SECURITY

Organizations embracing the flexibility of Cloud technology, including Microsoft 365, Azure, AWS, Google, and others, face crucial security considerations. Nova provides secure tools to navigate this transition effectively.

Improve your cloud security with Nova’s expert services. We specialize in:

• Robust Access Management: Implementing multifactor authentication to mitigate cloud risks.
• Cloud Brokerage Solutions: Seamless integration of data centre and cloud interfaces.
• Advanced Cloud Architecture: Protection against data breaches, leaks and loss through strategic layering and segmentation.
• Server and Application Hardening: Strengthening cloud servers, firewalls, and encrypting data at rest to secure your APIs and applications.
• Microsoft 365 Security: Safeguarding user access and your organization’s files.
• Optimized Cloud Storage: Ensuring proper configuration for maximum protection.
• Resilient Backup and Business Continuity Plans: Preparing for any scenario to keep your business running smoothly.
• Comprehensive Website Protection: Defending against DDoS attacks and enhancing web security.
• Intrusion Detection Systems: Proactively identifying and mitigating threats.
• Zero Trust Framework Implementation: Learn how to never trust, and always verify.

What is Zero Trust?

With today’s IT environment typically consisting of remote and hybrid workforces, information in the cloud and mobile devices, the old security model of a solid perimeter is no longer sufficient in the face of new cyber threats emerging all the time.

Zero Trust is supported by all three leading security standards, ISO 27001, SOC 2 and NIST.

According to NIST 800-207, Zero Trust principles include

1. Continuous verification: Grant access on a per-session basis. Require authentication for each device, user and application. Limit access to the time necessary to complete the task.
2. Minimise the impact of a breach: To contain threats, use network segmentation. Assign minimal privileges to users or system accounts using the principle of least privilege.
3. End-to-end automated monitoring, intelligence gathering and response:
   • Monitor security at all levels: user, endpoint, network, application and cloud.
   • Examine user behavior, detecting logins and unusual activities.
   • Monitor workloads and data sources.
   • Collect threat intelligence.
   • Automate analysis, alerts, and reviews.
   • Implement automated responses such as user access restriction, endpoint quarantine, and account lockout.
   • Apply dynamic policies that assess and adapt to risk.

Contact Nova to find out more about your organization’s path to Zero Trust.

Organisations need to foster a culture of security awareness to protect against hackers targeting users and their endpoints (workstations, mobile devices). This includes mandatory training for employees on best practices in IT security, such as how to recognise phishing emails, how to avoid dubious downloads and how to use secure networks.

Robust endpoint security is also essential for cybersecurity insurance.

Nova enhances your Endpoint Security by implementing robust measures including:

• Comprehensive antivirus software deployment on all devices
• Multi-layered defense systems for threat detection and attack prevention
• Secure VPN services with multi-factor authentication (MFA) and enhanced Remote Desktop Protocol (RDP)
• Enhanced email protection with anti-spam filters
• URL filtering to prevent accessing harmful or restricted websites
• Detection of unauthorized devices on your network
• Effective access and identity management
• Strengthening security for laptops and tablets used by traveling staff
• Establishment of a Bring-Your-Own-Device (BYOD) policy
• Adopting Zero Trust principles for enhanced security

Bringing your business into compliance? Want to be certified to a security standard? Nova can be your guide to compliance!

PHIPA, PIPEDA, PIPA – Canadian federal and provincial privacy laws (PHIPA applies to health records)

HIPPA – Health information privacy law in the US

GDPR – EU regulation on the protection of personal data – some organizations outside Europe must comply

Security Standards Compliance

‹›

To protect the confidentiality, integrity and availability of data, Nova Networks uses cyber security best practices.

Nova Networks is proudly ISO 27001 certified and SOC 2 Type 2 compliant!

Make sure that your organisation has the best security standards in the industry with no blind spots! A third-party auditor is required to validate controls for some standards. Nova offers a cost effective ‘pre-audit’ to ensure you are ready.

Cybersecurity threats are constantly changing, and keeping up can be a challenge.

Let Nova help you meet these challenges.  Our experts provide 24/7 cybersecurity support. Tell us what you need. We can create a service that is tailored to your specific needs.

Whatever your needs, our à la carte programmes are flexible.

Improve your security posture with a comprehensive range of services from Nova:

• Managed Patching – Leave the hassle of server (Windows, Linux) and workstation patching to Nova.
• Managed Firewall – Enjoy hassle-free firewall management, including patching, rules, monitoring, uptime, and anomaly detection.
• Managed SIEM – Benefit from proactive threat monitoring and rapid response to threats.
• Managed Endpoint Protection – Nova provides top-notch antivirus and proactive defense management for robust endpoint security.
• Virtual CISO – Strategic advice and organisational support.
• Managed Security Incident Management – Rapid action from our expert response team in case of a security incident.

While every employee has to be aware of and proactively defend against security threats, members of the executive team have the additional responsibility for the policies, processes and procedures that must be followed to protect the company from cyber threats and to defend against an attack when it is threatened.

Effective cybersecurity governance across all facets of business operations is essential in the face of growing cyber threats. The focus of Nova’s security governance team is on:

• Identify and assess risks when developing or expanding business offerings. Implement mitigation strategies.
• Managing the deployment and utilization of IT environment components, services, systems, applications, and subscriptions to fortify the business
• Cultivation of a cyber-secure workforce through training and awareness initiatives, regardless of their work location
• Develop robust disaster planning and business continuity measures to ensure seamless operations following a cyber-attack
• Establish transparent channels of communication that keep employees up to date on threats, the company’s defences and its ability to recover
• Continuously monitor and improve the company’s cybersecurity performance.

Cybersecurity governance training equips management teams with key insights on:

• The critical role of cybersecurity in all business operations
• Tailor-made policies and strategies to identify, assess and mitigate security risks
• The importance of business resilience, emphasising the need to review and test Disaster Recovery and Business Continuity (DRBC) plans regularly.
• The support of industry best practices (such as ISO 27001) in improving cybersecurity policies and strategies
• Understanding and complying with legal and regulatory requirements relating to cybersecurity (e.g. PIPEDA)
• Understanding the functions and duties of an effective Cyber Security Governance Committee.

In today’s digital security environment, businesses are constant targets for cyber threats. To protect sensitive data and maintain customer confidence, executives must focus on IT security.

Nova Networks’ security experts can help you assess your vulnerabilities, “harden” your IT security and identify problems before they happen. Nova will also help you recover from disasters as quickly as possible and then put in place preventative processes. Securely and discreetly.

Every day businesses face a sea of cyber threats. From cyber threats to cyber-attacks, the risk and safety of your data is very real. Understanding these threats is the first step in developing a comprehensive cybersecurity defense strategy.

Nova is here to help!

Our security team is passionate about protecting your organisation. Our team of experts will assess your needs and advise on the development of a security roadmap that you can follow.

Security Audit

This in-depth audit assesses your organisation’s security posture against the best cyber security standards: ISO 27001, SOC 2 and NIST, all of which have information protection controls. The assessment looks at the confidentiality and integrity of your system and the security of your data.

Audit activities include

• Validation of controls using screenshots
• Policy and procedure documentation
• External vulnerability scanning
• Site walkthrough
• Interviews with staff and management
• IT asset risk assessment
• PCI, PHIPA and PIPEDA compliance review

Vulnerability Assessment

1. Nova Security team performs vulnerability scan against all external/internal IP addresses
2. The scan results are analysed and prioritised
3. Vulnerability management recommendations are made

Penetration Testing

Nova offers a range of options for pen testing and will usually recommend a non-intrusive approach.  The Nova Security team will perform penetration tests to identify vulnerabilities. They will attempt to penetrate data sources such as databases, cloud or file shares.

Vulnerabilities in the exposed sources are reviewed during the assessment.

Red Team (attacker) vs. Blue Team (defender) simulations can also be conducted.

Nova also offers:

• Security standard audit
• Social engineering and phish vulnerability assessment
• Ransomware simulation and risk assessment
• PCI compliance readiness assessment

Information Security Risk Assessment (against a security standard such as SOC 2, ISO 27001 or NIST)

Security will always be a business priority. Protecting business intelligence, operational processes, investments, property and employees is paramount. Nova Networks has the services and people to keep your organisation secure and protected.

Our a la carte programmes are flexible to whatever your needs may be. Tell us what you need. We can tailor a service to meet your specific requirements.

Our services include:

Secure your business’s future with Nova’s comprehensive protection strategies, tailored for today’s digital landscape. Our security services safeguard against a myriad of threats, including:

• Market Shifts & Competitive Pressures: Stay ahead in a rapidly evolving marketplace.
• Economic Instabilities: Build resilience against financial fluctuations.
• Physical Security Risks: Protect your physical assets and workforce.
• Technological Threats: Safeguard your digital infrastructure, encompassing business intelligence, operational processes, and critical financial and human resource systems.

Bring your business security into the digital age through expert training and strategy from Nova covering key areas such as

• Phishing Awareness: Learn to spot and avoid deceptive emails.
• Safe Downloads: Understand the risks of unsafe downloads and how to avoid them.
• Secure Networking: Use networks safely to protect sensitive information.

By fostering a culture of security awareness, Nova can help your organisation to navigate the digital landscape with confidence and peace of mind.