Until recently, we worked from a centralized, perimeter-based office space, and remote-working was an exclusive benefit offered by only a handful of companies. But with the pandemic imposing nationwide lockdowns, every business had to adopt remote working as a means of surviving the economic downturn.
Today, even after the initial crisis period has been averted, many businesses continue to take advantage of this work model. But this historic change in our age-old working culture also means a significant shift in the existing security posture implemented by businesses. So how is the remote-working trend changing the corporate cybersecurity landscape?
The dissolution of a centralized work model and the monumental rise of the work-from-home model are pushing the perimeter to the edge, connecting personal devices and company assets on less secure home networks. The mixing of corporate and personal home networks is, in turn, threatening business confidentiality, and the organizations’ cybersecurity teams are scrambling to protect the integrity and availability of the data entrusted to their care.
What’s needed is increased attention to building resilient infrastructures, which can stand up to tomorrow’s distributed and hybridized work-life. For that, security must become multi-layered, user education must become ongoing, and compliance must shift from a point-intime certification to a continuous due diligence assessment.
Enter General Informatics.
“As a managed IT services provider, we are assisting businesses to strengthen their cybersecurity measures beyond a centralized perimeter and across a distributed geography to support their remote and mobile workforces,” says Donald C. Monistere, President and CEO of General Informatics. To this end, General Informatics brings forth a perfect blend of managed cybersecurity services and cybersecurity consulting to get its clients up to speed with modern cybersecurity practices.
A Peek at General Informatics’ Managed Cybersecurity Services
General Informatics believes that the main goal of an organization’s cybersecurity practices is not about mitigating a breach. Rather, it is about how well that organization is positioned to avoid any cyber threats in general. Such a preventive approach to cybersecurity can help businesses save both human and financial resources that they would have had to spend to manage a security breach post its occurrence.
To implement this precautionary philosophy, General Informatics offers its managed cybersecurity service—Fortress 365— which takes a multipronged approach in preparing and safeguarding its clients from any cyberattack in their distributed, decentralized IT ecosystem. At first, General Informatics performs a ‘deepdive information security assessment’ for its clients as part of this service suite.
It is a three-step process, where the initial step is to assess a client’s network and prepare for the risks that might become a threat if left unattended. As a result, the clients become better suited to manage cybersecurity incidences with General Informatics’ mapped preparation and threat mitigation steps.
“In the secondary step, we detect the most vulnerable touchpoints of our client’s business through advanced email security, managed firewall, preventative malware, and ransomware defense, and then augment client’s security posture through intrusion detection services and security awareness training,” mentions Monistere.
As the third and ongoing step, General Informatics continues analyzing its clients’ operational environment, particularly how the client is putting cybersecurity best practices to use and responding to any issues that might exist within their environment, building a progressive roadmap for improving that security architecture. General Informatics’ clients can thus always be prepared to handle and mitigate any cyber threat that may arise.
“The other important part of our offering is our consultancy side,” notes James Thomas, Security Engineer at General Informatics. Thomas shares that in the present decentralized operational environment, businesses should have cyber security knowledge that is ‘a mile wide and an inch deep.’ To put it simply, this means that businesses should be well versed in as many different cyber threats as possible, and they should have the necessary knowledge to nip those threats in the bud. Otherwise, regardless of the security investment that a business makes, they can still put themselves at risk.
For instance, ransomware attacks often do not take place because of a weak firewall; these attacks occur when someone clicks on a skeptical email link. It is thus necessary for every individual employee to be able to differentiate between a suspicious and a harmless email.
Only then can organizations be completely shielded from ransomware attacks. Having the General Informatics’ team of consultants allows businesses to ensure that their employees are in alignment with the cybersecurity best practices and are equipped with the knowledge necessary to stay away from any potential cyber threats. “Going a step ahead, we can even supplement the consultancy services with our virtual CISO (chief information security officer) services to make our managed services more holistic,” mentions Thomas.
Adding a Layer of Security Governance in the Cybersecurity Mix
Ever since the shift to the work-from-home model, security governance has also become a priority for most businesses. “Previously, security governance was a critical component of highly-regulated industries like government, finance and banking, and healthcare.
As a managed IT services provider, we are assisting businesses to strengthen their cybersecurity measures beyond a centralized perimeter and across a distributed geography to support their remote and mobile workforces
Now, the popularity of decentralized work culture is making it an integral aspect of other businesses as well,” avers Thomas. Businesses in the current landscape not only need to protect intellectual property and data, but they also need to solidify security governance. This, in turn, is creating demand for consultancy firms with regulatory experience as well as maturity around different cybersecurity environments and frameworks.
General Informatics is capable of meeting this evolving security governance requirement and bringing a level of security measures to other business domains similar to the highly regulated sectors. The recent acquisitions of Unicom, CMS, and Versiant allows General Informatics to strategically augment its team of consultants, especially their cybersecurity experts with SMEs focused on highly regulated business verticals. “Leveraging this additional expertise and bench strength, General Informatics is now adding a stronger layer of security governance for its clients,” says Thomas.
Moving ahead, General Informatics is focused on strengthening its prowess even more and becoming a leading name even in the most regulated industries like healthcare and finance. To double down on this ambitious goal, General Informatics will also continue to increase its technical capabilities, both organically and through more acquisitions of companies like Unicom in the near future. “At the end of the day, security is not flip of a switch; it’s definitely not something that has a start and end date. It is a practice that continues, and so does our quest to perfect our client’s cybersecurity infrastructure,” concludes Monistere.