Unique blend of corporate cybersecurity and managed support for small and medium-sized organizations
ThreeShield blends exceptional managed IT support, proactive system and security monitoring, strategic planning, compliance, secure development, cloud management, proprietary tools, and audit readiness to create unique holistic IT security and support service value.
We recognize that industry-standard responsive "Managed IT Service" increases long-term costs when hackers gain access without being noticed, preventable hardware failures stop operations, and compliance concerns trigger emergencies.
Go Fast and Break Things
Reduce Chaos, then Accelerate
It’s not as catchy, but it’s what we do – and it works because we go beyond basic “managed IT” service that has resulted in widespread ransomware attacks over the last few years.
In contrast to “industry standard” managed IT service providers (MSPs) that rely on tools make it easier for MSPs to work -- but don't provide the best security or reliability, ThreeShield built custom tools to allow us to use an eclectic toolset in combination with an advanced strategic approach and preventive setting changes that standard MSP tools simply can’t do.
Instead of reselling tools, we focus on risk and reliability managemnet. As such, as technologies and threats change, our toolset changes. However, with rare exceptions, we keep per-computer costs constant.
All you see or need to care about is that we're managing risk so your business can grow.
Traditional Managed IT Service
Industry-standard responsive "Managed IT Service" is less expensive on up-front than holistic IT -- but inevitably leads to problems from unsupported hardware and software, missing patches, and devestating attacks.
Virtually all Managed IT Service Provider (MSP) companies have tools to manage computers and take tickets. They use third-party call centres for support and provide limited "cybersecurity" through tools that work nicely with their primary computer management and ticketing tools. This means MSP-friendly traditional antivirus, web filtering, minimal patching, backups, and network equipment -- without proactive system monitoring, cloud log analysis, potential breach indicator analysis, proactive compliance management, etc.
This typical approach increases long-term costs when hackers gain access without being noticed, preventable hardware failures stop operations, and compliance concerns trigger emergencies.
Holistic IT Security and Support
ThreeShield takes the opposite approach. With founders equipped with decades of experience in government and Fortune 50 audit, ThreeShield looks at all of the potential risks and compliance requirements that our clients face and then implement proven strategies to efficiently balance risk and business requirements with best-in-class solutions and committed internal security experts.
Our security-focused team has a holistic view of your organization
When you call or email ThreeShield, an experienced ThreeShield employee based in Canada with a Canadian police background check and cybersecurity training will support you. We don't use a third-party call centre or help desk with high turnover. Instead, our team of security experts engjoy great benefits and a fantastic work environment who knows your organization from your computer set up to the most detailed security threats that you face.
We use internally-developed tools to combine data from the best-in-class solutions and meet most business days so everyone has a holistic understanding
of your organization. This is a stark contrast to most MSPs that only use tools that work with a ticketing system that their high-attrition third-party contact centre can support.
We continually update our daily, weekly, monthly, and quarterly review processes to reflect new attacks that we discover through threat intelligence and real-time sources. For example, we include:
Comprehensive and ongoing vulnerability and information security control assessments to proactively find security and compliance improvement opportunities
Monitoring for hardware, patch, website, service, backup, cloud (AWS, Azure, Cloudflare Google, Microsoft 365, etc.) security issues
Daily reviews for server health in addition to real-time alert monitoring
Proactive responses to login failures
Reviews for unusual activities in cloud and physical systems
Proactive firewall monitoring and tweaking
Upstream provider monitoring for services, such as AWS, Bandwidth, Cloudflare, Google, Microsoft 365, Postmark, Shaw, Bell, Telus, etc.
Breach detection in addition to best-in-class managed detection and response for viruses, hackers, ransomware, etc.
Disaster recovery, business continuity, and backup restoration testing
Custom cloud service monitoring, such as DMS in AWS, VPNs, etc.
Monitoring for patches that typical MSP tools can't manage, such as unusual Apple software, VMware, Linux, routers, and firewalls
Deep-dive into security and compliance alerts and reports in Microsoft 365 and Google Workspace.
Process and system monitoring
Encryption control and key backup processes to make sure that Windows Bitlocker doesn't prevent your staff from working
Intrusion detection through firewalls, workstation and server tools, and cloud monitoring
Controls to keep hackers outside of your operating area from getting into your physical and cloud systems
Layers of security to protect your website administration area from being compromised
Personnel management is as important as all of the technical stuff. We also provide:
security awareness and compliance training, including PCI (for organizations that accept credit cards), health, financial, and privacy compliance for Canada, Europe, and many U.S. states.
business-class computers that are fully configured for optimal performance and security.
ID badges, if needed.
system onboarding and account creation tied with our login failure processes.
What about basic support?
Our Holistic IT Security and Support service includes and amplifies the basic support that you'll find at regular MSPs.
For example, we provide:
Helpdesk remote support We configure our remote support tools with additional security controls, such as multi-factor authentication, location restrictions, and automatic disabling when not in use. This approach meant that we were not among the many IT service providers who compromised their clients through vulnerabilities and weak configuratiosn found in typical remote support tools that were part of widespread ransomeware attacks, such as Action1 (2023), ConnectWise (2018, 2019), SolarWinds (renamed to N-able after the widely-publicized attacks in 2022), Kasaya (2018, 2019, 2021), Ninja RMM (2019), Sycro (2022). Sadly, most managed IT providers can’t disable their remote support tools because that’s all they have. As a result, their clients are at risk of increasingly prevalent attacks that take advantage of this oversight. ThreeShield’s proprietary systems take the extra step to protect you from this threat. We use additional systems to prevent bad guys from installing unauthorized remote support tools that ransomware gangs are using to gain access to new victims.
Ant-virus The built-in Windows Defender is usually more effective than what most managed IT providers use. For example, WebRoot is one of the most common antivirus tools we see when we're called to deal with a ransomware attack. For this reason, we combine this with additional breach detection, system isolation to prevent viruses from spreading, behaviour and activity analysis, anomaly detection, and active threat hunting to catch problems that antivirus solutions don't catch. We also combine advanced tools that prevent unknown programs from running with administrator permissions and special configurations to keep computers secure instead of relying on traditional antivirus tools alone.
Web filtering If you'd like, we can keep your office free from potentially offensive content. However, we focus on filtering for viruses and risky content. We also monitor for data loss prevention, provide additional phishing security, and don't restrict necessary business activities.
Software installation Instead of having your staff call us every time they want to install something, we allow your staff to install software without interruption if we've already assessed it. We also use tools to remotely verify the safety of new software to balance security with the need to quickly install new programs when needed.
Patches and updates In addition to simple operating system and common program updates, we use tools that monitor more programs and operating systems than typical MSP platforms and also keep an eye on docking station, computer, and network equipment firmware that typical patching tools miss.
Network equipment We have partnered with the most reliable network equipment vendors. We also look at your whole ecosystem to reduce the amount you have to spend on networking equipment and maintenance.
Printers and Multi-Function Devices In addition to providing printers, toner, ink, and support, we monitor for consumables and potential problems to make sure that you don't have to make an emergency run to Staples for toner. We also encourage administrator password changes, which most printer management companies don't allow
On-site support in Calgary, Vancouver, and Toronto In addition to responsive onsite service, we provide local devices at your site and proactive monitoring to reduce the urgency and frequency of on-site visits
Vulnerability scans Instead of consumer or MSP-grade scanning tools, we use a custom group of commercial, open source, and proprietary assessment tools and then have our highly-trained security experts follow the leads from the tools to discover additional vulnerabilities that automated tools miss.
Backups, disaster recovery, and cloud continuity In addition to the backup services that everyone resells, we have automated and manual testing processes to make sure that they actually work and employ extensive strategies to ensure real business continuity in addition to backing up your workstations, servers, Microsoft 365, Google, Quickbooks, Jira, Bitbucket, Confluence, Shopify, Salesforce, GitHub, BigCommerce, Trello, Slack, HubSpot, Asana, Microsoft Dynamics, and more.
We go beyond simple backups and focus on the entire business continuity process. Sometimes, this means paying for backup services; however, often it can involve new processes and systems that reduce cost while increasing reliability.
Email security We go beyond simple tools and service plans to keep your email secure. We also set up alerts for suspicious activities, manually review your email system logs for potential problems, continually tweak email settings to prevent evolving attack techniques, and provide additional phishing training for your staff. In addition to configurations to prevent others from sending fake emails in your name, we monitor other email providers to learn of any other services sending email on your behalf to prevent marketing emails from hitting Junk Mail folders and to keep bad guys at bay.
We also provide email plugins that let you quickly report suspicious emails with all of the information that our certified security professionals need to make a quick assessment and let you know if it is safe to click or not.
Training In addition to reselling third-party training and phishing simulation packages, we create customized phishing landing pages and phishing simulations that reflect evolving trends that our security analysts find to provide a much more realistic training experience.
Configuration In addition to best practices and standards, we have developed proprietary tools that monitor for potential unusual activities that might go far beyond just backing up your stuff. workstation, server, Microsoft 365, Google, QuickBooks, Atlassian, Salesforce, training, networking, workstations, servers, and email security that you’ll find at every mature IT service provider
Web hosting We fortify already strong hosting providers with comprehensive controls for AWS, Azure, and other providers to keep bad guys from reaching your administration consoles or being able to launch attacks on your site. We also perform regular vulnerability scans and manual reviews to make sure that any newly-discovered problems get fixed quickly.
Firewall Management We go beyond configuration, patching, and alert management. We provide full architecture services and apply tweaks to address newly-discovered security threats
Software and web development security
The earlier ThreeShield is involved in the development process, the less expensive it will be for you to make small changes with huge security implications.
At the design and planning stage, we make sure that sensitive information is properly protected, that links don’t expose bad information , and everything is properly authenticated. At the development and maintenance stages, we integrate directly with your deployment process to make sure that all new code goes through a rigorous security review process. We also run routine automated scans and manual reviews to make sure that third party libraries are maintained and newly-discovered vulnerabilities don’t apply to your system.
What if I can't afford Holistic IT?
We understand that growing companies can't afford full proactive holistic IT -- even if it will inevitably save money in the long-run.
We also encounter many organizations that can't afford to invest in a full vulnerability or information security control assessments, much less "big bang" remediation effort to fix all of the problems that their MSP or understaffed internal IT folks haven't been able to address.
ThreeShield has a few solutions to this sort of situation:
If an independent auditor's report isn't required, we combine the assessment and remediation phases to fix problems as quickly and inexpensively as possible.
If funds aren't available for a fast and comprehensive initial assessment and/or remediation project, we can spread the cost of this work out over a year as part of a budgeted consulting amount.
If your cash flow is limited, but you want to get off on the right foot, we can ensure that your computers are updated with basic monitoring. (This plan does not include tools that require active management, software reviews, or verification. However, it does include minimal breach detection, patching, and remote support capabilities. Any actual support or incident management would be charged separately)
CTO, Tilia Inc. (Financial Technology and Online Payments)
" ThreeShield has employed a dynamic, risk-based approach to information security that is specific to our business needs but also provides comfort to our external stakeholders.
I recommend their services. "
IT Architect, Financial Technology and Online Retail
" Collaborating with ThreeShield to ensure data security was an exciting and educational experience. As we exploded in growth, it was clear that we needed to rapidly mature on all fronts, and ThreeShield was integral to building our confidence with information, software, and infrastructure security. "
IT Security Director, Linden Lab (Virtual Reality)
" ThreeShield helped us focus our efforts, enhancing our security posture and verifying PCI compliance.
All of this was achieved with minimal disruption to the engineering organization as a whole.
The approach was smart. In a short time, we accomplished what much larger companies still struggle to achieve. "
Tara
Senior Director of Systems and Build Engineering
" ThreeShield very much values active and respectful collaboration, and went out of their way to get feedback on policies to make sure proposals balanced business needs while not making employees feel like they were dealing with unreasonable overhead. By doing so ThreeShield really helped change the culture around security mindfulness is positive ways. "
×
Ready to get started?
Feel free to chat with us during business hours or call one of the following numbers to get started:
Alberta:
1 (403) 538-5053
BC:
1 (778) 731-1339
Ontario:
1 (289) 724-8829
Canada:
1 (877) 528-2925
California:
1 (510) 214-6010
What are your priorities?
Comprehensive IT assessment
Secure/manage IT systems
Web/Internet assessment
Fill IT gaps
Review or design secure code
Security awareness training
PCI credit card compliance
Health and Privacy Compliance
NERC or pipeline compliance
Backup / Disaster Recovery
Google / M365 Security
Please watch this short video before applying for your first job in cybersecurity:
Thank you for reaching out.
Typically, we're able to respond the same or next business day.