Cloud storage is ubiquitous but it can be hard to know what you have where! In fact, this law firm had been using cloud storage for years without knowing it. This company’s issue was not the use of cloud storage itself. They needed to understand and control where their data was truly being stored. SharePoint? Dropbox? Google Drive? Were employees downloading files and saving them on local computer desktops? Who had access to what files? When we arrived on the job, the controls in place didn’t even prevent a summer intern from accessing HR files.
We consolidated the data under a single cloud service we now help them manage. With our continued assistance in managing their data and keeping them informed as to where their data is, they are now also protected from shadow IT. After the consolidation, we worked with the firm to ensure only people who needed access to a particular document had access to it.
A light industrial company wanted to go after federal contracts but ran into a barrier. The federal government requires companies like theirs to adhere to NIST800-171 security standards. The company was facing over 100 different controls to understand, implement, adhere to, as well as to document and then maintain on an ongoing basis. Looking ahead, they then faced self-audits as well as the preparation to apply for CMMC certification with external audit requirements.
We helped them understand the required controls, implement them, and provided the documentation and audit prep. What would have been an overwhelming process – likely preventing them from being able to pursue federal contracts – became a smooth process towards achieving certification. In addition, by adhering to these NIST800-171 controls, they are now more efficient and competitive, allowing them to play in a bigger pond and pursue large federal contracts.
When we came into this clients’ office, their employees were complaining that their computers were slow. It was at the point where staff would turn their computers on every morning and walk away while the computers booted up because they were taking so long. They were talking about purchasing new equipment every few years with the belief that this major expenditure was the best path to the efficiency their employees needed.
Instead of purchasing new computers every couple of years, we helped the company extend the useful life of the machines with proactive management. We now monitor each machine 24/7/365, and when we start to see the computers getting bogged down, we are able to automatically go in and clean them up. Most of the time this can be accomplished unnoticed and without interrupting workflow. Once their computers are cleaned up, they stay running like new. This clears the path for our security tools to get a clean snapshot of the machine, ensuring their computers are more secure. When software companies release software updates, we make sure the computers are updated so whatever vulnerabilities the software companies are patching for are taken care of as soon as possible.
While we were onboarding an accounting firm conducting initial maintenance, we found malware on the computer.
We were able to instantly isolate and remove the malware because of our proactive maintenance and tools. The company owner and the person using this computer had no idea the malware was there. Unfortunately, since we had just onboarded them, we couldn’t tell them how long it was there, but we were able to track where it came from. We alerted not only our client, but also was able to inform their clients – the true origin of the malware – that their system had malware in it. Not only did this help our clients, it protected their clients as well.
