Phase 1 - Security Assessment
A review and assessment of client's IT environment. We look at the following "key" components:
- Anti-Virus, Malicious Code and SpyWare
- Servers (Vulnerability scan of all servers within IT Services)
- Workstations (All workstations will be scanned)
- Firewall(s)
- Internet Traffic Analysis
- IDS / IPS
- Authentication
- Files System(s)
- LAN / WAN Infrastructure
- Wireless Security Review
- SCADA Network Security
- Remote Access (Non VPN)
- VPN (s)
- Encryption
- Incident Response and Reporting
- IT Policies and Procedures
- Future IT Plans
Phase 2 - Analysis of the Assessment
From the data collected during the Assessment Phase, each piece is assembled, categorized and analyzed. The result is that all of the data is in a format which allows for the preparation of the final deliverable.
The analysis consists of determining:
- What is being done well?
- What could be improved?
Phase 3 - Observation and Recommendations
From the data gathered in the Analysis of the Assessment, specific observations and recommendations will be documented. In some cases these remarks will be based on industry best practices.
Phase 4 - Final Reporting
The Project will provide the Client with the final report containing the following:
- Executive Summary
- Technical Executive Summary
- Observations, Implications and Recommendations
|
