Network Security

Enabling Network Security

As security threats have become more and more sophisticated with the advancement in internet technologies, introduction of new devices and media, the traditional Defense of Layer 3 Firewalls, Core router / switch IP access lists etc is not enough to handle the today’s security threats. Though organizations have applied many solutions beyond traditional security but issues like Zero day attacks still make our organization vulnerable to threats. With the introduction of new technologies & services like Cloud & BYOD and Targeted advanced persistent threats (APTs) etc the exposure to information of an organization is increasing day by day.

As an organization we need to take care of some basic processes and tools to take care of today’s changed landscape of threats as below:

  • Minimum baseline security implementation
  • Continual vulnerability assessment
  • Audit & compliance assessment against the controls implemented
  • Information Security Risk assessment
  • Update of latest patches / versions to all Information Security devices
  • Review of configurations
  • Strong security incident(Forensic) management process
  • Update risk assessment register with new threats / vulnerabilities from security incident management process

Our Offerings

Information Security Strategy Formation (SpurASSESS Model)

Engineering of Processes for Information Security needs of Organisation

* Information Security Policy

  •  Password Policy
  •  User id and access policy
  •  Security Exception Management Policy
  •  Information Security incident management policy
  •  Patch management
Threat and Vulnerability Management
Application Information Security Assessment
* Access Control
* Configuration Review of under lying systems
  •  Operating Systems
  •  Web Servers
  •  Databases
Minimum Security BaseLine Recommendations for
* Operating systems (Windows, Unix, Linux) and Subsystems (IIS etc)
* Databases (Oracle & MS SQL)
* Network Devices (Routers, Switches)
* Security Devices (Firewalls, IPS, Proxy, Antivirus etc)