Timely access to information through corporate networks is
becoming critical for business efficiency. However, access to your
organization's network needs to be controlled. In today's rapidly moving
business environment, the network needs to be protected from individuals and
organizations that may plan to disrupt the services or obtain data delivered
through your enterprise network. The only way to protect your network is to
build and operate it with a clearly defined security policy in place.
A security policy addresses organizational requirements for access to data
and approved access methods. The security policy should be dynamic and
requires continuous monitoring and review. Only with a fully complaint
security policy should electronic and Internet access methods be implemented
within an organization.
At ITSthe1, we deem that the security market dynamics are such that the
market is fragmented into different segments. The segments range from access
security to application and data (field) security. The segments that ITSthe1
is targeting with the solutions offerings are network and Internet security.
In addition, the deployment of e-commerce solutions and provision of broader
extranet type access to corporate networks and information will provide the
major catalyst for the growth in the security market. ITSthe1's security
solutions include audits, policy creation, product selection and/or
evaluation, product configuration and installation.
To complete the offering, ITSthe1's security solutions are completed with
ongoing support services to cater for the dynamic nature of potential
threats posed to the integrity of your corporation's network.
- Security Program Assessment
Evaluates whether or not a customer has a defined Security Program and if
so to what extent.
- Vulnerability Scanning
Process which uses specialized tools (commercial and Shareware) to
determine vulnerabilities on systems and their configurations.
- Penetration Testing
Our Security Professionals will use multiple methods after scanning to
exploit and discover ways into and through your network systems.
Successful exploitation will be reported through a follow up session and
documentation with Executive and Technical recommendations.
- Security Development & Implementation
Security Program Design, Policy Development, Process Development.
- Risk Assessments
Determines Cost versus Risk for Decision Support.
- Security Awareness Training
Employee and Management training to make aware of Policies and use of
technology in Information Protection.
- Access Reviews
Process, which uses specialized tool (Kane Security Analyst) to analyze
security configuration of NT and/or Novell servers and reports current
user access privileges.
- Incident Recovery
Service to assist customer in recovery efforts after an incident. (IE.
Virus attack, Hacking attack, etc.)
- Security Program Manual
Provides the framework for a customer to utilize for creating a
comprehensive Information Protection Program for their organization.
SECURITY HARDWARE & SOFTWARE
- Firewall (Cisco Secure PIX)
Appliances that utilize a proprietary, hardened operating system which
eliminates security risks associated with general purpose operating
- Host Intrusion Prevention (Entercept)
O/S Support for: NT & 2000 Server Editions, & Solaris Web Server Support
for: IIS, Apache, iPlanet & Netscape. Delivers breakthrough software
technology that provides real-time analysis and reaction to hacking
- Antivirus Software
Protects from Malicious Viruses such as “Melissa, I Love You, and Code
Red” at the desktop and server level.
- Virtual Private Networks (Cisco Secure VPN)
Virtual Private Networks (VPNs) are used to establish secure, end-to-end
private network connections over a public networking infrastructure.
- Intrusion Detection (Cisco Secure IDS)
Intrusion detection system designed to detect, report, and terminate
unauthorized activity throughout a network.
Controls the authentication, authorization, and accounting of users
accessing network resources. These products can strengthen the
authentication, commonly referred to as Strong or Two-Factor
authentication and can also consolidate user account Databases.
- Web Authorization Portal (RSA ClearTrust)
A unified privilege management solution that enables secure user access to
- Web SSL Acceleration (RSA nCipher)
Eliminates SSL processing bottlenecks, freeing the Web server to process
more transactions more quickly.
- Web Filtering
Allows you to transparently monitor, manage, and report traffic flowing
from your internal networks to the Internet.
- Email Filtering
Manages how employees use corporate email. It gives the customer
information and tools to implement and enforce an email Acceptable Usage
Policy (AUP), fully customized to your organization’s needs.
MANAGED SECURITY SERVICE
- Security Information Management (SIM)
Monitoring of IDS, Firewall, VPN and Router logs for security.
- Security Management
Outsourcing of Security Officer duties. Regularly scheduled time for a
CISSP level consultant to maintain and/or build the Security Program for
- Sentry Maintenance Service
Quarterly maintenance to keep Security Devices up to the current patch and
version levels of their associated Operating System and application