We are masters at these frameworks and many more.
Getting or staying compliant with regulations can be difficult. Doing it inhouse can be very costly, time intensive, and at a much greater level of effort for companies.
Please reach out for pricing, discounts can apply and are based on 1. number of devices (starting at 50), 2. number of different services subscribed to (starting at 2), and number of years committing to (starting at 2). Fixed prices will be listed on this page.
These solutions can be in several forms:
Patching - All regulatory environments require devices to be patched and not end of life (EOL) or end of support (EOS). Arrakis can help your company stay in compliance by helping ensure that the latest Operating System (OS) and third party software patches are installed. This greatly reduces the chances of a bad actor injecting hostile code or taking advantage of vulnerabilities. As a part of this we can also do hardware and software inventory so you can understand what hardware needs to be upgraded or simply keeping track of your software licensing so you don't run afoul of the SPA as well as run custom scripts to help reduce the need to touch each computer in your environment. Pricing is based on devices to be patched.
Enterprise Anti-Virus - All regulatory environments require a solid antivirus and antimalware solution. Having a single pane of glass for visibility certainly helps also. The Arrakis solution also allows for risk profiling, misconfiguration detection, policy enforcement, and ties into our SOC solution mentioned below. Pricing is based on device count. As an added bonus, you also have the option of adding in ransomware detection and EDR (both discussed below) for a slightly higher cost.
Security Operations Center (SOC) - Our 24x7x365 USA based SOC team will help detect issues when you aren't looking. A majority of our other services also tie into the SOC to give increased visibility across the board with less effort to do so. Cloud environments and local on-prem hardware can also be monitored. This is a great solution for hybrid or remote workforces that are mobile. Pricing is based on device count.
URL Filtering - the new ISO27001:2022 specifically requires this however several other frameworks also either require or strongly suggest implementing this. This services helps local or remote users to not gain access to possibly hostile locations as well as provides security personnel more insight into internet locations being visited. Pricing is based on device count.
Vulnerability Assessment - All companies should have a complete understanding of their vulnerabilities as well as the ability to track and show improvement. All frameworks require vulnerability assessments be performed by an internal group as well as have, at least annually, a 3rd party vulnerability assessment performed. Using industry recognized tools, our professionals will capture and categorize your vulnerabilities for in-scope devices and IP addresses. This is required by all regulatory environments and pricing is based on routable site locations. For example, if you have one site but it can route to multiple other locations then it counts as one site. If you have more than one site however they can't route to each other then it counts as more than one site. Pricing is $9,000 per site, per year with an unlimited number of IP addresses per site and manual review of the outcome to allow our security professionals to help determine risk to your company. Vulnerability Assessments are suggested to be no more than weekly but no less than monthly.
Governance, Risk, and Compliance (GRC) - Arrakis has partnered with numerous GRC tool vendors to offer a highly customized GRC instance to support your company. Pricing varies based on the specific tool however starts at $25K. Regardless of the tool you select, and we'll give you multiple options, all the tools will come with a high level of Arrakis support and configuration when coupled with our consultative services. Just some of our partnerships are OneTrust (formerly known as Tugboat Logic) and Apptega.
Network and Cloud Security Assessments - Routine assessments of your local or cloud-based environments for possible detection of areas of improvement. This is a key factor in network and security architecture reviews and improvement. Pricing can vary, with being by the hour for a senior level security and network consultant however can also be a one time fee of $10,000 per occurrence, based on the level of complexity of your network. However, if a significant amount of other services are subscribed to, then it isn't uncommon for Arrakis to offer this service at no charge.
Penetration Testing - Taking our vulnerability assessment one step further, if you wish to have active attempts into penetrating your network then Arrakis personnel can help show how a vulnerability can be exploited to gain access to the network and potentially sensitive information. Penetration testing can be performed externally (from a hackers perspective) or internally (from an insider threat perspective) as well as demonstrate how easy it is to exfiltrate data to an external destination. Pricing is $35,000 per year for up to 250 IP addresses. Arrakis suggests no more than monthly penetration testing but no less than quarterly in order to ensure compliance with regulatory environments. Read more about Penetration Testing here.
Security Information and Event Monitoring (SIEM) - Logging and monitoring is required in all regulatory frameworks and having a single pane of glass for this information gives a clearer picture of what is going on in your network. Arrakis can monitor hostile activity, illegal attempts to gain access, O365 environments, Github environments, etc... and help reduce time to respond to potential incidents and increase potential threat intelligence and bad actor tactics. Pricing is per device, per month.
Data Loss Protection (DLP) - DLP is becoming more and more in demand with companies of all sizes. Our solution is at the workstation level and doesn't depend on Azure or GSuite to function and looks for suspicious activity on the end user workstation. We'll track remote destinations, and possible hostile activity being performed by the device/user. Arrakis always suggests monitoring activity for 3-4 months before turning on blocking of activity in order to possibly uncover unknown activity. DLP is also a new requirement for ISO27001:2022 and helps also reduce the risk of a compromised device being used to exfiltrate data. Pricing is per device, per month.
Privileged Access Management (PAM) - PAM allows for the reduction of administrative privileges for the normal user/administrator but does allow for the functions that the user/administrator needs to do with very little interaction. Our solution allows for certain functions to be approved but then have a rule created which auto approves future requests of the same type. This meets the needs of regulatory requirements and is priced per device, per month.
Identity and Access Management (IAM) - IAM helps greatly with the integration of different technology within a corporate environment. Additionally, our solution allows for faster permission reviews for user reviews as required by all regulatory environments. Pricing varies and must be scoped.
Zero Trust VPN - This will greatly help your remote or hybrid workforce in that before allowing connection the device is inspected for safety and policy compliance. There are numerous ways that we can connect the device to the secure network. This also helps your company move to the cloud faster and not have the need for physical servers. Pricing is per device, per month.
Multi-Factor Authentication - Add something more than just a password to your security strategy. Required in most regulatory environments, our solution will help you get more secure. Pricing is per user, per month.
Backup with Cloud Recovery - Back up your local and remote devices to a secure cloud location. If you have a device that has been compromised then you have the option of using the last known good in a virtual machine while you are recovering the hardware. Versioning of files is possible to recover that document you liked before everyone else changed it. Price is per device, per month.
Ransomware Detection - Help improve your chances of recovering from ransomware by detecting it sooner. Great tool to have and is an add on to one of our other services. Price is per device, per month.
Secure Remote Access - Our solution meets all regulatory environments where remote access is needed and requires multifactor authentication. Perfect for IT folks that need to manage remote machines. Price is per device, per month.
Endpoint Detection and Response (EDR) - A supporting function of our antivirus and antimalware solution mentioned above. Helps a company to respond faster and with better effectiveness when dealing with possible incidents or bad actors and increase confidence in the security posture of the company. Price is per device, per month.
Computer Warehousing - Acting as a "warehouse manager", Arrakis will order and configure devices before sending to the user. This also allows Arrakis to configure a "golden image" with security controls already in place to support the client as well as provide scheduling to the company to help ensure that devices are ordered and on hand to be available when needed. This service also allows clients to anticipate budgeting and allow for advance ordering of devices. Price is per device, per month.
Vendor Due Diligence - Required by all regulatory environments, Arrakis will investigate and vet the security posture of your clients to help ensure those vendors are safe and risk has been accounted for. Price is per vendor, per review occurrence.
User Permission Reviews - Required by all regulatory environments, Arrakis will review your users to help you understand their permissions within your environment. Price is per user, per review occurrence.
Enterprise Password Management - Help prevent areas of your network, or accounts, or sensitive files, or anything else get passworded by a user only to have that user leave the company. Our solution can help generate complex passwords and is stored on our isolated inhouse system. Price is per user, per month.
Ticketing System - While not required by all regulatory environments, proving you did the remediation work is required and our cloud-based ticketing system is a good option to meet your needs. Allows for reporting and custom dashboards to visualize work effort easier, anticipate support funding needs, and understand trouble areas within your company. Price is per user, per month.
Arrakis Consulting © 2017-present
DUNS# 081000330
CAGE Code 80N01
A Service-Disabled Veteran-Owned Small Business (SDVOSB)
© 2017 - Present, All Rights Reserved
Office 602-383-4141
FAX 505-806-7630
Email [email protected]
AI Website Maker