NRGiC ® IT Architecture and Security Professional Services

 

Home    Intranet    Contact us    Where    Français                         

         Security

 

The information security comes to another maturity phase of requirements. The business activities are now more conscient of operational risks. Some recent security events made the proof of some security concepts. Some of these concepts were sometimes considered as nice to have in the past. Rogue trading, and non compliancy to regultions gave financials urgent reasons to implement security services. By extension, providing reliable information (financial, business, ...) is a mandatory requirement.

 

         Some topics

 

Identity and Access Management.
Network Security
Functionnal security
Wifi
Security in depth, anti virus
IAM
VOiP
Digital secured boxes
SSO (Desktop, Web, Entreprise, Federated)
VPN / TLS
Security Assessment
PUPM Conference system OVAL OWASP

         The context

 

The SOA and more interactivity beetween information system. All these increasing interactions explain the requirement of security services. This concerns both technical solution and organisational processes. Roaming users, segregation of duties and responsabilities are reality. Border protections, content sanitizing is now a minimal situation that needs to find answers for business security services (Business end to end encryption or integrity). The transport layer is now out of the issue for such business requirements.

Desktop and laptop integrity are rising requirements in sensible environments, network sub division and compatimentation to avoid virus and worm diffusion, ressources authentication on the network, patching zone, the initiatives and needs are multiple on the ground.

Of course some equivalent organisational developements are necessary, worflows, vulnerability management, periodic penetration tests. . .

 

 

        Business responsabilitites

 

More than ever, business are requiring some efficient and less intrusive solutions. To answer these questions, security people ask to generalise risk assessement. business that are currently under cost and budget pressure, are of course looking for some cost benefits... Risk assessement, counter measures, security breaches inventory, security policy, instrusions detections, contigency plan . . . We are trained in organizing and offering professional services on these subjects.

         Defining the security objectives

 

There has been a lot of exemple of technical implementations without any securirty policy consistency. This has sometimes given some non efficient implementations regarding to the operational risk coverage.

The different effort must be driven by a general security policy. Even if it won't ensure a 100% efficiency of initiated project, it will offer relevant executive gouvernance elements.

 

 
Warning: require(): http:// wrapper is disabled in the server configuration by allow_url_include=0 in /home/www/nrgic.com/httpdocs/en/securite.php on line 175 Warning: require(http://nrgic.com/stamp.php): failed to open stream: no suitable wrapper could be found in /home/www/nrgic.com/httpdocs/en/securite.php on line 175 Fatal error: require(): Failed opening required 'http://nrgic.com/stamp.php' (include_path='.:/etc/phpnet/php/53/lib/php') in /home/www/nrgic.com/httpdocs/en/securite.php on line 175