As Dion transitions its new Win intelligence platform from on-premise to SAAS (software as a service) into the Amazon Web services, Dion have partnered with Intelisecure and Infradata to ensure scalability, security and reliability.
Intelisecure will be providing vulnerability management, Pen testing and SIEM services on the new Win Intelligence platform. With the new GDPR regulations changes that became effective as of May 2018 Dion have built its platform GDPR compliant and after securing the platform Intelisecure will be providing ongoing active Vulnerability management to continuously detect and protect against cyber-attacks. Intelisecure monthly report is provided with full analysis on the Win Intelligence platform to the Dion security and infrastructure team and is reviewed and changes and recommendations are made to ensure any security issues are patched before any release of the software is implemented on the platform.
Regular proactive Pen testing is done on all Win intelligence systems on Dion’s AWS cloud. The Pen test is carried out before every new release or system change ensuring we are always a step ahead of any potential threats before they occur. External independent Pen testing is undertaken by Intelisecure with monthly reports and any potential priority threats highlighted for immediate review and change.
In addition to Pen testing and Vulnerability management Intelisecure also provide a full SIEM solution which allows Dion’s WIN platform to comply with the new GDPR compliance program. A complete SIEM service allows Dion the following benefits: -
Data aggregation: Log management which aggregates data from many sources, including network, security, servers, databases, applications, providing the ability to consolidate monitored data to help avoid missing crucial events.
Correlation: look for common attributes, and links events together into meaningful bundles. This technology provides the ability to perform a variety of correlation techniques to integrate different sources, in order to turn data into useful information. Correlation is typically a function of the Security Event Management portion of a full SIEM solution
Alerting: the automated analysis of correlated events and production of alerts, to notify recipients of immediate issues. Alerting can be to a dashboard or sent via third party channels such as email
Dashboards: Tools can take event data and turn it into informational charts to assist in seeing patterns or identifying activity that is not forming a standard pattern
Compliance: Applications can be employed to automate the gathering of compliance data, producing reports that adapt to existing security, governance and auditing processes
Retention: Employing long-term storage of historical data to facilitate correlation of data over time, and to provide the retention necessary for compliance requirements. Long term log data retention is critical in forensic investigations as it is unlikely that discovery of a network breach will be at the time of the breach occurring
Forensic analysis: The ability to search across logs on different nodes and time periods based on specific criteria. This mitigates having to aggregate log information in your head or having to search through thousands and thousands of logs.
Another key Dion partnership is with Infradata who an award-winning independent provider of state-of-the-art security and cloud networking solutions and services are.
The Infradata partnership further bolsters Dion’s cloud security and reliability. When choosing a partner for infrastructure, security and reliability were the two most critical elements for Dion’s Win Intelligence platform. We were also looking for a partner that could help to ensure that the services we offer our clients are both highly available and fully secured. In addition to a multiple vendor security solution and infrastructure support Infradata have also provided us with a load balancing WAF (Web Application Firewall) as part of a collapsed solution to further bolster security and availability.