We Take Our Own Security Very Seriously

Read On If You Want To Get a Glimpse On Our Internal Security And Processes.

Our Security

Your Peace Of Mind

Your network, security and ultimately your peace of mind can only be as good as your IT company’s security. We take our internal security very seriously and to be fully transparent with you, a potential client, our processes and systems will be listed here so you can decide for yourself. 

As much as we would like to disclose our systems by industry brand name – we do not utilize any “home grown” software – it’s better that we keep those names under wraps for everyone’s benefit. 

Team Member

Screening Process

Trust and relationships go a long way so when we take on a new member of our team we do make sure they are a right fit.

A potential candidate is vetted first before their resume even makes it to the selection process. After the initial interview they are interviewed by a second member of our team we have 2 internal opinions and insights to work with. 

If they are the right candidate they do undergo a background check and are required to provide 3 letters of reference. The 3 letters are preferred to come from a previous employer but we don’t accept any letters from family. 

When they join our team they are given limited access to our systems and documentation as they go through a training period. The new team member is evaluated during this training period to make sure it’s a long term fit. 

Interview
Documentation

All Our Documentation

Is In A Audited System

There is a documentation platform that is used by many IT companies and it’s considered to be the “Cadillac” of IT documentation systems. This is where we keep most of our client passwords, processes and general documentation of their structure. 

All of our documentation on clients is kept in this system only where we can control it and every single action is kept in audit log. More importantly all of our user accounts are integrated with Office 365. In other words for any of our staff to login they need to first prove their identify with their Office 365 to login as an added layer of security. 

Remote Support

How We Do It

Every IT company uses what’s called a Remote Management & Monitoring platform to make regular health checks on client systems and automate some processes and routines. Some of these products are hosted by their vendor in the cloud and some are self hosted. 

Our RMM platform is self hosted on it’s own Microsoft Azure server. We are very careful on what roles we assign our techs in this system and only 2 people, 1 of which is the owner, are admins. 

Each tech account regardless of what role they have 2FA enabled so to login a code needs to be manually entered from their phone. 

Since this system is self hosted we make sure the latest updates and released are installed so it always has the latest version. 

Remote IT Management
Microsoft 365 Single Sign On

Keeping Our Accounts

Safe And Secure

We love Office 365 and the value it brings not only to our our clients but in house as well. We make heavy use of Microsoft teams for our SOP’s, communication and internal documentation. 

All of our staff have 365 Enterprise licenses assigned and also Single Sign On. The Single Sign On service allows us to access our systems by authenticating through our 365 accounts for added security. 

We also have another Microsoft security product assigned to all accounts. This is an additional layer of protection to block fake sign ins and other threats on top of the default security measures we have in place. Of course all accounts have 2FA enabled so a code must be entered from someone’s phone to access their account. 

Your Passwords

On Our Watch

We use the same password manager we sell to our clients for all of our internal passwords and credentials. Our staff is instructed to turn off any saved password options in their web browser so all passwords are pulled in from our password manager. 

All accounts have 2FA enabled of course and this allows us some extra security levels for our clients. For example, our admin accounts for our clients with Office 365. Each admin account has a uniquely randomly generated password assigned so no 2 passwords are every the same. 

For servers and a few other critical systems we have a process where we document the login only in our documentation system and the password only in our password management software. This means if someone were to compromise one system somehow or one record rather they would have half the credential. 

Secure Passwords
Checklist

Yes We Do

Check Our Systems

For servers and a few other critical systems we have a process where we document the login only in our documentation system and the password only in our password management software. This means if someone were to compromise one system somehow or one record rather they would have half the credential. 

Every 2 weeks we run through an internal checklist and examine all of our systems to make sure our own rules are enforced like 2FA policies for example.

All Tech Access

Is Regulated

We have a strict policy that staff are not allowed to access any of our systems from their non-work computer. On each computer we have actively monitored advanced security software that goes above the bare minimum anti-virus software. 

Workstations also have basic security measures in place like a screen saver time out and password enabled. Our team is reminded to not keep any documents on their local workstations as well as other measures in place to protect those endpoints. 

Laptop Access
padlock with code to secure storage

Our Default Backup

To Protect Your Data

Everyone knows what a backup is and most people simply assume their backups are working but if they are working and they are deleted? This could happen either by accident or what has made the news a few times a 3rd party deletes the backup before they are going to hijack your network. 

We utilize two well known backup vendors that cater to the business market and have our own policies in place. For example, only a few of our internal team have access to the backup console. 

Another layer of protection we employ is what’s called GUI passwords. Simply put if someone were to open the backup software on a server for example they need to enter a complex password just to use the software. 

That layer is in addition to needing a second set of credentials to actually have access to the backup sets. If all else fails our vendor has a grace period where they keep the backup data even after it’s deleted from their system.