BlueTeamAssess LLC — Actionable Security for SMBs

Make BlueTeamAssess LLC Your Provider for All Things CyberSecurity

As a small business, you are a hacker’s favorite target.  You owe customers and business partners the satisfaction that you are keeping information entrusted to you while doing business safe and secure from unauthorized access.  Additionally, if you engage in one of these activities, you are probably required by State or Federal regulations to do certain things to protect customer data:

  • Defense
  • Food and lodging
  • Health Care
  • Financial Services
  • Insurance
  • Accounting/taxes
  • Legal services
  • Real estate
  • Accept plastic for payment

BlueTeamAssess LLC is a veteran-owned business based in Onslow County that can help you understand your security threats and what you can do to proactively defend against them.  Reach out to Mike Parsons (mike.parsons@blueteamassess.com) at 336-403-9710 to learn how to do things like create a Written Information Security Program (WISP), protect against data breaches, viruses or ransomware, or reduce SPAM.

Our Story

BlueTeamAssess LLC is the incarnation of Mike Parsons’ passion to help SMBs understand the threats and risks associated with interacting on the Internet.  As an IT Professional for over 40 years, Parsons understands the different technologies and how they both enable SMBs as well as provide a set of threats and risks that oftentimes are misunderstood.

The company takes its name from the Blue Team part of the cyber defense strategies.  The Blue Team plays the role of the defender and is responsible for ensuring that the organization can withstand the cyber attack mounted by the Red Team.  The blue Team is also responsible for detecting attacks from the Red Team.  The mission of BlueTeamAssess LLC is to assist organizations to be able to successfully defend against attacks both from external as well as internal threat actors.  The vision of BlueTeamAssess LLC is to offer solutions to SMBs that are actionable and yet sensitive to their budget constraints.

Parsons holds the CISSP, PCIP, QIR, IAM, IEM and is HIPAA certified.  Additionally, he has been certified to install, configure and manage the products of several manufacturers.  He is a 6 year veteran of USMC and resides in eastern North Carolina.

Parsons is the owner and president of BlueTeamAssess LLC and carries the title of Senior Cybersecurity Architect and Mentor. He believes information security has both a tactical and strategic value proposition for any organization and must not be viewed as a discretionary expense. His areas of expertise are in cybersecurity and specializes in vulnerability assessment and management, cyber risk assessment and management, log and event management,  firewall management, SIEM management, security awareness training and incident response.

Parsons earned his BA from East Carolina University, his MBA from the University of Maryland and a graduate certificate in Information Security and Privacy from the University of North Carolina at Charlotte. He is a Senior member of the ISSA and a Gold member of ISACA.

His achievements include installing the first firewall at Wachovia and serving as the primary security engineer and architect for Wachovia’s first Internet banking and brokerage products. He has spoken before a number of local organizations on the subject of risk and vulnerability management and topics of current concern in information security. He has led many substantive risk assessment efforts and has developed security standards for technical devices and operating environments in major organizations including government, retail and finance.

BlueTeamAssess LLC is a veteran-owned small business chartered in North Carolina and headquartered just outside Swansboro, NC in an area known as Stella, NC.

Services and Products

The Services

BlueTeamAssess speaks WISP (Written Information Security Program).  Let us review your business and regulatory requirements and provide the necessary services and solutions to create a WISP that is sustainable for your business in a practical and affordable way. We offer a number of services useful in supporting your Security Program.

Security Health Check – Review technology and governance environment.  Use commercial scanning tools to identify network assets and state of configuration/security readiness.  Use commercial scanning tools to identify presence of ePHI, cardholder data, or other personally identifiable information (PII) on servers, PCs and mobile devices attached to the network.  Provide consultative time to interpret scanning results and identify any significant issues.

Incident Response Review – Review current incident response policy and procedure.  Review roles of Business Associates and other appropriate third-party service deliverers and any functional deliverables (e.g. medical service coding, medical billing, credit card processors) and identify incident response integration gaps

Policy and procedure review, development and consult – Review existing customer-identified policy and associated standards and procedures against different State and Federal requirements and best practices for the customer business.    Work with customer to develop required policies and associated standards and procedures to address customer-identified gap in governance.  Deliverables include initial drafts, customer review and any required modification, and final drafts or documents. 

Audit response and remediation consulting – Consult with customer to review findings from audit or other risk or vulnerability assessment conducted by internal organization or external third party.  Develop work plan for remediating findings and assist in creating any tickets necessary for tracking progress on remediation.  Where gaps exist in infrastructure to remediate findings, research feasible solutions in marketplace and recommend solutions to customers based on suitability to customer environment and effectiveness in remediating finding.

Business Associate or third-party service deliverer review and compliance consulting – Assist customer in reviewing Business Associates or other third-party service deliverer for DFARS, HIPAA, PCI or FFIEC compliance.  Activities can include review of findings from Business Associates or third-party service deliverer assessments or audits as well as direct investigation and assessment.

Vulnerability assessment – Use standard technology tools to scan or test in-scope assets in a non-intrusive manner for vulnerabilities.  Discovered vulnerabilities will not be exploited, but customer will be told whether exploit exists in the wild.  Provide customer with a risk ranked assessment that provides CVSS ratings where available and computed ratings where CVSS scores are not available.  The assessment will also identify whether published CVEs exist and whether an exploit is known to exist in the wild. 

Risk assessment — Conduct asset-based risk assessment for enterprise.  Assessment will include document review of all governance and architectural documentation including system and device configurations, event logs where available over the past 90 days (preferably 180 days), policies, standards and procedures, and vulnerability scanning of all information assets.  Assessor will interview at least one key technical and one key management resource for access control, network security, database management/ administration, system management for each server class and class of virtual environment, information security (if different from network security), and network administration/ management.  Deliverables will include executive summary, risk assessment on an asset class basis, findings ranked by security risk and potential impact to the business and a recommended remediation plan.

Security architectural/engineering services – provide support to customers in the deployment, configuration and/or administration of one or more of the following services:

  • Network security architecture—Review existing deployments of network and application firewalls, IDS/IPS, content filtering, antivirus, wireless and other network security services.  Evaluate architecture for potential exposure to external and internal attacks including APT like attacks and advanced evasion techniques.  If required, develop tactical plan to close perceived gaps.
  •  Access control – Using directory services such as AD or LDAP, Radius, and similar technologies.  Access control will look at servers and workstations, mobile devices, and employee owned devices allowed onto the network through direct attachment or VPN technologies such as IPSEC or SSL, if required, develop tactical plan to close perceived gaps.
  • Logging and monitoring – Review existing Security Information and Event Monitoring (SIEM) capabilities and practices within the organization.  Based on existing asset inventory, identify classes of event sources and capability of organization to collect and correlate logs from technology assets in the network to identify threats, vulnerabilities and potential attacks.  Assess organizational capacity to use logs to perform incident response and forensic analysis in the event of an identified attack from external or internal sources.
  • Configuration and Deployment assistance (systems assurance) – Assist customer by working with manufacturer or systems integrator to ensure purchased security device is configured and deployed to meet applicable regulatory requirements, customer requirements, and industry best practices.

Security Awareness Training – provide a customized course that combines custom content drawn and developed from actual use cases in the customer files and logs that will resonate with employees.  The service includes a pre-test and post-test to rate the effectiveness of the experience and can include phishing tests using carefully crafted email intended to hide in the normal traffic of the company.  Experience has shown that the value of this approach, particularly in the area of email security, has succeeded in motivating non-technical staff to not only recognize potential malware and phishing attacks but be able to instruct junior members of the organization in recognizing those attempts as well.

The Products

BlueTeamAssess LLC has reviewed the technology and solutions in the marketplace for their suitability for SMBs to complement the services described above.  The products offered at this time are the following:

  • Microsoft 365 – a subscription-based solution that provides a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.  This solution includes Office software, hosted email, advanced threat protection for email and digital rights management for sensitive communications and documents.
  • SkyKick – a subscription-based cloud backup solution using Microsoft Azure infrastructure that addresses challenges faced when moving from a premise based to a hosted exchange email solution and provides backup and archiving solutions for documents and email produced, sent and received in the Microsoft cloud environment.
  • Datto – A BCP/DR tool that provides on premises backup with cloud-based archiving to provide a secure, resilient backup solution for data and files produced in the office environment.
  • Malwarebytes – A premier malware detection and removal tool used to deep dive into the inner workings of your office PCs and Macs.  Malwarebytes for business offers industry leading endpoint  protection and response and will provide real remediation and ransomware rollback.
  • ManageEngine Office365 Manager Plus – a monitoring and configuration management tool that lessens the challenge of some areas of administration in the Microsoft 365 environment to meet certain areas of compliance and generate regular management reports.
  • SAINT Security Suite – A vulnerability assessment and penetration testing tool suite that can be used for internal testing and assessments, vulnerability management and meeting certain areas of compliance.  The SAINT offering can be configured to offer PCI-DSS quarterly scans that require certification by an approved scanning vendor.
  • EventTracker – a co-managed SIEM solution that offers 24/7 monitoring and alerting for SMBs.  This SIEM solution can also ingest findings from scans generated through the SAINT Security Scanner.
  • NeQter Labs Compliance Engine – A one box solution for SMBs that enables them to develop a compliance program including a written information security program that meets the DFARs requirements of NIST SP 800-171 and NIST SP 800-53.
  • Hook Security – Interactive phishing simulations to produce a customized offering for its customers that combines custom content and generic content to produce a phishing education program that resonates with customer employees. 
  • Dmarcian – Helps set your domain up to prevent others from spoofing your domain through email. Provides monitoring of outgoing email so that you have a first hand view of your outgoing email and whether the protections you have in place through SPF, DKIM and DMARC are working.

Blog

Posted on

Statistics get worse for SMBs. What Does It Take?

Mike Parsons is speaking October 18th at the UNCW Cybersecurity Awareness Colloquia https://lnkd.in/ezbeaC4 . The topic — “Educating Small Businesses and Local Governments to Create Cyber Security Programs.” The challenge — in spite of very scary data, these organizations are still not protecting themselves and their customers.

Posted on

Small Businesses Need CyberSecurity Programs for Survival

If you own a small business and engage in one of these activities, you need to have a Cybersecurity Strategy for your business.  Every one of these activities involves at least the receipt, processing and storage of sensitive data owned by your customers or by your business partners. Defense Food and lodging Health Care Financial …

Continue reading “Small Businesses Need CyberSecurity Programs for Survival”

Contact Information

BlueTeamAssess LLC
P.O. Box 1026
Swansboro, NC 28584

Cell: 336-403-9710
Office: 252-656-6506

Email: mike.parsons@blueteamassess.com
Twitter: @blueteamassess

Proudly powered by WordPress