Managed Security-as-a-service
Cyber security: The core and much more!
We at NxtGen believe that security is the linchpin of our enterprise, and so we are committed to building a truly cyber-resilient data center. We have thus established a state-of-the-art security framework considering dimensions such as Confidentiality, Integrity, Availability, Authentication, Non-repudiation, Communication Integrity, Data Integrity Access Control and Privacy, to protect NxtGen and our clients from any and all cyber threats.
Governance, Risk and Compliance
NxtGen has established the following in order to strengthen our governance, risk and compliance framework:
- Security policy and procedures aligned to various industry standards and best practices including ISO 27001, ISO 27017, ISO 27018, CSA and NIST
- Ongoing assessment of potential threats by implementation of risk management framework
- Regular internal and third-party reviews/ audits to ensure security measures are appropriately implemented
- Continuous cyber security awareness program to train and educate the workforce
Infrastructure Security
We have implemented state-of-the-art security practices for our infrastructure. Below, some of these:
- 24*7 monitoring of the security, network and server devices
- Periodic targeted scanning to detect malware, including scanning of actively running programs
- Implementation of DDoS protection mechanisms to ensure availability
- Periodic configuration review of virtual environment components such as hypervisor, VM, virtual switches and firewalls
- Traffic isolation to ensure VMs and communication remain private within a virtual network
Threat and Vulnerability Management
NxtGen has developed and institutionalised a robust threat and vulnerability management program that helps in protecting, detecting and responding to vulnerabilities at various operational layers of technology.
Security Operations Centre (SOC) and Incident Management
We have developed a state-of-the-art Security Operations Centre (SOC) with 24*7 monitoring capabilities to detect cyber security threats. Dedicated incident response and containment teams have been put in place to quickly respond to and recover from cyber incidents.
A comprehensive, reactive, proactive and predictive approach to restore normalcy, identify the root cause, and suggest measures to stop reoccurrences of cyber security breaches has been established.
Breach Management and Forensic Capabilities
As soon as there is an indication of security compromise, we immediately activate our breach response, which includes:
- Speedy investigation to uncover the nature of attack and extent of damage, timeline of infiltration, attacker identity, and attack chain
- Rapid containment of the attack to stop the spread, block the attacker, and roll out immediate mitigation measures
- Forensic capabilities have been developed for evidence collection, preservation and processing of data to help in recovering data
Data Protection
As a cloud service provider, we have implemented sufficient security controls to ensure data privacy of our cloud security customers. This includes well-documented data privacy policies and standards, in alignment with ISO 27018, and other industry regulations as applicable.
Contact us now to know more about our Managed Services.
