FAQ’s

Your network IT consultant is important and provides valuable services to keep your IT operational and secure. JDL security services is another pair of eyes to verify that proper protections are in place for your organization. Our services should be another layer in your layered defense strategy against the bad actors constantly seeking to compromise your system.

All businesses who collect, store, transfer, or use consumer data are required to have security. JDL follows security frameworks to protect your business, your brand, and your clients.

Physical security refers to the protection of hardware, computer equipment, and other IT assets from external physical threats, such as unauthorized access, theft, or loss of backup media during transportation to external sites.

Application security refers to the security measures built into a software application itself to provide a secure computing environment. Common application security measures include authentication of the application, an access matrix for different levels of users, input validation to avoid the possibility of application flaws such as a buffer overflow, and application logging features, etc.  Application owners should determine with the development team application security requirements according to the criticality of the application in the design phase, as well as the sensitivity of the data to be processed.

A security policy should be practical, and work for your organization. The following should be considered:

• The sensitivity and value of the assets that need to be protected
• The legal requirements, regulations and laws of the Government in your jurisdiction
• Your organization’s goals and business objectives
• The practicalities in implementation, distribution and enforcement

Our security assessment is a point in time assessment of your environment while our MSSP offering is a continuous monitoring and assessment of your environment.

Yes, you can convert to our managed services if you start with our assessment. We provide financial credits for organizations that start with our security assessment and wish to migrate to our managed security service offering.

Changes between modules are very seamless, with simple change in scope, you can start on a different module prorated, without any change to your previous contract period.

Firewalls are only part of a total integrated security system, and they have limitations. Firewalls can neither alert you to ALL intrusions, nor stop ALL security breaches. Unless you are constantly monitoring for intrusions, you cannot know for sure if your firewall is blocking all intrusions. IDS / IPS can be installed and used at strategic locations to continuously collect and examine information for suspicious activity 7 days a week, 24 hours per day. IPS also provides an active response system to stop the source of attacks or to minimize the impact of any attacks.

The first order of business before we commence of our service will be a signed non-disclosure agreement that protect both parties from disclosure of classified information and trade secrets.

Security services are invoiced based on milestones. Usually 40% at the beginning of the service and the outstanding balance at project signoff. MSSP services are paid monthly at the beginning of each monthly period for which services will be provided.

Our security assessment consists of two modules: 1. “Security Assessment Plus” is an efficient and cost-effective offering that incorporates a comprehensive evaluation rather than a single stand-alone test. 2. The “Security Assessment Pro” is a comprehensive service for security audit and amendment requirements, recommendation, risk analysis, and penetration testing.

Our Managed services are divided into two modules: 1. “Managed Detection and Response” has vulnerability assessment, 24×7 Monitoring and triage of security events with remote remediation support for your IT team. 2. “Managed Security Services” has Full security management for your environment include vulnerability assessment, 24×7 Monitoring, triage and remediation, configuration of security devices with on-site and remote support.

The amount of time it takes to do an IT Security Audit depends on 2 criteria, the first being the number of internal and externally facing devices on your network, the second being the number of faults found. The more faults that are found, the longer the test may take to confirm if they are genuine or false positives.

JDL assesses the security risk of all networked, IP devices. This includes all routers, switches, hubs, firewalls, servers (all common operating systems), workstations, desktop computers, printers, and wireless access devices.

The security assessment scan is designed to minimize both the audit time as well as the network bandwidth it uses. Thus, the impact on network traffic load is minimal. In addition, if the target host or network performance deteriorates during a security assessment, the scanner will adapt dynamically and reduce the scan speed.

The security assessment identifies viruses, backdoors, worms, trojans, malware and other malicious applications. The security assessment uses authenticated scanning to determine malicious software on a host even if it has no listening service.

The JDL Security Program is a 12-month agreement. The policy automatically renews annually unless you provide written notice 30-days prior to the date of renewal.

Our on-boarding process has two simple steps.

1. Information gathering
2. Kick -start

Our pricing module is quote simple. Prices of each service will depend on attributes including but not limited to number of users, type of service, special requirements.

Get A Quote

Get in touch with one of our agents to get a sample report.

Get A Quote

If you have an IT Security Audit it can highlight lots of issues that have been missed or overlooked as your business network has grown and become more complex over the years. Devices are easily configured using software wizards, but these wizards don’t always configure the device correctly and often just configure the bare minimum to get the system running. It is good to get an impartial view from a third party for your own peace of mind. If you have had regular IT Security Audits from a third party this can significantly reduce the impact of the penalties in the event of a data breach.

Every business is different in terms of how they collect, use, and store data, therefore each business will likely have an individualized compliance program. Initially however, it may take anywhere from a few hours to a few weeks to get your program and compliance plan in place.

The National Institute of Standards and Technology is a division of the U.S. Departments of Commerce which promotes innovation and industrial competitiveness, while supporting, regulating, and establishing set standards of measurement and precision. NIST created the Cybersecurity Framework to help businesses collaborate on best practices and lessons learned, to help companies Identify, Protect, Detect, Respond, and Recover from a data breach or security incident.

Non-EU organizations that monitor the behavior of or offer goods and services to EU residents are required to comply with the GDPR. This includes any business with connections to the EU or EU residents through subsidiaries, vendors, or customers. (This means that everyone is affected by the GDPR.)

Yes. Support requests are accepted via call or send an email support@jdlgrp.com. Email requests must be sent from one of the email addresses provided to JDL as a support contact.

When submitting requests for support, the customer must provide all data that is relevant for resolving each technical support request. Relevant data may include, but is not limited to, log files, descriptions of the hardware and software environment, examples of inputs as well as expected and actual outputs. This information should be as complete as possible, but sensitive information (e.g., account names, passwords, internal IP addresses) should be sanitized before sending to JDL.