You are here
Securing your infrastructure
Securing your infrastructure: a never-ending story
Infrastructure vulnerabilities and misconfigurations are one of the most common vectors of cyber-attacks. Unfortunately, in the past few years, we have seen an explosive increase in reported vulnerabilities and security flaws. How can a company deal with what might otherwise be seen as a never-ending hassle?
Our approach: securing the full stack
Made popular by Vauban, with his multi-layered fortifications engineered in the 17th century, our strategy relies in adding multiple layers of defences by securing the full stack (also known as in-depth security).
While some companies will rely on a firewall alone, we strongly advise our customers to include security controls throughout the whole infrastructure, for every layer and component. We propose a unique, comprehensive but pragmatic approach, which fully integrates security in every layer and component of your infrastructure (non-exhaustive):
- Design secured network architectures (zoning, tunnelling, end-to-end encryption, etc.)
- Secure wired and wireless networks;
- Implement network firewalls and Web Application Firewalls (WAF);
- Harden systems;
- Continuous vulnerability scanning and management
- Implement Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM).
- Secure operational processes (system administrators segregation, securing remote accesses, implementing jump stations, etc.)
- Secure your applications
APPROACH can help your organisation to protect its infrastructure totally and sustainably by:
- Assessing the current level of security of your environments, by performing penetration testing, reviewing your architecture, assessing the current risk of your business applications or assessing your technical landscape.
- Training people about security.
- Assisting in controlling the relationship with third-party suppliers.
- Watching and reporting on security and the development of threats.
“Edenred takes privacy of its customers and employees very seriously. In Approach we found an ideal partner to help us assess our maturity level against the General Data Protection Regulation, establish and drive a roadmap with the objective to meet our compliance obligations.” Koen Reyniers, COO BENELUX EDENRED
Publications & events
Published on 27 February 2018
Securing your company against SPECTRE/MELTDOWN
Many articles, security bulletins, news and papers have been published so far on how these vulnerabilities can be addressed. This article...
Published on 26 February 2018
Can we really trust an antivirus when it comes to unknown threats?
Approach CSIRT Team reproduced a similar attack in its lab ...
Brussels Expo (2 days)
Approach at Infosecurity
Meet our experts to discuss about your cyber-security challenges and attend our session "the advent of mobile digital identity" at...