Domains > Security
Information and information technology resources are valuable assets
that must be protected. The purpose of security is to protect and secure
resources to provide an environment in which business can be safely transacted.
Therefore, it must implement security services in such a manner that
its information infrastructure is protected while, at the same time, its
functionality is unimpeded and business services are readily available.
Security services apply technologies to perform the functions needed
to protect assets.
Lately security has become one of the most critical elements in ensuring
availability of business operation, mainly those that are connected online.
Legislation and daily new security vulnerabilities and threats have to
be addressed clearly and on a regular basis.
Security/Privacy key components that we address are:
Identification |
Establishing a valid and
unique identity for a legitimate users of client resources. |
Authentication |
Establishing “proof
positive” verification for the identity of transaction or message
subjects (service recipients, service providers, application servers). |
Authorization and Access
Controls |
Protects the confidentiality
and integrity of client assets by preventing unauthorized access and
use. |
Confidentiality |
Make sure that information
is not available or disclosed to unauthorized usage. |
Integrity |
Protects the contents of
the transaction/message by ensuring that has not been altered or destroyed
in an unauthorized manner. |
Availability and Reliability |
Ensuring that all needed
assets are always available in a timely and reliable manner to authorized
users. |
Audit and Control |
Establishing accountability
for transaction processing by creating a permanent record of transaction
and message history. |
Non-repudiation |
Ensuring
that a party to a transaction or message exchange cannot falsely deny
involvement. |
Other issues that we are addressing:
- Update security policies
- Disaster recovery and backup strategies
- Recommend encryption where needed in order to protect key assets
- Fill in for personnel that is not trained in security
We have provided security consulting for sectors:
- Banking sector (extranet implementation)
- Logistic (B2B integration)
- Government (Health)
- Legal Associations (Secure document transfer)
- Other software firms
|