Services

IT CONSULTING

As technology continues to evolve faster than ever, more businesses struggle to keep their infrastructure both easy to maintain, yet up-to-date with the latest technology.

In order to keep your network at its peak performance, ABNS begins with a network assessment to identify areas that can be streamlined to improve efficiency. Next, best practices methodology is used to develop a plan customized for the needs of your business or organization.

ABNS is staffed with IT professionals with experience from a variety of vertical markets including healthcare, legal, banking, financial, restaurants/hospitality and retail. Our standards-based approach ensures that we will help you find the exact IT formula to help your organization thrive, while conforming to your standard practices.

Many industries are governed by regulatory bodies that impose strict guidelines as to how data must be stored and disseminated. Utilizing IT professionals who are certified and specialized in your vertical market ensures that your Technology Infrastructure conforms to the standards specific to your industry, such as HIPPA, FDIC and PCI Compliance.

At ABNS, our goal is to provide you with an efficient, streamlined system that is cost-effective and tailored for your business. For more information about our IT Consulting or any of our other services, please call 708-478-5025, or contact us for more information.

MANAGED IT SERVICES

At ABNS, we take a proactive approach to your network’s safety and security. After all, a security breach can not only compromise your data, it could bring down your entire network and business operations. While no single solution is fail-safe, we use best practices to plan and implement layered security systems using both software and hardware solutions designed to protect your network. This ensures that if a system is compromised, there are protections within the system designed to detect and respond.

We protect your systems from a variety of threats including the following:

  • Viruses/Worms
  • Spyware/Adware
  • Data theft/interception
  • Denial of service attacks
  • Unauthorized access
  • Attackers/hackers/bad actors
  • Identity theft

We use the following technologies to create a Network Security plan that is customized for your network.

Network Security Controls

These include the placement of preventative controls to prevent an attack from occurring, detective controls to identify if a security breach has occurred and corrective controls to limit damage. These keep your network running smoothly or return it to optimal performance as quickly as possible.

VPN (Virtual Private Network)

Managed VPNs allow your remote workers to securely access internal networks.

Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)

IPS and IDS work in tandem to prevent unauthorized access or attacks to your network. IDS is a passive system that monitors data packets coming through the network. It also detects suspicious items that slip through a firewall, such as data-driven packets, unauthorized logins and malware-like viruses, worms and Trojan Horses. When unauthorized intrusion or suspicious activity is detected an IDS alerts the system.

IPS works in conjunction with IDS, but unlike an IDS, Intrusion Prevention Systems sit in line with traffic flows on the network. From there, they can actively prevent and block intrusions that are detected. IPS can stop attacks when they occur by actively dropping packets or disconnecting connections that contain unauthorized data.

Firewall Technologies

These help prevent unauthorized access to or from a private network.

Vulnerability Scanning

Scanning evaluates the security of a system and discovers potential points for an exploit. A vulnerability scan of a system in computers, networks and communications equipment detects and classifies weaknesses and predicts the effectiveness of countermeasures.

At ABNS, we take a proactive approach when it comes to our clients’ technology needs. Our best practices approach ensures that you have the latest in network security options. For more information about our Managed Security or any of our other services, please call 708-478-5025, or contact us for more information.

BACKUP & DISASTER RECOVERY

Businesses generate large amounts of data and data files are changing throughout the workday. Data can be lost, corrupt, compromised or stolen through hardware failure, human error, hacking and malware. Loss or corruption of data could result in significant business disruption

Data backup and recovery should be an integral part of the business continuity plan and information technology disaster recovery plan. Developing a data backup strategy begins with identifying what data to backup, selecting and implementing hardware and software backup procedures, scheduling and conducting backups and periodically validating that data has been accurately backed up.

Tapes, cartridges and large capacity USB drives with integrated data backup software are effective means for businesses to backup data. The frequency of backups, security of backups and secure off-site storage should be addressed in the plan. Backups should be stored with the same level of security as the original data.

An information technology disaster recovery plan (IT DRP) should be developed in conjunction with the business continuity plan. Priorities and recovery objectives for information technology should be developed during the business impact analysis. Technology recovery strategies should be developed to restore hardware, applications and data in time to meet the needs of the business recovery.

Businesses large and small create and manage large volumes of electronic information or data. Much of that data is important. Some data is vital to the survival and continued operation of the business. The impact of data loss or corruption from hardware failure, human error, hacking or malware could be significant. A plan for data backup and restoration of electronic information is essential.

For more information about Cloud Services, please contact us online, or call 708-478-5025.

PCI COMPLIANCE

A mid-size restaurant franchise identified they didn’t have the required in house technical talent to address their PCI compliance requirements. It required continual monitoring of the scans, attesting to the scans, resolving discrepancies in scope and identified vulnerabilities. They were overwhelmed and often weren’t confident they were addressing PCI adequately. They reached out to ABNS to address their needs and requirements. As a result, ABNS now manages their PCI ASV scans performed by their ASV scanning vendor. We review and address identified vulnerabilities, schedule re-scans, resolve scope discrepancies. We work directly with their ASV vendor to offload the challenges they were facing.

Every year, businesses are in danger of data breaches that compromise customer information. According to an annual report by Risk Based Security, last year saw a new peak in breach incidents: 3,930 occurrences resulting in over 736 million exposed records.

Data security is a serious business concern, especially considering that nearly 60% of small businesses go bankrupt after a breach.

If your business accepts debit/credit payments, you may be familiar with Payment Card Industry (PCI) compliance, the security requirements and measures instituted by the industry. However, many new businesses (and some well-established ones) are unfamiliar with PCI compliance altogether.

PCI compliance refers to a set of mandatory standards and rules written and enforced by the Payment Card Industry, namely Visa, MasterCard, American Express and Discover.

Any company that stores, processes or transmits credit and debit card payments is required to meet the PCI Security Standards Council (SSC) guidelines and annually demonstrate compliance or else face expensive fines and the possible loss of the authority to process transactions.

DATA SECURITY

The SSC has laid out twelve broad requirements for PCI compliance. While these requirements must be met, they do not detail specifically how your business must meet them. For example, companies must use and update anti-virus software, but the SSC does not specify which software must be used.

In order to implement these standards, the SSC provides a Prioritized Approach to PCI Compliance guide.

Data Security Standard Requirements:

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need-to-know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security