Information Security

Share

Information Security

Share
by john
Information Security become a legal requirement in our days and a business insurance of functionality and continuity. With technologies that are evolving, data security is more complex and a complete enforcement require a detailed expertise attention.

GDPR

General Data Protection Regulation (GDPR), will enter in legal operative from 25 May 2018, as an European Regulation and apply to a large variety of business, having as scope the individuals personal data`s.

InfoTech Pro will assess first your environment, will provide a planning and the implementation phases, that include the information security policies, security architectures, security enforcement’s in order to obtain the required compliance, along with post-compliance support, as penetration testings, security operations center (SOC), policies review and remote CISO.

Information Security Engineering

  • Security Consultancy and Designs

    1. After a meeting, we can see your non-functional and functional requirements, presenting you our proposed solutions and advice you accurate
    2. The High Level and Low Level Design will include your company security and architectural policies along with technology standards, focusing on the Technologies Security and Performance
    3. From SIEM`s, IDS`s, Vulnerability Scanning, until Authentication Solution, Firewalls and Subnets Review, your environment will contain all the required solutions to agree with the GDPR standards.

  • Security Enforcements, Implementations

    1. The technical active implementations and enforcements

Information Security Policies and Architecture

  • Security Architecture

    1. At this point we need to have an initial meeting in order to understand the business and technical requirements
    2. Your project functional and non-functional requirements will be transformed in a High Level and Technical Low Level Design
    3. The Designs will contain references to your internal Architectural and Security Standards, along with the Compliances and Industry Standards Requirements

  • Risks Analyse and Planning

    1. Risk Analyse and Risk Planning’s for your requirements

  • Incident Management Planning

    The Incident Management will contain a complete plan for handling with a SOC Service, including the agreed SLA`s and the escalation routes.

  • Processes

    For a more structured environment, along with performance and workflow improvement, we recommend to implement and agree with processes

  • Procedures

    The work procedures are the best solution to increase efficiency in a department, along with eliminating risks of mistakes and establishing a standard.

Remote CISO

Legal Entity Remote CISO Function for Information Security Policies

  1. In order to ensure that you will be completely compliant with the latest GDPR standards, we will allocate you a remote CISO that will be a qualified, experienced and responsible Chief of your Information Security Department, fulfilling in this way the GDPR requirements and keeping your company safe in the market.

Offsite or Onsite SOC

  1. Incident Management Planning

    1. We will analyse onsite your business and provide you a dedicated planning for incidents investigations, mitigations and escalations.
    2. The incident management planning can involve propose, design and implement SIEM, IDS, FIMS, HIDS, Vulnerability Scanning’s and Penetration Testing’s solutions in order to provide an accurate Security Operation Centre Support

  2. 24 hours Certified SOC

    1. The initial step will be to understand your requirements in order to propose you the perfect solution
    2. Followed by this, InfoTech Pro will come with a Security Design and proposal for a SIEM in your datacentres, along with Incident Management Planning with a proposed SLA`s
    3. We will provide you 24 hours SOC, offsite or onsite, with consultants certified in CISSP and CEH, under your agreed SLA`s and escalations route
    4. The data will be analyse using Alien Vault SIEM, FIMS, HIDS, IDS, Vulnerability Scanning and Penetration Testing solutions, connecting to your datacentre’s using a secure link in order to process the logs

PCI-DSS

Starting with GAP Analyse, followed by Compliance Planning, Information Security Policies, Security Designs, Technical Enforcement’s, Penetration Testings, Training’s, until Defining the Security Operations Center Support and providing the risk mitigation’s according with SLA`s.

Remote CISO and Off or On Site SOC Teams will be provided, along with a consultant to work closely with you in order to full-fill your requirements.

InfoTech Pro

OffSite or OnSite SOC

  • Incident Management Planning

    1. We will analyse onsite your business and provide you a dedicated planning for incidents investigations, mitigations and escalations.
    2. The incident management planning can involve propose, design and implement SIEM, IDS, FIMS, HIDS, Vulnerability Scanning’s and Penetration Testing’s solutions in order to provide an accurate Security Operation Centre Support

  • 24 hours Certified SOC

    1. The initial step will be to understand your requirements in order to propose you the perfect solution
    2. Followed by this, InfoTech Pro will come with a Security Design and proposal for a SIEM in your datacentres, along with Incident Management Planning with a proposed SLA`s
    3. We will provide you 24 hours SOC, offsite or onsite, with consultants certified in CISSP and CEH, under your agreed SLA`s and escalations route
    4. The data will be analyse using Alien Vault SIEM, FIMS, HIDS, IDS, Vulnerability Scanning and Penetration Testing solutions, connecting to your datacentre’s using a secure link in order to process the logs

Information Security Engineering

    • Security Consultancy and Designs

      1. After a meeting, we can see your non-functional and functional requirements, presenting you our proposed solutions and advice you accurate
      2. The High Level and Low Level Design will include your company security and architectural policies along with technology standards, focusing on the Technologies Security and Performance
      3. From SIEM`s, IDS`s, Vulnerability Scanning, until Authentication Solution, Firewalls and Subnets Review, your environment will contain all the required solutions to agree with the GDPR standards.

    • Security Enforcements, Implementations

      1. The technical active implementations and enforcements

Information Security Policies and Architecture

  1. GAP Analyse

    1. The initial GAP Analyse will be performed in order to create the Compliance Planning

  2. Planning for Compliance

    1. Risk Analyse and Risk Planning’s for your requirements
    2. Resources Analyse for internal Role Segregation’s Consultancy
    3. Environments and Technical Analyse for Compliance
    4. Training Programs and Non Technical Requirements
    5. 3rd Parties and Auditor Meetings

  3. Information Security Policies and Processes

    1. Information Security Policies
    2. Operations Policies
    3. Processes
    4. Procedures

  4. Security Architecture

    1. At this point we need to have an initial meeting in order to understand the business and technical requirements
    2. Your project functional and non-functional requirements will be transformed in a High Level and Technical Low Level Design
    3. The Designs will contain references to your internal Architectural and Security Standards, along with the Compliances and Industry Standards Requirements

  5. Incident Management Planning

    The Incident Management will contain a complete plan for handling with a SOC Service, including the agreed SLA`s and the escalation routes.

Remote CISO

Legal Entity Remote CISO Function for Information Security Policies

  1. In order to ensure that you will be completely compliant with the latest PCI-DSS standards, we will allocate you a remote CISO that will be a qualified, experienced and responsible Chief of your Information Security Department, fulfilling in this way the PCI-DSS requirements and keeping your company safe in the market.

ISO27001

From ISMS Scope Define, planning, information security policies, procedures, processes, security architectures, risks analyse, security operations centre support define, security engineering until dealing with 3rd party assessor to get the compliance.

InfoTech Pro

Information Security Policies and Architecture

  1. ISMS Scope Define

    1. The initial ISMS Scope Definition will be performed in order to create the Compliance Planning

  2. Planning for Compliance

    1. Risk Analyse and Risk Planning’s for your requirements
    2. Resources Analyse for internal Role Segregation’s Consultancy
    3. Environments and Technical Analyse for Compliance
    4. Training Programs and Non Technical Requirements
    5. 3rd Parties and Auditor Meetings

  3. Information Security Policies and Processes

    1. Information Security Policies
    2. Operations Policies
    3. Processes
    4. Procedures

  4. Security Architecture

    1. At this point we need to have an initial meeting in order to understand the business and technical requirements
    2. Your project functional and non-functional requirements will be transformed in a High Level and Technical Low Level Design
    3. The Designs will contain references to your internal Architectural and Security Standards, along with the Compliances and Industry Standards Requirements

  5. Incident Management Planning

    The Incident Management will contain a complete plan for handling with a SOC Service, including the agreed SLA`s and the escalation routes.

Remote CISO

Legal Entity Remote CISO Function for Information Security Policies

  1. In order to ensure that you will be completely compliant with the latest ISO27001 standards, we will allocate you a remote CISO that will be a qualified, experienced and responsible Chief of your Information Security Department, fulfilling in this way the ISO27001 requirements and keeping your company safe in the market.

Information Security Engineering

    • Security Consultancy and Designs

      1. After a meeting, we can see your non-functional and functional requirements, presenting you our proposed solutions and advice you accurate
      2. The High Level and Low Level Design will include your company security and architectural policies along with technology standards, focusing on the Technologies Security and Performance
      3. From SIEM`s, IDS`s, Vulnerability Scanning, until Authentication Solution, Firewalls and Subnets Review, your environment will contain all the required solutions to agree with the GDPR standards.

    • Security Enforcements, Implementations

      1. The technical active implementations and enforcements

OffSite or OnSite SOC

  • Incident Management Planning

    1. We will analyse onsite your business and provide you a dedicated planning for incidents investigations, mitigations and escalations.
    2. The incident management planning can involve propose, design and implement SIEM, IDS, FIMS, HIDS, Vulnerability Scanning’s and Penetration Testing’s solutions in order to provide an accurate Security Operation Centre Support

  • 24 hours Certified SOC

    1. The initial step will be to understand your requirements in order to propose you the perfect solution
    2. Followed by this, InfoTech Pro will come with a Security Design and proposal for a SIEM in your datacentres, along with Incident Management Planning with a proposed SLA`s
    3. We will provide you 24 hours SOC, offsite or onsite, with consultants certified in CISSP and CEH, under your agreed SLA`s and escalations route
    4. The data will be analyse using Alien Vault SIEM, FIMS, HIDS, IDS, Vulnerability Scanning and Penetration Testing solutions, connecting to your datacentre’s using a secure link in order to process the logs