How To Protect Your It Infrastructure

Transcription

1 Proactive Real-Time Monitoring and Risk Management Managed Security Services NCS Group Offices Australia Bahrain Brunei China Dubai Hong Kong SAR Korea Malaysia Philippines Singapore Sri Lanka

2 Understanding the threats in your business environment Corporate networks and systems are becoming more complex as organisations integrate new modes of communication into their business operations and open up their corporate network to vendors and customers. Given this new business reality, security issues and risks will multiply. The threats confronting organisations today are captured in the following quadrant: The Threat Matrix external Threats The proliferation of wireless access, virtual private networks (VPNs) and other remote access technologies puts your IT Infrastructure at evergreater risk of: Worms and viruses Cyber terrorism Web site defacement Information theft, etc Random attacks carried out by individuals or groups with no particular intention. Examples of such attacks are: Geopolitical threat Political conflicts Global economy, etc internal Threats Within the organisation itself, risks can arise from disgruntled employees or internal parties exploiting weaknesses in the system. Threats include: Sabotage Espionage and information leaks Fraud Unauthorised access Physical security breaches, etc A comprehensive overview of the threat landscape also has to take into account the possible impact of human error. Security risks can arise from: Wrongly configured systems Unpatched systems Poor IT governance Negligence Human error, etc Intentional Threats Non-intentional Threats The Challenges Given this complex matrix of threats, organisations face many challenges when it comes to ensuring the security of their IT infrastructure. These include the need for: Sophisticated protection Enterprises have to stay ahead of the technology curve with security solutions that can detect and respond to increasingly sophisticated attacks. Skilled security resources Implementing and managing a comprehensive network security solution requires considerable expertise and specialised skills which have to be constantly updated. Real-time monitoring Maintaining in-house capabilities for real-time monitoring and response puts a huge strain on the enterprise in terms of the manpower resources and equipment needed.

3 Staying Ahead Of The Security Curve As a leading IT security services provider for over 25 years, NCS fully understands the threats facing your IT infrastructure and is well-positioned to help you mitigate the risks arising from both the internal and external environments. We offer a complete suite of in-depth defence solutions to address the wide range of security issues that confront organisations today. Our state-of-the-art Security Operations Centre (SOC) provides across-the-board, round-the-clock insights into your network and security posture, and offers a full-spectrum of security services to manage and mitigate all hazards and threats. NCS Managed Security Services include the following: external Threats NCS Solutions against the Threats SIEM Monitoring Service Security Device Management Rapid Threat Containment Service internal Threats Insider Threat Monitoring Service Process Control System / SCADA Monitoring Service Security Device Management -- Patch & Configuration Management IT Governance Services Intentional Threats Non-intentional Threats manage response Physical Cyber Convergence Triad Business assess Holistic Security Approach Security is an ongoing journey rather than a one-off process. At NCS, we adopt a holistic approach towards security. At any point of the security ecosystem we are able to help your organization to continuously assess, defend, monitor, response and manage your security infrastructure. monitor Defense

4 Our Services Security Monitoring Services SIEM Monitoring We provide comprehensive real-time monitoring of both the physical and IT infrastructure and roundthe-clock response to any security breaches that may occur. Insider Threat Monitoring The Insider Threat Monitoring service uses a multitiered approach to identify high-value targets and keep track of the activities of different groups of users in order to identify, monitor and respond to different levels of insider threats. Process System Control / SCADA Monitoring SCADA (Supervisory Control and Data Acquisition) systems are used to perform data collection and control to ensure that process control systems are protected against cyber security threats. This service integrates and centralises security information from all plausible points of entry within the process control network. The information is then correlated to detect, identify and provide alerts on cyber attacks, enabling system owners to come up with a timely response. Security Management Services Security Device Management The Security Device Management service covers on-site deployment and management of security devices and solutions such as firewalls, intrusion prevention systems (IPS), unified threat management (UTM) appliances, network intrusion detection systems (NIDS) and patch management systems. It encompasses the set-up, configuration and roundthe-clock management of these solutions. Rapid Threat Containment This service provides a rapid response to a security incident by locating it, analysing its impact and quarantining the affected network node. This dramatically reduces the downstream impact on your environment. IT Governance Services Our IT Governance Services provide you with a clearer, picture of your organisation s security policies, procedures and systems, and how effective they are in countering security threats. Under our IT Governance Services, our infosecurity consultants will examine the security posture of your organisation, provide recommendations for areas of improvement, and help bring your in-house staff up to speed in addressing security concerns and challenges. IT Governance & Compliance Monitoring The IT Governance Monitoring service provides a system for implementing, assessing and monitoring internal controls to ensure that the IT Governance framework is adhered to. Areas covered include access control changes, administrative activity, log-in monitoring, as well as change and risk management. The Compliance Monitoring service provides intelligent collection, correlation and reporting of security events in the context of respective compliance requirements such as the Sarbanes- Oxley Act, Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry s (PCI) data security standards.

5 The NCS Managed Security Services Values Cost-Effective Security Our managed security services offer enterprise-class protection for a fraction of the cost of an equivalent internal solution. Access to Proven Expertise We provide you with immediate and easy access to certified, highly-skilled personnel as well as qualified expert witnesses for complex litigation cases involving infocomm security breaches. Access to Best-of-breed Solutions Our services are run and managed from a world-class Security Operations Centre, allowing NCS Managed Security Services Values to tap on best-of-breed solutions to secure your IT infrastructure. Access to Best Practices Our service delivery approach is based on the NCS IT Service Management (ITSM) Framework, which consists of a comprehensive suite of integrated processes and best practices aligned with the IT infrastructure Library (ITIL) best practices. Our services are also certified under the IT security management standard ISO/IEC Real-time Monitoring of IT Infrastructure Our robust real-time monitoring services encompass physical and cyber security, keeping close watch on the security of your enterprise and giving you peace of mind. Proactive Approach to Countering Threats Our intelligent processing and real-time correlation technology anticipates emerging threats while round-the-clock monitoring ensures a timely response to alerts and their rapid resolution. This reduces the risk of failure for your mission critical systems. making IT security happen for you!

6 NCS Group is a leading information technology (IT) and communications engineering services provider with more than 7,000 staff located in over 10 countries across the Asia Pacific and Middle East regions. NCS has in-depth domain knowledge and unique delivery capabilities which focus on defining, realising and sustaining Business Value for its Customers via the innovative use of technology. With proven expertise in consulting, development, systems integration, outsourcing, infrastructure management and solutions, gained while serving government and commercial organisations across the region, NCS delivers end-to-end support for every organisation s technology needs. Headquartered in Singapore, NCS is a wholly-owned subsidiary of the SingTel Group. For more information, please visit what you can do Contact NCS at MSS_Sales@ncs.com.sg today! Discover how you can effectively engage NCS, and leverage on our proven solutions, expertise, experience, methodologies and partnerships for business advantage and real value. The company, product names, images and pictures displayed are protected under copyright laws and owned by their respective owners. Reg. No G. Copyright 2008 NCS Pte. Ltd. All Rights Reserved PD NCS GROUP 5 Ang Mo Kio Street 62, NCS Hub, Singapore Tel: (65) Fax: (65) reachus@ncs.com.sg Website : A member of the SingTel Group