Cloud Infrastructure Security Management

Transcription

1 Cloud Infrastructure Security Management Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your end-to-end cloud security architecture means you can secure your network and reduce cyber attacks. Net Consulting explains your entire cloud network and provides you with actionable intelligence so you can reduce security risk.

2 Service Summary Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your end-to-end cloud security architecture means you can secure your network and reduce security risks. Net Consulting explains your entire cloud network and provides you with actionable intelligence so you can reduce security risk. Service Description This service is intended to analyse your cloud infrastructure, identifying critical points of weakness, configuration flaws and compliance violations that can lead to cyber security breaches. Net Consulting cuts through complexity and shows you the highest priority gaps in the context of business groups, policy standards, network topology and overall business risk. This actionable intelligence puts you in control, allowing you to focus resources on the most important issues. Net Consulting s Cloud Infrastructure Security Management Service analyses your server, client, network and security infrastructure across the cloud; correlating vulnerability data against access vectors to identify risks; allowing security teams to focus on the most critical attack paths to quickly secure services. Key Features Visualise cloud infrastructure security end-to-end Proactively protect critical asset through dynamic data analysis Continuously ensure your cloud network is in compliance Locate and prioritise the biggest risks among a large volume of vulnerabilities Efficiently prioritise incident response during an attack Understand where security is working, where improvement is needed and where the greatest attack risks lie Service Characteristics Characteristic Lot Applicability Contract Duration Contract Price Lead time to start Description Specialist Cloud Services Medium-Large organisation that wishes to assess cloud security Flexible See Pricing Section Up to 1 Month 1

3 Delivery Approach Net Consulting will provide your organisation with the intelligence required to identify critical security gaps and reduce attack risk. Our approach: Automated Discovery & Collection of Network Assets Creation of a "Virtual Reality" Model of Network Import Configurations of Network Devices Determination for Every Endpoint What Can Access What, Through What Path Risk & Exposure Assessment (Vulnerability Scan) Prioritised Recommendations & Technical Report Service Overview For Management Teams: Actionable security metrics. Proactively understand and monitor the overall security state of the network through automated and quantifiable attack risk metrics for situational awareness. Deploy new networks securely. Ensure security architecture from the start. Assess the attack risk step of the build-out. Operational excellence. Efficiently carry out remediation through attack-based prioritisation. Automatically identify violations to ensure compliance. For Security Teams: Proactively ensure a bullet proof security architecture. Assess potential security holes by visualising and analysing the infrastructure risks. Exposure-based vulnerability management. Readily prioritise the vulnerability remediation tasks by utilising the calculated potential attack risk. Avoid compliance penalties. Automatically identify violations to ensure constant compliance and automatically provide proofs for external audit. For Network Teams: Constantly maintain accurate visibility. Always up-to-date network topology. Validate access changes ahead of time. Ensure security and compliance. Identify the security impact of a change before applying it. Implement Prioritised Incident Response. Prioritise incidents based on potential breach determined by actual access analysis and severity correlation. 2

4 Information Assurance Our staff hold appropriate levels of security clearance. At a minimum this is SC and a significant number hold DV. We have extensive experience in scoping, designing, delivering and supporting systems at all Impact Levels. Our Information Assurance capabilities support both our internal requirements for appropriate security controls and those of our customers. At the time of writing this definition (April 2014) Net Consulting was in the process of being awarded ISO9001 (Quality Management) and pursuing ISO27001 (Information Security Management) Technical Requirements These details will need to be defined on a case by case basis with each customer as the requirements for software tools, licensing, connectivity, infrastructure and facilities will vary for different projects. Service Management Service Management is the set of methods, tools and processes that help manage and deliver effective IT services in a consistent way that assures delivery of the desired business outcomes. Although a well-established discipline in traditional IT, the advent of Cloud services requires a degree of realignment and extension. Net Consulting s approach to IT service management for Cloud services is based on, and developed from, our ITIL conformant service management framework and supporting tools. Backup/Restore & Data Management To be agreed with the customer on a project by project basis. On/Off Boarding Net Consulting provides a common on-boarding and off-boarding approach for this service, tailored to the specific requirements of each customer. Trial Services Net Consulting can offer a time limited Proof of Concept to demonstrate how the service will work at no charge. Training Where appropriate, Net Consulting can provide targeted, effective and timely training for the Cloud Infrastructure Security Management service. 3

5 Pricing 800 per consultant, per day. This will be a Fixed Price / Time contract based on a minimum number of days as agreed with the customer. This excludes expenses which are charged at cost. Pricing excludes software tool cost, however this can be incorporated into a fixed price for the engagement. Pricing is based on the size and complexity of the environment. Please refer to the Net Consulting Rate Card. . gcloud@netconsulting.co.uk Web. 4