Request Quote

Talk to one of our experts.

IT Security Services

What we offer

What We Do

ESX provides comprehensive & enterprise-grade cyber security at a price that makes it accessible to small & medium-sized businesses

Cyber Security Controls Checklist
Outlined below are security controls that are heavily evaluated by cyber underwriters in today’s
marketplace. Lacking controls that most underwriters have deemed as basic security requirements will
impact the ability to obtain coverage. Implementing the controls listed below will strengthen your security
posture, increase interest from the marketplace, and likely result in a more favorable renewal outcome.

 

  • Multi-Factor Authentication for:
    • All Remote Access to Network
      • Including RDP Connections
    • All Remote Access to Email via Non-Corporate Devices
    • All Administrative Access (on-site and remote)
    • All Access to Backups
    • All Access To All Cloud Services
    • All Third-Party Remote Access
  • Next-Generation Anti-Virus (NGAV) and Endpoint Detection & Response Tool (EDR)
    Implemented on All Endpoints
  • Employee Training
    • Security Training for All Employees on Annual Basis
    • Phishing Simulations
  • Strong Backup Procedures
    • Daily Backup of Data
    • Offline/Air-Gapped from Network
    • Regularly Tested for Successful Restoration/Configuration and Scanned for Malware
    • Encrypted Backup Data
  • Patching Cadence
    • Critical and Severe Patches Installed Within 7 Days of Release
    • Regular Patching Throughout Organization Within 30 Days
  • Limited Use of RDP (none is preferred, if possible)
  • Local Admin Rights Not Granted Outside of Technology or Security Staff
  • End of Life Software
    • Segregated From Network
    • Strong Compensating Controls
    • Plan to Sunset
  • Robust Continuity Planning
    • Formal, Written Plans That Address Network Outages with Annual Testing
      • Business Continuity Plan with Recovery Time Objective(s)
      • Disaster Recovery Plan
      • Incident Response Plan
  • Operational Technology Segmented from Traditional IT Systems – applicable to the industries with physical operations
  • Email Filtering and Validation
    • Sender Policy Framework (SPF)
    • Domain Keys Identified Mail (DKIM)
    • Domain Message Authentication Reporting & Conformance (DMARC)
  • Password Management Tool
  • Security Information and Event Management (SIEM)
  • Security Operations Center (SOC) – 24/7
What We offer

Our Services

N

Free Cyber Threat Assessment

We’ll provide you an overview of how well your resources are being utilized & the risks facing them, with actionable steps to address any concerns surfaced.

N

Vulnerability Scans

Vulnerability scanning is an essential component of any security program as it is the most efficient and effective way to identify and mitigate vulnerabilities.

N

Penetration Testing

A penetration test is an authorized simulated cyber attack on a computer system. We perform tests to evaluate the security of your system.

 

N

Compliance Remediation

We can help with remediation requirements to meet IT compliance standards.

N

CFO/CIO Tools

ESX removes the confusion, stress, expense, and time-consuming efforts while staying ahead of the unforeseen information security requirements of your company.

 

N

vCISO

ESX will serve a role akin to a senior security executive in your company.

N

Ransomware

We help you address your organization’s current security, acquire a successful security design and seamlessly adopt a security solution that fits your needs.

N

Fortinet

ESX has the best trained team and is the fastest growing Fortinet partner in the Midwest. We can manage, monitor, support and assist in the migration of your Fortinet security infrastructure.

 

Let's work together

Ready to Get a Quote Today?

Get started. Our engineers are standing by.

Some of our customers who have chosen to work with us