IT Security Services
A security review is a GAP Analysis for an organisation’s security. Not only does it look at what the organisation may not have in place but also looks at areas that may have a large degree of overlap or conflict so that these areas can be addressed, with potential cost savings. New threats and solutions can be discussed as well a deploying existing technology to better protect the organisation. The Cygnia consultant produces a GAP analysis report and recommendations out of the review.
Physical Security + Site Audit
Our IT security services also include an onsite review. Physical Security/ Site Audits look specifically at an organisation’s buildings and staff. It will take account of how easy it is for someone to enter and move around the building with little or no permission or using a false identity. External building security will be judged, how easy would it be to gain access what security measures are in place to deter or detect an intruder, what information is available from looking through the refuse bins and windows. The audit also looks at how easy it is to access the IT Network e.g. walking into the office and plugging in a laptop or dropping a USB stick in the car park and seeing if it is plugged in to a PC that could infect the network with spyware or a “Back door” for a remote attack. Cygnia produces a detailed report with actions so that the management team can address the situation.
Firewalls are usually an organisation’s first line of defence against attack. It is vital that they are configured correctly to provide security whilst allowing the required communication. Firewalls can be complex to manage on a technical level and they need to match the organisations needs. Rules are sometimes temporarily added and forgotten, weak rules are implemented without appreciation of the consequences and systems are not updated.One of the IT security services we offer is an audit to review the configuration of your firewall.
Cygnia’s approach is to evaluate both the configuration of the firewall itself (Is it up-to-date? Is it securely managed and the rules sensible?) Consulting the customer, Cygnia’s firewall consultant will work through the rule base to ensure that it is secure and streamlined to improve the performance of the firewall where possible. A report for management is also produced that documents the original rule base and the changes. This can also be used as part of the overall security review and as a change management document for the firewall with an explanation of the work done.
Day after day organisations are exposed to the risks associated with the ever growing list of security threats endangering business information, ICT systems, company premises and staff.
Whether your organisation is Public, Private or Not for Profit, our Technical Governance Services offer a complete portfolio covering all aspects of Information Assurance, Security and IT Governance.
Cygnia’s team of qualified consultants have many years of commercial Information Technology and Information Security experience.
Our Technical Governance Services include the following:
- ISO 27001 Information Security Management Systems – design and implementation services
- ISO 25999 Business Continuity Management – design and implementation services
- ISO 20000 Information Technology Services Management – design and implementation services
- CLAS consultancy services
- PCI – DSS compliance services
- Information Security audit and gap analysis services
- Security education & training
- Network security assessments, IT health checks and ethical hacking services
- Design & implementation of security solutions as mandated by the Cabinet Office including Risk Management Accreditation Document Set (RMADS)