 |
IT Security Assessment
After security infrastructure planning and/or security assessment, your team or vendors would receive a list of recommendations from the assessors or auditors. However, most of the recommendations are written for IT security specialists but not for normal IT support staff, end-users or IT operation staff. At the same time, the canned report prepared by assessors or auditors may include various unverified or invalidated security issues or vulnerabilities. Thus our consultants can bridge between you and your assessor/auditors to smoothen the rectification process. Our consultants may even guide your team to implement rectifications and recommended changes directly. Our consultants have a wide spectrum of operating system knowledge (e.g. Windows platform, Linux, HP-UX, AIX, Solaris, OS/400), application security knowledge (e. g. such as Oracle DB, Oracle e-Business Suite, SAP, Lotus Notes, MS Exchange), smart cards operation knowledge and biometrics applications knowledge.
Policy Revision
IT Policies & procedures are not static documents. They are lively and dynamic which is changing according to the business' needs, technology trend and company culture. It is important for managers to review and update IT security policies & procedures periodically. Our consultants assist clients in reviewing, revising and refining existing IT security policies & procedures against business requirements, international best practices and corporate IT governance.
Security solution implementation
After Security assessment or IT audit services, IT staff or vendors would receive a list of recommendations. In some cases, not only system securing and hardening activities have to be performed, new security systems may also have to be implemented. Our consultants are able to facilitate and act as the Solution Architect or Project Manager of your organization and coach your team in implementing the new security solutions. As the solution architect, we will outline the key control points in implementing the solution. On the other hand, our consultants, upon request, could also act as the outsourcing IT implementation team to deploy the security solution according to vendor's requirements or instructions from the client project manager.
