|
Service
Solutions
|
Our
technical staff hold advanced certifications,
including the distinguished Certified Information Systems Security
Professional (CISSP) designation. Our layered approach (described below)
to your companies security needs ensures that all areas of vulnerability
are examined and addressed. Let us help you discover how a relationship
with Cornerstone Systems, can make your business more successful.
|
|
Description
|
Our Methodology
When we examine the
security environment for a customer, we focus on 8 discrete areas:
- Security Roadmap
- Company Security Policies
- Perimeter & Internal
Security
- Intrusion Detection &
Prevention
- Authentication &
Encryption
- Anti-Virus
- Content Filtering
- Managed
Services/Operations
Security Roadmap
Everything begins with a
roadmap. This tells us where you are, where you need to go, and most
importantly, how to get there. Your enterprises roadmap is more than a
simple security assessment. It includes additional features such as a
policy review, operations review and many other components.
Company Security
Policies
Corporate IT &
Security policies are the foundation for all the remaining layers. Your
security architecture depends completely on your security policies. This
policy layer will help ensure that you have a solid and legal foundation
for your architecture.
Perimeter &
Internal Security
This is the focus of the
standard "Security Assessment" that other companies provide. We
will review not only the firewall or external security architecture; we
will also review the internal security architecture of your company. The
vast majority of all security incidents begin on the internal network, so
it is imperative that you keep the inside as secure and solid as the
outside.
Intrusion Detection
and Prevention
Intrusion Detection
Systems and Intrusion Prevention Systems are the only way you can ensure
that someone is not penetrating your network. Early detection is key to ensuring that your data remains private.
Intrusion Prevention offers an even better advantage; it stops attacks
before they become reality.
Authentication &
Encryption
The weakest part of
almost all companies is password security. If your password security is
weak, then no firewall or Intrusion Detection System can prevent a system
from being penetrated.
Anti-Virus
Everyone has some type
of Anti-Virus solution. But is it enough and is it in the right place?
These are the topics that we investigate in this layer. We focus not just
on desktop & e-mail virus scanning, but also Internet and Instant
Messaging virus scanning.
Content Filtering
What are your employees
allowed to do over the Internet? Why should you
be concerned? There are numerous legal issues that a company can avoid by
ensuring the acceptable use of the Internet and other resources.
Managed
Services/Operations
So now that we have
developed a world-class security architecture, it is imperative that it
is managed properly. This includes monitoring logs, managing change, and
ensuring proper incident response.
|
