Security Framework Development

Tec-Refresh will analyze your network security and review configurations, network drawings/architecture, segmentation, and patching policies. We’ll also perform an initial vulnerability assessment to determine your current threat landscape.

What’s typically involved with Security Framework Development?

  • Tec-Refresh helps companies get started increasing the security of their network.
  • If unaware of security (doesn’t do assessments or penetration testing), doesn’t have security, anti-virus, firewall, etc., Tec-Refresh checks for overall security.
  • Firewall assessment review.
  • Network architecture review. Is segmentation in place to keep areas of network separated? Management services (to manage wireless controllers, firewalls, etc.) should be separate. IT admins should be separate. Servers should be separate. Different services and roles should be separate.
  • Check current vulnerabilities and patching policies. Checking for & developing automatic patching (Windows Server Update Services server – WSUS, System Center Configuration Manager – SCCM, Forescout) – Ensuring patching is happening quickly, not relying on users to patch.
  • Overall picture of network, how is security in place? Understand current threat landscape; level of vulnerability.
  • Help develop recommendations to limit threats (e.g., upgrade firewall from port-based to next-gen Fortinet firewall to filter traffic types, tune access control list – ACL.
  • Test users for spam, fishing, social engineering, vishing (voice phishing). Test users by asking them to give their passwords over the phone. Users can unintentionally provide access.

Business Benefits of Tec-Refresh’s Security Framework Development

  • Secure current threats (existing vulnerabilities, patching not being done, etc.).
  • Be proactive to block future threats (e.g., new firewall).
  • Added layer of security for future threats, user error.
  • Increased security.
  • More visibility into network, and what are target areas for penetration test or vulnerability assessment.
  • Tunes organization to be more secure.

Tec-Refresh, Inc. is an information security consulting firm which provides managed security services, risk management, and compliance services. Efrem Gonzales founded the company in 2010 on the principle of putting the customer first. Our solutions reduce complexity, simplify device compliance, and enhance network security. Contact us to see how we can put our IT expertise and experience to work for you!

What is digital transformation, and do you need it?