Business Cyber Battlefield

Multi Factor Authentication (MFA)

First and foremost to all customers, WorkWeb maintains a robust cybersecurity program to keep the data of its clients safe from people without the proper login information, procedures, and credentials.  Customer administrators can enable Multi-Factor Authentication (MFA) to enhance the login security process for their users.  Business leaders are often shocked to learn that the usernames and passwords of their users are available for purchase on the dark net if and when their users fall into the ever present internet scams, bots, and traps built to gather that specific information for nefarious purposes – chiefly profit.  There are various angles (attack vectors) of defense that companies need to consider to have a high level of cybersecurity maturity which starts off with a bifurcation of energy applied to both people & technology.  Both of these basic bubbles need time and treasure investment to create a proper defensive posture in todays ever increasingly contested business cyber battlefield.  There are a multitude of companies that provide training for staff, partners, vendors and customers that interact with a business.  There is also no shortage of technology companies that build, sell and deploy technology to solve for the multitude of attack vectors available to assailants in the digital realm. WorkWeb offers enhanced login security by allowing admins to opt into MFA which changes the login process from only requiring a valid username and password,  to also require a text or email with a code sent to something the user would have access to in real time.

 

Purchasing & Partnering Types

WorkWeb itself is well protected as a SaaS system.  WorkWeb has many cybersecurity partners; some have chosen to form distribution partnerships with WorkWeb.

WorkWeb is the PSA / ERP / CRM+ backbone for Small to Medium sized businesses in two buckets as related to cybersecurity:

 1) WorkWeb customers that are MSP/MSSP/Datacenter companies that need access to distribution partnerships.  WorkWeb can provide a high value Wholesale/Distribution/Support partnership with several of its cybersecurity partners.

or

2) All other WorkWeb customers not in category 1.  WorkWeb can provide a high value Retail/Support partnership with several of its partners.

Cybersecurity Maturity Model Certification (CMMC)

The United States Department of Defense initiated a major change to their culture and technology related to cybersecurity.  In the past, companies that view/bid/win DoD RFP’s and projects must maintain ever increasingly stringent cybersecurity practices as the sensitivity of the project increases, however the practical nature of cybersecurity management was built on self-attestation, not verification (essentially self-testimony).  Fundamentally companies of all sizes from enterprise, large, mid, small and even startups self-reported their cybersecurity compliances.  In many cases there is a requirement for a 3rd party audit to create a report based on standardized checklists to add to the validity of the self-attestation, but there was not a government department that confirmed the cybersecurity maturity level of its partners and suppliers.  The United States Government, We the People, built the law and policies needed to change this process to a framework of ‘Trust but Verify’. 

The Department of Defense is the first of the US Federal Departments to change its processes to require all bidders and winners of federal contracts to be certified by a government stamped Cybersecurity Maturity Model Certifier.  The Cybersecurity Maturity Model Certifications fall into 5 levels, each level with higher requirements that require higher amounts of time and treasure investment in both upfront and recurring capital and HR resources to be in compliance.  Even the companies that cut the grass on a DoD contract must be at least CMMC L1 certified.  

Level 1 Certification is not particularly challenging to achieve, nor is it particularly expensive.  Level 2 is a transitional level that leads to Level 3, where a large number of DoD contracts are available.  L4 & L5 are high levels of cybersecurity maturity which requires significant effort to achieve and maintain.  The ‘certifiers’ aka CMMC Registered Practitioners (RP’s) are all registered to one or more Registered Practioner Organization (RPO’s).  Where you find Certified Information Security Professionals (CISSP’s) you find an RPO nearby.  RP’s are currently clearing a backlog of L4-L5 certifications in this new program that is now in the wild as of 2021; the timeline to L3-L1 certifications is measured in years because this is a new program that has a large backlog of work to do.  Level 3 is very similar to the various NIST paradigms but with the major difference being the replacement of ‘self-attestation’ to ‘verification by way of certifier’.  WorkWeb can provide a referral to several RPO’s and RP’s depending on need.

A key takeaway is the knowledge that the DoD is the first of the US Federal Government Departments that will require a CMMC L1-L5 Certification to bid and win government contracts from the very small to very large.  The DoD is the first department to make the requirement change.  Over the coming years, any company that touches a government contract will need to step up their cybersecurity posture.  WorkWeb will match the requirements of our most sensitive customers which could lead to different strategies.  WorkWeb will help its customers learn more about CMMC.  WorkWeb will provide its customers with technology and referrals as needed.

WorkWeb SaaS

Using WorkWeb allows companies to reduce the number of disparate and siloed systems, software, databases, spreadsheets, and apps in use or collecting dust.  WorkWeb customers reduce the tornado of systems-confusion, data-duplication, data-differentiation, and the mountain of usernames and passwords under management.

Auvik

Auvik is a leviathan in the Network Remote Management and Monitoring (RMM) and cybersecurity industry.  IT Departments and Outsourced IT Managed Service Providers (MSP’s) use Auvik to keep their network management and network connected devices up to date and healthy.

*WorkWeb is not a sales distribution partner with Auvik but does have an API connection built into the Ticket system.

Blackberry Cylance

Blackberry is a juggernaut company in cybersecurity, IoT, Containerization, Kubernetes, AI and Mobile Operating Systems.  Blackberry purchased a company called Cylance which built technology to keep computer and server end points (Windows, MACOS, Linux) safe and healthy.

*WorkWeb is a sales and support partner with Blackberry Cylance and does have an API connection built into the Ticket system.

Kaseya

Kaseya is a behemoth in the Remote Management & Monitoring (RMM) software, cybersecurity and PSA systems.  IT Departments and Outsourced IT Managed Service Providers (MSP’s) use RMM software to keep computer and server end points up to date, synchronized and healthy.  

*WorkWeb is a sales partner with Kaseya and has an API connection built into the Ticket system.

Ninja RMM

Ninja RMM is a nimble Remote Management & Monitoring (RMM) software and cybersecurity company.  IT Departments and Outsourced IT Managed Service Providers (MSP’s) use to keep their computer and server end points up to date and healthy.

*WorkWeb is not a sales distribution partner with Ninja RMM but does have an API connection built into the Ticket system.

Purchasing Cylance is easy with WorkWeb

Blackberry has multiple Partner Programs, WorkWeb is able to provide licensing, admin training, sales training and support for Blackberry Cylance Protect EPP & Optics EDR products.

WorkWeb MSP/MSSP/Datacenter Customers can access a wholesale pricing structure if they intend to deploy Cylance to their Customers computer end points.
Pricing is Volume Based
Protect Badge

Protect

Computer & Server- End Point Protection (EPP)

Blackberry Cylance Protect

Per Computer or Server End Point
$ 6 Monthly
  • AI Based Core Technology
  • Anity-Virus
  • Anti-Malware
  • Anti-Ransomeware
  • Exploit Protection
  • Powershell Protection
  • Script Protection
  • USB Protection
  • Works 100% when not online
  • SIEM Sync Ready
  • API Admin Possible/Best

Optics

End Point Detection & Response (EDR)

Blackberry Cylance Optics

Optional Addon to End Point with Protect
$ 3 Monthly
  • AI Based Core Technology
  • Advanced Threat Detection
  • Advanced Threat Hunting
  • Customizable Detection
  • Advanced Automated Response
  • Customizable Response
  • Real-Time Cyberforensics Data
  • Useful in Remediation
  • Works 100% when not online
  • SIEM Sync Ready
  • API Admin Possible/Best

Support

WorkWeb Training & Long Term Support

WorkWeb Support & Training

Onboarding
$ 1000 Upfront
  • Provisioning & Setup
  • Protect Admin Training
  • Protect Alert Adjudication Training
  • Optics Admin Training
  • Optics Alert Adjuciation Training
  • Deployment Training
  • Best Practices Training
  • SIEM Sync Training
  • API Admin Coaching
  • WorkWeb Ticket Sync Training
  • Sales & Troubleshooting Support Services

Customers that decide to purchase Blackberry Cylance through WorkWeb commit to one of several different contracts independent of their term contract for WorkWeb.io SaaS.   Customers need to figure out how many computer and server end points of (Windows, MACOS, Linux) they have and how many of them they want to protect with Blackberry Cylance Protect only and how many they want to protect with both Protect & Optics.

Purchasing Kaseya is easy with WorkWeb

WorkWeb is able to provide licensing access and billing for Kaseya VSA and Kaseya Traverse products.

WorkWeb MSP/MSSP/Datacenter Customers can access a wholesale pricing structure if they intend to deploy Kaseya to their Customers computer end points.
Pricing is Volume Based

Virtual System Admin (VSA)

Remote Management & Monitoring (RMM) Client

Kaseya VSA

Per Computer or Server End Point
$ 5
84
Monthly
  • Cloud or On-Premises Options
  • Workstation & Server Support with Remote Access
  • Patching & Updating for Windows, MACOS
  • Patching & Updating for 3rd-Party Applications
  • Cybersecurity Tools
  • Cloud & Onsite Backup and Recovery
  • Advanced Network Monitoring
  • WorkFlow Automation
  • Audit & Compliance Reporting
  • Service Desk & Help Desk
  • API to WorkWeb Ticketing System

Traverse

Key & Sensitive Data Mapping

Kaseya Traverse

Variable Needs Conversation
$ TBD variable
  • Advanced Data Mapping
  • Provides Correlated and Service-Oriented View of IT Infrastructure
  • Advanced Dashboarding
  • Advanced Analytics
  • Unique Virtual Views of Discrete IT Infrastructure
  • Hybrid Cloud Monitoring
  • Predictive Data Analytics
  • Correlation & Root Cause Analysis Engine
  • Log & Event Manager
  • SLA Montoring & Measuerment
  • API to WorkWeb Service Inventory Module

Support

Kaseya Support & Training

Kaseya Support & Traiing

Onboarding
$ 2000 Upfront
  • Contracting through WorkWeb
  • Billing through WorkWeb
  • On- and Off-boarding by Kaseya
  • Long Term Support by Kaseya Direct

Customers that decide to purchase Kaseya through WorkWeb commit to one of several different contracts independent of their term contract for WorkWeb.io SaaS.   Customers need to figure out how many computer and server end points of (Windows, MACOS, Linux) they have and how many of them they want to protect & Manage with Kaseya VSA and if they want the Business Intelligence of Kaseya Traverse.

Decrease Complexity

When considering cybersecurity management and maturity, a simple reality exists: the more systems, the more attack vectors.  Adopting WorkWeb and reducing the number of siloed systems and databases is good way to reduce and control the attack vectors to the companies core PSA system and data.

Secure End Points

Business leaders often forget or lament at how vulnerable a computer or server end point is and how many attack vectors there are on a single computer.  Using Blackberry Cylance Protect and Optics End Point Protection combined with either Kaseya VSA or Ninja RMM systems provides administrators the ability to control as many of the attack vectors as possible as well as keeping systems synchronized and health.  

Secure Network

Business leaders often forget or lament about how vulnerable the network management devices and the various network connected devices are to cyberattack.  Using Auvik allows administrators the ability to control and manage the health and safety of technology that is often under managed.