Managed Security Professional Services

Breaches of professional services companies can result in grave damage because the lost data is so immediately and directly useful for financial and identity theft, and their clients are commonly wealthy individuals and profitable businesses with well-funded accounts and valuable identities and credit.

Partnering with NJ’s Top Managed Security company for the small to medium-sized professional services industry is the best way to ensure that data, systems and sensitive documents remain secure and protected.
  • Over 25 years of experience serving the NJ small to medium-sized professional services industry
  • Solid understanding of the challenges facing the professional services industry – confidential data, minimal resources to protect information
  • Sizeable list of professional service clients
  • Team dedicated to keeping your systems and network safe
  • Have an existing MSP?  We’ll work together! We provide the cybersecurity arm while they focus on network management

Outlined below is our 3-tiered security approach and the services offered to ensure professional services organizations maintain a highly secure workplace environment.  Want to Learn More?  Schedule Your Complimentary 30-Minute Risk Analysis Now!

Proactive Protection

Locate and correct potential vulnerabilities before they can be exploited by criminals.

  • Block unwanted messages and keep your system free of adware, spyware, and viruses.
  • Real time analysis of clicked links to warn you if they are suspicious. If they are known to be harmful you are blocked from even accessing the website.
  • Domain spoofing protection keeps hackers from impersonating your colleagues.
  • A daily message report is sent to the end-user’s Inbox, from which messages can be released and is completely customizable through the customer portal.
  • At BMT we believe in, in-depth defense. Our protective DNS service provides another simple layer of protection for your organization by stopping PCs and servers from visiting known bad websites.
  • This can be due to a malicious link sent via email, an attempt by malware to download a trojan or a BOT calling back to its command server.
  • This protection is offered through the Antivirus software we bundle in our Endpoint Management Software or through our partnership with WebTitan.

Securely manage the accounts of users who have elevated permissions to critical, corporate resources. Automatically rotate passwords of privileged accounts. Grant temporary admin accounts that expire at a set time and monitor and record all sessions.

Cloud-based, management for configuration, diagnostics, and monitoring of the mobile devices managed by your organization.

Real-Time Detection

Identify any malicious activity that compromises the IT infrastructure, website security, and data confidentiality.

External
Probe Network defenses for exposed systems due to misconfiguration or mismanagement.

Internal
Scan all internal systems for vulnerabilities due to poor passwords, missing patches and/or firmware updates.

  • We work with 2 partners for vulnerability scanning. Coalfire for External Scans, Inspector 2 for Internal Scans.
  • Both produce reports utilizing the Common Vulnerability Scoring System which is an open industry standard for assessing the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threats.
  • Without External vulnerability scanning service you won’t be alerted if a port is opened in your firewall intended to be scoped to specific IP addresses but instead is open to all.
  • Without Internal vulnerability scanning your IT resources need to manually check that that all the relevant Windows Patches have been applied. Even more time consuming they need to check the website of each Printer, IP Camera, Wireless Access Point to determine if Firmware Updates are available and need to be applied.
  • BMT’s vulnerability scanning services allow you find what patching is required and what should be done first based on severity of risk.

See threat activity on your network and among your peers.
Connect with threat intelligence sharing communities and sources and automate intel consumption. Identify potential threat activity on your network, and view everything through a user-friendly online interface.

Boost defense, not headcount
No need to increase analyst hours or staff. The Perch Security Operations Center investigates any alerts on your network, escalates real incidents to your attention, and helps you eliminate the threat. Customize what and how we escalate to fit your needs.

Detect what’s eluded your defenses
Firewalls are a perimeter defense to protect your network; Perch detects what’s already gotten through. During your lunch break, you can start detecting threats on your network.

When all your preventive measures fail, (email threat detection, AV on Firewall, Server and PCs, Security Awareness training, etc.) our preferred Network Threat Detection will alert you to any suspicious activity in your Network.

With this service, powered by Perch, a Network Sensor is installed to capture ALL traffic in and out of the firewall. Traffic is captured not only from your PCs and servers but any IOT devices which may have been compromised.

Suspicious activity is forward to the 24×7 Security Operations Center for analysis. False positives are weeded out with confirmed activity forwarded to your security response or operations teams for additional action as recommended by the SOC analysts.

All activity is logged and retained for a predetermined amount of time to meet compliance objectives which allow you to review logs after a breach to determine the extent of the breach.

  • Endpoint Detection and Response (BitDefender EDR)
    Record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems.
  • Detect security incidents
  • Contain the incident at the endpoint
  • Investigate security incidents
  • Provide remediation guidance
  • Threat advisory service (dark web breach analysis, NJCCIC bulletins/updates)
    We’ll keep you aware of the latest threats.  Ongoing updates and education,

Ongoing Education

90% of breaches are caused by human error.  Education helps employees identify and eliminate cyber threats, strengthening the most vulnerable link in the chain.

Make sure your staff is protected from everyday phishing and ransomware attacks.  Program includes baseline testing, automated simulated phishing attacks and reportable results.

From taking the pulse of your data and network security to analyzing your overall IT operations, we’ll show you where you’re ahead…and where the risks reside.

Two of the most important things when it comes to protecting online accounts.  We’ll show you how to easily implement and keep you up-to-date with using a Password Manager and MFA.

Whether you are required to follow a regulatory framework or you realize the importance of taking a formal approach to your risk management. Our service can help with can help with many beneficial features.

  • Process Wizard. Your list of Compliance To-Dos is maintained for you by the system, and each task is automatically crossed off and marked complete as you go.
  • Automatic Data Collection. The system automatically collects a ton of information that you would gather manually with other tools, saving you time.
  • Web-based Management Portal. Whether your compliance footprint is contained to a single site and entity, or spans across dozens or even hundreds of them, everything is managed through a single, centralized web portal.
  • Multi-role Architecture. While a single person can run a complete compliance assessment, the system is set up to allow multiple information stake-holders to directly input the information they have; and a technician, administrator, and internal auditor each can participate in the process at key points.
  • Automatic Data Validation. The system automatically compares answers to questions with the information it automatically gathers and highlights exceptions where the two don’t match.
  • Multiple Compliance Standards. The Compliance Manager role-based platform is versatile enough to support virtually any compliance standard.

Security Partners

it consulting nj

KnowBe4 is the provider of the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

AppRiver is a worldwide provider of cloud-based solutions, including spam and virus protection, email encryption, secure hosted exchange, and migration services.

Perch enables organizations to identify potential threats and malicious activities across networks and connected devices via a unified portal.

In today’s hostile cyber world, regular network vulnerability scanning has become a “must-have/must do” extra layer of cyber security protection for every network, regardless of size. VulScan provides everything needed for efficient network vulnerability management.

WebTitan is a cloud-based web filtering solution that serves as a semi-permeable membrane between an organization’s users and the Internet. When an end user attempts to access a particular URL that does not violate an organization’s acceptable Internet use policy, the request is honored. Since there is no latency, the speed at which the website is loaded is the same as if no filtering mechanism is in place.

While your current Managed Service Provider (MSP) may claim to offer security functionality, they are likely offering only the most rudimentary easily defeatable security services by todays standards. Their measurement of success is not upon how many threats they have detected and foiled, but upon other metrics like completed projects and user support satisfaction. 

With BMT as your Managed Security Services Provider (MSSP), success is measured with a vastly different set of standards, using advanced security tools, methods and the latest technologies. We’ll keep you one step ahead of the risk exposure you may have from new (and existing) cyberthreats, by providing guidance, and modern security services that typical MSPs cannot bring to the table. 

You get the best of both worlds in keeping the MSP your happy with and getting the MSSP your security needs!  Schedule Your Complimentary 30-Minute Risk Analysis Now to Learn More!