improve through better technology

Managed Security

Managed Security (sometimes called Security Operations Centre or SOC) is almost always paired with Managed Services (which is one of a Network Operations Centre [NOC] and/or Helpdesk). Managed Security adds 24/7/365 active monitoring of security incidents to your Managed Services.

What is a SOC?

A SOC or Security Operations Center is a group of staff who monitor for security alerts and events from a remote location. To qualify as a SOC it must be 24/7/365 and it must be staffed by experts in cyber security. Most SOC are staffed and trained by former members of law enforcement or national security services (think the NSA or CICIS).

Your network has added software and hardware that logs all security-related events and activities, and the SOC uses a combination of AI and real-life humans to investigate every “weird” activity they see.

For any SOC to be effective, you must add a SIEM to your environment (see below).

Get Started

Who is at Risk of Cyber Attacks?

Cybersecurity threats are a concern for local and global organizations alike. The risks posed by malware, ransomware, data breaches, denial of service attacks, and spear-phishing are now at an all-time high. If you think your company is too small or doesn’t have enough data to be targeted, think again. Small to medium-sized businesses (SMBs) are not just a target, they are now the preferred target.

0 %

of cyber attackers target small businesses

0 %

of SMBs go out of business within 6 months of a cyber attack

0 %

of data security breaches are caused by human error and system failure

What is a SIEM?

Security Information and Event Management (SIEM) is software that logs and analyzes any activity on the devices that it is configured to monitor. For a SIEM to be effective, every point where a bad actor (a hacker) can try to access your systems needs to be monitored.

This means firewalls, Wi-Fi access points, desktop and laptop computers, switches, cloud services and servers at a minimum. Any point where someone can try and connect to your network or install hacking software.

The SIEM software reviews the events that occur, and strips out the day-to-day. It analyzes information using a machine learning (AI) approach and pinpoints risky events.

The SOC team (see above) then evaluates these risks and addresses them in real time.

Get Started

The Managed Security Process

Security starts with a properly functioning environment. Keep your IT system in good shape with regular (weekly) preventive maintenance.
Informed and supported end-users make fewer "bad calls" - so make sure your users are educated about security and feel comfortable reaching out to "double check."
Proactively managed IT environments are more secure if patches and critical updates are maintained.
Add 2 Factor Authentication (2FA) to all "risky" logins.
It's "easier" for users to work if they are "administrators" of their computers. It's also way easier for hackers to hack when users are administrators. Remove this from everyone.
Operate as a Zero Trust company. Trust nothing.
Add 24/7/365 active monitoring of security related events to all major equipment from a firewall to a handheld scanner.

These and others are all necessary activities to cut the risk of a Cyber Security breach.

What Should You Budget?

Even a one employee company with firewall, endpoint and cloud services could easily pay over $500 for SOC services. A 20 to 40 employee site might be $2000 to $3000, depending on the complexity.

The SIEM software is combined with a SOC to monitor your network and prevent cyber intrusions. For a SIEM to really be effective, a 24/7/365 team needs to be behind it to ensure it stops cyber attacks, not just records them.

Here are the major devices (and approximate costs) for SIEM and SOC services:

SIEM Capable Firewalls – not every firewall can be monitored. Only very high end firewalls have this capability. Expect between $400 and $2000 a month for the combination of the hardware rental and monitoring services. NOTE: This represents one of the most critical areas of monitoring for security as all data passes through your firewall going in or out of your network.
Endpoints (laptops and desktops) – add about $30 per month each without managed services (not recommended by itself).
Network Devices (range from tablets to printers to other misc. devices) – add about $30 per month also.
Cloud or Software as a Service monitoring – costs around $550 per month to properly monitor Office 365 or Google G-Suite for intrusion.
Servers – ironically, servers are the same cost as endpoints. They have the same risk profile as a desktop or laptop computer.

* These are rough estimates only.

Get More From Your IT Assets

We offer end-to-end IT and security solutions to businesses of all sizes across Canada, helping our clients leverage our expertise to drive better business results, secure their businesses, and stay competitive.

Schedule a free call with Evan Jolliffe

Schedule a Call