Cyber Compliance

Davi Schmidt:
Hi everyone, and welcome to our Watch It Work series. I'm joined by senior manager of customer solutions from Entreda, Rishi Malik and customer solutions specialist from Entreda, Sean Higorani.

Davi Schmidt:
We're here to show you what's possible with the centralized console to manage and measure cyber risk and cyber compliance. Let's go over the agenda, so you know what to expect from us. First I'll give a brief overview of the Smarsh and Entreda partnership. Then I'll hand things over to Rishi and Sean, where they'll give an overview of cybersecurity, risk mitigation, and compliance. We'll then dive into the demonstration.

Davi Schmidt:
So let's talk about Smarsh and Entreda. Smarsh acquired Entreda, expanding our product offerings to encompass award-winning cybersecurity risk and compliance solutions. The Entreda Unity platform enables organizations to monitor and address their cybersecurity risk posture across multiple threat vectors. Its unified easy to use dashboard provides insights into organization's vulnerabilities across devices, networks, users, and vendors, and helps customers mitigate risk and strengthen areas of need. This combination of Smarsh and Entreda, both category leaders, creates a regulatory and cyber technology powerhouse. Now we'll hand it over to Rishi and Sean for the Entreda overview.

Rishi Malik:
Thanks Davi. Now in order to meet SEC and FINRA compliance guidelines, most organizations will need to subscribe to numerous endpoint management solutions, including mobile network scanning solutions, simulated phishing, and security awareness training and vendor risk management solutions. Cybersecurity, as we all know is a highly siloed industry. Entreda Unify puts all of these solutions in a single platform with integrated SEC and FINRA compliance reporting. Now, most organizations need to aggregate 8 to 10 siloed solutions and then hire someone to manage and report on all these variousx point solutions, which will be costly and typically inefficient. What we've been able to do at Entreda is build a lot of these point solutions in-house and integrate them into one platform that we call Unify. Now Unify provides you with a centralized console to manage and measure cyber risk and cyber compliance across, and access all your various cyber point solutions from the same place. Across your entire organization, including any remote workers, independent contractors, and 1099 reps that you may have. Now I'm going to go ahead and hand it over to Sean, who will actually be able to show you the product live.

Sean Higorani:
Thanks Rishi. So, one thing I want to show here before I show the Entreda platform is an alert that the SEC released a few years back and although this document is dated back to 2014, these are still guidelines that all auditors follow when it comes to cybersecurity. And just to show how stringent these auditors can be, a few quick examples here showing the items that they can check for. They want to see that firms are doing physical device inventories, they want to see software platforms are being inventoried. They want to see that security-related events are being logged. They want to see that all firms have a cybersecurity policy in place and that they're doing periodic risk assessments on their networks and the list just goes on and on, and it's very tedious for financial firms to keep up with all of this. And this is where Entreda steps in, we try to make this whole process right here, as easy as possible.

Sean Higorani:
This is what the Entreda platform looks like. You'll see that the layout is it's a dashboard that leads to a bunch of different features that we have here. The very first step when a financial firm signs up with Entreda, is we help them with their cybersecurity policy. It's a very easy process, basically the moment a firm signs up with us, we'll send them a link to fill out this form over here. The form contains about 15 questions, and it'll ask them things like if they have a physical office location, how many total devices do they have? Do they have any wireless networks? And at the end of all of it, they just press generate policy, and Entreda will instantaneously create a 45 page cybersecurity policy for them. If the firm already has a cyber security policy, then Entreda is always more than happy to review that policy for them. We've had the luxury of working with hundreds of different policies and our own policies that people create through us have been through over 1200 audits at this point, so we can always provide them that benefit of crowd intelligence that they would like.

Sean Higorani:
Once the cybersecurity policy portion is out of the way, the next step in the process is to invite people at the firm to create their accounts and to get the app installed onto their devices. This is also a very easy process. All a user needs to do is go to "Enroll" button over here, and it'll take them to a page where they can see all of their users and devices in one page. If they want to invite somebody to create their account, they just press "Add New User", type in their first name, last name, and email address and send the invitation to set up the account. Now, once the account is set up to download Entreda, all you have to do is go to this "Add Devices" button over here. It'll take you to a page with a blue button that says, "Download Unify Applet."

Sean Higorani:
You simply click on this button over here, you follow the three step process. Then within two to three minutes, our app will be installed onto the device, and the application itself is very small. It's only about 25 megabytes and it just runs in the background of the computer and it doesn't affect any computer performance or day-to-day operations. We also do monitor mobile devices, so if a user ever needs to install it onto an iOS or Android device, they can always just go to the App Store or the Google Play Store and search for Entreda Unify and install that application there.

Sean Higorani:
So the next section I'll show you is our compliance table, and the compliance table is where you can see all the items that the Entreda app is checking for once it's installed onto the device. As you can see, we go by a pass fail system to keep it as easy as possible for people to read and understand. And if a user ever wants to see why they have a pass or fail, they can just hover over the question, mark and Entreda will give them the reason as to why they're either passing or failing. I'll run through this section one by one right now, so you can get a better feel for what Entreda is checking for.

Sean Higorani:
The first item here is Firewall. We're checking to make sure that the client firewall is enabled on all their devices. A couple of quick examples here, a pass would be like the windows firewall is enabled here. To fail would be that the windows firewall is disabled here. In situations where users are not meeting certain compliance checks, Entreda has a feature called "auto remediation", where we have the ability to fix certain issues for our customers in real-time. Quick example of that would be right here. With this device, the firewall is disabled. With this, what'll happen in this situation is Entreda will send a pop-up to this device, and the pop-up would simply say, "Entreda is detecting that your firewall is disabled, do you want Entreda it to fix it for you?" At that point, you just press yes on the pop-up and Entreda will instantaneously turn on the firewall for that device. The fail will turn into a pass in real-time and we would record that event for auto show purposes. It's just a neat feature we have that helps people save time and meeting some of these compliance checks here.

Sean Higorani:
The next item is Peer-to-peer Software. And what we're checking for here is we're checking to make sure that users do not have any peer to peer software installed on their devices. Common examples of peer to peer software are like BitTorrent and UTorrent, which are very popular for downloading music or movies illegally. We see it as a very easy way to get a virus on a computer, so we have a whole blacklist that we go by. If we ever detected a peer-to-peer software, that's on our blacklist, we would give the device a fail, and we would state what the product is right here that the person needs to remove from their device.

Sean Higorani:
The next item here is Antivirus. We're checking to make sure that the device has an antivirus product installed on it, and that it's also running at all times. A few quick examples here. A pass would be like Sophos antivirus, which is a sufficient antivirus product. A fail would be like for these two devices, they don't have any antivirus installed on them. Then we have these warnings over here, and at Entreda, we try to make sure that our customers are doing more than the bare minimum for cyber security. Based off of third party reviews, as well as in-house testing, we can recommend antivirus packages to our customers. We give warnings when we believe that it's a very basic antivirus, that's being used. A good example of that is like Windows Defender, which is the antivirus that comes built-in with windows computers, and because it's more of just a basic scanning and it doesn't really do too much, we give it a warning here. In situations where users do not have an antivirus product installed, Entreda has the ability to install an antivirus for that device as a part of our auto remediation service.

Sean Higorani:
Next section here is Disk Encryption. And what we're checking for here is we're checking to see if there's whole disk encryption enabled on the devices. Per SEC, FINRA guidelines, it's required to encrypt laptops and mobile devices. Then it's only recommended on desktops, so this is a good section to have if there are any laptops or people that are traveling frequently with their business devices, it's a good way to make sure that the hard drives are secure at all times.

Sean Higorani:
The next item here is Wi-Fi, and this is a very straightforward one. We're checking to make sure that you're always connected to a secure wifi, and another example of our auto remediation here, so let's say that you take your laptop and you go to Starbucks and you connect to the unsecure wifi at Starbucks. As soon as we detect that you've connected to that unsecure Wi-Fi, Entreda will send a pop-up to the device and the pop-up would simply say, "Entreda is detecting that your Wi-Fi is not secure, do you want Entreda to fix it for you?" At that point you just press yes on the pop-up and Entreda will instantaneously launch our VPN service. The VPN would secure Wi-Fi so that nobody else can monitor your network traffic and you can browse the web safely again.

Sean Higorani:
The next item here is Password Policy. And what we're checking for here is we're checking to make sure that there's a password policy being enforced on all devices. With our application, we do not collect any personal data, so we will never be able to see passwords or emails or the websites people go to or anything like that. And we want to make sure that people have strong passwords to log into their computers, so we enforce these password policies. And through these policies, we can make sure that people are changing their password every few months or that they have a complex password that's at least eight characters, and that they're not recycling passwords, so just multiple things that go into this check here to make sure that the password you use to log into your computer is as secure as it can be.

Sean Higorani:
The next item here is Anti-Spyware. And very similar to antivirus, we are checking to make sure that there is an anti-spyware product installed on the device, and that it is also running at all times. Most anti viruses do come with anti-spyware, so this is a good section to make sure that the anti-spyware component of the antivirus is actually turned on and running properly.

Sean Higorani:
Then the last item in this table is OS Auto Update. We're checking to make sure that the device is set to automatically update whenever there's a critical patch pending. Through this, we can help make sure security patches are always going through. Then what makes the Entreda platform stand out is actually what we do with all of this data here. We take all of these compliance checks, and then we also take about 20 other factors on the device. We have the ability to score the device on the scale of 200 to 800. We call it a cyber risk number, and it's basically a snapshot showing how secure each device is overall from a cybersecurity standpoint.

Sean Higorani:
For example, we can see that this device has a score of 650, because it's not meeting four of the compliance checks, and there are also critical patches pending. A 650 obviously isn't the best score. Again, it's just a nice snapshot that shows a user how secure their device is overall. We take it one step further by averaging out the cyber risk numbers here, to give an overall cyber risk number that helps you see how secure the firm is overall from a cyber security standpoint.

Sean Higorani:
Included in this overall cyber risk number is also the compliance table for iOS and Android devices. It's the exact same concept, but the only difference is check for five different things here. We check to make sure that there's a passcode enabled. We'll check to make sure that the auto lock is set to one minute or less. We'll check to make sure the operating system is up to date. We'll check to make sure the device is encrypted. And we'll also check to make sure that they are connected to a secure Wi-Fi at all times. Our mobile app does come with a mobile VPN feature, so if users ever connected to an unsecure wifi on their phone, they could always just log into our mobile app, and with the push of a button turn on a VPN feature that would secure their Wi-Fi for them.

Sean Higorani:
The next section I'll show you all is our Analytics section. The analytics section goes into a bit more depth about some of the items that we're checking here, and I'll show just two pages here. Our first one is our application inventory. This page will show you every application installed on every device underneath the account. We have this section here because it not only meets that one requirement of software platforms need to be inventory, but it's also a good way for our firms to reconcile their policies against their implementation.

Sean Higorani:
An example of that would be like, let's say that a firm creates a cybersecurity policy and in the policy, it states that nobody is allowed to have Dropbox on their devices. If you want to approve this, this is actually the case that nobody has Dropbox on their devices. You could simply search Dropbox right here and instantaneously, you can see every device that actually does have Dropbox, and isn't following the policy that was set up for them, so it's a good way to make sure that users don't have any applications that you don't want them to have.

Sean Higorani:
Then the second page in our analytics that I'll show you here is our Drive Leakage Monitoring. If a firm uses a thumb drive or one of these four cloud drives over here Entreda has the ability to monitor movement within those cloud drives. Like I mentioned earlier, we do not collect personal data, so we are unable to see what's inside of these files, but we do have the ability to see what drive is being used. We can see the name of the file and we can see the exact time and date that the file is either stored, deleted, or modified within the drive. We have this section here because this is another thing auditors do like to see. They want to make sure that the firm knows that there's no malicious activity happening within their jobs.

Sean Higorani:
The next section I'll show is our reports and the reports are probably the most important part about the Entreda platform because they not only sum up everything inside the portal for the customer, but it also meets everything that auditors look for when it comes to cyber security reporting. We call them cybersecurity surveillance reports. We send them out on a weekly basis to our customers, and we also store them historically for them from the week they signed up with us, and here is a sample report. Like I said, it sums up everything inside the portal so, the user will be able to see all their cyber risk numbers, all their passes and fails. They can see details about the operating systems. They can see the number of pending patches on every device and compared to the previous week. They can see data about our auto remediation, so whether it's turned on or off, and the number of times people have declined our remediation.

Sean Higorani:
They can see the application inventory, so the number of applications installed on every device and compare that to the previous week. Same thing for system processes, and then they can also see data about the cloud drive data leakage monitoring. For iOS and Android, they'll be able to see the cyber risk numbers, the passes and fails, and then details about those operating systems. The pending OS patches tables show the user, every pending patch on every device, underneath the account. We separate them from the critical patches and the optional patches and if a brief description of the patch is available, we do provide that to the customer in this last column, over here. The network topology scan is a scan that's automatically run once a week, and how it works is we take one of the devices from the account at random. We use it as a probe to find all the unidentified devices that along within the network. So this will pick up the routers, the switches, the printers, or simply just devices that don't have Entreda installed on them. It's meant to serve as a physical asset inventory for when they get audited.

Sean Higorani:
Then the last page here is our document queue, which sums up what Entreda does. So for Windows and MacOS, it'll show you what we're checking for here. It'll show you how our auto remediations work. Then for iOS and Android, it'll show you what we're checking for here, so again, overall, it's just a very in depth report that meets everything auditors look for.

Sean Higorani:
The next feature that Entreda has is remote desktop. The example here is like, if you're on a personal computer and you need to access the work computer inside your office, you can do that through the Entreda platform here. And the requirements for this to work are the user needs to have our VPN service enabled, and if it's a Windows device, it needs to be a business grade operating system, like a Windows 10 professional, for example. If it meets those two requirements, the user will be able to press "Connect" right here and it'll open up a new tab in their browser. Then all they have to do is just enter in the password to that computer. Then within a matter of seconds, they'll be remoted in, and they can work as if they're inside their office.

Sean Higorani:
The last section I'll go over here is our service add-ons. Entreda offers a bunch of additional services and we do try to serve as a one stop shop for cybersecurity. I'll show you just a few of the features that we offer here. Our first one here is third-party vendor risk assessment. This is where we have the ability to do a due diligence on a vendor, if they would like. How it works is they press ad vendor details here, and all they have to do is enter in the contact information of that vendor. Once they confirm the details, Entreda will send a form to that vendor that we built in-house based off of the NIST guidelines of cybersecurity, and the user will be able to track that form so they can see whether the vendor completed it, whether it's in progress or whether they received it, but haven't touched it yet.

Sean Higorani:
Once they complete the form, you can download it and will show that customer how the vendor did on that form, so we actually score them using some in-house metrics and we can provide them with information that shows them how secure that vendor is overall with their personal data. Then if they go through the report, we actually show how they scored on each category of questions that we asked, and we also show them how they answered each question here. So just a nice snapshot that shows the customer how secure their vendors are overall with their personal data.

Sean Higorani:
The next service here is our Phishing simulations, and this is where we have the ability to mimic a phishing attack on a firm if they would like. How it works is we send out three phishing emails over the course of three weeks and the user will have the ability to track the status of that email in real-time. They'll be able to see how many people open the email, how many people clicked on a link, how many people got phished, and if a user does get phished by one of our emails, they'll get taken to our website where they have to watch a video and take a quiz on phishing, so it's meant to serve as an education based service, where we're trying to make users aware of what a phishing email looks like. The service that compliments it is our security awareness training, where we send out three training modules over the course of three weeks.

Sean Higorani:
In each training module contains a video in quiz on a cyber security related topic. What makes this service stand out is we do a context based training, meaning if a user signs up with us, they get the app installed, and then we notice that there's a lot of password policy fields for example. Based off of this data, we would send training modules about password policies and password basics, and modules like that to make users aware of what they're doing wrong, and how they can correct it.

Sean Higorani:
Then the last here is our Vulnerability Scanning. This is where we have the ability to do a vulnerability assessment and penetration test on a user's network. How it works is the user just presses "Configure Scan" on the top, right over here, and it'll give them the option to do either an external scan or an internal scan. I'll click on external, for example here, and all the user has to do is just enter in the IP addresses that they want scanned, and confirm the date and time they want the scan to happen. Once the scan happens, it pops up in the results section here, and this page just gives a high level overview showing how many vulnerabilities we picked up. If they download the report, it'll give an in-depth analysis about each vulnerability that we detected. And we also provide them with remediation steps, so how they can actually fix the vulnerabilities that we picked up. The main goal of this service is to give the customer an overall scope of their network so that they can see the vulnerabilities that are lying both inside and outside of their network.

Sean Higorani:
To sum up everything I've just shown you here, the main goal at Entreda is not only to make sure that our customers are meeting the SEC, FINRA requirements for cybersecurity, but we're trying to provide financial firms with the platform where they can see all their devices in one dashboard and immediately see what needs to be corrected, and then we also offer that service that corrects the issue for the vend. All in all, we're just trying to make the whole process of staying compliant as easy as possible for financial firms.

Davi Schmidt:
Awesome. Thanks for walking us through all of that. I have a couple of questions

Davi Schmidt:
The first question here is I'm a part of a broker dealer and have independent reps that will likely fight back if they need to install software on their personal devices. Have you seen this issue before? And how do you suggest responding to these inquiries?

Rishi Malik:
Yeah. Great question. So, we've ensured that our application monitors and secures your devices without acting as big brother software, right? We take privacy very, very seriously being in cybersecurity, and we are only monitoring security settings on your devices through our app, but we do not have any access to any personal data, PII data or any sensitive information. An example of that is we could see that you have an outdated, vulnerable version of Chrome, maybe on your desktop, but we have no insights as to what sites you're using are visiting on that Chrome browser.

Davi Schmidt:
Great. Thanks. Next question here. Does your platform help with NYDFS cyber guidelines?

Rishi Malik:
Yes, we do. Our platform revolves around this guidelines. We work very closely with SEC and FINRA to ensure that our product meets the standards of various regulatory boards, including state boards, specific requirements like NYDFS as well. Now, as part of our onboarding process, we'll work with you to kind of build out a cybersecurity policy as Sean had alluded to, which will encompass some of these items like NYDFS regulations.

Davi Schmidt:
Can I purchase specific services by themselves?

Rishi Malik:
Absolutely, you can. We have what we call an à-la-carte menu that allows you to pick and choose any of the services that kind of best fits your firm's needs. Although, we do recommend leveraging all the services, so you kind of have the benefit of all of your cybersecurity risk management tools in one console with one vendor, you can still choose any subset of the services that we offer that you would like to purchase.

Davi Schmidt:
Great. Thank you. If any of this has piqued your interest and you'd like more information or more in-depth conversation about how Entreda can accommodate your particular environment, we have a team of extremely knowledgeable folks that would love to walk you through that. Feel free to email us at Advantage@Smarsh.com with any additional questions or comments. So thanks again for attending this Watch It Work and thank you Rishi and Sean for walking us through everything.