Service interruptions in your IT environment exist in many guises. Alongside traditional concepts of hardware failure this nowadays extends to events of theft, intrusion, ransomware infection, data loss by either accident or malpractice, outages from third party service providers, and multiple other potential variables. Stem Systems implement various best practices to circumvent such issues and work closely with clients to identify key points of concern in their IT environment for safeguarding.
Infrastructure level
We design out a suitable backbone to house the various elements of your network. This can be as complex or as straightforward as the setup requires. With a modern network often operating traditional IT alongside guest WiFi, card payment systems, VOIP telephony, printing, smart devices, CCTV and much more, it warrants consideration on how to allow these to operate together seamlessly on shared internal infrastructure. We integrate only the components that need to and segregate those that require so for compliance, security or out of good design principles. This prevents rogue devices or bad configuration on one part of a network from causing wider disruption.
We ensure the manufacturer warranty of key devices on your network is kept in check. We monitor and renew hardware warranties on your behalf, and same with subscription renewals for other key appliances.
For on-premise server hardware we offer the ability to stand up a replacement environment, accessible immediately from backup storage with no lengthy wait on restores from backup media. We achieve this either through our Altaro virtual server backup offering or from the cloud via Azure Site Recovery, depending on the type of deployment.
Software level
- Replication of servers to either on-premise or remote hardware, or cloud platforms
- Detailed tiering and documenting of individual user access rights to network data to prevent unwanted access, whether accidental, deliberate or by compromised access via ransomware or exploited credentials.
- 2-factor authentication into key applications e.g. Office 365, desktop PC’s or cloud-based Windows Virtual Desktop
Information level
- Least-privilege first design
- Azure Information Protection
- DLP (Data Loss Prevention) through Microsoft 365 or the Trend Micro security suite
- Enforced BitLocker disk encryption of Windows devices
- Enforced mobile device encryption (in event of theft)
We build policies at the information level to either warn users or block access entirely if devices fall out of scope of key requirements e.g. having encryption or biometric protection disabled.