Expertise

‹ Return to Expertise Index

Security, Encryption, Vulnerability Mitigation

It takes intelligence and expertise to stop cyber attacks.

The challenges to ensuring the security, privacy, and integrity of technology systems have never been greater. A growing reliance on networked computers has given rise to greater vulnerabilities and created formidable new threats.

End Point Dev protects the privacy & security of your business.

Information security requires protecting computers, software, and information systems from theft, damage, and disruption—​no matter the cause. Security means protection from natural disasters, as well as bad actors. At End Point Dev, we help organizations harden their infrastructure and software applications against any threat.

We execute for security.

We take seriously our responsibility to safeguard the systems and data our clients entrust to us. We continually train our staff on evolving security threats, procedures, and safeguards. From years of experience in security-conscious industries—​ecommerce, healthcare, and finance—​we’re familiar with the special handling required for sensitive information. This familiarity is rooted in our work creating PCI DSS compliant systems for payment processing and HIPAA compliant software for the medical world.

Everybody likes to say that their system administrators stay informed of emerging security vulnerabilities and apply software patches. Ours really do.

End Point Dev offers security & risk assessment services to:

• Audit to identify infrastructure security risks, including software, personnel and operational practices.
• Plan to protect infrastructure, systems and data.
• Harden infrastructure and software applications.
• Deploy real-time monitoring and recovery systems.
• Respond to threats and plan for ongoing improvement.

Encryption

Do your business needs require data encrypted in transit and at rest? Do you need an expert team to look at your ecommerce encryption? We have deep experience in crafting system security and can work with your needs.

SSL/TLS certificates

Along with our domain name and DNS services, End Point Dev offers SSL/TLS certificate services for our clients including:

• Choosing an SSL certificate authority and provider
• Integration with ACME-automated, free certificate authorities like Let’s Encrypt
• SSL certificate purchases and configuration with CDNs
• SSL certificate renewals
• SSL certificate expiration and HTTPS configuration monitoring

SSH (Secure Shell protocol)

End Point Dev uses SSH to access most of our client projects. We primarily use public key authentication with 4096-bit RSA and ed25519 keys, avoiding ECDSA and DSA keys. We also use SFTP for secure file transfer systems, which runs over SSH.

PGP (Pretty Good Privacy)

The PGP standard and GnuPG (GPG) open-source implementation allow for secure sharing and storage of confidential data. We offer help implementing PGP for your workflow and use it ourselves for compartmentalizing sensitive private data.

Vulnerability remediation

End Point Dev is experienced with the entire security vulnerability process, from helping you pick the right tools and software for scanning, patching holes, and making long term plans to update your infrastructure. Whether on Windows or Linux, one machine or your entire infrastructure, we have you covered with security scans and updates.

Specialized expertise and tools:

• Cryptography (symmetric and asymmetric public-key)
• LUKS, dm-crypt, FileVault, BitLocker, eCryptFS, cryptoloop
• OpenSSH
• OpenSSL
• PGP/GnuPG
• SSL/TLS for HTTPS and other protocols