MaltaICT help clients improve their individual performance by providing both application support and IT infrastructure support.
We consider ourselves to be Tech Junkies. Together, we have more than 100 years of IT related experience on all various platforms and systems. Using our ITIL background, we focus our energies on process improvement.
The professionalism of our people, combined with the unique functionality of our approach, ensures that we deliver a fast, exceptionally reliable and fully accountable service to our clients.
Ours is a flexible approach that fits in with your budgeting, operational and reporting requirements.
We can act as your IT department, or supplement an existing IT function.
In either case, we aim to create long-term partnerships that add value through a combination of high quality day-to-day support, expert project delivery and well considered strategic advice.
Above all, we focus on what matters to our clients: delivering a quality service that represents good value.
How do we do it?
- These are just some of the features that we believe makes our service unparalleled:
- Proactive system monitoring: What is better than having peace in mind that someone is constantly monitoring your systems? MaltaICT has been using industry specific monitoring equipment since day one. Monitor agents are set up on your system and we get nudged whenever a blip occurs.
- Patch management: Systems security flaws are discovered every day. We are at risk of having our data stolen or manipulated at every given time. MaltaICT can take care of your patch management. We follow the patch management best practices cycle, meaning that we test the updates prior to deploying them in production.
- Remote admin: MaltaICT performs remote admin work – we can assist you at any given time in any given moment wherever we are.
- Firewall logging: Many companies are not aware of what data is being routed in and out of the systems. MaltaICT will setup SYSLOG servers and IDS systems for you to ensure that every packet is being monitored.
- Backups: Daily reports are being sent to us to ensure backups are being done and ad-hoc restores are performed to ensure data availability.
1 on 1 Boot Camp Training
At MaltaICT we have qualified technical trainers, backed up with years of training and on-the-job experience with several technologies. We are subject matter experts on a variety on systems. We can help develop the skills of your IT team through the most effective IT skills training and certification programmes available anywhere.
- Latest IT innovation including virtualisation and Cyber Security.
- Training on major vendors, including Microsoft, Linux, Cisco and EC-Council.
We can offer boot camp training, 1 on 1, or perhaps you have a small group of employees which you would like to offer training to. We have Microsoft Certified Trainers, Certified Ethical Instructors and Linux Certified Trainers in-house, just to mention a few.
MaltaICT offers real case scenarios. We do not just read from the course material, but we provide training that is engaging. After all, we have been working in this market for years.
What is Penetration Testing?
A penetration test is a proactive and authorised attempt to determine the security of an IT infrastructure by safely trying to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behaviour.
This type of testing is used to validate the strength of defensive mechanisms, as well as end-users’ adherence to security policies.
Tests are usually carried out using manual or automated technologies to compromise servers, endpoints, web applications, wireless networks, network devices, mobile devices and other potential points of exposure in a systematic way. On successful exploitation of a vulnerability, testers can attempt to use the compromised system to launch further exploits at other internal resources.
This can be achieved by higher levels of security clearance and better access to electronic assets and information by means of privilege escalation.
Any information gathered during through penetration testing is normally presented to IT and network systems managers to help those professionals make strategic conclusions and prioritise related remediation efforts.
Why perform penetration testing?
It is impossible to safeguard all information, all the time
Over time, organisations have sought to prevent breaches by installing and maintaining layers of defensive security mechanisms, including user access controls, cryptography, IPS, IDS and firewalls. However, with the continuous adoption of new technologies, including some of these security systems, and the resulting complexity introduced, has made it even harder to find and eliminate all of an organisations’ vulnerabilities and protect against many types of potential security incidents. New vulnerabilities are discovered each day, and attacks constantly evolve in terms of their technical and social sophistication, as well as in their overall automation.
Penetration testing identifies and prioritises security risks
Penetration testing evaluates an organization’s ability to protect its networks, applications, endpoints and users from external or internal attempts to bypass its security controls to gain unauthorised or privileged access to protected assets. Test results validate the risk presented by specific security vulnerabilities or flawed processes, enabling IT management and security professionals to prioritise remediation efforts. By maintaining more frequent testing you can more effectively anticipate possible security risks and prevent unauthorised access to critical systems and valuable information.
How Often Should You Perform Penetration Testing?
You should do this regularly to ensure more consistent IT and network security management by revealing how newly discovered threats or emerging vulnerabilities may potentially be assailed by attackers. Apart from the regular analysis and assessments that must be conducted to conform to regulatory mandates, you should run tests whenever:
- New network infrastructure or applications are added
- Significant upgrades or modifications are applied to infrastructure or applications
- New office locations are established
- Security patches are applied
- End user policies are modified
How Can You Benefit from Penetration Testing?
Penetration testing offers many benefits, allowing you to:
Intelligently manage vulnerabilities
Penetration testing provides detailed information on actual, exploitable security threats, and allows you to proactively identify which vulnerabilities are most serious, which are less significant, and which are false positives. In turn, you can intelligently prioritize remediation, implement needed security patches and allocate security resources more efficiently to make sure that they are available when and where they are needed most.
Avoid the cost of network downtime
Recovering from a security breach can be very costly due to IT remediation efforts, protecting and trying to retain customers, legal fees, business partners who may hesitate to continue doing business with you, decreased productivity from your employees, etc.
By means of penetration testing you can identify risks before attacks can occur, and therefore prevent losing out financially.
Preserve corporate image and customer loyalty
One single incident of compromised customer data can be costly due to reduction of sales and damage to a company’s reputation. Data breaches can put new clients off, and you would not want to lose your customers after spending so much time, effort and money on earning them.
With penetration testing you can avoid data incidents that put your organization’s reputation and trustworthiness at stake.
MaltaICT follows the 5 steps of the methodology in hacking. We provide our customers with a pen test report detailing all the flaws and weaknesses found in the system, together with another report of the mitigations performed to fix them.
ISO 27001 Readiness Review
The ISO 27000 family of standards can help your business keep financial information, intellectual property, employee details or information entrusted to you by third parties secure.
ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).
What is an ISMS?
An ISMS is a management process that you can use approach to maintain the security of sensitive company information. It includes people, processes and IT systems by applying a risk management process.
Any small, medium or large businesses in any sector can benefit from using such a process in trying to keep its information assets secure.
Why do you want to be audited?
- The following guidelines will help you perform and effectively manage an information security audit.
- Evaluate your IT infrastructure, i.e. the flow of data within your business, and identify any vulnerable points. Keep track of all hardware and software that you use.
- Know the scope of the audit. Are you collecting private client data you don’t use or need? Identify the minimum amount of information you need to collect. Prepare documents and other materials that the auditors may need in planning out the auditing process.
- Discuss the plan with the auditor and ensure you understand the details of the auditing process to be carried out by the auditor. Plan ahead with the auditor and delegate tasks as needed.
- Get timely updates on important information being retrieved during the auditing process.
- Review the audit and get recommendations on how to address problem areas.
- Follow up as necessary and determine the frequency of security audits to be done.
What can we do?
Are you preparing for your ISO 27001 audit but do not know where to start? We at MaltaICT can prepare you for it. Our in-house ISO 27001 experts are ready to assist you. MaltaICT will provide you with an ISMS manual and with a set of policies that will conform to ISO 27001 standards. We will perform a security audit and report back our findings.
Let’s “move to the cloud”. This is a common term you find people talking about nowadays. Cloud computing is the way to go.
The four primary types of cloud models are:
Each has its advantages and disadvantages with significant implications for any company or organisation considering a cloud deployment.
A public cloud is a cloud computing model in which services, such as applications and storage, are available to anyone over the Internet. Public cloud services may be offered on a pay-per-usage mode or other purchasing models. An example of a public cloud is IBM’s Blue Cloud.
A private cloud is a virtualised data centre that operates within a firewall. Private clouds are highly virtualized, joined together by mass quantities of IT infrastructure into resource pools, and are privately owned and managed.
A hybrid cloud is a mix of public and private clouds.
A community cloud is an infrastructure shared by several organisations and that supports a specific community.
MaltaICT has teamed up with Iland to offer unparalleled cloud services. Together with Iland, we can offer our clients the following:
- Enterprise Cloud Services
- Scalable enterprise-class infrastructure on demand
- Managed Cloud Services: Our expertise, your infrastructure, hosted in our datacenters for peace of mind
- Private Cloud Services: Cordoned off cloud, managed by our experts
- Continuity Cloud Services:Protect your business from disaster, rapidly restore data and business
More information can be found at http://www.iland.com/services/
At MaltaICT, we know how to tackle disasters – we prevent them. We are able to set up the following types of disaster recovery sites:
Cold sites – These provide coverage for long-term outages of the primary site, in the case of a building fire, hurricane or other major disaster that causes the primary site to be completely inoperable. Should a disaster occur, an organisation must then acquire the hardware necessary to resume operations, build systems, install applications, and load data from backup tapes. The recovery time for cold sites is measured in days or weeks rather than in hours.
Warm sites – These also include a copy of the organisation’s data in some form, either as backup tapes from which data can be restored in the event of warm site activation, or in a more advanced form as storage systems containing copies of the data.
- The time required to activate a warm site depends on many of the decisions made when configuring the warm site:
- Can the organisation’s data be accessed by servers directly at the storage site, or does it need to be restored from tape?
- Are operating systems already loaded on the hardware at the site?
- Are applications installed on those systems as well?
In cases where the answers to all of these questions are yes, an organisation can typically activate the warm site in a matter of hours. In other cases, it may take several days to get the site up and running.
Hot sites – These provide instantaneous or almost immediate recovery of operations when the primary site fails. Hot sites are an improved version of the warm site concept, ensuring that systems at the site are preloaded with operating systems, applications and the data necessary to resume operations in minutes or seconds after a disaster strikes.
Some organisations that have a handful of critical systems and business processes use hot site capabilities for a small number of essential services and a warm site approach for other systems that have a longer maximum tolerable downtime. This allows disaster recovery planners to focus limited resources on the most critical processes without completely neglecting other services.
iGaming re-location setup
The majority of Tech Junkies at MaltaICT work or have worked in the iGaming industry. We value the business culture of such companies and the need to have a no single point of failure in their system architecture.
If you are relocating to Malta, and need someone to handle all your IT services requirements, we are just a call away. We can assist you with all the technical requirements in all the gaming classes (Class 1, 1 on 4, 2, 2 on 4, 3, 3 on 4, & 4), from Betting Exchange Systems, Lottery Systems, Casino Games and Platform providers.
Stress / Load Testing
Have you ever wondered how many requests per second your website and your backend database server can handle? Are you constantly worried that your website might not handle the day-to-day tasks it is designed to do?
MaltaICT has been in the stress testing industry for years. We have managed to identify system bottlenecks for our clients that would not be possible if done by normal testing.
We provide the following:
- Realistic Simulated users: We simulate traffic. No hidden caching or romanticised human behaviour.
- Simultaneous multi geo location generation: We can generate load from up to 10 different locations simultaneously.
- Automatic scripting: We can analyse a web page and generate a load script automatically.
- Easy-to-use scenario recorders: We can record an HTTP session using a proxy recorder and the simulated user can perform the same action during the test.
- Server metrics: We can collect backend information such as CPU usage, memory usage, Disk I/O and Network I/O.