ThreeShield blends exceptional managed IT support, proactive system and security monitoring, strategic planning, compliance, secure development, cloud management, proprietary tools, and audit readiness to create unique holistic IT security and support service value.
We recognize that industry-standard responsive "Managed IT Service" increases long-term costs when hackers gain access without being noticed, preventable hardware failures stop operations, and compliance concerns trigger emergencies.
Go Fast and Break Things
Reduce Chaos, then Accelerate
It’s not as catchy, but it’s what we do – and it works because we go beyond basic “managed IT” service that has resulted in widespread ransomware attacks over the last few years.
In contrast to “industry standard” managed IT service providers (MSPs) that rely on tools make it easier for MSPs to work -- but don't provide the best security or reliability, ThreeShield built custom tools to allow us to use an eccectec toolset in combination with an advanced strategic approach and preventive setting changes that standard MSP tools simply can’t do.
Instead of reselling tools, we focus on risk and reliability managemnet. As such, as technologies and threats change, our toolset changes. However, with rare exceptions, we keep per-computer costs constant.
All you see or need to care about is that we're managing risk so your business can grow.
Traditional Managed IT Service
Industry-standard responsive "Managed IT Service" is less expensive on up-front than holistic IT -- but inevitably leads to problems from unsupported hardware and software, missing patches, and devestating attacks.
Virtually all Managed IT Service Provider (MSP) companies have tools to manage computers and take tickets. They use third-party call centres for support and provide limited "cybersecurity" through tools that work nicely with their primary computer management and ticketing tools. This means MSP-friendly traditional antivirus, web filtering, minimal patching, backups, and network equipment -- without proactive system monitoring, cloud log analysis, potential breach indicator analysis, proactive compliance management, etc.
This typical approach increases long-term costs when hackers gain access without being noticed, preventable hardware failures stop operations, and compliance concerns trigger emergencies.
Holistic IT Security and Support
ThreeShield takes the opposite approach. With founders equipped with decades of experience in government and Fortune 50 audit, ThreeShield looks at all of the potential risks and compliance requirements that our clients face and then implement proven strategies to efficiently balance risk and business requirements with best-in-class solutions and committed internal security experts.
Our security-focused team has a holistic view of your organization
When you call or email ThreeShield, an experienced ThreeShield employee based in Canada with a Canadian police background check and cybersecurity training will support you. We don't use a third-party call centre or help desk with high turnover. Instead, our team of security experts engjoy great benefits and a fantastic work environment who knows your organization from your computer set up to the most detailed security threats that you face.
We use internally-developed tools to combine data from the best-in-class solutions and meet most business days so everyone has a holistic understanding
of your organization. This is a stark contrast to most MSPs that only use tools that work with a ticketing system that their high-attrition third-party contact centre can support.
We continually update our daily, weekly, monthly, and quarterly review processes to reflect new attacks that we discover through threat intelligence and real-time sources.
For example, we include:
Personnel management is as important as all of the technical stuff.
- Comprehensive and ongoing vulnerability and information security control assessments to proactively find security and compliance improvement opportunities
- Monitoring for hardware, patch, website, service, backup, cloud (AWS, Azure, Cloudflare Google, Microsoft 365, etc.) security issues
- Daily reviews for server health in addition to real-time alert monitoring
- Proactive responses to login failures
- Reviews for unusual activities in cloud and physical systems
- Proactive firewall monitoring and tweaking
- Upstream provider monitoring for services, such as AWS, Bandwidth, Cloudflare, Google, Microsoft 365, Postmark, Shaw, Bell, Telus, etc.
- Breach detection in addition to best-in-class managed detection and response for viruses, hackers, ransomware, etc.
- Disaster recovery, business continuity, and backup restoration testing
- Custom cloud service monitoring, such as DMS in AWS, VPNs, etc.
- Monitoring for patches that typical MSP tools can't manage, such as unusual Apple software, VMware, Linux, routers, and firewalls
- Deep-dive into security and compliance alerts and reports in Microsoft 365 and Google Workspace.
- Process and system monitoring
- Encryption control and key backup processes to make sure that Windows Bitlocker doesn't prevent your staff from working
- Intrusion detection through firewalls, workstation and server tools, and cloud monitoring
- Controls to keep hackers outside of your operating area from getting into your physical and cloud systems
- Layers of security to protect your website administration area from being compromised
We also provide:
- security awareness and compliance training, including PCI (for organizations that accept credit cards), health, financial, and privacy compliance for Canada, Europe, and many U.S. states.
- business-class computers that are fully configured for optimal performance and security.
- ID badges, if needed.
- system onboarding and account creation tied with our login failure processes.
What about basic support?
Our Holistic IT Security and Support service includes and amplifies the basic support that you'll find at regular MSPs.
For example, we provide:
- Helpdesk remote support
We configure our remote support tools with additional security controls, such as multi-factor authentication, location restrictions, and automatic disabling when not in use. This approach meant that we were not among the many IT service providers who compromised their clients through vulnerabilities and weak configuratiosn found in typical remote support tools that were part of widespread ransomeware attacks, such as Action1 (2023), ConnectWise (2018, 2019), SolarWinds (renamed to N-able after the widely-publicized attacks in 2022), Kasaya (2018, 2019, 2021), Ninja RMM (2019), Sycro (2022).
Sadly, most managed IT providers can’t disable their remote support tools because that’s all they have. As a result, their clients are at risk of increasingly prevalent attacks that take advantage of this oversight. ThreeShield’s proprietary systems take the extra step to protect you from this threat. We use additional systems to prevent bad guys from installing unauthorized remote support tools that ransomware gangs are using to gain access to new victims.
The built-in Windows Defender is usually more effective than what most managed IT providers use. For example, WebRoot is one of the most common antivirus tools we see when we're called to deal with a ransomware attack. For this reason, we combine this with additional breach detection, system isolation to prevent viruses from spreading, behaviour and activity analysis, anomaly detection, and active threat hunting to catch problems that antivirus solutions don't catch. We also combine advanced tools that prevent unknown programs from running with administrator permissions and special configurations to keep computers secure instead of relying on traditional antivirus tools alone.
- Web filtering
If you'd like, we can keep your office free from potentially offensive content. However, we focus on filtering for viruses and risky content. We also monitor for data loss prevention, provide additional phishing security, and don't restrict necessary business activities.
- Software installation
Instead of having your staff call us every time they want to install something, we allow your staff to install software without interruption if we've already assessed it. We also use tools to remotely verify the safety of new software to balance security with the need to quickly install new programs when needed.
- Patches and updates
In addition to simple operating system and common program updates, we use tools that monitor more programs and operating systems than typical MSP platforms and also keep an eye on docking station, computer, and network equipment firmware that typical patching tools miss.
- Network equipment
We have partnered with the most reliable network equipment vendors. We also look at your whole ecosystem to reduce the amount you have to spend on networking equipment and maintenance.
- Printers and Multi-Function Devices
In addition to providing printers, toner, ink, and support, we monitor for consumables and potential problems to make sure that you don't have to make an emergency run to Staples for toner. We also encourage administrator password changes, which most printer management companies don't allow
- On-site support in Calgary, Vancouver, and Toronto
In addition to responsive onsite service, we provide local devices at your site and proactive monitoring to reduce the urgency and frequency of on-site visits
- Vulnerability scans
Instead of consumer or MSP-grade scanning tools, we use a custom group of commercial, open source, and proprietary assessment tools and then have our highly-trained security experts follow the leads from the tools to discover additional vulnerabilities that automated tools miss.
- Backups, disaster recovery, and cloud continuity
In addition to the backup services that everyone resells, we have automated and manual testing processes to make sure that they actually work and employ extensive strategies to ensure real business continuity in addition to backing up your workstations, servers, Microsoft 365, Google, Quickbooks, Jira, Bitbucket, Confluence, Shopify, Salesforce, GitHub, BigCommerce, Trello, Slack, HubSpot, Asana, Microsoft Dynamics, and more.
We go beyond simple backups and focus on the entire business continuity process. Sometimes, this means paying for backup services; however, often it can involve new processes and systems that reduce cost while increasing reliability.
- Email security
We go beyond simple tools and service plans to keep your email secure. We also set up alerts for suspicious activities, manually review your email system logs for potential problems, continually tweak email settings to prevent evolving attack techniques, and provide additional phishing training for your staff. In addition to configurations to prevent others from sending fake emails in your name, we monitor other email providers to learn of any other services sending email on your behalf to prevent marketing emails from hitting Junk Mail folders and to keep bad guys at bay.
We also provide email plugins that let you quickly report suspicious emails with all of the information that our certified security professionals need to make a quick assessment and let you know if it is safe to click or not.
In addition to reselling third-party training and phishing simulation packages, we create customized phishing landing pages and phishing simulations that reflect evolving trends that our security analysts find to provide a much more realistic training experience.
In addition to best practices and standards, we have developed proprietary tools that monitor for potential unusual activities that might go far beyond just backing up your stuff. workstation, server, Microsoft 365, Google, QuickBooks, Atlassian, Salesforce, training, networking, workstations, servers, and email security that you’ll find at every mature IT service provider
- Web hosting
We fortify already strong hosting providers with comprehensive controls for AWS, Azure, and other providers to keep bad guys from reaching your administration consoles or being able to launch attacks on your site. We also perform regular vulnerability scans and manual reviews to make sure that any newly-discovered problems get fixed quickly.
- Firewall Management
We go beyond configuration, patching, and alert management. We provide full architecture services and apply tweaks to address newly-discovered security threats
- Software and web development security
The earlier ThreeShield is involved in the development process, the less expensive it will be for you to make small changes with huge security implications.
At the design and planning stage, we make sure that sensitive information is properly protected, that links don’t expose bad information , and everything is properly authenticated. At the development and maintenance stages, we integrate directly with your deployment process to make sure that all new code goes through a rigorous security review process. We also run routine automated scans and manual reviews to make sure that third party libraries are maintained and newly-discovered vulnerabilities don’t apply to your system.
What if I can't afford Holistic IT?
We understand that growing companies can't afford full proactive holistic IT -- even if it will inevitably save money in the long-run.
We also encounter many organizations that can't afford to invest in a full vulnerability or information security control assessments, much less "big bang" remediation effort to fix all of the problems that their MSP or understaffed internal IT folks haven't been able to address.
ThreeShield has a few solutions to this sort of situation:
- If an independent auditor's report isn't required, we combine the assessment and remediation phases to fix problems as quickly and inexpensively as possible.
- If funds aren't available for a fast and comprehensive initial assessment and/or remediation project, we can spread the cost of this work out over a year as part of a budgeted consulting amount.
- If your cash flow is limited, but you want to get off on the right foot, we can ensure that your computers are updated with basic monitoring for as little as $9.50 Canadian per month per computer.
(This plan does not include tools that require active management, software reviews, or verification. However, it does include minimal breach detection, patching, and remote support capabilities. Any actual support or incident management would be charged separately)