The unfortunate reality is, data breaches and hacks are a very real part of our world, the latest being Equifax, with some 143 million people being affected.
While our industry does not seem to be a regular target of hacks, MJS Designs takes data security seriously. The network infrastructure is carefully monitored, audited and modifications to security measures are updated as appropriate to provide the highest level of data security for customer information.
MJS Designs Security Measures
Internal Network Security
- Network Segmentation – When a non-employee user connects to a network port or connects via wireless, the user is placed onto a “Client LAN” and is treated as an “unknown” user. The user can access the Internet but they have no access to business resources.
- User Authentication – All access to MJS Designs resources are logged and audited by individual user credentials.
- Automated Endpoint Isolation – Automatic protection measures are activated in the event an individual workstation is compromised and the workstation is isolated until the issue is resolved.
- Wireless Access – Network has two encrypted access IDs; using the guest ID, a user immediately has filtered & logged Internet access only. The business ID allows Internet depending on the user’s business function and requirements.
- Ransomware & Cryptoware protection – Work stations are monitored for malicious code and isolated to protect the larger network to stop the infected code from running and restore to the original files before the infection.
- Encrypted Data – all data at rest is encrypted by unique keys for each workstation and server.
- Data Backups – all backups are encrypted onsite before transmission to data center. Client data transfer location is only available to explicit users who are granted access, the data is protected in transit using SSL encryption.
Mobile Network Security
- All company owned mobile devices have email and business content containerized on the phone. Users can not copy files out of the container nor can they copy files into it, except with approved applications after the user has provided verified credentials. This protects company data from easily being accidently shared with unauthorized users; it also protects the files if a virus is loaded on the “public” side of the phone, it will not be able to read company data.
- All remote VPN user access is first granted by management and then configured by IT; once a User is authenticated, they are subjected to the same permissions & access as if they logged in locally on site. The connection is SSL encrypted, logged, and audited. When the user is connected to the VPN, all traffic is automatically forced through the corporate firewall until the user disconnects.
- VPN connection is encrypted, logged, and audited. Traffic is forced through the corporate firewall until the user disconnects.
- MJS employees are not authorized to use personal electronic devices to access company data.
Compliant with NIST SP 800-171 and the following DFARS:
- 204-21 Basic Safeguarding of Covered Contractor Information Systems
- 204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting
- 239-7009 Representation of Use of Cloud Computing
If you have questions about the MJS Designs security protocols, talk with one of our experts today at www.mjsdesigns.com.
You may also enjoy: