SECURITY SERVICES

BUSINESS

BENEFITS

• Protect the integrity and confidentiality of customer data

• Preserve key business assets, such as

intellectual property and commercially sensitive data

• Maintain availability of core business applications and systems

• Retain brand value, reputation and customer loyalty

• Ensure compliance with industry regulations and government legislation

• Support digital transformation through the adoption of cloud services, mobility and IoT

MARKET DRIVERS

THE EVOLVING THREAT LANDSCAPE

The challenges facing IT professionals are many

and varied. In an environment where threats are

continually evolving, becoming more numerous

and sophisticated, cybersecurity is challenged

with keeping up.

The increased adoption of mobility, IoT and

cloud-based services has served to provide

hackers with an increased number of entry

points to the network. This presents a growing

concern for many businesses; how to deliver

robust security across an extended network

without blowing the budget?

The borderless network – as organisations have

embraced mobility and BYOD, the traditional concept of a network border has become redundant. The ability to deliver applications and data to any user, on any device, in any location has become a business standard.

On average, 25% of modern business users are mobile at any given time. This presents a challenge for IT, as it must secure both data and devices; regardless of location, ownership or operating system.

The Internet of Things – in a connected, big data

world the number of devices demanding access to the network has grown exponentially. Everything from CCTV cameras to temperature gauges, heart rate monitors and fridges are all collecting, aggregating and sharing data.

Moving data to the edge of the network by using these everyday devices puts potentially sensitive data outside the traditionally secure “core” infrastructure. The IoT also adds layers of complexity to the network that increase the burden of management on IT.

The human factor – even with a clearly defined, access control policy, it is virtually impossible to guarantee that all your users are behaving responsibly, all the time. Without visibility of user activity and usage patterns across the entire network, you cannot identify what is normal and what is abnormal behaviour.

The inevitable breach – there are two types of organisation in this world. Those who have suffered a breach and those that will suffer a breach. The size and complexity of the threat landscape means a breach is almost inevitable.

In the event of a breach taking place, organisations need to do everything they can to reduce the time

it takes to detect, respond to and recover from an incident.

The rise of the hacker – according to a report from the National Crime Agency, the average cyber-criminal is not an idealistic, 35-year-old hacktivist. It’s a teenager looking to impress his or her peer group with increasingly sophisticated hacks. They are frequently not motivated by profit and start out cutting their teeth on smaller, less secure businesses; before moving on to more challenging systems. This means nobody is safe.

The cost of a breach – what happens in the event of a “successful” breach? According to a 2017 Ipsos Mori poll, the risk of losing customer data, trade secrets and business assets is the top concern for 80% of large UK firms. Beyond that, the fallout from a breach can result in significant financial penalties, a breach of compliance regulations and the loss of brand reputation or trust.

At the core of any effective cybersecurity strategy is how you are prepared before, during and after an attack.

Before - do you have visibility of network traffic and an understanding of who and what is on your network, so you can apply appropriate policies?

During - can you detect an attack, understand it and then prevent threats from spreading?

After - can you analyse the attack, define how to contain it and effectively avoid future attacks?

Having defined these principles, ask yourself: Can these be applied across my entire infrastructure?

RISK MANAGEMENT

Integration sits at the heart of effective risk management and mitigation. Introducing the concept of security by design and embedding security into

your infrastructure eliminates several areas of potential risk, including: resource shortages, a lack of in-house expertise, network sprawl and management complexity.

Whilst some issues are common among IT departments, every organisation will have a unique security profile. ONI has developed a flexible cybersecurity proposition that is built on three basic principles. Regardless of your technology stack, experience level or business objectives, we believe a system should be: secure by design, simple to deploy and easy to manage.

PRINCIPLES OF ONI SECURITY SOLUTIONS:

Secure by Design - data security, usability and simplicity are embedded within a best of breed architecture.

Simple to Deploy - open and automated architecture to speed up time to deploy integrated solutions.

Easy to Manage - automation, machine learning and user friendly dashboards to simplify management.

ONI SECURITY

BEFORE

DISCOVERENFORCEHARDEN

DURING

DETECTBLOCK

DEFEND

AFTER

SCOPECONTAIN

REMEDIATE

MANAGED SERVICES

THE EVOLVING THREAT LANDSCAPE

The cybersecurity landscape is continually evolving and new threats to your organisation emerge on a daily basis. In order to keep up with this rapid pace of change, the security posture and maturity of your business must evolve too.

Our vendor-agnostic security managed services are ideally suited to your unique and ever-changing needs, providing continuous, real-time protective monitoring of your environment.

SECURITY OPERATIONS CENTRE

Our UK-based Security Operations Centre (SOC) delivers fully-integrated security protection and threat detection services, providing end-to-end incident management and peace of mind. Features include:

• Security Incident & Event Management

• Global Threat Intelligence

• Incident Management Portal

• Real-Time Threat Monitoring & Analysis

• On-Call Crisis Management

A range of service options are available to suit your needs; including business hours monitoring, commodity packages and 24 x 7 bespoke services.

CONSULTANCY SERVICES

To ensure your setup is the best it can be, it’s important to have a clear understanding of your current security posture as well as the threats your users and customers face. Our security consultancy services include:

• Secure Start – Security gap analysis

• Infrastructure Audit - Build a strategic roadmap

• Passive Analysis – What can hackers see?

• Threat Assessments – Identify network vulnerabilities

• Penetration Testing – Targeted system testing

5 PILLARS OF

PROTECTION

PROTECT NETWORKS

Ensure the availability of business-critical data and applications with flexible, scalable edge security. Next Generation Firewalls deliver threat-centric visibility and control to block more threats and quickly mitigate those that do breach your defences.

Our solutions combine proven Firewall technology with next-generation IPS and advanced malware protection, helping you to see more and protect better.

ENABLE MOBILITY

Manage security regardless of location, device, or user. Our cloud-based, secure internet gateway offers simple deployment for powerful, effective protection. By using DNS to stop threats over all ports and protocols you can speed up investigations, reduce incident response times and uncover potential threats.

Your first line of defence against internet threats; ONI security solutions rapidly provide protection to all users, effectively protecting your systems without impacting on network performance.

CONTROL ACCESS

Centralise and simplify access control, plus gain insights into user and device data with feature-rich analytics. ONI solutions provide access across wired, wireless and VPN connections to deploy and enforce access control policies.

Administrators can create policies through security groups with software-defined segmentation, helping to reduce risk and lower operational costs. Stop and contain threats with automated vulnerability assessments to protect critical data and automatically remove infected endpoints.

MONITOR TRAFFIC

Respond rapidly to emerging threats and prevent lateral movement with our cloud-based monitoring solution. Improve security and incident response across your distributed network; from the office to the cloud.

Automatically detect early indicators of compromise, reduce false positives and gain actionable security intelligence. Our cloud-based service is simple to use and delivers both cost efficiencies and additional capacity within your IT security team.

CONTAIN THREATS

Detect, contain and remove advanced threats and malware across your network, endpoints and cloud. Global threat intelligence, advanced sandboxing and real-time malware blocking is designed to prevent breaches.

Should a breach occur, AV detection engines, machine learning, fuzzy fingerprinting and automatic protection help accelerate problem solving. Plus, the intuitive web-based management console provides easy access to endpoints, the network, email and web traffic.

SECURE START

A gap analysis that assesses your current skills, operating models, costs, vendors, products and resources and benchmarks them against your requirements. Outcomes are agreed against audit, regulatory, internal risk, overall appetite and policy.

Outcome: A phased plan to transition from current to future operating models.

PASSIVE ANALYSIS

A deep-dive that reveals exposed systems and users using information sourced from within the public domain and dark web. This technique is typically used as a reconnaissance activity by hackers ahead of an attack.

Outcome: A report containing risk senarios, identified and exposed systems, staff and employees, the potential cost of breach and details of historical attacks on your company.

CLOUD ASSESSMENT

Complete visibility of internet traffic across all locations, devices and users. You can even continue to benefit from protection after the assessment!

Benefits: Uncover current and emerging threats, proactively block malicious threats, identify infected devices and prevent data exfiltration.

AUDIT, ANALYSE &

ACTION

THREAT ASSESSMENT

A detailed on-premises threat monitoring and analysis service that:

• Identifies areas of potential vulnerability

• Details how to improve visibility of network traffic

• Leverages greater insight for informed decision making

• Identifies remedial actions

PENETRATION TESTING

Penetration testing can form an invaluable part of your ongoing security evaluation and protection. We can provide a targeted test of your IT systems designed to expose both internal and external vulnerabilities at an application and network level.

Penetrating testing also forms a valuable input to our Secure Start process.

COMPLIMENTARY

SERVICES

BACK-UP AND RECOVERY

When required, ONI can provide a backup and disaster recovery strategy to provide rapid, secure, reliable access to your essential business data and applications.

DATA RECOVER

ONI’s agentless Nimbus Data Recover service provides file and application level recovery from back-ups stored within our data centres. Back-ups can be self-managed through a dedicated online customer portal or form part of a fully-managed service.

SITE RECOVER

For more critical servers and applications, customers can choose to run Nimbus Site Recover services. Data is protected by journaling all disk writes of every virtual disk continuously and copying the journal entries to a secondary site. Time to recover is significantly reduced with recovery points provided every 5 seconds for up to 5 days.

DDOS - DISTRIBUTED DENIAL OF SERVICE

Access to the internet has become more than just a business enabler, it is one of the cornerstones of modern business.

A Distributed Denial of Service (DDOS) attack can have a serious impact on your operations. In the worst-case scenario, a persistent DDoS attack can result in extended periods of downtime, costing your business millions in potential revenues and damaging your reputation.

ONI can deploy industry-leading DDoS detection and mitigation technology to protect against a full range of DDoS attacks. By allowing “normal” behaviour but blocking anomalous activity you can maximise the effectiveness of your online connectivity, even under attack conditions.

WHY ONI?

Established in 1992, ONI plc is a leading provider of IT solutions and services to both public sector and commercial markets. Privately owned, we offer a comprehensive range of on-site, cloud and hybrid technology solutions.

We have worked hard to establish ourselves as a centre of excellence for digital transformation, but we’re not resting on our laurels. We have ambitious plans for even further growth over the coming years, which will see us increasing both our capacity and range of services. Keen adopters of new technologies, we are proud of our reputation as innovators.

Our expertise already spans core network infrastructure, unified communications and collaboration, contact centre solutions, data centre services, connectivity and cybersecurity.

ONI cloud services are delivered from our own Tier 3+ Data Centre, located in the South East of England, and include infrastructure, disaster recovery, UC, collaboration and contact centre solutions as-a-service.

ONI is committed to providing our customers with the availability, performance and agility required to transform their business. It’s what we call Business Assured and comprises three core pledges.

100% UPTIME GUARANTEED

Most service providers promise four 9’s or even five 9’s in terms of availability, but 99.99% uptime still means you are without service for 52min 35s every year. When dealing with business-critical applications, we don’t think you should compromise on availability. If you pay 100% of your fees, you should get 100% availability.

Our commitment to 100% uptime underpins our data centre and managed service portfolio; providing our customers with peace of mind that they will always have access to their data and applications.

ON-PREMISES OR CLOUD AGNOSTIC

For many organisations, the future of IT lies in a hybrid converged infrastructure that features elements of on-premises, colocation and cloud-based products and services. But getting agnostic advice on the best place to deploy each application can be difficult.

Cloud service providers naturally will only ever promote as-a-service propositions. Likewise, legacy systems integrators will have experience of on-premises hardware but not the skills necessary to transition services successfully to the cloud. In contrast, ONI offers the best of both worlds.

By combining legacy on-premises solutions with our Data Centre services, our customers benefit from transformative digital solutions, deployed where they add most value. Our agnostic approach to deployment helps organisations to gain a competitive advantage by reducing costs and delivering leaner, less complex IT solutions.

PREDICTABLE AND TRANSPARENT COSTS

Cloud services from ONI are provided from a single orchestration platform; one that offers a simplified product range and an all-inclusive price, based on customer usage. There is no need for specialist procurement knowledge to understand a complex product offering or EA pricing structure, let alone fluctuating exchange rates, making it easy to stay in control and avoid unexpected spiralling costs.

ONI Assure Managed Services provide unmatched details about the status of IT infrastructure devices; enabling IT professionals to make better informed investment decisions about life-cycle management and avoid unnecessary costs. Improved visibility of contract renewals, or when devices reach end-of-life and end-of-support, makes budgeting more accurate and more predictable.

01582 429 999www.oni.co.uk

marketing@oni.co.uk16-24 Crawley Green Road, Luton, Bedfordshire LU2 0QX

AVAILABLE FROM ONI:

• Managed Services & Support

• Hosting & Colocation

• Networking & Connectivity

• Back-Up & Disaster Recovery

• Cybersecurity Solutions

• Contact Centre Solutions

• Mobility & Collaboration

• Unified Communications

Established in 1992, ONI plc is a leading provider of IT services and solutions. We deliver a unique blend of on-site, hybrid and Cloud computing systems, from our Tier 3+ UK data centres.

Our workforce holds over 400 accreditations from vendors such as Cisco, VMware, NetApp, Veeam, Gamma, BT and Microsoft.