Security

Email & Web Protection

CBS provides email and web protection, management and compliance services to businesses throughout the United Kingdom. Specifically, CBS offers a comprehensive range of best-of-breed email management and protection services that are available either individually or as a modular package. CBS’ web-based solutions ensure that clients need not download or manage software on their PC or server. These include archiving, image scanning and encryption, in addition to core anti-spam and anti-virus services.

Email Protection

CBS’ protection provides a first line of defence against all email threats including viruses, spam, malware, denial of service attacks and directory harvesting. Businesses are further protected against legal action with image and content filters.

Email Management

The content monitoring facilities are capable of providing exceptional control over all incoming and outgoing messages. The service allows control of where messages are sent to and how they should be treated. Feedback to organisations is provided to aid understanding of email use.

Email Archiving

The archiving solution has been designed so that organisations can not only meet the strictest compliance requirements, but exceed them for greater benefit. Secure storage and indexing of data with real-time data replication means that legal discovery requirements are met and that organisations can effortlessly retrieve business critical information at any time.

Business Continuity

CBS’ e-mail Business Continuity Service provides a total solution for email continuity, recovery, archiving, and security.

For most organizations, email is the most important business application. For senior IT executives, email management brings many risks: outages are common, security threats are everywhere, data loss windows are significant, legal and compliance requests are increasingly complex, and server and storage performance challenges continue to escalate.

CBS’ Business Continuity Service protects against all of the key threats facing everyone who manages email. Our service is a low cost solution that ensures that:

  • Your users will always have access to email
  • No messages will ever be lost
  • You will be able to quickly meet legal e-discovery requests
  • You will be able to improve the performance and reliability of your production email      environment
  • Your mail will be secure and protected from spam and viruses
  • You will be able to quickly restore lost mail after an outage
  • You will be able control email retention and quickly retrieve messages for legal and compliance requests

Anti-virus

Antivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
Antivirus software typically uses two different techniques to accomplish this:

  • Examining (scanning) files to look for known viruses matching definitions in a virus dictionary 
  • Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods. 

Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.

Firewalls

A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network which has different levels of trust.

A firewall’s basic task is to regulate the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a “perimeter network” or Demilitarized zone (DMZ).

A firewall’s function within a network is similar to firewalls with fire door in building construction. In former case, it is used to prevent network intrusion to the private network. In latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.

Without proper configuration, a firewall can often become worthless. Standard security practices dictate a “default-deny” firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization’s day-to-day operation. Many businesses lack such understanding, and therefore implement a “default-allow” ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely. 

Intrusion Detection Systems

An intrusion detection system (IDS) generally detects unwanted manipulations to computer systems, mainly through the Internet. The manipulations may take the form of attacks by crackers.

An intrusion detection system is used to detect many types of malicious network traffic and computer usage that can’t be detected by a conventional firewall. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).

An IDS is composed of several components: Sensors which generate security events, a Console to monitor events and alerts and control the sensors, and a central Engine that records events logged by the sensors in a database and uses a system of rules to generate alerts from security events received. There are several ways to categorize an IDS depending on the type and location of the sensors and the methodology used by the engine to generate alerts. In many simple IDS implementations all three components are combined in a single device or appliance.

System Security & Penetration testing:

  • Could a hacker obtain access to your network and the machines on it? 
  • Are there vulnerabilities on your Internet-facing systems that an attacker could exploit? 
  • Does your wireless network provide a back door to your corporate network? 
  • Could a hacker obtain credit card or other information from your back-end server? 
  • Could attackers exploit weaknesses in your applications? 
  • How secure are your laptops, PDAs and users’ home networks? 
  • How security aware are your personnel?

Password Protection

Securing Your Future with Two-Factor Authentication

Do you really know who’s accessing your most sensitive networked information assets? Unfortunately, security built on static, reusable passwords has proven easy for hackers to beat.
RSA SecurID® two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator)—providing a much more reliable level of user authentication than reusable passwords.

  • The only solution that automatically changes your password every 60 seconds 
  • 20-year history of outstanding performance and innovation

RSA offers enterprises a wide range of user authentication options to help positively identify users before they interact with mission-critical data and applications through:

  • VPNs & WLANs 
  • E-mail 
  • Intranets & extranets 
  • Microsoft Windows desktops 
  • Web servers 
  • Other network resources