Solid Foundations

Solid Foundations

Confidence in IT Security frees business rather than restricts.
Let us empower you to do more.

From Challenge to Transformation

From Challenge to Transformation

We work with the most daunting requirements from the largest organisations and exceed expectations on delivery

Security without Limits

Security without Limits

Solid security empowers and liberates business to be more creative, rather than restricting innovation

Disaster Resolution

Disaster Resolution

If you need help with a security incident, or you need expert remedial help immediately, call us.

Lithify:

/ˈlɪθɪfʌɪ/ : to change to stone : petrify; especially : to convert (unconsolidated sediment) into solid rock.
intransitive verb: to become changed into stone.
IT Security: to cut through the mire of conflicting advice and provide a solid foundation for business.

Security is our Sole Focus 

IT security shouldn't restrict, it should empower:
By providing a solid foundation, we enable business to be more innovative, more creative, more productive. 

Lithify is a specialist security reseller. We provide complex IT Security solutions to the largest companies in the UK and worldwide.
Our solutions are market-leading, delivered by experts with international reputations for excellence in their chosen fields.

We work with our clients on an ongoing basis to ensure that the investment made in IT security is utilised to the full and grows as the organisation evolves. 

We work in the most challenging environments to make security work for the business it serves. Our reputation for troubleshooting and problem resolution is unparalleled. 

Talk to us today about how we can help you reach your goals. 

 

 

These days we're all using "served" applications (SaaS) - Asana, 0365, Google G Suite, Salesforce, SageOne, Slack, Dropbox - there are many. I can't think of a single enterprise in our current customer base who doesn't have at least one.

 

This change has happened gradually over the last 5-10 years. We've adopted these technologies because they provide convenient, hassle free applications with zero footprint and vastly reduced management overhead. Their reach into our enterprise is huge. 

Has Anyone Considered Security?

Maybe, but pretty well no-one in the mainstream. Users certainly don't.

We all take it for granted that a username/password combination will protect us, and really, that's far less secure than the standards we'd apply elsewhere in our network. Simple username and password, in some cases with added 2 factor authentication is not enough to prevent account take over from a compromised device.

The most typical security consideration for such applications has been ensuring that a rule on the firewall is set to allow. We've left the rest in the hands of third parties. Essentially, we've punched a hole in the firewall, to SSL traffic that we can't inspect, to allow an instance which may or may not be genuine, or may or may not be the corporate instance we intended, and we've left the rest to chance.

  • Who's using that instance are they the intended users, or are there rogue elements masquerading as your employees?
  • What are users really viewing through those channels? Are they running the corporate instance of Office365 or their own "hotmail" version, and if so what data are they therefore able to exfiltrate by attaching to a private account?
  • What happens when a user accesses the instance from a compromised smartphone? Are we picking that up?

 

What Should be Happening?

The mainstream adoption of cloud has been a good wake up call for all third party applications and services, because we're now asking what more can be done. A new breed of security solutions are being released in order to address the specific issues which come with the adoption of a new way of working.

Cloud security is still in its infancy - the tools are available, but the widespread understanding of their importance has some way to go. SaaS application security is even further behind, way back in people's minds, or not even there at all.  SaaS security should be paramount given their reach - protecting against account takeover, compromised devices and data exfiltration. 

The tools to protect such environments are emerging - we have good ones just released for the largest applications, but it's a huge growth area for the next 24 months that we all need to consider.

20 May 2019

Security Still Centred on Perimeter Firewalls? Let's Think Bigger!

Still hanging your security on perimeter firewalls? Its time to broaden your scope Who reading this thinks that perimeter firewalls are the main game in security? Many people still do. We've...

26 Feb 2019

Account Takeover - Why Now?

One of the oldest breaches in the book is back and the consequences (which have always been bad) are now worse than ever. Account takeover has existed for a long time. It used to rely on poor...

19 Feb 2019

Thinking Of Downsizing Your Firewalls?

I'm constantly talking to both existing & prospective clients and a new phenomenon is catching my eye. Downsizing, simplification and cost cutting are becoming a trend. I can see why. Firewalls...

12 Feb 2019

SaaS Application Security - The Missing Puzzle Piece

  These days we're all using "served" applications (SaaS) - Asana, 0365, Google G Suite, Salesforce, SageOne, Slack, Dropbox - there are many. I can't think of a single enterprise in our current...

04 Feb 2019

Zero Day Video

The concept of Zero Day can be quite tricky to understand so we've made this awesome video to make it a little bit clearer!     {youtube}b5-50df7Whk{/youtube}

How to Engage Us

Lithify is available for short or long term engagements, to help with a problem, to implement a specific project or as your preferred partner in IT Security. 

Contact us, book an initial (free of charge) consultation or request an urgent call back

Contact Us