Web Vulnerability Scanning
-
Weekly scanning and priority fix.
-
Biannually PCI-DSS Scanning.
-
Protect against common SQL Injection, XSS and OWASP Top 10 attacks and vulnerability.
Firewall
-
Guarded with double layer firewalls
-
Web Application Firewall for DDoS Protection
-
Network Intrusion Detection
-
Advanced Persistent Threat (APT) Blocker
Multi-factor Authentication (MFA) for Remote Server Access
-
Remote access required MFA.
-
Designated server access by only few white list employees.
Regular Review on Suspicious Activities
-
Regular review on the server access activities.
-
Daily review on the attack activities and anonymous system access.
Suppliers/Third parties Software Management
-
Perform regular update to protect against zero day attack.
-
Strict protection from remote access.
-
Dedicated person in charge for software installation in data center.
Ransomware & Malware Protection
-
Regular daily backup.
-
Ransomware protection.
-
Antivirus installed for malware protection.
Incident Management
-
Professional team for security incident management.
-
Well define incident management flow.