What happens when you sign up to the ZoneFox Service?



Similar documents
Caretower s SIEM Managed Security Services

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Ecom Infotech. Page 1 of 6

Privilege Gone Wild: The State of Privileged Account Management in 2015

Firewall Administration and Management

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Privilege Gone Wild: The State of Privileged Account Management in 2015

Log Management Solution for IT Big Data

BIG SHIFT TO CLOUD-BASED SECURITY

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services

Your guide to the Payment Card Industry Data Security Standard (PCI DSS) Merchant Business Solutions. Version 5.0 (April 2011)

Server Monitoring: Centralize and Win

Lot 1 Service Specification MANAGED SECURITY SERVICES

Data Privacy and Security for Market Research in the Cloud

GPG13 Protective Monitoring. Service Definition

Nine Steps to Smart Security for Small Businesses

Modern two-factor authentication: Easy. Affordable. Secure.

How to Define SIEM Strategy, Management and Success in the Enterprise

The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Logentries Insights: The State of Log Management & Analytics for AWS

Public or Private Cloud: The Choice is Yours

Cyber Security - What Would a Breach Really Mean for your Business?

CONTINUOUS LOG MANAGEMENT & MONITORING

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

VENDOR MANAGEMENT. General Overview

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services

PSN Protective Monitoring. Service Definition

STREAM Cyber Security

A Risk Management Standard

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

External Supplier Control Requirements

Regulated Applications in the Cloud

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Making the difference between read to output, and read to copy GOING BEYOND BASIC FILE AUDITING FOR DATA PROTECTION

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

VULNERABILITY MANAGEMENT

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Securing and Monitoring Access to Office 365

Continuous Network Monitoring

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012

MANAGED SECURITY SERVICES (MSS)

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security

AccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst

The Education Fellowship Finance Centralisation IT Security Strategy

Aberdeen City Council IT Security (Network and perimeter)

The business case for managed next generation firewalls. Six reasons why IT decision makers should sit up and take notice

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

High End Information Security Services

CHANGE MANAGEMENT PLAN WORKBOOK AND TEMPLATE

<COMPANY> P01 - Information Security Policy

whitepaper Ten Essential Steps for Achieving Continuous Compliance: A Complete Strategy for Compliance

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Cloud and Data Center Security

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

LOG MANAGEMENT: BEST PRACTICES

Enterprise Security Solutions

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

The Cyber Threat Profiler

Avoid the Hidden Costs of AD FS with Okta

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

ALERT LOGIC LOG MANAGER & LOGREVIEW

Guideline on Implementing Cloud Identity and Access Management

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Protect Your Connected Business Systems by Identifying and Analyzing Threats

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

TELEFÓNICA UK LTD. Introduction to Security Policy

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Quick Guide: Managing ICT Risk for Business

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

developing your potential Cyber Security Training

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

Microsoft Dynamics Lifecycle Services

Trend Micro. Advanced Security Built for the Cloud

Transcription:

What happens when you sign up to the ZoneFox Service? Overview According to the highly respected Verizon 2014 Data Breach Investigations Report 1, 2013 set a new record for the number of data breaches from external threat actors, and the percentage of breaches from internal threat actors continues to increase in percentage terms year on year. Customers usually buy ZoneFox for one of two key reasons they want to minimise the loss from a potential breach of their perimeter defences or else they have already been breached and have lost valuable business data or intellectual property and they want to decrease the time to discover a future breach and minimise any costs resulting from it. ZoneFox s rapid, zero-configuration deployment combined with a tried and tested on-boarding process ensures that you and your data are protected in the shortest time possible. When we start to work with a new customer, we at ZoneFox have a standard procedure to on-board them which ensures: Immediate monitoring of key data and intellectual property Your data is protected using ZoneFox s standard alerting package which is built on best practices from standards including ISO27001, HIPAA and PCI DSS. Your team is trained on how to understand any alerts triggered by suspicious user, machine or process activity within your organisation. In this white paper, we detail the process that we go through with a customer to help them achieve these benefits. 1 Verizon 2013 Data Breach Report http://www.verizonenterprise.com/dbir/2014/

ZoneFox s On-boarding process Review Deployment Model 2 Days Project Initiation 2-3 Days Trial and Fact-Finding (Only if Trial not already done) 2-4 Weeks Agree roll-out plan and hardware requirements 2 Days System roll out and early support 1 Week Retrospective Review Security Policy and Core Rule Set 2-3 Days Administrator set up and training 2 Days Phase 1 Phase 2 Phase 3 Phase 4 Phase 5

Project Initiation At the outset of the project, we will agree with the customer the key contacts during the project, including: Client-Side: o Business Sponsor o System Administrator(s) o Support-reporters ZoneFox o Account manager o Support contacts We will discuss the aims for the project and what the key success measures are from the client s perspective. We will also agree target dates for the project and discuss any regulatory, audit or other milestones. Based on these discussions, a project plan will be written by the ZoneFox team and agreed with the customer. Indicative Duration: 2-3 Days Trial and Fact-Finding If a customer has not participated in a trial before purchasing ZoneFox, we would strongly recommend that they undertake an initial 2 to 4 week period of system monitoring to build a baseline of gathered data. This is a highly valuable process as it allows us to make more effective decisions if we understand data volumes and other factors specific to the customer. The process of managing a customer data-gathering trial is detailed elsewhere but includes: Agreeing duration of a trial Setup of trial environment (local or cloud-based) Weekly account management call Review of findings from data gathered Indicative Duration: Up to 4 weeks Review Deployment Model One of the key decisions that must be made is the type of deployment that a customer requires on-premises or cloud-hosted. The choice of on-premises or cloud deployment is entirely up to the customer and may be influenced by the following: Appetite for CAPEX versus OPEX expense. An on-premises solution requires the up-front purchase of hardware for a ZoneFox deployment but it brings predictable monthly costs. A cloud deployment has

little initial capital expenditure and a variable operating expense depending on the capacity of cloudbased resources required each month Security. Some clients prefer not to stream data to a cloud hosting environment due to perceived security weaknesses. Company strategy and policy may mean that one deployment model is preferred over the other. Prior to planning the roll-out of ZoneFox, a client must decide which of the two models of deployment is preferred. Indicative Duration: 2 Days Review Existing Security Policy and Core Rule Set ZoneFox is deployed out the box with a recommended base rule-set created by the ZoneFox team. These rules have been defined by the Cyber Security team at ZoneFox with reference to ISO27001, HIPAA and PCI DSS security policies. We will explain and review these core rules with the customer. If a client has an existing security policy, the ZoneFox team will additionally review that policy with the customer and plan any additional rules required. Indicative Duration: 2-3 Days Administrator set up and training A nominated individual or individuals will be shown the ZoneFox administration interface and the system will be fully demonstrated to new administrators. This training will cover: ZoneFox terminology, concepts and fundamentals Logging into the administration console Understanding and configuring the Dashboard Using the Alerts page How to configure new rules Searching for historic alerts and events Administration of agents, system status and users Using the Daily and Weekly Summary Reports How to use ZoneFox to conduct a forensic examination of recorded data Some customers require additional, complex rules in addition to the core rule-set and following administer training, we can assist a new client in configuring these additional rules, if required. Indicative Duration: 2 Days

Agree roll-out plan and hardware requirements Once the customer has decided on their chosen deployment model (on-premises or cloud-based) and after initial data gathering, the ZoneFox team will assist in planning the hardware requirements for the system and roll-out plan. We recommend a staged roll-out, possibly based on department, geography or corporate function. Indicative Duration: 2 Days System roll out and early support The ZoneFox team will assist with the roll-out of the system and we will be on hand to support any queries that you have regarding the system. Indicative Duration: First week of operation Early-Stage Support We recommend to all new customers that after the system goes live, we hold meetings at the end of weeks 1, 2 and 4 in addition to the regular account management meetings to ensure that the system is working effectively. Indicative Duration: Meetings at the end of weeks 1, 2 and 4. Meetings usually less than 1 hour. Retrospective 3 months after Go Live, ZoneFox will organise a retrospective with the key project stakeholders to review how well ZoneFox met their expectations, discuss whether all the original success criteria have been met and to seek feedback from the customer on improvements that ZoneFox could make to the on-boarding process. Indicative Duration: Meeting lasting up to 2 hours.

Conclusion ZoneFox s rapid, zero-configuration deployment combined with a tried and tested on-boarding process ensures that you and your data are protected in the shortest time possible. Whether your concern is the loss of key company data, the theft of your intellectual property, reducing the time taken to discover a breach, or ensuring that your existing controls are effective and aren t being abused, ZoneFox can be set up to start protecting you in less than 24 hours. Using ZoneFox to stop data loss reduces the financial and reputational loss of a data breach, protects your competitive advantage, enables you to safely do business with partners, and demonstrates compliance with your key regulatory requirements.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information