PCI-DSS

Share

PCI-DSS

Share
by john

Remote CISO

  • Legal Entity Remote CISO Function for Information Security Policies

In order to ensure that you will be completely compliant with the latest PCI-DSS standards, we will allocate you a remote CISO that will be a qualified, experienced and responsible Chief of your Information Security Department, fulfilling in this way the PCI-DSS requirements and keeping your company safe in the market.

Offsite or Onsite SOC

  • Incident Management Planning

  1. We will analyse onsite your business and provide you a dedicated planning for incidents investigations, mitigations and escalations.
  2. The incident management planning can involve propose, design and implement SIEM, IDS, FIMS, HIDS, Vulnerability Scanning’s and Penetration Testing’s solutions in order to provide an accurate Security Operation Centre Support

  • 24 hours Certified SOC

  1. The initial step will be to understand your requirements in order to propose you the perfect solution
  2. Followed by this, InfoTech Pro will come with a Security Design and proposal for a SIEM in your datacentres, along with Incident Management Planning with a proposed SLA`s
  3. We will provide you 24 hours SOC, offsite or onsite, with consultants certified in CISSP and CEH, under your agreed SLA`s and escalations route
  4. The data will be analyse using Alien Vault SIEM, FIMS, HIDS, IDS, Vulnerability Scanning and Penetration Testing solutions, connecting to your datacentre’s using a secure link in order to process the logs

Information Security Policies

  • Information Security Policies

  1. At this point we need to have an initial meeting in order to understand the business and technical requirements
  2. Your project functional and non-functional requirements will be transformed in a High Level and Technical Low Level Design
  3. The Designs will contain references to your internal Architectural and Security Standards, along with the Compliances and Industry Standards Requirements

  • Risks Analyse and Planning

Risk Analyse and Risk Planning’s for your requirements

  • Incident Management Planning

The Incident Management will contain a complete plan for handling with a SOC Service, including the agreed SLA`s and the escalation routes.

  • Processes

For a more structured environment, along with performance and workflow improvement, we recommend to implement and agree with processes

  • Procedures

The work procedures are the best solution to increase efficiency in a department, along with eliminating risks of mistakes and establishing a standard.

Security Architecture and Engineering

  • Security Consultancy and Designs

  1. After a meeting, we can see your non-functional and functional requirements, presenting you our proposed solutions and advice you accurate
  2. The High Level and Low Level Design will include your company security and architectural policies along with technology standards, focusing on the Technologies Security and Performance
  3. From SIEM`s, IDS`s, Vulnerability Scanning, until Authentication Solution, Firewalls and Subnets Review, your environment will contain all the required solutions to agree with the GDPR standards.

  • Security Enforcements, Implementations

The technical active implementations and enforcements