MANAGED IT & NETWORK SECURITY SERVICES
 

MAXIMUM SECURITY
The Integrated IT Software Suite was designed with comprehensive security throughout. The design team brings over 50 years of experience designing secure systems for government and commercial applications. The software creators applied this experience to uniquely combine ease of use with high security.

The Software Agent
The software platform architecture is central to providing maximum security. Each computer managed has a small agent installed. The agent initiates all communications back to the server. Since the agent will not accept any inbound connections, it is impossible for a third party application to attack the agent from the network.

Firewalls
The software does not need any input ports opened on client machines. This lets the agent do its job in any network configuration without introducing susceptibility to inbound port probes or new network attacks.

Encryption
The software protects against man in the middle attacks by encrypting all communications between the agent and server with 256-bit RC4 using a key that rolls every time the server tasks the agent, typically at least once per day . Since there are no plain text data packets passing over the network, there is nothing available for an attacker to exploit.

Secure Access
Administrators access the K-Server through a Web interface after a secure logon process. The system never sends passwords over the network and never stores them in the database. Only the  administrator knows his or her password. The client side combines the password with a random challenge, issued by the CSUSA server for each session, and hashes it with SHA-1. The server side tests this result to grant access or not. The unique random challenge protects against a man in the middle attack sniffing the network, capturing the random bits, and using them later to access the CSUSA server.

Web Access
The Web site itself is protected by Patch Management. The CSUSA Patch scan is run on the CSUSA server every day. As soon as new patches are released, the CSUSA Patch scan automatically detects they are needed and applies all security patches automatically. Finally, for maximum Web security, the K-Server Web pages fully support operating as an SSL web site.