Principle of least privilege
We apply the principle of least privilege in our environments, this ensures that nobody has a higher level of permissions for the core platform than they need to do their jobs.
Service accounts, shared folders, firewall rules and domain policies are applied to ensure that by default access to the system is controlled.
Data is encrypted at rest and communication between the clients and the servers is secured using SSL encryption by default.
Backups are also encrypted to ensure that archived data is secured.
OS and Application Updates
Server and Application patching is carried out on a regular basis to ensure that bugs and security issues are addressed with minimal delay.
Regular Vulnerability Scanning
We carry out vulnerability scanning within the platform to ensure that any weak points are found and addressed on a frequent basis.
Third Party Penetration Testing
Our systems are periodically penetration tested by a third-party company (Wolfberry Cyber Security) to provide further confidence that nothing has been missed. This won’t make our systems invulnerable, nobody ever can be, but it helps ensure that the system security is of a high standard.
Advanced Malware Protection
Threats from viruses and other malware are vital to protect against. Aramar Technologies is a Sophos Managed Services partner and we make use of multiple products and services from the Sophos portfolio, managed through Sophos Central to help protect each of our managed platforms.
The Human Factor
“People” can often be the weakest link in any security system, with this in mind we provide User Awareness Training modules to all users of our araCloud Managed Solutions. We offer this to help ensure that the users of the system are adequately informed of the dangers posed by phishing scams, social engineering and other threats.
Through a series of short online training modules, we are able to ensure that all users have a minimum level of cyber security awareness which will help you to help us protect your data.