Assessment and Solution Design Services

Security Review

The Security Review service is an onsite assessment of a company's information infrastructure and can include a review of the network, systems, applications, data, people and processes. Each review is tailored to a company’s needs and is designed assess the overall ability of an organization to protect itself from threats; and to identify security exposures as defined by BS7799. A review is conducted on a time and materials basis and can take between two days and four weeks, depending on the scope and complexity of a company’s environment.

Penetration Test and Ethical Hacking

The Penetration Test and Ethical Hacking service is conducted offsite at the CSI security laboratory. Given clearance by a company's management and several access points, members of the CSI Technical Services team will employ a variety of tools and techniques over a twenty-four to forty-eight hour period to gain entrance to a company’s information infrastructure. Targets can include general access to the network, access to a website or intranet, or specific identified systems. Knowledge gained from this service can be used to build proper countermeasures against future attempts by outside forces. Pricing is determined by number of elements and/or complexity of the environment assessed.

Security Policy Design

The Security Policy Design service is the review and/or update of a company's existing security policy, to add or include policies and standards for information and Internet security. This service can also assist a company who is new at addressing this challenge to build a policy, including standards, guidelines and measures for implementing and maintaining a secure environment. A Security Policy Design is tailored to the needs of a company and is conducted on a time and materials basis, which can run from one week to four weeks, depending on the scope and complexity of a company’s environment.

Secure Infrastructure Design

The Secure Infrastructure Design service is a custom-tailored engagement for designing, building and implementing the technology controls, systems, and products necessary to protect a total environment, or pieces of the environment, such as systems, applications, LANs, etc. The service takes into account the knowledge gained in the Security Review and creates a solution for a strong, proactive and protective foundation while providing the enablers and enhancements for conducting e-business. The service is conducted on a time and materials basis and depends on the scope and complexity of a company’s environment.

Secure Messaging, Groupware, and Intranet Design

The Secure Messaging, Groupware and Intranet Design service is a custom-tailored engagement for designing, building and/or implementing the technologies (software, hardware or network) necessary to conduct secure intranet or communication functions within or external to an organization. The service can include building a secure email system, implementing encryption for transmitting documents, implementing intranet technologies, or building a Public Key Infrastructure (PKI) internal system for conducting business-to-business communications.

Contact us for more information about our wide range of services