Protect your business against dangerous threats; meet compliance requirements.
The internet is under constant barrage from attackers; companies are often indirect targets even if they are not attractive direct targets.
Smartt offers add-on security services and compliance services (example: PCI, HIPPA, FISMA), especially for clients who:
- Have just been compromised and want to prevent a recurrence.
- Are very sensitive about data protection
- Want to develop their online presence with a self-managed storefront.
- Are looking to attract customers who require compliance
- Need compliance, but are overwhelmed by the online documentation and don’t know where to begin
What Services are Offered?
Smartt offers individual security service offerings and bundled offerings that help you meet compliance standards.
Our Security and Compliance Services include:
Antivirus/Malware Scanning: On-demand and scheduled scans with automatic reports; and remediation services.
Two-Factor authentication: VPN for access to client assets at Smartt, and Two Factor authentication.
Vulnerability: Vulnerability scanning, credentialed patch audits, policy compliance audits, internal and external scans, and detailed reports
Off-server Log Storage and Analysis: Logs are sent to Smartt's SIEM server for analyze and retention; logs are retrievable on demand and custom alerts can be set up
Malicious Traffic Blocking: VPS/VPCs re protected via scans with identify known packet signatures; malicious traffic blocked based on severity levels.
Compliance: Bundled security packages to meet compliance standards.
Get in touch with one of our experts and see how we can help you secure your IT from threats.
Why Smartt for Security Services and Compliance?
As a Total Service Firm with its own datacenters and an expert development team, Smartt is in an unique position to be your single point of contact for all security related requirements.
Most vendors will offer compliant hosting environments, but leave the actual VPC/VPS for the client to manage their own security.
Most vendors only compliant hosting on a shared server or VPS where they control the OS and middleware; and the client has no ccontrol other than uploading application data
Single Point of Accountability
We take the workload off you, by comibning hosting, server management, and ongoing security assessments.
Smartt FISMA/PCI Compliance Catalogue
|FISMA/PCI Compliance||Monthly Fee (MRC)||$950|
|Setup and Server Hardening (NRC)||Custom/Varies|
|Compliant VM or Physical Server||Up to 3|
|Remote access VPN||Yes|
|Standard Secure Certificate (SSL)||Yes|
|Monthly System & Activity Reporting||Yes|
|Cancellation||30 Calendar Days|
|Client Support||E-mail/Telephone Support||24/7/365|
I try to do my own research and talk to other IT professionals, but it’s always good to get that expertise applied to your own specific situation. I found the discussions we had with Smartt really useful, especially around how we could make our systems more secure and robust.
- DANIEL VAZQUEZ, IT ADministrator, TRG Group benefits and Plans -
Smartt Security and Compliance - A La Carte Menu
Security Services are add-on services that improve upon or add to a client’s security posture. Compliance services are add-on services required to maintain adherence to a specific compliance structure.
Antivirus, Malware Scanning and Reporting
- On-demand Antivirus Scanning via TrendMicro Deep Security
- Scheduled full server scans
- Automatic reports
- Can be sent to client reporting AV status and any detected malware
- Estimate for remediation (Fix of issues if Estimate accepted)
Secure VPN with 2FA
$600 NRC for setup.
$206/month for 5 users, $246/month (up to 20), $396/month (up to 50)
- VPN for access to client assets at Smartt (Allows for client direct access to VPS/VPC servers while limiting public footprint)
- Two factor authentication provided via Duo Security
Vulnerability Scanning and Reporting
- Vulnerability Scanning via Tenable.io
- Credentialed Patch Audit including scans for missing patches and updates
- Policy Compliance Audits – scan against known best practice models for OS/software/hardware
- Internal and external scans
- Detailed report available to be sent to client
Off-server Log Storage / Analysis
- Logs are sent to Smartt’s SIEM server for analysis and retention (Uses Wazuh, a well known SIEM solution based off of OSSEC)
- Can be set up for any middleware/application that generates text or syslog format logs.
- Custom alerts can be set up for any condition clients want to look for (failed logins, requests against a specific webpage, etc)
- Logs can be retained up to 7 years•Logs retrievable on demand (via support request to Smartt)
Malicious Traffic Blocking
- VPS/VPCs are protected via NSX-T IDS/IPS scans which identify known packet signatures (Based on Suricata/VRT/Snort)
- IPS blocks traffic based on severity levels, set via security profiles
- Log of events are sent to SIEM for reporting and analysis
- $950/month for ongoing activities
- Covers 3 servers
- Includes all security services required to maintain compliance
- 8 hrs per month T&M activities
If you’re wondering whether your brand needs refreshing, stop wondering and talk to us about the Smartt Brand Strategy Roadmap. We’re happy to give you a free consultation and show you examples.Get a Free Proposal