Client Area

This section can be repurposed a number of ways.

mobile-logo

April 2022

Hybrid Office
29 Apr

Modernize your workplace with Windows Virtual Desktop

by Mathew Mendel
in Cloud, Operations
Comments

The push towards the Hybrid Office has been wreaking havoc on small and mid-market businesses since before the pandemic.

To address the growing complexities and meet the needs of employees and employers, we’ve developed a secure virtual-workplace solution that leverages Azzure Virtual Desktop (AVD) and accommodates the performance and security needs of your business. 

Improve mobility
Virtualize employee access in the cloud, making it scalable, up-to-date, and available on any device

Ramp up security
Advanced security solutions help you control and manage identities, access, and prevent threats

Reduce costs

Simplify IT management and move away from and investment heavy CAPEX model to scalable OPEX 

Boost productivity

Leverage a suite of collaboration and communication tools to improve productivity

 

Whats a vulnerability assessment
22 Apr

Quick, What’s a Vulnerability Assessment?

by Mathew Mendel
in Security, Services
Comments

Can today’s business leader explain what a vulnerability assessment actually is?

Like trying to explain what water tastes like, or defining the word “the”, we’ve found that while today’s business leader is quite familiar with the term “vulnerability assessment” few can explain what a vulnerability assessment actually is.

 

Even more, ask three IT professionals what a vulnerability assessment is and you’re likely to get three different answers.  

So what is a vulnerability assessment? How often should you have one? How much should you expect to pay? And what’s the difference between a vulnerability assessment and a penetration test? .

Defining a vulnerability assessment as “the process of defining, identifying, classifying, and prioritizing vulnerabilities in computer systems,applications, and network infrastructures”, our friends at TechTarget have published an excellent article defining the process and detailing some of the finer points. Below is a summary of TechTarget’s publication, and a few of their highlighted best practices. (For a deeper dive into the process, check out www.techtarget.com/searchsecurity/definition/vulnerability-assessment-vulnerability-analysis) ‍

As explained by Linda-Rosencrance of TechTarget, a vulnerability assessment can provide an organization with the necessary knowledge to understand and react to threats within its environment. Organizations of any size, or even individuals who face an increased risk of cyber attacks, can benefit from some form of vulnerability assessment, but large enterprises and high-target organizations (eg. insurance agencies, financial institutions, accounting firms, medical offices, law firms) that are subject to attacks will benefit most from a vulnerability analysis as they provide an organization details on any security weaknesses in its environment and direction on how to assess the risks associated with those weaknesses. 

 

The process offers an organization a better understanding of its technology assets, security flaws and overall risk, thereby reducing the likelihood that a cybercriminal will breach its systems and catch the business off-guard.‍

Types of vulnerability assessments

·        Network-based scans: Used to identify possible network security attacks. This type of scan can also detect vulnerable systems on wired or wireless networks.
·        Host-based scans: Used to locate and identify vulnerabilities in servers, workstations or other network hosts.This type of scan usually examines ports and services that may also be visible to network-based scans. However, it offers greater visibility into the configuration settings and patch history of scanned systems, even legacy systems.
·        Wireless network scans: Focus on points of attack within the organization’s wireless network infrastructure. In addition to identifying rogue access points, a wireless network scan can also validate that a company’s network is securely configured.
·        Application scans: Test websites to detect known software vulnerabilities and incorrect configurations in network or web applications.
·        Database scans: Identify weak points in a database to prevent malicious attacks, such as SQL injection attacks.

Vulnerability assessment vs. pen test

A vulnerability assessment often includes a penetration testing component to identify vulnerabilities in an organization’s personnel, procedures or processes. These vulnerabilities might not normally be detectable with network or system scans. The process is sometimes referred to as vulnerability assessment/penetration testing, or VAPT.

 

However, penetration testing is not sufficient as a complete vulnerability assessment and is, in fact, a separate process.

A vulnerability assessment aims to uncover vulnerabilities in a network and recommend the appropriate mitigation or remediation to reduce or remove the risks. It uses automated network security scanning tools, and lists the results in an assessment report. However, it does so without evaluating specific attack goals or scenarios. Organizations should employ vulnerability testing on a regular basis to ensure the security of their networks, particularly when changes are made. For example, testing should be done when services are added, new equipment is installed or ports are opened.

 

 

Penetration testing, in contrast, involves identifying vulnerabilities and attempting to exploit them in order to attack. Although sometimes carried out in concert with vulnerability assessments, the primary aim of penetration testing is to check whether a vulnerability really exists and infiltrate the organization. In addition, penetration testing tries to prove that exploiting a vulnerability can damage the application or network.

Finally, while a vulnerability assessment is usually automated to cover a wide variety of unpatched vulnerabilities, penetration testing generally combines automated and manual techniques to help testers delve further into the vulnerabilities and exploit them to gain access to the network in a controlled environment.

For more information or to discuss how a vulnerability assessment can help your organization just complete the form below or set a time to connect.

Portions of this article were written by Linda-Rosencrance and published by TechTarget at www.TechTarget.com/searchsecurity/definition/vulnerability-assessment-vulnerability-analysis

Leap to the Cloud
12 Apr

The Business Case for Next-Gen Cloud

by Mathew Mendel
in Articles, Cloud
Comments

What will it take for your business to make the jump to the Cloud?

For this exceedingly traditional Los Angeles-based law firm it was a global pandemic and state lockdowns that almost brought the business to a stand-still.  

A  dynamic leader in the space, this entertainment law firm serves the hottest names in the music business and  reps hundreds of artists across all facets of their career. They provide a level of attention that allows their clients to navigate touring agreements and deals with major labels.

We’d been advising the partners on the risks associated with on-premise equipment and the benefits of Cloud technology. But, with no serious disruptions, their reluctance to embrace new technology meant they would continue to operate at a disadvantage.  

Take the leap to Next-Gen Cloud

Want to know how we did it? Complete the form below and download the business case.

Google Reviews
11 Apr

100 Five-Star Google Reviews (& Counting!)

by Mathew Mendel
in Articles, Operations, Services
Comments

As a distinguished IT services firm, we pride ourselves on great tech support!

Have you ever submitted a help desk ticket only to never hear back, or hear back and not have a solution to your problem? 

A strong IT services desk increases productivity and sets up your business for success. 

Don’t take our word for it…check out what our partners have to say:

To read all client reviews, see our Google Business pages at:

Overwatch Group – IT Services Los Angeles on Google 

Overwatch Group – IT Services New Jersey on Google 

 

Zero-Trust-Cybersecurity
05 Apr

The Case for Zero Trust Cybersecurity

by Mathew Mendel
in Articles, Operations, Security, Services
Comments

As the business community faces down cyber threats, one medical office is defending itself with a Zero Trust approach to cybersecurity

Physicians have always been at the front of the line when it came to technology integration. Among the first to realize the benefits wearing a pager, having a cell phone, using a tablet, and essentially digitizing their business, doctors and researchers are typical early adopters of mobile, Cloud and IOT systems. 

As attacks on the healthcare industry make weekly news, personal information (PII) floods the black market, and steep fines take their toll,doctors and practice administrators wonder what they can do differently. 

A holistic strategy, a Zero Trust approach to cybersecurity means that you:

     1) Verify Explicitly
     2) Use Least Privilege
     3) Assume Breach

Want to learn more? Complete the form and download the business case.

Zero Trust

 

150 River Road, Suite C-4
Montville, NJ 07045

2376 Westwood Blvd
Los Angeles, CA 90064

CONTACT

Email: partnerwithus@weareowg.com

Phone: 973-774-0055

Linkedin Instagram Twitter

SIGN UP FOR OUR NEWSLETTER!

© OWG | All rights reserved.