Services & Support
Why is security such a hot topic in todays online world? Some argue its our dependence on the internet to organize, monitor, interact and ultimately control our lives and that such control in the wrong hands would be disastrous. Others bring up the privacy factor where your physical location no longers matter and confidential data should be protected at all costs the same as you protect your private properties and belongings.
While these points are valid (however Orwellian they may imply), there are many practical problems you may encounter no matter the size of your business, from multi-country enterprises to self-employed individuals, that will frustrate, hinder, damage and possibly have negative legal ramifications.
Techhammer can help analyze your online business, assess possible security vulnerabilities, develop sound procedures, train your staff and even handle your data backup. Over the last 10 years we have developed techniques and procedures that can give you equal security standards as the larger firms that invest millions in their security infrastructure yet cost you a mere fraction of what they spend.
We are well versed in counter-hacking (the art of anticipating a hack or breach of data integrity and preparing to defend against it) and finding simple solutions to complex security nightmares without the huge price tags usually associated with bullet-proof security systems.
Some of our Services include:
- Risk Analysis
- Vulnerability Assessment and Penetration Testing
- Patches management
- Security Policy Development, Review and implementation
- Security Hardware and software installation, configuration, maintenance, and support (including firewall, intrusion detection/prevention systems, PKI, VPN's and access control systems).
- Wireless Security and Data Encryption Solutions
- Documentation Development and Analysis (HIPAA, JCAHO, GISRA/FISMA, DITSCAP, VA ITSCAP, NIACAP, etc.)
- Auditing and Compliance Assessments (Surveys, Testing, Reporting)
- Security Awareness Training
Modern technology is enabling business communication in ways never before imagined. But with the advances comes new and potentially devastating threats-both internally and externally. Many organizations make the mistake of concentrating on technical areas before examining the foundations of their information security program. Techhammer's security professionals will take the "big picture" approach by evaluating ten critical areas of your organization. We will help you find practical ways to enable your business and secure your information systems. In a TVA situation Techhammer professionals will examine:
- Procedural Security: information security charter, policies and procedures, organization, roles and responsibilities, auditing, awareness, IT change controls
- Personnel Security: background checks, non-disclosure agreements, training, professional development, terminations and transfers, contracts
- Disaster Recovery/Business Resumption Planning: Fault tolerance/redundancy, data backup, recovery/continuity planning
- Physical Security: facilities access control, security cameras, location and marking of facilities
- Environmental Security: disaster/interruption avoidance, safety, air conditioning and temperature controls, electrical power and utilities
- Media Security: protection of all forms of physical storage media including paper documents
- Hardware Security: hardware maintenance and change controls, anti-theft, anti-tampering
- Software Security: software maintenance and change controls, software integrity, software copyright/licensing compliance, privileged program controls, anti-virus and related malicious software safeguards, database security, security design on new systems
- Network Security: network device security, communications security, network access controls, Internet/Web security, intrusion detection, vulnerability testing, PBX/voice system security, network change controls, firewalls and proxy servers, dialup access security, encryption, e-mail security, wireless controls
See dedicated page on network security
Information Security Management should achieve three clear, strategic business goals:
- Protecting valuable information assets,
- Preserving the privacy of employees, customers, clients, and suppliers, and
- Providing information availability
The process to achieve these goals requires an on-going cycle of activities. The key stages in this cycle include:
- Define Environment and Assets
- Security Risk Analysis
- Policies, Standards, and Guidelines
- Security Design Implementation
- Monitor, Audit, and Test
Defining Environment and Assets:
The scope of the Information Security Program must be clearly defined. It must include not only the organization itself, but also its interactions with others, such as suppliers, partners, and customers. Each significant change in the organization (e.g., mergers and acquisitions, new products and services, new or remodeled offices, staff reductions, significantly modified information technology, new network connections, new laws, etc. ), usually results in a change in the information security asset "base" that must be protected.
This phase also includes an information valuation process. Many organizations skip this process. That is a big mistake. Establishing a value for your assets is the only way to make certain that the cost of the recommended safeguards properly reflect the value of the asset to be protected.
Security Risk Analysis:
This phase of the Information Security Management Cycle puts structure to you threat and vulnerability environment. Threats include natural and man-made and accidental as well as intentional acts. The possible consequences of threats to information assets include: unauthorized disclosure, copying, alteration, destruction, and denial of access. Network Security Solution's structured Threat and Vulnerability Analysis (TVA) services assists clients by: documenting and analyzing the relevance of information assets, identifying relevant threats and risk scenarios, detecting inadequate security management practices, and recommending
What's hot?
Page tools
