| |
| |
| Consulting
Practice |
| |
| |
|
In
today's service oriented environment, assurance is the prime
virtue that clients are looking to, and the area of information
security is no exception. We strongly believe that security
is a moving target -- our consulting team does not operate
in conclaves... SecureSynergy is poised to take the quantum
leap forward, across the three key horizontals -- SAN, wireless
networks and portals.
|
| |
 |
|
SecureSynergy views
the full range of 'information security' in a five-phase
life-cycle. Each stage has a purpose, that is, to continually
improve the organization's position against losses due
to any type of attack (internal or external).
|
|
| |
|
|
| SecureSynergy assesses an organisation's
current security posture as the first step. |
| |
|
The assessment process evaluates the security
of the client's organization (both physical and logical),
identifies the assets to be protected, identifies security
vulnerabilities, and then recommends protective options for
eliminating or mitigating the security risks.
|
| |
 |
Security Planning and Compliance |
| |
 |
Security Policy |
|
Security Architecture |
|
Security Audits |
|
|
|
Assessment Services |
| |
|
Vulnerability
Scanning |
|
Penetration
Testing |
|
Threat-based
Risk Assessment |
|
Incident
Response |
|
Security
Forensics |
|
Security Readiness
Review |
|
|
|
Availability Services |
| |
|
Disaster Recovery
Risk Assessment |
|
Business Continuity
Risk Assessment |
|
Capacity Planning |
|
|
| |
|
|
|
Once the risks -- along with the protective
measures for mitigating them -- have been identified, the
natural second step for SecureSynergy is to implement the
security mechanism.
|
| |
|
In this phase of the life cycle is the implementation
of solid architectures, plans, and policies for integrating
the security practices enterprise-wide.
|
| |
|
Security Systems Engineering |
| |
|
Secure Application
Development |
|
Secure Application
Integration |
|
Secure Application
Migration |
|
Interoperability
Testing |
|
|
|
PKI/Cryptography |
| |
|
Integration |
|
PKI Certificate Authority |
|
Secure Messaging |
|
|
|
Access Control |
| |
|
Smart Media &
Biometrics |
|
Single Sign-On |
|
|
|
Perimeter Protection |
| |
|
Intrusion Detection
Systems |
|
Firewalls |
|
VPNs |
|
Virus/Malicious Code |
|
|
|
Business Continuity Planning
and Disaster Recovery |
|
| |
|
|
|
As the third step we secure the client's
information systems to validate that the security mechanisms
put in place during the protection phase do indeed support
the security policy and address the risks and vulnerabilities.
|
| |
|
Validation and Accreditation
Support |
| |
|
Verification/Accreditation |
|
Periodic
Re-testing |
|
Threat
based vulnerability Updates |
|
System/Plan/Procedure
Audit |
|
|
|
Solution-set Documentation |
|
System Test
and Evaluation |
|
Business Continuity
Plan Testing |
|
| |
|
|
|
The Information Assurance security program
is only as effective as the people implementing, managing,
and using it. The overall success of the tactical and strategic
programs that protect the client's information systems is
dependent on the knowledge and skill of the employees.
|
| |
| Training is the fourth step
in the security life cycle that ensures that personnel are appropriately
trained. |
| |
|
Awareness and Security
Training |
| |
|
Security Awareness
Programs & Courses |
|
|
| |
|
|
| |
|
The fifth phase in the Information Assurance
life cycle addresses the need for constant and active vigilance
at the defensive perimeter, including security policies, practices,
processes and procedures, as well as disaster recovery and
business continuity plans.
|
| |
|
Intrusion Detection Analysis
& Response |
| |
|
Host Based |
|
Network Based |
|
|
|
Managed Assurance Services |
| |
|
Security
Monitoring & Management |
|
Security
Administration |
|
Virus/Malicious Code |
|
|
|
Network Security Management |
| |
|
VPN |
|
Firewalls |
|
Proactive Scanning
& Monitoring |
|
|
|
Alert & Warning Advisories |
|
Business Continuity Plan
Monitoring |
|
Host
Site Services |
|
| |
| |
| |
| |
