Ihloom is your cybersecurity partner, helping you stay secure and compliant, simply and cost effectively. We work with businesses to help protect and monitor their technology and respond to emerging cybersecurity threats.

Be secure and compliant, simply and cost effectively.

Why Ihloom?

The Problem: There are hundreds of great cybersecurity tools on the market with new offerings every day, but they all require time, expertise, and management to use and benefit from.

The Solution: That’s where Ihloom comes in; we provide proven, vetted cybersecurity solutions, setup and management guidance, system monitoring, and ongoing support so you can stay secure in a constantly evolving threat environment. Alerts from security products are useless without context and guidance. Ihloom fills the gap and helps its clients respond appropriately.

The Risk is Real: We see weekly examples of compromised accounts and systems leading to employee downtime, stolen funds, compromised data, and lost business equity. This is in addition to the numerous high-profile data breaches we have all read about in the news. We are living through the perfect storm of cybersecurity risk, driven by an explosion of Cloud-connected services and devices, Artificial Intelligence, Big Data computing, a global work community, and ineffective authentication systems. The problem is going to get worse and requires a new approach to cybersecurity and a reallocation of business resources.

Ihloom Solutions

The Risk is Real

A Bullet Dodged +

Small Consulting firm wants to land lucrative state contract. The contract requires access to PII and other sensitive information. To qualify for servicing the contract, the firm must implement certain cybersecurity systems and best practices including system monitoring and logging of critically IT infrastructure. Ihloom helps implement monitoring solution of Active Directory and Office 365 systems, which resulted in successfully winning the contract. After the deployment of the monitoring systems, Ihloom notified the consulting firm of both attempted and successful breaches to their Office 365 system accounts. With guidance from Ihoom, the consulting firm was able to secure the affected accounts, implement additional security measures and avoid putting the lucrative contract at risk.


Another Success +

IT Consulting firm, in the possession of highly sensitive customer data, maintains several online systems to support its in-the-field staff. Exposure of this client sensitive information could mean significant financial liability and significant risk to the viability of the business. Maintaining secure possession of client data is critical to the services it provides. Ihloom notified the firm of attempted brute force attacks on several of its key Internet facing systems. The firm was able to take additional hardening steps to eliminate the brute force risk to the affected system, potentially avoiding a costly and serious threat.


A Cautionary Tale +

National public media company, with distributed networks across the country, did not have monitoring in place and was not using Ihloom services. Hackers were able to infiltrate key IT systems and accounts. They were able to move laterally from one system to another over several weeks cementing their access and control of system in multiple sites. There were clues that something was going on; the antivirus solution had picked up some hacking attempts and reported on new devices being added to the domain. However, because no effective monitoring was in place, IT administrators had no idea what was taking place right under their noses. The perpetrators were able to lay in wait and execute a sophisticated Ransomware attack at just the right time for maximum impact. The victim had backups that were up-to-date, but it took several weeks to bring systems back online and ensure the integrity of the networks. If appropriate monitoring was in place, this attack likely could have been avoided saving millions of dollars in lost productivity, cleanup costs, and lost shareholder value.


When You Think You're Protected +

A national Cloud payroll provider responsible for some 350 payroll service bureaus across the country became the victim of a ransomware attack. They had just completed infrastructure upgrades with a new failover and recovery solution. However, the attackers were able to compromise all systems and due to the real-time replication that was implemented, the problem spread quickly and made quick recovery difficult. Their systems were down for over a week and they ended up paying an undisclosed sum of money to the attacker for recovery keys. Having good offline backup systems, monitoring and training in place may have saved this company from huge financial losses. It is also clear that these types of attacks usually occur over a long period of time to allow the attacker to affect maximum impact. If good monitoring were in place, its possible the attack could have been detected earlier.


Many Ways to Lose Money +

A medium-sized commercial electric company learned there are many ways to lose money when attackers are creative. One of its electricians became alarmed when his payroll wasn’t processed. He contacted the HR department and it quickly became clear that someone else had walked away with his paycheck. Hackers had infiltrated his email, were able to communicate with HR and request changes to his payroll processing, sending his and the company’s money to a foreign entity. The money was not recoverable. Active logging of email accounts would likely have identified this compromise. Login attempts that are inconsistent with normal user behavior, such as logging into email simultaneously from two geographic locations, would have triggered an actionable alert. The company has since implemented training routines and logging to help mitigate these risks going forward.


When the Cloud Becomes Cloudy +

An international footwear manufacturer and distributor was using Dropbox for corporate file storage. Ransomware had made its way onto several key employee computers through email-born malware. The antivirus software in use, although up-to-date, was unable to stop the attack. As the ransomware traversed the network from computer to computer, the ransomware payload encrypted computer drives and several key servers. When administrators had gone into Dropbox, they were alarmed to discover the ransomware had affected all the previous versions in key Dropbox shares making Dropbox recovery impossible. Good user training and system monitoring may have helped avoid or limit the impact of this attack. The attack was initiated by a user opening an email attachment from a trusted sender and was launched and disseminated from compromised email accounts within the organization. The business was down for over a week and lost critical business documents that were unrecoverable.


Get Started

A good security plan should include a risk assessment, protective layers, system hardening, user training, and proactive monitoring.

We all know it’s a good idea to put locks on our doors, lock the windows and even put in an alarm system, but we often forget that good security really requires constant oversight. Who will respond when an alarm goes off?

Cybersecurity technology solutions want us to believe that by simply buying and installing their software, we’ve solved our cybersecurity problem. The truth is that without the proper assessment, training and someone looking for the alerts and knowing how to respond, you cannot benefit from these solutions fully. You need a trusted partner who can help you learn about risks, secure your systems, and monitor and react to emerging threats. You need Ihoom.

Get Started

About

Ihloom is a cybersecurity company focused on providing small and medium size companies with critical and meaningful cybersecurity services and support. Founded by industry veterans Garrett Brown and Todd Mitchell, Ihloom staff have over 20 years of on-the-ground information technology and cybersecurity experience. Recognizing the critical gap between newly available cybersecurity technologies and the expertise and support to effectively deploy them, Garrett and Todd assembled a new team with a mission to develop the services and support to help businesses effectively protect themselves.

Contact Us

Phone
781-285-6154

Email

Address
10 Kearney Road, Suite 303, Needham MA 02494

Get Started