Follow
Become a Fan
NeoSpire Blog
Trust NeoSpire
NeoSpire has a decade of experience managing complex, transaction-intensive application and highly sensitive data. Because of that experience, businesses who entrust their data and applications to NeoSpire can rest easier.
The NeoSpire team has assembled a range of security services, technical innovation, security expertise and best practices to provide the highest levels of protection. Whatever the need may be, help complying with complex industry and government regulations, solid security measures your IT assets or guidance with best practices for growing your business securely, NeoSpire ensures it is done securely.
Firewalls and VPN
- Firewalls
Custom firewalls and port filtering are used across the board with Web servers, application servers and database servers to protect businesses from intruders and to monitor and prevent unauthorized users from gaining access to systems and data. Firewalls are designed to only allow the traffic that is desired to reach our customer's servers. This allows us to provide access to only the services that our customers want to offer and protect the ones they don't. Firewall rules, or Access Control Lists (ACLs), can be designed to allow access to services from specific places on the Internet, or IP addresses, so that customers can provide access to a select group of people and not the general public. NeoSpire can works with each customer individually to design the appropriate firewall rules sets for their unique business needs. - Web Application Firewalls
Taking the firewall to another layer of security, NeoSpire can also offer our customers Web Application Firewalls. A web application firewall protects websites and web-based applications from application-level attacks such as SQL injection, cross-site scripting, remote command execution and more. The Web Application Firewall can seamlessly integrate into an existing web application environment and helps add another layer in the security architecture used at NeoSpire.
- Virtual Private Networks
If using firewalls and port filtering is not enough security for our customer's needs when transferring data or administering their applications and managing their data, we can also offer dedicated Virtual Private Network (VPN) endpoints. VPNs are used as a way to encrypt all the network traffic between two locations. A customer may need this for regulatory compliance or just for peace of mind, but NeoSpire can setup, manage and maintain a VPN endpoint to suit our customer's needs.
Compliance
- SAS 70 Type II Certified
An exemption-free SAS 70 Type II Certification report is known by organizations in the United States and Europe. These countries recognize the report as a reliable indicator that a service organization has implemented an effective control environment. - Payment Card Industry Data Security Standard (PCI DSS)
PCI DSS was developed by the major credit card companies as a guideline to help protect organizations that process card payments against fraud, hacking and various other security vulnerabilities and threats. These multilateral standards encompass a broad range of cutting edge security technologies to satisfy PCI DSS requirements.
Data Security
- Intrusion Detection Systems
NeoSpire takes every precaution to protect our customer's data and that includes watching the network for possible malicious activity. Network Intrusion Detection helps NeoSpire monitor our customer's servers for malicious probes, scan and all out attacks and gives us the ability to make changes as necessary to protect their data and stop many attacks before they are able to successfully breach a server. Additionally we offer another layer of security to our customers with a Host Based Intrusion Detection System that monitors critical files on their servers for changes so when something happens, we know and we can react. - Event management/Centralized logging
Monitoring our customer's infrastructure is more than just what we can see on the network, there are thousands of events that happen on the servers and network devices themselves. To help mitigate any possible issues and monitor the security of any server, NeoSpire offers centralized logging and event management. We are able to aggregate all the events from a customer's servers, intrusion detection systems, firewalls and some applications to a central location providing a single point to monitor, backup and correlate information in the event of an attempt to compromise a server or network device. - Patch Management
When an Operating System or software is released, unfortunately it is not perfect. Every day vulnerabilities are found and software vendors release security updates, patches and hot fixes. Trying to keep track of these can be a real headache, so NeoSpire takes that concern off our customer's plate by monitoring the releases, installing patches and making sure our customer's servers are up to date. - Two factor authentication
One of the weakest links in the security of a system is authentication. NeoSpire does have policies and recommendation on making your passwords as secure as possible, but sometimes that just isn't enough. Two Factor Authentication is a method of identifying a user that is more secure than just a password, it utilizes two methods of identifying a user. There are three types of authentication often used. - Something you know - a password or PIN - Something you have - Digital Certificate or security token - Something you are - Biometrics, fingerprint, retina NeoSpire offers Two Factor Authentication for our customers when they need to make sure they can verify who is access a system or application. - Operating System Hardening
While security is becoming more of a focus to Operating System vendors, OS hardening is the easiest and best way to minimize a computer's exposure to current and future threats. Out of the box, most Operating Systems are configured insecurely and need to be made secure before placed on the network. NeoSpire utilizes it years of experience to harden the OS so that when our customer installs their application they are confident that there are no unnecessary services or applications and that their server is configured to keep their data secure. - Ongoing Monitoring and Audits
NeoSpire offers our customers piece of mind in knowing that we monitor their servers and applications in real-time to detect if something happens. After all of the layers we have in place, we know that things can happen so our 24/7 staff monitors the state of the servers and applications for any possible issue or interruption in service. We don't just make sure the machine is on the network, but that it is performing properly by monitoring the health and availability of the services it is meant to offer. Along with the ongoing monitoring we also proactively scan all of our servers for common misconfigurations, verifying the patch levels and checking for security vulnerabilities then mitigate any possible issues we may find in a prompt and timely manner.
