Knowledge

2/11/2017

The Benefits of Pen Testing

A huge threat to today’s businesses is hackers. They can manipulate their way into any businesses system and take advantage of any data that is important to the company. This can generally leave long lasting, harmful effects on the business which might even lead to eventual failure of the organization. 

Don’t let this happen to you! Digital Edge offers a Penetration test in which our trained and specialized team gets authorized access to “attack” your system. This is done in the form of a real attack using strategies hackers usually use. Digital Edge uses standard licensed security assessments and penetration tools, as well as their own proprietary techniques, black hat reconnaissance and exploitation methods. The purpose of this test is to expose any and all vulnerabilities in your system that can potentially hurt your business, so they can be fixed. Pen tests provide the precautionary measures needed to be taken to ensure there be no breach in your system. They ensure the safety of your data by allowing you to be ready to prevent future attacks.  

Due to rapid technological advances, Pen tests should be done regularly to catch any vulnerabilities that pop up before it’s too late. Read more about how Digital Edge’s Penetration test can be beneficial to your company! 

9/20/2016

Log Management: Related Laws and Regulations

Log management is an often overlooked function of any IT organization. On one hand it is a very simple thing, however when implemented, you may find yourself overwhelmed in a plethora of details and related problems and can inevitably lead many to just drop the implementation – with the thought – we may not need it, everything is working on its own.

In addition to a great stash of valuable information, visibility, capabilities for additional alerting, predictions, forensic and behavior analysis, log management is one of the areas of control for multiple compliance and regulatory frameworks.

Relevance to Laws and Regulations: There are multiple compliance regulations related to log management. It is the law to log and review.

HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant technical and non-technical security standards to ensure individuals’ ePHI, “electronic protected health information”.

 
PCI DSS
The PCI DSS was created to encourage and enhance cardholder data security and facilitate the extensive adoption of consistent data security measures worldwide. This applies to all organizations that store, process, and/or transmit cardholder data.
 
SOX
SOX requires that all publicly traded companies establish and follow a framework of internal controls that support accountability and integrity of the financial reporting process. A vital part of SOX requirements includes the collection, management, and analysis of log data.  
ISO 27001
The ISO 27001 standard is a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving management systems information security (ISMS) within the context of the overall commercial risks of the organization.
FISMA
FISMA requires all federal agencies to document and implement controls for information technology systems that support their operations and assets.


 
GPG 13
HMG organizations are required to follow Protective Monitoring for HMG ICT Systems, based on Communications-Electronic Security Group’s GPG 13 to gain access to UK GCSX, Government Connect Secure Extranet.
 
NERC CIP
NERC has its own framework to protect bulk power systems against cyber security compromises that could result in operational failures or instability.





 
GLBA
GLBA, also known as the Financial Modernization Act of 1999, was enacted to secure protection over customer records and information.






 
201 CMR 17.00
The Massachusetts General Law Chapter 93H regulation 201 CMR 17.00 was established to protect personal information of residents of the Commonwealth of Massachusetts. This regulation applies to all organizations, companies, or persons that own or license personal information about Massachusetts residents.
 
DoDI 8500.2
Since IT environments can generate millions of logs daily, DoDI 8500.2 has recommendations of analyzing and reporting on log data can reduce manual or homegrown remedies that are inadequate and cost prohibitive.  
NIST-CSF
NIST-CSF sets information security standards and guidelines for serious infrastructure as defined within the Executive Order 13636 from the President of the United States of America.
 
NIST 800-53
NIST 800-53 produces information security standards and guidelines for federal information systems.



 
NRC RG 5.71
In the Code of Federal Regulations, Section 73.54, Title 10 it is required that the NRC licensees provide high assurance that digital computer and communication systems and networks are sufficiently protected against cyber-attacks.
NEI 08-09 Rev 6
The NEI developed and published the NEW 08-09 Rev 6 to address many areas surrounding access control, audit and accountability, incident response, and system and information integrity. This is an extension of CFR 73.54.
 

Digital Edge is proud to introduce our new and latest product LogIT. Log Management will allow us to assist our clients uncover the value of something that already exists, but is not visible in their information technology environment's plethora of valuable information. Digital Edge ensures that our clients will get the most out of their application, system, and security logs. Besides collecting and storing logs, LogIT will help expose the full use of logs and machine data for network protection and compliance.

Digital Edge provides enterprise ELK Log Management Solution, cloud based or on premises. We stand out from our competitors for multiple reasons – including that we do not limit retention period and we don't have restrictions for value or speed for log streams. Additionally, we customize dashboards for our clients individual needs and expose our services to clients over VPNs of private cross-connects in data centers that we support. On top of all that, Digital Edge's LogIT can provide an unparalleled solution in today's IT Landscape.

Through sensors, Digital Edge captures all possible information generated in any device, application, and security event. We ensure security by staying alert on any security alert generated by any infrastructure device or application, along with collecting valuable forensic information. LogIT also provides a combination of structured and unstructured search built on our Elasticsearch backend. Unstructured search provides a Google-like experience while our MDI fabric enables contextual search when greater precision is required. Our search builder allows you to easily realize the best of both worlds instantly.

Click the link http://www.digitaledge.net/log-management-assessment-tool/ to assess your log management needs and budget. For further information please feel free to contact us.

9/6/2016

Elastic Infrastructure

Digital Edge’s Log Managed Solutions are delivered as a fully managed cloud service. You only need to point your logs to us and we will:

  • Aggregate and safely store your logs;
  • Give you full visibility into your logs including advanced search and filtering;
  • Alert you on required patterns;
  • Help you to customize this solution and integrate it with your other systems such as Security Information and Event Management system (SEIM), compliance reporting and others.

To see the architecture click here.

5/16/2016

The Cloud Revolution: What is the Next Step?

Are we done with the cloud revolution? Is the crusade against hardware over? Was getting rid of the hardware from our closets the final goal? Right, the cloud movement started with the goal to free up IT departments from the subject that is universally hated –  hardware related headaches, from renewals, end of lives, end of supports, those sticky VARs, capital investment, to the constant feeling that when you invest capital into your new hardware that you are losing 10-20% of your money’s value right away. This feeling is comparable to the notion of buying a new car and driving out of the dealership – the car is now not worth that same as when you signed the contract, minutes before. 

4/18/2016

Cyber Security Attack Vectors and Classification

Digital Edge has decided to simply classified types of attacks, so that when we discuss tools and vectors we will refer this document. 

1. Frontal Assault

1.a - Code Tampering: This type of attacks are conducted from outside of a client's, by probing open ports and trying to force the code behind those ports to do unwanted actions, allowing hackers either remote execution, illegal upload with further execution, or system crash. 
1.b - Brute Force: An attacker uses techniques that are trying multiple combinations of passwords and keys trying to pick correct combination. 
1.c - Denial Attack: When an attacker creates either a large number of requests or specifically crafted requests or both at the same time to cause a client's system to stop responding. 
1.d - Floods: An attacker creates large amount of traffic, produced by hacker's controlled infected machines - "bots or zombies" to simply overflow capacities of the client networks or their ISPs.

2. Internal Assaults

2.a - Browser Scripting Attacks: During this attack, a hacker is convincing a user to go to a malicious website. Such website has a java or other scripting code that cause client's browser to perform unwanted actions, infect the computer, download unwanted software, etc. 
2.b - Email Attacks: During this attack, a hacker tricks a user to open an attachment that has a code that causes the opening program such as MS Office, Adobe PDF viewer, etc. to perform unwanted actions, such as infect the computer, download unwanted software etc.
2.c - Removable Media Attacks: This attack is conducted through an infected removable media. A USB memory card may have a malicious software that is executed when the storage is attached to the client's computer. 
2.d - BOYD Device Attack: A hacker would be able to infect client's personal desktop or personal phone and wait for when the user will bring it to the office. The infected "own" device can spread infection inside the local network. 

In the future, the Digital Edge Security Team will publish Security Solutions Reviews which will always refer to this classification, specifying which security challenge the solution is supposed to solve.

3/22/2016

When Does Colocation Become Competitive With The Public Cloud?

Digital Edge received this White Paper from Plexxi, written by Plexxi in a partnership with Colovore,  King Star Computer, and Piston. We feel that this white paper has great importance to the IT community as there is a current misconception of the cost savings of the cloud is “as high as ever”. 

Digital Edge has reached out to Plexxi to permit us to re-publish this White Paper, however have not yet received any feedback. If we are requested to do so, we will remove it from our White Paper section. 

This white paper is completely aligned with Digital Edge’s view on TCO and ROI. Additionally, this paper explains latest news from Apple, that the company is planning to build their own datacenters, thus leaving AWS with a few billion dollar gap in AWS’s yearly gross sales.

3/22/2016

Digital Edge Hardware Services

9/20/2015

Log Management Compliance - HIPAA - Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant technical and non-technical security standards to ensure individuals’ ePHI, “electronic protected health information”. Compliance with HIPPA requires information systems to be monitored using SIEM, Security Information and Event Management. The SIEM is a tool that guarantees immediate notification and analysis of conditions influencing the reliability of an organization’s ePHI data through actionable reports and forensic investigation.

9/20/2015

Log Management Compliance - FISMA - Federal Information Security Management Act

FISMA requires all federal agencies to document and implement controls for information technology systems that support their operations and assets.

LogIT simplifies FISMA compliance with its fully automated log collection, collecting and recovery across the agency’s entire infrastructure. Providing tools at the fingertip that align the organization’s risk assessment with forensic investigations, reporting, and prioritizing settings. LogIT already automatically achieves the first level of log analysis, by categorizing log data that is identified and stabilized for easy analysis and reporting.

9/20/2015

Log Management Compliance - ISO 27001 - International Organization for Standardization

The ISO 27001 standard is a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving management systems information security (ISMS) within the context of the overall commercial risks of the organization.

ISO language in relevance to log management: "Audit logs must be turned on for security events, user activities and exceptions. They must be kept for a predetermined period of time.". The task of organizing this information can be overwhelming. In addition to the millions of individual log entities that can be generated daily, all IT environments have reporting data logs. Additional recommendations to analyze and report on log data make manual processes or internally prepared solutions are insufficient and expensive for many organizations.

LET'S TALK: 800-714-5143