Security, bussiness continuity and disaster recovery consultant.

	Home \| Company Security Checklist

InfoSecPro.com

InfoSecPro.com is providing corporations with leading edge computer and network security solutions. Our staff of Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE) and Cisco Certified Network Associates (CCNA) will provide the best, cost effective security solutions. Let us configure your network infrastructure to provide you with the security level you need. Contact us at: InfoSecPro.com PO Box: 291 Purchase, NY 10577-0291 tibi@infosecpro.com	The following checklist provides input for the optimum security measures to be developed by our security specialist. 1. Management responsibilities 2. Organization 3. Personnel (Employees) 4. Personnel (Other) 5. Information classification 6. Software 7. Hardware 8. Documentation 9. Computer media 10. Identification and Authorization 11. System Security 12. Communication 13. Logging 14. Back-up 15. Physical Protection 16. Incident handling 17. Contingency planning

SCOPE OF WORK ASSIGNMENT:

Computer and network security breaches can cost a corporation millions of dollars. InfoSecPro will validate the current security architecture with corporate security policy and the current security threats. All associated residual risks will be documented.

InfoSecPro.com will demonstrate that your organization takes appropriate measures and exercises due care and due diligence to ensure the integrity and privacy of critical systems and information.

A Vulnerability Assessment will mimic the "outside-in" perspective of a hacker to your network. It will diagnose your network and help correct security weaknesses. Intrusion detection sensors will monitor continuously your network and will generate less false alarms when correlated with the known vulnerabilities of your system.

Our services provide solutions for:

Network security

Disaster recovery Planning and implementations.
Increased network performance Monitoring for:
- Availability
- Response time
- Network utilization
- Network throughput
- Network bandwidth capacity,
by using network performance tools: Ethereal and WinDump.
Configuration management Dashboard to your system.
Auditing, using LanAuditor and Network diagrams.

Problem:	Service Description:	Time Frame:
If you have video surveillance needs, our solution will provide you with access from anywhere through the internet, including by using your cell phone or PDA. Resolution, refresh rate and band width can be customized to your particular needs.	Sample:	Depending on the number of cameras to be deployed.
A Security Penetration/Vulnerability Analysis will demonstrate that an organization takes appropriate measures and exercises due care and due diligence to ensure the integrity and privacy of critical systems and information.	InfoSecPro uses the following steps to generate a security penetration/vulnerability analysis: Validate the Network Access Control Rules. InfoSecPro will validate the your network against the corporate security policy and the known Internet attacks. Risk analysis will be performed using the industry standard risk profile matrix. Use Hacker Tools. InfosecPro uses a wide variety of tools to uncover weaknesses in your current configurations. Wireles access point audit will also be performed. Platform Misconfigurations. Optionally, this analysis can test for platform misconfigurations. It will also verify the strengths of user passwords. Security Penetration/Vulnerability Analysis Report The report will document any exploits found and suggest possible security solutions to alleviate the vulnerability.	The time necessary for a security penetration/vulnerability analysis depends on the size of the organization and their security awareness, as well as, resources. It may also include: Network diagrams. Port Scan reports. Intrusion Detection deployments LanAudit summaries.
Security Audit/Assessment Computer and network security breaches can cost a corporation millions of dollars. InfoSecPro will validate the current security architecture with corporate security policy and the current security threats. All associated residual risks are documented. This will reduce the likelihood of a long-term outage, while making it faster and easier to recover from service disruption.	InfoSecPro uses the following steps to perform a security audit/assessment: Review the Corporate Security Policy A corporate security policy is the foundation upon which all information and security related activities are based. The security policy must keep pace of the information systems technology that allows access to corporate resources. InfoSecPro will review your corporate security policy and suggest modifications, if necessary. Review the Current Security Architecture System security architecture represents a specialized view of the overall system architecture that emphasizes the security services and security mechanisms needed to satisfy the corporate security objectives and requirements. InfoSecPro consulting will review your corporate security architecture and suggest enhancements, if necessary. Generate a Security Audit/Assessment report A security audit/assessment report documents all residual-operating risks associated with the security architecture.	The time necessary for a security audit/assessment depends on the size of the organization and their security awareness, as well as, budgetary constraints. It will include: Network diagrams. Port Scan reports. Intrusion Detection deployments LanAudit summaries.

	Home \| Company Security Checklist