Do you think antivirus is enough? The reality is more complicated. What many consider to be sufficient protection today is often just the basics. Real cybersecurity starts where conventional tools cease to suffice. In an era of sophisticated attacks and sophisticated threats, protection requires more than technology – it needs strategy, expertise and continuous improvement.
It doesn’t matter whether you’re choosing an antivirus for an endpoint device or designing the architecture of a robust security infrastructure. We’re here for anyone who’s serious about data protection. Our experts help turn security into a systematic and efficient process. Model examples of cyber protection show the level of security a company can achieve – from basic measures to professional systems built on technologies like SIEM.
Level 1 – Basic level of protection
The lowest level of protection represents the minimum measures that are necessary for each company and employee. Level 1 solutions do not require active management, but do require professional IT implementation and setup. For managing this type of security protection, the expertise requirements are relatively low, meaning that a security specialist can cover a wider range of these technologies without the need for day-to-day interaction.
The first level of cybersecurity is therefore just basic measures that provide protection against common threats, without complicated management or advanced tools. Here, companies and individuals can rely on commercially available technologies.
Model example 1: Small accounting company
Let’s take the example of a small accounting company with 8 employees that focuses on bookkeeping and payroll processing for freelancers and smaller companies. The company does not perform special IT operations – its main working tools are cloud-based accounting systems and email communication. The company does not have its own servers or IT department, with technical support provided by an external supplier.
This company’s security measures are relatively simple but effective:
- Antivirus: commercial antivirus with automatic updates is installed on all computers, which ensures the protection of the end devices.
- Firewall: each device has a software firewall enabled that comes with the operating system.
- Backup: important files are synced to cloud storage (such as OneDrive), ensuring automatic data backup without manual intervention.
- Updates: operating systems are set to update automatically, minimising security holes.
- Employee training: all employees receive training on the importance of strong and unique passwords, as well as cyber hygiene and phishing attacks.
- Two-Factor Authentication: two-factor authentication (2FA) is used to access the accounting system, which is provided by the software vendor.
These measures meet the basic requirements for Level 1 and are ideal for smaller businesses that don’t need complex security management but do need protection against common threats. The solutions are implemented by an external IT expert but do not require day-to-day oversight, meaning the business can focus its attention on core business activities without worrying about security.
Level 2 – Advanced level of protection
The second level of cybersecurity still includes the aforementioned basic security measures necessary for small businesses, but it also allows for the deployment of more advanced and complex technical solutions. The main difference is the need for active interaction and management of security systems. Security technologies at this level involve greater complexity and demands on specialist skills, so they need not only professional management but also constant monitoring.
These systems require at least one security specialist to actively monitor and manage protection and technologies, which may include advanced network infrastructure settings, advanced authentication or access control. Similar arrangements are designed for companies with growing cybersecurity requirements that do not yet require a fully centralized security operations center (SOC).
Model Example 2: Advanced Network Security
The company, which is part of a large holding company with companies of different focus, decided to partially outsource IT services, choosing GAMO to secure and manage the network infrastructure in all five locations in Slovakia. Other systems, such as Microsoft 365, are handled by another supplier.
The proposal was aimed at increasing the level of network security and eliminating risks. Based on diagnostics and communication with the client, we identified several vulnerabilities, including connections of unauthorized devices. As a measure, we proposed to implement an 802.1X authentication framework that restricts unauthorized devices from connecting to the local network.
For (non-)techies: this security framework acts as a “receptionist” with a list of approved devices and users that can “enter”. Each access to the network is authenticated, preventing unauthorised or unsecured devices from connecting. The system also allows the administrator to control and manage network access, greatly enhancing the security of corporate data. A similar security solution brings several key benefits to a company:
- Access control: only approved devices have access to corporate data, reducing the risk of data leakage.
- Protection from attacks: Prevents unauthorized devices from connecting, reducing the likelihood of attacks.
- Access tracking: the administrator has an overview of all connected devices, which simplifies IT management.
Based on the presentation and technical consultation, the company decided to implement the proposed solutions in phases in all its locations. This advanced security system, which enables active monitoring of security threats, already requires at least one IT specialist for daily monitoring and management. The solution is also available for smaller companies that do not want or cannot invest in a fully integrated Security Operations Center (SOC).
Model example 3: System integrator
The customer contacted us with the assignment to build a working environment for a newly established freight forwarding company, which will gradually employ from 3 to 6 people. Their requirement was to provide not only an internet connection, but also a security firewall, switch, AP for connecting employees and a server for applications. In addition, they required strict access restrictions for various employees.
The proposed solution included:
- Virtual servers in GAMO cloud for applications and data.
- Windows and Eset licenses for server protection.
- Firewall Fortigate F40, switch Aruba HP, Access Point wifi.
- M365 for products such as Outlook, Word, Excel.
- Security monitoring as an additional service.
To implement this solution, we prepared a detailed proposal including migration, server management and technical specifications. As a result, the business can gain the advanced security and flexibility it needs to operate and manage access to sensitive data and applications efficiently.
Level 3+ – Professional Enterprise Security
Level 3 and Level 4 technologies and services represent state of the art security solutions at the cutting edge of technology. They are designed especially for organizations that have high security requirements and either have an in-house team of experts or use the services of specialized partners.
As the level of security increases, not only does the complexity of the technology increase, but so do the requirements for specialised personnel – be it knowledge of specific solutions, products or vendors. The implementation, configuration, and especially the day-to-day monitoring of tools such as EDR, XDR, SIEM, and others require dedicated security specialists.
Without professional deployment, constant assessment of alerts and debugging of all components, even the most expensive technologies can create a false sense of security. In extreme cases, an organization may be less protected than with a well-managed, lower-tier solution.
Model example 4: SIEM and SOC operator services
A long-standing customer in the manufacturing segment, for whom GAMO manages the complete IT infrastructure – from systems through the network to applications hosted in the GAMO Cloud, has moved to a new level of security in 2024. After consolidating the entire IT infrastructure following a cyber-attack and in preparation for the legislative requirements of the NIS 2 directive, we proposed deploying a comprehensive service.
A key part of the solution is the deployment of SIEM (Security Information and Event Management) and SOC (Security Operation Center) services. Our solution, using the open source Wazuh platform, can be an alternative to commercial and robust solutions (such as QRadar) while providing high functionality.
GAMO’s SIEM enables:
- Collecting and standardizing security data from across the infrastructure;
- Event correlation and suspicious activity recognition;
- Automated security threat alerts;
- Full visibility into all parts of the system;
- More effective incident response and simplified compliance with standards and regulations.
GAMO SOC operators monitor the system around the clock, evaluate incidents in real time and ensure:
- Collection and analysis of suspicious events from various systems;
- Identify the origin, location and reason for the incident;
- Regular reporting and suggestions for corrective action;
- Checking the implementation of the recommended changes.
The result is a centralized, highly professional security oversight of the company’s entire IT infrastructure that meets the modern requirements of even the most demanding regulatory frameworks.
