Whitestone Branding Security Overview

These are just some of the ways Whitestone Branding is staying safe:

Google for Workspace Enterprise Edition
Your Google Workspace Enterprise upgrade includes:

Google eDiscovery - this helps retain all emails sent within the organization, whether or not they are deleted. This is a necessary requirement for compliance, as documents and emails should be retained and always accessible

Data Loss Prevention - this allows us to set up policies that will prevent sharing of confidential information and ePHI externally, along with complete logging of all events involving sharing of documents

Activity logs and Audit Controls - Full auditing and logging will be available, in order to register attempted access to ePHI and record what is done with that data once it has been accessed

Enterprise Endpoint Management - Ability to secure and wipe any devices with company data on them

Datto SaaS

Datto SaaS is a backup solution that keeps a backup of your email, files, contacts, and calendars. This also protects your Google Drive shared files and folders. Backups are performed 3 times daily and retained for 30 days. Daily backups are kept for 30 days. Weekly backups are kept for 90 days. Monthly backups are retained for up to 1 year and then stored for a specified retention period.

Multi-Factor Authentication (MFA) Setup

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to their Google Account. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.

JAMF Mobile Device Management

JAMF Mobile Device Management has been implemented across all user laptops. This will allow us to track all laptops, wipe them remotely if lost or stolen, as well as enforce policies such as automatic hard drive encryption, password policies, and inactivity timeouts. Additionally, this assists with keeping track of inventory.

Contango Security Awareness Training

Contango Security Awareness Training is an education campaign designed to equip your staff with the information they need to protect themselves from social engineering attacks sent via email. This training consists of brief videos showing how to spot various types of phishing attacks, account takeover methods, wire fraud attempts, and many more types of attacks. After the initial training videos are viewed, testing is done through simulated attacks (phishing attempts, surveys, and assessments) to evaluate how well the staff adheres to the organization’s cybersecurity policies and identifies any individuals who may needadditional training.