We want our customers to know our promise to keep CIT and their business secure as cyber threats evolve. We keep data privacy top of mind, adhere to industry and government standards, and comply with the latest regulations across solutions and services.
CIT uses a 3rd party to audit our security program to the SOC 2 Type II compliance standard
We include yearly security reviews, security training, vulnerability scans, and so on in our offerings for our customers. This is by design, we are purposely building strong, secure core infrastructure and the core of a security program for our customers. While that is a great start, our customers are strongly encouraged to have detection and recovery processes and tools in place such as Endpoint Detection and Response capabilities and a secure, validated recovery solution.
CIT uses a 5-step framework to keep your business secure
This is the core of our security program. Our security governance program includes assessments, gap analysis, security policies and procedures, change management, vendor management, etc.
- Make a list of hardware, software, and data.
- Map organization communication and data flow.
- Catalog external information systems.
- Establish cybersecurity roles and responsibilities for the workforce.
- Create and share a company cybersecurity policy.
This includes building both Administrative as well as Technical controls to protect data, identity, and all company assets.
- Control who logs on to your network and uses devices.
- Encrypt sensitive data, at rest and transit.
- Conduct regular backups of data.
- Update security software regularly, automating those updates if possible.
- Have formal policies for safely disposing of electronic files and old devices.
- Train everyone who uses your devices and network about cybersecurity.
CIT uses several tools to help detect threats and anomalous behavior including our SIEM solution and an advanced detection and response toolset from Darktrace.
- Monitor your devices for unauthorized personnel access, devices, and software.
- Check your network for unauthorized users or connections.
- Investigate any unusual activities.
- Event data, from multiple sensors and sources, is collected and correlated.
- The impact of detected cybersecurity events is determined
- A baseline of expected data flows and operations for systems and users is established and managed.
As mentioned above, CIT uses Darktrace as part of our autonomous response systems, as well as a Security Operations Center to review alerts and correlate data against known and unknown threats.
- Notify customers, employees, and others whose data may be at risk.
- Keep business operations up and running.
- Report the attack to law enforcement and other authorities.
- The impact of detected cybersecurity incidents is determined and contained.
- Cybersecurity incidents are analyzed to better understand attack methods and targets.
- Updating your cybersecurity policy and plan with lessons learned.
CIT uses a robust backup and restoration toolset to ensure we continue to provide service and ensure our operations are minimally impacted.
- Repair and restore the equipment and parts of your network that were affected.
- Keep employees and customers informed of your response and recovery activities.
CIT uses ConnectWise as our core toolset
ConnectWise has put significant effort into improving its security posture. Most recently it has rolled out a security page to help be more transparent about its program and roadmaps.