CUSTOMIZED SECURITY PACKAGES
We provide customized security packages for companies that prefer to outsource their technical security matters to qualified external specialists. Our services are based on best practice standards and include firewall, network and server configurations, Information Security Officer (ISO) roles and other technical security roles specific to your business needs.
We base our service delivery and role execution on the ISO27001 control requirements unless the client requires an alternative control standard. Our role execution services include the information security officer role where we evaluate, monitor and report security concerns in the various business processes on monthly or bi-annual basis.
This service allows our clients to have a dedicated security professional at their disposal to address ongoing security concerns due to new business processes, security incidents, system changes, outsourcing, new system integration or other events that pose a risk to the information processing environment.
- Traffic policy – the firewall configuration that defines what traffic can come in and out of the internal company network.
- Network segmentation – separation of the internal network environment into logical segments that do not have access to each other.
- Access management - we configure role based access where access groups are defined for each business unit and individual accounts are simply added to the corresponding group.
- Password policy – we configure a business wide password policy with length, complexity, lockout, history and expiration requirements.
- Audit policy – we configure the domain audit policy to log all security events like administrator activity, unsuccessful logins, access to sensitive data, remote access and other risk concerns specific to the business.
- Security monitoring – we configure automated monitoring where all security events are tracked automatically and exceptions are reported to the management.
- Annual control review – we perform annual security reviews to make sure all implemented controls are working effectively and there are no gaps in the control environment.
Our customized security packages are based on subscribtion basis where we carry out the client specific services on monthly, quarterly or bi-annual basis providing a detailed report to the management at the completion of each service.