EN | DE

IT Security Services

Mitigate ransomware risk. Strengthen security.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring

Improve IT security for on premise IT infrastructure and in the cloud

Our security services provide a modular toolkit which can be used independently, to improve security. These ransomware risk mitigation tools can be be used with cloud or “on premise” IT infrastructure.

Security monitoing: get early warnings and alerts for relevant security events in your IT environment.

Ransomware Recovery

Recover your IT environments from independent backups at Safe Swiss Cloud in case of an attack.

SIEM – Network Detection & Response

Analyse the big picture on your network devices and servers to detect suspicious anomalies with our SIEM system.

Active Directory Auditing

Get warnings for unauthorised changes; alerts and audit reports for your active directory.

End Point Security

Protection from malware, ransomware and viruses for your servers, workstations and other devices.

Email Security

Protect your Email: prevent it from being a channel for malware and ransomware to enter your organisation.

Firewalls & Intrusion Prevention

Perimeter protection to prevent unauthorised access, intrusion detection & web application firewall.

Security Monitoring

Safe Swiss Cloud offers a service to monitor the central dashboards of its security products and raise alerts. Many oranisations don’t have a SOC or NOC to check the dashboards for warnings and alerts. This service fills this need.

Security Support

Support for all the products in Safe Swiss Cloud’s security portfolio is available through our support packages. These support hours can be used to implement measures to strengthen security, get advice or for implementation.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


The ransomware recovery solution allows a restoration of infected / attacked IT environments from an independent backup. The ransomware recovery system allows for regular safe, encrypted backups to Safe Swiss Cloud’s data centers from IT environments anywhere (in house, cloud, traditional hosting). Mitigate your risk of a ransomware attack, by making sure you can always recover your IT environment by restoring from a backup which is outside the reach of malware.

Why do you need this?

Many successful ransomware attacks disable or encrypt in house backups, making a recovery from them impossible. Customers therefore, need to keep independent backups outside their own network, to always be able to mitigate the risk of ransomware or malware attacks.

Servers (or groups thereof) can be compromised in spite of the best protection tools. Typically malware and ransomware uses so-called “zero day exploits” in operating systems and application software to gain unauthorised access to systems. “Zero day exploits” are unknown software weaknesses (they have been known for zero days) and the protection systems in place may not always be able to prevent malware attacks, which exploit these.

Typicallly ransomware and malware attacks encrypt customer’s files, making them unusable. A restore from an independent backup, is the only way to recovery in such situations.

How does it work?

In case of a malware or ransomware attack, customers can restore their hijacked server from these independent backups to ensure a good recovery of their IT environments. To allow a full recovery, long term backups for at least 12 months or more are kept at Safe Swiss Cloud.

This easy to use ransomware recovery service, provides a web based interface, secured with https and two factor authentication (TFA or MFA) to manage the backups and recovery activities when needed.

The ransomware recovery system supports for Windows, Linux and Mac operating systems, while image backups are supported for Windows only.

The backups are compressed, encrypted and stored safely and redundantly, in Safe Swiss Cloud’s Swiss data centres using Object Storage technology. 

Service Details

The ransomware recovery service makes long term (at least 12 months) backups of your servers and data. It is a managed service by Safe Swiss Cloud, so in case an IT environment is compromised by ransomware, they cannot gain access to this system.

In case of a breach in an IT environment, these long term backups make sure that clean restores of all systems can be made quickly, allowing a quick recovery for employees to start working again.

The long term backups make sure that even if a file was encrypted a long time ago, it can be restored.

Support

Safe Swiss Cloud’s standard support packages can be used with the Ransomware Recovery service to get help with setup, changes and operational issues.

In case of a breach, Safe Swiss Cloud engineers are available to support IT departments with their recovery operations.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


SIEM (Security Information and Event Management) systems analyse the network traffic and server logs and look for anomalies in network traffic and server usage patterns, which could hint at dangerous malware or ransomware activity. SIEM systems look at the “big picture” in an IT organisation to determine what is normal activity and identify deviations from normal and raise alarms. A SIEM system is a must for multi-site / multi-branch IT environments with major exposure. The SIEM is the best tool for an early warning against sophisticated attachs.

Why do you need this?

By analysing the “big picture” of what is going on across the whole network of an organisation and its servers, the SIEM and/or Network Detection & Response (NDR) technologies can identify unusual, suspicious activity. The SIEM provides a very useful indicator of when malware and ransomware has slipped through the first line of defence and raise an alarm, allowing IT organisations to take special measures to prevent a malware attack.

How does it work?

The central monitoring console of the SIEM provides insights into attack and penetration attempts, alerting IT of unusual activity. The SIEM and Network Detection & Response (NDR) solutions aggregate the log files from network nodes and servers, analyse them continuously and raise alarms when anything unusual is detected.

Support

Safe Swiss Cloud’s standard support packages can be used with the SIEM – Network Detection & Response service.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


This tool monitors all changes to the Active Directory and blocks or alerts when suspicious changes to permissions and access rules are attempted. This is one of the most important tools for security, maintaining data privacy and reducing the chances of data theft. The compliance regimes at many companies, require this kind of system to maintain audit trails of such changes. 

Why do you need this?

Malware often tries to attack the Active Directory of an organisation, to misappropriate the permissions necessary, to access sensitive data or encrypt files. Customers need tools that prevent certain kinds of Active Directory changes, raise alerts when suspicious change attempts are detected and allow the scrutiny of changes to ascertain if they were legitimate. This system can warn when insiders try to gain access to sensitive data, they should not have access to.

How does it work?

The system allows the setting of policies which determine who is allowed to make which kind of changes in the Active Directory system. It maintains audit trails and can prevent unwanted changes. Attempts to manipulate permissions to gain access to sensitive servers and data, will lead to alerts being raised immediately.

Audit reports allow regular reviews of changes to the Active Directory, highlighting who tried to change the Active Directory to access sensitive data.

AD Audit+

AD Audit+ is provided by Safe Swiss Cloud as a service.

Help with the setup and customisation for the customer’s IT environment is available as part of Safe Swiss Cloud’s flexible support packages.

Monitoring Service

Safe Swiss Cloud provides an optional monitoring and periodic auditing service for the Active Directory based on this tool.

We warn customers if we notice anything unusual continuously. The periodic audit is designed to raise awareness among customers about how their users are behaving and to take appropriate improvement steps where needed.

Support

Safe Swiss Cloud’s standard support packages can be used with the Active Directory Auditing service.

IT Security Services by Safe Swiss Cloud

Protect your infrastructure from malware and ransomware. With security monitoring & 7×24 support.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


This is the first line of defence in the fight against malware and ransomware. This is classic malware and virus prevention running on “end points” like Windows or Linux servers and PC, Mac and Linux workstations (desktops and laptop computers). They detect known malware and ransomware and are even capable of detecting some unknown malware and ransomware variants by recognising anomalous activities or attempts to encrypt files. 

Why do you need this?

This first line of defence serves as a basic “hygiene” measure to ensure safety of data and security. It will prevent a malware agent from trying to install itself or run on a server or workstation. Such malware can be transported through Email or through “lateral movement” from a neighbouring infected computer or by visiting an infected website.The prevalence and complexity of ransomware and malware attacks mean that a central management console is essential for IT organisations to stay on top of attack activity affecting their organsation.

How does it work?

A central monitoring console provides insights into attack and penetration activity, alerting IT of unusual activity. Safe Swiss Cloud provides a monitoring service to alert customers.

This protection comes in the form of a software agent which is installed on every workstation (PC, Mac, Linux) and server (Windows, Linux) as well as other devices in use (tablets, mobile phones etc.).

These agent works silently in the background quarantining unwanted malware and ransomware or preventing them from executing code, while reporting everything to a central logging console.

Bitdefender

Bitdefender is one of the market leading providers of end point protection. It involves the installation of an end point protection agent on every end point (workstation, laptop, server).

The GravityZone console provides dashboards with drill-down tools to centrally analyse the data collected at the all the end points about threats.

Bitdefender Base

Provides anti-virus and malware scanning and protection

Bitdefender ATS & EDR:

This is a set of add-on predictive technologies which warn against potentially unknown threats.

Security Monitoring Service

Safe Swiss Cloud monitors your security situation and alerts you when you need to take action. This is ideal for customers who do not want to run their own monitoring operations.

MalwareBytes

MalwareBytes provides next generation anti-virus and malware protection for workstations and servers. For those looking for an ease of use, MalwareBytes provides low maintenance “set-it-and-forget-it” security for all operating systems.

A collection of easy to use dashboards for analyses and alerting round off the offering.

Functionality includes

  • Endpoint Protection
  • Endpoint Detection & Response
  • Incident Response

Security Monitoring Service

Safe Swiss Cloud monitors your security situation and alerts you when you need to take action. This is ideal for customers who do not want to run their own monitoring operations.

Support

Safefe Swiss Cloud’s standard support packages can be used for all the End Point Security products.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


Improve email security by scanning emails for infected attachments, “phishing attempts” which try to get the user to click on a dangerous URL or filter out spam effectively.

Why do you need this?

Email remains one of the most common channels used by malware and ransomware to invade an IT organisation. Therefore identifying inappropriate email, whether spam or carrying an infected attachment or getting users to click a dangerous URL need to be identified and disabled, protecting users from this menace.

How does it work?

This tool is typically placed “in front” of a mail server, where it scans all incoming email for malware, phishing attempts and spam, before sending only clean emails to a user’s Inbox on their email server (typically Exchange).

SpamTitan

This product is an ideal combination of spam and malware filtering of Emails. This technology is constantly updated to ensure very good spam protection.

It can easily be integrated into any Email server including Microsoft Exchange, Microsoft 365 or anything else.

Support

Safe Swiss Cloud’s standard support packages can be used for this product.

This covers help with setting up the service, making changes, solving problems and answering questions.

IT Security Services by Safe Swiss Cloud

Protect your infrastructure from malware and ransomware. With security monitoring & 7×24 support.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


Every IT environment should protect its network perimeter with a firewall to prevent unauthorised access. Modern firewalls also provide intrusion detection (IDS) and intrusion prevention (IPS) services which detect attempts to breach the perimeter. The Web Application Firewall (WAF) functionality protects against attempts to attack web based applications.

Why do you need this?

It is important to protect as many entry points into your systems as possible. Protecting your network is absolutely essential, because an intruder with network access can cause havoc by attacking servers and applications on the network. A good firewall with intrusion prevention and web application firewall functionality is part of the first line of defense for servers and workstations.

How does it work?

Firewalls work by limiting access into an organisation’s network to the very minimum needed, blocking traffic from suspicious sources and scanning the traffic traversing the network for suspicious or anomalous traffic. A well managed firewall makes the job of attacking an IT environment much more difficult.

Safe Swiss Cloud sells various standard products with support, setup and various services.

Support

Safe Swiss Cloud’s standard support packages can be used for the Firewall, Intrusion Detection and Web Application Firewall products.

Summary | Ransomware Recovery | SIEM – Network | Active Directory Auditing | End Point Security | Email Security | Firewalls | Security Monitoring


Safe Swiss Cloud offers a service to monitor the central dashboards of its security products and raise alerts. Many oranisations don’t have a SOC or NOC to check the dashboards for warnings and alerts. This service fills this need.

Why do you need this?

Early warning can be the key to preventing the spread of ransomware. But does your IT have an operations centre which can monitor the central security dashboards and warn you? This service fills this important function.

How does it work?

Our security services have central dashboards which raise warnings. This service makes sure somebody is watching and you get alerted when there are security relevant events.