Security as a Service (SECaaS)

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)?

Strong cyber security is a fundamental requirement in today’s working world, and Prodec networks always prioritises this for its customers. As modern business strategies are evolving to accommodate a hybrid workforce, and the consumption of data from multiple cloud services, the fixed security perimeter associated with on-site corporate resources is no longer sufficient.

Prodec has therefore redefined the security perimeter by combining IT security solutions, such as firewall as a service (FWaaS) and endpoint detection and response (EDR) technology, together with vulnerability management and log analytics, to create an up-to-the-minute secure edge for your IT environment. This is all delivered as Prodec’s comprehensive security as a service (SECaaS) solution.

FWaaS

To help protect against an attack on your cloud environment, enterprise-grade virtual firewalls from Fortinet are deployed at all entry points. These firewalls include next-generation features and full unified threat management (UTM), for applicationlevel control of data traffic, allowing you to choose specific security policies that are in line with your chosen security requirements.

Analytics reporting

Prodec’s analytics solution collates all log data from both firewalls and endpoints and sends this to a central analytics platform, where the data is correlated against live threat feeds, and the resulting reports are generated monthly.

The logs generated and the output from the central analytics platform allow reports to be generated that highlight any exceptions, so that patches can be made available for manual user installation, where needed. These logs are also sent to a repository for long-term storage, with search capabilities, to be used for retrospective forensic analysis and for compliance purposes.

In addition, a monthly network-based vulnerability scan is undertaken, the outcome of which is included in a monthly reporting pack.

Device compliance

End-user workstations are enrolled in the Security Fabric, whether on or off net, and device compliance telemetry information is sent to a Security Fabric Agent for security posture checking. The same Security Fabric Agent is also used to remotely connect via VPN to the security platform, which enables Prodec to enforce device compliance and access control for resources, with multi-factor authentication.

This approach ensures that, regardless of the location of a device, all data traverses the central firewall service for consistent data security and visibility. With this control in place, all devices attempting to access any corporate resources are automatically interrogated to ensure a minimum-security posture is in place. This includes checking that the device is encrypted, and that antivirus and anti-malware signatures are up to date.

Vulnerability management

Using the Security Fabric Agent, a software inventory is taken of connected workstations and servers, which are then correlated against published security vulnerabilities from Fortinet. Where available, the Security Fabric Agent will automatically patch those vulnerabilities and, at a minimum, applications with critical vulnerabilities will be limited via EDR.

EDR

Endpoint detection and response, or EDR, technology augments the antivirus capabilities of the solution, and is used to defend your network against threats that conventional antivirus software cannot detect. This is achieved by analysing application and communication behaviour on workstations and servers, using machine learning and threat intelligence. When EDR detects suspicious behaviour, it takes autonomous and targeted action to reduce the threat and any lateral movement. EDR also enables logs to be forwarded to the central repository for use in post-incident forensics and threat hunting. In addition, EDR allows applications to be quarantined when critical vulnerabilities are found, providing time for patching to be undertaken.

Benefits of Prodec’s SECaaS

Cost savings

By employing Prodec’s SECaaS solution, you can gain significant cost savings for your business. As a cloud technology solution, there are no costly upfront investments in on-site hardware needed, or the associated expenses of in-house maintenance and management. Instead, you receive a hassle-free service, just paying for your requirements.

The latest security

When you employ SECaaS from Prodec, you gain access to the very latest security technology. In addition, any necessary updates are all managed for you by Prodec’s team of experts, to ensure you always have the most up-to-the-minute security measures in place.

Flexibility and visibility

As a straightforward, ‘as a service’ solution, Prodec’s SECaaS can be employed quickly and easily, with the flexibility to be scaled up or down, as needed. You will also have complete visibility of your security environment, via a web-enabled dashboard.

Freedom to focus on your business

With Prodec’s team of experts managing all your cyber security requirements, your own IT team can focus on business-critical projects and concentrate on riving your company forward.

24/7/365 support

Prodec is passionate about providing outstanding customer service and support. So, if you opt for its SECaaS solution, you can be sure that you will get the very best service, with access to Prodec’s UK-based, ITIL-trained support team, available 24/7/365.

Contact an expert today!

To discuss your requirements further, please contact a dedicated SECaaS expert today.