, Intrusion Detection, routine penetration testing, strong password enforcement, restrictive firewall policies, comprehensive anti-virus and patch management have all become standard practice and a good foundation for security.
Remote workers. Cloud hosted services are available to provide firewall, web security and VPN solutions for remote workers. These effectively move the sphere of end-point protection out to cover any Internet access – from a hotel, home, or other location.
Protect against escalation of rights / lateral movement. Attempted penetration often focuses on moving from the point of entry to critical servers and resources, requiring escalation of user rights and discovery of the network and resources
Keeping information in. Given the working assumption that at some point a cyber-criminal will gain access to the network, via a compromised end-user computer or other, there are good ways to detect and prevent the export of information.
Arrange the network such that a cyber-criminal will have access only via an endpoint network, that once connected there is precious little a cyber-criminal can do on that endpoint network, and make export of information from any network as difficult as possible – with good monitoring to alert of an intrusion.
Perimeter defense. The firewall and restriction of any Internet facing services to isolated DMZ zones is standard practice. Multi-Factor Authentication has become all but mandatory, even more so as critical services increasingly are moving to hosted cloud services.
Tools that Support the Goals
CTP has found that there is good recognition for the many security technologies- Multi-Factor Authentication (MFA), network segmentation, monitoring, in-house Public Key Infrastructure (PKI). We find that it can help to go at the problem by starting with the goals, and then consider the technologies that support those goals. It can be much easier to develop a rational plan for implementing technologies based upon the most immediate security requirements of the company, as a starting point. Click anywhere here for a more in depth discussion.
Frequently Asked Questions
Typically, we access remotely through a secure VPN connection, but can use alternative methods if required.
Yes, we do. Please contact us for more information.
No, our contract allows for growth (and shrinkage). The bill is adjusted as new managed devices are added or subtracted.
New installations or upgrades (unless previously agreed) fall outside the scope of Managed Services; we will be happy to provide you with a quote based on your requirements.
CTP operates on a set of standard secure procedures and processes for remote systems management, incorporating strict SLAs.
Yes. CTP has been supporting backup solutions for companies for over 15 years, has a broad knowledge base and has developed many different solutions for meeting the requirements of on site backup, off-site storage, and a demonstrable plan to recover within the stated Service Level Agreement timeframe.
