Advanced Threat Protection
An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
a sandbox is a security mechanism for separating running programs. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.
A secure Web gateway is a type of security solution that prevents unsecured traffic from entering an internal network of an organization. It is used by enterprises to protect their employees/users from accessing and being infected by malicious Web traffic, websites and virus/malware.
A secure Email gateway is a type of security solution that prevents unsecured email traffic from entering an internal network of an organization. It is used by enterprises to protect their employees/users from accessing and being infected by malicious email traffic, virus and malware.
Data Loss Prevention
Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. … Adoption of DLP is being driven by insider threats and by more rigorous state privacy laws, many of which have stringent data protection or access components.
Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties.
Integrity, in terms of data and network security, is the assurance that information can only be accessed or modified by those authorized to do so. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust, and electrical surges.
Antivirus / Anti Malware
Antivirus (anti-virus) software is a class of program that will prevent, detect and remediate malware infections on individual computing devices and IT systems.
Employee Activity Monitoring
Employee monitoring is the use of various methods of workplace surveillance to gather information about the activities and locations of staff members.
Asset management is all about discovery, ownership, value, acceptable use, protection, and disposal of information-related assets. Assets can be tangible, like hardware, or intangible, like software and data. Whether you are with a small or large institution
Vulnerability management is the ‘cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities’, especially in software and firmware. Vulnerability management is integral to computer security and network security.
A patch is a piece of software designed to update a computer program or its supporting data, to fix or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually called bugfixes or bug fixes, and improving the usability or performance.
Ransomware is a type of malware that severely restricts access to a computer, device or file until a ransom is paid by the user. … It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
Phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.
Unsolicited or unwanted email used mainly for advertising. Spam is the term used for unsolicited, impersonal bulk electronic messages. … Spam involves sending nearly identical messages to thousands (or millions) of recipients.
Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. There are two main types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access limits
Data privacy, also called information privacy, is the aspect of information technology (IT) that deals with the ability an organization or individual has to determine what data in a computer system can be shared with third parties.
Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks
IT Disaster Recovery & Mgmt
Disaster recovery (DR) is an area of security planning that aims to protect an organization from the effects of significant negative events. DR allows an organization to maintain or quickly resume mission-critical functions following a disaster.
Bring Your Own Device Mgmt
Bring your own device (BYOD)—also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own Personal Computer (BYOPC)—refers to the policy of permitting employees to bring personally owned devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications.