Atos offers a comprehensive offering for security* that includes:
- Security consulting, assessments, compliance support, and associated activities
- Part- or full-time CISO services such as providing recommendations or support with moving along the security maturity scale, handling compliance requirements, responding to audits and implementing advanced security concepts such as penetration testing, vulnerability analysis, and digital forensics.
- Advanced threat detection, including automated response and Security Operations Center services
- General operational security requirements like anti-virus, patching, etc.
*The Atos security solution is tried and tested in large corporations as well as public sector entities. The State of Virginia is an example of a comprehensive security solution that includes endpoint security, security consulting, a SOC and advanced, prescriptive threat protection. Threat protection not only identifies threats but through integration with other systems, can actively respond to real-time threats with automated quarantines and remediation, significantly reducing the risk of security breach impacts.
The endpoint is king — even in this age of cloud. The reason is simple: To be used, data will often find itself on an endpoint at some point in time. And as cloud-to-endpoint activity increases, the vulnerability to malware on endpoints and devices increases.
As the world’s fifth largest managed security services provider, Atos is uniquely situated to provide leading endpoint protection services. We provide endpoint protection services to hundreds of organizations around the globe today, and work with major vendors such as McAfee and Trend.
Our endpoint protection is provided as part of a security ecosystem of services integrated into our security operations center. Some of the reasons to choose our endpoint protection include:
- Provision of a unique, truly integrated security environment, providing rapid discovery and remediation of threats across intrusion prevention systems, web gateways, email servers and more
- A demonstrated track record of managing millions of endpoints around the world
- In-depth endpoint protection including features such as application control, host intrusion prevention and antimalware
- Centralized policy management and rapid deployment of controls to endpoints, including removal or quarantine of malware
- Integration of endpoint protection with our SOC to centrally monitor threats across the enterprise
Due to regulation, compliance, ever-present malware risks and best practices, more and more enterprises are looking to protect their data as strongly as possible. Data encryption is a powerful technology available to ensure confidentiality and privacy of information. Encryption needs to occur transparently, and because data is so mobile today, encrypted data must stay encrypted no matter where it moves—for example, to the cloud.
Atos offers a wide variety of encryption offerings from multiple vendors such as Symantec, McAfee, Microsoft and others. We provide whole disc, file and folder encryption, and encryption for backups.
As the fifth largest managed security services provider in the world, we have deep experience in implementing and managing encryption for our clients. Our encryption services include:
- Complete end-to-end key management
- Whole disc encryption, to ensure data is encrypted as soon as it is created
- More granular file and folder encryption services
- Encryption lifecycle and problem management including key recovery
- Help desk support to ensure appropriate software is installed and issues are managed through to resolution
The intrusion prevention system (IPS) is as fundamental to network security as antimalware is to endpoint security. This network security component provides vital capabilities such as dropping malicious packets, alerting security personnel to possible intrusions and blocking suspicious traffic.
Atos has deep experience in designing, installing and managing IPS appliances from all leading vendors, including Cisco, McAfee and Palo Alto. In North America alone, we manage about 200 of these systems for dozens of customers across all sectors.
While the IPS appliance is important on its own, what is equally important is integrating the IPS and its outputs into a holistic security program. This is what differentiates Atos IPS services from our competitors. We:
- Provide both detailed and summary reports to our clients on a regular basis
- Hold regular meetings with clients to discuss current status, possible changes and roadmaps
- Leverage threat feeds such as Cisco Security Intelligence to automate and streamline network security
- Manage incidents throughout the event lifecycle, from detection to analysis to ticketing to resolution, working with clients to agree on change management and security response processes
Some example customers include:
- An American multinational manufacturer and marketer of chemical products for which we manage seven Cisco IPS appliances over six data centers globally (four U.S.-based). The IPS is integrated into our SOC to provide comprehensive security management and broad visibility of security events. We use Cisco Threat Intelligence to rapidly drop unwanted traffic based on source/destination IP address or destination URL. This kind of automation is vital in keeping pace with relentless attackers.
- A Fortune 500 company for midstream petroleum services for which we provide complete monitoring and management of eight McAfee NS5200 sensors, all in-line and in HA mode. The IPS is integrated into our SOC and includes ongoing health status, checking of alerts, notification to customers, and resolution of tickets and incidents. Our security team acts in close coordination with the client security teams to ensure alerts and incidents are prioritized and acted upon to customer requirements.
Vulnerability Management Service
Organizations today are not only borderless but in a constant state of flux. The digital estate literally changes from day to day as new devices, compute platforms and applications enter the extended workplace. From a risk perspective, the dynamic, ever-changing cyber ecosystem is extremely challenging.
Organizations need a way to see, understand, keep pace with and prioritize their risks — yet these change almost minute to minute.
Atos Vulnerability Management Service helps companies to meet the risks posed by this new elastic attack surface. We perform over 500,000 scans per month for dozens of customers in North America alone, and twice that globally.
Our mix of active scanners, agents and passive listening sensors helps maximize scan coverage and reduce blind spots. We provide network-based, credential and agent-based scans to offer our customers in-depth awareness of threats and vulnerabilities.
An important part of any VMS service is knowing what to do with the scan results. Our integrated service delivery approach places teams across security and IT operations to discover and then remediate problems discovered.
The features and benefits of Atos VMS include:
- Industry-leading vulnerability discovery and monitoring
- Network, credential and agent-based scans
- Deep experience in VMS
- PCI-certified external scans
- On-premises and cloud scanning available
- Identification, mapping and tracking of every asset across any computing environment
- Regular scans and reporting on risk status
- Predefined templates and configuration audit checks that speed compliance and risk reduction
- On-demand rescans to ensure that remediation activities have been effective
- Expert prioritization of risk exposures and recommendations for remediation
- Integration with other security services to ensure a holistic approach to risk management
- Exposure measurement and benchmarking to improve total security management
Multifactor Authentication Service
Multifactor authentication (MFA) and two-factor authentication (2FA) are becoming not only more and more popular, but increasingly mandatory to meet both corporate and regulatory requirements. Because so much valuable business is conducted online, and because on the internet no one really knows who you are, password-only security simply isn’t enough. Stronger authentication methods are needed — such as sending one-time passwords out of band, or using soft and hard tokens.
Atos offers fully automated cloud-based authentication and complete MFA lifecycle management, including integrating tokens and authenticators into corporate applications. Our MFA solutions reduce administration overhead, such as the costs of resetting passwords, and offer a solid foundation to scale in both cloud and on-premises environments.
Our deep experience working with MFA/2FA is enhanced through partnerships with some of the world’s leading MFA vendors such as RSA, Symantec and Gemalto. We provide complete MFA services, from the back end to the end user including:
- Managing server-side MFA components and authenticator distribution
- Integration with applications such as Outlook Web Access
- Secure access to the Windows desktop
- Broad support for a variety of authentication options and methods
- Integration with web applications, VPN access and more
- Monitoring and resolution of Level 1/2/3 incidents
- Customizing and installing components required for MFA-integrated applications
- User access management
- Fast setup and high service availability
Web Gateway Service
The risks posed by the web are many — social networking, media downloads, malware, malicious code, data leakage and more.
Atos Web Gateway Service provisions internet access while mitigating its risks as much as possible. We filter and block access to websites based upon each client’s predefined policies and industry and regulatory requirements. Some important features and advantages include:
- Time-tested delivery excellence
- Onshore and offshore delivery teams
- The ability to manage gateways worldwide
- Best practices for SSL offloading, data loss prevention (DLP), user access management, compliance and more
- Experience with all industry-leading gateways including Symantec, Cisco, McAfee and Forcepoint
- Regular checks and tunings of security policies to customer requirements
- Constant gateway infrastructure monitoring and management
- Integration with additional security services such as SIEM
- Trained and certified personnel
Our Web Gateway Service is used by:
- A large healthcare organization for which we administer clustered web gateways across three datacenters and provide SSL decryption, user identification, user-specific policy configuration, URL filtering and more.
- An international insurance company based in the U.S. and U.K. where we administer a cluster of six McAfee web gateways, SSL decryption and data loss prevention integrated with McAfee’s Threat Intelligence Exchange.