IT Security - Security Optimisation Reviews
The security threat landscape is constantly changing, so it is important to regularly review the security architecture to ensure that it provides the necessary protection for a business against the risks. If left unchecked, the architecture in its current state could become insufficient for its requirements, or could be modified in the course of business to provider a lower level of protection that previously given.
A 2e2 Security Optimisation Review will provide will highlight a fresh and independent view of the systems and processes in place. Our experience of managing security for an extensive range of customers gives us the advantage of being able to consider and advise on a wider variety of security issues. We also look beyond the technology to look at the people and processes involved with the security systems to ensure a complete review of security within the organisation.
2e2 Security Optimisation Review’s will also allow your security infrastructure to be tuned to ensure the highest levels of performance and reliability, reaping the benefits of having the most up-to-date, secure systems today.
What is included in a 2e2 Security Optimisation Review
- Examination of existing security product layout, considering issues such as best practice for security, high availability, business continuity/disaster recovery
- Assessment of existing product configurations, including rule bases
- Evaluation of products within their working environment to ensure that they meet the needs of the organisation.
- Review of product management and change control methods
- A full written report of our findings, including a prioritised list of recommendations for your organisation to ensure that they stay on-top of security. 2e2 can the assist with providing a detailed implementation plan for these recommendations and (where relevant) can perform these recommendations to provide
The 2e2 Security Approach
The 2e2 Security offers 3 different Security Optimisation Reviews
1. Technology Security Optimisation Review
Review of the following system types is expected to be conducted
- Content (Email, Web, IM, FTP, etc) filtering system
- Firewalls, VPN and perimeter security policy review
- Remote network access systems
- Intrusion detection and prevention
2. Advanced Technology Security Optimisation Review
Included in this advanced Security Optimisation Review
- Identity management and logical/physical access control solutions
- Endpoint security (fixed and mobile devices) including: NAC, A/V, HIDS/HIPS, Device Control, and Device Encryption
- Network monitoring
- System hardening
- Audit and Log systems
- Patch management systems
- Provisioning and change management systems
- System interaction with partners and customers
- Vulnerability Assessment / Penetration testing
3. People and Processes Security Optimisation Review
The following elements will be included as part of this review
- Analysis of Security education procedures for system users
- Evaluation of the User as Information Security stakeholder
- How are company resources provisioned to users
- How is change management dealt with
- Organisational security policy, procedures and guidelines
- System configuration baselines and guidelines
- Incident detection processes
- Security incident response procedures
For further information please contact 0207 578 6100 or email security@2e2.com
