InfoSecPro.com is providing corporations with leading edge computer and network security solutions. Our staff of Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE) and Cisco Certified Network Associates (CCNA) will provide the best, cost effective security solutions.

Let us configure your network infrastructure to provide you with the security level you need. Contact us at: InfoSecPro.com PO Box: 291 Purchase, NY 10577-0291 732-763-2814 tibi@infosecpro.com www.infosecpro.com

eBanking

The Gramm-Leach-Bliley guidelines only give general information about what is expected of financial institutions. It provides guidance but provides no details about specific security practices. That is where the financial institution will need the most our security expertise, since they'll use that information to decide how to best proceed in protecting their critical information and systems.

The security assessment will include:

* Information Criticality Matrix, based on the mission statement and policy
* System Criticality Matrix, based on logical and physical diagrams
* System Security Environment Analysis, of customer constraints and concerns
* Technical Assessment Plan and Reports, in compliance to the National Security Agency IAM Baseline INFOSEC Classes and Categories, as follows:

• Management
  • INFOSEC documentation
  • INFOSEC roles and responsibilities
  • Contingency planning
  • Configuration management
• Technical
  • Identification and authentication
  • Account management
  • Session controls
  • Auditing
  • Malicious code protection
  • Maintenance
  • System assurance
  • Networking/connectivity
  • Communications security
• Operational
  • Media controls
  • Labeling
  • Physical environment
  • Personal security
  • Education, training and awareness

InfoSecPro will validate your network against the corporate security policy and known Internet attacks. Risk analysis will be performed using the industry standard risk profile matrix. The Security Analysis Report will document any exploits found. The Security Analysis Report will suggest possible security solutions to alleviate the vulnerabilities.

ISO 17799, the Code of Practice for Information Security Management, is a standard which describes a management framework within which an organization can examine and improve its security posture.

Some of potential vulnerabilities and suggested countermeasures are included in the following Security Checklist.

Our services provide solutions for Network security by:

• Vulnerability scanning
• Deployment of firewalls
• Patch management
• Use of Intrusion Detection Systems
• Establishing Virtual Private Networks (VPN's)
• Deployment of encryption applications (PGP) and secure protocols
• Wireless Network Security measures and audits
• Video Surveillance, with Digital, Analog or Ethernet video cameras. S A M P L E

R E S O U R C E S :

Text of the Gramm-Leach-Bliley Bill

Department of Defense Trusted Computer System Evaluation Criteria

Department of Defense Information Technology Security Certification and Accreditation Process

Office of Management and Budget - CIRCULAR NO. A-130

NIST DRAFT Special Publication 800-26, Revision 1: Guide for Information Security Program Assessments and System Reporting Form

Risk Management Guide for Information Technology Systems

Copyright © 2007 InfoSecPro.com™
No material may be reproduced without written permission.