eHosting DataFort Brochure
eHosting DataFort Brochure
eHosting DataFort Brochure
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Features<br />
1. Security Assessment<br />
a) Penetration Testing<br />
Regular penetration tests are an essential<br />
component of an information security<br />
program involving extensive analysis of<br />
security controls from the perspective of<br />
external and internal attackers.<br />
b) Vulnerability Assessment &<br />
Architecture Review<br />
Vulnerability Assessment involves security<br />
analysis of weaknesses prevalent in Servers,<br />
Desktops, Network and Security components<br />
whereas Architecture review involves<br />
reviewing the current security architecture<br />
design and implementation aspects.<br />
c) Security Program Review (Policy,<br />
Process, Procedures, etc.)<br />
It is based on ISO 27002: 2005 code<br />
of practice for information security<br />
management. Our teams perform a Gap<br />
Analysis to find out an organisation’s<br />
completeness and effectiveness based on<br />
the above. This includes reviews of security<br />
policies, processes, procedures and other<br />
related practices.<br />
d) Application Audit<br />
This involves a comprehensive review of the<br />
applications to check its security posture<br />
against well known threats.<br />
2. Enterprise Risk and Compliance<br />
a) Statutory and Regulatory<br />
Compliance<br />
We prepare organisations to identify<br />
potential gaps and have a mitigation plan for<br />
compliance by implementing strategic, tactical<br />
and operational controls such as Policies,<br />
Processes, Procedures etc. as part of an overall<br />
risk management plan.<br />
b) Standards and Frameworks<br />
We have expert consultants in IT related<br />
standards and frameworks critical for business<br />
profitability, productivity and efficiency. As<br />
complexities of IT tools, technologies and<br />
applications increase, they can be controlled<br />
by implementing standards and frameworks<br />
such as:<br />
i. IT Service Management (ITSM)<br />
(ISO 20000)<br />
The ITSM standard allows users to establish,<br />
manage, monitor and measure IT services.<br />
The framework allows costing, charging and<br />
budgeting of IT services against the respective<br />
activities.<br />
ii. Business Continuity Management<br />
(BS 25999)<br />
Business Continuity Management standard<br />
allows users to study, calculate and foresee