Network Security Services

The loss of confidential personal and business information, coupled with loss of productivity due to unauthorized usage, hacking, virus attacks, and infiltrations by worms and Trojans can now reach into the thousands, if not millions of dollars. While complete and total protection can never be guaranteed, there are many precautions and safeguards that can and should be implemented.

Many organizations deploy information technology solutions needed to address their business objectives without implementing the technology in a secure fashion. This typically occurs as businesses struggle with:

• Implementing technology rapidly in response to changing business demands without being fully prepared in how to securely deploy the technology.

• Reduced staffing of IT departments results in a backlog of workload. Therefore, the security ramifications of rapidly deployed technologies to support business functions is often overlooked.

Our Security Professionals
The security staff at I.T. Resources, LLC hold the CISSP (Certified Information Systems Security Professional)certification. This is considered the global recognition for top information security professionals. The CISSP credential demonstrates competence in the 10 domains of the (ISC)² CISSP^® CBK^®.

Analysis Criteria
I.T. Resources, LLC security professionals evaluate and examine critical business functions, policies and processes. These include:

• Procedural Security - policies and procedures, organization, roles & responsibilities, auditing, awareness, and IT change controls.
• Disaster Recovery/Business Resumption Planning - Fault tolerance/redundancy, data backup, recovery/continuity planning.
• Physical Security - facilities access control, security cameras, location and marking of facilities.
• Environmental Security - disaster/interruption avoidance, safety, air conditioning and temperature controls, electrical power and utility services.
• Media Security - protection of all forms of physical storage media including paper documents.
• Hardware Security - hardware maintenance and change controls, anti-theft, anti-tampering.
• Software Security - software maintenance and change controls, software integrity, software copyright/licensing compliance, privileged program controls, anti-virus and related malicious software safeguards, database security, security design of new systems.
• Network Security - network device security, communications security, network access controls, Internet/Web security, intrusion detection, vulnerability testing,  network change controls, firewalls & proxy servers, dialup access security, encryption, e-mail security, wireless controls.
• Host (System) Security - multi-user and single-user (workstation) computer operating system access controls including: user authentication, data access authorization, audit logs; application security.

Analysis Procedures
All Security engagements consist of information collection, analysis, report preparation, and review of the findings with the client.

Some information is obtained by interviewing key personnel as well as reviewing the policies and procedures of the organization. This is done in conjunction with  a “hands on” analysis of the servers, the network, and all its related components.

Security practices, polices and procedures are unique to each organization. Our customized proposal outlines the specific objectives, tasks, duration, and costs associated with each engagement. In all cases, we follow industry recognized standard practices relying heavily on our technical experience to develop a comprehensive assessment and to make practical recommendations.

What is the benefit to your organization?
There are numerous benefits associated with a network security analysis. A security analysis can identify and provide corrective action for security holes and vulnerabilities. It can validate the security concerns the organization is facing and uncover additional security hazards that were previously unknown. It can also be used to provide guidelines for future technology deployments within the organization. These are some of the many benefits a security audit can bring to the organization. This is extremely important as organizations continue to rely heavily on the corporate network and its associated data. Ensuring the integrity of, and accessibility to the organizations data should be a ongoing objective. Without a network security analysis, security vulnerabilities are not uncovered, compromising the integrity of the organizations data and network-related services.